13215274653

Committed 08 Feb 2025 11:38AM UTC coverage: 91.655% (-0.009%) from 91.664%

Build # 13215274653

Build Type

Pull #4650

github

Committed by

web-flow

Commit Message

Merge 107f31833 into bc555cd3c

Pull Request Pull Request #4650: Reorganize code and reduce header dependencies

Run Details

94836 of 103471 relevant lines covered (91.65%)

11230958.94 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

84.62

/src/lib/pubkey/pk_keys.h

/*
* PK Key Types
* (C) 1999-2007,2018 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/

#ifndef BOTAN_PK_KEYS_H_
#define BOTAN_PK_KEYS_H_

#include <botan/asn1_obj.h>
#include <botan/pk_ops_fwd.h>
#include <botan/secmem.h>

#include <memory>
#include <optional>
#include <span>
#include <string>
#include <string_view>

namespace Botan {

class BigInt;
class RandomNumberGenerator;

/**
* Enumeration specifying the signature format.
*
* This is mostly used for requesting DER encoding of ECDSA signatures;
* most other algorithms only support "standard".
*/
enum class Signature_Format {
   Standard,
   DerSequence,

   IEEE_1363 BOTAN_DEPRECATED("Use Standard") = Standard,
   DER_SEQUENCE BOTAN_DEPRECATED("Use DerSequence") = DerSequence,
};

/**
* Enumeration of possible operations a public key could be used for.
*
* It is possible to query if a key supports a particular operation
* type using Asymmetric_Key::supports_operation()
*/
enum class PublicKeyOperation {
   Encryption,
   Signature,
   KeyEncapsulation,
   KeyAgreement,
};

class Private_Key;

/**
* An interface for objects that are keys in public key algorithms
*
* This is derived for both public and private keys
*/
class BOTAN_PUBLIC_API(3, 0) Asymmetric_Key {
   public:
      virtual ~Asymmetric_Key() = default;

      /**
      * Get the name of the underlying public key scheme.
      * @return name of the public key scheme
      */
      virtual std::string algo_name() const = 0;

      /**
      * Return the estimated strength of the underlying key against
      * the best currently known attack. Note that this ignores anything
      * but pure attacks against the key itself and do not take into
      * account padding schemes, usage mistakes, etc which might reduce
      * the strength. However it does suffice to provide an upper bound.
      *
      * @return estimated strength in bits
      */
      virtual size_t estimated_strength() const = 0;

      /**
      * Get the OID of the underlying public key scheme.
      * @return OID of the public key scheme
      */
      virtual OID object_identifier() const;

      /**
      * Access an algorithm specific field
      *
      * If the field is not known for this algorithm, an Invalid_Argument is
      * thrown. The interpretation of the result requires knowledge of which
      * algorithm is involved. For instance for RSA "p" represents one of the
      * secret primes, while for DSA "p" is the public prime.
      *
      * Some algorithms may not implement this method at all.
      *
      * This is primarily used to implement the FFI botan_pubkey_get_field
      * and botan_privkey_get_field functions.
      *
      * TODO(Botan4) Change this to return by value
      */
      virtual const BigInt& get_int_field(std::string_view field) const;

      /**
      * Return true if this key could be used for the specified type
      * of operation.
      */
      virtual bool supports_operation(PublicKeyOperation op) const = 0;

      /**
       * Generate another (cryptographically independent) key pair using the
       * same algorithm parameters as this key. This is most useful for algorithms
       * that support PublicKeyOperation::KeyAgreement to generate a fitting ephemeral
       * key pair. For other key types it might throw Not_Implemented.
       */
      virtual std::unique_ptr<Private_Key> generate_another(RandomNumberGenerator& rng) const = 0;

      /*
      * Test the key values for consistency.
      * @param rng rng to use
      * @param strong whether to perform strong and lengthy version of the test
      * @return true if the test is passed
      */
      virtual bool check_key(RandomNumberGenerator& rng, bool strong) const = 0;

