Botan::TPM2::RSA_PrivateKey Class Reference

#include <tpm2_rsa.h>

Inheritance diagram for Botan::TPM2::RSA_PrivateKey:

Public Member Functions
virtual Signature_Format	_default_x509_signature_format () const
virtual std::optional< size_t >	_signature_element_size_for_DER_encoding () const
std::string	algo_name () const override
AlgorithmIdentifier	algorithm_identifier () const override
bool	check_key (RandomNumberGenerator &rng, bool strong) const override
std::unique_ptr< PK_Ops::Decryption >	create_decryption_op (Botan::RandomNumberGenerator &rng, std::string_view params, std::string_view provider) const override
std::unique_ptr< PK_Ops::Encryption >	create_encryption_op (RandomNumberGenerator &rng, std::string_view params, std::string_view provider) const override
virtual std::unique_ptr< PK_Ops::KEM_Decryption >	create_kem_decryption_op (RandomNumberGenerator &rng, std::string_view params, std::string_view provider) const
std::unique_ptr< PK_Ops::KEM_Encryption >	create_kem_encryption_op (std::string_view params, std::string_view provider) const override
virtual std::unique_ptr< PK_Ops::Key_Agreement >	create_key_agreement_op (RandomNumberGenerator &rng, std::string_view params, std::string_view provider) const
std::unique_ptr< PK_Ops::Signature >	create_signature_op (Botan::RandomNumberGenerator &rng, std::string_view params, std::string_view provider) const override
std::unique_ptr< PK_Ops::Verification >	create_verification_op (std::string_view params, std::string_view provider) const override
std::unique_ptr< PK_Ops::Verification >	create_x509_verification_op (const AlgorithmIdentifier &alg_id, std::string_view provider) const override
Signature_Format	default_x509_signature_format () const
size_t	estimated_strength () const override
std::string	fingerprint_private (std::string_view alg) const
std::string	fingerprint_public (std::string_view alg="SHA-256") const
std::unique_ptr< Private_Key >	generate_another (RandomNumberGenerator &rng) const override
const BigInt &	get_e () const
const BigInt &	get_int_field (std::string_view field) const override
const BigInt &	get_n () const
OID	get_oid () const
Object &	handles ()
const Object &	handles () const
bool	is_parent () const
size_t	key_length () const override
size_t	message_part_size () const
size_t	message_parts () const
virtual OID	object_identifier () const
virtual AlgorithmIdentifier	pkcs8_algorithm_identifier () const
secure_vector< uint8_t >	private_key_bits () const override
secure_vector< uint8_t >	private_key_info () const
std::shared_ptr< const RSA_Public_Data >	public_data () const
std::unique_ptr< Public_Key >	public_key () const override
std::vector< uint8_t >	public_key_bits () const override
secure_vector< uint8_t >	raw_private_key_bits () const override
std::vector< uint8_t >	raw_public_key_bits () const override
virtual std::optional< uint64_t >	remaining_operations () const
	Retrieves the number of remaining operations if this is a stateful private key.
const SessionBundle &	sessions () const
virtual bool	stateful_operation () const
std::vector< uint8_t >	subject_public_key () const
bool	supports_operation (PublicKeyOperation op) const override

Static Public Member Functions
static std::unique_ptr< PrivateKey >	create_transient_from_template (const std::shared_ptr< Context > &ctx, const SessionBundle &sessions, ESYS_TR parent, const TPMT_PUBLIC &key_template, const TPM2B_SENSITIVE_CREATE &sensitive_data)
static std::unique_ptr< TPM2::PrivateKey >	create_unrestricted_transient (const std::shared_ptr< Context > &ctx, const SessionBundle &sessions, std::span< const uint8_t > auth_value, const TPM2::PrivateKey &parent, uint16_t keylength, std::optional< uint32_t > exponent={})
static std::unique_ptr< PrivateKey >	load_persistent (const std::shared_ptr< Context > &ctx, TPM2_HANDLE persistent_object_handle, std::span< const uint8_t > auth_value, const SessionBundle &sessions)
static std::unique_ptr< PrivateKey >	load_transient (const std::shared_ptr< Context > &ctx, std::span< const uint8_t > auth_value, const TPM2::PrivateKey &parent, std::span< const uint8_t > public_blob, std::span< const uint8_t > private_blob, const SessionBundle &sessions)

Protected Member Functions
void	init (BigInt &&n, BigInt &&e)
	RSA_PrivateKey (Object handle, SessionBundle sessions, const TPM2B_PUBLIC *public_blob, std::span< const uint8_t > private_blob={})

Static Protected Member Functions
static std::unique_ptr< PrivateKey >	create (Object handles, const SessionBundle &sessions, const TPM2B_PUBLIC *public_info, std::span< const uint8_t > private_blob)

Protected Attributes
std::shared_ptr< const RSA_Public_Data >	m_public

Friends
class	TPM2::PrivateKey

Detailed Description

Definition at line 55 of file tpm2_rsa.h.

Constructor & Destructor Documentation

RSA_PrivateKey()

Botan::TPM2::RSA_PrivateKey::RSA_PrivateKey ( Object handle, SessionBundle sessions, const TPM2B_PUBLIC * public_blob, std::span< const uint8_t > private_blob = {} )

protected

Definition at line 39 of file tpm2_rsa.cpp.

                                                                    :
      Botan::TPM2::RSA_PrivateKey(std::move(handle),
                                  std::move(session_bundle),
                                  rsa_pubkey_components_from_tss2_public(public_blob),
                                  private_blob) {}

References RSA_PrivateKey().

Referenced by RSA_PrivateKey(), and TPM2::PrivateKey.

Member Function Documentation

_default_x509_signature_format()

Signature_Format Botan::Asymmetric_Key::_default_x509_signature_format ( ) const

virtualinherited

Reimplemented in Botan::GOST_3410_PublicKey.

Definition at line 30 of file pk_keys.cpp.

                                                                      {
   if(_signature_element_size_for_DER_encoding()) {
      return Signature_Format::DerSequence;
   } else {
      return Signature_Format::Standard;
   }
}

References _signature_element_size_for_DER_encoding(), Botan::DerSequence, and Botan::Standard.

