98
45
void rsa_free(rsa_key *key);
100
47
/* These use PKCS #1 v2.0 padding */
101
int rsa_encrypt_key(const unsigned char *in, unsigned long inlen,
102
unsigned char *out, unsigned long *outlen,
103
const unsigned char *lparam, unsigned long lparamlen,
104
prng_state *prng, int prng_idx, int hash_idx, rsa_key *key);
106
int rsa_decrypt_key(const unsigned char *in, unsigned long inlen,
107
unsigned char *out, unsigned long *outlen,
108
const unsigned char *lparam, unsigned long lparamlen,
109
int hash_idx, int *stat,
112
int rsa_sign_hash(const unsigned char *in, unsigned long inlen,
113
unsigned char *out, unsigned long *outlen,
114
prng_state *prng, int prng_idx,
115
int hash_idx, unsigned long saltlen,
118
int rsa_verify_hash(const unsigned char *sig, unsigned long siglen,
119
const unsigned char *hash, unsigned long hashlen,
120
int hash_idx, unsigned long saltlen,
121
int *stat, rsa_key *key);
48
#define rsa_encrypt_key(_in, _inlen, _out, _outlen, _lparam, _lparamlen, _prng, _prng_idx, _hash_idx, _key) \
49
rsa_encrypt_key_ex(_in, _inlen, _out, _outlen, _lparam, _lparamlen, _prng, _prng_idx, _hash_idx, LTC_PKCS_1_OAEP, _key)
51
#define rsa_decrypt_key(_in, _inlen, _out, _outlen, _lparam, _lparamlen, _hash_idx, _stat, _key) \
52
rsa_decrypt_key_ex(_in, _inlen, _out, _outlen, _lparam, _lparamlen, _hash_idx, LTC_PKCS_1_OAEP, _stat, _key)
54
#define rsa_sign_hash(_in, _inlen, _out, _outlen, _prng, _prng_idx, _hash_idx, _saltlen, _key) \
55
rsa_sign_hash_ex(_in, _inlen, _out, _outlen, LTC_PKCS_1_PSS, _prng, _prng_idx, _hash_idx, _saltlen, _key)
57
#define rsa_verify_hash(_sig, _siglen, _hash, _hashlen, _hash_idx, _saltlen, _stat, _key) \
58
rsa_verify_hash_ex(_sig, _siglen, _hash, _hashlen, LTC_PKCS_1_PSS, _hash_idx, _saltlen, _stat, _key)
60
/* These can be switched between PKCS #1 v2.x and PKCS #1 v1.5 paddings */
61
int rsa_encrypt_key_ex(const unsigned char *in, unsigned long inlen,
62
unsigned char *out, unsigned long *outlen,
63
const unsigned char *lparam, unsigned long lparamlen,
64
prng_state *prng, int prng_idx, int hash_idx, int padding, rsa_key *key);
66
int rsa_decrypt_key_ex(const unsigned char *in, unsigned long inlen,
67
unsigned char *out, unsigned long *outlen,
68
const unsigned char *lparam, unsigned long lparamlen,
69
int hash_idx, int padding,
70
int *stat, rsa_key *key);
72
int rsa_sign_hash_ex(const unsigned char *in, unsigned long inlen,
73
unsigned char *out, unsigned long *outlen,
75
prng_state *prng, int prng_idx,
76
int hash_idx, unsigned long saltlen,
79
int rsa_verify_hash_ex(const unsigned char *sig, unsigned long siglen,
80
const unsigned char *hash, unsigned long hashlen,
82
int hash_idx, unsigned long saltlen,
83
int *stat, rsa_key *key);
123
85
/* PKCS #1 import/export */
124
86
int rsa_export(unsigned char *out, unsigned long *outlen, int type, rsa_key *key);
129
/* ---- DH Routines ---- */
132
typedef struct Dh_key {
138
void dh_sizes(int *low, int *high);
139
int dh_get_size(dh_key *key);
141
int dh_make_key(prng_state *prng, int wprng, int keysize, dh_key *key);
142
void dh_free(dh_key *key);
144
int dh_export(unsigned char *out, unsigned long *outlen, int type, dh_key *key);
145
int dh_import(const unsigned char *in, unsigned long inlen, dh_key *key);
147
int dh_shared_secret(dh_key *private_key, dh_key *public_key,
148
unsigned char *out, unsigned long *outlen);
150
int dh_encrypt_key(const unsigned char *in, unsigned long keylen,
151
unsigned char *out, unsigned long *outlen,
152
prng_state *prng, int wprng, int hash,
155
int dh_decrypt_key(const unsigned char *in, unsigned long inlen,
156
