Botan 2.19.2
Crypto and TLS for C&
Functions
ffi_pkey.cpp File Reference
#include <botan/ffi.h>
#include <botan/internal/ffi_util.h>
#include <botan/internal/ffi_pkey.h>
#include <botan/internal/ffi_rng.h>
#include <botan/data_src.h>
#include <botan/hash.h>
#include <botan/pkcs8.h>
#include <botan/pk_keys.h>
#include <botan/x509_key.h>
#include <botan/pk_algs.h>

Go to the source code of this file.

Functions

int botan_pkcs_hash_id (const char *hash_name, uint8_t pkcs_id[], size_t *pkcs_id_len)
 
int botan_privkey_algo_name (botan_privkey_t key, char out[], size_t *out_len)
 
int botan_privkey_check_key (botan_privkey_t key, botan_rng_t rng, uint32_t flags)
 
int botan_privkey_create (botan_privkey_t *key_obj, const char *algo_name, const char *algo_params, botan_rng_t rng_obj)
 
int botan_privkey_destroy (botan_privkey_t key)
 
int botan_privkey_export (botan_privkey_t key, uint8_t out[], size_t *out_len, uint32_t flags)
 
int botan_privkey_export_encrypted (botan_privkey_t key, uint8_t out[], size_t *out_len, botan_rng_t rng_obj, const char *pass, const char *, uint32_t flags)
 
int botan_privkey_export_encrypted_pbkdf_iter (botan_privkey_t key, uint8_t out[], size_t *out_len, botan_rng_t rng_obj, const char *pass, size_t pbkdf_iter, const char *maybe_cipher, const char *maybe_pbkdf_hash, uint32_t flags)
 
int botan_privkey_export_encrypted_pbkdf_msec (botan_privkey_t key, uint8_t out[], size_t *out_len, botan_rng_t rng_obj, const char *pass, uint32_t pbkdf_msec, size_t *pbkdf_iters_out, const char *maybe_cipher, const char *maybe_pbkdf_hash, uint32_t flags)
 
int botan_privkey_export_pubkey (botan_pubkey_t *pubout, botan_privkey_t key_obj)
 
int botan_privkey_load (botan_privkey_t *key, botan_rng_t rng_obj, const uint8_t bits[], size_t len, const char *password)
 
int botan_pubkey_algo_name (botan_pubkey_t key, char out[], size_t *out_len)
 
int botan_pubkey_check_key (botan_pubkey_t key, botan_rng_t rng, uint32_t flags)
 
int botan_pubkey_destroy (botan_pubkey_t key)
 
int botan_pubkey_estimated_strength (botan_pubkey_t key, size_t *estimate)
 
int botan_pubkey_export (botan_pubkey_t key, uint8_t out[], size_t *out_len, uint32_t flags)
 
int botan_pubkey_fingerprint (botan_pubkey_t key, const char *hash_fn, uint8_t out[], size_t *out_len)
 
int botan_pubkey_load (botan_pubkey_t *key, const uint8_t bits[], size_t bits_len)
 

Function Documentation

◆ botan_pkcs_hash_id()

int botan_pkcs_hash_id ( const char *  hash_name,
uint8_t  pkcs_id[],
size_t *  pkcs_id_len 
)

Definition at line 267 of file ffi_pkey.cpp.

268 {
269#if defined(BOTAN_HAS_HASH_ID)
270 return ffi_guard_thunk(__func__, [=]() -> int {
271 const std::vector<uint8_t> hash_id = Botan::pkcs_hash_id(hash_name);
272 return write_output(pkcs_id, pkcs_id_len, hash_id.data(), hash_id.size());
273 });
274#else
276#endif
277 }
@ BOTAN_FFI_ERROR_NOT_IMPLEMENTED
Definition: ffi.h:83
int ffi_guard_thunk(const char *func_name, std::function< int()> thunk)
Definition: ffi.cpp:89
int write_output(uint8_t out[], size_t *out_len, const uint8_t buf[], size_t buf_len)
Definition: ffi_util.h:131
std::vector< uint8_t > pkcs_hash_id(const std::string &name)
Definition: hash_id.cpp:77

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, Botan_FFI::ffi_guard_thunk(), Botan::pkcs_hash_id(), and Botan_FFI::write_output().

◆ botan_privkey_algo_name()

int botan_privkey_algo_name ( botan_privkey_t  key,
char  out[],
size_t *  out_len 
)

Definition at line 126 of file ffi_pkey.cpp.

