9 #include <botan/p11_rsa.h>
10 #include <botan/pk_keys.h>
12 #if defined(BOTAN_HAS_RSA)
14 #include <botan/internal/p11_mechanism.h>
15 #include <botan/pk_ops.h>
16 #include <botan/rng.h>
17 #include <botan/blinding.h>
23 RSA_PublicKeyImportProperties::RSA_PublicKeyImportProperties(
const BigInt& modulus,
const BigInt& pub_exponent)
24 : PublicKeyProperties(
KeyType::
Rsa), m_modulus(modulus), m_pub_exponent(pub_exponent)
30 RSA_PublicKeyGenerationProperties::RSA_PublicKeyGenerationProperties(
Ulong bits)
36 PKCS11_RSA_PublicKey::PKCS11_RSA_PublicKey(Session& session,
ObjectHandle handle)
37 : Object(session, handle),
43 PKCS11_RSA_PublicKey::PKCS11_RSA_PublicKey(Session& session,
const RSA_PublicKeyImportProperties& pubkey_props)
44 : Object(session, pubkey_props), RSA_PublicKey(pubkey_props.modulus(), pubkey_props.pub_exponent())
48 RSA_PrivateKeyImportProperties::RSA_PrivateKeyImportProperties(
const BigInt& modulus,
const BigInt& priv_exponent)
49 : PrivateKeyProperties(
KeyType::
Rsa), m_modulus(modulus), m_priv_exponent(priv_exponent)
56 PKCS11_RSA_PrivateKey::PKCS11_RSA_PrivateKey(Session& session,
ObjectHandle handle)
57 : Object(session, handle),
63 PKCS11_RSA_PrivateKey::PKCS11_RSA_PrivateKey(Session& session,
const RSA_PrivateKeyImportProperties& priv_key_props)
64 : Object(session, priv_key_props),
65 RSA_PublicKey(priv_key_props.modulus(),
70 PKCS11_RSA_PrivateKey::PKCS11_RSA_PrivateKey(Session& session, uint32_t bits,
71 const RSA_PrivateKeyGenerationProperties& priv_key_props)
72 : Object(session), RSA_PublicKey()
74 RSA_PublicKeyGenerationProperties pub_key_props(bits);
75 pub_key_props.set_encrypt(
true);
76 pub_key_props.set_verify(
true);
77 pub_key_props.set_token(
false);
82 session.module()->C_GenerateKeyPair(session.handle(), &mechanism,
83 pub_key_props.data(),
static_cast<Ulong>(pub_key_props.count()),
84 priv_key_props.data(),
static_cast<Ulong>(priv_key_props.count()),
85 &pub_key_handle, &priv_key_handle);
87 this->reset_handle(priv_key_handle);
94 RSA_PrivateKey PKCS11_RSA_PrivateKey::export_key()
const
109 secure_vector<uint8_t> PKCS11_RSA_PrivateKey::private_key_bits()
const
111 return export_key().private_key_bits();
118 class PKCS11_RSA_Decryption_Operation
final :
public PK_Ops::Decryption
122 PKCS11_RSA_Decryption_Operation(
const PKCS11_RSA_PrivateKey& key,
123 const std::string& padding,
126 m_mechanism(MechanismWrapper::create_rsa_crypt_mechanism(padding)),
134 size_t plaintext_length(
size_t)
const override {
return m_key.get_n().bytes(); }
136 secure_vector<uint8_t>
decrypt(uint8_t& valid_mask,
const uint8_t ciphertext[],
size_t ciphertext_len)
override
139 m_key.module()->C_DecryptInit(
m_key.session().handle(), m_mechanism.data(),
m_key.handle());
141 std::vector<uint8_t> encrypted_data(ciphertext, ciphertext + ciphertext_len);
144 if(! m_mechanism.padding_size())
149 secure_vector<uint8_t> decrypted_data;
150 m_key.module()->C_Decrypt(
m_key.session().handle(), encrypted_data, decrypted_data);
153 if(!m_mechanism.padding_size())
159 return decrypted_data;
163 const PKCS11_RSA_PrivateKey&
m_key;
164 MechanismWrapper m_mechanism;
171 class PKCS11_RSA_Encryption_Operation
final :
public PK_Ops::Encryption
175 PKCS11_RSA_Encryption_Operation(
const PKCS11_RSA_PublicKey& key,
const std::string& padding)
176 :
m_key(key), m_mechanism(MechanismWrapper::create_rsa_crypt_mechanism(padding))
178 m_bits = 8 * (key.get_n().bytes() - m_mechanism.padding_size()) - 1;
181 size_t ciphertext_length(
size_t)
const override {
return m_key.get_n().bytes(); }
183 size_t max_input_bits()
const override
190 m_key.module()->C_EncryptInit(
m_key.session().handle(), m_mechanism.data(),
m_key.handle());
192 secure_vector<uint8_t> encrytped_data;
193 m_key.module()->C_Encrypt(
m_key.session().handle(), secure_vector<uint8_t>(msg, msg + msg_len), encrytped_data);
194 return encrytped_data;
198 const PKCS11_RSA_PublicKey&
m_key;
199 MechanismWrapper m_mechanism;
204 class PKCS11_RSA_Signature_Operation
final :
public PK_Ops::Signature
208 PKCS11_RSA_Signature_Operation(
const PKCS11_RSA_PrivateKey& key,
const std::string& padding)
209 :
m_key(key), m_mechanism(MechanismWrapper::create_rsa_sign_mechanism(padding))
212 size_t signature_length()
const override {
return m_key.get_n().bytes(); }
214 void update(
const uint8_t msg[],
size_t msg_len)
override
219 m_key.module()->C_SignInit(
m_key.session().handle(), m_mechanism.data(),
m_key.handle());
220 m_initialized =
true;
