mbed TLS v2.7.16
rsa.h
Go to the documentation of this file.
1 
11 /*
12  * Copyright (C) 2006-2018, Arm Limited (or its affiliates), All Rights Reserved
13  * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
14  *
15  * This file is provided under the Apache License 2.0, or the
16  * GNU General Public License v2.0 or later.
17  *
18  * **********
19  * Apache License 2.0:
20  *
21  * Licensed under the Apache License, Version 2.0 (the "License"); you may
22  * not use this file except in compliance with the License.
23  * You may obtain a copy of the License at
24  *
25  * http://www.apache.org/licenses/LICENSE-2.0
26  *
27  * Unless required by applicable law or agreed to in writing, software
28  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
29  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
30  * See the License for the specific language governing permissions and
31  * limitations under the License.
32  *
33  * **********
34  *
35  * **********
36  * GNU General Public License v2.0 or later:
37  *
38  * This program is free software; you can redistribute it and/or modify
39  * it under the terms of the GNU General Public License as published by
40  * the Free Software Foundation; either version 2 of the License, or
41  * (at your option) any later version.
42  *
43  * This program is distributed in the hope that it will be useful,
44  * but WITHOUT ANY WARRANTY; without even the implied warranty of
45  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
46  * GNU General Public License for more details.
47  *
48  * You should have received a copy of the GNU General Public License along
49  * with this program; if not, write to the Free Software Foundation, Inc.,
50  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
51  *
52  * **********
53  *
54  * This file is part of Mbed TLS (https://tls.mbed.org)
55  */
56 #ifndef MBEDTLS_RSA_H
57 #define MBEDTLS_RSA_H
58 
59 #if !defined(MBEDTLS_CONFIG_FILE)
60 #include "config.h"
61 #else
62 #include MBEDTLS_CONFIG_FILE
63 #endif
64 
65 #include "bignum.h"
66 #include "md.h"
67 
68 #if defined(MBEDTLS_THREADING_C)
69 #include "threading.h"
70 #endif
71 
72 /*
73  * RSA Error codes
74  */
75 #define MBEDTLS_ERR_RSA_BAD_INPUT_DATA -0x4080
76 #define MBEDTLS_ERR_RSA_INVALID_PADDING -0x4100
77 #define MBEDTLS_ERR_RSA_KEY_GEN_FAILED -0x4180
78 #define MBEDTLS_ERR_RSA_KEY_CHECK_FAILED -0x4200
79 #define MBEDTLS_ERR_RSA_PUBLIC_FAILED -0x4280
80 #define MBEDTLS_ERR_RSA_PRIVATE_FAILED -0x4300
81 #define MBEDTLS_ERR_RSA_VERIFY_FAILED -0x4380
82 #define MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE -0x4400
83 #define MBEDTLS_ERR_RSA_RNG_FAILED -0x4480
84 #define MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION -0x4500
85 #define MBEDTLS_ERR_RSA_HW_ACCEL_FAILED -0x4580
87 /*
88  * RSA constants
89  */
90 #define MBEDTLS_RSA_PUBLIC 0
91 #define MBEDTLS_RSA_PRIVATE 1
93 #define MBEDTLS_RSA_PKCS_V15 0
94 #define MBEDTLS_RSA_PKCS_V21 1
96 #define MBEDTLS_RSA_SIGN 1
97 #define MBEDTLS_RSA_CRYPT 2
99 #define MBEDTLS_RSA_SALT_LEN_ANY -1
100 
101 /*
102  * The above constants may be used even if the RSA module is compile out,
103  * eg for alternative (PKCS#11) RSA implemenations in the PK layers.
