|
My Project
|
|
My Project
|
Functions | |
| int | wc_SetKeyUsage (Cert *cert, const char *value) |
| This function allows you to set the key usage using a comma delimited string of tokens. Accepted tokens are: digitalSignature, nonRepudiation, contentCommitment, keyCertSign, cRLSign, dataEncipherment, keyAgreement, keyEncipherment, encipherOnly, decipherOnly. Example: "digitalSignature,nonRepudiation" nonRepudiation and contentCommitment are for the same usage. More... | |
| int | wc_InitRsaKey (RsaKey *key, void *heap) |
| This function initializes a provided RsaKey struct. It also takes in a heap identifier, for use with user defined memory overrides (see XMALLOC, XFREE, XREALLOC). More... | |
| int | wc_InitRsaKey_Id (RsaKey *key, unsigned char *id, int len, void *heap, int devId) |
| This function initializes a provided RsaKey struct. The id and len are used to identify the key on the device while the devId identifies the device. It also takes in a heap identifier, for use with user defined memory overrides (see XMALLOC, XFREE, XREALLOC). More... | |
| int | wc_RsaSetRNG (RsaKey *key, WC_RNG *rng) |
| This function associates RNG with Key. It is needed when WC_RSA_BLINDING is enabled. More... | |
| int | wc_FreeRsaKey (RsaKey *key) |
| This function frees a provided RsaKey struct using mp_clear. More... | |
| int | wc_RsaDirect (byte *in, word32 inLen, byte *out, word32 *outSz, RsaKey *key, int type, WC_RNG *rng) |
| Function that does the RSA operation directly with no padding. The input size must match key size. Typically this is used when padding is already done on the RSA input. More... | |
| int | wc_RsaPublicEncrypt (const byte *in, word32 inLen, byte *out, word32 outLen, RsaKey *key, WC_RNG *rng) |
| This function encrypts a message from in and stores the result in out. It requires an initialized public key and a random number generator. As a side effect, this function will return the bytes written to out in outLen. More... | |
| int | wc_RsaPrivateDecryptInline (byte *in, word32 inLen, byte **out, RsaKey *key) |
| This functions is utilized by the wc_RsaPrivateDecrypt function for decrypting. More... | |
| int | wc_RsaPrivateDecrypt (const byte *in, word32 inLen, byte *out, word32 outLen, RsaKey *key) |
| This functions provides private RSA decryption. More... | |
| int | wc_RsaSSL_Sign (const byte *in, word32 inLen, byte *out, word32 outLen, RsaKey *key, WC_RNG *rng) |
| Signs the provided array with the private key. More... | |
| int | wc_RsaSSL_VerifyInline (byte *in, word32 inLen, byte **out, RsaKey *key) |
| Used to verify that the message was signed by RSA key. The output uses the same byte array as the input. More... | |
| int | wc_RsaSSL_Verify (const byte *in, word32 inLen, byte *out, word32 outLen, RsaKey *key) |
| Used to verify that the message was signed by key. More... | |
| int | wc_RsaPSS_Sign (const byte *in, word32 inLen, byte *out, word32 outLen, enum wc_HashType hash, int mgf, RsaKey *key, WC_RNG *rng) |
| Signs the provided array with the private key. More... | |
| int | wc_RsaPSS_Verify (byte *in, word32 inLen, byte *out, word32 outLen, enum wc_HashType hash, int mgf, RsaKey *key) |
| Decrypt input signature to verify that the message was signed by key. The key has to be associated with RNG by wc_RsaSetRNG when WC_RSA_BLINDING is enabled. More... | |
| int | wc_RsaPSS_VerifyInline (byte *in, word32 inLen, byte **out, enum wc_HashType hash, int mgf, RsaKey *key) |
| Decrypt input signature to verify that the message was signed by RSA key. The output uses the same byte array as the input. The key has to be associated with RNG by wc_RsaSetRNG when WC_RSA_BLINDING is enabled. More... | |
| int | wc_RsaPSS_VerifyCheck (byte *in, word32 inLen, byte *out, word32 outLen, const byte *digest, word32 digestLen, enum wc_HashType hash, int mgf, RsaKey *key) |
| Verify the message signed with RSA-PSS. Salt length is equal to hash length. The key has to be associated with RNG by wc_RsaSetRNG when WC_RSA_BLINDING is enabled. More... | |
