The RSA public-key cryptosystem. More...
#include "config.h"
#include "bignum.h"
#include "md.h"
Go to the source code of this file.
Data Structures | |
struct | rsa_context |
RSA context structure. More... | |
Defines | |
#define | POLARSSL_ERR_RSA_BAD_INPUT_DATA -0x4080 |
Bad input parameters to function. | |
#define | POLARSSL_ERR_RSA_INVALID_PADDING -0x4100 |
Input data contains invalid padding and is rejected. | |
#define | POLARSSL_ERR_RSA_KEY_GEN_FAILED -0x4180 |
Something failed during generation of a key. | |
#define | POLARSSL_ERR_RSA_KEY_CHECK_FAILED -0x4200 |
Key failed to pass the libraries validity check. | |
#define | POLARSSL_ERR_RSA_PUBLIC_FAILED -0x4280 |
The public key operation failed. | |
#define | POLARSSL_ERR_RSA_PRIVATE_FAILED -0x4300 |
The private key operation failed. | |
#define | POLARSSL_ERR_RSA_VERIFY_FAILED -0x4380 |
The PKCS#1 verification failed. | |
#define | POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE -0x4400 |
The output buffer for decryption is not large enough. | |
#define | POLARSSL_ERR_RSA_RNG_FAILED -0x4480 |
The random generator failed to generate non-zeros. | |
#define | RSA_PUBLIC 0 |
#define | RSA_PRIVATE 1 |
#define | RSA_PKCS_V15 0 |
#define | RSA_PKCS_V21 1 |
#define | RSA_SIGN 1 |
#define | RSA_CRYPT 2 |
Functions | |
void | rsa_init (rsa_context *ctx, int padding, int hash_id) |
Initialize an RSA context. | |
int | rsa_gen_key (rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, unsigned int nbits, int exponent) |
Generate an RSA keypair. | |
int | rsa_check_pubkey (const rsa_context *ctx) |
Check a public RSA key. | |
int | rsa_check_privkey (const rsa_context *ctx) |
Check a private RSA key. | |
int | rsa_public (rsa_context *ctx, const unsigned char *input, unsigned char *output) |
Do an RSA public key operation. | |
int | rsa_private (rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, const unsigned char *input, unsigned char *output) |
Do an RSA private key operation. | |
int | rsa_pkcs1_encrypt (rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t ilen, const unsigned char *input, unsigned char *output) |
Generic wrapper to perform a PKCS#1 encryption using the mode from the context. | |
int | rsa_rsaes_pkcs1_v15_encrypt (rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t ilen, const unsigned char *input, unsigned char *output) |
Perform a PKCS#1 v1.5 encryption (RSAES-PKCS1-v1_5-ENCRYPT). | |
int | rsa_rsaes_oaep_encrypt (rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, const unsigned char *label, size_t label_len, size_t ilen, const unsigned char *input, unsigned char *output) |
Perform a PKCS#1 v2.1 OAEP encryption (RSAES-OAEP-ENCRYPT). | |
int | rsa_pkcs1_decrypt (rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len) |
Generic wrapper to perform a PKCS#1 decryption using the mode from the context. | |
int | rsa_rsaes_pkcs1_v15_decrypt (rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len) |
Perform a PKCS#1 v1.5 decryption (RSAES-PKCS1-v1_5-DECRYPT). | |
int | rsa_rsaes_oaep_decrypt (rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, const unsigned char *label, size_t label_len, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len) |
Perform a PKCS#1 v2.1 OAEP decryption (RSAES-OAEP-DECRYPT). | |
int | rsa_pkcs1_sign (rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig) |
Generic wrapper to perform a PKCS#1 signature using the mode from the context. | |
int | rsa_rsassa_pkcs1_v15_sign (rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig) |
Perform a PKCS#1 v1.5 signature (RSASSA-PKCS1-v1_5-SIGN). | |
int | rsa_rsassa_pss_sign (rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig) |
Perform a PKCS#1 v2.1 PSS signature (RSASSA-PSS-SIGN). | |
int | rsa_pkcs1_verify (rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, const unsigned char *sig) |
Generic wrapper to perform a PKCS#1 verification using the mode from the context. | |
int | rsa_rsassa_pkcs1_v15_verify (rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, const unsigned char *sig) |
Perform a PKCS#1 v1.5 verification (RSASSA-PKCS1-v1_5-VERIFY). | |
int | rsa_rsassa_pss_verify (rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, const unsigned char *sig) |
Perform a PKCS#1 v2.1 PSS verification (RSASSA-PSS-VERIFY). | |
int | rsa_copy (rsa_context *dst, const rsa_context *src) |
Copy the components of an RSA context. | |
void | rsa_free (rsa_context *ctx) |
Free the components of an RSA key. | |
int | rsa_self_test (int verbose) |
Checkup routine. |
The RSA public-key cryptosystem.
Copyright (C) 2006-2013, Brainspark B.V.
This file is part of PolarSSL (http://www.polarssl.org) Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
All rights reserved.
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
Definition in file rsa.h.
#define POLARSSL_ERR_RSA_BAD_INPUT_DATA -0x4080 |
Bad input parameters to function.
