01898d8e |
1 | /* -*-c-*- |
2 | * |
81e9d7ec |
3 | * $Id: rsa.h,v 1.2 2000/06/17 12:07:36 mdw Exp $ |
01898d8e |
4 | * |
5 | * The RSA public-key cryptosystem |
6 | * |
7 | * (c) 1999 Straylight/Edgeware |
8 | */ |
9 | |
10 | /*----- Licensing notice --------------------------------------------------* |
11 | * |
12 | * This file is part of Catacomb. |
13 | * |
14 | * Catacomb is free software; you can redistribute it and/or modify |
15 | * it under the terms of the GNU Library General Public License as |
16 | * published by the Free Software Foundation; either version 2 of the |
17 | * License, or (at your option) any later version. |
18 | * |
19 | * Catacomb is distributed in the hope that it will be useful, |
20 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
21 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
22 | * GNU Library General Public License for more details. |
23 | * |
24 | * You should have received a copy of the GNU Library General Public |
25 | * License along with Catacomb; if not, write to the Free |
26 | * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, |
27 | * MA 02111-1307, USA. |
28 | */ |
29 | |
30 | /*----- Revision history --------------------------------------------------* |
31 | * |
32 | * $Log: rsa.h,v $ |
81e9d7ec |
33 | * Revision 1.2 2000/06/17 12:07:36 mdw |
34 | * Add key fetching interface. Add new rsa_decrypt interface. |
35 | * |
01898d8e |
36 | * Revision 1.1 1999/12/22 15:50:45 mdw |
37 | * Initial RSA support. |
38 | * |
39 | */ |
40 | |
41 | #ifndef CATACOMB_RSA_H |
42 | #define CATACOMB_RSA_H |
43 | |
44 | #ifdef __cplusplus |
45 | extern "C" { |
46 | #endif |
47 | |
48 | /*----- Header files ------------------------------------------------------*/ |
49 | |
50 | #ifndef CATACOMB_GRAND_H |
51 | # include "grand.h" |
52 | #endif |
53 | |
81e9d7ec |
54 | #ifndef CATACOMB_KEY_H |
55 | # include "key.h" |
56 | #endif |
57 | |
01898d8e |
58 | #ifndef CATACOMB_MP_H |
59 | # include "mp.h" |
60 | #endif |
61 | |
62 | #ifndef CATACOMB_PGEN_H |
63 | # include "pgen.h" |
64 | #endif |
65 | |
66 | /*----- Data structures ---------------------------------------------------*/ |
67 | |
81e9d7ec |
68 | typedef struct rsa_pub { |
01898d8e |
69 | mp *n; |
81e9d7ec |
70 | mp *e; |
71 | } rsa_pub; |
72 | |
73 | typedef struct rsa_param { |
74 | mp *n, *p, *q, *q_inv; |
01898d8e |
75 | mp *e, *d, *dp, *dq; |
81e9d7ec |
76 | } rsa_param, rsa_priv; |
77 | |
78 | typedef struct rsa_decctx { |
79 | rsa_param *rp; |
80 | grand *r; |
81 | mpmont nm, pm, qm; |
82 | } rsa_decctx; |
83 | |
84 | /*----- Key fetching ------------------------------------------------------*/ |
85 | |
86 | extern const key_fetchdef rsa_pubfetch[]; |
87 | #define RSA_PUBFETCHSZ 4 |
88 | |
89 | extern const key_fetchdef rsa_privfetch[]; |
90 | #define RSA_PRIVFETCHSZ 12 |
01898d8e |
91 | |
92 | /*----- Functions provided ------------------------------------------------*/ |
93 | |
94 | /* --- @rsa_gen@ --- * |
95 | * |
96 | * Arguments: @rsa_param *rp@ = pointer to block to be filled in |
97 | * @unsigned nbits@ = required modulus size in bits |
98 | * @grand *r@ = random number source |
99 | * @unsigned n@ = number of attempts to make |
100 | * @pgen_proc *event@ = event handler function |
101 | * @void *ectx@ = argument for the event handler |
102 | * |
103 | * Returns: Zero if all went well, nonzero otherwise. |
104 | * |
105 | * Use: Constructs a pair of strong RSA primes and other useful RSA |
106 | * parameters. A small encryption exponent is chosen if |
107 | * possible. |
108 | */ |
109 | |
110 | extern int rsa_gen(rsa_param */*rp*/, unsigned /*nbits*/, |
111 | grand */*r*/, unsigned /*n*/, |
112 | pgen_proc */*event*/, void */*ectx*/); |
113 | |
81e9d7ec |
114 | /* --- @rsa_deccreate@ --- * |
115 | * |
116 | * Arguments: @rsa_decctx *rd@ = pointer to an RSA decryption context |
117 | * @rsa_priv *rp@ = pointer to RSA private key |
118 | * @grand *r@ = pointer to random number source for blinding |
119 | * |
120 | * Returns: --- |
121 | * |
122 | * Use: Initializes an RSA decryption context. Keeping a context |
123 | * for several decryption or signing operations provides a minor |
124 | * performance benefit. |
125 | * |
126 | * The random number source may be null if blinding is not |
127 | * desired. This improves decryption speed, at the risk of |
128 | * permitting timing attacks. |
129 | */ |
130 | |
131 | extern void rsa_deccreate(rsa_decctx */*rd*/, rsa_param */*rp*/, |
132 | grand */*r*/); |
133 | |
134 | /* --- @rsa_decdestroy@ --- * |
135 | * |
136 | * Arguments: @rsa_decctx *rd@ = pointer to an RSA decryption context |
137 | * |
138 | * Returns: --- |
139 | * |
140 | * Use: Destroys an RSA decryption context. |
141 | */ |
142 | |
143 | extern void rsa_decdestroy(rsa_decctx */*rd*/); |
144 | |
145 | /* --- @rsa_dec@ --- * |
146 | * |
147 | * Arguments: @rsa_decctx *rd@ = pointer to RSA decryption context |
148 | * @mp *d@ = destination |
149 | * @mp *c@ = ciphertext message |
150 | * |
151 | * Returns: The recovered plaintext message. |
152 | * |
153 | * Use: Performs RSA decryption. This function takes advantage of |
154 | * knowledge of the key factors in order to speed up |
155 | * decryption. It also blinds the ciphertext prior to |
156 | * decryption and unblinds it afterwards to thwart timing |
157 | * attacks. |
158 | */ |
159 | |
160 | extern mp *rsa_dec(rsa_decctx */*rd*/, mp */*d*/, mp */*c*/); |
161 | |
01898d8e |
162 | /* --- @rsa_decrypt@ --- * |
163 | * |
164 | * Arguments: @rsa_param *rp@ = pointer to RSA parameters |
165 | * @mp *d@ = destination |
166 | * @mp *c@ = ciphertext message |
167 | * @grand *r@ = pointer to random number source for blinding |
168 | * |
169 | * Returns: Correctly decrypted message. |
170 | * |
171 | * Use: Performs RSA decryption, very carefully. |
172 | */ |
173 | |
174 | extern mp *rsa_decrypt(rsa_param */*rp*/, mp */*d*/, mp */*c*/, |
175 | grand */*r*/); |
176 | |
177 | /* --- @rsa_recover@ --- * |
178 | * |
179 | * Arguments: @rsa_param *rp@ = pointer to parameter block |
180 | * |
181 | * Returns: Zero if all went well, nonzero if the parameters make no |
182 | * sense. |
183 | * |
184 | * Use: Derives the full set of RSA parameters given a minimal set. |
185 | */ |
186 | |
187 | extern int rsa_recover(rsa_param */*rp*/); |
188 | |
189 | /*----- That's all, folks -------------------------------------------------*/ |
190 | |
191 | #ifdef __cplusplus |
192 | } |
193 | #endif |
194 | |
195 | #endif |