9 #include <botan/p11_ecdsa.h>
11 #if defined(BOTAN_HAS_ECDSA)
13 #include <botan/internal/p11_mechanism.h>
14 #include <botan/pk_ops.h>
15 #include <botan/keypair.h>
16 #include <botan/rng.h>
21 ECDSA_PublicKey PKCS11_ECDSA_PublicKey::export_key()
const
23 return ECDSA_PublicKey(domain(), public_point());
26 bool PKCS11_ECDSA_PrivateKey::check_key(RandomNumberGenerator& rng,
bool strong)
const
28 if(!public_point().on_the_curve())
38 ECDSA_PublicKey pubkey(domain(), public_point());
42 ECDSA_PrivateKey PKCS11_ECDSA_PrivateKey::export_key()
const
50 secure_vector<uint8_t> PKCS11_ECDSA_PrivateKey::private_key_bits()
const
52 return export_key().private_key_bits();
57 class PKCS11_ECDSA_Signature_Operation :
public PK_Ops::Signature
60 PKCS11_ECDSA_Signature_Operation(
const PKCS11_EC_PrivateKey& key,
const std::string& emsa)
61 : PK_Ops::Signature(),
m_key(key),
m_order(key.domain().get_order()), m_mechanism(MechanismWrapper::create_ecdsa_mechanism(emsa))
64 void update(
const uint8_t msg[],
size_t msg_len)
override
69 m_key.module()->C_SignInit(
m_key.session().handle(), m_mechanism.data(),
m_key.handle());
71 m_first_message = secure_vector<uint8_t>(msg, msg + msg_len);
75 if(!m_first_message.empty())
78 m_key.module()->C_SignUpdate(
m_key.session().handle(), m_first_message);
79 m_first_message.clear();
82 m_key.module()->C_SignUpdate(
m_key.session().handle(),
const_cast<Byte*
>(msg), msg_len);
85 secure_vector<uint8_t> sign(RandomNumberGenerator&)
override
87 secure_vector<uint8_t> signature;
88 if(!m_first_message.empty())
91 m_key.module()->C_Sign(
m_key.session().handle(), m_first_message, signature);
92 m_first_message.clear();
97 m_key.module()->C_SignFinal(
m_key.session().handle(), signature);
99 m_initialized =
false;
104 const PKCS11_EC_PrivateKey&
m_key;
106 MechanismWrapper m_mechanism;
107 secure_vector<uint8_t> m_first_message;
108 bool m_initialized =
false;
112 class PKCS11_ECDSA_Verification_Operation :
public PK_Ops::Verification
115 PKCS11_ECDSA_Verification_Operation(
const PKCS11_EC_PublicKey& key,
const std::string& emsa)
116 : PK_Ops::Verification(),
m_key(key),
m_order(key.domain().get_order()), m_mechanism(MechanismWrapper::create_ecdsa_mechanism(emsa))
119 void update(
const uint8_t msg[],
size_t msg_len)
override
124 m_key.module()->C_VerifyInit(
m_key.session().handle(), m_mechanism.data(),
m_key.handle());
125 m_initialized =
true;
126 m_first_message = secure_vector<uint8_t>(msg, msg + msg_len);
130 if(!m_first_message.empty())
133 m_key.module()->C_VerifyUpdate(
m_key.session().handle(), m_first_message);
134 m_first_message.clear();
137 m_key.module()->C_VerifyUpdate(
m_key.session().handle(),
const_cast<Byte*
>(msg), msg_len);
140 bool is_valid_signature(
const uint8_t sig[],
size_t sig_len)
override
143 if(!m_first_message.empty())
146 m_key.module()->C_Verify(
m_key.session().handle(), m_first_message.data(), m_first_message.size(),
147 const_cast<Byte*
>(sig), sig_len, &return_value);
148 m_first_message.clear();
153 m_key.module()->C_VerifyFinal(
m_key.session().handle(),
const_cast<Byte*
>(sig), sig_len, &return_value);
155 m_initialized =
false;
158 throw PKCS11_ReturnError(return_value);
164 const PKCS11_EC_PublicKey&
m_key;
166 MechanismWrapper m_mechanism;
167 secure_vector<uint8_t> m_first_message;
168 bool m_initialized =
false;
173 std::unique_ptr<PK_Ops::Verification>
174 PKCS11_ECDSA_PublicKey::create_verification_op(
const std::string& params,
175 const std::string& )
const
177 return std::unique_ptr<PK_Ops::Verification>(
new PKCS11_ECDSA_Verification_Operation(*
this, params));
180 std::unique_ptr<PK_Ops::Signature>
181 PKCS11_ECDSA_PrivateKey::create_signature_op(RandomNumberGenerator& ,
182 const std::string& params,
183 const std::string& )
const
185 return std::unique_ptr<PK_Ops::Signature>(
new PKCS11_ECDSA_Signature_Operation(*
this, params));
188 PKCS11_ECDSA_KeyPair generate_ecdsa_keypair(Session& session,
const EC_PublicKeyGenerationProperties& pub_props,
189 const EC_PrivateKeyGenerationProperties& priv_props)
196 session.module()->C_GenerateKeyPair(session.handle(), &mechanism,
197 pub_props.data(), pub_props.count(), priv_props.data(), priv_props.count(),
198 &pub_key_handle, &priv_key_handle);
200 return std::make_pair(PKCS11_ECDSA_PublicKey(session, pub_key_handle), PKCS11_ECDSA_PrivateKey(session,
CK_ULONG CK_MECHANISM_TYPE
bool signature_consistency_check(RandomNumberGenerator &rng, const Private_Key &private_key, const Public_Key &public_key, const std::string &padding)
CK_OBJECT_HANDLE ObjectHandle
const TPM_PrivateKey & m_key
static BigInt decode(const uint8_t buf[], size_t length, Base base=Binary)