LTKCPP-- LLRP Toolkit C Plus Plus Library
rsa.h
00001 /* crypto/rsa/rsa.h */
00002 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
00003  * All rights reserved.
00004  *
00005  * This package is an SSL implementation written
00006  * by Eric Young (eay@cryptsoft.com).
00007  * The implementation was written so as to conform with Netscapes SSL.
00008  *
00009  * This library is free for commercial and non-commercial use as long as
00010  * the following conditions are aheared to.  The following conditions
00011  * apply to all code found in this distribution, be it the RC4, RSA,
00012  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
00013  * included with this distribution is covered by the same copyright terms
00014  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
00015  *
00016  * Copyright remains Eric Young's, and as such any Copyright notices in
00017  * the code are not to be removed.
00018  * If this package is used in a product, Eric Young should be given attribution
00019  * as the author of the parts of the library used.
00020  * This can be in the form of a textual message at program startup or
00021  * in documentation (online or textual) provided with the package.
00022  *
00023  * Redistribution and use in source and binary forms, with or without
00024  * modification, are permitted provided that the following conditions
00025  * are met:
00026  * 1. Redistributions of source code must retain the copyright
00027  *    notice, this list of conditions and the following disclaimer.
00028  * 2. Redistributions in binary form must reproduce the above copyright
00029  *    notice, this list of conditions and the following disclaimer in the
00030  *    documentation and/or other materials provided with the distribution.
00031  * 3. All advertising materials mentioning features or use of this software
00032  *    must display the following acknowledgement:
00033  *    "This product includes cryptographic software written by
00034  *     Eric Young (eay@cryptsoft.com)"
00035  *    The word 'cryptographic' can be left out if the rouines from the library
00036  *    being used are not cryptographic related :-).
00037  * 4. If you include any Windows specific code (or a derivative thereof) from
00038  *    the apps directory (application code) you must include an acknowledgement:
00039  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
00040  *
00041  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
00042  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
00043  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
00044  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
00045  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
00046  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
00047  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
00048  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
00049  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
00050  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
00051  * SUCH DAMAGE.
00052  *
00053  * The licence and distribution terms for any publically available version or
00054  * derivative of this code cannot be changed.  i.e. this code cannot simply be
00055  * copied and put under another distribution licence
00056  * [including the GNU Public Licence.]
00057  */
00058 
00059 #ifndef HEADER_RSA_H
00060 # define HEADER_RSA_H
00061 
00062 # include <openssl/asn1.h>
00063 
00064 # ifndef OPENSSL_NO_BIO
00065 #  include <openssl/bio.h>
00066 # endif
00067 # include <openssl/crypto.h>
00068 # include <openssl/ossl_typ.h>
00069 # ifndef OPENSSL_NO_DEPRECATED
00070 #  include <openssl/bn.h>
00071 # endif
00072 
00073 # ifdef OPENSSL_NO_RSA
00074 #  error RSA is disabled.
00075 # endif
00076 
00077 #ifdef  __cplusplus
00078 extern "C" {
00079 #endif
00080 
00081 /* Declared already in ossl_typ.h */
00082 /* typedef struct rsa_st RSA; */
00083 /* typedef struct rsa_meth_st RSA_METHOD; */
00084 
00085 struct rsa_meth_st {
00086     const char *name;
00087     int (*rsa_pub_enc) (int flen, const unsigned char *from,
00088                         unsigned char *to, RSA *rsa, int padding);
00089     int (*rsa_pub_dec) (int flen, const unsigned char *from,
00090                         unsigned char *to, RSA *rsa, int padding);
00091     int (*rsa_priv_enc) (int flen, const unsigned char *from,
00092                          unsigned char *to, RSA *rsa, int padding);
00093     int (*rsa_priv_dec) (int flen, const unsigned char *from,
00094                          unsigned char *to, RSA *rsa, int padding);
00095     /* Can be null */
00096     int (*rsa_mod_exp) (BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx);
00097     /* Can be null */
00098     int (*bn_mod_exp) (BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
00099                        const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
00100     /* called at new */
00101     int (*init) (RSA *rsa);
00102     /* called at free */
00103     int (*finish) (RSA *rsa);
00104     /* RSA_METHOD_FLAG_* things */
00105     int flags;
00106     /* may be needed! */
00107     char *app_data;
00108     /*
00109      * New sign and verify functions: some libraries don't allow arbitrary
00110      * data to be signed/verified: this allows them to be used. Note: for
00111      * this to work the RSA_public_decrypt() and RSA_private_encrypt() should
00112      * *NOT* be used RSA_sign(), RSA_verify() should be used instead. Note:
00113      * for backwards compatibility this functionality is only enabled if the
00114      * RSA_FLAG_SIGN_VER option is set in 'flags'.
00115      */
00116     int (*rsa_sign) (int type,
00117                      const unsigned char *m, unsigned int m_length,
00118                      unsigned char *sigret, unsigned int *siglen,
00119                      const RSA *rsa);
00120     int (*rsa_verify) (int dtype, const unsigned char *m,
00121                        unsigned int m_length, const unsigned char *sigbuf,
00122                        unsigned int siglen, const RSA *rsa);
00123     /*
00124      * If this callback is NULL, the builtin software RSA key-gen will be
00125      * used. This is for behavioural compatibility whilst the code gets
00126      * rewired, but one day it would be nice to assume there are no such
00127      * things as "builtin software" implementations.
00128      */
00129     int (*rsa_keygen) (RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
00130 };
00131 
00132 struct rsa_st {
00133     /*
00134      * The first parameter is used to pickup errors where this is passed
00135      * instead of aEVP_PKEY, it is set to 0
00136      */
00137     int pad;
00138     long version;
00139     const RSA_METHOD *meth;
00140     /* functional reference if 'meth' is ENGINE-provided */
00141     ENGINE *engine;
00142     BIGNUM *n;
00143     BIGNUM *e;
00144     BIGNUM *d;
00145     BIGNUM *p;
00146     BIGNUM *q;
00147     BIGNUM *dmp1;
00148     BIGNUM *dmq1;
00149     BIGNUM *iqmp;
00150     /* be careful using this if the RSA structure is shared */
00151     CRYPTO_EX_DATA ex_data;
00152     int references;
00153     int flags;
00154     /* Used to cache montgomery values */
00155     BN_MONT_CTX *_method_mod_n;
00156     BN_MONT_CTX *_method_mod_p;
00157     BN_MONT_CTX *_method_mod_q;
00158     /*
00159      * all BIGNUM values are actually in the following data, if it is not
00160      * NULL
00161      */
00162     char *bignum_data;
00163     BN_BLINDING *blinding;
00164     BN_BLINDING *mt_blinding;
00165 };
00166 
00167 # ifndef OPENSSL_RSA_MAX_MODULUS_BITS
00168 #  define OPENSSL_RSA_MAX_MODULUS_BITS   16384
00169 # endif
00170 
00171 # ifndef OPENSSL_RSA_SMALL_MODULUS_BITS
00172 #  define OPENSSL_RSA_SMALL_MODULUS_BITS 3072
00173 # endif
00174 # ifndef OPENSSL_RSA_MAX_PUBEXP_BITS
00175 
00176 /* exponent limit enforced for "large" modulus only */
00177 #  define OPENSSL_RSA_MAX_PUBEXP_BITS    64
00178 # endif
00179 
00180 # define RSA_3   0x3L
00181 # define RSA_F4  0x10001L
00182 
00183 # define RSA_METHOD_FLAG_NO_CHECK        0x0001/* don't check pub/private
00184                                                 * match */
00185 
00186 # define RSA_FLAG_CACHE_PUBLIC           0x0002
00187 # define RSA_FLAG_CACHE_PRIVATE          0x0004
00188 # define RSA_FLAG_BLINDING               0x0008
00189 # define RSA_FLAG_THREAD_SAFE            0x0010
00190 /*
00191  * This flag means the private key operations will be handled by rsa_mod_exp
00192  * and that they do not depend on the private key components being present:
00193  * for example a key stored in external hardware. Without this flag
00194  * bn_mod_exp gets called when private key components are absent.
00195  */
00196 # define RSA_FLAG_EXT_PKEY               0x0020
00197 
00198 /*
00199  * This flag in the RSA_METHOD enables the new rsa_sign, rsa_verify
00200  * functions.