127 {
128 return BOTAN_FFI_DO(Botan::Private_Key, key, k, { return write_str_output(out, out_len, k.algo_name()); });
129 }
#define BOTAN_FFI_DO(T, obj, param, block)
Definition: ffi_util.h:92
int write_str_output(uint8_t out[], size_t *out_len, const std::string &str)
Definition: ffi_util.h:160

References BOTAN_FFI_DO, and Botan_FFI::write_str_output().

◆ botan_privkey_check_key()

int botan_privkey_check_key ( botan_privkey_t  key,
botan_rng_t  rng,
uint32_t  flags 
)

Definition at line 145 of file ffi_pkey.cpp.

146 {
147 const bool strong = (flags & BOTAN_CHECK_KEY_EXPENSIVE_TESTS);
149 return (k.check_key(safe_get(rng), strong) == true) ? 0 : BOTAN_FFI_ERROR_INVALID_INPUT;
150 });
151 }
#define BOTAN_CHECK_KEY_EXPENSIVE_TESTS
Definition: ffi.h:981
@ BOTAN_FFI_ERROR_INVALID_INPUT
Definition: ffi.h:66
#define BOTAN_FFI_RETURNING(T, obj, param, block)
Definition: ffi_util.h:101
Flags flags(Flag flags)
Definition: p11.h:860
T & safe_get(botan_struct< T, M > *p)
Definition: ffi_util.h:61

References BOTAN_CHECK_KEY_EXPENSIVE_TESTS, BOTAN_FFI_ERROR_INVALID_INPUT, BOTAN_FFI_RETURNING, Botan::PKCS11::flags(), and Botan_FFI::safe_get().

◆ botan_privkey_create()

int botan_privkey_create ( botan_privkey_t key,
const char *  algo_name,
const char *  algo_params,
botan_rng_t  rng 
)

Create a new private key

Parameters
keythe new object will be placed here
algo_namesomething like "RSA" or "ECDSA"
algo_paramsis specific to the algorithm. For RSA, specifies the modulus bit length. For ECC is the name of the curve.
rnga random number generator

Definition at line 26 of file ffi_pkey.cpp.

30 {
31 return ffi_guard_thunk(__func__, [=]() -> int {
32 if(key_obj == nullptr)
34
35 *key_obj = nullptr;
36 if(rng_obj == nullptr)
38
40 std::unique_ptr<Botan::Private_Key> key(
41 Botan::create_private_key(algo_name ? algo_name : "RSA",
42 rng,
43 algo_params ? algo_params : ""));
44
45 if(key)
46 {
47 *key_obj = new botan_privkey_struct(key.release());
48 return BOTAN_FFI_SUCCESS;
49 }
50 else
51 {
53 }
54 });
55 }
@ BOTAN_FFI_ERROR_NULL_POINTER
Definition: ffi.h:77
@ BOTAN_FFI_SUCCESS
Definition: ffi.h:63
std::unique_ptr< Private_Key > create_private_key(const std::string &alg_name, RandomNumberGenerator &rng, const std::string &params, const std::string &provider)
Definition: pk_algs.cpp:260

References BOTAN_FFI_ERROR_NOT_IMPLEMENTED, BOTAN_FFI_ERROR_NULL_POINTER, BOTAN_FFI_SUCCESS, Botan::create_private_key(), Botan_FFI::ffi_guard_thunk(), and Botan_FFI::safe_get().

Referenced by botan_privkey_create_dh(), botan_privkey_create_ecdh(), botan_privkey_create_ecdsa(), botan_privkey_create_mceliece(), and botan_privkey_create_rsa().

◆ botan_privkey_destroy()

int botan_privkey_destroy ( botan_privkey_t  key)
Returns
0 if success, error if invalid object handle

Definition at line 88 of file ffi_pkey.cpp.

89 {
90 return BOTAN_FFI_CHECKED_DELETE(key);
91 }
#define BOTAN_FFI_CHECKED_DELETE(o)
Definition: ffi_util.h:129

References BOTAN_FFI_CHECKED_DELETE.

◆ botan_privkey_export()

int botan_privkey_export ( botan_privkey_t  key,
uint8_t  out[],
size_t *  out_len,
uint32_t  flags 
)

On input *out_len is number of bytes in out[] On output *out_len is number of bytes written (or required) If out is not big enough no output is written, *out_len is set and 1 is returned Returns 0 on success and sets If some other error occurs a negative integer is returned.

Definition at line 165 of file ffi_pkey.cpp.

