mbed TLS v2.16.7
rsa.h
Go to the documentation of this file.
1 
12 /*
13  * Copyright (C) 2006-2018, Arm Limited (or its affiliates), All Rights Reserved
14  * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
15  *
16  * This file is provided under the Apache License 2.0, or the
17  * GNU General Public License v2.0 or later.
18  *
19  * **********
20  * Apache License 2.0:
21  *
22  * Licensed under the Apache License, Version 2.0 (the "License"); you may
23  * not use this file except in compliance with the License.
24  * You may obtain a copy of the License at
25  *
26  * http://www.apache.org/licenses/LICENSE-2.0
27  *
28  * Unless required by applicable law or agreed to in writing, software
29  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
30  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
31  * See the License for the specific language governing permissions and
32  * limitations under the License.
33  *
34  * **********
35  *
36  * **********
37  * GNU General Public License v2.0 or later:
38  *
39  * This program is free software; you can redistribute it and/or modify
40  * it under the terms of the GNU General Public License as published by
41  * the Free Software Foundation; either version 2 of the License, or
42  * (at your option) any later version.
43  *
44  * This program is distributed in the hope that it will be useful,
45  * but WITHOUT ANY WARRANTY; without even the implied warranty of
46  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
47  * GNU General Public License for more details.
48  *
49  * You should have received a copy of the GNU General Public License along
50  * with this program; if not, write to the Free Software Foundation, Inc.,
51  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
52  *
53  * **********
54  *
55  * This file is part of Mbed TLS (https://tls.mbed.org)
56  */
57 #ifndef MBEDTLS_RSA_H
58 #define MBEDTLS_RSA_H
59 
60 #if !defined(MBEDTLS_CONFIG_FILE)
61 #include "config.h"
62 #else
63 #include MBEDTLS_CONFIG_FILE
64 #endif
65 
66 #include "bignum.h"
67 #include "md.h"
68 
69 #if defined(MBEDTLS_THREADING_C)
70 #include "threading.h"
71 #endif
72 
73 /*
74  * RSA Error codes
75  */
76 #define MBEDTLS_ERR_RSA_BAD_INPUT_DATA -0x4080
77 #define MBEDTLS_ERR_RSA_INVALID_PADDING -0x4100
78 #define MBEDTLS_ERR_RSA_KEY_GEN_FAILED -0x4180
79 #define MBEDTLS_ERR_RSA_KEY_CHECK_FAILED -0x4200
80 #define MBEDTLS_ERR_RSA_PUBLIC_FAILED -0x4280
81 #define MBEDTLS_ERR_RSA_PRIVATE_FAILED -0x4300
82 #define MBEDTLS_ERR_RSA_VERIFY_FAILED -0x4380
83 #define MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE -0x4400
84 #define MBEDTLS_ERR_RSA_RNG_FAILED -0x4480
86 /* MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION is deprecated and should not be used.
87  */
88 #define MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION -0x4500
90 /* MBEDTLS_ERR_RSA_HW_ACCEL_FAILED is deprecated and should not be used. */
91 #define MBEDTLS_ERR_RSA_HW_ACCEL_FAILED -0x4580
93 /*
94  * RSA constants
95  */
96 #define MBEDTLS_RSA_PUBLIC 0
97 #define MBEDTLS_RSA_PRIVATE 1
99 #define MBEDTLS_RSA_PKCS_V15 0
100 #define MBEDTLS_RSA_PKCS_V21 1
102 #define MBEDTLS_RSA_SIGN 1
103 #define MBEDTLS_RSA_CRYPT 2
105 #define MBEDTLS_RSA_SALT_LEN_ANY -1
106 
107 /*
108  * The above constants may be used even if the RSA module is compile out,
109  * eg for alternative (PKCS#11) RSA implemenations in the PK layers.
