Botan 3.9.0
Crypto and TLS for C&
Botan::TPM2::RSA_PrivateKey Class Referencefinal

#include <tpm2_rsa.h>

Inheritance diagram for Botan::TPM2::RSA_PrivateKey:
Botan::TPM2::PrivateKey Botan::RSA_PublicKey Botan::Private_Key Botan::Public_Key Botan::Public_Key Botan::Asymmetric_Key Botan::Asymmetric_Key

Public Member Functions

virtual Signature_Format _default_x509_signature_format () const
virtual std::optional< size_t > _signature_element_size_for_DER_encoding () const
std::string algo_name () const override
AlgorithmIdentifier algorithm_identifier () const override
bool check_key (RandomNumberGenerator &rng, bool strong) const override
std::unique_ptr< PK_Ops::Decryptioncreate_decryption_op (Botan::RandomNumberGenerator &rng, std::string_view params, std::string_view provider) const override
std::unique_ptr< PK_Ops::Encryptioncreate_encryption_op (RandomNumberGenerator &rng, std::string_view params, std::string_view provider) const override
virtual std::unique_ptr< PK_Ops::KEM_Decryptioncreate_kem_decryption_op (RandomNumberGenerator &rng, std::string_view params, std::string_view provider) const
std::unique_ptr< PK_Ops::KEM_Encryptioncreate_kem_encryption_op (std::string_view params, std::string_view provider) const override
virtual std::unique_ptr< PK_Ops::Key_Agreementcreate_key_agreement_op (RandomNumberGenerator &rng, std::string_view params, std::string_view provider) const
std::unique_ptr< PK_Ops::Signaturecreate_signature_op (Botan::RandomNumberGenerator &rng, std::string_view params, std::string_view provider) const override
std::unique_ptr< PK_Ops::Verificationcreate_verification_op (std::string_view params, std::string_view provider) const override
std::unique_ptr< PK_Ops::Verificationcreate_x509_verification_op (const AlgorithmIdentifier &alg_id, std::string_view provider) const override
Signature_Format default_x509_signature_format () const
size_t estimated_strength () const override
std::string fingerprint_private (std::string_view alg) const
std::string fingerprint_public (std::string_view alg="SHA-256") const
std::unique_ptr< Private_Keygenerate_another (RandomNumberGenerator &rng) const override
const BigIntget_e () const
const BigIntget_int_field (std::string_view field) const override
const BigIntget_n () const
OID get_oid () const
Objecthandles ()
const Objecthandles () const
bool is_parent () const
size_t key_length () const override
size_t message_part_size () const
size_t message_parts () const
virtual OID object_identifier () const
virtual AlgorithmIdentifier pkcs8_algorithm_identifier () const
secure_vector< uint8_t > private_key_bits () const override
secure_vector< uint8_t > private_key_info () const
std::shared_ptr< const RSA_Public_Data > public_data () const
std::unique_ptr< Public_Keypublic_key () const override
std::vector< uint8_t > public_key_bits () const override
secure_vector< uint8_t > raw_private_key_bits () const override
std::vector< uint8_t > raw_public_key_bits () const override
virtual std::optional< uint64_t > remaining_operations () const
 Retrieves the number of remaining operations if this is a stateful private key.
const SessionBundlesessions () const
virtual bool stateful_operation () const
std::vector< uint8_t > subject_public_key () const
bool supports_operation (PublicKeyOperation op) const override

Static Public Member Functions

static std::unique_ptr< PrivateKeycreate_transient_from_template (const std::shared_ptr< Context > &ctx, const SessionBundle &sessions, ESYS_TR parent, const TPMT_PUBLIC &key_template, const TPM2B_SENSITIVE_CREATE &sensitive_data)
static std::unique_ptr< TPM2::PrivateKeycreate_unrestricted_transient (const std::shared_ptr< Context > &ctx, const SessionBundle &sessions, std::span< const uint8_t > auth_value, const TPM2::PrivateKey &parent, uint16_t keylength, std::optional< uint32_t > exponent={})
static std::unique_ptr< PrivateKeyload_persistent (const std::shared_ptr< Context > &ctx, TPM2_HANDLE persistent_object_handle, std::span< const uint8_t > auth_value, const SessionBundle &sessions)
static std::unique_ptr< PrivateKeyload_transient (const std::shared_ptr< Context > &ctx, std::span< const uint8_t > auth_value, const TPM2::PrivateKey &parent, std::span< const uint8_t > public_blob, std::span< const uint8_t > private_blob, const SessionBundle &sessions)

Protected Member Functions

void init (BigInt &&n, BigInt &&e)
 RSA_PrivateKey (Object handle, SessionBundle sessions, const TPM2B_PUBLIC *public_blob, std::span< const uint8_t > private_blob={})

Static Protected Member Functions

static std::unique_ptr< PrivateKeycreate (Object handles, const SessionBundle &sessions, const TPM2B_PUBLIC *public_info, std::span< const uint8_t > private_blob)

Protected Attributes

std::shared_ptr< const RSA_Public_Data > m_public

Friends

class TPM2::PrivateKey

Detailed Description

Definition at line 55 of file tpm2_rsa.h.

Constructor & Destructor Documentation

◆ RSA_PrivateKey()

Botan::TPM2::RSA_PrivateKey::RSA_PrivateKey ( Object handle,
SessionBundle sessions,
const TPM2B_PUBLIC * public_blob,
std::span< const uint8_t > private_blob = {} )
protected

Definition at line 39 of file tpm2_rsa.cpp.

42 :
43 Botan::TPM2::RSA_PrivateKey(std::move(handle),
44 std::move(session_bundle),
45 rsa_pubkey_components_from_tss2_public(public_blob),
46 private_blob) {}

References RSA_PrivateKey().

Referenced by RSA_PrivateKey(), and TPM2::PrivateKey.

