yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
mbedtls/include/polarssl/rsa.h

655 lines
26 KiB
C
Raw Normal View History

- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
/**
* \file rsa.h
- Updated Copyright notices
2009-01-04 17:27:10 +01:00
*
- Added Doxygen source code documentation parts (donated by Fox-IT)
2011-01-06 13:28:03 +01:00
* \brief The RSA public-key cryptosystem
*
Update copyright
2015-01-23 10:45:19 +01:00
* Copyright (C) 2006-2014, ARM Limited, All Rights Reserved
- Fixed copyright message
2010-07-18 22:36:00 +02:00
*
Change name to mbed TLS in the copyright notice
2015-01-22 15:28:16 +01:00
* This file is part of mbed TLS (http://www.polarssl.org)
- Updated Copyright to correct entity
2010-07-18 12:13:04 +02:00
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
- Fixed copyright message
2010-07-18 22:36:00 +02:00
*
- Updated Copyright notices
2009-01-04 17:27:10 +01:00
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
*/
- First replacement of xyssl by polarssl where needed
2009-01-03 22:51:57 +01:00
#ifndef POLARSSL_RSA_H
#define POLARSSL_RSA_H
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
Adapt sources to configurable config.h name
2014-04-29 12:39:06 +02:00
#if !defined(POLARSSL_CONFIG_FILE)
More granular define selections within code to allow for smaller code sizes
2013-04-18 22:46:23 +02:00
#include "config.h"
Adapt sources to configurable config.h name
2014-04-29 12:39:06 +02:00
#else
#include POLARSSL_CONFIG_FILE
#endif
More granular define selections within code to allow for smaller code sizes
2013-04-18 22:46:23 +02:00
- Removed extraneous "polarssl/" in front on include directives in header files
2011-08-15 11:07:52 +02:00
#include "bignum.h"
OID functionality moved to a separate module. A new OID module has been created that contains the main OID searching functionality based on type-dependent arrays. A base type is used to contain the basic values (oid_descriptor_t) and that type is extended to contain type specific information (like a pk_alg_t). As a result the rsa sign and verify function prototypes have changed. They now expect a md_type_t identifier instead of the removed RSA_SIG_XXX defines. All OID definitions have been moved to oid.h All OID matching code is in the OID module. The RSA PKCS#1 functions cleaned up as a result and adapted to use the MD layer. The SSL layer cleanup up as a result and adapted to use the MD layer. The X509 parser cleaned up and matches OIDs in certificates with new module and adapted to use the MD layer. The X509 writer cleaned up and adapted to use the MD layer. Apps and tests modified accordingly
2013-04-07 22:00:46 +02:00
#include "md.h"
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
RSA blinding threading support
2013-09-29 14:58:17 +02:00
#if defined(POLARSSL_THREADING_C)
#include "threading.h"
#endif
- Cleaned up header documentation
2009-07-28 09:18:38 +02:00
/*
* RSA Error codes
*/
- A error_strerror function() has been added to translate between error codes and their description. - The error codes have been remapped and combining error codes is now done with a PLUS instead of an OR as error codes used are negative. - Descriptions to all error codes have been added. - Generation script for error.c has been created to automatically generate error.c from the available error definitions in the headers.
2011-05-09 18:17:09 +02:00
#define POLARSSL_ERR_RSA_BAD_INPUT_DATA -0x4080 /**< Bad input parameters to function. */
#define POLARSSL_ERR_RSA_INVALID_PADDING -0x4100 /**< Input data contains invalid padding and is rejected. */
#define POLARSSL_ERR_RSA_KEY_GEN_FAILED -0x4180 /**< Something failed during generation of a key. */
#define POLARSSL_ERR_RSA_KEY_CHECK_FAILED -0x4200 /**< Key failed to pass the libraries validity check. */
#define POLARSSL_ERR_RSA_PUBLIC_FAILED -0x4280 /**< The public key operation failed. */
#define POLARSSL_ERR_RSA_PRIVATE_FAILED -0x4300 /**< The private key operation failed. */
#define POLARSSL_ERR_RSA_VERIFY_FAILED -0x4380 /**< The PKCS#1 verification failed. */
#define POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE -0x4400 /**< The output buffer for decryption is not large enough. */
#define POLARSSL_ERR_RSA_RNG_FAILED -0x4480 /**< The random generator failed to generate non-zeros. */
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
/*
OID functionality moved to a separate module. A new OID module has been created that contains the main OID searching functionality based on type-dependent arrays. A base type is used to contain the basic values (oid_descriptor_t) and that type is extended to contain type specific information (like a pk_alg_t). As a result the rsa sign and verify function prototypes have changed. They now expect a md_type_t identifier instead of the removed RSA_SIG_XXX defines. All OID definitions have been moved to oid.h All OID matching code is in the OID module. The RSA PKCS#1 functions cleaned up as a result and adapted to use the MD layer. The SSL layer cleanup up as a result and adapted to use the MD layer. The X509 parser cleaned up and matches OIDs in certificates with new module and adapted to use the MD layer. The X509 writer cleaned up and adapted to use the MD layer. Apps and tests modified accordingly
2013-04-07 22:00:46 +02:00
* RSA constants
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
*/
#define RSA_PUBLIC 0
#define RSA_PRIVATE 1
#define RSA_PKCS_V15 0
#define RSA_PKCS_V21 1
#define RSA_SIGN 1
#define RSA_CRYPT 2
Add rsa_rsassa_pss_verify_ext()
2014-06-03 11:44:06 +02:00
#define RSA_SALT_LEN_ANY -1
Allow compiling without RSA or DH Only library and programs now, need to check test suites later.
2013-08-22 17:33:21 +02:00
/*
* The above constants may be used even if the RSA module is compile out,
* eg for alternative (PKCS#11) RSA implemenations in the PK layers.
*/
#if defined(POLARSSL_RSA_C)
Moved __cplusplus extern statement to include struct definitions as well.
2013-06-27 14:29:21 +02:00
#ifdef __cplusplus
extern "C" {
#endif
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
/**
* \brief RSA context structure
*/
typedef struct
{
int ver; /*!< always 0 */
- Major type rewrite of int to size_t for most variables and arguments used for buffer lengths and loops
2011-04-24 10:57:21 +02:00
size_t len; /*!< size(N) in chars */
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
mpi N; /*!< public modulus */
mpi E; /*!< public exponent */
mpi D; /*!< private exponent */
mpi P; /*!< 1st prime factor */
mpi Q; /*!< 2nd prime factor */
mpi DP; /*!< D % (P - 1) */
mpi DQ; /*!< D % (Q - 1) */
mpi QP; /*!< 1 / (Q % P) */
mpi RN; /*!< cached R^2 mod N */
mpi RP; /*!< cached R^2 mod P */
mpi RQ; /*!< cached R^2 mod Q */
Refactor to prepare for RSA blinding optimisation
2013-09-10 13:29:30 +02:00
mpi Vi; /*!< cached blinding value */
mpi Vf; /*!< cached un-blinding value */
- Added support for PKCS#1 v2.1 encoding and thus support for the RSAES-OAEP and RSASSA-PSS operations (enabled by POLARSSL_PKCS1_V21)
2011-03-08 15:16:06 +01:00
int padding; /*!< RSA_PKCS_V15 for 1.5 padding and
RSA_PKCS_v21 for OAEP/PSS */
int hash_id; /*!< Hash identifier of md_type_t as
specified in the md.h header file
for the EME-OAEP and EMSA-PSS
encoding */
RSA blinding threading support
2013-09-29 14:58:17 +02:00
#if defined(POLARSSL_THREADING_C)
threading_mutex_t mutex; /*!< Thread-safety mutex */
#endif
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
}
rsa_context;
/**
* \brief Initialize an RSA context
*
- Merged changesets 1399 up to and including 1415 into 1.2 branch
2012-11-14 13:39:52 +01:00
* Note: Set padding to RSA_PKCS_V21 for the RSAES-OAEP
* encryption scheme and the RSASSA-PSS signature scheme.
*
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
* \param ctx RSA context to be initialized
* \param padding RSA_PKCS_V15 or RSA_PKCS_V21
* \param hash_id RSA_PKCS_V21 hash identifier
*
* \note The hash_id parameter is actually ignored
* when using RSA_PKCS_V15 padding.
Relax checks on RSA mode for public key operations
2014-06-02 16:47:02 +02:00
*
* \note Choice of padding mode is strictly enforced for private key
* operations, since there might be security concerns in
* mixing padding modes. For public key operations it's merely
* a default value, which can be overriden by calling specific
* rsa_rsaes_xxx or rsa_rsassa_xxx functions.
*
* \note The chosen hash is always used for OEAP encryption.
* For PSS signatures, it's always used for making signatures,
* but can be overriden (and always is, if set to
* POLARSSL_MD_NONE) for verifying them.
