1 /* crypto/rsa/rsa.h */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 59 module deimos.openssl.rsa; 60 61 import deimos.openssl._d_util; 62 63 import deimos.openssl.evp; // Needed for EVP_PKEY_ALG_CTRL. 64 65 public import deimos.openssl.asn1; 66 67 version(OPENSSL_NO_BIO) {} else { 68 public import deimos.openssl.bio; 69 } 70 public import deimos.openssl.crypto; 71 public import deimos.openssl.ossl_typ; 72 version(OPENSSL_NO_DEPRECATED) {} else { 73 public import deimos.openssl.bn; 74 } 75 76 version (OPENSSL_NO_RSA) { 77 static assert(false, "RSA is disabled."); 78 } 79 80 extern (C): 81 nothrow: 82 83 /* Declared already in ossl_typ.h */ 84 /* typedef rsa_st RSA; */ 85 /* typedef rsa_meth_st RSA_METHOD; */ 86 87 struct rsa_meth_st 88 { 89 const(char)* name; 90 ExternC!(int function(int flen,const(ubyte)* from, 91 ubyte* to, 92 RSA* rsa,int padding)) rsa_pub_enc; 93 ExternC!(int function(int flen,const(ubyte)* from, 94 ubyte* to, 95 RSA* rsa,int padding)) rsa_pub_dec; 96 ExternC!(int function(int flen,const(ubyte)* from, 97 ubyte* to, 98 RSA* rsa,int padding)) rsa_priv_enc; 99 ExternC!(int function(int flen,const(ubyte)* from, 100 ubyte* to, 101 RSA* rsa,int padding)) rsa_priv_dec; 102 ExternC!(int function(BIGNUM* r0,const(BIGNUM)* I,RSA* rsa,BN_CTX* ctx)) rsa_mod_exp; /* Can be null */ 103 ExternC!(int function(BIGNUM* r, const(BIGNUM)* a, const(BIGNUM)* p, 104 const(BIGNUM)* m, BN_CTX* ctx, 105 BN_MONT_CTX* m_ctx)) bn_mod_exp; /* Can be null */ 106 ExternC!(int function(RSA* rsa)) init_; /* called at new */ 107 ExternC!(int function(RSA* rsa)) finish; /* called at free */ 108 int flags; /* RSA_METHOD_FLAG_* things */ 109 char* app_data; /* may be needed! */ 110 /* New sign and verify functions: some libraries don't allow arbitrary data 111 * to be signed/verified: this allows them to be used. Note: for this to work 112 * the RSA_public_decrypt() and RSA_private_encrypt() should* NOT* be used 113 * RSA_sign(), RSA_verify() should be used instead. Note: for backwards 114 * compatibility this functionality is only enabled if the RSA_FLAG_SIGN_VER 115 * option is set in 'flags'. 116 */ 117 ExternC!(int function(int type, 118 const(ubyte)* m, uint m_length, 119 ubyte* sigret, uint* siglen, const(RSA)* rsa)) rsa_sign; 120 ExternC!(int function(int dtype, 121 const(ubyte)* m, uint m_length, 122 const(ubyte)* sigbuf, uint siglen, 123 const(RSA)* rsa)) rsa_verify; 124 /* If this callback is NULL, the builtin software RSA key-gen will be used. This 125 * is for behavioural compatibility whilst the code gets rewired, but one day 126 * it would be nice to assume there are no such things as "builtin software" 127 * implementations. */ 128 ExternC!