Xuyi Wang
/
wolfcrypt
Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Embed:
(wiki syntax)
Show/hide line numbers
rsa.h
00001 /* rsa.h 00002 * 00003 * Copyright (C) 2006-2017 wolfSSL Inc. 00004 * 00005 * This file is part of wolfSSL. 00006 * 00007 * wolfSSL is free software; you can redistribute it and/or modify 00008 * it under the terms of the GNU General Public License as published by 00009 * the Free Software Foundation; either version 2 of the License, or 00010 * (at your option) any later version. 00011 * 00012 * wolfSSL is distributed in the hope that it will be useful, 00013 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00014 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00015 * GNU General Public License for more details. 00016 * 00017 * You should have received a copy of the GNU General Public License 00018 * along with this program; if not, write to the Free Software 00019 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA 00020 */ 00021 00022 /*! 00023 \file wolfssl/wolfcrypt/rsa.h 00024 */ 00025 00026 00027 #ifndef WOLF_CRYPT_RSA_H 00028 #define WOLF_CRYPT_RSA_H 00029 00030 #include <wolfcrypt/types.h> 00031 00032 #ifndef NO_RSA 00033 00034 00035 /* RSA default exponent */ 00036 #ifndef WC_RSA_EXPONENT 00037 #define WC_RSA_EXPONENT 65537L 00038 #endif 00039 00040 00041 /* allow for user to plug in own crypto */ 00042 #if !defined(HAVE_FIPS) && (defined(HAVE_USER_RSA) || defined(HAVE_FAST_RSA)) 00043 #include "user_rsa.h" 00044 #else 00045 00046 #if defined(HAVE_FIPS) && \ 00047 (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2)) 00048 /* for fips @wc_fips */ 00049 #include <cyassl/ctaocrypt/rsa.h> 00050 #if defined(CYASSL_KEY_GEN) && !defined(WOLFSSL_KEY_GEN) 00051 #define WOLFSSL_KEY_GEN 00052 #endif 00053 #else 00054 #include <wolfcrypt/integer.h> 00055 #include <wolfcrypt/random.h> 00056 #endif /* HAVE_FIPS && HAVE_FIPS_VERION 1 */ 00057 #if defined(HAVE_FIPS) && \ 00058 defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2) 00059 #include <wolfcrypt/fips.h> 00060 #endif 00061 00062 /* header file needed for OAEP padding */ 00063 #include <wolfcrypt/hash.h> 00064 00065 #ifdef WOLFSSL_XILINX_CRYPT 00066 #include "xsecure_rsa.h" 00067 #endif 00068 00069 #ifdef __cplusplus 00070 extern "C" { 00071 #endif 00072 00073 /* avoid redefinition of structs */ 00074 #if !defined(HAVE_FIPS) || \ 00075 (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)) 00076 00077 #ifdef WOLFSSL_ASYNC_CRYPT 00078 #include <wolfcrypt/async.h> 00079 #ifdef WOLFSSL_CERT_GEN 00080 #include <wolfcrypt/asn.h> 00081 #endif 00082 #endif 00083 00084 enum { 00085 RSA_PUBLIC = 0, 00086 RSA_PRIVATE = 1, 00087 00088 RSA_TYPE_UNKNOWN = -1, 00089 RSA_PUBLIC_ENCRYPT = 0, 00090 RSA_PUBLIC_DECRYPT = 1, 00091 RSA_PRIVATE_ENCRYPT = 2, 00092 RSA_PRIVATE_DECRYPT = 3, 00093 00094 RSA_BLOCK_TYPE_1 = 1, 00095 RSA_BLOCK_TYPE_2 = 2, 00096 00097 RSA_MIN_SIZE = 512, 00098 RSA_MAX_SIZE = 4096, 00099 00100 RSA_MIN_PAD_SZ = 11, /* separator + 0 + pad value + 8 pads */ 00101 00102 RSA_PSS_PAD_SZ = 8, 00103 RSA_PSS_SALT_MAX_SZ = 62, 00104 00105 #ifdef OPENSSL_EXTRA 00106 RSA_PKCS1_PADDING_SIZE = 11, 00107 RSA_PKCS1_OAEP_PADDING_SIZE = 42, /* (2 * hashlen(SHA-1)) + 2 */ 00108 #endif 00109 #ifdef WC_RSA_PSS 00110 RSA_PSS_PAD_TERM = 0xBC, 00111 #endif 00112 }; 00113 00114 /* RSA */ 00115 struct RsaKey { 00116 mp_int n, e, d, p, q; 00117 #if