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
*/
void rsa_init( rsa_context *ctx,
int padding,
Revert "Add pk_rsa_set_padding() and rsa_set_padding()" This reverts commit b4fae579e8fd72b5e57864d28b5b2c07bad5ce27. Conflicts: library/pk.c tests/suites/test_suite_pk.data tests/suites/test_suite_pk.function
2014-01-27 11:45:49 +01:00
int hash_id);
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
Fix RSASSA-PSS example programs
2014-03-10 21:55:35 +01:00
/**
* \brief Set padding for an already initialized RSA context
Relax checks on RSA mode for public key operations
2014-06-02 16:47:02 +02:00
* See \c rsa_init() for details.
Fix RSASSA-PSS example programs
2014-03-10 21:55:35 +01:00
*
* \param ctx RSA context to be set
* \param padding RSA_PKCS_V15 or RSA_PKCS_V21
* \param hash_id RSA_PKCS_V21 hash identifier
*/
void rsa_set_padding( rsa_context *ctx, int padding, int hash_id);
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
/**
* \brief Generate an RSA keypair
*
* \param ctx RSA context that will hold the key
- Changed origins of random function and pointer in rsa_pkcs1_encrypt, rsa_init, rsa_gen_key. Moved to parameters of function instead of context pointers as within ssl_cli, context pointer cannot be set easily.
2010-08-16 13:10:02 +02:00
* \param f_rng RNG function
* \param p_rng RNG parameter
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
* \param nbits size of the public key in bits
* \param exponent public exponent (e.g., 65537)
*
* \note rsa_init() must be called beforehand to setup
- Changed origins of random function and pointer in rsa_pkcs1_encrypt, rsa_init, rsa_gen_key. Moved to parameters of function instead of context pointers as within ssl_cli, context pointer cannot be set easily.
2010-08-16 13:10:02 +02:00
* the RSA context.
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
*
- First replacement of xyssl by polarssl where needed
2009-01-03 22:51:57 +01:00
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
*/
- Changed origins of random function and pointer in rsa_pkcs1_encrypt, rsa_init, rsa_gen_key. Moved to parameters of function instead of context pointers as within ssl_cli, context pointer cannot be set easily.
2010-08-16 13:10:02 +02:00
int rsa_gen_key( rsa_context *ctx,
- Changed the used random function pointer to more flexible format. Renamed havege_rand() to havege_random() to prevent mistakes. Lots of changes as a consequence in library code and programs
2011-11-27 22:07:34 +01:00
int (*f_rng)(void *, unsigned char *, size_t),
- Changed origins of random function and pointer in rsa_pkcs1_encrypt, rsa_init, rsa_gen_key. Moved to parameters of function instead of context pointers as within ssl_cli, context pointer cannot be set easily.
2010-08-16 13:10:02 +02:00
void *p_rng,
- Major type rewrite of int to size_t for most variables and arguments used for buffer lengths and loops
2011-04-24 10:57:21 +02:00
unsigned int nbits, int exponent );
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
/**
* \brief Check a public RSA key
*
* \param ctx RSA context to be checked
*
- First replacement of xyssl by polarssl where needed
2009-01-03 22:51:57 +01:00
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
*/
- Added const-correctness to main codebase
2010-03-16 22:09:09 +01:00
int rsa_check_pubkey( const rsa_context *ctx );
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
/**
* \brief Check a private RSA key
*
* \param ctx RSA context to be checked
*
- First replacement of xyssl by polarssl where needed
2009-01-03 22:51:57 +01:00
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
*/
- Added const-correctness to main codebase
2010-03-16 22:09:09 +01:00
int rsa_check_privkey( const rsa_context *ctx );
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
Add rsa_check_pub_priv()
2014-11-06 14:02:51 +01:00
/**
* \brief Check a public-private RSA key pair.
* Check each of the contexts, and make sure they match.
*
* \param pub RSA context holding the public key
* \param prv RSA context holding the private key
*
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
*/
int rsa_check_pub_priv( const rsa_context *pub, const rsa_context *prv );
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
/**
* \brief Do an RSA public key operation
*
* \param ctx RSA context
* \param input input buffer
* \param output output buffer
*
- First replacement of xyssl by polarssl where needed
2009-01-03 22:51:57 +01:00
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
*
* \note This function does NOT take care of message
- Added explanation for first bit/byte to zero in rsa_public
2009-03-29 00:26:51 +01:00
* padding. Also, be sure to set input[0] = 0 or assure that
* input is smaller than N.
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
*
* \note The input and output buffers must be large
* enough (eg. 128 bytes if RSA-1024 is used).
*/
int rsa_public( rsa_context *ctx,
- Added const-correctness to main codebase
2010-03-16 22:09:09 +01:00
const unsigned char *input,
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
unsigned char *output );
/**
* \brief Do an RSA private key operation
*
* \param ctx RSA context
Refactored RSA to have random generator in every RSA operation Primarily so that rsa_private() receives an RNG for blinding purposes.
2013-08-30 10:30:02 +02:00
* \param f_rng RNG function (Needed for blinding)
* \param p_rng RNG parameter
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
* \param input input buffer
* \param output output buffer
*
- First replacement of xyssl by polarssl where needed
2009-01-03 22:51:57 +01:00
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
*
* \note The input and output buffers must be large
* enough (eg. 128 bytes if RSA-1024 is used).
*/
int rsa_private( rsa_context *ctx,
Refactored RSA to have random generator in every RSA operation Primarily so that rsa_private() receives an RNG for blinding purposes.
2013-08-30 10:30:02 +02:00
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
- Added const-correctness to main codebase
2010-03-16 22:09:09 +01:00
const unsigned char *input,
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
unsigned char *output );
/**
Split up the RSA PKCS#1 encrypt, decrypt, sign and verify functions Split rsa_pkcs1_encrypt() into rsa_rsaes_oaep_encrypt() and rsa_rsaes_pkcs1_v15_encrypt() Split rsa_pkcs1_decrypt() into rsa_rsaes_oaep_decrypt() and rsa_rsaes_pkcs1_v15_decrypt() Split rsa_pkcs1_sign() into rsa_rsassa_pss_sign() and rsa_rsassa_pkcs1_v15_sign() Split rsa_pkcs1_verify() into rsa_rsassa_pss_verify() and rsa_rsassa_pkcs1_v15_verify() The original functions exist as generic wrappers to these functions.
2013-02-28 17:21:01 +01:00
* \brief Generic wrapper to perform a PKCS#1 encryption using the
* mode from the context. Add the message padding, then do an
* RSA operation.
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
*
* \param ctx RSA context
Refactored RSA to have random generator in every RSA operation Primarily so that rsa_private() receives an RNG for blinding purposes.
2013-08-30 10:30:02 +02:00
* \param f_rng RNG function (Needed for padding and PKCS#1 v2.1 encoding
* and RSA_PRIVATE)
- Changed origins of random function and pointer in rsa_pkcs1_encrypt, rsa_init, rsa_gen_key. Moved to parameters of function instead of context pointers as within ssl_cli, context pointer cannot be set easily.
2010-08-16 13:10:02 +02:00
* \param p_rng RNG parameter
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
* \param mode RSA_PUBLIC or RSA_PRIVATE
- Fixed documentation typos..
2009-04-01 21:01:43 +02:00
* \param ilen contains the plaintext length
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
* \param input buffer holding the data to be encrypted
* \param output buffer that will hold the ciphertext
*
- First replacement of xyssl by polarssl where needed
2009-01-03 22:51:57 +01:00
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
*
* \note The output buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used).
*/
int rsa_pkcs1_encrypt( rsa_context *ctx,
- Changed the used random function pointer to more flexible format. Renamed havege_rand() to havege_random() to prevent mistakes. Lots of changes as a consequence in library code and programs
2011-11-27 22:07:34 +01:00
int (*f_rng)(void *, unsigned char *, size_t),
- Changed origins of random function and pointer in rsa_pkcs1_encrypt, rsa_init, rsa_gen_key. Moved to parameters of function instead of context pointers as within ssl_cli, context pointer cannot be set easily.
2010-08-16 13:10:02 +02:00
void *p_rng,
- Major type rewrite of int to size_t for most variables and arguments used for buffer lengths and loops
2011-04-24 10:57:21 +02:00
int mode, size_t ilen,
- Added const-correctness to main codebase
2010-03-16 22:09:09 +01:00
const unsigned char *input,
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
unsigned char *output );
/**
Split up the RSA PKCS#1 encrypt, decrypt, sign and verify functions Split rsa_pkcs1_encrypt() into rsa_rsaes_oaep_encrypt() and rsa_rsaes_pkcs1_v15_encrypt() Split rsa_pkcs1_decrypt() into rsa_rsaes_oaep_decrypt() and rsa_rsaes_pkcs1_v15_decrypt() Split rsa_pkcs1_sign() into rsa_rsassa_pss_sign() and rsa_rsassa_pkcs1_v15_sign() Split rsa_pkcs1_verify() into rsa_rsassa_pss_verify() and rsa_rsassa_pkcs1_v15_verify() The original functions exist as generic wrappers to these functions.
