wolf SSL
wolfSSL SSL/TLS library, support up to TLS1.3
Dependents: CyaSSL-Twitter-OAuth4Tw Example-client-tls-cert TwitterReader TweetTest ... more
wolfssl/wolfcrypt/rsa.h@11:cee25a834751, 2017-05-30 (annotated)
- Committer:
- wolfSSL
- Date:
- Tue May 30 01:44:10 2017 +0000
- Revision:
- 11:cee25a834751
wolfSSL 3.11.0
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| wolfSSL | 11:cee25a834751 | 1 | /* rsa.h |
| wolfSSL | 11:cee25a834751 | 2 | * |
| wolfSSL | 11:cee25a834751 | 3 | * Copyright (C) 2006-2016 wolfSSL Inc. |
| wolfSSL | 11:cee25a834751 | 4 | * |
| wolfSSL | 11:cee25a834751 | 5 | * This file is part of wolfSSL. |
| wolfSSL | 11:cee25a834751 | 6 | * |
| wolfSSL | 11:cee25a834751 | 7 | * wolfSSL is free software; you can redistribute it and/or modify |
| wolfSSL | 11:cee25a834751 | 8 | * it under the terms of the GNU General Public License as published by |
| wolfSSL | 11:cee25a834751 | 9 | * the Free Software Foundation; either version 2 of the License, or |
| wolfSSL | 11:cee25a834751 | 10 | * (at your option) any later version. |
| wolfSSL | 11:cee25a834751 | 11 | * |
| wolfSSL | 11:cee25a834751 | 12 | * wolfSSL is distributed in the hope that it will be useful, |
| wolfSSL | 11:cee25a834751 | 13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| wolfSSL | 11:cee25a834751 | 14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| wolfSSL | 11:cee25a834751 | 15 | * GNU General Public License for more details. |
| wolfSSL | 11:cee25a834751 | 16 | * |
| wolfSSL | 11:cee25a834751 | 17 | * You should have received a copy of the GNU General Public License |
| wolfSSL | 11:cee25a834751 | 18 | * along with this program; if not, write to the Free Software |
| wolfSSL | 11:cee25a834751 | 19 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA |
| wolfSSL | 11:cee25a834751 | 20 | */ |
| wolfSSL | 11:cee25a834751 | 21 | |
| wolfSSL | 11:cee25a834751 | 22 | |
| wolfSSL | 11:cee25a834751 | 23 | #ifndef WOLF_CRYPT_RSA_H |
| wolfSSL | 11:cee25a834751 | 24 | #define WOLF_CRYPT_RSA_H |
| wolfSSL | 11:cee25a834751 | 25 | |
| wolfSSL | 11:cee25a834751 | 26 | #include <wolfssl/wolfcrypt/types.h> |
| wolfSSL | 11:cee25a834751 | 27 | |
| wolfSSL | 11:cee25a834751 | 28 | #ifndef NO_RSA |
| wolfSSL | 11:cee25a834751 | 29 | |
| wolfSSL | 11:cee25a834751 | 30 | /* allow for user to plug in own crypto */ |
| wolfSSL | 11:cee25a834751 | 31 | #if !defined(HAVE_FIPS) && (defined(HAVE_USER_RSA) || defined(HAVE_FAST_RSA)) |
| wolfSSL | 11:cee25a834751 | 32 | #include "user_rsa.h" |
| wolfSSL | 11:cee25a834751 | 33 | #else |
| wolfSSL | 11:cee25a834751 | 34 | |
| wolfSSL | 11:cee25a834751 | 35 | #ifdef HAVE_FIPS |
| wolfSSL | 11:cee25a834751 | 36 | /* for fips @wc_fips */ |
| wolfSSL | 11:cee25a834751 | 37 | #include <cyassl/ctaocrypt/rsa.h> |
| wolfSSL | 11:cee25a834751 | 38 | #if defined(CYASSL_KEY_GEN) && !defined(WOLFSSL_KEY_GEN) |
| wolfSSL | 11:cee25a834751 | 39 | #define WOLFSSL_KEY_GEN |
| wolfSSL | 11:cee25a834751 | 40 | #endif |
| wolfSSL | 11:cee25a834751 | 41 | #else |
| wolfSSL | 11:cee25a834751 | 42 | #include <wolfssl/wolfcrypt/integer.h> |
| wolfSSL | 11:cee25a834751 | 43 | #include <wolfssl/wolfcrypt/random.h> |
