PolarSSL v1.3.2
|
The RSA public-key cryptosystem. More...
Go to the source code of this file.
Data Structures | |
struct | rsa_context |
RSA context structure. More... | |
Macros | |
#define | POLARSSL_ERR_RSA_BAD_INPUT_DATA -0x4080 |
Bad input parameters to function. More... | |
#define | POLARSSL_ERR_RSA_INVALID_PADDING -0x4100 |
Input data contains invalid padding and is rejected. More... | |
#define | POLARSSL_ERR_RSA_KEY_GEN_FAILED -0x4180 |
Something failed during generation of a key. More... | |
#define | POLARSSL_ERR_RSA_KEY_CHECK_FAILED -0x4200 |
Key failed to pass the libraries validity check. More... | |
#define | POLARSSL_ERR_RSA_PUBLIC_FAILED -0x4280 |
The public key operation failed. More... | |
#define | POLARSSL_ERR_RSA_PRIVATE_FAILED -0x4300 |
The private key operation failed. More... | |
#define | POLARSSL_ERR_RSA_VERIFY_FAILED -0x4380 |
The PKCS#1 verification failed. More... | |
#define | POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE -0x4400 |
The output buffer for decryption is not large enough. More... | |
#define | POLARSSL_ERR_RSA_RNG_FAILED -0x4480 |
The random generator failed to generate non-zeros. More... | |
#define | RSA_PUBLIC 0 |
#define | RSA_PRIVATE 1 |
#define | RSA_PKCS_V15 0 |
#define | RSA_PKCS_V21 1 |
#define | RSA_SIGN 1 |
#define | RSA_CRYPT 2 |
Functions | |
void | rsa_init (rsa_context *ctx, int padding, int hash_id) |
Initialize an RSA context. More... | |
int | rsa_gen_key (rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, unsigned int nbits, int exponent) |
Generate an RSA keypair. More... | |
int | rsa_check_pubkey (const rsa_context *ctx) |
Check a public RSA key. More... | |
int | rsa_check_privkey (const rsa_context *ctx) |
Check a private RSA key. More... | |
int | rsa_public (rsa_context *ctx, const unsigned char *input, unsigned char *output) |
Do an RSA public key operation. More... | |
int | rsa_private (rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, const unsigned char *input, unsigned char *output) |
Do an RSA private key operation. More... | |
int | rsa_pkcs1_encrypt (rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t ilen, const unsigned char *input, unsigned char *output) |
Generic wrapper to perform a PKCS#1 encryption using the mode from the context. More... | |
int | rsa_rsaes_pkcs1_v15_encrypt (rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t ilen, const unsigned char *input, unsigned char *output) |
Perform a PKCS#1 v1.5 encryption (RSAES-PKCS1-v1_5-ENCRYPT) More... | |
int | rsa_rsaes_oaep_encrypt (rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, const unsigned char *label, size_t label_len, size_t ilen, const unsigned char *input, unsigned char *output) |
Perform a PKCS#1 v2.1 OAEP encryption (RSAES-OAEP-ENCRYPT) More... | |
int | rsa_pkcs1_decrypt (rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len) |
Generic wrapper to perform a PKCS#1 decryption using the mode from the context. More... | |
int | rsa_rsaes_pkcs1_v15_decrypt (rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len) |
Perform a PKCS#1 v1.5 decryption (RSAES-PKCS1-v1_5-DECRYPT) More... | |
int | rsa_rsaes_oaep_decrypt (rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, const unsigned char *label, size_t label_len, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len) |
Perform a PKCS#1 v2.1 OAEP decryption (RSAES-OAEP-DECRYPT) More... | |
int | rsa_pkcs1_sign (rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig) |
Generic wrapper to perform a PKCS#1 signature using the mode from the context. More... | |
int | rsa_rsassa_pkcs1_v15_sign (rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig) |
Perform a PKCS#1 v1.5 signature (RSASSA-PKCS1-v1_5-SIGN) More... | |
int | rsa_rsassa_pss_sign (rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig) |
Perform a PKCS#1 v2.1 PSS signature (RSASSA-PSS-SIGN) More... | |
int | rsa_pkcs1_verify (rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, const unsigned char *sig) |
Generic wrapper to perform a PKCS#1 verification using the mode from the context. More... | |
int | rsa_rsassa_pkcs1_v15_verify (rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, const unsigned char *sig) |
Perform a PKCS#1 v1.5 verification (RSASSA-PKCS1-v1_5-VERIFY) More... | |
int | rsa_rsassa_pss_verify (rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, const unsigned char *sig) |
Perform a PKCS#1 v2.1 PSS verification (RSASSA-PSS-VERIFY) More... | |
int | rsa_copy (rsa_context *dst, const rsa_context *src) |
Copy the components of an RSA context. More... | |
void | rsa_free (rsa_context *ctx) |
Free the components of an RSA key. More... | |
int | rsa_self_test (int verbose) |
Checkup routine. More... | |
The RSA public-key cryptosystem.