(int function(RSA* rsa, int bits, BIGNUM* e, BN_GENCB* cb)) rsa_keygen; 129 }; 130 131 struct rsa_st 132 { 133 /* The first parameter is used to pickup errors where 134 * this is passed instead of aEVP_PKEY, it is set to 0 */ 135 int pad; 136 c_long version_; 137 const(RSA_METHOD)* meth; 138 /* functional reference if 'meth' is ENGINE-provided */ 139 ENGINE* engine; 140 BIGNUM* n; 141 BIGNUM* e; 142 BIGNUM* d; 143 BIGNUM* p; 144 BIGNUM* q; 145 BIGNUM* dmp1; 146 BIGNUM* dmq1; 147 BIGNUM* iqmp; 148 /* be careful using this if the RSA structure is shared */ 149 CRYPTO_EX_DATA ex_data; 150 int references; 151 int flags; 152 153 /* Used to cache montgomery values */ 154 BN_MONT_CTX* _method_mod_n; 155 BN_MONT_CTX* _method_mod_p; 156 BN_MONT_CTX* _method_mod_q; 157 158 /* all BIGNUM values are actually in the following data, if it is not 159 * NULL */ 160 char* bignum_data; 161 BN_BLINDING* blinding; 162 BN_BLINDING* mt_blinding; 163 }; 164 165 // #ifndef OPENSSL_RSA_MAX_MODULUS_BITS 166 enum OPENSSL_RSA_MAX_MODULUS_BITS = 16384; 167 // #endif 168 169 // #ifndef OPENSSL_RSA_SMALL_MODULUS_BITS 170 enum OPENSSL_RSA_SMALL_MODULUS_BITS = 3072; 171 // #endif 172 // #ifndef OPENSSL_RSA_MAX_PUBEXP_BITS 173 enum OPENSSL_RSA_MAX_PUBEXP_BITS = 64; /* exponent limit enforced for "large" modulus only */ 174 // #endif 175 176 enum RSA_3 = 0x3; 177 enum RSA_F4 = 0x10001; 178 179 enum RSA_METHOD_FLAG_NO_CHECK = 0x0001; /* don't check pub/private match */ 180 181 enum RSA_FLAG_CACHE_PUBLIC = 0x0002; 182 enum RSA_FLAG_CACHE_PRIVATE = 0x0004; 183 enum RSA_FLAG_BLINDING = 0x0008; 184 enum RSA_FLAG_THREAD_SAFE = 0x0010; 185 /* This flag means the private key operations will be handled by rsa_mod_exp 186 * and that they do not depend on the private key components being present: 187 * for example a key stored in external hardware. Without this flag bn_mod_exp 188 * gets called when private key components are absent. 189 */ 190 enum RSA_FLAG_EXT_PKEY = 0x0020; 191 192 /* This flag in the RSA_METHOD enables the new rsa_sign, rsa_verify functions. 193 */ 194 enum RSA_FLAG_SIGN_VER = 0x0040; 195 196 enum RSA_FLAG_NO_BLINDING = 0x0080; /* new with 0.9.6j and 0.9.7b; the built-in 197 * RSA implementation now uses blinding by 198 * default (ignoring RSA_FLAG_BLINDING), 199 * but other engines might not need it 200 */ 201 enum RSA_FLAG_NO_CONSTTIME = 0x0100; /* new with 0.9.8f; the built-in RSA 202 * implementation now uses constant time 203 * operations by default in private key operations, 204 * e.g., constant time modular exponentiation, 205 * modular inverse without leaking branches, 206 * division without leaking branches. This 207 * flag disables these constant time 208 * operations and results in faster RSA 209 * private key operations. 210 */ 211 version(OPENSSL_NO_DEPRECATED) {} else { 212 alias RSA_FLAG_NO_CONSTTIME RSA_FLAG_NO_EXP_CONSTTIME; /* deprecated name for the flag*/ 213 /* new with 0.9.7h; the built-in RSA 214 * implementation now uses constant time 215 * modular exponentiation for secret exponents 216 * by default. This flag causes the 217 * faster variable sliding window method to 218 * be used for all exponents. 