| wolfSSL | 11:cee25a834751 | 44 | #endif /* HAVE_FIPS */ |
| wolfSSL | 11:cee25a834751 | 45 | |
| wolfSSL | 11:cee25a834751 | 46 | /* header file needed for OAEP padding */ |
| wolfSSL | 11:cee25a834751 | 47 | #include <wolfssl/wolfcrypt/hash.h> |
| wolfSSL | 11:cee25a834751 | 48 | |
| wolfSSL | 11:cee25a834751 | 49 | #ifdef __cplusplus |
| wolfSSL | 11:cee25a834751 | 50 | extern "C" { |
| wolfSSL | 11:cee25a834751 | 51 | #endif |
| wolfSSL | 11:cee25a834751 | 52 | |
| wolfSSL | 11:cee25a834751 | 53 | /* avoid redefinition of structs */ |
| wolfSSL | 11:cee25a834751 | 54 | #if !defined(HAVE_FIPS) |
| wolfSSL | 11:cee25a834751 | 55 | |
| wolfSSL | 11:cee25a834751 | 56 | #ifdef WOLFSSL_ASYNC_CRYPT |
| wolfSSL | 11:cee25a834751 | 57 | #include <wolfssl/wolfcrypt/async.h> |
| wolfSSL | 11:cee25a834751 | 58 | #ifdef WOLFSSL_CERT_GEN |
| wolfSSL | 11:cee25a834751 | 59 | #include <wolfssl/wolfcrypt/asn.h> |
| wolfSSL | 11:cee25a834751 | 60 | #endif |
| wolfSSL | 11:cee25a834751 | 61 | #endif |
| wolfSSL | 11:cee25a834751 | 62 | |
| wolfSSL | 11:cee25a834751 | 63 | enum { |
| wolfSSL | 11:cee25a834751 | 64 | RSA_PUBLIC = 0, |
| wolfSSL | 11:cee25a834751 | 65 | RSA_PRIVATE = 1, |
| wolfSSL | 11:cee25a834751 | 66 | |
| wolfSSL | 11:cee25a834751 | 67 | RSA_TYPE_UNKNOWN = -1, |
| wolfSSL | 11:cee25a834751 | 68 | RSA_PUBLIC_ENCRYPT = 0, |
| wolfSSL | 11:cee25a834751 | 69 | RSA_PUBLIC_DECRYPT = 1, |
| wolfSSL | 11:cee25a834751 | 70 | RSA_PRIVATE_ENCRYPT = 2, |
| wolfSSL | 11:cee25a834751 | 71 | RSA_PRIVATE_DECRYPT = 3, |
| wolfSSL | 11:cee25a834751 | 72 | |
| wolfSSL | 11:cee25a834751 | 73 | RSA_BLOCK_TYPE_1 = 1, |
| wolfSSL | 11:cee25a834751 | 74 | RSA_BLOCK_TYPE_2 = 2, |
| wolfSSL | 11:cee25a834751 | 75 | |
| wolfSSL | 11:cee25a834751 | 76 | RSA_MIN_SIZE = 512, |
| wolfSSL | 11:cee25a834751 | 77 | RSA_MAX_SIZE = 4096, |
| wolfSSL | 11:cee25a834751 | 78 | |
| wolfSSL | 11:cee25a834751 | 79 | RSA_MIN_PAD_SZ = 11 /* separator + 0 + pad value + 8 pads */ |
| wolfSSL | 11:cee25a834751 | 80 | }; |
| wolfSSL | 11:cee25a834751 | 81 | |
| wolfSSL | 11:cee25a834751 | 82 | |
| wolfSSL | 11:cee25a834751 | 83 | /* RSA */ |
| wolfSSL | 11:cee25a834751 | 84 | struct RsaKey { |
| wolfSSL | 11:cee25a834751 | 85 | mp_int n, e, d, p, q, dP, dQ, u; |
| wolfSSL | 11:cee25a834751 | 86 | void* heap; /* for user memory overrides */ |
| wolfSSL | 11:cee25a834751 | 87 | byte* data; /* temp buffer for async RSA */ |
| wolfSSL | 11:cee25a834751 | 88 | int type; /* public or private */ |
| wolfSSL | 11:cee25a834751 | 89 | int state; |
| wolfSSL | 11:cee25a834751 | 90 | word32 dataLen; |
| wolfSSL | 11:cee25a834751 | 91 | #ifdef WC_RSA_BLINDING |
| wolfSSL | 11:cee25a834751 | 92 | WC_RNG* rng; /* for PrivateDecrypt blinding */ |
| wolfSSL | 11:cee25a834751 | 93 | #endif |
| wolfSSL | 11:cee25a834751 | 94 | #ifdef WOLFSSL_ASYNC_CRYPT |
| wolfSSL | 11:cee25a834751 | 95 | WC_ASYNC_DEV asyncDev; |
| wolfSSL | 11:cee25a834751 | 96 | #ifdef WOLFSSL_CERT_GEN |
| wolfSSL | 11:cee25a834751 | 97 | CertSignCtx certSignCtx; /* context info for cert sign (MakeSignature) */ |
| wolfSSL | 11:cee25a834751 | 98 | #endif |
