]>
Commit | Line | Data |
---|---|---|
d02b48c6 | 1 | /* crypto/rsa/rsa.h */ |
58964a49 | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
d02b48c6 RE |
3 | * All rights reserved. |
4 | * | |
5 | * This package is an SSL implementation written | |
6 | * by Eric Young (eay@cryptsoft.com). | |
7 | * The implementation was written so as to conform with Netscapes SSL. | |
8 | * | |
9 | * This library is free for commercial and non-commercial use as long as | |
10 | * the following conditions are aheared to. The following conditions | |
11 | * apply to all code found in this distribution, be it the RC4, RSA, | |
12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | |
13 | * included with this distribution is covered by the same copyright terms | |
14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | |
15 | * | |
16 | * Copyright remains Eric Young's, and as such any Copyright notices in | |
17 | * the code are not to be removed. | |
18 | * If this package is used in a product, Eric Young should be given attribution | |
19 | * as the author of the parts of the library used. | |
20 | * This can be in the form of a textual message at program startup or | |
21 | * in documentation (online or textual) provided with the package. | |
22 | * | |
23 | * Redistribution and use in source and binary forms, with or without | |
24 | * modification, are permitted provided that the following conditions | |
25 | * are met: | |
26 | * 1. Redistributions of source code must retain the copyright | |
27 | * notice, this list of conditions and the following disclaimer. | |
28 | * 2. Redistributions in binary form must reproduce the above copyright | |
29 | * notice, this list of conditions and the following disclaimer in the | |
30 | * documentation and/or other materials provided with the distribution. | |
31 | * 3. All advertising materials mentioning features or use of this software | |
32 | * must display the following acknowledgement: | |
33 | * "This product includes cryptographic software written by | |
34 | * Eric Young (eay@cryptsoft.com)" | |
35 | * The word 'cryptographic' can be left out if the rouines from the library | |
36 | * being used are not cryptographic related :-). | |
37 | * 4. If you include any Windows specific code (or a derivative thereof) from | |
38 | * the apps directory (application code) you must include an acknowledgement: | |
39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | |
40 | * | |
41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | |
42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | |
45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
51 | * SUCH DAMAGE. | |
52 | * | |
53 | * The licence and distribution terms for any publically available version or | |
54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | |
55 | * copied and put under another distribution licence | |
56 | * [including the GNU Public Licence.] | |
57 | */ | |
58 | ||
59 | #ifndef HEADER_RSA_H | |
60 | #define HEADER_RSA_H | |
61 | ||
62 | #ifdef __cplusplus | |
63 | extern "C" { | |
64 | #endif | |
65 | ||
ec577822 BM |
66 | #include <openssl/bn.h> |
67 | #include <openssl/crypto.h> | |
d02b48c6 | 68 | |
03f8b042 BL |
69 | typedef struct rsa_st RSA; |
70 | ||
d02b48c6 RE |
71 | typedef struct rsa_meth_st |
72 | { | |
e778802f | 73 | const char *name; |
03f8b042 BL |
74 | int (*rsa_pub_enc)(int flen,unsigned char *from,unsigned char *to, |
75 | RSA *rsa,int padding); | |
76 | int (*rsa_pub_dec)(int flen,unsigned char *from,unsigned char *to, | |
