Mbed TLS v2.28.5
rsa.h
Go to the documentation of this file.
1 
12 /*
13  * Copyright The Mbed TLS Contributors
14  * SPDX-License-Identifier: Apache-2.0
15  *
16  * Licensed under the Apache License, Version 2.0 (the "License"); you may
17  * not use this file except in compliance with the License.
18  * You may obtain a copy of the License at
19  *
20  * http://www.apache.org/licenses/LICENSE-2.0
21  *
22  * Unless required by applicable law or agreed to in writing, software
23  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
24  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
25  * See the License for the specific language governing permissions and
26  * limitations under the License.
27  */
28 #ifndef MBEDTLS_RSA_H
29 #define MBEDTLS_RSA_H
30 
31 #if !defined(MBEDTLS_CONFIG_FILE)
32 #include "mbedtls/config.h"
33 #else
34 #include MBEDTLS_CONFIG_FILE
35 #endif
36 
37 #include "mbedtls/bignum.h"
38 #include "mbedtls/md.h"
39 
40 #if defined(MBEDTLS_THREADING_C)
41 #include "mbedtls/threading.h"
42 #endif
43 
44 /*
45  * RSA Error codes
46  */
48 #define MBEDTLS_ERR_RSA_BAD_INPUT_DATA -0x4080
49 
50 #define MBEDTLS_ERR_RSA_INVALID_PADDING -0x4100
51 
52 #define MBEDTLS_ERR_RSA_KEY_GEN_FAILED -0x4180
53 
54 #define MBEDTLS_ERR_RSA_KEY_CHECK_FAILED -0x4200
55 
56 #define MBEDTLS_ERR_RSA_PUBLIC_FAILED -0x4280
57 
58 #define MBEDTLS_ERR_RSA_PRIVATE_FAILED -0x4300
59 
60 #define MBEDTLS_ERR_RSA_VERIFY_FAILED -0x4380
61 
62 #define MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE -0x4400
63 
64 #define MBEDTLS_ERR_RSA_RNG_FAILED -0x4480
65 
66 /* MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION is deprecated and should not be used.
67  */
69 #define MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION -0x4500
70 
71 /* MBEDTLS_ERR_RSA_HW_ACCEL_FAILED is deprecated and should not be used. */
73 #define MBEDTLS_ERR_RSA_HW_ACCEL_FAILED -0x4580
74 
75 /*
76  * RSA constants
77  */
78 #define MBEDTLS_RSA_PUBLIC 0
79 #define MBEDTLS_RSA_PRIVATE 1
81 #define MBEDTLS_RSA_PKCS_V15 0
82 #define MBEDTLS_RSA_PKCS_V21 1
84 #define MBEDTLS_RSA_SIGN 1
85 #define MBEDTLS_RSA_CRYPT 2
87 #define MBEDTLS_RSA_SALT_LEN_ANY -1
88 
89 /*
90  * The above constants may be used even if the RSA module is compile out,
91  * eg for alternative (PKCS#11) RSA implementations in the PK layers.
