Lines Matching refs:ctx
91 int mbedtls_rsa_import( mbedtls_rsa_context *ctx, in mbedtls_rsa_import() argument
97 RSA_VALIDATE_RET( ctx != NULL ); in mbedtls_rsa_import()
99 if( ( N != NULL && ( ret = mbedtls_mpi_copy( &ctx->N, N ) ) != 0 ) || in mbedtls_rsa_import()
100 ( P != NULL && ( ret = mbedtls_mpi_copy( &ctx->P, P ) ) != 0 ) || in mbedtls_rsa_import()
101 ( Q != NULL && ( ret = mbedtls_mpi_copy( &ctx->Q, Q ) ) != 0 ) || in mbedtls_rsa_import()
102 ( D != NULL && ( ret = mbedtls_mpi_copy( &ctx->D, D ) ) != 0 ) || in mbedtls_rsa_import()
103 ( E != NULL && ( ret = mbedtls_mpi_copy( &ctx->E, E ) ) != 0 ) ) in mbedtls_rsa_import()
109 ctx->len = mbedtls_mpi_size( &ctx->N ); in mbedtls_rsa_import()
114 int mbedtls_rsa_import_raw( mbedtls_rsa_context *ctx, in mbedtls_rsa_import_raw() argument
122 RSA_VALIDATE_RET( ctx != NULL ); in mbedtls_rsa_import_raw()
126 MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->N, N, N_len ) ); in mbedtls_rsa_import_raw()
127 ctx->len = mbedtls_mpi_size( &ctx->N ); in mbedtls_rsa_import_raw()
131 MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->P, P, P_len ) ); in mbedtls_rsa_import_raw()
134 MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->Q, Q, Q_len ) ); in mbedtls_rsa_import_raw()
137 MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->D, D, D_len ) ); in mbedtls_rsa_import_raw()
140 MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->E, E, E_len ) ); in mbedtls_rsa_import_raw()
155 static int rsa_check_context( mbedtls_rsa_context const *ctx, int is_priv, in rsa_check_context() argument
164 if( ctx->len != mbedtls_mpi_size( &ctx->N ) || in rsa_check_context()
165 ctx->len > MBEDTLS_MPI_MAX_SIZE ) in rsa_check_context()
176 if( mbedtls_mpi_cmp_int( &ctx->N, 0 ) <= 0 || in rsa_check_context()
177 mbedtls_mpi_get_bit( &ctx->N, 0 ) == 0 ) in rsa_check_context()
187 ( mbedtls_mpi_cmp_int( &ctx->P, 0 ) <= 0 || in rsa_check_context()
188 mbedtls_mpi_get_bit( &ctx->P, 0 ) == 0 || in rsa_check_context()
189 mbedtls_mpi_cmp_int( &ctx->Q, 0 ) <= 0 || in rsa_check_context()
190 mbedtls_mpi_get_bit( &ctx->Q, 0 ) == 0 ) ) in rsa_check_context()
201 if( mbedtls_mpi_cmp_int( &ctx->E, 0 ) <= 0 ) in rsa_check_context()
207 if( is_priv && mbedtls_mpi_cmp_int( &ctx->D, 0 ) <= 0 ) in rsa_check_context()
211 ( mbedtls_mpi_cmp_int( &ctx->DP, 0 ) <= 0 || in rsa_check_context()
212 mbedtls_mpi_cmp_int( &ctx->DQ, 0 ) <= 0 ) ) in rsa_check_context()
223 ( mbedtls_mpi_cmp_int( &ctx->P, 0 ) <= 0 || in rsa_check_context()
224 mbedtls_mpi_cmp_int( &ctx->Q, 0 ) <= 0 ) ) in rsa_check_context()
234 mbedtls_mpi_cmp_int( &ctx->QP, 0 ) <= 0 ) in rsa_check_context()
243 int mbedtls_rsa_complete( mbedtls_rsa_context *ctx ) in mbedtls_rsa_complete() argument
252 RSA_VALIDATE_RET( ctx != NULL ); in mbedtls_rsa_complete()
254 have_N = ( mbedtls_mpi_cmp_int( &ctx->N, 0 ) != 0 ); in mbedtls_rsa_complete()
255 have_P = ( mbedtls_mpi_cmp_int( &ctx->P, 0 ) != 0 ); in mbedtls_rsa_complete()
256 have_Q = ( mbedtls_mpi_cmp_int( &ctx->Q, 0 ) != 0 ); in mbedtls_rsa_complete()
257 have_D = ( mbedtls_mpi_cmp_int( &ctx->D, 0 ) != 0 ); in mbedtls_rsa_complete()
258 have_E = ( mbedtls_mpi_cmp_int( &ctx->E, 0 ) != 0 ); in mbedtls_rsa_complete()
