1/* 2 * Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the Apache License 2.0 (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10#ifndef OSSL_INTERNAL_RSA_H 11# define OSSL_INTERNAL_RSA_H 12# pragma once 13 14# include <openssl/core.h> 15# include <openssl/rsa.h> 16# include "crypto/types.h" 17 18#define RSA_MIN_MODULUS_BITS 512 19 20typedef struct rsa_pss_params_30_st { 21 int hash_algorithm_nid; 22 struct { 23 int algorithm_nid; /* Currently always NID_mgf1 */ 24 int hash_algorithm_nid; 25 } mask_gen; 26 int salt_len; 27 int trailer_field; 28} RSA_PSS_PARAMS_30; 29 30RSA_PSS_PARAMS_30 *ossl_rsa_get0_pss_params_30(RSA *r); 31int ossl_rsa_pss_params_30_set_defaults(RSA_PSS_PARAMS_30 *rsa_pss_params); 32int ossl_rsa_pss_params_30_copy(RSA_PSS_PARAMS_30 *to, 33 const RSA_PSS_PARAMS_30 *from); 34int ossl_rsa_pss_params_30_is_unrestricted(const RSA_PSS_PARAMS_30 *rsa_pss_params); 35int ossl_rsa_pss_params_30_set_hashalg(RSA_PSS_PARAMS_30 *rsa_pss_params, 36 int hashalg_nid); 37int ossl_rsa_pss_params_30_set_maskgenalg(RSA_PSS_PARAMS_30 *rsa_pss_params, 38 int maskgenalg_nid); 39int ossl_rsa_pss_params_30_set_maskgenhashalg(RSA_PSS_PARAMS_30 *rsa_pss_params, 40 int maskgenhashalg_nid); 41int ossl_rsa_pss_params_30_set_saltlen(RSA_PSS_PARAMS_30 *rsa_pss_params, 42 int saltlen); 43int ossl_rsa_pss_params_30_set_trailerfield(RSA_PSS_PARAMS_30 *rsa_pss_params, 44 int trailerfield); 45int ossl_rsa_pss_params_30_hashalg(const RSA_PSS_PARAMS_30 *rsa_pss_params); 46int ossl_rsa_pss_params_30_maskgenalg(const RSA_PSS_PARAMS_30 *rsa_pss_params); 47int ossl_rsa_pss_params_30_maskgenhashalg(const RSA_PSS_PARAMS_30 *rsa_pss_params); 48int ossl_rsa_pss_params_30_saltlen(const RSA_PSS_PARAMS_30 *rsa_pss_params); 49int ossl_rsa_pss_params_30_trailerfield(const RSA_PSS_PARAMS_30 *rsa_pss_params); 50 51const char *ossl_rsa_mgf_nid2name(int mgf); 52int ossl_rsa_oaeppss_md2nid(const EVP_MD *md); 53const char *ossl_rsa_oaeppss_nid2name(int md); 54 55RSA *ossl_rsa_new_with_ctx(OSSL_LIB_CTX *libctx); 56OSSL_LIB_CTX *ossl_rsa_get0_libctx(RSA *r); 57void ossl_rsa_set0_libctx(RSA *r, OSSL_LIB_CTX *libctx); 58 59int ossl_rsa_set0_all_params(RSA *r, const STACK_OF(BIGNUM) *primes, 60 const STACK_OF(BIGNUM) *exps, 61 const STACK_OF(BIGNUM) *coeffs); 62int ossl_rsa_get0_all_params(RSA *r, STACK_OF(BIGNUM_const) *primes, 63 STACK_OF(BIGNUM_const) *exps, 64 STACK_OF(BIGNUM_const) *coeffs); 65int ossl_rsa_is_foreign(const RSA *rsa); 66RSA *ossl_rsa_dup(const RSA *rsa, int selection); 67 68int ossl_rsa_todata(RSA *rsa, OSSL_PARAM_BLD *bld, OSSL_PARAM params[], 69 int include_private); 70int ossl_rsa_fromdata(RSA *rsa, const OSSL_PARAM params[], int include_private); 71int ossl_rsa_pss_params_30_todata(const RSA_PSS_PARAMS_30 *pss, 72 OSSL_PARAM_BLD *bld, OSSL_PARAM params[]); 73int ossl_rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params, 74 int *defaults_set, 75 const OSSL_PARAM params[], 76 OSSL_LIB_CTX *libctx); 77int ossl_rsa_set0_pss_params(RSA *r, RSA_PSS_PARAMS *pss); 78int ossl_rsa_pss_get_param_unverified(const RSA_PSS_PARAMS *pss, 79 const EVP_MD **pmd, const EVP_MD **pmgf1md, 80 int *psaltlen, int *ptrailerField); 81RSA_PSS_PARAMS *ossl_rsa_pss_decode(const X509_ALGOR *alg); 82int ossl_rsa_param_decode(RSA *rsa, const X509_ALGOR *alg); 83RSA *ossl_rsa_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, 84 OSSL_LIB_CTX *libctx, const char *propq); 85 86int ossl_rsa_padding_check_PKCS1_type_2_TLS(OSSL_LIB_CTX *ctx, unsigned char *to, 87 size_t tlen, 88 const unsigned char *from, 89 size_t flen, int client_version, 90 int alt_version); 91int ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(OSSL_LIB_CTX *libctx, 92 unsigned char *to, int tlen, 93 const unsigned char *from, int flen, 94 const unsigned char *param, 95 int plen, const EVP_MD *md, 96 const EVP_MD *mgf1md); 97 98int ossl_rsa_validate_public(const RSA *key); 99int ossl_rsa_validate_private(const RSA *key); 100int ossl_rsa_validate_pairwise(const RSA *key); 101 102int ossl_rsa_verify(int dtype, const unsigned char *m, 103 unsigned int m_len, unsigned char *rm, 104 size_t *prm_len, const unsigned char *sigbuf, 105 size_t siglen, RSA *rsa); 106 107const unsigned char *ossl_rsa_digestinfo_encoding(int md_nid, size_t *len); 108 109extern const char *ossl_rsa_mp_factor_names[]; 110extern const char *ossl_rsa_mp_exp_names[]; 111extern const char *ossl_rsa_mp_coeff_names[]; 112 113ASN1_STRING *ossl_rsa_ctx_to_pss_string(EVP_PKEY_CTX *pkctx); 114int ossl_rsa_pss_to_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pkctx, 115 const X509_ALGOR *sigalg, EVP_PKEY *pkey); 116 117# if defined(FIPS_MODULE) && !defined(OPENSSL_NO_ACVP_TESTS) 118int ossl_rsa_acvp_test_gen_params_new(OSSL_PARAM **dst, const OSSL_PARAM src[]); 119void ossl_rsa_acvp_test_gen_params_free(OSSL_PARAM *dst); 120 121int ossl_rsa_acvp_test_set_params(RSA *r, const OSSL_PARAM params[]); 122int ossl_rsa_acvp_test_get_params(RSA *r, OSSL_PARAM params[]); 123typedef struct rsa_acvp_test_st RSA_ACVP_TEST; 124void ossl_rsa_acvp_test_free(RSA_ACVP_TEST *t); 125# else 126# define RSA_ACVP_TEST void 127# endif 128 129RSA *evp_pkey_get1_RSA_PSS(EVP_PKEY *pkey); 130#endif 131