Hannes Tschofenig
/
aes-gcm-test-program
Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Embed:
(wiki syntax)
Show/hide line numbers
rsa.h
Go to the documentation of this file.
00001 /** 00002 * \file rsa.h 00003 * 00004 * \brief The RSA public-key cryptosystem 00005 * 00006 * Copyright (C) 2006-2014, Brainspark B.V. 00007 * 00008 * This file is part of PolarSSL (http://www.polarssl.org) 00009 * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> 00010 * 00011 * All rights reserved. 00012 * 00013 * This program is free software; you can redistribute it and/or modify 00014 * it under the terms of the GNU General Public License as published by 00015 * the Free Software Foundation; either version 2 of the License, or 00016 * (at your option) any later version. 00017 * 00018 * This program is distributed in the hope that it will be useful, 00019 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00020 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00021 * GNU General Public License for more details. 00022 * 00023 * You should have received a copy of the GNU General Public License along 00024 * with this program; if not, write to the Free Software Foundation, Inc., 00025 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. 00026 */ 00027 #ifndef POLARSSL_RSA_H 00028 #define POLARSSL_RSA_H 00029 00030 #if !defined(POLARSSL_CONFIG_FILE) 00031 #include "config.h" 00032 #else 00033 #include POLARSSL_CONFIG_FILE 00034 #endif 00035 00036 #include "bignum.h" 00037 #include "md.h" 00038 00039 #if defined(POLARSSL_THREADING_C) 00040 #include "threading.h" 00041 #endif 00042 00043 /* 00044 * RSA Error codes 00045 */ 00046 #define POLARSSL_ERR_RSA_BAD_INPUT_DATA -0x4080 /**< Bad input parameters to function. */ 00047 #define POLARSSL_ERR_RSA_INVALID_PADDING -0x4100 /**< Input data contains invalid padding and is rejected. */ 00048 #define POLARSSL_ERR_RSA_KEY_GEN_FAILED -0x4180 /**< Something failed during generation of a key. */ 00049 #define POLARSSL_ERR_RSA_KEY_CHECK_FAILED -0x4200 /**< Key failed to pass the libraries validity check. */ 00050 #define POLARSSL_ERR_RSA_PUBLIC_FAILED -0x4280 /**< The public key operation failed. */ 00051 #define POLARSSL_ERR_RSA_PRIVATE_FAILED -0x4300 /**< The private key operation failed. */ 00052 #define POLARSSL_ERR_RSA_VERIFY_FAILED -0x4380 /**< The PKCS#1 verification failed. */ 00053 #define POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE -0x4400 /**< The output buffer for decryption is not large enough. */ 00054 #define POLARSSL_ERR_RSA_RNG_FAILED -0x4480 /**< The random generator failed to generate non-zeros. */ 00055 00056 /* 00057 * RSA constants 00058 */ 00059 #define RSA_PUBLIC 0 00060 #define RSA_PRIVATE 1 00061 00062 #define RSA_PKCS_V15 0 00063 #define RSA_PKCS_V21 1 00064 00065 #define RSA_SIGN 1 00066 #define RSA_CRYPT 2 00067 00068 /* 00069 * The above constants may be used even if the RSA module is compile out, 00070 * eg for alternative (PKCS#11) RSA implemenations in the PK layers. 00071 */ 00072 #if defined(POLARSSL_RSA_C) 00073 00074 #ifdef __cplusplus 00075 extern "C" { 00076 #endif 00077 00078 /** 00079 * \brief RSA context structure 00080 */ 00081 typedef struct 00082 { 00083 int ver ; /*!< always 0 */ 00084 size_t len ; /*!< size(N) in chars */ 00085 00086 mpi N ; /*!< public modulus */ 00087 mpi E ; /*!< public exponent */ 00088 00089 mpi D ; /*!< private exponent */ 00090 mpi P ; /*!< 1st prime factor */ 00091 mpi Q ; /*!< 2nd prime factor */ 00092 mpi DP ; /*!< D % (P - 1) */ 00093 mpi DQ ; /*!< D % (Q - 1) */ 00094 mpi QP ; /*!< 1 / (Q % P) */ 00095 00096 mpi RN ; /*!< cached R^2 mod N */ 00097 mpi RP ; /*!< cached R^2 mod P */ 00098 mpi RQ ; /*!< cached R^2 mod Q */ 00099 00100 #if !defined(POLARSSL_RSA_NO_CRT) 00101 mpi Vi ; /*!