diff options
| author | tb <> | 2022-01-14 08:34:39 +0000 |
|---|---|---|
| committer | tb <> | 2022-01-14 08:34:39 +0000 |
| commit | 385790bbe258a0de5b6842a60a07a834e590fe1a (patch) | |
| tree | d1055b55981f9ad17a7c3eba698619cd0ce84aed /src/lib/libcrypto/rsa/rsa_locl.h | |
| parent | 57442b0028fb09287793f279ee57ebb38e9ab954 (diff) | |
| download | openbsd-385790bbe258a0de5b6842a60a07a834e590fe1a.tar.gz openbsd-385790bbe258a0de5b6842a60a07a834e590fe1a.tar.bz2 openbsd-385790bbe258a0de5b6842a60a07a834e590fe1a.zip | |
Make RSA, RSA_PSS_PARAMS and RSA_METHOD opaque
Move the struct internals to rsa_locl.h and provide a missing
typedef in ossl_typ.h.
ok inoguchi jsing
Diffstat (limited to 'src/lib/libcrypto/rsa/rsa_locl.h')
| -rw-r--r-- | src/lib/libcrypto/rsa/rsa_locl.h | 76 |
1 files changed, 75 insertions, 1 deletions
diff --git a/src/lib/libcrypto/rsa/rsa_locl.h b/src/lib/libcrypto/rsa/rsa_locl.h index 7036449c36..9eae2b3a24 100644 --- a/src/lib/libcrypto/rsa/rsa_locl.h +++ b/src/lib/libcrypto/rsa/rsa_locl.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: rsa_locl.h,v 1.11 2019/11/02 13:47:41 jsing Exp $ */ | 1 | /* $OpenBSD: rsa_locl.h,v 1.12 2022/01/14 08:34:39 tb Exp $ */ |
| 2 | 2 | ||
| 3 | __BEGIN_HIDDEN_DECLS | 3 | __BEGIN_HIDDEN_DECLS |
| 4 | 4 | ||
| @@ -8,6 +8,80 @@ __BEGIN_HIDDEN_DECLS | |||
| 8 | #define pkey_is_pss(pkey) (pkey->ameth->pkey_id == EVP_PKEY_RSA_PSS) | 8 | #define pkey_is_pss(pkey) (pkey->ameth->pkey_id == EVP_PKEY_RSA_PSS) |
| 9 | #define pkey_ctx_is_pss(ctx) (ctx->pmeth->pkey_id == EVP_PKEY_RSA_PSS) | 9 | #define pkey_ctx_is_pss(ctx) (ctx->pmeth->pkey_id == EVP_PKEY_RSA_PSS) |
| 10 | 10 | ||
| 11 | struct rsa_meth_st { | ||
| 12 | const char *name; | ||
| 13 | int (*rsa_pub_enc)(int flen, const unsigned char *from, | ||
| 14 | unsigned char *to, RSA *rsa, int padding); | ||
| 15 | int (*rsa_pub_dec)(int flen, const unsigned char *from, | ||
| 16 | unsigned char *to, RSA *rsa, int padding); | ||
| 17 | int (*rsa_priv_enc)(int flen, const unsigned char *from, | ||
| 18 | unsigned char *to, RSA *rsa, int padding); | ||
| 19 | int (*rsa_priv_dec)(int flen, const unsigned char *from, | ||
| 20 | unsigned char *to, RSA *rsa, int padding); | ||
| 21 | int (*rsa_mod_exp)(BIGNUM *r0, const BIGNUM *I, RSA *rsa, | ||
| 22 | BN_CTX *ctx); /* Can be null */ | ||
| 23 | int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | ||
| 24 | const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); /* Can be null */ | ||
| 25 | int (*init)(RSA *rsa); /* called at new */ | ||
| 26 | int (*finish)(RSA *rsa); /* called at free */ | ||
| 27 | int flags; /* RSA_METHOD_FLAG_* things */ | ||
| 28 | char *app_data; /* may be needed! */ | ||
| 29 | /* New sign and verify functions: some libraries don't allow arbitrary data | ||
