10Sstevel@tonic-gate /* 20Sstevel@tonic-gate * CDDL HEADER START 30Sstevel@tonic-gate * 40Sstevel@tonic-gate * The contents of this file are subject to the terms of the 50Sstevel@tonic-gate * Common Development and Distribution License, Version 1.0 only 60Sstevel@tonic-gate * (the "License"). You may not use this file except in compliance 70Sstevel@tonic-gate * with the License. 80Sstevel@tonic-gate * 90Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 100Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 110Sstevel@tonic-gate * See the License for the specific language governing permissions 120Sstevel@tonic-gate * and limitations under the License. 130Sstevel@tonic-gate * 140Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 150Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 160Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 170Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 180Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 190Sstevel@tonic-gate * 200Sstevel@tonic-gate * CDDL HEADER END 210Sstevel@tonic-gate */ 220Sstevel@tonic-gate /* 23*676Sizick * Copyright 2005 Sun Microsystems, Inc. All rights reserved. 240Sstevel@tonic-gate * Use is subject to license terms. 250Sstevel@tonic-gate */ 260Sstevel@tonic-gate 270Sstevel@tonic-gate #ifndef _RSA_IMPL_H 280Sstevel@tonic-gate #define _RSA_IMPL_H 290Sstevel@tonic-gate 300Sstevel@tonic-gate #pragma ident "%Z%%M% %I% %E% SMI" 310Sstevel@tonic-gate 320Sstevel@tonic-gate #ifdef __cplusplus 330Sstevel@tonic-gate extern "C" { 340Sstevel@tonic-gate #endif 350Sstevel@tonic-gate 360Sstevel@tonic-gate #include <sys/types.h> 370Sstevel@tonic-gate #include <bignum.h> 380Sstevel@tonic-gate 390Sstevel@tonic-gate #define MIN_RSA_KEYLENGTH_IN_BYTES 32 400Sstevel@tonic-gate #define MAX_RSA_KEYLENGTH_IN_BYTES 512 410Sstevel@tonic-gate #define RSA_MIN_KEY_LEN 256 /* RSA min key length in bits */ 420Sstevel@tonic-gate #define RSA_MAX_KEY_LEN 4096 /* RSA max key length in bits */ 430Sstevel@tonic-gate 440Sstevel@tonic-gate #define MIN_PKCS1_PADLEN 11 450Sstevel@tonic-gate 460Sstevel@tonic-gate #ifdef _KERNEL 470Sstevel@tonic-gate 480Sstevel@tonic-gate #include <sys/sunddi.h> 490Sstevel@tonic-gate #include <sys/crypto/common.h> 500Sstevel@tonic-gate 510Sstevel@tonic-gate #define CK_BYTE uchar_t 520Sstevel@tonic-gate #define CK_ULONG ulong_t 530Sstevel@tonic-gate #define CK_RV int 540Sstevel@tonic-gate #define CKR_OK CRYPTO_SUCCESS 550Sstevel@tonic-gate #define CKR_HOST_MEMORY CRYPTO_HOST_MEMORY 560Sstevel@tonic-gate #define CKR_DATA_LEN_RANGE CRYPTO_DATA_LEN_RANGE 570Sstevel@tonic-gate #define CKR_ENCRYPTED_DATA_INVALID CRYPTO_ENCRYPTED_DATA_INVALID 580Sstevel@tonic-gate #define CKR_SIGNATURE_INVALID CRYPTO_SIGNATURE_INVALID 590Sstevel@tonic-gate #define