mbed TLS v2.24.0
rsa.h
Go to the documentation of this file.
1 
12 /*
13  * Copyright The Mbed TLS Contributors
14  * SPDX-License-Identifier: Apache-2.0
15  *
16  * Licensed under the Apache License, Version 2.0 (the "License"); you may
17  * not use this file except in compliance with the License.
18  * You may obtain a copy of the License at
19  *
20  * http://www.apache.org/licenses/LICENSE-2.0
21  *
22  * Unless required by applicable law or agreed to in writing, software
23  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
24  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
25  * See the License for the specific language governing permissions and
26  * limitations under the License.
27  */
28 #ifndef MBEDTLS_RSA_H
29 #define MBEDTLS_RSA_H
30 
31 #if !defined(MBEDTLS_CONFIG_FILE)
32 #include "mbedtls/config.h"
33 #else
34 #include MBEDTLS_CONFIG_FILE
35 #endif
36 
37 #include "mbedtls/bignum.h"
38 #include "mbedtls/md.h"
39 
40 #if defined(MBEDTLS_THREADING_C)
41 #include "mbedtls/threading.h"
42 #endif
43 
44 /*
45  * RSA Error codes
46  */
47 #define MBEDTLS_ERR_RSA_BAD_INPUT_DATA -0x4080
48 #define MBEDTLS_ERR_RSA_INVALID_PADDING -0x4100
49 #define MBEDTLS_ERR_RSA_KEY_GEN_FAILED -0x4180
50 #define MBEDTLS_ERR_RSA_KEY_CHECK_FAILED -0x4200
51 #define MBEDTLS_ERR_RSA_PUBLIC_FAILED -0x4280
52 #define MBEDTLS_ERR_RSA_PRIVATE_FAILED -0x4300
53 #define MBEDTLS_ERR_RSA_VERIFY_FAILED -0x4380
54 #define MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE -0x4400
55 #define MBEDTLS_ERR_RSA_RNG_FAILED -0x4480
57 /* MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION is deprecated and should not be used.
58  */
59 #define MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION -0x4500
61 /* MBEDTLS_ERR_RSA_HW_ACCEL_FAILED is deprecated and should not be used. */
62 #define MBEDTLS_ERR_RSA_HW_ACCEL_FAILED -0x4580
64 /*
65  * RSA constants
66  */
67 #define MBEDTLS_RSA_PUBLIC 0
68 #define MBEDTLS_RSA_PRIVATE 1
70 #define MBEDTLS_RSA_PKCS_V15 0
71 #define MBEDTLS_RSA_PKCS_V21 1
73 #define MBEDTLS_RSA_SIGN 1
74 #define MBEDTLS_RSA_CRYPT 2
76 #define MBEDTLS_RSA_SALT_LEN_ANY -1
77 
78 /*
79  * The above constants may be used even if the RSA module is compile out,
80  * eg for alternative (PKCS#11) RSA implemenations in the PK layers.
81  */
82 
83 #ifdef __cplusplus
84 extern "C" {
85 #endif
86 
87 #if !defined(MBEDTLS_RSA_ALT)
88 // Regular implementation
89 //
90 
98 typedef struct mbedtls_rsa_context
99 {
100  int ver;
101  size_t len;
103  mbedtls_mpi N;
104  mbedtls_mpi E;
106  mbedtls_mpi D;
107  mbedtls_mpi P;
108  mbedtls_mpi Q;
110  mbedtls_mpi DP;
111  mbedtls_mpi DQ;
112  mbedtls_mpi QP;
114  mbedtls_mpi RN;
116  mbedtls_mpi RP;
117  mbedtls_mpi RQ;
119  mbedtls_mpi Vi;
120  mbedtls_mpi Vf;
122  int padding;
125  int hash_id;
129 #if defined(MBEDTLS_THREADING_C)
131 #endif
132 }
133 mbedtls_rsa_context;
134 
135 #else /* MBEDTLS_RSA_ALT */
136 #include "rsa_alt.h"
137 #endif /* MBEDTLS_RSA_ALT */
138 
166 void mbedtls_rsa_init( mbedtls_rsa_context *ctx,
167  int padding,
168  int hash_id );
169 
199 int mbedtls_rsa_import( mbedtls_rsa_context *ctx,
200  const mbedtls_mpi *N,
201  const mbedtls_mpi *P, const mbedtls_mpi *Q,
202  const mbedtls_mpi *D, const mbedtls_mpi *E );
203 
238 int mbedtls_rsa_import_raw( mbedtls_rsa_context *ctx,
239  unsigned char const *N, size_t N_len,
240  unsigned char const *P, size_t P_len,
241  unsigned char const *Q, size_t Q_len,
242  unsigned char const *D, size_t D_len,
243  unsigned char const *E, size_t E_len );
244 
277 int mbedtls_rsa_complete( mbedtls_rsa_context *ctx );
278 
