9 #include <botan/internal/p11_mechanism.h>
10 #include <botan/scan_name.h>
11 #include <botan/parsing.h>
12 #include <botan/emsa.h>
20 using PSS_Params = std::tuple<size_t, MechanismType, MGF>;
23 static const std::map<MechanismType, PSS_Params> PssOptions =
39 MechanismData(MechanismData
const&) =
default;
40 MechanismData& operator=(MechanismData
const&) =
default;
41 virtual ~MechanismData() =
default;
47 struct RSA_SignMechanism
final :
public MechanismData
50 : MechanismData(_type),
hash(static_cast<MechanismType>(0)),
mgf(static_cast<MGF>(0)),
salt_size(0)
52 auto pss_option = PssOptions.find(
type);
53 if(pss_option != PssOptions.end())
55 hash = std::get<1>(pss_option->second);
56 mgf = std::get<2>(pss_option->second);
57 salt_size = std::get<0>(pss_option->second);
74 static std::map<std::string, RSA_SignMechanism> SignMechanisms =
115 struct RSA_CryptMechanism
final :
public MechanismData
121 RSA_CryptMechanism(
MechanismType _type,
size_t _padding_size)
122 : RSA_CryptMechanism(_type, _padding_size, static_cast<
MechanismType>(0), static_cast<
MGF>(0))
136 static const std::map<std::string, RSA_CryptMechanism> CryptMechanisms =
148 static std::map<std::string, MechanismType> EcdsaHash =
159 static std::map<std::string, KeyDerivation> EcdhHash =
171 : m_mechanism( {
static_cast<CK_MECHANISM_TYPE>(mechanism_type),
nullptr, 0 }), m_parameters(
nullptr)
176 auto mechanism_info_it = CryptMechanisms.find(padding);
177 if(mechanism_info_it == CryptMechanisms.end())
180 throw Lookup_Error(
"PKCS#11 RSA encrypt/decrypt does not support EME " + padding);
182 RSA_CryptMechanism mechanism_info = mechanism_info_it->second;
187 mech.m_parameters = std::make_shared<MechanismParameters>();
188 mech.m_parameters->oaep_params.hashAlg =
static_cast<CK_MECHANISM_TYPE>(mechanism_info.hash);
191 mech.m_parameters->oaep_params.pSourceData =
nullptr;
192 mech.m_parameters->oaep_params.ulSourceDataLen = 0;
193 mech.m_mechanism.
pParameter = mech.m_parameters.get();
196 mech.m_padding_size = mechanism_info.padding_size;
202 auto mechanism_info_it = SignMechanisms.find(padding);
203 if(mechanism_info_it == SignMechanisms.end())
206 throw Lookup_Error(
"PKCS#11 RSA sign/verify does not support EMSA " + padding);
208 RSA_SignMechanism mechanism_info = mechanism_info_it->second;
211 if(PssOptions.find(mechanism_info.type) != PssOptions.end())
213 mech.m_parameters = std::make_shared<MechanismParameters>();
214 mech.m_parameters->pss_params.hashAlg =
static_cast<CK_MECHANISM_TYPE>(mechanism_info.hash);
216 mech.m_parameters->pss_params.sLen =
static_cast<Ulong>(mechanism_info.salt_size);
217 mech.m_mechanism.
pParameter = mech.m_parameters.get();
225 std::string hash_name =
hash;
227 if(hash_name !=
"Raw")
232 auto mechanism_type = EcdsaHash.find(hash_name);
233 if(mechanism_type == EcdsaHash.end())
235 throw Lookup_Error(
"PKCS#11 ECDSA sign/verify does not support " + hash);
242 std::vector<std::string> param_parts =
split_on(params,
',');
244 if(param_parts.empty() || param_parts.size() > 2)
245 throw Invalid_Argument(
"PKCS #11 ECDH key derivation bad params " + params);
247 const bool use_cofactor =
248 (param_parts[0] ==
"Cofactor") ||
249 (param_parts.size() == 2 && param_parts[1] ==
"Cofactor");
251 std::string kdf_name = (param_parts[0] ==
"Cofactor" ? param_parts[1] : param_parts[0]);
252 std::string
hash = kdf_name;
254 if(kdf_name !=
"Raw")
260 hash = kdf_hash.
arg(0);
264 auto kdf = EcdhHash.find(hash);
265 if(kdf == EcdhHash.end())
267 throw Lookup_Error(
"PKCS#11 ECDH key derivation does not support KDF " + kdf_name);
270 mech.m_parameters = std::make_shared<MechanismParameters>();
271 mech.m_parameters->ecdh_params.kdf =
static_cast<CK_EC_KDF_TYPE>(kdf->second);
272 mech.m_mechanism.
pParameter = mech.m_parameters.get();
std::string arg(size_t i) const
CK_ULONG CK_MECHANISM_TYPE
std::vector< std::string > split_on(const std::string &str, char delim)
int(* final)(unsigned char *, CTX *)
static MechanismWrapper create_ecdh_mechanism(const std::string ¶ms)
MechanismWrapper(MechanismType mechanism_type)
CK_RSA_PKCS_PSS_PARAMS RsaPkcsPssParams
std::string hash_for_emsa(const std::string &algo_spec)
#define CKZ_DATA_SPECIFIED
CK_RSA_PKCS_OAEP_PARAMS RsaPkcsOaepParams
static MechanismWrapper create_rsa_crypt_mechanism(const std::string &padding)
CK_ULONG CK_RSA_PKCS_MGF_TYPE
static MechanismWrapper create_ecdsa_mechanism(const std::string &hash)
CK_ECDH1_DERIVE_PARAMS Ecdh1DeriveParams
static MechanismWrapper create_rsa_sign_mechanism(const std::string &padding)