Definition at line 42 of file rsa.h.
Referenced by polarssl_strerror(), rsa_alt_decrypt_wrap(), rsa_decrypt_wrap(), rsa_gen_key(), rsa_private(), rsa_public(), rsa_rsaes_oaep_decrypt(), rsa_rsaes_oaep_encrypt(), rsa_rsaes_pkcs1_v15_decrypt(), rsa_rsaes_pkcs1_v15_encrypt(), rsa_rsassa_pkcs1_v15_sign(), rsa_rsassa_pkcs1_v15_verify(), rsa_rsassa_pss_sign(), rsa_rsassa_pss_verify(), and verify_int().
#define POLARSSL_ERR_RSA_INVALID_PADDING -0x4100 |
Input data contains invalid padding and is rejected.
Definition at line 43 of file rsa.h.
Referenced by polarssl_strerror(), rsa_pkcs1_decrypt(), rsa_pkcs1_encrypt(), rsa_pkcs1_sign(), rsa_pkcs1_verify(), rsa_rsaes_oaep_decrypt(), rsa_rsaes_pkcs1_v15_decrypt(), rsa_rsassa_pkcs1_v15_verify(), rsa_rsassa_pss_verify(), and verify_int().
#define POLARSSL_ERR_RSA_KEY_CHECK_FAILED -0x4200 |
Key failed to pass the libraries validity check.
Definition at line 45 of file rsa.h.
Referenced by polarssl_strerror(), rsa_check_privkey(), rsa_check_pubkey(), test_suite_rsa_check_privkey_null(), and verify_int().
#define POLARSSL_ERR_RSA_KEY_GEN_FAILED -0x4180 |
Something failed during generation of a key.
Definition at line 44 of file rsa.h.
Referenced by polarssl_strerror(), and rsa_gen_key().
#define POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE -0x4400 |
The output buffer for decryption is not large enough.
Definition at line 49 of file rsa.h.
Referenced by polarssl_strerror(), rsa_rsaes_oaep_decrypt(), rsa_rsaes_pkcs1_v15_decrypt(), and verify_int().
#define POLARSSL_ERR_RSA_PRIVATE_FAILED -0x4300 |
The private key operation failed.
Definition at line 47 of file rsa.h.
Referenced by polarssl_strerror(), and rsa_private().
#define POLARSSL_ERR_RSA_PUBLIC_FAILED -0x4280 |
The public key operation failed.
Definition at line 46 of file rsa.h.
Referenced by polarssl_strerror(), and rsa_public().
#define POLARSSL_ERR_RSA_RNG_FAILED -0x4480 |
The random generator failed to generate non-zeros.
Definition at line 50 of file rsa.h.
Referenced by polarssl_strerror(), rsa_prepare_blinding(), rsa_rsaes_oaep_encrypt(), rsa_rsaes_pkcs1_v15_encrypt(), rsa_rsassa_pss_sign(), and verify_int().
#define POLARSSL_ERR_RSA_VERIFY_FAILED -0x4380 |
The PKCS#1 verification failed.
Definition at line 48 of file rsa.h.
Referenced by polarssl_strerror(), rsa_rsassa_pkcs1_v15_verify(), rsa_rsassa_pss_verify(), rsa_verify_wrap(), and verify_int().
#define RSA_CRYPT 2 |
Definition at line 62 of file rsa.h.
Referenced by rsa_rsaes_pkcs1_v15_decrypt(), and rsa_rsaes_pkcs1_v15_encrypt().
#define RSA_PKCS_V15 0 |
Definition at line 58 of file rsa.h.
Referenced by rsa_pkcs1_decrypt(), rsa_pkcs1_encrypt(), rsa_pkcs1_sign(), rsa_pkcs1_verify(), rsa_rsaes_pkcs1_v15_decrypt(), rsa_rsaes_pkcs1_v15_encrypt(), rsa_rsassa_pkcs1_v15_sign(), rsa_rsassa_pkcs1_v15_verify(), rsa_self_test(), test_suite_rsa_check_privkey(), test_suite_rsa_check_pubkey(), test_suite_rsa_private(), test_suite_rsa_public(), and verify_int().
#define RSA_PKCS_V21 1 |
Definition at line 59 of file rsa.h.
Referenced by rsa_pkcs1_decrypt(), rsa_pkcs1_encrypt(), rsa_pkcs1_sign(), rsa_pkcs1_verify(), rsa_rsaes_oaep_decrypt(), rsa_rsaes_oaep_encrypt(), rsa_rsassa_pss_sign(), rsa_rsassa_pss_verify(), test_suite_pkcs1_rsaes_oaep_decrypt(), test_suite_pkcs1_rsaes_oaep_encrypt(), test_suite_pkcs1_rsassa_pss_sign(), and test_suite_pkcs1_rsassa_pss_verify().
#define RSA_PRIVATE 1 |
Definition at line 56 of file rsa.h.
