9 #include <botan/p11_rsa.h>
11 #if defined(BOTAN_HAS_RSA)
13 #include <botan/internal/p11_mechanism.h>
14 #include <botan/pk_ops.h>
15 #include <botan/rng.h>
16 #include <botan/blinding.h>
22 RSA_PublicKeyImportProperties::RSA_PublicKeyImportProperties(
const BigInt& modulus,
const BigInt& pub_exponent)
23 : PublicKeyProperties(
KeyType::
Rsa), m_modulus(modulus), m_pub_exponent(pub_exponent)
29 RSA_PublicKeyGenerationProperties::RSA_PublicKeyGenerationProperties(
Ulong bits)
35 PKCS11_RSA_PublicKey::PKCS11_RSA_PublicKey(Session& session,
ObjectHandle handle)
36 : Object(session, handle)
42 PKCS11_RSA_PublicKey::PKCS11_RSA_PublicKey(Session& session,
const RSA_PublicKeyImportProperties& pubkey_props)
43 : RSA_PublicKey(pubkey_props.modulus(), pubkey_props.pub_exponent()), Object(session, pubkey_props)
47 RSA_PrivateKeyImportProperties::RSA_PrivateKeyImportProperties(
const BigInt& modulus,
const BigInt& priv_exponent)
48 : PrivateKeyProperties(
KeyType::
Rsa), m_modulus(modulus), m_priv_exponent(priv_exponent)
55 PKCS11_RSA_PrivateKey::PKCS11_RSA_PrivateKey(Session& session,
ObjectHandle handle)
56 : Object(session, handle)
62 PKCS11_RSA_PrivateKey::PKCS11_RSA_PrivateKey(Session& session,
const RSA_PrivateKeyImportProperties& priv_key_props)
63 : Object(session, priv_key_props)
65 m_n = priv_key_props.modulus();
69 PKCS11_RSA_PrivateKey::PKCS11_RSA_PrivateKey(Session& session, uint32_t bits,
70 const RSA_PrivateKeyGenerationProperties& priv_key_props)
71 : RSA_PublicKey(), Object(session)
73 RSA_PublicKeyGenerationProperties pub_key_props(bits);
74 pub_key_props.set_encrypt(
true);
75 pub_key_props.set_verify(
true);
76 pub_key_props.set_token(
false);
81 session.module()->C_GenerateKeyPair(session.handle(), &mechanism,
82 pub_key_props.data(), pub_key_props.count(), priv_key_props.data(), priv_key_props.count(),
89 RSA_PrivateKey PKCS11_RSA_PrivateKey::export_key()
const
104 secure_vector<uint8_t> PKCS11_RSA_PrivateKey::private_key_bits()
const
106 return export_key().private_key_bits();
113 class PKCS11_RSA_Decryption_Operation final :
public PK_Ops::Decryption
117 PKCS11_RSA_Decryption_Operation(
const PKCS11_RSA_PrivateKey& key,
118 const std::string& padding,
121 m_mechanism(MechanismWrapper::create_rsa_crypt_mechanism(padding)),
124 [ this ](const BigInt& k) {
return m_powermod(k); },
127 m_bits =
m_key.get_n().bits() - 1;
130 secure_vector<uint8_t>
decrypt(uint8_t& valid_mask,
const uint8_t ciphertext[],
size_t ciphertext_len)
override
133 m_key.module()->C_DecryptInit(
m_key.session().handle(), m_mechanism.data(),
m_key.handle());
135 std::vector<uint8_t> encrypted_data(ciphertext, ciphertext + ciphertext_len);
138 if(! m_mechanism.padding_size())
143 secure_vector<uint8_t> decrypted_data;
144 m_key.module()->C_Decrypt(
m_key.session().handle(), encrypted_data, decrypted_data);
147 if(!m_mechanism.padding_size())
153 return decrypted_data;
157 const PKCS11_RSA_PrivateKey&
m_key;
158 MechanismWrapper m_mechanism;
160 Fixed_Exponent_Power_Mod m_powermod;
166 class PKCS11_RSA_Encryption_Operation :
public PK_Ops::Encryption
170 PKCS11_RSA_Encryption_Operation(
const PKCS11_RSA_PublicKey& key,
const std::string& padding)
171 :
m_key(key), m_mechanism(MechanismWrapper::create_rsa_crypt_mechanism(padding))
173 m_bits = 8 * (key.get_n().bytes() - m_mechanism.padding_size()) - 1;
176 size_t max_input_bits()
const override
183 m_key.module()->C_EncryptInit(
m_key.session().handle(), m_mechanism.data(),
m_key.handle());
185 secure_vector<uint8_t> encrytped_data;
186 m_key.module()->C_Encrypt(
m_key.session().handle(), secure_vector<uint8_t>(msg, msg + msg_len), encrytped_data);
187 return encrytped_data;
191 const PKCS11_RSA_PublicKey&
m_key;
192 MechanismWrapper m_mechanism;
197 class PKCS11_RSA_Signature_Operation :
public PK_Ops::Signature
201 PKCS11_RSA_Signature_Operation(
const PKCS11_RSA_PrivateKey& key,
const std::string& padding)
202 :
m_key(key), m_mechanism(MechanismWrapper::create_rsa_sign_mechanism(padding))
205 void update(
const uint8_t msg[],
size_t msg_len)
override
210 m_key.module()->C_SignInit(
m_key.session().handle(), m_mechanism.data(),
