| 1 | /*
|
|---|
| 2 | * Copyright 2019-2024 The OpenSSL Project Authors. All Rights Reserved.
|
|---|
| 3 | *
|
|---|
| 4 | * Licensed under the Apache License 2.0 (the "License"). You may not use
|
|---|
| 5 | * this file except in compliance with the License. You can obtain a copy
|
|---|
| 6 | * in the file LICENSE in the source distribution or at
|
|---|
| 7 | * https://www.openssl.org/source/license.html
|
|---|
| 8 | */
|
|---|
| 9 |
|
|---|
| 10 | #ifndef OSSL_INTERNAL_RSA_H
|
|---|
| 11 | # define OSSL_INTERNAL_RSA_H
|
|---|
| 12 | # ifndef RT_WITHOUT_PRAGMA_ONCE /* VBOX */
|
|---|
| 13 | # pragma once
|
|---|
| 14 | # endif /* VBOX */
|
|---|
| 15 |
|
|---|
| 16 | # include <openssl/core.h>
|
|---|
| 17 | # include <openssl/rsa.h>
|
|---|
| 18 | # include "crypto/types.h"
|
|---|
| 19 |
|
|---|
| 20 | #define RSA_MIN_MODULUS_BITS 512
|
|---|
| 21 |
|
|---|
| 22 | typedef struct rsa_pss_params_30_st {
|
|---|
| 23 | int hash_algorithm_nid;
|
|---|
| 24 | struct {
|
|---|
| 25 | int algorithm_nid; /* Currently always NID_mgf1 */
|
|---|
| 26 | int hash_algorithm_nid;
|
|---|
| 27 | } mask_gen;
|
|---|
| 28 | int salt_len;
|
|---|
| 29 | int trailer_field;
|
|---|
| 30 | } RSA_PSS_PARAMS_30;
|
|---|
| 31 |
|
|---|
| 32 | RSA_PSS_PARAMS_30 *ossl_rsa_get0_pss_params_30(RSA *r);
|
|---|
| 33 | int ossl_rsa_pss_params_30_set_defaults(RSA_PSS_PARAMS_30 *rsa_pss_params);
|
|---|
| 34 | int ossl_rsa_pss_params_30_copy(RSA_PSS_PARAMS_30 *to,
|
|---|
| 35 | const RSA_PSS_PARAMS_30 *from);
|
|---|
| 36 | int ossl_rsa_pss_params_30_is_unrestricted(const RSA_PSS_PARAMS_30 *rsa_pss_params);
|
|---|
| 37 | int ossl_rsa_pss_params_30_set_hashalg(RSA_PSS_PARAMS_30 *rsa_pss_params,
|
|---|
| 38 | int hashalg_nid);
|
|---|
| 39 | int ossl_rsa_pss_params_30_set_maskgenhashalg(RSA_PSS_PARAMS_30 *rsa_pss_params,
|
|---|
| 40 | int maskgenhashalg_nid);
|
|---|
| 41 | int ossl_rsa_pss_params_30_set_saltlen(RSA_PSS_PARAMS_30 *rsa_pss_params,
|
|---|
| 42 | int saltlen);
|
|---|
| 43 | int ossl_rsa_pss_params_30_set_trailerfield(RSA_PSS_PARAMS_30 *rsa_pss_params,
|
|---|
| 44 | int trailerfield);
|
|---|
| 45 | int ossl_rsa_pss_params_30_hashalg(const RSA_PSS_PARAMS_30 *rsa_pss_params);
|
|---|
| 46 | int ossl_rsa_pss_params_30_maskgenalg(const RSA_PSS_PARAMS_30 *rsa_pss_params);
|
|---|
| 47 | int ossl_rsa_pss_params_30_maskgenhashalg(const RSA_PSS_PARAMS_30 *rsa_pss_params);
|
|---|
| 48 | int ossl_rsa_pss_params_30_saltlen(const RSA_PSS_PARAMS_30 *rsa_pss_params);
|
|---|
| 49 | int ossl_rsa_pss_params_30_trailerfield(const RSA_PSS_PARAMS_30 *rsa_pss_params);
