Embedded SDK
Embedded SDK
cx_rsa.h
Go to the documentation of this file.
1 
2 /*******************************************************************************
3  * Ledger Nano S - Secure firmware
4  * (c) 2022 Ledger
5  *
6  * Licensed under the Apache License, Version 2.0 (the "License");
7  * you may not use this file except in compliance with the License.
8  * You may obtain a copy of the License at
9  *
10  * http://www.apache.org/licenses/LICENSE-2.0
11  *
12  * Unless required by applicable law or agreed to in writing, software
13  * distributed under the License is distributed on an "AS IS" BASIS,
14  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15  * See the License for the specific language governing permissions and
16  * limitations under the License.
17  ********************************************************************************/
18 
19 #ifdef HAVE_RSA
20 
21 #ifndef CX_RSA_H
22 #define CX_RSA_H
23 
24 #include "lcx_rsa.h"
25 #include "lcx_hash.h"
26 
27 /*
28  * @param [in] hID Hash identifier
29  *
30  * @return Output hash length in bytes.
31  */
32 size_t cx_pkcs1_get_hash_len(cx_md_t hID);
33 
34 /*
35  * @param [in] hID underlaid hash (ignored, sha256 forced)
36  * @param [out] em encoded output
37  * @param [in] em_len requested output length
38  * @param [in] mHash hash to encode
39  * @param [in] mHashLen hash length
40  *
41  * @return em_len, if encoded 0 else
42  */
43 WARN_UNUSED_RESULT cx_err_t cx_pkcs1_emsa_v1o5_encode(cx_md_t hID,
44  uint8_t *em,
45  size_t em_len,
46  const uint8_t *mHash,
47  size_t mHashLen);
48 /*
49  * @param [in] hID underlaid hash (ignored, sha256 forced)
50  * @param [in] em encoded message to verify
51  * @param [in] em_len requested output length
52  * @param [in] mHash hash to verify
53  * @param [in] mHashLen hash length
54  *
55  * @return 1 if verifed, 0 else
56  */
57 bool cx_pkcs1_emsa_v1o5_verify(cx_md_t hID,
58  uint8_t *em,
59  size_t em_len,
60  const uint8_t *mHash,
61  size_t mHashLen);
62 
63 /* The salt length is equal to the mHashLen value.
64  * If another salt length is to be used, the
65  * cx_pkcs1_emsa_pss_encode_with_salt_len function must
66  * be used instead.
67  * @param [in] hID underlaid hash (ignored, sha256 forced)
68  * @param [out] em encoded output
69  * @param [in] em_len requested output length
70  * @param [in] mHash hash to encode
71  * @param [in] mHashLen hash length
72  * @param [in] mSaltLen Salt length
73  *
74  * @return em_len, if encoded 0 else
75  */
76 WARN_UNUSED_RESULT cx_err_t cx_pkcs1_emsa_pss_encode(cx_md_t hID,
77  uint8_t *em,
78  size_t em_len,
79  const uint8_t *mHash,
80  size_t mHashLen,
81  size_t *size);
82 
83 /*
84  * @param [in] hID underlaid hash (ignored, sha256 forced)
85  * @param [out] em encoded output
86  * @param [in] em_len requested output length
87  * @param [in] mHash hash to encode
88  * @param [in] mHashLen hash length
89  * @param [in] mSaltLen Salt length
90  *
91  * @return em_len, if encoded 0 else
92  */
93 WARN_UNUSED_RESULT cx_err_t cx_pkcs1_emsa_pss_encode_with_salt_len(cx_md_t hID,
94  uint8_t *em,
95  size_t em_len,
96  const uint8_t *mHash,
97  size_t mHashLen,
98  size_t mSaltLen,
99  size_t *size);
100 
101 /* The salt length is equal to the mHashLen value.
102  * If another salt length is to be used, the
103  * cx_pkcs1_emsa_pss_verify_with_salt_len function must
104  * be used instead.