| int | wc_RsaPSS_VerifyCheck_ex (byte *in, word32 inLen, byte *out, word32 outLen, const byte *digest, word32 digestLen, enum wc_HashType hash, int mgf, int saltLen, RsaKey *key) |
| Verify the message signed with RSA-PSS. The key has to be associated with RNG by wc_RsaSetRNG when WC_RSA_BLINDING is enabled. More... | |
| int | wc_RsaPSS_VerifyCheckInline (byte *in, word32 inLen, byte **out, const byte *digest, word32 digentLen, enum wc_HashType hash, int mgf, RsaKey *key) |
| Verify the message signed with RSA-PSS. The input buffer is reused for the output buffer. Salt length is equal to hash length. More... | |
| int | wc_RsaPSS_VerifyCheckInline_ex (byte *in, word32 inLen, byte **out, const byte *digest, word32 digentLen, enum wc_HashType hash, int mgf, int saltLen, RsaKey *key) |
| Verify the message signed with RSA-PSS. The input buffer is reused for the output buffer. The key has to be associated with RNG by wc_RsaSetRNG when WC_RSA_BLINDING is enabled. More... | |
| int | wc_RsaPSS_CheckPadding (const byte *in, word32 inLen, byte *sig, word32 sigSz, enum wc_HashType hashType) |
| Checks the PSS data to ensure that the signature matches. Salt length is equal to hash length. The key has to be associated with RNG by wc_RsaSetRNG when WC_RSA_BLINDING is enabled. More... | |
| int | wc_RsaPSS_CheckPadding_ex (const byte *in, word32 inLen, byte *sig, word32 sigSz, enum wc_HashType hashType, int saltLen, int bits) |
| Checks the PSS data to ensure that the signature matches. Salt length is equal to hash length. More... | |
| int | wc_RsaEncryptSize (RsaKey *key) |
| Returns the encryption size for the provided key structure. More... | |
| int | wc_RsaPrivateKeyDecode (const byte *input, word32 *inOutIdx, RsaKey *key, word32 inSz) |
| This function parses a DER-formatted RSA private key, extracts the private key and stores it in the given RsaKey structure. It also sets the distance parsed in idx. More... | |
| int | wc_RsaPublicKeyDecode (const byte *input, word32 *inOutIdx, RsaKey *key, word32 inSz) |
| This function parses a DER-formatted RSA public key, extracts the public key and stores it in the given RsaKey structure. It also sets the distance parsed in idx. More... | |
| int | wc_RsaPublicKeyDecodeRaw (const byte *n, word32 nSz, const byte *e, word32 eSz, RsaKey *key) |
| This function decodes the raw elements of an RSA public key, taking in the public modulus (n) and exponent (e). It stores these raw elements in the provided RsaKey structure, allowing one to use them in the encryption/decryption process. More... | |
| int | wc_RsaKeyToDer (RsaKey *key, byte *output, word32 inLen) |
| This function converts an RsaKey key to DER format. The result is written to output and it returns the number of bytes written. More... | |
| int | wc_RsaPublicEncrypt_ex (const byte *in, word32 inLen, byte *out, word32 outLen, RsaKey *key, WC_RNG *rng, int type, enum wc_HashType hash, int mgf, byte *label, word32 labelSz) |
| This function performs RSA encrypt while allowing the choice of which padding to use. More... | |
| int | wc_RsaPrivateDecrypt_ex (const byte *in, word32 inLen, byte *out, word32 outLen, RsaKey *key, int type, enum wc_HashType hash, int mgf, byte *label, word32 labelSz) |
| This function uses RSA to decrypt a message and gives the option of what padding type. More... | |
| int | wc_RsaPrivateDecryptInline_ex (byte *in, word32 inLen, byte **out, RsaKey *key, int type, enum wc_HashType hash, int mgf, byte *label, word32 labelSz) |
| This function uses RSA to decrypt a message inline and gives the option of what padding type. The in buffer will contain the decrypted message after being called and the out byte pointer will point to the location in the “in” buffer where the plain text is. More... | |
| int | wc_RsaFlattenPublicKey (RsaKey *key, byte *e, word32 *eSz, byte *n, word32 *nSz) |
| Flattens the RsaKey structure into individual elements (e, n) used for the RSA algorithm. More... | |
