CRYS_RSA_OAEP_Decrypt implements the RSAES-OAEP algorithm as defined in PKCS#1 v2.1 8.1.

Note

It is not recommended to use hash MD5 in OAEP PKCS1 ver 2.1, therefore it is not supported.

This function combines the RSA decryption primitive and the EME-OAEP encoding method, to provide an RSA-based decryption method that is semantically secure against adaptive chosen-ciphertext attacks. For more details, please refer to the PKCS#1 standard.

Definition at line 168 of file crys_rsa_schemes.h.

CRYS_RSA_OAEP_PSS21_Encrypt implements the RSAES-OAEP algorithm as defined in PKCS#1 v2.1 8.1.

Note

It is not recommended to use hash MD5 in OAEP PKCS1 ver 2.1, therefore it is not supported.

This function combines the RSA encryption primitive and the EME-OAEP encoding method, to provide an RSA-based encryption method that is semantically secure against adaptive chosen-ciphertext attacks. For additional details, please refer to the PKCS#1 standard.

Definition at line 103 of file crys_rsa_schemes.h.

CRYS_RSA_PKCS1v15_Decrypt implements the RSAES-PKCS1v15 algorithm as defined in PKCS#1 v2.1 8.2.

Definition at line 177 of file crys_rsa_schemes.h.

CRYS_RSA_PKCS1v15_Encrypt implements the RSAES-PKCS1v15 algorithm as defined in PKCS#1 v2.1 8.2.

Definition at line 111 of file crys_rsa_schemes.h.

CRYS_RSA_PKCS1v15_MD5_Sign implements the RSASSA-PKCS1v15 algorithm as defined in PKCS#1 v1.5, but without performing a HASH function - it assumes that the data in has already been hashed using MD5.

Note

The data_in size is already known after the Hash.

Definition at line 249 of file crys_rsa_schemes.h.

CRYS_RSA_PKCS1v15_MD5_Verify implements the RSASSA-PKCS1v15 Verify algorithm as defined in PKCS#1 v1.5, but without operating the HASH function - it assumes the DataIn_ptr data has already been hashed using MD5.

Definition at line 415 of file crys_rsa_schemes.h.

CRYS_RSA_PKCS1v15_SHA1_Sign implements the RSASSA-PKCS1v15 algorithm as defined in PKCS#1 v1.5, but without performing a HASH function - it assumes that the data in has already been hashed using SHA-1.

Note

The data_in size is already known after the Hash.

Definition at line 239 of file crys_rsa_schemes.h.

CRYS_RSA_PKCS1v15_SHA1_Verify implements the RSASSA-PKCS1v15 Verify algorithm as defined in PKCS#1 v1.5, but without operating the HASH function - it assumes that the DataIn_ptr data has already been hashed using SHA1.

Definition at line 424 of file crys_rsa_schemes.h.

CRYS_RSA_PKCS1v15_SHA224_Sign implements the RSASSA-PKCS1v15 algorithm as defined in PKCS#1 v1.5, but without performing a HASH function - it assumes that the data in has already been hashed using SHA-224.

Note

The data_in size is already known after the Hash.

Definition at line 259 of file crys_rsa_schemes.h.

CRYS_RSA_PKCS1v15_SHA224_Verify implements the RSASSA-PKCS1v15 Verify algorithm as defined in PKCS#1 v1.5, but without operating the HASH function - it assumes that the DataIn_ptr data has already been hashed using SHA224.

Definition at line 432 of file crys_rsa_schemes.h.

CRYS_RSA_PKCS1v15_SHA256_Sign implements the RSASSA-PKCS1v15 algorithm as defined in PKCS#1 v1.5, but without performing a HASH function - it assumes that the data in has already been hashed using SHA-256.

Note

The data_in size is already known after the Hash.

Definition at line 269 of file crys_rsa_schemes.h.

CRYS_RSA_PKCS1v15_SHA256_Verify implements the RSASSA-PKCS1v15 Verify algorithm as defined in PKCS#1 v1.5, but without operating the HASH function - it assumes that the DataIn_ptr data has already been hashed using SHA256.

Definition at line 440 of file crys_rsa_schemes.h.

CRYS_RSA_PKCS1v15_SHA1_Sign implements the RSASSA-PKCS1v15 algorithm as defined in PKCS#1 v1.5, but without performing a HASH function - it assumes that the data in has already been hashed using SHA-384.

Note

The data_in size is already known after the Hash.

Definition at line 278 of file crys_rsa_schemes.h.

CRYS_RSA_PKCS1v15_SHA384_Verify implements the RSASSA-PKCS1v15 Verify algorithm as defined in PKCS#1 v1.5, but without operating the HASH function - it assumes that the DataIn_ptr data has already been hashed using SHA384.