|
|---|
| 50 |
|
|---|
| 51 | int ossl_rsa_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
|
|---|
| 52 | const EVP_MD *Hash, const EVP_MD *mgf1Hash,
|
|---|
| 53 | const unsigned char *EM, int *sLenOut);
|
|---|
| 54 | int ossl_rsa_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
|
|---|
| 55 | const unsigned char *mHash,
|
|---|
| 56 | const EVP_MD *Hash, const EVP_MD *mgf1Hash,
|
|---|
| 57 | int *sLenOut);
|
|---|
| 58 |
|
|---|
| 59 | const char *ossl_rsa_mgf_nid2name(int mgf);
|
|---|
| 60 | int ossl_rsa_oaeppss_md2nid(const EVP_MD *md);
|
|---|
| 61 | const char *ossl_rsa_oaeppss_nid2name(int md);
|
|---|
| 62 |
|
|---|
| 63 | RSA *ossl_rsa_new_with_ctx(OSSL_LIB_CTX *libctx);
|
|---|
| 64 | OSSL_LIB_CTX *ossl_rsa_get0_libctx(RSA *r);
|
|---|
| 65 | void ossl_rsa_set0_libctx(RSA *r, OSSL_LIB_CTX *libctx);
|
|---|
| 66 |
|
|---|
| 67 | int ossl_rsa_set0_all_params(RSA *r, STACK_OF(BIGNUM) *primes,
|
|---|
| 68 | STACK_OF(BIGNUM) *exps,
|
|---|
| 69 | STACK_OF(BIGNUM) *coeffs);
|
|---|
| 70 | int ossl_rsa_get0_all_params(RSA *r, STACK_OF(BIGNUM_const) *primes,
|
|---|
| 71 | STACK_OF(BIGNUM_const) *exps,
|
|---|
| 72 | STACK_OF(BIGNUM_const) *coeffs);
|
|---|
| 73 | int ossl_rsa_is_foreign(const RSA *rsa);
|
|---|
| 74 | RSA *ossl_rsa_dup(const RSA *rsa, int selection);
|
|---|
| 75 |
|
|---|
| 76 | int ossl_rsa_todata(RSA *rsa, OSSL_PARAM_BLD *bld, OSSL_PARAM params[],
|
|---|
| 77 | int include_private);
|
|---|
| 78 | int ossl_rsa_fromdata(RSA *rsa, const OSSL_PARAM params[], int include_private);
|
|---|
| 79 | int ossl_rsa_pss_params_30_todata(const RSA_PSS_PARAMS_30 *pss,
|
|---|
| 80 | OSSL_PARAM_BLD *bld, OSSL_PARAM params[]);
|
|---|
| 81 | int ossl_rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params,
|
|---|
| 82 | int *defaults_set,
|
|---|
| 83 | const OSSL_PARAM params[],
|
|---|
| 84 | OSSL_LIB_CTX *libctx);
|
|---|
| 85 | int ossl_rsa_set0_pss_params(RSA *r, RSA_PSS_PARAMS *pss);
|
|---|
| 86 | int ossl_rsa_pss_get_param_unverified(const RSA_PSS_PARAMS *pss,
|
|---|
| 87 | const EVP_MD **pmd, const EVP_MD **pmgf1md,
|
|---|
| 88 | int *psaltlen, int *ptrailerField);
|
|---|
| 89 | RSA_PSS_PARAMS *ossl_rsa_pss_decode(const X509_ALGOR *alg);
|
|---|
| 90 | int ossl_rsa_param_decode(RSA *rsa, const X509_ALGOR *alg);
|
|---|
| 91 | RSA *ossl_rsa_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf,
|
|---|
| 92 | OSSL_LIB_CTX *libctx, const char *propq);
|
|---|
| 93 |
|
|---|
| 94 | int ossl_rsa_padding_check_PKCS1_type_2(OSSL_LIB_CTX *ctx,
