mbed TLS v2.16.1
rsa.h
Go to the documentation of this file.
1 
12 /*
13  * Copyright (C) 2006-2018, Arm Limited (or its affiliates), All Rights Reserved
14  * SPDX-License-Identifier: GPL-2.0
15  *
16  * This program is free software; you can redistribute it and/or modify
17  * it under the terms of the GNU General Public License as published by
18  * the Free Software Foundation; either version 2 of the License, or
19  * (at your option) any later version.
20  *
21  * This program is distributed in the hope that it will be useful,
22  * but WITHOUT ANY WARRANTY; without even the implied warranty of
23  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
24  * GNU General Public License for more details.
25  *
26  * You should have received a copy of the GNU General Public License along
27  * with this program; if not, write to the Free Software Foundation, Inc.,
28  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
29  *
30  * This file is part of Mbed TLS (https://tls.mbed.org)
31  */
32 #ifndef MBEDTLS_RSA_H
33 #define MBEDTLS_RSA_H
34 
35 #if !defined(MBEDTLS_CONFIG_FILE)
36 #include "config.h"
37 #else
38 #include MBEDTLS_CONFIG_FILE
39 #endif
40 
41 #include "bignum.h"
42 #include "md.h"
43 
44 #if defined(MBEDTLS_THREADING_C)
45 #include "threading.h"
46 #endif
47 
48 /*
49  * RSA Error codes
50  */
51 #define MBEDTLS_ERR_RSA_BAD_INPUT_DATA -0x4080
52 #define MBEDTLS_ERR_RSA_INVALID_PADDING -0x4100
53 #define MBEDTLS_ERR_RSA_KEY_GEN_FAILED -0x4180
54 #define MBEDTLS_ERR_RSA_KEY_CHECK_FAILED -0x4200
55 #define MBEDTLS_ERR_RSA_PUBLIC_FAILED -0x4280
56 #define MBEDTLS_ERR_RSA_PRIVATE_FAILED -0x4300
57 #define MBEDTLS_ERR_RSA_VERIFY_FAILED -0x4380
58 #define MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE -0x4400
59 #define MBEDTLS_ERR_RSA_RNG_FAILED -0x4480
61 /* MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION is deprecated and should not be used.
62  */
63 #define MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION -0x4500
65 /* MBEDTLS_ERR_RSA_HW_ACCEL_FAILED is deprecated and should not be used. */
66 #define MBEDTLS_ERR_RSA_HW_ACCEL_FAILED -0x4580
68 /*
69  * RSA constants
70  */
71 #define MBEDTLS_RSA_PUBLIC 0
72 #define MBEDTLS_RSA_PRIVATE 1
74 #define MBEDTLS_RSA_PKCS_V15 0
75 #define MBEDTLS_RSA_PKCS_V21 1
77 #define MBEDTLS_RSA_SIGN 1
78 #define MBEDTLS_RSA_CRYPT 2
80 #define MBEDTLS_RSA_SALT_LEN_ANY -1
81 
82 /*
83  * The above constants may be used even if the RSA module is compile out,
84  * eg for alternative (PKCS#11) RSA implemenations in the PK layers.