221 m_first_message = secure_vector<uint8_t>(msg, msg + msg_len);
225 if(!m_first_message.empty())
228 m_key.module()->C_SignUpdate(
m_key.session().handle(), m_first_message);
229 m_first_message.clear();
232 m_key.module()->C_SignUpdate(
m_key.session().handle(),
const_cast< Byte*
>(msg), static_cast<Ulong>(msg_len));
237 secure_vector<uint8_t> signature;
238 if(!m_first_message.empty())
241 m_key.module()->C_Sign(
m_key.session().handle(), m_first_message, signature);
242 m_first_message.clear();
247 m_key.module()->C_SignFinal(
m_key.session().handle(), signature);
249 m_initialized =
false;
254 const PKCS11_RSA_PrivateKey&
m_key;
255 bool m_initialized =
false;
256 secure_vector<uint8_t> m_first_message;
257 MechanismWrapper m_mechanism;
261 class PKCS11_RSA_Verification_Operation
final :
public PK_Ops::Verification
265 PKCS11_RSA_Verification_Operation(
const PKCS11_RSA_PublicKey& key,
const std::string& padding)
266 :
m_key(key), m_mechanism(MechanismWrapper::create_rsa_sign_mechanism(padding))
269 void update(
const uint8_t msg[],
size_t msg_len)
override
274 m_key.module()->C_VerifyInit(
m_key.session().handle(), m_mechanism.data(),
m_key.handle());
275 m_initialized =
true;
276 m_first_message = secure_vector<uint8_t>(msg, msg + msg_len);
280 if(!m_first_message.empty())
283 m_key.module()->C_VerifyUpdate(
m_key.session().handle(), m_first_message);
284 m_first_message.clear();
287 m_key.module()->C_VerifyUpdate(
m_key.session().handle(),
const_cast< Byte*
>(msg), static_cast<Ulong>(msg_len));
290 bool is_valid_signature(
const uint8_t sig[],
size_t sig_len)
override
293 if(!m_first_message.empty())
296 m_key.module()->C_Verify(
m_key.session().handle(),
297 m_first_message.data(),
static_cast<Ulong>(m_first_message.size()),
298 const_cast< Byte* >(sig),
static_cast<Ulong>(sig_len), &return_value);
299 m_first_message.clear();
304 m_key.module()->C_VerifyFinal(
m_key.session().handle(),
const_cast< Byte*
>(sig), static_cast<Ulong>(sig_len), &return_value);
306 m_initialized =
false;
309 throw PKCS11_ReturnError(return_value);
315 const PKCS11_RSA_PublicKey&
m_key;
316 bool m_initialized =
false;
317 secure_vector<uint8_t> m_first_message;
318 MechanismWrapper m_mechanism;
323 std::unique_ptr<PK_Ops::Encryption>
325 const std::string& params,
326 const std::string& )
const
328 return std::unique_ptr<PK_Ops::Encryption>(
new PKCS11_RSA_Encryption_Operation(*
this, params));
331 std::unique_ptr<PK_Ops::Verification>
332 PKCS11_RSA_PublicKey::create_verification_op(
const std::string& params,
333 const std::string& )
const
335 return std::unique_ptr<PK_Ops::Verification>(
new PKCS11_RSA_Verification_Operation(*
this, params));
338 std::unique_ptr<PK_Ops::Decryption>
340 const std::string& params,
341 const std::string& )
const
343 return std::unique_ptr<PK_Ops::Decryption>(
new PKCS11_RSA_Decryption_Operation(*
this, params, rng));
346 std::unique_ptr<PK_Ops::Signature>
348 const std::string& params,
349 const std::string& )
const
351 return std::unique_ptr<PK_Ops::Signature>(
new PKCS11_RSA_Signature_Operation(*
this, params));
354 PKCS11_RSA_KeyPair generate_rsa_keypair(Session& session,
const RSA_PublicKeyGenerationProperties& pub_props,
355 const RSA_PrivateKeyGenerationProperties& priv_props)
362 session.module()->C_GenerateKeyPair(session.handle(), &mechanism,
363 pub_props.data(),
static_cast<Ulong>(pub_props.count()),
364 priv_props.data(),
static_cast<Ulong>(priv_props.count()),
365 &pub_key_handle, &priv_key_handle);
367 return std::make_pair(PKCS11_RSA_PublicKey(session, pub_key_handle), PKCS11_RSA_PrivateKey(session, priv_key_handle));
#define CK_INVALID_HANDLE
CK_ULONG CK_MECHANISM_TYPE
BigInt power_mod(const BigInt &base, const BigInt &exp, const BigInt &mod)
std::vector< bitmask_type > m_bits
static std::vector< uint8_t > encode(const BigInt &n)
int(* final)(unsigned char *, CTX *)
std::string decrypt(const uint8_t input[], size_t input_len, const std::string &passphrase)
BigInt inverse_mod(const BigInt &n, const BigInt &mod)
secure_vector< uint8_t > decode(DataSource &source, std::string &label)
CK_OBJECT_HANDLE ObjectHandle
int(* update)(CTX *, const void *, CC_LONG len)
static BigInt decode(const uint8_t buf[], size_t length)
void init(BigInt &&n, BigInt &&e)
static secure_vector< uint8_t > encode_1363(const BigInt &n, size_t bytes)
RandomNumberGenerator()=default
const TPM_PrivateKey & m_key
std::string encrypt(const uint8_t input[], size_t input_len, const std::string &passphrase, RandomNumberGenerator &rng)