Referenced by rsa_alt_decrypt_wrap(), rsa_alt_sign_wrap(), rsa_decrypt_wrap(), RSA_private_decrypt(), RSA_private_encrypt(), rsa_rsaes_pkcs1_v15_decrypt(), rsa_self_test(), rsa_sign_wrap(), test_suite_pkcs1_rsaes_oaep_decrypt(), test_suite_pkcs1_rsassa_pss_sign(), test_suite_rsa_pkcs1_decrypt(), test_suite_rsa_pkcs1_sign(), and test_suite_rsa_pkcs1_sign_raw().
#define RSA_PUBLIC 0 |
Definition at line 55 of file rsa.h.
Referenced by rsa_encrypt_wrap(), RSA_public_decrypt(), RSA_public_encrypt(), rsa_rsaes_oaep_decrypt(), rsa_rsaes_oaep_encrypt(), rsa_rsaes_pkcs1_v15_decrypt(), rsa_rsaes_pkcs1_v15_encrypt(), rsa_rsassa_pkcs1_v15_sign(), rsa_rsassa_pkcs1_v15_verify(), rsa_rsassa_pss_sign(), rsa_rsassa_pss_verify(), rsa_self_test(), rsa_verify_wrap(), test_suite_pkcs1_rsaes_oaep_encrypt(), test_suite_pkcs1_rsassa_pss_verify(), test_suite_rsa_pkcs1_encrypt(), test_suite_rsa_pkcs1_encrypt_bad_rng(), test_suite_rsa_pkcs1_verify(), and test_suite_rsa_pkcs1_verify_raw().
#define RSA_SIGN 1 |
Definition at line 61 of file rsa.h.
Referenced by rsa_rsaes_pkcs1_v15_decrypt(), rsa_rsaes_pkcs1_v15_encrypt(), rsa_rsassa_pkcs1_v15_sign(), and rsa_rsassa_pkcs1_v15_verify().
int rsa_check_privkey | ( | const rsa_context * | ctx | ) |
Check a private RSA key.
ctx | RSA context to be checked |
Definition at line 166 of file rsa.c.
References rsa_context::D, rsa_context::DP, rsa_context::DQ, rsa_context::E, MPI_CHK, mpi_cmp_int(), mpi_cmp_mpi(), mpi_div_mpi(), mpi_free(), mpi_gcd(), mpi_init(), mpi_inv_mod(), mpi_mod_mpi(), mpi_mul_mpi(), mpi_sub_int(), rsa_context::N, mpi::p, rsa_context::P, POLARSSL_ERR_RSA_KEY_CHECK_FAILED, rsa_context::Q, rsa_context::QP, and rsa_check_pubkey().
Referenced by pk_parse_key_pkcs1_der(), rsa_self_test(), test_suite_pk_parse_keyfile_rsa(), test_suite_pkcs1_rsaes_oaep_decrypt(), test_suite_pkcs1_rsassa_pss_sign(), test_suite_rsa_check_privkey(), test_suite_rsa_check_privkey_null(), test_suite_rsa_pkcs1_decrypt(), test_suite_rsa_pkcs1_sign(), test_suite_rsa_pkcs1_sign_raw(), and test_suite_rsa_private().
int rsa_check_pubkey | ( | const rsa_context * | ctx | ) |
Check a public RSA key.
ctx | RSA context to be checked |
Definition at line 143 of file rsa.c.
References rsa_context::E, mpi_msb(), rsa_context::N, mpi::p, POLARSSL_ERR_RSA_KEY_CHECK_FAILED, and POLARSSL_MPI_MAX_BITS.
Referenced by pk_get_rsapubkey(), rsa_check_privkey(), rsa_self_test(), test_suite_pk_parse_public_keyfile_rsa(), test_suite_pkcs1_rsaes_oaep_encrypt(), test_suite_pkcs1_rsassa_pss_verify(), test_suite_rsa_check_pubkey(), test_suite_rsa_pkcs1_encrypt(), test_suite_rsa_pkcs1_encrypt_bad_rng(), test_suite_rsa_pkcs1_verify(), test_suite_rsa_pkcs1_verify_raw(), and test_suite_rsa_public().
int rsa_copy | ( | rsa_context * | dst, | |
const rsa_context * | src | |||
) |
Copy the components of an RSA context.
dst | Destination context | |
src | Source context |
Definition at line 1337 of file rsa.c.
References rsa_context::D, rsa_context::DP, rsa_context::DQ, rsa_context::E, rsa_context::hash_id, rsa_context::len, MPI_CHK, mpi_copy(), rsa_context::N, rsa_context::P, rsa_context::padding, rsa_context::Q, rsa_context::QP, rsa_context::RN, rsa_context::RP, rsa_context::RQ, rsa_free(), rsa_context::ver, rsa_context::Vf, and rsa_context::Vi.
Referenced by ssl_set_own_cert_rsa().
void rsa_free | ( | rsa_context * | ctx | ) |
Free the components of an RSA key.
ctx | RSA Context to free |
Definition at line 1376 of file rsa.c.
References rsa_context::D, rsa_context::DP, rsa_context::DQ, rsa_context::E, mpi_free(), rsa_context::N, rsa_context::P, polarssl_mutex_free, rsa_context::Q, rsa_context::QP, rsa_context::RN, rsa_context::RP, rsa_context::RQ, rsa_context::Vf, and rsa_context::Vi.
