Botan 2.17.3
Crypto and TLS for C&
Public Member Functions | Protected Member Functions | Protected Attributes | List of all members
Botan::RSA_PrivateKey Class Referencefinalabstract

#include <rsa.h>

Inheritance diagram for Botan::RSA_PrivateKey:
Botan::Private_Key Botan::RSA_PublicKey Botan::Public_Key Botan::Public_Key

Public Member Functions

virtual std::string algo_name () const =0
 
std::string algo_name () const override
 
virtual AlgorithmIdentifier algorithm_identifier () const =0
 
AlgorithmIdentifier algorithm_identifier () const override
 
bool check_key (RandomNumberGenerator &rng, bool) const override
 
std::unique_ptr< PK_Ops::Decryptioncreate_decryption_op (RandomNumberGenerator &rng, const std::string &params, const std::string &provider) const override
 
virtual std::unique_ptr< PK_Ops::Encryptioncreate_encryption_op (RandomNumberGenerator &rng, const std::string &params, const std::string &provider) const
 
std::unique_ptr< PK_Ops::Encryptioncreate_encryption_op (RandomNumberGenerator &rng, const std::string &params, const std::string &provider) const override
 
std::unique_ptr< PK_Ops::KEM_Decryptioncreate_kem_decryption_op (RandomNumberGenerator &rng, const std::string &params, const std::string &provider) const override
 
virtual std::unique_ptr< PK_Ops::KEM_Encryptioncreate_kem_encryption_op (RandomNumberGenerator &rng, const std::string &params, const std::string &provider) const
 
std::unique_ptr< PK_Ops::KEM_Encryptioncreate_kem_encryption_op (RandomNumberGenerator &rng, const std::string &params, const std::string &provider) const override
 
virtual std::unique_ptr< PK_Ops::Key_Agreementcreate_key_agreement_op (RandomNumberGenerator &rng, const std::string &params, const std::string &provider) const
 
std::unique_ptr< PK_Ops::Signaturecreate_signature_op (RandomNumberGenerator &rng, const std::string &params, const std::string &provider) const override
 
virtual std::unique_ptr< PK_Ops::Verificationcreate_verification_op (const std::string &params, const std::string &provider) const
 
std::unique_ptr< PK_Ops::Verificationcreate_verification_op (const std::string &params, const std::string &provider) const override
 
virtual Signature_Format default_x509_signature_format () const
 
virtual size_t estimated_strength () const =0
 
size_t estimated_strength () const override
 
std::string fingerprint (const std::string &alg) const
 
std::string fingerprint_private (const std::string &alg) const
 
std::string fingerprint_public (const std::string &alg="SHA-256") const
 
const BigIntget_c () const
 
const BigIntget_d () const
 
const BigIntget_d1 () const
 
const BigIntget_d2 () const
 
const BigIntget_e () const
 
const BigIntget_n () const
 
virtual OID get_oid () const
 
const BigIntget_p () const
 
const BigIntget_q () const
 
virtual size_t key_length () const =0
 
size_t key_length () const override
 
virtual size_t message_part_size () const
 
virtual size_t message_parts () const
 
virtual AlgorithmIdentifier pkcs8_algorithm_identifier () const
 
std::shared_ptr< const RSA_Private_Data > private_data () const
 
secure_vector< uint8_t > private_key_bits () const override
 
secure_vector< uint8_t > private_key_info () const
 
std::shared_ptr< const RSA_Public_Data > public_data () const
 
virtual std::vector< uint8_t > public_key_bits () const =0
 
std::vector< uint8_t > public_key_bits () const override
 
 RSA_PrivateKey (const AlgorithmIdentifier &alg_id, const secure_vector< uint8_t > &key_bits)
 
 RSA_PrivateKey (const BigInt &p, const BigInt &q, const BigInt &e, const BigInt &d=0, const BigInt &n=0)
 
 RSA_PrivateKey (RandomNumberGenerator &rng, size_t bits, size_t exp=65537)
 
virtual bool stateful_operation () const
 
std::vector< uint8_t > subject_public_key () const
 

Protected Member Functions

void init (BigInt &&n, BigInt &&e)
 

Protected Attributes

std::shared_ptr< const RSA_Public_Data > m_public
 

Detailed Description

RSA Private Key

Definition at line 92 of file rsa.h.

Constructor & Destructor Documentation

◆ RSA_PrivateKey() [1/3]

Botan::RSA_PrivateKey::RSA_PrivateKey ( const AlgorithmIdentifier alg_id,
const secure_vector< uint8_t > &  key_bits 
)

Load a private key.

Parameters
alg_idthe X.509 algorithm identifier
key_bitsPKCS#1 RSAPrivateKey bits

Definition at line 211 of file rsa.cpp.

213 {
214 BigInt n, e, d, p, q, d1, d2, c;
215
216 BER_Decoder(key_bits)
217 .start_cons(SEQUENCE)
218 .decode_and_check<size_t>(0, "Unknown PKCS #1 key format version")
219 .decode(n)
220 .decode(e)
221 .decode(d)
222 .decode(p)
223 .decode(q)
224 .decode(d1)
225 .decode(d2)
226 .decode(c)
227 .end_cons();
228
229 RSA_PublicKey::init(std::move(n), std::move(e));
230
231 RSA_PrivateKey::init(std::move(d), std::move(p), std::move(q),
232 std::move(d1), std::move(d2), std::move(c));
233 }
void init(BigInt &&n, BigInt &&e)
Definition: rsa.cpp:111
secure_vector< uint8_t > decode(DataSource &source, std::string &label)
Definition: pem.cpp:68
@ SEQUENCE
Definition: asn1_obj.h:42

References Botan::PEM_Code::decode(), Botan::BER_Decoder::decode_and_check(), Botan::RSA_PublicKey::init(), Botan::SEQUENCE, and Botan::BER_Decoder::start_cons().