219 */ 220 } 221 222 223 auto EVP_PKEY_CTX_set_rsa_padding()(EVP_PKEY_CTX* ctx, int pad) { 224 return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, EVP_PKEY_CTRL_RSA_PADDING, 225 pad, null); 226 } 227 228 auto EVP_PKEY_CTX_get_rsa_padding()(EVP_PKEY_CTX* ctx, int *ppad) { 229 return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, 230 EVP_PKEY_CTRL_GET_RSA_PADDING, 0, ppad); 231 } 232 233 auto EVP_PKEY_CTX_set_rsa_pss_saltlen()(EVP_PKEY_CTX* ctx, int len) { 234 return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, 235 (EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), 236 EVP_PKEY_CTRL_RSA_PSS_SALTLEN, 237 len, null); 238 } 239 240 auto EVP_PKEY_CTX_get_rsa_pss_saltlen()(EVP_PKEY_CTX* ctx, int *plen) { 241 return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, 242 (EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), 243 EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN, 244 0, plen); 245 } 246 247 auto EVP_PKEY_CTX_set_rsa_keygen_bits()(EVP_PKEY_CTX* ctx, int bits) { 248 return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, 249 EVP_PKEY_CTRL_RSA_KEYGEN_BITS, bits, null); 250 } 251 252 auto EVP_PKEY_CTX_set_rsa_keygen_pubexp()(EVP_PKEY_CTX* ctx, void* pubexp) { 253 return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, 254 EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP, 0, pubexp); 255 } 256 257 auto EVP_PKEY_CTX_set_rsa_mgf1_md()(EVP_PKEY_CTX* ctx, EVP_MD* md) { 258 return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_SIG, 259 EVP_PKEY_CTRL_RSA_MGF1_MD, 0, cast(void*)md); 260 } 261 262 auto EVP_PKEY_CTX_get_rsa_mgf1_md()(EVP_PKEY_CTX* ctx, EVP_MD** pmd) { 263 return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_SIG, 264 EVP_PKEY_CTRL_GET_RSA_MGF1_MD, 0, cast(void*)pmd); 265 } 266 267 enum EVP_PKEY_CTRL_RSA_PADDING = (EVP_PKEY_ALG_CTRL + 1); 268 enum EVP_PKEY_CTRL_RSA_PSS_SALTLEN = (EVP_PKEY_ALG_CTRL + 2); 269 270 enum EVP_PKEY_CTRL_RSA_KEYGEN_BITS = (EVP_PKEY_ALG_CTRL + 3); 271 enum EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP = (EVP_PKEY_ALG_CTRL + 4); 272 enum EVP_PKEY_CTRL_RSA_MGF1_MD = (EVP_PKEY_ALG_CTRL + 5); 273 274 enum EVP_PKEY_CTRL_GET_RSA_PADDING = (EVP_PKEY_ALG_CTRL + 6); 275 enum EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN = (EVP_PKEY_ALG_CTRL + 7); 276 enum EVP_PKEY_CTRL_GET_RSA_MGF1_MD = (EVP_PKEY_ALG_CTRL + 8); 277 278 enum RSA_PKCS1_PADDING = 1; 279 enum RSA_SSLV23_PADDING = 2; 280 enum RSA_NO_PADDING = 3; 281 enum RSA_PKCS1_OAEP_PADDING = 4; 282 enum RSA_X931_PADDING = 5; 283 /* EVP_PKEY_ only */ 284 enum RSA_PKCS1_PSS_PADDING = 6; 285 286 enum RSA_PKCS1_PADDING_SIZE = 11; 287 288 int RSA_set_app_data()(RSA* s, void* arg) { return RSA_set_ex_data(s,0,arg); } 289 void* RSA_get_app_data()(const(RSA)* s) { return RSA_get_ex_data(s,0); } 290 291 RSA* RSA_new(); 292 RSA* RSA_new_method(ENGINE* engine); 293 int RSA_size(const(RSA)* rsa); 294 295 /* Deprecated version */ 296 version(OPENSSL_NO_DEPRECATED) {} else { 297 RSA* RSA_generate_key(int bits, c_ulong e,ExternC!