| int | wc_RsaKeyToPublicDer (RsaKey *key, byte *output, word32 inLen) |
| Convert Rsa Public key to DER format. Writes to output, and returns count of bytes written. More... | |
| int | wc_RsaKeyToPublicDer_ex (RsaKey *key, byte *output, word32 inLen, int with_header) |
| Convert RSA Public key to DER format. Writes to output, and returns count of bytes written. If with_header is 0 then only the ( seq + n + e) is returned in ASN.1 DER format and will exclude the header. More... | |
| int | wc_MakeRsaKey (RsaKey *key, int size, long e, WC_RNG *rng) |
| This function generates a RSA private key of length size (in bits) and given exponent (e). It then stores this key in the provided RsaKey structure, so that it may be used for encryption/decryption. A secure number to use for e is 65537. size is required to be greater than RSA_MIN_SIZE and less than RSA_MAX_SIZE. For this function to be available, the option WOLFSSL_KEY_GEN must be enabled at compile time. This can be accomplished with –enable-keygen if using ./configure. More... | |
| int | wc_RsaSetNonBlock (RsaKey *key, RsaNb *nb) |
| This function sets the non-blocking RSA context. When a RsaNb context is set it enables fast math based non-blocking exptmod, which splits the RSA function into many smaller operations. Enabled when WC_RSA_NONBLOCK is defined. More... | |
| int | wc_RsaSetNonBlockTime (RsaKey *key, word32 maxBlockUs, word32 cpuMHz) |
| This function configures the maximum amount of blocking time in microseconds. It uses a pre-computed table (see tfm.c exptModNbInst) along with the CPU speed in megahertz to determine if the next operation can be completed within the maximum blocking time provided. Enabled when WC_RSA_NONBLOCK_TIME is defined. More... | |
| int wc_FreeRsaKey | ( | RsaKey * | key | ) |
This function frees a provided RsaKey struct using mp_clear.
| key | pointer to the RsaKey structure to free |
Example
| int wc_InitRsaKey | ( | RsaKey * | key, |
| void * | heap | ||
| ) |
This function initializes a provided RsaKey struct. It also takes in a heap identifier, for use with user defined memory overrides (see XMALLOC, XFREE, XREALLOC).
The key has to be associated with RNG by wc_RsaSetRNG when WC_RSA_BLINDING is enabled.
| key | pointer to the RsaKey structure to initialize |
| heap | pointer to a heap identifier, for use with memory overrides, allowing custom handling of memory allocation. This heap will be the default used when allocating memory for use with this RSA object |
Example
| int wc_InitRsaKey_Id | ( | RsaKey * | key, |
| unsigned char * | id, | ||
| int | len, | ||
| void * | heap, | ||
| int | devId | ||
| ) |
This function initializes a provided RsaKey struct. The id and len are used to identify the key on the device while the devId identifies the device. It also takes in a heap identifier, for use with user defined memory overrides (see XMALLOC, XFREE, XREALLOC).
The key has to be associated with RNG by wc_RsaSetRNG when WC_RSA_BLINDING is enabled.
| key | pointer to the RsaKey structure to initialize |
| id | identifier of key on device |
| len | length of identifier in bytes |
| heap | pointer to a heap identifier, for use with memory overrides, allowing custom handling of memory allocation. This heap will be the default used when allocating memory for use with this RSA object |
| devId | ID to use with crypto callbacks or async hardware. Set to INVALID_DEVID (-2) if not used |
Example
| int wc_MakeRsaKey | ( | RsaKey * | key, |
| int | size, | ||
| long | e, | ||
| WC_RNG * | rng | ||
| ) |
This function generates a RSA private key of length size (in bits) and given exponent (e). It then stores this key in the provided RsaKey structure, so that it may be used for encryption/decryption. A secure number to use for e is 65537. size is required to be greater than RSA_MIN_SIZE and less than RSA_MAX_SIZE. For this function to be available, the option WOLFSSL_KEY_GEN must be enabled at compile time. This can be accomplished with –enable-keygen if using ./configure.
