Mbed TLS v3.6.2
Loading...
Searching...
No Matches
rsa.h
Go to the documentation of this file.
1
12/*
13 * Copyright The Mbed TLS Contributors
14 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
15 */
16#ifndef MBEDTLS_RSA_H
17#define MBEDTLS_RSA_H
19
20#include "mbedtls/build_info.h"
21
22#include "mbedtls/bignum.h"
23#include "mbedtls/md.h"
24
25#if defined(MBEDTLS_THREADING_C)
26#include "mbedtls/threading.h"
27#endif
28
29/*
30 * RSA Error codes
31 */
33#define MBEDTLS_ERR_RSA_BAD_INPUT_DATA -0x4080
35#define MBEDTLS_ERR_RSA_INVALID_PADDING -0x4100
37#define MBEDTLS_ERR_RSA_KEY_GEN_FAILED -0x4180
39#define MBEDTLS_ERR_RSA_KEY_CHECK_FAILED -0x4200
41#define MBEDTLS_ERR_RSA_PUBLIC_FAILED -0x4280
43#define MBEDTLS_ERR_RSA_PRIVATE_FAILED -0x4300
45#define MBEDTLS_ERR_RSA_VERIFY_FAILED -0x4380
47#define MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE -0x4400
49#define MBEDTLS_ERR_RSA_RNG_FAILED -0x4480
50
51/*
52 * RSA constants
53 */
54
55#define MBEDTLS_RSA_PKCS_V15 0
56#define MBEDTLS_RSA_PKCS_V21 1
58#define MBEDTLS_RSA_SIGN 1
59#define MBEDTLS_RSA_CRYPT 2
61#define MBEDTLS_RSA_SALT_LEN_ANY -1
62
63/*
64 * The above constants may be used even if the RSA module is compile out,
65 * eg for alternative (PKCS#11) RSA implementations in the PK layers.
66 */
67
68#ifdef __cplusplus
69extern "C" {
70#endif
71
72#if !defined(MBEDTLS_RSA_ALT)
73// Regular implementation
74//
75
76#if !defined(MBEDTLS_RSA_GEN_KEY_MIN_BITS)
77#define MBEDTLS_RSA_GEN_KEY_MIN_BITS 1024
78#elif MBEDTLS_RSA_GEN_KEY_MIN_BITS < 128
79#error "MBEDTLS_RSA_GEN_KEY_MIN_BITS must be at least 128 bits"
80#endif
81
124
125#else /* MBEDTLS_RSA_ALT */
126#include "rsa_alt.h"
127#endif /* MBEDTLS_RSA_ALT */
128
140
176 mbedtls_md_type_t hash_id);
177
188
199
230 const mbedtls_mpi *N,
231 const mbedtls_mpi *P, const mbedtls_mpi *Q,
232 const mbedtls_mpi *D, const mbedtls_mpi *E);
233
269 unsigned char const *N, size_t N_len,
270 unsigned char const *P, size_t P_len,
271 unsigned char const *Q, size_t Q_len,
272 unsigned char const *D, size_t D_len,
273 unsigned char const *E, size_t E_len);
274
308
351 mbedtls_mpi *D, mbedtls_mpi *E);
352
401 unsigned char *N, size_t N_len,
402 unsigned char *P, size_t P_len,
403 unsigned char *Q, size_t Q_len,
404 unsigned char *D, size_t D_len,
405 unsigned char *E, size_t E_len);
406
427 mbedtls_mpi *DP, mbedtls_mpi *DQ, mbedtls_mpi *QP);
428
438
448
468 int (*f_rng)(void *, unsigned char *, size_t),
469 void *p_rng,
470 unsigned int nbits, int exponent);
471
487
525
538 const mbedtls_rsa_context *prv);
539
560 const unsigned char *input,
561 unsigned char *output);
562
593 int (*f_rng)(void *, unsigned char *, size_t),
594 void *p_rng,
595 const unsigned char *input,
596 unsigned char *output);
597
622 int (*f_rng)(void *, unsigned char *, size_t),
623 void *p_rng,
624 size_t ilen,
625 const unsigned char *input,
626 unsigned char *output);
627
649 int (*f_rng)(void *, unsigned char *, size_t),
650 void *p_rng,
651 size_t ilen,
652 const unsigned char *input,
653 unsigned char *output);
654
683 int (*f_rng)(void *, unsigned char *, size_t),
684 void *p_rng,
685 const unsigned char *label, size_t label_len,
686 size_t ilen,
687 const unsigned char *input,
688 unsigned char *output);
689
726 int (*f_rng)(void *, unsigned char *, size_t),
727 void *p_rng,
728 size_t *olen,
729 const unsigned char *input,
730 unsigned char *output,
731 size_t output_max_len);
732
768 int (*f_rng)(void *, unsigned char *, size_t),
769 void *p_rng,
770 size_t *olen,
771 const unsigned char *input,
772 unsigned char *output,
773 size_t output_max_len);
774
809 int (*f_rng)(void *, unsigned char *, size_t),
810 void *p_rng,
811 const unsigned char *label, size_t label_len,
812 size_t *olen,
813 const unsigned char *input,
814 unsigned char *output,
815 size_t output_max_len);
816