(void 298 function(int,int,void*)) callback,void* cb_arg); 299 } /* !defined(OPENSSL_NO_DEPRECATED) */ 300 301 /* New version */ 302 int RSA_generate_key_ex(RSA* rsa, int bits, BIGNUM* e, BN_GENCB* cb); 303 304 int RSA_check_key(const(RSA)*); 305 /* next 4 return -1 on error */ 306 int RSA_public_encrypt(int flen, const(ubyte)* from, 307 ubyte* to, RSA* rsa,int padding); 308 int RSA_private_encrypt(int flen, const(ubyte)* from, 309 ubyte* to, RSA* rsa,int padding); 310 int RSA_public_decrypt(int flen, const(ubyte)* from, 311 ubyte* to, RSA* rsa,int padding); 312 int RSA_private_decrypt(int flen, const(ubyte)* from, 313 ubyte* to, RSA* rsa,int padding); 314 void RSA_free (RSA* r); 315 /* "up" the RSA object's reference count */ 316 int RSA_up_ref(RSA* r); 317 318 int RSA_flags(const(RSA)* r); 319 320 void RSA_set_default_method(const(RSA_METHOD)* meth); 321 const(RSA_METHOD)* RSA_get_default_method(); 322 const(RSA_METHOD)* RSA_get_method(const(RSA)* rsa); 323 int RSA_set_method(RSA* rsa, const(RSA_METHOD)* meth); 324 325 /* This function needs the memory locking malloc callbacks to be installed */ 326 int RSA_memory_lock(RSA* r); 327 328 /* these are the actual SSLeay RSA functions */ 329 const(RSA_METHOD)* RSA_PKCS1_SSLeay(); 330 331 const(RSA_METHOD)* RSA_null_method(); 332 333 mixin(DECLARE_ASN1_ENCODE_FUNCTIONS_const!("RSA", "RSAPublicKey")); 334 mixin(DECLARE_ASN1_ENCODE_FUNCTIONS_const!("RSA", "RSAPrivateKey")); 335 336 struct rsa_pss_params_st 337 { 338 X509_ALGOR *hashAlgorithm; 339 X509_ALGOR *maskGenAlgorithm; 340 ASN1_INTEGER *saltLength; 341 ASN1_INTEGER *trailerField; 342 } 343 alias rsa_pss_params_st RSA_PSS_PARAMS; 344 345 mixin(DECLARE_ASN1_FUNCTIONS!"RSA_PSS_PARAMS"); 346 347 version(OPENSSL_NO_FP_API) {} else { 348 int RSA_print_fp(FILE* fp, const(RSA)* r,int offset); 349 } 350 351 version(OPENSSL_NO_BIO) {} else { 352 int RSA_print(BIO* bp, const(RSA)* r,int offset); 353 } 354 355 version(OPENSSL_NO_RC4) {} else { 356 int i2d_RSA_NET(const(RSA)* a, ubyte** pp, 357 ExternC!(int function(char* buf, int len, const(char)* prompt, int verify)) cb, 358 int sgckey); 359 RSA* d2i_RSA_NET(RSA** a, const(ubyte)** pp, c_long length, 360 ExternC!(int function(char* buf, int len, const(char)* prompt, int verify)) cb, 361 int sgckey); 362 363 int i2d_Netscape_RSA(const(RSA)* a, ubyte** pp, 364 ExternC!(int function(char* buf, int len, const(char)* prompt, 365 int verify)) cb); 366 RSA* d2i_Netscape_RSA(RSA** a, const(ubyte)** pp, c_long length, 367 ExternC!(int function(char* buf, int len, const(char)* prompt, 368 int verify)) cb); 369 } 370 371 /* The following 2 functions sign and verify a X509_SIG ASN1 object 372 * inside PKCS#1 padded RSA encryption */ 373 int RSA_sign(int type, const(ubyte)* m, uint m_length, 374 ubyte* sigret, uint* siglen, RSA* rsa); 375 int RSA_verify(int type, const(ubyte)* m, uint m_length, 376 const(ubyte)* sigbuf, uint siglen, RSA* rsa); 377 378 /* The following 2 function sign and verify a