Botan 3.9.0
Crypto and TLS for C&
pk_ops.h
Go to the documentation of this file.
1/*
2* (C) 2010,2015 Jack Lloyd
3*
4* Botan is released under the Simplified BSD License (see license.txt)
5*/
6
7#ifndef BOTAN_PK_OPERATIONS_H_
8#define BOTAN_PK_OPERATIONS_H_
9
10/**
11* Ordinary applications should never need to include or use this
12* header. It is exposed only for specialized applications which want
13* to implement new versions of public key crypto without merging them
14* as changes to the library. One actual example of such usage is an
15* application which creates RSA signatures using a custom TPM library.
16* Unless you're doing something like that, you don't need anything
17* here. Instead use pubkey.h which wraps these types safely and
18* provides a stable application-oriented API.
19*
20* Note: This header was accidentally pulled from the public API between
21* Botan 3.0.0 and 3.2.0, and then restored in 3.3.0. If you are
22* maintaining an application which used this header in Botan 2.x,
23* you should make sure to use Botan 3.3.0 or later when migrating.
24*/
25
26#include <botan/pk_keys.h>
27#include <botan/secmem.h>
28#include <span>
29
30namespace Botan {
31
33
34} // namespace Botan
35
36namespace Botan::PK_Ops {
37
38/**
39* Public key encryption interface
40*/
41class BOTAN_UNSTABLE_API Encryption /* NOLINT(*special-member-functions) */ {
42 public:
43 /**
44 * Encrypt a message returning the ciphertext
45 */
46 virtual std::vector<uint8_t> encrypt(std::span<const uint8_t> msg, RandomNumberGenerator& rng) = 0;
47
48 /**
49 * Return the maximum input size for this key
50 */
51 virtual size_t max_input_bits() const = 0;
52
53 /**
54 * Given the plaintext length, return an upper bound of the ciphertext
55 * length for this key and padding.
56 */
57 virtual size_t ciphertext_length(size_t ptext_len) const = 0;
58
59 virtual ~Encryption() = default;
60};
61
62/**
63* Public key decryption interface
64*/
65class BOTAN_UNSTABLE_API Decryption /* NOLINT(*special-member-functions) */ {
66 public:
67 virtual secure_vector<uint8_t> decrypt(uint8_t& valid_mask, std::span<const uint8_t> ctext) = 0;
68
69 virtual size_t plaintext_length(size_t ctext_len) const = 0;
70
71 virtual ~Decryption() = default;
72};
73
74/**
75* Public key signature verification interface
76*/
77class BOTAN_UNSTABLE_API Verification /* NOLINT(*special-member-functions) */ {
78 public:
79 /**
80 * Add more data to the message currently being signed
81 * @param input the input to be hashed/verified
82 */
83 virtual void update(std::span<const uint8_t> input) = 0;
84
85 /**
86 * Perform a verification operation
87 * @param sig the signature to be checked with respect to the input
88 */
89 virtual bool is_valid_signature(std::span<const uint8_t> sig) = 0;
90
91 /**
92 * Return the hash function being used by this signer
93 */
94 virtual std::string hash_function() const = 0;
95
96 virtual ~Verification() = default;
97};
98
99/**
100* Public key signature creation interface
101*/
102class BOTAN_UNSTABLE_API Signature /* NOLINT(*special-member-functions) */ {
103 public:
104 /**
105 * Add more data to the message currently being signed
106 * @param input the input to be hashed/signed
107 */
108 virtual void update(std::span<const uint8_t> input) = 0;
109
110 /**
111 * Perform a signature operation
112 * @param rng a random number generator
113 */
114 virtual std::vector<uint8_t> sign(RandomNumberGenerator& rng) = 0;
115
116 /**
117 * Return an upper bound on the length of the output signature
118 */
119 virtual size_t signature_length() const = 0;
120
121 /**
122 * Return an algorithm identifier associated with this signature scheme.