Member Function Documentation

◆ _default_x509_signature_format()

Signature_Format Botan::Asymmetric_Key::_default_x509_signature_format ( ) const
virtualinherited

◆ _signature_element_size_for_DER_encoding()

virtual std::optional< size_t > Botan::Asymmetric_Key::_signature_element_size_for_DER_encoding ( ) const
inlinevirtualinherited

Certain signatures schemes such as ECDSA have more than one element, and certain unfortunate protocols decided the thing to do was not concatenate them as normally done, but instead DER encode each of the elements as independent values.

If this returns a value x then the signature is checked to be exactly 2*x bytes and split in half for DER encoding.

Reimplemented in Botan::DSA_PublicKey, Botan::ECDSA_PublicKey, Botan::ECGDSA_PublicKey, Botan::ECKCDSA_PublicKey, Botan::GOST_3410_PublicKey, and Botan::SM2_PublicKey.

Definition at line 137 of file pk_keys.h.

137{ return {}; }

Referenced by _default_x509_signature_format(), Botan::Public_Key::message_part_size(), Botan::Public_Key::message_parts(), Botan::PK_Verifier::PK_Verifier(), and Botan::PK_Verifier::PK_Verifier().

◆ algo_name()

std::string Botan::RSA_PublicKey::algo_name ( ) const
inlineoverridevirtualinherited

Get the name of the underlying public key scheme.

Returns
name of the public key scheme

Implements Botan::Asymmetric_Key.

Definition at line 41 of file rsa.h.

41{ return "RSA"; }

Referenced by Botan::RSA_PrivateKey::create_decryption_op(), create_encryption_op(), Botan::RSA_PrivateKey::create_kem_decryption_op(), create_kem_encryption_op(), Botan::RSA_PrivateKey::create_signature_op(), create_verification_op(), and create_x509_verification_op().

◆ algorithm_identifier()

AlgorithmIdentifier Botan::RSA_PublicKey::algorithm_identifier ( ) const
overridevirtualinherited
Returns
X.509 AlgorithmIdentifier for this key

Implements Botan::Public_Key.

Definition at line 186 of file rsa.cpp.

186 {
187 return AlgorithmIdentifier(object_identifier(), AlgorithmIdentifier::USE_NULL_PARAM);
188}
virtual OID object_identifier() const
Definition pk_keys.cpp:22

References Botan::Asymmetric_Key::object_identifier(), and Botan::AlgorithmIdentifier::USE_NULL_PARAM.

Referenced by Botan::TPM2::RSA_PrivateKey::public_key().

◆ check_key()

bool Botan::RSA_PublicKey::check_key ( RandomNumberGenerator & rng,
bool strong ) const
overridevirtualinherited

Implements Botan::Asymmetric_Key.

Definition at line 205 of file rsa.cpp.

205 {
206 if(get_n() < 35 || get_n().is_even() || get_e() < 3 || get_e().is_even()) {
207 return false;
208 }
209 return true;
210}
const BigInt & get_n() const
Definition rsa.cpp:144
const BigInt & get_e() const
Definition rsa.cpp:148

References get_e(), and get_n().

◆ create()

std::unique_ptr< PrivateKey > Botan::TPM2::PrivateKey::create ( Object handles,
const SessionBundle & sessions,
const TPM2B_PUBLIC * public_info,
std::span< const uint8_t > private_blob )
staticprotectedinherited

Definition at line 292 of file tpm2_key.cpp.

295 {
296 if(public_info == nullptr) {
297 public_info = handles._public_info(sessions).pub.get();
298 }
299
300#if defined(BOTAN_HAS_TPM2_RSA_ADAPTER)
301 if(public_info->publicArea.type == TPM2_ALG_RSA) {
302 return std::unique_ptr<RSA_PrivateKey>(
303 new RSA_PrivateKey(std::move(handles), sessions, public_info, private_blob));
304 }
305#endif
306
307#if defined(BOTAN_HAS_TPM2_ECC_ADAPTER)
308 if(public_info->publicArea.type == TPM2_ALG_ECC) {
309 return std::unique_ptr<EC_PrivateKey>(new EC_PrivateKey(std::move(handles), sessions, public_info, private_blob));
310 }
311#endif
312
313 throw Not_Implemented(Botan::fmt("Loaded a {} private key of an unsupported type",
314 handles.has_persistent_handle() ? "persistent" : "transient"));
315}
const SessionBundle & sessions() const
Definition tpm2_key.h:224
std::string fmt(std::string_view format, const T &... args)
Definition fmt.h:53

References Botan::fmt(), handles(), and sessions().

Referenced by create_transient_from_template(), load_persistent(), and load_transient().

◆ create_decryption_op()

std::unique_ptr< PK_Ops::Decryption > Botan::TPM2::RSA_PrivateKey::create_decryption_op ( Botan::RandomNumberGenerator & rng,
std::string_view params,
std::string_view provider ) const
overridevirtual

This is an internal library function exposed on key types. In all cases applications should use wrappers in pubkey.h

Return an decryption operation for this key/params or throw

Parameters
rnga random number generator. The PK_Op may maintain a reference to the RNG and use it many times. The rng must outlive any operations which reference it.
paramsadditional parameters
providerthe provider to use

Reimplemented from Botan::Private_Key.

Definition at line 412 of file tpm2_rsa.cpp.

414 {
415 BOTAN_UNUSED(rng, provider);
416 return std::make_unique<RSA_Decryption_Operation>(handles(), sessions(), params);
417}
#define BOTAN_UNUSED
Definition assert.h:144

References BOTAN_UNUSED, Botan::TPM2::PrivateKey::handles(), and Botan::TPM2::PrivateKey::sessions().

◆ create_encryption_op()

std::unique_ptr< PK_Ops::Encryption > Botan::RSA_PublicKey::create_encryption_op ( RandomNumberGenerator & rng,
std::string_view params,
std::string_view provider ) const
overridevirtualinherited

This is an internal library function exposed on key types. In almost all cases applications should use wrappers in pubkey.h

Return an encryption operation for this key/params or throw

Parameters
rnga random number generator. The PK_Op may maintain a reference to the RNG and use it many times. The rng must outlive any operations which reference it.
paramsadditional parameters
providerthe provider to use

Reimplemented from Botan::Public_Key.