ASN1_OCTET_STRING 379 * object inside PKCS#1 padded RSA encryption */ 380 int RSA_sign_ASN1_OCTET_STRING(int type, 381 const(ubyte)* m, uint m_length, 382 ubyte* sigret, uint* siglen, RSA* rsa); 383 int RSA_verify_ASN1_OCTET_STRING(int type, 384 const(ubyte)* m, uint m_length, 385 ubyte* sigbuf, uint siglen, RSA* rsa); 386 387 int RSA_blinding_on(RSA* rsa, BN_CTX* ctx); 388 void RSA_blinding_off(RSA* rsa); 389 BN_BLINDING* RSA_setup_blinding(RSA* rsa, BN_CTX* ctx); 390 391 int RSA_padding_add_PKCS1_type_1(ubyte* to,int tlen, 392 const(ubyte)* f,int fl); 393 int RSA_padding_check_PKCS1_type_1(ubyte* to,int tlen, 394 const(ubyte)* f,int fl,int rsa_len); 395 int RSA_padding_add_PKCS1_type_2(ubyte* to,int tlen, 396 const(ubyte)* f,int fl); 397 int RSA_padding_check_PKCS1_type_2(ubyte* to,int tlen, 398 const(ubyte)* f,int fl,int rsa_len); 399 int PKCS1_MGF1(ubyte* mask, c_long len, 400 const(ubyte)* seed, c_long seedlen, const(EVP_MD)* dgst); 401 int RSA_padding_add_PKCS1_OAEP(ubyte* to,int tlen, 402 const(ubyte)* f,int fl, 403 const(ubyte)* p,int pl); 404 int RSA_padding_check_PKCS1_OAEP(ubyte* to,int tlen, 405 const(ubyte)* f,int fl,int rsa_len, 406 const(ubyte)* p,int pl); 407 int RSA_padding_add_SSLv23(ubyte* to,int tlen, 408 const(ubyte)* f,int fl); 409 int RSA_padding_check_SSLv23(ubyte* to,int tlen, 410 const(ubyte)* f,int fl,int rsa_len); 411 int RSA_padding_add_none(ubyte* to,int tlen, 412 const(ubyte)* f,int fl); 413 int RSA_padding_check_none(ubyte* to,int tlen, 414 const(ubyte)* f,int fl,int rsa_len); 415 int RSA_padding_add_X931(ubyte* to,int tlen, 416 const(ubyte)* f,int fl); 417 int RSA_padding_check_X931(ubyte* to,int tlen, 418 const(ubyte)* f,int fl,int rsa_len); 419 int RSA_X931_hash_id(int nid); 420 421 int RSA_verify_PKCS1_PSS(RSA* rsa, const(ubyte)* mHash, 422 const(EVP_MD)* Hash, const(ubyte)* EM, int sLen); 423 int RSA_padding_add_PKCS1_PSS(RSA* rsa, ubyte* EM, 424 const(ubyte)* mHash, 425 const(EVP_MD)* Hash, int sLen); 426 427 int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const(ubyte)* mHash, 428 const(EVP_MD)* Hash, const(EVP_MD)* mgf1Hash, 429 const(ubyte)* EM, int sLen); 430 431 int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, ubyte* EM, 432 const(ubyte)* mHash, 433 const(EVP_MD)* Hash, const(EVP_MD)* mgf1Hash, int sLen); 434 435 int RSA_get_ex_new_index(c_long argl, void* argp, CRYPTO_EX_new* new_func, 436 CRYPTO_EX_dup* dup_func, CRYPTO_EX_free* free_func); 437 int RSA_set_ex_data(RSA* r,int idx,void* arg); 438 void* RSA_get_ex_data(const(RSA)* r, int idx); 439 440 RSA* RSAPublicKey_dup(RSA* rsa); 441 RSA* RSAPrivateKey_dup(RSA* rsa); 442 443 /* If this flag is set the RSA method is FIPS compliant and can be used 444 * in FIPS mode. This is set in the validated module method. If an 445 * application sets this flag in its own methods it is its responsibility 446 * to ensure the result is compliant. 