< cached blinding value */ 00102 mpi Vf ; /*!< cached un-blinding value */ 00103 #endif 00104 00105 int padding; /*!< RSA_PKCS_V15 for 1.5 padding and 00106 RSA_PKCS_v21 for OAEP/PSS */ 00107 int hash_id; /*!< Hash identifier of md_type_t as 00108 specified in the md.h header file 00109 for the EME-OAEP and EMSA-PSS 00110 encoding */ 00111 #if defined(POLARSSL_THREADING_C) 00112 threading_mutex_t mutex ; /*!< Thread-safety mutex */ 00113 #endif 00114 } 00115 rsa_context; 00116 00117 /** 00118 * \brief Initialize an RSA context 00119 * 00120 * Note: Set padding to RSA_PKCS_V21 for the RSAES-OAEP 00121 * encryption scheme and the RSASSA-PSS signature scheme. 00122 * 00123 * \param ctx RSA context to be initialized 00124 * \param padding RSA_PKCS_V15 or RSA_PKCS_V21 00125 * \param hash_id RSA_PKCS_V21 hash identifier 00126 * 00127 * \note The hash_id parameter is actually ignored 00128 * when using RSA_PKCS_V15 padding. 00129 */ 00130 void rsa_init( rsa_context *ctx, 00131 int padding, 00132 int hash_id); 00133 00134 /** 00135 * \brief Set padding for an already initialized RSA context 00136 * 00137 * Note: Set padding to RSA_PKCS_V21 for the RSAES-OAEP 00138 * encryption scheme and the RSASSA-PSS signature scheme. 00139 * 00140 * \param ctx RSA context to be set 00141 * \param padding RSA_PKCS_V15 or RSA_PKCS_V21 00142 * \param hash_id RSA_PKCS_V21 hash identifier 00143 * 00144 * \note The hash_id parameter is actually ignored 00145 * when using RSA_PKCS_V15 padding. 00146 */ 00147 void rsa_set_padding( rsa_context *ctx, int padding, int hash_id); 00148 00149 /** 00150 * \brief Generate an RSA keypair 00151 * 00152 * \param ctx RSA context that will hold the key 00153 * \param f_rng RNG function 00154 * \param p_rng RNG parameter 00155 * \param nbits size of the public key in bits 00156 * \param exponent public exponent (e.g., 65537) 00157 * 00158 * \note rsa_init() must be called beforehand to setup 00159 * the RSA context. 00160 * 00161 * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code 00162 */ 00163 int rsa_gen_key( rsa_context *ctx, 00164 int (*f_rng)(void *, unsigned char *, size_t), 00165 void *p_rng, 00166 unsigned int nbits, int exponent ); 00167 00168 /** 00169 * \brief Check a public RSA key 00170 * 00171 * \param ctx RSA context to be checked 00172 * 00173 * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code 00174 */ 00175 int rsa_check_pubkey( const rsa_context *ctx ); 00176 00177 /** 00178 * \brief Check a private RSA key 00179 * 00180 * \param ctx RSA context to be checked 00181 * 00182 * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code 00183 */ 00184 int rsa_check_privkey( const rsa_context *ctx ); 00185 00186 /** 00187 * \brief Do an RSA public key operation 00188 * 00189 * \param ctx RSA context 00190 * \param input input buffer 00191 * \param output output buffer 00192 * 00193 * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code 00194 * 00195 * \note This function does NOT take care of message 00196 * padding. Also, be sure to set input[0] = 0 or assure that 00197 * input is smaller than N. 00198 * 00199 * \note The input and output buffers must be large 00200 * enough (eg. 128 bytes if RSA-1024 is used). 00201 */ 00202 int rsa_public( rsa_context *ctx, 00203 const unsigned char *input, 00204 unsigned char *output ); 00205 00206 /** 00207 * \brief Do an RSA private key operation 00208 * 00209 * \param ctx RSA context 00210 * \param f_rng RNG function (Needed for blinding) 00211 * \param p_rng RNG parameter 00212 * \param input input buffer 00213 * \param output output buffer 00214 * 00215 * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code 00216 * 00217 * \note The input and output buffers must be large 00218 * enough (eg. 128 bytes if RSA-1024 is used). 