source: azure_iot_hub/trunk/wolfssl-3.15.7/wolfssl/wolfcrypt/rsa.h@ 388

Last change on this file since 388 was 388, checked in by coas-nagasima, 5 years ago

Azure IoT Hub Device C SDK を使ったサンプルの追加
  • Property svn:eol-style set to native
  • Property svn:keywords set to Id
  • Property svn:mime-type set to text/x-chdr
File size: 12.2 KB
Line 
1/* rsa.h
2 *
3 * Copyright (C) 2006-2017 wolfSSL Inc.
4 *
5 * This file is part of wolfSSL.
6 *
7 * wolfSSL is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
11 *
12 * wolfSSL is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
20 */
21
22/*!
23 \file wolfssl/wolfcrypt/rsa.h
24*/
25
26
27#ifndef WOLF_CRYPT_RSA_H
28#define WOLF_CRYPT_RSA_H
29
30#include <wolfssl/wolfcrypt/types.h>
31
32#ifndef NO_RSA
33
34
35/* RSA default exponent */
36#ifndef WC_RSA_EXPONENT
37 #define WC_RSA_EXPONENT 65537L
38#endif
39
40#if defined(WC_RSA_NONBLOCK)
41 /* enable support for fast math based non-blocking exptmod */
42 /* this splits the RSA function into many smaller operations */
43 #ifndef USE_FAST_MATH
44 #error RSA non-blocking mode only supported using fast math
45 #endif
46 #ifndef TFM_TIMING_RESISTANT
47 #error RSA non-blocking mode only supported with timing resistance enabled
48 #endif
49
50 /* RSA bounds check is not supported with RSA non-blocking mode */
51 #undef NO_RSA_BOUNDS_CHECK
52 #define NO_RSA_BOUNDS_CHECK
53#endif
54
55/* allow for user to plug in own crypto */
56#if !defined(HAVE_FIPS) && (defined(HAVE_USER_RSA) || defined(HAVE_FAST_RSA))
57 #include "user_rsa.h"
58#else
59
60#if defined(HAVE_FIPS) && \
61 (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
62/* for fips @wc_fips */
63#include <cyassl/ctaocrypt/rsa.h>
64#if defined(CYASSL_KEY_GEN) && !defined(WOLFSSL_KEY_GEN)
65 #define WOLFSSL_KEY_GEN
66#endif
67#else
68 #include <wolfssl/wolfcrypt/integer.h>
69 #include <wolfssl/wolfcrypt/random.h>
70#endif /* HAVE_FIPS && HAVE_FIPS_VERION 1 */
71#if defined(HAVE_FIPS) && \
72 defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
73#include <wolfssl/wolfcrypt/fips.h>
74#endif
75
76/* header file needed for OAEP padding */
77#include <wolfssl/wolfcrypt/hash.h>
78
79#ifdef WOLFSSL_XILINX_CRYPT
80#include "xsecure_rsa.h"
81#endif
82
83#ifdef __cplusplus
84 extern "C" {
85#endif
86
87enum {
88 RSA_MIN_SIZE = 512,
89 RSA_MAX_SIZE = 4096,
90};
91
92/* avoid redefinition of structs */
93#if !defined(HAVE_FIPS) || \
94 (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
95
96#ifdef WOLFSSL_ASYNC_CRYPT
97 #include <wolfssl/wolfcrypt/async.h>
98 #ifdef WOLFSSL_CERT_GEN
99 #include <wolfssl/wolfcrypt/asn.h>
100 #endif
101#endif
102
103enum {
104 RSA_PUBLIC = 0,
105 RSA_PRIVATE = 1,
106
107 RSA_TYPE_UNKNOWN = -1,