|
|---|
| 95 | unsigned char *to, int tlen,
|
|---|
| 96 | const unsigned char *from, int flen,
|
|---|
| 97 | int num, unsigned char *kdk);
|
|---|
| 98 | int ossl_rsa_padding_check_PKCS1_type_2_TLS(OSSL_LIB_CTX *ctx, unsigned char *to,
|
|---|
| 99 | size_t tlen,
|
|---|
| 100 | const unsigned char *from,
|
|---|
| 101 | size_t flen, int client_version,
|
|---|
| 102 | int alt_version);
|
|---|
| 103 | int ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(OSSL_LIB_CTX *libctx,
|
|---|
| 104 | unsigned char *to, int tlen,
|
|---|
| 105 | const unsigned char *from, int flen,
|
|---|
| 106 | const unsigned char *param,
|
|---|
| 107 | int plen, const EVP_MD *md,
|
|---|
| 108 | const EVP_MD *mgf1md);
|
|---|
| 109 |
|
|---|
| 110 | int ossl_rsa_validate_public(const RSA *key);
|
|---|
| 111 | int ossl_rsa_validate_private(const RSA *key);
|
|---|
| 112 | int ossl_rsa_validate_pairwise(const RSA *key);
|
|---|
| 113 |
|
|---|
| 114 | int ossl_rsa_verify(int dtype, const unsigned char *m,
|
|---|
| 115 | unsigned int m_len, unsigned char *rm,
|
|---|
| 116 | size_t *prm_len, const unsigned char *sigbuf,
|
|---|
| 117 | size_t siglen, RSA *rsa);
|
|---|
| 118 |
|
|---|
| 119 | const unsigned char *ossl_rsa_digestinfo_encoding(int md_nid, size_t *len);
|
|---|
| 120 |
|
|---|
| 121 | extern const char *ossl_rsa_mp_factor_names[];
|
|---|
| 122 | extern const char *ossl_rsa_mp_exp_names[];
|
|---|
| 123 | extern const char *ossl_rsa_mp_coeff_names[];
|
|---|
| 124 |
|
|---|
| 125 | ASN1_STRING *ossl_rsa_ctx_to_pss_string(EVP_PKEY_CTX *pkctx);
|
|---|
| 126 | int ossl_rsa_pss_to_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pkctx,
|
|---|
| 127 | const X509_ALGOR *sigalg, EVP_PKEY *pkey);
|
|---|
| 128 |
|
|---|
| 129 | # if defined(FIPS_MODULE) && !defined(OPENSSL_NO_ACVP_TESTS)
|
|---|
| 130 | int ossl_rsa_acvp_test_gen_params_new(OSSL_PARAM **dst, const OSSL_PARAM src[]);
|
|---|
| 131 | void ossl_rsa_acvp_test_gen_params_free(OSSL_PARAM *dst);
|
|---|
| 132 |
|
|---|
| 133 | int ossl_rsa_acvp_test_set_params(RSA *r, const OSSL_PARAM params[]);
|
|---|
| 134 | int ossl_rsa_acvp_test_get_params(RSA *r, OSSL_PARAM params[]);
|
|---|
| 135 | typedef struct rsa_acvp_test_st RSA_ACVP_TEST;
|
|---|
| 136 | void ossl_rsa_acvp_test_free(RSA_ACVP_TEST *t);
|
|---|
| 137 | # else
|
|---|
| 138 | # define RSA_ACVP_TEST void
|
|---|
| 139 | # endif
|
|---|
| 140 | int ossl_rsa_check_factors(RSA *r);
|
|---|
| 141 |
|
|---|
| 142 | RSA *evp_pkey_get1_RSA_PSS(EVP_PKEY *pkey);
|
|---|
| 143 | #endif
|
|---|