261 have_DP = ( mbedtls_mpi_cmp_int( &ctx->DP, 0 ) != 0 ); in mbedtls_rsa_complete()
262 have_DQ = ( mbedtls_mpi_cmp_int( &ctx->DQ, 0 ) != 0 ); in mbedtls_rsa_complete()
263 have_QP = ( mbedtls_mpi_cmp_int( &ctx->QP, 0 ) != 0 ); in mbedtls_rsa_complete()
293 if( ( ret = mbedtls_mpi_mul_mpi( &ctx->N, &ctx->P, in mbedtls_rsa_complete()
294 &ctx->Q ) ) != 0 ) in mbedtls_rsa_complete()
299 ctx->len = mbedtls_mpi_size( &ctx->N ); in mbedtls_rsa_complete()
308 ret = mbedtls_rsa_deduce_primes( &ctx->N, &ctx->E, &ctx->D, in mbedtls_rsa_complete()
309 &ctx->P, &ctx->Q ); in mbedtls_rsa_complete()
316 if( ( ret = mbedtls_rsa_deduce_private_exponent( &ctx->P, in mbedtls_rsa_complete()
317 &ctx->Q, in mbedtls_rsa_complete()
318 &ctx->E, in mbedtls_rsa_complete()
319 &ctx->D ) ) != 0 ) in mbedtls_rsa_complete()
333 ret = mbedtls_rsa_deduce_crt( &ctx->P, &ctx->Q, &ctx->D, in mbedtls_rsa_complete()
334 &ctx->DP, &ctx->DQ, &ctx->QP ); in mbedtls_rsa_complete()
344 return( rsa_check_context( ctx, is_priv, 1 ) ); in mbedtls_rsa_complete()
347 int mbedtls_rsa_export_raw( const mbedtls_rsa_context *ctx, in mbedtls_rsa_export_raw() argument
356 RSA_VALIDATE_RET( ctx != NULL ); in mbedtls_rsa_export_raw()
360 mbedtls_mpi_cmp_int( &ctx->N, 0 ) != 0 && in mbedtls_rsa_export_raw()
361 mbedtls_mpi_cmp_int( &ctx->P, 0 ) != 0 && in mbedtls_rsa_export_raw()
362 mbedtls_mpi_cmp_int( &ctx->Q, 0 ) != 0 && in mbedtls_rsa_export_raw()
363 mbedtls_mpi_cmp_int( &ctx->D, 0 ) != 0 && in mbedtls_rsa_export_raw()
364 mbedtls_mpi_cmp_int( &ctx->E, 0 ) != 0; in mbedtls_rsa_export_raw()
376 MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->N, N, N_len ) ); in mbedtls_rsa_export_raw()
379 MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->P, P, P_len ) ); in mbedtls_rsa_export_raw()
382 MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->Q, Q, Q_len ) ); in mbedtls_rsa_export_raw()
385 MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->D, D, D_len ) ); in mbedtls_rsa_export_raw()
388 MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->E, E, E_len ) ); in mbedtls_rsa_export_raw()
395 int mbedtls_rsa_export( const mbedtls_rsa_context *ctx, in mbedtls_rsa_export() argument
401 RSA_VALIDATE_RET( ctx != NULL ); in mbedtls_rsa_export()
405 mbedtls_mpi_cmp_int( &ctx->N, 0 ) != 0 && in mbedtls_rsa_export()
406 mbedtls_mpi_cmp_int( &ctx->P, 0 ) != 0 && in mbedtls_rsa_export()
407 mbedtls_mpi_cmp_int( &ctx->Q, 0 ) != 0 && in mbedtls_rsa_export()
408 mbedtls_mpi_cmp_int( &ctx->D, 0 ) != 0 && in mbedtls_rsa_export()
409 mbedtls_mpi_cmp_int( &ctx->E, 0 ) != 0; in mbedtls_rsa_export()
422 if( ( N != NULL && ( ret = mbedtls_mpi_copy( N, &ctx->N ) ) != 0 ) || in mbedtls_rsa_export()
423 ( P != NULL && ( ret = mbedtls_mpi_copy( P, &ctx->P ) ) != 0 ) || in mbedtls_rsa_export()
424 ( Q != NULL && ( ret = mbedtls_mpi_copy( Q, &ctx->Q ) ) != 0 ) || in mbedtls_rsa_export()
425 ( D != NULL && ( ret = mbedtls_mpi_copy( D, &ctx->D ) ) != 0 ) || in mbedtls_rsa_export()
426 ( E != NULL && ( ret = mbedtls_mpi_copy( E, &ctx->E ) ) != 0 ) ) in mbedtls_rsa_export()
440 int mbedtls_rsa_export_crt( const mbedtls_rsa_context *ctx, in mbedtls_rsa_export_crt() argument