m_key.handle());
211 m_initialized =
true;
212 m_first_message = secure_vector<uint8_t>(msg, msg + msg_len);
216 if(!m_first_message.empty())
219 m_key.module()->C_SignUpdate(
m_key.session().handle(), m_first_message);
220 m_first_message.clear();
223 m_key.module()->C_SignUpdate(
m_key.session().handle(),
const_cast< Byte*
>(msg), msg_len);
228 secure_vector<uint8_t> signature;
229 if(!m_first_message.empty())
232 m_key.module()->C_Sign(
m_key.session().handle(), m_first_message, signature);
233 m_first_message.clear();
238 m_key.module()->C_SignFinal(
m_key.session().handle(), signature);
240 m_initialized =
false;
245 const PKCS11_RSA_PrivateKey&
m_key;
246 bool m_initialized =
false;
247 secure_vector<uint8_t> m_first_message;
248 MechanismWrapper m_mechanism;
252 class PKCS11_RSA_Verification_Operation :
public PK_Ops::Verification
256 PKCS11_RSA_Verification_Operation(
const PKCS11_RSA_PublicKey& key,
const std::string& padding)
257 :
m_key(key), m_mechanism(MechanismWrapper::create_rsa_sign_mechanism(padding))
260 void update(
const uint8_t msg[],
size_t msg_len)
override
265 m_key.module()->C_VerifyInit(
m_key.session().handle(), m_mechanism.data(),
m_key.handle());
266 m_initialized =
true;
267 m_first_message = secure_vector<uint8_t>(msg, msg + msg_len);
271 if(!m_first_message.empty())
274 m_key.module()->C_VerifyUpdate(
m_key.session().handle(), m_first_message);
275 m_first_message.clear();
278 m_key.module()->C_VerifyUpdate(
m_key.session().handle(),
const_cast< Byte*
>(msg), msg_len);
281 bool is_valid_signature(
const uint8_t sig[],
size_t sig_len)
override
284 if(!m_first_message.empty())
287 m_key.module()->C_Verify(
m_key.session().handle(), m_first_message.data(), m_first_message.size(),
288 const_cast< Byte*
>(sig), sig_len, &return_value);
289 m_first_message.clear();
294 m_key.module()->C_VerifyFinal(
m_key.session().handle(),
const_cast< Byte*
>(sig), sig_len, &return_value);
296 m_initialized =
false;
299 throw PKCS11_ReturnError(return_value);
305 const PKCS11_RSA_PublicKey&
m_key;
306 bool m_initialized =
false;
307 secure_vector<uint8_t> m_first_message;
308 MechanismWrapper m_mechanism;
313 std::unique_ptr<PK_Ops::Encryption>
315 const std::string& params,
316 const std::string& )
const
318 return std::unique_ptr<PK_Ops::Encryption>(
new PKCS11_RSA_Encryption_Operation(*
this, params));
321 std::unique_ptr<PK_Ops::Verification>
322 PKCS11_RSA_PublicKey::create_verification_op(
const std::string& params,
323 const std::string& )
const
325 return std::unique_ptr<PK_Ops::Verification>(
new PKCS11_RSA_Verification_Operation(*
this, params));
328 std::unique_ptr<PK_Ops::Decryption>
330 const std::string& params,
331 const std::string& )
const
333 return std::unique_ptr<PK_Ops::Decryption>(
new PKCS11_RSA_Decryption_Operation(*
this, params, rng));
336 std::unique_ptr<PK_Ops::Signature>
338 const std::string& params,
339 const std::string& )
const
341 return std::unique_ptr<PK_Ops::Signature>(
new PKCS11_RSA_Signature_Operation(*
this, params));
344 PKCS11_RSA_KeyPair generate_rsa_keypair(Session& session,
const RSA_PublicKeyGenerationProperties& pub_props,
345 const RSA_PrivateKeyGenerationProperties& priv_props)
352 session.module()->C_GenerateKeyPair(session.handle(), &mechanism,
353 pub_props.data(), pub_props.count(), priv_props.data(), priv_props.count(),
354 &pub_key_handle, &priv_key_handle);
356 return std::make_pair(PKCS11_RSA_PublicKey(session, pub_key_handle), PKCS11_RSA_PrivateKey(session, priv_key_handle));
CK_ULONG CK_MECHANISM_TYPE
std::string encrypt(const uint8_t input[], size_t input_len, const std::string &passphrase, RandomNumberGenerator &rng)
std::string decrypt(const uint8_t input[], size_t input_len, const std::string &passphrase)
CK_OBJECT_HANDLE ObjectHandle
BigInt inverse_mod(const BigInt &n, const BigInt &mod)
static secure_vector< uint8_t > encode_1363(const BigInt &n, size_t bytes)
RandomNumberGenerator()=default
static std::vector< uint8_t > encode(const BigInt &n, Base base=Binary)
const TPM_PrivateKey & m_key
static BigInt decode(const uint8_t buf[], size_t length, Base base=Binary)