2013-02-28 17:21:01 +01:00
* \brief Perform a PKCS#1 v1.5 encryption (RSAES-PKCS1-v1_5-ENCRYPT)
*
* \param ctx RSA context
Refactored RSA to have random generator in every RSA operation Primarily so that rsa_private() receives an RNG for blinding purposes.
2013-08-30 10:30:02 +02:00
* \param f_rng RNG function (Needed for padding and RSA_PRIVATE)
Split up the RSA PKCS#1 encrypt, decrypt, sign and verify functions Split rsa_pkcs1_encrypt() into rsa_rsaes_oaep_encrypt() and rsa_rsaes_pkcs1_v15_encrypt() Split rsa_pkcs1_decrypt() into rsa_rsaes_oaep_decrypt() and rsa_rsaes_pkcs1_v15_decrypt() Split rsa_pkcs1_sign() into rsa_rsassa_pss_sign() and rsa_rsassa_pkcs1_v15_sign() Split rsa_pkcs1_verify() into rsa_rsassa_pss_verify() and rsa_rsassa_pkcs1_v15_verify() The original functions exist as generic wrappers to these functions.
2013-02-28 17:21:01 +01:00
* \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE
* \param ilen contains the plaintext length
* \param input buffer holding the data to be encrypted
* \param output buffer that will hold the ciphertext
*
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
*
* \note The output buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used).
*/
int rsa_rsaes_pkcs1_v15_encrypt( rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
int mode, size_t ilen,
const unsigned char *input,
unsigned char *output );
/**
* \brief Perform a PKCS#1 v2.1 OAEP encryption (RSAES-OAEP-ENCRYPT)
*
* \param ctx RSA context
Refactored RSA to have random generator in every RSA operation Primarily so that rsa_private() receives an RNG for blinding purposes.
2013-08-30 10:30:02 +02:00
* \param f_rng RNG function (Needed for padding and PKCS#1 v2.1 encoding
* and RSA_PRIVATE)
Split up the RSA PKCS#1 encrypt, decrypt, sign and verify functions Split rsa_pkcs1_encrypt() into rsa_rsaes_oaep_encrypt() and rsa_rsaes_pkcs1_v15_encrypt() Split rsa_pkcs1_decrypt() into rsa_rsaes_oaep_decrypt() and rsa_rsaes_pkcs1_v15_decrypt() Split rsa_pkcs1_sign() into rsa_rsassa_pss_sign() and rsa_rsassa_pkcs1_v15_sign() Split rsa_pkcs1_verify() into rsa_rsassa_pss_verify() and rsa_rsassa_pkcs1_v15_verify() The original functions exist as generic wrappers to these functions.
2013-02-28 17:21:01 +01:00
* \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE
Added support for custom labels when using rsa_rsaes_oaep_encrypt() or rsa_rsaes_oaep_decrypt()
2013-02-28 17:33:49 +01:00
* \param label buffer holding the custom label to use
* \param label_len contains the label length
Split up the RSA PKCS#1 encrypt, decrypt, sign and verify functions Split rsa_pkcs1_encrypt() into rsa_rsaes_oaep_encrypt() and rsa_rsaes_pkcs1_v15_encrypt() Split rsa_pkcs1_decrypt() into rsa_rsaes_oaep_decrypt() and rsa_rsaes_pkcs1_v15_decrypt() Split rsa_pkcs1_sign() into rsa_rsassa_pss_sign() and rsa_rsassa_pkcs1_v15_sign() Split rsa_pkcs1_verify() into rsa_rsassa_pss_verify() and rsa_rsassa_pkcs1_v15_verify() The original functions exist as generic wrappers to these functions.
2013-02-28 17:21:01 +01:00
* \param ilen contains the plaintext length
* \param input buffer holding the data to be encrypted
* \param output buffer that will hold the ciphertext
*
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
*
* \note The output buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used).
*/
int rsa_rsaes_oaep_encrypt( rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
Added support for custom labels when using rsa_rsaes_oaep_encrypt() or rsa_rsaes_oaep_decrypt()
2013-02-28 17:33:49 +01:00
int mode,
const unsigned char *label, size_t label_len,
size_t ilen,
Split up the RSA PKCS#1 encrypt, decrypt, sign and verify functions Split rsa_pkcs1_encrypt() into rsa_rsaes_oaep_encrypt() and rsa_rsaes_pkcs1_v15_encrypt() Split rsa_pkcs1_decrypt() into rsa_rsaes_oaep_decrypt() and rsa_rsaes_pkcs1_v15_decrypt() Split rsa_pkcs1_sign() into rsa_rsassa_pss_sign() and rsa_rsassa_pkcs1_v15_sign() Split rsa_pkcs1_verify() into rsa_rsassa_pss_verify() and rsa_rsassa_pkcs1_v15_verify() The original functions exist as generic wrappers to these functions.
2013-02-28 17:21:01 +01:00
const unsigned char *input,
unsigned char *output );
/**
* \brief Generic wrapper to perform a PKCS#1 decryption using the
* mode from the context. Do an RSA operation, then remove
* the message padding
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
*
* \param ctx RSA context
Blinding RSA only active when f_rng is provided
2013-08-30 15:37:02 +02:00
* \param f_rng RNG function (Only needed for RSA_PRIVATE)
Refactored RSA to have random generator in every RSA operation Primarily so that rsa_private() receives an RNG for blinding purposes.
2013-08-30 10:30:02 +02:00
* \param p_rng RNG parameter
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
* \param mode RSA_PUBLIC or RSA_PRIVATE
- Fixed order of comments to match function rsa_pkcs1_decrypt
2011-08-09 12:31:05 +02:00
* \param olen will contain the plaintext length
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
* \param input buffer holding the encrypted data
* \param output buffer that will hold the plaintext
- Major type rewrite of int to size_t for most variables and arguments used for buffer lengths and loops
2011-04-24 10:57:21 +02:00
* \param output_max_len maximum length of the output buffer
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
*
- First replacement of xyssl by polarssl where needed
2009-01-03 22:51:57 +01:00
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
*
* \note The output buffer must be as large as the size
- Fixed possible heap overflow in pkcs1_decrypt on data larger than output buffer after padding. For instance the premaster decryption in ssl_parse_client_key_exchange() in ssl_serv.c (Thanks to Christophe Devine)
2009-01-12 22:48:39 +01:00
* of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise
* an error is thrown.
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
*/
int rsa_pkcs1_decrypt( rsa_context *ctx,
Refactored RSA to have random generator in every RSA operation Primarily so that rsa_private() receives an RNG for blinding purposes.
2013-08-30 10:30:02 +02:00
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
- Major type rewrite of int to size_t for most variables and arguments used for buffer lengths and loops
2011-04-24 10:57:21 +02:00
int mode, size_t *olen,
- Added const-correctness to main codebase
2010-03-16 22:09:09 +01:00
const unsigned char *input,
- Fixed possible heap overflow in pkcs1_decrypt on data larger than output buffer after padding. For instance the premaster decryption in ssl_parse_client_key_exchange() in ssl_serv.c (Thanks to Christophe Devine)
2009-01-12 22:48:39 +01:00
unsigned char *output,
- Major type rewrite of int to size_t for most variables and arguments used for buffer lengths and loops
2011-04-24 10:57:21 +02:00
size_t output_max_len );
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
/**
Split up the RSA PKCS#1 encrypt, decrypt, sign and verify functions Split rsa_pkcs1_encrypt() into rsa_rsaes_oaep_encrypt() and rsa_rsaes_pkcs1_v15_encrypt() Split rsa_pkcs1_decrypt() into rsa_rsaes_oaep_decrypt() and rsa_rsaes_pkcs1_v15_decrypt() Split rsa_pkcs1_sign() into rsa_rsassa_pss_sign() and rsa_rsassa_pkcs1_v15_sign() Split rsa_pkcs1_verify() into rsa_rsassa_pss_verify() and rsa_rsassa_pkcs1_v15_verify() The original functions exist as generic wrappers to these functions.
2013-02-28 17:21:01 +01:00
* \brief Perform a PKCS#1 v1.5 decryption (RSAES-PKCS1-v1_5-DECRYPT)
*
* \param ctx RSA context
Blinding RSA only active when f_rng is provided
2013-08-30 15:37:02 +02:00
* \param f_rng RNG function (Only needed for RSA_PRIVATE)
Refactored RSA to have random generator in every RSA operation Primarily so that rsa_private() receives an RNG for blinding purposes.