445 RSA_VALIDATE_RET( ctx != NULL ); in mbedtls_rsa_export_crt()
449 mbedtls_mpi_cmp_int( &ctx->N, 0 ) != 0 && in mbedtls_rsa_export_crt()
450 mbedtls_mpi_cmp_int( &ctx->P, 0 ) != 0 && in mbedtls_rsa_export_crt()
451 mbedtls_mpi_cmp_int( &ctx->Q, 0 ) != 0 && in mbedtls_rsa_export_crt()
452 mbedtls_mpi_cmp_int( &ctx->D, 0 ) != 0 && in mbedtls_rsa_export_crt()
453 mbedtls_mpi_cmp_int( &ctx->E, 0 ) != 0; in mbedtls_rsa_export_crt()
460 if( ( DP != NULL && ( ret = mbedtls_mpi_copy( DP, &ctx->DP ) ) != 0 ) || in mbedtls_rsa_export_crt()
461 ( DQ != NULL && ( ret = mbedtls_mpi_copy( DQ, &ctx->DQ ) ) != 0 ) || in mbedtls_rsa_export_crt()
462 ( QP != NULL && ( ret = mbedtls_mpi_copy( QP, &ctx->QP ) ) != 0 ) ) in mbedtls_rsa_export_crt()
467 if( ( ret = mbedtls_rsa_deduce_crt( &ctx->P, &ctx->Q, &ctx->D, in mbedtls_rsa_export_crt()
480 void mbedtls_rsa_init( mbedtls_rsa_context *ctx, in mbedtls_rsa_init() argument
484 RSA_VALIDATE( ctx != NULL ); in mbedtls_rsa_init()
488 memset( ctx, 0, sizeof( mbedtls_rsa_context ) ); in mbedtls_rsa_init()
490 mbedtls_rsa_set_padding( ctx, padding, hash_id ); in mbedtls_rsa_init()
495 ctx->ver = 1; in mbedtls_rsa_init()
496 mbedtls_mutex_init( &ctx->mutex ); in mbedtls_rsa_init()
503 void mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding, in mbedtls_rsa_set_padding() argument
506 RSA_VALIDATE( ctx != NULL ); in mbedtls_rsa_set_padding()
510 ctx->padding = padding; in mbedtls_rsa_set_padding()
511 ctx->hash_id = hash_id; in mbedtls_rsa_set_padding()
518 size_t mbedtls_rsa_get_len( const mbedtls_rsa_context *ctx ) in mbedtls_rsa_get_len() argument
520 return( ctx->len ); in mbedtls_rsa_get_len()
532 int mbedtls_rsa_gen_key( mbedtls_rsa_context *ctx, in mbedtls_rsa_gen_key() argument
540 RSA_VALIDATE_RET( ctx != NULL ); in mbedtls_rsa_gen_key()
567 MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &ctx->E, exponent ) ); in mbedtls_rsa_gen_key()
571 MBEDTLS_MPI_CHK( mbedtls_mpi_gen_prime( &ctx->P, nbits >> 1, in mbedtls_rsa_gen_key()
574 MBEDTLS_MPI_CHK( mbedtls_mpi_gen_prime( &ctx->Q, nbits >> 1, in mbedtls_rsa_gen_key()
578 MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( &H, &ctx->P, &ctx->Q ) ); in mbedtls_rsa_gen_key()
584 mbedtls_mpi_swap( &ctx->P, &ctx->Q ); in mbedtls_rsa_gen_key()
587 MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &ctx->P, &ctx->P, 1 ) ); in mbedtls_rsa_gen_key()
588 MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &ctx->Q, &ctx->Q, 1 ) ); in mbedtls_rsa_gen_key()
589 MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &H, &ctx->P, &ctx->Q ) ); in mbedtls_rsa_gen_key()
592 MBEDTLS_MPI_CHK( mbedtls_mpi_gcd( &G, &ctx->E, &H ) ); in mbedtls_rsa_gen_key()
597 MBEDTLS_MPI_CHK( mbedtls_mpi_gcd( &G, &ctx->P, &ctx->Q ) ); in mbedtls_rsa_gen_key()
599 MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &ctx->D, &ctx->E, &L ) ); in mbedtls_rsa_gen_key()
601 … if( mbedtls_mpi_bitlen( &ctx->D ) <= ( ( nbits + 1 ) / 2 ) ) // (FIPS 186-4 §B.3.1 criterion 3(a)) in mbedtls_rsa_gen_key()
609 MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( &ctx->P, &ctx->P, 1 ) ); in mbedtls_rsa_gen_key()
610 MBEDTLS_MPI_CHK( mbedtls_mpi_add_int( &ctx->Q, &ctx->Q, 1 ) ); in mbedtls_rsa_gen_key()