Definition at line 448 of file crys_rsa_schemes.h.

CRYS_RSA_PKCS1v15_SHA512_Sign implements the RSASSA-PKCS1v15 algorithm as defined in PKCS#1 v1.5, but without performing a HASH function - it assumes that the data in has already been hashed using SHA-512.

Note

The data_in size is already known after the Hash.

Definition at line 288 of file crys_rsa_schemes.h.

CRYS_RSA_PKCS1v15_SHA512_Verify implements the RSASSA-PKCS1v15 Verify algorithm as defined in PKCS#1 v1.5, but without operating the HASH function - it assumes that the DataIn_ptr data has already been hashed using SHA512.

Definition at line 456 of file crys_rsa_schemes.h.

CRYS_RSA_PKCS1v15_Sign implements the RSASSA-PKCS1v15 algorithm as defined in PKCS#1 v1.5.

This function combines the RSASP1 signature primitive and the EMSA-PKCS1v15 encoding method, to provide an RSA-based signature scheme. For more details, please refer to the PKCS#1 standard.

Definition at line 229 of file crys_rsa_schemes.h.

CRYS_RSA_PKCS1v15_Verify implements the RSASSA-PKCS1v15 Verify algorithm as defined in PKCS#1 v1.5.

Definition at line 407 of file crys_rsa_schemes.h.

CRYS_RSA_PSS_SHA1_Sign implements the RSASSA-PSS algorithm as defined in PKCS#1 v2.1 9.1 in a single function call, but without performing a HASH function - it assumes that the data in has already been hashed using SHA-1.

Note

The data_in size is already known after the Hash.

The actual macro that is used by the users is CRYS_RSA_PSS_SHA1_Sign.

Definition at line 314 of file crys_rsa_schemes.h.

CRYS_RSA_PSS_SHA1_Verify implements the PKCS1v21 Verify algorithm as defined in PKCS#1 v2.1, but without operating the HASH function - it assumes the DataIn_ptr has already been hashed using SHA1.

Definition at line 472 of file crys_rsa_schemes.h.

CRYS_RSA_PSS_SHA224_Sign implements the RSASSA-PSS algorithm as defined in PKCS#1 v2.1 9.1 in a single function call, but without performing a HASH function - it assumes that the data in has already been hashed using SHA-224.

Note

The data_in size is already known after the Hash.

The actual macro that is used by the users is CRYS_RSA_PSS_SHA224_Sign.

Definition at line 327 of file crys_rsa_schemes.h.

CRYS_RSA_PSS_SHA224_Verify implements the PKCS1v21 Verify algorithm as defined in PKCS#1 v2.1, but without operating the HASH function - it assumes the DataIn_ptr has already been hashed using SHA224.

Definition at line 481 of file crys_rsa_schemes.h.

CRYS_RSA_PSS_SHA256_Sign implements the RSASSA-PSS algorithm as defined in PKCS#1 v2.1 9.1 in a single function call, but without performing a HASH function - it assumes that the data in has already been hashed using SHA-256.

Note

The data_in size is already known after the Hash.

The actual macro that is used by the users is CRYS_RSA_PSS_SHA256_Sign.

Definition at line 340 of file crys_rsa_schemes.h.

CRYS_RSA_PSS_SHA256_Verify implements the PKCS1v21 Verify algorithm as defined in PKCS#1 v2.1, but without operating the HASH function - it assumes the DataIn_ptr has already been hashed using SHA256.

Definition at line 490 of file crys_rsa_schemes.h.

CRYS_RSA_PSS_SHA384_Sign implements the RSASSA-PSS algorithm as defined in PKCS#1 v2.1 9.1 in a single function call, but without performing a HASH function - it assumes that the data in has already been hashed using SHA-384.

Note

The data_in size is already known after the Hash.

The actual macro that is used by the users is CRYS_RSA_PSS_SHA384_Sign.

Definition at line 353 of file crys_rsa_schemes.h.

CRYS_RSA_PSS_SHA384_Verify implements the PKCS1v21 Verify algorithm as defined in PKCS#1 v2.1, but without operating the HASH function - it assumes the DataIn_ptr has already been hashed using SHA384.

Definition at line 500 of file crys_rsa_schemes.h.

CRYS_RSA_PSS_SHA512_Sign implements the RSASSA-PSS algorithm as defined in PKCS#1 v2.1 9.1 in a single function call, but without performing a HASH function - it assumes that the data in has already been hashed using SHA-512.

Note

The data_in size is already known after the Hash.

