Botan 3.6.0
Crypto and TLS for C&
tpm2_ecc.h
Go to the documentation of this file.
1/*
2* TPM 2.0 ECC Wrappers
3* (C) 2024 Jack Lloyd
4* (C) 2024 René Meusel, Amos Treiber - Rohde & Schwarz Cybersecurity GmbH, financed by LANCOM Systems GmbH
5*
6* Botan is released under the Simplified BSD License (see license.txt)
7*/
8#ifndef BOTAN_TPM2_ECC_H_
9#define BOTAN_TPM2_ECC_H_
10
11#include <botan/ecdsa.h>
12#include <botan/tpm2_key.h>
13
14namespace Botan::TPM2 {
15
16class BOTAN_PUBLIC_API(3, 6) EC_PublicKey final : public virtual Botan::TPM2::PublicKey,
17 public virtual Botan::EC_PublicKey {
18 public:
19 std::string algo_name() const override { return "ECDSA"; }
20
21 /**
22 * @returns the public key encoding in ordinary point encoding
23 * @sa EC_PublicKey::set_point_encoding()
24 */
25 std::vector<uint8_t> public_key_bits() const override;
26
27 /**
28 * @returns the public key encoding in TPM2B_PUBLIC format
29 */
30 std::vector<uint8_t> raw_public_key_bits() const override;
31
32 bool supports_operation(PublicKeyOperation op) const override {
33 // TODO: ECDH/Key Agreement
34 return op == PublicKeyOperation::Signature;
35 }
36
37 std::unique_ptr<PK_Ops::Verification> create_verification_op(std::string_view params,
38 std::string_view provider) const override;
39
40 protected:
41 friend class TPM2::PublicKey;
42
43 EC_PublicKey(Object handle, SessionBundle sessions, const TPM2B_PUBLIC* public_blob);
44 EC_PublicKey(Object handle, SessionBundle sessions, std::pair<EC_Group, EC_AffinePoint> public_key);
45};
46
47BOTAN_DIAGNOSTIC_PUSH
48BOTAN_DIAGNOSTIC_IGNORE_INHERITED_VIA_DOMINANCE
49
50class BOTAN_PUBLIC_API(3, 6) EC_PrivateKey final : public virtual Botan::TPM2::PrivateKey,
51 public virtual Botan::EC_PublicKey {
52 public:
53 std::string algo_name() const override {
54 // TODO: Different types of ECC
55 // TPM ECC keys may be used for different algorithms, so we do not always know the exact algorithm
56 // because it may be used for ECDH, ECDSA, ECDAA, etc.
57 // However, at least for signatures, we can say it is ECDSA since EdDSA is not supported by tpm2-tss and
58 // ECDAA and ECSCHNORR are not supported by Botan.
59 return "ECDSA";
60 }
61
62 std::unique_ptr<Private_Key> generate_another(Botan::RandomNumberGenerator&) const override {
63 throw Not_Implemented("Cannot generate a new TPM-based keypair from this asymmetric key");
64 }
65
66 /**
67 * Create a transient EC key with the given @p group EC Group,
68 * under the given @p parent key, with the given @p auth_value.
69 * This key may only be used for ECDSA signatures.
70 *
71 * @param ctx The TPM context to use
72 * @param sessions The session bundle to use in the creation of the key
73 * @param auth_value The auth value to use for the key
74 * @param parent The parent key to create the new key under
75 * @param group The desired EC Group
76 */
77 static std::unique_ptr<TPM2::PrivateKey> create_unrestricted_transient(const std::shared_ptr<Context>& ctx,
78 const SessionBundle& sessions,
79 std::span<const uint8_t> auth_value,
80 const TPM2::PrivateKey& parent,
81 const EC_Group& group);
82
83 public:
84 std::unique_ptr<Public_Key> public_key() const override;
85
86 /**
87 * @returns the public key encoding in ordinary point encoding
88 * @sa EC_PublicKey::set_point_encoding()
89 */
90 std::vector<uint8_t> public_key_bits() const override;
91
92 /**
93 * @returns the public key encoding in TPM2B_PUBLIC format
94 */
95 std::vector<uint8_t> raw_public_key_bits() const override;
96
97 bool supports_operation(PublicKeyOperation op) const override { return op == PublicKeyOperation::Signature; }
98
99 std::unique_ptr<PK_Ops::Signature> create_signature_op(Botan::RandomNumberGenerator& rng,
100 std::string_view params,
101 std::string_view provider) const override;
102
103 protected:
104 friend class TPM2::PrivateKey;
105
106 EC_PrivateKey(Object handle,
107 SessionBundle sessions,
108 const TPM2B_PUBLIC* public_blob,
109 std::span<const uint8_t> private_blob = {});
110
111 EC_PrivateKey(Object handle,
112 SessionBundle sessions,
113 std::pair<EC_Group, EC_AffinePoint> public_key,
114 std::span<const uint8_t> private_blob = {});
115};
116
117BOTAN_DIAGNOSTIC_POP
118
119} // namespace Botan::TPM2
120
121#endif
Botan::EC_Group
Definition ec_group.h:51
Botan::EC_PublicKey
Definition ecc_key.h:32
Botan::Not_Implemented
Definition exceptn.h:334
Botan::TPM2::EC_PrivateKey
Definition tpm2_ecc.h:51
Botan::TPM2::EC_PrivateKey::algo_name
std::string algo_name() const override
Definition tpm2_ecc.h:53
Botan::TPM2::EC_PrivateKey::generate_another
std::unique_ptr< Private_Key > generate_another(Botan::RandomNumberGenerator &) const override
Definition tpm2_ecc.h:62
Botan::TPM2::EC_PrivateKey::supports_operation
bool supports_operation(PublicKeyOperation op) const override
Definition tpm2_ecc.h:97
Botan::TPM2::EC_PublicKey
Definition tpm2_ecc.h:17
Botan::TPM2::EC_PublicKey::supports_operation
bool supports_operation(PublicKeyOperation op) const override
Definition tpm2_ecc.h:32
Botan::TPM2::EC_PublicKey::algo_name
std::string algo_name() const override
Definition tpm2_ecc.h:19
final
int(* final)(unsigned char *, CTX *)
Definition commoncrypto_hash.cpp:29
BOTAN_DIAGNOSTIC_POP
#define BOTAN_DIAGNOSTIC_POP
Definition compiler.h:191
BOTAN_DIAGNOSTIC_PUSH
#define BOTAN_DIAGNOSTIC_PUSH
Definition compiler.h:188
BOTAN_DIAGNOSTIC_IGNORE_INHERITED_VIA_DOMINANCE
#define BOTAN_DIAGNOSTIC_IGNORE_INHERITED_VIA_DOMINANCE
Definition compiler.h:190
BOTAN_PUBLIC_API
#define BOTAN_PUBLIC_API(maj, min)
Definition compiler.h:31
Botan::PublicKeyOperation
PublicKeyOperation
Definition pk_keys.h:45
Generated by doxygen 1.12.0