104  */
105 
106 #if !defined(MBEDTLS_RSA_ALT)
107 // Regular implementation
108 //
109 
110 #ifdef __cplusplus
111 extern "C" {
112 #endif
113 
121 typedef struct
122 {
123  int ver;
124  size_t len;
145  int padding;
148  int hash_id;
152 #if defined(MBEDTLS_THREADING_C)
153  mbedtls_threading_mutex_t mutex;
154 #endif
155 }
157 
185  int padding,
186  int hash_id);
187 
217  const mbedtls_mpi *N,
218  const mbedtls_mpi *P, const mbedtls_mpi *Q,
219  const mbedtls_mpi *D, const mbedtls_mpi *E );
220 
255  unsigned char const *N, size_t N_len,
256  unsigned char const *P, size_t P_len,
257  unsigned char const *Q, size_t Q_len,
258  unsigned char const *D, size_t D_len,
259  unsigned char const *E, size_t E_len );
260 
293 
331  mbedtls_mpi *D, mbedtls_mpi *E );
332 
378  unsigned char *N, size_t N_len,
379  unsigned char *P, size_t P_len,
380  unsigned char *Q, size_t Q_len,
381  unsigned char *D, size_t D_len,
382  unsigned char *E, size_t E_len );
383 
400  mbedtls_mpi *DP, mbedtls_mpi *DQ, mbedtls_mpi *QP );
401 
411 void mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding,
412  int hash_id);
413 
422 size_t mbedtls_rsa_get_len( const mbedtls_rsa_context *ctx );
423 
440  int (*f_rng)(void *, unsigned char *, size_t),
441  void *p_rng,
442  unsigned int nbits, int exponent );
443 
459 
497 
510  const mbedtls_rsa_context *prv );
511 
531  const unsigned char *input,
532  unsigned char *output );
533 
562  int (*f_rng)(void *, unsigned char *, size_t),
563  void *p_rng,
564  const unsigned char *input,
565  unsigned char *output );
566 
600  int (*f_rng)(void *, unsigned char *, size_t),
601  void *p_rng,
602  int mode, size_t ilen,
603  const unsigned char *input,
604  unsigned char *output );
605 
635  int (*f_rng)(void *, unsigned char *, size_t),
636  void *p_rng,
637  int mode, size_t ilen,
638  const unsigned char *input,
639  unsigned char *output );
640 
672  int (*f_rng)(void *, unsigned char *, size_t),
673  void *p_rng,
674  int mode,
675  const unsigned char *label, size_t label_len,
676  size_t ilen,
677  const unsigned char *input,
678  unsigned char *output );
679 
719  int (*f_rng)(void *, unsigned char *, size_t),
720  void *p_rng,
721  int mode, size_t *olen,
722  const unsigned char *input,
723  unsigned char *output,
724  size_t output_max_len );
725 
762  int (*f_rng)(void *, unsigned char *, size_t),
763  void *p_rng,
764  int mode, size_t *olen,
765  const unsigned char *input,
766  unsigned char *output,
767  size_t output_max_len );
768 
808  int (*f_rng)(void *, unsigned char *, size_t),
809  void *p_rng,
810  int mode,
811  const unsigned char *label, size_t label_len,
812  size_t *olen,
813  const unsigned char *input,
814  unsigned char *output,
815  size_t output_max_len );
816 
856  int (*f_rng)(void *, unsigned char *, size_t),
857  void *p_rng,
858  int mode,
859  mbedtls_md_type_t md_alg,
860  unsigned int hashlen,
861  const unsigned char *hash,
862  unsigned char *sig );
863 
896  int (*f_rng)(void *, unsigned char *, size_t),
897  void *p_rng,
898  int mode,
899  mbedtls_md_type_t md_alg,
900  unsigned int hashlen,
901  const unsigned char *hash,
902  unsigned char *sig );
903 
944  int (*f_rng)(void *, unsigned char *, size_t),
945  void *p_rng,
946  int mode,
947  mbedtls_md_type_t md_alg,
948  unsigned int hashlen,
949  const unsigned char *hash,
950  unsigned char *sig );
951 
990  int (*f_rng)(void *, unsigned char *, size_t),
991  void *p_rng,
992  int mode,
993  mbedtls_md_type_t md_alg,
994  unsigned int hashlen,
995  const unsigned char *hash,
996  const unsigned char *sig );
997 
1029  int (*f_rng)(void *, unsigned char *, size_t),
1030  void *p_rng,
1031  int mode,
1032  mbedtls_md_type_t md_alg,
1033  unsigned int hashlen,
1034  const unsigned char *hash,
1035  const unsigned char *sig );
1036 
1079  int (*f_rng)(void *, unsigned char *, size_t),
1080  void *p_rng,
