17c478bdstevel@tonic-gate/*
27c478bdstevel@tonic-gate * CDDL HEADER START
37c478bdstevel@tonic-gate *
47c478bdstevel@tonic-gate * The contents of this file are subject to the terms of the
520d5809Dina K Nimeh * Common Development and Distribution License (the "License").
620d5809Dina K Nimeh * You may not use this file except in compliance with the License.
77c478bdstevel@tonic-gate *
87c478bdstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
97c478bdstevel@tonic-gate * or http://www.opensolaris.org/os/licensing.
107c478bdstevel@tonic-gate * See the License for the specific language governing permissions
117c478bdstevel@tonic-gate * and limitations under the License.
127c478bdstevel@tonic-gate *
137c478bdstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each
147c478bdstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
157c478bdstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the
167c478bdstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying
177c478bdstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner]
187c478bdstevel@tonic-gate *
197c478bdstevel@tonic-gate * CDDL HEADER END
207c478bdstevel@tonic-gate */
21726fad2Dina K Nimeh
227c478bdstevel@tonic-gate/*
23726fad2Dina K Nimeh * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
247c478bdstevel@tonic-gate */
257c478bdstevel@tonic-gate
267c478bdstevel@tonic-gate#ifndef _RSA_IMPL_H
277c478bdstevel@tonic-gate#define	_RSA_IMPL_H
287c478bdstevel@tonic-gate
297c478bdstevel@tonic-gate#ifdef __cplusplus
307c478bdstevel@tonic-gateextern "C" {
317c478bdstevel@tonic-gate#endif
327c478bdstevel@tonic-gate
337c478bdstevel@tonic-gate#include <sys/types.h>
347c478bdstevel@tonic-gate#include <bignum.h>
357c478bdstevel@tonic-gate
367c478bdstevel@tonic-gate#define	MIN_RSA_KEYLENGTH_IN_BYTES	32
377c478bdstevel@tonic-gate#define	MAX_RSA_KEYLENGTH_IN_BYTES	512
387c478bdstevel@tonic-gate#define	RSA_MIN_KEY_LEN	256	/* RSA min key length in bits */
397c478bdstevel@tonic-gate#define	RSA_MAX_KEY_LEN	4096	/* RSA max key length in bits */
407c478bdstevel@tonic-gate
417c478bdstevel@tonic-gate#ifdef _KERNEL
427c478bdstevel@tonic-gate
437c478bdstevel@tonic-gate#include <sys/sunddi.h>
447c478bdstevel@tonic-gate#include <sys/crypto/common.h>
457c478bdstevel@tonic-gate
467c478bdstevel@tonic-gate#define	CK_BYTE			uchar_t
477c478bdstevel@tonic-gate#define	CK_ULONG		ulong_t
487c478bdstevel@tonic-gate#define	CK_RV			int
49726fad2Dina K Nimeh
507c478bdstevel@tonic-gate#define	CKR_OK			CRYPTO_SUCCESS
51726fad2Dina K Nimeh#define	CKR_ARGUMENTS_BAD	CRYPTO_ARGUMENTS_BAD
527c478bdstevel@tonic-gate#define	CKR_DATA_LEN_RANGE	CRYPTO_DATA_LEN_RANGE
53726fad2Dina K Nimeh#define	CKR_DEVICE_ERROR	CRYPTO_DEVICE_ERROR
54726fad2Dina K Nimeh#define	CKR_GENERAL_ERROR	CRYPTO_GENERAL_ERROR
55726fad2Dina K Nimeh#define	CKR_HOST_MEMORY		CRYPTO_HOST_MEMORY
56726fad2Dina K Nimeh#define	CKR_KEY_SIZE_RANGE	CRYPTO_KEY_SIZE_RANGE
57726fad2Dina K Nimeh
58726fad2Dina K Nimehint random_get_bytes(uint8_t *ran_out, size_t ran_len);
59726fad2Dina K Nimehint random_get_pseudo_bytes(uint8_t *ran_out, size_t ran_len);
607c478bdstevel@tonic-gate
617c478bdstevel@tonic-gate#else
627c478bdstevel@tonic-gate
637c478bdstevel@tonic-gate#include <security/cryptoki.h>
647c478bdstevel@tonic-gate#include <security/pkcs11t.h>
657c478bdstevel@tonic-gate
667c478bdstevel@tonic-gate#endif	/* _KERNEL */
677c478bdstevel@tonic-gate
687c478bdstevel@tonic-gate#define	MD5_DER_PREFIX_Len	18
697c478bdstevel@tonic-gate#define	SHA1_DER_PREFIX_Len	15
7060722ccizick#define	SHA1_DER_PREFIX_OID_Len	13
71f66d273izick#define	SHA2_DER_PREFIX_Len	19