105  * @param [in] hID underlaid hash
106  * @param [in] em encoded message to verify
107  * @param [in] em_len requested output length
108  * @param [in] mHash hash to verify
109  * @param [in] mHashLen hash length
110  *
111  * @return 1 if verifed, 0 else
112  */
113 bool cx_pkcs1_emsa_pss_verify(cx_md_t hID,
114  uint8_t *em,
115  size_t em_len,
116  const uint8_t *mHash,
117  size_t mHashLen);
118 
119 /*
120  * @param [in] hID underlaid hash
121  * @param [in] em encoded message to verify
122  * @param [in] em_len requested output length
123  * @param [in] mHash hash to verify
124  * @param [in] mHashLen hash length
125  * @param [in] mSaltLen salt length
126  *
127  * @return 1 if verifed, 0 else
128  */
129 bool cx_pkcs1_emsa_pss_verify_with_salt_len(cx_md_t hID,
130  uint8_t *em,
131  size_t em_len,
132  const uint8_t *mHash,
133  size_t mHashLen,
134  size_t mSaltLen);
135 
136 /*
137  * @param [in] hID underlaid hash (ignored, sha256 forced)
138  * @param [out] em encoded output
139  * @param [in] em_len requested output length
140  * @param [in] m message to encode
141  * @param [in] mLen message length
142  *
143  * @return em_len, if encoded 0 else
144  */
145 WARN_UNUSED_RESULT cx_err_t cx_pkcs1_eme_v1o5_encode(cx_md_t hID,
146  uint8_t *em,
147  size_t em_len,
148  const uint8_t *mHash,
149  size_t mHashLen);
150 /*
151  * @param [in] hID underlaid hash (ignored, sha256 forced)
152  * @param [in] em encoded message
153  * @param [in] em_len requested output length
154  * @param [out] m message to encode
155  * @param [in] mLen max message length acceptable in m
156  *
157  * @return decoded message length, -1 if decoding fail
158  */
159 size_t cx_pkcs1_eme_v1o5_decode(cx_md_t hID,
160  uint8_t *em,
161  size_t em_len,
162  uint8_t *mHash,
163  size_t mHashLen);
164 
165 /*
166  * @param [in] hID underlaid hash (ignored, sha256 forced)
167  * @param [out] em encoded output
168  * @param [in] em_len requested output length
169  * @param [in] m message to encode
170  * @param [in] mLen message length
171  *
172  * @return em_len, if encoded 0 else
173  */
174 WARN_UNUSED_RESULT cx_err_t
175 cx_pkcs1_eme_oaep_encode(cx_md_t hID, uint8_t *em, size_t em_len, const uint8_t *m, size_t mLen);
176 /*
177  * @param [in] hID underlaid hash (ignored, sha256 forced)
178  * @param [in] em encoded message
179  * @param [in] em_len requested output length
180  * @param [out] m message to encode
181  * @param [in] mLen max message length acceptable in m
182  *
183  * @return decoded message length, -1 if decoding fail
184  */
185 WARN_UNUSED_RESULT cx_err_t
186 cx_pkcs1_eme_oaep_decode(cx_md_t hID, uint8_t *em, size_t em_len, uint8_t *m, size_t *mLen);
187 
188 // For PKCS1.5
189 #define PKCS1_DIGEST_BUFFER_LENGTH 64
190 
191 struct cx_pkcs1_s {
192  union {
193  cx_hash_t hash;
194 #if defined(HAVE_SHA256)
195  cx_sha256_t sha256;
196 #endif // HAVE_SHA256
197 
198 #if defined(HAVE_SHA512)
199  cx_sha512_t sha512;
200 #endif // HAVE_SHA512
201  } hash_ctx;
202  uint8_t digest[PKCS1_DIGEST_BUFFER_LENGTH];
203  uint8_t MGF1[512];
204 };
205 typedef struct cx_pkcs1_s cx_pkcs1_t;
206 
207 #if defined(HAVE_SHA224)
208 #define CX_OID_SHA224_LENGTH 19
209 extern uint8_t const C_cx_oid_sha224[CX_OID_SHA224_LENGTH];
210 #endif // HAVE_SHA224
211 
212 #if defined(HAVE_SHA256)
213 #define CX_OID_SHA256_LENGTH 19
214 extern uint8_t const C_cx_oid_sha256[CX_OID_SHA256_LENGTH];
215 #endif // HAVE_SHA256
216 
217 #if defined(HAVE_SHA384)
218 #define CX_OID_SHA384_LENGTH 19
219 extern uint8_t const C_cx_oid_sha384[CX_OID_SHA384_LENGTH];
220 #endif // HAVE_SHA384
221 
222 #if defined(HAVE_SHA512)
223 #define CX_OID_SHA512_LENGTH 19
224 extern uint8_t const C_cx_oid_sha512[CX_OID_SHA512_LENGTH];
225 #endif // HAVE_SHA512
226 
227 #if defined(HAVE_SHA3)
228 #define CX_OID_SHA3_256_LENGTH 19
229 extern uint8_t const C_cx_oid_sha3_256[CX_OID_SHA3_256_LENGTH];
230 
231 #define CX_OID_SHA3_512_LENGTH 19
232 extern uint8_t const C_cx_oid_sha3_512[CX_OID_SHA3_512_LENGTH];
233 #endif // HAVE_SHA3
234 
235 WARN_UNUSED_RESULT cx_err_t cx_rsa_get_public_components(const cx_rsa_public_key_t *key,
236  uint8_t **e,
237  uint8_t **n);
238 WARN_UNUSED_RESULT cx_err_t cx_rsa_get_private_components(const cx_rsa_private_key_t *key,
239  uint8_t **d,
240  uint8_t **n);
241 
242 WARN_UNUSED_RESULT cx_err_t cx_rsa_private_key_ctx_size(const cx_rsa_private_key_t *key,
243  size_t *size);
244 
245 #endif // CX_RSA_H
246 #endif // HAVE_RSA
Hash functions.
RSA algorithm.
unsigned char uint8_t
Definition: usbd_conf.h:53