The actual macro that is used by the users is CRYS_RSA_PSS_SHA512_Sign.

Definition at line 366 of file crys_rsa_schemes.h.

CRYS_RSA_PSS_SHA512_Verify implements the PKCS1v21 Verify algorithm as defined in PKCS#1 v2.1, but without operating the HASH function - it assumes the DataIn_ptr has already been hashed using SHA512.

Definition at line 509 of file crys_rsa_schemes.h.

CRYS_RSA_PSS_Sign implements the RSASSA-PSS algorithm as defined in PKCS#1 v2.1 9.1, in a single function call.

Note

According to the PKCS#1 ver2.1 it is not recommended to use MD5 Hash, therefore it is not supported.

The actual macro that is used by the user is CRYS_RSA_PSS_Sign.

Definition at line 301 of file crys_rsa_schemes.h.

CRYS_RSA_PSS_Verify implements the RSASSA-PKCS1v21 Verify algorithm as defined in PKCS#1 v2.1.

Definition at line 463 of file crys_rsa_schemes.h.

This function implements the Decrypt algorithm, as defined in [PKCS1_2.1] and [PKCS1_1.5].

It should not be called directly. Instead, use macros CRYS_RSA_OAEP_Decrypt or CRYS_RSA_PKCS1v15_Decrypt.

Returns

CRYS_OK on success.

A non-zero value from crys_rsa_error.h or crys_hash_error.h on failure.

Parameters

[in]	UserPrivKey_ptr	Pointer to the private key data structure of the user.
[in]	PrimeData_ptr	Pointer to a temporary structure that is internally used as workspace for the decryption operation.
[in]	hashFunc	The HASH function to be used. One of the supported SHA-x HASH modes, as defined in CRYS_RSA_HASH_OpMode_t (MD5 is not supported).
[in]	L	The label input pointer. Relevant for [PKCS1_2.1] only. NULL by default. NULL for [PKCS1_1.5].
[in]	Llen	The label length. Relevant for [PKCS1_2.1] only. Zero by default. Zero for [PKCS1_1.5].
[in]	MGF	The mask generation function. [PKCS1_2.1] defines MGF1, so the only value allowed here is CRYS_PKCS1_MGF1.
[in]	DataIn_ptr	Pointer to the data to decrypt.
[in]	DataInSize	The size (in bytes) of the data to decrypt. DataSize must be ≤ the modulus size.
[in]	Output_ptr	Pointer to the decrypted data. The buffer must be at least PrivKey_ptr->N.len bytes long (i.e. the modulus size in bytes).
[in]	OutputSize_ptr	Pointer to the byte size of the buffer pointed to by Output_buffer. The size must be: For PKCS #1 v2.1: Modulus size > OutputSize >= (modulus size - 2*HashLen - 2). For PKCS #1 v1.5: Modulus size > OutputSize >= (modulus size - 11). The value pointed by OutputSize_ptr is updated after decryption with the actual number of bytes that are loaded to Output_ptr.
[in]	PKCS1_ver	[PKCS1_1.5] or [PKCS1_2.1], according to the functionality required.

This function implements the Encrypt algorithm, as defined in [PKCS1_2.1] and [PKCS1_1.5].

It should not be called directly. Instead, use macros CRYS_RSA_OAEP_Encrypt or CRYS_RSA_PKCS1v15_Encrypt.

Returns

CRYS_OK on success.

A non-zero value from crys_rsa_error.h, crys_rnd_error.h or crys_hash_error.h on failure.

Parameters

[in,out]	rndState_ptr	Pointer to the RND state structure.
[in]	rndGenerateVectFunc	Pointer to the random vector generation function.
[in]	UserPubKey_ptr	Pointer to the public key data structure.
[in]	PrimeData_ptr	Pointer to a temporary structure that is internally used as workspace for the Encryption operation.
[in]	hashFunc	The HASH function to be used. One of the supported SHA-x HASH modes, as defined in CRYS_RSA_HASH_OpMode_t (MD5 is not supported).
[in]	L	The label input pointer. Relevant for [PKCS1_2.1] only. NULL by default. NULL for [PKCS1_1.5].
[in]	Llen	The label length. Relevant for [PKCS1_2.1] only. Zero by default. Must be <=2048. Zero for [PKCS1_1.5].
[in]	MGF	The mask generation function. [PKCS1_2.1] defines MGF1, so the only value allowed here is CRYS_PKCS1_MGF1.
[in]	DataIn_ptr	Pointer to the data to encrypt.
[in]	DataInSize	The size (in bytes) of the data to encrypt. The data size must be: For [PKCS1_2.1], DataSize <= modulus size - 2*HashLen - 2. For [PKCS1_1.5], DataSize <= modulus size - 11.
[out]	Output_ptr	Pointer to the encrypted data. The buffer must be at least modulus size bytes long.
[in]	PKCS1_ver	[PKCS1_1.5] or [PKCS1_2.1], according to the functionality required.

