2019-10-16 02:28:02 +08:00
|
|
|
/*
|
2020-04-23 20:55:52 +08:00
|
|
|
* Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
|
2019-10-16 02:28:02 +08:00
|
|
|
*
|
|
|
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
|
|
|
* this file except in compliance with the License. You can obtain a copy
|
|
|
|
* in the file LICENSE in the source distribution or at
|
|
|
|
* https://www.openssl.org/source/license.html
|
|
|
|
*/
|
|
|
|
|
|
|
|
#ifndef OSSL_INTERNAL_RSA_H
|
|
|
|
# define OSSL_INTERNAL_RSA_H
|
|
|
|
|
2020-06-17 09:33:16 +08:00
|
|
|
# include <openssl/core.h>
|
|
|
|
# include <openssl/rsa.h>
|
2019-10-16 02:28:02 +08:00
|
|
|
|
RSA: Add a less loaded PSS-parameter structure
RSA_PSS_PARAMS carries with it a lot of baggage in form of X509_ALGOR
and ASN1_INTEGER, which we would rather avoid in our providers.
Therefore, we create a parallell structure - RSA_PSS_PARAMS_30 - that
contains the same information, but uses numeric identities (*) and C
integers (**). This makes it simpler to handle.
Note that neither this structure nor its contents are passed between
libcrypto and the providers. Instead, the numeric identities are
translated to and from names, which are then passed over that
boundary.
For future considerations, we might consider dropping RSA_PSS_PARAMS
entirely. For now, it's still reserved for EVP_PKEY_ASN1_METHOD code,
which RSA_PSS_PARAMS_30 is (almost entirely) reserved for use in our
providers.
(*) We use NIDs in this case, because we already have them and because
only algorithms that libcrypto knows about are permitted in PSS
restrictions. We could use any number series we want, as long as we
know for sure what they represent.
(**) That's for saltlen and for trailerfield, which are never expect
to surpass the set of numbers that fit in a regular 'int'.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11710)
2020-05-02 18:46:55 +08:00
|
|
|
typedef struct rsa_pss_params_30_st {
|
|
|
|
int hash_algorithm_nid;
|
|
|
|
struct {
|
|
|
|
int algorithm_nid; /* Currently always NID_mgf1 */
|
|
|
|
int hash_algorithm_nid;
|
|
|
|
} mask_gen;
|
2020-08-05 14:01:59 +08:00
|
|
|
int salt_len;
|
|
|
|
int trailer_field;
|
RSA: Add a less loaded PSS-parameter structure
RSA_PSS_PARAMS carries with it a lot of baggage in form of X509_ALGOR
and ASN1_INTEGER, which we would rather avoid in our providers.
Therefore, we create a parallell structure - RSA_PSS_PARAMS_30 - that
contains the same information, but uses numeric identities (*) and C
integers (**). This makes it simpler to handle.
Note that neither this structure nor its contents are passed between
libcrypto and the providers. Instead, the numeric identities are
translated to and from names, which are then passed over that
boundary.
For future considerations, we might consider dropping RSA_PSS_PARAMS
entirely. For now, it's still reserved for EVP_PKEY_ASN1_METHOD code,
which RSA_PSS_PARAMS_30 is (almost entirely) reserved for use in our
providers.
(*) We use NIDs in this case, because we already have them and because
only algorithms that libcrypto knows about are permitted in PSS
restrictions. We could use any number series we want, as long as we
know for sure what they represent.
(**) That's for saltlen and for trailerfield, which are never expect
to surpass the set of numbers that fit in a regular 'int'.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11710)
2020-05-02 18:46:55 +08:00
|
|
|
} RSA_PSS_PARAMS_30;
|
|
|
|
|
rsa: add ossl_ prefix to internal rsa_ calls.
