rsa_key_pair.h

Go to the documentation of this file.

// Copyright (c) Microsoft Corporation. All rights reserved.
// Licensed under the Apache 2.0 License.
#pragma once
 
#include "ccf/crypto/jwk.h"
#include "ccf/crypto/key_pair.h"
#include "ccf/crypto/pem.h"
#include "ccf/crypto/rsa_public_key.h"
 
#include <cstdint>
#include <optional>
#include <string>
#include <vector>
 
namespace ccf::crypto
{
  class RSAKeyPair
  {
  public:
    static constexpr size_t default_public_key_size = 2048;
    static constexpr size_t default_public_exponent = 65537;
 
    RSAKeyPair() = default;
    RSAKeyPair(const RSAKeyPair&) = delete;
    RSAKeyPair(const Pem& pem);
    virtual ~RSAKeyPair() = default;
 
    virtual size_t key_size() const = 0;
 
    virtual std::vector<uint8_t> rsa_oaep_unwrap(
      const std::vector<uint8_t>& input,
      const std::optional<std::vector<std::uint8_t>>& label = std::nullopt) = 0;
 
    virtual Pem private_key_pem() const = 0;
 
    virtual Pem public_key_pem() const = 0;
 
    virtual std::vector<uint8_t> public_key_der() const = 0;
 
    virtual std::vector<uint8_t> sign(
      std::span<const uint8_t> d,
      MDType md_type = MDType::NONE,
      size_t salt_length = 0) const = 0;
 
    virtual bool verify(
      const uint8_t* contents,
      size_t contents_size,
      const uint8_t* signature,
      size_t signature_size,
      MDType md_type = MDType::NONE,
      size_t salt_length = 0) = 0;
 
    virtual bool verify(
      const std::vector<uint8_t>& contents,
      const std::vector<uint8_t>& signature,
      MDType md_type = MDType::NONE,
      size_t salt_length = 0)
    {
      return verify(
        contents.data(),
        contents.size(),
        signature.data(),
        signature.size(),
        md_type,
        salt_length);
    }
 
    virtual JsonWebKeyRSAPrivate private_key_jwk_rsa(
      const std::optional<std::string>& kid = std::nullopt) const = 0;
  };
 
  using RSAPublicKeyPtr = std::shared_ptr<RSAPublicKey>;
  using RSAKeyPairPtr = std::shared_ptr<RSAKeyPair>;
 
  RSAPublicKeyPtr make_rsa_public_key(const Pem& pem);
  RSAPublicKeyPtr make_rsa_public_key(const std::vector<uint8_t>& der);
  RSAPublicKeyPtr make_rsa_public_key(const JsonWebKeyRSAPublic& jwk);
  RSAPublicKeyPtr make_rsa_public_key(const uint8_t* data, size_t size);
 
  RSAKeyPairPtr make_rsa_key_pair(
    size_t public_key_size = RSAKeyPair::default_public_key_size,
    size_t public_exponent = RSAKeyPair::default_public_exponent);
 
  RSAKeyPairPtr make_rsa_key_pair(const Pem& pem);
 
  RSAKeyPairPtr make_rsa_key_pair(const JsonWebKeyRSAPrivate& jwk);
}