summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/rsa/rsa.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/rsa/rsa.h')
-rw-r--r--src/lib/libcrypto/rsa/rsa.h79
1 files changed, 79 insertions, 0 deletions
diff --git a/src/lib/libcrypto/rsa/rsa.h b/src/lib/libcrypto/rsa/rsa.h
index cf74343657..4814a2fc15 100644
--- a/src/lib/libcrypto/rsa/rsa.h
+++ b/src/lib/libcrypto/rsa/rsa.h
@@ -222,12 +222,22 @@ struct rsa_st
222 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, EVP_PKEY_CTRL_RSA_PADDING, \ 222 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, EVP_PKEY_CTRL_RSA_PADDING, \
223 pad, NULL) 223 pad, NULL)
224 224
225#define EVP_PKEY_CTX_get_rsa_padding(ctx, ppad) \
226 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, \
227 EVP_PKEY_CTRL_GET_RSA_PADDING, 0, ppad)
228
225#define EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, len) \ 229#define EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, len) \
226 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \ 230 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
227 (EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \ 231 (EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \
228 EVP_PKEY_CTRL_RSA_PSS_SALTLEN, \ 232 EVP_PKEY_CTRL_RSA_PSS_SALTLEN, \
229 len, NULL) 233 len, NULL)
230 234
235#define EVP_PKEY_CTX_get_rsa_pss_saltlen(ctx, plen) \
236 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
237 (EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \
238 EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN, \
239 0, plen)
240
231#define EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, bits) \ 241#define EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, bits) \
232 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \ 242 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \
233 EVP_PKEY_CTRL_RSA_KEYGEN_BITS, bits, NULL) 243 EVP_PKEY_CTRL_RSA_KEYGEN_BITS, bits, NULL)
@@ -236,11 +246,24 @@ struct rsa_st
236 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \ 246 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \
237 EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP, 0, pubexp) 247 EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP, 0, pubexp)
238 248
249#define EVP_PKEY_CTX_set_rsa_mgf1_md(ctx, md) \
250 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_SIG, \
251 EVP_PKEY_CTRL_RSA_MGF1_MD, 0, (void *)md)
252
253#define EVP_PKEY_CTX_get_rsa_mgf1_md(ctx, pmd) \
254 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_SIG, \
255 EVP_PKEY_CTRL_GET_RSA_MGF1_MD, 0, (void *)pmd)
256
239#define EVP_PKEY_CTRL_RSA_PADDING (EVP_PKEY_ALG_CTRL + 1) 257#define EVP_PKEY_CTRL_RSA_PADDING (EVP_PKEY_ALG_CTRL + 1)
240#define EVP_PKEY_CTRL_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 2) 258#define EVP_PKEY_CTRL_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 2)
241 259
242#define EVP_PKEY_CTRL_RSA_KEYGEN_BITS (EVP_PKEY_ALG_CTRL + 3) 260#define EVP_PKEY_CTRL_RSA_KEYGEN_BITS (EVP_PKEY_ALG_CTRL + 3)
243#define EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP (EVP_PKEY_ALG_CTRL + 4) 261#define EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP (EVP_PKEY_ALG_CTRL + 4)
262#define EVP_PKEY_CTRL_RSA_MGF1_MD (EVP_PKEY_ALG_CTRL + 5)
263
264#define EVP_PKEY_CTRL_GET_RSA_PADDING (EVP_PKEY_ALG_CTRL + 6)
265#define EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 7)
266#define EVP_PKEY_CTRL_GET_RSA_MGF1_MD (EVP_PKEY_ALG_CTRL + 8)
244 267
245#define RSA_PKCS1_PADDING 1 268#define RSA_PKCS1_PADDING 1
246#define RSA_SSLV23_PADDING 2 269#define RSA_SSLV23_PADDING 2
@@ -300,6 +323,16 @@ const RSA_METHOD *RSA_null_method(void);
300DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPublicKey) 323DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPublicKey)
301DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPrivateKey) 324DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPrivateKey)
302 325
326typedef struct rsa_pss_params_st
327 {
328 X509_ALGOR *hashAlgorithm;
329 X509_ALGOR *maskGenAlgorithm;
330 ASN1_INTEGER *saltLength;
331 ASN1_INTEGER *trailerField;
332 } RSA_PSS_PARAMS;
333
334DECLARE_ASN1_FUNCTIONS(RSA_PSS_PARAMS)
335
303#ifndef OPENSSL_NO_FP_API 336#ifndef OPENSSL_NO_FP_API
304int RSA_print_fp(FILE *fp, const RSA *r,int offset); 337int RSA_print_fp(FILE *fp, const RSA *r,int offset);
305#endif 338#endif
@@ -380,6 +413,14 @@ int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM,
380 const unsigned char *mHash, 413 const unsigned char *mHash,
381 const EVP_MD *Hash, int sLen); 414 const EVP_MD *Hash, int sLen);
382 415
416int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
417 const EVP_MD *Hash, const EVP_MD *mgf1Hash,
418 const unsigned char *EM, int sLen);
419
420int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
421 const unsigned char *mHash,
422 const EVP_MD *Hash, const EVP_MD *mgf1Hash, int sLen);
423
383int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, 424int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
384 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); 425 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
385int RSA_set_ex_data(RSA *r,int idx,void *arg); 426int RSA_set_ex_data(RSA *r,int idx,void *arg);
@@ -388,6 +429,25 @@ void *RSA_get_ex_data(const RSA *r, int idx);
388RSA *RSAPublicKey_dup(RSA *rsa); 429RSA *RSAPublicKey_dup(RSA *rsa);
389RSA *RSAPrivateKey_dup(RSA *rsa); 430RSA *RSAPrivateKey_dup(RSA *rsa);
390 431
432/* If this flag is set the RSA method is FIPS compliant and can be used
433 * in FIPS mode. This is set in the validated module method. If an
434 * application sets this flag in its own methods it is its responsibility
435 * to ensure the result is compliant.