110  */
111 
112 #ifdef __cplusplus
113 extern "C" {
114 #endif
115 
116 #if !defined(MBEDTLS_RSA_ALT)
117 // Regular implementation
118 //
119 
127 typedef struct mbedtls_rsa_context
128 {
129  int ver;
130  size_t len;
151  int padding;
154  int hash_id;
158 #if defined(MBEDTLS_THREADING_C)
160 #endif
161 }
163 
164 #else /* MBEDTLS_RSA_ALT */
165 #include "rsa_alt.h"
166 #endif /* MBEDTLS_RSA_ALT */
167 
196  int padding,
197  int hash_id );
198 
229  const mbedtls_mpi *N,
230  const mbedtls_mpi *P, const mbedtls_mpi *Q,
231  const mbedtls_mpi *D, const mbedtls_mpi *E );
232 
268  unsigned char const *N, size_t N_len,
269  unsigned char const *P, size_t P_len,
270  unsigned char const *Q, size_t Q_len,
271  unsigned char const *D, size_t D_len,
272  unsigned char const *E, size_t E_len );
273 
307 
350  mbedtls_mpi *D, mbedtls_mpi *E );
351 
400  unsigned char *N, size_t N_len,
401  unsigned char *P, size_t P_len,
402  unsigned char *Q, size_t Q_len,
403  unsigned char *D, size_t D_len,
404  unsigned char *E, size_t E_len );
405 
426  mbedtls_mpi *DP, mbedtls_mpi *DQ, mbedtls_mpi *QP );
427 
438  int hash_id );
439 
449 
469  int (*f_rng)(void *, unsigned char *, size_t),
470  void *p_rng,
471  unsigned int nbits, int exponent );
472 
488 
526 
539  const mbedtls_rsa_context *prv );
540 
561  const unsigned char *input,
562  unsigned char *output );
563 
596  int (*f_rng)(void *, unsigned char *, size_t),
597  void *p_rng,
598  const unsigned char *input,
599  unsigned char *output );
600 
640  int (*f_rng)(void *, unsigned char *, size_t),
641  void *p_rng,
642  int mode, size_t ilen,
643  const unsigned char *input,
644  unsigned char *output );
645 
680  int (*f_rng)(void *, unsigned char *, size_t),
681  void *p_rng,
682  int mode, size_t ilen,
683  const unsigned char *input,
684  unsigned char *output );
685 
724  int (*f_rng)(void *, unsigned char *, size_t),
725  void *p_rng,
726  int mode,
727  const unsigned char *label, size_t label_len,
728  size_t ilen,
729  const unsigned char *input,
730  unsigned char *output );
731 
777  int (*f_rng)(void *, unsigned char *, size_t),
778  void *p_rng,
779  int mode, size_t *olen,
780  const unsigned char *input,
781  unsigned char *output,
782  size_t output_max_len );
783 
827  int (*f_rng)(void *, unsigned char *, size_t),
828  void *p_rng,
829  int mode, size_t *olen,
830  const unsigned char *input,
831  unsigned char *output,
832  size_t output_max_len );
833 
881  int (*f_rng)(void *, unsigned char *, size_t),
882  void *p_rng,
883  int mode,
884  const unsigned char *label, size_t label_len,
885  size_t *olen,
886  const unsigned char *input,
887  unsigned char *output,
888  size_t output_max_len );
889 
941  int (*f_rng)(void *, unsigned char *, size_t),
942  void *p_rng,
943  int mode,
944  mbedtls_md_type_t md_alg,
945  unsigned int hashlen,
946  const unsigned char *hash,
947  unsigned char *sig );
948 
989  int (*f_rng)(void *, unsigned char *, size_t),
990  void *p_rng,
991  int mode,
992  mbedtls_md_type_t md_alg,
993  unsigned int hashlen,
994  const unsigned char *hash,
995  unsigned char *sig );
996 
1051  int (*f_rng)(void *, unsigned char *, size_t),
1052  void *p_rng,
1053  int mode,
1054  mbedtls_md_type_t md_alg,
1055  unsigned int hashlen,
1056  const unsigned char *hash,
1057  unsigned char *sig );
1058 
1104  int (*f_rng)(void *, unsigned char *, size_t),
1105  void *p_rng,
1106  int mode,
1107  mbedtls_md_type_t md_alg,
1108  unsigned int hashlen,
1109  const unsigned char *hash,
1110  const unsigned char *sig );
1111 
1150  int (*f_rng)(void *, unsigned char *, size_t),
1151  void *p_rng,
1152  int mode,
1153  mbedtls_md_type_t md_alg,
1154  unsigned int hashlen,
1155  const unsigned char *hash,
1156  const unsigned char *sig );
1157 
1207  int (*f_rng)(void *, unsigned char *, size_t),
1208  void *p_rng,
1209  int mode,
1210  mbedtls_md_type_t md_alg,
1211  unsigned int hashlen,
1212  const unsigned char *hash,
1213  const unsigned char *sig );
1214 
1255  int (*f_rng)(void *, unsigned char *, size_t),
1256  void *p_rng,
1257  int mode,
1258  mbedtls_md_type_t md_alg,
1259  unsigned int hashlen,
1260  const unsigned char *hash,
1261  mbedtls_md_type_t mgf1_hash_id,
1262  int expected_salt_len,
1263  const unsigned char *sig );
1264 
1275 
1284 
1285 #if defined(MBEDTLS_SELF_TEST)
1286 
1293 int mbedtls_rsa_self_test( int verbose );
1294 
1295 #endif /* MBEDTLS_SELF_TEST */
1296 
1297 #ifdef __cplusplus
1298 }
1299 #endif
1300 
1301 #endif /* rsa.h */
mbedtls_rsa_check_privkey
int mbedtls_rsa_check_privkey(const mbedtls_rsa_context *ctx)
This function checks if a context contains an RSA private key and perform basic consistency checks.
mbedtls_rsa_pkcs1_verify
int mbedtls_rsa_pkcs1_verify(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, const unsigned char *sig)
This function performs a public RSA operation and checks the message digest.
mbedtls_rsa_rsassa_pss_sign
int mbedtls_rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig)
This function performs a PKCS#1 v2.1 PSS signature operation (RSASSA-PSS-SIGN).
mbedtls_rsa_context::D
mbedtls_mpi D
Definition: rsa.h:135
mbedtls_md_type_t
mbedtls_md_type_t
Supported message digests.