The functions being:
rsa_check_crt_components, rsa_check_key, rsa_check_pminusq_diff,
rsa_check_prime_factor, rsa_check_prime_factor_range,
rsa_check_private_exponent, rsa_check_public_exponent,
rsa_digestinfo_encoding, rsa_fips186_4_gen_prob_primes, rsa_fromdata,
rsa_get0_all_params, rsa_get0_libctx, rsa_get0_pss_params_30,
rsa_get_lcm, rsa_mgf_nid2name, rsa_mp_coeff_names, rsa_mp_exp_names,
rsa_mp_factor_names, rsa_new_with_ctx, rsa_oaeppss_md2nid,
rsa_oaeppss_nid2name, rsa_padding_add_PKCS1_OAEP_mgf1_with_libctx,
rsa_padding_add_PKCS1_type_2_with_libctx,
rsa_padding_add_SSLv23_with_libctx, rsa_padding_check_PKCS1_type_2_TLS,
rsa_pkey_method, rsa_pss_params_30_copy, rsa_pss_params_30_fromdata,
rsa_pss_params_30_hashalg, rsa_pss_params_30_is_unrestricted,
rsa_pss_params_30_maskgenalg, rsa_pss_params_30_maskgenhashalg,
rsa_pss_params_30_saltlen, rsa_pss_params_30_set_defaults,
rsa_pss_params_30_set_hashalg, rsa_pss_params_30_set_maskgenalg,
rsa_pss_params_30_set_maskgenhashalg, rsa_pss_params_30_set_saltlen,
rsa_pss_params_30_set_trailerfield, rsa_pss_params_30_todata,
rsa_pss_params_30_trailerfield, rsa_pss_pkey_method, rsa_set0_all_params,
rsa_sp800_56b_check_keypair, rsa_sp800_56b_check_private,
rsa_sp800_56b_check_public, rsa_sp800_56b_derive_params_from_pq,
rsa_sp800_56b_generate_key, rsa_sp800_56b_pairwise_test,
rsa_sp800_56b_validate_strength, rsa_todata, rsa_validate_pairwise,
rsa_validate_private and rsa_validate_public.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13040)
2020-09-30 12:20:14 +08:00
|
|
|
RSA_PSS_PARAMS_30 *ossl_rsa_get0_pss_params_30(RSA *r);
|
|
|
|
int ossl_rsa_pss_params_30_set_defaults(RSA_PSS_PARAMS_30 *rsa_pss_params);
|
|
|
|
int ossl_rsa_pss_params_30_copy(RSA_PSS_PARAMS_30 *to,
|
|
|
|
const RSA_PSS_PARAMS_30 *from);
|
|
|
|
int ossl_rsa_pss_params_30_is_unrestricted(const RSA_PSS_PARAMS_30 *rsa_pss_params);
|
|
|
|
int ossl_rsa_pss_params_30_set_hashalg(RSA_PSS_PARAMS_30 *rsa_pss_params,
|
|
|
|
int hashalg_nid);
|
|
|
|
int ossl_rsa_pss_params_30_set_maskgenalg(RSA_PSS_PARAMS_30 *rsa_pss_params,
|
|
|
|
int maskgenalg_nid);
|
|
|
|
int ossl_rsa_pss_params_30_set_maskgenhashalg(RSA_PSS_PARAMS_30 *rsa_pss_params,
|
|
|
|
int maskgenhashalg_nid);
|
|
|
|
int ossl_rsa_pss_params_30_set_saltlen(RSA_PSS_PARAMS_30 *rsa_pss_params,
|
|
|
|
int saltlen);
|
|
|
|
int ossl_rsa_pss_params_30_set_trailerfield(RSA_PSS_PARAMS_30 *rsa_pss_params,
|
|
|
|
int trailerfield);
|
|
|
|
int ossl_rsa_pss_params_30_hashalg(const RSA_PSS_PARAMS_30 *rsa_pss_params);
|
|
|
|
int ossl_rsa_pss_params_30_maskgenalg(const RSA_PSS_PARAMS_30 *rsa_pss_params);
|
|
|
|
int ossl_rsa_pss_params_30_maskgenhashalg(const RSA_PSS_PARAMS_30 *rsa_pss_params);
|
|
|
|
int ossl_rsa_pss_params_30_saltlen(const RSA_PSS_PARAMS_30 *rsa_pss_params);
|
|
|
|
int ossl_rsa_pss_params_30_trailerfield(const RSA_PSS_PARAMS_30 *rsa_pss_params);
|
|
|
|
|
|
|
|
const char *ossl_rsa_mgf_nid2name(int mgf);
|
|
|
|
int ossl_rsa_oaeppss_md2nid(const EVP_MD *md);
|
|
|
|
const char *ossl_rsa_oaeppss_nid2name(int md);
|
|
|
|
|
|
|
|
RSA *ossl_rsa_new_with_ctx(OPENSSL_CTX *libctx);
|
|
|
|
OPENSSL_CTX *ossl_rsa_get0_libctx(RSA *r);
|
|
|
|
|
|
|
|
int ossl_rsa_set0_all_params(RSA *r, const STACK_OF(BIGNUM) *primes,
|
|
|
|
const STACK_OF(BIGNUM) *exps,
|
|
|