Referenced by Botan::X509_Object::choose_sig_format(), Botan::Public_Key::default_x509_signature_format(), and Botan::PK_Verifier::PK_Verifier().

_signature_element_size_for_DER_encoding()

virtual std::optional< size_t > Botan::Asymmetric_Key::_signature_element_size_for_DER_encoding ( ) const

inlinevirtualinherited

Certain signatures schemes such as ECDSA have more than one element, and certain unfortunate protocols decided the thing to do was not concatenate them as normally done, but instead DER encode each of the elements as independent values.

If this returns a value x then the signature is checked to be exactly 2*x bytes and split in half for DER encoding.

Reimplemented in Botan::DSA_PublicKey, Botan::ECDSA_PublicKey, Botan::ECGDSA_PublicKey, Botan::ECKCDSA_PublicKey, Botan::GOST_3410_PublicKey, and Botan::SM2_PublicKey.

Definition at line 137 of file pk_keys.h.

{ return {}; }

Referenced by _default_x509_signature_format(), Botan::Public_Key::message_part_size(), Botan::Public_Key::message_parts(), Botan::PK_Verifier::PK_Verifier(), and Botan::PK_Verifier::PK_Verifier().

algo_name()

std::string Botan::RSA_PublicKey::algo_name ( ) const

inlineoverridevirtualinherited

Get the name of the underlying public key scheme.

Returns

name of the public key scheme

Implements Botan::Asymmetric_Key.

Definition at line 41 of file rsa.h.

{ return "RSA"; }

Referenced by Botan::RSA_PrivateKey::create_decryption_op(), create_encryption_op(), Botan::RSA_PrivateKey::create_kem_decryption_op(), create_kem_encryption_op(), Botan::RSA_PrivateKey::create_signature_op(), create_verification_op(), and create_x509_verification_op().

algorithm_identifier()

AlgorithmIdentifier Botan::RSA_PublicKey::algorithm_identifier ( ) const

overridevirtualinherited

Returns

X.509 AlgorithmIdentifier for this key

Implements Botan::Public_Key.

Definition at line 186 of file rsa.cpp.

                                                              {
   return AlgorithmIdentifier(object_identifier(), AlgorithmIdentifier::USE_NULL_PARAM);
}

References Botan::Asymmetric_Key::object_identifier(), and Botan::AlgorithmIdentifier::USE_NULL_PARAM.

Referenced by Botan::TPM2::RSA_PrivateKey::public_key().

check_key()

bool Botan::RSA_PublicKey::check_key ( RandomNumberGenerator & rng, bool strong ) const

overridevirtualinherited

Implements Botan::Asymmetric_Key.

Definition at line 205 of file rsa.cpp.

                                                                    {
   if(get_n() < 35 || get_n().is_even() || get_e() < 3 || get_e().is_even()) {
      return false;
   }
   return true;
}

References get_e(), and get_n().

create()

std::unique_ptr< PrivateKey > Botan::TPM2::PrivateKey::create ( Object handles, const SessionBundle & sessions, const TPM2B_PUBLIC * public_info, std::span< const uint8_t > private_blob )

staticprotectedinherited

Definition at line 292 of file tpm2_key.cpp.

                                                                                                     {
   if(public_info == nullptr) {
      public_info = handles._public_info(sessions).pub.get();
   }
 
#if defined(BOTAN_HAS_TPM2_RSA_ADAPTER)
   if(public_info->publicArea.type == TPM2_ALG_RSA) {
      return std::unique_ptr<RSA_PrivateKey>(
         new RSA_PrivateKey(std::move(handles), sessions, public_info, private_blob));
   }
#endif
 
#if defined(BOTAN_HAS_TPM2_ECC_ADAPTER)
   if(public_info->publicArea.type == TPM2_ALG_ECC) {
      return std::unique_ptr<EC_PrivateKey>(new EC_PrivateKey(std::move(handles), sessions, public_info, private_blob));
   }
#endif
 
   throw Not_Implemented(Botan::fmt("Loaded a {} private key of an unsupported type",
                                    handles.has_persistent_handle() ? "persistent" : "transient"));
}

References Botan::fmt(), handles(), and sessions().

Referenced by create_transient_from_template(), load_persistent(), and load_transient().

create_decryption_op()

std::unique_ptr< PK_Ops::Decryption > Botan::TPM2::RSA_PrivateKey::create_decryption_op ( Botan::RandomNumberGenerator & rng, std::string_view params, std::string_view provider ) const

overridevirtual

This is an internal library function exposed on key types. In all cases applications should use wrappers in pubkey.h

Return an decryption operation for this key/params or throw

Parameters

rng	a random number generator. The PK_Op may maintain a reference to the RNG and use it many times. The rng must outlive any operations which reference it.
params	additional parameters
provider	the provider to use

Reimplemented from Botan::Private_Key.

Definition at line 412 of file tpm2_rsa.cpp.

                                                                                                        {
   BOTAN_UNUSED(rng, provider);
   return std::make_unique<RSA_Decryption_Operation>(handles(), sessions(), params);
}

References BOTAN_UNUSED, Botan::TPM2::PrivateKey::handles(), and Botan::TPM2::PrivateKey::sessions().

create_encryption_op()

std::unique_ptr< PK_Ops::Encryption > Botan::RSA_PublicKey::create_encryption_op ( RandomNumberGenerator & rng, std::string_view params, std::string_view provider ) const

overridevirtualinherited

This is an internal library function exposed on key types. In almost all cases applications should use wrappers in pubkey.h

Return an encryption operation for this key/params or throw

Parameters

rng	a random number generator. The PK_Op may maintain a reference to the RNG and use it many times. The rng must outlive any operations which reference it.
params	additional parameters
provider	the provider to use

Reimplemented from Botan::Public_Key.

Reimplemented in Botan::TPM2::RSA_PublicKey.

Definition at line 781 of file rsa.cpp.

