rsa.h

00001 /* rsa.h
00002  *
00003  * Copyright (C) 2006-2016 wolfSSL Inc.
00004  *
00005  * This file is part of wolfSSL.
00006  *
00007  * wolfSSL is free software; you can redistribute it and/or modify
00008  * it under the terms of the GNU General Public License as published by
00009  * the Free Software Foundation; either version 2 of the License, or
00010  * (at your option) any later version.
00011  *
00012  * wolfSSL is distributed in the hope that it will be useful,
00013  * but WITHOUT ANY WARRANTY; without even the implied warranty of
00014  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
00015  * GNU General Public License for more details.
00016  *
00017  * You should have received a copy of the GNU General Public License
00018  * along with this program; if not, write to the Free Software
00019  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
00020  */
00021 
00022 
00023 #ifndef WOLF_CRYPT_RSA_H
00024 #define WOLF_CRYPT_RSA_H
00025 
00026 #include <wolfssl/wolfcrypt/types.h>
00027 
00028 #ifndef NO_RSA
00029 
00030 /* allow for user to plug in own crypto */
00031 #if !defined(HAVE_FIPS) && (defined(HAVE_USER_RSA) || defined(HAVE_FAST_RSA))
00032     #include "user_rsa.h"
00033 #else
00034 
00035 #ifdef HAVE_FIPS
00036 /* for fips @wc_fips */
00037 #include <cyassl/ctaocrypt/rsa.h>
00038 #if defined(CYASSL_KEY_GEN) && !defined(WOLFSSL_KEY_GEN)
00039     #define WOLFSSL_KEY_GEN
00040 #endif
00041 #else
00042     #include <wolfssl/wolfcrypt/integer.h>
00043     #include <wolfssl/wolfcrypt/random.h>
00044 #endif /* HAVE_FIPS */
00045 
00046 /* header file needed for OAEP padding */
00047 #include <wolfssl/wolfcrypt/hash.h>
00048 
00049 #ifdef __cplusplus
00050     extern "C" {
00051 #endif
00052 
00053 /* avoid redefinition of structs */
00054 #if !defined(HAVE_FIPS)
00055 
00056 #ifdef WOLFSSL_ASYNC_CRYPT
00057     #include <wolfssl/wolfcrypt/async.h>
00058     #ifdef WOLFSSL_CERT_GEN
00059         #include <wolfssl/wolfcrypt/asn.h>
00060     #endif
00061 #endif
00062 
00063 enum {
00064     RSA_PUBLIC   = 0,
00065     RSA_PRIVATE  = 1,
00066 
00067     RSA_TYPE_UNKNOWN    = -1,
00068     RSA_PUBLIC_ENCRYPT  = 0,
00069     RSA_PUBLIC_DECRYPT  = 1,
00070     RSA_PRIVATE_ENCRYPT = 2,
00071     RSA_PRIVATE_DECRYPT = 3,
00072 
00073     RSA_BLOCK_TYPE_1 = 1,
00074     RSA_BLOCK_TYPE_2 = 2,
00075 
00076     RSA_MIN_SIZE = 512,
00077     RSA_MAX_SIZE = 4096,
00078 
00079     RSA_MIN_PAD_SZ   = 11      /* separator + 0 + pad value + 8 pads */
00080 };
00081 
00082 
00083 /* RSA */
00084 struct RsaKey {
00085     mp_int n, e, d, p, q, dP, dQ, u;
00086     void* heap;                               /* for user memory overrides */
00087     byte* data;                               /* temp buffer for async RSA */
00088     int   type;                               /* public or private */
00089     int   state;
00090     word32 dataLen;
00091 #ifdef WC_RSA_BLINDING
00092     WC_RNG* rng;                              /* for PrivateDecrypt blinding */
00093 #endif
00094 #ifdef WOLFSSL_ASYNC_CRYPT
00095     WC_ASYNC_DEV asyncDev;
00096     #ifdef WOLFSSL_CERT_GEN
00097         CertSignCtx certSignCtx; /* context info for cert sign (MakeSignature) */
00098     #endif
00099 #endif /* WOLFSSL_ASYNC_CRYPT */
00100     byte   dataIsAlloc;
00101 };
00102 
00103 #ifndef WC_RSAKEY_TYPE_DEFINED
00104     typedef struct RsaKey RsaKey;
00105     #define WC_RSAKEY_TYPE_DEFINED
00106 #endif
00107 
00108 #endif /*HAVE_FIPS */
00109 
00110 WOLFSSL_API int  wc_InitRsaKey(RsaKey* key, void* heap);
00111 WOLFSSL_API int  wc_InitRsaKey_ex(RsaKey* key, void* heap, int devId);
00112 WOLFSSL_API int  wc_FreeRsaKey(RsaKey* key);
00113 
00114 WOLFSSL_LOCAL int wc_RsaFunction(const byte* in, word32 inLen, byte* out,