612 MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->N, &ctx->P, &ctx->Q ) ); in mbedtls_rsa_gen_key()
614 ctx->len = mbedtls_mpi_size( &ctx->N ); in mbedtls_rsa_gen_key()
622 MBEDTLS_MPI_CHK( mbedtls_rsa_deduce_crt( &ctx->P, &ctx->Q, &ctx->D, in mbedtls_rsa_gen_key()
623 &ctx->DP, &ctx->DQ, &ctx->QP ) ); in mbedtls_rsa_gen_key()
627 MBEDTLS_MPI_CHK( mbedtls_rsa_check_privkey( ctx ) ); in mbedtls_rsa_gen_key()
637 mbedtls_rsa_free( ctx ); in mbedtls_rsa_gen_key()
652 int mbedtls_rsa_check_pubkey( const mbedtls_rsa_context *ctx ) in mbedtls_rsa_check_pubkey() argument
654 RSA_VALIDATE_RET( ctx != NULL ); in mbedtls_rsa_check_pubkey()
656 if( rsa_check_context( ctx, 0 /* public */, 0 /* no blinding */ ) != 0 ) in mbedtls_rsa_check_pubkey()
659 if( mbedtls_mpi_bitlen( &ctx->N ) < 128 ) in mbedtls_rsa_check_pubkey()
664 if( mbedtls_mpi_get_bit( &ctx->E, 0 ) == 0 || in mbedtls_rsa_check_pubkey()
665 mbedtls_mpi_bitlen( &ctx->E ) < 2 || in mbedtls_rsa_check_pubkey()
666 mbedtls_mpi_cmp_mpi( &ctx->E, &ctx->N ) >= 0 ) in mbedtls_rsa_check_pubkey()
677 int mbedtls_rsa_check_privkey( const mbedtls_rsa_context *ctx ) in mbedtls_rsa_check_privkey() argument
679 RSA_VALIDATE_RET( ctx != NULL ); in mbedtls_rsa_check_privkey()
681 if( mbedtls_rsa_check_pubkey( ctx ) != 0 || in mbedtls_rsa_check_privkey()
682 rsa_check_context( ctx, 1 /* private */, 1 /* blinding */ ) != 0 ) in mbedtls_rsa_check_privkey()
687 if( mbedtls_rsa_validate_params( &ctx->N, &ctx->P, &ctx->Q, in mbedtls_rsa_check_privkey()
688 &ctx->D, &ctx->E, NULL, NULL ) != 0 ) in mbedtls_rsa_check_privkey()
694 else if( mbedtls_rsa_validate_crt( &ctx->P, &ctx->Q, &ctx->D, in mbedtls_rsa_check_privkey()
695 &ctx->DP, &ctx->DQ, &ctx->QP ) != 0 ) in mbedtls_rsa_check_privkey()
731 int mbedtls_rsa_public( mbedtls_rsa_context *ctx, in mbedtls_rsa_public() argument
738 RSA_VALIDATE_RET( ctx != NULL ); in mbedtls_rsa_public()
742 if( rsa_check_context( ctx, 0 /* public */, 0 /* no blinding */ ) ) in mbedtls_rsa_public()
748 if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) in mbedtls_rsa_public()
752 MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &T, input, ctx->len ) ); in mbedtls_rsa_public()
754 if( mbedtls_mpi_cmp_mpi( &T, &ctx->N ) >= 0 ) in mbedtls_rsa_public()
760 olen = ctx->len; in mbedtls_rsa_public()
761 MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &T, &T, &ctx->E, &ctx->N, &ctx->RN ) ); in mbedtls_rsa_public()
766 if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) in mbedtls_rsa_public()
784 static int rsa_prepare_blinding( mbedtls_rsa_context *ctx, in rsa_prepare_blinding() argument
792 if( ctx->Vf.p != NULL ) in rsa_prepare_blinding()
795 MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vi, &ctx->Vi, &ctx->Vi ) ); in rsa_prepare_blinding()
796 MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vi, &ctx->Vi, &ctx->N ) ); in rsa_prepare_blinding()
797 MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vf, &ctx->Vf, &ctx->Vf ) ); in rsa_prepare_blinding()
798 MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vf, &ctx->Vf, &ctx->N ) ); in rsa_prepare_blinding()
811 MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &ctx->Vf, ctx->len - 1, f_rng, p_rng ) ); in rsa_prepare_blinding()