                                                                                                       {
   if(provider == "base" || provider.empty()) {
      return std::make_unique<RSA_Encryption_Operation>(*this, params);
   }
   throw Provider_Not_Found(algo_name(), provider);
}

References algo_name().

create_kem_decryption_op()

std::unique_ptr< PK_Ops::KEM_Decryption > Botan::Private_Key::create_kem_decryption_op ( RandomNumberGenerator & rng, std::string_view params, std::string_view provider ) const

virtualinherited

This is an internal library function exposed on key types. In all cases applications should use wrappers in pubkey.h

Return a KEM decryption operation for this key/params or throw

Parameters

rng	a random number generator. The PK_Op may maintain a reference to the RNG and use it many times. The rng must outlive any operations which reference it.
params	additional parameters
provider	the provider to use

Reimplemented in Botan::Classic_McEliece_PrivateKey, Botan::FrodoKEM_PrivateKey, Botan::KEX_to_KEM_Adapter_PrivateKey, Botan::Kyber_PrivateKey, Botan::McEliece_PrivateKey, Botan::RSA_PrivateKey, and Botan::TLS::Hybrid_KEM_PrivateKey.

Definition at line 125 of file pk_keys.cpp.

                                                                                                      {
   throw Lookup_Error(fmt("{} does not support KEM decryption", algo_name()));
}

References Botan::Asymmetric_Key::algo_name(), and Botan::fmt().

Referenced by Botan::PK_KEM_Decryptor::PK_KEM_Decryptor().

create_kem_encryption_op()

std::unique_ptr< PK_Ops::KEM_Encryption > Botan::RSA_PublicKey::create_kem_encryption_op ( std::string_view params, std::string_view provider ) const

overridevirtualinherited

This is an internal library function exposed on key types. In almost all cases applications should use wrappers in pubkey.h

Return a KEM encryption operation for this key/params or throw

Parameters

params	additional parameters
provider	the provider to use

Reimplemented from Botan::Public_Key.

Definition at line 790 of file rsa.cpp.

                                                                                                               {
   if(provider == "base" || provider.empty()) {
      return std::make_unique<RSA_KEM_Encryption_Operation>(*this, params);
   }
   throw Provider_Not_Found(algo_name(), provider);
}

References algo_name().

create_key_agreement_op()

std::unique_ptr< PK_Ops::Key_Agreement > Botan::Private_Key::create_key_agreement_op ( RandomNumberGenerator & rng, std::string_view params, std::string_view provider ) const

virtualinherited

This is an internal library function exposed on key types. In all cases applications should use wrappers in pubkey.h

Return a key agreement operation for this key/params or throw

Parameters

rng	a random number generator. The PK_Op may maintain a reference to the RNG and use it many times. The rng must outlive any operations which reference it.
params	additional parameters
provider	the provider to use

Reimplemented in Botan::DH_PrivateKey, Botan::ECDH_PrivateKey, Botan::X25519_PrivateKey, and Botan::X448_PrivateKey.

Definition at line 137 of file pk_keys.cpp.

                                                                                                    {
   throw Lookup_Error(fmt("{} does not support key agreement", algo_name()));
}

References Botan::Asymmetric_Key::algo_name(), and Botan::fmt().

Referenced by Botan::PK_Key_Agreement::PK_Key_Agreement().

create_signature_op()

std::unique_ptr< PK_Ops::Signature > Botan::TPM2::RSA_PrivateKey::create_signature_op ( Botan::RandomNumberGenerator & rng, std::string_view params, std::string_view provider ) const

overridevirtual

This is an internal library function exposed on key types. In all cases applications should use wrappers in pubkey.h

Return a signature operation for this key/params or throw

Parameters

rng	a random number generator. The PK_Op may maintain a reference to the RNG and use it many times. The rng must outlive any operations which reference it.
params	additional parameters
provider	the provider to use

Reimplemented from Botan::Private_Key.

Definition at line 398 of file tpm2_rsa.cpp.

                                                                                                      {
   BOTAN_UNUSED(rng, provider);
   return std::make_unique<RSA_Signature_Operation>(handles(), sessions(), params);
}

References BOTAN_UNUSED, Botan::TPM2::PrivateKey::handles(), and Botan::TPM2::PrivateKey::sessions().

create_transient_from_template()

std::unique_ptr< PrivateKey > Botan::TPM2::PrivateKey::create_transient_from_template ( const std::shared_ptr< Context > & ctx, const SessionBundle & sessions, ESYS_TR parent, const TPMT_PUBLIC & key_template, const TPM2B_SENSITIVE_CREATE & sensitive_data )

staticinherited

This is a wrapper around Esys_CreateLoaded creating a transient key from a given key_template with sensitive_data. It gives maximal flexibility to the caller to create a key with their own TSS2 template configuration.

Please use this if you know what you are doing, only! Most users should use the more convenient create_transient() methods of the derived classes.

Parameters

ctx	The TPM context to use
sessions	The session bundle to use in Esys_CreateLoaded().
parent	The handle of the parent object to create the new key under (this may reference a "Primary Seed" to create a "Primary Key", a "Storage Parent" to create an "Ordinary Key", or a "Derivation Parent" to create a "Derived Key").
key_template	The template data to use for the key creation. It will be passed to Tss2_MU_TPMT_PUBLIC_Marshal() and Esys_CreateLoaded().
sensitive_data	The sensitive data (e.g. with the desired auth value) to use for the key creation.

Definition at line 217 of file tpm2_key.cpp.

