Botan 3.11.0
Crypto and TLS for C&
Functions
ffi_pkey.cpp File Reference
Foreign Function Interface
#include <botan/ffi.h>
#include <botan/assert.h>
#include <botan/data_src.h>
#include <botan/hash.h>
#include <botan/pk_algs.h>
#include <botan/pk_keys.h>
#include <botan/pkcs8.h>
#include <botan/x509_key.h>
#include <botan/internal/ffi_ec.h>
#include <botan/internal/ffi_oid.h>
#include <botan/internal/ffi_pkey.h>
#include <botan/internal/ffi_rng.h>
#include <botan/internal/ffi_util.h>

Go to the source code of this file.

Functions

int botan_ec_privkey_create (botan_privkey_t *key_obj, const char *algo_name, botan_ec_group_t ec_group_obj, botan_rng_t rng_obj)
int botan_pkcs_hash_id (const char *hash_name, uint8_t pkcs_id[], size_t *pkcs_id_len)
int botan_privkey_algo_name (botan_privkey_t key, char out[], size_t *out_len)
int botan_privkey_check_key (botan_privkey_t key, botan_rng_t rng, uint32_t flags)
int botan_privkey_create (botan_privkey_t *key_obj, const char *algo_name, const char *algo_params, botan_rng_t rng_obj)
int botan_privkey_destroy (botan_privkey_t key)
int botan_privkey_export (botan_privkey_t key, uint8_t out[], size_t *out_len, uint32_t flags)
int botan_privkey_export_encrypted (botan_privkey_t key, uint8_t out[], size_t *out_len, botan_rng_t rng_obj, const char *pass, const char *, uint32_t flags)
int botan_privkey_export_encrypted_pbkdf_iter (botan_privkey_t key, uint8_t out[], size_t *out_len, botan_rng_t rng, const char *passphrase, size_t pbkdf_iter, const char *cipher, const char *pbkdf_algo, uint32_t flags)
int botan_privkey_export_encrypted_pbkdf_msec (botan_privkey_t key, uint8_t out[], size_t *out_len, botan_rng_t rng, const char *passphrase, uint32_t pbkdf_msec, size_t *pbkdf_iters_out, const char *cipher, const char *pbkdf_hash, uint32_t flags)
int botan_privkey_export_pubkey (botan_pubkey_t *pubout, botan_privkey_t key_obj)
int botan_privkey_load (botan_privkey_t *key, botan_rng_t rng_obj, const uint8_t bits[], size_t len, const char *password)
int botan_privkey_oid (botan_asn1_oid_t *oid, botan_privkey_t key)
int botan_privkey_remaining_operations (botan_privkey_t key, uint64_t *out)
int botan_privkey_stateful_operation (botan_privkey_t key, int *out)
int botan_privkey_view_der (botan_privkey_t key, botan_view_ctx ctx, botan_view_bin_fn view)
int botan_privkey_view_encrypted_der (botan_privkey_t key, botan_rng_t rng_obj, const char *passphrase, const char *maybe_cipher, const char *maybe_pbkdf_algo, size_t maybe_pbkdf_iterations, botan_view_ctx ctx, botan_view_bin_fn view)
int botan_privkey_view_encrypted_der_timed (botan_privkey_t key, botan_rng_t rng_obj, const char *passphrase, const char *maybe_cipher, const char *maybe_pbkdf_algo, size_t pbkdf_runtime_msec, botan_view_ctx ctx, botan_view_bin_fn view)
int botan_privkey_view_encrypted_pem (botan_privkey_t key, botan_rng_t rng_obj, const char *passphrase, const char *maybe_cipher, const char *maybe_pbkdf_algo, size_t maybe_pbkdf_iterations, botan_view_ctx ctx, botan_view_str_fn view)
int botan_privkey_view_encrypted_pem_timed (botan_privkey_t key, botan_rng_t rng_obj, const char *passphrase, const char *maybe_cipher, const char *maybe_pbkdf_algo, size_t pbkdf_runtime_msec, botan_view_ctx ctx, botan_view_str_fn view)
int botan_privkey_view_pem (botan_privkey_t key, botan_view_ctx ctx, botan_view_str_fn view)
int botan_privkey_view_raw (botan_privkey_t key, botan_view_ctx ctx, botan_view_bin_fn view)
int botan_pubkey_algo_name (botan_pubkey_t key, char out[], size_t *out_len)
int botan_pubkey_check_key (botan_pubkey_t key, botan_rng_t rng, uint32_t flags)
int botan_pubkey_destroy (botan_pubkey_t key)
int botan_pubkey_estimated_strength (botan_pubkey_t key, size_t *estimate)
int botan_pubkey_export (botan_pubkey_t key, uint8_t out[], size_t *out_len, uint32_t flags)
int botan_pubkey_fingerprint (botan_pubkey_t key, const char *hash_fn, uint8_t out[], size_t *out_len)
int botan_pubkey_load (botan_pubkey_t *key, const uint8_t bits[], size_t bits_len)
int botan_pubkey_oid (botan_asn1_oid_t *oid, botan_pubkey_t key)
int botan_pubkey_view_der (botan_pubkey_t key, botan_view_ctx ctx, botan_view_bin_fn view)
int botan_pubkey_view_pem (botan_pubkey_t key, botan_view_ctx ctx, botan_view_str_fn view)
int botan_pubkey_view_raw (botan_pubkey_t key, botan_view_ctx ctx, botan_view_bin_fn view)

Function Documentation

◆ botan_ec_privkey_create()

int botan_ec_privkey_create ( botan_privkey_t * key,
const char * algo_name,
botan_ec_group_t ec_group,
botan_rng_t rng )

Create a new ec private key

Parameters
keythe new object will be placed here
algo_namesomething like "ECDSA" or "ECDH"
ec_groupa (possibly application specific) elliptic curve
rnga random number generator

Definition at line 61 of file ffi_pkey.cpp.

