Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
BUG 836019, BUG 158747 - Move RSA PKCS#1 functionality from softoken …
…into freebl.

This includes PKCS#1 v1.5 (RSASSA / RSAES) functionality as well as the
RSA-OAEP and RSA-PSS implementations.

r=wtc

--HG--
rename : lib/softoken/rsawrapr.c => lib/freebl/rsapkcs.c
  • Loading branch information
sleevi committed Nov 25, 2013
1 parent 3a14b6e commit a02f608
Show file tree
Hide file tree
Showing 14 changed files with 2,274 additions and 1,654 deletions.
168 changes: 168 additions & 0 deletions lib/freebl/blapi.h
Expand Up @@ -107,6 +107,174 @@ extern SECStatus RSA_PrivateKeyCheck(RSAPrivateKey *key);
*/
extern SECStatus RSA_PopulatePrivateKey(RSAPrivateKey *key);

/********************************************************************
** RSA algorithm
*/

/********************************************************************
** Raw signing/encryption/decryption operations.
**
** No padding or formatting will be applied.
** inputLen MUST be equivalent to the modulus size (in bytes).
*/
extern SECStatus
RSA_SignRaw(RSAPrivateKey * key,
unsigned char * output,
unsigned int * outputLen,
unsigned int maxOutputLen,
const unsigned char * input,
unsigned int inputLen);

extern SECStatus
RSA_CheckSignRaw(RSAPublicKey * key,
const unsigned char * sig,
unsigned int sigLen,
const unsigned char * hash,
unsigned int hashLen);

extern SECStatus
RSA_CheckSignRecoverRaw(RSAPublicKey * key,
unsigned char * data,
unsigned int * dataLen,
unsigned int maxDataLen,
const unsigned char * sig,
unsigned int sigLen);

extern SECStatus
RSA_EncryptRaw(RSAPublicKey * key,
unsigned char * output,
unsigned int * outputLen,
unsigned int maxOutputLen,
const unsigned char * input,
unsigned int inputLen);

extern SECStatus
RSA_DecryptRaw(RSAPrivateKey * key,
unsigned char * output,
unsigned int * outputLen,
unsigned int maxOutputLen,
const unsigned char * input,
unsigned int inputLen);

/********************************************************************
** RSAES-OAEP encryption/decryption, as defined in RFC 3447, Section 7.1.
**
** Note: Only MGF1 is supported as the mask generation function. It will be
** used with maskHashAlg as the inner hash function.
**
** Unless performing Known Answer Tests, "seed" should be NULL, indicating that
** freebl should generate a random value. Otherwise, it should be an octet
** string of seedLen bytes, which should be the same size as the output of
** hashAlg.
*/
extern SECStatus
RSA_EncryptOAEP(RSAPublicKey * key,
HASH_HashType hashAlg,
HASH_HashType maskHashAlg,
const unsigned char * label,
unsigned int labelLen,
const unsigned char * seed,
unsigned int seedLen,
unsigned char * output,
unsigned int * outputLen,
unsigned int maxOutputLen,
const unsigned char * input,
unsigned int inputLen);

extern SECStatus
RSA_DecryptOAEP(RSAPrivateKey * key,
HASH_HashType hashAlg,
HASH_HashType maskHashAlg,
const unsigned char * label,
unsigned int labelLen,
unsigned char * output,
unsigned int * outputLen,
unsigned int maxOutputLen,
const unsigned char * input,
unsigned int inputLen);

/********************************************************************
** RSAES-PKCS1-v1_5 encryption/decryption, as defined in RFC 3447, Section 7.2.
*/
extern SECStatus
RSA_EncryptBlock(RSAPublicKey * key,
unsigned char * output,
unsigned int * outputLen,
unsigned int maxOutputLen,
const unsigned char * input,
unsigned int inputLen);

extern SECStatus
RSA_DecryptBlock(RSAPrivateKey * key,
unsigned char * output,
unsigned int * outputLen,
unsigned int maxOutputLen,
const unsigned char * input,
unsigned int inputLen);