852 int (*f_rng)(void *, unsigned char *, size_t),
853 void *p_rng,
854 mbedtls_md_type_t md_alg,
855 unsigned int hashlen,
856 const unsigned char *hash,
857 unsigned char *sig);
858
884 int (*f_rng)(void *, unsigned char *, size_t),
885 void *p_rng,
886 mbedtls_md_type_t md_alg,
887 unsigned int hashlen,
888 const unsigned char *hash,
889 unsigned char *sig);
890
891#if defined(MBEDTLS_PKCS1_V21)
936 int (*f_rng)(void *, unsigned char *, size_t),
937 void *p_rng,
938 mbedtls_md_type_t md_alg,
939 unsigned int hashlen,
940 const unsigned char *hash,
941 int saltlen,
942 unsigned char *sig);
943
986 int (*f_rng)(void *, unsigned char *, size_t),
987 void *p_rng,
988 mbedtls_md_type_t md_alg,
989 unsigned int hashlen,
990 const unsigned char *hash,
991 unsigned char *sig);
992#endif /* MBEDTLS_PKCS1_V21 */
993
1021 mbedtls_md_type_t md_alg,
1022 unsigned int hashlen,
1023 const unsigned char *hash,
1024 const unsigned char *sig);
1025
1046 mbedtls_md_type_t md_alg,
1047 unsigned int hashlen,
1048 const unsigned char *hash,
1049 const unsigned char *sig);
1050
1081 mbedtls_md_type_t md_alg,
1082 unsigned int hashlen,
1083 const unsigned char *hash,
1084 const unsigned char *sig);
1085
1121 mbedtls_md_type_t md_alg,
1122 unsigned int hashlen,
1123 const unsigned char *hash,
1124 mbedtls_md_type_t mgf1_hash_id,
1125 int expected_salt_len,
1126 const unsigned char *sig);
1127
1138
1147
1148#if defined(MBEDTLS_SELF_TEST)
1149
1156int mbedtls_rsa_self_test(int verbose);
1157
1158#endif /* MBEDTLS_SELF_TEST */
1159
1160#ifdef __cplusplus
1161}
1162#endif
1163
1164#endif /* rsa.h */
Multi-precision integer library.
Build-time configuration info.
This file contains the generic functions for message-digest (hashing) and HMAC.
mbedtls_md_type_t
Supported message digests.
Definition md.h:47
Macro wrapper for struct's members.
#define MBEDTLS_PRIVATE(member)
int mbedtls_rsa_complete(mbedtls_rsa_context *ctx)
This function completes an RSA context from a set of imported core parameters.
int mbedtls_rsa_rsassa_pss_verify_ext(mbedtls_rsa_context *ctx, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, mbedtls_md_type_t mgf1_hash_id, int expected_salt_len, const unsigned char *sig)
This function performs a PKCS#1 v2.1 PSS verification operation (RSASSA-PSS-VERIFY).
int mbedtls_rsa_self_test(int verbose)
The RSA checkup routine.
int mbedtls_rsa_import(mbedtls_rsa_context *ctx, const mbedtls_mpi *N, const mbedtls_mpi *P, const mbedtls_mpi *Q, const mbedtls_mpi *D, const mbedtls_mpi *E)
This function imports a set of core parameters into an RSA context.
int mbedtls_rsa_check_pub_priv(const mbedtls_rsa_context *pub, const mbedtls_rsa_context *prv)
This function checks a public-private RSA key pair.
int mbedtls_rsa_import_raw(mbedtls_rsa_context *ctx, unsigned char const *N, size_t N_len, unsigned char const *P, size_t P_len, unsigned char const *Q, size_t Q_len, unsigned char const *D, size_t D_len, unsigned char const *E, size_t E_len)
This function imports core RSA parameters, in raw big-endian binary format, into an RSA context.
int mbedtls_rsa_private(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, const unsigned char *input, unsigned char *output)
This function performs an RSA private key operation.
int mbedtls_rsa_gen_key(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, unsigned int nbits, int exponent)
This function generates an RSA keypair.
int mbedtls_rsa_get_padding_mode(const mbedtls_rsa_context *ctx)
This function retrieves padding mode of initialized RSA context.
size_t mbedtls_rsa_get_len(const mbedtls_rsa_context *ctx)
This function retrieves the length of RSA modulus in Bytes.
int mbedtls_rsa_rsassa_pkcs1_v15_sign(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig)
This function performs a PKCS#1 v1.5 signature operation (RSASSA-PKCS1-v1_5-SIGN).
