wolfSSL SSL/TLS library, support up to TLS1.3
Dependents: CyaSSL-Twitter-OAuth4Tw Example-client-tls-cert TwitterReader TweetTest ... more
rsa.h
00001 /* rsa.h 00002 * 00003 * Copyright (C) 2006-2020 wolfSSL Inc. 00004 * 00005 * This file is part of wolfSSL. 00006 * 00007 * wolfSSL is free software; you can redistribute it and/or modify 00008 * it under the terms of the GNU General Public License as published by 00009 * the Free Software Foundation; either version 2 of the License, or 00010 * (at your option) any later version. 00011 * 00012 * wolfSSL is distributed in the hope that it will be useful, 00013 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00014 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00015 * GNU General Public License for more details. 00016 * 00017 * You should have received a copy of the GNU General Public License 00018 * along with this program; if not, write to the Free Software 00019 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA 00020 */ 00021 00022 /*! 00023 \file wolfssl/wolfcrypt/rsa.h 00024 */ 00025 00026 00027 #ifndef WOLF_CRYPT_RSA_H 00028 #define WOLF_CRYPT_RSA_H 00029 00030 #include <wolfssl/wolfcrypt/types.h > 00031 00032 #ifndef NO_RSA 00033 00034 00035 /* RSA default exponent */ 00036 #ifndef WC_RSA_EXPONENT 00037 #define WC_RSA_EXPONENT 65537L 00038 #endif 00039 00040 #if defined(WC_RSA_NONBLOCK) 00041 /* enable support for fast math based non-blocking exptmod */ 00042 /* this splits the RSA function into many smaller operations */ 00043 #ifndef USE_FAST_MATH 00044 #error RSA non-blocking mode only supported using fast math 00045 #endif 00046 #ifndef TFM_TIMING_RESISTANT 00047 #error RSA non-blocking mode only supported with timing resistance enabled 00048 #endif 00049 00050 /* RSA bounds check is not supported with RSA non-blocking mode */ 00051 #undef NO_RSA_BOUNDS_CHECK 00052 #define NO_RSA_BOUNDS_CHECK 00053 #endif 00054 00055 /* allow for user to plug in own crypto */ 00056 #if !defined(HAVE_FIPS) && (defined(HAVE_USER_RSA) || defined(HAVE_FAST_RSA)) 00057 #include "user_rsa.h" 00058 #else 00059 00060 #if defined(HAVE_FIPS) && \ 00061 (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2)) 00062 /* for fips @wc_fips */ 00063 #include <cyassl/ctaocrypt/rsa.h> 00064 #if defined(CYASSL_KEY_GEN) && !defined(WOLFSSL_KEY_GEN) 00065 #define WOLFSSL_KEY_GEN 00066 #endif 00067 #else 00068 #include <wolfssl/wolfcrypt/integer.h> 00069 #include <wolfssl/wolfcrypt/random.h > 00070 #endif /* HAVE_FIPS && HAVE_FIPS_VERION 1 */ 00071 #if defined(HAVE_FIPS) && \ 00072 defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2) 00073 #include <wolfssl/wolfcrypt/fips.h> 00074 #endif 00075 00076 /* header file needed for OAEP padding */ 00077 #include <wolfssl/wolfcrypt/hash.h > 00078 00079 #ifdef WOLFSSL_XILINX_CRYPT 00080 #include "xsecure_rsa.h" 00081 #endif 00082 00083 #if defined(WOLFSSL_CRYPTOCELL) 00084 #include <wolfssl/wolfcrypt/port/arm/cryptoCell.h> 00085 #endif 00086 00087 #ifdef __cplusplus 00088 extern "C" { 00089 #endif 00090 00091 enum { 00092 RSA_MIN_SIZE = 512, 00093 RSA_MAX_SIZE = 4096, 00094 }; 00095 00096 /* avoid redefinition of structs */ 00097 #if !defined(HAVE_FIPS) || \ 00098 (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)) 00099 00100 #ifdef