85  */
86 
87 #ifdef __cplusplus
88 extern "C" {
89 #endif
90 
91 #if !defined(MBEDTLS_RSA_ALT)
92 // Regular implementation
93 //
94 
102 typedef struct mbedtls_rsa_context
103 {
104  int ver;
105  size_t len;
126  int padding;
129  int hash_id;
133 #if defined(MBEDTLS_THREADING_C)
134  mbedtls_threading_mutex_t mutex;
135 #endif
136 }
138 
139 #else /* MBEDTLS_RSA_ALT */
140 #include "rsa_alt.h"
141 #endif /* MBEDTLS_RSA_ALT */
142 
171  int padding,
172  int hash_id );
173 
204  const mbedtls_mpi *N,
205  const mbedtls_mpi *P, const mbedtls_mpi *Q,
206  const mbedtls_mpi *D, const mbedtls_mpi *E );
207 
243  unsigned char const *N, size_t N_len,
244  unsigned char const *P, size_t P_len,
245  unsigned char const *Q, size_t Q_len,
246  unsigned char const *D, size_t D_len,
247  unsigned char const *E, size_t E_len );
248 
282 
325  mbedtls_mpi *D, mbedtls_mpi *E );
326 
375  unsigned char *N, size_t N_len,
376  unsigned char *P, size_t P_len,
377  unsigned char *Q, size_t Q_len,
378  unsigned char *D, size_t D_len,
379  unsigned char *E, size_t E_len );
380 
401  mbedtls_mpi *DP, mbedtls_mpi *DQ, mbedtls_mpi *QP );
402 
412 void mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding,
413  int hash_id );
414 
423 size_t mbedtls_rsa_get_len( const mbedtls_rsa_context *ctx );
424 
444  int (*f_rng)(void *, unsigned char *, size_t),
445  void *p_rng,
446  unsigned int nbits, int exponent );
447 
463 
501 
514  const mbedtls_rsa_context *prv );
515 
536  const unsigned char *input,
537  unsigned char *output );
538 
571  int (*f_rng)(void *, unsigned char *, size_t),
572  void *p_rng,
573  const unsigned char *input,
574  unsigned char *output );
575 
615  int (*f_rng)(void *, unsigned char *, size_t),
616  void *p_rng,
617  int mode, size_t ilen,
618  const unsigned char *input,
619  unsigned char *output );
620 
655  int (*f_rng)(void *, unsigned char *, size_t),
656  void *p_rng,
657  int mode, size_t ilen,
658  const unsigned char *input,
659  unsigned char *output );
660 
699  int (*f_rng)(void *, unsigned char *, size_t),
700  void *p_rng,
701  int mode,
702  const unsigned char *label, size_t label_len,
703  size_t ilen,
704  const unsigned char *input,
705  unsigned char *output );
706 
752  int (*f_rng)(void *, unsigned char *, size_t),
753  void *p_rng,
754  int mode, size_t *olen,
755  const unsigned char *input,
756  unsigned char *output,
757  size_t output_max_len );
758 
802  int (*f_rng)(void *, unsigned char *, size_t),
803  void *p_rng,
804  int mode, size_t *olen,
805  const unsigned char *input,
806  unsigned char *output,
807  size_t output_max_len );
808 
856  int (*f_rng)(void *, unsigned char *, size_t),
857  void *p_rng,
858  int mode,
859  const unsigned char *label, size_t label_len,
860  size_t *olen,
861  const unsigned char *input,
862  unsigned char *output,
863  size_t output_max_len );
864 
915  int (*f_rng)(void *, unsigned char *, size_t),
916  void *p_rng,
917  int mode,
918  mbedtls_md_type_t md_alg,
919  unsigned int hashlen,
920  const unsigned char *hash,
921  unsigned char *sig );
922 
962  int (*f_rng)(void *, unsigned char *, size_t),
963  void *p_rng,
964  int mode,
965  mbedtls_md_type_t md_alg,
966  unsigned int hashlen,
967  const unsigned char *hash,
968  unsigned char *sig );
969 
1023  int (*f_rng)(void *, unsigned char *, size_t),
1024  void *p_rng,
1025  int mode,
1026  mbedtls_md_type_t md_alg,
1027  unsigned int hashlen,
1028  const unsigned char *hash,
1029  unsigned char *sig );
1030 
1076  int (*f_rng)(void *, unsigned char *, size_t),
1077  void *p_rng,
1078  int mode,
1079  mbedtls_md_type_t md_alg,
1080  unsigned int hashlen,
1081  const unsigned char *hash,
1082  const unsigned char *sig );
1083 
1122  int (*f_rng)(void *, unsigned char *, size_t),
1123  void *p_rng,
1124  int mode,
1125  mbedtls_md_type_t md_alg,
1126  unsigned int hashlen,
1127  const unsigned char *hash,
1128  const unsigned char *sig );
1129 
1179  int (*f_rng)(void *, unsigned char *, size_t),
1180  void *p_rng,
1181  int mode,
1182  mbedtls_md_type_t md_alg,
1183  unsigned int hashlen,
1184  const unsigned char *hash,
1185  const unsigned char *sig );
1186 
1227  int (*f_rng)(void *, unsigned char *, size_t),
1228  void *p_rng,
1229  int mode,
1230  mbedtls_md_type_t md_alg,
1231  unsigned int hashlen,
1232  const unsigned char *hash,
1233  mbedtls_md_type_t mgf1_hash_id,
1234  int expected_salt_len,
1235  const unsigned char *sig );
1236 
1247 
1256 
1257 #if defined(MBEDTLS_SELF_TEST)
1258 
1265 int mbedtls_rsa_self_test( int verbose );
1266 
1267 #endif /* MBEDTLS_SELF_TEST */
1268 
1269 #ifdef __cplusplus
1270 }
1271 #endif
1272 
1273 #endif /* rsa.h */
int mbedtls_rsa_self_test(int verbose)
The RSA checkup routine.