447 */ 448 449 enum RSA_FLAG_FIPS_METHOD = 0x0400; 450 451 /* If this flag is set the operations normally disabled in FIPS mode are 452 * permitted it is then the applications responsibility to ensure that the 453 * usage is compliant. 454 */ 455 456 enum RSA_FLAG_NON_FIPS_ALLOW = 0x0400; 457 /* Application has decided PRNG is good enough to generate a key: don't 458 * check. 459 */ 460 enum RSA_FLAG_CHECKED = 0x0800; 461 462 /* BEGIN ERROR CODES */ 463 /* The following lines are auto generated by the script mkerr.pl. Any changes 464 * made after this point may be overwritten when the script is next run. 465 */ 466 void ERR_load_RSA_strings(); 467 468 /* Error codes for the RSA functions. */ 469 470 /* Function codes. */ 471 enum RSA_F_CHECK_PADDING_MD = 140; 472 enum RSA_F_DO_RSA_PRINT = 146; 473 enum RSA_F_INT_RSA_VERIFY = 145; 474 enum RSA_F_MEMORY_LOCK = 100; 475 enum RSA_F_OLD_RSA_PRIV_DECODE = 147; 476 enum RSA_F_PKEY_RSA_CTRL = 143; 477 enum RSA_F_PKEY_RSA_CTRL_STR = 144; 478 enum RSA_F_PKEY_RSA_SIGN = 142; 479 enum RSA_F_PKEY_RSA_VERIFY = 154; 480 enum RSA_F_PKEY_RSA_VERIFYRECOVER = 141; 481 enum RSA_F_RSA_BUILTIN_KEYGEN = 129; 482 enum RSA_F_RSA_CHECK_KEY = 123; 483 enum RSA_F_RSA_EAY_PRIVATE_DECRYPT = 101; 484 enum RSA_F_RSA_EAY_PRIVATE_ENCRYPT = 102; 485 enum RSA_F_RSA_EAY_PUBLIC_DECRYPT = 103; 486 enum RSA_F_RSA_EAY_PUBLIC_ENCRYPT = 104; 487 enum RSA_F_RSA_GENERATE_KEY = 105; 488 enum RSA_F_RSA_GENERATE_KEY_EX = 155; 489 enum RSA_F_RSA_ITEM_VERIFY = 156; 490 enum RSA_F_RSA_MEMORY_LOCK = 130; 491 enum RSA_F_RSA_NEW_METHOD = 106; 492 enum RSA_F_RSA_NULL = 124; 493 enum RSA_F_RSA_NULL_MOD_EXP = 131; 494 enum RSA_F_RSA_NULL_PRIVATE_DECRYPT = 132; 495 enum RSA_F_RSA_NULL_PRIVATE_ENCRYPT = 133; 496 enum RSA_F_RSA_NULL_PUBLIC_DECRYPT = 134; 497 enum RSA_F_RSA_NULL_PUBLIC_ENCRYPT = 135; 498 enum RSA_F_RSA_PADDING_ADD_NONE = 107; 499 enum RSA_F_RSA_PADDING_ADD_PKCS1_OAEP = 121; 500 enum RSA_F_RSA_PADDING_ADD_PKCS1_PSS = 125; 501 enum RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1 = 148; 502 enum RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 = 108; 503 enum RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 = 109; 504 enum RSA_F_RSA_PADDING_ADD_SSLV23 = 110; 505 enum RSA_F_RSA_PADDING_ADD_X931 = 127; 506 enum RSA_F_RSA_PADDING_CHECK_NONE = 111; 507 enum RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP = 122; 508 enum RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1 = 112; 509 enum RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2 = 113; 510 enum RSA_F_RSA_PADDING_CHECK_SSLV23 = 114; 511 enum RSA_F_RSA_PADDING_CHECK_X931 = 128; 512 enum RSA_F_RSA_PRINT = 115; 513 enum RSA_F_RSA_PRINT_FP = 116; 514 enum RSA_F_RSA_PRIVATE_DECRYPT = 150; 515 enum RSA_F_RSA_PRIVATE_ENCRYPT = 151; 516 enum RSA_F_RSA_PRIV_DECODE = 137; 517 enum RSA_F_RSA_PRIV_ENCODE = 138; 518 enum RSA_F_RSA_PUBLIC_DECRYPT = 152; 519 enum RSA_F_RSA_PUBLIC_ENCRYPT = 153; 520 enum RSA_F_RSA_PUB_DECODE = 139; 521 enum RSA_F_RSA_SETUP_BLINDING = 136; 522 enum RSA_F_RSA_SIGN = 117; 523 enum