| key | pointer to the RsaKey structure in which to store the generated private key |
| size | desired key length, in bits. Required to be greater than RSA_MIN_SIZE and less than RSA_MAX_SIZE |
| e | exponent parameter to use for generating the key. A secure choice is 65537 |
| rng | pointer to an RNG structure to use for random number generation while making the ke |
Example
| int wc_RsaDirect | ( | byte * | in, |
| word32 | inLen, | ||
| byte * | out, | ||
| word32 * | outSz, | ||
| RsaKey * | key, | ||
| int | type, | ||
| WC_RNG * | rng | ||
| ) |
Function that does the RSA operation directly with no padding. The input size must match key size. Typically this is used when padding is already done on the RSA input.
| in | buffer to do operation on |
| inLen | length of input buffer |
| out | buffer to hold results |
| outSz | gets set to size of result buffer. Should be passed in as length of out buffer. If the pointer "out" is null then outSz gets set to the expected buffer size needed and LENGTH_ONLY_E gets returned. |
| key | initialized RSA key to use for encrypt/decrypt |
| type | if using private or public key (RSA_PUBLIC_ENCRYPT, RSA_PUBLIC_DECRYPT, RSA_PRIVATE_ENCRYPT, RSA_PRIVATE_DECRYPT) |
| rng | initialized WC_RNG struct |
Example
| int wc_RsaEncryptSize | ( | RsaKey * | key | ) |
Returns the encryption size for the provided key structure.
| key | The key to use for verification. |
Example
| int wc_RsaFlattenPublicKey | ( | RsaKey * | key, |
| byte * | e, | ||
| word32 * | eSz, | ||
| byte * | n, | ||
| word32 * | nSz | ||
| ) |
Flattens the RsaKey structure into individual elements (e, n) used for the RSA algorithm.
| key | The key to use for verification. |
| e | a buffer for the value of e. e is a large positive integer in the RSA modular arithmetic operation. |
| eSz | the size of the e buffer. |
| n | a buffer for the value of n. n is a large positive integer in the RSA modular arithmetic operation. |
| nSz | the size of the n buffer. |
Example
| int wc_RsaKeyToDer | ( | RsaKey * | key, |
| byte * | output, | ||
| word32 | inLen | ||
| ) |
This function converts an RsaKey key to DER format. The result is written to output and it returns the number of bytes written.
| key | Initialized RsaKey structure. |
| output | Pointer to output buffer. |
| inLen | Size of output buffer. |
Example
| int wc_RsaKeyToPublicDer | ( | RsaKey * | key, |
| byte * | output, | ||
| word32 | inLen | ||
| ) |
Convert Rsa Public key to DER format. Writes to output, and returns count of bytes written.
| key | The RSA key structure to convert. |
| output | Output buffer to hold DER. (if NULL will return length only) |
| inLen | Length of buffer. |
Example
| int wc_RsaKeyToPublicDer_ex | ( | RsaKey * | key, |
| byte * | output, | ||
| word32 | inLen, | ||
| int | with_header | ||
| ) |
Convert RSA Public key to DER format. Writes to output, and returns count of bytes written. If with_header is 0 then only the ( seq + n + e) is returned in ASN.1 DER format and will exclude the header.
| key | The RSA key structure to convert. |
| output | Output buffer to hold DER. (if NULL will return length only) |
| inLen | Length of buffer. |
Example
| int wc_RsaPrivateDecrypt | ( | const byte * | in, |
| word32 | inLen, | ||
| byte * | out, | ||
| word32 | outLen, | ||
| RsaKey * | key | ||
| ) |
This functions provides private RSA decryption.
| in | The byte array to be decrypted. |
| inLen | The length of in. |
| out | The byte array for the decrypted data to be stored. |
| outLen | The length of out. |
| key | The key to use for decryption. |
Example
| int wc_RsaPrivateDecrypt_ex | ( | const byte * | in, |
| word32 | inLen, | ||
| byte * | out, | ||
| word32 | outLen, | ||
| RsaKey * | key, | ||
| int | type, | ||
| enum wc_HashType | hash, | ||
| int | mgf, | ||
| byte * | label, | ||
| word32 | labelSz | ||
| ) |
This function uses RSA to decrypt a message and gives the option of what padding type.