/********************************************************************
** RSASSA-PSS signing/verifying, as defined in RFC 3447, Section 8.1.
**
** Note: Only MGF1 is supported as the mask generation function. It will be
** used with maskHashAlg as the inner hash function.
**
** Unless performing Known Answer Tests, "salt" should be NULL, indicating that
** freebl should generate a random value.
*/
extern SECStatus
RSA_SignPSS(RSAPrivateKey * key,
HASH_HashType hashAlg,
HASH_HashType maskHashAlg,
const unsigned char * salt,
unsigned int saltLen,
unsigned char * output,
unsigned int * outputLen,
unsigned int maxOutputLen,
const unsigned char * input,
unsigned int inputLen);

extern SECStatus
RSA_CheckSignPSS(RSAPublicKey * key,
HASH_HashType hashAlg,
HASH_HashType maskHashAlg,
unsigned int saltLen,
const unsigned char * sig,
unsigned int sigLen,
const unsigned char * hash,
unsigned int hashLen);

/********************************************************************
** RSASSA-PKCS1-v1_5 signing/verifying, as defined in RFC 3447, Section 8.2.
**
** These functions expect as input to be the raw value to be signed. For most
** cases using PKCS1-v1_5, this should be the value of T, the DER-encoded
** DigestInfo structure defined in Section 9.2, Step 2.
** Note: This can also be used for signatures that use PKCS1-v1_5 padding, such
** as the signatures used in SSL/TLS, which sign a raw hash.
*/
extern SECStatus
RSA_Sign(RSAPrivateKey * key,
unsigned char * output,
unsigned int * outputLen,
unsigned int maxOutputLen,
const unsigned char * data,
unsigned int dataLen);

extern SECStatus
RSA_CheckSign(RSAPublicKey * key,
const unsigned char * sig,
unsigned int sigLen,
const unsigned char * data,
unsigned int dataLen);

extern SECStatus
RSA_CheckSignRecover(RSAPublicKey * key,
unsigned char * output,
unsigned int * outputLen,
unsigned int maxOutputLen,
const unsigned char * sig,
unsigned int sigLen);

/********************************************************************
** DSA signing algorithm
*/
Expand Down
19 changes: 18 additions & 1 deletion lib/freebl/ldvector.c
Expand Up @@ -263,9 +263,26 @@ static const struct FREEBLVectorStr vector =
/* End of Version 3.014 */

HMAC_ConstantTime,
SSLv3_MAC_ConstantTime
SSLv3_MAC_ConstantTime,

/* End of Version 3.015 */

RSA_SignRaw,
RSA_CheckSignRaw,
RSA_CheckSignRecoverRaw,
RSA_EncryptRaw,
RSA_DecryptRaw,
RSA_EncryptOAEP,
RSA_DecryptOAEP,
RSA_EncryptBlock,
RSA_DecryptBlock,
RSA_SignPSS,
RSA_CheckSignPSS,
RSA_Sign,
RSA_CheckSign,
RSA_CheckSignRecover

/* End of Version 3.016 */
};

const FREEBLVector *
Expand Down
185 changes: 185 additions & 0 deletions lib/freebl/loader.c
Expand Up @@ -1906,3 +1906,188 @@ HMAC_ConstantTime(
header, headerLen,
body, bodyLen, bodyTotalLen);
}

SECStatus RSA_SignRaw(RSAPrivateKey *key,
unsigned char *output,
unsigned int *outputLen,
unsigned int maxOutputLen,
const unsigned char *input,
unsigned int inputLen) {
if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
return SECFailure;
return (vector->p_RSA_SignRaw)(key, output, outputLen, maxOutputLen, input,
inputLen);
}

SECStatus RSA_CheckSignRaw(RSAPublicKey *key,
const unsigned char *sig,
unsigned int sigLen,
const unsigned char *hash,
unsigned int hashLen) {
if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
return SECFailure;
return (vector->p_RSA_CheckSignRaw)(key, sig, sigLen, hash, hashLen);
}

SECStatus RSA_CheckSignRecoverRaw(RSAPublicKey *key,
unsigned char *data,
unsigned int *dataLen,
unsigned int maxDataLen,
const unsigned char *sig,
unsigned int sigLen) {
if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
return SECFailure;
return (vector->p_RSA_CheckSignRecoverRaw)(key, data, dataLen, maxDataLen,
sig, sigLen);
}

SECStatus RSA_EncryptRaw(RSAPublicKey *key,
unsigned char *output,
unsigned int *outputLen,
unsigned int maxOutputLen,
const unsigned char *input,
unsigned int inputLen) {
if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
return SECFailure;
return (vector->p_RSA_EncryptRaw)(key, output, outputLen, maxOutputLen,
input, inputLen);
}