WOLFSSL_ASYNC_CRYPT 00101 #include <wolfssl/wolfcrypt/async.h> 00102 #ifdef WOLFSSL_CERT_GEN 00103 #include <wolfssl/wolfcrypt/asn.h > 00104 #endif 00105 #endif 00106 00107 enum { 00108 RSA_PUBLIC = 0, 00109 RSA_PRIVATE = 1, 00110 00111 RSA_TYPE_UNKNOWN = -1, 00112 RSA_PUBLIC_ENCRYPT = 0, 00113 RSA_PUBLIC_DECRYPT = 1, 00114 RSA_PRIVATE_ENCRYPT = 2, 00115 RSA_PRIVATE_DECRYPT = 3, 00116 00117 RSA_BLOCK_TYPE_1 = 1, 00118 RSA_BLOCK_TYPE_2 = 2, 00119 00120 RSA_MIN_PAD_SZ = 11, /* separator + 0 + pad value + 8 pads */ 00121 00122 RSA_PSS_PAD_SZ = 8, 00123 RSA_PSS_SALT_MAX_SZ = 62, 00124 00125 #ifdef OPENSSL_EXTRA 00126 RSA_PKCS1_PADDING_SIZE = 11, 00127 RSA_PKCS1_OAEP_PADDING_SIZE = 42, /* (2 * hashlen(SHA-1)) + 2 */ 00128 #endif 00129 #ifdef WC_RSA_PSS 00130 RSA_PSS_PAD_TERM = 0xBC, 00131 #endif 00132 00133 RSA_PSS_SALT_LEN_DEFAULT = -1, 00134 #ifdef WOLFSSL_PSS_SALT_LEN_DISCOVER 00135 RSA_PSS_SALT_LEN_DISCOVER = -2, 00136 #endif 00137 00138 #ifdef HAVE_PKCS11 00139 RSA_MAX_ID_LEN = 32, 00140 #endif 00141 }; 00142 00143 #ifdef WC_RSA_NONBLOCK 00144 typedef struct RsaNb { 00145 exptModNb_t exptmod; /* non-block expt_mod */ 00146 mp_int tmp; 00147 } RsaNb; 00148 #endif 00149 00150 /* RSA */ 00151 struct RsaKey { 00152 mp_int n, e; 00153 #ifndef WOLFSSL_RSA_PUBLIC_ONLY 00154 mp_int d, p, q; 00155 #if defined(WOLFSSL_KEY_GEN) || defined(OPENSSL_EXTRA) || !defined(RSA_LOW_MEM) 00156 mp_int dP, dQ, u; 00157 #endif 00158 #endif 00159 void* heap; /* for user memory overrides */ 00160 byte* data; /* temp buffer for async RSA */ 00161 int type; /* public or private */ 00162 int state; 00163 word32 dataLen; 00164 #ifdef WC_RSA_BLINDING 00165 WC_RNG* rng; /* for PrivateDecrypt blinding */ 00166 #endif 00167 #ifdef WOLF_CRYPTO_CB 00168 int devId; 00169 #endif 00170 #ifdef WOLFSSL_ASYNC_CRYPT 00171 WC_ASYNC_DEV asyncDev; 00172 #ifdef WOLFSSL_CERT_GEN 00173 CertSignCtx certSignCtx; /* context info for cert sign (MakeSignature) */ 00174 #endif 00175 #endif /* WOLFSSL_ASYNC_CRYPT */ 00176 #ifdef WOLFSSL_XILINX_CRYPT 00177 word32 pubExp; /* to keep values in scope they are here in struct */ 00178 byte* mod; 00179 XSecure_Rsa xRsa; 00180 #endif 00181 #ifdef HAVE_PKCS11 00182 byte id[RSA_MAX_ID_LEN]; 00183 int idLen; 00184 #endif 00185 #if defined(WOLFSSL_ASYNC_CRYPT) || !defined(WOLFSSL_RSA_VERIFY_INLINE) 00186 byte dataIsAlloc; 00187 #endif 00188 #ifdef WC_RSA_NONBLOCK 00189 RsaNb* nb; 00190 #endif 00191 #ifdef WOLFSSL_AFALG_XILINX_RSA 00192 int alFd; 00193 int rdFd; 00194 #endif 00195 #if defined(WOLFSSL_CRYPTOCELL) 00196 rsa_context_t ctx; 00197 #endif 00198 }; 00199 00200 #ifndef WC_RSAKEY_TYPE_DEFINED 00201 typedef struct RsaKey RsaKey; 00202 #define WC_RSAKEY_TYPE_DEFINED 00203 #endif 00204 00205 #endif /*HAVE_FIPS */ 00206 00207 WOLFSSL_API int wc_InitRsaKey(RsaKey* key, void* heap); 00208 WOLFSSL_API int wc_InitRsaKey_ex(RsaKey* key, void* heap, int devId); 00209 WOLFSSL_API int wc_FreeRsaKey(RsaKey* key); 00210 #ifdef HAVE_PKCS11 00211 WOLFSSL_API int wc_InitRsaKey_Id(RsaKey* key, unsigned char* id, int len, 00212 void* heap, int devId); 00213 #endif 00214 WOLFSSL_API int wc_CheckRsaKey(RsaKey* key); 00215 #ifdef WOLFSSL_XILINX_CRYPT 00216 WOLFSSL_LOCAL int wc_InitRsaHw(RsaKey* key); 00217 #endif /* WOLFSSL_XILINX_CRYPT */ 00218 00219 