RSA public-key cryptography standard. More...

#include "core/crypto.h"
#include "pkc/rsa.h"
#include "pkc/rsa_misc.h"
#include "debug.h"

Macros
#define	TRACE_LEVEL CRYPTO_TRACE_LEVEL

Functions
void	rsaInitPublicKey (RsaPublicKey *key)
	Initialize an RSA public key. More...

void	rsaFreePublicKey (RsaPublicKey *key)
	Release an RSA public key. More...

void	rsaInitPrivateKey (RsaPrivateKey *key)
	Initialize an RSA private key. More...

void	rsaFreePrivateKey (RsaPrivateKey *key)
	Release an RSA private key. More...

error_t	rsaGenerateKeyPair (const PrngAlgo prngAlgo, void prngContext, size_t k, uint_t e, RsaPrivateKey privateKey, RsaPublicKey publicKey)
	RSA key pair generation. More...

__weak_func error_t	rsaGeneratePrivateKey (const PrngAlgo prngAlgo, void prngContext, size_t k, uint_t e, RsaPrivateKey *privateKey)
	RSA private key generation. More...

error_t	rsaGeneratePublicKey (const RsaPrivateKey privateKey, RsaPublicKey publicKey)
	Derive the public key from an RSA private key. More...

error_t	rsaesPkcs1v15Encrypt (const PrngAlgo prngAlgo, void prngContext, const RsaPublicKey key, const uint8_t message, size_t messageLen, uint8_t ciphertext, size_t ciphertextLen)
	RSAES-PKCS1-v1_5 encryption operation. More...

error_t	rsaesPkcs1v15Decrypt (const RsaPrivateKey key, const uint8_t ciphertext, size_t ciphertextLen, uint8_t message, size_t messageSize, size_t messageLen)
	RSAES-PKCS1-v1_5 decryption operation. More...

error_t	rsaesOaepEncrypt (const PrngAlgo prngAlgo, void prngContext, const RsaPublicKey key, const HashAlgo hash, const char_t label, const uint8_t message, size_t messageLen, uint8_t ciphertext, size_t ciphertextLen)
	RSAES-OAEP encryption operation. More...

error_t	rsaesOaepDecrypt (const RsaPrivateKey key, const HashAlgo hash, const char_t label, const uint8_t ciphertext, size_t ciphertextLen, uint8_t message, size_t messageSize, size_t messageLen)
	RSAES-OAEP decryption operation. More...

error_t	rsassaPkcs1v15Sign (const RsaPrivateKey key, const HashAlgo hash, const uint8_t digest, uint8_t signature, size_t *signatureLen)
	RSASSA-PKCS1-v1_5 signature generation operation. More...

error_t	rsassaPkcs1v15Verify (const RsaPublicKey key, const HashAlgo hash, const uint8_t digest, const uint8_t signature, size_t signatureLen)
	RSASSA-PKCS1-v1_5 signature verification operation. More...

error_t	rsassaPssSign (const PrngAlgo prngAlgo, void prngContext, const RsaPrivateKey key, const HashAlgo hash, size_t saltLen, const uint8_t digest, uint8_t signature, size_t *signatureLen)
	RSASSA-PSS signature generation operation. More...

error_t	rsassaPssVerify (const RsaPublicKey key, const HashAlgo hash, size_t saltLen, const uint8_t digest, const uint8_t signature, size_t signatureLen)
	RSASSA-PSS signature verification operation. More...

Variables
const uint8_t	PKCS1_OID [8] = {0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01}

const uint8_t	RSA_ENCRYPTION_OID [9] = {0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01}

const uint8_t	MD2_WITH_RSA_ENCRYPTION_OID [9] = {0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x02}

const uint8_t	MD5_WITH_RSA_ENCRYPTION_OID [9] = {0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x04}

const uint8_t	SHA1_WITH_RSA_ENCRYPTION_OID [9] = {0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05}

const uint8_t	SHA224_WITH_RSA_ENCRYPTION_OID [9] = {0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0E}

const uint8_t	SHA256_WITH_RSA_ENCRYPTION_OID [9] = {0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B}

const uint8_t	SHA384_WITH_RSA_ENCRYPTION_OID [9] = {0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0C}

const uint8_t	SHA512_WITH_RSA_ENCRYPTION_OID [9] = {0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0D}

const uint8_t	SHA512_224_WITH_RSA_ENCRYPTION_OID [9] = {0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0F}

const uint8_t	SHA512_256_WITH_RSA_ENCRYPTION_OID [9] = {0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x10}

const uint8_t	RSASSA_PKCS1_V1_5_WITH_SHA3_224_OID [9] = {0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x0D}

const uint8_t	RSASSA_PKCS1_V1_5_WITH_SHA3_256_OID [9] = {0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x0E}

const uint8_t	RSASSA_PKCS1_V1_5_WITH_SHA3_384_OID [9] = {0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x0F}

const uint8_t	RSASSA_PKCS1_V1_5_WITH_SHA3_512_OID [9] = {0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x10}

const uint8_t	RSASSA_PSS_OID [9] = {0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0A}

const uint8_t	RSASSA_PSS_SHAKE128_OID [8] = {0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x06, 0x1E}

const uint8_t	RSASSA_PSS_SHAKE256_OID [8] = {0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x06, 0x1F}

const uint8_t	MGF1_OID [9] = {0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x08}

Detailed Description

RSA public-key cryptography standard.

License

SPDX-License-Identifier: GPL-2.0-or-later

This file is part of CycloneCRYPTO Open.

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.

Description

RSA is an algorithm for public-key cryptography which is suitable for signing as well as encryption. Refer to the following RFCs for complete details:

RFC 2313: PKCS #1: RSA Encryption Version 1.5
RFC 3447: PKCS #1: RSA Cryptography Specifications Version 2.1
RFC 8017: PKCS #1: RSA Cryptography Specifications Version 2.2

Author: Oryx Embedded SARL (www.oryx-embedded.com)

Version: 2.5.0

Definition in file rsa.c.

Macro Definition Documentation

◆ TRACE_LEVEL

#define TRACE_LEVEL CRYPTO_TRACE_LEVEL

Definition at line 40 of file rsa.c.

Function Documentation

◆ rsaesOaepDecrypt()

error_t rsaesOaepDecrypt	(	const RsaPrivateKey *	key,
		const HashAlgo *	hash,
		const char_t *	label,
		const uint8_t *	ciphertext,
		size_t	ciphertextLen,
		uint8_t *	message,
		size_t	messageSize,
		size_t *	messageLen
	)

RSAES-OAEP decryption operation.

Parameters

[in]	key	Recipient's RSA private key
[in]	hash	Underlying hash function
[in]	label	Optional label to be associated with the message
[in]	ciphertext	Ciphertext to be decrypted
[in]	ciphertextLen	Length of the ciphertext to be decrypted
[out]	message	Output buffer where to store the decrypted message
[in]	messageSize	Size of the output buffer
[out]	messageLen	Length of the decrypted message

Returns: Error code

Definition at line 774 of file rsa.c.

◆ rsaesOaepEncrypt()

error_t rsaesOaepEncrypt	(	const PrngAlgo *	prngAlgo,
		void *	prngContext,
		const RsaPublicKey *	key,
		const HashAlgo *	hash,
		const char_t *	label,
		const uint8_t *	message,
		size_t	messageLen,
		uint8_t *	ciphertext,
		size_t *	ciphertextLen
	)

RSAES-OAEP encryption operation.

Parameters

[in]	prngAlgo	PRNG algorithm
[in]	prngContext	Pointer to the PRNG context
[in]	key	Recipient's RSA public key
[in]	hash	Underlying hash function
[in]	label	Optional label to be associated with the message
[in]	message	Message to be encrypted
[in]	messageLen	Length of the message to be encrypted
[out]	ciphertext	Ciphertext resulting from the encryption operation
[out]	ciphertextLen	Length of the resulting ciphertext

Returns: Error code

Definition at line 668 of file rsa.c.

◆ rsaesPkcs1v15Decrypt()

error_t rsaesPkcs1v15Decrypt	(	const RsaPrivateKey *	key,
		const uint8_t *	ciphertext,
		size_t	ciphertextLen,
		uint8_t *	message,
		size_t	messageSize,
		size_t *	messageLen
	)

RSAES-PKCS1-v1_5 decryption operation.

Parameters

[in]	key	Recipient's RSA private key
[in]	ciphertext	Ciphertext to be decrypted
[in]	ciphertextLen	Length of the ciphertext to be decrypted
[out]	message	Output buffer where to store the decrypted message
[in]	messageSize	Size of the output buffer
[out]	messageLen	Length of the decrypted message

Returns: Error code

Definition at line 507 of file rsa.c.

◆ rsaesPkcs1v15Encrypt()

error_t rsaesPkcs1v15Encrypt	(	const PrngAlgo *	prngAlgo,
		void *	prngContext,
		const RsaPublicKey *	key,
		const uint8_t *	message,
		size_t	messageLen,
		uint8_t *	ciphertext,
		size_t *	ciphertextLen
	)

RSAES-PKCS1-v1_5 encryption operation.

Parameters

[in]	prngAlgo	PRNG algorithm
[in]	prngContext	Pointer to the PRNG context
[in]	key	Recipient's RSA public key
[in]	message	Message to be encrypted
[in]	messageLen	Length of the message to be encrypted
[out]	ciphertext	Ciphertext resulting from the encryption operation
[out]	ciphertextLen	Length of the resulting ciphertext

Returns: Error code

Definition at line 409 of file rsa.c.

◆ rsaFreePrivateKey()

void rsaFreePrivateKey ( RsaPrivateKey * key )

Release an RSA private key.

Parameters

[in] key Pointer to the RSA private key to free

Definition at line 148 of file rsa.c.

◆ rsaFreePublicKey()

void rsaFreePublicKey ( RsaPublicKey * key )

Release an RSA public key.

Parameters

[in] key Pointer to the RSA public key to free

Definition at line 113 of file rsa.c.

◆ rsaGenerateKeyPair()

error_t rsaGenerateKeyPair	(	const PrngAlgo *	prngAlgo,
		void *	prngContext,
		size_t	k,
		uint_t	e,
		RsaPrivateKey *	privateKey,
		RsaPublicKey *	publicKey
	)

RSA key pair generation.

Parameters

[in]	prngAlgo	PRNG algorithm
[in]	prngContext	Pointer to the PRNG context
[in]	k	Required bit length of the modulus n
[in]	e	Public exponent (3, 5, 17, 257 or 65537)
[out]	privateKey	RSA private key
[out]	publicKey	RSA public key

Returns: Error code

Definition at line 173 of file rsa.c.

◆ rsaGeneratePrivateKey()

__weak_func error_t rsaGeneratePrivateKey	(	const PrngAlgo *	prngAlgo,
		void *	prngContext,
		size_t	k,
		uint_t	e,
		RsaPrivateKey *	privateKey
	)

RSA private key generation.

Parameters

[in]	prngAlgo	PRNG algorithm
[in]	prngContext	Pointer to the PRNG context
[in]	k	Required bit length of the modulus n
[in]	e	Public exponent (3, 5, 17, 257 or 65537)
[out]	privateKey	RSA private key

Returns: Error code

Definition at line 203 of file rsa.c.

◆ rsaGeneratePublicKey()

error_t rsaGeneratePublicKey	(	const RsaPrivateKey *	privateKey,
		RsaPublicKey *	publicKey
	)

Derive the public key from an RSA private key.

Parameters

[in]	privateKey	RSA private key
[out]	publicKey	RSA public key

Returns: Error code

Definition at line 364 of file rsa.c.

◆ rsaInitPrivateKey()

void rsaInitPrivateKey ( RsaPrivateKey * key )

Initialize an RSA private key.

Parameters

[in] key Pointer to the RSA private key to initialize

Definition at line 126 of file rsa.c.

◆ rsaInitPublicKey()

void rsaInitPublicKey ( RsaPublicKey * key )

Initialize an RSA public key.

Parameters

[in] key Pointer to the RSA public key to initialize

Definition at line 100 of file rsa.c.

◆ rsassaPkcs1v15Sign()

error_t rsassaPkcs1v15Sign	(	const RsaPrivateKey *	key,
		const HashAlgo *	hash,
		const uint8_t *	digest,
		uint8_t *	signature,
		size_t *	signatureLen
	)

RSASSA-PKCS1-v1_5 signature generation operation.