2013-08-30 10:30:02 +02:00
* \param p_rng RNG parameter
Split up the RSA PKCS#1 encrypt, decrypt, sign and verify functions Split rsa_pkcs1_encrypt() into rsa_rsaes_oaep_encrypt() and rsa_rsaes_pkcs1_v15_encrypt() Split rsa_pkcs1_decrypt() into rsa_rsaes_oaep_decrypt() and rsa_rsaes_pkcs1_v15_decrypt() Split rsa_pkcs1_sign() into rsa_rsassa_pss_sign() and rsa_rsassa_pkcs1_v15_sign() Split rsa_pkcs1_verify() into rsa_rsassa_pss_verify() and rsa_rsassa_pkcs1_v15_verify() The original functions exist as generic wrappers to these functions.
2013-02-28 17:21:01 +01:00
* \param mode RSA_PUBLIC or RSA_PRIVATE
* \param olen will contain the plaintext length
* \param input buffer holding the encrypted data
* \param output buffer that will hold the plaintext
* \param output_max_len maximum length of the output buffer
*
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
*
* \note The output buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise
* an error is thrown.
*/
int rsa_rsaes_pkcs1_v15_decrypt( rsa_context *ctx,
Refactored RSA to have random generator in every RSA operation Primarily so that rsa_private() receives an RNG for blinding purposes.
2013-08-30 10:30:02 +02:00
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
Split up the RSA PKCS#1 encrypt, decrypt, sign and verify functions Split rsa_pkcs1_encrypt() into rsa_rsaes_oaep_encrypt() and rsa_rsaes_pkcs1_v15_encrypt() Split rsa_pkcs1_decrypt() into rsa_rsaes_oaep_decrypt() and rsa_rsaes_pkcs1_v15_decrypt() Split rsa_pkcs1_sign() into rsa_rsassa_pss_sign() and rsa_rsassa_pkcs1_v15_sign() Split rsa_pkcs1_verify() into rsa_rsassa_pss_verify() and rsa_rsassa_pkcs1_v15_verify() The original functions exist as generic wrappers to these functions.
2013-02-28 17:21:01 +01:00
int mode, size_t *olen,
const unsigned char *input,
unsigned char *output,
size_t output_max_len );
/**
* \brief Perform a PKCS#1 v2.1 OAEP decryption (RSAES-OAEP-DECRYPT)
*
* \param ctx RSA context
Blinding RSA only active when f_rng is provided
2013-08-30 15:37:02 +02:00
* \param f_rng RNG function (Only needed for RSA_PRIVATE)
Refactored RSA to have random generator in every RSA operation Primarily so that rsa_private() receives an RNG for blinding purposes.
2013-08-30 10:30:02 +02:00
* \param p_rng RNG parameter
Split up the RSA PKCS#1 encrypt, decrypt, sign and verify functions Split rsa_pkcs1_encrypt() into rsa_rsaes_oaep_encrypt() and rsa_rsaes_pkcs1_v15_encrypt() Split rsa_pkcs1_decrypt() into rsa_rsaes_oaep_decrypt() and rsa_rsaes_pkcs1_v15_decrypt() Split rsa_pkcs1_sign() into rsa_rsassa_pss_sign() and rsa_rsassa_pkcs1_v15_sign() Split rsa_pkcs1_verify() into rsa_rsassa_pss_verify() and rsa_rsassa_pkcs1_v15_verify() The original functions exist as generic wrappers to these functions.
2013-02-28 17:21:01 +01:00
* \param mode RSA_PUBLIC or RSA_PRIVATE
Added support for custom labels when using rsa_rsaes_oaep_encrypt() or rsa_rsaes_oaep_decrypt()
2013-02-28 17:33:49 +01:00
* \param label buffer holding the custom label to use
* \param label_len contains the label length
Split up the RSA PKCS#1 encrypt, decrypt, sign and verify functions Split rsa_pkcs1_encrypt() into rsa_rsaes_oaep_encrypt() and rsa_rsaes_pkcs1_v15_encrypt() Split rsa_pkcs1_decrypt() into rsa_rsaes_oaep_decrypt() and rsa_rsaes_pkcs1_v15_decrypt() Split rsa_pkcs1_sign() into rsa_rsassa_pss_sign() and rsa_rsassa_pkcs1_v15_sign() Split rsa_pkcs1_verify() into rsa_rsassa_pss_verify() and rsa_rsassa_pkcs1_v15_verify() The original functions exist as generic wrappers to these functions.
2013-02-28 17:21:01 +01:00
* \param olen will contain the plaintext length
* \param input buffer holding the encrypted data
* \param output buffer that will hold the plaintext
* \param output_max_len maximum length of the output buffer
*
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
*
* \note The output buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise
* an error is thrown.
*/
int rsa_rsaes_oaep_decrypt( rsa_context *ctx,
Refactored RSA to have random generator in every RSA operation Primarily so that rsa_private() receives an RNG for blinding purposes.
2013-08-30 10:30:02 +02:00
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
Added support for custom labels when using rsa_rsaes_oaep_encrypt() or rsa_rsaes_oaep_decrypt()
2013-02-28 17:33:49 +01:00
int mode,
const unsigned char *label, size_t label_len,
size_t *olen,
Split up the RSA PKCS#1 encrypt, decrypt, sign and verify functions Split rsa_pkcs1_encrypt() into rsa_rsaes_oaep_encrypt() and rsa_rsaes_pkcs1_v15_encrypt() Split rsa_pkcs1_decrypt() into rsa_rsaes_oaep_decrypt() and rsa_rsaes_pkcs1_v15_decrypt() Split rsa_pkcs1_sign() into rsa_rsassa_pss_sign() and rsa_rsassa_pkcs1_v15_sign() Split rsa_pkcs1_verify() into rsa_rsassa_pss_verify() and rsa_rsassa_pkcs1_v15_verify() The original functions exist as generic wrappers to these functions.
2013-02-28 17:21:01 +01:00
const unsigned char *input,
unsigned char *output,
size_t output_max_len );
/**
* \brief Generic wrapper to perform a PKCS#1 signature using the
* mode from the context. Do a private RSA operation to sign
* a message digest
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
*
* \param ctx RSA context
Refactored RSA to have random generator in every RSA operation Primarily so that rsa_private() receives an RNG for blinding purposes.
2013-08-30 10:30:02 +02:00
* \param f_rng RNG function (Needed for PKCS#1 v2.1 encoding and for
* RSA_PRIVATE)
- Added support for PKCS#1 v2.1 encoding and thus support for the RSAES-OAEP and RSASSA-PSS operations (enabled by POLARSSL_PKCS1_V21)
2011-03-08 15:16:06 +01:00
* \param p_rng RNG parameter
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
* \param mode RSA_PUBLIC or RSA_PRIVATE
OID functionality moved to a separate module. A new OID module has been created that contains the main OID searching functionality based on type-dependent arrays. A base type is used to contain the basic values (oid_descriptor_t) and that type is extended to contain type specific information (like a pk_alg_t). As a result the rsa sign and verify function prototypes have changed. They now expect a md_type_t identifier instead of the removed RSA_SIG_XXX defines. All OID definitions have been moved to oid.h All OID matching code is in the OID module. The RSA PKCS#1 functions cleaned up as a result and adapted to use the MD layer. The SSL layer cleanup up as a result and adapted to use the MD layer. The X509 parser cleaned up and matches OIDs in certificates with new module and adapted to use the MD layer. The X509 writer cleaned up and adapted to use the MD layer. Apps and tests modified accordingly
2013-04-07 22:00:46 +02:00
* \param md_alg a POLARSSL_MD_* (use POLARSSL_MD_NONE for signing raw data)
* \param hashlen message digest length (for POLARSSL_MD_NONE only)
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
* \param hash buffer holding the message digest
* \param sig buffer that will hold the ciphertext
*
* \return 0 if the signing operation was successful,
- First replacement of xyssl by polarssl where needed
2009-01-03 22:51:57 +01:00
* or an POLARSSL_ERR_RSA_XXX error code
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
*
* \note The "sig" buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used).
- Added support for PKCS#1 v2.1 encoding and thus support for the RSAES-OAEP and RSASSA-PSS operations (enabled by POLARSSL_PKCS1_V21)
2011-03-08 15:16:06 +01:00
*
Relax checks on RSA mode for public key operations
2014-06-02 16:47:02 +02:00
* \note In case of PKCS#1 v2.1 encoding, see comments on
* \note \c rsa_rsassa_pss_sign() for details on md_alg and hash_id.
