1/*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22/*
23 * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
24 */
25
26#ifndef _RSA_IMPL_H
27#define	_RSA_IMPL_H
28
29#ifdef __cplusplus
30extern "C" {
31#endif
32
33#include <sys/types.h>
34#include <bignum.h>
35
36#define	MIN_RSA_KEYLENGTH_IN_BYTES	32
37#define	MAX_RSA_KEYLENGTH_IN_BYTES	512
38#define	RSA_MIN_KEY_LEN	256	/* RSA min key length in bits */
39#define	RSA_MAX_KEY_LEN	4096	/* RSA max key length in bits */
40
41#ifdef _KERNEL
42
43#include <sys/sunddi.h>
44#include <sys/crypto/common.h>
45
46#define	CK_BYTE			uchar_t
47#define	CK_ULONG		ulong_t
48#define	CK_RV			int
49
50#define	CKR_OK			CRYPTO_SUCCESS
51#define	CKR_ARGUMENTS_BAD	CRYPTO_ARGUMENTS_BAD
52#define	CKR_DATA_LEN_RANGE	CRYPTO_DATA_LEN_RANGE
53#define	CKR_DEVICE_ERROR	CRYPTO_DEVICE_ERROR
54#define	CKR_GENERAL_ERROR	CRYPTO_GENERAL_ERROR
55#define	CKR_HOST_MEMORY		CRYPTO_HOST_MEMORY
56#define	CKR_KEY_SIZE_RANGE	CRYPTO_KEY_SIZE_RANGE
57
58int random_get_bytes(uint8_t *ran_out, size_t ran_len);
59int random_get_pseudo_bytes(uint8_t *ran_out, size_t ran_len);
60
61#else
62
63#include <security/cryptoki.h>
64#include <security/pkcs11t.h>
65
66#endif	/* _KERNEL */
67
68#define	MD5_DER_PREFIX_Len	18
69#define	SHA1_DER_PREFIX_Len	15
70#define	SHA1_DER_PREFIX_OID_Len	13
71#define	SHA2_DER_PREFIX_Len	19
72#define	DEFAULT_PUB_EXPO_Len	3
73
74extern const CK_BYTE MD5_DER_PREFIX[MD5_DER_PREFIX_Len];
75extern const CK_BYTE SHA1_DER_PREFIX[SHA1_DER_PREFIX_Len];
76extern const CK_BYTE SHA1_DER_PREFIX_OID[SHA1_DER_PREFIX_OID_Len];
77extern const CK_BYTE SHA256_DER_PREFIX[SHA2_DER_PREFIX_Len];
78extern const CK_BYTE SHA384_DER_PREFIX[SHA2_DER_PREFIX_Len];
79extern const CK_BYTE SHA512_DER_PREFIX[SHA2_DER_PREFIX_Len];
80extern const CK_BYTE DEFAULT_PUB_EXPO[DEFAULT_PUB_EXPO_Len];
81
82
83/* RSA key using BIGNUM representations */
84typedef struct {
85	int 	size;		/* key size in bits */
86	BIGNUM	p;		/* p */
87	BIGNUM	q;		/* q */
88	BIGNUM	n;		/* n = p * q (the modulus) */
89	BIGNUM	d;		/* private exponent */
90	BIGNUM	e;		/* public exponent */
91	BIGNUM	dmodpminus1;	/* d mod (p - 1) (exponent 1) */
92	BIGNUM	dmodqminus1;	/* d mod (q - 1) (exponent 2) */
93	BIGNUM	pinvmodq;	/* p^(-1) mod q (the coefficient) */
94	BIGNUM	p_rr;		/* 2^(2*(32*p->len)) mod p */
95	BIGNUM	q_rr;		/* 2^(2*(32*q->len)) mod q */
96	BIGNUM	n_rr;		/* 2^(2*(32*n->len)) mod n */
97} RSAkey;
98
99/* RSA key using byte string representations, useful for parameter lists */