      // Declarations for internal library functions not covered by SemVer follow

      /**
      * Certain signatures schemes such as ECDSA have more than
      * one element, and certain unfortunate protocols decided the
      * thing to do was not concatenate them as normally done, but
      * instead DER encode each of the elements as independent values.
      *
      * If this returns a value x then the signature is checked to
      * be exactly 2*x bytes and split in half for DER encoding.
      */
      virtual std::optional<size_t> _signature_element_size_for_DER_encoding() const { return {}; }

      /*
      * Return the format normally used by this algorithm for X.509 signatures
      */
      virtual Signature_Format _default_x509_signature_format() const;
};

/*
* Public Key Base Class.
*/
class BOTAN_PUBLIC_API(2, 0) Public_Key : public virtual Asymmetric_Key {
   public:
      /**
      * Return an integer value best approximating the length of the
      * primary security parameter. For example for RSA this will be
      * the size of the modulus, for ECDSA the size of the ECC group,
      * and for McEliece the size of the code will be returned.
      */
      virtual size_t key_length() const = 0;

      /**
      * Deprecated version of object_identifier
      */
      BOTAN_DEPRECATED("Use object_identifier") OID get_oid() const { return this->object_identifier(); }

      /**
      * @return X.509 AlgorithmIdentifier for this key
      */
      virtual AlgorithmIdentifier algorithm_identifier() const = 0;

      /**
      * @return binary public key bits, with no additional encoding
      *
      * For key agreements this is an alias for PK_Key_Agreement_Key::public_value.
      *
      * Note: some algorithms (for example RSA) do not have an obvious encoding
      * for this value due to having many different values, and thus throw
      * Not_Implemented when invoking this method.
      */
      virtual std::vector<uint8_t> raw_public_key_bits() const = 0;

      /**
      * @return BER encoded public key bits
      */
      virtual std::vector<uint8_t> public_key_bits() const = 0;

      /**
      * @return X.509 subject key encoding for this key object
      */
      std::vector<uint8_t> subject_public_key() const;

      /**
       * @return Hash of the subject public key
       */
      std::string fingerprint_public(std::string_view alg = "SHA-256") const;

      // Declarations for internal library functions not covered by SemVer follow

      /**
      * Returns more than 1 if the output of this algorithm
      * (ciphertext, signature) should be treated as more than one
      * value. This is used for algorithms like DSA and ECDSA, where
      * the (r,s) output pair can be encoded as either a plain binary
      * list or a TLV tagged DER encoding depending on the protocol.
      *
      * This function is public but applications should have few
      * reasons to ever call this.
      *
      * @return number of message parts
      */
      BOTAN_DEPRECATED("Deprecated no replacement") size_t message_parts() const {
         return _signature_element_size_for_DER_encoding() ? 2 : 1;
      }

      /**
      * Returns how large each of the message parts refered to
      * by message_parts() is
      *
      * This function is public but applications should have few
      * reasons to ever call this.
      *
      * @return size of the message parts in bits
      */
      BOTAN_DEPRECATED("Deprecated no replacement") size_t message_part_size() const {
         return _signature_element_size_for_DER_encoding().value_or(0);
      }

      /*
      * Return the format normally used by this algorithm for X.509 signatures
      */
      BOTAN_DEPRECATED("Deprecated no replacement") Signature_Format default_x509_signature_format() const {
         return _default_x509_signature_format();
      }

      /**
      * This is an internal library function exposed on key types.
      * In almost all cases applications should use wrappers in pubkey.h
      *
      * Return an encryption operation for this key/params or throw
      *
      * @param rng a random number generator. The PK_Op may maintain a
      * reference to the RNG and use it many times. The rng must outlive
      * any operations which reference it.
      * @param params additional parameters
      * @param provider the provider to use
      */
      virtual std::unique_ptr<PK_Ops::Encryption> create_encryption_op(RandomNumberGenerator& rng,
                                                                       std::string_view params,
                                                                       std::string_view provider) const;

      /**
      * This is an internal library function exposed on key types.
      * In almost all cases applications should use wrappers in pubkey.h
      *
      * Return a KEM encryption operation for this key/params or throw
      *
      * @param params additional parameters
      * @param provider the provider to use
      */
      virtual std::unique_ptr<PK_Ops::KEM_Encryption> create_kem_encryption_op(std::string_view params,
                                                                               std::string_view provider) const;