00115                            word32* outLen, int type, RsaKey* key, WC_RNG* rng);
00116 
00117 WOLFSSL_API int  wc_RsaPublicEncrypt(const byte* in, word32 inLen, byte* out,
00118                                  word32 outLen, RsaKey* key, WC_RNG* rng);
00119 WOLFSSL_API int  wc_RsaPrivateDecryptInline(byte* in, word32 inLen, byte** out,
00120                                         RsaKey* key);
00121 WOLFSSL_API int  wc_RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out,
00122                                   word32 outLen, RsaKey* key);
00123 WOLFSSL_API int  wc_RsaSSL_Sign(const byte* in, word32 inLen, byte* out,
00124                             word32 outLen, RsaKey* key, WC_RNG* rng);
00125 WOLFSSL_API int  wc_RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out,
00126                                     RsaKey* key);
00127 WOLFSSL_API int  wc_RsaSSL_Verify(const byte* in, word32 inLen, byte* out,
00128                               word32 outLen, RsaKey* key);
00129 WOLFSSL_API int  wc_RsaPSS_VerifyInline(byte* in, word32 inLen, byte** out,
00130                                         enum wc_HashType hash, int mgf,
00131                                         RsaKey* key);
00132 WOLFSSL_API int  wc_RsaEncryptSize(RsaKey* key);
00133 
00134 #ifndef HAVE_FIPS /* to avoid asn duplicate symbols @wc_fips */
00135 WOLFSSL_API int  wc_RsaPrivateKeyDecode(const byte* input, word32* inOutIdx,
00136                                                                RsaKey*, word32);
00137 WOLFSSL_API int  wc_RsaPublicKeyDecode(const byte* input, word32* inOutIdx,
00138                                                                RsaKey*, word32);
00139 WOLFSSL_API int  wc_RsaPublicKeyDecodeRaw(const byte* n, word32 nSz,
00140                                         const byte* e, word32 eSz, RsaKey* key);
00141 #ifdef WOLFSSL_KEY_GEN
00142     WOLFSSL_API int wc_RsaKeyToDer(RsaKey*, byte* output, word32 inLen);
00143 #endif
00144 
00145 WOLFSSL_API int wc_RsaSetRNG(RsaKey* key, WC_RNG* rng);
00146 
00147 /*
00148    choice of padding added after fips, so not available when using fips RSA
00149  */
00150 
00151 /* Mask Generation Function Identifiers */
00152 #define WC_MGF1NONE   0
00153 #define WC_MGF1SHA1   26
00154 #define WC_MGF1SHA224 4
00155 #define WC_MGF1SHA256 1
00156 #define WC_MGF1SHA384 2
00157 #define WC_MGF1SHA512 3
00158 
00159 /* Padding types */
00160 #define WC_RSA_PKCSV15_PAD 0
00161 #define WC_RSA_OAEP_PAD    1
00162 #define WC_RSA_PSS_PAD     2
00163 
00164 WOLFSSL_API int  wc_RsaPublicEncrypt_ex(const byte* in, word32 inLen, byte* out,
00165                    word32 outLen, RsaKey* key, WC_RNG* rng, int type,
00166                    enum wc_HashType hash, int mgf, byte* label, word32 lableSz);
00167 WOLFSSL_API int  wc_RsaPrivateDecrypt_ex(const byte* in, word32 inLen,
00168                    byte* out, word32 outLen, RsaKey* key, int type,
00169                    enum wc_HashType hash, int mgf, byte* label, word32 lableSz);
00170 WOLFSSL_API int  wc_RsaPrivateDecryptInline_ex(byte* in, word32 inLen,
00171                       byte** out, RsaKey* key, int type, enum wc_HashType hash,
00172                       int mgf, byte* label, word32 lableSz);
00173 #endif /* HAVE_FIPS*/
00174 WOLFSSL_API int  wc_RsaFlattenPublicKey(RsaKey*, byte*, word32*, byte*,
00175                                                                        word32*);
00176 
00177 #ifdef WOLFSSL_KEY_GEN
00178     WOLFSSL_API int wc_RsaKeyToPublicDer(RsaKey*, byte* output, word32 inLen);
00179     WOLFSSL_API int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng);
00180 #endif
00181 
00182 #endif /* HAVE_USER_RSA */
00183 
00184 #ifdef __cplusplus
00185     } /* extern "C" */
00186 #endif
00187 
00188 #endif /* NO_RSA */
00189 #endif /* WOLF_CRYPT_RSA_H */
00190 
00191