Botan 3.8.0
Crypto and TLS for C&
p11_mechanism.h
Go to the documentation of this file.
1/*
2* PKCS#11 Mechanism
3* (C) 2016 Daniel Neus, Sirrix AG
4* (C) 2016 Philipp Weber, Sirrix AG
5*
6* Botan is released under the Simplified BSD License (see license.txt)
7*/
8
9#ifndef BOTAN_P11_MECHANISM_H_
10#define BOTAN_P11_MECHANISM_H_
11
12#include <botan/p11.h>
13
14#include <memory>
15#include <string>
16#include <utility>
17
18namespace Botan::PKCS11 {
19
20/**
21* Simple class to build and hold the data for a CK_MECHANISM struct
22* for RSA (encryption/decryption, signature/verification)
23* and EC (ECDSA signature/verification, ECDH key derivation).
24*/
26 public:
27 /// @param mechanism_type the CK_MECHANISM_TYPE for the `mechanism` field of the CK_MECHANISM struct
29
30 /**
31 * Creates the CK_MECHANISM data for RSA encryption/decryption
32 * @param padding supported paddings are Raw (X.509), EME-PKCS1-v1_5 (PKCS#1 v1.5) and OAEP (PKCS#1 OAEP)
33 */
34 static MechanismWrapper create_rsa_crypt_mechanism(std::string_view padding);
35
36 /**
37 * Creates the CK_MECHANISM data for RSA signature/verification
38 * @param padding supported paddings are Raw (X.509), EMSA3 (PKCS#1 v1.5), EMSA4 (PKCS#1 PSS),
39 * EMSA2 (ANSI X9.31) and ISO9796 (ISO/IEC 9796)
40 */
41 static MechanismWrapper create_rsa_sign_mechanism(std::string_view padding);
42
43 /**
44 * Creates the CK_MECHANISM data for ECDSA signature/verification
45 * @param hash the hash algorithm used to hash the data to sign.
46 * supported hash functions are Raw and SHA-1 to SHA-512
47 */
48 static MechanismWrapper create_ecdsa_mechanism(std::string_view hash);
49
50 /**
51 * Creates the CK_MECHANISM data for ECDH key derivation (CKM_ECDH1_DERIVE or CKM_ECDH1_COFACTOR_DERIVE)
52 * @param params specifies the key derivation function to use.
53 * Supported KDFs are Raw and SHA-1 to SHA-512.
54 * Params can also include the string "Cofactor" if the cofactor
55 * key derivation mechanism should be used, for example "SHA-512,Cofactor"
56 */
57 static MechanismWrapper create_ecdh_mechanism(std::string_view params);
58
59 /**
60 * Sets the salt for the ECDH mechanism parameters.
61 * @param salt the salt
62 * @param salt_len size of the salt in bytes
63 */
64 inline void set_ecdh_salt(const uint8_t salt[], size_t salt_len) {
65 m_parameters->ecdh_params.pSharedData = const_cast<uint8_t*>(salt);
66 m_parameters->ecdh_params.ulSharedDataLen = static_cast<Ulong>(salt_len);
67 }
68
69 /**
70 * Sets the public key of the other party for the ECDH mechanism parameters.
71 * @param other_key key of the other party
72 * @param other_key_len size of the key of the other party in bytes
73 */
74 inline void set_ecdh_other_key(const uint8_t other_key[], size_t other_key_len) {
75 m_parameters->ecdh_params.pPublicData = const_cast<uint8_t*>(other_key);
76 m_parameters->ecdh_params.ulPublicDataLen = static_cast<Ulong>(other_key_len);
77 }
78
79 /// @return a pointer to the CK_MECHANISM struct that can be passed to the cryptoki functions
80 inline Mechanism* data() const { return const_cast<Mechanism*>(&m_mechanism); }
81
82 inline MechanismType mechanism_type() const { return static_cast<MechanismType>(m_mechanism.mechanism); }
83
84 /// @return the size of the padding in bytes (for encryption/decryption)
85 inline size_t padding_size() const { return m_padding_size; }
86
87 /// Holds the mechanism parameters for OAEP, PSS and ECDH
95
96 private:
97 Mechanism m_mechanism;
98 std::shared_ptr<MechanismParameters> m_parameters;
99 size_t m_padding_size = 0;
100};
101
102} // namespace Botan::PKCS11
103
104#endif
#define BOTAN_PUBLIC_API(maj, min)
Definition api.h:19
void set_ecdh_salt(const uint8_t salt[], size_t salt_len)
static MechanismWrapper create_rsa_sign_mechanism(std::string_view padding)
static MechanismWrapper create_ecdh_mechanism(std::string_view params)
MechanismType mechanism_type() const
static MechanismWrapper create_rsa_crypt_mechanism(std::string_view padding)
static MechanismWrapper create_ecdsa_mechanism(std::string_view hash)
MechanismWrapper(MechanismType mechanism_type)
void set_ecdh_other_key(const uint8_t other_key[], size_t other_key_len)
CK_RSA_PKCS_OAEP_PARAMS RsaPkcsOaepParams
Definition p11.h:828
CK_MECHANISM Mechanism
Definition p11.h:819
CK_ECDH1_DERIVE_PARAMS Ecdh1DeriveParams
Definition p11.h:830
CK_ULONG Ulong
Definition p11.h:816
CK_RSA_PKCS_PSS_PARAMS RsaPkcsPssParams
Definition p11.h:829