defined(WOLFSSL_KEY_GEN) || defined(OPENSSL_EXTRA) || !defined(RSA_LOW_MEM) 00118 mp_int dP, dQ, u; 00119 #endif 00120 void* heap; /* for user memory overrides */ 00121 byte* data; /* temp buffer for async RSA */ 00122 int type; /* public or private */ 00123 int state; 00124 word32 dataLen; 00125 #ifdef WC_RSA_BLINDING 00126 WC_RNG* rng; /* for PrivateDecrypt blinding */ 00127 #endif 00128 #ifdef WOLF_CRYPTO_DEV 00129 int devId; 00130 #endif 00131 #ifdef WOLFSSL_ASYNC_CRYPT 00132 WC_ASYNC_DEV asyncDev; 00133 #ifdef WOLFSSL_CERT_GEN 00134 CertSignCtx certSignCtx; /* context info for cert sign (MakeSignature) */ 00135 #endif 00136 #endif /* WOLFSSL_ASYNC_CRYPT */ 00137 #ifdef WOLFSSL_XILINX_CRYPT 00138 word32 pubExp; /* to keep values in scope they are here in struct */ 00139 byte* mod; 00140 XSecure_Rsa xRsa; 00141 #endif 00142 byte dataIsAlloc; 00143 }; 00144 00145 #ifndef WC_RSAKEY_TYPE_DEFINED 00146 typedef struct RsaKey RsaKey; 00147 #define WC_RSAKEY_TYPE_DEFINED 00148 #endif 00149 00150 #endif /*HAVE_FIPS */ 00151 00152 WOLFSSL_API int wc_InitRsaKey(RsaKey* key, void* heap); 00153 WOLFSSL_API int wc_InitRsaKey_ex(RsaKey* key, void* heap, int devId); 00154 WOLFSSL_API int wc_FreeRsaKey(RsaKey* key); 00155 WOLFSSL_API int wc_CheckRsaKey(RsaKey* key); 00156 #ifdef WOLFSSL_XILINX_CRYPT 00157 WOLFSSL_LOCAL int wc_InitRsaHw(RsaKey* key); 00158 #endif /* WOLFSSL_XILINX_CRYPT */ 00159 00160 WOLFSSL_API int wc_RsaFunction(const byte* in, word32 inLen, byte* out, 00161 word32* outLen, int type, RsaKey* key, WC_RNG* rng); 00162 00163 WOLFSSL_API int wc_RsaPublicEncrypt(const byte* in, word32 inLen, byte* out, 00164 word32 outLen, RsaKey* key, WC_RNG* rng); 00165 WOLFSSL_API int wc_RsaPrivateDecryptInline(byte* in, word32 inLen, byte** out, 00166 RsaKey* key); 00167 WOLFSSL_API int wc_RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out, 00168 word32 outLen, RsaKey* key); 00169 WOLFSSL_API int wc_RsaSSL_Sign(const byte* in, word32 inLen, byte* out, 00170 word32 outLen, RsaKey* key, WC_RNG* rng); 00171 WOLFSSL_API int wc_RsaPSS_Sign(const byte* in, word32 inLen, byte* out, 00172 word32 outLen, enum wc_HashType hash, int mgf, 00173 RsaKey* key, WC_RNG* rng); 00174 WOLFSSL_API int wc_RsaPSS_Sign_ex(const byte* in, word32 inLen, byte* out, 00175 word32 outLen, enum wc_HashType hash, 00176 int mgf, int saltLen, RsaKey* key, 00177 WC_RNG* rng); 00178 WOLFSSL_API int wc_RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out, 00179 RsaKey* key); 00180 WOLFSSL_API int wc_RsaSSL_Verify(const byte* in, word32 inLen, byte* out, 00181 word32 outLen, RsaKey* key); 00182 WOLFSSL_API int wc_RsaPSS_VerifyInline(byte* in, word32 inLen, byte** out, 00183 enum wc_HashType hash, int mgf, 00184 RsaKey* key); 00185 WOLFSSL_API int wc_RsaPSS_VerifyInline_ex(byte* in, word32 inLen, byte** out, 00186 enum wc_HashType hash, int mgf, 00187 int saltLen, RsaKey* key); 00188 WOLFSSL_API int wc_RsaPSS_Verify(byte* in, word32 inLen, byte* out, 00189 word32 outLen, enum wc_HashType hash, int mgf, 00190 RsaKey* key); 00191 WOLFSSL_API int wc_RsaPSS_Verify_ex(byte* in, word32 inLen, byte* out, 00192 word32 outLen, enum wc_HashType hash, 00193 int mgf, int saltLen, RsaKey* key); 00194 WOLFSSL_API int wc_RsaPSS_CheckPadding(const byte* in, word32 inLen, byte* sig, 00195 word32 sigSz, 00196 enum wc_HashType hashType); 00197 WOLFSSL_API int wc_RsaPSS_CheckPadding_ex(const byte* in, word32 inLen, 00198 byte* sig, word32 sigSz, 00199 