disabled w 0+yli~ JC]q@p!ţ _I|+?y/* * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html */ #ifndef HEADER_RSA_H # define HEADER_RSA_H # include # ifndef OPENSSL_NO_RSA # include # include # include # include # if OPENSSL_API_COMPAT < 0x10100000L # include # endif # include # ifdef __cplusplus extern "C" { # endif /* The types RSA and RSA_METHOD are defined in ossl_typ.h */ # ifndef OPENSSL_RSA_MAX_MODULUS_BITS # define OPENSSL_RSA_MAX_MODULUS_BITS 16384 # endif # define OPENSSL_RSA_FIPS_MIN_MODULUS_BITS 1024 # ifndef OPENSSL_RSA_SMALL_MODULUS_BITS # define OPENSSL_RSA_SMALL_MODULUS_BITS 3072 # endif # ifndef OPENSSL_RSA_MAX_PUBEXP_BITS /* exponent limit enforced for "large" modulus only */ # define OPENSSL_RSA_MAX_PUBEXP_BITS 64 # endif # define RSA_3 0x3L # define RSA_F4 0x10001L /* based on RFC 8017 appendix A.1.2 */ # define RSA_ASN1_VERSION_DEFAULT 0 # define RSA_ASN1_VERSION_MULTI 1 # define RSA_DEFAULT_PRIME_NUM 2 # define RSA_METHOD_FLAG_NO_CHECK 0x0001/* don't check pub/private * match */ # define RSA_FLAG_CACHE_PUBLIC 0x0002 # define RSA_FLAG_CACHE_PRIVATE 0x0004 # define RSA_FLAG_BLINDING 0x0008 # define RSA_FLAG_THREAD_SAFE 0x0010 /* * This flag means the private key operations will be handled by rsa_mod_exp * and that they do not depend on the private key components being present: * for example a key stored in external hardware. Without this flag * bn_mod_exp gets called when private key components are absent. */ # define RSA_FLAG_EXT_PKEY 0x0020 /* * new with 0.9.6j and 0.9.7b; the built-in * RSA implementation now uses blinding by * default (ignoring RSA_FLAG_BLINDING), * but other engines might not need it */ # define RSA_FLAG_NO_BLINDING 0x0080 # if OPENSSL_API_COMPAT < 0x10100000L /* * Does nothing. Previously this switched off constant time behaviour. */ # define RSA_FLAG_NO_CONSTTIME 0x0000 # endif # if OPENSSL_API_COMPAT < 0x00908000L /* deprecated name for the flag*/ /* * new with 0.9.7h; the built-in RSA * implementation now uses constant time * modular exponentiation for secret exponents * by default. This flag causes the * faster variable sliding window method to * be used for all exponents. */ # define RSA_FLAG_NO_EXP_CONSTTIME RSA_FLAG_NO_CONSTTIME # endif # define EVP_PKEY_CTX_set_rsa_padding(ctx, pad) \ RSA_pkey_ctx_ctrl(ctx, -1, EVP_PKEY_CTRL_RSA_PADDING, pad, NULL) # define EVP_PKEY_CTX_get_rsa_padding(ctx, ppad) \ RSA_pkey_ctx_ctrl(ctx, -1, EVP_PKEY_CTRL_GET_RSA_PADDING, 0, ppad) # define EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, len) \ RSA_pkey_ctx_ctrl(ctx, (EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \ EVP_PKEY_CTRL_RSA_PSS_SALTLEN, len, NULL) /* Salt length matches digest */ # define RSA_PSS_SALTLEN_DIGEST -1 /* Verify only: auto detect salt length */ # define RSA_PSS_SALTLEN_AUTO -2 /* Set salt length to maximum possible */ # define RSA_PSS_SALTLEN_MAX -3 /* Old compatible max salt length for sign only */ # define RSA_PSS_SALTLEN_MAX_SIGN -2 # define EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen(ctx, len) \ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA_PSS, EVP_PKEY_OP_KEYGEN, \ EVP_PKEY_CTRL_RSA_PSS_SALTLEN, len, NULL) # define EVP_PKEY_CTX_get_rsa_pss_saltlen(ctx, plen) \ RSA_pkey_ctx_ctrl(ctx, (EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \ EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN, 0, plen) # define EVP_PKEY_CTX_set_rsa_keygen_bits(ctx,