1081  int mode,
1082  mbedtls_md_type_t md_alg,
1083  unsigned int hashlen,
1084  const unsigned char *hash,
1085  const unsigned char *sig );
1086 
1117  int (*f_rng)(void *, unsigned char *, size_t),
1118  void *p_rng,
1119  int mode,
1120  mbedtls_md_type_t md_alg,
1121  unsigned int hashlen,
1122  const unsigned char *hash,
1123  mbedtls_md_type_t mgf1_hash_id,
1124  int expected_salt_len,
1125  const unsigned char *sig );
1126 
1137 
1144 
1145 #ifdef __cplusplus
1146 }
1147 #endif
1148 
1149 #else /* MBEDTLS_RSA_ALT */
1150 #include "rsa_alt.h"
1151 #endif /* MBEDTLS_RSA_ALT */
1152 
1153 #ifdef __cplusplus
1154 extern "C" {
1155 #endif
1156 
1162 int mbedtls_rsa_self_test( int verbose );
1163 
1164 #ifdef __cplusplus
1165 }
1166 #endif
1167 
1168 #endif /* rsa.h */
int mbedtls_rsa_self_test(int verbose)
The RSA checkup routine.
mbedtls_mpi DP
Definition: rsa.h:133
int mbedtls_rsa_export_raw(const mbedtls_rsa_context *ctx, unsigned char *N, size_t N_len, unsigned char *P, size_t P_len, unsigned char *Q, size_t Q_len, unsigned char *D, size_t D_len, unsigned char *E, size_t E_len)
This function exports core parameters of an RSA key in raw big-endian binary format.
int mbedtls_rsa_rsassa_pkcs1_v15_sign(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig)
This function performs a PKCS#1 v1.5 signature operation (RSASSA-PKCS1-v1_5-SIGN).
int mbedtls_rsa_public(mbedtls_rsa_context *ctx, const unsigned char *input, unsigned char *output)
This function performs an RSA public key operation.
int mbedtls_rsa_rsaes_oaep_decrypt(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, const unsigned char *label, size_t label_len, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len)
This function performs a PKCS#1 v2.1 OAEP decryption operation (RSAES-OAEP-DECRYPT).
int mbedtls_rsa_import(mbedtls_rsa_context *ctx, const mbedtls_mpi *N, const mbedtls_mpi *P, const mbedtls_mpi *Q, const mbedtls_mpi *D, const mbedtls_mpi *E)
This function imports a set of core parameters into an RSA context.
int mbedtls_rsa_pkcs1_verify(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, const unsigned char *sig)
This function performs a public RSA operation and checks the message digest.
Configuration options (set of defines)
int mbedtls_rsa_complete(mbedtls_rsa_context *ctx)
This function completes an RSA context from a set of imported core parameters.
mbedtls_mpi DQ
Definition: rsa.h:134
int mbedtls_rsa_pkcs1_sign(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig)
This function performs a private RSA operation to sign a message digest using PKCS#1.
void mbedtls_rsa_set_padding(mbedtls_rsa_context *ctx, int padding, int hash_id)
This function sets padding for an already initialized RSA context. See mbedtls_rsa_init() for details...
Multi-precision integer library.
int mbedtls_rsa_rsassa_pss_verify_ext(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, mbedtls_md_type_t mgf1_hash_id, int expected_salt_len, const unsigned char *sig)
This function performs a PKCS#1 v2.1 PSS verification operation (RSASSA-PSS-VERIFY).
int mbedtls_rsa_pkcs1_decrypt(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len)
This function performs an RSA operation, then removes the message padding.
int mbedtls_rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig)
This function performs a PKCS#1 v2.1 PSS signature operation (RSASSA-PSS-SIGN).
int mbedtls_rsa_import_raw(mbedtls_rsa_context *ctx, unsigned char const *N, size_t N_len, unsigned char const *P, size_t P_len, unsigned char const *Q, size_t Q_len, unsigned char const *D, size_t D_len, unsigned char const *E, size_t E_len)
This function imports core RSA parameters, in raw big-endian binary format, into an RSA context...
mbedtls_mpi RP
Definition: rsa.h:139
int mbedtls_rsa_check_pub_priv(const mbedtls_rsa_context *pub, const mbedtls_rsa_context *prv)
This function checks a public-private RSA key pair.
