1 /*
   2  * CDDL HEADER START
   3  *
   4  * The contents of this file are subject to the terms of the
   5  * Common Development and Distribution License (the "License").
   6  * You may not use this file except in compliance with the License.
   7  *
   8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
   9  * or http://www.opensolaris.org/os/licensing.
  10  * See the License for the specific language governing permissions
  11  * and limitations under the License.
  12  *
  13  * When distributing Covered Code, include this CDDL HEADER in each
  14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  15  * If applicable, add the following below this CDDL HEADER, with the
  16  * fields enclosed by brackets "[]" replaced with your own identifying
  17  * information: Portions Copyright [yyyy] [name of copyright owner]
  18  *
  19  * CDDL HEADER END
  20  */
  21 
  22 /*
  23  * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
  24  */
  25 
  26 #ifndef _RSA_IMPL_H
  27 #define _RSA_IMPL_H
  28 
  29 #ifdef __cplusplus
  30 extern "C" {
  31 #endif
  32 
  33 #include <sys/types.h>
  34 #include <bignum.h>
  35 
  36 #define MIN_RSA_KEYLENGTH_IN_BYTES      32
  37 #define MAX_RSA_KEYLENGTH_IN_BYTES      512
  38 #define RSA_MIN_KEY_LEN 256     /* RSA min key length in bits */
  39 #define RSA_MAX_KEY_LEN 4096    /* RSA max key length in bits */
  40 
  41 #ifdef _KERNEL
  42 
  43 #include <sys/sunddi.h>
  44 #include <sys/crypto/common.h>
  45 
  46 #define CK_BYTE                 uchar_t
  47 #define CK_ULONG                ulong_t
  48 #define CK_RV                   int
  49 
  50 #define CKR_OK                  CRYPTO_SUCCESS
  51 #define CKR_ARGUMENTS_BAD       CRYPTO_ARGUMENTS_BAD
  52 #define CKR_DATA_LEN_RANGE      CRYPTO_DATA_LEN_RANGE
  53 #define CKR_DEVICE_ERROR        CRYPTO_DEVICE_ERROR
  54 #define CKR_GENERAL_ERROR       CRYPTO_GENERAL_ERROR
  55 #define CKR_HOST_MEMORY         CRYPTO_HOST_MEMORY
  56 #define CKR_KEY_SIZE_RANGE      CRYPTO_KEY_SIZE_RANGE
  57 
  58 int random_get_bytes(uint8_t *ran_out, size_t ran_len);
  59 int random_get_pseudo_bytes(uint8_t *ran_out, size_t ran_len);
  60 
  61 #else
  62 
  63 #include <security/cryptoki.h>
  64 #include <security/pkcs11t.h>
  65 
  66 #endif  /* _KERNEL */
  67 
  68 #define MD5_DER_PREFIX_Len      18
  69 #define SHA1_DER_PREFIX_Len     15
  70 #define SHA1_DER_PREFIX_OID_Len 13
  71 #define SHA2_DER_PREFIX_Len     19
  72 #define DEFAULT_PUB_EXPO_Len    3
  73 
  74 extern const CK_BYTE MD5_DER_PREFIX[MD5_DER_PREFIX_Len];
  75 extern const CK_BYTE SHA1_DER_PREFIX[SHA1_DER_PREFIX_Len];
  76 extern const CK_BYTE SHA1_DER_PREFIX_OID[SHA1_DER_PREFIX_OID_Len];
  77 extern const CK_BYTE SHA256_DER_PREFIX[SHA2_DER_PREFIX_Len];
  78 extern const CK_BYTE SHA384_DER_PREFIX[SHA2_DER_PREFIX_Len];
  79 extern const CK_BYTE SHA512_DER_PREFIX[SHA2_DER_PREFIX_Len];
  80 extern const CK_BYTE DEFAULT_PUB_EXPO[DEFAULT_PUB_EXPO_Len];
  81 
  82 
  83 /* RSA key using BIGNUM representations */
  84 typedef struct {
  85         int     size;           /* key size in bits */
  86         BIGNUM  p;              /* p */
  87         BIGNUM  q;              /* q */
  88         BIGNUM  n;              /* n = p * q (the modulus) */
  89         BIGNUM  d;              /* private exponent */
  90         BIGNUM  e;              /* public exponent */
  91         BIGNUM  dmodpminus1;    /* d mod (p - 1) (exponent 1) */
  92         BIGNUM  dmodqminus1;    /* d mod (q - 1) (exponent 2) */
  93         BIGNUM  pinvmodq;       /* p^(-1) mod q (the coefficient) */
  94         BIGNUM  p_rr;           /* 2^(2*(32*p->len)) mod p */
  95         BIGNUM  q_rr;           /* 2^(2*(32*q->len)) mod q */
  96         BIGNUM  n_rr;           /* 2^(2*(32*n->len)) mod n */
  97 } RSAkey;
  98 
  99 /* RSA key using byte string representations, useful for parameter lists */
 100 typedef struct {
 101         uint32_t modulus_bits;  /* size */
 102         uchar_t *modulus;       /* n */
 103         uint32_t privexpo_bytes;
 104         uchar_t *privexpo;      /* d */
 105         uint32_t pubexpo_bytes;
 106         uchar_t *pubexpo;       /* e */
 107         uint32_t prime1_bytes;
 108         uchar_t *prime1;        /* p */
 109         uint32_t prime2_bytes;
 110         uchar_t *prime2;        /* q */
 111         uint32_t expo1_bytes;
 112         uchar_t *expo1;         /* = d mod (p - 1) */
 113         uint32_t expo2_bytes;
 114         uchar_t *expo2;         /* = d mod (q - 1) */
 115         uint32_t coeff_bytes;   /* = q bytes, .... or = p bytes */
 116         uchar_t *coeff;         /* = p^(-1) mod q, or = q^(-1) mod p */
 117         int (*rfunc)(void *, size_t);   /* random function */
 118 } RSAbytekey;
 119 
 120 
 121 CK_RV rsa_genkey_pair(RSAbytekey *bkey);
 122 
 123 CK_RV rsa_encrypt(RSAbytekey *bkey,
 124     uchar_t *msg, uint32_t msglen, uchar_t *encrmsg);
 125 
 126 CK_RV rsa_decrypt(RSAbytekey *bkey,
 127     uchar_t *encrmsg, uint32_t encrmsglen, uchar_t *msg);
 128 
 129 #define rsa_sign(key, msg, len, sig)    rsa_decrypt((key), (msg), (len), (sig))
 130 #define rsa_verify(key, msg, len, sig)  rsa_encrypt((key), (msg), (len), (sig))
 131 
 132 #ifdef  __cplusplus
 133 }
 134 #endif
 135 
 136 #endif /* _RSA_IMPL_H */