814 MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &R, ctx->len - 1, f_rng, p_rng ) ); in rsa_prepare_blinding()
815 MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vi, &ctx->Vf, &R ) ); in rsa_prepare_blinding()
816 MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vi, &ctx->Vi, &ctx->N ) ); in rsa_prepare_blinding()
822 ret = mbedtls_mpi_inv_mod( &ctx->Vi, &ctx->Vi, &ctx->N ); in rsa_prepare_blinding()
829 MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vi, &ctx->Vi, &R ) ); in rsa_prepare_blinding()
830 MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vi, &ctx->Vi, &ctx->N ) ); in rsa_prepare_blinding()
834 MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &ctx->Vi, &ctx->Vi, &ctx->E, &ctx->N, &ctx->RN ) ); in rsa_prepare_blinding()
867 int mbedtls_rsa_private( mbedtls_rsa_context *ctx, in mbedtls_rsa_private() argument
893 mbedtls_mpi *DP = &ctx->DP; in mbedtls_rsa_private()
894 mbedtls_mpi *DQ = &ctx->DQ; in mbedtls_rsa_private()
901 mbedtls_mpi *D = &ctx->D; in mbedtls_rsa_private()
908 RSA_VALIDATE_RET( ctx != NULL ); in mbedtls_rsa_private()
912 if( rsa_check_context( ctx, 1 /* private key checks */, in mbedtls_rsa_private()
919 if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 ) in mbedtls_rsa_private()
949 MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &T, input, ctx->len ) ); in mbedtls_rsa_private()
950 if( mbedtls_mpi_cmp_mpi( &T, &ctx->N ) >= 0 ) in mbedtls_rsa_private()
964 MBEDTLS_MPI_CHK( rsa_prepare_blinding( ctx, f_rng, p_rng ) ); in mbedtls_rsa_private()
965 MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T, &T, &ctx->Vi ) ); in mbedtls_rsa_private()
966 MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &T, &T, &ctx->N ) ); in mbedtls_rsa_private()
971 MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &P1, &ctx->P, 1 ) ); in mbedtls_rsa_private()
972 MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &Q1, &ctx->Q, 1 ) ); in mbedtls_rsa_private()
982 MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &D_blind, &D_blind, &ctx->D ) ); in mbedtls_rsa_private()
993 &ctx->DP ) ); in mbedtls_rsa_private()
1004 &ctx->DQ ) ); in mbedtls_rsa_private()
1011 MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &T, &T, D, &ctx->N, &ctx->RN ) ); in mbedtls_rsa_private()
1020 MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &TP, &T, DP, &ctx->P, &ctx->RP ) ); in mbedtls_rsa_private()
1021 MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &TQ, &T, DQ, &ctx->Q, &ctx->RQ ) ); in mbedtls_rsa_private()
1027 MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &TP, &T, &ctx->QP ) ); in mbedtls_rsa_private()
1028 MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &T, &TP, &ctx->P ) ); in mbedtls_rsa_private()
1033 MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &TP, &T, &ctx->Q ) ); in mbedtls_rsa_private()
1043 MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T, &T, &ctx->Vf ) ); in mbedtls_rsa_private()
1044 MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &T, &T, &ctx->N ) ); in mbedtls_rsa_private()
1048 MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &C, &T, &ctx->E, in mbedtls_rsa_private()