Referenced by pk_parse_key_pkcs1_der(), rsa_copy(), rsa_free_wrap(), rsa_gen_key(), rsa_self_test(), test_suite_pkcs1_rsaes_oaep_decrypt(), test_suite_pkcs1_rsaes_oaep_encrypt(), test_suite_pkcs1_rsassa_pss_sign(), test_suite_pkcs1_rsassa_pss_verify(), test_suite_rsa_check_privkey(), test_suite_rsa_check_pubkey(), test_suite_rsa_pkcs1_decrypt(), test_suite_rsa_pkcs1_encrypt(), test_suite_rsa_pkcs1_encrypt_bad_rng(), test_suite_rsa_pkcs1_sign(), test_suite_rsa_pkcs1_sign_raw(), test_suite_rsa_pkcs1_verify(), test_suite_rsa_pkcs1_verify_raw(), test_suite_rsa_private(), and test_suite_rsa_public().
int rsa_gen_key | ( | rsa_context * | ctx, | |
int(*)(void *, unsigned char *, size_t) | f_rng, | |||
void * | p_rng, | |||
unsigned int | nbits, | |||
int | exponent | |||
) |
Generate an RSA keypair.
ctx | RSA context that will hold the key | |
f_rng | RNG function | |
p_rng | RNG parameter | |
nbits | size of the public key in bits | |
exponent | public exponent (e.g., 65537) |
Definition at line 68 of file rsa.c.
References rsa_context::D, rsa_context::DP, rsa_context::DQ, rsa_context::E, rsa_context::len, MPI_CHK, mpi_cmp_int(), mpi_cmp_mpi(), mpi_free(), mpi_gcd(), mpi_gen_prime(), mpi_init(), mpi_inv_mod(), mpi_lset(), mpi_mod_mpi(), mpi_msb(), mpi_mul_mpi(), mpi_sub_int(), mpi_swap(), rsa_context::N, rsa_context::P, POLARSSL_ERR_RSA_BAD_INPUT_DATA, POLARSSL_ERR_RSA_KEY_GEN_FAILED, rsa_context::Q, rsa_context::QP, and rsa_free().
Referenced by pk_genkey().
void rsa_init | ( | rsa_context * | ctx, | |
int | padding, | |||
int | hash_id | |||
) |
Initialize an RSA context.
Note: Set padding to RSA_PKCS_V21 for the RSAES-OAEP encryption scheme and the RSASSA-PSS signature scheme.
ctx | RSA context to be initialized | |
padding | RSA_PKCS_V15 or RSA_PKCS_V21 | |
hash_id | RSA_PKCS_V21 hash identifier |
Definition at line 49 of file rsa.c.
References rsa_context::hash_id, rsa_context::padding, and polarssl_mutex_init.
Referenced by rsa_alloc_wrap(), rsa_self_test(), test_suite_pkcs1_rsaes_oaep_decrypt(), test_suite_pkcs1_rsaes_oaep_encrypt(), test_suite_pkcs1_rsassa_pss_sign(), test_suite_pkcs1_rsassa_pss_verify(), test_suite_rsa_check_privkey(), test_suite_rsa_check_pubkey(), test_suite_rsa_pkcs1_decrypt(), test_suite_rsa_pkcs1_encrypt(), test_suite_rsa_pkcs1_encrypt_bad_rng(), test_suite_rsa_pkcs1_sign(), test_suite_rsa_pkcs1_sign_raw(), test_suite_rsa_pkcs1_verify(), test_suite_rsa_pkcs1_verify_raw(), test_suite_rsa_private(), and test_suite_rsa_public().
int rsa_pkcs1_decrypt | ( | rsa_context * | ctx, | |
int(*)(void *, unsigned char *, size_t) | f_rng, | |||
void * | p_rng, | |||
int | mode, | |||
size_t * | olen, | |||
const unsigned char * | input, | |||
unsigned char * | output, | |||
size_t | output_max_len | |||
) |
Generic wrapper to perform a PKCS#1 decryption using the mode from the context.
Do an RSA operation, then remove the message padding
ctx | RSA context | |
f_rng | RNG function (Only needed for RSA_PRIVATE) | |
p_rng | RNG parameter | |
mode | RSA_PUBLIC or RSA_PRIVATE | |
olen | will contain the plaintext length | |
input | buffer holding the encrypted data | |
output | buffer that will hold the plaintext | |
output_max_len | maximum length of the output buffer |
Definition at line 828 of file rsa.c.
References rsa_context::padding, POLARSSL_ERR_RSA_INVALID_PADDING, RSA_PKCS_V15, RSA_PKCS_V21, rsa_rsaes_oaep_decrypt(), and rsa_rsaes_pkcs1_v15_decrypt().