123 *
124 * Default implementation throws an exception
125 */
127
128 /**
129 * Return the hash function being used by this signer
130 */
131 virtual std::string hash_function() const = 0;
132
133 virtual ~Signature() = default;
134};
135
136/**
137* A generic key agreement operation (eg DH or ECDH)
138*/
139class BOTAN_UNSTABLE_API Key_Agreement /* NOLINT(*special-member-functions) */ {
140 public:
141 virtual secure_vector<uint8_t> agree(size_t key_len,
142 std::span<const uint8_t> other_key,
143 std::span<const uint8_t> salt) = 0;
144
145 virtual size_t agreed_value_size() const = 0;
146
147 virtual ~Key_Agreement() = default;
148};
149
150/**
151* KEM (key encapsulation)
152*/
153class BOTAN_UNSTABLE_API KEM_Encryption /* NOLINT(*special-member-functions) */ {
154 public:
155 virtual void kem_encrypt(std::span<uint8_t> out_encapsulated_key,
156 std::span<uint8_t> out_shared_key,
158 size_t desired_shared_key_len,
159 std::span<const uint8_t> salt) = 0;
160
161 virtual size_t shared_key_length(size_t desired_shared_key_len) const = 0;
162
163 virtual size_t encapsulated_key_length() const = 0;
164
165 virtual ~KEM_Encryption() = default;
166};
167
168class BOTAN_UNSTABLE_API KEM_Decryption /* NOLINT(*special-member-functions) */ {
169 public:
170 virtual void kem_decrypt(std::span<uint8_t> out_shared_key,
171 std::span<const uint8_t> encapsulated_key,
172 size_t desired_shared_key_len,
173 std::span<const uint8_t> salt) = 0;
174
175 virtual size_t shared_key_length(size_t desired_shared_key_len) const = 0;
176
177 virtual size_t encapsulated_key_length() const = 0;
178
179 virtual ~KEM_Decryption() = default;
180};
181
182} // namespace Botan::PK_Ops
183
184#endif
#define BOTAN_UNSTABLE_API
Definition api.h:34
virtual secure_vector< uint8_t > decrypt(uint8_t &valid_mask, std::span< const uint8_t > ctext)=0
virtual ~Decryption()=default
virtual size_t plaintext_length(size_t ctext_len) const =0
virtual size_t ciphertext_length(size_t ptext_len) const =0
virtual std::vector< uint8_t > encrypt(std::span< const uint8_t > msg, RandomNumberGenerator &rng)=0
virtual ~Encryption()=default
virtual size_t max_input_bits() const =0
virtual void kem_decrypt(std::span< uint8_t > out_shared_key, std::span< const uint8_t > encapsulated_key, size_t desired_shared_key_len, std::span< const uint8_t > salt)=0
virtual ~KEM_Decryption()=default
virtual size_t encapsulated_key_length() const =0
virtual size_t shared_key_length(size_t desired_shared_key_len) const =0
virtual size_t encapsulated_key_length() const =0
virtual ~KEM_Encryption()=default
virtual void kem_encrypt(std::span< uint8_t > out_encapsulated_key, std::span< uint8_t > out_shared_key, RandomNumberGenerator &rng, size_t desired_shared_key_len, std::span< const uint8_t > salt)=0
virtual size_t shared_key_length(size_t desired_shared_key_len) const =0
virtual size_t agreed_value_size() const =0
virtual secure_vector< uint8_t > agree(size_t key_len, std::span< const uint8_t > other_key, std::span< const uint8_t > salt)=0
virtual ~Key_Agreement()=default
virtual AlgorithmIdentifier algorithm_identifier() const
Definition pk_ops.cpp:25
virtual size_t signature_length() const =0
virtual ~Signature()=default
virtual std::string hash_function() const =0
virtual void update(std::span< const uint8_t > input)=0
virtual std::vector< uint8_t > sign(RandomNumberGenerator &rng)=0
virtual std::string hash_function() const =0
virtual void update(std::span< const uint8_t > input)=0
virtual ~Verification()=default
virtual bool is_valid_signature(std::span< const uint8_t > sig)=0
std::vector< T, secure_allocator< T > > secure_vector
Definition secmem.h:69