Parameters

[in]	key	Signer's RSA private key
[in]	hash	Hash function used to digest the message
[in]	digest	Digest of the message to be signed
[out]	signature	Resulting signature
[out]	signatureLen	Length of the resulting signature

Returns: Error code

Definition at line 935 of file rsa.c.

◆ rsassaPkcs1v15Verify()

error_t rsassaPkcs1v15Verify	(	const RsaPublicKey *	key,
		const HashAlgo *	hash,
		const uint8_t *	digest,
		const uint8_t *	signature,
		size_t	signatureLen
	)

RSASSA-PKCS1-v1_5 signature verification operation.

Parameters

[in]	key	Signer's RSA public key
[in]	hash	Hash function used to digest the message
[in]	digest	Digest of the message whose signature is to be verified
[in]	signature	Signature to be verified
[in]	signatureLen	Length of the signature to be verified

Returns: Error code

Definition at line 1068 of file rsa.c.

◆ rsassaPssSign()

error_t rsassaPssSign	(	const PrngAlgo *	prngAlgo,
		void *	prngContext,
		const RsaPrivateKey *	key,
		const HashAlgo *	hash,
		size_t	saltLen,
		const uint8_t *	digest,
		uint8_t *	signature,
		size_t *	signatureLen
	)

RSASSA-PSS signature generation operation.

Parameters

[in]	prngAlgo	PRNG algorithm
[in]	prngContext	Pointer to the PRNG context
[in]	key	Signer's RSA private key
[in]	hash	Hash function used to digest the message
[in]	saltLen	Length of the salt, in bytes
[in]	digest	Digest of the message to be signed
[out]	signature	Resulting signature
[out]	signatureLen	Length of the resulting signature

Returns: Error code

Definition at line 1189 of file rsa.c.

◆ rsassaPssVerify()

error_t rsassaPssVerify	(	const RsaPublicKey *	key,
		const HashAlgo *	hash,
		size_t	saltLen,
		const uint8_t *	digest,
		const uint8_t *	signature,
		size_t	signatureLen
	)

RSASSA-PSS signature verification operation.

Parameters

[in]	key	Signer's RSA public key
[in]	hash	Hash function used to digest the message
[in]	saltLen	Length of the salt, in bytes
[in]	digest	Digest of the message whose signature is to be verified
[in]	signature	Signature to be verified
[in]	signatureLen	Length of the signature to be verified

Returns: Error code

Definition at line 1309 of file rsa.c.

Variable Documentation

◆ MD2_WITH_RSA_ENCRYPTION_OID

const uint8_t MD2_WITH_RSA_ENCRYPTION_OID[9] = {0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x02}

Definition at line 57 of file rsa.c.

◆ MD5_WITH_RSA_ENCRYPTION_OID

const uint8_t MD5_WITH_RSA_ENCRYPTION_OID[9] = {0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x04}

Definition at line 59 of file rsa.c.

◆ MGF1_OID

const uint8_t MGF1_OID[9] = {0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x08}

Definition at line 92 of file rsa.c.

◆ PKCS1_OID

const uint8_t PKCS1_OID[8] = {0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01}

Definition at line 52 of file rsa.c.

◆ RSA_ENCRYPTION_OID

const uint8_t RSA_ENCRYPTION_OID[9] = {0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01}

Definition at line 54 of file rsa.c.

◆ RSASSA_PKCS1_V1_5_WITH_SHA3_224_OID

const uint8_t RSASSA_PKCS1_V1_5_WITH_SHA3_224_OID[9] = {0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x0D}

Definition at line 76 of file rsa.c.

◆ RSASSA_PKCS1_V1_5_WITH_SHA3_256_OID

const uint8_t RSASSA_PKCS1_V1_5_WITH_SHA3_256_OID[9] = {0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x0E}

Definition at line 78 of file rsa.c.

◆ RSASSA_PKCS1_V1_5_WITH_SHA3_384_OID

const uint8_t RSASSA_PKCS1_V1_5_WITH_SHA3_384_OID[9] = {0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x0F}

Definition at line 80 of file rsa.c.

◆ RSASSA_PKCS1_V1_5_WITH_SHA3_512_OID

const uint8_t RSASSA_PKCS1_V1_5_WITH_SHA3_512_OID[9] = {0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x10}

Definition at line 82 of file rsa.c.