64 {
65 // TODO(Botan4) remove this implicit algorithm choice and reject nullptr algo_name
66 if(algo_name == nullptr) {
67 return botan_ec_privkey_create(key_obj, "ECDSA", ec_group_obj, rng_obj);
68 }
69
70 return ffi_guard_thunk(__func__, [=]() -> int {
71 if(key_obj == nullptr) {
72 return BOTAN_FFI_ERROR_NULL_POINTER;
73 }
74 *key_obj = nullptr;
75
76 const Botan::EC_Group ec_group = safe_get(ec_group_obj);
77 Botan::RandomNumberGenerator& rng = safe_get(rng_obj);
78
79 if(auto key = Botan::create_ec_private_key(algo_name, ec_group, rng)) {
80 return ffi_new_object(key_obj, std::move(key));
81 } else {
82 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
83 }
84 });
85}
Botan::EC_Group
Definition ec_group.h:69
BOTAN_FFI_ERROR_NOT_IMPLEMENTED
@ BOTAN_FFI_ERROR_NOT_IMPLEMENTED
Definition ffi.h:140
BOTAN_FFI_ERROR_NULL_POINTER
@ BOTAN_FFI_ERROR_NULL_POINTER
Definition ffi.h:133
botan_ec_privkey_create
int botan_ec_privkey_create(botan_privkey_t *key_obj, const char *algo_name, botan_ec_group_t ec_group_obj, botan_rng_t rng_obj)
Definition ffi_pkey.cpp:61
Botan_FFI::safe_get
T & safe_get(botan_struct< T, M > *p)
Definition ffi_util.h:79
Botan_FFI::ffi_new_object
BOTAN_FFI_ERROR ffi_new_object(T *obj, Args &&... args)
Definition ffi_util.h:178
Botan_FFI::ffi_guard_thunk
int ffi_guard_thunk(const char *func_name, T thunk)
Definition ffi_util.h:95
Botan::create_ec_private_key
std::unique_ptr< Private_Key > create_ec_private_key(std::string_view alg_name, const EC_Group &ec_group, RandomNumberGenerator &rng)
Definition pk_algs.cpp:448

References botan_ec_privkey_create(), BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_ERROR_NULL_POINTER, Botan::create_ec_private_key(), Botan_FFI::ffi_guard_thunk(), Botan_FFI::ffi_new_object(), and Botan_FFI::safe_get().

Referenced by botan_ec_privkey_create().

◆ botan_pkcs_hash_id()

int botan_pkcs_hash_id ( const char * hash_name,
uint8_t pkcs_id[],
size_t * pkcs_id_len )

Signature Scheme Utility Functions

Definition at line 445 of file ffi_pkey.cpp.

445 {
446#if defined(BOTAN_HAS_HASH_ID)
447 return ffi_guard_thunk(__func__, [=]() -> int {
448 const std::vector<uint8_t> hash_id = Botan::pkcs_hash_id(hash_name);
449 return write_output(pkcs_id, pkcs_id_len, hash_id.data(), hash_id.size());
450 });
451#else
452 BOTAN_UNUSED(hash_name, pkcs_id, pkcs_id_len);
453 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
454#endif
455}
BOTAN_UNUSED
#define BOTAN_UNUSED
Definition assert.h:144
Botan_FFI::write_output
int write_output(T out[], size_t *out_len, const T buf[], size_t buf_len)
Definition ffi_util.h:246
Botan::pkcs_hash_id
std::vector< uint8_t > pkcs_hash_id(std::string_view name)
Definition hash_id.cpp:78

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_UNUSED, Botan_FFI::ffi_guard_thunk(), Botan::pkcs_hash_id(), and Botan_FFI::write_output().

◆ botan_privkey_algo_name()

int botan_privkey_algo_name ( botan_privkey_t key,
char out[],
size_t * out_len )

Definition at line 144 of file ffi_pkey.cpp.

144 {
145 return BOTAN_FFI_VISIT(key, [=](const auto& k) { return write_str_output(out, out_len, k.algo_name()); });
146}
BOTAN_FFI_VISIT
#define BOTAN_FFI_VISIT(obj, lambda)
Definition ffi_util.h:158
Botan_FFI::write_str_output
int write_str_output(char out[], size_t *out_len, const std::string &str)
Definition ffi_util.h:265

References BOTAN_FFI_VISIT, and Botan_FFI::write_str_output().

◆ botan_privkey_check_key()

int botan_privkey_check_key ( botan_privkey_t key,
botan_rng_t rng,
uint32_t flags )

Definition at line 160 of file ffi_pkey.cpp.

160 {
161 const bool strong = (flags & BOTAN_CHECK_KEY_EXPENSIVE_TESTS) != 0;
162 return BOTAN_FFI_VISIT(key, [=](const auto& k) {
163 return (k.check_key(safe_get(rng), strong) == true) ? 0 : BOTAN_FFI_ERROR_INVALID_INPUT;
164 });
165}
BOTAN_CHECK_KEY_EXPENSIVE_TESTS
#define BOTAN_CHECK_KEY_EXPENSIVE_TESTS
Definition ffi.h:1440
BOTAN_FFI_ERROR_INVALID_INPUT
@ BOTAN_FFI_ERROR_INVALID_INPUT
Definition ffi.h:120
Botan::PKCS11::flags
Flags flags(Flag flags)
Definition p11.h:1227

References BOTAN_CHECK_KEY_EXPENSIVE_TESTS, BOTAN_FFI_ERROR_INVALID_INPUT, BOTAN_FFI_VISIT, and Botan_FFI::safe_get().

◆ botan_privkey_create()

int botan_privkey_create ( botan_privkey_t * key,
const char * algo_name,
const char * algo_params,
botan_rng_t rng )

Create a new private key

Parameters
keythe new object will be placed here
algo_namesomething like "RSA" or "ECDSA"
algo_paramsis specific to the algorithm. For RSA, specifies the modulus bit length. For ECC is the name of the curve.
rnga random number generator

Definition at line 30 of file ffi_pkey.cpp.