108 RSA_PUBLIC_ENCRYPT = 0,
109 RSA_PUBLIC_DECRYPT = 1,
110 RSA_PRIVATE_ENCRYPT = 2,
111 RSA_PRIVATE_DECRYPT = 3,
112
113 RSA_BLOCK_TYPE_1 = 1,
114 RSA_BLOCK_TYPE_2 = 2,
115
116 RSA_MIN_PAD_SZ = 11, /* separator + 0 + pad value + 8 pads */
117
118 RSA_PSS_PAD_SZ = 8,
119 RSA_PSS_SALT_MAX_SZ = 62,
120
121#ifdef OPENSSL_EXTRA
122 RSA_PKCS1_PADDING_SIZE = 11,
123 RSA_PKCS1_OAEP_PADDING_SIZE = 42, /* (2 * hashlen(SHA-1)) + 2 */
124#endif
125#ifdef WC_RSA_PSS
126 RSA_PSS_PAD_TERM = 0xBC,
127#endif
128
129#ifdef HAVE_PKCS11
130 RSA_MAX_ID_LEN = 32,
131 #endif
132};
133
134#ifdef WC_RSA_NONBLOCK
135typedef struct RsaNb {
136 exptModNb_t exptmod; /* non-block expt_mod */
137 mp_int tmp;
138} RsaNb;
139#endif
140
141/* RSA */
142struct RsaKey {
143 mp_int n, e;
144#ifndef WOLFSSL_RSA_PUBLIC_ONLY
145 mp_int d, p, q;
146#if defined(WOLFSSL_KEY_GEN) || defined(OPENSSL_EXTRA) || !defined(RSA_LOW_MEM)
147 mp_int dP, dQ, u;
148#endif
149#endif
150 void* heap; /* for user memory overrides */
151 byte* data; /* temp buffer for async RSA */
152 int type; /* public or private */
153 int state;
154 word32 dataLen;
155#ifdef WC_RSA_BLINDING
156 WC_RNG* rng; /* for PrivateDecrypt blinding */
157#endif
158#ifdef WOLF_CRYPTO_DEV
159 int devId;
160#endif
161#ifdef WOLFSSL_ASYNC_CRYPT
162 WC_ASYNC_DEV asyncDev;
163 #ifdef WOLFSSL_CERT_GEN
164 CertSignCtx certSignCtx; /* context info for cert sign (MakeSignature) */
165 #endif
166#endif /* WOLFSSL_ASYNC_CRYPT */
167#ifdef WOLFSSL_XILINX_CRYPT
168 word32 pubExp; /* to keep values in scope they are here in struct */
169 byte* mod;
170 XSecure_Rsa xRsa;
171#endif
172#ifdef HAVE_PKCS11
173 byte id[RSA_MAX_ID_LEN];
174 int idLen;
175#endif
176#if defined(WOLFSSL_ASYNC_CRYPT) || !defined(WOLFSSL_RSA_VERIFY_INLINE)
177 byte dataIsAlloc;
178#endif
179#ifdef WC_RSA_NONBLOCK
180 RsaNb* nb;
181#endif
182};
183
184#ifndef WC_RSAKEY_TYPE_DEFINED
185 typedef struct RsaKey RsaKey;
186 #define WC_RSAKEY_TYPE_DEFINED
187#endif
188
189#endif /*HAVE_FIPS */
190
191WOLFSSL_API int wc_InitRsaKey(RsaKey* key, void* heap);
192WOLFSSL_API int wc_InitRsaKey_ex(RsaKey* key, void* heap, int devId);
193WOLFSSL_API int wc_FreeRsaKey(RsaKey* key);
194#ifdef HAVE_PKCS11
195WOLFSSL_API int wc_InitRsaKey_Id(RsaKey* key, unsigned char* id, int len,
196 void* heap, int devId);
197#endif
198WOLFSSL_API int wc_CheckRsaKey(RsaKey* key);
199#ifdef WOLFSSL_XILINX_CRYPT
200WOLFSSL_LOCAL int wc_InitRsaHw(RsaKey* key);
201#endif /* WOLFSSL_XILINX_CRYPT */
202
203WOLFSSL_API int wc_RsaFunction(const byte* in, word32 inLen, byte* out,
204 word32* outLen, int type, RsaKey* key, WC_RNG* rng);
205
206WOLFSSL_API int wc_RsaPublicEncrypt(const byte* in, word32 inLen, byte* out,