7220d5809Dina K Nimeh#define	DEFAULT_PUB_EXPO_Len	3
737c478bdstevel@tonic-gate
747c478bdstevel@tonic-gateextern const CK_BYTE MD5_DER_PREFIX[MD5_DER_PREFIX_Len];
757c478bdstevel@tonic-gateextern const CK_BYTE SHA1_DER_PREFIX[SHA1_DER_PREFIX_Len];
7660722ccizickextern const CK_BYTE SHA1_DER_PREFIX_OID[SHA1_DER_PREFIX_OID_Len];
77f66d273izickextern const CK_BYTE SHA256_DER_PREFIX[SHA2_DER_PREFIX_Len];
78f66d273izickextern const CK_BYTE SHA384_DER_PREFIX[SHA2_DER_PREFIX_Len];
79f66d273izickextern const CK_BYTE SHA512_DER_PREFIX[SHA2_DER_PREFIX_Len];
8020d5809Dina K Nimehextern const CK_BYTE DEFAULT_PUB_EXPO[DEFAULT_PUB_EXPO_Len];
817c478bdstevel@tonic-gate
82726fad2Dina K Nimeh
83726fad2Dina K Nimeh/* RSA key using BIGNUM representations */
847c478bdstevel@tonic-gatetypedef struct {
857c478bdstevel@tonic-gate	int 	size;		/* key size in bits */
867c478bdstevel@tonic-gate	BIGNUM	p;		/* p */
877c478bdstevel@tonic-gate	BIGNUM	q;		/* q */
887c478bdstevel@tonic-gate	BIGNUM	n;		/* n = p * q (the modulus) */
897c478bdstevel@tonic-gate	BIGNUM	d;		/* private exponent */
907c478bdstevel@tonic-gate	BIGNUM	e;		/* public exponent */
91726fad2Dina K Nimeh	BIGNUM	dmodpminus1;	/* d mod (p - 1) (exponent 1) */
92726fad2Dina K Nimeh	BIGNUM	dmodqminus1;	/* d mod (q - 1) (exponent 2) */
93726fad2Dina K Nimeh	BIGNUM	pinvmodq;	/* p^(-1) mod q (the coefficient) */
947c478bdstevel@tonic-gate	BIGNUM	p_rr;		/* 2^(2*(32*p->len)) mod p */
957c478bdstevel@tonic-gate	BIGNUM	q_rr;		/* 2^(2*(32*q->len)) mod q */
967c478bdstevel@tonic-gate	BIGNUM	n_rr;		/* 2^(2*(32*n->len)) mod n */
977c478bdstevel@tonic-gate} RSAkey;
987c478bdstevel@tonic-gate
99726fad2Dina K Nimeh/* RSA key using byte string representations, useful for parameter lists */
100726fad2Dina K Nimehtypedef struct {
101726fad2Dina K Nimeh	uint32_t modulus_bits;	/* size */
102726fad2Dina K Nimeh	uchar_t	*modulus;	/* n */
103726fad2Dina K Nimeh	uint32_t privexpo_bytes;
104726fad2Dina K Nimeh	uchar_t	*privexpo;	/* d */
105726fad2Dina K Nimeh	uint32_t pubexpo_bytes;
106726fad2Dina K Nimeh	uchar_t	*pubexpo;	/* e */
107726fad2Dina K Nimeh	uint32_t prime1_bytes;
108726fad2Dina K Nimeh	uchar_t	*prime1;	/* p */
109726fad2Dina K Nimeh	uint32_t prime2_bytes;
110726fad2Dina K Nimeh	uchar_t	*prime2;	/* q */
111726fad2Dina K Nimeh	uint32_t expo1_bytes;
112726fad2Dina K Nimeh	uchar_t	*expo1;		/* = d mod (p - 1) */
113726fad2Dina K Nimeh	uint32_t expo2_bytes;
114726fad2Dina K Nimeh	uchar_t	*expo2;		/* = d mod (q - 1) */
115726fad2Dina K Nimeh	uint32_t coeff_bytes;	/* = q bytes, .... or = p bytes */
116726fad2Dina K Nimeh	uchar_t *coeff;		/* = p^(-1) mod q, or = q^(-1) mod p */
117726fad2Dina K Nimeh	int (*rfunc)(void *, size_t);	/* random function */
118726fad2Dina K Nimeh} RSAbytekey;
119726fad2Dina K Nimeh
120726fad2Dina K Nimeh
121726fad2Dina K NimehCK_RV rsa_genkey_pair(RSAbytekey *bkey);
122726fad2Dina K Nimeh
123726fad2Dina K NimehCK_RV rsa_encrypt(RSAbytekey *bkey,
124726fad2Dina K Nimeh    uchar_t *msg, uint32_t msglen, uchar_t *encrmsg);
125726fad2Dina K Nimeh
126726fad2Dina K NimehCK_RV rsa_decrypt(RSAbytekey *bkey,
127726fad2Dina K Nimeh    uchar_t *encrmsg, uint32_t encrmsglen, uchar_t *msg);
128726fad2Dina K Nimeh
129726fad2Dina K Nimeh#define	rsa_sign(key, msg, len, sig)	rsa_decrypt((key), (msg), (len), (sig))
130726fad2Dina K Nimeh#define	rsa_verify(key, msg, len, sig)	rsa_encrypt((key), (msg), (len), (sig))
1317c478bdstevel@tonic-gate
1327c478bdstevel@tonic-gate#ifdef	__cplusplus
1337c478bdstevel@tonic-gate}
1347c478bdstevel@tonic-gate#endif
1357c478bdstevel@tonic-gate
1367c478bdstevel@tonic-gate#endif /* _RSA_IMPL_H */
137