33 {
34 // TODO(Botan4) remove this implicit algorithm choice and reject nullptr algo_name
35 if(algo_name == nullptr) {
36 return botan_privkey_create(key_obj, "RSA", algo_params, rng_obj);
37 }
38
39 return ffi_guard_thunk(__func__, [=]() -> int {
40 if(key_obj == nullptr) {
41 return BOTAN_FFI_ERROR_NULL_POINTER;
42 }
43
44 *key_obj = nullptr;
45 if(rng_obj == nullptr) {
46 return BOTAN_FFI_ERROR_NULL_POINTER;
47 }
48
49 const std::string params(algo_params != nullptr ? algo_params : "");
50
51 Botan::RandomNumberGenerator& rng = safe_get(rng_obj);
52
53 if(auto key = Botan::create_private_key(algo_name, rng, params)) {
54 return ffi_new_object(key_obj, std::move(key));
55 } else {
56 return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
57 }
58 });
59}
botan_privkey_create
int botan_privkey_create(botan_privkey_t *key_obj, const char *algo_name, const char *algo_params, botan_rng_t rng_obj)
Definition ffi_pkey.cpp:30
Botan::create_private_key
std::unique_ptr< Private_Key > create_private_key(std::string_view alg_name, RandomNumberGenerator &rng, std::string_view params, std::string_view provider)
Definition pk_algs.cpp:493

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_ERROR_NULL_POINTER, botan_privkey_create(), Botan::create_private_key(), Botan_FFI::ffi_guard_thunk(), Botan_FFI::ffi_new_object(), and Botan_FFI::safe_get().

Referenced by botan_privkey_create(), botan_privkey_create_dh(), botan_privkey_create_ecdh(), botan_privkey_create_ecdsa(), botan_privkey_create_mceliece(), and botan_privkey_create_rsa().

◆ botan_privkey_destroy()

int botan_privkey_destroy ( botan_privkey_t key)
Returns
0 if success, error if invalid object handle

Definition at line 112 of file ffi_pkey.cpp.

112 {
113 return BOTAN_FFI_CHECKED_DELETE(key);
114}
BOTAN_FFI_CHECKED_DELETE
#define BOTAN_FFI_CHECKED_DELETE(o)
Definition ffi_util.h:185

References BOTAN_FFI_CHECKED_DELETE.

◆ botan_privkey_export()

int botan_privkey_export ( botan_privkey_t key,
uint8_t out[],
size_t * out_len,
uint32_t flags )

On input *out_len is number of bytes in out[] On output *out_len is number of bytes written (or required) If out is not big enough no output is written, *out_len is set and 1 is returned Returns 0 on success and sets If some other error occurs a negative integer is returned.

Definition at line 194 of file ffi_pkey.cpp.

194 {
195 if(flags == BOTAN_PRIVKEY_EXPORT_FLAG_DER) {
196 return copy_view_bin(out, out_len, botan_privkey_view_der, key);
197 } else if(flags == BOTAN_PRIVKEY_EXPORT_FLAG_PEM) {
198 return copy_view_str(out, out_len, botan_privkey_view_pem, key);
199 } else if(flags == BOTAN_PRIVKEY_EXPORT_FLAG_RAW) {
200 return copy_view_bin(out, out_len, botan_privkey_view_raw, key);
201 } else {
202 return BOTAN_FFI_ERROR_BAD_FLAG;
203 }
204}
BOTAN_PRIVKEY_EXPORT_FLAG_RAW
#define BOTAN_PRIVKEY_EXPORT_FLAG_RAW
Definition ffi.h:1512
botan_privkey_view_der
int botan_privkey_view_der(botan_privkey_t key, botan_view_ctx ctx, botan_view_bin_fn view)
Definition ffi_pkey.cpp:206
botan_privkey_view_raw
int botan_privkey_view_raw(botan_privkey_t key, botan_view_ctx ctx, botan_view_bin_fn view)
Definition ffi_pkey.cpp:216
BOTAN_PRIVKEY_EXPORT_FLAG_PEM
#define BOTAN_PRIVKEY_EXPORT_FLAG_PEM
Definition ffi.h:1511
BOTAN_PRIVKEY_EXPORT_FLAG_DER
#define BOTAN_PRIVKEY_EXPORT_FLAG_DER
Definition ffi.h:1510
BOTAN_FFI_ERROR_BAD_FLAG
@ BOTAN_FFI_ERROR_BAD_FLAG
Definition ffi.h:132
botan_privkey_view_pem
int botan_privkey_view_pem(botan_privkey_t key, botan_view_ctx ctx, botan_view_str_fn view)
Definition ffi_pkey.cpp:211
Botan_FFI::copy_view_bin
int copy_view_bin(uint8_t out[], size_t *out_len, Fn fn, Args... args)
Definition ffi_util.h:211
Botan_FFI::copy_view_str
int copy_view_str(uint8_t out[], size_t *out_len, Fn fn, Args... args)
Definition ffi_util.h:217

References BOTAN_FFI_ERROR_BAD_FLAG, BOTAN_PRIVKEY_EXPORT_FLAG_DER, BOTAN_PRIVKEY_EXPORT_FLAG_PEM, BOTAN_PRIVKEY_EXPORT_FLAG_RAW, botan_privkey_view_der(), botan_privkey_view_pem(), botan_privkey_view_raw(), Botan_FFI::copy_view_bin(), and Botan_FFI::copy_view_str().

◆ botan_privkey_export_encrypted()

int botan_privkey_export_encrypted ( botan_privkey_t key,
uint8_t out[],
size_t * out_len,
botan_rng_t rng,
const char * passphrase,
const char * encryption_algo,
uint32_t flags )

Set encryption_algo to NULL or "" to have the library choose a default (recommended)

Definition at line 221 of file ffi_pkey.cpp.

227 {
228 return botan_privkey_export_encrypted_pbkdf_iter(key, out, out_len, rng_obj, pass, 100000, nullptr, nullptr, flags);
229}
botan_privkey_export_encrypted_pbkdf_iter
int botan_privkey_export_encrypted_pbkdf_iter(botan_privkey_t key, uint8_t out[], size_t *out_len, botan_rng_t rng, const char *passphrase, size_t pbkdf_iter, const char *cipher, const char *pbkdf_algo, uint32_t flags)
Definition ffi_pkey.cpp:308

References botan_privkey_export_encrypted_pbkdf_iter().

