1 /* 2 * Copyright 2019-2024 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the Apache License 2.0 (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 #ifndef OSSL_INTERNAL_RSA_H 11 # define OSSL_INTERNAL_RSA_H 12 # pragma once 13 14 # include <openssl/core.h> 15 # include <openssl/rsa.h> 16 # include "crypto/types.h" 17 18 #define RSA_MIN_MODULUS_BITS 512 19 20 typedef struct rsa_pss_params_30_st { 21 int hash_algorithm_nid; 22 struct { 23 int algorithm_nid; /* Currently always NID_mgf1 */ 24 int hash_algorithm_nid; 25 } mask_gen; 26 int salt_len; 27 int trailer_field; 28 } RSA_PSS_PARAMS_30; 29 30 RSA_PSS_PARAMS_30 *ossl_rsa_get0_pss_params_30(RSA *r); 31 int ossl_rsa_pss_params_30_set_defaults(RSA_PSS_PARAMS_30 *rsa_pss_params); 32 int ossl_rsa_pss_params_30_copy(RSA_PSS_PARAMS_30 *to, 33 const RSA_PSS_PARAMS_30 *from); 34 int ossl_rsa_pss_params_30_is_unrestricted(const RSA_PSS_PARAMS_30 *rsa_pss_params); 35 int ossl_rsa_pss_params_30_set_hashalg(RSA_PSS_PARAMS_30 *rsa_pss_params, 36 int hashalg_nid); 37 int ossl_rsa_pss_params_30_set_maskgenhashalg(RSA_PSS_PARAMS_30 *rsa_pss_params, 38 int maskgenhashalg_nid); 39 int ossl_rsa_pss_params_30_set_saltlen(RSA_PSS_PARAMS_30 *rsa_pss_params, 40 int saltlen); 41 int ossl_rsa_pss_params_30_set_trailerfield(RSA_PSS_PARAMS_30 *rsa_pss_params, 42 int trailerfield); 43 int ossl_rsa_pss_params_30_hashalg(const RSA_PSS_PARAMS_30 *rsa_pss_params); 44 int ossl_rsa_pss_params_30_maskgenalg(const RSA_PSS_PARAMS_30 *rsa_pss_params); 45 int ossl_rsa_pss_params_30_maskgenhashalg(const RSA_PSS_PARAMS_30 *rsa_pss_params); 46 int ossl_rsa_pss_params_30_saltlen(const RSA_PSS_PARAMS_30 *rsa_pss_params); 47 int ossl_rsa_pss_params_30_trailerfield(const RSA_PSS_PARAMS_30 *rsa_pss_params); 48 49 int ossl_rsa_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash, 50 const EVP_MD *Hash, const EVP_MD *mgf1Hash, 51 const unsigned char *EM, int *sLenOut); 52 int ossl_rsa_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM, 53 const unsigned char *mHash, 54 const EVP_MD *Hash, const EVP_MD *mgf1Hash, 55 int *sLenOut); 56 57 const char *ossl_rsa_mgf_nid2name(int mgf); 58 int ossl_rsa_oaeppss_md2nid(const EVP_MD *md); 59 const char *ossl_rsa_oaeppss_nid2name(int md); 60 61 RSA *ossl_rsa_new_with_ctx(OSSL_LIB_CTX *libctx); 62 OSSL_LIB_CTX *ossl_rsa_get0_libctx(RSA *r); 63 void ossl_rsa_set0_libctx(RSA *r, OSSL_LIB_CTX *libctx); 64 65 int ossl_rsa_set0_all_params(RSA *r, STACK_OF(BIGNUM) *primes, 66 STACK_OF(BIGNUM) *exps, 67 STACK_OF(BIGNUM) *coeffs); 68 int ossl_rsa_get0_all_params(RSA *r, STACK_OF(BIGNUM_const) *primes, 69 STACK_OF(BIGNUM_const) *exps, 70 STACK_OF(BIGNUM_const) *coeffs); 71 int ossl_rsa_is_foreign(const RSA *rsa); 72 RSA *ossl_rsa_dup(const RSA *rsa, int selection); 73 74 int ossl_rsa_todata(RSA *rsa, OSSL_PARAM_BLD *bld, OSSL_PARAM params[], 75 