      /**
      * This is an internal library function exposed on key types.
      * In all cases applications should use wrappers in pubkey.h
      *
      * Return a verification operation for this key/params or throw
      * @param params additional parameters
      * @param provider the provider to use
      */
      virtual std::unique_ptr<PK_Ops::Verification> create_verification_op(std::string_view params,
                                                                           std::string_view provider) const;

      /**
      * This is an internal library function exposed on key types.
      * In all cases applications should use wrappers in pubkey.h
      *
      * Return a verification operation for this combination of key and
      * signature algorithm or throw.
      *
      * @param signature_algorithm is the X.509 algorithm identifier encoding the padding
      * scheme and hash hash function used in the signature if applicable.
      *
      * @param provider the provider to use
      */
      virtual std::unique_ptr<PK_Ops::Verification> create_x509_verification_op(
         const AlgorithmIdentifier& signature_algorithm, std::string_view provider) const;
};

/**
* Private Key Base Class
*/
class BOTAN_PUBLIC_API(2, 0) Private_Key : public virtual Public_Key {
   public:
      /**
      * @return BER encoded private key bits
      */
      virtual secure_vector<uint8_t> private_key_bits() const = 0;

      /**
      * @return binary private key bits, with no additional encoding
      *
      * Note: some algorithms (for example RSA) do not have an obvious encoding
      * for this value due to having many different values, and thus not implement
      * this function. The default implementation throws Not_Implemented
      */
      virtual secure_vector<uint8_t> raw_private_key_bits() const;

      /**
      * Allocate a new object for the public key associated with this
      * private key.
      *
      * @return public key
      */
      virtual std::unique_ptr<Public_Key> public_key() const = 0;

      /**
      * @return PKCS #8 private key encoding for this key object
      */
      secure_vector<uint8_t> private_key_info() const;

      /**
      * @return PKCS #8 AlgorithmIdentifier for this key
      * Might be different from the X.509 identifier, but normally is not
      */
      virtual AlgorithmIdentifier pkcs8_algorithm_identifier() const { return algorithm_identifier(); }

      /**
      * Indicates if this key is stateful, ie that performing a private
      * key operation requires updating the key storage.
      */
      virtual bool stateful_operation() const { return false; }

      /**
       * @brief Retrieves the number of remaining operations if this is a stateful private key.
       *
       * @returns the number of remaining operations or std::nullopt if not applicable.
       */
      virtual std::optional<uint64_t> remaining_operations() const { return std::nullopt; }

      // Declarations for internal library functions not covered by SemVer follow

      /**
       * @return Hash of the PKCS #8 encoding for this key object
       */
      std::string fingerprint_private(std::string_view alg) const;

      /**
      * This is an internal library function exposed on key types.
      * In all cases applications should use wrappers in pubkey.h
      *
      * Return an decryption operation for this key/params or throw
      *
      * @param rng a random number generator. The PK_Op may maintain a
      * reference to the RNG and use it many times. The rng must outlive
      * any operations which reference it.
      * @param params additional parameters
      * @param provider the provider to use
      *
      */
      virtual std::unique_ptr<PK_Ops::Decryption> create_decryption_op(RandomNumberGenerator& rng,
                                                                       std::string_view params,
                                                                       std::string_view provider) const;

      /**
      * This is an internal library function exposed on key types.
      * In all cases applications should use wrappers in pubkey.h
      *
      * Return a KEM decryption operation for this key/params or throw
      *
      * @param rng a random number generator. The PK_Op may maintain a
      * reference to the RNG and use it many times. The rng must outlive
      * any operations which reference it.
      * @param params additional parameters
      * @param provider the provider to use
      */
      virtual std::unique_ptr<PK_Ops::KEM_Decryption> create_kem_decryption_op(RandomNumberGenerator& rng,
                                                                               std::string_view params,
                                                                               std::string_view provider) const;

      /**
      * This is an internal library function exposed on key types.
      * In all cases applications should use wrappers in pubkey.h
      *
      * Return a signature operation for this key/params or throw
      *
      * @param rng a random number generator. The PK_Op may maintain a
      * reference to the RNG and use it many times. The rng must outlive
      * any operations which reference it.
      * @param params additional parameters
      * @param provider the provider to use
      */
      virtual std::unique_ptr<PK_Ops::Signature> create_signature_op(RandomNumberGenerator& rng,
                                                                     std::string_view params,
                                                                     std::string_view provider) const;