Reimplemented in Botan::TPM2::RSA_PublicKey.

Definition at line 781 of file rsa.cpp.

783 {
784 if(provider == "base" || provider.empty()) {
785 return std::make_unique<RSA_Encryption_Operation>(*this, params);
786 }
787 throw Provider_Not_Found(algo_name(), provider);
788}
std::string algo_name() const override
Definition rsa.h:41

References algo_name().

◆ create_kem_decryption_op()

std::unique_ptr< PK_Ops::KEM_Decryption > Botan::Private_Key::create_kem_decryption_op ( RandomNumberGenerator & rng,
std::string_view params,
std::string_view provider ) const
virtualinherited

This is an internal library function exposed on key types. In all cases applications should use wrappers in pubkey.h

Return a KEM decryption operation for this key/params or throw

Parameters
rnga random number generator. The PK_Op may maintain a reference to the RNG and use it many times. The rng must outlive any operations which reference it.
paramsadditional parameters
providerthe provider to use

Reimplemented in Botan::Classic_McEliece_PrivateKey, Botan::FrodoKEM_PrivateKey, Botan::KEX_to_KEM_Adapter_PrivateKey, Botan::Kyber_PrivateKey, Botan::McEliece_PrivateKey, Botan::RSA_PrivateKey, and Botan::TLS::Hybrid_KEM_PrivateKey.

Definition at line 125 of file pk_keys.cpp.

127 {
128 throw Lookup_Error(fmt("{} does not support KEM decryption", algo_name()));
129}
virtual std::string algo_name() const =0

References Botan::Asymmetric_Key::algo_name(), and Botan::fmt().

Referenced by Botan::PK_KEM_Decryptor::PK_KEM_Decryptor().

◆ create_kem_encryption_op()

std::unique_ptr< PK_Ops::KEM_Encryption > Botan::RSA_PublicKey::create_kem_encryption_op ( std::string_view params,
std::string_view provider ) const
overridevirtualinherited

This is an internal library function exposed on key types. In almost all cases applications should use wrappers in pubkey.h

Return a KEM encryption operation for this key/params or throw

Parameters
paramsadditional parameters
providerthe provider to use

Reimplemented from Botan::Public_Key.

Definition at line 790 of file rsa.cpp.

791 {
792 if(provider == "base" || provider.empty()) {
793 return std::make_unique<RSA_KEM_Encryption_Operation>(*this, params);
794 }
795 throw Provider_Not_Found(algo_name(), provider);
796}

References algo_name().

◆ create_key_agreement_op()

std::unique_ptr< PK_Ops::Key_Agreement > Botan::Private_Key::create_key_agreement_op ( RandomNumberGenerator & rng,
std::string_view params,
std::string_view provider ) const
virtualinherited

This is an internal library function exposed on key types. In all cases applications should use wrappers in pubkey.h

Return a key agreement operation for this key/params or throw

Parameters
rnga random number generator. The PK_Op may maintain a reference to the RNG and use it many times. The rng must outlive any operations which reference it.
paramsadditional parameters
providerthe provider to use

Reimplemented in Botan::DH_PrivateKey, Botan::ECDH_PrivateKey, Botan::X25519_PrivateKey, and Botan::X448_PrivateKey.

Definition at line 137 of file pk_keys.cpp.

139 {
140 throw Lookup_Error(fmt("{} does not support key agreement", algo_name()));
141}

References Botan::Asymmetric_Key::algo_name(), and Botan::fmt().

Referenced by Botan::PK_Key_Agreement::PK_Key_Agreement().

◆ create_signature_op()

std::unique_ptr< PK_Ops::Signature > Botan::TPM2::RSA_PrivateKey::create_signature_op ( Botan::RandomNumberGenerator & rng,
std::string_view params,
std::string_view provider ) const
overridevirtual

This is an internal library function exposed on key types. In all cases applications should use wrappers in pubkey.h

Return a signature operation for this key/params or throw

Parameters
rnga random number generator. The PK_Op may maintain a reference to the RNG and use it many times. The rng must outlive any operations which reference it.
paramsadditional parameters
providerthe provider to use

Reimplemented from Botan::Private_Key.

Definition at line 398 of file tpm2_rsa.cpp.

400 {
401 BOTAN_UNUSED(rng, provider);
402 return std::make_unique<RSA_Signature_Operation>(handles(), sessions(), params);
403}

References BOTAN_UNUSED, Botan::TPM2::PrivateKey::handles(), and Botan::TPM2::PrivateKey::sessions().

◆ create_transient_from_template()

std::unique_ptr< PrivateKey > Botan::TPM2::PrivateKey::create_transient_from_template ( const std::shared_ptr< Context > & ctx,
const SessionBundle & sessions,
ESYS_TR parent,
const TPMT_PUBLIC & key_template,
const TPM2B_SENSITIVE_CREATE & sensitive_data )
staticinherited

This is a wrapper around Esys_CreateLoaded creating a transient key from a given key_template with sensitive_data. It gives maximal flexibility to the caller to create a key with their own TSS2 template configuration.

Please use this if you know what you are doing, only! Most users should use the more convenient create_transient() methods of the derived classes.

Parameters
ctxThe TPM context to use
sessionsThe session bundle to use in Esys_CreateLoaded().
parentThe handle of the parent object to create the new key under (this may reference a "Primary Seed" to create a "Primary Key", a "Storage Parent" to create an "Ordinary Key", or a "Derivation Parent" to create a "Derived Key").
key_templateThe template data to use for the key creation. It will be passed to Tss2_MU_TPMT_PUBLIC_Marshal() and Esys_CreateLoaded().
sensitive_dataThe sensitive data (e.g. with the desired auth value) to use for the key creation.

Definition at line 217 of file tpm2_key.cpp.

