Botan  2.7.0
Crypto and TLS for C++11
p11_rsa.h
Go to the documentation of this file.
1 /*
2 * PKCS#11 RSA
3 * (C) 2016 Daniel Neus, Sirrix AG
4 * (C) 2016 Philipp Weber, Sirrix AG
5 *
6 * Botan is released under the Simplified BSD License (see license.txt)
7 */
8 
9 #ifndef BOTAN_P11_RSA_H_
10 #define BOTAN_P11_RSA_H_
11 
12 #include <botan/p11_session.h>
13 #include <botan/p11_object.h>
14 #include <botan/pk_keys.h>
15 
16 #if defined(BOTAN_HAS_RSA)
17 #include <botan/rsa.h>
18 #include <utility>
19 
20 namespace Botan {
21 namespace PKCS11 {
22 
23 /// Properties for generating a PKCS#11 RSA public key
24 class BOTAN_PUBLIC_API(2,0) RSA_PublicKeyGenerationProperties final : public PublicKeyProperties
25  {
26  public:
27  /// @param bits length in bits of modulus n
28  explicit RSA_PublicKeyGenerationProperties(Ulong bits);
29 
30  /// @param pub_exponent public exponent e
31  inline void set_pub_exponent(const BigInt& pub_exponent = BigInt(0x10001))
32  {
33  add_binary(AttributeType::PublicExponent, BigInt::encode(pub_exponent));
34  }
35 
36  virtual ~RSA_PublicKeyGenerationProperties() = default;
37  };
38 
39 /// Properties for importing a PKCS#11 RSA public key
40 class BOTAN_PUBLIC_API(2,0) RSA_PublicKeyImportProperties final : public PublicKeyProperties
41  {
42  public:
43  /// @param modulus modulus n
44  /// @param pub_exponent public exponent e
45  RSA_PublicKeyImportProperties(const BigInt& modulus, const BigInt& pub_exponent);
46 
47  /// @return the modulus
48  inline const BigInt& modulus() const
49  {
50  return m_modulus;
51  }
52 
53  /// @return the public exponent
54  inline const BigInt& pub_exponent() const
55  {
56  return m_pub_exponent;
57  }
58 
59  virtual ~RSA_PublicKeyImportProperties() = default;
60  private:
61  const BigInt m_modulus;
62  const BigInt m_pub_exponent;
63  };
64 
65 /// Represents a PKCS#11 RSA public key
66 class BOTAN_PUBLIC_API(2,0) PKCS11_RSA_PublicKey : public RSA_PublicKey,
67  public Object
68  {
69  public:
71 
72  /**
73  * Creates a PKCS11_RSA_PublicKey object from an existing PKCS#11 RSA public key
74  * @param session the session to use
75  * @param handle the handle of the RSA public key
76  */
77  PKCS11_RSA_PublicKey(Session& session, ObjectHandle handle);
78 
79  /**
80  * Imports a RSA public key
81  * @param session the session to use
82  * @param pubkey_props the attributes of the public key
83  */
84  PKCS11_RSA_PublicKey(Session& session, const RSA_PublicKeyImportProperties& pubkey_props);
85 
86  std::unique_ptr<PK_Ops::Encryption>
87  create_encryption_op(RandomNumberGenerator& rng,
88  const std::string& params,
89  const std::string& provider) const override;
90 
91  std::unique_ptr<PK_Ops::Verification>
92  create_verification_op(const std::string& params,
93  const std::string& provider) const override;
94  };
95 
96 /// Properties for importing a PKCS#11 RSA private key
97 class BOTAN_PUBLIC_API(2,0) RSA_PrivateKeyImportProperties final : public PrivateKeyProperties
98  {
99  public:
100  /**
101  * @param modulus modulus n
102  * @param priv_exponent private exponent d
103  */
104  RSA_PrivateKeyImportProperties(const BigInt& modulus, const BigInt& priv_exponent);
105 
106  /// @param pub_exponent public exponent e
107  inline void set_pub_exponent(const BigInt& pub_exponent)
108  {
109  add_binary(AttributeType::PublicExponent, BigInt::encode(pub_exponent));
110  }
111 
112  /// @param prime1 prime p
113  inline void set_prime_1(const BigInt& prime1)
114  {
115  add_binary(AttributeType::Prime1, BigInt::encode(prime1));
116  }
117 
118  /// @param prime2 prime q
119  inline void set_prime_2(const BigInt& prime2)
120  {
121  add_binary(AttributeType::Prime2, BigInt::encode(prime2));