92  */
93 
94 #ifdef __cplusplus
95 extern "C" {
96 #endif
97 
98 #if !defined(MBEDTLS_RSA_ALT)
99 // Regular implementation
100 //
101 
109 typedef struct mbedtls_rsa_context {
110  int ver;
114  size_t len;
135  int padding;
138  int hash_id;
142 #if defined(MBEDTLS_THREADING_C)
143  /* Invariant: the mutex is initialized iff ver != 0. */
145 #endif
146 }
148 
149 #else /* MBEDTLS_RSA_ALT */
150 #include "rsa_alt.h"
151 #endif /* MBEDTLS_RSA_ALT */
152 
181  int padding,
182  int hash_id);
183 
214  const mbedtls_mpi *N,
215  const mbedtls_mpi *P, const mbedtls_mpi *Q,
216  const mbedtls_mpi *D, const mbedtls_mpi *E);
217 
253  unsigned char const *N, size_t N_len,
254  unsigned char const *P, size_t P_len,
255  unsigned char const *Q, size_t Q_len,
256  unsigned char const *D, size_t D_len,
257  unsigned char const *E, size_t E_len);
258 
292 
335  mbedtls_mpi *D, mbedtls_mpi *E);
336 
385  unsigned char *N, size_t N_len,
386  unsigned char *P, size_t P_len,
387  unsigned char *Q, size_t Q_len,
388  unsigned char *D, size_t D_len,
389  unsigned char *E, size_t E_len);
390 
411  mbedtls_mpi *DP, mbedtls_mpi *DQ, mbedtls_mpi *QP);
412 
422 void mbedtls_rsa_set_padding(mbedtls_rsa_context *ctx, int padding,
423  int hash_id);
424 
433 size_t mbedtls_rsa_get_len(const mbedtls_rsa_context *ctx);
434 
454  int (*f_rng)(void *, unsigned char *, size_t),
455  void *p_rng,
456  unsigned int nbits, int exponent);
457 
473 
511 
524  const mbedtls_rsa_context *prv);
525 
546  const unsigned char *input,
547  unsigned char *output);
548 
581  int (*f_rng)(void *, unsigned char *, size_t),
582  void *p_rng,
583  const unsigned char *input,
584  unsigned char *output);
585 
626  int (*f_rng)(void *, unsigned char *, size_t),
627  void *p_rng,
628  int mode, size_t ilen,
629  const unsigned char *input,
630  unsigned char *output);
631 
667  int (*f_rng)(void *, unsigned char *, size_t),
668  void *p_rng,
669  int mode, size_t ilen,
670  const unsigned char *input,
671  unsigned char *output);
672 
712  int (*f_rng)(void *, unsigned char *, size_t),
713  void *p_rng,
714  int mode,
715  const unsigned char *label, size_t label_len,
716  size_t ilen,
717  const unsigned char *input,
718  unsigned char *output);
719 
765  int (*f_rng)(void *, unsigned char *, size_t),
766  void *p_rng,
767  int mode, size_t *olen,
768  const unsigned char *input,
769  unsigned char *output,
770  size_t output_max_len);
771 
815  int (*f_rng)(void *, unsigned char *, size_t),
816  void *p_rng,
817  int mode, size_t *olen,
818  const unsigned char *input,
819  unsigned char *output,
820  size_t output_max_len);
821 
869  int (*f_rng)(void *, unsigned char *, size_t),
870  void *p_rng,
871  int mode,
872  const unsigned char *label, size_t label_len,
873  size_t *olen,
874  const unsigned char *input,
875  unsigned char *output,
876  size_t output_max_len);
877 
929  int (*f_rng)(void *, unsigned char *, size_t),
930  void *p_rng,
931  int mode,
932  mbedtls_md_type_t md_alg,
933  unsigned int hashlen,
934  const unsigned char *hash,
935  unsigned char *sig);
936 
977  int (*f_rng)(void *, unsigned char *, size_t),
978  void *p_rng,
979  int mode,
980  mbedtls_md_type_t md_alg,
981  unsigned int hashlen,
982  const unsigned char *hash,
983  unsigned char *sig);
984 
1032  int (*f_rng)(void *, unsigned char *, size_t),
1033  void *p_rng,
1034  mbedtls_md_type_t md_alg,
1035  unsigned int hashlen,
1036  const unsigned char *hash,
1037  int saltlen,
1038  unsigned char *sig);
1039 
1096  int (*f_rng)(void *, unsigned char *, size_t),
1097  void *p_rng,
1098  int mode,
1099  mbedtls_md_type_t md_alg,
1100  unsigned int hashlen,
1101  const unsigned char *hash,
1102  unsigned char *sig);
1103 
1149  int (*f_rng)(void *, unsigned char *, size_t),
1150  void *p_rng,
1151  int mode,
1152  mbedtls_md_type_t md_alg,
1153  unsigned int hashlen,
1154  const unsigned char *hash,
1155  const unsigned char *sig);
1156 
1195  int (*f_rng)(void *, unsigned char *, size_t),
1196  void *p_rng,
1197  int mode,
1198  mbedtls_md_type_t md_alg,
1199  unsigned int hashlen,
1200  const unsigned char *hash,
1201  const unsigned char *sig);
1202 
1251  int (*f_rng)(void *, unsigned char *, size_t),
1252  void *p_rng,
1253  int mode,
1254  mbedtls_md_type_t md_alg,
1255  unsigned int hashlen,
1256  const unsigned char *hash,
1257  const unsigned char *sig);
1258 
1304  int (*f_rng)(void *, unsigned char *, size_t),
1305  void *p_rng,
1306  int mode,
1307  mbedtls_md_type_t md_alg,
1308  unsigned int hashlen,
1309  const unsigned char *hash,
1310  mbedtls_md_type_t mgf1_hash_id,
1311  int expected_salt_len,
1312  const unsigned char *sig);
1313 
1324 
1333 
1334 #if defined(MBEDTLS_SELF_TEST)
1335 
1342 int mbedtls_rsa_self_test(int verbose);
1343 
1344 #endif /* MBEDTLS_SELF_TEST */
1345 
1346 #ifdef __cplusplus
1347 }
1348 #endif
1349 
1350 #endif /* rsa.h */
int mbedtls_rsa_self_test(int verbose)
The RSA checkup routine.