◆ RSA_PrivateKey() [2/3]

Botan::RSA_PrivateKey::RSA_PrivateKey ( const BigInt p,
const BigInt q,
const BigInt e,
const BigInt d = 0,
const BigInt n = 0 
)

Construct a private key from the specified parameters.

Parameters
pthe first prime
qthe second prime
ethe exponent
dif specified, this has to be d with exp * d = 1 mod (p - 1, q - 1). Leave it as 0 if you wish to the constructor to calculate it.
nif specified, this must be n = p * q. Leave it as 0 if you wish to the constructor to calculate it.

Definition at line 235 of file rsa.cpp.

240 {
241 BigInt p = prime1;
242 BigInt q = prime2;
243 BigInt n = mod;
244 if(n.is_zero())
245 n = p * q;
246
247 BigInt e = exp;
248
249 BigInt d = d_exp;
250
251 const BigInt p_minus_1 = p - 1;
252 const BigInt q_minus_1 = q - 1;
253
254 if(d.is_zero())
255 {
256 const BigInt phi_n = lcm(p_minus_1, q_minus_1);
257 d = inverse_mod(e, phi_n);
258 }
259
260 BigInt d1 = ct_modulo(d, p_minus_1);
261 BigInt d2 = ct_modulo(d, q_minus_1);
262 BigInt c = inverse_mod(q, p);
263
264 RSA_PublicKey::init(std::move(n), std::move(e));
265
266 RSA_PrivateKey::init(std::move(d), std::move(p), std::move(q),
267 std::move(d1), std::move(d2), std::move(c));
268 }
BigInt lcm(const BigInt &a, const BigInt &b)
Definition: numthry.cpp:125
BigInt inverse_mod(const BigInt &n, const BigInt &mod)
Definition: mod_inv.cpp:250
BigInt ct_modulo(const BigInt &x, const BigInt &y)
Definition: divide.cpp:118

References Botan::ct_modulo(), Botan::RSA_PublicKey::init(), Botan::inverse_mod(), Botan::BigInt::is_zero(), and Botan::lcm().

◆ RSA_PrivateKey() [3/3]

Botan::RSA_PrivateKey::RSA_PrivateKey ( RandomNumberGenerator rng,
size_t  bits,
size_t  exp = 65537 
)

Create a new private key with the specified bit length

Parameters
rngthe random number generator to use
bitsthe desired bit length of the private key
expthe public exponent to be used

Definition at line 273 of file rsa.cpp.

275 {
276 if(bits < 1024)
277 throw Invalid_Argument(algo_name() + ": Can't make a key that is only " +
278 std::to_string(bits) + " bits long");
279 if(exp < 3 || exp % 2 == 0)
280 throw Invalid_Argument(algo_name() + ": Invalid encryption exponent");
281
282 BigInt n, e, d, p, q, d1, d2, c;
283
284 e = exp;
285
286 const size_t p_bits = (bits + 1) / 2;
287 const size_t q_bits = bits - p_bits;
288
289 do
290 {
291 // TODO could generate primes in thread pool
292 p = generate_rsa_prime(rng, rng, p_bits, e);
293 q = generate_rsa_prime(rng, rng, q_bits, e);
294
295 if(p == q)
296 throw Internal_Error("RNG failure during RSA key generation");
297
298 n = p * q;
299 } while(n.bits() != bits);
300
301 const BigInt p_minus_1 = p - 1;
302 const BigInt q_minus_1 = q - 1;
303
304 const BigInt phi_n = lcm(p_minus_1, q_minus_1);
305 d = inverse_mod(e, phi_n);
306 d1 = ct_modulo(d, p_minus_1);
307 d2 = ct_modulo(d, q_minus_1);
308 c = inverse_mod(q, p);
309
310 RSA_PublicKey::init(std::move(n), std::move(e));
311
312 RSA_PrivateKey::init(std::move(d), std::move(p), std::move(q),
313 std::move(d1), std::move(d2), std::move(c));
314 }
std::string algo_name() const override
Definition: rsa.h:43
std::string to_string(const BER_Object &obj)
Definition: asn1_obj.cpp:213
BigInt generate_rsa_prime(RandomNumberGenerator &keygen_rng, RandomNumberGenerator &prime_test_rng, size_t bits, const BigInt &coprime, size_t prob)
Definition: make_prm.cpp:197

References Botan::RSA_PublicKey::algo_name(), Botan::BigInt::bits(), Botan::ct_modulo(), Botan::generate_rsa_prime(), Botan::RSA_PublicKey::init(), Botan::inverse_mod(), Botan::lcm(), and Botan::ASN1::to_string().

Member Function Documentation

◆ algo_name() [1/2]

virtual std::string Botan::Public_Key::algo_name ( ) const
pure virtualinherited

Get the name of the underlying public key scheme.

Returns
name of the public key scheme

Implemented in Botan::TPM_PrivateKey, Botan::Curve25519_PublicKey, Botan::DH_PublicKey, Botan::DSA_PublicKey, Botan::ECDH_PublicKey, Botan::ECDSA_PublicKey, Botan::ECGDSA_PublicKey, Botan::ECKCDSA_PublicKey, Botan::Ed25519_PublicKey, Botan::ElGamal_PublicKey, Botan::GOST_3410_PublicKey, Botan::McEliece_PublicKey, Botan::RSA_PublicKey, Botan::SM2_PublicKey, Botan::XMSS_PublicKey, Botan::XMSS_WOTS_PublicKey, and Botan::XMSS_WOTS_Addressed_PublicKey.