Referenced by rsa_decrypt_wrap(), RSA_private_decrypt(), RSA_public_decrypt(), rsa_self_test(), test_suite_pkcs1_rsaes_oaep_decrypt(), and test_suite_rsa_pkcs1_decrypt().
int rsa_pkcs1_encrypt | ( | rsa_context * | ctx, | |
int(*)(void *, unsigned char *, size_t) | f_rng, | |||
void * | p_rng, | |||
int | mode, | |||
size_t | ilen, | |||
const unsigned char * | input, | |||
unsigned char * | output | |||
) |
Generic wrapper to perform a PKCS#1 encryption using the mode from the context.
Add the message padding, then do an RSA operation.
ctx | RSA context | |
f_rng | RNG function (Needed for padding and PKCS#1 v2.1 encoding and RSA_PRIVATE) | |
p_rng | RNG parameter | |
mode | RSA_PUBLIC or RSA_PRIVATE | |
ilen | contains the plaintext length | |
input | buffer holding the data to be encrypted | |
output | buffer that will hold the ciphertext |
Definition at line 608 of file rsa.c.
References rsa_context::padding, POLARSSL_ERR_RSA_INVALID_PADDING, RSA_PKCS_V15, RSA_PKCS_V21, rsa_rsaes_oaep_encrypt(), and rsa_rsaes_pkcs1_v15_encrypt().
Referenced by rsa_encrypt_wrap(), RSA_private_encrypt(), RSA_public_encrypt(), rsa_self_test(), test_suite_pkcs1_rsaes_oaep_encrypt(), test_suite_rsa_pkcs1_encrypt(), and test_suite_rsa_pkcs1_encrypt_bad_rng().
int rsa_pkcs1_sign | ( | rsa_context * | ctx, | |
int(*)(void *, unsigned char *, size_t) | f_rng, | |||
void * | p_rng, | |||
int | mode, | |||
md_type_t | md_alg, | |||
unsigned int | hashlen, | |||
const unsigned char * | hash, | |||
unsigned char * | sig | |||
) |
Generic wrapper to perform a PKCS#1 signature using the mode from the context.
Do a private RSA operation to sign a message digest
ctx | RSA context | |
f_rng | RNG function (Needed for PKCS#1 v2.1 encoding and for RSA_PRIVATE) | |
p_rng | RNG parameter | |
mode | RSA_PUBLIC or RSA_PRIVATE | |
md_alg | a POLARSSL_MD_* (use POLARSSL_MD_NONE for signing raw data) | |
hashlen | message digest length (for POLARSSL_MD_NONE only) | |
hash | buffer holding the message digest | |
sig | buffer that will hold the ciphertext |
Definition at line 1044 of file rsa.c.
References rsa_context::padding, POLARSSL_ERR_RSA_INVALID_PADDING, RSA_PKCS_V15, RSA_PKCS_V21, rsa_rsassa_pkcs1_v15_sign(), and rsa_rsassa_pss_sign().
Referenced by rsa_self_test(), rsa_sign_wrap(), test_suite_pkcs1_rsassa_pss_sign(), test_suite_rsa_pkcs1_sign(), and test_suite_rsa_pkcs1_sign_raw().
int rsa_pkcs1_verify | ( | rsa_context * | ctx, | |
int(*)(void *, unsigned char *, size_t) | f_rng, | |||
void * | p_rng, | |||
int | mode, | |||
md_type_t | md_alg, | |||
unsigned int | hashlen, | |||
const unsigned char * | hash, | |||
const unsigned char * | sig | |||
) |
Generic wrapper to perform a PKCS#1 verification using the mode from the context.
Do a public RSA operation and check the message digest
ctx | points to an RSA public key | |
f_rng | RNG function (Only needed for RSA_PRIVATE) | |
p_rng | RNG parameter | |
mode | RSA_PUBLIC or RSA_PRIVATE | |
md_alg | a POLARSSL_MD_* (use POLARSSL_MD_NONE for signing raw data) | |
hashlen | message digest length (for POLARSSL_MD_NONE only) | |
hash | buffer holding the message digest | |
sig | buffer holding the ciphertext |
Definition at line 1306 of file rsa.c.
References rsa_context::padding, POLARSSL_ERR_RSA_INVALID_PADDING, RSA_PKCS_V15, RSA_PKCS_V21, rsa_rsassa_pkcs1_v15_verify(), and rsa_rsassa_pss_verify().
Referenced by rsa_self_test(), rsa_verify_wrap(), test_suite_pkcs1_rsassa_pss_verify(), test_suite_rsa_pkcs1_verify(), and test_suite_rsa_pkcs1_verify_raw().
int rsa_private | ( | rsa_context * | ctx, | |
int(*)(void *, unsigned char *, size_t) | f_rng, | |||
void * | p_rng, | |||
const unsigned char * | input, | |||
unsigned char * | output | |||
) |
Do an RSA private key operation.
ctx | RSA context | |
f_rng | RNG function (Needed for blinding) | |
p_rng | RNG parameter | |
input | input buffer | |
output | output buffer |
Definition at line 319 of file rsa.c.