      /**
      * This is an internal library function exposed on key types.
      * In all cases applications should use wrappers in pubkey.h
      *
      * Return a key agreement operation for this key/params or throw
      *
      * @param rng a random number generator. The PK_Op may maintain a
      * reference to the RNG and use it many times. The rng must outlive
      * any operations which reference it.
      * @param params additional parameters
      * @param provider the provider to use
      */
      virtual std::unique_ptr<PK_Ops::Key_Agreement> create_key_agreement_op(RandomNumberGenerator& rng,
                                                                             std::string_view params,
                                                                             std::string_view provider) const;
};

/**
* PK Secret Value Derivation Key
*/
class BOTAN_PUBLIC_API(2, 0) PK_Key_Agreement_Key : public virtual Private_Key {
   public:
      /*
      * @return public component of this key
      */
      virtual std::vector<uint8_t> public_value() const = 0;
};

std::string BOTAN_PUBLIC_API(2, 4) create_hex_fingerprint(const uint8_t bits[], size_t len, std::string_view hash_name);

inline std::string create_hex_fingerprint(std::span<const uint8_t> vec, std::string_view hash_name) {
   return create_hex_fingerprint(vec.data(), vec.size(), hash_name);
}

}  // namespace Botan

#endif

1	/*
2	* PK Key Types
3	* (C) 1999-2007,2018 Jack Lloyd
4	*
5	* Botan is released under the Simplified BSD License (see license.txt)
6	*/
7
8	#ifndef BOTAN_PK_KEYS_H_
9	#define BOTAN_PK_KEYS_H_
10
11	#include <botan/asn1_obj.h>
12	#include <botan/pk_ops_fwd.h>
13	#include <botan/secmem.h>
14
15	#include <memory>
16	#include <optional>
17	#include <span>
18	#include <string>
19	#include <string_view>
20
21	namespace Botan {
22
23	class BigInt;
24	class RandomNumberGenerator;
25
26	/**
27	* Enumeration specifying the signature format.
28	*
29	* This is mostly used for requesting DER encoding of ECDSA signatures;
30	* most other algorithms only support "standard".
31	*/
32	enum class Signature_Format {
33	Standard,
34	DerSequence,
35
36	IEEE_1363 BOTAN_DEPRECATED("Use Standard") = Standard,
37	DER_SEQUENCE BOTAN_DEPRECATED("Use DerSequence") = DerSequence,
38	};
39
40	/**
41	* Enumeration of possible operations a public key could be used for.
42	*
43	* It is possible to query if a key supports a particular operation
44	* type using Asymmetric_Key::supports_operation()
45	*/
46	enum class PublicKeyOperation {
47	Encryption,
48	Signature,
49	KeyEncapsulation,
50	KeyAgreement,
51	};
52
53	class Private_Key;
54
55	/**
56	* An interface for objects that are keys in public key algorithms
57	*
58	* This is derived for both public and private keys
59	*/
60	class BOTAN_PUBLIC_API(3, 0) Asymmetric_Key {	61,822✔
61	public:
62	virtual ~Asymmetric_Key() = default;	4,277✔
63
64	/**
65	* Get the name of the underlying public key scheme.
66	* @return name of the public key scheme
67	*/
68	virtual std::string algo_name() const = 0;
69
70	/**
71	* Return the estimated strength of the underlying key against
72	* the best currently known attack. Note that this ignores anything
73	* but pure attacks against the key itself and do not take into
74	* account padding schemes, usage mistakes, etc which might reduce
75	* the strength. However it does suffice to provide an upper bound.
76	*
77	* @return estimated strength in bits
78	*/
79	virtual size_t estimated_strength() const = 0;
80
81	/**
82	* Get the OID of the underlying public key scheme.
83	* @return OID of the public key scheme
84	*/
85	virtual OID object_identifier() const;
86
87	/**
88	* Access an algorithm specific field
89	*
90	* If the field is not known for this algorithm, an Invalid_Argument is
91	* thrown. The interpretation of the result requires knowledge of which
92	* algorithm is involved. For instance for RSA "p" represents one of the
93	* secret primes, while for DSA "p" is the public prime.
94	*
95	* Some algorithms may not implement this method at all.
96	*
97	* This is primarily used to implement the FFI botan_pubkey_get_field