319 int mbedtls_rsa_export( const mbedtls_rsa_context *ctx,
321  mbedtls_mpi *D, mbedtls_mpi *E );
322 
370 int mbedtls_rsa_export_raw( const mbedtls_rsa_context *ctx,
371  unsigned char *N, size_t N_len,
372  unsigned char *P, size_t P_len,
373  unsigned char *Q, size_t Q_len,
374  unsigned char *D, size_t D_len,
375  unsigned char *E, size_t E_len );
376 
396 int mbedtls_rsa_export_crt( const mbedtls_rsa_context *ctx,
397  mbedtls_mpi *DP, mbedtls_mpi *DQ, mbedtls_mpi *QP );
398 
408 void mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding,
409  int hash_id );
410 
419 size_t mbedtls_rsa_get_len( const mbedtls_rsa_context *ctx );
420 
439 int mbedtls_rsa_gen_key( mbedtls_rsa_context *ctx,
440  int (*f_rng)(void *, unsigned char *, size_t),
441  void *p_rng,
442  unsigned int nbits, int exponent );
443 
458 int mbedtls_rsa_check_pubkey( const mbedtls_rsa_context *ctx );
459 
496 int mbedtls_rsa_check_privkey( const mbedtls_rsa_context *ctx );
497 
509 int mbedtls_rsa_check_pub_priv( const mbedtls_rsa_context *pub,
510  const mbedtls_rsa_context *prv );
511 
531 int mbedtls_rsa_public( mbedtls_rsa_context *ctx,
532  const unsigned char *input,
533  unsigned char *output );
534 
566 int mbedtls_rsa_private( mbedtls_rsa_context *ctx,
567  int (*f_rng)(void *, unsigned char *, size_t),
568  void *p_rng,
569  const unsigned char *input,
570  unsigned char *output );
571 
611 int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx,
612  int (*f_rng)(void *, unsigned char *, size_t),
613  void *p_rng,
614  int mode, size_t ilen,
615  const unsigned char *input,
616  unsigned char *output );
617 
652 int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
653  int (*f_rng)(void *, unsigned char *, size_t),
654  void *p_rng,
655  int mode, size_t ilen,
656  const unsigned char *input,
657  unsigned char *output );
658 
697 int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx,
698  int (*f_rng)(void *, unsigned char *, size_t),
699  void *p_rng,
700  int mode,
701  const unsigned char *label, size_t label_len,
702  size_t ilen,
703  const unsigned char *input,
704  unsigned char *output );
705 
750 int mbedtls_rsa_pkcs1_decrypt( mbedtls_rsa_context *ctx,
751  int (*f_rng)(void *, unsigned char *, size_t),
752  void *p_rng,
753  int mode, size_t *olen,
754  const unsigned char *input,
755  unsigned char *output,
756  size_t output_max_len );
757 
800 int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx,
801  int (*f_rng)(void *, unsigned char *, size_t),
802  void *p_rng,
803  int mode, size_t *olen,
804  const unsigned char *input,
805  unsigned char *output,
806  size_t output_max_len );
807 
854 int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx,
855  int (*f_rng)(void *, unsigned char *, size_t),
856  void *p_rng,
857  int mode,
858  const unsigned char *label, size_t label_len,
859  size_t *olen,
860  const unsigned char *input,
861  unsigned char *output,
862  size_t output_max_len );
863 
914 int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx,
915  int (*f_rng)(void *, unsigned char *, size_t),
916  void *p_rng,
917  int mode,
918  mbedtls_md_type_t md_alg,
919  unsigned int hashlen,
920  const unsigned char *hash,
921  unsigned char *sig );
922 
962 int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx,
963  int (*f_rng)(void *, unsigned char *, size_t),
964  void *p_rng,
965  int mode,
966  mbedtls_md_type_t md_alg,
967  unsigned int hashlen,
968  const unsigned char *hash,
969  unsigned char *sig );
970 
1024 int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx,
1025  int (*f_rng)(void *, unsigned char *, size_t),
1026  void *p_rng,