00201  */
00202 # define RSA_FLAG_SIGN_VER               0x0040
00203 
00204 /*
00205  * new with 0.9.6j and 0.9.7b; the built-in
00206  * RSA implementation now uses blinding by
00207  * default (ignoring RSA_FLAG_BLINDING),
00208  * but other engines might not need it
00209  */
00210 # define RSA_FLAG_NO_BLINDING            0x0080
00211 /*
00212  * new with 0.9.8f; the built-in RSA
00213  * implementation now uses constant time
00214  * operations by default in private key operations,
00215  * e.g., constant time modular exponentiation,
00216  * modular inverse without leaking branches,
00217  * division without leaking branches. This
00218  * flag disables these constant time
00219  * operations and results in faster RSA
00220  * private key operations.
00221  */
00222 # define RSA_FLAG_NO_CONSTTIME           0x0100
00223 # ifdef OPENSSL_USE_DEPRECATED
00224 /* deprecated name for the flag*/
00225 /*
00226  * new with 0.9.7h; the built-in RSA
00227  * implementation now uses constant time
00228  * modular exponentiation for secret exponents
00229  * by default. This flag causes the
00230  * faster variable sliding window method to
00231  * be used for all exponents.
00232  */
00233 #  define RSA_FLAG_NO_EXP_CONSTTIME RSA_FLAG_NO_CONSTTIME
00234 # endif
00235 
00236 # define EVP_PKEY_CTX_set_rsa_padding(ctx, pad) \
00237         EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, EVP_PKEY_CTRL_RSA_PADDING, \
00238                                 pad, NULL)
00239 
00240 # define EVP_PKEY_CTX_get_rsa_padding(ctx, ppad) \
00241         EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, \
00242                                 EVP_PKEY_CTRL_GET_RSA_PADDING, 0, ppad)
00243 
00244 # define EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, len) \
00245         EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
00246                                 (EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \
00247                                 EVP_PKEY_CTRL_RSA_PSS_SALTLEN, \
00248                                 len, NULL)
00249 
00250 # define EVP_PKEY_CTX_get_rsa_pss_saltlen(ctx, plen) \
00251         EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
00252                                 (EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \
00253                                 EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN, \
00254                                 0, plen)
00255 
00256 # define EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, bits) \
00257         EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \
00258                                 EVP_PKEY_CTRL_RSA_KEYGEN_BITS, bits, NULL)
00259 
00260 # define EVP_PKEY_CTX_set_rsa_keygen_pubexp(ctx, pubexp) \
00261         EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \
00262                                 EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP, 0, pubexp)
00263 
00264 # define  EVP_PKEY_CTX_set_rsa_mgf1_md(ctx, md)  \
00265                 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
00266                         EVP_PKEY_OP_TYPE_SIG | EVP_PKEY_OP_TYPE_CRYPT, \
00267                                 EVP_PKEY_CTRL_RSA_MGF1_MD, 0, (void *)md)
00268 
00269 # define  EVP_PKEY_CTX_set_rsa_oaep_md(ctx, md)  \
00270                 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT,  \
00271                                 EVP_PKEY_CTRL_RSA_OAEP_MD, 0, (void *)md)
00272 
00273 # define  EVP_PKEY_CTX_get_rsa_mgf1_md(ctx, pmd) \
00274                 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
00275                         EVP_PKEY_OP_TYPE_SIG | EVP_PKEY_OP_TYPE_CRYPT, \
00276                                 EVP_PKEY_CTRL_GET_RSA_MGF1_MD, 0, (void *)pmd)
00277 
00278 # define  EVP_PKEY_CTX_get_rsa_oaep_md(ctx, pmd) \
00279                 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT,  \
00280                                 EVP_PKEY_CTRL_GET_RSA_OAEP_MD, 0, (void *)pmd)
00281 
00282 # define  EVP_PKEY_CTX_set0_rsa_oaep_label(ctx, l, llen) \
00283                 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT,  \
00284                                 EVP_PKEY_CTRL_RSA_OAEP_LABEL, llen, (void *)l)
00285 
00286 # define  EVP_PKEY_CTX_get0_rsa_oaep_label(ctx, l)       \
00287                 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT,  \
00288                                 EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL, 0, (void *)l)
00289 
00290 # define EVP_PKEY_CTRL_RSA_PADDING       (EVP_PKEY_ALG_CTRL + 1)
00291 # define EVP_PKEY_CTRL_RSA_PSS_SALTLEN   (EVP_PKEY_ALG_CTRL + 2)
00292 
00293 # define EVP_PKEY_CTRL_RSA_KEYGEN_BITS   (EVP_PKEY_ALG_CTRL + 3)
00294 # define EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP (EVP_PKEY_ALG_CTRL + 4)
00295 # define EVP_PKEY_CTRL_RSA_MGF1_MD       (EVP_PKEY_ALG_CTRL + 5)
00296 
00297 # define EVP_PKEY_CTRL_GET_RSA_PADDING           (EVP_PKEY_ALG_CTRL + 6)
00298 # define EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN       (EVP_PKEY_ALG_CTRL + 7)
00299 # define EVP_PKEY_CTRL_GET_RSA_MGF1_MD           (EVP_PKEY_ALG_CTRL + 8)
00300 
00301 # define EVP_PKEY_CTRL_RSA_OAEP_MD       (EVP_PKEY_ALG_CTRL + 9)
00302 # define EVP_PKEY_CTRL_RSA_OAEP_LABEL    (EVP_PKEY_ALG_CTRL + 10)
00303 
00304 # define EVP_PKEY_CTRL_GET_RSA_OAEP_MD   (EVP_PKEY_ALG_CTRL + 11)
00305 # define EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL (EVP_PKEY_ALG_CTRL + 12)
00306 
00307 # define RSA_PKCS1_PADDING       1
00308 # define RSA_SSLV23_PADDING      2
00309 # define RSA_NO_PADDING          3
00310 # define RSA_PKCS1_OAEP_PADDING  4
00311 # define RSA_X931_PADDING        5
00312 /* EVP_PKEY_ only */
00313 # define RSA_PKCS1_PSS_PADDING   6
00314 
00315 # define RSA_PKCS1_PADDING_SIZE  11
00316 
00317 # define RSA_set_app_data(s,arg)         RSA_set_ex_data(s,0,arg)
00318 # define RSA_get_app_data(s)             RSA_get_ex_data(s,0)
00319 
00320 RSA *RSA_new(void);
00321 RSA *RSA_new_method(ENGINE *engine);
00322 int RSA_size(const RSA *rsa);
00323 
00324 /* Deprecated version */
00325 # ifndef OPENSSL_NO_DEPRECATED
00326 RSA *RSA_generate_key(int bits, unsigned long e, void
00327                        (*callback) (int, int, void *), void *cb_arg);
00328 # endif                         /* !defined(OPENSSL_NO_DEPRECATED) */
00329 
00330 /* New version */
00331 int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
00332 
00333 int RSA_check_key(const RSA *);
00334         /* next 4 return -1 on error */
00335 int RSA_public_encrypt(int flen, const unsigned char *from,
00336                        unsigned char *to, RSA *rsa, int padding);
00337 int RSA_private_encrypt(int flen, const unsigned char *from,
00338                         unsigned char *to, RSA *rsa, int padding);
00339 int RSA_public_decrypt(int flen, const unsigned char *from,
00340                        unsigned char *to, RSA *rsa, int padding);
00341 int RSA_private_decrypt(int flen, const unsigned char *from,
00342                         unsigned char *to, RSA *rsa, int padding);
00343 void RSA_free(RSA *r);
00344 /* "up" the RSA object's reference count */
00345 int RSA_up_ref(RSA *r);
00346 
00347 int RSA_flags(const RSA *r);
00348 
00349 void RSA_set_default_method(const RSA_METHOD *meth);
00350 const RSA_METHOD *RSA_get_default_method(void);
00351 const RSA_METHOD *RSA_get_method(const RSA *rsa);
00352 int RSA_set_method(RSA *rsa, const RSA_METHOD *meth);
00353 
00354 /* This function needs the memory locking malloc callbacks to be installed */
00355 int RSA_memory_lock(RSA *r);
00356 
00357 /* these are the actual SSLeay RSA functions */
00358 const RSA_METHOD *RSA_PKCS1_SSLeay(void);
00359 
00360 const RSA_METHOD *RSA_null_method(void);
00361 
00362 DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPublicKey)
