Xuyi Wang
/
wolfSSL
Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Diff: wolfssl/wolfcrypt/rsa.h
- Revision:
- 17:ff9d1e86ad5f
- Parent:
- 16:048e5e270a58
--- a/wolfssl/wolfcrypt/rsa.h Tue Nov 19 14:32:16 2019 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,290 +0,0 @@
-/* rsa.h
- *
- * Copyright (C) 2006-2017 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-/*!
- \file wolfssl/wolfcrypt/rsa.h
-*/
-
-
-#ifndef WOLF_CRYPT_RSA_H
-#define WOLF_CRYPT_RSA_H
-
-#include <wolfssl/wolfcrypt/types.h>
-
-#ifndef NO_RSA
-
-
-/* RSA default exponent */
-#ifndef WC_RSA_EXPONENT
- #define WC_RSA_EXPONENT 65537L
-#endif
-
-
-/* allow for user to plug in own crypto */
-#if !defined(HAVE_FIPS) && (defined(HAVE_USER_RSA) || defined(HAVE_FAST_RSA))
- #include "user_rsa.h"
-#else
-
-#if defined(HAVE_FIPS) && \
- (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-/* for fips @wc_fips */
-#include <cyassl/ctaocrypt/rsa.h>
-#if defined(CYASSL_KEY_GEN) && !defined(WOLFSSL_KEY_GEN)
- #define WOLFSSL_KEY_GEN
-#endif
-#else
- #include <wolfssl/wolfcrypt/integer.h>
- #include <wolfssl/wolfcrypt/random.h>
-#endif /* HAVE_FIPS && HAVE_FIPS_VERION 1 */
-#if defined(HAVE_FIPS) && \
- defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
-#include <wolfssl/wolfcrypt/fips.h>
-#endif
-
-/* header file needed for OAEP padding */
-#include <wolfssl/wolfcrypt/hash.h>
-
-#ifdef WOLFSSL_XILINX_CRYPT
-#include "xsecure_rsa.h"
-#endif
-
-#ifdef __cplusplus
- extern "C" {
-#endif
-
-/* avoid redefinition of structs */
-#if !defined(HAVE_FIPS) || \
- (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
-
-#ifdef WOLFSSL_ASYNC_CRYPT
- #include <wolfssl/wolfcrypt/async.h>
- #ifdef WOLFSSL_CERT_GEN
- #include <wolfssl/wolfcrypt/asn.h>
- #endif
-#endif
-
-enum {
- RSA_PUBLIC = 0,
- RSA_PRIVATE = 1,
-
- RSA_TYPE_UNKNOWN = -1,
- RSA_PUBLIC_ENCRYPT = 0,
- RSA_PUBLIC_DECRYPT = 1,
- RSA_PRIVATE_ENCRYPT = 2,
- RSA_PRIVATE_DECRYPT = 3,
-
- RSA_BLOCK_TYPE_1 = 1,
- RSA_BLOCK_TYPE_2 = 2,
-
- RSA_MIN_SIZE = 512,
- RSA_MAX_SIZE = 4096,
-
- RSA_MIN_PAD_SZ = 11, /* separator + 0 + pad value + 8 pads */
-
- RSA_PSS_PAD_SZ = 8,
- RSA_PSS_SALT_MAX_SZ = 62,
-
-#ifdef OPENSSL_EXTRA
- RSA_PKCS1_PADDING_SIZE = 11,
- RSA_PKCS1_OAEP_PADDING_SIZE = 42, /* (2 * hashlen(SHA-1)) + 2 */
-#endif
-#ifdef WC_RSA_PSS
- RSA_PSS_PAD_TERM = 0xBC,
-#endif
-};
-
-/* RSA */
-struct RsaKey {
- mp_int n, e, d, p, q;
-#if defined(WOLFSSL_KEY_GEN) || defined(OPENSSL_EXTRA) || !defined(RSA_LOW_MEM)
- mp_int dP, dQ, u;
-#endif
- void* heap; /* for user memory overrides */
- byte* data; /* temp buffer for async RSA */
- int type; /* public or private */
- int state;
- word32 dataLen;
-#ifdef WC_RSA_BLINDING
- WC_RNG* rng; /* for PrivateDecrypt blinding */
-#endif
-#ifdef WOLF_CRYPTO_DEV
- int devId;
-#endif
-#ifdef WOLFSSL_ASYNC_CRYPT