| in | pointer to the buffer for decryption |
| inLen | length of the buffer to decrypt |
| out | decrypted msg created |
| outLen | length of buffer available to hold decrypted msg |
| key | initialized RSA key struct |
| type | type of padding to use (WC_RSA_OAEP_PAD or WC_RSA_PKCSV15_PAD) |
| hash | type of hash to use (choices can be found in hash.h) |
| mgf | type of mask generation function to use |
| label | an optional label to associate with encrypted message |
| labelSz | size of the optional label used |
Example
| int wc_RsaPrivateDecryptInline | ( | byte * | in, |
| word32 | inLen, | ||
| byte ** | out, | ||
| RsaKey * | key | ||
| ) |
This functions is utilized by the wc_RsaPrivateDecrypt function for decrypting.
| in | The byte array to be decrypted. |
| inLen | The length of in. |
| out | The byte array for the decrypted data to be stored. |
| key | The key to use for decryption. |
Example
| int wc_RsaPrivateDecryptInline_ex | ( | byte * | in, |
| word32 | inLen, | ||
| byte ** | out, | ||
| RsaKey * | key, | ||
| int | type, | ||
| enum wc_HashType | hash, | ||
| int | mgf, | ||
| byte * | label, | ||
| word32 | labelSz | ||
| ) |
This function uses RSA to decrypt a message inline and gives the option of what padding type. The in buffer will contain the decrypted message after being called and the out byte pointer will point to the location in the “in” buffer where the plain text is.
| in | pointer to the buffer for decryption |
| inLen | length of the buffer to decrypt |
| out | pointer to location of decrypted message in “in” buffer |
| key | initialized RSA key struct |
| type | type of padding to use (WC_RSA_OAEP_PAD or WC_RSA_PKCSV15_PAD) |
| hash | type of hash to use (choices can be found in hash.h) |
| mgf | type of mask generation function to use |
| label | an optional label to associate with encrypted message |
| labelSz | size of the optional label used |
Example
| int wc_RsaPrivateKeyDecode | ( | const byte * | input, |
| word32 * | inOutIdx, | ||
| RsaKey * | key, | ||
| word32 | inSz | ||
| ) |
This function parses a DER-formatted RSA private key, extracts the private key and stores it in the given RsaKey structure. It also sets the distance parsed in idx.
| input | pointer to the buffer containing the DER formatted private key to decode |
| inOutIdx | pointer to the index in the buffer at which the key begins (usually 0). As a side effect of this function, inOutIdx will store the distance parsed through the input buffer |
| key | pointer to the RsaKey structure in which to store the decoded private key |
| inSz | size of the input buffer |
Example
| int wc_RsaPSS_CheckPadding | ( | const byte * | in, |
| word32 | inLen, | ||
| byte * | sig, | ||
| word32 | sigSz, | ||
| enum wc_HashType | hashType | ||
| ) |
Checks the PSS data to ensure that the signature matches. Salt length is equal to hash length. The key has to be associated with RNG by wc_RsaSetRNG when WC_RSA_BLINDING is enabled.
| in | Hash of the data that is being verified. |
| inSz | Length of hash. |
| sig | Buffer holding PSS data. |
| sigSz | Size of PSS data. |
| hashType | Hash algorithm. |
Example
| int wc_RsaPSS_CheckPadding_ex | ( | const byte * | in, |
| word32 | inLen, | ||
| byte * | sig, | ||
| word32 | sigSz, | ||
| enum wc_HashType | hashType, | ||
| int | saltLen, | ||
| int | bits | ||
| ) |
Checks the PSS data to ensure that the signature matches. Salt length is equal to hash length.
| in | Hash of the data that is being verified. |
| inSz | Length of hash. |
| sig | Buffer holding PSS data. |
| sigSz | Size of PSS data. |
| hashType | Hash algorithm. |
| saltLen | Length of salt used. RSA_PSS_SALT_LEN_DEFAULT (-1) indicates salt length is the same as the hash length. RSA_PSS_SALT_LEN_DISCOVER indicates salt length is determined from the data. |
| bits | Can be used to calculate salt size in FIPS case |
Example
| int wc_RsaPSS_Sign | ( | const byte * | in, |
| word32 | inLen, | ||
| byte * | out, | ||
| word32 | outLen, | ||
| enum wc_HashType | hash, | ||
| int | mgf, | ||
| RsaKey * | key, | ||
| WC_RNG * | rng | ||
| ) |
Signs the provided array with the private key.