166 {
167 return BOTAN_FFI_DO(Botan::Private_Key, key, k, {
169 return write_vec_output(out, out_len, Botan::PKCS8::BER_encode(k));
171 return write_str_output(out, out_len, Botan::PKCS8::PEM_encode(k));
172 else
174 });
175 }
#define BOTAN_PRIVKEY_EXPORT_FLAG_PEM
Definition: ffi.h:1061
#define BOTAN_PRIVKEY_EXPORT_FLAG_DER
Definition: ffi.h:1060
@ BOTAN_FFI_ERROR_BAD_FLAG
Definition: ffi.h:76
std::string PEM_encode(const Private_Key &key)
Definition: pkcs8.cpp:148
secure_vector< uint8_t > BER_encode(const Private_Key &key)
Definition: pkcs8.cpp:139
int write_vec_output(uint8_t out[], size_t *out_len, const std::vector< uint8_t, Alloc > &buf)
Definition: ffi_util.h:155

References Botan::PKCS8::BER_encode(), BOTAN_FFI_DO, BOTAN_FFI_ERROR_BAD_FLAG, BOTAN_PRIVKEY_EXPORT_FLAG_DER, BOTAN_PRIVKEY_EXPORT_FLAG_PEM, Botan::PKCS11::flags(), Botan::PKCS8::PEM_encode(), Botan_FFI::write_str_output(), and Botan_FFI::write_vec_output().

◆ botan_privkey_export_encrypted()

int botan_privkey_export_encrypted ( botan_privkey_t  key,
uint8_t  out[],
size_t *  out_len,
botan_rng_t  rng,
const char *  passphrase,
const char *  encryption_algo,
uint32_t  flags 
)

Set encryption_algo to NULL or "" to have the library choose a default (recommended)

Definition at line 177 of file ffi_pkey.cpp.

183 {
184 return botan_privkey_export_encrypted_pbkdf_iter(key, out, out_len, rng_obj, pass, 100000, nullptr, nullptr, flags);
185 }
int botan_privkey_export_encrypted_pbkdf_iter(botan_privkey_t key, uint8_t out[], size_t *out_len, botan_rng_t rng_obj, const char *pass, size_t pbkdf_iter, const char *maybe_cipher, const char *maybe_pbkdf_hash, uint32_t flags)
Definition: ffi_pkey.cpp:221

References botan_privkey_export_encrypted_pbkdf_iter(), and Botan::PKCS11::flags().

◆ botan_privkey_export_encrypted_pbkdf_iter()

int botan_privkey_export_encrypted_pbkdf_iter ( botan_privkey_t  key,
uint8_t  out[],
size_t *  out_len,
botan_rng_t  rng,
const char *  passphrase,
size_t  pbkdf_iterations,
const char *  cipher_algo,
const char *  pbkdf_algo,
uint32_t  flags 
)

Export a private key using the specified number of iterations.

Definition at line 221 of file ffi_pkey.cpp.

229 {
230 return BOTAN_FFI_DO(Botan::Private_Key, key, k, {
232
233 const std::string cipher = (maybe_cipher ? maybe_cipher : "");
234 const std::string pbkdf_hash = (maybe_pbkdf_hash ? maybe_pbkdf_hash : "");
235
237 {
238 return write_vec_output(out, out_len,
239 Botan::PKCS8::BER_encode_encrypted_pbkdf_iter(k, rng, pass, pbkdf_iter, cipher, pbkdf_hash));
240 }
242 {
243 return write_str_output(out, out_len,
244 Botan::PKCS8::PEM_encode_encrypted_pbkdf_iter(k, rng, pass, pbkdf_iter, cipher, pbkdf_hash));
245 }
246 else
247 {
248 return -2;
249 }
250 });
251 }
std::vector< uint8_t > BER_encode_encrypted_pbkdf_iter(const Private_Key &key, RandomNumberGenerator &rng, const std::string &pass, size_t pbkdf_iterations, const std::string &cipher, const std::string &pbkdf_hash)
Definition: pkcs8.cpp:246
std::string PEM_encode_encrypted_pbkdf_iter(const Private_Key &key, RandomNumberGenerator &rng, const std::string &pass, size_t pbkdf_iterations, const std::string &cipher, const std::string &pbkdf_hash)
Definition: pkcs8.cpp:279

References Botan::PKCS8::BER_encode_encrypted_pbkdf_iter(), BOTAN_FFI_DO, BOTAN_PRIVKEY_EXPORT_FLAG_DER, BOTAN_PRIVKEY_EXPORT_FLAG_PEM, Botan::PKCS11::flags(), Botan::PKCS8::PEM_encode_encrypted_pbkdf_iter(), Botan_FFI::safe_get(), Botan_FFI::write_str_output(), and Botan_FFI::write_vec_output().

Referenced by botan_privkey_export_encrypted().