References rsa_context::D, rsa_context::DP, rsa_context::DQ, rsa_context::len, mpi_add_mpi(), MPI_CHK, mpi_cmp_mpi(), mpi_exp_mod(), mpi_free(), mpi_init(), mpi_mod_mpi(), mpi_mul_mpi(), mpi_read_binary(), mpi_sub_mpi(), mpi_write_binary(), rsa_context::N, rsa_context::P, POLARSSL_ERR_RSA_BAD_INPUT_DATA, POLARSSL_ERR_RSA_PRIVATE_FAILED, rsa_context::Q, rsa_context::QP, rsa_context::RN, rsa_context::RP, rsa_context::RQ, rsa_prepare_blinding(), rsa_context::Vf, and rsa_context::Vi.
Referenced by rsa_rsaes_oaep_decrypt(), rsa_rsaes_oaep_encrypt(), rsa_rsaes_pkcs1_v15_decrypt(), rsa_rsaes_pkcs1_v15_encrypt(), rsa_rsassa_pkcs1_v15_sign(), rsa_rsassa_pkcs1_v15_verify(), rsa_rsassa_pss_sign(), rsa_rsassa_pss_verify(), and test_suite_rsa_private().
int rsa_public | ( | rsa_context * | ctx, | |
const unsigned char * | input, | |||
unsigned char * | output | |||
) |
Do an RSA public key operation.
ctx | RSA context | |
input | input buffer | |
output | output buffer |
Definition at line 228 of file rsa.c.
References rsa_context::E, rsa_context::len, MPI_CHK, mpi_cmp_mpi(), mpi_exp_mod(), mpi_free(), mpi_init(), mpi_read_binary(), mpi_write_binary(), rsa_context::N, POLARSSL_ERR_RSA_BAD_INPUT_DATA, POLARSSL_ERR_RSA_PUBLIC_FAILED, and rsa_context::RN.
Referenced by rsa_rsaes_oaep_decrypt(), rsa_rsaes_oaep_encrypt(), rsa_rsaes_pkcs1_v15_decrypt(), rsa_rsaes_pkcs1_v15_encrypt(), rsa_rsassa_pkcs1_v15_sign(), rsa_rsassa_pkcs1_v15_verify(), rsa_rsassa_pss_sign(), rsa_rsassa_pss_verify(), and test_suite_rsa_public().
int rsa_rsaes_oaep_decrypt | ( | rsa_context * | ctx, | |
int(*)(void *, unsigned char *, size_t) | f_rng, | |||
void * | p_rng, | |||
int | mode, | |||
const unsigned char * | label, | |||
size_t | label_len, | |||
size_t * | olen, | |||
const unsigned char * | input, | |||
unsigned char * | output, | |||
size_t | output_max_len | |||
) |
Perform a PKCS#1 v2.1 OAEP decryption (RSAES-OAEP-DECRYPT).
ctx | RSA context | |
f_rng | RNG function (Only needed for RSA_PRIVATE) | |
p_rng | RNG parameter | |
mode | RSA_PUBLIC or RSA_PRIVATE | |
label | buffer holding the custom label to use | |
label_len | contains the label length | |
olen | will contain the plaintext length | |
input | buffer holding the encrypted data | |
output | buffer that will hold the plaintext | |
output_max_len | maximum length of the output buffer |
Definition at line 638 of file rsa.c.
References rsa_context::hash_id, rsa_context::len, md(), md_free_ctx(), md_get_size(), md_info_from_type(), md_init_ctx(), mgf_mask(), rsa_context::padding, POLARSSL_ERR_RSA_BAD_INPUT_DATA, POLARSSL_ERR_RSA_INVALID_PADDING, POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE, POLARSSL_MD_MAX_SIZE, POLARSSL_MPI_MAX_SIZE, RSA_PKCS_V21, rsa_private(), rsa_public(), and RSA_PUBLIC.
Referenced by rsa_pkcs1_decrypt().
int rsa_rsaes_oaep_encrypt | ( | rsa_context * | ctx, | |
int(*)(void *, unsigned char *, size_t) | f_rng, | |||
void * | p_rng, | |||
int | mode, | |||
const unsigned char * | label, | |||
size_t | label_len, | |||
size_t | ilen, | |||
const unsigned char * | input, | |||
unsigned char * | output | |||
) |
Perform a PKCS#1 v2.1 OAEP encryption (RSAES-OAEP-ENCRYPT).
ctx | RSA context | |
f_rng | RNG function (Needed for padding and PKCS#1 v2.1 encoding and RSA_PRIVATE) | |
p_rng | RNG parameter | |
mode | RSA_PUBLIC or RSA_PRIVATE | |
label | buffer holding the custom label to use | |
label_len | contains the label length | |
ilen | contains the plaintext length | |
input | buffer holding the data to be encrypted | |
output | buffer that will hold the ciphertext |
Definition at line 474 of file rsa.c.
References rsa_context::hash_id, rsa_context::len, md(), md_free_ctx(), md_get_size(), md_info_from_type(), md_init_ctx(), mgf_mask(), rsa_context::padding, POLARSSL_ERR_RSA_BAD_INPUT_DATA, POLARSSL_ERR_RSA_RNG_FAILED, RSA_PKCS_V21, rsa_private(), rsa_public(), and RSA_PUBLIC.