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
*/
int rsa_pkcs1_sign( rsa_context *ctx,
- Changed the used random function pointer to more flexible format. Renamed havege_rand() to havege_random() to prevent mistakes. Lots of changes as a consequence in library code and programs
2011-11-27 22:07:34 +01:00
int (*f_rng)(void *, unsigned char *, size_t),
- Added support for PKCS#1 v2.1 encoding and thus support for the RSAES-OAEP and RSASSA-PSS operations (enabled by POLARSSL_PKCS1_V21)
2011-03-08 15:16:06 +01:00
void *p_rng,
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
int mode,
OID functionality moved to a separate module. A new OID module has been created that contains the main OID searching functionality based on type-dependent arrays. A base type is used to contain the basic values (oid_descriptor_t) and that type is extended to contain type specific information (like a pk_alg_t). As a result the rsa sign and verify function prototypes have changed. They now expect a md_type_t identifier instead of the removed RSA_SIG_XXX defines. All OID definitions have been moved to oid.h All OID matching code is in the OID module. The RSA PKCS#1 functions cleaned up as a result and adapted to use the MD layer. The SSL layer cleanup up as a result and adapted to use the MD layer. The X509 parser cleaned up and matches OIDs in certificates with new module and adapted to use the MD layer. The X509 writer cleaned up and adapted to use the MD layer. Apps and tests modified accordingly
2013-04-07 22:00:46 +02:00
md_type_t md_alg,
- Major type rewrite of int to size_t for most variables and arguments used for buffer lengths and loops
2011-04-24 10:57:21 +02:00
unsigned int hashlen,
- Added const-correctness to main codebase
2010-03-16 22:09:09 +01:00
const unsigned char *hash,
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
unsigned char *sig );
/**
Split up the RSA PKCS#1 encrypt, decrypt, sign and verify functions Split rsa_pkcs1_encrypt() into rsa_rsaes_oaep_encrypt() and rsa_rsaes_pkcs1_v15_encrypt() Split rsa_pkcs1_decrypt() into rsa_rsaes_oaep_decrypt() and rsa_rsaes_pkcs1_v15_decrypt() Split rsa_pkcs1_sign() into rsa_rsassa_pss_sign() and rsa_rsassa_pkcs1_v15_sign() Split rsa_pkcs1_verify() into rsa_rsassa_pss_verify() and rsa_rsassa_pkcs1_v15_verify() The original functions exist as generic wrappers to these functions.
2013-02-28 17:21:01 +01:00
* \brief Perform a PKCS#1 v1.5 signature (RSASSA-PKCS1-v1_5-SIGN)
*
* \param ctx RSA context
Blinding RSA only active when f_rng is provided
2013-08-30 15:37:02 +02:00
* \param f_rng RNG function (Only needed for RSA_PRIVATE)
Refactored RSA to have random generator in every RSA operation Primarily so that rsa_private() receives an RNG for blinding purposes.
2013-08-30 10:30:02 +02:00
* \param p_rng RNG parameter
Split up the RSA PKCS#1 encrypt, decrypt, sign and verify functions Split rsa_pkcs1_encrypt() into rsa_rsaes_oaep_encrypt() and rsa_rsaes_pkcs1_v15_encrypt() Split rsa_pkcs1_decrypt() into rsa_rsaes_oaep_decrypt() and rsa_rsaes_pkcs1_v15_decrypt() Split rsa_pkcs1_sign() into rsa_rsassa_pss_sign() and rsa_rsassa_pkcs1_v15_sign() Split rsa_pkcs1_verify() into rsa_rsassa_pss_verify() and rsa_rsassa_pkcs1_v15_verify() The original functions exist as generic wrappers to these functions.
2013-02-28 17:21:01 +01:00
* \param mode RSA_PUBLIC or RSA_PRIVATE
OID functionality moved to a separate module. A new OID module has been created that contains the main OID searching functionality based on type-dependent arrays. A base type is used to contain the basic values (oid_descriptor_t) and that type is extended to contain type specific information (like a pk_alg_t). As a result the rsa sign and verify function prototypes have changed. They now expect a md_type_t identifier instead of the removed RSA_SIG_XXX defines. All OID definitions have been moved to oid.h All OID matching code is in the OID module. The RSA PKCS#1 functions cleaned up as a result and adapted to use the MD layer. The SSL layer cleanup up as a result and adapted to use the MD layer. The X509 parser cleaned up and matches OIDs in certificates with new module and adapted to use the MD layer. The X509 writer cleaned up and adapted to use the MD layer. Apps and tests modified accordingly
2013-04-07 22:00:46 +02:00
* \param md_alg a POLARSSL_MD_* (use POLARSSL_MD_NONE for signing raw data)
* \param hashlen message digest length (for POLARSSL_MD_NONE only)
Split up the RSA PKCS#1 encrypt, decrypt, sign and verify functions Split rsa_pkcs1_encrypt() into rsa_rsaes_oaep_encrypt() and rsa_rsaes_pkcs1_v15_encrypt() Split rsa_pkcs1_decrypt() into rsa_rsaes_oaep_decrypt() and rsa_rsaes_pkcs1_v15_decrypt() Split rsa_pkcs1_sign() into rsa_rsassa_pss_sign() and rsa_rsassa_pkcs1_v15_sign() Split rsa_pkcs1_verify() into rsa_rsassa_pss_verify() and rsa_rsassa_pkcs1_v15_verify() The original functions exist as generic wrappers to these functions.
2013-02-28 17:21:01 +01:00
* \param hash buffer holding the message digest
* \param sig buffer that will hold the ciphertext
*
* \return 0 if the signing operation was successful,
* or an POLARSSL_ERR_RSA_XXX error code
*
* \note The "sig" buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used).
*/
int rsa_rsassa_pkcs1_v15_sign( rsa_context *ctx,
Refactored RSA to have random generator in every RSA operation Primarily so that rsa_private() receives an RNG for blinding purposes.
2013-08-30 10:30:02 +02:00
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
Split up the RSA PKCS#1 encrypt, decrypt, sign and verify functions Split rsa_pkcs1_encrypt() into rsa_rsaes_oaep_encrypt() and rsa_rsaes_pkcs1_v15_encrypt() Split rsa_pkcs1_decrypt() into rsa_rsaes_oaep_decrypt() and rsa_rsaes_pkcs1_v15_decrypt() Split rsa_pkcs1_sign() into rsa_rsassa_pss_sign() and rsa_rsassa_pkcs1_v15_sign() Split rsa_pkcs1_verify() into rsa_rsassa_pss_verify() and rsa_rsassa_pkcs1_v15_verify() The original functions exist as generic wrappers to these functions.
2013-02-28 17:21:01 +01:00
int mode,
OID functionality moved to a separate module. A new OID module has been created that contains the main OID searching functionality based on type-dependent arrays. A base type is used to contain the basic values (oid_descriptor_t) and that type is extended to contain type specific information (like a pk_alg_t). As a result the rsa sign and verify function prototypes have changed. They now expect a md_type_t identifier instead of the removed RSA_SIG_XXX defines. All OID definitions have been moved to oid.h All OID matching code is in the OID module. The RSA PKCS#1 functions cleaned up as a result and adapted to use the MD layer. The SSL layer cleanup up as a result and adapted to use the MD layer. The X509 parser cleaned up and matches OIDs in certificates with new module and adapted to use the MD layer. The X509 writer cleaned up and adapted to use the MD layer. Apps and tests modified accordingly
2013-04-07 22:00:46 +02:00
md_type_t md_alg,
Split up the RSA PKCS#1 encrypt, decrypt, sign and verify functions Split rsa_pkcs1_encrypt() into rsa_rsaes_oaep_encrypt() and rsa_rsaes_pkcs1_v15_encrypt() Split rsa_pkcs1_decrypt() into rsa_rsaes_oaep_decrypt() and rsa_rsaes_pkcs1_v15_decrypt() Split rsa_pkcs1_sign() into rsa_rsassa_pss_sign() and rsa_rsassa_pkcs1_v15_sign() Split rsa_pkcs1_verify() into rsa_rsassa_pss_verify() and rsa_rsassa_pkcs1_v15_verify() The original functions exist as generic wrappers to these functions.
2013-02-28 17:21:01 +01:00
unsigned int hashlen,
const unsigned char *hash,
unsigned char *sig );
/**
* \brief Perform a PKCS#1 v2.1 PSS signature (RSASSA-PSS-SIGN)
*
* \param ctx RSA context
Refactored RSA to have random generator in every RSA operation Primarily so that rsa_private() receives an RNG for blinding purposes.
2013-08-30 10:30:02 +02:00
* \param f_rng RNG function (Needed for PKCS#1 v2.1 encoding and for
* RSA_PRIVATE)
Split up the RSA PKCS#1 encrypt, decrypt, sign and verify functions Split rsa_pkcs1_encrypt() into rsa_rsaes_oaep_encrypt() and rsa_rsaes_pkcs1_v15_encrypt() Split rsa_pkcs1_decrypt() into rsa_rsaes_oaep_decrypt() and rsa_rsaes_pkcs1_v15_decrypt() Split rsa_pkcs1_sign() into rsa_rsassa_pss_sign() and rsa_rsassa_pkcs1_v15_sign() Split rsa_pkcs1_verify() into rsa_rsassa_pss_verify() and rsa_rsassa_pkcs1_v15_verify() The original functions exist as generic wrappers to these functions.