RSA_F_RSA_SIGN_ASN1_OCTET_STRING = 118; 524 enum RSA_F_RSA_VERIFY = 119; 525 enum RSA_F_RSA_VERIFY_ASN1_OCTET_STRING = 120; 526 enum RSA_F_RSA_VERIFY_PKCS1_PSS = 126; 527 enum RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1 = 149 528 ; 529 /* Reason codes. */ 530 enum RSA_R_ALGORITHM_MISMATCH = 100; 531 enum RSA_R_BAD_E_VALUE = 101; 532 enum RSA_R_BAD_FIXED_HEADER_DECRYPT = 102; 533 enum RSA_R_BAD_PAD_BYTE_COUNT = 103; 534 enum RSA_R_BAD_SIGNATURE = 104; 535 enum RSA_R_BLOCK_TYPE_IS_NOT_01 = 106; 536 enum RSA_R_BLOCK_TYPE_IS_NOT_02 = 107; 537 enum RSA_R_DATA_GREATER_THAN_MOD_LEN = 108; 538 enum RSA_R_DATA_TOO_LARGE = 109; 539 enum RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE = 110; 540 enum RSA_R_DATA_TOO_LARGE_FOR_MODULUS = 132; 541 enum RSA_R_DATA_TOO_SMALL = 111; 542 enum RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE = 122; 543 enum RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY = 112; 544 enum RSA_R_DMP1_NOT_CONGRUENT_TO_D = 124; 545 enum RSA_R_DMQ1_NOT_CONGRUENT_TO_D = 125; 546 enum RSA_R_D_E_NOT_CONGRUENT_TO_1 = 123; 547 enum RSA_R_FIRST_OCTET_INVALID = 133; 548 enum RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE = 144; 549 enum RSA_R_INVALID_DIGEST_LENGTH = 143; 550 enum RSA_R_INVALID_HEADER = 137; 551 enum RSA_R_INVALID_KEYBITS = 145; 552 enum RSA_R_INVALID_MESSAGE_LENGTH = 131; 553 enum RSA_R_INVALID_MGF1_MD = 156; 554 enum RSA_R_INVALID_PADDING = 138; 555 enum RSA_R_INVALID_PADDING_MODE = 141; 556 enum RSA_R_INVALID_PSS_PARAMETERS = 149; 557 enum RSA_R_INVALID_PSS_SALTLEN = 146; 558 enum RSA_R_INVALID_SALT_LENGTH = 150; 559 enum RSA_R_INVALID_TRAILER = 139; 560 enum RSA_R_INVALID_X931_DIGEST = 142; 561 enum RSA_R_IQMP_NOT_INVERSE_OF_Q = 126; 562 enum RSA_R_KEY_SIZE_TOO_SMALL = 120; 563 enum RSA_R_LAST_OCTET_INVALID = 134; 564 enum RSA_R_MODULUS_TOO_LARGE = 105; 565 enum RSA_R_NON_FIPS_RSA_METHOD = 157; 566 enum RSA_R_NO_PUBLIC_EXPONENT = 140; 567 enum RSA_R_NULL_BEFORE_BLOCK_MISSING = 113; 568 enum RSA_R_N_DOES_NOT_EQUAL_P_Q = 127; 569 enum RSA_R_OAEP_DECODING_ERROR = 121; 570 enum RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE = 158; 571 enum RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE = 148; 572 enum RSA_R_PADDING_CHECK_FAILED = 114; 573 enum RSA_R_P_NOT_PRIME = 128; 574 enum RSA_R_Q_NOT_PRIME = 129; 575 enum RSA_R_RSA_OPERATIONS_NOT_SUPPORTED = 130; 576 enum RSA_R_SLEN_CHECK_FAILED = 136; 577 enum RSA_R_SLEN_RECOVERY_FAILED = 135; 578 enum RSA_R_SSLV3_ROLLBACK_ATTACK = 115; 579 enum RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD = 116; 580 enum RSA_R_UNKNOWN_ALGORITHM_TYPE = 117; 581 enum RSA_R_UNKNOWN_MASK_DIGEST = 151; 582 enum RSA_R_UNKNOWN_PADDING_TYPE = 118; 583 enum RSA_R_UNKNOWN_PSS_DIGEST = 152; 584 enum RSA_R_UNSUPPORTED_MASK_ALGORITHM = 153; 585 enum RSA_R_UNSUPPORTED_MASK_PARAMETER = 154; 586 enum RSA_R_UNSUPPORTED_SIGNATURE_TYPE = 155; 587 enum RSA_R_VALUE_MISSING = 147; 588 enum RSA_R_WRONG_SIGNATURE_LENGTH = 119;