1049 &ctx->N, &ctx->RN ) ); in mbedtls_rsa_private()
1056 olen = ctx->len; in mbedtls_rsa_private()
1061 if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 ) in mbedtls_rsa_private()
1156 int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx, in mbedtls_rsa_rsaes_oaep_encrypt() argument
1172 RSA_VALIDATE_RET( ctx != NULL ); in mbedtls_rsa_rsaes_oaep_encrypt()
1179 if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21 ) in mbedtls_rsa_rsaes_oaep_encrypt()
1185 md_info = mbedtls_md_info_from_type( (mbedtls_md_type_t) ctx->hash_id ); in mbedtls_rsa_rsaes_oaep_encrypt()
1189 olen = ctx->len; in mbedtls_rsa_rsaes_oaep_encrypt()
1236 ? mbedtls_rsa_public( ctx, output, output ) in mbedtls_rsa_rsaes_oaep_encrypt()
1237 : mbedtls_rsa_private( ctx, f_rng, p_rng, output, output ) ); in mbedtls_rsa_rsaes_oaep_encrypt()
1245 int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx, in mbedtls_rsa_rsaes_pkcs1_v15_encrypt() argument
1256 RSA_VALIDATE_RET( ctx != NULL ); in mbedtls_rsa_rsaes_pkcs1_v15_encrypt()
1262 if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 ) in mbedtls_rsa_rsaes_pkcs1_v15_encrypt()
1265 olen = ctx->len; in mbedtls_rsa_rsaes_pkcs1_v15_encrypt()
1309 ? mbedtls_rsa_public( ctx, output, output ) in mbedtls_rsa_rsaes_pkcs1_v15_encrypt()
1310 : mbedtls_rsa_private( ctx, f_rng, p_rng, output, output ) ); in mbedtls_rsa_rsaes_pkcs1_v15_encrypt()
1317 int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx, in mbedtls_rsa_pkcs1_encrypt() argument
1324 RSA_VALIDATE_RET( ctx != NULL ); in mbedtls_rsa_pkcs1_encrypt()
1330 switch( ctx->padding ) in mbedtls_rsa_pkcs1_encrypt()
1334 return mbedtls_rsa_rsaes_pkcs1_v15_encrypt( ctx, f_rng, p_rng, mode, ilen, in mbedtls_rsa_pkcs1_encrypt()
1340 return mbedtls_rsa_rsaes_oaep_encrypt( ctx, f_rng, p_rng, mode, NULL, 0, in mbedtls_rsa_pkcs1_encrypt()
1353 int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx, in mbedtls_rsa_rsaes_oaep_decrypt() argument
1372 RSA_VALIDATE_RET( ctx != NULL ); in mbedtls_rsa_rsaes_oaep_decrypt()
1383 if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21 ) in mbedtls_rsa_rsaes_oaep_decrypt()
1386 ilen = ctx->len; in mbedtls_rsa_rsaes_oaep_decrypt()
1391 md_info = mbedtls_md_info_from_type( (mbedtls_md_type_t) ctx->hash_id ); in mbedtls_rsa_rsaes_oaep_decrypt()
1404 if( ctx->P.n == 0 ) in mbedtls_rsa_rsaes_oaep_decrypt()
1406 ? mbedtls_rsa_public( ctx, input, buf ) in mbedtls_rsa_rsaes_oaep_decrypt()
1407 : mbedtls_rsa_private( ctx, NULL, NULL, input, buf ); in mbedtls_rsa_rsaes_oaep_decrypt()
1410 ? mbedtls_rsa_public( ctx, input, buf ) in mbedtls_rsa_rsaes_oaep_decrypt()
1411 : mbedtls_rsa_private( ctx, f_rng, p_rng, input, buf ); in mbedtls_rsa_rsaes_oaep_decrypt()
1596 int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx, in mbedtls_rsa_rsaes_pkcs1_v15_decrypt() argument
1623 RSA_VALIDATE_RET( ctx != NULL ); in mbedtls_rsa_rsaes_pkcs1_v15_decrypt()
1630 ilen = ctx->len; in mbedtls_rsa_rsaes_pkcs1_v15_decrypt()
1635 if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 ) in mbedtls_rsa_rsaes_pkcs1_v15_decrypt()
1642 ? mbedtls_rsa_public( ctx, input, buf ) in mbedtls_rsa_rsaes_pkcs1_v15_decrypt()