mbedtls_mpi DP
Definition: rsa.h:123
int mbedtls_rsa_export_raw(const mbedtls_rsa_context *ctx, unsigned char *N, size_t N_len, unsigned char *P, size_t P_len, unsigned char *Q, size_t Q_len, unsigned char *D, size_t D_len, unsigned char *E, size_t E_len)
This function exports core parameters of an RSA key in raw big-endian binary format.
int mbedtls_rsa_rsassa_pkcs1_v15_sign(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig)
This function performs a PKCS#1 v1.5 signature operation (RSASSA-PKCS1-v1_5-SIGN).
int mbedtls_rsa_public(mbedtls_rsa_context *ctx, const unsigned char *input, unsigned char *output)
This function performs an RSA public key operation.
int mbedtls_rsa_rsaes_oaep_decrypt(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, const unsigned char *label, size_t label_len, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len)
This function performs a PKCS#1 v2.1 OAEP decryption operation (RSAES-OAEP-DECRYPT).
int mbedtls_rsa_import(mbedtls_rsa_context *ctx, const mbedtls_mpi *N, const mbedtls_mpi *P, const mbedtls_mpi *Q, const mbedtls_mpi *D, const mbedtls_mpi *E)
This function imports a set of core parameters into an RSA context.
int mbedtls_rsa_pkcs1_verify(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, const unsigned char *sig)
This function performs a public RSA operation and checks the message digest.
Configuration options (set of defines)
int mbedtls_rsa_complete(mbedtls_rsa_context *ctx)
This function completes an RSA context from a set of imported core parameters.
mbedtls_mpi DQ
Definition: rsa.h:124
int mbedtls_rsa_pkcs1_sign(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig)
This function performs a private RSA operation to sign a message digest using PKCS#1.
void mbedtls_rsa_set_padding(mbedtls_rsa_context *ctx, int padding, int hash_id)
This function sets padding for an already initialized RSA context. See mbedtls_rsa_init() for details...
Multi-precision integer library.
int mbedtls_rsa_rsassa_pss_verify_ext(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, mbedtls_md_type_t mgf1_hash_id, int expected_salt_len, const unsigned char *sig)
This function performs a PKCS#1 v2.1 PSS verification operation (RSASSA-PSS-VERIFY).
mbedtls_threading_mutex_t mutex
Definition: rsa.h:144
int mbedtls_rsa_pkcs1_decrypt(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len)
This function performs an RSA operation, then removes the message padding.
int mbedtls_rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig)
This function performs a PKCS#1 v2.1 PSS signature operation (RSASSA-PSS-SIGN).
int mbedtls_rsa_import_raw(mbedtls_rsa_context *ctx, unsigned char const *N, size_t N_len, unsigned char const *P, size_t P_len, unsigned char const *Q, size_t Q_len, unsigned char const *D, size_t D_len, unsigned char const *E, size_t E_len)
This function imports core RSA parameters, in raw big-endian binary format, into an RSA context...
mbedtls_mpi RP
Definition: rsa.h:129
int mbedtls_rsa_check_pub_priv(const mbedtls_rsa_context *pub, const mbedtls_rsa_context *prv)
This function checks a public-private RSA key pair.