◆ botan_privkey_export_encrypted_pbkdf_iter()

int botan_privkey_export_encrypted_pbkdf_iter ( botan_privkey_t key,
uint8_t out[],
size_t * out_len,
botan_rng_t rng,
const char * passphrase,
size_t pbkdf_iterations,
const char * cipher_algo,
const char * pbkdf_algo,
uint32_t flags )

Export a private key using the specified number of iterations.

Definition at line 308 of file ffi_pkey.cpp.

316 {
317 if(flags == BOTAN_PRIVKEY_EXPORT_FLAG_DER) {
318 return copy_view_bin(
319 out, out_len, botan_privkey_view_encrypted_der, key, rng, passphrase, cipher, pbkdf_algo, pbkdf_iter);
320 } else if(flags == BOTAN_PRIVKEY_EXPORT_FLAG_PEM) {
321 return copy_view_str(
322 out, out_len, botan_privkey_view_encrypted_pem, key, rng, passphrase, cipher, pbkdf_algo, pbkdf_iter);
323 } else {
324 return BOTAN_FFI_ERROR_BAD_FLAG;
325 }
326}
botan_privkey_view_encrypted_der
int botan_privkey_view_encrypted_der(botan_privkey_t key, botan_rng_t rng, const char *passphrase, const char *cipher_algo, const char *pbkdf_algo, size_t pbkdf_iterations, botan_view_ctx ctx, botan_view_bin_fn view)
Definition ffi_pkey.cpp:328
botan_privkey_view_encrypted_pem
int botan_privkey_view_encrypted_pem(botan_privkey_t key, botan_rng_t rng, const char *passphrase, const char *cipher_algo, const char *pbkdf_algo, size_t pbkdf_iterations, botan_view_ctx ctx, botan_view_str_fn view)
Definition ffi_pkey.cpp:353

References BOTAN_FFI_ERROR_BAD_FLAG, BOTAN_PRIVKEY_EXPORT_FLAG_DER, BOTAN_PRIVKEY_EXPORT_FLAG_PEM, botan_privkey_view_encrypted_der(), botan_privkey_view_encrypted_pem(), Botan_FFI::copy_view_bin(), and Botan_FFI::copy_view_str().

Referenced by botan_privkey_export_encrypted().

◆ botan_privkey_export_encrypted_pbkdf_msec()

int botan_privkey_export_encrypted_pbkdf_msec ( botan_privkey_t key,
uint8_t out[],
size_t * out_len,
botan_rng_t rng,
const char * passphrase,
uint32_t pbkdf_msec,
size_t * pbkdf_iters_out,
const char * cipher,
const char * pbkdf_hash,
uint32_t flags )

Definition at line 231 of file ffi_pkey.cpp.

240 {
241 if(pbkdf_iters_out != nullptr) {
242 *pbkdf_iters_out = 0;
243 }
244
245 if(flags == BOTAN_PRIVKEY_EXPORT_FLAG_DER) {
246 return copy_view_bin(
247 out, out_len, botan_privkey_view_encrypted_der_timed, key, rng, passphrase, cipher, pbkdf_hash, pbkdf_msec);
248 } else if(flags == BOTAN_PRIVKEY_EXPORT_FLAG_PEM) {
249 return copy_view_str(
250 out, out_len, botan_privkey_view_encrypted_pem_timed, key, rng, passphrase, cipher, pbkdf_hash, pbkdf_msec);
251 } else {
252 return BOTAN_FFI_ERROR_BAD_FLAG;
253 }
254}
botan_privkey_view_encrypted_pem_timed
int botan_privkey_view_encrypted_pem_timed(botan_privkey_t key, botan_rng_t rng, const char *passphrase, const char *cipher_algo, const char *pbkdf_algo, size_t pbkdf_runtime_msec, botan_view_ctx ctx, botan_view_str_fn view)
Definition ffi_pkey.cpp:282
botan_privkey_view_encrypted_der_timed
int botan_privkey_view_encrypted_der_timed(botan_privkey_t key, botan_rng_t rng, const char *passphrase, const char *cipher_algo, const char *pbkdf_algo, size_t pbkdf_runtime_msec, botan_view_ctx ctx, botan_view_bin_fn view)
Definition ffi_pkey.cpp:256

References BOTAN_FFI_ERROR_BAD_FLAG, BOTAN_PRIVKEY_EXPORT_FLAG_DER, BOTAN_PRIVKEY_EXPORT_FLAG_PEM, botan_privkey_view_encrypted_der_timed(), botan_privkey_view_encrypted_pem_timed(), Botan_FFI::copy_view_bin(), and Botan_FFI::copy_view_str().

◆ botan_privkey_export_pubkey()

int botan_privkey_export_pubkey ( botan_pubkey_t * pubout,
botan_privkey_t key_obj )

Definition at line 136 of file ffi_pkey.cpp.

136 {
137 return ffi_guard_thunk(__func__, [=]() -> int {
138 auto public_key = safe_get(key_obj).public_key();
139 ffi_new_object(pubout, std::move(public_key));
140 return BOTAN_FFI_SUCCESS;
141 });
142}
BOTAN_FFI_SUCCESS
@ BOTAN_FFI_SUCCESS
Definition ffi.h:116

References BOTAN_FFI_SUCCESS, Botan_FFI::ffi_guard_thunk(), Botan_FFI::ffi_new_object(), and Botan_FFI::safe_get().

◆ botan_privkey_load()

int botan_privkey_load ( botan_privkey_t * key,
botan_rng_t rng,
const uint8_t bits[],
size_t len,
const char * password )

Generates DSA key pair. Gives to a caller control over key length and order of a subgroup 'q'.