2013-02-28 17:21:01 +01:00
* \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE
OID functionality moved to a separate module. A new OID module has been created that contains the main OID searching functionality based on type-dependent arrays. A base type is used to contain the basic values (oid_descriptor_t) and that type is extended to contain type specific information (like a pk_alg_t). As a result the rsa sign and verify function prototypes have changed. They now expect a md_type_t identifier instead of the removed RSA_SIG_XXX defines. All OID definitions have been moved to oid.h All OID matching code is in the OID module. The RSA PKCS#1 functions cleaned up as a result and adapted to use the MD layer. The SSL layer cleanup up as a result and adapted to use the MD layer. The X509 parser cleaned up and matches OIDs in certificates with new module and adapted to use the MD layer. The X509 writer cleaned up and adapted to use the MD layer. Apps and tests modified accordingly
2013-04-07 22:00:46 +02:00
* \param md_alg a POLARSSL_MD_* (use POLARSSL_MD_NONE for signing raw data)
* \param hashlen message digest length (for POLARSSL_MD_NONE only)
Split up the RSA PKCS#1 encrypt, decrypt, sign and verify functions Split rsa_pkcs1_encrypt() into rsa_rsaes_oaep_encrypt() and rsa_rsaes_pkcs1_v15_encrypt() Split rsa_pkcs1_decrypt() into rsa_rsaes_oaep_decrypt() and rsa_rsaes_pkcs1_v15_decrypt() Split rsa_pkcs1_sign() into rsa_rsassa_pss_sign() and rsa_rsassa_pkcs1_v15_sign() Split rsa_pkcs1_verify() into rsa_rsassa_pss_verify() and rsa_rsassa_pkcs1_v15_verify() The original functions exist as generic wrappers to these functions.
2013-02-28 17:21:01 +01:00
* \param hash buffer holding the message digest
* \param sig buffer that will hold the ciphertext
*
* \return 0 if the signing operation was successful,
* or an POLARSSL_ERR_RSA_XXX error code
*
* \note The "sig" buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used).
*
Relax checks on RSA mode for public key operations
2014-06-02 16:47:02 +02:00
* \note The hash_id in the RSA context is the one used for the
* encoding. md_alg in the function call is the type of hash
Split up the RSA PKCS#1 encrypt, decrypt, sign and verify functions Split rsa_pkcs1_encrypt() into rsa_rsaes_oaep_encrypt() and rsa_rsaes_pkcs1_v15_encrypt() Split rsa_pkcs1_decrypt() into rsa_rsaes_oaep_decrypt() and rsa_rsaes_pkcs1_v15_decrypt() Split rsa_pkcs1_sign() into rsa_rsassa_pss_sign() and rsa_rsassa_pkcs1_v15_sign() Split rsa_pkcs1_verify() into rsa_rsassa_pss_verify() and rsa_rsassa_pkcs1_v15_verify() The original functions exist as generic wrappers to these functions.
2013-02-28 17:21:01 +01:00
* that is encoded. According to RFC 3447 it is advised to
* keep both hashes the same.
*/
int rsa_rsassa_pss_sign( rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
int mode,
OID functionality moved to a separate module. A new OID module has been created that contains the main OID searching functionality based on type-dependent arrays. A base type is used to contain the basic values (oid_descriptor_t) and that type is extended to contain type specific information (like a pk_alg_t). As a result the rsa sign and verify function prototypes have changed. They now expect a md_type_t identifier instead of the removed RSA_SIG_XXX defines. All OID definitions have been moved to oid.h All OID matching code is in the OID module. The RSA PKCS#1 functions cleaned up as a result and adapted to use the MD layer. The SSL layer cleanup up as a result and adapted to use the MD layer. The X509 parser cleaned up and matches OIDs in certificates with new module and adapted to use the MD layer. The X509 writer cleaned up and adapted to use the MD layer. Apps and tests modified accordingly
2013-04-07 22:00:46 +02:00
md_type_t md_alg,
Split up the RSA PKCS#1 encrypt, decrypt, sign and verify functions Split rsa_pkcs1_encrypt() into rsa_rsaes_oaep_encrypt() and rsa_rsaes_pkcs1_v15_encrypt() Split rsa_pkcs1_decrypt() into rsa_rsaes_oaep_decrypt() and rsa_rsaes_pkcs1_v15_decrypt() Split rsa_pkcs1_sign() into rsa_rsassa_pss_sign() and rsa_rsassa_pkcs1_v15_sign() Split rsa_pkcs1_verify() into rsa_rsassa_pss_verify() and rsa_rsassa_pkcs1_v15_verify() The original functions exist as generic wrappers to these functions.
2013-02-28 17:21:01 +01:00
unsigned int hashlen,
const unsigned char *hash,
unsigned char *sig );
/**
* \brief Generic wrapper to perform a PKCS#1 verification using the
* mode from the context. Do a public RSA operation and check
* the message digest
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
*
* \param ctx points to an RSA public key
Blinding RSA only active when f_rng is provided
2013-08-30 15:37:02 +02:00
* \param f_rng RNG function (Only needed for RSA_PRIVATE)
Refactored RSA to have random generator in every RSA operation Primarily so that rsa_private() receives an RNG for blinding purposes.
2013-08-30 10:30:02 +02:00
* \param p_rng RNG parameter
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
* \param mode RSA_PUBLIC or RSA_PRIVATE
OID functionality moved to a separate module. A new OID module has been created that contains the main OID searching functionality based on type-dependent arrays. A base type is used to contain the basic values (oid_descriptor_t) and that type is extended to contain type specific information (like a pk_alg_t). As a result the rsa sign and verify function prototypes have changed. They now expect a md_type_t identifier instead of the removed RSA_SIG_XXX defines. All OID definitions have been moved to oid.h All OID matching code is in the OID module. The RSA PKCS#1 functions cleaned up as a result and adapted to use the MD layer. The SSL layer cleanup up as a result and adapted to use the MD layer. The X509 parser cleaned up and matches OIDs in certificates with new module and adapted to use the MD layer. The X509 writer cleaned up and adapted to use the MD layer. Apps and tests modified accordingly
2013-04-07 22:00:46 +02:00
* \param md_alg a POLARSSL_MD_* (use POLARSSL_MD_NONE for signing raw data)
* \param hashlen message digest length (for POLARSSL_MD_NONE only)
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
* \param hash buffer holding the message digest
* \param sig buffer holding the ciphertext
*
* \return 0 if the verify operation was successful,
- First replacement of xyssl by polarssl where needed
2009-01-03 22:51:57 +01:00
* or an POLARSSL_ERR_RSA_XXX error code
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
*
* \note The "sig" buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used).
- Added support for PKCS#1 v2.1 encoding and thus support for the RSAES-OAEP and RSASSA-PSS operations (enabled by POLARSSL_PKCS1_V21)
2011-03-08 15:16:06 +01:00
*
Relax checks on RSA mode for public key operations
2014-06-02 16:47:02 +02:00
* \note In case of PKCS#1 v2.1 encoding, see comments on
* \c rsa_rsassa_pss_verify() about md_alg and hash_id.
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
*/
int rsa_pkcs1_verify( rsa_context *ctx,
Refactored RSA to have random generator in every RSA operation Primarily so that rsa_private() receives an RNG for blinding purposes.
2013-08-30 10:30:02 +02:00
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
int mode,
OID functionality moved to a separate module. A new OID module has been created that contains the main OID searching functionality based on type-dependent arrays. A base type is used to contain the basic values (oid_descriptor_t) and that type is extended to contain type specific information (like a pk_alg_t). As a result the rsa sign and verify function prototypes have changed. They now expect a md_type_t identifier instead of the removed RSA_SIG_XXX defines. All OID definitions have been moved to oid.h All OID matching code is in the OID module. The RSA PKCS#1 functions cleaned up as a result and adapted to use the MD layer. The SSL layer cleanup up as a result and adapted to use the MD layer. The X509 parser cleaned up and matches OIDs in certificates with new module and adapted to use the MD layer. The X509 writer cleaned up and adapted to use the MD layer. Apps and tests modified accordingly
2013-04-07 22:00:46 +02:00
md_type_t md_alg,
- Major type rewrite of int to size_t for most variables and arguments used for buffer lengths and loops
2011-04-24 10:57:21 +02:00
unsigned int hashlen,
- Added const-correctness to main codebase
2010-03-16 22:09:09 +01:00
const unsigned char *hash,
Fix const-correctness of rsa_*_verify()
2013-08-12 11:34:35 +02:00
const unsigned char *sig );
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
Split up the RSA PKCS#1 encrypt, decrypt, sign and verify functions Split rsa_pkcs1_encrypt() into rsa_rsaes_oaep_encrypt() and rsa_rsaes_pkcs1_v15_encrypt() Split rsa_pkcs1_decrypt() into rsa_rsaes_oaep_decrypt() and rsa_rsaes_pkcs1_v15_decrypt() Split rsa_pkcs1_sign() into rsa_rsassa_pss_sign() and rsa_rsassa_pkcs1_v15_sign() Split rsa_pkcs1_verify() into rsa_rsassa_pss_verify() and rsa_rsassa_pkcs1_v15_verify() The original functions exist as generic wrappers to these functions.