WOLFSSL_API int wc_RsaFunction(const byte* in, word32 inLen, byte* out, 00220 word32* outLen, int type, RsaKey* key, WC_RNG* rng); 00221 00222 WOLFSSL_API int wc_RsaPublicEncrypt(const byte* in, word32 inLen, byte* out, 00223 word32 outLen, RsaKey* key, WC_RNG* rng); 00224 WOLFSSL_API int wc_RsaPrivateDecryptInline(byte* in, word32 inLen, byte** out, 00225 RsaKey* key); 00226 WOLFSSL_API int wc_RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out, 00227 word32 outLen, RsaKey* key); 00228 WOLFSSL_API int wc_RsaSSL_Sign(const byte* in, word32 inLen, byte* out, 00229 word32 outLen, RsaKey* key, WC_RNG* rng); 00230 WOLFSSL_API int wc_RsaPSS_Sign(const byte* in, word32 inLen, byte* out, 00231 word32 outLen, enum wc_HashType hash, int mgf, 00232 RsaKey* key, WC_RNG* rng); 00233 WOLFSSL_API int wc_RsaPSS_Sign_ex(const byte* in, word32 inLen, byte* out, 00234 word32 outLen, enum wc_HashType hash, 00235 int mgf, int saltLen, RsaKey* key, 00236 WC_RNG* rng); 00237 WOLFSSL_API int wc_RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out, 00238 RsaKey* key); 00239 WOLFSSL_API int wc_RsaSSL_Verify(const byte* in, word32 inLen, byte* out, 00240 word32 outLen, RsaKey* key); 00241 WOLFSSL_API int wc_RsaSSL_Verify_ex(const byte* in, word32 inLen, byte* out, 00242 word32 outLen, RsaKey* key, int pad_type); 00243 WOLFSSL_API int wc_RsaPSS_VerifyInline(byte* in, word32 inLen, byte** out, 00244 enum wc_HashType hash, int mgf, 00245 RsaKey* key); 00246 WOLFSSL_API int wc_RsaPSS_VerifyInline_ex(byte* in, word32 inLen, byte** out, 00247 enum wc_HashType hash, int mgf, 00248 int saltLen, RsaKey* key); 00249 WOLFSSL_API int wc_RsaPSS_Verify(byte* in, word32 inLen, byte* out, 00250 word32 outLen, enum wc_HashType hash, int mgf, 00251 RsaKey* key); 00252 WOLFSSL_API int wc_RsaPSS_Verify_ex(byte* in, word32 inLen, byte* out, 00253 word32 outLen, enum wc_HashType hash, 00254 int mgf, int saltLen, RsaKey* key); 00255 WOLFSSL_API int wc_RsaPSS_CheckPadding(const byte* in, word32 inLen, byte* sig, 00256 word32 sigSz, 00257 enum wc_HashType hashType); 00258 WOLFSSL_API int wc_RsaPSS_CheckPadding_ex(const byte* in, word32 inLen, 00259 byte* sig, word32 sigSz, 00260 enum wc_HashType hashType, 00261 int saltLen, int bits); 00262 WOLFSSL_API int wc_RsaPSS_VerifyCheckInline(byte* in, word32 inLen, byte** out, 00263 const byte* digest, word32 digentLen, 00264 enum wc_HashType hash, int mgf, 00265 RsaKey* key); 00266 WOLFSSL_API int wc_RsaPSS_VerifyCheck(byte* in, word32 inLen, 00267 byte* out, word32 outLen, 00268 const byte* digest, word32 digestLen, 00269 enum wc_HashType hash, int mgf, 00270 RsaKey* key); 00271 00272 WOLFSSL_API int wc_RsaEncryptSize(RsaKey* key); 00273 00274 #if !defined(HAVE_FIPS) || \ 00275 (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)) 00276 /* to avoid asn duplicate symbols @wc_fips */ 00277 WOLFSSL_API int wc_RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, 00278 RsaKey*, word32); 00279 WOLFSSL_API int wc_RsaPublicKeyDecode(const byte* input, word32* inOutIdx, 00280 RsaKey*, word32); 00281 WOLFSSL_API int wc_RsaPublicKeyDecodeRaw(const byte* n, word32 nSz, 00282 const byte* e, word32 eSz, RsaKey* key); 00283 WOLFSSL_API int wc_RsaKeyToDer(RsaKey*, byte* output, word32 inLen); 00284 00285 00286 #ifdef