Referenced by Botan::PKCS8::BER_encode(), botan_pubkey_sm2_compute_za(), Botan::TLS::Policy::check_peer_key_acceptable(), Botan::TLS::Handshake_State::choose_sig_format(), Botan::TLS::Client_Key_Exchange::Client_Key_Exchange(), Botan::EMSA1::config_for_x509(), Botan::EMSA_PKCS1v15::config_for_x509(), Botan::PSSR::config_for_x509(), Botan::Private_Key::create_decryption_op(), Botan::Public_Key::create_encryption_op(), Botan::Private_Key::create_kem_decryption_op(), Botan::Public_Key::create_kem_encryption_op(), Botan::Private_Key::create_key_agreement_op(), Botan::Private_Key::create_signature_op(), Botan::Public_Key::create_verification_op(), Botan::Public_Key::get_oid(), Botan::TLS::Handshake_State::parse_sig_format(), Botan::PK_Decryptor_EME::PK_Decryptor_EME(), Botan::PK_Encryptor_EME::PK_Encryptor_EME(), Botan::PK_KEM_Decryptor::PK_KEM_Decryptor(), Botan::PK_KEM_Encryptor::PK_KEM_Encryptor(), Botan::PK_Key_Agreement::PK_Key_Agreement(), Botan::PK_Signer::PK_Signer(), Botan::PK_Verifier::PK_Verifier(), Botan::verify_cert_constraints_valid_for_key_type(), and Botan::X509_Object::verify_signature().

◆ algo_name() [2/2]

std::string Botan::RSA_PublicKey::algo_name ( ) const
inlineoverridevirtualinherited

Get the name of the underlying public key scheme.

Returns
name of the public key scheme

Implements Botan::Public_Key.

Definition at line 43 of file rsa.h.

43{ return "RSA"; }

Referenced by create_decryption_op(), Botan::RSA_PublicKey::create_encryption_op(), create_kem_decryption_op(), Botan::RSA_PublicKey::create_kem_encryption_op(), create_signature_op(), Botan::RSA_PublicKey::create_verification_op(), and RSA_PrivateKey().

◆ algorithm_identifier() [1/2]

virtual AlgorithmIdentifier Botan::Public_Key::algorithm_identifier ( ) const
pure virtualinherited

◆ algorithm_identifier() [2/2]

AlgorithmIdentifier Botan::RSA_PublicKey::algorithm_identifier ( ) const
overridevirtualinherited
Returns
X.509 AlgorithmIdentifier for this key

Implements Botan::Public_Key.

Definition at line 148 of file rsa.cpp.

149 {
150 return AlgorithmIdentifier(get_oid(), AlgorithmIdentifier::USE_NULL_PARAM);
151 }
virtual OID get_oid() const
Definition: pk_keys.cpp:53

References Botan::Public_Key::get_oid(), and Botan::AlgorithmIdentifier::USE_NULL_PARAM.

◆ check_key()

bool Botan::RSA_PrivateKey::check_key ( RandomNumberGenerator rng,
bool  strong 
) const
overridevirtual

Test the key values for consistency.

Parameters
rngrng to use
strongwhether to perform strong and lengthy version of the test
Returns
true if the test is passed

Reimplemented from Botan::RSA_PublicKey.

Definition at line 319 of file rsa.cpp.

320 {
321 if(get_n() < 35 || get_n().is_even() || get_e() < 3 || get_e().is_even())
322 return false;
323
324 if(get_d() < 2 || get_p() < 3 || get_q() < 3)
325 return false;
326
327 if(get_p() * get_q() != get_n())
328 return false;
329
330 if(get_p() == get_q())
331 return false;
332
333 if(get_d1() != ct_modulo(get_d(), get_p() - 1))
334 return false;
335 if(get_d2() != ct_modulo(get_d(), get_q() - 1))
336 return false;
337 if(get_c() != inverse_mod(get_q(), get_p()))
338 return false;
339
340 const size_t prob = (strong) ? 128 : 12;
341
342 if(!is_prime(get_p(), rng, prob))
343 return false;
344 if(!is_prime(get_q(), rng, prob))
345 return false;
346
347 if(strong)
348 {
349 if(ct_modulo(get_e() * get_d(), lcm(get_p() - 1, get_q() - 1)) != 1)
350 return false;
351
352 return KeyPair::signature_consistency_check(rng, *this, "EMSA4(SHA-256)");
353 }
354
355 return true;
356 }
const BigInt & get_q() const
Definition: rsa.cpp:198
const BigInt & get_c() const
Definition: rsa.cpp:200
const BigInt & get_p() const
Definition: rsa.cpp:197
const BigInt & get_d2() const
Definition: rsa.cpp:202
const BigInt & get_d() const
Definition: rsa.cpp:199
const BigInt & get_d1() const
Definition: rsa.cpp:201
const BigInt & get_n() const
Definition: rsa.cpp:108
const BigInt & get_e() const
Definition: rsa.cpp:109
bool signature_consistency_check(RandomNumberGenerator &rng, const Private_Key &private_key, const Public_Key &public_key, const std::string &padding)
Definition: keypair.cpp:49
bool is_prime(const BigInt &n, RandomNumberGenerator &rng, size_t prob, bool is_random)
Definition: numthry.cpp:210

References Botan::ct_modulo(), get_c(), get_d(), get_d1(), get_d2(), Botan::RSA_PublicKey::get_e(), Botan::RSA_PublicKey::get_n(), get_p(), get_q(), Botan::inverse_mod(), Botan::is_prime(), Botan::lcm(), and Botan::KeyPair::signature_consistency_check().