2013-02-28 17:21:01 +01:00
/**
* \brief Perform a PKCS#1 v1.5 verification (RSASSA-PKCS1-v1_5-VERIFY)
*
* \param ctx points to an RSA public key
Blinding RSA only active when f_rng is provided
2013-08-30 15:37:02 +02:00
* \param f_rng RNG function (Only needed for RSA_PRIVATE)
Refactored RSA to have random generator in every RSA operation Primarily so that rsa_private() receives an RNG for blinding purposes.
2013-08-30 10:30:02 +02:00
* \param p_rng RNG parameter
Split up the RSA PKCS#1 encrypt, decrypt, sign and verify functions Split rsa_pkcs1_encrypt() into rsa_rsaes_oaep_encrypt() and rsa_rsaes_pkcs1_v15_encrypt() Split rsa_pkcs1_decrypt() into rsa_rsaes_oaep_decrypt() and rsa_rsaes_pkcs1_v15_decrypt() Split rsa_pkcs1_sign() into rsa_rsassa_pss_sign() and rsa_rsassa_pkcs1_v15_sign() Split rsa_pkcs1_verify() into rsa_rsassa_pss_verify() and rsa_rsassa_pkcs1_v15_verify() The original functions exist as generic wrappers to these functions.
2013-02-28 17:21:01 +01:00
* \param mode RSA_PUBLIC or RSA_PRIVATE
OID functionality moved to a separate module. A new OID module has been created that contains the main OID searching functionality based on type-dependent arrays. A base type is used to contain the basic values (oid_descriptor_t) and that type is extended to contain type specific information (like a pk_alg_t). As a result the rsa sign and verify function prototypes have changed. They now expect a md_type_t identifier instead of the removed RSA_SIG_XXX defines. All OID definitions have been moved to oid.h All OID matching code is in the OID module. The RSA PKCS#1 functions cleaned up as a result and adapted to use the MD layer. The SSL layer cleanup up as a result and adapted to use the MD layer. The X509 parser cleaned up and matches OIDs in certificates with new module and adapted to use the MD layer. The X509 writer cleaned up and adapted to use the MD layer. Apps and tests modified accordingly
2013-04-07 22:00:46 +02:00
* \param md_alg a POLARSSL_MD_* (use POLARSSL_MD_NONE for signing raw data)
* \param hashlen message digest length (for POLARSSL_MD_NONE only)
Split up the RSA PKCS#1 encrypt, decrypt, sign and verify functions Split rsa_pkcs1_encrypt() into rsa_rsaes_oaep_encrypt() and rsa_rsaes_pkcs1_v15_encrypt() Split rsa_pkcs1_decrypt() into rsa_rsaes_oaep_decrypt() and rsa_rsaes_pkcs1_v15_decrypt() Split rsa_pkcs1_sign() into rsa_rsassa_pss_sign() and rsa_rsassa_pkcs1_v15_sign() Split rsa_pkcs1_verify() into rsa_rsassa_pss_verify() and rsa_rsassa_pkcs1_v15_verify() The original functions exist as generic wrappers to these functions.
2013-02-28 17:21:01 +01:00
* \param hash buffer holding the message digest
* \param sig buffer holding the ciphertext
*
* \return 0 if the verify operation was successful,
* or an POLARSSL_ERR_RSA_XXX error code
*
* \note The "sig" buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used).
*/
int rsa_rsassa_pkcs1_v15_verify( rsa_context *ctx,
Refactored RSA to have random generator in every RSA operation Primarily so that rsa_private() receives an RNG for blinding purposes.
2013-08-30 10:30:02 +02:00
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
Split up the RSA PKCS#1 encrypt, decrypt, sign and verify functions Split rsa_pkcs1_encrypt() into rsa_rsaes_oaep_encrypt() and rsa_rsaes_pkcs1_v15_encrypt() Split rsa_pkcs1_decrypt() into rsa_rsaes_oaep_decrypt() and rsa_rsaes_pkcs1_v15_decrypt() Split rsa_pkcs1_sign() into rsa_rsassa_pss_sign() and rsa_rsassa_pkcs1_v15_sign() Split rsa_pkcs1_verify() into rsa_rsassa_pss_verify() and rsa_rsassa_pkcs1_v15_verify() The original functions exist as generic wrappers to these functions.
2013-02-28 17:21:01 +01:00
int mode,
OID functionality moved to a separate module. A new OID module has been created that contains the main OID searching functionality based on type-dependent arrays. A base type is used to contain the basic values (oid_descriptor_t) and that type is extended to contain type specific information (like a pk_alg_t). As a result the rsa sign and verify function prototypes have changed. They now expect a md_type_t identifier instead of the removed RSA_SIG_XXX defines. All OID definitions have been moved to oid.h All OID matching code is in the OID module. The RSA PKCS#1 functions cleaned up as a result and adapted to use the MD layer. The SSL layer cleanup up as a result and adapted to use the MD layer. The X509 parser cleaned up and matches OIDs in certificates with new module and adapted to use the MD layer. The X509 writer cleaned up and adapted to use the MD layer. Apps and tests modified accordingly
2013-04-07 22:00:46 +02:00
md_type_t md_alg,
Split up the RSA PKCS#1 encrypt, decrypt, sign and verify functions Split rsa_pkcs1_encrypt() into rsa_rsaes_oaep_encrypt() and rsa_rsaes_pkcs1_v15_encrypt() Split rsa_pkcs1_decrypt() into rsa_rsaes_oaep_decrypt() and rsa_rsaes_pkcs1_v15_decrypt() Split rsa_pkcs1_sign() into rsa_rsassa_pss_sign() and rsa_rsassa_pkcs1_v15_sign() Split rsa_pkcs1_verify() into rsa_rsassa_pss_verify() and rsa_rsassa_pkcs1_v15_verify() The original functions exist as generic wrappers to these functions.
2013-02-28 17:21:01 +01:00
unsigned int hashlen,
const unsigned char *hash,
Fix const-correctness of rsa_*_verify()
2013-08-12 11:34:35 +02:00
const unsigned char *sig );
Split up the RSA PKCS#1 encrypt, decrypt, sign and verify functions Split rsa_pkcs1_encrypt() into rsa_rsaes_oaep_encrypt() and rsa_rsaes_pkcs1_v15_encrypt() Split rsa_pkcs1_decrypt() into rsa_rsaes_oaep_decrypt() and rsa_rsaes_pkcs1_v15_decrypt() Split rsa_pkcs1_sign() into rsa_rsassa_pss_sign() and rsa_rsassa_pkcs1_v15_sign() Split rsa_pkcs1_verify() into rsa_rsassa_pss_verify() and rsa_rsassa_pkcs1_v15_verify() The original functions exist as generic wrappers to these functions.
2013-02-28 17:21:01 +01:00
/**
* \brief Perform a PKCS#1 v2.1 PSS verification (RSASSA-PSS-VERIFY)
Add rsa_rsassa_pss_verify_ext()
2014-06-03 11:44:06 +02:00
* (This is the "simple" version.)
Split up the RSA PKCS#1 encrypt, decrypt, sign and verify functions Split rsa_pkcs1_encrypt() into rsa_rsaes_oaep_encrypt() and rsa_rsaes_pkcs1_v15_encrypt() Split rsa_pkcs1_decrypt() into rsa_rsaes_oaep_decrypt() and rsa_rsaes_pkcs1_v15_decrypt() Split rsa_pkcs1_sign() into rsa_rsassa_pss_sign() and rsa_rsassa_pkcs1_v15_sign() Split rsa_pkcs1_verify() into rsa_rsassa_pss_verify() and rsa_rsassa_pkcs1_v15_verify() The original functions exist as generic wrappers to these functions.
2013-02-28 17:21:01 +01:00
*
* \param ctx points to an RSA public key
Blinding RSA only active when f_rng is provided
2013-08-30 15:37:02 +02:00
* \param f_rng RNG function (Only needed for RSA_PRIVATE)
Refactored RSA to have random generator in every RSA operation Primarily so that rsa_private() receives an RNG for blinding purposes.
2013-08-30 10:30:02 +02:00
* \param p_rng RNG parameter
Split up the RSA PKCS#1 encrypt, decrypt, sign and verify functions Split rsa_pkcs1_encrypt() into rsa_rsaes_oaep_encrypt() and rsa_rsaes_pkcs1_v15_encrypt() Split rsa_pkcs1_decrypt() into rsa_rsaes_oaep_decrypt() and rsa_rsaes_pkcs1_v15_decrypt() Split rsa_pkcs1_sign() into rsa_rsassa_pss_sign() and rsa_rsassa_pkcs1_v15_sign() Split rsa_pkcs1_verify() into rsa_rsassa_pss_verify() and rsa_rsassa_pkcs1_v15_verify() The original functions exist as generic wrappers to these functions.