Threading abstraction layer.
mbedtls_mpi P
Definition: rsa.h:130
int mbedtls_rsa_export(const mbedtls_rsa_context *ctx, mbedtls_mpi *N, mbedtls_mpi *P, mbedtls_mpi *Q, mbedtls_mpi *D, mbedtls_mpi *E)
This function exports the core parameters of an RSA key.
int mbedtls_rsa_private(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, const unsigned char *input, unsigned char *output)
This function performs an RSA private key operation.
int mbedtls_rsa_rsaes_pkcs1_v15_decrypt(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len)
This function performs a PKCS#1 v1.5 decryption operation (RSAES-PKCS1-v1_5-DECRYPT).
int mbedtls_rsa_rsassa_pkcs1_v15_verify(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, const unsigned char *sig)
This function performs a PKCS#1 v1.5 verification operation (RSASSA-PKCS1-v1_5-VERIFY).
mbedtls_mpi E
Definition: rsa.h:127
int mbedtls_rsa_export_crt(const mbedtls_rsa_context *ctx, mbedtls_mpi *DP, mbedtls_mpi *DQ, mbedtls_mpi *QP)
This function exports CRT parameters of a private RSA key.
size_t len
Definition: rsa.h:124
mbedtls_mpi Vf
Definition: rsa.h:143
int mbedtls_rsa_pkcs1_encrypt(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t ilen, const unsigned char *input, unsigned char *output)
This function adds the message padding, then performs an RSA operation.
mbedtls_mpi QP
Definition: rsa.h:135
mbedtls_mpi D
Definition: rsa.h:129
The generic message-digest wrapper.
int mbedtls_rsa_rsassa_pss_verify(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, const unsigned char *sig)
This function performs a PKCS#1 v2.1 PSS verification operation (RSASSA-PSS-VERIFY).
int mbedtls_rsa_rsaes_pkcs1_v15_encrypt(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t ilen, const unsigned char *input, unsigned char *output)
This function performs a PKCS#1 v1.5 encryption operation (RSAES-PKCS1-v1_5-ENCRYPT).
size_t mbedtls_rsa_get_len(const mbedtls_rsa_context *ctx)
This function retrieves the length of RSA modulus in Bytes.
MPI structure.
Definition: bignum.h:207
mbedtls_mpi N
Definition: rsa.h:126
int mbedtls_rsa_check_pubkey(const mbedtls_rsa_context *ctx)
This function checks if a context contains at least an RSA public key.
mbedtls_mpi RN
Definition: rsa.h:137
void mbedtls_rsa_free(mbedtls_rsa_context *ctx)
This function frees the components of an RSA key.
mbedtls_mpi RQ
Definition: rsa.h:140
int mbedtls_rsa_gen_key(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, unsigned int nbits, int exponent)
This function generates an RSA keypair.
int mbedtls_rsa_copy(mbedtls_rsa_context *dst, const mbedtls_rsa_context *src)
This function copies the components of an RSA context.
int mbedtls_rsa_check_privkey(const mbedtls_rsa_context *ctx)
This function checks if a context contains an RSA private key and perform basic consistency checks...
mbedtls_mpi Vi
Definition: rsa.h:142
mbedtls_md_type_t
Enumeration of supported message digests.
Definition: md.h:83
mbedtls_mpi Q
Definition: rsa.h:131
The RSA context structure.
Definition: rsa.h:121
int mbedtls_rsa_rsaes_oaep_encrypt(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, const unsigned char *label, size_t label_len, size_t ilen, const unsigned char *input, unsigned char *output)
This function performs a PKCS#1 v2.1 OAEP encryption operation (RSAES-OAEP-ENCRYPT).
void mbedtls_rsa_init(mbedtls_rsa_context *ctx, int padding, int hash_id)
This function initializes an RSA context.