|
const STACK_OF(BIGNUM) *coeffs);
|
|
|
|
int ossl_rsa_get0_all_params(RSA *r, STACK_OF(BIGNUM_const) *primes,
|
|
|
|
STACK_OF(BIGNUM_const) *exps,
|
|
|
|
STACK_OF(BIGNUM_const) *coeffs);
|
|
|
|
|
|
|
|
int ossl_rsa_todata(RSA *rsa, OSSL_PARAM_BLD *bld, OSSL_PARAM params[]);
|
|
|
|
int ossl_rsa_fromdata(RSA *rsa, const OSSL_PARAM params[]);
|
|
|
|
int ossl_rsa_pss_params_30_todata(const RSA_PSS_PARAMS_30 *pss,
|
|
|
|
OSSL_PARAM_BLD *bld, OSSL_PARAM params[]);
|
|
|
|
int ossl_rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params,
|
|
|
|
const OSSL_PARAM params[],
|
|
|
|
OPENSSL_CTX *libctx);
|
|
|
|
|
|
|
|
int ossl_rsa_padding_check_PKCS1_type_2_TLS(OPENSSL_CTX *ctx, unsigned char *to,
|
|
|
|
size_t tlen,
|
|
|
|
const unsigned char *from,
|
|
|
|
size_t flen, int client_version,
|
|
|
|
int alt_version);
|
|
|
|
int ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(OPENSSL_CTX *libctx,
|
|
|
|
unsigned char *to, int tlen,
|
|
|
|
const unsigned char *from, int flen,
|
|
|
|
const unsigned char *param,
|
|
|
|
int plen, const EVP_MD *md,
|
|
|
|
const EVP_MD *mgf1md);
|
|
|
|
|
|
|
|
int ossl_rsa_validate_public(const RSA *key);
|
|
|
|
int ossl_rsa_validate_private(const RSA *key);
|
|
|
|
int ossl_rsa_validate_pairwise(const RSA *key);
|
2020-01-29 18:32:32 +08:00
|
|
|
|
2019-12-01 22:01:50 +08:00
|
|
|
int int_rsa_verify(int dtype, const unsigned char *m,
|
|
|
|
unsigned int m_len, unsigned char *rm,
|
|
|
|
size_t *prm_len, const unsigned char *sigbuf,
|
|
|
|
size_t siglen, RSA *rsa);
|
|
|
|
|
rsa: add ossl_ prefix to internal rsa_ calls.
The functions being:
rsa_check_crt_components, rsa_check_key, rsa_check_pminusq_diff,
rsa_check_prime_factor, rsa_check_prime_factor_range,
rsa_check_private_exponent, rsa_check_public_exponent,
rsa_digestinfo_encoding, rsa_fips186_4_gen_prob_primes, rsa_fromdata,
rsa_get0_all_params, rsa_get0_libctx, rsa_get0_pss_params_30,
rsa_get_lcm, rsa_mgf_nid2name, rsa_mp_coeff_names, rsa_mp_exp_names,
rsa_mp_factor_names, rsa_new_with_ctx, rsa_oaeppss_md2nid,
rsa_oaeppss_nid2name, rsa_padding_add_PKCS1_OAEP_mgf1_with_libctx,
rsa_padding_add_PKCS1_type_2_with_libctx,
rsa_padding_add_SSLv23_with_libctx, rsa_padding_check_PKCS1_type_2_TLS,
rsa_pkey_method, rsa_pss_params_30_copy, rsa_pss_params_30_fromdata,
rsa_pss_params_30_hashalg, rsa_pss_params_30_is_unrestricted,
rsa_pss_params_30_maskgenalg, rsa_pss_params_30_maskgenhashalg,
rsa_pss_params_30_saltlen, rsa_pss_params_30_set_defaults,
rsa_pss_params_30_set_hashalg, rsa_pss_params_30_set_maskgenalg,
rsa_pss_params_30_set_maskgenhashalg, rsa_pss_params_30_set_saltlen,
rsa_pss_params_30_set_trailerfield, rsa_pss_params_30_todata,
rsa_pss_params_30_trailerfield, rsa_pss_pkey_method, rsa_set0_all_params,
rsa_sp800_56b_check_keypair, rsa_sp800_56b_check_private,
rsa_sp800_56b_check_public, rsa_sp800_56b_derive_params_from_pq,
rsa_sp800_56b_generate_key, rsa_sp800_56b_pairwise_test,
rsa_sp800_56b_validate_strength, rsa_todata, rsa_validate_pairwise,
rsa_validate_private and rsa_validate_public.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13040)
2020-09-30 12:20:14 +08:00
|
|
|
const unsigned char *ossl_rsa_digestinfo_encoding(int md_nid, size_t *len);
|
2019-12-01 22:01:50 +08:00
|
|
|
|
rsa: add ossl_ prefix to internal rsa_ calls.