221 {
223
224 // NOLINTBEGIN(*-branch-clone)
225
226 switch(key_template.type) {
227 case TPM2_ALG_RSA:
228#if not defined(BOTAN_HAS_TPM2_RSA_ADAPTER)
229 throw Not_Implemented("TPM2-based RSA keys are not supported in this build");
230#endif
231 break;
232 case TPM2_ALG_ECC:
233#if not defined(BOTAN_HAS_TPM2_ECC_ADAPTER)
234 throw Not_Implemented("TPM2-based ECC keys are not supported in this build");
235#endif
236 break;
237 default:
238 throw Invalid_Argument("Unsupported key type");
239 }
240
241 // NOLINTEND(*-branch-clone)
242
243 const auto marshalled_template = marshal_template(key_template);
244
245 Object handle(ctx);
246 unique_esys_ptr<TPM2B_PRIVATE> private_bytes;
248
249 // Esys_CreateLoaded can create different object types depending on the type
250 // of the parent passed in. Namely, this will create a Primary object if the
251 // parent is referencing a Primary Seed; an Ordinary Object if the parent is
252 // referencing a Storage Parent; and a Derived Object if the parent is
253 // referencing a Derivation Parent.
254 //
255 // See the Architecture Document, Section 27.1.
256 check_rc("Esys_CreateLoaded",
257 Esys_CreateLoaded(*ctx,
258 parent,
259 sessions[0],
260 sessions[1],
261 sessions[2],
262 &sensitive_data,
263 &marshalled_template,
264 out_transient_handle(handle),
265 out_ptr(private_bytes),
266 out_ptr(public_info)));
267 BOTAN_ASSERT_NONNULL(private_bytes);
268 BOTAN_ASSERT_NOMSG(public_info->publicArea.type == key_template.type);
269 BOTAN_ASSERT_NOMSG(handle.has_transient_handle());
270
271 return create(std::move(handle), sessions, public_info.get(), as_span(*private_bytes));
272}
#define BOTAN_ASSERT_NOMSG(expr)
Definition assert.h:75
#define BOTAN_ASSERT_NONNULL(ptr)
Definition assert.h:114
static std::unique_ptr< PrivateKey > create(Object handles, const SessionBundle &sessions, const TPM2B_PUBLIC *public_info, std::span< const uint8_t > private_blob)
Definition tpm2_key.cpp:292
constexpr void check_rc(std::string_view location, TSS2_RC rc)
Definition tpm2_util.h:55
std::unique_ptr< T, esys_liberator > unique_esys_ptr
A unique pointer type for ESYS handles that automatically frees the handle.
Definition tpm2_util.h:163
constexpr auto out_transient_handle(Object &object)
Definition tpm2_util.h:219
constexpr auto as_span(tpm2_buffer auto &data)
Construct a std::span as a view into a TPM2 buffer.
Definition tpm2_util.h:103
constexpr auto out_ptr(T &outptr) noexcept
Definition stl_util.h:415

References Botan::TPM2::as_span(), BOTAN_ASSERT_NOMSG, BOTAN_ASSERT_NONNULL, Botan::TPM2::check_rc(), create(), Botan::TPM2::Object::has_transient_handle(), Botan::out_ptr(), Botan::TPM2::out_transient_handle(), and sessions().

Referenced by Botan::TPM2::EC_PrivateKey::create_unrestricted_transient(), and Botan::TPM2::RSA_PrivateKey::create_unrestricted_transient().

◆ create_unrestricted_transient()

std::unique_ptr< TPM2::PrivateKey > Botan::TPM2::RSA_PrivateKey::create_unrestricted_transient ( const std::shared_ptr< Context > & ctx,
const SessionBundle & sessions,
std::span< const uint8_t > auth_value,
const TPM2::PrivateKey & parent,
uint16_t keylength,
std::optional< uint32_t > exponent = {} )
static

Create a transient RSA key with the given keylength and exponent, under the given parent key, with the given auth_value. This key may be used for both signatures and data decryption. No restrictions on the utilized padding schemes are applied.

TODO: provide the user with some means to specify such restrictions:

  • allowed key use: sign, decrypt, sign+decrypt, x509sign
  • allowed padding schemes: PKCS1v1.5, OAEP, PSS
  • data restrictions ("restricted" field in TPMT_PUBLIC)
  • session authentication requirements (policy, user authentication, ...)
  • fixed to TPM, or fixed to parent?
  • ...
Parameters
ctxThe TPM context to use
sessionsThe session bundle to use in the creation of the key
auth_valueThe auth value to use for the key
parentThe parent key to create the new key under
keylengthThe desired key length
exponentThe desired exponent (default: 0x10001)

Definition at line 57 of file tpm2_rsa.cpp.