77 | RSA *rsa,int padding); | |
78 | int (*rsa_priv_enc)(int flen,unsigned char *from,unsigned char *to, | |
79 | RSA *rsa,int padding); | |
80 | int (*rsa_priv_dec)(int flen,unsigned char *from,unsigned char *to, | |
81 | RSA *rsa,int padding); | |
82 | int (*rsa_mod_exp)(BIGNUM *r0,BIGNUM *I,RSA *rsa); /* Can be null */ | |
83 | int (*bn_mod_exp)(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m, | |
84 | BN_CTX *ctx,BN_MONT_CTX *m_ctx); /* Can be null */ | |
85 | int (*init)(RSA *rsa); /* called at new */ | |
86 | int (*finish)(RSA *rsa); /* called at free */ | |
58964a49 RE |
87 | int flags; /* RSA_METHOD_FLAG_* things */ |
88 | char *app_data; /* may be needed! */ | |
d02b48c6 RE |
89 | } RSA_METHOD; |
90 | ||
03f8b042 | 91 | struct rsa_st |
d02b48c6 RE |
92 | { |
93 | /* The first parameter is used to pickup errors where | |
94 | * this is passed instead of aEVP_PKEY, it is set to 0 */ | |
95 | int pad; | |
96 | int version; | |
97 | RSA_METHOD *meth; | |
98 | BIGNUM *n; | |
99 | BIGNUM *e; | |
100 | BIGNUM *d; | |
101 | BIGNUM *p; | |
102 | BIGNUM *q; | |
103 | BIGNUM *dmp1; | |
104 | BIGNUM *dmq1; | |
105 | BIGNUM *iqmp; | |
106 | /* be carefull using this if the RSA structure is shared */ | |
58964a49 | 107 | CRYPTO_EX_DATA ex_data; |
d02b48c6 | 108 | int references; |
58964a49 RE |
109 | int flags; |
110 | ||
03f8b042 BL |
111 | /* Used to cache montgomery values */ |
112 | BN_MONT_CTX *_method_mod_n; | |
113 | BN_MONT_CTX *_method_mod_p; | |
114 | BN_MONT_CTX *_method_mod_q; | |
58964a49 | 115 | |
dfeab068 RE |
116 | /* all BIGNUM values are actually in the following data, if it is not |
117 | * NULL */ | |
118 | char *bignum_data; | |
58964a49 | 119 | BN_BLINDING *blinding; |
03f8b042 | 120 | }; |
d02b48c6 RE |
121 | |
122 | #define RSA_3 0x3L | |
123 | #define RSA_F4 0x10001L | |
124 | ||
58964a49 | 125 | #define RSA_METHOD_FLAG_NO_CHECK 0x01 /* don't check pub/private match */ |
dfeab068 | 126 | |
58964a49 RE |
127 | #define RSA_FLAG_CACHE_PUBLIC 0x02 |
128 | #define RSA_FLAG_CACHE_PRIVATE 0x04 | |
129 | #define RSA_FLAG_BLINDING 0x08 | |
130 | #define RSA_FLAG_THREAD_SAFE 0x10 | |
131 | ||
132 | #define RSA_PKCS1_PADDING 1 | |
133 | #define RSA_SSLV23_PADDING 2 | |
134 | #define RSA_NO_PADDING 3 | |
a4949896 | 135 | #define RSA_PKCS1_OAEP_PADDING 4 |
58964a49 RE |
136 | |
137 | #define RSA_set_app_data(s,arg) RSA_set_ex_data(s,0,(char *)arg) | |
138 | #define RSA_get_app_data(s) RSA_get_ex_data(s,0) | |
d02b48c6 | 139 | |
d02b48c6 RE |
140 | RSA * RSA_new(void); |
141 | RSA * RSA_new_method(RSA_METHOD *method); | |
142 | int RSA_size(RSA *); | |
143 | RSA * RSA_generate_key(int bits, unsigned long e,void | |
58964a49 | 144 | (*callback)(int,int,char *),char *cb_arg); |
d02b48c6 RE |
145 | /* next 4 return -1 on error */ |
146 | int RSA_public_encrypt(int flen, unsigned char *from, | |
147 | unsigned char *to, RSA *rsa,int padding); | |
148 | int RSA_private_encrypt(int flen, unsigned char *from, | |
149 | unsigned char *to, RSA *rsa,int padding); | |
150 | int RSA_public_decrypt(int flen, unsigned char *from, | |
151 | unsigned char *to, RSA *rsa,int padding); | |
152 | int RSA_private_decrypt(int flen, unsigned char *from, | |
153 | unsigned char *to, RSA *rsa,int padding); | |
154 | void RSA_free (RSA *r); | |
155 | ||
58964a49 RE |
156 | int RSA_flags(RSA *r); |
157 | ||
d02b48c6 RE |
158 | void RSA_set_default_method(RSA_METHOD *meth); |
159 | ||
dfeab068 RE |