Parameters
keyhandler to the resulting key
rnginitialized PRNG
pbitslength of the key in bits. Must be between in range (1024, 3072) and multiple of 64. Bit size of the prime 'p'
qbitsorder of the subgroup. Must be in range (160, 256) and multiple of 8
Returns
BOTAN_FFI_SUCCESS Success, key' initialized with DSA key @returns BOTAN_FFI_ERROR_NULL_POINTER either key' or Random Number Generators' is NULL @returns BOTAN_FFI_ERROR_BAD_PARAMETER unexpected value for either pbits' or `qbits'
BOTAN_FFI_ERROR_NOT_IMPLEMENTED functionality not implemented

*/ int botan_privkey_create_dsa(botan_privkey_t* key, botan_rng_t rng, size_t pbits, size_t qbits);

/** Generates ElGamal key pair. Caller has a control over key length and order of a subgroup 'q'. Function is able to use two types of primes:

  • if pbits-1 == qbits then safe primes are used for key generation
  • otherwise generation uses group of prime order
Parameters
keyhandler to the resulting key
rnginitialized PRNG
pbitslength of the key in bits. Must be at least 1024
qbitsorder of the subgroup. Must be at least 160
Returns
BOTAN_FFI_SUCCESS Success, key' initialized with DSA key @returns BOTAN_FFI_ERROR_NULL_POINTER either key' or Random Number Generators' is NULL @returns BOTAN_FFI_ERROR_BAD_PARAMETER unexpected value for either pbits' or `qbits'
BOTAN_FFI_ERROR_NOT_IMPLEMENTED functionality not implemented

*/

int botan_privkey_create_elgamal(botan_privkey_t* key, botan_rng_t rng, size_t pbits, size_t qbits);

/** Input currently assumed to be PKCS #8 structure; Set password to NULL to indicate no encryption expected Starting in 2.8.0, the rng parameter is unused and may be set to null

Definition at line 87 of file ffi_pkey.cpp.

88 {
89 BOTAN_UNUSED(rng_obj);
90
91 *key = nullptr;
92
93 return ffi_guard_thunk(__func__, [=]() -> int {
94 Botan::DataSource_Memory src(bits, len);
95
96 std::unique_ptr<Botan::Private_Key> pkcs8;
97
98 if(password == nullptr) {
99 pkcs8 = Botan::PKCS8::load_key(src);
100 } else {
101 pkcs8 = Botan::PKCS8::load_key(src, std::string(password));
102 }
103
104 if(pkcs8) {
105 ffi_new_object(key, std::move(pkcs8));
106 return BOTAN_FFI_SUCCESS;
107 }
108 return BOTAN_FFI_ERROR_UNKNOWN_ERROR;
109 });
110}
Botan::DataSource_Memory
Definition data_src.h:111
BOTAN_FFI_ERROR_UNKNOWN_ERROR
@ BOTAN_FFI_ERROR_UNKNOWN_ERROR
Definition ffi.h:148
Botan::PKCS8::load_key
std::unique_ptr< Private_Key > load_key(DataSource &source, const std::function< std::string()> &get_pass)
Definition pkcs8.cpp:314

References BOTAN_FFI_ERROR_UNKNOWN_ERROR, BOTAN_FFI_SUCCESS, BOTAN_UNUSED, Botan_FFI::ffi_guard_thunk(), Botan_FFI::ffi_new_object(), and Botan::PKCS8::load_key().

◆ botan_privkey_oid()

int botan_privkey_oid ( botan_asn1_oid_t * oid,
botan_privkey_t key )

Definition at line 391 of file ffi_pkey.cpp.

391 {
392 return BOTAN_FFI_VISIT(key, [=](const auto& k) {
393 if(oid == nullptr) {
394 return BOTAN_FFI_ERROR_NULL_POINTER;
395 }
396
397 auto oid_ptr = std::make_unique<Botan::OID>(k.object_identifier());
398 ffi_new_object(oid, std::move(oid_ptr));
399
400 return BOTAN_FFI_SUCCESS;
401 });
402}

References BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_FFI_SUCCESS, BOTAN_FFI_VISIT, and Botan_FFI::ffi_new_object().

◆ botan_privkey_remaining_operations()

int botan_privkey_remaining_operations ( botan_privkey_t key,
uint64_t * out )

Gets information on many operations a (stateful) key has remaining and sets

Parameters
outto that value
Returns
0 on success, a negative value on failure or if the key is not stateful

Definition at line 419 of file ffi_pkey.cpp.

419 {
420 return BOTAN_FFI_VISIT(key, [=](const auto& k) {
421 if(out == nullptr) {
422 return BOTAN_FFI_ERROR_NULL_POINTER;
423 }
424
425 if(auto remaining = k.remaining_operations()) {
426 *out = remaining.value();
427 return BOTAN_FFI_SUCCESS;
428 } else {
429 return BOTAN_FFI_ERROR_NO_VALUE;
430 }
431 });
432}
BOTAN_FFI_ERROR_NO_VALUE
@ BOTAN_FFI_ERROR_NO_VALUE
Definition ffi.h:122

References BOTAN_FFI_ERROR_NO_VALUE, BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_FFI_SUCCESS, and BOTAN_FFI_VISIT.

◆ botan_privkey_stateful_operation()

int botan_privkey_stateful_operation ( botan_privkey_t key,
int * out )

Checks whether a key is stateful and sets

Parameters
outto 1 if it is, or 0 if the key is not stateful
Returns
0 on success, a negative value on failure

Definition at line 404 of file ffi_pkey.cpp.

404 {
405 return BOTAN_FFI_VISIT(key, [=](const auto& k) {
406 if(out == nullptr) {
407 return BOTAN_FFI_ERROR_NULL_POINTER;
408 }
409
410 if(k.stateful_operation()) {
411 *out = 1;
412 } else {
413 *out = 0;
414 }
415 return BOTAN_FFI_SUCCESS;
416 });
417}

References BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_FFI_SUCCESS, and BOTAN_FFI_VISIT.

◆ botan_privkey_view_der()

int botan_privkey_view_der ( botan_privkey_t key,
botan_view_ctx ctx,
botan_view_bin_fn view )

View the private key's DER encoding

Definition at line 206 of file ffi_pkey.cpp.

206 {
207 return BOTAN_FFI_VISIT(key,
208 [=](const auto& k) -> int { return invoke_view_callback(view, ctx, k.private_key_info()); });
209}
Botan_FFI::invoke_view_callback
int invoke_view_callback(botan_view_bin_fn view, botan_view_ctx ctx, std::span< const uint8_t > buf)
Definition ffi_util.h:187

References BOTAN_FFI_VISIT, and Botan_FFI::invoke_view_callback().