Copyright (C) 2006-2013, Brainspark B.V.
This file is part of PolarSSL (http://www.polarssl.org) Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
All rights reserved.
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
Definition in file rsa.h.
#define POLARSSL_ERR_RSA_BAD_INPUT_DATA -0x4080 |
#define POLARSSL_ERR_RSA_INVALID_PADDING -0x4100 |
#define POLARSSL_ERR_RSA_KEY_CHECK_FAILED -0x4200 |
#define POLARSSL_ERR_RSA_KEY_GEN_FAILED -0x4180 |
#define POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE -0x4400 |
#define POLARSSL_ERR_RSA_PRIVATE_FAILED -0x4300 |
#define POLARSSL_ERR_RSA_PUBLIC_FAILED -0x4280 |
#define POLARSSL_ERR_RSA_RNG_FAILED -0x4480 |
#define POLARSSL_ERR_RSA_VERIFY_FAILED -0x4380 |
#define RSA_PRIVATE 1 |
Definition at line 56 of file rsa.h.
Referenced by RSA_private_decrypt(), and RSA_private_encrypt().
#define RSA_PUBLIC 0 |
Definition at line 55 of file rsa.h.
Referenced by RSA_public_decrypt(), and RSA_public_encrypt().
int rsa_check_privkey | ( | const rsa_context * | ctx | ) |
Check a private RSA key.
ctx | RSA context to be checked |
int rsa_check_pubkey | ( | const rsa_context * | ctx | ) |
Check a public RSA key.
ctx | RSA context to be checked |
int rsa_copy | ( | rsa_context * | dst, |
const rsa_context * | src | ||
) |
Copy the components of an RSA context.
dst | Destination context |
src | Source context |
Referenced by x509_write_key_der(), x509_write_pubkey_der(), x509parse_key(), x509parse_keyfile(), x509parse_public_key(), and x509parse_public_keyfile().
void rsa_free | ( | rsa_context * | ctx | ) |
Free the components of an RSA key.
ctx | RSA Context to free |
Referenced by x509parse_key(), x509parse_keyfile(), x509parse_public_key(), and x509parse_public_keyfile().
int rsa_gen_key | ( | rsa_context * | ctx, |
int(*)(void *, unsigned char *, size_t) | f_rng, | ||
void * | p_rng, | ||
unsigned int | nbits, | ||
int | exponent | ||
) |
Generate an RSA keypair.
ctx | RSA context that will hold the key |
f_rng | RNG function |
p_rng | RNG parameter |
nbits | size of the public key in bits |
exponent | public exponent (e.g., 65537) |
void rsa_init | ( | rsa_context * | ctx, |
int | padding, | ||
int | hash_id | ||
) |
Initialize an RSA context.