62 {
63 BOTAN_ARG_CHECK(parent.is_parent(), "The passed key cannot be used as a parent key");
64
65 TPM2B_SENSITIVE_CREATE sensitive_data = {
66 .size = 0, // ignored
67 .sensitive =
68 {
69 .userAuth = copy_into<TPM2B_AUTH>(auth_value),
70
71 // Architecture Document, Section 25.2.3
72 // When an asymmetric key is created, the caller is not allowed to
73 // provide the sensitive data of the key.
75 },
76 };
77
78 TPMT_PUBLIC key_template = {
79 .type = TPM2_ALG_RSA,
80
81 // This is the algorithm for fingerprinting the newly created public key.
82 // For best compatibility we always use SHA-256.
83 .nameAlg = TPM2_ALG_SHA256,
84
85 // This sets up the key to be both a decryption and a signing key, forbids
86 // its duplication (fixed_tpm, fixed_parent) and ensures that the key's
87 // private portion can be used only by a user with an HMAC or password
88 // session.
89 .objectAttributes = ObjectAttributes::render({
90 .fixed_tpm = true,
91 .fixed_parent = true,
92 .sensitive_data_origin = true,
93 .user_with_auth = true,
94 .decrypt = true,
95 .sign_encrypt = true,
96 }),
97
98 // We currently do not support policy-based authorization
99 .authPolicy = init_empty<TPM2B_DIGEST>(),
100 .parameters =
101 {
102 .rsaDetail =
103 {
104 // Structures Document (Part 2), Section 12.2.3.5
105 // If the key is not a restricted decryption key, this field
106 // shall be set to TPM_ALG_NULL.
107 //
108 // TODO: Once we stop supporting TSS < 4.0, we could use
109 // `.keyBits = {.null = {}}, .mode = {.null = {}}`
110 // which better reflects our intention here.
111 .symmetric =
112 {
113 .algorithm = TPM2_ALG_NULL,
114 .keyBits = {.sym = 0},
115 .mode = {.sym = TPM2_ALG_NULL},
116 },
117
118 // Structures Document (Part 2), Section 12.2.3.5
119 // When both sign and decrypt are SET, restricted shall be
120 // CLEAR and scheme shall be TPM_ALG_NULL
121 //
122 // TODO: Once we stop supporting TSS < 4.0, we could use
123 // `.details = {.null = {}}`
124 // which better reflects our intention here.
125 .scheme =
126 {
127 .scheme = TPM2_ALG_NULL,
128 .details = {.anySig = {.hashAlg = TPM2_ALG_NULL}},
129 },
130 .keyBits = keylength,
131 .exponent = exponent.value_or(0 /* default value - 2^16 + 1*/),
132 },
133 },
134
135 // For creating an asymmetric key this value is not used.
136 .unique = {.rsa = init_empty<TPM2B_PUBLIC_KEY_RSA>()},
137 };
138
140 ctx, sessions, parent.handles().transient_handle(), key_template, sensitive_data);
141}
#define BOTAN_ARG_CHECK(expr, msg)
Definition assert.h:33
static std::unique_ptr< PrivateKey > create_transient_from_template(const std::shared_ptr< Context > &ctx, const SessionBundle &sessions, ESYS_TR parent, const TPMT_PUBLIC &key_template, const TPM2B_SENSITIVE_CREATE &sensitive_data)
Definition tpm2_key.cpp:217
constexpr T init_empty()
Create an empty TPM2 buffer of the given type.
Definition tpm2_util.h:153
constexpr void copy_into(T &dest, std::span< const uint8_t > data)
Definition tpm2_util.h:118
static TPMA_OBJECT render(ObjectAttributes attributes)

References BOTAN_ARG_CHECK, Botan::TPM2::copy_into(), Botan::TPM2::PrivateKey::create_transient_from_template(), Botan::TPM2::PrivateKey::handles(), Botan::TPM2::init_empty(), Botan::TPM2::PrivateKey::is_parent(), Botan::TPM2::ObjectAttributes::render(), Botan::TPM2::PrivateKey::sessions(), and Botan::TPM2::Object::transient_handle().

◆ create_verification_op()

std::unique_ptr< PK_Ops::Verification > Botan::RSA_PublicKey::create_verification_op ( std::string_view params,
std::string_view provider ) const
overridevirtualinherited

This is an internal library function exposed on key types. In all cases applications should use wrappers in pubkey.h

Return a verification operation for this key/params or throw

Parameters
paramsadditional parameters
providerthe provider to use

Reimplemented from Botan::Public_Key.

Reimplemented in Botan::TPM2::RSA_PublicKey.

Definition at line 798 of file rsa.cpp.

799 {
800 if(provider == "base" || provider.empty()) {
801 return std::make_unique<RSA_Verify_Operation>(*this, params);
802 }
803
804 throw Provider_Not_Found(algo_name(), provider);
805}

References algo_name().

◆ create_x509_verification_op()

std::unique_ptr< PK_Ops::Verification > Botan::RSA_PublicKey::create_x509_verification_op ( const AlgorithmIdentifier & signature_algorithm,
std::string_view provider ) const
overridevirtualinherited

This is an internal library function exposed on key types. In all cases applications should use wrappers in pubkey.h

Return a verification operation for this combination of key and signature algorithm or throw.

Parameters
signature_algorithmis the X.509 algorithm identifier encoding the padding scheme and hash hash function used in the signature if applicable.
providerthe provider to use

Reimplemented from Botan::Public_Key.

Definition at line 857 of file rsa.cpp.

858 {
859 if(provider == "base" || provider.empty()) {
860 return std::make_unique<RSA_Verify_Operation>(*this, parse_rsa_signature_algorithm(alg_id));
861 }
862
863 throw Provider_Not_Found(algo_name(), provider);
864}

References algo_name().

◆ default_x509_signature_format()

Signature_Format Botan::Public_Key::default_x509_signature_format ( ) const
inlineinherited

Definition at line 229 of file pk_keys.h.

229 {
231 }
virtual Signature_Format _default_x509_signature_format() const
Definition pk_keys.cpp:30

References Botan::Asymmetric_Key::_default_x509_signature_format(), and default_x509_signature_format().

Referenced by default_x509_signature_format().

◆ estimated_strength()

size_t Botan::RSA_PublicKey::estimated_strength ( ) const
overridevirtualinherited

Return the estimated strength of the underlying key against the best currently known attack. Note that this ignores anything but pure attacks against the key itself and do not take into account padding schemes, usage mistakes, etc which might reduce the strength. However it does suffice to provide an upper bound.

Returns
estimated strength in bits

Implements Botan::Asymmetric_Key.

Definition at line 182 of file rsa.cpp.

182 {
183 return if_work_factor(key_length());
184}
size_t key_length() const override
Definition rsa.cpp:178
size_t if_work_factor(size_t bits)

References Botan::if_work_factor(), and key_length().

◆ fingerprint_private()

std::string Botan::Private_Key::fingerprint_private ( std::string_view alg) const
inherited
Returns
Hash of the PKCS #8 encoding for this key object

Definition at line 94 of file pk_keys.cpp.

94 {
95 return create_hex_fingerprint(private_key_bits(), hash_algo);
96}
virtual secure_vector< uint8_t > private_key_bits() const =0
std::string create_hex_fingerprint(const uint8_t bits[], size_t bits_len, std::string_view hash_name)
Definition pk_keys.cpp:38

References Botan::create_hex_fingerprint(), and private_key_bits().