436 */
437
438#define RSA_FLAG_FIPS_METHOD 0x0400
439
440/* If this flag is set the operations normally disabled in FIPS mode are
441 * permitted it is then the applications responsibility to ensure that the
442 * usage is compliant.
443 */
444
445#define RSA_FLAG_NON_FIPS_ALLOW 0x0400
446/* Application has decided PRNG is good enough to generate a key: don't
447 * check.
448 */
449#define RSA_FLAG_CHECKED 0x0800
450
391/* BEGIN ERROR CODES */ 451/* BEGIN ERROR CODES */
392/* The following lines are auto generated by the script mkerr.pl. Any changes 452/* The following lines are auto generated by the script mkerr.pl. Any changes
393 * made after this point may be overwritten when the script is next run. 453 * made after this point may be overwritten when the script is next run.
@@ -405,6 +465,7 @@ void ERR_load_RSA_strings(void);
405#define RSA_F_PKEY_RSA_CTRL 143 465#define RSA_F_PKEY_RSA_CTRL 143
406#define RSA_F_PKEY_RSA_CTRL_STR 144 466#define RSA_F_PKEY_RSA_CTRL_STR 144
407#define RSA_F_PKEY_RSA_SIGN 142 467#define RSA_F_PKEY_RSA_SIGN 142
468#define RSA_F_PKEY_RSA_VERIFY 154
408#define RSA_F_PKEY_RSA_VERIFYRECOVER 141 469#define RSA_F_PKEY_RSA_VERIFYRECOVER 141
409#define RSA_F_RSA_BUILTIN_KEYGEN 129 470#define RSA_F_RSA_BUILTIN_KEYGEN 129
410#define RSA_F_RSA_CHECK_KEY 123 471#define RSA_F_RSA_CHECK_KEY 123
@@ -413,6 +474,8 @@ void ERR_load_RSA_strings(void);
413#define RSA_F_RSA_EAY_PUBLIC_DECRYPT 103 474#define RSA_F_RSA_EAY_PUBLIC_DECRYPT 103
414#define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 104 475#define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 104
415#define RSA_F_RSA_GENERATE_KEY 105 476#define RSA_F_RSA_GENERATE_KEY 105
477#define RSA_F_RSA_GENERATE_KEY_EX 155
478#define RSA_F_RSA_ITEM_VERIFY 156
416#define RSA_F_RSA_MEMORY_LOCK 130 479#define RSA_F_RSA_MEMORY_LOCK 130
417#define RSA_F_RSA_NEW_METHOD 106 480#define RSA_F_RSA_NEW_METHOD 106
418#define RSA_F_RSA_NULL 124 481#define RSA_F_RSA_NULL 124
@@ -424,6 +487,7 @@ void ERR_load_RSA_strings(void);
424#define RSA_F_RSA_PADDING_ADD_NONE 107 487#define RSA_F_RSA_PADDING_ADD_NONE 107
425#define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP 121 488#define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP 121
426#define RSA_F_RSA_PADDING_ADD_PKCS1_PSS 125 489#define RSA_F_RSA_PADDING_ADD_PKCS1_PSS 125
490#define RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1 148
427#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 108 491#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 108
428#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 109 492#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 109
429#define RSA_F_RSA_PADDING_ADD_SSLV23 110 493#define RSA_F_RSA_PADDING_ADD_SSLV23 110
@@ -436,8 +500,12 @@ void ERR_load_RSA_strings(void);
436#define RSA_F_RSA_PADDING_CHECK_X931 128 500#define RSA_F_RSA_PADDING_CHECK_X931 128
437#define RSA_F_RSA_PRINT 115 501#define RSA_F_RSA_PRINT 115
438#define RSA_F_RSA_PRINT_FP 116 502#define RSA_F_RSA_PRINT_FP 116
503#define RSA_F_RSA_PRIVATE_DECRYPT 150
504#define RSA_F_RSA_PRIVATE_ENCRYPT 151
439#define RSA_F_RSA_PRIV_DECODE 137 505#define RSA_F_RSA_PRIV_DECODE 137
440#define RSA_F_RSA_PRIV_ENCODE 138 506#define RSA_F_RSA_PRIV_ENCODE 138
507#define RSA_F_RSA_PUBLIC_DECRYPT 152
508#define RSA_F_RSA_PUBLIC_ENCRYPT 153
441#define RSA_F_RSA_PUB_DECODE 139 509#define RSA_F_RSA_PUB_DECODE 139