mbedtls_mpi DP
Definition: rsa.h:114
int mbedtls_rsa_export_raw(const mbedtls_rsa_context *ctx, unsigned char *N, size_t N_len, unsigned char *P, size_t P_len, unsigned char *Q, size_t Q_len, unsigned char *D, size_t D_len, unsigned char *E, size_t E_len)
This function exports core parameters of an RSA key in raw big-endian binary format.
int mbedtls_rsa_rsassa_pkcs1_v15_sign(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig)
This function performs a PKCS#1 v1.5 signature operation (RSASSA-PKCS1-v1_5-SIGN).
int mbedtls_rsa_public(mbedtls_rsa_context *ctx, const unsigned char *input, unsigned char *output)
This function performs an RSA public key operation.
int mbedtls_rsa_rsaes_oaep_decrypt(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, const unsigned char *label, size_t label_len, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len)
This function performs a PKCS#1 v2.1 OAEP decryption operation (RSAES-OAEP-DECRYPT).
int mbedtls_rsa_import(mbedtls_rsa_context *ctx, const mbedtls_mpi *N, const mbedtls_mpi *P, const mbedtls_mpi *Q, const mbedtls_mpi *D, const mbedtls_mpi *E)
This function imports a set of core parameters into an RSA context.
int mbedtls_rsa_pkcs1_verify(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, const unsigned char *sig)
This function performs a public RSA operation and checks the message digest.
Configuration options (set of defines)
int mbedtls_rsa_complete(mbedtls_rsa_context *ctx)
This function completes an RSA context from a set of imported core parameters.
mbedtls_mpi DQ
Definition: rsa.h:115
int mbedtls_rsa_pkcs1_sign(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig)
This function performs a private RSA operation to sign a message digest using PKCS#1.
void mbedtls_rsa_set_padding(mbedtls_rsa_context *ctx, int padding, int hash_id)
This function sets padding for an already initialized RSA context. See mbedtls_rsa_init() for details...
Multi-precision integer library.
int mbedtls_rsa_rsassa_pss_verify_ext(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, mbedtls_md_type_t mgf1_hash_id, int expected_salt_len, const unsigned char *sig)
This function performs a PKCS#1 v2.1 PSS verification operation (RSASSA-PSS-VERIFY).
int mbedtls_rsa_pkcs1_decrypt(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len)
This function performs an RSA operation, then removes the message padding.
int mbedtls_rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig)
This function performs a PKCS#1 v2.1 PSS signature operation (RSASSA-PSS-SIGN).
int mbedtls_rsa_import_raw(mbedtls_rsa_context *ctx, unsigned char const *N, size_t N_len, unsigned char const *P, size_t P_len, unsigned char const *Q, size_t Q_len, unsigned char const *D, size_t D_len, unsigned char const *E, size_t E_len)
This function imports core RSA parameters, in raw big-endian binary format, into an RSA context...
mbedtls_mpi RP
Definition: rsa.h:120
int mbedtls_rsa_check_pub_priv(const mbedtls_rsa_context *pub, const mbedtls_rsa_context *prv)
This function checks a public-private RSA key pair.