Definition: md.h:85
mbedtls_mpi
MPI structure.
Definition: bignum.h:213
mbedtls_rsa_complete
int mbedtls_rsa_complete(mbedtls_rsa_context *ctx)
This function completes an RSA context from a set of imported core parameters.
mbedtls_rsa_free
void mbedtls_rsa_free(mbedtls_rsa_context *ctx)
This function frees the components of an RSA key.
mbedtls_rsa_pkcs1_decrypt
int mbedtls_rsa_pkcs1_decrypt(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len)
This function performs an RSA operation, then removes the message padding.
mbedtls_rsa_context::Vi
mbedtls_mpi Vi
Definition: rsa.h:148
mbedtls_rsa_export_crt
int mbedtls_rsa_export_crt(const mbedtls_rsa_context *ctx, mbedtls_mpi *DP, mbedtls_mpi *DQ, mbedtls_mpi *QP)
This function exports CRT parameters of a private RSA key.
md.h
This file contains the generic message-digest wrapper.
mbedtls_rsa_context::RQ
mbedtls_mpi RQ
Definition: rsa.h:146
mbedtls_rsa_self_test
int mbedtls_rsa_self_test(int verbose)
The RSA checkup routine.
mbedtls_threading_mutex_t
Definition: threading.h:76
mbedtls_rsa_context::E
mbedtls_mpi E
Definition: rsa.h:133
mbedtls_rsa_context::DP
mbedtls_mpi DP
Definition: rsa.h:139
mbedtls_rsa_private
int mbedtls_rsa_private(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, const unsigned char *input, unsigned char *output)
This function performs an RSA private key operation.
mbedtls_rsa_rsassa_pss_verify_ext
int mbedtls_rsa_rsassa_pss_verify_ext(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, mbedtls_md_type_t mgf1_hash_id, int expected_salt_len, const unsigned char *sig)
This function performs a PKCS#1 v2.1 PSS verification operation (RSASSA-PSS-VERIFY).
mbedtls_rsa_context::len
size_t len
Definition: rsa.h:130
mbedtls_rsa_context::padding
int padding
Definition: rsa.h:151
mbedtls_rsa_rsaes_pkcs1_v15_encrypt
int mbedtls_rsa_rsaes_pkcs1_v15_encrypt(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t ilen, const unsigned char *input, unsigned char *output)
This function performs a PKCS#1 v1.5 encryption operation (RSAES-PKCS1-v1_5-ENCRYPT).
mbedtls_rsa_context::N
mbedtls_mpi N
Definition: rsa.h:132
mbedtls_rsa_rsassa_pkcs1_v15_sign
int mbedtls_rsa_rsassa_pkcs1_v15_sign(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig)
This function performs a PKCS#1 v1.5 signature operation (RSASSA-PKCS1-v1_5-SIGN).
mbedtls_rsa_context::hash_id
int hash_id
Definition: rsa.h:154
mbedtls_rsa_init
void mbedtls_rsa_init(mbedtls_rsa_context *ctx, int padding, int hash_id)
This function initializes an RSA context.
mbedtls_rsa_import
int mbedtls_rsa_import(mbedtls_rsa_context *ctx, const mbedtls_mpi *N, const mbedtls_mpi *P, const mbedtls_mpi *Q, const mbedtls_mpi *D, const mbedtls_mpi *E)
This function imports a set of core parameters into an RSA context.
bignum.h
Multi-precision integer library.
mbedtls_rsa_context::RN
mbedtls_mpi RN
Definition: rsa.h:143
mbedtls_rsa_context
struct mbedtls_rsa_context mbedtls_rsa_context
The RSA context structure.
mbedtls_rsa_get_len
size_t mbedtls_rsa_get_len(const mbedtls_rsa_context *ctx)
This function retrieves the length of RSA modulus in Bytes.
mbedtls_rsa_context::DQ
mbedtls_mpi DQ
Definition: rsa.h:140
mbedtls_rsa_gen_key
int mbedtls_rsa_gen_key(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, unsigned int nbits, int exponent)
This function generates an RSA keypair.