                                                                                                                     {
   BOTAN_ASSERT_NONNULL(ctx);
 
   // NOLINTBEGIN(*-branch-clone)
 
   switch(key_template.type) {
      case TPM2_ALG_RSA:
#if not defined(BOTAN_HAS_TPM2_RSA_ADAPTER)
         throw Not_Implemented("TPM2-based RSA keys are not supported in this build");
#endif
         break;
      case TPM2_ALG_ECC:
#if not defined(BOTAN_HAS_TPM2_ECC_ADAPTER)
         throw Not_Implemented("TPM2-based ECC keys are not supported in this build");
#endif
         break;
      default:
         throw Invalid_Argument("Unsupported key type");
   }
 
   // NOLINTEND(*-branch-clone)
 
   const auto marshalled_template = marshal_template(key_template);
 
   Object handle(ctx);
   unique_esys_ptr<TPM2B_PRIVATE> private_bytes;
   unique_esys_ptr<TPM2B_PUBLIC> public_info;
 
   // Esys_CreateLoaded can create different object types depending on the type
   // of the parent passed in. Namely, this will create a Primary object if the
   // parent is referencing a Primary Seed; an Ordinary Object if the parent is
   // referencing a Storage Parent; and a Derived Object if the parent is
   // referencing a Derivation Parent.
   //
   // See the Architecture Document, Section 27.1.
   check_rc("Esys_CreateLoaded",
            Esys_CreateLoaded(*ctx,
                              parent,
                              sessions[0],
                              sessions[1],
                              sessions[2],
                              &sensitive_data,
                              &marshalled_template,
                              out_transient_handle(handle),
                              out_ptr(private_bytes),
                              out_ptr(public_info)));
   BOTAN_ASSERT_NONNULL(private_bytes);
   BOTAN_ASSERT_NOMSG(public_info->publicArea.type == key_template.type);
   BOTAN_ASSERT_NOMSG(handle.has_transient_handle());
 
   return create(std::move(handle), sessions, public_info.get(), as_span(*private_bytes));
}

References Botan::TPM2::as_span(), BOTAN_ASSERT_NOMSG, BOTAN_ASSERT_NONNULL, Botan::TPM2::check_rc(), create(), Botan::TPM2::Object::has_transient_handle(), Botan::out_ptr(), Botan::TPM2::out_transient_handle(), and sessions().

Referenced by Botan::TPM2::EC_PrivateKey::create_unrestricted_transient(), and Botan::TPM2::RSA_PrivateKey::create_unrestricted_transient().

create_unrestricted_transient()

std::unique_ptr< TPM2::PrivateKey > Botan::TPM2::RSA_PrivateKey::create_unrestricted_transient ( const std::shared_ptr< Context > & ctx, const SessionBundle & sessions, std::span< const uint8_t > auth_value, const TPM2::PrivateKey & parent, uint16_t keylength, std::optional< uint32_t > exponent = {} )

static

Create a transient RSA key with the given keylength and exponent, under the given parent key, with the given auth_value. This key may be used for both signatures and data decryption. No restrictions on the utilized padding schemes are applied.

TODO: provide the user with some means to specify such restrictions:

• allowed key use: sign, decrypt, sign+decrypt, x509sign
• allowed padding schemes: PKCS1v1.5, OAEP, PSS
• data restrictions ("restricted" field in TPMT_PUBLIC)
• session authentication requirements (policy, user authentication, ...)
• fixed to TPM, or fixed to parent?
• ...

Parameters

ctx	The TPM context to use
sessions	The session bundle to use in the creation of the key
auth_value	The auth value to use for the key
parent	The parent key to create the new key under
keylength	The desired key length
exponent	The desired exponent (default: 0x10001)

Definition at line 57 of file tpm2_rsa.cpp.

                                                                                                                {
   BOTAN_ARG_CHECK(parent.is_parent(), "The passed key cannot be used as a parent key");
 
   TPM2B_SENSITIVE_CREATE sensitive_data = {
      .size = 0,  // ignored
      .sensitive =
         {
            .userAuth = copy_into<TPM2B_AUTH>(auth_value),
 
            // Architecture Document, Section 25.2.3
            //   When an asymmetric key is created, the caller is not allowed to
            //   provide the sensitive data of the key.
            .data = init_empty<TPM2B_SENSITIVE_DATA>(),
         },
   };
 
   TPMT_PUBLIC key_template = {
      .type = TPM2_ALG_RSA,
 
      // This is the algorithm for fingerprinting the newly created public key.
      // For best compatibility we always use SHA-256.
      .nameAlg = TPM2_ALG_SHA256,
 
      // This sets up the key to be both a decryption and a signing key, forbids
      // its duplication (fixed_tpm, fixed_parent) and ensures that the key's
      // private portion can be used only by a user with an HMAC or password
      // session.
      .objectAttributes = ObjectAttributes::render({
         .fixed_tpm = true,
         .fixed_parent = true,
         .sensitive_data_origin = true,
         .user_with_auth = true,
         .decrypt = true,
         .sign_encrypt = true,
      }),
 
      // We currently do not support policy-based authorization
      .authPolicy = init_empty<TPM2B_DIGEST>(),
      .parameters =
         {
            .rsaDetail =
               {
                  // Structures Document (Part 2), Section 12.2.3.5
                  //   If the key is not a restricted decryption key, this field
                  //   shall be set to TPM_ALG_NULL.
                  //
                  // TODO: Once we stop supporting TSS < 4.0, we could use
                  //       `.keyBits = {.null = {}}, .mode = {.null = {}}`
                  //       which better reflects our intention here.
                  .symmetric =
                     {
                        .algorithm = TPM2_ALG_NULL,
                        .keyBits = {.sym = 0},
                        .mode = {.sym = TPM2_ALG_NULL},
                     },
 
                  // Structures Document (Part 2), Section 12.2.3.5
                  //   When both sign and decrypt are SET, restricted shall be
                  //   CLEAR and scheme shall be TPM_ALG_NULL
                  //
                  // TODO: Once we stop supporting TSS < 4.0, we could use
                  //       `.details = {.null = {}}`
                  //       which better reflects our intention here.
                  .scheme =
                     {
                        .scheme = TPM2_ALG_NULL,
                        .details = {.anySig = {.hashAlg = TPM2_ALG_NULL}},
                     },
                  .keyBits = keylength,
                  .exponent = exponent.value_or(0 /* default value - 2^16 + 1*/),
               },
         },
 
      // For creating an asymmetric key this value is not used.
      .unique = {.rsa = init_empty<TPM2B_PUBLIC_KEY_RSA>()},
   };
 
   return create_transient_from_template(
      ctx, sessions, parent.handles().transient_handle(), key_template, sensitive_data);
}