100typedef struct {
101	uint32_t modulus_bits;	/* size */
102	uchar_t	*modulus;	/* n */
103	uint32_t privexpo_bytes;
104	uchar_t	*privexpo;	/* d */
105	uint32_t pubexpo_bytes;
106	uchar_t	*pubexpo;	/* e */
107	uint32_t prime1_bytes;
108	uchar_t	*prime1;	/* p */
109	uint32_t prime2_bytes;
110	uchar_t	*prime2;	/* q */
111	uint32_t expo1_bytes;
112	uchar_t	*expo1;		/* = d mod (p - 1) */
113	uint32_t expo2_bytes;
114	uchar_t	*expo2;		/* = d mod (q - 1) */
115	uint32_t coeff_bytes;	/* = q bytes, .... or = p bytes */
116	uchar_t *coeff;		/* = p^(-1) mod q, or = q^(-1) mod p */
117	int (*rfunc)(void *, size_t);	/* random function */
118} RSAbytekey;
119
120
121CK_RV rsa_genkey_pair(RSAbytekey *bkey);
122
123CK_RV rsa_encrypt(RSAbytekey *bkey,
124    uchar_t *msg, uint32_t msglen, uchar_t *encrmsg);
125
126CK_RV rsa_decrypt(RSAbytekey *bkey,
127    uchar_t *encrmsg, uint32_t encrmsglen, uchar_t *msg);
128
129#define	rsa_sign(key, msg, len, sig)	rsa_decrypt((key), (msg), (len), (sig))
130#define	rsa_verify(key, msg, len, sig)	rsa_encrypt((key), (msg), (len), (sig))
131
132/*
133 * The following definitions and declarations are only used by RSA FIPS POST
134 */
135#ifdef _RSA_FIPS_POST
136
137/* RSA FIPS Declarations */
138#define	FIPS_RSA_PUBLIC_EXPONENT_LENGTH		  3 /*   24-bits */
139#define	FIPS_RSA_PRIVATE_VERSION_LENGTH		  1 /*    8-bits */
140#define	FIPS_RSA_MESSAGE_LENGTH			128 /* 1024-bits */
141#define	FIPS_RSA_COEFFICIENT_LENGTH		 64 /*  512-bits */
142#define	FIPS_RSA_PRIME0_LENGTH			 64 /*  512-bits */
143#define	FIPS_RSA_PRIME1_LENGTH			 64 /*  512-bits */
144#define	FIPS_RSA_EXPONENT0_LENGTH		 64 /*  512-bits */
145#define	FIPS_RSA_EXPONENT1_LENGTH		 64 /*  512-bits */
146#define	FIPS_RSA_PRIVATE_EXPONENT_LENGTH	128 /* 1024-bits */
147#define	FIPS_RSA_ENCRYPT_LENGTH			128 /* 1024-bits */
148#define	FIPS_RSA_DECRYPT_LENGTH			128 /* 1024-bits */
149#define	FIPS_RSA_SIGNATURE_LENGTH		128 /* 1024-bits */
150#define	FIPS_RSA_MODULUS_LENGTH			128 /* 1024-bits */
151#define	MAX_KEY_ATTR_BUFLEN			1024
152
153typedef struct RSAPrivateKey_s {
154	uint8_t		*version;
155	int		version_len;
156	RSAbytekey	bkey;
157} RSAPrivateKey_t;
158
159/* RSA FIPS functions */
160extern int fips_rsa_post(void);
161extern int fips_rsa_encrypt(RSAPrivateKey_t *, uint8_t *, int, uint8_t *);
162extern int fips_rsa_decrypt(RSAPrivateKey_t *, uint8_t *, int, uint8_t *);
163
164#endif /* _RSA_FIPS_POST */
165
166#ifdef	__cplusplus
167}
168#endif
169
170#endif /* _RSA_IMPL_H */
171