00219 */ 00220 int rsa_private( rsa_context *ctx, 00221 int (*f_rng)(void *, unsigned char *, size_t), 00222 void *p_rng, 00223 const unsigned char *input, 00224 unsigned char *output ); 00225 00226 /** 00227 * \brief Generic wrapper to perform a PKCS#1 encryption using the 00228 * mode from the context. Add the message padding, then do an 00229 * RSA operation. 00230 * 00231 * \param ctx RSA context 00232 * \param f_rng RNG function (Needed for padding and PKCS#1 v2.1 encoding 00233 * and RSA_PRIVATE) 00234 * \param p_rng RNG parameter 00235 * \param mode RSA_PUBLIC or RSA_PRIVATE 00236 * \param ilen contains the plaintext length 00237 * \param input buffer holding the data to be encrypted 00238 * \param output buffer that will hold the ciphertext 00239 * 00240 * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code 00241 * 00242 * \note The output buffer must be as large as the size 00243 * of ctx->N (eg. 128 bytes if RSA-1024 is used). 00244 */ 00245 int rsa_pkcs1_encrypt( rsa_context *ctx, 00246 int (*f_rng)(void *, unsigned char *, size_t), 00247 void *p_rng, 00248 int mode, size_t ilen, 00249 const unsigned char *input, 00250 unsigned char *output ); 00251 00252 /** 00253 * \brief Perform a PKCS#1 v1.5 encryption (RSAES-PKCS1-v1_5-ENCRYPT) 00254 * 00255 * \param ctx RSA context 00256 * \param f_rng RNG function (Needed for padding and RSA_PRIVATE) 00257 * \param p_rng RNG parameter 00258 * \param mode RSA_PUBLIC or RSA_PRIVATE 00259 * \param ilen contains the plaintext length 00260 * \param input buffer holding the data to be encrypted 00261 * \param output buffer that will hold the ciphertext 00262 * 00263 * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code 00264 * 00265 * \note The output buffer must be as large as the size 00266 * of ctx->N (eg. 128 bytes if RSA-1024 is used). 00267 */ 00268 int rsa_rsaes_pkcs1_v15_encrypt( rsa_context *ctx, 00269 int (*f_rng)(void *, unsigned char *, size_t), 00270 void *p_rng, 00271 int mode, size_t ilen, 00272 const unsigned char *input, 00273 unsigned char *output ); 00274 00275 /** 00276 * \brief Perform a PKCS#1 v2.1 OAEP encryption (RSAES-OAEP-ENCRYPT) 00277 * 00278 * \param ctx RSA context 00279 * \param f_rng RNG function (Needed for padding and PKCS#1 v2.1 encoding 00280 * and RSA_PRIVATE) 00281 * \param p_rng RNG parameter 00282 * \param mode RSA_PUBLIC or RSA_PRIVATE 00283 * \param label buffer holding the custom label to use 00284 * \param label_len contains the label length 00285 * \param ilen contains the plaintext length 00286 * \param input buffer holding the data to be encrypted 00287 * \param output buffer that will hold the ciphertext 00288 * 00289 * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code 00290 * 00291 * \note The output buffer must be as large as the size 00292 * of ctx->N (eg. 128 bytes if RSA-1024 is used). 00293 */ 00294 int rsa_rsaes_oaep_encrypt( rsa_context *ctx, 00295 int (*f_rng)(void *, unsigned char *, size_t), 00296 void *p_rng, 00297 int mode, 00298 const unsigned char *label, size_t label_len, 00299 size_t ilen, 00300 const unsigned char *input, 00301 unsigned char *output ); 00302 00303 /** 00304 * \brief Generic wrapper to perform a PKCS#1 decryption using the 00305 * mode from the context. Do an RSA operation, then remove 00306 * the message padding 00307 * 00308 * \param ctx RSA context 00309 * \param f_rng RNG function (Only needed for RSA_PRIVATE) 00310 * \param p_rng RNG parameter 00311 * \param mode RSA_PUBLIC or RSA_PRIVATE 00312 * \param olen will contain the plaintext length 00313 * \param input buffer holding the encrypted data 00314 * \param output buffer that will hold the plaintext 00315 * \param output_max_len maximum length of the output buffer 00316 * 00317 * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code 00318 * 00319 * \note The output buffer must be as large as the size 00320 * of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise 00321 * an error is thrown. 