int mbedtls_rsa_set_padding(mbedtls_rsa_context *ctx, int padding, mbedtls_md_type_t hash_id)
This function sets padding for an already initialized RSA context.
int mbedtls_rsa_pkcs1_decrypt(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len)
This function performs an RSA operation, then removes the message padding.
struct mbedtls_rsa_context mbedtls_rsa_context
The RSA context structure.
size_t mbedtls_rsa_get_bitlen(const mbedtls_rsa_context *ctx)
This function retrieves the length of the RSA modulus in bits.
int mbedtls_rsa_get_md_alg(const mbedtls_rsa_context *ctx)
This function retrieves hash identifier of mbedtls_md_type_t type.
int mbedtls_rsa_export(const mbedtls_rsa_context *ctx, mbedtls_mpi *N, mbedtls_mpi *P, mbedtls_mpi *Q, mbedtls_mpi *D, mbedtls_mpi *E)
This function exports the core parameters of an RSA key.
int mbedtls_rsa_pkcs1_encrypt(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, size_t ilen, const unsigned char *input, unsigned char *output)
This function adds the message padding, then performs an RSA operation.
int mbedtls_rsa_export_raw(const mbedtls_rsa_context *ctx, unsigned char *N, size_t N_len, unsigned char *P, size_t P_len, unsigned char *Q, size_t Q_len, unsigned char *D, size_t D_len, unsigned char *E, size_t E_len)
This function exports core parameters of an RSA key in raw big-endian binary format.
int mbedtls_rsa_copy(mbedtls_rsa_context *dst, const mbedtls_rsa_context *src)
This function copies the components of an RSA context.
int mbedtls_rsa_rsassa_pss_verify(mbedtls_rsa_context *ctx, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, const unsigned char *sig)
This function performs a PKCS#1 v2.1 PSS verification operation (RSASSA-PSS-VERIFY).
void mbedtls_rsa_free(mbedtls_rsa_context *ctx)
This function frees the components of an RSA key.
int mbedtls_rsa_rsassa_pkcs1_v15_verify(mbedtls_rsa_context *ctx, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, const unsigned char *sig)
This function performs a PKCS#1 v1.5 verification operation (RSASSA-PKCS1-v1_5-VERIFY).
int mbedtls_rsa_rsassa_pss_sign_ext(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, int saltlen, unsigned char *sig)
This function performs a PKCS#1 v2.1 PSS signature operation (RSASSA-PSS-SIGN).
int mbedtls_rsa_rsaes_pkcs1_v15_decrypt(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len)
This function performs a PKCS#1 v1.5 decryption operation (RSAES-PKCS1-v1_5-DECRYPT).
int mbedtls_rsa_export_crt(const mbedtls_rsa_context *ctx, mbedtls_mpi *DP, mbedtls_mpi *DQ, mbedtls_mpi *QP)
This function exports CRT parameters of a private RSA key.
int mbedtls_rsa_rsassa_pss_sign(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig)
This function performs a PKCS#1 v2.1 PSS signature operation (RSASSA-PSS-SIGN).
int mbedtls_rsa_public(mbedtls_rsa_context *ctx, const unsigned char *input, unsigned char *output)
This function performs an RSA public key operation.
int mbedtls_rsa_rsaes_oaep_encrypt(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, const unsigned char *label, size_t label_len, size_t ilen, const unsigned char *input, unsigned char *output)
This function performs a PKCS#1 v2.1 OAEP encryption operation (RSAES-OAEP-ENCRYPT).
int mbedtls_rsa_pkcs1_sign(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig)
This function performs a private RSA operation to sign a message digest using PKCS#1.
int mbedtls_rsa_check_privkey(const mbedtls_rsa_context *ctx)
This function checks if a context contains an RSA private key and perform basic consistency checks.
void mbedtls_rsa_init(mbedtls_rsa_context *ctx)
This function initializes an RSA context.
int mbedtls_rsa_rsaes_oaep_decrypt(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, const unsigned char *label, size_t label_len, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len)
This function performs a PKCS#1 v2.1 OAEP decryption operation (RSAES-OAEP-DECRYPT).
int mbedtls_rsa_check_pubkey(const mbedtls_rsa_context *ctx)
This function checks if a context contains at least an RSA public key.
int mbedtls_rsa_pkcs1_verify(mbedtls_rsa_context *ctx, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, const unsigned char *sig)
This function performs a public RSA operation and checks the message digest.
int mbedtls_rsa_rsaes_pkcs1_v15_encrypt(mbedtls_rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, size_t ilen, const unsigned char *input, unsigned char *output)
This function performs a PKCS#1 v1.5 encryption operation (RSAES-PKCS1-v1_5-ENCRYPT).
MPI structure.
Definition bignum.h:207
The RSA context structure.
Definition rsa.h:85
Threading abstraction layer.