enum wc_HashType hashType, 00200 int saltLen, int bits); 00201 WOLFSSL_API int wc_RsaPSS_VerifyCheckInline(byte* in, word32 inLen, byte** out, 00202 const byte* digest, word32 digentLen, 00203 enum wc_HashType hash, int mgf, 00204 RsaKey* key); 00205 WOLFSSL_API int wc_RsaPSS_VerifyCheck(byte* in, word32 inLen, 00206 byte* out, word32 outLen, 00207 const byte* digest, word32 digestLen, 00208 enum wc_HashType hash, int mgf, 00209 RsaKey* key); 00210 00211 WOLFSSL_API int wc_RsaEncryptSize(RsaKey* key); 00212 00213 #if !defined(HAVE_FIPS) || \ 00214 (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)) 00215 /* to avoid asn duplicate symbols @wc_fips */ 00216 WOLFSSL_API int wc_RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, 00217 RsaKey*, word32); 00218 WOLFSSL_API int wc_RsaPublicKeyDecode(const byte* input, word32* inOutIdx, 00219 RsaKey*, word32); 00220 WOLFSSL_API int wc_RsaPublicKeyDecodeRaw(const byte* n, word32 nSz, 00221 const byte* e, word32 eSz, RsaKey* key); 00222 #ifdef WOLFSSL_KEY_GEN 00223 WOLFSSL_API int wc_RsaKeyToDer(RsaKey*, byte* output, word32 inLen); 00224 #endif 00225 00226 WOLFSSL_API int wc_RsaSetRNG(RsaKey* key, WC_RNG* rng); 00227 00228 /* 00229 choice of padding added after fips, so not available when using fips RSA 00230 */ 00231 00232 /* Mask Generation Function Identifiers */ 00233 #define WC_MGF1NONE 0 00234 #define WC_MGF1SHA1 26 00235 #define WC_MGF1SHA224 4 00236 #define WC_MGF1SHA256 1 00237 #define WC_MGF1SHA384 2 00238 #define WC_MGF1SHA512 3 00239 00240 /* Padding types */ 00241 #define WC_RSA_PKCSV15_PAD 0 00242 #define WC_RSA_OAEP_PAD 1 00243 #define WC_RSA_PSS_PAD 2 00244 #define WC_RSA_NO_PAD 3 00245 00246 WOLFSSL_API int wc_RsaPublicEncrypt_ex(const byte* in, word32 inLen, byte* out, 00247 word32 outLen, RsaKey* key, WC_RNG* rng, int type, 00248 enum wc_HashType hash, int mgf, byte* label, word32 lableSz); 00249 WOLFSSL_API int wc_RsaPrivateDecrypt_ex(const byte* in, word32 inLen, 00250 byte* out, word32 outLen, RsaKey* key, int type, 00251 enum wc_HashType hash, int mgf, byte* label, word32 lableSz); 00252 WOLFSSL_API int wc_RsaPrivateDecryptInline_ex(byte* in, word32 inLen, 00253 byte** out, RsaKey* key, int type, enum wc_HashType hash, 00254 int mgf, byte* label, word32 lableSz); 00255 #if defined(WC_RSA_DIRECT) || defined(WC_RSA_NO_PADDING) 00256 WOLFSSL_API int wc_RsaDirect(byte* in, word32 inLen, byte* out, word32* outSz, 00257 RsaKey* key, int type, WC_RNG* rng); 00258 #endif 00259 00260 #endif /* HAVE_FIPS*/ 00261 00262 WOLFSSL_API int wc_RsaFlattenPublicKey(RsaKey*, byte*, word32*, byte*, 00263 word32*); 00264 WOLFSSL_API int wc_RsaExportKey(RsaKey* key, 00265 byte* e, word32* eSz, 00266 byte* n, word32* nSz, 00267 byte* d, word32* dSz, 00268 byte* p, word32* pSz, 00269 byte* q, word32* qSz); 00270 00271 WOLFSSL_API int wc_RsaKeyToPublicDer(RsaKey*, byte* output, word32 inLen); 00272 00273 #ifdef WOLFSSL_KEY_GEN 00274 WOLFSSL_API int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng); 00275 WOLFSSL_API int wc_CheckProbablePrime(const byte* p, word32 pSz, 00276 const byte* q, word32 qSz, 00277 const byte* e, word32 eSz, 00278 int nlen, int* isPrime); 00279 #endif 00280 00281 #endif /* HAVE_USER_RSA */ 00282 00283 #ifdef __cplusplus 00284 } /* extern "C" */ 00285 #endif 00286 00287 #endif /* NO_RSA */ 00288 #endif /* WOLF_CRYPT_RSA_H */ 00289 00290
Generated on Tue Jul 12 2022 16:58:07 by
1.7.2