207 word32 outLen, RsaKey* key, WC_RNG* rng);
208WOLFSSL_API int wc_RsaPrivateDecryptInline(byte* in, word32 inLen, byte** out,
209 RsaKey* key);
210WOLFSSL_API int wc_RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out,
211 word32 outLen, RsaKey* key);
212WOLFSSL_API int wc_RsaSSL_Sign(const byte* in, word32 inLen, byte* out,
213 word32 outLen, RsaKey* key, WC_RNG* rng);
214WOLFSSL_API int wc_RsaPSS_Sign(const byte* in, word32 inLen, byte* out,
215 word32 outLen, enum wc_HashType hash, int mgf,
216 RsaKey* key, WC_RNG* rng);
217WOLFSSL_API int wc_RsaPSS_Sign_ex(const byte* in, word32 inLen, byte* out,
218 word32 outLen, enum wc_HashType hash,
219 int mgf, int saltLen, RsaKey* key,
220 WC_RNG* rng);
221WOLFSSL_API int wc_RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out,
222 RsaKey* key);
223WOLFSSL_API int wc_RsaSSL_Verify(const byte* in, word32 inLen, byte* out,
224 word32 outLen, RsaKey* key);
225WOLFSSL_API int wc_RsaPSS_VerifyInline(byte* in, word32 inLen, byte** out,
226 enum wc_HashType hash, int mgf,
227 RsaKey* key);
228WOLFSSL_API int wc_RsaPSS_VerifyInline_ex(byte* in, word32 inLen, byte** out,
229 enum wc_HashType hash, int mgf,
230 int saltLen, RsaKey* key);
231WOLFSSL_API int wc_RsaPSS_Verify(byte* in, word32 inLen, byte* out,
232 word32 outLen, enum wc_HashType hash, int mgf,
233 RsaKey* key);
234WOLFSSL_API int wc_RsaPSS_Verify_ex(byte* in, word32 inLen, byte* out,
235 word32 outLen, enum wc_HashType hash,
236 int mgf, int saltLen, RsaKey* key);
237WOLFSSL_API int wc_RsaPSS_CheckPadding(const byte* in, word32 inLen, byte* sig,
238 word32 sigSz,
239 enum wc_HashType hashType);
240WOLFSSL_API int wc_RsaPSS_CheckPadding_ex(const byte* in, word32 inLen,
241 byte* sig, word32 sigSz,
242 enum wc_HashType hashType,
243 int saltLen, int bits);
244WOLFSSL_API int wc_RsaPSS_VerifyCheckInline(byte* in, word32 inLen, byte** out,
245 const byte* digest, word32 digentLen,
246 enum wc_HashType hash, int mgf,
247 RsaKey* key);
248WOLFSSL_API int wc_RsaPSS_VerifyCheck(byte* in, word32 inLen,
249 byte* out, word32 outLen,
250 const byte* digest, word32 digestLen,
251 enum wc_HashType hash, int mgf,
252 RsaKey* key);
253
254WOLFSSL_API int wc_RsaEncryptSize(RsaKey* key);
255
256#if !defined(HAVE_FIPS) || \
257 (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
258/* to avoid asn duplicate symbols @wc_fips */
259WOLFSSL_API int wc_RsaPrivateKeyDecode(const byte* input, word32* inOutIdx,
260 RsaKey*, word32);
261WOLFSSL_API int wc_RsaPublicKeyDecode(const byte* input, word32* inOutIdx,
262 RsaKey*, word32);
263WOLFSSL_API int wc_RsaPublicKeyDecodeRaw(const byte* n, word32 nSz,
264 const byte* e, word32 eSz, RsaKey* key);