160 | /* This function needs the memory locking malloc callbacks to be installed */ |
161 | int RSA_memory_lock(RSA *r); | |
162 | ||
d02b48c6 | 163 | /* If you have RSAref compiled in. */ |
58964a49 | 164 | RSA_METHOD *RSA_PKCS1_RSAref(void); |
d02b48c6 RE |
165 | |
166 | /* these are the actual SSLeay RSA functions */ | |
167 | RSA_METHOD *RSA_PKCS1_SSLeay(void); | |
168 | ||
169 | void ERR_load_RSA_strings(void ); | |
170 | ||
171 | RSA * d2i_RSAPublicKey(RSA **a, unsigned char **pp, long length); | |
172 | int i2d_RSAPublicKey(RSA *a, unsigned char **pp); | |
173 | RSA * d2i_RSAPrivateKey(RSA **a, unsigned char **pp, long length); | |
174 | int i2d_RSAPrivateKey(RSA *a, unsigned char **pp); | |
58964a49 | 175 | #ifndef NO_FP_API |
d02b48c6 RE |
176 | int RSA_print_fp(FILE *fp, RSA *r,int offset); |
177 | #endif | |
178 | ||
179 | #ifdef HEADER_BIO_H | |
180 | int RSA_print(BIO *bp, RSA *r,int offset); | |
181 | #endif | |
182 | ||
183 | int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)()); | |
184 | RSA *d2i_Netscape_RSA(RSA **a, unsigned char **pp, long length, int (*cb)()); | |
58964a49 RE |
185 | /* Naughty internal function required elsewhere, to handle a MS structure |
186 | * that is the same as the netscape one :-) */ | |
187 | RSA *d2i_Netscape_RSA_2(RSA **a, unsigned char **pp, long length, int (*cb)()); | |
d02b48c6 RE |
188 | |
189 | /* The following 2 functions sign and verify a X509_SIG ASN1 object | |
190 | * inside PKCS#1 padded RSA encryption */ | |
191 | int RSA_sign(int type, unsigned char *m, unsigned int m_len, | |
192 | unsigned char *sigret, unsigned int *siglen, RSA *rsa); | |
193 | int RSA_verify(int type, unsigned char *m, unsigned int m_len, | |
194 | unsigned char *sigbuf, unsigned int siglen, RSA *rsa); | |
195 | ||
196 | /* The following 2 function sign and verify a ASN1_OCTET_STRING | |
197 | * object inside PKCS#1 padded RSA encryption */ | |
198 | int RSA_sign_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len, | |
199 | unsigned char *sigret, unsigned int *siglen, RSA *rsa); | |
200 | int RSA_verify_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len, | |
201 | unsigned char *sigbuf, unsigned int siglen, RSA *rsa); | |
202 | ||
58964a49 RE |
203 | int RSA_blinding_on(RSA *rsa, BN_CTX *ctx); |
204 | void RSA_blinding_off(RSA *rsa); | |
205 | ||
206 | int RSA_padding_add_PKCS1_type_1(unsigned char *to,int tlen, | |
207 | unsigned char *f,int fl); | |
208 | int RSA_padding_check_PKCS1_type_1(unsigned char *to,int tlen, | |
dfeab068 | 209 | unsigned char *f,int fl,int rsa_len); |
58964a49 RE |
210 | int RSA_padding_add_PKCS1_type_2(unsigned char *to,int tlen, |
211 | unsigned char *f,int fl); | |
212 | int RSA_padding_check_PKCS1_type_2(unsigned char *to,int tlen, | |
dfeab068 | 213 | unsigned char *f,int fl,int rsa_len); |
a4949896 BL |
214 | int RSA_padding_add_PKCS1_OAEP(unsigned char *to,int tlen, |
215 | unsigned char *f,int fl,unsigned char *p, | |
216 | int pl); | |
217 | int RSA_padding_check_PKCS1_OAEP(unsigned char *to,int tlen, | |
218 | unsigned char *f,int fl,int rsa_len, | |
219 | unsigned char *p,int pl); | |
58964a49 RE |
220 | int RSA_padding_add_SSLv23(unsigned char *to,int tlen, |
221 | unsigned char *f,int fl); | |
222 | int RSA_padding_check_SSLv23(unsigned char *to,int tlen, | |
dfeab068 | 223 | unsigned char *f,int fl,int rsa_len); |
58964a49 RE |
224 | int RSA_padding_add_none(unsigned char *to,int tlen, |
225 | unsigned char *f,int fl); | |