◆ botan_privkey_export_encrypted_pbkdf_msec()

int botan_privkey_export_encrypted_pbkdf_msec ( botan_privkey_t  key,
uint8_t  out[],
size_t *  out_len,
botan_rng_t  rng_obj,
const char *  pass,
uint32_t  pbkdf_msec,
size_t *  pbkdf_iters_out,
const char *  maybe_cipher,
const char *  maybe_pbkdf_hash,
uint32_t  flags 
)

Definition at line 187 of file ffi_pkey.cpp.

196 {
197 return BOTAN_FFI_DO(Botan::Private_Key, key, k, {
198 const std::chrono::milliseconds pbkdf_time(pbkdf_msec);
200
201 const std::string cipher = (maybe_cipher ? maybe_cipher : "");
202 const std::string pbkdf_hash = (maybe_pbkdf_hash ? maybe_pbkdf_hash : "");
203
205 {
206 return write_vec_output(out, out_len,
207 Botan::PKCS8::BER_encode_encrypted_pbkdf_msec(k, rng, pass, pbkdf_time, pbkdf_iters_out, cipher, pbkdf_hash));
208 }
210 {
211 return write_str_output(out, out_len,
212 Botan::PKCS8::PEM_encode_encrypted_pbkdf_msec(k, rng, pass, pbkdf_time, pbkdf_iters_out, cipher, pbkdf_hash));
213 }
214 else
215 {
216 return -2;
217 }
218 });
219 }
std::string PEM_encode_encrypted_pbkdf_msec(const Private_Key &key, RandomNumberGenerator &rng, const std::string &pass, std::chrono::milliseconds pbkdf_msec, size_t *pbkdf_iterations, const std::string &cipher, const std::string &pbkdf_hash)
Definition: pkcs8.cpp:327
std::vector< uint8_t > BER_encode_encrypted_pbkdf_msec(const Private_Key &key, RandomNumberGenerator &rng, const std::string &pass, std::chrono::milliseconds pbkdf_msec, size_t *pbkdf_iterations, const std::string &cipher, const std::string &pbkdf_hash)
Definition: pkcs8.cpp:294

References Botan::PKCS8::BER_encode_encrypted_pbkdf_msec(), BOTAN_FFI_DO, BOTAN_PRIVKEY_EXPORT_FLAG_DER, BOTAN_PRIVKEY_EXPORT_FLAG_PEM, Botan::PKCS11::flags(), Botan::PKCS8::PEM_encode_encrypted_pbkdf_msec(), Botan_FFI::safe_get(), Botan_FFI::write_str_output(), and Botan_FFI::write_vec_output().

◆ botan_privkey_export_pubkey()

int botan_privkey_export_pubkey ( botan_pubkey_t pubout,
botan_privkey_t  key_obj 
)

Definition at line 115 of file ffi_pkey.cpp.

116 {
117 return ffi_guard_thunk(__func__, [=]() -> int {
118 std::unique_ptr<Botan::Public_Key>
120
121 *pubout = new botan_pubkey_struct(pubkey.release());
122 return BOTAN_FFI_SUCCESS;
123 });
124 }
std::vector< uint8_t > BER_encode(const Public_Key &key)
Definition: x509_key.cpp:19
Public_Key * load_key(DataSource &source)
Definition: x509_key.cpp:37

References Botan::X509::BER_encode(), BOTAN_FFI_SUCCESS, Botan_FFI::ffi_guard_thunk(), Botan::X509::load_key(), and Botan_FFI::safe_get().

◆ botan_privkey_load()

int botan_privkey_load ( botan_privkey_t key,
botan_rng_t  rng,
const uint8_t  bits[],
size_t  len,
const char *  password 
)

Input currently assumed to be PKCS #8 structure; Set password to NULL to indicate no encryption expected Starting in 2.8.0, the rng parameter is unused and may be set to null

Definition at line 57 of file ffi_pkey.cpp.

60 {
61 BOTAN_UNUSED(rng_obj);
62
63 *key = nullptr;
64
65 return ffi_guard_thunk(__func__, [=]() -> int {
66 Botan::DataSource_Memory src(bits, len);
67
68 std::unique_ptr<Botan::Private_Key> pkcs8;
69
70 if(password == nullptr)
71 {
72 pkcs8 = Botan::PKCS8::load_key(src);
73 }
74 else
75 {
76 pkcs8 = Botan::PKCS8::load_key(src, std::string(password));
77 }
78
79 if(pkcs8)
80 {
81 *key = new botan_privkey_struct(pkcs8.release());
82 return BOTAN_FFI_SUCCESS;
83 }
85 });
86 }
#define BOTAN_UNUSED(...)
Definition: assert.h:142
@ BOTAN_FFI_ERROR_UNKNOWN_ERROR
Definition: ffi.h:90
std::unique_ptr< Private_Key > load_key(DataSource &source, std::function< std::string()> get_pass)
Definition: pkcs8.cpp:366

References BOTAN_FFI_ERROR_UNKNOWN_ERROR, BOTAN_FFI_SUCCESS, BOTAN_UNUSED, Botan_FFI::ffi_guard_thunk(), and Botan::PKCS8::load_key().

