Embedded SDK
Embedded SDK
Loading...
Searching...
No Matches
cx_rsa.h
Go to the documentation of this file.
1
2/*******************************************************************************
3 * Ledger Nano S - Secure firmware
4 * (c) 2022 Ledger
5 *
6 * Licensed under the Apache License, Version 2.0 (the "License");
7 * you may not use this file except in compliance with the License.
8 * You may obtain a copy of the License at
9 *
10 * http://www.apache.org/licenses/LICENSE-2.0
11 *
12 * Unless required by applicable law or agreed to in writing, software
13 * distributed under the License is distributed on an "AS IS" BASIS,
14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 * See the License for the specific language governing permissions and
16 * limitations under the License.
17 ********************************************************************************/
18
19#ifdef HAVE_RSA
20
21#ifndef CX_RSA_H
22#define CX_RSA_H
23
24#include "lcx_rsa.h"
25#include "lcx_hash.h"
26
27/*
28 * @param [in] hID Hash identifier
29 *
30 * @return Output hash length in bytes.
31 */
32size_t cx_pkcs1_get_hash_len(cx_md_t hID);
33
34/*
35 * @param [in] hID underlaid hash (ignored, sha256 forced)
36 * @param [out] em encoded output
37 * @param [in] em_len requested output length
38 * @param [in] mHash hash to encode
39 * @param [in] mHashLen hash length
40 *
41 * @return em_len, if encoded 0 else
42 */
43WARN_UNUSED_RESULT cx_err_t cx_pkcs1_emsa_v1o5_encode(cx_md_t hID,
44 uint8_t *em,
45 size_t em_len,
46 const uint8_t *mHash,
47 size_t mHashLen);
48/*
49 * @param [in] hID underlaid hash (ignored, sha256 forced)
50 * @param [in] em encoded message to verify
51 * @param [in] em_len requested output length
52 * @param [in] mHash hash to verify
53 * @param [in] mHashLen hash length
54 *
55 * @return 1 if verifed, 0 else
56 */
57bool cx_pkcs1_emsa_v1o5_verify(cx_md_t hID,
58 uint8_t *em,
59 size_t em_len,
60 const uint8_t *mHash,
61 size_t mHashLen);
62
63/* The salt length is equal to the mHashLen value.
64 * If another salt length is to be used, the
65 * cx_pkcs1_emsa_pss_encode_with_salt_len function must
66 * be used instead.
67 * @param [in] hID underlaid hash (ignored, sha256 forced)
68 * @param [out] em encoded output
69 * @param [in] em_len requested output length
70 * @param [in] mHash hash to encode
71 * @param [in] mHashLen hash length
72 * @param [in] mSaltLen Salt length
73 *
74 * @return em_len, if encoded 0 else
75 */
76WARN_UNUSED_RESULT cx_err_t cx_pkcs1_emsa_pss_encode(cx_md_t hID,
77 uint8_t *em,
78 size_t em_len,
79 const uint8_t *mHash,
80 size_t mHashLen,
81 size_t *size);
82
83/*
84 * @param [in] hID underlaid hash (ignored, sha256 forced)
85 * @param [out] em encoded output
86 * @param [in] em_len requested output length
87 * @param [in] mHash hash to encode
88 * @param [in] mHashLen hash length
89 * @param [in] mSaltLen Salt length
90 *
91 * @return em_len, if encoded 0 else
92 */
93WARN_UNUSED_RESULT cx_err_t cx_pkcs1_emsa_pss_encode_with_salt_len(cx_md_t hID,
94 uint8_t *em,
95 size_t em_len,
96 const uint8_t *mHash,
97 size_t mHashLen,
98 size_t mSaltLen,
99 size_t *size);
100
101/* The salt length is equal to the mHashLen value.
102 * If another salt length is to be used, the
103 * cx_pkcs1_emsa_pss_verify_with_salt_len function must
104 * be used instead.
105 * @param [in] hID underlaid hash
106 * @param [in] em encoded message to verify
107 * @param [in] em_len requested output length
108 * @param [in] mHash hash to verify
109 * @param [in] mHashLen hash length
110 *
111 * @return 1 if verifed, 0 else
112 */
113bool cx_pkcs1_emsa_pss_verify(cx_md_t hID,
114 uint8_t *em,
115 size_t em_len,
116 const uint8_t *mHash,
117 size_t mHashLen);
118
119/*
120 * @param [in] hID underlaid hash
121 * @param [in] em encoded message to verify
122 * @param [in] em_len requested output length
123 * @param [in] mHash hash to verify
124 * @param [in] mHashLen hash length
125 * @param [in] mSaltLen salt length
126 *
127 * @return 1 if verifed, 0 else
128 */
129bool cx_pkcs1_emsa_pss_verify_with_salt_len(cx_md_t hID,
130 uint8_t *em,
131 size_t em_len,
132 const uint8_t *mHash,
133 size_t mHashLen,
134 size_t mSaltLen);
135
136/*
137 * @param [in] hID underlaid hash (ignored, sha256 forced)
138 * @param [out] em encoded output
139 * @param [in] em_len requested output length
140 * @param [in] m message to encode
141 * @param [in] mLen message length
142 *
143 * @return em_len, if encoded 0 else
144 */
145WARN_UNUSED_RESULT cx_err_t cx_pkcs1_eme_v1o5_encode(cx_md_t hID,
146 uint8_t *em,
147 size_t em_len,
148 const uint8_t *mHash,
149 size_t mHashLen);
150/*
151 * @param [in] hID underlaid hash (ignored, sha256 forced)
152 * @param [in] em encoded message
153 * @param [in] em_len requested output length
154 * @param [out] m message to encode
155 * @param [in] mLen max message length acceptable in m
156 *
157 * @return decoded message length, -1 if decoding fail
158 */
159size_t cx_pkcs1_eme_v1o5_decode(cx_md_t hID,
160 uint8_t *em,
161 size_t em_len,
162 uint8_t *mHash,
163 size_t mHashLen);
164
165/*
166 * @param [in] hID underlaid hash (ignored, sha256 forced)
167 * @param [out] em encoded output
168 * @param [in] em_len requested output length
169 * @param [in] m message to encode
170 * @param [in] mLen message length
171 *
172 * @return em_len, if encoded 0 else
173 */
174WARN_UNUSED_RESULT cx_err_t
175cx_pkcs1_eme_oaep_encode(cx_md_t hID, uint8_t *em, size_t em_len, const uint8_t *m, size_t mLen);
176/*
177 * @param [in] hID underlaid hash (ignored, sha256 forced)
178 * @param [in] em encoded message
179 * @param [in] em_len requested output length
180 * @param [out] m message to encode
181 * @param [in] mLen max message length acceptable in m
182 *
183 * @return decoded message length, -1 if decoding fail
184 */
185WARN_UNUSED_RESULT cx_err_t
186cx_pkcs1_eme_oaep_decode(cx_md_t hID, uint8_t *em, size_t em_len, uint8_t *m, size_t *mLen);
187
188// For PKCS1.5
189#define PKCS1_DIGEST_BUFFER_LENGTH 64
190
191typedef struct cx_pkcs1_s {
192 union {
193 cx_hash_t hash;
194#if defined(HAVE_SHA256)
195 cx_sha256_t sha256;
196#endif // HAVE_SHA256
197
198#if defined(HAVE_SHA512)
199 cx_sha512_t sha512;
200#endif // HAVE_SHA512
201 } hash_ctx;
202 uint8_t digest[PKCS1_DIGEST_BUFFER_LENGTH];
203 uint8_t MGF1[512];
204} cx_pkcs1_t;
205
206#if defined(HAVE_SHA224)
207#define CX_OID_SHA224_LENGTH 19
208extern uint8_t const C_cx_oid_sha224[CX_OID_SHA224_LENGTH];
209#endif // HAVE_SHA224
210
211#if defined(HAVE_SHA256)
212#define CX_OID_SHA256_LENGTH 19
213extern uint8_t const C_cx_oid_sha256[CX_OID_SHA256_LENGTH];
214#endif // HAVE_SHA256
215
216#if defined(HAVE_SHA384)
217#define CX_OID_SHA384_LENGTH 19
218extern uint8_t const C_cx_oid_sha384[CX_OID_SHA384_LENGTH];
219#endif // HAVE_SHA384
220
221#if defined(HAVE_SHA512)
222#define CX_OID_SHA512_LENGTH 19
223extern uint8_t const C_cx_oid_sha512[CX_OID_SHA512_LENGTH];
224#endif // HAVE_SHA512
225
226#if defined(HAVE_SHA3)
227#define CX_OID_SHA3_256_LENGTH 19
228extern uint8_t const C_cx_oid_sha3_256[CX_OID_SHA3_256_LENGTH];
229
230#define CX_OID_SHA3_512_LENGTH 19
231extern uint8_t const C_cx_oid_sha3_512[CX_OID_SHA3_512_LENGTH];
232#endif // HAVE_SHA3
233
234WARN_UNUSED_RESULT cx_err_t cx_rsa_get_public_components(const cx_rsa_public_key_t *key,
235 uint8_t **e,
236 uint8_t **n);
237WARN_UNUSED_RESULT cx_err_t cx_rsa_get_private_components(const cx_rsa_private_key_t *key,
238 uint8_t **d,
239 uint8_t **n);
240
241WARN_UNUSED_RESULT cx_err_t cx_rsa_private_key_ctx_size(const cx_rsa_private_key_t *key,
242 size_t *size);
243
244#endif // CX_RSA_H
245#endif // HAVE_RSA
lcx_hash.h
Hash functions.
lcx_rsa.h
RSA algorithm.
Generated by doxygen 1.9.8