265#ifdef WOLFSSL_KEY_GEN
266 WOLFSSL_API int wc_RsaKeyToDer(RsaKey*, byte* output, word32 inLen);
267#endif
268
269#ifdef WC_RSA_BLINDING
270WOLFSSL_API int wc_RsaSetRNG(RsaKey* key, WC_RNG* rng);
271#endif
272#ifdef WC_RSA_NONBLOCK
273 WOLFSSL_API int wc_RsaSetNonBlock(RsaKey* key, RsaNb* nb);
274 #ifdef WC_RSA_NONBLOCK_TIME
275 WOLFSSL_API int wc_RsaSetNonBlockTime(RsaKey* key, word32 maxBlockUs,
276 word32 cpuMHz);
277 #endif
278#endif
279
280/*
281 choice of padding added after fips, so not available when using fips RSA
282 */
283
284/* Mask Generation Function Identifiers */
285#define WC_MGF1NONE 0
286#define WC_MGF1SHA1 26
287#define WC_MGF1SHA224 4
288#define WC_MGF1SHA256 1
289#define WC_MGF1SHA384 2
290#define WC_MGF1SHA512 3
291
292/* Padding types */
293#define WC_RSA_PKCSV15_PAD 0
294#define WC_RSA_OAEP_PAD 1
295#define WC_RSA_PSS_PAD 2
296#define WC_RSA_NO_PAD 3
297
298WOLFSSL_API int wc_RsaPublicEncrypt_ex(const byte* in, word32 inLen, byte* out,
299 word32 outLen, RsaKey* key, WC_RNG* rng, int type,
300 enum wc_HashType hash, int mgf, byte* label, word32 lableSz);
301WOLFSSL_API int wc_RsaPrivateDecrypt_ex(const byte* in, word32 inLen,
302 byte* out, word32 outLen, RsaKey* key, int type,
303 enum wc_HashType hash, int mgf, byte* label, word32 lableSz);
304WOLFSSL_API int wc_RsaPrivateDecryptInline_ex(byte* in, word32 inLen,
305 byte** out, RsaKey* key, int type, enum wc_HashType hash,
306 int mgf, byte* label, word32 lableSz);
307#if defined(WC_RSA_DIRECT) || defined(WC_RSA_NO_PADDING)
308WOLFSSL_API int wc_RsaDirect(byte* in, word32 inLen, byte* out, word32* outSz,
309 RsaKey* key, int type, WC_RNG* rng);
310#endif
311
312#endif /* HAVE_FIPS*/
313
314WOLFSSL_API int wc_RsaFlattenPublicKey(RsaKey*, byte*, word32*, byte*,
315 word32*);
316WOLFSSL_API int wc_RsaExportKey(RsaKey* key,
317 byte* e, word32* eSz,
318 byte* n, word32* nSz,
319 byte* d, word32* dSz,
320 byte* p, word32* pSz,
321 byte* q, word32* qSz);
322
323 WOLFSSL_API int wc_RsaKeyToPublicDer(RsaKey*, byte* output, word32 inLen);
324
325#ifdef WOLFSSL_KEY_GEN
326 WOLFSSL_API int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng);
327 WOLFSSL_API int wc_CheckProbablePrime_ex(const byte* p, word32 pSz,
328 const byte* q, word32 qSz,
329 const byte* e, word32 eSz,
330 int nlen, int* isPrime, WC_RNG* rng);
331 WOLFSSL_API int wc_CheckProbablePrime(const byte* p, word32 pSz,
332 const byte* q, word32 qSz,
333 const byte* e, word32 eSz,
334 int nlen, int* isPrime);
335#endif
336
337#endif /* HAVE_USER_RSA */
338
339#ifdef __cplusplus
340 } /* extern "C" */
341#endif
342
343#endif /* NO_RSA */
344#endif /* WOLF_CRYPT_RSA_H */
345
Note: See TracBrowser for help on using the repository browser.