Threading abstraction layer.
mbedtls_mpi P
Definition: rsa.h:111
struct mbedtls_rsa_context mbedtls_rsa_context
The RSA context structure.
int mbedtls_rsa_export(const mbedtls_rsa_context *ctx, mbedtls_mpi *N, mbedtls_mpi *P, mbedtls_mpi *Q, mbedtls_mpi *D, mbedtls_mpi *E)
This function exports the core parameters of an RSA key.
int mbedtls_rsa_private(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, const unsigned char *input, unsigned char *output)
This function performs an RSA private key operation.
int mbedtls_rsa_rsaes_pkcs1_v15_decrypt(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len)
This function performs a PKCS#1 v1.5 decryption operation (RSAES-PKCS1-v1_5-DECRYPT).
int mbedtls_rsa_rsassa_pkcs1_v15_verify(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, const unsigned char *sig)
This function performs a PKCS#1 v1.5 verification operation (RSASSA-PKCS1-v1_5-VERIFY).
mbedtls_mpi E
Definition: rsa.h:108
int mbedtls_rsa_export_crt(const mbedtls_rsa_context *ctx, mbedtls_mpi *DP, mbedtls_mpi *DQ, mbedtls_mpi *QP)
This function exports CRT parameters of a private RSA key.
size_t len
Definition: rsa.h:105
mbedtls_mpi Vf
Definition: rsa.h:124
int mbedtls_rsa_pkcs1_encrypt(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t ilen, const unsigned char *input, unsigned char *output)
This function adds the message padding, then performs an RSA operation.
mbedtls_mpi QP
Definition: rsa.h:116
mbedtls_mpi D
Definition: rsa.h:110
This file contains the generic message-digest wrapper.
int mbedtls_rsa_rsassa_pss_verify(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, const unsigned char *sig)
This function performs a PKCS#1 v2.1 PSS verification operation (RSASSA-PSS-VERIFY).
int mbedtls_rsa_rsaes_pkcs1_v15_encrypt(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t ilen, const unsigned char *input, unsigned char *output)
This function performs a PKCS#1 v1.5 encryption operation (RSAES-PKCS1-v1_5-ENCRYPT).
size_t mbedtls_rsa_get_len(const mbedtls_rsa_context *ctx)
This function retrieves the length of RSA modulus in Bytes.
MPI structure.
Definition: bignum.h:182
mbedtls_mpi N
Definition: rsa.h:107
int mbedtls_rsa_check_pubkey(const mbedtls_rsa_context *ctx)
This function checks if a context contains at least an RSA public key.
mbedtls_mpi RN
Definition: rsa.h:118
void mbedtls_rsa_free(mbedtls_rsa_context *ctx)
This function frees the components of an RSA key.
mbedtls_mpi RQ
Definition: rsa.h:121
int mbedtls_rsa_gen_key(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, unsigned int nbits, int exponent)
This function generates an RSA keypair.
int mbedtls_rsa_copy(mbedtls_rsa_context *dst, const mbedtls_rsa_context *src)
This function copies the components of an RSA context.
int mbedtls_rsa_check_privkey(const mbedtls_rsa_context *ctx)
This function checks if a context contains an RSA private key and perform basic consistency checks...
mbedtls_mpi Vi
Definition: rsa.h:123
mbedtls_md_type_t
Supported message digests.
Definition: md.h:60
mbedtls_mpi Q
Definition: rsa.h:112
The RSA context structure.
Definition: rsa.h:102
int mbedtls_rsa_rsaes_oaep_encrypt(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, const unsigned char *label, size_t label_len, size_t ilen, const unsigned char *input, unsigned char *output)
This function performs a PKCS#1 v2.1 OAEP encryption operation (RSAES-OAEP-ENCRYPT).
void mbedtls_rsa_init(mbedtls_rsa_context *ctx, int padding, int hash_id)
This function initializes an RSA context.