Referenced by botan_privkey_export().

◆ botan_privkey_view_encrypted_der()

int botan_privkey_view_encrypted_der ( botan_privkey_t key,
botan_rng_t rng,
const char * passphrase,
const char * cipher_algo,
const char * pbkdf_algo,
size_t pbkdf_iterations,
botan_view_ctx ctx,
botan_view_bin_fn view )

View the encryption of a private key (binary DER encoding)

Set cipher_algo, pbkdf_algo to NULL to use defaults Set pbkdf_iterations to 0 to use defaults

Definition at line 328 of file ffi_pkey.cpp.

335 {
336 if(passphrase == nullptr) {
337 return BOTAN_FFI_ERROR_NULL_POINTER;
338 }
339
340 return BOTAN_FFI_VISIT(key, [=](const auto& k) {
341 Botan::RandomNumberGenerator& rng = safe_get(rng_obj);
342
343 const std::string cipher = (maybe_cipher ? maybe_cipher : "");
344 const std::string pbkdf_algo = (maybe_pbkdf_algo ? maybe_pbkdf_algo : "");
345 const size_t pbkdf_iter = (maybe_pbkdf_iterations ? maybe_pbkdf_iterations : 100000);
346
347 auto pkcs8 = Botan::PKCS8::BER_encode_encrypted_pbkdf_iter(k, rng, passphrase, pbkdf_iter, cipher, pbkdf_algo);
348
349 return invoke_view_callback(view, ctx, pkcs8);
350 });
351}
Botan::PKCS8::BER_encode_encrypted_pbkdf_iter
std::vector< uint8_t > BER_encode_encrypted_pbkdf_iter(const Private_Key &key, RandomNumberGenerator &rng, std::string_view pass, size_t pbkdf_iterations, std::string_view cipher, std::string_view pbkdf_hash)
Definition pkcs8.cpp:201

References Botan::PKCS8::BER_encode_encrypted_pbkdf_iter(), BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_FFI_VISIT, Botan_FFI::invoke_view_callback(), and Botan_FFI::safe_get().

Referenced by botan_privkey_export_encrypted_pbkdf_iter().

◆ botan_privkey_view_encrypted_der_timed()

int botan_privkey_view_encrypted_der_timed ( botan_privkey_t key,
botan_rng_t rng,
const char * passphrase,
const char * cipher_algo,
const char * pbkdf_algo,
size_t pbkdf_runtime_msec,
botan_view_ctx ctx,
botan_view_bin_fn view )

View the encryption of a private key (binary DER encoding)

Set cipher_algo, pbkdf_algo to NULL to use defaults

Definition at line 256 of file ffi_pkey.cpp.

263 {
264 if(passphrase == nullptr) {
265 return BOTAN_FFI_ERROR_NULL_POINTER;
266 }
267
268 return BOTAN_FFI_VISIT(key, [=](const auto& k) {
269 const std::chrono::milliseconds pbkdf_time(pbkdf_runtime_msec);
270 Botan::RandomNumberGenerator& rng = safe_get(rng_obj);
271
272 const std::string cipher = (maybe_cipher ? maybe_cipher : "");
273 const std::string pbkdf_algo = (maybe_pbkdf_algo ? maybe_pbkdf_algo : "");
274
275 auto pkcs8 =
276 Botan::PKCS8::BER_encode_encrypted_pbkdf_msec(k, rng, passphrase, pbkdf_time, nullptr, cipher, pbkdf_algo);
277
278 return invoke_view_callback(view, ctx, pkcs8);
279 });
280}
Botan::PKCS8::BER_encode_encrypted_pbkdf_msec
std::vector< uint8_t > BER_encode_encrypted_pbkdf_msec(const Private_Key &key, RandomNumberGenerator &rng, std::string_view pass, std::chrono::milliseconds pbkdf_msec, size_t *pbkdf_iterations, std::string_view cipher, std::string_view pbkdf_hash)
Definition pkcs8.cpp:244

References Botan::PKCS8::BER_encode_encrypted_pbkdf_msec(), BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_FFI_VISIT, Botan_FFI::invoke_view_callback(), and Botan_FFI::safe_get().

Referenced by botan_privkey_export_encrypted_pbkdf_msec().

◆ botan_privkey_view_encrypted_pem()

int botan_privkey_view_encrypted_pem ( botan_privkey_t key,
botan_rng_t rng,
const char * passphrase,
const char * cipher_algo,
const char * pbkdf_algo,
size_t pbkdf_iterations,
botan_view_ctx ctx,
botan_view_str_fn view )

View the encryption of a private key (PEM encoding)

Set cipher_algo, pbkdf_algo to NULL to use defaults Set pbkdf_iterations to 0 to use defaults

Definition at line 353 of file ffi_pkey.cpp.

360 {
361 if(passphrase == nullptr) {
362 return BOTAN_FFI_ERROR_NULL_POINTER;
363 }
364
365 return BOTAN_FFI_VISIT(key, [=](const auto& k) {
366 Botan::RandomNumberGenerator& rng = safe_get(rng_obj);
367
368 const std::string cipher = (maybe_cipher ? maybe_cipher : "");
369 const std::string pbkdf_algo = (maybe_pbkdf_algo ? maybe_pbkdf_algo : "");
370 const size_t pbkdf_iter = (maybe_pbkdf_iterations ? maybe_pbkdf_iterations : 100000);
371
372 auto pkcs8 = Botan::PKCS8::PEM_encode_encrypted_pbkdf_iter(k, rng, passphrase, pbkdf_iter, cipher, pbkdf_algo);
373
374 return invoke_view_callback(view, ctx, pkcs8);
375 });
376}
Botan::PKCS8::PEM_encode_encrypted_pbkdf_iter
std::string PEM_encode_encrypted_pbkdf_iter(const Private_Key &key, RandomNumberGenerator &rng, std::string_view pass, size_t pbkdf_iterations, std::string_view cipher, std::string_view pbkdf_hash)
Definition pkcs8.cpp:231

References BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_FFI_VISIT, Botan_FFI::invoke_view_callback(), Botan::PKCS8::PEM_encode_encrypted_pbkdf_iter(), and Botan_FFI::safe_get().