References BOTAN_ARG_CHECK, Botan::TPM2::copy_into(), Botan::TPM2::PrivateKey::create_transient_from_template(), Botan::TPM2::PrivateKey::handles(), Botan::TPM2::init_empty(), Botan::TPM2::PrivateKey::is_parent(), Botan::TPM2::ObjectAttributes::render(), Botan::TPM2::PrivateKey::sessions(), and Botan::TPM2::Object::transient_handle().

create_verification_op()

std::unique_ptr< PK_Ops::Verification > Botan::RSA_PublicKey::create_verification_op ( std::string_view params, std::string_view provider ) const

overridevirtualinherited

This is an internal library function exposed on key types. In all cases applications should use wrappers in pubkey.h

Return a verification operation for this key/params or throw

Parameters

params	additional parameters
provider	the provider to use

Reimplemented from Botan::Public_Key.

Reimplemented in Botan::TPM2::RSA_PublicKey.

Definition at line 798 of file rsa.cpp.

                                                                                                           {
   if(provider == "base" || provider.empty()) {
      return std::make_unique<RSA_Verify_Operation>(*this, params);
   }
 
   throw Provider_Not_Found(algo_name(), provider);
}

References algo_name().

create_x509_verification_op()

std::unique_ptr< PK_Ops::Verification > Botan::RSA_PublicKey::create_x509_verification_op ( const AlgorithmIdentifier & signature_algorithm, std::string_view provider ) const

overridevirtualinherited

This is an internal library function exposed on key types. In all cases applications should use wrappers in pubkey.h

Return a verification operation for this combination of key and signature algorithm or throw.

Parameters

signature_algorithm	is the X.509 algorithm identifier encoding the padding scheme and hash hash function used in the signature if applicable.
provider	the provider to use

Reimplemented from Botan::Public_Key.

Definition at line 857 of file rsa.cpp.

                                                                                                                {
   if(provider == "base" || provider.empty()) {
      return std::make_unique<RSA_Verify_Operation>(*this, parse_rsa_signature_algorithm(alg_id));
   }
 
   throw Provider_Not_Found(algo_name(), provider);
}

References algo_name().

default_x509_signature_format()

Signature_Format Botan::Public_Key::default_x509_signature_format ( ) const

inlineinherited

Definition at line 229 of file pk_keys.h.

                                                               {
         return _default_x509_signature_format();
      }

References Botan::Asymmetric_Key::_default_x509_signature_format(), and default_x509_signature_format().

Referenced by default_x509_signature_format().

estimated_strength()

size_t Botan::RSA_PublicKey::estimated_strength ( ) const

overridevirtualinherited

Return the estimated strength of the underlying key against the best currently known attack. Note that this ignores anything but pure attacks against the key itself and do not take into account padding schemes, usage mistakes, etc which might reduce the strength. However it does suffice to provide an upper bound.

Returns

estimated strength in bits

Implements Botan::Asymmetric_Key.

Definition at line 182 of file rsa.cpp.

                                               {
   return if_work_factor(key_length());
}

References Botan::if_work_factor(), and key_length().

fingerprint_private()

std::string Botan::Private_Key::fingerprint_private ( std::string_view alg ) const

inherited

Returns

Hash of the PKCS #8 encoding for this key object

Definition at line 94 of file pk_keys.cpp.

                                                                         {
   return create_hex_fingerprint(private_key_bits(), hash_algo);
}

References Botan::create_hex_fingerprint(), and private_key_bits().

Referenced by Botan::Certificate_Store_In_SQL::find_certs_for_key(), Botan::Certificate_Store_In_SQL::insert_key(), and Botan::Certificate_Store_In_SQL::remove_key().

fingerprint_public()

std::string Botan::Public_Key::fingerprint_public ( std::string_view alg = "SHA-256" ) const

inherited

Returns

Hash of the subject public key

Definition at line 87 of file pk_keys.cpp.

                                                                       {
   return create_hex_fingerprint(subject_public_key(), hash_algo);
}

References Botan::create_hex_fingerprint(), and subject_public_key().

Referenced by public_key_bits().

generate_another()

std::unique_ptr< Private_Key > Botan::RSA_PublicKey::generate_another ( RandomNumberGenerator & rng ) const

overridevirtualinherited

Generate another (cryptographically independent) key pair using the same algorithm parameters as this key. This is most useful for algorithms that support PublicKeyOperation::KeyAgreement to generate a fitting ephemeral key pair. For other key types it might throw Not_Implemented.

Implements Botan::Asymmetric_Key.

Reimplemented in Botan::TPM2::RSA_PublicKey.

Definition at line 140 of file rsa.cpp.

                                                                                           {
   return std::make_unique<RSA_PrivateKey>(rng, m_public->public_modulus_bits(), m_public->get_e().to_u32bit());
}

References m_public.

get_e()

const BigInt & Botan::RSA_PublicKey::get_e ( ) const

inherited

Returns

public exponent

Definition at line 148 of file rsa.cpp.

                                         {
   return m_public->get_e();
}

References m_public.

Referenced by Botan::RSA_PrivateKey::check_key(), check_key(), Botan::RSA_PrivateKey::private_key_bits(), Botan::RSA_PrivateKey::public_key(), and public_key_bits().

get_int_field()

const BigInt & Botan::RSA_PublicKey::get_int_field ( std::string_view field ) const

overridevirtualinherited

Access an algorithm specific field

If the field is not known for this algorithm, an Invalid_Argument is thrown. The interpretation of the result requires knowledge of which algorithm is involved. For instance for RSA "p" represents one of the secret primes, while for DSA "p" is the public prime.

Some algorithms may not implement this method at all.

This is primarily used to implement the FFI botan_pubkey_get_field and botan_privkey_get_field functions.

TODO(Botan4) Change this to return by value

Reimplemented from Botan::Asymmetric_Key.

Definition at line 130 of file rsa.cpp.