◆ create_decryption_op()

std::unique_ptr< PK_Ops::Decryption > Botan::RSA_PrivateKey::create_decryption_op ( RandomNumberGenerator rng,
const std::string &  params,
const std::string &  provider 
) const
overridevirtual

This is an internal library function exposed on key types. In almost all cases applications should use wrappers in pubkey.h

Return an decryption operation for this key/params or throw

Parameters
rnga random number generator. The PK_Op may maintain a reference to the RNG and use it many times. The rng must outlive any operations which reference it.
paramsadditional parameters
providerthe provider to use

Reimplemented from Botan::Private_Key.

Definition at line 697 of file rsa.cpp.

700 {
701#if defined(BOTAN_HAS_OPENSSL)
702 if(provider == "openssl" || provider.empty())
703 {
704 try
705 {
706 return make_openssl_rsa_dec_op(*this, params);
707 }
708 catch(Exception& e)
709 {
710 if(provider == "openssl")
711 throw Lookup_Error("OpenSSL RSA provider rejected key:" + std::string(e.what()));
712 }
713 }
714#endif
715
716 if(provider == "base" || provider.empty())
717 return std::unique_ptr<PK_Ops::Decryption>(new RSA_Decryption_Operation(*this, params, rng));
718
719 throw Provider_Not_Found(algo_name(), provider);
720 }

References Botan::RSA_PublicKey::algo_name(), and Botan::Exception::what().

◆ create_encryption_op() [1/2]

std::unique_ptr< PK_Ops::Encryption > Botan::Public_Key::create_encryption_op ( RandomNumberGenerator rng,
const std::string &  params,
const std::string &  provider 
) const
virtualinherited

This is an internal library function exposed on key types. In almost all cases applications should use wrappers in pubkey.h

Return an encryption operation for this key/params or throw

Parameters
rnga random number generator. The PK_Op may maintain a reference to the RNG and use it many times. The rng must outlive any operations which reference it.
paramsadditional parameters
providerthe provider to use

Reimplemented in Botan::ElGamal_PublicKey, Botan::RSA_PublicKey, and Botan::SM2_PublicKey.

Definition at line 91 of file pk_keys.cpp.

94 {
95 throw Lookup_Error(algo_name() + " does not support encryption");
96 }
virtual std::string algo_name() const =0

References Botan::Public_Key::algo_name().

Referenced by Botan::PK_Encryptor_EME::PK_Encryptor_EME().

◆ create_encryption_op() [2/2]

std::unique_ptr< PK_Ops::Encryption > Botan::RSA_PublicKey::create_encryption_op ( RandomNumberGenerator rng,
const std::string &  params,
const std::string &  provider 
) const
overridevirtualinherited

This is an internal library function exposed on key types. In almost all cases applications should use wrappers in pubkey.h

Return an encryption operation for this key/params or throw

Parameters
rnga random number generator. The PK_Op may maintain a reference to the RNG and use it many times. The rng must outlive any operations which reference it.
paramsadditional parameters
providerthe provider to use

Reimplemented from Botan::Public_Key.

Definition at line 638 of file rsa.cpp.

641 {
642#if defined(BOTAN_HAS_OPENSSL)
643 if(provider == "openssl" || provider.empty())
644 {
645 try
646 {
647 return make_openssl_rsa_enc_op(*this, params);
648 }
649 catch(Exception& e)
650 {
651 /*
652 * If OpenSSL for some reason could not handle this (eg due to OAEP params),
653 * throw if openssl was specifically requested but otherwise just fall back
654 * to the normal version.
655 */
656 if(provider == "openssl")
657 throw Lookup_Error("OpenSSL RSA provider rejected key:" + std::string(e.what()));
658 }
659 }
660#endif
661
662 if(provider == "base" || provider.empty())
663 return std::unique_ptr<PK_Ops::Encryption>(new RSA_Encryption_Operation(*this, params));
664 throw Provider_Not_Found(algo_name(), provider);
665 }

References Botan::RSA_PublicKey::algo_name(), and Botan::Exception::what().

◆ create_kem_decryption_op()

std::unique_ptr< PK_Ops::KEM_Decryption > Botan::RSA_PrivateKey::create_kem_decryption_op ( RandomNumberGenerator rng,
const std::string &  params,
const std::string &  provider 
) const
overridevirtual

This is an internal library function exposed on key types. In almost all cases applications should use wrappers in pubkey.h

Return a KEM decryption operation for this key/params or throw

Parameters
rnga random number generator. The PK_Op may maintain a reference to the RNG and use it many times. The rng must outlive any operations which reference it.
paramsadditional parameters
providerthe provider to use

Reimplemented from Botan::Private_Key.

Definition at line 723 of file rsa.cpp.

726 {
727 if(provider == "base" || provider.empty())
728 return std::unique_ptr<PK_Ops::KEM_Decryption>(new RSA_KEM_Decryption_Operation(*this, params, rng));
729
730 throw Provider_Not_Found(algo_name(), provider);
731 }

References Botan::RSA_PublicKey::algo_name().