- WC_ASYNC_DEV asyncDev;
- #ifdef WOLFSSL_CERT_GEN
- CertSignCtx certSignCtx; /* context info for cert sign (MakeSignature) */
- #endif
-#endif /* WOLFSSL_ASYNC_CRYPT */
-#ifdef WOLFSSL_XILINX_CRYPT
- word32 pubExp; /* to keep values in scope they are here in struct */
- byte* mod;
- XSecure_Rsa xRsa;
-#endif
- byte dataIsAlloc;
-};
-
-#ifndef WC_RSAKEY_TYPE_DEFINED
- typedef struct RsaKey RsaKey;
- #define WC_RSAKEY_TYPE_DEFINED
-#endif
-
-#endif /*HAVE_FIPS */
-
-WOLFSSL_API int wc_InitRsaKey(RsaKey* key, void* heap);
-WOLFSSL_API int wc_InitRsaKey_ex(RsaKey* key, void* heap, int devId);
-WOLFSSL_API int wc_FreeRsaKey(RsaKey* key);
-WOLFSSL_API int wc_CheckRsaKey(RsaKey* key);
-#ifdef WOLFSSL_XILINX_CRYPT
-WOLFSSL_LOCAL int wc_InitRsaHw(RsaKey* key);
-#endif /* WOLFSSL_XILINX_CRYPT */
-
-WOLFSSL_API int wc_RsaFunction(const byte* in, word32 inLen, byte* out,
- word32* outLen, int type, RsaKey* key, WC_RNG* rng);
-
-WOLFSSL_API int wc_RsaPublicEncrypt(const byte* in, word32 inLen, byte* out,
- word32 outLen, RsaKey* key, WC_RNG* rng);
-WOLFSSL_API int wc_RsaPrivateDecryptInline(byte* in, word32 inLen, byte** out,
- RsaKey* key);
-WOLFSSL_API int wc_RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out,
- word32 outLen, RsaKey* key);
-WOLFSSL_API int wc_RsaSSL_Sign(const byte* in, word32 inLen, byte* out,
- word32 outLen, RsaKey* key, WC_RNG* rng);
-WOLFSSL_API int wc_RsaPSS_Sign(const byte* in, word32 inLen, byte* out,
- word32 outLen, enum wc_HashType hash, int mgf,
- RsaKey* key, WC_RNG* rng);
-WOLFSSL_API int wc_RsaPSS_Sign_ex(const byte* in, word32 inLen, byte* out,
- word32 outLen, enum wc_HashType hash,
- int mgf, int saltLen, RsaKey* key,
- WC_RNG* rng);
-WOLFSSL_API int wc_RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out,
- RsaKey* key);
-WOLFSSL_API int wc_RsaSSL_Verify(const byte* in, word32 inLen, byte* out,
- word32 outLen, RsaKey* key);
-WOLFSSL_API int wc_RsaPSS_VerifyInline(byte* in, word32 inLen, byte** out,
- enum wc_HashType hash, int mgf,
- RsaKey* key);
-WOLFSSL_API int wc_RsaPSS_VerifyInline_ex(byte* in, word32 inLen, byte** out,
- enum wc_HashType hash, int mgf,
- int saltLen, RsaKey* key);
-WOLFSSL_API int wc_RsaPSS_Verify(byte* in, word32 inLen, byte* out,
- word32 outLen, enum wc_HashType hash, int mgf,
- RsaKey* key);
-WOLFSSL_API int wc_RsaPSS_Verify_ex(byte* in, word32 inLen, byte* out,
- word32 outLen, enum wc_HashType hash,
- int mgf, int saltLen, RsaKey* key);
-WOLFSSL_API int wc_RsaPSS_CheckPadding(const byte* in, word32 inLen, byte* sig,
- word32 sigSz,
- enum wc_HashType hashType);
-WOLFSSL_API int wc_RsaPSS_CheckPadding_ex(const byte* in, word32 inLen,
- byte* sig, word32 sigSz,
- enum wc_HashType hashType,
- int saltLen, int bits);
-WOLFSSL_API int wc_RsaPSS_VerifyCheckInline(byte* in, word32 inLen, byte** out,