1643 : mbedtls_rsa_private( ctx, f_rng, p_rng, input, buf ); in mbedtls_rsa_rsaes_pkcs1_v15_decrypt()
1768 int mbedtls_rsa_pkcs1_decrypt( mbedtls_rsa_context *ctx, in mbedtls_rsa_pkcs1_decrypt() argument
1776 RSA_VALIDATE_RET( ctx != NULL ); in mbedtls_rsa_pkcs1_decrypt()
1783 switch( ctx->padding ) in mbedtls_rsa_pkcs1_decrypt()
1787 return mbedtls_rsa_rsaes_pkcs1_v15_decrypt( ctx, f_rng, p_rng, mode, olen, in mbedtls_rsa_pkcs1_decrypt()
1793 return mbedtls_rsa_rsaes_oaep_decrypt( ctx, f_rng, p_rng, mode, NULL, 0, in mbedtls_rsa_pkcs1_decrypt()
1804 static int rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, in rsa_rsassa_pss_sign() argument
1822 RSA_VALIDATE_RET( ctx != NULL ); in rsa_rsassa_pss_sign()
1830 if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21 ) in rsa_rsassa_pss_sign()
1836 olen = ctx->len; in rsa_rsassa_pss_sign()
1848 md_info = mbedtls_md_info_from_type( (mbedtls_md_type_t) ctx->hash_id ); in rsa_rsassa_pss_sign()
1883 msb = mbedtls_mpi_bitlen( &ctx->N ) - 1; in rsa_rsassa_pss_sign()
1919 msb = mbedtls_mpi_bitlen( &ctx->N ) - 1; in rsa_rsassa_pss_sign()
1931 if( ctx->P.n == 0) in rsa_rsassa_pss_sign()
1933 ? mbedtls_rsa_public( ctx, sig, sig ) in rsa_rsassa_pss_sign()
1934 : mbedtls_rsa_private( ctx, NULL, NULL, sig, sig ) ); in rsa_rsassa_pss_sign()
1937 ? mbedtls_rsa_public( ctx, sig, sig ) in rsa_rsassa_pss_sign()
1938 : mbedtls_rsa_private( ctx, f_rng, p_rng, sig, sig ) ); in rsa_rsassa_pss_sign()
1945 int mbedtls_rsa_rsassa_pss_sign_ext( mbedtls_rsa_context *ctx, in mbedtls_rsa_rsassa_pss_sign_ext() argument
1954 return rsa_rsassa_pss_sign( ctx, f_rng, p_rng, MBEDTLS_RSA_PRIVATE, md_alg, in mbedtls_rsa_rsassa_pss_sign_ext()
1962 int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, in mbedtls_rsa_rsassa_pss_sign() argument
1971 return rsa_rsassa_pss_sign( ctx, f_rng, p_rng, mode, md_alg, in mbedtls_rsa_rsassa_pss_sign()
2114 int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx, in mbedtls_rsa_rsassa_pkcs1_v15_sign() argument
2126 RSA_VALIDATE_RET( ctx != NULL ); in mbedtls_rsa_rsassa_pkcs1_v15_sign()
2134 if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 ) in mbedtls_rsa_rsassa_pkcs1_v15_sign()
2142 ctx->len, sig ) ) != 0 ) in mbedtls_rsa_rsassa_pkcs1_v15_sign()
2152 return( mbedtls_rsa_public( ctx, sig, sig ) ); in mbedtls_rsa_rsassa_pkcs1_v15_sign()
2161 sig_try = mbedtls_calloc( 1, ctx->len ); in mbedtls_rsa_rsassa_pkcs1_v15_sign()
2165 verif = mbedtls_calloc( 1, ctx->len ); in mbedtls_rsa_rsassa_pkcs1_v15_sign()
2172 MBEDTLS_MPI_CHK( mbedtls_rsa_private( ctx, f_rng, p_rng, sig, sig_try ) ); in mbedtls_rsa_rsassa_pkcs1_v15_sign()
2173 MBEDTLS_MPI_CHK( mbedtls_rsa_public( ctx, sig_try, verif ) ); in mbedtls_rsa_rsassa_pkcs1_v15_sign()
2175 if( mbedtls_safer_memcmp( verif, sig, ctx->len ) != 0 ) in mbedtls_rsa_rsassa_pkcs1_v15_sign()
2181 memcpy( sig, sig_try, ctx->len ); in mbedtls_rsa_rsassa_pkcs1_v15_sign()
2194 int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx, in mbedtls_rsa_pkcs1_sign() argument
2203 RSA_VALIDATE_RET( ctx != NULL ); in mbedtls_rsa_pkcs1_sign()
2211 switch( ctx->padding ) in mbedtls_rsa_pkcs1_sign()
2215 return mbedtls_rsa_rsassa_pkcs1_v15_sign( ctx, f_rng, p_rng, mode, md_alg, in mbedtls_rsa_pkcs1_sign()