Referenced by rsa_pkcs1_encrypt().
int rsa_rsaes_pkcs1_v15_decrypt | ( | rsa_context * | ctx, | |
int(*)(void *, unsigned char *, size_t) | f_rng, | |||
void * | p_rng, | |||
int | mode, | |||
size_t * | olen, | |||
const unsigned char * | input, | |||
unsigned char * | output, | |||
size_t | output_max_len | |||
) |
Perform a PKCS#1 v1.5 decryption (RSAES-PKCS1-v1_5-DECRYPT).
ctx | RSA context | |
f_rng | RNG function (Only needed for RSA_PRIVATE) | |
p_rng | RNG parameter | |
mode | RSA_PUBLIC or RSA_PRIVATE | |
olen | will contain the plaintext length | |
input | buffer holding the encrypted data | |
output | buffer that will hold the plaintext | |
output_max_len | maximum length of the output buffer |
Definition at line 732 of file rsa.c.
References rsa_context::len, rsa_context::padding, POLARSSL_ERR_RSA_BAD_INPUT_DATA, POLARSSL_ERR_RSA_INVALID_PADDING, POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE, POLARSSL_MPI_MAX_SIZE, RSA_CRYPT, RSA_PKCS_V15, RSA_PRIVATE, rsa_private(), rsa_public(), RSA_PUBLIC, and RSA_SIGN.
Referenced by rsa_pkcs1_decrypt().
int rsa_rsaes_pkcs1_v15_encrypt | ( | rsa_context * | ctx, | |
int(*)(void *, unsigned char *, size_t) | f_rng, | |||
void * | p_rng, | |||
int | mode, | |||
size_t | ilen, | |||
const unsigned char * | input, | |||
unsigned char * | output | |||
) |
Perform a PKCS#1 v1.5 encryption (RSAES-PKCS1-v1_5-ENCRYPT).
ctx | RSA context | |
f_rng | RNG function (Needed for padding and RSA_PRIVATE) | |
p_rng | RNG parameter | |
mode | RSA_PUBLIC or RSA_PRIVATE | |
ilen | contains the plaintext length | |
input | buffer holding the data to be encrypted | |
output | buffer that will hold the ciphertext |
Definition at line 546 of file rsa.c.
References rsa_context::len, rsa_context::padding, POLARSSL_ERR_RSA_BAD_INPUT_DATA, POLARSSL_ERR_RSA_RNG_FAILED, RSA_CRYPT, RSA_PKCS_V15, rsa_private(), rsa_public(), RSA_PUBLIC, and RSA_SIGN.
Referenced by rsa_pkcs1_encrypt().
int rsa_rsassa_pkcs1_v15_sign | ( | rsa_context * | ctx, | |
int(*)(void *, unsigned char *, size_t) | f_rng, | |||
void * | p_rng, | |||
int | mode, | |||
md_type_t | md_alg, | |||
unsigned int | hashlen, | |||
const unsigned char * | hash, | |||
unsigned char * | sig | |||
) |
Perform a PKCS#1 v1.5 signature (RSASSA-PKCS1-v1_5-SIGN).
ctx | RSA context | |
f_rng | RNG function (Only needed for RSA_PRIVATE) | |
p_rng | RNG parameter | |
mode | RSA_PUBLIC or RSA_PRIVATE | |
md_alg | a POLARSSL_MD_* (use POLARSSL_MD_NONE for signing raw data) | |
hashlen | message digest length (for POLARSSL_MD_NONE only) | |
hash | buffer holding the message digest | |
sig | buffer that will hold the ciphertext |
Definition at line 961 of file rsa.c.
References ASN1_CONSTRUCTED, ASN1_NULL, ASN1_OCTET_STRING, ASN1_OID, ASN1_SEQUENCE, rsa_context::len, md_get_size(), md_info_from_type(), oid_get_oid_by_md(), rsa_context::padding, POLARSSL_ERR_RSA_BAD_INPUT_DATA, POLARSSL_MD_NONE, RSA_PKCS_V15, rsa_private(), rsa_public(), RSA_PUBLIC, and RSA_SIGN.
Referenced by rsa_pkcs1_sign().
int rsa_rsassa_pkcs1_v15_verify | ( | rsa_context * | ctx, | |
int(*)(void *, unsigned char *, size_t) | f_rng, | |||
void * | p_rng, | |||
int | mode, | |||
md_type_t | md_alg, | |||
unsigned int | hashlen, | |||
const unsigned char * | hash, | |||
const unsigned char * | sig | |||
) |
Perform a PKCS#1 v1.5 verification (RSASSA-PKCS1-v1_5-VERIFY).
ctx | points to an RSA public key | |
f_rng | RNG function (Only needed for RSA_PRIVATE) | |
p_rng | RNG parameter | |
mode | RSA_PUBLIC or RSA_PRIVATE | |
md_alg | a POLARSSL_MD_* (use POLARSSL_MD_NONE for signing raw data) | |
hashlen | message digest length (for POLARSSL_MD_NONE only) | |
hash | buffer holding the message digest | |
sig | buffer holding the ciphertext |
Definition at line 1189 of file rsa.c.