Referenced by Botan::Certificate_Store_In_SQL::find_certs_for_key(), Botan::Certificate_Store_In_SQL::insert_key(), and Botan::Certificate_Store_In_SQL::remove_key().

◆ fingerprint_public()

std::string Botan::Public_Key::fingerprint_public ( std::string_view alg = "SHA-256") const
inherited
Returns
Hash of the subject public key

Definition at line 87 of file pk_keys.cpp.

87 {
88 return create_hex_fingerprint(subject_public_key(), hash_algo);
89}
std::vector< uint8_t > subject_public_key() const
Definition pk_keys.cpp:56

References Botan::create_hex_fingerprint(), and subject_public_key().

Referenced by public_key_bits().

◆ generate_another()

std::unique_ptr< Private_Key > Botan::RSA_PublicKey::generate_another ( RandomNumberGenerator & rng) const
overridevirtualinherited

Generate another (cryptographically independent) key pair using the same algorithm parameters as this key. This is most useful for algorithms that support PublicKeyOperation::KeyAgreement to generate a fitting ephemeral key pair. For other key types it might throw Not_Implemented.

Implements Botan::Asymmetric_Key.

Reimplemented in Botan::TPM2::RSA_PublicKey.

Definition at line 140 of file rsa.cpp.

140 {
141 return std::make_unique<RSA_PrivateKey>(rng, m_public->public_modulus_bits(), m_public->get_e().to_u32bit());
142}
std::shared_ptr< const RSA_Public_Data > m_public
Definition rsa.h:91

References m_public.

◆ get_e()

const BigInt & Botan::RSA_PublicKey::get_e ( ) const
inherited
Returns
public exponent

Definition at line 148 of file rsa.cpp.

148 {
149 return m_public->get_e();
150}

References m_public.

Referenced by Botan::RSA_PrivateKey::check_key(), check_key(), Botan::RSA_PrivateKey::private_key_bits(), Botan::RSA_PrivateKey::public_key(), and public_key_bits().

◆ get_int_field()

const BigInt & Botan::RSA_PublicKey::get_int_field ( std::string_view field) const
overridevirtualinherited

Access an algorithm specific field

If the field is not known for this algorithm, an Invalid_Argument is thrown. The interpretation of the result requires knowledge of which algorithm is involved. For instance for RSA "p" represents one of the secret primes, while for DSA "p" is the public prime.

Some algorithms may not implement this method at all.

This is primarily used to implement the FFI botan_pubkey_get_field and botan_privkey_get_field functions.

TODO(Botan4) Change this to return by value

Reimplemented from Botan::Asymmetric_Key.

Definition at line 130 of file rsa.cpp.

130 {
131 if(field == "n") {
132 return m_public->get_n();
133 } else if(field == "e") {
134 return m_public->get_e();
135 } else {
136 return Public_Key::get_int_field(field);
137 }
138}
virtual const BigInt & get_int_field(std::string_view field) const
Definition pk_keys.cpp:18

References Botan::Asymmetric_Key::get_int_field(), and m_public.

Referenced by Botan::RSA_PrivateKey::get_int_field().

◆ get_n()

const BigInt & Botan::RSA_PublicKey::get_n ( ) const
inherited
Returns
public modulus

Definition at line 144 of file rsa.cpp.

144 {
145 return m_public->get_n();
146}

References m_public.

Referenced by Botan::RSA_PrivateKey::check_key(), check_key(), Botan::RSA_PrivateKey::private_key_bits(), Botan::RSA_PrivateKey::public_key(), and public_key_bits().

◆ get_oid()

OID Botan::Public_Key::get_oid ( ) const
inlineinherited

Deprecated version of object_identifier

Definition at line 161 of file pk_keys.h.

161{ return this->object_identifier(); }

References get_oid(), and Botan::Asymmetric_Key::object_identifier().

Referenced by get_oid().

◆ handles() [1/2]

◆ handles() [2/2]

const Object & Botan::TPM2::PrivateKey::handles ( ) const
inlineinherited

Definition at line 222 of file tpm2_key.h.

222{ return m_handle; }

◆ init()

void Botan::RSA_PublicKey::init ( BigInt && n,
BigInt && e )
protectedinherited

Definition at line 152 of file rsa.cpp.

152 {
153 if(n.is_negative() || n.is_even() || n.bits() < 5 /* n >= 3*5 */ || e.is_negative() || e.is_even()) {
154 throw Decoding_Error("Invalid RSA public key parameters");
155 }
156 m_public = std::make_shared<RSA_Public_Data>(std::move(n), std::move(e));
157}

References m_public.

Referenced by Botan::RSA_PrivateKey::RSA_PrivateKey(), Botan::RSA_PrivateKey::RSA_PrivateKey(), Botan::RSA_PrivateKey::RSA_PrivateKey(), RSA_PublicKey(), RSA_PublicKey(), and RSA_PublicKey().

◆ is_parent()

bool Botan::TPM2::PrivateKey::is_parent ( ) const
inherited

Definition at line 284 of file tpm2_key.cpp.

284 {
285 // Architectural Document, Section 4.54
286 // any object with the decrypt and restricted attributes SET and the sign
287 // attribute CLEAR
288 const auto attrs = m_handle.attributes(m_sessions);
289 return attrs.decrypt && attrs.restricted && !attrs.sign_encrypt;
290}

Referenced by Botan::TPM2::EC_PrivateKey::create_unrestricted_transient(), and Botan::TPM2::RSA_PrivateKey::create_unrestricted_transient().

◆ key_length()

size_t Botan::RSA_PublicKey::key_length ( ) const
overridevirtualinherited

Return an integer value best approximating the length of the primary security parameter. For example for RSA this will be the size of the modulus, for ECDSA the size of the ECC group, and for McEliece the size of the code will be returned.

Implements Botan::Public_Key.

Definition at line 178 of file rsa.cpp.

178 {
179 return m_public->public_modulus_bits();
180}

References m_public.

Referenced by estimated_strength().