| 30 | * to be signed/verified: this allows them to be used. Note: for this to work | ||
| 31 | * the RSA_public_decrypt() and RSA_private_encrypt() should *NOT* be used | ||
| 32 | * RSA_sign(), RSA_verify() should be used instead. Note: for backwards | ||
| 33 | * compatibility this functionality is only enabled if the RSA_FLAG_SIGN_VER | ||
| 34 | * option is set in 'flags'. | ||
| 35 | */ | ||
| 36 | int (*rsa_sign)(int type, const unsigned char *m, unsigned int m_length, | ||
| 37 | unsigned char *sigret, unsigned int *siglen, const RSA *rsa); | ||
| 38 | int (*rsa_verify)(int dtype, const unsigned char *m, | ||
| 39 | unsigned int m_length, const unsigned char *sigbuf, | ||
| 40 | unsigned int siglen, const RSA *rsa); | ||
| 41 | /* If this callback is NULL, the builtin software RSA key-gen will be used. This | ||
| 42 | * is for behavioural compatibility whilst the code gets rewired, but one day | ||
| 43 | * it would be nice to assume there are no such things as "builtin software" | ||
| 44 | * implementations. */ | ||
| 45 | int (*rsa_keygen)(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb); | ||
| 46 | }; | ||
| 47 | |||
| 48 | struct rsa_st { | ||
| 49 | /* The first parameter is used to pickup errors where | ||
| 50 | * this is passed instead of aEVP_PKEY, it is set to 0 */ | ||
| 51 | int pad; | ||
| 52 | long version; | ||
| 53 | const RSA_METHOD *meth; | ||
| 54 | |||
| 55 | /* functional reference if 'meth' is ENGINE-provided */ | ||
| 56 | ENGINE *engine; | ||
| 57 | BIGNUM *n; | ||
| 58 | BIGNUM *e; | ||
| 59 | BIGNUM *d; | ||
| 60 | BIGNUM *p; | ||
| 61 | BIGNUM *q; | ||
| 62 | BIGNUM *dmp1; | ||
| 63 | BIGNUM *dmq1; | ||
| 64 | BIGNUM *iqmp; | ||
| 65 | |||
| 66 | /* Parameter restrictions for PSS only keys. */ | ||
| 67 | RSA_PSS_PARAMS *pss; | ||
| 68 | |||
| 69 | /* be careful using this if the RSA structure is shared */ | ||
| 70 | CRYPTO_EX_DATA ex_data; | ||
| 71 | int references; | ||
| 72 | int flags; | ||
| 73 | |||
| 74 | /* Used to cache montgomery values */ | ||
| 75 | BN_MONT_CTX *_method_mod_n; | ||
| 76 | BN_MONT_CTX *_method_mod_p; | ||
| 77 | BN_MONT_CTX *_method_mod_q; | ||
| 78 | |||
| 79 | /* all BIGNUM values are actually in the following data, if it is not | ||
| 80 | * NULL */ | ||
| 81 | BN_BLINDING *blinding; | ||
| 82 | BN_BLINDING *mt_blinding; | ||
| 83 | }; | ||
| 84 | |||
| 11 | RSA_PSS_PARAMS *rsa_pss_params_create(const EVP_MD *sigmd, const EVP_MD *mgf1md, | 85 | RSA_PSS_PARAMS *rsa_pss_params_create(const EVP_MD *sigmd, const EVP_MD *mgf1md, |
| 12 | int saltlen); | 86 | int saltlen); |
| 13 | int rsa_pss_get_param(const RSA_PSS_PARAMS *pss, const EVP_MD **pmd, | 87 | int rsa_pss_get_param(const RSA_PSS_PARAMS *pss, const EVP_MD **pmd, |