Note: Set padding to RSA_PKCS_V21 for the RSAES-OAEP encryption scheme and the RSASSA-PSS signature scheme.
ctx | RSA context to be initialized |
padding | RSA_PKCS_V15 or RSA_PKCS_V21 |
hash_id | RSA_PKCS_V21 hash identifier |
int rsa_pkcs1_decrypt | ( | rsa_context * | ctx, |
int(*)(void *, unsigned char *, size_t) | f_rng, | ||
void * | p_rng, | ||
int | mode, | ||
size_t * | olen, | ||
const unsigned char * | input, | ||
unsigned char * | output, | ||
size_t | output_max_len | ||
) |
Generic wrapper to perform a PKCS#1 decryption using the mode from the context.
Do an RSA operation, then remove the message padding
ctx | RSA context |
f_rng | RNG function (Only needed for RSA_PRIVATE) |
p_rng | RNG parameter |
mode | RSA_PUBLIC or RSA_PRIVATE |
olen | will contain the plaintext length |
input | buffer holding the encrypted data |
output | buffer that will hold the plaintext |
output_max_len | maximum length of the output buffer |
Referenced by RSA_private_decrypt(), and RSA_public_decrypt().
int rsa_pkcs1_encrypt | ( | rsa_context * | ctx, |
int(*)(void *, unsigned char *, size_t) | f_rng, | ||
void * | p_rng, | ||
int | mode, | ||
size_t | ilen, | ||
const unsigned char * | input, | ||
unsigned char * | output | ||
) |
Generic wrapper to perform a PKCS#1 encryption using the mode from the context.
Add the message padding, then do an RSA operation.
ctx | RSA context |
f_rng | RNG function (Needed for padding and PKCS#1 v2.1 encoding and RSA_PRIVATE) |
p_rng | RNG parameter |
mode | RSA_PUBLIC or RSA_PRIVATE |
ilen | contains the plaintext length |
input | buffer holding the data to be encrypted |
output | buffer that will hold the ciphertext |
Referenced by RSA_private_encrypt(), and RSA_public_encrypt().
int rsa_pkcs1_sign | ( | rsa_context * | ctx, |
int(*)(void *, unsigned char *, size_t) | f_rng, | ||
void * | p_rng, | ||
int | mode, | ||
md_type_t | md_alg, | ||
unsigned int | hashlen, | ||
const unsigned char * | hash, | ||
unsigned char * | sig | ||
) |
Generic wrapper to perform a PKCS#1 signature using the mode from the context.
Do a private RSA operation to sign a message digest
ctx | RSA context |
f_rng | RNG function (Needed for PKCS#1 v2.1 encoding and for RSA_PRIVATE) |
p_rng | RNG parameter |
mode | RSA_PUBLIC or RSA_PRIVATE |
md_alg | a POLARSSL_MD_* (use POLARSSL_MD_NONE for signing raw data) |
hashlen | message digest length (for POLARSSL_MD_NONE only) |
hash | buffer holding the message digest |
sig | buffer that will hold the ciphertext |
int rsa_pkcs1_verify | ( | rsa_context * | ctx, |
int(*)(void *, unsigned char *, size_t) | f_rng, | ||
void * | p_rng, | ||
int | mode, | ||
md_type_t | md_alg, | ||
unsigned int | hashlen, | ||
const unsigned char * | hash, | ||
const unsigned char * | sig | ||
) |
Generic wrapper to perform a PKCS#1 verification using the mode from the context.