◆ load_persistent()

std::unique_ptr< PrivateKey > Botan::TPM2::PrivateKey::load_persistent ( const std::shared_ptr< Context > & ctx,
TPM2_HANDLE persistent_object_handle,
std::span< const uint8_t > auth_value,
const SessionBundle & sessions )
staticinherited

Load a private key that resides in the TPM's persistent storage.

Parameters
ctxThe TPM context to use
persistent_object_handleThe handle of the persistent object to load
auth_valueThe auth value required to use the key
sessionsThe session bundle to use for the key's operations

Definition at line 177 of file tpm2_key.cpp.

180 {
181 return create(load_persistent_object(ctx, persistent_object_handle, auth_value, sessions),
182 sessions,
183 nullptr /* pull public info from handle */,
184 {} /* persistent keys don't have an encrypted private blob */);
185}

References create(), and sessions().

Referenced by Botan::TPM2::Context::storage_root_key().

◆ load_transient()

std::unique_ptr< PrivateKey > Botan::TPM2::PrivateKey::load_transient ( const std::shared_ptr< Context > & ctx,
std::span< const uint8_t > auth_value,
const TPM2::PrivateKey & parent,
std::span< const uint8_t > public_blob,
std::span< const uint8_t > private_blob,
const SessionBundle & sessions )
staticinherited

Load a private key from the public and private blobs obtained by a TPM key creation.

Transient keys don't reside inside the TPM but must be loaded by the application as required. Once this object is destructed, the transient memory on the TPM is cleared.

Parameters
ctxThe TPM context to use
auth_valueThe auth value required to use the key
parentThe parent key the key was originally created under
public_blobThe public blob of the key to load
private_blobThe private blob of the key to load
sessionsThe session bundle to use for loading

Definition at line 187 of file tpm2_key.cpp.

192 {
194 Object handle(ctx);
195
196 const auto public_data = unmarshal_public_blob(public_blob);
197 const auto private_data = copy_into<TPM2B_PRIVATE>(private_blob);
198
199 check_rc("Esys_Load",
200 Esys_Load(*ctx,
201 parent.handles().transient_handle(),
202 sessions[0],
203 sessions[1],
204 sessions[2],
205 &private_data,
206 &public_data,
207 out_transient_handle(handle)));
208
209 if(!auth_value.empty()) {
210 const auto user_auth = copy_into<TPM2B_AUTH>(auth_value);
211 check_rc("Esys_TR_SetAuth", Esys_TR_SetAuth(*ctx, handle.transient_handle(), &user_auth));
212 }
213
214 return create(std::move(handle), sessions, nullptr /* pull public info from handle */, private_blob);
215}

References BOTAN_ASSERT_NONNULL, Botan::TPM2::check_rc(), Botan::TPM2::copy_into(), create(), handles(), Botan::TPM2::out_transient_handle(), sessions(), and Botan::TPM2::Object::transient_handle().

◆ message_part_size()

size_t Botan::Public_Key::message_part_size ( ) const
inlineinherited

Returns how large each of the message parts refered to by message_parts() is

This function is public but applications should have few reasons to ever call this.

Returns
size of the message parts in bits

Definition at line 221 of file pk_keys.h.

221 {
222 return _signature_element_size_for_DER_encoding().value_or(0);
223 }

References Botan::Asymmetric_Key::_signature_element_size_for_DER_encoding(), and message_part_size().

Referenced by message_part_size().

◆ message_parts()

size_t Botan::Public_Key::message_parts ( ) const
inlineinherited

Returns more than 1 if the output of this algorithm (ciphertext, signature) should be treated as more than one value. This is used for algorithms like DSA and ECDSA, where the (r,s) output pair can be encoded as either a plain binary list or a TLV tagged DER encoding depending on the protocol.

This function is public but applications should have few reasons to ever call this.

Returns
number of message parts

Definition at line 208 of file pk_keys.h.

208 {
210 }

References Botan::Asymmetric_Key::_signature_element_size_for_DER_encoding(), and message_parts().

Referenced by message_parts().

◆ object_identifier()

◆ pkcs8_algorithm_identifier()

virtual AlgorithmIdentifier Botan::Private_Key::pkcs8_algorithm_identifier ( ) const
inlinevirtualinherited
Returns
PKCS #8 AlgorithmIdentifier for this key Might be different from the X.509 identifier, but normally is not

Reimplemented in Botan::GOST_3410_PrivateKey, and Botan::HSS_LMS_PrivateKey.

Definition at line 324 of file pk_keys.h.

324{ return algorithm_identifier(); }
virtual AlgorithmIdentifier algorithm_identifier() const =0

References Botan::Public_Key::algorithm_identifier().

Referenced by private_key_info().

◆ private_key_bits()

secure_vector< uint8_t > Botan::TPM2::PrivateKey::private_key_bits ( ) const
inlineoverridevirtualinherited
Exceptions
Not_Implementedkeys hosted in a TPM2 cannot be exported

Implements Botan::Private_Key.

Definition at line 205 of file tpm2_key.h.

205 {
206 throw Not_Implemented("cannot export private key bits from a TPM2 key, maybe use raw_private_key_bits()?");
207 }

◆ private_key_info()

secure_vector< uint8_t > Botan::Private_Key::private_key_info ( ) const
inherited
Returns
PKCS #8 private key encoding for this key object

Definition at line 68 of file pk_keys.cpp.

68 {
69 const size_t PKCS8_VERSION = 0;
70
71 return DER_Encoder()
72 .start_sequence()
73 .encode(PKCS8_VERSION)
76 .end_cons()
77 .get_contents();
78}
virtual AlgorithmIdentifier pkcs8_algorithm_identifier() const
Definition pk_keys.h:324

References Botan::DER_Encoder::encode(), Botan::DER_Encoder::end_cons(), Botan::DER_Encoder::get_contents(), Botan::OctetString, pkcs8_algorithm_identifier(), private_key_bits(), and Botan::DER_Encoder::start_sequence().