| wolfSSL | 11:cee25a834751 | 99 | #endif /* WOLFSSL_ASYNC_CRYPT */ |
| wolfSSL | 11:cee25a834751 | 100 | byte dataIsAlloc; |
| wolfSSL | 11:cee25a834751 | 101 | }; |
| wolfSSL | 11:cee25a834751 | 102 | |
| wolfSSL | 11:cee25a834751 | 103 | #ifndef WC_RSAKEY_TYPE_DEFINED |
| wolfSSL | 11:cee25a834751 | 104 | typedef struct RsaKey RsaKey; |
| wolfSSL | 11:cee25a834751 | 105 | #define WC_RSAKEY_TYPE_DEFINED |
| wolfSSL | 11:cee25a834751 | 106 | #endif |
| wolfSSL | 11:cee25a834751 | 107 | |
| wolfSSL | 11:cee25a834751 | 108 | #endif /*HAVE_FIPS */ |
| wolfSSL | 11:cee25a834751 | 109 | |
| wolfSSL | 11:cee25a834751 | 110 | WOLFSSL_API int wc_InitRsaKey(RsaKey* key, void* heap); |
| wolfSSL | 11:cee25a834751 | 111 | WOLFSSL_API int wc_InitRsaKey_ex(RsaKey* key, void* heap, int devId); |
| wolfSSL | 11:cee25a834751 | 112 | WOLFSSL_API int wc_FreeRsaKey(RsaKey* key); |
| wolfSSL | 11:cee25a834751 | 113 | |
| wolfSSL | 11:cee25a834751 | 114 | WOLFSSL_LOCAL int wc_RsaFunction(const byte* in, word32 inLen, byte* out, |
| wolfSSL | 11:cee25a834751 | 115 | word32* outLen, int type, RsaKey* key, WC_RNG* rng); |
| wolfSSL | 11:cee25a834751 | 116 | |
| wolfSSL | 11:cee25a834751 | 117 | WOLFSSL_API int wc_RsaPublicEncrypt(const byte* in, word32 inLen, byte* out, |
| wolfSSL | 11:cee25a834751 | 118 | word32 outLen, RsaKey* key, WC_RNG* rng); |
| wolfSSL | 11:cee25a834751 | 119 | WOLFSSL_API int wc_RsaPrivateDecryptInline(byte* in, word32 inLen, byte** out, |
| wolfSSL | 11:cee25a834751 | 120 | RsaKey* key); |
| wolfSSL | 11:cee25a834751 | 121 | WOLFSSL_API int wc_RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out, |
| wolfSSL | 11:cee25a834751 | 122 | word32 outLen, RsaKey* key); |
| wolfSSL | 11:cee25a834751 | 123 | WOLFSSL_API int wc_RsaSSL_Sign(const byte* in, word32 inLen, byte* out, |
| wolfSSL | 11:cee25a834751 | 124 | word32 outLen, RsaKey* key, WC_RNG* rng); |
| wolfSSL | 11:cee25a834751 | 125 | WOLFSSL_API int wc_RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out, |
| wolfSSL | 11:cee25a834751 | 126 | RsaKey* key); |
| wolfSSL | 11:cee25a834751 | 127 | WOLFSSL_API int wc_RsaSSL_Verify(const byte* in, word32 inLen, byte* out, |
| wolfSSL | 11:cee25a834751 | 128 | word32 outLen, RsaKey* key); |
| wolfSSL | 11:cee25a834751 | 129 | WOLFSSL_API int wc_RsaEncryptSize(RsaKey* key); |
| wolfSSL | 11:cee25a834751 | 130 | |
| wolfSSL | 11:cee25a834751 | 131 | #ifndef HAVE_FIPS /* to avoid asn duplicate symbols @wc_fips */ |
| wolfSSL | 11:cee25a834751 | 132 | WOLFSSL_API int wc_RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, |
| wolfSSL | 11:cee25a834751 | 133 | RsaKey*, word32); |
| wolfSSL | 11:cee25a834751 | 134 | WOLFSSL_API int wc_RsaPublicKeyDecode(const byte* input, word32* inOutIdx, |
| wolfSSL | 11:cee25a834751 | 135 | RsaKey*, word32); |
| wolfSSL | 11:cee25a834751 | 136 | WOLFSSL_API int wc_RsaPublicKeyDecodeRaw(const byte* n, word32 nSz, |
| wolfSSL | 11:cee25a834751 | 137 | const byte* e, word32 eSz, RsaKey* key); |
| wolfSSL | 11:cee25a834751 | 138 | #ifdef WOLFSSL_KEY_GEN |
| wolfSSL | 11:cee25a834751 | 139 | WOLFSSL_API int wc_RsaKeyToDer(RsaKey*, byte* output, word32 inLen); |