00322 */ 00323 int rsa_pkcs1_decrypt( rsa_context *ctx, 00324 int (*f_rng)(void *, unsigned char *, size_t), 00325 void *p_rng, 00326 int mode, size_t *olen, 00327 const unsigned char *input, 00328 unsigned char *output, 00329 size_t output_max_len ); 00330 00331 /** 00332 * \brief Perform a PKCS#1 v1.5 decryption (RSAES-PKCS1-v1_5-DECRYPT) 00333 * 00334 * \param ctx RSA context 00335 * \param f_rng RNG function (Only needed for RSA_PRIVATE) 00336 * \param p_rng RNG parameter 00337 * \param mode RSA_PUBLIC or RSA_PRIVATE 00338 * \param olen will contain the plaintext length 00339 * \param input buffer holding the encrypted data 00340 * \param output buffer that will hold the plaintext 00341 * \param output_max_len maximum length of the output buffer 00342 * 00343 * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code 00344 * 00345 * \note The output buffer must be as large as the size 00346 * of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise 00347 * an error is thrown. 00348 */ 00349 int rsa_rsaes_pkcs1_v15_decrypt( rsa_context *ctx, 00350 int (*f_rng)(void *, unsigned char *, size_t), 00351 void *p_rng, 00352 int mode, size_t *olen, 00353 const unsigned char *input, 00354 unsigned char *output, 00355 size_t output_max_len ); 00356 00357 /** 00358 * \brief Perform a PKCS#1 v2.1 OAEP decryption (RSAES-OAEP-DECRYPT) 00359 * 00360 * \param ctx RSA context 00361 * \param f_rng RNG function (Only needed for RSA_PRIVATE) 00362 * \param p_rng RNG parameter 00363 * \param mode RSA_PUBLIC or RSA_PRIVATE 00364 * \param label buffer holding the custom label to use 00365 * \param label_len contains the label length 00366 * \param olen will contain the plaintext length 00367 * \param input buffer holding the encrypted data 00368 * \param output buffer that will hold the plaintext 00369 * \param output_max_len maximum length of the output buffer 00370 * 00371 * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code 00372 * 00373 * \note The output buffer must be as large as the size 00374 * of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise 00375 * an error is thrown. 00376 */ 00377 int rsa_rsaes_oaep_decrypt( rsa_context *ctx, 00378 int (*f_rng)(void *, unsigned char *, size_t), 00379 void *p_rng, 00380 int mode, 00381 const unsigned char *label, size_t label_len, 00382 size_t *olen, 00383 const unsigned char *input, 00384 unsigned char *output, 00385 size_t output_max_len ); 00386 00387 /** 00388 * \brief Generic wrapper to perform a PKCS#1 signature using the 00389 * mode from the context. Do a private RSA operation to sign 00390 * a message digest 00391 * 00392 * \param ctx RSA context 00393 * \param f_rng RNG function (Needed for PKCS#1 v2.1 encoding and for 00394 * RSA_PRIVATE) 00395 * \param p_rng RNG parameter 00396 * \param mode RSA_PUBLIC or RSA_PRIVATE 00397 * \param md_alg a POLARSSL_MD_* (use POLARSSL_MD_NONE for signing raw data) 00398 * \param hashlen message digest length (for POLARSSL_MD_NONE only) 00399 * \param hash buffer holding the message digest 00400 * \param sig buffer that will hold the ciphertext 00401 * 00402 * \return 0 if the signing operation was successful, 00403 * or an POLARSSL_ERR_RSA_XXX error code 00404 * 00405 * \note The "sig" buffer must be as large as the size 00406 * of ctx->N (eg. 128 bytes if RSA-1024 is used). 