◆ botan_pubkey_algo_name()

int botan_pubkey_algo_name ( botan_pubkey_t  key,
char  out[],
size_t *  out_len 
)

Definition at line 131 of file ffi_pkey.cpp.

132 {
133 return BOTAN_FFI_DO(Botan::Public_Key, key, k, { return write_str_output(out, out_len, k.algo_name()); });
134 }

References BOTAN_FFI_DO, and Botan_FFI::write_str_output().

◆ botan_pubkey_check_key()

int botan_pubkey_check_key ( botan_pubkey_t  key,
botan_rng_t  rng,
uint32_t  flags 
)

Returns 0 if key is valid, negative if invalid key or some other error

Definition at line 136 of file ffi_pkey.cpp.

137 {
138 const bool strong = (flags & BOTAN_CHECK_KEY_EXPENSIVE_TESTS);
139
140 return BOTAN_FFI_RETURNING(Botan::Public_Key, key, k, {
141 return (k.check_key(safe_get(rng), strong) == true) ? 0 : BOTAN_FFI_ERROR_INVALID_INPUT;
142 });
143 }

References BOTAN_CHECK_KEY_EXPENSIVE_TESTS, BOTAN_FFI_ERROR_INVALID_INPUT, BOTAN_FFI_RETURNING, Botan::PKCS11::flags(), and Botan_FFI::safe_get().

◆ botan_pubkey_destroy()

int botan_pubkey_destroy ( botan_pubkey_t  key)
Returns
0 if success, error if invalid object handle

Definition at line 110 of file ffi_pkey.cpp.

111 {
112 return BOTAN_FFI_CHECKED_DELETE(key);
113 }

References BOTAN_FFI_CHECKED_DELETE.

◆ botan_pubkey_estimated_strength()

int botan_pubkey_estimated_strength ( botan_pubkey_t  key,
size_t *  estimate 
)

Definition at line 253 of file ffi_pkey.cpp.

254 {
255 return BOTAN_FFI_DO(Botan::Public_Key, key, k, { *estimate = k.estimated_strength(); });
256 }
virtual size_t estimated_strength() const =0

References BOTAN_FFI_DO, and Botan::Public_Key::estimated_strength().

◆ botan_pubkey_export()

int botan_pubkey_export ( botan_pubkey_t  key,
uint8_t  out[],
size_t *  out_len,
uint32_t  flags 
)

◆ botan_pubkey_fingerprint()

int botan_pubkey_fingerprint ( botan_pubkey_t  key,
const char *  hash_fn,
uint8_t  out[],
size_t *  out_len 
)

Definition at line 258 of file ffi_pkey.cpp.

260 {
261 return BOTAN_FFI_DO(Botan::Public_Key, key, k, {
262 std::unique_ptr<Botan::HashFunction> h(Botan::HashFunction::create(hash_fn));
263 return write_vec_output(out, out_len, h->process(k.public_key_bits()));
264 });
265 }
static std::unique_ptr< HashFunction > create(const std::string &algo_spec, const std::string &provider="")
Definition: hash.cpp:102

References BOTAN_FFI_DO, Botan::HashFunction::create(), and Botan_FFI::write_vec_output().

◆ botan_pubkey_load()

int botan_pubkey_load ( botan_pubkey_t key,
const uint8_t  bits[],
size_t  bits_len 
)

Definition at line 93 of file ffi_pkey.cpp.

95 {
96 *key = nullptr;
97
98 return ffi_guard_thunk(__func__, [=]() -> int {
99 Botan::DataSource_Memory src(bits, bits_len);
100 std::unique_ptr<Botan::Public_Key> pubkey(Botan::X509::load_key(src));
101
102 if(pubkey == nullptr)
104
105 *key = new botan_pubkey_struct(pubkey.release());
106 return BOTAN_FFI_SUCCESS;
107 });
108 }

References BOTAN_FFI_ERROR_UNKNOWN_ERROR, BOTAN_FFI_SUCCESS, Botan_FFI::ffi_guard_thunk(), and Botan::X509::load_key().