Botan  2.4.0
Crypto and TLS for C++11
p11_rsa.h
Go to the documentation of this file.
1 /*
2 * PKCS#11 RSA
3 * (C) 2016 Daniel Neus, Sirrix AG
4 * (C) 2016 Philipp Weber, Sirrix AG
5 *
6 * Botan is released under the Simplified BSD License (see license.txt)
7 */
8 
9 #ifndef BOTAN_P11_RSA_H_
10 #define BOTAN_P11_RSA_H_
11 
12 #include <botan/p11_session.h>
13 #include <botan/p11_object.h>
14 
15 #if defined(BOTAN_HAS_RSA)
16 #include <botan/rsa.h>
17 #include <utility>
18 
19 namespace Botan {
20 namespace PKCS11 {
21 
22 /// Properties for generating a PKCS#11 RSA public key
23 class BOTAN_PUBLIC_API(2,0) RSA_PublicKeyGenerationProperties final : public PublicKeyProperties
24  {
25  public:
26  /// @param bits length in bits of modulus n
27  explicit RSA_PublicKeyGenerationProperties(Ulong bits);
28 
29  /// @param pub_exponent public exponent e
30  inline void set_pub_exponent(const BigInt& pub_exponent = BigInt(0x10001))
31  {
32  add_binary(AttributeType::PublicExponent, BigInt::encode(pub_exponent));
33  }
34 
35  virtual ~RSA_PublicKeyGenerationProperties() = default;
36  };
37 
38 /// Properties for importing a PKCS#11 RSA public key
39 class BOTAN_PUBLIC_API(2,0) RSA_PublicKeyImportProperties final : public PublicKeyProperties
40  {
41  public:
42  /// @param modulus modulus n
43  /// @param pub_exponent public exponent e
44  RSA_PublicKeyImportProperties(const BigInt& modulus, const BigInt& pub_exponent);
45 
46  /// @return the modulus
47  inline const BigInt& modulus() const
48  {
49  return m_modulus;
50  }
51 
52  /// @return the public exponent
53  inline const BigInt& pub_exponent() const
54  {
55  return m_pub_exponent;
56  }
57 
58  virtual ~RSA_PublicKeyImportProperties() = default;
59  private:
60  const BigInt m_modulus;
61  const BigInt m_pub_exponent;
62  };
63 
64 /// Represents a PKCS#11 RSA public key
65 class BOTAN_PUBLIC_API(2,0) PKCS11_RSA_PublicKey : public RSA_PublicKey,
66  public Object
67  {
68  public:
70 
71  /**
72  * Creates a PKCS11_RSA_PublicKey object from an existing PKCS#11 RSA public key
73  * @param session the session to use
74  * @param handle the handle of the RSA public key
75  */
76  PKCS11_RSA_PublicKey(Session& session, ObjectHandle handle);
77 
78  /**
79  * Imports a RSA public key
80  * @param session the session to use
81  * @param pubkey_props the attributes of the public key
82  */
83  PKCS11_RSA_PublicKey(Session& session, const RSA_PublicKeyImportProperties& pubkey_props);
84 
85  std::unique_ptr<PK_Ops::Encryption>
86  create_encryption_op(RandomNumberGenerator& rng,
87  const std::string& params,
88  const std::string& provider) const override;
89 
90  std::unique_ptr<PK_Ops::Verification>
91  create_verification_op(const std::string& params,
92  const std::string& provider) const override;
93  };
94 
95 /// Properties for importing a PKCS#11 RSA private key
96 class BOTAN_PUBLIC_API(2,0) RSA_PrivateKeyImportProperties final : public PrivateKeyProperties
97  {
98  public:
99  /**
100  * @param modulus modulus n
101  * @param priv_exponent private exponent d
102  */
103  RSA_PrivateKeyImportProperties(const BigInt& modulus, const BigInt& priv_exponent);
104 
105  /// @param pub_exponent public exponent e
106  inline void set_pub_exponent(const BigInt& pub_exponent)
107  {
108  add_binary(AttributeType::PublicExponent, BigInt::encode(pub_exponent));
109  }
110 
111  /// @param prime1 prime p
112  inline void set_prime_1(const BigInt& prime1)
113  {
114  add_binary(AttributeType::Prime1, BigInt::encode(prime1));
115  }
116 
117  /// @param prime2 prime q
118  inline void set_prime_2(const BigInt& prime2)
119  {
120  add_binary(AttributeType::Prime2, BigInt::encode(prime2));
121  }