| in | The byte array to be encrypted. |
| inLen | The length of in. |
| out | The byte array for the encrypted data to be stored. |
| outLen | The length of out. |
| hash | The hash type to be in message |
| mgf | Mask Generation Function Identifiers |
| key | The key to use for verification. |
Example
| int wc_RsaPSS_Verify | ( | byte * | in, |
| word32 | inLen, | ||
| byte * | out, | ||
| word32 | outLen, | ||
| enum wc_HashType | hash, | ||
| int | mgf, | ||
| RsaKey * | key | ||
| ) |
Decrypt input signature to verify that the message was signed by key. The key has to be associated with RNG by wc_RsaSetRNG when WC_RSA_BLINDING is enabled.
| in | The byte array to be decrypted. |
| inLen | The length of in. |
| out | The byte array for the decrypted data to be stored. |
| outLen | The length of out. |
| hash | The hash type to be in message |
| mgf | Mask Generation Function Identifiers |
| key | The key to use for verification. |
Example
| int wc_RsaPSS_VerifyCheck | ( | byte * | in, |
| word32 | inLen, | ||
| byte * | out, | ||
| word32 | outLen, | ||
| const byte * | digest, | ||
| word32 | digestLen, | ||
| enum wc_HashType | hash, | ||
| int | mgf, | ||
| RsaKey * | key | ||
| ) |
Verify the message signed with RSA-PSS. Salt length is equal to hash length. The key has to be associated with RNG by wc_RsaSetRNG when WC_RSA_BLINDING is enabled.
| in | The byte array to be decrypted. |
| inLen | The length of in. |
| out | Pointer to address containing the PSS data. |
| outLen | The length of out. |
| digest | Hash of the data that is being verified. |
| digestLen | Length of hash. |
| hash | Hash algorithm. |
| mgf | Mask generation function. |
| key | Public RSA key. |
Example
| int wc_RsaPSS_VerifyCheck_ex | ( | byte * | in, |
| word32 | inLen, | ||
| byte * | out, | ||
| word32 | outLen, | ||
| const byte * | digest, | ||
| word32 | digestLen, | ||
| enum wc_HashType | hash, | ||
| int | mgf, | ||
| int | saltLen, | ||
| RsaKey * | key | ||
| ) |
Verify the message signed with RSA-PSS. The key has to be associated with RNG by wc_RsaSetRNG when WC_RSA_BLINDING is enabled.
| in | The byte array to be decrypted. |
| inLen | The length of in. |
| out | Pointer to address containing the PSS data. |
| outLen | The length of out. |
| digest | Hash of the data that is being verified. |
| digestLen | Length of hash. |
| hash | Hash algorithm. |
| mgf | Mask generation function. |
| saltLen | Length of salt used. RSA_PSS_SALT_LEN_DEFAULT (-1) indicates salt length is the same as the hash length. RSA_PSS_SALT_LEN_DISCOVER indicates salt length is determined from the data. |
| key | Public RSA key. |
Example
| int wc_RsaPSS_VerifyCheckInline | ( | byte * | in, |
| word32 | inLen, | ||
| byte ** | out, | ||
| const byte * | digest, | ||
| word32 | digentLen, | ||
| enum wc_HashType | hash, | ||
| int | mgf, | ||
| RsaKey * | key | ||
| ) |
Verify the message signed with RSA-PSS. The input buffer is reused for the output buffer. Salt length is equal to hash length.
