Botan 2.19.1
Crypto and TLS for C&
p11_mechanism.h
Go to the documentation of this file.
1/*
2* PKCS#11 Mechanism
3* (C) 2016 Daniel Neus, Sirrix AG
4* (C) 2016 Philipp Weber, Sirrix AG
5*
6* Botan is released under the Simplified BSD License (see license.txt)
7*/
8
9#ifndef BOTAN_P11_MECHANISM_H_
10#define BOTAN_P11_MECHANISM_H_
11
12#include <botan/p11.h>
13
14#include <utility>
15#include <string>
16#include <memory>
17
18namespace Botan {
19namespace PKCS11 {
20
21/**
22* Simple class to build and hold the data for a CK_MECHANISM struct
23* for RSA (encryption/decryption, signature/verification)
24* and EC (ECDSA signature/verification, ECDH key derivation).
25*/
27 {
28 public:
29 /// @param mechanism_type the CK_MECHANISM_TYPE for the `mechanism` field of the CK_MECHANISM struct
30 explicit MechanismWrapper(MechanismType mechanism_type);
31
32 /**
33 * Creates the CK_MECHANISM data for RSA encryption/decryption
34 * @param padding supported paddings are Raw (X.509), EME-PKCS1-v1_5 (PKCS#1 v1.5) and OAEP (PKCS#1 OAEP)
35 */
36 static MechanismWrapper create_rsa_crypt_mechanism(const std::string& padding);
37
38 /**
39 * Creates the CK_MECHANISM data for RSA signature/verification
40 * @param padding supported paddings are Raw (X.509), EMSA3 (PKCS#1 v1.5), EMSA4 (PKCS#1 PSS),
41 * EMSA2 (ANSI X9.31) and ISO9796 (ISO/IEC 9796)
42 */
43 static MechanismWrapper create_rsa_sign_mechanism(const std::string& padding);
44
45 /**
46 * Creates the CK_MECHANISM data for ECDSA signature/verification
47 * @param hash the hash algorithm used to hash the data to sign.
48 * supported hash functions are Raw and SHA-160 to SHA-512
49 */
50 static MechanismWrapper create_ecdsa_mechanism(const std::string& hash);
51
52 /**
53 * Creates the CK_MECHANISM data for ECDH key derivation (CKM_ECDH1_DERIVE or CKM_ECDH1_COFACTOR_DERIVE)
54 * @param params specifies the key derivation function to use.
55 * Supported KDFs are Raw and SHA-160 to SHA-512.
56 * Params can also include the string "Cofactor" if the cofactor
57 * key derivation mechanism should be used, for example "SHA-512,Cofactor"
58 */
59 static MechanismWrapper create_ecdh_mechanism(const std::string& params);
60
61 /**
62 * Sets the salt for the ECDH mechanism parameters.
63 * @param salt the salt
64 * @param salt_len size of the salt in bytes
65 */
66 inline void set_ecdh_salt(const uint8_t salt[], size_t salt_len)
67 {
68 m_parameters->ecdh_params.pSharedData = const_cast<uint8_t*>(salt);
69 m_parameters->ecdh_params.ulSharedDataLen = static_cast<Ulong>(salt_len);
70 }
71
72 /**
73 * Sets the public key of the other party for the ECDH mechanism parameters.
74 * @param other_key key of the other party
75 * @param other_key_len size of the key of the other party in bytes
76 */
77 inline void set_ecdh_other_key(const uint8_t other_key[], size_t other_key_len)
78 {
79 m_parameters->ecdh_params.pPublicData = const_cast<uint8_t*>(other_key);
80 m_parameters->ecdh_params.ulPublicDataLen = static_cast<Ulong>(other_key_len);
81 }
82
83 /// @return a pointer to the CK_MECHANISM struct that can be passed to the cryptoki functions
84 inline Mechanism* data() const
85 {
86 return const_cast<Mechanism*>(&m_mechanism);
87 }
88
89 /// @return the size of the padding in bytes (for encryption/decryption)
90 inline size_t padding_size() const
91 {
92 return m_padding_size;
93 }
94
95 /// Holds the mechanism parameters for OAEP, PSS and ECDH
97 {
99 {
100 clear_mem(this, 1);
101 }
102
106 };
107
108 private:
109 Mechanism m_mechanism;
110 std::shared_ptr<MechanismParameters> m_parameters;
111 size_t m_padding_size = 0;
112 };
113
114}
115
116}
117
118#endif
void set_ecdh_salt(const uint8_t salt[], size_t salt_len)
Definition: p11_mechanism.h:66
static MechanismWrapper create_ecdh_mechanism(const std::string &params)
static MechanismWrapper create_rsa_sign_mechanism(const std::string &padding)
static MechanismWrapper create_ecdsa_mechanism(const std::string &hash)
static MechanismWrapper create_rsa_crypt_mechanism(const std::string &padding)
MechanismWrapper(MechanismType mechanism_type)
void set_ecdh_other_key(const uint8_t other_key[], size_t other_key_len)
Definition: p11_mechanism.h:77
int(* final)(unsigned char *, CTX *)
MechanismType
Definition: p11.h:338
CK_ULONG Ulong
Definition: p11.h:838
Definition: alg_id.cpp:13
void clear_mem(T *ptr, size_t n)
Definition: mem_ops.h:115
MechanismType hash
Holds the mechanism parameters for OAEP, PSS and ECDH.
Definition: p11_mechanism.h:97
size_t salt_len
Definition: x509_obj.cpp:25