2013-02-28 17:21:01 +01:00
* \param mode RSA_PUBLIC or RSA_PRIVATE
OID functionality moved to a separate module. A new OID module has been created that contains the main OID searching functionality based on type-dependent arrays. A base type is used to contain the basic values (oid_descriptor_t) and that type is extended to contain type specific information (like a pk_alg_t). As a result the rsa sign and verify function prototypes have changed. They now expect a md_type_t identifier instead of the removed RSA_SIG_XXX defines. All OID definitions have been moved to oid.h All OID matching code is in the OID module. The RSA PKCS#1 functions cleaned up as a result and adapted to use the MD layer. The SSL layer cleanup up as a result and adapted to use the MD layer. The X509 parser cleaned up and matches OIDs in certificates with new module and adapted to use the MD layer. The X509 writer cleaned up and adapted to use the MD layer. Apps and tests modified accordingly
2013-04-07 22:00:46 +02:00
* \param md_alg a POLARSSL_MD_* (use POLARSSL_MD_NONE for signing raw data)
* \param hashlen message digest length (for POLARSSL_MD_NONE only)
Split up the RSA PKCS#1 encrypt, decrypt, sign and verify functions Split rsa_pkcs1_encrypt() into rsa_rsaes_oaep_encrypt() and rsa_rsaes_pkcs1_v15_encrypt() Split rsa_pkcs1_decrypt() into rsa_rsaes_oaep_decrypt() and rsa_rsaes_pkcs1_v15_decrypt() Split rsa_pkcs1_sign() into rsa_rsassa_pss_sign() and rsa_rsassa_pkcs1_v15_sign() Split rsa_pkcs1_verify() into rsa_rsassa_pss_verify() and rsa_rsassa_pkcs1_v15_verify() The original functions exist as generic wrappers to these functions.
2013-02-28 17:21:01 +01:00
* \param hash buffer holding the message digest
* \param sig buffer holding the ciphertext
*
* \return 0 if the verify operation was successful,
* or an POLARSSL_ERR_RSA_XXX error code
*
* \note The "sig" buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used).
*
Relax checks on RSA mode for public key operations
2014-06-02 16:47:02 +02:00
* \note The hash_id in the RSA context is the one used for the
* verification. md_alg in the function call is the type of
Fix formatting: fix some 'easy' > 80 length lines
2014-05-01 14:18:25 +02:00
* hash that is verified. According to RFC 3447 it is advised to
Relax checks on RSA mode for public key operations
2014-06-02 16:47:02 +02:00
* keep both hashes the same. If hash_id in the RSA context is
* unset, the md_alg from the function call is used.
Split up the RSA PKCS#1 encrypt, decrypt, sign and verify functions Split rsa_pkcs1_encrypt() into rsa_rsaes_oaep_encrypt() and rsa_rsaes_pkcs1_v15_encrypt() Split rsa_pkcs1_decrypt() into rsa_rsaes_oaep_decrypt() and rsa_rsaes_pkcs1_v15_decrypt() Split rsa_pkcs1_sign() into rsa_rsassa_pss_sign() and rsa_rsassa_pkcs1_v15_sign() Split rsa_pkcs1_verify() into rsa_rsassa_pss_verify() and rsa_rsassa_pkcs1_v15_verify() The original functions exist as generic wrappers to these functions.
2013-02-28 17:21:01 +01:00
*/
int rsa_rsassa_pss_verify( rsa_context *ctx,
Refactored RSA to have random generator in every RSA operation Primarily so that rsa_private() receives an RNG for blinding purposes.
2013-08-30 10:30:02 +02:00
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
Split up the RSA PKCS#1 encrypt, decrypt, sign and verify functions Split rsa_pkcs1_encrypt() into rsa_rsaes_oaep_encrypt() and rsa_rsaes_pkcs1_v15_encrypt() Split rsa_pkcs1_decrypt() into rsa_rsaes_oaep_decrypt() and rsa_rsaes_pkcs1_v15_decrypt() Split rsa_pkcs1_sign() into rsa_rsassa_pss_sign() and rsa_rsassa_pkcs1_v15_sign() Split rsa_pkcs1_verify() into rsa_rsassa_pss_verify() and rsa_rsassa_pkcs1_v15_verify() The original functions exist as generic wrappers to these functions.
2013-02-28 17:21:01 +01:00
int mode,
OID functionality moved to a separate module. A new OID module has been created that contains the main OID searching functionality based on type-dependent arrays. A base type is used to contain the basic values (oid_descriptor_t) and that type is extended to contain type specific information (like a pk_alg_t). As a result the rsa sign and verify function prototypes have changed. They now expect a md_type_t identifier instead of the removed RSA_SIG_XXX defines. All OID definitions have been moved to oid.h All OID matching code is in the OID module. The RSA PKCS#1 functions cleaned up as a result and adapted to use the MD layer. The SSL layer cleanup up as a result and adapted to use the MD layer. The X509 parser cleaned up and matches OIDs in certificates with new module and adapted to use the MD layer. The X509 writer cleaned up and adapted to use the MD layer. Apps and tests modified accordingly
2013-04-07 22:00:46 +02:00
md_type_t md_alg,
Split up the RSA PKCS#1 encrypt, decrypt, sign and verify functions Split rsa_pkcs1_encrypt() into rsa_rsaes_oaep_encrypt() and rsa_rsaes_pkcs1_v15_encrypt() Split rsa_pkcs1_decrypt() into rsa_rsaes_oaep_decrypt() and rsa_rsaes_pkcs1_v15_decrypt() Split rsa_pkcs1_sign() into rsa_rsassa_pss_sign() and rsa_rsassa_pkcs1_v15_sign() Split rsa_pkcs1_verify() into rsa_rsassa_pss_verify() and rsa_rsassa_pkcs1_v15_verify() The original functions exist as generic wrappers to these functions.
2013-02-28 17:21:01 +01:00
unsigned int hashlen,
const unsigned char *hash,
Fix const-correctness of rsa_*_verify()
2013-08-12 11:34:35 +02:00
const unsigned char *sig );
Split up the RSA PKCS#1 encrypt, decrypt, sign and verify functions Split rsa_pkcs1_encrypt() into rsa_rsaes_oaep_encrypt() and rsa_rsaes_pkcs1_v15_encrypt() Split rsa_pkcs1_decrypt() into rsa_rsaes_oaep_decrypt() and rsa_rsaes_pkcs1_v15_decrypt() Split rsa_pkcs1_sign() into rsa_rsassa_pss_sign() and rsa_rsassa_pkcs1_v15_sign() Split rsa_pkcs1_verify() into rsa_rsassa_pss_verify() and rsa_rsassa_pkcs1_v15_verify() The original functions exist as generic wrappers to these functions.
2013-02-28 17:21:01 +01:00
Add rsa_rsassa_pss_verify_ext()
2014-06-03 11:44:06 +02:00
/**
* \brief Perform a PKCS#1 v2.1 PSS verification (RSASSA-PSS-VERIFY)
* (This is the version with "full" options.)
*
* \param ctx points to an RSA public key
* \param f_rng RNG function (Only needed for RSA_PRIVATE)
* \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE
* \param md_alg a POLARSSL_MD_* (use POLARSSL_MD_NONE for signing raw data)
* \param hashlen message digest length (for POLARSSL_MD_NONE only)
* \param hash buffer holding the message digest
* \param mgf1_hash_id message digest used for mask generation
* \param expected_salt_len Length of the salt used in padding, use
* RSA_SALT_LEN_ANY to accept any salt length
* \param sig buffer holding the ciphertext
*
* \return 0 if the verify operation was successful,
* or an POLARSSL_ERR_RSA_XXX error code
*
* \note The "sig" buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used).
*
* \note The hash_id in the RSA context is ignored.
*/
int rsa_rsassa_pss_verify_ext( rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
int mode,
md_type_t md_alg,
unsigned int hashlen,
const unsigned char *hash,
md_type_t mgf1_hash_id,
int expected_salt_len,
const unsigned char *sig );
Get rid of pk_wrap_rsa()
2013-08-14 13:39:57 +02:00
/**
* \brief Copy the components of an RSA context
*
* \param dst Destination context
* \param src Source context
*
* \return O on success,
* POLARSSL_ERR_MPI_MALLOC_FAILED on memory allocation failure
*/
int rsa_copy( rsa_context *dst, const rsa_context *src );
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
/**
* \brief Free the components of an RSA key
- Cleaned up header documentation
2009-07-28 09:18:38 +02:00
*
* \param ctx RSA Context to free
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
*/
void rsa_free( rsa_context *ctx );
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int rsa_self_test( int verbose );
#ifdef __cplusplus
}
#endif
More granular define selections within code to allow for smaller code sizes
2013-04-18 22:46:23 +02:00
#endif /* POLARSSL_RSA_C */
- Renamed include directory to polarssl
2009-01-03 22:22:43 +01:00
#endif /* rsa.h */
Reference in a new issue Copy permalink