The key has to be associated with RNG by wc_RsaSetRNG when WC_RSA_BLINDING is enabled.
| in | The byte array to be decrypted. |
| inLen | The length of in. |
| out | The byte array for the decrypted data to be stored. |
| digest | Hash of the data that is being verified. |
| digestLen | Length of hash. |
| hash | The hash type to be in message |
| mgf | Mask Generation Function Identifiers |
| key | The key to use for verification. |
Example
| int wc_RsaPSS_VerifyCheckInline_ex | ( | byte * | in, |
| word32 | inLen, | ||
| byte ** | out, | ||
| const byte * | digest, | ||
| word32 | digentLen, | ||
| enum wc_HashType | hash, | ||
| int | mgf, | ||
| int | saltLen, | ||
| RsaKey * | key | ||
| ) |
Verify the message signed with RSA-PSS. The input buffer is reused for the output buffer. The key has to be associated with RNG by wc_RsaSetRNG when WC_RSA_BLINDING is enabled.
| in | The byte array to be decrypted. |
| inLen | The length of in. |
| out | The byte array for the decrypted data to be stored. |
| digest | Hash of the data that is being verified. |
| digestLen | Length of hash. |
| hash | The hash type to be in message |
| mgf | Mask Generation Function Identifiers |
| saltLen | Length of salt used. RSA_PSS_SALT_LEN_DEFAULT (-1) indicates salt length is the same as the hash length. RSA_PSS_SALT_LEN_DISCOVER indicates salt length is determined from the data. |
| key | The key to use for verification. |
Example
| int wc_RsaPSS_VerifyInline | ( | byte * | in, |
| word32 | inLen, | ||
| byte ** | out, | ||
| enum wc_HashType | hash, | ||
| int | mgf, | ||
| RsaKey * | key | ||
| ) |
Decrypt input signature to verify that the message was signed by RSA key. The output uses the same byte array as the input. The key has to be associated with RNG by wc_RsaSetRNG when WC_RSA_BLINDING is enabled.
| in | Byte array to be decrypted. |
| inLen | Length of the buffer input. |
| out | Pointer to address containing the PSS data. |
| hash | The hash type to be in message |
| mgf | Mask Generation Function Identifiers |
| key | RsaKey to use. |
_Example_
| int wc_RsaPublicEncrypt | ( | const byte * | in, |
| word32 | inLen, | ||
| byte * | out, | ||
| word32 | outLen, | ||
| RsaKey * | key, | ||
| WC_RNG * | rng | ||
| ) |
This function encrypts a message from in and stores the result in out. It requires an initialized public key and a random number generator. As a side effect, this function will return the bytes written to out in outLen.
| in | pointer to a buffer containing the input message to encrypt |
| inLen | the length of the message to encrypt |
| out | pointer to the buffer in which to store the output ciphertext |
| outLen | the length of the output buffer |
| key | pointer to the RsaKey structure containing the public key to use for encryption |
| rng | The RNG structure with which to generate random block padding |
Example
| int wc_RsaPublicEncrypt_ex | ( | const byte * | in, |
| word32 | inLen, | ||
| byte * | out, | ||
| word32 | outLen, | ||
| RsaKey * | key, | ||
| WC_RNG * | rng, | ||
| int | type, | ||
| enum wc_HashType | hash, | ||
| int | mgf, | ||
| byte * | label, | ||
| word32 | labelSz | ||
| ) |
This function performs RSA encrypt while allowing the choice of which padding to use.
| in | pointer to the buffer for encryption |
| inLen | length of the buffer to encrypt |
| out | encrypted msg created |
| outLen | length of buffer available to hold encrypted msg |
| key | initialized RSA key struct |
| rng | initialized WC_RNG struct |
| type | type of padding to use (WC_RSA_OAEP_PAD or WC_RSA_PKCSV15_PAD) |
| hash | type of hash to use (choices can be found in hash.h) |
| mgf | type of mask generation function to use |
| label | an optional label to associate with encrypted message |
| labelSz | size of the optional label used |
Example
| int wc_RsaPublicKeyDecode | ( | const byte * | input, |
| word32 * | inOutIdx, | ||
| RsaKey * | key, | ||
| word32 | inSz | ||
| ) |
This function parses a DER-formatted RSA public key, extracts the public key and stores it in the given RsaKey structure. It also sets the distance parsed in idx.