2221 return mbedtls_rsa_rsassa_pss_sign( ctx, f_rng, p_rng, mode, md_alg, in mbedtls_rsa_pkcs1_sign()
2234 int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx, in mbedtls_rsa_rsassa_pss_verify_ext() argument
2257 RSA_VALIDATE_RET( ctx != NULL ); in mbedtls_rsa_rsassa_pss_verify_ext()
2265 if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21 ) in mbedtls_rsa_rsassa_pss_verify_ext()
2268 siglen = ctx->len; in mbedtls_rsa_rsassa_pss_verify_ext()
2274 ? mbedtls_rsa_public( ctx, sig, buf ) in mbedtls_rsa_rsassa_pss_verify_ext()
2275 : mbedtls_rsa_private( ctx, f_rng, p_rng, sig, buf ); in mbedtls_rsa_rsassa_pss_verify_ext()
2306 msb = mbedtls_mpi_bitlen( &ctx->N ) - 1; in mbedtls_rsa_rsassa_pss_verify_ext()
2384 int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx, in mbedtls_rsa_rsassa_pss_verify() argument
2394 RSA_VALIDATE_RET( ctx != NULL ); in mbedtls_rsa_rsassa_pss_verify()
2402 mgf1_hash_id = ( ctx->hash_id != MBEDTLS_MD_NONE ) in mbedtls_rsa_rsassa_pss_verify()
2403 ? (mbedtls_md_type_t) ctx->hash_id in mbedtls_rsa_rsassa_pss_verify()
2406 return( mbedtls_rsa_rsassa_pss_verify_ext( ctx, f_rng, p_rng, mode, in mbedtls_rsa_rsassa_pss_verify()
2418 int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx, in mbedtls_rsa_rsassa_pkcs1_v15_verify() argument
2431 RSA_VALIDATE_RET( ctx != NULL ); in mbedtls_rsa_rsassa_pkcs1_v15_verify()
2439 sig_len = ctx->len; in mbedtls_rsa_rsassa_pkcs1_v15_verify()
2441 if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 ) in mbedtls_rsa_rsassa_pkcs1_v15_verify()
2464 ? mbedtls_rsa_public( ctx, sig, encoded ) in mbedtls_rsa_rsassa_pkcs1_v15_verify()
2465 : mbedtls_rsa_private( ctx, f_rng, p_rng, sig, encoded ); in mbedtls_rsa_rsassa_pkcs1_v15_verify()
2501 int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx, in mbedtls_rsa_pkcs1_verify() argument
2510 RSA_VALIDATE_RET( ctx != NULL ); in mbedtls_rsa_pkcs1_verify()
2518 switch( ctx->padding ) in mbedtls_rsa_pkcs1_verify()
2522 return mbedtls_rsa_rsassa_pkcs1_v15_verify( ctx, f_rng, p_rng, mode, md_alg, in mbedtls_rsa_pkcs1_verify()
2528 return mbedtls_rsa_rsassa_pss_verify( ctx, f_rng, p_rng, mode, md_alg, in mbedtls_rsa_pkcs1_verify()
2581 void mbedtls_rsa_free( mbedtls_rsa_context *ctx ) in mbedtls_rsa_free() argument
2583 if( ctx == NULL ) in mbedtls_rsa_free()
2586 mbedtls_mpi_free( &ctx->Vi ); in mbedtls_rsa_free()
2587 mbedtls_mpi_free( &ctx->Vf ); in mbedtls_rsa_free()
2588 mbedtls_mpi_free( &ctx->RN ); in mbedtls_rsa_free()
2589 mbedtls_mpi_free( &ctx->D ); in mbedtls_rsa_free()
2590 mbedtls_mpi_free( &ctx->Q ); in mbedtls_rsa_free()
2591 mbedtls_mpi_free( &ctx->P ); in mbedtls_rsa_free()
2592 mbedtls_mpi_free( &ctx->E ); in mbedtls_rsa_free()
2593 mbedtls_mpi_free( &ctx->N ); in mbedtls_rsa_free()
2596 mbedtls_mpi_free( &ctx->RQ ); in mbedtls_rsa_free()
2597 mbedtls_mpi_free( &ctx->RP ); in mbedtls_rsa_free()
2598 mbedtls_mpi_free( &ctx->QP ); in mbedtls_rsa_free()
2599 mbedtls_mpi_free( &ctx->DQ ); in mbedtls_rsa_free()
2600 mbedtls_mpi_free( &ctx->DP ); in mbedtls_rsa_free()
2605 if( ctx->ver != 0 ) in mbedtls_rsa_free()
2607 mbedtls_mutex_free( &ctx->mutex ); in mbedtls_rsa_free()
2608 ctx->ver = 0; in mbedtls_rsa_free()