98	* and botan_privkey_get_field functions.
99	*
100	* TODO(Botan4) Change this to return by value
101	*/
102	virtual const BigInt& get_int_field(std::string_view field) const;
103
104	/**
105	* Return true if this key could be used for the specified type
106	* of operation.
107	*/
108	virtual bool supports_operation(PublicKeyOperation op) const = 0;
109
110	/**
111	* Generate another (cryptographically independent) key pair using the
112	* same algorithm parameters as this key. This is most useful for algorithms
113	* that support PublicKeyOperation::KeyAgreement to generate a fitting ephemeral
114	* key pair. For other key types it might throw Not_Implemented.
115	*/
116	virtual std::unique_ptr<Private_Key> generate_another(RandomNumberGenerator& rng) const = 0;
117
118	/*
119	* Test the key values for consistency.
120	* @param rng rng to use
121	* @param strong whether to perform strong and lengthy version of the test
122	* @return true if the test is passed
123	*/
124	virtual bool check_key(RandomNumberGenerator& rng, bool strong) const = 0;
125
126	// Declarations for internal library functions not covered by SemVer follow
127
128	/**
129	* Certain signatures schemes such as ECDSA have more than
130	* one element, and certain unfortunate protocols decided the
131	* thing to do was not concatenate them as normally done, but
132	* instead DER encode each of the elements as independent values.
133	*
134	* If this returns a value x then the signature is checked to
135	* be exactly 2*x bytes and split in half for DER encoding.
136	*/
137	virtual std::optional<size_t> _signature_element_size_for_DER_encoding() const { return {}; }	31,788✔
138
139	/*
140	* Return the format normally used by this algorithm for X.509 signatures
141	*/
142	virtual Signature_Format _default_x509_signature_format() const;
143	};
144
145	/*
146	* Public Key Base Class.
147	*/
148	class BOTAN_PUBLIC_API(2, 0) Public_Key : public virtual Asymmetric_Key {	58,120✔
149	public:
150	/**
151	* Return an integer value best approximating the length of the
152	* primary security parameter. For example for RSA this will be
153	* the size of the modulus, for ECDSA the size of the ECC group,
154	* and for McEliece the size of the code will be returned.
155	*/
156	virtual size_t key_length() const = 0;
157
158	/**
159	* Deprecated version of object_identifier
160	*/
161	BOTAN_DEPRECATED("Use object_identifier") OID get_oid() const { return this->object_identifier(); }
162
163	/**
164	* @return X.509 AlgorithmIdentifier for this key
165	*/
166	virtual AlgorithmIdentifier algorithm_identifier() const = 0;
167
168	/**
169	* @return binary public key bits, with no additional encoding
170	*
171	* For key agreements this is an alias for PK_Key_Agreement_Key::public_value.
172	*
173	* Note: some algorithms (for example RSA) do not have an obvious encoding
174	* for this value due to having many different values, and thus throw
175	* Not_Implemented when invoking this method.
176	*/
177	virtual std::vector<uint8_t> raw_public_key_bits() const = 0;
178
179	/**
180	* @return BER encoded public key bits
181	*/
182	virtual std::vector<uint8_t> public_key_bits() const = 0;
183
184	/**
185	* @return X.509 subject key encoding for this key object
186	*/
187	std::vector<uint8_t> subject_public_key() const;
188
189	/**
190	* @return Hash of the subject public key
191	*/
192	std::string fingerprint_public(std::string_view alg = "SHA-256") const;
193
194	// Declarations for internal library functions not covered by SemVer follow
195
196	/**
197	* Returns more than 1 if the output of this algorithm
198	* (ciphertext, signature) should be treated as more than one
199	* value. This is used for algorithms like DSA and ECDSA, where
200	* the (r,s) output pair can be encoded as either a plain binary
201	* list or a TLV tagged DER encoding depending on the protocol.
202	*
203	* This function is public but applications should have few
204	* reasons to ever call this.
205	*
206	* @return number of message parts
207	*/
208	BOTAN_DEPRECATED("Deprecated no replacement") size_t message_parts() const {	×
209	return _signature_element_size_for_DER_encoding() ? 2 : 1;	×
210	}
211
212	/**
213	* Returns how large each of the message parts refered to
214	* by message_parts() is
215	*
216	* This function is public but applications should have few
217	* reasons to ever call this.
218	*
219	* @return size of the message parts in bits
220	*/
221	BOTAN_DEPRECATED("Deprecated no replacement") size_t message_part_size() const {
222	return _signature_element_size_for_DER_encoding().value_or(0);
223	}
224
225	/*
226	* Return the format normally used by this algorithm for X.509 signatures
227	*/
228	BOTAN_DEPRECATED("Deprecated no replacement") Signature_Format default_x509_signature_format() const {
229	return _default_x509_signature_format();
230	}
231
232	/**
233	* This is an internal library function exposed on key types.
234	* In almost all cases applications should use wrappers in pubkey.h
235	*
236	* Return an encryption operation for this key/params or throw
237	*
238	* @param rng a random number generator. The PK_Op may maintain a
239	* reference to the RNG and use it many times. The rng must outlive
240	* any operations which reference it.
241	* @param params additional parameters
242	* @param provider the provider to use
243	*/
244	virtual std::unique_ptr<PK_Ops::Encryption> create_encryption_op(RandomNumberGenerator& rng,
245	std::string_view params,
246	std::string_view provider) const;
247
248	/**
249	* This is an internal library function exposed on key types.
250	* In almost all cases applications should use wrappers in pubkey.h
251	*
252	* Return a KEM encryption operation for this key/params or throw
253	*
254	* @param params additional parameters
255	* @param provider the provider to use
256	*/
257	virtual std::unique_ptr<PK_Ops::KEM_Encryption> create_kem_encryption_op(std::string_view params,
258	std::string_view provider) const;
259
260	/**
261	* This is an internal library function exposed on key types.
262	* In all cases applications should use wrappers in pubkey.h
263	*
264	* Return a verification operation for this key/params or throw
265	* @param params additional parameters
266	* @param provider the provider to use
267	*/
268	virtual std::unique_ptr<PK_Ops::Verification> create_verification_op(std::string_view params,
269	std::string_view provider) const;
270
271	/**
272	* This is an internal library function exposed on key types.
273	* In all cases applications should use wrappers in pubkey.h
274	*
275	* Return a verification operation for this combination of key and
276	* signature algorithm or throw.
277	*
278	* @param signature_algorithm is the X.509 algorithm identifier encoding the padding
279	* scheme and hash hash function used in the signature if applicable.
280	*
281	* @param provider the provider to use
282	*/
283	virtual std::unique_ptr<PK_Ops::Verification> create_x509_verification_op(
284	const AlgorithmIdentifier& signature_algorithm, std::string_view provider) const;
285	};
286
287	/**
288	* Private Key Base Class
289	*/
290	class BOTAN_PUBLIC_API(2, 0) Private_Key : public virtual Public_Key {	21,277✔
291	public:
292	/**
293	* @return BER encoded private key bits
294	*/
295	virtual secure_vector<uint8_t> private_key_bits() const = 0;
296
297	/**
298	* @return binary private key bits, with no additional encoding
299	*
300	* Note: some algorithms (for example RSA) do not have an obvious encoding
301	* for this value due to having many different values, and thus not implement
302	* this function. The default implementation throws Not_Implemented
303	*/
304	virtual secure_vector<uint8_t> raw_private_key_bits() const;
305
306	/**
307	* Allocate a new object for the public key associated with this
308	* private key.
309	*
310	* @return public key
311	*/
312	virtual std::unique_ptr<Public_Key> public_key() const = 0;
313
314	/**
315	* @return PKCS #8 private key encoding for this key object
316	*/
317	secure_vector<uint8_t> private_key_info() const;
318
319	/**
320	* @return PKCS #8 AlgorithmIdentifier for this key
321	* Might be different from the X.509 identifier, but normally is not
322	*/
323	virtual AlgorithmIdentifier pkcs8_algorithm_identifier() const { return algorithm_identifier(); }	1,584✔
324
325	/**
326	* Indicates if this key is stateful, ie that performing a private
327	* key operation requires updating the key storage.
328	*/
329	virtual bool stateful_operation() const { return false; }	45✔
330
331	/**
332	* @brief Retrieves the number of remaining operations if this is a stateful private key.
333	*
334	* @returns the number of remaining operations or std::nullopt if not applicable.
335	*/
336	virtual std::optional<uint64_t> remaining_operations() const { return std::nullopt; }	12✔
337
338	// Declarations for internal library functions not covered by SemVer follow
339
340	/**
341	* @return Hash of the PKCS #8 encoding for this key object
342	*/
343	std::string fingerprint_private(std::string_view alg) const;
344
345	/**
346	* This is an internal library function exposed on key types.
347	* In all cases applications should use wrappers in pubkey.h
348	*
349	* Return an decryption operation for this key/params or throw
350	*
351	* @param rng a random number generator. The PK_Op may maintain a
352	* reference to the RNG and use it many times. The rng must outlive
353	* any operations which reference it.
354	* @param params additional parameters
355	* @param provider the provider to use
356	*
357	*/
358	virtual std::unique_ptr<PK_Ops::Decryption> create_decryption_op(RandomNumberGenerator& rng,
359	std::string_view params,
360	std::string_view provider) const;
361
362	/**
363	* This is an internal library function exposed on key types.
364	* In all cases applications should use wrappers in pubkey.h
365	*
366	* Return a KEM decryption operation for this key/params or throw
367	*
368	* @param rng a random number generator. The PK_Op may maintain a
369	* reference to the RNG and use it many times. The rng must outlive
370	* any operations which reference it.
371	* @param params additional parameters
372	* @param provider the provider to use
373	*/
374	virtual std::unique_ptr<PK_Ops::KEM_Decryption> create_kem_decryption_op(RandomNumberGenerator& rng,
375	std::string_view params,
376	std::string_view provider) const;
377
378	/**
379	* This is an internal library function exposed on key types.
380	* In all cases applications should use wrappers in pubkey.h
381	*
382	* Return a signature operation for this key/params or throw
383	*
384	* @param rng a random number generator. The PK_Op may maintain a
385	* reference to the RNG and use it many times. The rng must outlive
386	* any operations which reference it.
387	* @param params additional parameters
388	* @param provider the provider to use
389	*/
390	virtual std::unique_ptr<PK_Ops::Signature> create_signature_op(RandomNumberGenerator& rng,
391	std::string_view params,
392	std::string_view provider) const;
393
394	/**
395	* This is an internal library function exposed on key types.
396	* In all cases applications should use wrappers in pubkey.h
397	*
398	* Return a key agreement operation for this key/params or throw
399	*
400	* @param rng a random number generator. The PK_Op may maintain a
401	* reference to the RNG and use it many times. The rng must outlive
402	* any operations which reference it.
403	* @param params additional parameters
404	* @param provider the provider to use
405	*/
406	virtual std::unique_ptr<PK_Ops::Key_Agreement> create_key_agreement_op(RandomNumberGenerator& rng,
407	std::string_view params,
408	std::string_view provider) const;
409	};
410
411	/**
412	* PK Secret Value Derivation Key
413	*/
414	class BOTAN_PUBLIC_API(2, 0) PK_Key_Agreement_Key : public virtual Private_Key {	9,749✔
415	public:
416	/*
417	* @return public component of this key
418	*/
419	virtual std::vector<uint8_t> public_value() const = 0;
420	};
421
422	std::string BOTAN_PUBLIC_API(2, 4) create_hex_fingerprint(const uint8_t bits[], size_t len, std::string_view hash_name);
423
424	inline std::string create_hex_fingerprint(std::span<const uint8_t> vec, std::string_view hash_name) {	37,162✔
425	return create_hex_fingerprint(vec.data(), vec.size(), hash_name);	37,162✔
426	}
427
428	} // namespace Botan
429
430	#endif

randombit / botan / 13215274653

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous