openssl_rsa_pss_verify 0.0.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (112) hide show
  1. data/.gitignore +5 -0
  2. data/.rspec +2 -0
  3. data/.ruby-gemset +1 -0
  4. data/.ruby-version +1 -0
  5. data/Gemfile +4 -0
  6. data/Gemfile.lock +35 -0
  7. data/README +1 -0
  8. data/Rakefile +4 -0
  9. data/ext/openssl_rsa_pss_verify/extconf.rb +15 -0
  10. data/ext/openssl_rsa_pss_verify/openssl_rsa_pss_verify_ext.c +56 -0
  11. data/lib/openssl_rsa_pss_verify/version.rb +3 -0
  12. data/lib/openssl_rsa_pss_verify.rb +2 -0
  13. data/openssl_rsa_pss_verify.gemspec +26 -0
  14. data/tasks/compile.rake +12 -0
  15. data/tasks/rspec.rake +12 -0
  16. data/vendor/openssl/include/openssl/aes.h +147 -0
  17. data/vendor/openssl/include/openssl/asn1.h +1404 -0
  18. data/vendor/openssl/include/openssl/asn1_mac.h +578 -0
  19. data/vendor/openssl/include/openssl/asn1t.h +960 -0
  20. data/vendor/openssl/include/openssl/bio.h +847 -0
  21. data/vendor/openssl/include/openssl/blowfish.h +129 -0
  22. data/vendor/openssl/include/openssl/bn.h +891 -0
  23. data/vendor/openssl/include/openssl/buffer.h +119 -0
  24. data/vendor/openssl/include/openssl/camellia.h +130 -0
  25. data/vendor/openssl/include/openssl/cast.h +107 -0
  26. data/vendor/openssl/include/openssl/cmac.h +82 -0
  27. data/vendor/openssl/include/openssl/cms.h +501 -0
  28. data/vendor/openssl/include/openssl/comp.h +80 -0
  29. data/vendor/openssl/include/openssl/conf.h +263 -0
  30. data/vendor/openssl/include/openssl/conf_api.h +89 -0
  31. data/vendor/openssl/include/openssl/crypto.h +611 -0
  32. data/vendor/openssl/include/openssl/des.h +248 -0
  33. data/vendor/openssl/include/openssl/des_old.h +446 -0
  34. data/vendor/openssl/include/openssl/dh.h +280 -0
  35. data/vendor/openssl/include/openssl/dsa.h +327 -0
  36. data/vendor/openssl/include/openssl/dso.h +409 -0
  37. data/vendor/openssl/include/openssl/dtls1.h +287 -0
  38. data/vendor/openssl/include/openssl/e_os2.h +315 -0
  39. data/vendor/openssl/include/openssl/ebcdic.h +19 -0
  40. data/vendor/openssl/include/openssl/ec.h +1167 -0
  41. data/vendor/openssl/include/openssl/ecdh.h +125 -0
  42. data/vendor/openssl/include/openssl/ecdsa.h +260 -0
  43. data/vendor/openssl/include/openssl/engine.h +842 -0
  44. data/vendor/openssl/include/openssl/err.h +386 -0
  45. data/vendor/openssl/include/openssl/evp.h +1409 -0
  46. data/vendor/openssl/include/openssl/hmac.h +110 -0
  47. data/vendor/openssl/include/openssl/idea.h +103 -0
  48. data/vendor/openssl/include/openssl/krb5_asn.h +256 -0
  49. data/vendor/openssl/include/openssl/kssl.h +183 -0
  50. data/vendor/openssl/include/openssl/lhash.h +241 -0
  51. data/vendor/openssl/include/openssl/md4.h +120 -0
  52. data/vendor/openssl/include/openssl/md5.h +120 -0
  53. data/vendor/openssl/include/openssl/mdc2.h +98 -0
  54. data/vendor/openssl/include/openssl/modes.h +135 -0
  55. data/vendor/openssl/include/openssl/obj_mac.h +4032 -0
  56. data/vendor/openssl/include/openssl/objects.h +1138 -0
  57. data/vendor/openssl/include/openssl/ocsp.h +623 -0
  58. data/vendor/openssl/include/openssl/opensslconf.h +234 -0
  59. data/vendor/openssl/include/openssl/opensslv.h +89 -0
  60. data/vendor/openssl/include/openssl/ossl_typ.h +202 -0
  61. data/vendor/openssl/include/openssl/pem.h +641 -0
  62. data/vendor/openssl/include/openssl/pem2.h +70 -0
  63. data/vendor/openssl/include/openssl/pkcs12.h +331 -0
  64. data/vendor/openssl/include/openssl/pkcs7.h +499 -0
  65. data/vendor/openssl/include/openssl/pqueue.h +94 -0
  66. data/vendor/openssl/include/openssl/rand.h +149 -0
  67. data/vendor/openssl/include/openssl/rc2.h +103 -0
  68. data/vendor/openssl/include/openssl/rc4.h +90 -0
  69. data/vendor/openssl/include/openssl/ripemd.h +107 -0
  70. data/vendor/openssl/include/openssl/rsa.h +582 -0
  71. data/vendor/openssl/include/openssl/safestack.h +2663 -0
  72. data/vendor/openssl/include/openssl/seed.h +139 -0
  73. data/vendor/openssl/include/openssl/sha.h +214 -0
  74. data/vendor/openssl/include/openssl/srp.h +172 -0
  75. data/vendor/openssl/include/openssl/srtp.h +145 -0
  76. data/vendor/openssl/include/openssl/ssl.h +2579 -0
  77. data/vendor/openssl/include/openssl/ssl2.h +272 -0
  78. data/vendor/openssl/include/openssl/ssl23.h +83 -0
  79. data/vendor/openssl/include/openssl/ssl3.h +684 -0
  80. data/vendor/openssl/include/openssl/stack.h +108 -0
  81. data/vendor/openssl/include/openssl/symhacks.h +475 -0
  82. data/vendor/openssl/include/openssl/tls1.h +735 -0
  83. data/vendor/openssl/include/openssl/ts.h +858 -0
  84. data/vendor/openssl/include/openssl/txt_db.h +112 -0
  85. data/vendor/openssl/include/openssl/ui.h +383 -0
  86. data/vendor/openssl/include/openssl/ui_compat.h +83 -0
  87. data/vendor/openssl/include/openssl/whrlpool.h +41 -0
  88. data/vendor/openssl/include/openssl/x509.h +1297 -0
  89. data/vendor/openssl/include/openssl/x509_vfy.h +567 -0
  90. data/vendor/openssl/include/openssl/x509v3.h +1007 -0
  91. data/vendor/openssl/lib/engines/lib4758cca.so +0 -0
  92. data/vendor/openssl/lib/engines/libaep.so +0 -0
  93. data/vendor/openssl/lib/engines/libatalla.so +0 -0
  94. data/vendor/openssl/lib/engines/libcapi.so +0 -0
  95. data/vendor/openssl/lib/engines/libchil.so +0 -0
  96. data/vendor/openssl/lib/engines/libcswift.so +0 -0
  97. data/vendor/openssl/lib/engines/libgmp.so +0 -0
  98. data/vendor/openssl/lib/engines/libgost.so +0 -0
  99. data/vendor/openssl/lib/engines/libnuron.so +0 -0
  100. data/vendor/openssl/lib/engines/libpadlock.so +0 -0
  101. data/vendor/openssl/lib/engines/libsureware.so +0 -0
  102. data/vendor/openssl/lib/engines/libubsec.so +0 -0
  103. data/vendor/openssl/lib/libcrypto.a +0 -0
  104. data/vendor/openssl/lib/libcrypto.so +0 -0
  105. data/vendor/openssl/lib/libcrypto.so.1.0.0 +0 -0
  106. data/vendor/openssl/lib/libssl.a +0 -0
  107. data/vendor/openssl/lib/libssl.so +0 -0
  108. data/vendor/openssl/lib/libssl.so.1.0.0 +0 -0
  109. data/vendor/openssl/lib/pkgconfig/libcrypto.pc +12 -0
  110. data/vendor/openssl/lib/pkgconfig/libssl.pc +12 -0
  111. data/vendor/openssl/lib/pkgconfig/openssl.pc +12 -0
  112. metadata +208 -0
@@ -0,0 +1,582 @@
1
+ /* crypto/rsa/rsa.h */
2
+ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3
+ * All rights reserved.
4
+ *
5
+ * This package is an SSL implementation written
6
+ * by Eric Young (eay@cryptsoft.com).
7
+ * The implementation was written so as to conform with Netscapes SSL.
8
+ *
9
+ * This library is free for commercial and non-commercial use as long as
10
+ * the following conditions are aheared to. The following conditions
11
+ * apply to all code found in this distribution, be it the RC4, RSA,
12
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13
+ * included with this distribution is covered by the same copyright terms
14
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15
+ *
16
+ * Copyright remains Eric Young's, and as such any Copyright notices in
17
+ * the code are not to be removed.
18
+ * If this package is used in a product, Eric Young should be given attribution
19
+ * as the author of the parts of the library used.
20
+ * This can be in the form of a textual message at program startup or
21
+ * in documentation (online or textual) provided with the package.
22
+ *
23
+ * Redistribution and use in source and binary forms, with or without
24
+ * modification, are permitted provided that the following conditions
25
+ * are met:
26
+ * 1. Redistributions of source code must retain the copyright
27
+ * notice, this list of conditions and the following disclaimer.
28
+ * 2. Redistributions in binary form must reproduce the above copyright
29
+ * notice, this list of conditions and the following disclaimer in the
30
+ * documentation and/or other materials provided with the distribution.
31
+ * 3. All advertising materials mentioning features or use of this software
32
+ * must display the following acknowledgement:
33
+ * "This product includes cryptographic software written by
34
+ * Eric Young (eay@cryptsoft.com)"
35
+ * The word 'cryptographic' can be left out if the rouines from the library
36
+ * being used are not cryptographic related :-).
37
+ * 4. If you include any Windows specific code (or a derivative thereof) from
38
+ * the apps directory (application code) you must include an acknowledgement:
39
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40
+ *
41
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51
+ * SUCH DAMAGE.
52
+ *
53
+ * The licence and distribution terms for any publically available version or
54
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
55
+ * copied and put under another distribution licence
56
+ * [including the GNU Public Licence.]
57
+ */
58
+
59
+ #ifndef HEADER_RSA_H
60
+ #define HEADER_RSA_H
61
+
62
+ #include <openssl/asn1.h>
63
+
64
+ #ifndef OPENSSL_NO_BIO
65
+ #include <openssl/bio.h>
66
+ #endif
67
+ #include <openssl/crypto.h>
68
+ #include <openssl/ossl_typ.h>
69
+ #ifndef OPENSSL_NO_DEPRECATED
70
+ #include <openssl/bn.h>
71
+ #endif
72
+
73
+ #ifdef OPENSSL_NO_RSA
74
+ #error RSA is disabled.
75
+ #endif
76
+
77
+ #ifdef __cplusplus
78
+ extern "C" {
79
+ #endif
80
+
81
+ /* Declared already in ossl_typ.h */
82
+ /* typedef struct rsa_st RSA; */
83
+ /* typedef struct rsa_meth_st RSA_METHOD; */
84
+
85
+ struct rsa_meth_st
86
+ {
87
+ const char *name;
88
+ int (*rsa_pub_enc)(int flen,const unsigned char *from,
89
+ unsigned char *to,
90
+ RSA *rsa,int padding);
91
+ int (*rsa_pub_dec)(int flen,const unsigned char *from,
92
+ unsigned char *to,
93
+ RSA *rsa,int padding);
94
+ int (*rsa_priv_enc)(int flen,const unsigned char *from,
95
+ unsigned char *to,
96
+ RSA *rsa,int padding);
97
+ int (*rsa_priv_dec)(int flen,const unsigned char *from,
98
+ unsigned char *to,
99
+ RSA *rsa,int padding);
100
+ int (*rsa_mod_exp)(BIGNUM *r0,const BIGNUM *I,RSA *rsa,BN_CTX *ctx); /* Can be null */
101
+ int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
102
+ const BIGNUM *m, BN_CTX *ctx,
103
+ BN_MONT_CTX *m_ctx); /* Can be null */
104
+ int (*init)(RSA *rsa); /* called at new */
105
+ int (*finish)(RSA *rsa); /* called at free */
106
+ int flags; /* RSA_METHOD_FLAG_* things */
107
+ char *app_data; /* may be needed! */
108
+ /* New sign and verify functions: some libraries don't allow arbitrary data
109
+ * to be signed/verified: this allows them to be used. Note: for this to work
110
+ * the RSA_public_decrypt() and RSA_private_encrypt() should *NOT* be used
111
+ * RSA_sign(), RSA_verify() should be used instead. Note: for backwards
112
+ * compatibility this functionality is only enabled if the RSA_FLAG_SIGN_VER
113
+ * option is set in 'flags'.