References ASN1_CONSTRUCTED, asn1_get_tag(), ASN1_NULL, ASN1_OCTET_STRING, ASN1_OID, ASN1_SEQUENCE, _asn1_buf::len, rsa_context::len, md_get_size(), md_info_from_type(), oid_get_md_alg(), _asn1_buf::p, rsa_context::padding, POLARSSL_ERR_RSA_BAD_INPUT_DATA, POLARSSL_ERR_RSA_INVALID_PADDING, POLARSSL_ERR_RSA_VERIFY_FAILED, POLARSSL_MD_NONE, POLARSSL_MPI_MAX_SIZE, RSA_PKCS_V15, rsa_private(), rsa_public(), RSA_PUBLIC, and RSA_SIGN.
Referenced by rsa_pkcs1_verify().
int rsa_rsassa_pss_sign | ( | rsa_context * | ctx, | |
int(*)(void *, unsigned char *, size_t) | f_rng, | |||
void * | p_rng, | |||
int | mode, | |||
md_type_t | md_alg, | |||
unsigned int | hashlen, | |||
const unsigned char * | hash, | |||
unsigned char * | sig | |||
) |
Perform a PKCS#1 v2.1 PSS signature (RSASSA-PSS-SIGN).
ctx | RSA context | |
f_rng | RNG function (Needed for PKCS#1 v2.1 encoding and for RSA_PRIVATE) | |
p_rng | RNG parameter | |
mode | RSA_PUBLIC or RSA_PRIVATE | |
md_alg | a POLARSSL_MD_* (use POLARSSL_MD_NONE for signing raw data) | |
hashlen | message digest length (for POLARSSL_MD_NONE only) | |
hash | buffer holding the message digest | |
sig | buffer that will hold the ciphertext |
Definition at line 860 of file rsa.c.
References rsa_context::hash_id, rsa_context::len, md_finish(), md_free_ctx(), md_get_size(), md_info_from_type(), md_init_ctx(), md_starts(), md_update(), mgf_mask(), mpi_msb(), rsa_context::N, rsa_context::padding, POLARSSL_ERR_RSA_BAD_INPUT_DATA, POLARSSL_ERR_RSA_RNG_FAILED, POLARSSL_MD_MAX_SIZE, POLARSSL_MD_NONE, RSA_PKCS_V21, rsa_private(), rsa_public(), RSA_PUBLIC, salt, and slen.
Referenced by rsa_pkcs1_sign().
int rsa_rsassa_pss_verify | ( | rsa_context * | ctx, | |
int(*)(void *, unsigned char *, size_t) | f_rng, | |||
void * | p_rng, | |||
int | mode, | |||
md_type_t | md_alg, | |||
unsigned int | hashlen, | |||
const unsigned char * | hash, | |||
const unsigned char * | sig | |||
) |
Perform a PKCS#1 v2.1 PSS verification (RSASSA-PSS-VERIFY).
Do a public RSA and check the message digest
ctx | points to an RSA public key | |
f_rng | RNG function (Only needed for RSA_PRIVATE) | |
p_rng | RNG parameter | |
mode | RSA_PUBLIC or RSA_PRIVATE | |
md_alg | a POLARSSL_MD_* (use POLARSSL_MD_NONE for signing raw data) | |
hashlen | message digest length (for POLARSSL_MD_NONE only) | |
hash | buffer holding the message digest | |
sig | buffer holding the ciphertext |
Definition at line 1076 of file rsa.c.
References rsa_context::hash_id, rsa_context::len, md_finish(), md_free_ctx(), md_get_size(), md_info_from_type(), md_init_ctx(), md_starts(), md_update(), mgf_mask(), mpi_msb(), rsa_context::N, rsa_context::padding, POLARSSL_ERR_RSA_BAD_INPUT_DATA, POLARSSL_ERR_RSA_INVALID_PADDING, POLARSSL_ERR_RSA_VERIFY_FAILED, POLARSSL_MD_MAX_SIZE, POLARSSL_MD_NONE, POLARSSL_MPI_MAX_SIZE, RSA_PKCS_V21, rsa_private(), rsa_public(), RSA_PUBLIC, and slen.
Referenced by rsa_pkcs1_verify().
int rsa_self_test | ( | int | verbose | ) |
Checkup routine.
Definition at line 1467 of file rsa.c.
References rsa_context::D, rsa_context::DP, rsa_context::DQ, rsa_context::E, KEY_LEN, rsa_context::len, mpi_read_string(), rsa_context::N, rsa_context::P, POLARSSL_MD_SHA1, PT_LEN, rsa_context::Q, rsa_context::QP, rsa_check_privkey(), rsa_check_pubkey(), RSA_D, RSA_DP, RSA_DQ, RSA_E, rsa_free(), rsa_init(), RSA_N, RSA_P, rsa_pkcs1_decrypt(), rsa_pkcs1_encrypt(), rsa_pkcs1_sign(), rsa_pkcs1_verify(), RSA_PKCS_V15, RSA_PRIVATE, RSA_PT, RSA_PUBLIC, RSA_Q, RSA_QP, and sha1().
Referenced by test_suite_rsa_selftest().