226 | int RSA_padding_check_none(unsigned char *to,int tlen, | |
dfeab068 | 227 | unsigned char *f,int fl,int rsa_len); |
58964a49 RE |
228 | |
229 | int RSA_get_ex_new_index(long argl, char *argp, int (*new_func)(), | |
230 | int (*dup_func)(), void (*free_func)()); | |
231 | int RSA_set_ex_data(RSA *r,int idx,char *arg); | |
232 | char *RSA_get_ex_data(RSA *r, int idx); | |
233 | ||
d02b48c6 | 234 | /* BEGIN ERROR CODES */ |
6d311938 DSH |
235 | /* The following lines are auto generated by the script mkerr.pl. Any changes |
236 | * made after this point may be overwritten when the script is next run. | |
237 | */ | |
238 | ||
d02b48c6 RE |
239 | /* Error codes for the RSA functions. */ |
240 | ||
241 | /* Function codes. */ | |
dfeab068 RE |
242 | #define RSA_F_MEMORY_LOCK 100 |
243 | #define RSA_F_RSA_EAY_PRIVATE_DECRYPT 101 | |
244 | #define RSA_F_RSA_EAY_PRIVATE_ENCRYPT 102 | |
245 | #define RSA_F_RSA_EAY_PUBLIC_DECRYPT 103 | |
246 | #define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 104 | |
247 | #define RSA_F_RSA_GENERATE_KEY 105 | |
248 | #define RSA_F_RSA_NEW_METHOD 106 | |
249 | #define RSA_F_RSA_PADDING_ADD_NONE 107 | |
a4949896 | 250 | #define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP 121 |
dfeab068 RE |
251 | #define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 108 |
252 | #define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 109 | |
253 | #define RSA_F_RSA_PADDING_ADD_SSLV23 110 | |
254 | #define RSA_F_RSA_PADDING_CHECK_NONE 111 | |
a4949896 | 255 | #define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP 122 |
dfeab068 RE |
256 | #define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1 112 |
257 | #define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2 113 | |
258 | #define RSA_F_RSA_PADDING_CHECK_SSLV23 114 | |
259 | #define RSA_F_RSA_PRINT 115 | |
260 | #define RSA_F_RSA_PRINT_FP 116 | |
261 | #define RSA_F_RSA_SIGN 117 | |
262 | #define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 118 | |
263 | #define RSA_F_RSA_VERIFY 119 | |
264 | #define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 120 | |
d02b48c6 RE |
265 | |
266 | /* Reason codes. */ | |
267 | #define RSA_R_ALGORITHM_MISMATCH 100 | |
268 | #define RSA_R_BAD_E_VALUE 101 | |
269 | #define RSA_R_BAD_FIXED_HEADER_DECRYPT 102 | |
270 | #define RSA_R_BAD_PAD_BYTE_COUNT 103 | |
271 | #define RSA_R_BAD_SIGNATURE 104 | |
58964a49 RE |
272 | #define RSA_R_BLOCK_TYPE_IS_NOT_01 106 |
273 | #define RSA_R_BLOCK_TYPE_IS_NOT_02 107 | |
274 | #define RSA_R_DATA_GREATER_THAN_MOD_LEN 108 | |
275 | #define RSA_R_DATA_TOO_LARGE 109 | |
276 | #define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 110 | |
277 | #define RSA_R_DATA_TOO_SMALL 111 | |
0c8a1281 | 278 | #define RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE 122 |
58964a49 | 279 | #define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY 112 |
a4949896 | 280 | #define RSA_R_KEY_SIZE_TOO_SMALL 120 |
58964a49 | 281 | #define RSA_R_NULL_BEFORE_BLOCK_MISSING 113 |
a4949896 | 282 | #define RSA_R_OAEP_DECODING_ERROR 121 |
58964a49 RE |
283 | #define RSA_R_PADDING_CHECK_FAILED 114 |
284 | #define RSA_R_SSLV3_ROLLBACK_ATTACK 115 | |
285 | #define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116 | |
286 | #define RSA_R_UNKNOWN_ALGORITHM_TYPE 117 | |
287 | #define RSA_R_UNKNOWN_PADDING_TYPE 118 | |
288 | #define RSA_R_WRONG_SIGNATURE_LENGTH 119 | |
6d311938 | 289 | |
d02b48c6 RE |
290 | #ifdef __cplusplus |
291 | } | |
292 | #endif | |
293 | #endif | |
294 |