WC_RSA_BLINDING 00287 WOLFSSL_API int wc_RsaSetRNG(RsaKey* key, WC_RNG* rng); 00288 #endif 00289 #ifdef WC_RSA_NONBLOCK 00290 WOLFSSL_API int wc_RsaSetNonBlock(RsaKey* key, RsaNb* nb); 00291 #ifdef WC_RSA_NONBLOCK_TIME 00292 WOLFSSL_API int wc_RsaSetNonBlockTime(RsaKey* key, word32 maxBlockUs, 00293 word32 cpuMHz); 00294 #endif 00295 #endif 00296 00297 /* 00298 choice of padding added after fips, so not available when using fips RSA 00299 */ 00300 00301 /* Mask Generation Function Identifiers */ 00302 #define WC_MGF1NONE 0 00303 #define WC_MGF1SHA1 26 00304 #define WC_MGF1SHA224 4 00305 #define WC_MGF1SHA256 1 00306 #define WC_MGF1SHA384 2 00307 #define WC_MGF1SHA512 3 00308 00309 /* Padding types */ 00310 #define WC_RSA_PKCSV15_PAD 0 00311 #define WC_RSA_OAEP_PAD 1 00312 #define WC_RSA_PSS_PAD 2 00313 #define WC_RSA_NO_PAD 3 00314 00315 WOLFSSL_API int wc_RsaPublicEncrypt_ex(const byte* in, word32 inLen, byte* out, 00316 word32 outLen, RsaKey* key, WC_RNG* rng, int type, 00317 enum wc_HashType hash, int mgf, byte* label, word32 lableSz); 00318 WOLFSSL_API int wc_RsaPrivateDecrypt_ex(const byte* in, word32 inLen, 00319 byte* out, word32 outLen, RsaKey* key, int type, 00320 enum wc_HashType hash, int mgf, byte* label, word32 lableSz); 00321 WOLFSSL_API int wc_RsaPrivateDecryptInline_ex(byte* in, word32 inLen, 00322 byte** out, RsaKey* key, int type, enum wc_HashType hash, 00323 int mgf, byte* label, word32 lableSz); 00324 #if defined(WC_RSA_DIRECT) || defined(WC_RSA_NO_PADDING) 00325 WOLFSSL_API int wc_RsaDirect(byte* in, word32 inLen, byte* out, word32* outSz, 00326 RsaKey* key, int type, WC_RNG* rng); 00327 #endif 00328 00329 #endif /* HAVE_FIPS */ 00330 00331 WOLFSSL_API int wc_RsaFlattenPublicKey(RsaKey*, byte*, word32*, byte*, 00332 word32*); 00333 WOLFSSL_API int wc_RsaExportKey(RsaKey* key, 00334 byte* e, word32* eSz, 00335 byte* n, word32* nSz, 00336 byte* d, word32* dSz, 00337 byte* p, word32* pSz, 00338 byte* q, word32* qSz); 00339 00340 WOLFSSL_API int wc_RsaKeyToPublicDer(RsaKey*, byte* output, word32 inLen); 00341 00342 #ifdef WOLFSSL_KEY_GEN 00343 WOLFSSL_API int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng); 00344 WOLFSSL_API int wc_CheckProbablePrime_ex(const byte* p, word32 pSz, 00345 const byte* q, word32 qSz, 00346 const byte* e, word32 eSz, 00347 int nlen, int* isPrime, WC_RNG* rng); 00348 WOLFSSL_API int wc_CheckProbablePrime(const byte* p, word32 pSz, 00349 const byte* q, word32 qSz, 00350 const byte* e, word32 eSz, 00351 int nlen, int* isPrime); 00352 #endif 00353 00354 WOLFSSL_LOCAL int wc_RsaPad_ex(const byte* input, word32 inputLen, byte* pkcsBlock, 00355 word32 pkcsBlockLen, byte padValue, WC_RNG* rng, int padType, 00356 enum wc_HashType hType, int mgf, byte* optLabel, word32 labelLen, 00357 int saltLen, int bits, void* heap); 00358 WOLFSSL_LOCAL int wc_RsaUnPad_ex(byte* pkcsBlock, word32 pkcsBlockLen, byte** out, 00359 byte padValue, int padType, enum wc_HashType hType, 00360 int mgf, byte* optLabel, word32 labelLen, int saltLen, 00361 int bits, void* heap); 00362 00363 #endif /* HAVE_USER_RSA */ 00364 00365 #ifdef __cplusplus 00366 } /* extern "C" */ 00367 #endif 00368 00369 #endif /* NO_RSA */ 00370 #endif /* WOLF_CRYPT_RSA_H */ 00371 00372
Generated on Tue Jul 12 2022 20:58:42 by 1.7.2