unsigned char *out, unsigned long *outlen,
159
int dh_sign_hash(const unsigned char *in, unsigned long inlen,
160
unsigned char *out, unsigned long *outlen,
161
prng_state *prng, int wprng, dh_key *key);
163
int dh_verify_hash(const unsigned char *sig, unsigned long siglen,
164
const unsigned char *hash, unsigned long hashlen,
165
int *stat, dh_key *key);
94
/* Min and Max KAT key sizes (in bits) */
95
#define MIN_KAT_SIZE 1024
96
#define MAX_KAT_SIZE 4096
98
/** Katja PKCS style key */
99
typedef struct KAT_key {
100
/** Type of key, PK_PRIVATE or PK_PUBLIC */
102
/** The private exponent */
106
/** The p factor of N */
108
/** The q factor of N */
110
/** The 1/q mod p CRT param */
112
/** The d mod (p - 1) CRT param */
114
/** The d mod (q - 1) CRT param */
120
int katja_make_key(prng_state *prng, int wprng, int size, katja_key *key);
122
int katja_exptmod(const unsigned char *in, unsigned long inlen,
123
unsigned char *out, unsigned long *outlen, int which,
126
void katja_free(katja_key *key);
128
/* These use PKCS #1 v2.0 padding */
129
int katja_encrypt_key(const unsigned char *in, unsigned long inlen,
130
unsigned char *out, unsigned long *outlen,
131
const unsigned char *lparam, unsigned long lparamlen,
132
prng_state *prng, int prng_idx, int hash_idx, katja_key *key);
134
int katja_decrypt_key(const unsigned char *in, unsigned long inlen,
135
unsigned char *out, unsigned long *outlen,
136
const unsigned char *lparam, unsigned long lparamlen,
137
int hash_idx, int *stat,
140
/* PKCS #1 import/export */
141
int katja_export(unsigned char *out, unsigned long *outlen, int type, katja_key *key);
142
int katja_import(const unsigned char *in, unsigned long inlen, katja_key *key);
170
146
/* ---- ECC Routines ---- */
149
/* size of our temp buffers for exported keys */
150
#define ECC_BUF_SIZE 256
152
/* max private key size */
153
#define ECC_MAXSIZE 66
155
/** Structure defines a NIST GF(p) curve */
157
/** The size of the curve in octets */
163
/** The prime that defines the field the curve is in (encoded in hex) */
166
/** The fields B param (hex) */
169
/** The order of the curve (hex) */
172
/** The x co-ordinate of the base point on the curve (hex) */
175
/** The y co-ordinate of the base point on the curve (hex) */
179
/** A point on a ECC curve, stored in Jacbobian format such that (x,y,z) => (x/z^2, y/z^3, 1) when interpretted as affine */
181
/** The x co-ordinate */
184
/** The y co-ordinate */
187
/** The z co-ordinate */
193
/** Type of key, PK_PRIVATE or PK_PUBLIC */
196
/** Index into the ltc_ecc_sets[] for the parameters of this curve; if -1, then this key is using user supplied curve in dp */
199
/** pointer to domain parameters; either points to NIST curves (identified by idx >= 0) or user supplied curve */
200
const ltc_ecc_set_type *dp;
202
/** The public key */
178
203
ecc_point pubkey;
205
/** The private key */
209
/** the ECC params provided */
210
extern const ltc_ecc_set_type ltc_ecc_sets[];
183
213
void ecc_sizes(int *low, int *high);
184
int ecc_get_size(ecc_key *key);
214
int ecc_get_size(ecc_key *key);
186
int ecc_make_key(prng_state *prng, int wprng, int keysize, ecc_key *key);
216
int ecc_make_key(prng_state *prng, int wprng, int keysize, ecc_key *key);
217
int ecc_make_key_ex(prng_state *prng, int wprng, ecc_key *key, const ltc_ecc_set_type *dp);
187
218
void ecc_free(ecc_key *key);
189
int ecc_export(unsigned char *out, unsigned long *outlen, int type, ecc_key *key);
190
int ecc_import(const unsigned char *in, unsigned long inlen, ecc_key *key);
192
int ecc_shared_secret(ecc_key *private_key, ecc_key *public_key,
193
unsigned char *out, unsigned long *outlen);
195
int ecc_encrypt_key(const unsigned char *in, unsigned long inlen,
196
unsigned char *out, unsigned long *outlen,
197
prng_state *prng, int wprng, int hash,
200
int ecc_decrypt_key(const unsigned char *in, unsigned long inlen,
201
unsigned char *out, unsigned long *outlen,
204
int ecc_sign_hash(const unsigned char *in, unsigned long inlen,
205
unsigned char *out, unsigned long *outlen,
206
prng_state *prng, int wprng, ecc_key *key);
208
int ecc_verify_hash(const unsigned char *sig, unsigned long siglen,
209
const unsigned char *hash, unsigned long hashlen,
210
int *stat, ecc_key *key);
220
int ecc_export(unsigned char *out, unsigned long *outlen, int type, ecc_key *key);
221
int ecc_import(const unsigned char *in, unsigned long inlen, ecc_key *key);
222
int ecc_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, const ltc_ecc_set_type *dp);
224
int ecc_ansi_x963_export(ecc_key *key, unsigned char *out, unsigned long *outlen);
225
int ecc_ansi_x963_import(const unsigned char *in, unsigned long inlen, ecc_key *key);
226
int ecc_ansi_x963_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, ltc_ecc_set_type *dp);
228
int ecc_shared_secret(ecc_key *private_key, ecc_key *public_key,
229
unsigned char *out, unsigned long *outlen);
231
int ecc_encrypt_key(const unsigned char *in, unsigned long inlen,
232
unsigned char *out, unsigned long *outlen,
233
prng_state *prng, int wprng, int hash,
236
int ecc_decrypt_key(const unsigned char *in, unsigned long inlen,
237
unsigned char *out, unsigned long *outlen,
240
int ecc_sign_hash(const unsigned char *in, unsigned long inlen,
241
unsigned char *out, unsigned long *outlen,
242
prng_state *prng, int wprng, ecc_key *key);
244
int ecc_verify_hash(const unsigned char *sig, unsigned long siglen,
245
const unsigned char *hash, unsigned long hashlen,
246
int *stat, ecc_key *key);
248
/* low level functions */
249
ecc_point *ltc_ecc_new_point(void);
250
void ltc_ecc_del_point(ecc_point *p);
251
int ltc_ecc_is_valid_idx(int n);
253
/* point ops (mp == montgomery digit) */
254
#if !defined(MECC_ACCEL) || defined(LTM_DESC) || defined(GMP_DESC)
256
int ltc_ecc_projective_dbl_point(ecc_point *P, ecc_point *R, void *modulus, void *mp);
259
int ltc_ecc_projective_add_point(ecc_point *P, ecc_point *Q, ecc_point *R, void *modulus, void *mp);
263
int ltc_ecc_fp_mulmod(void *k, ecc_point *G, ecc_point *R, void *modulus, int map);
264
int ltc_ecc_fp_save_state(unsigned char **out, unsigned long *outlen);
265
int ltc_ecc_fp_restore_state(unsigned char *in, unsigned long inlen);
266
void ltc_ecc_fp_free(void);
270
int ltc_ecc_mulmod(void *k, ecc_point *G, ecc_point *R, void *modulus, int map);
272
#ifdef LTC_ECC_SHAMIR
273
/* kA*A + kB*B = C */
274
int ltc_ecc_mul2add(ecc_point *A, void *kA,
275
ecc_point *B, void *kB,
280
int ltc_ecc_fp_mul2add(ecc_point *A, void *kA,
281
ecc_point *B, void *kB,
282
ecc_point *C, void *modulus);
288
/* map P to affine from projective */
289
int ltc_ecc_map(ecc_point *P, void *modulus, void *mp);
295
/* Max diff between group and modulus size in bytes */
296
#define MDSA_DELTA 512
298
/* Max DSA group size in bytes (default allows 4k-bit groups) */
299
#define MDSA_MAX_GROUP 512
301
/** DSA key structure */
218
mp_int g, q, p, x, y;
303
/** The key type, PK_PRIVATE or PK_PUBLIC */
306
/** The order of the sub-group used in octets */
312
/** The prime used to generate the sub-group */
315
/** The large prime that generats the field the contains the sub-group */
318
/** The private key */
321
/** The public key */
221
325
int dsa_make_key(prng_state *prng, int wprng, int group_size, int modulus_size, dsa_key *key);
222
326
void dsa_free(dsa_key *key);
225
328
int dsa_sign_hash_raw(const unsigned char *in, unsigned long inlen,
226
mp_int *r, mp_int *s,
227
330
prng_state *prng, int wprng, dsa_key *key);
229
332
int dsa_sign_hash(const unsigned char *in, unsigned long inlen,
230
333
unsigned char *out, unsigned long *outlen,
231
334
prng_state *prng, int wprng, dsa_key *key);
233
int dsa_verify_hash_raw( mp_int *r, mp_int *s,
336
int dsa_verify_hash_raw( void *r, void *s,
234
337
const unsigned char *hash, unsigned long hashlen,
235
338
int *stat, dsa_key *key);
277
400
int LTC_MACRO_temp = (index); \
278
401
ltc_asn1_list *LTC_MACRO_list = (list); \
279
402
LTC_MACRO_list[LTC_MACRO_temp].type = (Type); \
280
LTC_MACRO_list[LTC_MACRO_temp].data = (Data); \
403
LTC_MACRO_list[LTC_MACRO_temp].data = (void*)(Data); \
281
404
LTC_MACRO_list[LTC_MACRO_temp].size = (Size); \
282
405
LTC_MACRO_list[LTC_MACRO_temp].used = 0; \
286
int der_encode_sequence(ltc_asn1_list *list, unsigned long inlen,
287
unsigned char *out, unsigned long *outlen);
409
int der_encode_sequence_ex(ltc_asn1_list *list, unsigned long inlen,
410
unsigned char *out, unsigned long *outlen, int type_of);
412
#define der_encode_sequence(list, inlen, out, outlen) der_encode_sequence_ex(list, inlen, out, outlen, LTC_ASN1_SEQUENCE)
289
int der_decode_sequence(const unsigned char *in, unsigned long inlen,
290
ltc_asn1_list *list, unsigned long outlen);
414
int der_decode_sequence_ex(const unsigned char *in, unsigned long inlen,
415
ltc_asn1_list *list, unsigned long outlen, int ordered);
417
#define der_decode_sequence(in, inlen, list, outlen) der_decode_sequence_ex(in, inlen, list, outlen, 1)
292
419
int der_length_sequence(ltc_asn1_list *list, unsigned long inlen,
293
420
unsigned long *outlen);
295
/* VA list handy helpers */
423
#define der_decode_set(in, inlen, list, outlen) der_decode_sequence_ex(in, inlen, list, outlen, 0)
424
#define der_length_set der_length_sequence
425
int der_encode_set(ltc_asn1_list *list, unsigned long inlen,
426
unsigned char *out, unsigned long *outlen);
428
int der_encode_setof(ltc_asn1_list *list, unsigned long inlen,
429
unsigned char *out, unsigned long *outlen);
431
/* VA list handy helpers with triplets of <type, size, data> */
296
432
int der_encode_sequence_multi(unsigned char *out, unsigned long *outlen, ...);
297
433
int der_decode_sequence_multi(const unsigned char *in, unsigned long inlen, ...);
435
/* FLEXI DECODER handle unknown list decoder */
436
int der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc_asn1_list **out);
437
void der_free_sequence_flexi(ltc_asn1_list *list);
438
void der_sequence_free(ltc_asn1_list *in);
441
int der_length_boolean(unsigned long *outlen);
442
int der_encode_boolean(int in,
443
unsigned char *out, unsigned long *outlen);
444
int der_decode_boolean(const unsigned char *in, unsigned long inlen,
300
int der_encode_integer(mp_int *num, unsigned char *out, unsigned long *outlen);
301
int der_decode_integer(const unsigned char *in, unsigned long inlen, mp_int *num);
302
int der_length_integer(mp_int *num, unsigned long *len);
447
int der_encode_integer(void *num, unsigned char *out, unsigned long *outlen);
448
int der_decode_integer(const unsigned char *in, unsigned long inlen, void *num);
449
int der_length_integer(void *num, unsigned long *len);
304
451
/* INTEGER -- handy for 0..2^32-1 values */
305
452
int der_decode_short_integer(const unsigned char *in, unsigned long inlen, unsigned long *num);