                                                                     {
   if(field == "n") {
      return m_public->get_n();
   } else if(field == "e") {
      return m_public->get_e();
   } else {
      return Public_Key::get_int_field(field);
   }
}

References Botan::Asymmetric_Key::get_int_field(), and m_public.

Referenced by Botan::RSA_PrivateKey::get_int_field().

get_n()

const BigInt & Botan::RSA_PublicKey::get_n ( ) const

inherited

Returns

public modulus

Definition at line 144 of file rsa.cpp.

                                         {
   return m_public->get_n();
}

References m_public.

Referenced by Botan::RSA_PrivateKey::check_key(), check_key(), Botan::RSA_PrivateKey::private_key_bits(), Botan::RSA_PrivateKey::public_key(), and public_key_bits().

get_oid()

OID Botan::Public_Key::get_oid ( ) const

inlineinherited

Deprecated version of object_identifier

Definition at line 161 of file pk_keys.h.

{ return this->object_identifier(); }

References get_oid(), and Botan::Asymmetric_Key::object_identifier().

Referenced by get_oid().

handles() [1/2]

Object & Botan::TPM2::PrivateKey::handles ( )

inlineinherited

Definition at line 220 of file tpm2_key.h.

{ return m_handle; }

Referenced by Botan::TPM2::Session::authenticated_session(), create(), Botan::TPM2::RSA_PrivateKey::create_decryption_op(), Botan::TPM2::EC_PrivateKey::create_signature_op(), Botan::TPM2::RSA_PrivateKey::create_signature_op(), Botan::TPM2::EC_PrivateKey::create_unrestricted_transient(), Botan::TPM2::RSA_PrivateKey::create_unrestricted_transient(), load_transient(), and Botan::TPM2::Context::persist().

handles() [2/2]

const Object & Botan::TPM2::PrivateKey::handles ( ) const

inlineinherited

Definition at line 222 of file tpm2_key.h.

{ return m_handle; }

init()

void Botan::RSA_PublicKey::init ( BigInt && n, BigInt && e )

protectedinherited

Definition at line 152 of file rsa.cpp.

                                               {
   if(n.is_negative() || n.is_even() || n.bits() < 5 /* n >= 3*5 */ || e.is_negative() || e.is_even()) {
      throw Decoding_Error("Invalid RSA public key parameters");
   }
   m_public = std::make_shared<RSA_Public_Data>(std::move(n), std::move(e));
}

References m_public.

Referenced by Botan::RSA_PrivateKey::RSA_PrivateKey(), Botan::RSA_PrivateKey::RSA_PrivateKey(), Botan::RSA_PrivateKey::RSA_PrivateKey(), RSA_PublicKey(), RSA_PublicKey(), and RSA_PublicKey().

is_parent()

bool Botan::TPM2::PrivateKey::is_parent ( ) const

inherited

Definition at line 284 of file tpm2_key.cpp.

                                 {
   // Architectural Document, Section 4.54
   //   any object with the decrypt and restricted attributes SET and the sign
   //   attribute CLEAR
   const auto attrs = m_handle.attributes(m_sessions);
   return attrs.decrypt && attrs.restricted && !attrs.sign_encrypt;
}

Referenced by Botan::TPM2::EC_PrivateKey::create_unrestricted_transient(), and Botan::TPM2::RSA_PrivateKey::create_unrestricted_transient().

key_length()

size_t Botan::RSA_PublicKey::key_length ( ) const

overridevirtualinherited

Return an integer value best approximating the length of the primary security parameter. For example for RSA this will be the size of the modulus, for ECDSA the size of the ECC group, and for McEliece the size of the code will be returned.

Implements Botan::Public_Key.

Definition at line 178 of file rsa.cpp.

                                       {
   return m_public->public_modulus_bits();
}

References m_public.

Referenced by estimated_strength().

load_persistent()

std::unique_ptr< PrivateKey > Botan::TPM2::PrivateKey::load_persistent ( const std::shared_ptr< Context > & ctx, TPM2_HANDLE persistent_object_handle, std::span< const uint8_t > auth_value, const SessionBundle & sessions )

staticinherited

Load a private key that resides in the TPM's persistent storage.

Parameters

ctx	The TPM context to use
persistent_object_handle	The handle of the persistent object to load
auth_value	The auth value required to use the key
sessions	The session bundle to use for the key's operations

Definition at line 177 of file tpm2_key.cpp.

                                                                                       {
   return create(load_persistent_object(ctx, persistent_object_handle, auth_value, sessions),
                 sessions,
                 nullptr /* pull public info from handle */,
                 {} /* persistent keys don't have an encrypted private blob */);
}

References create(), and sessions().

Referenced by Botan::TPM2::Context::storage_root_key().

load_transient()

std::unique_ptr< PrivateKey > Botan::TPM2::PrivateKey::load_transient ( const std::shared_ptr< Context > & ctx, std::span< const uint8_t > auth_value, const TPM2::PrivateKey & parent, std::span< const uint8_t > public_blob, std::span< const uint8_t > private_blob, const SessionBundle & sessions )

staticinherited

Load a private key from the public and private blobs obtained by a TPM key creation.

Transient keys don't reside inside the TPM but must be loaded by the application as required. Once this object is destructed, the transient memory on the TPM is cleared.

Parameters

ctx	The TPM context to use
auth_value	The auth value required to use the key
parent	The parent key the key was originally created under
public_blob	The public blob of the key to load
private_blob	The private blob of the key to load
sessions	The session bundle to use for loading

Definition at line 187 of file tpm2_key.cpp.