◆ create_kem_encryption_op() [1/2]

std::unique_ptr< PK_Ops::KEM_Encryption > Botan::Public_Key::create_kem_encryption_op ( RandomNumberGenerator rng,
const std::string &  params,
const std::string &  provider 
) const
virtualinherited

This is an internal library function exposed on key types. In almost all cases applications should use wrappers in pubkey.h

Return a KEM encryption operation for this key/params or throw

Parameters
rnga random number generator. The PK_Op may maintain a reference to the RNG and use it many times. The rng must outlive any operations which reference it.
paramsadditional parameters
providerthe provider to use

Reimplemented in Botan::McEliece_PublicKey, and Botan::RSA_PublicKey.

Definition at line 99 of file pk_keys.cpp.

102 {
103 throw Lookup_Error(algo_name() + " does not support KEM encryption");
104 }

References Botan::Public_Key::algo_name().

Referenced by Botan::PK_KEM_Encryptor::PK_KEM_Encryptor().

◆ create_kem_encryption_op() [2/2]

std::unique_ptr< PK_Ops::KEM_Encryption > Botan::RSA_PublicKey::create_kem_encryption_op ( RandomNumberGenerator rng,
const std::string &  params,
const std::string &  provider 
) const
overridevirtualinherited

This is an internal library function exposed on key types. In almost all cases applications should use wrappers in pubkey.h

Return a KEM encryption operation for this key/params or throw

Parameters
rnga random number generator. The PK_Op may maintain a reference to the RNG and use it many times. The rng must outlive any operations which reference it.
paramsadditional parameters
providerthe provider to use

Reimplemented from Botan::Public_Key.

Definition at line 668 of file rsa.cpp.

671 {
672 if(provider == "base" || provider.empty())
673 return std::unique_ptr<PK_Ops::KEM_Encryption>(new RSA_KEM_Encryption_Operation(*this, params));
674 throw Provider_Not_Found(algo_name(), provider);
675 }

References Botan::RSA_PublicKey::algo_name().

◆ create_key_agreement_op()

std::unique_ptr< PK_Ops::Key_Agreement > Botan::Private_Key::create_key_agreement_op ( RandomNumberGenerator rng,
const std::string &  params,
const std::string &  provider 
) const
virtualinherited

This is an internal library function exposed on key types. In almost all cases applications should use wrappers in pubkey.h

Return a key agreement operation for this key/params or throw

Parameters
rnga random number generator. The PK_Op may maintain a reference to the RNG and use it many times. The rng must outlive any operations which reference it.
paramsadditional parameters
providerthe provider to use

Reimplemented in Botan::Curve25519_PrivateKey, Botan::DH_PrivateKey, and Botan::ECDH_PrivateKey.

Definition at line 138 of file pk_keys.cpp.

141 {
142 throw Lookup_Error(algo_name() + " does not support key agreement");
143 }

References Botan::Public_Key::algo_name().

Referenced by Botan::PK_Key_Agreement::PK_Key_Agreement().

◆ create_signature_op()

std::unique_ptr< PK_Ops::Signature > Botan::RSA_PrivateKey::create_signature_op ( RandomNumberGenerator rng,
const std::string &  params,
const std::string &  provider 
) const
overridevirtual

This is an internal library function exposed on key types. In almost all cases applications should use wrappers in pubkey.h

Return a signature operation for this key/params or throw

Parameters
rnga random number generator. The PK_Op may maintain a reference to the RNG and use it many times. The rng must outlive any operations which reference it.
paramsadditional parameters
providerthe provider to use

Reimplemented from Botan::Private_Key.

Definition at line 734 of file rsa.cpp.

737 {
738#if defined(BOTAN_HAS_OPENSSL)
739 if(provider == "openssl" || provider.empty())
740 {
741 std::unique_ptr<PK_Ops::Signature> res = make_openssl_rsa_sig_op(*this, params);
742 if(res)
743 return res;
744 }
745#endif
746
747 if(provider == "base" || provider.empty())
748 return std::unique_ptr<PK_Ops::Signature>(new RSA_Signature_Operation(*this, params, rng));
749
750 throw Provider_Not_Found(algo_name(), provider);
751 }

References Botan::RSA_PublicKey::algo_name().

◆ create_verification_op() [1/2]

std::unique_ptr< PK_Ops::Verification > Botan::Public_Key::create_verification_op ( const std::string &  params,
const std::string &  provider 
) const
virtualinherited

This is an internal library function exposed on key types. In almost all cases applications should use wrappers in pubkey.h

Return a verification operation for this key/params or throw

Parameters
paramsadditional parameters
providerthe provider to use

Reimplemented in Botan::XMSS_PublicKey, Botan::DSA_PublicKey, Botan::ECDSA_PublicKey, Botan::ECGDSA_PublicKey, Botan::ECKCDSA_PublicKey, Botan::Ed25519_PublicKey, Botan::GOST_3410_PublicKey, Botan::RSA_PublicKey, Botan::SM2_PublicKey, and Botan::XMSS_WOTS_Addressed_PublicKey.

Definition at line 107 of file pk_keys.cpp.

109 {
110 throw Lookup_Error(algo_name() + " does not support verification");
111 }

References Botan::Public_Key::algo_name().

Referenced by Botan::XMSS_WOTS_Addressed_PublicKey::create_verification_op(), and Botan::PK_Verifier::PK_Verifier().

◆ create_verification_op() [2/2]

std::unique_ptr< PK_Ops::Verification > Botan::RSA_PublicKey::create_verification_op ( const std::string &  params,
const std::string &  provider 
) const
overridevirtualinherited

This is an internal library function exposed on key types. In almost all cases applications should use wrappers in pubkey.h

Return a verification operation for this key/params or throw

Parameters
paramsadditional parameters
providerthe provider to use

Reimplemented from Botan::Public_Key.