Do a public RSA operation and check the message digest
ctx | points to an RSA public key |
f_rng | RNG function (Only needed for RSA_PRIVATE) |
p_rng | RNG parameter |
mode | RSA_PUBLIC or RSA_PRIVATE |
md_alg | a POLARSSL_MD_* (use POLARSSL_MD_NONE for signing raw data) |
hashlen | message digest length (for POLARSSL_MD_NONE only) |
hash | buffer holding the message digest |
sig | buffer holding the ciphertext |
int rsa_private | ( | rsa_context * | ctx, |
int(*)(void *, unsigned char *, size_t) | f_rng, | ||
void * | p_rng, | ||
const unsigned char * | input, | ||
unsigned char * | output | ||
) |
Do an RSA private key operation.
ctx | RSA context |
f_rng | RNG function (Needed for blinding) |
p_rng | RNG parameter |
input | input buffer |
output | output buffer |
int rsa_public | ( | rsa_context * | ctx, |
const unsigned char * | input, | ||
unsigned char * | output | ||
) |
Do an RSA public key operation.
ctx | RSA context |
input | input buffer |
output | output buffer |
int rsa_rsaes_oaep_decrypt | ( | rsa_context * | ctx, |
int(*)(void *, unsigned char *, size_t) | f_rng, | ||
void * | p_rng, | ||
int | mode, | ||
const unsigned char * | label, | ||
size_t | label_len, | ||
size_t * | olen, | ||
const unsigned char * | input, | ||
unsigned char * | output, | ||
size_t | output_max_len | ||
) |
Perform a PKCS#1 v2.1 OAEP decryption (RSAES-OAEP-DECRYPT)
ctx | RSA context |
f_rng | RNG function (Only needed for RSA_PRIVATE) |
p_rng | RNG parameter |
mode | RSA_PUBLIC or RSA_PRIVATE |
label | buffer holding the custom label to use |
label_len | contains the label length |
olen | will contain the plaintext length |
input | buffer holding the encrypted data |
output | buffer that will hold the plaintext |
output_max_len | maximum length of the output buffer |
int rsa_rsaes_oaep_encrypt | ( | rsa_context * | ctx, |
int(*)(void *, unsigned char *, size_t) | f_rng, | ||
void * | p_rng, | ||
int | mode, | ||
const unsigned char * | label, | ||
size_t | label_len, | ||
size_t | ilen, | ||
const unsigned char * | input, | ||
unsigned char * | output | ||
) |
Perform a PKCS#1 v2.1 OAEP encryption (RSAES-OAEP-ENCRYPT)
ctx | RSA context |
f_rng | RNG function (Needed for padding and PKCS#1 v2.1 encoding and RSA_PRIVATE) |
p_rng | RNG parameter |
mode | RSA_PUBLIC or RSA_PRIVATE |
label | buffer holding the custom label to use |
label_len | contains the label length |
ilen | contains the plaintext length |
input | buffer holding the data to be encrypted |
output | buffer that will hold the ciphertext |
int rsa_rsaes_pkcs1_v15_decrypt | ( | rsa_context * | ctx, |
int(*)(void *, unsigned char *, size_t) | f_rng, | ||
void * | p_rng, | ||
int | mode, | ||
size_t * | olen, | ||
const unsigned char * | input, | ||
unsigned char * | output, | ||
size_t | output_max_len | ||
) |
Perform a PKCS#1 v1.5 decryption (RSAES-PKCS1-v1_5-DECRYPT)
ctx | RSA context |
f_rng | RNG function (Only needed for RSA_PRIVATE) |
p_rng | RNG parameter |
mode | RSA_PUBLIC or RSA_PRIVATE |
olen | will contain the plaintext length |
input | buffer holding the encrypted data |
output | buffer that will hold the plaintext |
output_max_len | maximum length of the output buffer |
int rsa_rsaes_pkcs1_v15_encrypt | ( | rsa_context * | ctx, |
int(*)(void *, unsigned char *, size_t) | f_rng, | ||
void * | p_rng, | ||