00363 DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPrivateKey)
00364 
00365 typedef struct rsa_pss_params_st {
00366     X509_ALGOR *hashAlgorithm;
00367     X509_ALGOR *maskGenAlgorithm;
00368     ASN1_INTEGER *saltLength;
00369     ASN1_INTEGER *trailerField;
00370 } RSA_PSS_PARAMS;
00371 
00372 DECLARE_ASN1_FUNCTIONS(RSA_PSS_PARAMS)
00373 
00374 typedef struct rsa_oaep_params_st {
00375     X509_ALGOR *hashFunc;
00376     X509_ALGOR *maskGenFunc;
00377     X509_ALGOR *pSourceFunc;
00378 } RSA_OAEP_PARAMS;
00379 
00380 DECLARE_ASN1_FUNCTIONS(RSA_OAEP_PARAMS)
00381 
00382 # ifndef OPENSSL_NO_FP_API
00383 int RSA_print_fp(FILE *fp, const RSA *r, int offset);
00384 # endif
00385 
00386 # ifndef OPENSSL_NO_BIO
00387 int RSA_print(BIO *bp, const RSA *r, int offset);
00388 # endif
00389 
00390 # ifndef OPENSSL_NO_RC4
00391 int i2d_RSA_NET(const RSA *a, unsigned char **pp,
00392                 int (*cb) (char *buf, int len, const char *prompt,
00393                            int verify), int sgckey);
00394 RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length,
00395                  int (*cb) (char *buf, int len, const char *prompt,
00396                             int verify), int sgckey);
00397 
00398 int i2d_Netscape_RSA(const RSA *a, unsigned char **pp,
00399                      int (*cb) (char *buf, int len, const char *prompt,
00400                                 int verify));
00401 RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length,
00402                       int (*cb) (char *buf, int len, const char *prompt,
00403                                  int verify));
00404 # endif
00405 
00406 /*
00407  * The following 2 functions sign and verify a X509_SIG ASN1 object inside
00408  * PKCS#1 padded RSA encryption
00409  */
00410 int RSA_sign(int type, const unsigned char *m, unsigned int m_length,
00411              unsigned char *sigret, unsigned int *siglen, RSA *rsa);
00412 int RSA_verify(int type, const unsigned char *m, unsigned int m_length,
00413                const unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
00414 
00415 /*
00416  * The following 2 function sign and verify a ASN1_OCTET_STRING object inside
00417  * PKCS#1 padded RSA encryption
00418  */
00419 int RSA_sign_ASN1_OCTET_STRING(int type,
00420                                const unsigned char *m, unsigned int m_length,
00421                                unsigned char *sigret, unsigned int *siglen,
00422                                RSA *rsa);
00423 int RSA_verify_ASN1_OCTET_STRING(int type, const unsigned char *m,
00424                                  unsigned int m_length, unsigned char *sigbuf,
00425                                  unsigned int siglen, RSA *rsa);
00426 
00427 int RSA_blinding_on(RSA *rsa, BN_CTX *ctx);
00428 void RSA_blinding_off(RSA *rsa);
00429 BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *ctx);
00430 
00431 int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
00432                                  const unsigned char *f, int fl);
00433 int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
00434                                    const unsigned char *f, int fl,
00435                                    int rsa_len);
00436 int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
00437                                  const unsigned char *f, int fl);
00438 int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
00439                                    const unsigned char *f, int fl,
00440                                    int rsa_len);
00441 int PKCS1_MGF1(unsigned char *mask, long len, const unsigned char *seed,
00442                long seedlen, const EVP_MD *dgst);
00443 int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
00444                                const unsigned char *f, int fl,
00445                                const unsigned char *p, int pl);
00446 int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
00447                                  const unsigned char *f, int fl, int rsa_len,
00448                                  const unsigned char *p, int pl);
00449 int RSA_padding_add_PKCS1_OAEP_mgf1(unsigned char *to, int tlen,
00450                                     const unsigned char *from, int flen,
00451                                     const unsigned char *param, int plen,
00452                                     const EVP_MD *md, const EVP_MD *mgf1md);
00453 int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to, int tlen,
00454                                       const unsigned char *from, int flen,
00455                                       int num, const unsigned char *param,
00456                                       int plen, const EVP_MD *md,
00457                                       const EVP_MD *mgf1md);
00458 int RSA_padding_add_SSLv23(unsigned char *to, int tlen,
00459                            const unsigned char *f, int fl);
00460 int RSA_padding_check_SSLv23(unsigned char *to, int tlen,
00461                              const unsigned char *f, int fl, int rsa_len);
00462 int RSA_padding_add_none(unsigned char *to, int tlen, const unsigned char *f,
00463                          int fl);
00464 int RSA_padding_check_none(unsigned char *to, int tlen,
00465                            const unsigned char *f, int fl, int rsa_len);
00466 int RSA_padding_add_X931(unsigned char *to, int tlen, const unsigned char *f,
00467                          int fl);
00468 int RSA_padding_check_X931(unsigned char *to, int tlen,
00469                            const unsigned char *f, int fl, int rsa_len);
00470 int RSA_X931_hash_id(int nid);
00471 
00472 int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,
00473                          const EVP_MD *Hash, const unsigned char *EM,
00474                          int sLen);
00475 int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM,
00476                               const unsigned char *mHash, const EVP_MD *Hash,
00477                               int sLen);
00478 
00479 int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
00480                               const EVP_MD *Hash, const EVP_MD *mgf1Hash,
00481                               const unsigned char *EM, int sLen);
00482 
00483 int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
00484                                    const unsigned char *mHash,
00485                                    const EVP_MD *Hash, const EVP_MD *mgf1Hash,
00486                                    int sLen);
00487 
00488 int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
00489                          CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
00490 int RSA_set_ex_data(RSA *r, int idx, void *arg);
00491 void *RSA_get_ex_data(const RSA *r, int idx);
00492 
00493 RSA *RSAPublicKey_dup(RSA *rsa);
00494 RSA *RSAPrivateKey_dup(RSA *rsa);
00495 
00496 /*
00497  * If this flag is set the RSA method is FIPS compliant and can be used in
00498  * FIPS mode. This is set in the validated module method. If an application
00499  * sets this flag in its own methods it is its responsibility to ensure the
00500  * result is compliant.
00501  */
00502 
00503 # define RSA_FLAG_FIPS_METHOD                    0x0400
00504 
00505 /*
00506  * If this flag is set the operations normally disabled in FIPS mode are
00507  * permitted it is then the applications responsibility to ensure that the
00508  * usage is compliant.
00509  */
00510 
00511 # define RSA_FLAG_NON_FIPS_ALLOW                 0x0400
00512 /*
00513  * Application has decided PRNG is good enough to generate a key: don't
00514  * check.
00515  */
00516 # define RSA_FLAG_CHECKED                        0x0800
00517 
00518 /* BEGIN ERROR CODES */
00519 /*
00520  * The following lines are auto generated by the script mkerr.pl. Any changes
00521  * made after this point may be overwritten when the script is next run.
00522  */
00523 void ERR_load_RSA_strings(void);
00524 
00525 /* Error codes for the RSA functions. */
00526 
00527 /* Function codes. */
00528 # define RSA_F_CHECK_PADDING_MD                           140
00529 # define RSA_F_DO_RSA_PRINT                               146
00530 # define RSA_F_INT_RSA_VERIFY                             145
00531 # define RSA_F_MEMORY_LOCK                                100
00532 # define RSA_F_OLD_RSA_PRIV_DECODE                        147
00533 # define RSA_F_PKEY_RSA_CTRL                              143
00534 # define RSA_F_PKEY_RSA_CTRL_STR                          144
00535 # define RSA_F_PKEY_RSA_SIGN                              142
00536 # define RSA_F_PKEY_RSA_VERIFY                            154
00537 # define RSA_F_PKEY_RSA_VERIFYRECOVER                     141
00538 # define RSA_F_RSA_ALGOR_TO_MD                            157
00539 # define RSA_F_RSA_BUILTIN_KEYGEN                         129
00540 # define RSA_F_RSA_CHECK_KEY                              123
00541 # define RSA_F_RSA_CMS_DECRYPT                            158
00542 # define RSA_F_RSA_EAY_PRIVATE_DECRYPT                    101
00543 # define RSA_F_RSA_EAY_PRIVATE_ENCRYPT                    102
00544 # define RSA_F_RSA_EAY_PUBLIC_DECRYPT                     103
00545 # define RSA_F_RSA_EAY_PUBLIC_ENCRYPT                     104
00546 # define RSA_F_RSA_GENERATE_KEY                           105
00547 # define RSA_F_RSA_GENERATE_KEY_EX                        155
00548 # define RSA_F_RSA_ITEM_VERIFY                            156
00549 # define RSA_F_RSA_MEMORY_LOCK                            130
00550 # define RSA_F_RSA_MGF1_TO_MD                             159
00551 # define RSA_F_RSA_NEW_METHOD                             106
00552 # define RSA_F_RSA_NULL                                   124
00553 # define RSA_F_RSA_NULL_MOD_EXP                           131
00554 # define RSA_F_RSA_NULL_PRIVATE_DECRYPT                   132
00555 # define RSA_F_RSA_NULL_PRIVATE_ENCRYPT                   133
00556 # define RSA_F_RSA_NULL_PUBLIC_DECRYPT                    134
00557 # define RSA_F_RSA_NULL_PUBLIC_ENCRYPT                    135
00558 # define RSA_F_RSA_PADDING_ADD_NONE                       107
00559 # define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP                 121
00560 # define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP_MGF1            160
00561 # define RSA_F_RSA_PADDING_ADD_PKCS1_PSS                  125
00562 # define RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1             148
00563 # define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1               108
00564 # define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2               109
00565 # define RSA_F_RSA_PADDING_ADD_SSLV23                     110
00566 # define RSA_F_RSA_PADDING_ADD_X931                       127
00567 # define RSA_F_RSA_PADDING_CHECK_NONE                     111
00568 # define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP               122
00569 # define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP_MGF1          161
00570 # define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1             112
00571 # define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2             113
00572 # define RSA_F_RSA_PADDING_CHECK_SSLV23                   114
00573 # define RSA_F_RSA_PADDING_CHECK_X931                     128
00574 # define RSA_F_RSA_PRINT                                  115
00575 # define RSA_F_RSA_PRINT_FP                               116
00576 # define RSA_F_RSA_PRIVATE_DECRYPT                        150
00577 # define RSA_F_RSA_PRIVATE_ENCRYPT                        151
00578 # define RSA_F_RSA_PRIV_DECODE                            137
00579 # define RSA_F_RSA_PRIV_ENCODE                            138
00580 # define RSA_F_RSA_PSS_TO_CTX                             162
00581 # define RSA_F_RSA_PUBLIC_DECRYPT                         152
00582 # define RSA_F_RSA_PUBLIC_ENCRYPT                         153
00583 # define RSA_F_RSA_PUB_DECODE                             139
00584 # define RSA_F_RSA_SETUP_BLINDING                         136
00585 # define RSA_F_RSA_SIGN                                   117
00586 # define RSA_F_RSA_SIGN_ASN1_OCTET_STRING                 118
00587 # define RSA_F_RSA_VERIFY                                 119
00588 # define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING               120
00589 # define RSA_F_RSA_VERIFY_PKCS1_PSS                       126
00590 # define RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1                  149
00591 
00592 /* Reason codes. */
00593 # define RSA_R_ALGORITHM_MISMATCH                         100
00594 # define RSA_R_BAD_E_VALUE                                101
00595 # define RSA_R_BAD_FIXED_HEADER_DECRYPT                   102
00596 # define RSA_R_BAD_PAD_BYTE_COUNT                         103
00597 # define RSA_R_BAD_SIGNATURE                              104
00598 # define RSA_R_BLOCK_TYPE_IS_NOT_01                       106
00599 # define RSA_R_BLOCK_TYPE_IS_NOT_02                       107
00600 # define RSA_R_DATA_GREATER_THAN_MOD_LEN                  108
00601 # define RSA_R_DATA_TOO_LARGE                             109
00602 # define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE                110
00603 # define RSA_R_DATA_TOO_LARGE_FOR_MODULUS                 132
00604 # define RSA_R_DATA_TOO_SMALL                             111
00605 # define RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE                122
00606 # define RSA_R_DIGEST_DOES_NOT_MATCH                      166
00607 # define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY                 112
00608 # define RSA_R_DMP1_NOT_CONGRUENT_TO_D                    124
00609 # define RSA_R_DMQ1_NOT_CONGRUENT_TO_D                    125
00610 # define RSA_R_D_E_NOT_CONGRUENT_TO_1                     123
00611 # define RSA_R_FIRST_OCTET_INVALID                        133
00612 # define RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE        144
00613 # define RSA_R_INVALID_DIGEST                             160
00614 # define RSA_R_INVALID_DIGEST_LENGTH                      143
00615 # define RSA_R_INVALID_HEADER                             137
00616 # define RSA_R_INVALID_KEYBITS                            145
00617 # define RSA_R_INVALID_LABEL                              161
00618 # define RSA_R_INVALID_MESSAGE_LENGTH                     131
00619 # define RSA_R_INVALID_MGF1_MD                            156
00620 # define RSA_R_INVALID_OAEP_PARAMETERS                    162
00621 # define RSA_R_INVALID_PADDING                            138
00622 # define RSA_R_INVALID_PADDING_MODE                       141
00623 # define RSA_R_INVALID_PSS_PARAMETERS                     149
00624 # define RSA_R_INVALID_PSS_SALTLEN                        146
00625 # define RSA_R_INVALID_SALT_LENGTH                        150
00626 # define RSA_R_INVALID_TRAILER                            139
00627 # define RSA_R_INVALID_X931_DIGEST                        142
00628 # define RSA_R_IQMP_NOT_INVERSE_OF_Q                      126
00629 # define RSA_R_KEY_SIZE_TOO_SMALL                         120
00630 # define RSA_R_LAST_OCTET_INVALID                         134
00631 # define RSA_R_MODULUS_TOO_LARGE                          105
00632 # define RSA_R_NON_FIPS_RSA_METHOD                        157
00633 # define RSA_R_NO_PUBLIC_EXPONENT                         140
00634 # define RSA_R_NULL_BEFORE_BLOCK_MISSING                  113
00635 # define RSA_R_N_DOES_NOT_EQUAL_P_Q                       127
00636 # define RSA_R_OAEP_DECODING_ERROR                        121
00637 # define RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE         158
00638 # define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE   148
00639 # define RSA_R_PADDING_CHECK_FAILED                       114
00640 # define RSA_R_PKCS_DECODING_ERROR                        159
00641 # define RSA_R_P_NOT_PRIME                                128
00642 # define RSA_R_Q_NOT_PRIME                                129
00643 # define RSA_R_RSA_OPERATIONS_NOT_SUPPORTED               130
00644 # define RSA_R_SLEN_CHECK_FAILED                          136
00645 # define RSA_R_SLEN_RECOVERY_FAILED                       135
00646 # define RSA_R_SSLV3_ROLLBACK_ATTACK                      115
00647 # define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116
00648 # define RSA_R_UNKNOWN_ALGORITHM_TYPE                     117
00649 # define RSA_R_UNKNOWN_DIGEST                             163
00650 # define RSA_R_UNKNOWN_MASK_DIGEST                        151
00651 # define RSA_R_UNKNOWN_PADDING_TYPE                       118
00652 # define RSA_R_UNKNOWN_PSS_DIGEST                         152
00653 # define RSA_R_UNSUPPORTED_ENCRYPTION_TYPE                164
00654 # define RSA_R_UNSUPPORTED_LABEL_SOURCE                   165
00655 # define RSA_R_UNSUPPORTED_MASK_ALGORITHM                 153
00656 # define RSA_R_UNSUPPORTED_MASK_PARAMETER                 154
00657 # define RSA_R_UNSUPPORTED_SIGNATURE_TYPE                 155
00658 # define RSA_R_VALUE_MISSING                              147
00659 # define RSA_R_WRONG_SIGNATURE_LENGTH                     119
00660 
00661 #ifdef  __cplusplus
00662 }
00663 #endif
00664 #endif