Threading abstraction layer.
mbedtls_mpi P
Definition: rsa.h:120
struct mbedtls_rsa_context mbedtls_rsa_context
The RSA context structure.
int mbedtls_rsa_export(const mbedtls_rsa_context *ctx, mbedtls_mpi *N, mbedtls_mpi *P, mbedtls_mpi *Q, mbedtls_mpi *D, mbedtls_mpi *E)
This function exports the core parameters of an RSA key.
int mbedtls_rsa_private(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, const unsigned char *input, unsigned char *output)
This function performs an RSA private key operation.
int mbedtls_rsa_rsaes_pkcs1_v15_decrypt(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len)
This function performs a PKCS#1 v1.5 decryption operation (RSAES-PKCS1-v1_5-DECRYPT).
int mbedtls_rsa_rsassa_pkcs1_v15_verify(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, const unsigned char *sig)
This function performs a PKCS#1 v1.5 verification operation (RSASSA-PKCS1-v1_5-VERIFY).
mbedtls_mpi E
Definition: rsa.h:117
int mbedtls_rsa_export_crt(const mbedtls_rsa_context *ctx, mbedtls_mpi *DP, mbedtls_mpi *DQ, mbedtls_mpi *QP)
This function exports CRT parameters of a private RSA key.
size_t len
Definition: rsa.h:114
mbedtls_mpi Vf
Definition: rsa.h:133
int mbedtls_rsa_pkcs1_encrypt(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t ilen, const unsigned char *input, unsigned char *output)
This function adds the message padding, then performs an RSA operation.
int mbedtls_rsa_rsassa_pss_sign_ext(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, int saltlen, unsigned char *sig)
This function performs a PKCS#1 v2.1 PSS signature operation (RSASSA-PSS-SIGN).
mbedtls_mpi QP
Definition: rsa.h:125
mbedtls_mpi D
Definition: rsa.h:119
This file contains the generic message-digest wrapper.
int mbedtls_rsa_rsassa_pss_verify(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, const unsigned char *sig)
This function performs a PKCS#1 v2.1 PSS verification operation (RSASSA-PSS-VERIFY).
int mbedtls_rsa_rsaes_pkcs1_v15_encrypt(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t ilen, const unsigned char *input, unsigned char *output)
This function performs a PKCS#1 v1.5 encryption operation (RSAES-PKCS1-v1_5-ENCRYPT).
size_t mbedtls_rsa_get_len(const mbedtls_rsa_context *ctx)
This function retrieves the length of RSA modulus in Bytes.
MPI structure.
Definition: bignum.h:208
mbedtls_mpi N
Definition: rsa.h:116
int mbedtls_rsa_check_pubkey(const mbedtls_rsa_context *ctx)
This function checks if a context contains at least an RSA public key.
mbedtls_mpi RN
Definition: rsa.h:127
void mbedtls_rsa_free(mbedtls_rsa_context *ctx)
This function frees the components of an RSA key.
mbedtls_mpi RQ
Definition: rsa.h:130
int mbedtls_rsa_gen_key(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, unsigned int nbits, int exponent)
This function generates an RSA keypair.
int mbedtls_rsa_copy(mbedtls_rsa_context *dst, const mbedtls_rsa_context *src)
This function copies the components of an RSA context.
int mbedtls_rsa_check_privkey(const mbedtls_rsa_context *ctx)
This function checks if a context contains an RSA private key and perform basic consistency checks...
mbedtls_mpi Vi
Definition: rsa.h:132
mbedtls_md_type_t
Supported message digests.
Definition: md.h:62
mbedtls_mpi Q
Definition: rsa.h:121
The RSA context structure.
Definition: rsa.h:109
int mbedtls_rsa_rsaes_oaep_encrypt(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, const unsigned char *label, size_t label_len, size_t ilen, const unsigned char *input, unsigned char *output)
This function performs a PKCS#1 v2.1 OAEP encryption operation (RSAES-OAEP-ENCRYPT).
void mbedtls_rsa_init(mbedtls_rsa_context *ctx, int padding, int hash_id)
This function initializes an RSA context.