mbedtls_rsa_export_raw
int mbedtls_rsa_export_raw(const mbedtls_rsa_context *ctx, unsigned char *N, size_t N_len, unsigned char *P, size_t P_len, unsigned char *Q, size_t Q_len, unsigned char *D, size_t D_len, unsigned char *E, size_t E_len)
This function exports core parameters of an RSA key in raw big-endian binary format.
mbedtls_rsa_rsaes_oaep_decrypt
int mbedtls_rsa_rsaes_oaep_decrypt(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, const unsigned char *label, size_t label_len, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len)
This function performs a PKCS#1 v2.1 OAEP decryption operation (RSAES-OAEP-DECRYPT).
mbedtls_rsa_context
The RSA context structure.
Definition: rsa.h:128
mbedtls_rsa_rsaes_oaep_encrypt
int mbedtls_rsa_rsaes_oaep_encrypt(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, const unsigned char *label, size_t label_len, size_t ilen, const unsigned char *input, unsigned char *output)
This function performs a PKCS#1 v2.1 OAEP encryption operation (RSAES-OAEP-ENCRYPT).
mbedtls_rsa_export
int mbedtls_rsa_export(const mbedtls_rsa_context *ctx, mbedtls_mpi *N, mbedtls_mpi *P, mbedtls_mpi *Q, mbedtls_mpi *D, mbedtls_mpi *E)
This function exports the core parameters of an RSA key.
mbedtls_rsa_context::Q
mbedtls_mpi Q
Definition: rsa.h:137
threading.h
Threading abstraction layer.
mbedtls_rsa_pkcs1_sign
int mbedtls_rsa_pkcs1_sign(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig)
This function performs a private RSA operation to sign a message digest using PKCS#1.
mbedtls_rsa_rsassa_pss_verify
int mbedtls_rsa_rsassa_pss_verify(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, const unsigned char *sig)
This function performs a PKCS#1 v2.1 PSS verification operation (RSASSA-PSS-VERIFY).
mbedtls_rsa_public
int mbedtls_rsa_public(mbedtls_rsa_context *ctx, const unsigned char *input, unsigned char *output)
This function performs an RSA public key operation.
mbedtls_rsa_context::RP
mbedtls_mpi RP
Definition: rsa.h:145
mbedtls_rsa_rsassa_pkcs1_v15_verify
int mbedtls_rsa_rsassa_pkcs1_v15_verify(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, const unsigned char *sig)
This function performs a PKCS#1 v1.5 verification operation (RSASSA-PKCS1-v1_5-VERIFY).
mbedtls_rsa_context::P
mbedtls_mpi P
Definition: rsa.h:136
config.h
Configuration options (set of defines)
mbedtls_rsa_check_pubkey
int mbedtls_rsa_check_pubkey(const mbedtls_rsa_context *ctx)
This function checks if a context contains at least an RSA public key.
mbedtls_rsa_import_raw
int mbedtls_rsa_import_raw(mbedtls_rsa_context *ctx, unsigned char const *N, size_t N_len, unsigned char const *P, size_t P_len, unsigned char const *Q, size_t Q_len, unsigned char const *D, size_t D_len, unsigned char const *E, size_t E_len)
This function imports core RSA parameters, in raw big-endian binary format, into an RSA context.
mbedtls_rsa_copy
int mbedtls_rsa_copy(mbedtls_rsa_context *dst, const mbedtls_rsa_context *src)
This function copies the components of an RSA context.
mbedtls_rsa_set_padding
void mbedtls_rsa_set_padding(mbedtls_rsa_context *ctx, int padding, int hash_id)
This function sets padding for an already initialized RSA context. See mbedtls_rsa_init() for details...
mbedtls_rsa_rsaes_pkcs1_v15_decrypt
int mbedtls_rsa_rsaes_pkcs1_v15_decrypt(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len)
This function performs a PKCS#1 v1.5 decryption operation (RSAES-PKCS1-v1_5-DECRYPT).
mbedtls_rsa_context::Vf
mbedtls_mpi Vf
Definition: rsa.h:149
mbedtls_rsa_pkcs1_encrypt
int mbedtls_rsa_pkcs1_encrypt(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t ilen, const unsigned char *input, unsigned char *output)
This function adds the message padding, then performs an RSA operation.
mbedtls_rsa_context::mutex
mbedtls_threading_mutex_t mutex
Definition: rsa.h:159
mbedtls_rsa_check_pub_priv
int mbedtls_rsa_check_pub_priv(const mbedtls_rsa_context *pub, const mbedtls_rsa_context *prv)
This function checks a public-private RSA key pair.
mbedtls_rsa_context::ver
int ver
Definition: rsa.h:129
mbedtls_rsa_context::QP
mbedtls_mpi QP
Definition: rsa.h:141