1027  int mode,
1028  mbedtls_md_type_t md_alg,
1029  unsigned int hashlen,
1030  const unsigned char *hash,
1031  unsigned char *sig );
1032 
1077 int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx,
1078  int (*f_rng)(void *, unsigned char *, size_t),
1079  void *p_rng,
1080  int mode,
1081  mbedtls_md_type_t md_alg,
1082  unsigned int hashlen,
1083  const unsigned char *hash,
1084  const unsigned char *sig );
1085 
1123 int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx,
1124  int (*f_rng)(void *, unsigned char *, size_t),
1125  void *p_rng,
1126  int mode,
1127  mbedtls_md_type_t md_alg,
1128  unsigned int hashlen,
1129  const unsigned char *hash,
1130  const unsigned char *sig );
1131 
1180 int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx,
1181  int (*f_rng)(void *, unsigned char *, size_t),
1182  void *p_rng,
1183  int mode,
1184  mbedtls_md_type_t md_alg,
1185  unsigned int hashlen,
1186  const unsigned char *hash,
1187  const unsigned char *sig );
1188 
1228 int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx,
1229  int (*f_rng)(void *, unsigned char *, size_t),
1230  void *p_rng,
1231  int mode,
1232  mbedtls_md_type_t md_alg,
1233  unsigned int hashlen,
1234  const unsigned char *hash,
1235  mbedtls_md_type_t mgf1_hash_id,
1236  int expected_salt_len,
1237  const unsigned char *sig );
1238 
1248 int mbedtls_rsa_copy( mbedtls_rsa_context *dst, const mbedtls_rsa_context *src );
1249 
1257 void mbedtls_rsa_free( mbedtls_rsa_context *ctx );
1258 
1259 #if defined(MBEDTLS_SELF_TEST)
1260 
1267 int mbedtls_rsa_self_test( int verbose );
1268 
1269 #endif /* MBEDTLS_SELF_TEST */
1270 
1271 #ifdef __cplusplus
1272 }
1273 #endif
1274 
1275 #endif /* rsa.h */
int mbedtls_rsa_self_test(int verbose)
The RSA checkup routine.
int mbedtls_rsa_export_raw(const mbedtls_rsa_context *ctx, unsigned char *N, size_t N_len, unsigned char *P, size_t P_len, unsigned char *Q, size_t Q_len, unsigned char *D, size_t D_len, unsigned char *E, size_t E_len)
This function exports core parameters of an RSA key in raw big-endian binary format.
int mbedtls_rsa_rsassa_pkcs1_v15_sign(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig)
This function performs a PKCS#1 v1.5 signature operation (RSASSA-PKCS1-v1_5-SIGN).
int mbedtls_rsa_public(mbedtls_rsa_context *ctx, const unsigned char *input, unsigned char *output)
This function performs an RSA public key operation.
int mbedtls_rsa_rsaes_oaep_decrypt(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, const unsigned char *label, size_t label_len, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len)
This function performs a PKCS#1 v2.1 OAEP decryption operation (RSAES-OAEP-DECRYPT).
int mbedtls_rsa_import(mbedtls_rsa_context *ctx, const mbedtls_mpi *N, const mbedtls_mpi *P, const mbedtls_mpi *Q, const mbedtls_mpi *D, const mbedtls_mpi *E)
This function imports a set of core parameters into an RSA context.
int mbedtls_rsa_pkcs1_verify(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, const unsigned char *sig)
This function performs a public RSA operation and checks the message digest.
Configuration options (set of defines)
int mbedtls_rsa_complete(mbedtls_rsa_context *ctx)
This function completes an RSA context from a set of imported core parameters.
int mbedtls_rsa_pkcs1_sign(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig)
This function performs a private RSA operation to sign a message digest using PKCS#1.
void mbedtls_rsa_set_padding(mbedtls_rsa_context *ctx, int padding, int hash_id)
This function sets padding for an already initialized RSA context. See mbedtls_rsa_init() for details...