00407 * 00408 * \note In case of PKCS#1 v2.1 encoding keep in mind that 00409 * the hash_id in the RSA context is the one used for the 00410 * encoding. hash_id in the function call is the type of hash 00411 * that is encoded. According to RFC 3447 it is advised to 00412 * keep both hashes the same. 00413 */ 00414 int rsa_pkcs1_sign( rsa_context *ctx, 00415 int (*f_rng)(void *, unsigned char *, size_t), 00416 void *p_rng, 00417 int mode, 00418 md_type_t md_alg, 00419 unsigned int hashlen, 00420 const unsigned char *hash, 00421 unsigned char *sig ); 00422 00423 /** 00424 * \brief Perform a PKCS#1 v1.5 signature (RSASSA-PKCS1-v1_5-SIGN) 00425 * 00426 * \param ctx RSA context 00427 * \param f_rng RNG function (Only needed for RSA_PRIVATE) 00428 * \param p_rng RNG parameter 00429 * \param mode RSA_PUBLIC or RSA_PRIVATE 00430 * \param md_alg a POLARSSL_MD_* (use POLARSSL_MD_NONE for signing raw data) 00431 * \param hashlen message digest length (for POLARSSL_MD_NONE only) 00432 * \param hash buffer holding the message digest 00433 * \param sig buffer that will hold the ciphertext 00434 * 00435 * \return 0 if the signing operation was successful, 00436 * or an POLARSSL_ERR_RSA_XXX error code 00437 * 00438 * \note The "sig" buffer must be as large as the size 00439 * of ctx->N (eg. 128 bytes if RSA-1024 is used). 00440 */ 00441 int rsa_rsassa_pkcs1_v15_sign( rsa_context *ctx, 00442 int (*f_rng)(void *, unsigned char *, size_t), 00443 void *p_rng, 00444 int mode, 00445 md_type_t md_alg, 00446 unsigned int hashlen, 00447 const unsigned char *hash, 00448 unsigned char *sig ); 00449 00450 /** 00451 * \brief Perform a PKCS#1 v2.1 PSS signature (RSASSA-PSS-SIGN) 00452 * 00453 * \param ctx RSA context 00454 * \param f_rng RNG function (Needed for PKCS#1 v2.1 encoding and for 00455 * RSA_PRIVATE) 00456 * \param p_rng RNG parameter 00457 * \param mode RSA_PUBLIC or RSA_PRIVATE 00458 * \param md_alg a POLARSSL_MD_* (use POLARSSL_MD_NONE for signing raw data) 00459 * \param hashlen message digest length (for POLARSSL_MD_NONE only) 00460 * \param hash buffer holding the message digest 00461 * \param sig buffer that will hold the ciphertext 00462 * 00463 * \return 0 if the signing operation was successful, 00464 * or an POLARSSL_ERR_RSA_XXX error code 00465 * 00466 * \note The "sig" buffer must be as large as the size 00467 * of ctx->N (eg. 128 bytes if RSA-1024 is used). 00468 * 00469 * \note In case of PKCS#1 v2.1 encoding keep in mind that 00470 * the hash_id in the RSA context is the one used for the 00471 * encoding. hash_id in the function call is the type of hash 00472 * that is encoded. According to RFC 3447 it is advised to 00473 * keep both hashes the same. 00474 */ 00475 int rsa_rsassa_pss_sign( rsa_context *ctx, 00476 int (*f_rng)(void *, unsigned char *, size_t), 00477 void *p_rng, 00478 int mode, 00479 md_type_t md_alg, 00480 unsigned int hashlen, 00481 const unsigned char *hash, 00482 unsigned char *sig ); 00483 00484 /** 00485 * \brief Generic wrapper to perform a PKCS#1 verification using the 00486 * mode from the context. Do a public RSA operation and check 00487 * the message digest 00488 * 00489 * \param ctx points to an RSA public key 00490 * \param f_rng RNG function (Only needed for RSA_PRIVATE) 00491 * \param p_rng RNG parameter 00492 * \param mode RSA_PUBLIC or RSA_PRIVATE 00493 * \param md_alg a POLARSSL_MD_* (use POLARSSL_MD_NONE for signing raw data) 00494 * \param hashlen message digest length (for POLARSSL_MD_NONE only) 00495 * \param hash buffer holding the message digest 00496 * \param sig buffer holding the ciphertext 00497 * 00498 * \return 0 if the verify operation was successful, 00499 * or an POLARSSL_ERR_RSA_XXX error code 00500 * 00501 * \note The "sig" buffer must be as large as the size 00502 * of ctx->N (eg. 128 bytes if RSA-1024 is used). 