Implements the Signing algorithm, as defined in [PKCS1_1.5] or [PKCS1_2.1], using a single function.

The input data may be either a non-hashed data or a digest of a hash function. For a non-hashed data, the input data will be hashed using the hash function indicated by CRYS_RSA_HASH_OpMode_t. For a digest, CRYS_RSA_HASH_OpMode_t should indicate the hash function that the input data was created by, and it will not be hashed.

Returns

CRYS_OK on success.

A non-zero value from crys_rsa_error.h, crys_rnd_error.h or crys_hash_error.h on failure.

Parameters

[in,out]	rndState_ptr	Pointer to the RND state.
[in,out]	rndGenerateVectFunc	Pointer to the RND Generate vector function pointer.
[in]	UserContext_ptr	Pointer to a temporary context for internal use.
[in]	UserPrivKey_ptr	Pointer to the private key data structure of the user. The representation (pair or quintuple) and hence the algorithm (CRT or not CRT) is determined by the Private Key build function - CRYS_RSA_Build_PrivKey or CRYS_RSA_Build_PrivKeyCRT.
[in]	rsaHashMode	One of the supported SHA-x HASH modes, as defined in CRYS_RSA_HASH_OpMode_t. (MD5 is not supported).
[in]	MGF	The mask generation function. [PKCS1_2.1] defines only MGF1, so the only value allowed for [PKCS1_2.1] is CRYS_PKCS1_MGF1.
[in]	SaltLen	The Length of the Salt buffer (relevant for PKCS#1 Ver 2.1 only, typically lengths is 0 or hash Len). FIPS 186-4 requires, that SaltLen <= hash len. If SaltLen > KeySize - hash Len - 2, the function returns an error.
[in]	DataIn_ptr	Pointer to the input data to be signed. The size of the scatter/gather list representing the data buffer is limited to 128 entries, and the size of each entry is limited to 64KB (fragments larger than 64KB are broken into fragments <= 64KB).
[in]	DataInSize	The size (in bytes) of the data to sign.
[out]	Output_ptr	Pointer to the signature. The buffer must be at least PrivKey_ptr->N.len bytes long (i.e. the modulus size in bytes).
[in,out]	OutputSize_ptr	Pointer to the signature size value - the input value is the signature buffer size allocated, the output value is the signature size used. he buffer must be equal to PrivKey_ptr->N.len bytes long (i.e. the modulus size in bytes).
[in]	PKCS1_ver	[PKCS1_1.5] or [PKCS1_2.1], according to the functionality required.

Implements the RSA signature verification algorithms, in a single function call, as defined in referenced standards [PKCS1_1.5] and [PKCS1_2.1].

The input data may be either a non-hashed data or a digest of a hash function. For a non-hashed data, the input data will be hashed using the hash function indicated by CRYS_RSA_HASH_OpMode_t. For a digest, CRYS_RSA_HASH_OpMode_t should indicate the hash function that the input data was created by, and it will not be hashed.

Returns

CRYS_OK on success.

A non-zero value from crys_rsa_error.h or crys_hash_error.h on failure.

Parameters

[in]	UserContext_ptr	Pointer to a temporary context for internal use.
[in]	UserPubKey_ptr	Pointer to the public key data structure of the user.
[in]	rsaHashMode	One of the supported SHA-x HASH modes, as defined in CRYS_RSA_HASH_OpMode_t. (MD5 is not supported).
[in]	MGF	The mask generation function. [PKCS1_2.1] defines only MGF1, so the only value allowed for [PKCS_2.1] is CRYS_PKCS1_MGF1.
[in]	SaltLen	The Length of the Salt buffer. Relevant only for [PKCS1_2.1]. Typical lengths are 0 or hash Len (20 for SHA-1). The maximum length allowed is [modulus size - hash Len - 2].
[in]	DataIn_ptr	Pointer to the input data to be verified. The size of the scatter/gather list representing the data buffer is limited to 128 entries, and the size of each entry is limited to 64KB (fragments larger than 64KB are broken into fragments <= 64KB).
[in]	DataInSize	The size (in bytes) of the data whose signature is to be verified.
[in]	Sig_ptr	Pointer to the signature to be verified. The length of the signature is PubKey_ptr->N.len bytes (i.e. the modulus size in bytes).
[in]	PKCS1_ver	[PKCS1_1.5] or [PKCS1_2.1], according to the functionality required.