Referenced by botan_privkey_export_encrypted_pbkdf_iter().

◆ botan_privkey_view_encrypted_pem_timed()

int botan_privkey_view_encrypted_pem_timed ( botan_privkey_t key,
botan_rng_t rng,
const char * passphrase,
const char * cipher_algo,
const char * pbkdf_algo,
size_t pbkdf_runtime_msec,
botan_view_ctx ctx,
botan_view_str_fn view )

View the encryption of a private key (PEM encoding)

Set cipher_algo, pbkdf_algo to NULL to use defaults

Definition at line 282 of file ffi_pkey.cpp.

289 {
290 if(passphrase == nullptr) {
291 return BOTAN_FFI_ERROR_NULL_POINTER;
292 }
293
294 return BOTAN_FFI_VISIT(key, [=](const auto& k) {
295 const std::chrono::milliseconds pbkdf_time(pbkdf_runtime_msec);
296 Botan::RandomNumberGenerator& rng = safe_get(rng_obj);
297
298 const std::string cipher = (maybe_cipher ? maybe_cipher : "");
299 const std::string pbkdf_algo = (maybe_pbkdf_algo ? maybe_pbkdf_algo : "");
300
301 auto pkcs8 =
302 Botan::PKCS8::PEM_encode_encrypted_pbkdf_msec(k, rng, passphrase, pbkdf_time, nullptr, cipher, pbkdf_algo);
303
304 return invoke_view_callback(view, ctx, pkcs8);
305 });
306}
Botan::PKCS8::PEM_encode_encrypted_pbkdf_msec
std::string PEM_encode_encrypted_pbkdf_msec(const Private_Key &key, RandomNumberGenerator &rng, std::string_view pass, std::chrono::milliseconds pbkdf_msec, size_t *pbkdf_iterations, std::string_view cipher, std::string_view pbkdf_hash)
Definition pkcs8.cpp:278

References BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_FFI_VISIT, Botan_FFI::invoke_view_callback(), Botan::PKCS8::PEM_encode_encrypted_pbkdf_msec(), and Botan_FFI::safe_get().

Referenced by botan_privkey_export_encrypted_pbkdf_msec().

◆ botan_privkey_view_pem()

int botan_privkey_view_pem ( botan_privkey_t key,
botan_view_ctx ctx,
botan_view_str_fn view )

View the private key's PEM encoding

Definition at line 211 of file ffi_pkey.cpp.

211 {
212 return BOTAN_FFI_VISIT(
213 key, [=](const auto& k) -> int { return invoke_view_callback(view, ctx, Botan::PKCS8::PEM_encode(k)); });
214}
Botan::PKCS8::PEM_encode
std::string PEM_encode(const Private_Key &key)
Definition pkcs8.cpp:116

References BOTAN_FFI_VISIT, Botan_FFI::invoke_view_callback(), and Botan::PKCS8::PEM_encode().

Referenced by botan_privkey_export().

◆ botan_privkey_view_raw()

int botan_privkey_view_raw ( botan_privkey_t key,
botan_view_ctx ctx,
botan_view_bin_fn view )

View the private key's raw encoding

Definition at line 216 of file ffi_pkey.cpp.

216 {
217 return BOTAN_FFI_VISIT(
218 key, [=](const auto& k) -> int { return invoke_view_callback(view, ctx, k.raw_private_key_bits()); });
219}

References BOTAN_FFI_VISIT, and Botan_FFI::invoke_view_callback().

Referenced by botan_privkey_export().

◆ botan_pubkey_algo_name()

int botan_pubkey_algo_name ( botan_pubkey_t key,
char out[],
size_t * out_len )

Definition at line 148 of file ffi_pkey.cpp.

148 {
149 return BOTAN_FFI_VISIT(key, [=](const auto& k) { return write_str_output(out, out_len, k.algo_name()); });
150}

References BOTAN_FFI_VISIT, and Botan_FFI::write_str_output().

◆ botan_pubkey_check_key()

int botan_pubkey_check_key ( botan_pubkey_t key,
botan_rng_t rng,
uint32_t flags )

Returns 0 if key is valid, negative if invalid key or some other error

Definition at line 152 of file ffi_pkey.cpp.

152 {
153 const bool strong = (flags & BOTAN_CHECK_KEY_EXPENSIVE_TESTS) != 0;
154
155 return BOTAN_FFI_VISIT(key, [=](const auto& k) {
156 return (k.check_key(safe_get(rng), strong) == true) ? 0 : BOTAN_FFI_ERROR_INVALID_INPUT;
157 });
158}

References BOTAN_CHECK_KEY_EXPENSIVE_TESTS, BOTAN_FFI_ERROR_INVALID_INPUT, BOTAN_FFI_VISIT, and Botan_FFI::safe_get().

◆ botan_pubkey_destroy()

int botan_pubkey_destroy ( botan_pubkey_t key)
Returns
0 if success, error if invalid object handle

Definition at line 132 of file ffi_pkey.cpp.

132 {
133 return BOTAN_FFI_CHECKED_DELETE(key);
134}

References BOTAN_FFI_CHECKED_DELETE.

◆ botan_pubkey_estimated_strength()

int botan_pubkey_estimated_strength ( botan_pubkey_t key,
size_t * estimate )

Definition at line 434 of file ffi_pkey.cpp.

434 {
435 return BOTAN_FFI_VISIT(key, [=](const auto& k) { *estimate = k.estimated_strength(); });
436}

References BOTAN_FFI_VISIT.

◆ botan_pubkey_export()

int botan_pubkey_export ( botan_pubkey_t key,
uint8_t out[],
size_t * out_len,
uint32_t flags )

Definition at line 167 of file ffi_pkey.cpp.