int include_private); 76 int ossl_rsa_fromdata(RSA *rsa, const OSSL_PARAM params[], int include_private); 77 int ossl_rsa_pss_params_30_todata(const RSA_PSS_PARAMS_30 *pss, 78 OSSL_PARAM_BLD *bld, OSSL_PARAM params[]); 79 int ossl_rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params, 80 int *defaults_set, 81 const OSSL_PARAM params[], 82 OSSL_LIB_CTX *libctx); 83 int ossl_rsa_set0_pss_params(RSA *r, RSA_PSS_PARAMS *pss); 84 int ossl_rsa_pss_get_param_unverified(const RSA_PSS_PARAMS *pss, 85 const EVP_MD **pmd, const EVP_MD **pmgf1md, 86 int *psaltlen, int *ptrailerField); 87 RSA_PSS_PARAMS *ossl_rsa_pss_decode(const X509_ALGOR *alg); 88 int ossl_rsa_param_decode(RSA *rsa, const X509_ALGOR *alg); 89 RSA *ossl_rsa_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, 90 OSSL_LIB_CTX *libctx, const char *propq); 91 92 int ossl_rsa_padding_check_PKCS1_type_2(OSSL_LIB_CTX *ctx, 93 unsigned char *to, int tlen, 94 const unsigned char *from, int flen, 95 int num, unsigned char *kdk); 96 int ossl_rsa_padding_check_PKCS1_type_2_TLS(OSSL_LIB_CTX *ctx, unsigned char *to, 97 size_t tlen, 98 const unsigned char *from, 99 size_t flen, int client_version, 100 int alt_version); 101 int ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(OSSL_LIB_CTX *libctx, 102 unsigned char *to, int tlen, 103 const unsigned char *from, int flen, 104 const unsigned char *param, 105 int plen, const EVP_MD *md, 106 const EVP_MD *mgf1md); 107 108 int ossl_rsa_validate_public(const RSA *key); 109 int ossl_rsa_validate_private(const RSA *key); 110 int ossl_rsa_validate_pairwise(const RSA *key); 111 112 int ossl_rsa_verify(int dtype, const unsigned char *m, 113 unsigned int m_len, unsigned char *rm, 114 size_t *prm_len, const unsigned char *sigbuf, 115 size_t siglen, RSA *rsa); 116 117 const unsigned char *ossl_rsa_digestinfo_encoding(int md_nid, size_t *len); 118 119 extern const char *ossl_rsa_mp_factor_names[]; 120 extern const char *ossl_rsa_mp_exp_names[]; 121 extern const char *ossl_rsa_mp_coeff_names[]; 122 123 ASN1_STRING *ossl_rsa_ctx_to_pss_string(EVP_PKEY_CTX *pkctx); 124 int ossl_rsa_pss_to_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pkctx, 125 const X509_ALGOR *sigalg, EVP_PKEY *pkey); 126 127 # if defined(FIPS_MODULE) && !defined(OPENSSL_NO_ACVP_TESTS) 128 int ossl_rsa_acvp_test_gen_params_new(OSSL_PARAM **dst, const OSSL_PARAM src[]); 129 void ossl_rsa_acvp_test_gen_params_free(OSSL_PARAM *dst); 130 131 int ossl_rsa_acvp_test_set_params(RSA *r, const OSSL_PARAM params[]); 132 int ossl_rsa_acvp_test_get_params(RSA *r, OSSL_PARAM params[]); 133 typedef struct rsa_acvp_test_st RSA_ACVP_TEST; 134 void ossl_rsa_acvp_test_free(RSA_ACVP_TEST *t); 135 # else 136 # define RSA_ACVP_TEST void 137 # endif 138 int ossl_rsa_check_factors(RSA *r); 139 140 RSA *evp_pkey_get1_RSA_PSS(EVP_PKEY *pkey); 141 #endif 142