Multi-precision integer library.
int mbedtls_rsa_rsassa_pss_verify_ext(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, mbedtls_md_type_t mgf1_hash_id, int expected_salt_len, const unsigned char *sig)
This function performs a PKCS#1 v2.1 PSS verification operation (RSASSA-PSS-VERIFY).
int mbedtls_rsa_pkcs1_decrypt(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len)
This function performs an RSA operation, then removes the message padding.
int mbedtls_rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig)
This function performs a PKCS#1 v2.1 PSS signature operation (RSASSA-PSS-SIGN).
int mbedtls_rsa_import_raw(mbedtls_rsa_context *ctx, unsigned char const *N, size_t N_len, unsigned char const *P, size_t P_len, unsigned char const *Q, size_t Q_len, unsigned char const *D, size_t D_len, unsigned char const *E, size_t E_len)
This function imports core RSA parameters, in raw big-endian binary format, into an RSA context...
int mbedtls_rsa_check_pub_priv(const mbedtls_rsa_context *pub, const mbedtls_rsa_context *prv)
This function checks a public-private RSA key pair.
Threading abstraction layer.
int mbedtls_rsa_export(const mbedtls_rsa_context *ctx, mbedtls_mpi *N, mbedtls_mpi *P, mbedtls_mpi *Q, mbedtls_mpi *D, mbedtls_mpi *E)
This function exports the core parameters of an RSA key.
int mbedtls_rsa_private(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, const unsigned char *input, unsigned char *output)
This function performs an RSA private key operation.
int mbedtls_rsa_rsaes_pkcs1_v15_decrypt(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len)
This function performs a PKCS#1 v1.5 decryption operation (RSAES-PKCS1-v1_5-DECRYPT).
int mbedtls_rsa_rsassa_pkcs1_v15_verify(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, const unsigned char *sig)
This function performs a PKCS#1 v1.5 verification operation (RSASSA-PKCS1-v1_5-VERIFY).
int mbedtls_rsa_export_crt(const mbedtls_rsa_context *ctx, mbedtls_mpi *DP, mbedtls_mpi *DQ, mbedtls_mpi *QP)
This function exports CRT parameters of a private RSA key.
int mbedtls_rsa_pkcs1_encrypt(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t ilen, const unsigned char *input, unsigned char *output)
This function adds the message padding, then performs an RSA operation.
This file contains the generic message-digest wrapper.
int mbedtls_rsa_rsassa_pss_verify(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, const unsigned char *sig)
This function performs a PKCS#1 v2.1 PSS verification operation (RSASSA-PSS-VERIFY).
int mbedtls_rsa_rsaes_pkcs1_v15_encrypt(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t ilen, const unsigned char *input, unsigned char *output)
This function performs a PKCS#1 v1.5 encryption operation (RSAES-PKCS1-v1_5-ENCRYPT).
size_t mbedtls_rsa_get_len(const mbedtls_rsa_context *ctx)
This function retrieves the length of RSA modulus in Bytes.
MPI structure.
Definition: bignum.h:184
int mbedtls_rsa_check_pubkey(const mbedtls_rsa_context *ctx)
This function checks if a context contains at least an RSA public key.
void mbedtls_rsa_free(mbedtls_rsa_context *ctx)
This function frees the components of an RSA key.
int mbedtls_rsa_gen_key(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, unsigned int nbits, int exponent)
This function generates an RSA keypair.
int mbedtls_rsa_copy(mbedtls_rsa_context *dst, const mbedtls_rsa_context *src)
This function copies the components of an RSA context.
int mbedtls_rsa_check_privkey(const mbedtls_rsa_context *ctx)
This function checks if a context contains an RSA private key and perform basic consistency checks...
mbedtls_md_type_t
Supported message digests.
Definition: md.h:56
int mbedtls_rsa_rsaes_oaep_encrypt(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, const unsigned char *label, size_t label_len, size_t ilen, const unsigned char *input, unsigned char *output)
This function performs a PKCS#1 v2.1 OAEP encryption operation (RSAES-OAEP-ENCRYPT).
void mbedtls_rsa_init(mbedtls_rsa_context *ctx, int padding, int hash_id)
This function initializes an RSA context.