00503 * 00504 * \note In case of PKCS#1 v2.1 encoding keep in mind that 00505 * the hash_id in the RSA context is the one used for the 00506 * verification. hash_id in the function call is the type of 00507 * hash that is verified. According to RFC 3447 it is advised to 00508 * keep both hashes the same. 00509 */ 00510 int rsa_pkcs1_verify( rsa_context *ctx, 00511 int (*f_rng)(void *, unsigned char *, size_t), 00512 void *p_rng, 00513 int mode, 00514 md_type_t md_alg, 00515 unsigned int hashlen, 00516 const unsigned char *hash, 00517 const unsigned char *sig ); 00518 00519 /** 00520 * \brief Perform a PKCS#1 v1.5 verification (RSASSA-PKCS1-v1_5-VERIFY) 00521 * 00522 * \param ctx points to an RSA public key 00523 * \param f_rng RNG function (Only needed for RSA_PRIVATE) 00524 * \param p_rng RNG parameter 00525 * \param mode RSA_PUBLIC or RSA_PRIVATE 00526 * \param md_alg a POLARSSL_MD_* (use POLARSSL_MD_NONE for signing raw data) 00527 * \param hashlen message digest length (for POLARSSL_MD_NONE only) 00528 * \param hash buffer holding the message digest 00529 * \param sig buffer holding the ciphertext 00530 * 00531 * \return 0 if the verify operation was successful, 00532 * or an POLARSSL_ERR_RSA_XXX error code 00533 * 00534 * \note The "sig" buffer must be as large as the size 00535 * of ctx->N (eg. 128 bytes if RSA-1024 is used). 00536 */ 00537 int rsa_rsassa_pkcs1_v15_verify( rsa_context *ctx, 00538 int (*f_rng)(void *, unsigned char *, size_t), 00539 void *p_rng, 00540 int mode, 00541 md_type_t md_alg, 00542 unsigned int hashlen, 00543 const unsigned char *hash, 00544 const unsigned char *sig ); 00545 00546 /** 00547 * \brief Perform a PKCS#1 v2.1 PSS verification (RSASSA-PSS-VERIFY) 00548 * 00549 * \param ctx points to an RSA public key 00550 * \param f_rng RNG function (Only needed for RSA_PRIVATE) 00551 * \param p_rng RNG parameter 00552 * \param mode RSA_PUBLIC or RSA_PRIVATE 00553 * \param md_alg a POLARSSL_MD_* (use POLARSSL_MD_NONE for signing raw data) 00554 * \param hashlen message digest length (for POLARSSL_MD_NONE only) 00555 * \param hash buffer holding the message digest 00556 * \param sig buffer holding the ciphertext 00557 * 00558 * \return 0 if the verify operation was successful, 00559 * or an POLARSSL_ERR_RSA_XXX error code 00560 * 00561 * \note The "sig" buffer must be as large as the size 00562 * of ctx->N (eg. 128 bytes if RSA-1024 is used). 00563 * 00564 * \note In case of PKCS#1 v2.1 encoding keep in mind that 00565 * the hash_id in the RSA context is the one used for the 00566 * verification. hash_id in the function call is the type of 00567 * hash that is verified. According to RFC 3447 it is advised to 00568 * keep both hashes the same. 00569 */ 00570 int rsa_rsassa_pss_verify( rsa_context *ctx, 00571 int (*f_rng)(void *, unsigned char *, size_t), 00572 void *p_rng, 00573 int mode, 00574 md_type_t md_alg, 00575 unsigned int hashlen, 00576 const unsigned char *hash, 00577 const unsigned char *sig ); 00578 00579 /** 00580 * \brief Copy the components of an RSA context 00581 * 00582 * \param dst Destination context 00583 * \param src Source context 00584 * 00585 * \return O on success, 00586 * POLARSSL_ERR_MPI_MALLOC_FAILED on memory allocation failure 00587 */ 00588 int rsa_copy( rsa_context *dst, const rsa_context *src ); 00589 00590 /** 00591 * \brief Free the components of an RSA key 00592 * 00593 * \param ctx RSA Context to free 00594 */ 00595 void rsa_free( rsa_context *ctx ); 00596 00597 /** 00598 * \brief Checkup routine 00599 * 00600 * \return 0 if successful, or 1 if the test failed 00601 */ 00602 int rsa_self_test( int verbose ); 00603 00604 #ifdef __cplusplus 00605 } 00606 #endif 00607 00608 #endif /* POLARSSL_RSA_C */ 00609 00610 #endif /* rsa.h */ 00611 00612
Generated on Tue Jul 12 2022 19:40:20 by
1.7.2