114
+ */
115
+ int (*rsa_sign)(int type,
116
+ const unsigned char *m, unsigned int m_length,
117
+ unsigned char *sigret, unsigned int *siglen, const RSA *rsa);
118
+ int (*rsa_verify)(int dtype,
119
+ const unsigned char *m, unsigned int m_length,
120
+ const unsigned char *sigbuf, unsigned int siglen,
121
+ const RSA *rsa);
122
+ /* If this callback is NULL, the builtin software RSA key-gen will be used. This
123
+ * is for behavioural compatibility whilst the code gets rewired, but one day
124
+ * it would be nice to assume there are no such things as "builtin software"
125
+ * implementations. */
126
+ int (*rsa_keygen)(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
127
+ };
128
+
129
+ struct rsa_st
130
+ {
131
+ /* The first parameter is used to pickup errors where
132
+ * this is passed instead of aEVP_PKEY, it is set to 0 */
133
+ int pad;
134
+ long version;
135
+ const RSA_METHOD *meth;
136
+ /* functional reference if 'meth' is ENGINE-provided */
137
+ ENGINE *engine;
138
+ BIGNUM *n;
139
+ BIGNUM *e;
140
+ BIGNUM *d;
141
+ BIGNUM *p;
142
+ BIGNUM *q;
143
+ BIGNUM *dmp1;
144
+ BIGNUM *dmq1;
145
+ BIGNUM *iqmp;
146
+ /* be careful using this if the RSA structure is shared */
147
+ CRYPTO_EX_DATA ex_data;
148
+ int references;
149
+ int flags;
150
+
151
+ /* Used to cache montgomery values */
152
+ BN_MONT_CTX *_method_mod_n;
153
+ BN_MONT_CTX *_method_mod_p;
154
+ BN_MONT_CTX *_method_mod_q;
155
+
156
+ /* all BIGNUM values are actually in the following data, if it is not
157
+ * NULL */
158
+ char *bignum_data;
159
+ BN_BLINDING *blinding;
160
+ BN_BLINDING *mt_blinding;
161
+ };
162
+
163
+ #ifndef OPENSSL_RSA_MAX_MODULUS_BITS
164
+ # define OPENSSL_RSA_MAX_MODULUS_BITS 16384
165
+ #endif
166
+
167
+ #ifndef OPENSSL_RSA_SMALL_MODULUS_BITS
168
+ # define OPENSSL_RSA_SMALL_MODULUS_BITS 3072
169
+ #endif
170
+ #ifndef OPENSSL_RSA_MAX_PUBEXP_BITS
171
+ # define OPENSSL_RSA_MAX_PUBEXP_BITS 64 /* exponent limit enforced for "large" modulus only */
172
+ #endif
173
+
174
+ #define RSA_3 0x3L
175
+ #define RSA_F4 0x10001L
176
+
177
+ #define RSA_METHOD_FLAG_NO_CHECK 0x0001 /* don't check pub/private match */
178
+
179
+ #define RSA_FLAG_CACHE_PUBLIC 0x0002
180
+ #define RSA_FLAG_CACHE_PRIVATE 0x0004
181
+ #define RSA_FLAG_BLINDING 0x0008
182
+ #define RSA_FLAG_THREAD_SAFE 0x0010
183
+ /* This flag means the private key operations will be handled by rsa_mod_exp
184
+ * and that they do not depend on the private key components being present:
185
+ * for example a key stored in external hardware. Without this flag bn_mod_exp
186
+ * gets called when private key components are absent.
187
+ */
188
+ #define RSA_FLAG_EXT_PKEY 0x0020
189
+
190
+ /* This flag in the RSA_METHOD enables the new rsa_sign, rsa_verify functions.
191
+ */
192
+ #define RSA_FLAG_SIGN_VER 0x0040
193
+
194
+ #define RSA_FLAG_NO_BLINDING 0x0080 /* new with 0.9.6j and 0.9.7b; the built-in
195
+ * RSA implementation now uses blinding by
196
+ * default (ignoring RSA_FLAG_BLINDING),
197
+ * but other engines might not need it
198
+ */
199
+ #define RSA_FLAG_NO_CONSTTIME 0x0100 /* new with 0.9.8f; the built-in RSA
200
+ * implementation now uses constant time
201
+ * operations by default in private key operations,
202
+ * e.g., constant time modular exponentiation,
203
+ * modular inverse without leaking branches,
204
+ * division without leaking branches. This
205
+ * flag disables these constant time
206
+ * operations and results in faster RSA
207
+ * private key operations.
208
+ */
209
+ #ifndef OPENSSL_NO_DEPRECATED
210
+ #define RSA_FLAG_NO_EXP_CONSTTIME RSA_FLAG_NO_CONSTTIME /* deprecated name for the flag*/
211
+ /* new with 0.9.7h; the built-in RSA
212
+ * implementation now uses constant time
213
+ * modular exponentiation for secret exponents
214
+ * by default. This flag causes the
215
+ * faster variable sliding window method to
216
+ * be used for all exponents.
217
+ */
218
+ #endif
219
+
220
+
221
+ #define EVP_PKEY_CTX_set_rsa_padding(ctx, pad) \
222
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, EVP_PKEY_CTRL_RSA_PADDING, \
223
+ pad, NULL)
224
+
225
+ #define EVP_PKEY_CTX_get_rsa_padding(ctx, ppad) \
226
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, \
227
+ EVP_PKEY_CTRL_GET_RSA_PADDING, 0, ppad)
228
+
229
+ #define EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, len) \
230
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
231
+ (EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \
232
+ EVP_PKEY_CTRL_RSA_PSS_SALTLEN, \
233
+ len, NULL)
234
+
235
+ #define EVP_PKEY_CTX_get_rsa_pss_saltlen(ctx, plen) \
236
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
237
+ (EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \
238
+ EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN, \
239
+ 0, plen)
240
+
241
+ #define EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, bits) \
242
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \
243
+ EVP_PKEY_CTRL_RSA_KEYGEN_BITS, bits, NULL)
244
+
245
+ #define EVP_PKEY_CTX_set_rsa_keygen_pubexp(ctx, pubexp) \
246
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \
247
+ EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP, 0, pubexp)
248
+
249
+ #define EVP_PKEY_CTX_set_rsa_mgf1_md(ctx, md) \
250
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_SIG, \
251
+ EVP_PKEY_CTRL_RSA_MGF1_MD, 0, (void *)md)
252
+
253
+ #define EVP_PKEY_CTX_get_rsa_mgf1_md(ctx, pmd) \
254
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_SIG, \
255
+ EVP_PKEY_CTRL_GET_RSA_MGF1_MD, 0, (void *)pmd)
256
+
257
+ #define EVP_PKEY_CTRL_RSA_PADDING (EVP_PKEY_ALG_CTRL + 1)
258
+ #define EVP_PKEY_CTRL_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 2)
259
+
260
+ #define EVP_PKEY_CTRL_RSA_KEYGEN_BITS (EVP_PKEY_ALG_CTRL + 3)
261
+ #define EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP (EVP_PKEY_ALG_CTRL + 4)
262
+ #define EVP_PKEY_CTRL_RSA_MGF1_MD (EVP_PKEY_ALG_CTRL + 5)
263
+
264
+ #define EVP_PKEY_CTRL_GET_RSA_PADDING (EVP_PKEY_ALG_CTRL + 6)
265
+ #define EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 7)
266
+ #define EVP_PKEY_CTRL_GET_RSA_MGF1_MD (EVP_PKEY_ALG_CTRL + 8)
267
+
268
+ #define RSA_PKCS1_PADDING 1
269
+ #define RSA_SSLV23_PADDING 2
270
+ #define RSA_NO_PADDING 3
271
+ #define RSA_PKCS1_OAEP_PADDING 4
272
+ #define RSA_X931_PADDING 5
273
+ /* EVP_PKEY_ only */
274
+ #define RSA_PKCS1_PSS_PADDING 6
275
+
276
+ #define RSA_PKCS1_PADDING_SIZE 11
277
+
278
+ #define RSA_set_app_data(s,arg) RSA_set_ex_data(s,0,arg)
279
+ #define RSA_get_app_data(s) RSA_get_ex_data(s,0)
280
+
281
+ RSA * RSA_new(void);
282
+ RSA * RSA_new_method(ENGINE *engine);
283
+ int RSA_size(const RSA *rsa);
284
+
285
+ /* Deprecated version */
286
+ #ifndef OPENSSL_NO_DEPRECATED
287
+ RSA * RSA_generate_key(int bits, unsigned long e,void
288
+ (*callback)(int,int,void *),void *cb_arg);
289
+ #endif /* !defined(OPENSSL_NO_DEPRECATED) */
290
+
291
+ /* New version */
292
+ int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
293
+
294
+ int RSA_check_key(const RSA *);
295
+ /* next 4 return -1 on error */
296
+ int RSA_public_encrypt(int flen, const unsigned char *from,
297
+ unsigned char *to, RSA *rsa,int padding);
298
+ int RSA_private_encrypt(int flen, const unsigned char *from,
299
+ unsigned char *to, RSA *rsa,int padding);
300
+ int RSA_public_decrypt(int flen, const unsigned char *from,
301
+ unsigned char *to, RSA *rsa,int padding);
302
+ int RSA_private_decrypt(int flen, const unsigned char *from,
303
+ unsigned char *to, RSA *rsa,int padding);
304
+ void RSA_free (RSA *r);
305
+ /* "up" the RSA object's reference count */
306
+ int RSA_up_ref(RSA *r);
307
+
308
+ int RSA_flags(const RSA *r);
309
+
310
+ void RSA_set_default_method(const RSA_METHOD *meth);
311
+ const RSA_METHOD *RSA_get_default_method(void);
312
+ const RSA_METHOD *RSA_get_method(const RSA *rsa);
313
+ int RSA_set_method(RSA *rsa, const RSA_METHOD *meth);
314
+
315
+ /* This function needs the memory locking malloc callbacks to be installed */
316
+ int RSA_memory_lock(RSA *r);
317
+
318
+ /* these are the actual SSLeay RSA functions */
319
+ const RSA_METHOD *RSA_PKCS1_SSLeay(void);
320
+
321
+ const RSA_METHOD *RSA_null_method(void);
322
+
323
+ DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPublicKey)
324
+ DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPrivateKey)
325
+
326
+ typedef struct rsa_pss_params_st
327
+ {
328
+ X509_ALGOR *hashAlgorithm;
329
+ X509_ALGOR *maskGenAlgorithm;
330
+ ASN1_INTEGER *saltLength;
331
+ ASN1_INTEGER *trailerField;
332
+ } RSA_PSS_PARAMS;
333
+
334
+ DECLARE_ASN1_FUNCTIONS(RSA_PSS_PARAMS)
335
+
336
+ #ifndef OPENSSL_NO_FP_API
337
+ int RSA_print_fp(FILE *fp, const RSA *r,int offset);
338
+ #endif
339
+
340
+ #ifndef OPENSSL_NO_BIO
341
+ int RSA_print(BIO *bp, const RSA *r,int offset);
342
+ #endif
343
+
344
+ #ifndef OPENSSL_NO_RC4
345
+ int i2d_RSA_NET(const RSA *a, unsigned char **pp,
346
+ int (*cb)(char *buf, int len, const char *prompt, int verify),
347
+ int sgckey);
348
+ RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length,
349
+ int (*cb)(char *buf, int len, const char *prompt, int verify),
350
+ int sgckey);
351
+
352
+ int i2d_Netscape_RSA(const RSA *a, unsigned char **pp,
353
+ int (*cb)(char *buf, int len, const char *prompt,
354
+ int verify));
355
+ RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length,
356
+ int (*cb)(char *buf, int len, const char *prompt,
357
+ int verify));
358
+ #endif
359
+
360
+ /* The following 2 functions sign and verify a X509_SIG ASN1 object
361
+ * inside PKCS#1 padded RSA encryption */
362
+ int RSA_sign(int type, const unsigned char *m, unsigned int m_length,
363
+ unsigned char *sigret, unsigned int *siglen, RSA *rsa);
364
+ int RSA_verify(int type, const unsigned char *m, unsigned int m_length,
365
+ const unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
366
+
367
+ /* The following 2 function sign and verify a ASN1_OCTET_STRING
368
+ * object inside PKCS#1 padded RSA encryption */
369
+ int RSA_sign_ASN1_OCTET_STRING(int type,
370
+ const unsigned char *m, unsigned int m_length,
371
+ unsigned char *sigret, unsigned int *siglen, RSA *rsa);
372
+ int RSA_verify_ASN1_OCTET_STRING(int type,
373
+ const unsigned char *m, unsigned int m_length,
374
+ unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
375
+
376
+ int RSA_blinding_on(RSA *rsa, BN_CTX *ctx);
377
+ void RSA_blinding_off(RSA *rsa);
378
+ BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *ctx);
379
+
380
+ int RSA_padding_add_PKCS1_type_1(unsigned char *to,int tlen,
381
+ const unsigned char *f,int fl);
382
+ int RSA_padding_check_PKCS1_type_1(unsigned char *to,int tlen,
383
+ const unsigned char *f,int fl,int rsa_len);
384
+ int RSA_padding_add_PKCS1_type_2(unsigned char *to,int tlen,
385
+ const unsigned char *f,int fl);
386
+ int RSA_padding_check_PKCS1_type_2(unsigned char *to,int tlen,
387
+ const unsigned char *f,int fl,int rsa_len);
388
+ int PKCS1_MGF1(unsigned char *mask, long len,
389
+ const unsigned char *seed, long seedlen, const EVP_MD *dgst);
390
+ int RSA_padding_add_PKCS1_OAEP(unsigned char *to,int tlen,
391
+ const unsigned char *f,int fl,
392
+ const unsigned char *p,int pl);
393
+ int RSA_padding_check_PKCS1_OAEP(unsigned char *to,int tlen,
394
+ const unsigned char *f,int fl,int rsa_len,
395
+ const unsigned char *p,int pl);
396
+ int RSA_padding_add_SSLv23(unsigned char *to,int tlen,
397
+ const unsigned char *f,int fl);
398
+ int RSA_padding_check_SSLv23(unsigned char *to,int tlen,
399
+ const unsigned char *f,int fl,int rsa_len);
400
+ int RSA_padding_add_none(unsigned char *to,int tlen,
401
+ const unsigned char *f,int fl);
402
+ int RSA_padding_check_none(unsigned char *to,int tlen,
403
+ const unsigned char *f,int fl,int rsa_len);
404
+ int RSA_padding_add_X931(unsigned char *to,int tlen,
405
+ const unsigned char *f,int fl);
406
+ int RSA_padding_check_X931(unsigned char *to,int tlen,
407
+ const unsigned char *f,int fl,int rsa_len);
408
+ int RSA_X931_hash_id(int nid);
409
+
410
+ int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,
411
+ const EVP_MD *Hash, const unsigned char *EM, int sLen);
412
+ int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM,
413
+ const unsigned char *mHash,
414
+ const EVP_MD *Hash, int sLen);
415
+
416
+ int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
417
+ const EVP_MD *Hash, const EVP_MD *mgf1Hash,
418
+ const unsigned char *EM, int sLen);
419
+
420
+ int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
421
+ const unsigned char *mHash,
422
+ const EVP_MD *Hash, const EVP_MD *mgf1Hash, int sLen);
423
+
424
+ int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
425
+ CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
426
+ int RSA_set_ex_data(RSA *r,int idx,void *arg);
427
+ void *RSA_get_ex_data(const RSA *r, int idx);
428
+
429
+ RSA *RSAPublicKey_dup(RSA *rsa);
430
+ RSA *RSAPrivateKey_dup(RSA *rsa);
431
+
432
+ /* If this flag is set the RSA method is FIPS compliant and can be used
433
+ * in FIPS mode. This is set in the validated module method. If an
434
+ * application sets this flag in its own methods it is its responsibility
435
+ * to ensure the result is compliant.
436
+ */
437
+
438
+ #define RSA_FLAG_FIPS_METHOD 0x0400
439
+
440
+ /* If this flag is set the operations normally disabled in FIPS mode are
441
+ * permitted it is then the applications responsibility to ensure that the
442
+ * usage is compliant.
443
+ */
444
+
445
+ #define RSA_FLAG_NON_FIPS_ALLOW 0x0400
446
+ /* Application has decided PRNG is good enough to generate a key: don't
447
+ * check.
448
+ */
449
+ #define RSA_FLAG_CHECKED 0x0800
450
+
451
+ /* BEGIN ERROR CODES */
452
+ /* The following lines are auto generated by the script mkerr.pl. Any changes
453
+ * made after this point may be overwritten when the script is next run.
454
+ */
455
+ void ERR_load_RSA_strings(void);
456
+
457
+ /* Error codes for the RSA functions. */
458
+
459
+ /* Function codes. */
460
+ #define RSA_F_CHECK_PADDING_MD 140
461
+ #define RSA_F_DO_RSA_PRINT 146
462
+ #define RSA_F_INT_RSA_VERIFY 145
463
+ #define RSA_F_MEMORY_LOCK 100
464
+ #define RSA_F_OLD_RSA_PRIV_DECODE 147
465
+ #define RSA_F_PKEY_RSA_CTRL 143
466
+ #define RSA_F_PKEY_RSA_CTRL_STR 144
467
+ #define RSA_F_PKEY_RSA_SIGN 142
468
+ #define RSA_F_PKEY_RSA_VERIFY 154
469
+ #define RSA_F_PKEY_RSA_VERIFYRECOVER 141
470
+ #define RSA_F_RSA_BUILTIN_KEYGEN 129
471
+ #define RSA_F_RSA_CHECK_KEY 123
472
+ #define RSA_F_RSA_EAY_PRIVATE_DECRYPT 101
473
+ #define RSA_F_RSA_EAY_PRIVATE_ENCRYPT 102
474
+ #define RSA_F_RSA_EAY_PUBLIC_DECRYPT 103
475
+ #define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 104
476
+ #define RSA_F_RSA_GENERATE_KEY 105
477
+ #define RSA_F_RSA_GENERATE_KEY_EX 155
478
+ #define RSA_F_RSA_ITEM_VERIFY 156
479
+ #define RSA_F_RSA_MEMORY_LOCK 130
480
+ #define RSA_F_RSA_NEW_METHOD 106
481
+ #define RSA_F_RSA_NULL 124
482
+ #define RSA_F_RSA_NULL_MOD_EXP 131
483
+ #define RSA_F_RSA_NULL_PRIVATE_DECRYPT 132
484
+ #define RSA_F_RSA_NULL_PRIVATE_ENCRYPT 133
485
+ #define RSA_F_RSA_NULL_PUBLIC_DECRYPT 134
486
+ #define RSA_F_RSA_NULL_PUBLIC_ENCRYPT 135
487
+ #define RSA_F_RSA_PADDING_ADD_NONE 107
488
+ #define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP 121
489
+ #define RSA_F_RSA_PADDING_ADD_PKCS1_PSS 125
490
+ #define RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1 148
491
+ #define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 108
492
+ #define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 109
493
+ #define RSA_F_RSA_PADDING_ADD_SSLV23 110
494
+ #define RSA_F_RSA_PADDING_ADD_X931 127
495
+ #define RSA_F_RSA_PADDING_CHECK_NONE 111
496
+ #define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP 122
497
+ #define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1 112
498
+ #define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2 113
499
+ #define RSA_F_RSA_PADDING_CHECK_SSLV23 114
500
+ #define RSA_F_RSA_PADDING_CHECK_X931 128
501
+ #define RSA_F_RSA_PRINT 115
502
+ #define RSA_F_RSA_PRINT_FP 116
503
+ #define RSA_F_RSA_PRIVATE_DECRYPT 150
504
+ #define RSA_F_RSA_PRIVATE_ENCRYPT 151
505
+ #define RSA_F_RSA_PRIV_DECODE 137
506
+ #define RSA_F_RSA_PRIV_ENCODE 138
507
+ #define RSA_F_RSA_PUBLIC_DECRYPT 152
508
+ #define RSA_F_RSA_PUBLIC_ENCRYPT 153
509
+ #define RSA_F_RSA_PUB_DECODE 139
510
+ #define RSA_F_RSA_SETUP_BLINDING 136
511
+ #define RSA_F_RSA_SIGN 117
512
+ #define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 118
513
+ #define RSA_F_RSA_VERIFY 119
514
+ #define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 120
515
+ #define RSA_F_RSA_VERIFY_PKCS1_PSS 126
516
+ #define RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1 149
517
+
518
+ /* Reason codes. */
519
+ #define RSA_R_ALGORITHM_MISMATCH 100
520
+ #define RSA_R_BAD_E_VALUE 101
521
+ #define RSA_R_BAD_FIXED_HEADER_DECRYPT 102
522
+ #define RSA_R_BAD_PAD_BYTE_COUNT 103
523
+ #define RSA_R_BAD_SIGNATURE 104
524
+ #define RSA_R_BLOCK_TYPE_IS_NOT_01 106
525
+ #define RSA_R_BLOCK_TYPE_IS_NOT_02 107
526
+ #define RSA_R_DATA_GREATER_THAN_MOD_LEN 108
527
+ #define RSA_R_DATA_TOO_LARGE 109
528
+ #define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 110
529
+ #define RSA_R_DATA_TOO_LARGE_FOR_MODULUS 132
530
+ #define RSA_R_DATA_TOO_SMALL 111
531
+ #define RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE 122
532
+ #define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY 112
533
+ #define RSA_R_DMP1_NOT_CONGRUENT_TO_D 124
534
+ #define RSA_R_DMQ1_NOT_CONGRUENT_TO_D 125
535
+ #define RSA_R_D_E_NOT_CONGRUENT_TO_1 123
536
+ #define RSA_R_FIRST_OCTET_INVALID 133
537
+ #define RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE 144
538
+ #define RSA_R_INVALID_DIGEST_LENGTH 143
539
+ #define RSA_R_INVALID_HEADER 137
540
+ #define RSA_R_INVALID_KEYBITS 145
541
+ #define RSA_R_INVALID_MESSAGE_LENGTH 131
542
+ #define RSA_R_INVALID_MGF1_MD 156
543
+ #define RSA_R_INVALID_PADDING 138
544
+ #define RSA_R_INVALID_PADDING_MODE 141
545
+ #define RSA_R_INVALID_PSS_PARAMETERS 149
546
+ #define RSA_R_INVALID_PSS_SALTLEN 146
547
+ #define RSA_R_INVALID_SALT_LENGTH 150
548
+ #define RSA_R_INVALID_TRAILER 139
549
+ #define RSA_R_INVALID_X931_DIGEST 142
550
+ #define RSA_R_IQMP_NOT_INVERSE_OF_Q 126
551
+ #define RSA_R_KEY_SIZE_TOO_SMALL 120
552
+ #define RSA_R_LAST_OCTET_INVALID 134
553
+ #define RSA_R_MODULUS_TOO_LARGE 105
554
+ #define RSA_R_NON_FIPS_RSA_METHOD 157
555
+ #define RSA_R_NO_PUBLIC_EXPONENT 140
556
+ #define RSA_R_NULL_BEFORE_BLOCK_MISSING 113
557
+ #define RSA_R_N_DOES_NOT_EQUAL_P_Q 127
558
+ #define RSA_R_OAEP_DECODING_ERROR 121
559
+ #define RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE 158
560
+ #define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 148
561
+ #define RSA_R_PADDING_CHECK_FAILED 114
562
+ #define RSA_R_P_NOT_PRIME 128
563
+ #define RSA_R_Q_NOT_PRIME 129
564
+ #define RSA_R_RSA_OPERATIONS_NOT_SUPPORTED 130
565
+ #define RSA_R_SLEN_CHECK_FAILED 136
566
+ #define RSA_R_SLEN_RECOVERY_FAILED 135
567
+ #define RSA_R_SSLV3_ROLLBACK_ATTACK 115
568
+ #define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116
569
+ #define RSA_R_UNKNOWN_ALGORITHM_TYPE 117
570
+ #define RSA_R_UNKNOWN_MASK_DIGEST 151
571
+ #define RSA_R_UNKNOWN_PADDING_TYPE 118
572
+ #define RSA_R_UNKNOWN_PSS_DIGEST 152
573
+ #define RSA_R_UNSUPPORTED_MASK_ALGORITHM 153
574
+ #define RSA_R_UNSUPPORTED_MASK_PARAMETER 154
575
+ #define RSA_R_UNSUPPORTED_SIGNATURE_TYPE 155
576
+ #define RSA_R_VALUE_MISSING 147
577
+ #define RSA_R_WRONG_SIGNATURE_LENGTH 119
578
+
579
+ #ifdef __cplusplus
580
+ }
581
+ #endif
582
+ #endif