| input | pointer to the buffer containing the input DER-encoded RSA public key to decode |
| inOutIdx | pointer to the index in the buffer at which the key begins (usually 0). As a side effect of this function, inOutIdx will store the distance parsed through the input buffer |
| key | pointer to the RsaKey structure in which to store the decoded public key |
| inSz | size of the input buffer |
Example
| int wc_RsaPublicKeyDecodeRaw | ( | const byte * | n, |
| word32 | nSz, | ||
| const byte * | e, | ||
| word32 | eSz, | ||
| RsaKey * | key | ||
| ) |
This function decodes the raw elements of an RSA public key, taking in the public modulus (n) and exponent (e). It stores these raw elements in the provided RsaKey structure, allowing one to use them in the encryption/decryption process.
| n | pointer to a buffer containing the raw modulus parameter of the public RSA key |
| nSz | size of the buffer containing n |
| e | pointer to a buffer containing the raw exponent parameter of the public RSA key |
| eSz | size of the buffer containing e |
| key | pointer to the RsaKey struct to initialize with the provided public key elements |
Example
| int wc_RsaSetNonBlock | ( | RsaKey * | key, |
| RsaNb * | nb | ||
| ) |
This function sets the non-blocking RSA context. When a RsaNb context is set it enables fast math based non-blocking exptmod, which splits the RSA function into many smaller operations. Enabled when WC_RSA_NONBLOCK is defined.
| key | The RSA key structure |
| nb | The RSA non-blocking structure for this RSA key to use. |
Example
| int wc_RsaSetNonBlockTime | ( | RsaKey * | key, |
| word32 | maxBlockUs, | ||
| word32 | cpuMHz | ||
| ) |
This function configures the maximum amount of blocking time in microseconds. It uses a pre-computed table (see tfm.c exptModNbInst) along with the CPU speed in megahertz to determine if the next operation can be completed within the maximum blocking time provided. Enabled when WC_RSA_NONBLOCK_TIME is defined.
| key | The RSA key structure. |
| maxBlockUs | Maximum time to block microseconds. |
| cpuMHz | CPU speed in megahertz. |
Example
| int wc_RsaSetRNG | ( | RsaKey * | key, |
| WC_RNG * | rng | ||
| ) |
This function associates RNG with Key. It is needed when WC_RSA_BLINDING is enabled.
| key | pointer to the RsaKey structure to be associated |
| rng | pointer to the WC_RNG structure to associate with |
Example
| int wc_RsaSSL_Sign | ( | const byte * | in, |
| word32 | inLen, | ||
| byte * | out, | ||
| word32 | outLen, | ||
| RsaKey * | key, | ||
| WC_RNG * | rng | ||
| ) |
Signs the provided array with the private key.
| in | The byte array to be encrypted. |
| inLen | The length of in. |
| out | The byte array for the encrypted data to be stored. |
| outLen | The length of out. |
| key | The key to use for encryption. |
| RNG | The RNG struct to use for random number purposes. |
Example
| int wc_RsaSSL_Verify | ( | const byte * | in, |
| word32 | inLen, | ||
| byte * | out, | ||
| word32 | outLen, | ||
| RsaKey * | key | ||
| ) |
Used to verify that the message was signed by key.
| in | The byte array to be decrypted. |
| inLen | The length of in. |
| out | The byte array for the decrypted data to be stored. |
| outLen | The length of out. |
| key | The key to use for verification. |
Example
| int wc_RsaSSL_VerifyInline | ( | byte * | in, |
| word32 | inLen, | ||
| byte ** | out, | ||
| RsaKey * | key | ||
| ) |
Used to verify that the message was signed by RSA key. The output uses the same byte array as the input.
| in | Byte array to be decrypted. |
| inLen | Length of the buffer input. |
| out | Pointer to a pointer for decrypted information. |
| key | RsaKey to use. |
Example
| int wc_SetKeyUsage | ( | Cert * | cert, |
| const char * | value | ||
| ) |
This function allows you to set the key usage using a comma delimited string of tokens. Accepted tokens are: digitalSignature, nonRepudiation, contentCommitment, keyCertSign, cRLSign, dataEncipherment, keyAgreement, keyEncipherment, encipherOnly, decipherOnly. Example: "digitalSignature,nonRepudiation" nonRepudiation and contentCommitment are for the same usage.
| cert | Pointer to initialized Cert structure. |
| value | Comma delimited string of tokens to set usage. |
Example
1.9.1