Botan 3.5.0
Crypto and TLS for C&
p11_mechanism.h
Go to the documentation of this file.
1/*
2* PKCS#11 Mechanism
3* (C) 2016 Daniel Neus, Sirrix AG
4* (C) 2016 Philipp Weber, Sirrix AG
5*
6* Botan is released under the Simplified BSD License (see license.txt)
7*/
8
9#ifndef BOTAN_P11_MECHANISM_H_
10#define BOTAN_P11_MECHANISM_H_
11
12#include <botan/p11.h>
13
14#include <botan/mem_ops.h>
15#include <memory>
16#include <string>
17#include <utility>
18
19namespace Botan::PKCS11 {
20
21/**
22* Simple class to build and hold the data for a CK_MECHANISM struct
23* for RSA (encryption/decryption, signature/verification)
24* and EC (ECDSA signature/verification, ECDH key derivation).
25*/
27 public:
28 /// @param mechanism_type the CK_MECHANISM_TYPE for the `mechanism` field of the CK_MECHANISM struct
30
31 /**
32 * Creates the CK_MECHANISM data for RSA encryption/decryption
33 * @param padding supported paddings are Raw (X.509), EME-PKCS1-v1_5 (PKCS#1 v1.5) and OAEP (PKCS#1 OAEP)
34 */
35 static MechanismWrapper create_rsa_crypt_mechanism(std::string_view padding);
36
37 /**
38 * Creates the CK_MECHANISM data for RSA signature/verification
39 * @param padding supported paddings are Raw (X.509), EMSA3 (PKCS#1 v1.5), EMSA4 (PKCS#1 PSS),
40 * EMSA2 (ANSI X9.31) and ISO9796 (ISO/IEC 9796)
41 */
42 static MechanismWrapper create_rsa_sign_mechanism(std::string_view padding);
43
44 /**
45 * Creates the CK_MECHANISM data for ECDSA signature/verification
46 * @param hash the hash algorithm used to hash the data to sign.
47 * supported hash functions are Raw and SHA-1 to SHA-512
48 */
49 static MechanismWrapper create_ecdsa_mechanism(std::string_view hash);
50
51 /**
52 * Creates the CK_MECHANISM data for ECDH key derivation (CKM_ECDH1_DERIVE or CKM_ECDH1_COFACTOR_DERIVE)
53 * @param params specifies the key derivation function to use.
54 * Supported KDFs are Raw and SHA-1 to SHA-512.
55 * Params can also include the string "Cofactor" if the cofactor
56 * key derivation mechanism should be used, for example "SHA-512,Cofactor"
57 */
58 static MechanismWrapper create_ecdh_mechanism(std::string_view params);
59
60 /**
61 * Sets the salt for the ECDH mechanism parameters.
62 * @param salt the salt
63 * @param salt_len size of the salt in bytes
64 */
65 inline void set_ecdh_salt(const uint8_t salt[], size_t salt_len) {
66 m_parameters->ecdh_params.pSharedData = const_cast<uint8_t*>(salt);
67 m_parameters->ecdh_params.ulSharedDataLen = static_cast<Ulong>(salt_len);
68 }
69
70 /**
71 * Sets the public key of the other party for the ECDH mechanism parameters.
72 * @param other_key key of the other party
73 * @param other_key_len size of the key of the other party in bytes
74 */
75 inline void set_ecdh_other_key(const uint8_t other_key[], size_t other_key_len) {
76 m_parameters->ecdh_params.pPublicData = const_cast<uint8_t*>(other_key);
77 m_parameters->ecdh_params.ulPublicDataLen = static_cast<Ulong>(other_key_len);
78 }
79
80 /// @return a pointer to the CK_MECHANISM struct that can be passed to the cryptoki functions
81 inline Mechanism* data() const { return const_cast<Mechanism*>(&m_mechanism); }
82
83 inline MechanismType mechanism_type() const { return static_cast<MechanismType>(m_mechanism.mechanism); }
84
85 /// @return the size of the padding in bytes (for encryption/decryption)
86 inline size_t padding_size() const { return m_padding_size; }
87
88 /// Holds the mechanism parameters for OAEP, PSS and ECDH
96
97 private:
98 Mechanism m_mechanism;
99 std::shared_ptr<MechanismParameters> m_parameters;
100 size_t m_padding_size = 0;
101};
102
103} // namespace Botan::PKCS11
104
105#endif
void set_ecdh_salt(const uint8_t salt[], size_t salt_len)
static MechanismWrapper create_rsa_sign_mechanism(std::string_view padding)
static MechanismWrapper create_ecdh_mechanism(std::string_view params)
MechanismType mechanism_type() const
static MechanismWrapper create_rsa_crypt_mechanism(std::string_view padding)
static MechanismWrapper create_ecdsa_mechanism(std::string_view hash)
MechanismWrapper(MechanismType mechanism_type)
void set_ecdh_other_key(const uint8_t other_key[], size_t other_key_len)
int(* final)(unsigned char *, CTX *)
CK_ULONG Ulong
Definition p11.h:816
constexpr void clear_mem(T *ptr, size_t n)
Definition mem_ops.h:120
CK_MECHANISM_TYPE mechanism
Definition pkcs11t.h:984
Holds the mechanism parameters for OAEP, PSS and ECDH.