                                                                                      {
   BOTAN_ASSERT_NONNULL(ctx);
   Object handle(ctx);
 
   const auto public_data = unmarshal_public_blob(public_blob);
   const auto private_data = copy_into<TPM2B_PRIVATE>(private_blob);
 
   check_rc("Esys_Load",
            Esys_Load(*ctx,
                      parent.handles().transient_handle(),
                      sessions[0],
                      sessions[1],
                      sessions[2],
                      &private_data,
                      &public_data,
                      out_transient_handle(handle)));
 
   if(!auth_value.empty()) {
      const auto user_auth = copy_into<TPM2B_AUTH>(auth_value);
      check_rc("Esys_TR_SetAuth", Esys_TR_SetAuth(*ctx, handle.transient_handle(), &user_auth));
   }
 
   return create(std::move(handle), sessions, nullptr /* pull public info from handle */, private_blob);
}

References BOTAN_ASSERT_NONNULL, Botan::TPM2::check_rc(), Botan::TPM2::copy_into(), create(), handles(), Botan::TPM2::out_transient_handle(), sessions(), and Botan::TPM2::Object::transient_handle().

message_part_size()

size_t Botan::Public_Key::message_part_size ( ) const

inlineinherited

Returns how large each of the message parts refered to by message_parts() is

This function is public but applications should have few reasons to ever call this.

Returns

size of the message parts in bits

Definition at line 221 of file pk_keys.h.

                                                                                     {
         return _signature_element_size_for_DER_encoding().value_or(0);
      }

References Botan::Asymmetric_Key::_signature_element_size_for_DER_encoding(), and message_part_size().

Referenced by message_part_size().

message_parts()

size_t Botan::Public_Key::message_parts ( ) const

inlineinherited

Returns more than 1 if the output of this algorithm (ciphertext, signature) should be treated as more than one value. This is used for algorithms like DSA and ECDSA, where the (r,s) output pair can be encoded as either a plain binary list or a TLV tagged DER encoding depending on the protocol.

This function is public but applications should have few reasons to ever call this.

Returns

number of message parts

Definition at line 208 of file pk_keys.h.

                                                                                 {
         return _signature_element_size_for_DER_encoding() ? 2 : 1;
      }

References Botan::Asymmetric_Key::_signature_element_size_for_DER_encoding(), and message_parts().

Referenced by message_parts().

object_identifier()

OID Botan::Asymmetric_Key::object_identifier ( ) const

virtualinherited

Get the OID of the underlying public key scheme.

Returns

OID of the public key scheme

Reimplemented in Botan::Classic_McEliece_PublicKey, Botan::Dilithium_PublicKey, Botan::FrodoKEM_PublicKey, Botan::HSS_LMS_PublicKey, Botan::Kyber_PublicKey, and Botan::SphincsPlus_PublicKey.

Definition at line 22 of file pk_keys.cpp.

                                            {
   try {
      return OID::from_string(algo_name());
   } catch(Lookup_Error&) {
      throw Lookup_Error(fmt("Public key algorithm {} has no defined OIDs", algo_name()));
   }
}

References algo_name(), Botan::fmt(), and Botan::OID::from_string().

Referenced by Botan::DH_PublicKey::algorithm_identifier(), Botan::DSA_PublicKey::algorithm_identifier(), Botan::EC_PublicKey::algorithm_identifier(), Botan::Ed25519_PublicKey::algorithm_identifier(), Botan::Ed448_PublicKey::algorithm_identifier(), Botan::ElGamal_PublicKey::algorithm_identifier(), Botan::GOST_3410_PublicKey::algorithm_identifier(), Botan::McEliece_PublicKey::algorithm_identifier(), Botan::RSA_PublicKey::algorithm_identifier(), Botan::TPM_PrivateKey::algorithm_identifier(), Botan::X25519_PublicKey::algorithm_identifier(), Botan::X448_PublicKey::algorithm_identifier(), Botan::XMSS_PublicKey::algorithm_identifier(), estimated_strength(), and Botan::Public_Key::get_oid().

pkcs8_algorithm_identifier()

virtual AlgorithmIdentifier Botan::Private_Key::pkcs8_algorithm_identifier ( ) const

inlinevirtualinherited

Returns

PKCS #8 AlgorithmIdentifier for this key Might be different from the X.509 identifier, but normally is not

Reimplemented in Botan::GOST_3410_PrivateKey, and Botan::HSS_LMS_PrivateKey.

Definition at line 324 of file pk_keys.h.

{ return algorithm_identifier(); }

References Botan::Public_Key::algorithm_identifier().

Referenced by private_key_info().

private_key_bits()

secure_vector< uint8_t > Botan::TPM2::PrivateKey::private_key_bits ( ) const

inlineoverridevirtualinherited

Exceptions

Not_Implemented

keys hosted in a TPM2 cannot be exported

Implements Botan::Private_Key.

Definition at line 205 of file tpm2_key.h.

                                                               {
         throw Not_Implemented("cannot export private key bits from a TPM2 key, maybe use raw_private_key_bits()?");
      }

private_key_info()

secure_vector< uint8_t > Botan::Private_Key::private_key_info ( ) const

inherited

Returns

PKCS #8 private key encoding for this key object

Definition at line 68 of file pk_keys.cpp.

                                                           {
   const size_t PKCS8_VERSION = 0;
 
   return DER_Encoder()
      .start_sequence()
      .encode(PKCS8_VERSION)
      .encode(pkcs8_algorithm_identifier())
      .encode(private_key_bits(), ASN1_Type::OctetString)
      .end_cons()
      .get_contents();
}

References Botan::DER_Encoder::encode(), Botan::DER_Encoder::end_cons(), Botan::DER_Encoder::get_contents(), Botan::OctetString, pkcs8_algorithm_identifier(), private_key_bits(), and Botan::DER_Encoder::start_sequence().

Referenced by Botan::PKCS8::BER_encode(), Botan::PKCS8::BER_encode_encrypted_pbkdf_iter(), Botan::PKCS8::BER_encode_encrypted_pbkdf_msec(), Botan::PKCS8::PEM_encode(), and public_key().

public_data()

std::shared_ptr< const RSA_Public_Data > Botan::RSA_PublicKey::public_data ( ) const

inherited

Definition at line 126 of file rsa.cpp.

                                                                      {
   return m_public;
}

References m_public.

public_key()

std::unique_ptr< Public_Key > Botan::TPM2::RSA_PrivateKey::public_key ( ) const

inlineoverridevirtual

Allocate a new object for the public key associated with this private key.

Returns

public key

Implements Botan::Private_Key.