167 {
168 if(flags == BOTAN_PRIVKEY_EXPORT_FLAG_DER) {
169 return copy_view_bin(out, out_len, botan_pubkey_view_der, key);
170 } else if(flags == BOTAN_PRIVKEY_EXPORT_FLAG_PEM) {
171 return copy_view_str(out, out_len, botan_pubkey_view_pem, key);
172 } else if(flags == BOTAN_PRIVKEY_EXPORT_FLAG_RAW) {
173 return copy_view_bin(out, out_len, botan_pubkey_view_raw, key);
174 } else {
175 return BOTAN_FFI_ERROR_BAD_FLAG;
176 }
177}
botan_pubkey_view_pem
int botan_pubkey_view_pem(botan_pubkey_t key, botan_view_ctx ctx, botan_view_str_fn view)
Definition ffi_pkey.cpp:184
botan_pubkey_view_der
int botan_pubkey_view_der(botan_pubkey_t key, botan_view_ctx ctx, botan_view_bin_fn view)
Definition ffi_pkey.cpp:179
botan_pubkey_view_raw
int botan_pubkey_view_raw(botan_pubkey_t key, botan_view_ctx ctx, botan_view_bin_fn view)
Definition ffi_pkey.cpp:189

References BOTAN_FFI_ERROR_BAD_FLAG, BOTAN_PRIVKEY_EXPORT_FLAG_DER, BOTAN_PRIVKEY_EXPORT_FLAG_PEM, BOTAN_PRIVKEY_EXPORT_FLAG_RAW, botan_pubkey_view_der(), botan_pubkey_view_pem(), botan_pubkey_view_raw(), Botan_FFI::copy_view_bin(), and Botan_FFI::copy_view_str().

◆ botan_pubkey_fingerprint()

int botan_pubkey_fingerprint ( botan_pubkey_t key,
const char * hash_fn,
uint8_t out[],
size_t * out_len )

Definition at line 438 of file ffi_pkey.cpp.

438 {
439 return BOTAN_FFI_VISIT(key, [=](const auto& k) {
440 auto h = Botan::HashFunction::create_or_throw(hash_fn);
441 return write_vec_output(out, out_len, h->process(k.public_key_bits()));
442 });
443}
Botan::HashFunction::create_or_throw
static std::unique_ptr< HashFunction > create_or_throw(std::string_view algo_spec, std::string_view provider="")
Definition hash.cpp:308
Botan_FFI::write_vec_output
int write_vec_output(uint8_t out[], size_t *out_len, std::span< const uint8_t > buf)
Definition ffi_util.h:261

References BOTAN_FFI_VISIT, Botan::HashFunction::create_or_throw(), and Botan_FFI::write_vec_output().

◆ botan_pubkey_load()

int botan_pubkey_load ( botan_pubkey_t * key,
const uint8_t bits[],
size_t bits_len )

Definition at line 116 of file ffi_pkey.cpp.

116 {
117 *key = nullptr;
118
119 return ffi_guard_thunk(__func__, [=]() -> int {
120 Botan::DataSource_Memory src(bits, bits_len);
121 std::unique_ptr<Botan::Public_Key> pubkey(Botan::X509::load_key(src));
122
123 if(pubkey == nullptr) {
124 return BOTAN_FFI_ERROR_UNKNOWN_ERROR;
125 }
126
127 ffi_new_object(key, std::move(pubkey));
128 return BOTAN_FFI_SUCCESS;
129 });
130}
Botan::X509::load_key
std::unique_ptr< Public_Key > load_key(DataSource &source)
Definition x509_key.cpp:28

References BOTAN_FFI_ERROR_UNKNOWN_ERROR, BOTAN_FFI_SUCCESS, Botan_FFI::ffi_guard_thunk(), Botan_FFI::ffi_new_object(), and Botan::X509::load_key().

◆ botan_pubkey_oid()

int botan_pubkey_oid ( botan_asn1_oid_t * oid,
botan_pubkey_t key )

Definition at line 378 of file ffi_pkey.cpp.

378 {
379 return BOTAN_FFI_VISIT(key, [=](const auto& k) {
380 if(oid == nullptr) {
381 return BOTAN_FFI_ERROR_NULL_POINTER;
382 }
383
384 auto oid_ptr = std::make_unique<Botan::OID>(k.object_identifier());
385 ffi_new_object(oid, std::move(oid_ptr));
386
387 return BOTAN_FFI_SUCCESS;
388 });
389}

References BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_FFI_SUCCESS, BOTAN_FFI_VISIT, and Botan_FFI::ffi_new_object().

◆ botan_pubkey_view_der()

int botan_pubkey_view_der ( botan_pubkey_t key,
botan_view_ctx ctx,
botan_view_bin_fn view )

View the public key's DER encoding

Definition at line 179 of file ffi_pkey.cpp.

179 {
180 return BOTAN_FFI_VISIT(
181 key, [=](const auto& k) -> int { return invoke_view_callback(view, ctx, k.subject_public_key()); });
182}

References BOTAN_FFI_VISIT, and Botan_FFI::invoke_view_callback().

Referenced by botan_pubkey_export().

◆ botan_pubkey_view_pem()

int botan_pubkey_view_pem ( botan_pubkey_t key,
botan_view_ctx ctx,
botan_view_str_fn view )

View the public key's PEM encoding

Definition at line 184 of file ffi_pkey.cpp.

184 {
185 return BOTAN_FFI_VISIT(
186 key, [=](const auto& k) -> int { return invoke_view_callback(view, ctx, Botan::X509::PEM_encode(k)); });
187}
Botan::X509::PEM_encode
std::string PEM_encode(const Public_Key &key)
Definition x509_key.cpp:21

References BOTAN_FFI_VISIT, Botan_FFI::invoke_view_callback(), and Botan::X509::PEM_encode().

Referenced by botan_pubkey_export().

◆ botan_pubkey_view_raw()

int botan_pubkey_view_raw ( botan_pubkey_t key,
botan_view_ctx ctx,
botan_view_bin_fn view )

View the public key's raw encoding

Definition at line 189 of file ffi_pkey.cpp.

189 {
190 return BOTAN_FFI_VISIT(
191 key, [=](const auto& k) -> int { return invoke_view_callback(view, ctx, k.raw_public_key_bits()); });
192}

References BOTAN_FFI_VISIT, and Botan_FFI::invoke_view_callback().

Referenced by botan_pubkey_export().

Generated by doxygen 1.15.0