The functions being:
rsa_check_crt_components, rsa_check_key, rsa_check_pminusq_diff,
rsa_check_prime_factor, rsa_check_prime_factor_range,
rsa_check_private_exponent, rsa_check_public_exponent,
rsa_digestinfo_encoding, rsa_fips186_4_gen_prob_primes, rsa_fromdata,
rsa_get0_all_params, rsa_get0_libctx, rsa_get0_pss_params_30,
rsa_get_lcm, rsa_mgf_nid2name, rsa_mp_coeff_names, rsa_mp_exp_names,
rsa_mp_factor_names, rsa_new_with_ctx, rsa_oaeppss_md2nid,
rsa_oaeppss_nid2name, rsa_padding_add_PKCS1_OAEP_mgf1_with_libctx,
rsa_padding_add_PKCS1_type_2_with_libctx,
rsa_padding_add_SSLv23_with_libctx, rsa_padding_check_PKCS1_type_2_TLS,
rsa_pkey_method, rsa_pss_params_30_copy, rsa_pss_params_30_fromdata,
rsa_pss_params_30_hashalg, rsa_pss_params_30_is_unrestricted,
rsa_pss_params_30_maskgenalg, rsa_pss_params_30_maskgenhashalg,
rsa_pss_params_30_saltlen, rsa_pss_params_30_set_defaults,
rsa_pss_params_30_set_hashalg, rsa_pss_params_30_set_maskgenalg,
rsa_pss_params_30_set_maskgenhashalg, rsa_pss_params_30_set_saltlen,
rsa_pss_params_30_set_trailerfield, rsa_pss_params_30_todata,
rsa_pss_params_30_trailerfield, rsa_pss_pkey_method, rsa_set0_all_params,
rsa_sp800_56b_check_keypair, rsa_sp800_56b_check_private,
rsa_sp800_56b_check_public, rsa_sp800_56b_derive_params_from_pq,
rsa_sp800_56b_generate_key, rsa_sp800_56b_pairwise_test,
rsa_sp800_56b_validate_strength, rsa_todata, rsa_validate_pairwise,
rsa_validate_private and rsa_validate_public.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13040)
2020-09-30 12:20:14 +08:00
|
|
|
extern const char *ossl_rsa_mp_factor_names[];
|
|
|
|
extern const char *ossl_rsa_mp_exp_names[];
|
|
|
|
extern const char *ossl_rsa_mp_coeff_names[];
|
2020-04-01 13:51:18 +08:00
|
|
|
|
2020-10-07 21:45:22 +08:00
|
|
|
ASN1_STRING *ossl_rsa_ctx_to_pss_string(EVP_PKEY_CTX *pkctx);
|
|
|
|
int ossl_rsa_pss_to_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pkctx,
|
|
|
|
const X509_ALGOR *sigalg, EVP_PKEY *pkey);
|
|
|
|
|
2020-06-17 09:33:16 +08:00
|
|
|
# if defined(FIPS_MODULE) && !defined(OPENSSL_NO_ACVP_TESTS)
|
|
|
|
int rsa_acvp_test_gen_params_new(OSSL_PARAM **dst, const OSSL_PARAM src[]);
|
|
|
|
void rsa_acvp_test_gen_params_free(OSSL_PARAM *dst);
|
|
|
|
|
|
|
|
int rsa_acvp_test_set_params(RSA *r, const OSSL_PARAM params[]);
|
|
|
|
int rsa_acvp_test_get_params(RSA *r, OSSL_PARAM params[]);
|
|
|
|
typedef struct rsa_acvp_test_st RSA_ACVP_TEST;
|
|
|
|
void rsa_acvp_test_free(RSA_ACVP_TEST *t);
|
|
|
|
# else
|
|
|
|
# define RSA_ACVP_TEST void
|
|
|
|
# endif
|
|
|
|
|
2019-10-16 02:28:02 +08:00
|
|
|
#endif
|