122 
123  /// @param exp1 private exponent d modulo p-1
124  inline void set_exponent_1(const BigInt& exp1)
125  {
126  add_binary(AttributeType::Exponent1, BigInt::encode(exp1));
127  }
128 
129  /// @param exp2 private exponent d modulo q-1
130  inline void set_exponent_2(const BigInt& exp2)
131  {
132  add_binary(AttributeType::Exponent2, BigInt::encode(exp2));
133  }
134 
135  /// @param coeff CRT coefficient q^-1 mod p
136  inline void set_coefficient(const BigInt& coeff)
137  {
138  add_binary(AttributeType::Coefficient, BigInt::encode(coeff));
139  }
140 
141  /// @return the modulus
142  inline const BigInt& modulus() const
143  {
144  return m_modulus;
145  }
146 
147  /// @return the private exponent
148  inline const BigInt& priv_exponent() const
149  {
150  return m_priv_exponent;
151  }
152 
153  virtual ~RSA_PrivateKeyImportProperties() = default;
154 
155  private:
156  const BigInt m_modulus;
157  const BigInt m_priv_exponent;
158  };
159 
160 /// Properties for generating a PKCS#11 RSA private key
161 class BOTAN_PUBLIC_API(2,0) RSA_PrivateKeyGenerationProperties final : public PrivateKeyProperties
162  {
163  public:
164  RSA_PrivateKeyGenerationProperties()
165  : PrivateKeyProperties(KeyType::Rsa)
166  {}
167 
168  virtual ~RSA_PrivateKeyGenerationProperties() = default;
169  };
170 
171 /// Represents a PKCS#11 RSA private key
172 class BOTAN_PUBLIC_API(2,0) PKCS11_RSA_PrivateKey final : public Private_Key,
173  public RSA_PublicKey,
174  public Object
175  {
176  public:
178 
179  /// Creates a PKCS11_RSA_PrivateKey object from an existing PKCS#11 RSA private key
180  PKCS11_RSA_PrivateKey(Session& session, ObjectHandle handle);
181 
182  /**
183  * Imports a RSA private key
184  * @param session the session to use
185  * @param priv_key_props the properties of the RSA private key
186  */
187  PKCS11_RSA_PrivateKey(Session& session, const RSA_PrivateKeyImportProperties& priv_key_props);
188 
189  /**
190  * Generates a PKCS#11 RSA private key
191  * @param session the session to use
192  * @param bits length in bits of modulus n
193  * @param priv_key_props the properties of the RSA private key
194  * @note no persistent public key object will be created
195  */
196  PKCS11_RSA_PrivateKey(Session& session, uint32_t bits, const RSA_PrivateKeyGenerationProperties& priv_key_props);
197 
198  /// @return the exported RSA private key
199  RSA_PrivateKey export_key() const;
200 
201  secure_vector<uint8_t> private_key_bits() const override;
202 
203  std::unique_ptr<PK_Ops::Decryption>
204  create_decryption_op(RandomNumberGenerator& rng,
205  const std::string& params,
206  const std::string& provider) const override;
207 
208  std::unique_ptr<PK_Ops::Signature>
209  create_signature_op(RandomNumberGenerator& rng,
210  const std::string& params,
211  const std::string& provider) const override;
212  };
213 
214 using PKCS11_RSA_KeyPair = std::pair<PKCS11_RSA_PublicKey, PKCS11_RSA_PrivateKey>;
215 
216 /**
217 * RSA key pair generation
218 * @param session the session that should be used for the key generation
219 * @param pub_props properties of the public key
220 * @param priv_props properties of the private key
221 */
222 BOTAN_PUBLIC_API(2,0) PKCS11_RSA_KeyPair generate_rsa_keypair(Session& session, const RSA_PublicKeyGenerationProperties& pub_props,
223  const RSA_PrivateKeyGenerationProperties& priv_props);
224 }
225 
226 }
227 #endif
228 
229 #endif
#define BOTAN_PUBLIC_API(maj, min)
Definition: compiler.h:27
CK_ULONG Ulong
Definition: p11.h:836
Definition: alg_id.cpp:13
CK_OBJECT_HANDLE ObjectHandle
Definition: p11.h:846
static std::vector< uint8_t > encode(const BigInt &n, Base base=Binary)
Definition: big_code.cpp:54