| 1 | /* |
|---|
| 2 | Name: rsamath.h |
|---|
| 3 | Purpose: Implements part of PKCS#1, v. 2.1, June 14, 2002 (RSA Labs) |
|---|
| 4 | Author: M. J. Fromberger |
|---|
| 5 | |
|---|
| 6 | Copyright (C) 2002-2008 Michael J. Fromberger, All Rights Reserved. |
|---|
| 7 | |
|---|
| 8 | Permission is hereby granted, free of charge, to any person obtaining a copy |
|---|
| 9 | of this software and associated documentation files (the "Software"), to deal |
|---|
| 10 | in the Software without restriction, including without limitation the rights |
|---|
| 11 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell |
|---|
| 12 | copies of the Software, and to permit persons to whom the Software is |
|---|
| 13 | furnished to do so, subject to the following conditions: |
|---|
| 14 | |
|---|
| 15 | The above copyright notice and this permission notice shall be included in |
|---|
| 16 | all copies or substantial portions of the Software. |
|---|
| 17 | |
|---|
| 18 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR |
|---|
| 19 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
|---|
| 20 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE |
|---|
| 21 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER |
|---|
| 22 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, |
|---|
| 23 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE |
|---|
| 24 | SOFTWARE. |
|---|
| 25 | */ |
|---|
| 26 | |
|---|
| 27 | #ifndef RSAMATH_H_ |
|---|
| 28 | #define RSAMATH_H_ |
|---|
| 29 | |
|---|
| 30 | #include "imath.h" |
|---|
| 31 | |
|---|
| 32 | #ifdef __cplusplus |
|---|
| 33 | extern "C" { |
|---|
| 34 | #endif |
|---|
| 35 | |
|---|
| 36 | /* Function to fill a buffer with nonzero random bytes */ |
|---|
| 37 | typedef void (*random_f)(unsigned char *, int); |
|---|
| 38 | |
|---|
| 39 | /* Convert integer to octet string, per PKCS#1 v.2.1 */ |
|---|
| 40 | mp_result rsa_i2osp(mp_int z, unsigned char *out, int len); |
|---|
| 41 | |
|---|
| 42 | /* Convert octet string to integer, per PKCS#1 v.2.1 */ |
|---|
| 43 | mp_result rsa_os2ip(mp_int z, unsigned char *in, int len); |
|---|
| 44 | |
|---|
| 45 | /* The following operations assume that you have converted your keys |
|---|
| 46 | and message data into mp_int values somehow. */ |
|---|
| 47 | |
|---|
| 48 | /* Primitive RSA encryption operation */ |
|---|
| 49 | mp_result rsa_rsaep(mp_int msg, mp_int exp, mp_int mod, mp_int cipher); |
|---|
| 50 | |
|---|
| 51 | /* Primitive RSA decryption operation */ |
|---|
| 52 | mp_result rsa_rsadp(mp_int cipher, mp_int exp, mp_int mod, mp_int msg); |
|---|
| 53 | |
|---|
| 54 | /* Primitive RSA signing operation */ |
|---|
| 55 | mp_result rsa_rsasp(mp_int msg, mp_int exp, mp_int mod, mp_int signature); |
|---|
| 56 | |
|---|
| 57 | /* Primitive RSA verification operation */ |
|---|
| 58 | mp_result rsa_rsavp(mp_int signature, mp_int exp, mp_int mod, mp_int msg); |
|---|
| 59 | |
|---|
| 60 | /* Compute the maximum length in bytes a message can have using PKCS#1 |
|---|
| 61 | v.1.5 encoding with the given modulus */ |
|---|
| 62 | int rsa_max_message_len(mp_int mod); |
|---|
| 63 | |
|---|
| 64 | /* Encode a raw message per PKCS#1 v.1.5 |
|---|
| 65 | buf - the buffer containing the message |
|---|
| 66 | msg_len - the length in bytes of the message |
|---|
| 67 | buf_len - the size in bytes of the buffer |
|---|
| 68 | tag - the message tag (nonzero byte) |
|---|
| 69 | filler - function to generate pseudorandom nonzero padding |
|---|
| 70 | |
|---|
| 71 | On input, the message is in the first msg_len bytes of the buffer; |
|---|
| 72 | on output, the contents of the buffer are replaced by the padded |
|---|
| 73 | message. If there is not enough room, MP_RANGE is returned. |
|---|
| 74 | */ |
|---|
| 75 | mp_result rsa_pkcs1v15_encode(unsigned char *buf, int msg_len, |
|---|
| 76 | int buf_len, int tag, random_f filler); |
|---|
| 77 | |
|---|
| 78 | /* Decode a PKCS#1 v.1.5 message back to its raw form |
|---|
| 79 | buf - the buffer containing the encoded message |
|---|
| 80 | buf_len - the length in bytes of the buffer |
|---|
| 81 | tag - the expected message tag (nonzero byte) |
|---|
| 82 | msg_len - on output, receives the length of the message content |
|---|
| 83 | |
|---|
| 84 | On output, the message is packed into the first msg_len bytes of |
|---|
| 85 | the buffer, and the rest of the buffer is zeroed. If the buffer is |
|---|
| 86 | not of the correct form, MP_UNDEF is returned and msg_len is undefined. |
|---|
| 87 | */ |
|---|
| 88 | mp_result rsa_pkcs1v15_decode(unsigned char *buf, int buf_len, |
|---|
| 89 | int tag, int *msg_len); |
|---|
| 90 | |
|---|
| 91 | #ifdef __cplusplus |
|---|
| 92 | } |
|---|
| 93 | #endif |
|---|
| 94 | #endif /* end RSAMATH_H_ */ |
|---|
| 95 | |
|---|