Referenced by Botan::PKCS8::BER_encode(), Botan::PKCS8::BER_encode_encrypted_pbkdf_iter(), Botan::PKCS8::BER_encode_encrypted_pbkdf_msec(), Botan::PKCS8::PEM_encode(), and public_key().

◆ public_data()

std::shared_ptr< const RSA_Public_Data > Botan::RSA_PublicKey::public_data ( ) const
inherited

Definition at line 126 of file rsa.cpp.

126 {
127 return m_public;
128}

References m_public.

◆ public_key()

std::unique_ptr< Public_Key > Botan::TPM2::RSA_PrivateKey::public_key ( ) const
inlineoverridevirtual

Allocate a new object for the public key associated with this private key.

Returns
public key

Implements Botan::Private_Key.

Definition at line 87 of file tpm2_rsa.h.

87 {
88 return std::make_unique<Botan::RSA_PublicKey>(algorithm_identifier(), public_key_bits());
89 }
AlgorithmIdentifier algorithm_identifier() const override
Definition rsa.cpp:186
std::vector< uint8_t > public_key_bits() const override
Definition rsa.cpp:194

References Botan::RSA_PublicKey::algorithm_identifier(), and Botan::RSA_PublicKey::public_key_bits().

◆ public_key_bits()

std::vector< uint8_t > Botan::RSA_PublicKey::public_key_bits ( ) const
overridevirtualinherited
Returns
BER encoded public key bits

Implements Botan::Public_Key.

Definition at line 194 of file rsa.cpp.

194 {
195 std::vector<uint8_t> output;
196 DER_Encoder der(output);
197 der.start_sequence().encode(get_n()).encode(get_e()).end_cons();
198
199 return output;
200}

References Botan::DER_Encoder::encode(), Botan::DER_Encoder::end_cons(), get_e(), get_n(), and Botan::DER_Encoder::start_sequence().

Referenced by Botan::TPM2::RSA_PrivateKey::public_key().

◆ raw_private_key_bits()

secure_vector< uint8_t > Botan::TPM2::PrivateKey::raw_private_key_bits ( ) const
overridevirtualinherited
Returns
the encrypted private key blob, if the key is transient
Exceptions
Invalid_Stateif the key is persistent

Reimplemented from Botan::Private_Key.

Definition at line 274 of file tpm2_key.cpp.

274 {
275 BOTAN_STATE_CHECK(!m_handle.has_persistent_handle());
276 BOTAN_ASSERT_NOMSG(!m_private_blob.empty());
277 return Botan::lock(m_private_blob);
278}
#define BOTAN_STATE_CHECK(expr)
Definition assert.h:49
secure_vector< T > lock(const std::vector< T > &in)
Definition secmem.h:81

References BOTAN_ASSERT_NOMSG, BOTAN_STATE_CHECK, and Botan::lock().

◆ raw_public_key_bits()

std::vector< uint8_t > Botan::TPM2::RSA_PrivateKey::raw_public_key_bits ( ) const
inlineoverridevirtual
Returns
a TPM2-specific marshalled representation of the public key

Reimplemented from Botan::TPM2::PrivateKey.

Definition at line 91 of file tpm2_rsa.h.

std::vector< uint8_t > raw_public_key_bits() const override
Definition tpm2_key.cpp:280

References Botan::TPM2::PrivateKey::raw_public_key_bits().

◆ remaining_operations()

virtual std::optional< uint64_t > Botan::Private_Key::remaining_operations ( ) const
inlinevirtualinherited

Retrieves the number of remaining operations if this is a stateful private key.

Returns
the number of remaining operations or std::nullopt if not applicable.

Reimplemented in Botan::HSS_LMS_PrivateKey, and Botan::XMSS_PrivateKey.

Definition at line 337 of file pk_keys.h.

337{ return std::nullopt; }

◆ sessions()

◆ stateful_operation()

virtual bool Botan::Private_Key::stateful_operation ( ) const
inlinevirtualinherited

Indicates if this key is stateful, ie that performing a private key operation requires updating the key storage.

Reimplemented in Botan::HSS_LMS_PrivateKey, and Botan::XMSS_PrivateKey.

Definition at line 330 of file pk_keys.h.

330{ return false; }

◆ subject_public_key()

std::vector< uint8_t > Botan::Public_Key::subject_public_key ( ) const
inherited
Returns
X.509 subject key encoding for this key object

Definition at line 56 of file pk_keys.cpp.

56 {
57 std::vector<uint8_t> output;
58
59 DER_Encoder(output)
60 .start_sequence()
61 .encode(algorithm_identifier())
63 .end_cons();
64
65 return output;
66}
virtual std::vector< uint8_t > public_key_bits() const =0

References algorithm_identifier(), Botan::BitString, Botan::DER_Encoder::encode(), Botan::DER_Encoder::end_cons(), public_key_bits(), and Botan::DER_Encoder::start_sequence().

Referenced by Botan::X509::BER_encode(), Botan::PKCS10_Request::create(), fingerprint_public(), Botan::X509::PEM_encode(), and public_key_bits().

◆ supports_operation()

bool Botan::TPM2::RSA_PrivateKey::supports_operation ( PublicKeyOperation op) const
inlineoverridevirtual

Return true if this key could be used for the specified type of operation.

Implements Botan::Asymmetric_Key.

Definition at line 93 of file tpm2_rsa.h.

93 {
94 // TODO: Support RSA-KEM
96 }

References Botan::Encryption, and Botan::Signature.

◆ TPM2::PrivateKey

friend class TPM2::PrivateKey
friend

Definition at line 107 of file tpm2_rsa.h.

References RSA_PrivateKey(), and Botan::TPM2::PrivateKey::sessions().

Member Data Documentation

◆ m_public

std::shared_ptr<const RSA_Public_Data> Botan::RSA_PublicKey::m_public
protectedinherited

Definition at line 91 of file rsa.h.

Referenced by generate_another(), get_e(), get_int_field(), get_n(), init(), key_length(), and public_data().


The documentation for this class was generated from the following files: