2 * Copyright (C) 2018 Tobias Brunner
3 * Copyright (C) 2018 Andreas Steffen
4 * HSR Hochschule fuer Technik Rapperswil
6 * Copyright (C) 2018 René Korthaus
7 * Copyright (C) 2018 Konstantinos Kolelis
8 * Rohde & Schwarz Cybersecurity GmbH
10 * Permission is hereby granted, free of charge, to any person obtaining a copy
11 * of this software and associated documentation files (the "Software"), to deal
12 * in the Software without restriction, including without limitation the rights
13 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
14 * copies of the Software, and to permit persons to whom the Software is
15 * furnished to do so, subject to the following conditions:
17 * The above copyright notice and this permission notice shall be included in
18 * all copies or substantial portions of the Software.
20 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
21 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
23 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
24 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
25 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
29 #include "botan_plugin.h"
30 #include "botan_rng.h"
31 #include "botan_hasher.h"
32 #include "botan_crypter.h"
33 #include "botan_diffie_hellman.h"
34 #include "botan_hmac.h"
35 #include "botan_rsa_public_key.h"
36 #include "botan_rsa_private_key.h"
37 #include "botan_ec_diffie_hellman.h"
38 #include "botan_ec_public_key.h"
39 #include "botan_ec_private_key.h"
40 #include "botan_ed_public_key.h"
41 #include "botan_ed_private_key.h"
42 #include "botan_aead.h"
43 #include "botan_util_keys.h"
44 #include "botan_x25519.h"
48 #include <botan/build.h>
49 #include <botan/ffi.h>
51 typedef struct private_botan_plugin_t private_botan_plugin_t
;
54 * private data of botan_plugin
56 struct private_botan_plugin_t
{
61 botan_plugin_t
public;
64 METHOD(plugin_t
, get_name
, char*,
65 private_botan_plugin_t
*this)
70 METHOD(plugin_t
, get_features
, int,
71 private_botan_plugin_t
*this, plugin_feature_t
*features
[])
73 static plugin_feature_t f
[] = {
75 #ifdef BOTAN_HAS_DIFFIE_HELLMAN
77 PLUGIN_REGISTER(DH
, botan_diffie_hellman_create
),
78 PLUGIN_PROVIDE(DH
, MODP_3072_BIT
),
79 PLUGIN_PROVIDE(DH
, MODP_4096_BIT
),
80 PLUGIN_PROVIDE(DH
, MODP_6144_BIT
),
81 PLUGIN_PROVIDE(DH
, MODP_8192_BIT
),
82 PLUGIN_PROVIDE(DH
, MODP_2048_BIT
),
83 PLUGIN_PROVIDE(DH
, MODP_2048_224
),
84 PLUGIN_PROVIDE(DH
, MODP_2048_256
),
85 PLUGIN_PROVIDE(DH
, MODP_1536_BIT
),
86 PLUGIN_PROVIDE(DH
, MODP_1024_BIT
),
87 PLUGIN_PROVIDE(DH
, MODP_1024_160
),
88 PLUGIN_PROVIDE(DH
, MODP_768_BIT
),
89 PLUGIN_PROVIDE(DH
, MODP_CUSTOM
),
93 PLUGIN_REGISTER(DH
, botan_ec_diffie_hellman_create
),
94 PLUGIN_PROVIDE(DH
, ECP_256_BIT
),
95 PLUGIN_PROVIDE(DH
, ECP_384_BIT
),
96 PLUGIN_PROVIDE(DH
, ECP_521_BIT
),
97 PLUGIN_PROVIDE(DH
, ECP_256_BP
),
98 PLUGIN_PROVIDE(DH
, ECP_384_BP
),
99 PLUGIN_PROVIDE(DH
, ECP_512_BP
),
101 #ifdef BOTAN_HAS_X25519
102 PLUGIN_REGISTER(DH
, botan_x25519_create
),
103 PLUGIN_PROVIDE(DH
, CURVE_25519
),
107 #if defined(BOTAN_HAS_AES) && defined(BOTAN_HAS_MODE_CBC)
108 PLUGIN_REGISTER(CRYPTER
, botan_crypter_create
),
110 #ifdef BOTAN_HAS_MODE_CBC
111 PLUGIN_PROVIDE(CRYPTER
, ENCR_AES_CBC
, 16),
112 PLUGIN_PROVIDE(CRYPTER
, ENCR_AES_CBC
, 24),
113 PLUGIN_PROVIDE(CRYPTER
, ENCR_AES_CBC
, 32),
119 #if (defined(BOTAN_HAS_AES) && \
120 (defined(BOTAN_HAS_AEAD_GCM) || defined(BOTAN_HAS_AEAD_CCM))) || \
121 defined(BOTAN_HAS_AEAD_CHACHA20_POLY1305)
122 PLUGIN_REGISTER(AEAD
, botan_aead_create
),
124 #ifdef BOTAN_HAS_AEAD_GCM
125 PLUGIN_PROVIDE(AEAD
, ENCR_AES_GCM_ICV16
, 16),
126 PLUGIN_PROVIDE(AEAD
, ENCR_AES_GCM_ICV16
, 24),
127 PLUGIN_PROVIDE(AEAD
, ENCR_AES_GCM_ICV16
, 32),
128 PLUGIN_PROVIDE(AEAD
, ENCR_AES_GCM_ICV12
, 16),
129 PLUGIN_PROVIDE(AEAD
, ENCR_AES_GCM_ICV12
, 24),
130 PLUGIN_PROVIDE(AEAD
, ENCR_AES_GCM_ICV12
, 32),
131 PLUGIN_PROVIDE(AEAD
, ENCR_AES_GCM_ICV8
, 16),
132 PLUGIN_PROVIDE(AEAD
, ENCR_AES_GCM_ICV8
, 24),
133 PLUGIN_PROVIDE(AEAD
, ENCR_AES_GCM_ICV8
, 32),
135 #ifdef BOTAN_HAS_AEAD_CCM
136 PLUGIN_PROVIDE(AEAD
, ENCR_AES_CCM_ICV16
, 16),
137 PLUGIN_PROVIDE(AEAD
, ENCR_AES_CCM_ICV16
, 24),
138 PLUGIN_PROVIDE(AEAD
, ENCR_AES_CCM_ICV16
, 32),
139 PLUGIN_PROVIDE(AEAD
, ENCR_AES_CCM_ICV12
, 16),
140 PLUGIN_PROVIDE(AEAD
, ENCR_AES_CCM_ICV12
, 24),
141 PLUGIN_PROVIDE(AEAD
, ENCR_AES_CCM_ICV12
, 32),
142 PLUGIN_PROVIDE(AEAD
, ENCR_AES_CCM_ICV8
, 16),
143 PLUGIN_PROVIDE(AEAD
, ENCR_AES_CCM_ICV8
, 24),
144 PLUGIN_PROVIDE(AEAD
, ENCR_AES_CCM_ICV8
, 32),
147 #ifdef BOTAN_HAS_AEAD_CHACHA20_POLY1305
148 PLUGIN_PROVIDE(AEAD
, ENCR_CHACHA20_POLY1305
, 32),
153 PLUGIN_REGISTER(HASHER
, botan_hasher_create
),
155 PLUGIN_PROVIDE(HASHER
, HASH_MD5
),
157 #ifdef BOTAN_HAS_SHA1
158 PLUGIN_PROVIDE(HASHER
, HASH_SHA1
),
160 #ifdef BOTAN_HAS_SHA2_32
161 PLUGIN_PROVIDE(HASHER
, HASH_SHA224
),
162 PLUGIN_PROVIDE(HASHER
, HASH_SHA256
),
164 #ifdef BOTAN_HAS_SHA2_64
165 PLUGIN_PROVIDE(HASHER
, HASH_SHA384
),
166 PLUGIN_PROVIDE(HASHER
, HASH_SHA512
),
168 #ifdef BOTAN_HAS_SHA3
169 PLUGIN_PROVIDE(HASHER
, HASH_SHA3_224
),
170 PLUGIN_PROVIDE(HASHER
, HASH_SHA3_256
),
171 PLUGIN_PROVIDE(HASHER
, HASH_SHA3_384
),
172 PLUGIN_PROVIDE(HASHER
, HASH_SHA3_512
),
176 #ifdef BOTAN_HAS_HMAC
177 PLUGIN_REGISTER(PRF
, botan_hmac_prf_create
),
178 #ifdef BOTAN_HAS_SHA1
179 PLUGIN_PROVIDE(PRF
, PRF_HMAC_SHA1
),
181 #ifdef BOTAN_HAS_SHA2_32
182 PLUGIN_PROVIDE(PRF
, PRF_HMAC_SHA2_256
),
184 #ifdef BOTAN_HAS_SHA2_64
185 PLUGIN_PROVIDE(PRF
, PRF_HMAC_SHA2_384
),
186 PLUGIN_PROVIDE(PRF
, PRF_HMAC_SHA2_512
),
189 PLUGIN_REGISTER(SIGNER
, botan_hmac_signer_create
),
190 #ifdef BOTAN_HAS_SHA1
191 PLUGIN_PROVIDE(SIGNER
, AUTH_HMAC_SHA1_96
),
192 PLUGIN_PROVIDE(SIGNER
, AUTH_HMAC_SHA1_128
),
193 PLUGIN_PROVIDE(SIGNER
, AUTH_HMAC_SHA1_160
),
195 #ifdef BOTAN_HAS_SHA2_32
196 PLUGIN_PROVIDE(SIGNER
, AUTH_HMAC_SHA2_256_128
),
197 PLUGIN_PROVIDE(SIGNER
, AUTH_HMAC_SHA2_256_256
),
199 #ifdef BOTAN_HAS_SHA2_64
200 PLUGIN_PROVIDE(SIGNER
, AUTH_HMAC_SHA2_384_192
),
201 PLUGIN_PROVIDE(SIGNER
, AUTH_HMAC_SHA2_384_384
),
202 PLUGIN_PROVIDE(SIGNER
, AUTH_HMAC_SHA2_512_256
),
203 PLUGIN_PROVIDE(SIGNER
, AUTH_HMAC_SHA2_512_512
),
205 #endif /* BOTAN_HAS_HMAC */
207 /* generic key loaders */
208 #if defined (BOTAN_HAS_RSA) || defined(BOTAN_HAS_ECDSA) || \
209 defined(BOTAN_HAS_ED25519)
210 PLUGIN_REGISTER(PUBKEY
, botan_public_key_load
, TRUE
),
211 PLUGIN_PROVIDE(PUBKEY
, KEY_ANY
),
213 PLUGIN_PROVIDE(PUBKEY
, KEY_RSA
),
215 #ifdef BOTAN_HAS_ECDSA
216 PLUGIN_PROVIDE(PUBKEY
, KEY_ECDSA
),
218 #ifdef BOTAN_HAS_ED25519
219 PLUGIN_PROVIDE(PUBKEY
, KEY_ED25519
),
221 PLUGIN_REGISTER(PRIVKEY
, botan_private_key_load
, TRUE
),
222 PLUGIN_PROVIDE(PRIVKEY
, KEY_ANY
),
224 PLUGIN_PROVIDE(PRIVKEY
, KEY_RSA
),
226 #ifdef BOTAN_HAS_ECDSA
227 PLUGIN_PROVIDE(PRIVKEY
, KEY_ECDSA
),
229 #ifdef BOTAN_HAS_ED25519
230 PLUGIN_PROVIDE(PRIVKEY
, KEY_ED25519
),
235 /* public/private key loading/generation */
236 PLUGIN_REGISTER(PUBKEY
, botan_rsa_public_key_load
, TRUE
),
237 PLUGIN_PROVIDE(PUBKEY
, KEY_RSA
),
238 PLUGIN_REGISTER(PRIVKEY
, botan_rsa_private_key_load
, TRUE
),
239 PLUGIN_PROVIDE(PRIVKEY
, KEY_RSA
),
240 PLUGIN_PROVIDE(PRIVKEY
, KEY_ANY
),
241 PLUGIN_REGISTER(PRIVKEY_GEN
, botan_rsa_private_key_gen
, FALSE
),
242 PLUGIN_PROVIDE(PRIVKEY_GEN
, KEY_RSA
),
243 /* encryption/signature schemes */
244 #ifdef BOTAN_HAS_EMSA_PKCS1
245 PLUGIN_PROVIDE(PRIVKEY_SIGN
, SIGN_RSA_EMSA_PKCS1_NULL
),
246 PLUGIN_PROVIDE(PUBKEY_VERIFY
, SIGN_RSA_EMSA_PKCS1_NULL
),
247 #ifdef BOTAN_HAS_SHA1
248 PLUGIN_PROVIDE(PRIVKEY_SIGN
, SIGN_RSA_EMSA_PKCS1_SHA1
),
249 PLUGIN_PROVIDE(PRIVKEY_SIGN
, SIGN_RSA_EMSA_PKCS1_SHA1
),
250 PLUGIN_PROVIDE(PUBKEY_VERIFY
, SIGN_RSA_EMSA_PKCS1_SHA1
),
251 PLUGIN_PROVIDE(PUBKEY_VERIFY
, SIGN_RSA_EMSA_PKCS1_SHA1
),
253 #ifdef BOTAN_HAS_SHA2_32
254 PLUGIN_PROVIDE(PRIVKEY_SIGN
, SIGN_RSA_EMSA_PKCS1_SHA2_224
),
255 PLUGIN_PROVIDE(PRIVKEY_SIGN
, SIGN_RSA_EMSA_PKCS1_SHA2_256
),
256 PLUGIN_PROVIDE(PUBKEY_VERIFY
, SIGN_RSA_EMSA_PKCS1_SHA2_224
),
257 PLUGIN_PROVIDE(PUBKEY_VERIFY
, SIGN_RSA_EMSA_PKCS1_SHA2_256
),
259 #ifdef BOTAN_HAS_SHA2_64
260 PLUGIN_PROVIDE(PRIVKEY_SIGN
, SIGN_RSA_EMSA_PKCS1_SHA2_384
),
261 PLUGIN_PROVIDE(PRIVKEY_SIGN
, SIGN_RSA_EMSA_PKCS1_SHA2_512
),
262 PLUGIN_PROVIDE(PUBKEY_VERIFY
, SIGN_RSA_EMSA_PKCS1_SHA2_384
),
263 PLUGIN_PROVIDE(PUBKEY_VERIFY
, SIGN_RSA_EMSA_PKCS1_SHA2_512
),
265 #ifdef BOTAN_HAS_SHA3
266 PLUGIN_PROVIDE(PRIVKEY_SIGN
, SIGN_RSA_EMSA_PKCS1_SHA3_224
),
267 PLUGIN_PROVIDE(PRIVKEY_SIGN
, SIGN_RSA_EMSA_PKCS1_SHA3_256
),
268 PLUGIN_PROVIDE(PRIVKEY_SIGN
, SIGN_RSA_EMSA_PKCS1_SHA3_384
),
269 PLUGIN_PROVIDE(PRIVKEY_SIGN
, SIGN_RSA_EMSA_PKCS1_SHA3_512
),
270 PLUGIN_PROVIDE(PUBKEY_VERIFY
, SIGN_RSA_EMSA_PKCS1_SHA3_224
),
271 PLUGIN_PROVIDE(PUBKEY_VERIFY
, SIGN_RSA_EMSA_PKCS1_SHA3_256
),
272 PLUGIN_PROVIDE(PUBKEY_VERIFY
, SIGN_RSA_EMSA_PKCS1_SHA3_384
),
273 PLUGIN_PROVIDE(PUBKEY_VERIFY
, SIGN_RSA_EMSA_PKCS1_SHA3_512
),
276 #ifdef BOTAN_HAS_EMSA_PSSR
277 PLUGIN_PROVIDE(PRIVKEY_SIGN
, SIGN_RSA_EMSA_PSS
),
278 PLUGIN_PROVIDE(PUBKEY_VERIFY
, SIGN_RSA_EMSA_PSS
),
280 PLUGIN_PROVIDE(PRIVKEY_DECRYPT
, ENCRYPT_RSA_PKCS1
),
281 PLUGIN_PROVIDE(PUBKEY_ENCRYPT
, ENCRYPT_RSA_PKCS1
),
282 #ifdef BOTAN_HAS_EME_OAEP
283 PLUGIN_PROVIDE(PRIVKEY_DECRYPT
, ENCRYPT_RSA_OAEP_SHA1
),
284 PLUGIN_PROVIDE(PUBKEY_ENCRYPT
, ENCRYPT_RSA_OAEP_SHA1
),
285 #ifdef BOTAN_HAS_SHA2_32
286 PLUGIN_PROVIDE(PRIVKEY_DECRYPT
, ENCRYPT_RSA_OAEP_SHA224
),
287 PLUGIN_PROVIDE(PUBKEY_ENCRYPT
, ENCRYPT_RSA_OAEP_SHA224
),
288 PLUGIN_PROVIDE(PRIVKEY_DECRYPT
, ENCRYPT_RSA_OAEP_SHA256
),
289 PLUGIN_PROVIDE(PUBKEY_ENCRYPT
, ENCRYPT_RSA_OAEP_SHA256
),
291 #ifdef BOTAN_HAS_SHA2_64
292 PLUGIN_PROVIDE(PRIVKEY_DECRYPT
, ENCRYPT_RSA_OAEP_SHA384
),
293 PLUGIN_PROVIDE(PUBKEY_ENCRYPT
, ENCRYPT_RSA_OAEP_SHA384
),
294 PLUGIN_PROVIDE(PRIVKEY_DECRYPT
, ENCRYPT_RSA_OAEP_SHA512
),
295 PLUGIN_PROVIDE(PUBKEY_ENCRYPT
, ENCRYPT_RSA_OAEP_SHA512
),
298 #endif /* BOTAN_HAS_RSA */
300 #ifdef BOTAN_HAS_ECDSA
301 /* EC private/public key loading */
302 PLUGIN_REGISTER(PRIVKEY
, botan_ec_private_key_load
, TRUE
),
303 PLUGIN_PROVIDE(PRIVKEY
, KEY_ECDSA
),
304 PLUGIN_PROVIDE(PRIVKEY
, KEY_ANY
),
305 PLUGIN_REGISTER(PRIVKEY_GEN
, botan_ec_private_key_gen
, FALSE
),
306 PLUGIN_PROVIDE(PRIVKEY_GEN
, KEY_ECDSA
),
307 #ifdef BOTAN_HAS_EMSA_RAW
308 PLUGIN_PROVIDE(PRIVKEY_SIGN
, SIGN_ECDSA_WITH_NULL
),
309 PLUGIN_PROVIDE(PUBKEY_VERIFY
, SIGN_ECDSA_WITH_NULL
),
311 #ifdef BOTAN_HAS_EMSA1
312 #ifdef BOTAN_HAS_SHA1
313 PLUGIN_PROVIDE(PRIVKEY_SIGN
, SIGN_ECDSA_WITH_SHA1_DER
),
314 PLUGIN_PROVIDE(PUBKEY_VERIFY
, SIGN_ECDSA_WITH_SHA1_DER
),
316 #ifdef BOTAN_HAS_SHA2_32
317 PLUGIN_PROVIDE(PRIVKEY_SIGN
, SIGN_ECDSA_WITH_SHA256_DER
),
318 PLUGIN_PROVIDE(PUBKEY_VERIFY
, SIGN_ECDSA_WITH_SHA256_DER
),
319 PLUGIN_PROVIDE(PRIVKEY_SIGN
, SIGN_ECDSA_256
),
320 PLUGIN_PROVIDE(PUBKEY_VERIFY
, SIGN_ECDSA_256
),
322 #ifndef BOTAN_HAS_SHA2_64
323 PLUGIN_PROVIDE(PRIVKEY_SIGN
, SIGN_ECDSA_WITH_SHA384_DER
),
324 PLUGIN_PROVIDE(PRIVKEY_SIGN
, SIGN_ECDSA_WITH_SHA512_DER
),
325 PLUGIN_PROVIDE(PUBKEY_VERIFY
, SIGN_ECDSA_WITH_SHA384_DER
),
326 PLUGIN_PROVIDE(PUBKEY_VERIFY
, SIGN_ECDSA_WITH_SHA512_DER
),
327 PLUGIN_PROVIDE(PRIVKEY_SIGN
, SIGN_ECDSA_384
),
328 PLUGIN_PROVIDE(PRIVKEY_SIGN
, SIGN_ECDSA_521
),
329 PLUGIN_PROVIDE(PUBKEY_VERIFY
, SIGN_ECDSA_384
),
330 PLUGIN_PROVIDE(PUBKEY_VERIFY
, SIGN_ECDSA_521
),
332 #endif /* BOTAN_HAS_EMSA1 */
333 #endif /* BOTAN_HAS_ECDSA */
335 #ifdef BOTAN_HAS_ED25519
336 /* EdDSA private/public key loading */
337 PLUGIN_REGISTER(PUBKEY
, botan_ed_public_key_load
, TRUE
),
338 PLUGIN_PROVIDE(PUBKEY
, KEY_ED25519
),
339 PLUGIN_REGISTER(PRIVKEY
, botan_ed_private_key_load
, TRUE
),
340 PLUGIN_PROVIDE(PRIVKEY
, KEY_ED25519
),
341 PLUGIN_REGISTER(PRIVKEY_GEN
, botan_ed_private_key_gen
, FALSE
),
342 PLUGIN_PROVIDE(PRIVKEY_GEN
, KEY_ED25519
),
343 PLUGIN_PROVIDE(PRIVKEY_SIGN
, SIGN_ED25519
),
344 PLUGIN_PROVIDE(PUBKEY_VERIFY
, SIGN_ED25519
),
345 /* register a pro forma identity hasher, never instantiated */
346 PLUGIN_REGISTER(HASHER
, return_null
),
347 PLUGIN_PROVIDE(HASHER
, HASH_IDENTITY
),
351 #if BOTAN_HAS_SYSTEM_RNG
352 #if BOTAN_HAS_HMAC_DRBG
353 PLUGIN_REGISTER(RNG
, botan_rng_create
),
354 PLUGIN_PROVIDE(RNG
, RNG_WEAK
),
355 PLUGIN_PROVIDE(RNG
, RNG_STRONG
),
356 PLUGIN_PROVIDE(RNG
, RNG_TRUE
)
364 METHOD(plugin_t
, destroy
, void,
365 private_botan_plugin_t
*this)
371 * Described in header
373 plugin_t
*botan_plugin_create()
375 private_botan_plugin_t
*this;
380 .get_name
= _get_name
,
381 .get_features
= _get_features
,
387 return &this->public.plugin
;