Definition at line 678 of file rsa.cpp.

680 {
681#if defined(BOTAN_HAS_OPENSSL)
682 if(provider == "openssl" || provider.empty())
683 {
684 std::unique_ptr<PK_Ops::Verification> res = make_openssl_rsa_ver_op(*this, params);
685 if(res)
686 return res;
687 }
688#endif
689
690 if(provider == "base" || provider.empty())
691 return std::unique_ptr<PK_Ops::Verification>(new RSA_Verify_Operation(*this, params));
692
693 throw Provider_Not_Found(algo_name(), provider);
694 }

References Botan::RSA_PublicKey::algo_name().

◆ default_x509_signature_format()

virtual Signature_Format Botan::Public_Key::default_x509_signature_format ( ) const
inlinevirtualinherited

Reimplemented in Botan::GOST_3410_PublicKey.

Definition at line 125 of file pk_keys.h.

126 {
127 return (this->message_parts() >= 2) ? DER_SEQUENCE : IEEE_1363;
128 }
virtual size_t message_parts() const
Definition: pk_keys.h:112
@ DER_SEQUENCE
Definition: pk_keys.h:23
@ IEEE_1363
Definition: pk_keys.h:23

References Botan::DER_SEQUENCE, and Botan::IEEE_1363.

Referenced by Botan::X509_Object::choose_sig_format(), and Botan::X509_Object::verify_signature().

◆ estimated_strength() [1/2]

virtual size_t Botan::Public_Key::estimated_strength ( ) const
pure virtualinherited

Return the estimated strength of the underlying key against the best currently known attack. Note that this ignores anything but pure attacks against the key itself and do not take into account padding schemes, usage mistakes, etc which might reduce the strength. However it does suffice to provide an upper bound.

Returns
estimated strength in bits

Implemented in Botan::TPM_PrivateKey, Botan::Curve25519_PublicKey, Botan::DL_Scheme_PublicKey, Botan::EC_PublicKey, Botan::Ed25519_PublicKey, Botan::McEliece_PublicKey, Botan::RSA_PublicKey, Botan::XMSS_PublicKey, Botan::XMSS_WOTS_PublicKey, and Botan::XMSS_WOTS_Addressed_PublicKey.

Referenced by botan_pubkey_estimated_strength().

◆ estimated_strength() [2/2]

size_t Botan::RSA_PublicKey::estimated_strength ( ) const
overridevirtualinherited

Return the estimated strength of the underlying key against the best currently known attack. Note that this ignores anything but pure attacks against the key itself and do not take into account padding schemes, usage mistakes, etc which might reduce the strength. However it does suffice to provide an upper bound.

Returns
estimated strength in bits

Implements Botan::Public_Key.

Definition at line 143 of file rsa.cpp.

144 {
145 return if_work_factor(key_length());
146 }
size_t key_length() const override
Definition: rsa.cpp:138
size_t if_work_factor(size_t bits)
Definition: workfactor.cpp:38

References Botan::if_work_factor(), and Botan::RSA_PublicKey::key_length().

◆ fingerprint()

std::string Botan::Private_Key::fingerprint ( const std::string &  alg) const
inlineinherited

Definition at line 215 of file pk_keys.h.

216 {
217 return fingerprint_private(alg); // match behavior in previous versions
218 }
std::string fingerprint_private(const std::string &alg) const
Definition: pk_keys.cpp:85

◆ fingerprint_private()

std::string Botan::Private_Key::fingerprint_private ( const std::string &  alg) const
inherited
Returns
Hash of the PKCS #8 encoding for this key object

Definition at line 85 of file pk_keys.cpp.

86 {
88 }
virtual secure_vector< uint8_t > private_key_bits() const =0
std::string create_hex_fingerprint(const uint8_t bits[], size_t bits_len, const std::string &hash_name)
Definition: pk_keys.cpp:17
AlgorithmIdentifier hash_algo
Definition: x509_obj.cpp:22

References Botan::create_hex_fingerprint(), hash_algo, and Botan::Private_Key::private_key_bits().

Referenced by Botan::Certificate_Store_In_SQL::find_certs_for_key(), Botan::Certificate_Store_In_SQL::insert_key(), and Botan::Certificate_Store_In_SQL::remove_key().

◆ fingerprint_public()

std::string Botan::Public_Key::fingerprint_public ( const std::string &  alg = "SHA-256") const
inherited
Returns
Hash of the subject public key

Definition at line 77 of file pk_keys.cpp.

78 {
80 }
std::vector< uint8_t > subject_public_key() const
Definition: pk_keys.cpp:38

References Botan::create_hex_fingerprint(), hash_algo, and Botan::Public_Key::subject_public_key().

◆ get_c()

const BigInt & Botan::RSA_PrivateKey::get_c ( ) const

Definition at line 200 of file rsa.cpp.

200{ return m_private->get_c(); }

Referenced by check_key(), and private_key_bits().

◆ get_d()

const BigInt & Botan::RSA_PrivateKey::get_d ( ) const

Get d with exp * d = 1 mod (p - 1, q - 1).

Returns
d

Definition at line 199 of file rsa.cpp.

199{ return m_private->get_d(); }

Referenced by check_key(), and private_key_bits().

◆ get_d1()

const BigInt & Botan::RSA_PrivateKey::get_d1 ( ) const

Definition at line 201 of file rsa.cpp.

201{ return m_private->get_d1(); }

Referenced by check_key(), and private_key_bits().

◆ get_d2()

const BigInt & Botan::RSA_PrivateKey::get_d2 ( ) const

Definition at line 202 of file rsa.cpp.

202{ return m_private->get_d2(); }

Referenced by check_key(), and private_key_bits().

◆ get_e()

const BigInt & Botan::RSA_PublicKey::get_e ( ) const
inherited
Returns
public exponent

Definition at line 109 of file rsa.cpp.

109{ return m_public->get_e(); }
std::shared_ptr< const RSA_Public_Data > m_public
Definition: rsa.h:86

References Botan::RSA_PublicKey::m_public.

Referenced by Botan::RSA_PublicKey::check_key(), check_key(), private_key_bits(), and Botan::RSA_PublicKey::public_key_bits().

◆ get_n()

const BigInt & Botan::RSA_PublicKey::get_n ( ) const
inherited
Returns
public modulus

Definition at line 108 of file rsa.cpp.

108{ return m_public->get_n(); }

References Botan::RSA_PublicKey::m_public.

Referenced by Botan::RSA_PublicKey::check_key(), check_key(), private_key_bits(), and Botan::RSA_PublicKey::public_key_bits().

◆ get_oid()

OID Botan::Public_Key::get_oid ( ) const
virtualinherited

◆ get_p()

const BigInt & Botan::RSA_PrivateKey::get_p ( ) const

Get the first prime p.

Returns
prime p

Definition at line 197 of file rsa.cpp.

197{ return m_private->get_p(); }

Referenced by check_key(), and private_key_bits().

◆ get_q()

const BigInt & Botan::RSA_PrivateKey::get_q ( ) const

Get the second prime q.

Returns
prime q

Definition at line 198 of file rsa.cpp.

198{ return m_private->get_q(); }

Referenced by check_key(), and private_key_bits().

◆ init()

void Botan::RSA_PublicKey::init ( BigInt &&  n,
BigInt &&  e 
)
protectedinherited

Definition at line 111 of file rsa.cpp.

112 {
113 if(n.is_negative() || n.is_even() || e.is_negative() || e.is_even())
114 throw Decoding_Error("Invalid RSA public key parameters");
115 m_public = std::make_shared<RSA_Public_Data>(std::move(n), std::move(e));
116 }

References Botan::RSA_PublicKey::m_public.

Referenced by RSA_PrivateKey(), and Botan::RSA_PublicKey::RSA_PublicKey().

◆ key_length() [1/2]

virtual size_t Botan::Public_Key::key_length ( ) const
pure virtualinherited

Return an integer value best approximating the length of the primary security parameter. For example for RSA this will be the size of the modulus, for ECDSA the size of the ECC group, and for McEliece the size of the code will be returned.

Implemented in Botan::TPM_PrivateKey, Botan::Curve25519_PublicKey, Botan::DL_Scheme_PublicKey, Botan::EC_PublicKey, Botan::Ed25519_PublicKey, Botan::McEliece_PublicKey, Botan::RSA_PublicKey, Botan::XMSS_PublicKey, Botan::XMSS_WOTS_PublicKey, and Botan::XMSS_WOTS_Addressed_PublicKey.

Referenced by Botan::TLS::Policy::check_peer_key_acceptable().

◆ key_length() [2/2]

size_t Botan::RSA_PublicKey::key_length ( ) const
overridevirtualinherited

Return an integer value best approximating the length of the primary security parameter. For example for RSA this will be the size of the modulus, for ECDSA the size of the ECC group, and for McEliece the size of the code will be returned.

Implements Botan::Public_Key.

Definition at line 138 of file rsa.cpp.

139 {
140 return m_public->public_modulus_bits();
141 }

References Botan::RSA_PublicKey::m_public.

Referenced by Botan::RSA_PublicKey::estimated_strength().

◆ message_part_size()

virtual size_t Botan::Public_Key::message_part_size ( ) const
inlinevirtualinherited

Returns how large each of the message parts refered to by message_parts() is

This function is public but applications should have few reasons to ever call this.

Returns
size of the message parts in bits

Reimplemented in Botan::DSA_PublicKey, Botan::ECDSA_PublicKey, Botan::ECGDSA_PublicKey, Botan::ECKCDSA_PublicKey, Botan::GOST_3410_PublicKey, and Botan::SM2_PublicKey.

Definition at line 123 of file pk_keys.h.

123{ return 0; }

Referenced by Botan::PK_Signer::PK_Signer(), and Botan::PK_Verifier::PK_Verifier().

◆ message_parts()

virtual size_t Botan::Public_Key::message_parts ( ) const
inlinevirtualinherited

Returns more than 1 if the output of this algorithm (ciphertext, signature) should be treated as more than one value. This is used for algorithms like DSA and ECDSA, where the (r,s) output pair can be encoded as either a plain binary list or a TLV tagged DER encoding depending on the protocol.

This function is public but applications should have few reasons to ever call this.

Returns
number of message parts

Reimplemented in Botan::DSA_PublicKey, Botan::ECDSA_PublicKey, Botan::ECGDSA_PublicKey, Botan::ECKCDSA_PublicKey, Botan::GOST_3410_PublicKey, and Botan::SM2_PublicKey.

Definition at line 112 of file pk_keys.h.

112{ return 1; }

Referenced by Botan::PK_Signer::PK_Signer(), and Botan::PK_Verifier::PK_Verifier().

◆ pkcs8_algorithm_identifier()

virtual AlgorithmIdentifier Botan::Private_Key::pkcs8_algorithm_identifier ( ) const
inlinevirtualinherited
Returns
PKCS #8 AlgorithmIdentifier for this key Might be different from the X.509 identifier, but normally is not

Reimplemented in Botan::GOST_3410_PrivateKey, Botan::XMSS_WOTS_PrivateKey, and Botan::XMSS_WOTS_Addressed_PrivateKey.

Definition at line 204 of file pk_keys.h.

205 { return algorithm_identifier(); }
virtual AlgorithmIdentifier algorithm_identifier() const =0

Referenced by Botan::Private_Key::private_key_info().

◆ private_data()

std::shared_ptr< const RSA_Private_Data > Botan::RSA_PrivateKey::private_data ( ) const

Definition at line 175 of file rsa.cpp.

176 {
177 return m_private;
178 }

◆ private_key_bits()

secure_vector< uint8_t > Botan::RSA_PrivateKey::private_key_bits ( ) const
overridevirtual
Returns
BER encoded private key bits

Implements Botan::Private_Key.

Definition at line 180 of file rsa.cpp.

181 {
182 return DER_Encoder()
183 .start_cons(SEQUENCE)
184 .encode(static_cast<size_t>(0))
185 .encode(get_n())
186 .encode(get_e())
187 .encode(get_d())
188 .encode(get_p())
189 .encode(get_q())
190 .encode(get_d1())
191 .encode(get_d2())
192 .encode(get_c())
193 .end_cons()
194 .get_contents();
195 }

References Botan::DER_Encoder::encode(), Botan::DER_Encoder::end_cons(), get_c(), Botan::DER_Encoder::get_contents(), get_d(), get_d1(), get_d2(), Botan::RSA_PublicKey::get_e(), Botan::RSA_PublicKey::get_n(), get_p(), get_q(), Botan::SEQUENCE, and Botan::DER_Encoder::start_cons().

◆ private_key_info()

secure_vector< uint8_t > Botan::Private_Key::private_key_info ( ) const
inherited
Returns
PKCS #8 private key encoding for this key object

Definition at line 61 of file pk_keys.cpp.

62 {
63 const size_t PKCS8_VERSION = 0;
64
65 return DER_Encoder()
66 .start_cons(SEQUENCE)
67 .encode(PKCS8_VERSION)
70 .end_cons()
71 .get_contents();
72 }
virtual AlgorithmIdentifier pkcs8_algorithm_identifier() const
Definition: pk_keys.h:204
@ OCTET_STRING
Definition: asn1_obj.h:38

References Botan::DER_Encoder::encode(), Botan::DER_Encoder::end_cons(), Botan::DER_Encoder::get_contents(), Botan::OCTET_STRING, Botan::Private_Key::pkcs8_algorithm_identifier(), Botan::Private_Key::private_key_bits(), Botan::SEQUENCE, and Botan::DER_Encoder::start_cons().

Referenced by Botan::PKCS8::BER_encode(), Botan::PKCS8::BER_encode_encrypted_pbkdf_iter(), and Botan::PKCS8::BER_encode_encrypted_pbkdf_msec().

◆ public_data()

std::shared_ptr< const RSA_Public_Data > Botan::RSA_PublicKey::public_data ( ) const
inherited

Definition at line 103 of file rsa.cpp.

104 {
105 return m_public;
106 }

References Botan::RSA_PublicKey::m_public.

◆ public_key_bits() [1/2]

virtual std::vector< uint8_t > Botan::Public_Key::public_key_bits ( ) const
pure virtualinherited

◆ public_key_bits() [2/2]

std::vector< uint8_t > Botan::RSA_PublicKey::public_key_bits ( ) const
overridevirtualinherited
Returns
BER encoded public key bits

Implements Botan::Public_Key.

Definition at line 153 of file rsa.cpp.

154 {
155 std::vector<uint8_t> output;
156 DER_Encoder der(output);
157 der.start_cons(SEQUENCE)
158 .encode(get_n())
159 .encode(get_e())
160 .end_cons();
161
162 return output;
163 }

References Botan::DER_Encoder::encode(), Botan::DER_Encoder::end_cons(), Botan::RSA_PublicKey::get_e(), Botan::RSA_PublicKey::get_n(), Botan::SEQUENCE, and Botan::DER_Encoder::start_cons().

◆ stateful_operation()

virtual bool Botan::Private_Key::stateful_operation ( ) const
inlinevirtualinherited

Reimplemented in Botan::XMSS_PrivateKey.

Definition at line 188 of file pk_keys.h.

188{ return false; }

◆ subject_public_key()

std::vector< uint8_t > Botan::Public_Key::subject_public_key ( ) const
inherited
Returns
X.509 subject key encoding for this key object

Definition at line 38 of file pk_keys.cpp.

39 {
40 std::vector<uint8_t> output;
41
42 DER_Encoder(output).start_cons(SEQUENCE)
43 .encode(algorithm_identifier())
44 .encode(public_key_bits(), BIT_STRING)
45 .end_cons();
46
47 return output;
48 }
virtual std::vector< uint8_t > public_key_bits() const =0
@ BIT_STRING
Definition: asn1_obj.h:37

References Botan::Public_Key::algorithm_identifier(), Botan::BIT_STRING, Botan::DER_Encoder::encode(), Botan::DER_Encoder::end_cons(), Botan::Public_Key::public_key_bits(), Botan::SEQUENCE, and Botan::DER_Encoder::start_cons().

Referenced by Botan::X509::BER_encode(), Botan::PKCS10_Request::create(), Botan::Public_Key::fingerprint_public(), and Botan::X509::PEM_encode().

Member Data Documentation

◆ m_public

std::shared_ptr<const RSA_Public_Data> Botan::RSA_PublicKey::m_public
protectedinherited

The documentation for this class was generated from the following files: