 |
m2mb API docs
30.00.007
m2mb API sets documentation
|
|
m2mb API docs
30.00.007
m2mb API sets documentation
|
The RSA public-key cryptosystem.
More...
Enumerations | |
| enum | M2MB_CRYPTO_RSA_PADDING_TYPE_E { M2MB_CRYPTO_RSA_PADDING_PKCS1_V15, M2MB_CRYPTO_RSA_PADDING_PKCS1_OAEP, M2MB_CRYPTO_RSA_PADDING_PKCS1_PSS, M2MB_CRYPTO_RSA_PADDING_PKCS1_PSS_AUTORECOVER_SALTLEN, M2MB_CRYPTO_RSA_PADDING_NONE } |
| Padding types for RSA encryption. More... | |
| enum | M2MB_CRYPTO_RSA_MODE_E { M2MB_CRYPTO_RSA_PUBLIC, M2MB_CRYPTO_RSA_PRIVATE } |
| The operation mode (encrypt/decrypt). | |
Functions | |
| M2MB_RESULT_E | m2mb_crypto_rsa_init (M2MB_CRYPTO_RSA_CONTEXT *ctx, M2MB_CRYPTO_RSA_PADDING_TYPE_E padding_type, M2MB_CRYPTO_MD_ALG_E hash_id) |
| Allocates an M2MB_CRYPTO_RSA_CONTEXT structure. More... | |
| M2MB_RESULT_E | m2mb_crypto_rsa_deinit (M2MB_CRYPTO_RSA_CONTEXT ctx) |
| Free an M2MB_CRYPTO_RSA_CONTEXT structure. More... | |
| M2MB_RESULT_E | m2mb_crypto_rsa_public (M2MB_CRYPTO_RSA_CONTEXT ctx, const UINT8 *in, UINT8 *out) |
| RSA public key operation. More... | |
| M2MB_RESULT_E | m2mb_crypto_rsa_private (M2MB_CRYPTO_RSA_CONTEXT ctx, const UINT8 *in, UINT8 *out) |
| RSA private key operation. More... | |
| M2MB_RESULT_E | m2mb_crypto_rsa_generate_key (M2MB_CRYPTO_RSA_CONTEXT ctx, UINT32 key_size, UINT32 public_exponent) |
| Generates an RSA key pair. More... | |
| M2MB_RESULT_E | m2mb_crypto_rsa_keyblob_export (M2MB_CRYPTO_RSA_CONTEXT ctx, UINT8 *keyblob, UINT32 *keyblob_length) |
| Exports an RSA key pair blob from the given context. The blob is encrypted with a device specific key and can only be used on the same HW originating it. More... | |
| M2MB_RESULT_E | m2mb_crypto_rsa_keyblob_import (M2MB_CRYPTO_RSA_CONTEXT ctx, const UINT8 *keyblob, UINT32 keyblob_length) |
| Imports an RSA key pair into the context. More... | |
| M2MB_RESULT_E | m2mb_crypto_rsa_public_key_export (M2MB_CRYPTO_RSA_CONTEXT ctx, UINT8 *modulus, UINT32 *modulus_size, UINT8 *public_exponent, UINT32 *public_exponent_size) |
| Exports an RSA public key from the given context. More... | |
| M2MB_RESULT_E | m2mb_crypto_rsa_public_key_import (M2MB_CRYPTO_RSA_CONTEXT ctx, const UINT8 *modulus, UINT32 modulus_size, const UINT8 *public_exponent, UINT32 public_exponent_size) |
| Imports an RSA public key to the given context. More... | |
| M2MB_RESULT_E | m2mb_crypto_rsa_externalkey_import (M2MB_CRYPTO_RSA_CONTEXT ctx, const UINT8 *modulus, UINT32 modulus_size, const UINT8 *p_factor, UINT32 p_factor_size, const UINT8 *q_factor, UINT32 q_factor_size, const UINT8 *public_exponent, UINT32 public_exponent_size, const UINT8 *private_exponent, UINT32 private_exponent_size, M2MB_CRYPTO_RSA_PADDING_TYPE_E padding_type) |
| Imports an externally generated RSA key pair into the context. More... | |
| M2MB_RESULT_E | m2mb_crypto_rsa_encrypt (M2MB_CRYPTO_RSA_CONTEXT ctx, M2MB_CRYPTO_RSA_MODE_E mode, SIZE_T inlen, const UINT8 *in, UINT8 *out) |
| Generic RSA PKCS#1 encryption method. More... | |
| M2MB_RESULT_E | m2mb_crypto_rsa_decrypt (M2MB_CRYPTO_RSA_CONTEXT ctx, M2MB_CRYPTO_RSA_MODE_E mode, SIZE_T *outlen, UINT8 *out, SIZE_T out_max_len, const UINT8 *in) |
| Generic RSA PKCS#1 decryption method. More... | |
| M2MB_RESULT_E | m2mb_crypto_rsa_sign (M2MB_CRYPTO_RSA_CONTEXT ctx, M2MB_CRYPTO_RSA_MODE_E mode, M2MB_CRYPTO_MD_ALG_E md_alg, UINT32 hashlen, const UINT8 *hash, UINT8 *sig) |
| Generic RSA PKCS#1 signature creation method. The signature is created using the context key (created via the m2mb_crypto_rsa_generate_key()). More... | |
| M2MB_RESULT_E | m2mb_crypto_rsa_verify (M2MB_CRYPTO_RSA_CONTEXT ctx, UINT8 *pubkey, UINT32 pubkey_length, M2MB_CRYPTO_MD_ALG_E md_alg, UINT32 hashlen, const UINT8 *hash, const UINT8 *sig) |
| Generic RSA PKCS#1 signature verification method. More... | |
The RSA public-key cryptosystem.
Padding types for RSA encryption.
| M2MB_RESULT_E m2mb_crypto_rsa_decrypt | ( | M2MB_CRYPTO_RSA_CONTEXT | ctx, |
| M2MB_CRYPTO_RSA_MODE_E | mode, | ||
| SIZE_T * | outlen, | ||
| UINT8 * | out, | ||
| SIZE_T | out_max_len, | ||
| const UINT8 * | in | ||
| ) |
Generic RSA PKCS#1 decryption method.
This function decrypts <inlen> bytes from <in> buffer using the public/private key from <ctx> (depending on the <mode> provided).
and writes, at most, out_max_len bytes of cyphertext data to <out>.
inlen cannot be bigger than the modulus size.
| [in] | ctx | Pointer to a context structure previously allocated by m2mb_crypto_rsa_init(). |
| [in] | mode | M2MB_CRYPTO_RSA_PUBLIC or M2MB_CRYPTO_RSA_PRIVATE |
| [out] | outlen | The length, in bytes, of the plaintext data put into <out> |
| [out] | out | The buffer that will hold the resulting plaintext. Must be as large as the RSA modulus size . |
| [in] | out_max_len | The maximum length of the out buffer |
| [in] | in | The ciphertext buffer to decrypt. Must be as large as the size of the modulus (eg. 128 bytes if RSA-1024 is used) |
Example
| M2MB_RESULT_E m2mb_crypto_rsa_deinit | ( | M2MB_CRYPTO_RSA_CONTEXT | ctx | ) |
Free an M2MB_CRYPTO_RSA_CONTEXT structure.
This function free a previously allocated RSA context.
| [in] | ctx | Pointer to a context structure to be free by this function. |
Example
| M2MB_RESULT_E m2mb_crypto_rsa_encrypt | ( | M2MB_CRYPTO_RSA_CONTEXT | ctx, |
| M2MB_CRYPTO_RSA_MODE_E | mode, | ||
| SIZE_T | inlen, | ||
| const UINT8 * | in, | ||
| UINT8 * | out | ||
| ) |
Generic RSA PKCS#1 encryption method.
This function encrypts <inlen> bytes from <in> buffer using the public/private key from <ctx> (depending on the <mode> provided>).
and writes, at most, <modulus> bytes of cyphertext data to <out>.
| [in] | ctx | Pointer to a context structure previously allocated by m2mb_crypto_rsa_init(). |
| [in] | mode | M2MB_CRYPTO_RSA_PUBLIC or M2MB_CRYPTO_RSA_PRIVATE |
| [in] | inlen | The length, in bytes, of the <in> plaintext buffer |
| [in] | in | The plaintext buffer to encrypt. |
| [out] | out | The buffer that will hold the ciphertext. Must be in the size of RSA modulus size(eg. 128 bytes if RSA-1024 is used). |
Example
| M2MB_RESULT_E m2mb_crypto_rsa_externalkey_import | ( | M2MB_CRYPTO_RSA_CONTEXT | ctx, |
| const UINT8 * | modulus, | ||
| UINT32 | modulus_size, | ||
| const UINT8 * | p_factor, | ||
| UINT32 | p_factor_size, | ||
| const UINT8 * | q_factor, | ||
| UINT32 | q_factor_size, | ||
| const UINT8 * | public_exponent, | ||
| UINT32 | public_exponent_size, | ||
| const UINT8 * | private_exponent, | ||
| UINT32 | private_exponent_size, | ||
| M2MB_CRYPTO_RSA_PADDING_TYPE_E | padding_type | ||
| ) |
Imports an externally generated RSA key pair into the context.
m2mb_crypto_rsa_externalkey_import
This function imports a given RSA key pair (which was created by an external implementation) to the provided context.
This basically allows using of a keys not created by the m2mb_crypto component.
| [in] | ctx | Pointer to a context structure previously allocated by m2mb_crypto_rsa_init(). |
| [in] | modulus | RSA modulus |
| [in] | modulus_size | RSA modulus size |
| [in] | p_factor | RSA p factor |
| [in] | p_factor_size | RSA p factor size |
| [in] | q_factor | RSA q factor |
| [in] | q_factor_size | RSA q factor size |
| [in] | public_exponent | RSA public exponent. |
| [in] | public_exponent_size | RSA public exponent size. |
| [in] | private_exponent | RSA private exponent. |
| [in] | private_exponent_size | RSA private exponent size. |
| [in] | padding_type | Padding type to use. |
Example
| M2MB_RESULT_E m2mb_crypto_rsa_generate_key | ( | M2MB_CRYPTO_RSA_CONTEXT | ctx, |
| UINT32 | key_size, | ||
| UINT32 | public_exponent | ||
| ) |
Generates an RSA key pair.
This function generates an RSA key pair.
The RSA key pair is stored in the context and can be exported via a call to m2mb_crypto_rsa_key_export().
| [in] | ctx | Pointer to a context structure previously allocated by m2mb_crypto_rsa_init(). |
| [in] | key_size | RSA key length (in bits). |
| [in] | public_exponent | The public key exponent |
Example
| M2MB_RESULT_E m2mb_crypto_rsa_init | ( | M2MB_CRYPTO_RSA_CONTEXT * | ctx, |
| M2MB_CRYPTO_RSA_PADDING_TYPE_E | padding_type, | ||
| M2MB_CRYPTO_MD_ALG_E | hash_id | ||
| ) |
Allocates an M2MB_CRYPTO_RSA_CONTEXT structure.
This function allocates an RSA context to be later used by any RSA function.
| [in] | ctx | Pointer to a context structure to be allocated by this function. Any consecutive call to RSA function must use this context. |
| [in] | padding_type | Padding type to use. |
| [in] | hash_id | The index of hash algorithm used for generating signature. M2MB_CRYPTO_RSA_PADDING_PKCS1_V15 does not require hash ID. |
Example
| M2MB_RESULT_E m2mb_crypto_rsa_keyblob_export | ( | M2MB_CRYPTO_RSA_CONTEXT | ctx, |
| UINT8 * | keyblob, | ||
| UINT32 * | keyblob_length | ||
| ) |
Exports an RSA key pair blob from the given context.
The blob is encrypted with a device specific key and can only be used on the same HW originating it.
This function exports an RSA key pair for the given context.
Assumption made is that the context already have keys, i.e. keys were created using the m2mb_crypto_rsa_generate_key()
| [in] | ctx | Pointer to a context structure previously allocated by m2mb_crypto_rsa_init(). |
| [out] | keyblob | The buffer that will hold the result keyblob representing the exported RSA key pair. If keyblob ptr is NULL, this function will return the number of bytes required for the keyblob via the keyblob_length pointer. |
| [out] | keyblob_length | The length of the RSA key blob |
Example
| M2MB_RESULT_E m2mb_crypto_rsa_keyblob_import | ( | M2MB_CRYPTO_RSA_CONTEXT | ctx, |
| const UINT8 * | keyblob, | ||
| UINT32 | keyblob_length | ||
| ) |
Imports an RSA key pair into the context.
This function imports a given keyblob (which was previously created by m2mb_crypto_rsa_generate_key and was exported by m2mb_crypto_rsa_key_export) to the provided context.
This basically allows using of an old keys with an existing context.
The blob is encrypted with a device specific key and can only be used on the same HW originating it.
| [in] | ctx | Pointer to a context structure previously allocated by m2mb_crypto_rsa_init(). |
| [in] | keyblob | The keyblob previously exported using m2mb_crypto_rsa_key_export() that will be imported into the given context. These keys can then be used for RSA operations like encrypt, decrypt, sign & verify. |
| [in] | keyblob_length | The length of the RSA key blob |
Example
| M2MB_RESULT_E m2mb_crypto_rsa_private | ( | M2MB_CRYPTO_RSA_CONTEXT | ctx, |
| const UINT8 * | in, | ||
| UINT8 * | out | ||
| ) |
RSA private key operation.
This function is doing an RSA private key operation.
Usually part of the RSA signature process, i.e. this is one of the RSA signature building blocks.
| [in] | ctx | Pointer to a context structure previously allocated by m2mb_crypto_rsa_init(). |
| [in] | in | The input buffer. |
| [out] | out | The output buffer. |
Example
| M2MB_RESULT_E m2mb_crypto_rsa_public | ( | M2MB_CRYPTO_RSA_CONTEXT | ctx, |
| const UINT8 * | in, | ||
| UINT8 * | out | ||
| ) |
RSA public key operation.
This function is doing an RSA public key operation.
Usually part of the RSA signature verification process, i.e. this is one of the RSA signature verification building blocks.
| [in] | ctx | Pointer to a context structure previously allocated by m2mb_crypto_rsa_init(). |
| [in] | in | The input buffer that must be large enough for the RSA operation key that is used (e.g. 128 bytes if RSA-1024 is used). |
| [out] | out | The output buffer that must be large enough for the RSA operation key that is used (e.g. 128 bytes if RSA-1024 is used). |
Example
| M2MB_RESULT_E m2mb_crypto_rsa_public_key_export | ( | M2MB_CRYPTO_RSA_CONTEXT | ctx, |
| UINT8 * | modulus, | ||
| UINT32 * | modulus_size, | ||
| UINT8 * | public_exponent, | ||
| UINT32 * | public_exponent_size | ||
| ) |
Exports an RSA public key from the given context.
This function exports an RSA public key exponent and modulus for the given context.
The RSA public key information will be exported from the given context (assuming context has keys associated).
| [in] | ctx | Pointer to a context structure previously allocated by m2mb_crypto_rsa_init(). |
| [out] | modulus | RSA modulus. If modulus ptr is NULL, this function will return the number of bytes required for the modulus via the modulus_size pointer. |
| [out] | modulus_size | RSA modulus size |
| [out] | public_exponent | RSA public exponent. If public_exponent ptr is NULL, this function will return the number of bytes required for the public_exponent via the public_exponent_size pointer. |
| [out] | public_exponent_size | RSA public exponent size. |
Example
| M2MB_RESULT_E m2mb_crypto_rsa_public_key_import | ( | M2MB_CRYPTO_RSA_CONTEXT | ctx, |
| const UINT8 * | modulus, | ||
| UINT32 | modulus_size, | ||
| const UINT8 * | public_exponent, | ||
| UINT32 | public_exponent_size | ||
| ) |
Imports an RSA public key to the given context.
This function imports an RSA public key exponent and modulus into the given context.
The RSA public key information, i.e. exponent and mudulus will be stored into the provided context.
| [in] | ctx | Pointer to a context structure previously allocated by m2mb_crypto_rsa_init(). |
| [in] | modulus | RSA modulus. Must not be NULL. |
| [in] | modulus_size | RSA modulus size, in bytes. |
| [in] | public_exponent | RSA public exponent. Must not be NULL. |
| [in] | public_exponent_size | RSA public exponent size, in bytes. |
Example
| M2MB_RESULT_E m2mb_crypto_rsa_sign | ( | M2MB_CRYPTO_RSA_CONTEXT | ctx, |
| M2MB_CRYPTO_RSA_MODE_E | mode, | ||
| M2MB_CRYPTO_MD_ALG_E | md_alg, | ||
| UINT32 | hashlen, | ||
| const UINT8 * | hash, | ||
| UINT8 * | sig | ||
| ) |
Generic RSA PKCS#1 signature creation method.
The signature is created using the context key (created via the m2mb_crypto_rsa_generate_key()).
This function will use the padding setup (done by m2mb_crypto_rsa_init()) and do a private RSA operation to sign the message digest.
| [in] | ctx | Pointer to a context structure previously allocated by m2mb_crypto_rsa_init(). |
| [in] | mode | M2MB_CRYPTO_RSA_PUBLIC or M2MB_CRYPTO_RSA_PRIVATE |
| [out] | md_alg | The message digest algorithm or M2MB_CRYPTO_MD_NONE for raw data signing. |
| [out] | hashlen | The length of the provided <hash>, i.e. the message digest length. Is only required when using <md_alg>=M2MB_CRYPTO_MD_NONE. and concluded automatically from the hash algorithm if md_alg is specified. |
| [in] | hash | The message digest to sign. |
| [out] | sig | The result ciphertext. |
Example
| M2MB_RESULT_E m2mb_crypto_rsa_verify | ( | M2MB_CRYPTO_RSA_CONTEXT | ctx, |
| UINT8 * | pubkey, | ||
| UINT32 | pubkey_length, | ||
| M2MB_CRYPTO_MD_ALG_E | md_alg, | ||
| UINT32 | hashlen, | ||
| const UINT8 * | hash, | ||
| const UINT8 * | sig | ||
| ) |
Generic RSA PKCS#1 signature verification method.
This function will use the padding setup (done by m2mb_crypto_rsa_init()) and will do a public RSA operation to verify the signature.
| [in] | ctx | Pointer to a context structure previously initialized by m2mb_crypto_rsa_init(). |
| [in] | pubkey | The public key to use for the verification (plaintext). If set to NULL, the public key from the context will be used, if exist. |
| [in] | pubkey_length | The length of the provided public key. |
| [out] | md_alg | The message digest algorithm or M2MB_CRYPTO_MD_NONE for raw data verification. |
| [out] | hashlen | The length of the provided <hash>, i.e. the message digest length. Is only required when using <md_alg>=M2MB_CRYPTO_MD_NONE and concluded automatically from the hash algorithm if md_alg is specified. |
| [in] | hash | The message digest to verify it's signature. |
| [in] | sig | The signature ciphertext to verify against the hash. |
Example
1.8.16