Definition at line 87 of file tpm2_rsa.h.

                                                            {
         return std::make_unique<Botan::RSA_PublicKey>(algorithm_identifier(), public_key_bits());
      }

References Botan::RSA_PublicKey::algorithm_identifier(), and Botan::RSA_PublicKey::public_key_bits().

public_key_bits()

std::vector< uint8_t > Botan::RSA_PublicKey::public_key_bits ( ) const

overridevirtualinherited

Returns

BER encoded public key bits

Implements Botan::Public_Key.

Definition at line 194 of file rsa.cpp.

                                                        {
   std::vector<uint8_t> output;
   DER_Encoder der(output);
   der.start_sequence().encode(get_n()).encode(get_e()).end_cons();
 
   return output;
}

References Botan::DER_Encoder::encode(), Botan::DER_Encoder::end_cons(), get_e(), get_n(), and Botan::DER_Encoder::start_sequence().

Referenced by Botan::TPM2::RSA_PrivateKey::public_key().

raw_private_key_bits()

secure_vector< uint8_t > Botan::TPM2::PrivateKey::raw_private_key_bits ( ) const

overridevirtualinherited

Returns

the encrypted private key blob, if the key is transient

Exceptions

Invalid_State

if the key is persistent

Reimplemented from Botan::Private_Key.

Definition at line 274 of file tpm2_key.cpp.

                                                              {
   BOTAN_STATE_CHECK(!m_handle.has_persistent_handle());
   BOTAN_ASSERT_NOMSG(!m_private_blob.empty());
   return Botan::lock(m_private_blob);
}

References BOTAN_ASSERT_NOMSG, BOTAN_STATE_CHECK, and Botan::lock().

raw_public_key_bits()

std::vector< uint8_t > Botan::TPM2::RSA_PrivateKey::raw_public_key_bits ( ) const

inlineoverridevirtual

Returns

a TPM2-specific marshalled representation of the public key

Reimplemented from Botan::TPM2::PrivateKey.

Definition at line 91 of file tpm2_rsa.h.

{ return TPM2::PrivateKey::raw_public_key_bits(); }

References Botan::TPM2::PrivateKey::raw_public_key_bits().

remaining_operations()

virtual std::optional< uint64_t > Botan::Private_Key::remaining_operations ( ) const

inlinevirtualinherited

Retrieves the number of remaining operations if this is a stateful private key.

Returns

the number of remaining operations or std::nullopt if not applicable.

Reimplemented in Botan::HSS_LMS_PrivateKey, and Botan::XMSS_PrivateKey.

Definition at line 337 of file pk_keys.h.

{ return std::nullopt; }

sessions()

const SessionBundle & Botan::TPM2::PrivateKey::sessions ( ) const

inlineinherited

Definition at line 224 of file tpm2_key.h.

{ return m_sessions; }

Referenced by create(), Botan::TPM2::RSA_PrivateKey::create_decryption_op(), Botan::TPM2::EC_PrivateKey::create_signature_op(), Botan::TPM2::RSA_PrivateKey::create_signature_op(), create_transient_from_template(), Botan::TPM2::EC_PrivateKey::create_unrestricted_transient(), Botan::TPM2::RSA_PrivateKey::create_unrestricted_transient(), Botan::TPM2::EC_PrivateKey::EC_PrivateKey(), Botan::TPM2::EC_PrivateKey::EC_PrivateKey(), load_persistent(), load_transient(), PrivateKey(), Botan::TPM2::EC_PrivateKey::TPM2::PrivateKey, and Botan::TPM2::RSA_PrivateKey::TPM2::PrivateKey.

stateful_operation()

virtual bool Botan::Private_Key::stateful_operation ( ) const

inlinevirtualinherited

Indicates if this key is stateful, ie that performing a private key operation requires updating the key storage.

Reimplemented in Botan::HSS_LMS_PrivateKey, and Botan::XMSS_PrivateKey.

Definition at line 330 of file pk_keys.h.

{ return false; }

subject_public_key()

std::vector< uint8_t > Botan::Public_Key::subject_public_key ( ) const

inherited

Returns

X.509 subject key encoding for this key object

Definition at line 56 of file pk_keys.cpp.

                                                        {
   std::vector<uint8_t> output;
 
   DER_Encoder(output)
      .start_sequence()
      .encode(algorithm_identifier())
      .encode(public_key_bits(), ASN1_Type::BitString)
      .end_cons();
 
   return output;
}

References algorithm_identifier(), Botan::BitString, Botan::DER_Encoder::encode(), Botan::DER_Encoder::end_cons(), public_key_bits(), and Botan::DER_Encoder::start_sequence().

Referenced by Botan::X509::BER_encode(), Botan::PKCS10_Request::create(), fingerprint_public(), Botan::X509::PEM_encode(), and public_key_bits().

supports_operation()

bool Botan::TPM2::RSA_PrivateKey::supports_operation ( PublicKeyOperation op ) const

inlineoverridevirtual

Return true if this key could be used for the specified type of operation.

Implements Botan::Asymmetric_Key.

Definition at line 93 of file tpm2_rsa.h.

                                                                    {
         // TODO: Support RSA-KEM
         return op == PublicKeyOperation::Encryption || op == PublicKeyOperation::Signature;
      }

References Botan::Encryption, and Botan::Signature.

Friends And Related Symbol Documentation

TPM2::PrivateKey

friend class TPM2::PrivateKey

friend

Definition at line 107 of file tpm2_rsa.h.

References RSA_PrivateKey(), and Botan::TPM2::PrivateKey::sessions().

Member Data Documentation

m_public

std::shared_ptr<const RSA_Public_Data> Botan::RSA_PublicKey::m_public

protectedinherited

Definition at line 91 of file rsa.h.

Referenced by generate_another(), get_e(), get_int_field(), get_n(), init(), key_length(), and public_data().

---

The documentation for this class was generated from the following files:

• src/lib/prov/tpm2/tpm2_rsa/tpm2_rsa.h
• src/lib/prov/tpm2/tpm2_rsa/tpm2_rsa.cpp