442#define RSA_F_RSA_SETUP_BLINDING 136 510#define RSA_F_RSA_SETUP_BLINDING 136
443#define RSA_F_RSA_SIGN 117 511#define RSA_F_RSA_SIGN 117
@@ -445,6 +513,7 @@ void ERR_load_RSA_strings(void);
445#define RSA_F_RSA_VERIFY 119 513#define RSA_F_RSA_VERIFY 119
446#define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 120 514#define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 120
447#define RSA_F_RSA_VERIFY_PKCS1_PSS 126 515#define RSA_F_RSA_VERIFY_PKCS1_PSS 126
516#define RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1 149
448 517
449/* Reason codes. */ 518/* Reason codes. */
450#define RSA_R_ALGORITHM_MISMATCH 100 519#define RSA_R_ALGORITHM_MISMATCH 100
@@ -470,19 +539,24 @@ void ERR_load_RSA_strings(void);
470#define RSA_R_INVALID_HEADER 137 539#define RSA_R_INVALID_HEADER 137
471#define RSA_R_INVALID_KEYBITS 145 540#define RSA_R_INVALID_KEYBITS 145
472#define RSA_R_INVALID_MESSAGE_LENGTH 131 541#define RSA_R_INVALID_MESSAGE_LENGTH 131
542#define RSA_R_INVALID_MGF1_MD 156
473#define RSA_R_INVALID_PADDING 138 543#define RSA_R_INVALID_PADDING 138
474#define RSA_R_INVALID_PADDING_MODE 141 544#define RSA_R_INVALID_PADDING_MODE 141
545#define RSA_R_INVALID_PSS_PARAMETERS 149
475#define RSA_R_INVALID_PSS_SALTLEN 146 546#define RSA_R_INVALID_PSS_SALTLEN 146
547#define RSA_R_INVALID_SALT_LENGTH 150
476#define RSA_R_INVALID_TRAILER 139 548#define RSA_R_INVALID_TRAILER 139
477#define RSA_R_INVALID_X931_DIGEST 142 549#define RSA_R_INVALID_X931_DIGEST 142
478#define RSA_R_IQMP_NOT_INVERSE_OF_Q 126 550#define RSA_R_IQMP_NOT_INVERSE_OF_Q 126
479#define RSA_R_KEY_SIZE_TOO_SMALL 120 551#define RSA_R_KEY_SIZE_TOO_SMALL 120
480#define RSA_R_LAST_OCTET_INVALID 134 552#define RSA_R_LAST_OCTET_INVALID 134
481#define RSA_R_MODULUS_TOO_LARGE 105 553#define RSA_R_MODULUS_TOO_LARGE 105
554#define RSA_R_NON_FIPS_RSA_METHOD 157
482#define RSA_R_NO_PUBLIC_EXPONENT 140 555#define RSA_R_NO_PUBLIC_EXPONENT 140
483#define RSA_R_NULL_BEFORE_BLOCK_MISSING 113 556#define RSA_R_NULL_BEFORE_BLOCK_MISSING 113
484#define RSA_R_N_DOES_NOT_EQUAL_P_Q 127 557#define RSA_R_N_DOES_NOT_EQUAL_P_Q 127
485#define RSA_R_OAEP_DECODING_ERROR 121 558#define RSA_R_OAEP_DECODING_ERROR 121
559#define RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE 158
486#define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 148 560#define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 148
487#define RSA_R_PADDING_CHECK_FAILED 114 561#define RSA_R_PADDING_CHECK_FAILED 114
488#define RSA_R_P_NOT_PRIME 128 562#define RSA_R_P_NOT_PRIME 128
@@ -493,7 +567,12 @@ void ERR_load_RSA_strings(void);
493#define RSA_R_SSLV3_ROLLBACK_ATTACK 115 567#define RSA_R_SSLV3_ROLLBACK_ATTACK 115
494#define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116 568#define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116
495#define RSA_R_UNKNOWN_ALGORITHM_TYPE 117 569#define RSA_R_UNKNOWN_ALGORITHM_TYPE 117
570#define RSA_R_UNKNOWN_MASK_DIGEST 151
496#define RSA_R_UNKNOWN_PADDING_TYPE 118 571#define RSA_R_UNKNOWN_PADDING_TYPE 118
572#define RSA_R_UNKNOWN_PSS_DIGEST 152
573#define RSA_R_UNSUPPORTED_MASK_ALGORITHM 153
574#define RSA_R_UNSUPPORTED_MASK_PARAMETER 154
575#define RSA_R_UNSUPPORTED_SIGNATURE_TYPE 155
497#define RSA_R_VALUE_MISSING 147 576#define RSA_R_VALUE_MISSING 147
498#define RSA_R_WRONG_SIGNATURE_LENGTH 119 577#define RSA_R_WRONG_SIGNATURE_LENGTH 119
499 578
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 07:31:38 +0000