int | mode, | ||
size_t | ilen, | ||
const unsigned char * | input, | ||
unsigned char * | output | ||
) |
Perform a PKCS#1 v1.5 encryption (RSAES-PKCS1-v1_5-ENCRYPT)
ctx | RSA context |
f_rng | RNG function (Needed for padding and RSA_PRIVATE) |
p_rng | RNG parameter |
mode | RSA_PUBLIC or RSA_PRIVATE |
ilen | contains the plaintext length |
input | buffer holding the data to be encrypted |
output | buffer that will hold the ciphertext |
int rsa_rsassa_pkcs1_v15_sign | ( | rsa_context * | ctx, |
int(*)(void *, unsigned char *, size_t) | f_rng, | ||
void * | p_rng, | ||
int | mode, | ||
md_type_t | md_alg, | ||
unsigned int | hashlen, | ||
const unsigned char * | hash, | ||
unsigned char * | sig | ||
) |
Perform a PKCS#1 v1.5 signature (RSASSA-PKCS1-v1_5-SIGN)
ctx | RSA context |
f_rng | RNG function (Only needed for RSA_PRIVATE) |
p_rng | RNG parameter |
mode | RSA_PUBLIC or RSA_PRIVATE |
md_alg | a POLARSSL_MD_* (use POLARSSL_MD_NONE for signing raw data) |
hashlen | message digest length (for POLARSSL_MD_NONE only) |
hash | buffer holding the message digest |
sig | buffer that will hold the ciphertext |
int rsa_rsassa_pkcs1_v15_verify | ( | rsa_context * | ctx, |
int(*)(void *, unsigned char *, size_t) | f_rng, | ||
void * | p_rng, | ||
int | mode, | ||
md_type_t | md_alg, | ||
unsigned int | hashlen, | ||
const unsigned char * | hash, | ||
const unsigned char * | sig | ||
) |
Perform a PKCS#1 v1.5 verification (RSASSA-PKCS1-v1_5-VERIFY)
ctx | points to an RSA public key |
f_rng | RNG function (Only needed for RSA_PRIVATE) |
p_rng | RNG parameter |
mode | RSA_PUBLIC or RSA_PRIVATE |
md_alg | a POLARSSL_MD_* (use POLARSSL_MD_NONE for signing raw data) |
hashlen | message digest length (for POLARSSL_MD_NONE only) |
hash | buffer holding the message digest |
sig | buffer holding the ciphertext |
int rsa_rsassa_pss_sign | ( | rsa_context * | ctx, |
int(*)(void *, unsigned char *, size_t) | f_rng, | ||
void * | p_rng, | ||
int | mode, | ||
md_type_t | md_alg, | ||
unsigned int | hashlen, | ||
const unsigned char * | hash, | ||
unsigned char * | sig | ||
) |
Perform a PKCS#1 v2.1 PSS signature (RSASSA-PSS-SIGN)
ctx | RSA context |
f_rng | RNG function (Needed for PKCS#1 v2.1 encoding and for RSA_PRIVATE) |
p_rng | RNG parameter |
mode | RSA_PUBLIC or RSA_PRIVATE |
md_alg | a POLARSSL_MD_* (use POLARSSL_MD_NONE for signing raw data) |
hashlen | message digest length (for POLARSSL_MD_NONE only) |
hash | buffer holding the message digest |
sig | buffer that will hold the ciphertext |
int rsa_rsassa_pss_verify | ( | rsa_context * | ctx, |
int(*)(void *, unsigned char *, size_t) | f_rng, | ||
void * | p_rng, | ||
int | mode, | ||
md_type_t | md_alg, | ||
unsigned int | hashlen, | ||
const unsigned char * | hash, | ||
const unsigned char * | sig | ||
) |
Perform a PKCS#1 v2.1 PSS verification (RSASSA-PSS-VERIFY)
Do a public RSA and check the message digest
ctx | points to an RSA public key |
f_rng | RNG function (Only needed for RSA_PRIVATE) |
p_rng | RNG parameter |
mode | RSA_PUBLIC or RSA_PRIVATE |
md_alg | a POLARSSL_MD_* (use POLARSSL_MD_NONE for signing raw data) |
hashlen | message digest length (for POLARSSL_MD_NONE only) |
hash | buffer holding the message digest |
sig | buffer holding the ciphertext |
int rsa_self_test | ( | int | verbose | ) |
Checkup routine.