1 /* $OpenBSD: rsa_locl.h,v 1.13 2022/07/04 12:23:30 tb Exp $ */ 2 3 __BEGIN_HIDDEN_DECLS 4 5 #define RSA_MIN_MODULUS_BITS 512 6 7 /* Macros to test if a pkey or ctx is for a PSS key */ 8 #define pkey_is_pss(pkey) (pkey->ameth->pkey_id == EVP_PKEY_RSA_PSS) 9 #define pkey_ctx_is_pss(ctx) (ctx->pmeth->pkey_id == EVP_PKEY_RSA_PSS) 10 11 struct rsa_meth_st { 12 char *name; 13 int (*rsa_pub_enc)(int flen, const unsigned char *from, 14 unsigned char *to, RSA *rsa, int padding); 15 int (*rsa_pub_dec)(int flen, const unsigned char *from, 16 unsigned char *to, RSA *rsa, int padding); 17 int (*rsa_priv_enc)(int flen, const unsigned char *from, 18 unsigned char *to, RSA *rsa, int padding); 19 int (*rsa_priv_dec)(int flen, const unsigned char *from, 20 unsigned char *to, RSA *rsa, int padding); 21 int (*rsa_mod_exp)(BIGNUM *r0, const BIGNUM *I, RSA *rsa, 22 BN_CTX *ctx); /* Can be null */ 23 int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, 24 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); /* Can be null */ 25 int (*init)(RSA *rsa); /* called at new */ 26 int (*finish)(RSA *rsa); /* called at free */ 27 int flags; /* RSA_METHOD_FLAG_* things */ 28 char *app_data; /* may be needed! */ 29 /* New sign and verify functions: some libraries don't allow arbitrary data 30 * to be signed/verified: this allows them to be used. Note: for this to work 31 * the RSA_public_decrypt() and RSA_private_encrypt() should *NOT* be used 32 * RSA_sign(), RSA_verify() should be used instead. Note: for backwards 33 * compatibility this functionality is only enabled if the RSA_FLAG_SIGN_VER 34 * option is set in 'flags'. 35 */ 36 int (*rsa_sign)(int type, const unsigned char *m, unsigned int m_length, 37 unsigned char *sigret, unsigned int *siglen, const RSA *rsa); 38 int (*rsa_verify)(int dtype, const unsigned char *m, 39 unsigned int m_length, const unsigned char *sigbuf, 40 unsigned int siglen, const RSA *rsa); 41 /* If this callback is NULL, the builtin software RSA key-gen will be used. This 42 * is for behavioural compatibility whilst the code gets rewired, but one day 43 * it would be nice to assume there are no such things as "builtin software" 44 * implementations. */ 45 int (*rsa_keygen)(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb); 46 }; 47 48 struct rsa_st { 49 /* The first parameter is used to pickup errors where 50 * this is passed instead of aEVP_PKEY, it is set to 0 */ 51 int pad; 52 long version; 53 const RSA_METHOD *meth; 54 55 /* functional reference if 'meth' is ENGINE-provided */ 56 ENGINE *engine; 57 BIGNUM *n; 58 BIGNUM *e; 59 BIGNUM *d; 60 BIGNUM *p; 61 BIGNUM *q; 62 BIGNUM *dmp1; 63 BIGNUM *dmq1; 64 BIGNUM *iqmp; 65 66 /* Parameter restrictions for PSS only keys. */ 67 RSA_PSS_PARAMS *pss; 68 69 /* be careful using this if the RSA structure is shared */ 70 CRYPTO_EX_DATA ex_data; 71 int references; 72 int flags; 73 74 /* Used to cache montgomery values */ 75 BN_MONT_CTX *_method_mod_n; 76 BN_MONT_CTX *_method_mod_p; 77 BN_MONT_CTX *_method_mod_q; 78 79 /* all BIGNUM values are actually in the following data, if it is not 80 * NULL */ 81 BN_BLINDING *blinding; 82 BN_BLINDING *mt_blinding; 83 }; 84 85 RSA_PSS_PARAMS *rsa_pss_params_create(const EVP_MD *sigmd, const EVP_MD *mgf1md, 86 int saltlen); 87 int rsa_pss_get_param(const RSA_PSS_PARAMS *pss, const EVP_MD **pmd, 88 const EVP_MD **pmgf1md, int *psaltlen); 89 90 extern int int_rsa_verify(int dtype, const unsigned char *m, 91 unsigned int m_len, unsigned char *rm, size_t *prm_len, 92 const unsigned char *sigbuf, size_t siglen, RSA *rsa); 93 94 __END_HIDDEN_DECLS 95