122  }
123 
124  /// @param exp1 private exponent d modulo p-1
125  inline void set_exponent_1(const BigInt& exp1)
126  {
127  add_binary(AttributeType::Exponent1, BigInt::encode(exp1));
128  }
129 
130  /// @param exp2 private exponent d modulo q-1
131  inline void set_exponent_2(const BigInt& exp2)
132  {
133  add_binary(AttributeType::Exponent2, BigInt::encode(exp2));
134  }
135 
136  /// @param coeff CRT coefficient q^-1 mod p
137  inline void set_coefficient(const BigInt& coeff)
138  {
139  add_binary(AttributeType::Coefficient, BigInt::encode(coeff));
140  }
141 
142  /// @return the modulus
143  inline const BigInt& modulus() const
144  {
145  return m_modulus;
146  }
147 
148  /// @return the private exponent
149  inline const BigInt& priv_exponent() const
150  {
151  return m_priv_exponent;
152  }
153 
154  virtual ~RSA_PrivateKeyImportProperties() = default;
155 
156  private:
157  const BigInt m_modulus;
158  const BigInt m_priv_exponent;
159  };
160 
161 /// Properties for generating a PKCS#11 RSA private key
162 class BOTAN_PUBLIC_API(2,0) RSA_PrivateKeyGenerationProperties final : public PrivateKeyProperties
163  {
164  public:
165  RSA_PrivateKeyGenerationProperties()
166  : PrivateKeyProperties(KeyType::Rsa)
167  {}
168 
169  virtual ~RSA_PrivateKeyGenerationProperties() = default;
170  };
171 
172 /// Represents a PKCS#11 RSA private key
173 class BOTAN_PUBLIC_API(2,0) PKCS11_RSA_PrivateKey final : public Private_Key,
174  public RSA_PublicKey,
175  public Object
176  {
177  public:
179 
180  /// Creates a PKCS11_RSA_PrivateKey object from an existing PKCS#11 RSA private key
181  PKCS11_RSA_PrivateKey(Session& session, ObjectHandle handle);
182 
183  /**
184  * Imports a RSA private key
185  * @param session the session to use
186  * @param priv_key_props the properties of the RSA private key
187  */
188  PKCS11_RSA_PrivateKey(Session& session, const RSA_PrivateKeyImportProperties& priv_key_props);
189 
190  /**
191  * Generates a PKCS#11 RSA private key
192  * @param session the session to use
193  * @param bits length in bits of modulus n
194  * @param priv_key_props the properties of the RSA private key
195  * @note no persistent public key object will be created
196  */
197  PKCS11_RSA_PrivateKey(Session& session, uint32_t bits, const RSA_PrivateKeyGenerationProperties& priv_key_props);
198 
199  /// @return the exported RSA private key
200  RSA_PrivateKey export_key() const;
201 
202  secure_vector<uint8_t> private_key_bits() const override;
203 
204  std::unique_ptr<PK_Ops::Decryption>
205  create_decryption_op(RandomNumberGenerator& rng,
206  const std::string& params,
207  const std::string& provider) const override;
208 
209  std::unique_ptr<PK_Ops::Signature>
210  create_signature_op(RandomNumberGenerator& rng,
211  const std::string& params,
212  const std::string& provider) const override;
213  };
214 
215 using PKCS11_RSA_KeyPair = std::pair<PKCS11_RSA_PublicKey, PKCS11_RSA_PrivateKey>;
216 
217 /**
218 * RSA key pair generation
219 * @param session the session that should be used for the key generation
220 * @param pub_props properties of the public key
221 * @param priv_props properties of the private key
222 */
223 BOTAN_PUBLIC_API(2,0) PKCS11_RSA_KeyPair generate_rsa_keypair(Session& session, const RSA_PublicKeyGenerationProperties& pub_props,
224  const RSA_PrivateKeyGenerationProperties& priv_props);
225 }
226 
227 }
228 #endif
229 
230 #endif
#define BOTAN_PUBLIC_API(maj, min)
Definition: compiler.h:27
CK_ULONG Ulong
Definition: p11.h:836
Definition: alg_id.cpp:13
CK_OBJECT_HANDLE ObjectHandle
Definition: p11.h:846
static std::vector< uint8_t > encode(const BigInt &n, Base base=Binary)
Definition: big_code.cpp:54