CKR_FUNCTION_FAILED CRYPTO_NOT_SUPPORTED 600Sstevel@tonic-gate 610Sstevel@tonic-gate #else 620Sstevel@tonic-gate 630Sstevel@tonic-gate #include <security/cryptoki.h> 640Sstevel@tonic-gate #include <security/pkcs11t.h> 650Sstevel@tonic-gate 660Sstevel@tonic-gate #endif /* _KERNEL */ 670Sstevel@tonic-gate 680Sstevel@tonic-gate #define MD5_DER_PREFIX_Len 18 690Sstevel@tonic-gate #define SHA1_DER_PREFIX_Len 15 70*676Sizick #define SHA2_DER_PREFIX_Len 19 710Sstevel@tonic-gate 720Sstevel@tonic-gate extern const CK_BYTE MD5_DER_PREFIX[MD5_DER_PREFIX_Len]; 730Sstevel@tonic-gate extern const CK_BYTE SHA1_DER_PREFIX[SHA1_DER_PREFIX_Len]; 74*676Sizick extern const CK_BYTE SHA256_DER_PREFIX[SHA2_DER_PREFIX_Len]; 75*676Sizick extern const CK_BYTE SHA384_DER_PREFIX[SHA2_DER_PREFIX_Len]; 76*676Sizick extern const CK_BYTE SHA512_DER_PREFIX[SHA2_DER_PREFIX_Len]; 770Sstevel@tonic-gate 780Sstevel@tonic-gate typedef struct { 790Sstevel@tonic-gate int size; /* key size in bits */ 800Sstevel@tonic-gate BIGNUM p; /* p */ 810Sstevel@tonic-gate BIGNUM q; /* q */ 820Sstevel@tonic-gate BIGNUM n; /* n = p * q (the modulus) */ 830Sstevel@tonic-gate BIGNUM d; /* private exponent */ 840Sstevel@tonic-gate BIGNUM e; /* public exponent */ 850Sstevel@tonic-gate BIGNUM dmodpminus1; /* d mod (p - 1) */ 860Sstevel@tonic-gate BIGNUM dmodqminus1; /* d mod (q - 1) */ 870Sstevel@tonic-gate BIGNUM pinvmodq; /* p^(-1) mod q */ 880Sstevel@tonic-gate BIGNUM p_rr; /* 2^(2*(32*p->len)) mod p */ 890Sstevel@tonic-gate BIGNUM q_rr; /* 2^(2*(32*q->len)) mod q */ 900Sstevel@tonic-gate BIGNUM n_rr; /* 2^(2*(32*n->len)) mod n */ 910Sstevel@tonic-gate } RSAkey; 920Sstevel@tonic-gate 930Sstevel@tonic-gate 940Sstevel@tonic-gate BIG_ERR_CODE RSA_key_init(RSAkey *key, int psize, int qsize); 950Sstevel@tonic-gate void RSA_key_finish(RSAkey *key); 960Sstevel@tonic-gate 970Sstevel@tonic-gate CK_RV soft_encrypt_rsa_pkcs_encode(uint8_t *databuf, 980Sstevel@tonic-gate size_t datalen, uint8_t *padbuf, size_t padbuflen); 990Sstevel@tonic-gate CK_RV soft_decrypt_rsa_pkcs_decode(uint8_t *padbuf, int *plen); 1000Sstevel@tonic-gate 1010Sstevel@tonic-gate CK_RV soft_sign_rsa_pkcs_encode(uint8_t *pData, size_t dataLen, 1020Sstevel@tonic-gate uint8_t *data, size_t mbit_l); 1030Sstevel@tonic-gate CK_RV soft_verify_rsa_pkcs_decode(uint8_t *data, int *mbit_l); 1040Sstevel@tonic-gate 1050Sstevel@tonic-gate #ifdef _KERNEL 1060Sstevel@tonic-gate int knzero_random_generator(uint8_t *ran_out, size_t ran_len); 1070Sstevel@tonic-gate void kmemset(uint8_t *buf, char pattern, size_t len); 1080Sstevel@tonic-gate #endif 1090Sstevel@tonic-gate 1100Sstevel@tonic-gate #ifdef __cplusplus 1110Sstevel@tonic-gate } 1120Sstevel@tonic-gate #endif 1130Sstevel@tonic-gate 1140Sstevel@tonic-gate #endif /* _RSA_IMPL_H */ 115