◆ RSASSA_PSS_OID

const uint8_t RSASSA_PSS_OID[9] = {0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0A}

Definition at line 85 of file rsa.c.

◆ RSASSA_PSS_SHAKE128_OID

const uint8_t RSASSA_PSS_SHAKE128_OID[8] = {0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x06, 0x1E}

Definition at line 87 of file rsa.c.

◆ RSASSA_PSS_SHAKE256_OID

const uint8_t RSASSA_PSS_SHAKE256_OID[8] = {0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x06, 0x1F}

Definition at line 89 of file rsa.c.

◆ SHA1_WITH_RSA_ENCRYPTION_OID

const uint8_t SHA1_WITH_RSA_ENCRYPTION_OID[9] = {0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05}

Definition at line 61 of file rsa.c.

◆ SHA224_WITH_RSA_ENCRYPTION_OID

const uint8_t SHA224_WITH_RSA_ENCRYPTION_OID[9] = {0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0E}

Definition at line 63 of file rsa.c.

◆ SHA256_WITH_RSA_ENCRYPTION_OID

const uint8_t SHA256_WITH_RSA_ENCRYPTION_OID[9] = {0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B}

Definition at line 65 of file rsa.c.

◆ SHA384_WITH_RSA_ENCRYPTION_OID

const uint8_t SHA384_WITH_RSA_ENCRYPTION_OID[9] = {0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0C}

Definition at line 67 of file rsa.c.

◆ SHA512_224_WITH_RSA_ENCRYPTION_OID

const uint8_t SHA512_224_WITH_RSA_ENCRYPTION_OID[9] = {0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0F}

Definition at line 71 of file rsa.c.

◆ SHA512_256_WITH_RSA_ENCRYPTION_OID

const uint8_t SHA512_256_WITH_RSA_ENCRYPTION_OID[9] = {0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x10}

Definition at line 73 of file rsa.c.

◆ SHA512_WITH_RSA_ENCRYPTION_OID

const uint8_t SHA512_WITH_RSA_ENCRYPTION_OID[9] = {0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0D}

Definition at line 69 of file rsa.c.

Macros

Functions

Variables

Detailed Description

License

Description

Macro Definition Documentation

◆ TRACE_LEVEL

Function Documentation

◆ rsaesOaepDecrypt()

◆ rsaesOaepEncrypt()

◆ rsaesPkcs1v15Decrypt()

◆ rsaesPkcs1v15Encrypt()

◆ rsaFreePrivateKey()

◆ rsaFreePublicKey()

◆ rsaGenerateKeyPair()

◆ rsaGeneratePrivateKey()

◆ rsaGeneratePublicKey()

◆ rsaInitPrivateKey()

◆ rsaInitPublicKey()

◆ rsassaPkcs1v15Sign()

◆ rsassaPkcs1v15Verify()

◆ rsassaPssSign()

◆ rsassaPssVerify()

Variable Documentation

◆ MD2_WITH_RSA_ENCRYPTION_OID

◆ MD5_WITH_RSA_ENCRYPTION_OID

◆ MGF1_OID

◆ PKCS1_OID

◆ RSA_ENCRYPTION_OID

◆ RSASSA_PKCS1_V1_5_WITH_SHA3_224_OID

◆ RSASSA_PKCS1_V1_5_WITH_SHA3_256_OID

◆ RSASSA_PKCS1_V1_5_WITH_SHA3_384_OID

◆ RSASSA_PKCS1_V1_5_WITH_SHA3_512_OID

◆ RSASSA_PSS_OID

◆ RSASSA_PSS_SHAKE128_OID

◆ RSASSA_PSS_SHAKE256_OID

◆ SHA1_WITH_RSA_ENCRYPTION_OID

◆ SHA224_WITH_RSA_ENCRYPTION_OID

◆ SHA256_WITH_RSA_ENCRYPTION_OID

◆ SHA384_WITH_RSA_ENCRYPTION_OID

◆ SHA512_224_WITH_RSA_ENCRYPTION_OID

◆ SHA512_256_WITH_RSA_ENCRYPTION_OID

◆ SHA512_WITH_RSA_ENCRYPTION_OID