SECStatus RSA_DecryptRaw(RSAPrivateKey *key,
unsigned char *output,
unsigned int *outputLen,
unsigned int maxOutputLen,
const unsigned char *input,
unsigned int inputLen) {
if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
return SECFailure;
return (vector->p_RSA_DecryptRaw)(key, output, outputLen, maxOutputLen,
input, inputLen);

}

SECStatus RSA_EncryptOAEP(RSAPublicKey *key,
HASH_HashType hashAlg,
HASH_HashType maskHashAlg,
const unsigned char *label,
unsigned int labelLen,
const unsigned char *seed,
unsigned int seedLen,
unsigned char *output,
unsigned int *outputLen,
unsigned int maxOutputLen,
const unsigned char *input,
unsigned int inputLen) {
if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
return SECFailure;
return (vector->p_RSA_EncryptOAEP)(key, hashAlg, maskHashAlg, label,
labelLen, seed, seedLen, output,
outputLen, maxOutputLen, input, inputLen);
}

SECStatus RSA_DecryptOAEP(RSAPrivateKey *key,
HASH_HashType hashAlg,
HASH_HashType maskHashAlg,
const unsigned char *label,
unsigned int labelLen,
unsigned char *output,
unsigned int *outputLen,
unsigned int maxOutputLen,
const unsigned char *input,
unsigned int inputLen) {
if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
return SECFailure;
return (vector->p_RSA_DecryptOAEP)(key, hashAlg, maskHashAlg, label,
labelLen, output, outputLen,
maxOutputLen, input, inputLen);
}

SECStatus RSA_EncryptBlock(RSAPublicKey *key,
unsigned char *output,
unsigned int *outputLen,
unsigned int maxOutputLen,
const unsigned char *input,
unsigned int inputLen) {
if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
return SECFailure;
return (vector->p_RSA_EncryptBlock)(key, output, outputLen, maxOutputLen,
input, inputLen);
}

SECStatus RSA_DecryptBlock(RSAPrivateKey *key,
unsigned char *output,
unsigned int *outputLen,
unsigned int maxOutputLen,
const unsigned char *input,
unsigned int inputLen) {
if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
return SECFailure;
return (vector->p_RSA_DecryptBlock)(key, output, outputLen, maxOutputLen,
input, inputLen);
}

SECStatus RSA_SignPSS(RSAPrivateKey *key,
HASH_HashType hashAlg,
HASH_HashType maskHashAlg,
const unsigned char *salt,
unsigned int saltLen,
unsigned char *output,
unsigned int *outputLen,
unsigned int maxOutputLen,
const unsigned char *input,
unsigned int inputLen) {
if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
return SECFailure;
return (vector->p_RSA_SignPSS)(key, hashAlg, maskHashAlg, salt, saltLen,
output, outputLen, maxOutputLen, input,
inputLen);
}

SECStatus RSA_CheckSignPSS(RSAPublicKey *key,
HASH_HashType hashAlg,
HASH_HashType maskHashAlg,
unsigned int saltLen,
const unsigned char *sig,
unsigned int sigLen,
const unsigned char *hash,
unsigned int hashLen) {
if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
return SECFailure;
return (vector->p_RSA_CheckSignPSS)(key, hashAlg, maskHashAlg, saltLen,
sig, sigLen, hash, hashLen);
}

SECStatus RSA_Sign(RSAPrivateKey *key,
unsigned char *output,
unsigned int *outputLen,
unsigned int maxOutputLen,
const unsigned char *input,
unsigned int inputLen) {
if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
return SECFailure;
return (vector->p_RSA_Sign)(key, output, outputLen, maxOutputLen, input,
inputLen);
}

SECStatus RSA_CheckSign(RSAPublicKey *key,
const unsigned char *sig,
unsigned int sigLen,
const unsigned char *data,
unsigned int dataLen) {
if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
return SECFailure;
return (vector->p_RSA_CheckSign)(key, sig, sigLen, data, dataLen);

}

SECStatus RSA_CheckSignRecover(RSAPublicKey *key,
unsigned char *output,
unsigned int *outputLen,
unsigned int maxOutputLen,
const unsigned char *sig,
unsigned int sigLen) {
if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
return SECFailure;
return (vector->p_RSA_CheckSignRecover)(key, output, outputLen, maxOutputLen,
sig, sigLen);
}

0 comments on commit a02f608

Please sign in to comment.