- const byte* digest, word32 digentLen,
- enum wc_HashType hash, int mgf,
- RsaKey* key);
-WOLFSSL_API int wc_RsaPSS_VerifyCheck(byte* in, word32 inLen,
- byte* out, word32 outLen,
- const byte* digest, word32 digestLen,
- enum wc_HashType hash, int mgf,
- RsaKey* key);
-
-WOLFSSL_API int wc_RsaEncryptSize(RsaKey* key);
-
-#if !defined(HAVE_FIPS) || \
- (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
-/* to avoid asn duplicate symbols @wc_fips */
-WOLFSSL_API int wc_RsaPrivateKeyDecode(const byte* input, word32* inOutIdx,
- RsaKey*, word32);
-WOLFSSL_API int wc_RsaPublicKeyDecode(const byte* input, word32* inOutIdx,
- RsaKey*, word32);
-WOLFSSL_API int wc_RsaPublicKeyDecodeRaw(const byte* n, word32 nSz,
- const byte* e, word32 eSz, RsaKey* key);
-#ifdef WOLFSSL_KEY_GEN
- WOLFSSL_API int wc_RsaKeyToDer(RsaKey*, byte* output, word32 inLen);
-#endif
-
-WOLFSSL_API int wc_RsaSetRNG(RsaKey* key, WC_RNG* rng);
-
-/*
- choice of padding added after fips, so not available when using fips RSA
- */
-
-/* Mask Generation Function Identifiers */
-#define WC_MGF1NONE 0
-#define WC_MGF1SHA1 26
-#define WC_MGF1SHA224 4
-#define WC_MGF1SHA256 1
-#define WC_MGF1SHA384 2
-#define WC_MGF1SHA512 3
-
-/* Padding types */
-#define WC_RSA_PKCSV15_PAD 0
-#define WC_RSA_OAEP_PAD 1
-#define WC_RSA_PSS_PAD 2
-#define WC_RSA_NO_PAD 3
-
-WOLFSSL_API int wc_RsaPublicEncrypt_ex(const byte* in, word32 inLen, byte* out,
- word32 outLen, RsaKey* key, WC_RNG* rng, int type,
- enum wc_HashType hash, int mgf, byte* label, word32 lableSz);
-WOLFSSL_API int wc_RsaPrivateDecrypt_ex(const byte* in, word32 inLen,
- byte* out, word32 outLen, RsaKey* key, int type,
- enum wc_HashType hash, int mgf, byte* label, word32 lableSz);
-WOLFSSL_API int wc_RsaPrivateDecryptInline_ex(byte* in, word32 inLen,
- byte** out, RsaKey* key, int type, enum wc_HashType hash,
- int mgf, byte* label, word32 lableSz);
-#if defined(WC_RSA_DIRECT) || defined(WC_RSA_NO_PADDING)
-WOLFSSL_API int wc_RsaDirect(byte* in, word32 inLen, byte* out, word32* outSz,
- RsaKey* key, int type, WC_RNG* rng);
-#endif
-
-#endif /* HAVE_FIPS*/
-
-WOLFSSL_API int wc_RsaFlattenPublicKey(RsaKey*, byte*, word32*, byte*,
- word32*);
-WOLFSSL_API int wc_RsaExportKey(RsaKey* key,
- byte* e, word32* eSz,
- byte* n, word32* nSz,
- byte* d, word32* dSz,
- byte* p, word32* pSz,
- byte* q, word32* qSz);
-
-WOLFSSL_API int wc_RsaKeyToPublicDer(RsaKey*, byte* output, word32 inLen);
-
-#ifdef WOLFSSL_KEY_GEN
- WOLFSSL_API int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng);
- WOLFSSL_API int wc_CheckProbablePrime(const byte* p, word32 pSz,
- const byte* q, word32 qSz,
- const byte* e, word32 eSz,
- int nlen, int* isPrime);
-#endif
-
-#endif /* HAVE_USER_RSA */
-
-#ifdef __cplusplus
- } /* extern "C" */
-#endif
-
-#endif /* NO_RSA */
-#endif /* WOLF_CRYPT_RSA_H */
-
-