| wolfSSL | 11:cee25a834751 | 140 | #endif |
| wolfSSL | 11:cee25a834751 | 141 | |
| wolfSSL | 11:cee25a834751 | 142 | WOLFSSL_API int wc_RsaSetRNG(RsaKey* key, WC_RNG* rng); |
| wolfSSL | 11:cee25a834751 | 143 | |
| wolfSSL | 11:cee25a834751 | 144 | /* |
| wolfSSL | 11:cee25a834751 | 145 | choice of padding added after fips, so not available when using fips RSA |
| wolfSSL | 11:cee25a834751 | 146 | */ |
| wolfSSL | 11:cee25a834751 | 147 | |
| wolfSSL | 11:cee25a834751 | 148 | /* Mask Generation Function Identifiers */ |
| wolfSSL | 11:cee25a834751 | 149 | #define WC_MGF1NONE 0 |
| wolfSSL | 11:cee25a834751 | 150 | #define WC_MGF1SHA1 26 |
| wolfSSL | 11:cee25a834751 | 151 | #define WC_MGF1SHA224 4 |
| wolfSSL | 11:cee25a834751 | 152 | #define WC_MGF1SHA256 1 |
| wolfSSL | 11:cee25a834751 | 153 | #define WC_MGF1SHA384 2 |
| wolfSSL | 11:cee25a834751 | 154 | #define WC_MGF1SHA512 3 |
| wolfSSL | 11:cee25a834751 | 155 | |
| wolfSSL | 11:cee25a834751 | 156 | /* Padding types */ |
| wolfSSL | 11:cee25a834751 | 157 | #define WC_RSA_PKCSV15_PAD 0 |
| wolfSSL | 11:cee25a834751 | 158 | #define WC_RSA_OAEP_PAD 1 |
| wolfSSL | 11:cee25a834751 | 159 | |
| wolfSSL | 11:cee25a834751 | 160 | WOLFSSL_API int wc_RsaPublicEncrypt_ex(const byte* in, word32 inLen, byte* out, |
| wolfSSL | 11:cee25a834751 | 161 | word32 outLen, RsaKey* key, WC_RNG* rng, int type, |
| wolfSSL | 11:cee25a834751 | 162 | enum wc_HashType hash, int mgf, byte* label, word32 lableSz); |
| wolfSSL | 11:cee25a834751 | 163 | WOLFSSL_API int wc_RsaPrivateDecrypt_ex(const byte* in, word32 inLen, |
| wolfSSL | 11:cee25a834751 | 164 | byte* out, word32 outLen, RsaKey* key, int type, |
| wolfSSL | 11:cee25a834751 | 165 | enum wc_HashType hash, int mgf, byte* label, word32 lableSz); |
| wolfSSL | 11:cee25a834751 | 166 | WOLFSSL_API int wc_RsaPrivateDecryptInline_ex(byte* in, word32 inLen, |
| wolfSSL | 11:cee25a834751 | 167 | byte** out, RsaKey* key, int type, enum wc_HashType hash, |
| wolfSSL | 11:cee25a834751 | 168 | int mgf, byte* label, word32 lableSz); |
| wolfSSL | 11:cee25a834751 | 169 | #endif /* HAVE_FIPS*/ |
| wolfSSL | 11:cee25a834751 | 170 | WOLFSSL_API int wc_RsaFlattenPublicKey(RsaKey*, byte*, word32*, byte*, |
| wolfSSL | 11:cee25a834751 | 171 | word32*); |
| wolfSSL | 11:cee25a834751 | 172 | |
| wolfSSL | 11:cee25a834751 | 173 | #ifdef WOLFSSL_KEY_GEN |
| wolfSSL | 11:cee25a834751 | 174 | WOLFSSL_API int wc_RsaKeyToPublicDer(RsaKey*, byte* output, word32 inLen); |
| wolfSSL | 11:cee25a834751 | 175 | WOLFSSL_API int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng); |
| wolfSSL | 11:cee25a834751 | 176 | #endif |
| wolfSSL | 11:cee25a834751 | 177 | |
| wolfSSL | 11:cee25a834751 | 178 | #endif /* HAVE_USER_RSA */ |
| wolfSSL | 11:cee25a834751 | 179 | |
| wolfSSL | 11:cee25a834751 | 180 | #ifdef __cplusplus |
| wolfSSL | 11:cee25a834751 | 181 | } /* extern "C" */ |
| wolfSSL | 11:cee25a834751 | 182 | #endif |
| wolfSSL | 11:cee25a834751 | 183 | |
| wolfSSL | 11:cee25a834751 | 184 | #endif /* NO_RSA */ |
| wolfSSL | 11:cee25a834751 | 185 | #endif /* WOLF_CRYPT_RSA_H */ |
| wolfSSL | 11:cee25a834751 | 186 | |
| wolfSSL | 11:cee25a834751 | 187 |