iBoot/lib/pki/libgRSA/rsaPadding.h

98 lines
3.0 KiB
C
Raw Normal View History

2023-07-08 13:03:17 -07:00
/* Copyright (c) 2005-2007 Apple Inc. All Rights Reserved. */
/*
* rsaPadding.h - PKCS1 and OAEP padding support.
*
* Created Aug. 10 2005 by Doug Mitchell.
*/
#ifndef _LIBGRSA_RSA_PADDING_H_
#define _LIBGRSA_RSA_PADDING_H_
#include <libgRSA/libgRSA.h>
#include <libGiants/giantIntegers.h>
#ifdef __cplusplus
extern "C" {
#endif
/* PKCS1 padding markers */
#define RSA_PKCS1_PAD_SIGN 0x01
#define RSA_PKCS1_PAD_ENCRYPT 0x02
/*
* RP_None padding routines - just check length and convert between
* byte array and giant
*/
RSAStatus rsaAddNoPadding(
const unsigned char *plainText,
gi_uint16 plainTextLen,
giant result); /* RETURNED */
RSAStatus rsaCheckNoPadding(
giant decryptResult,
unsigned char *plainText, /* data RETURNED here */
gi_uint16 *plainTextLen); /* IN/OUT */
/*
* Specialized "no padding" check for signature verify operation.
* We don't deserialize the decrypted giant; we do a byte-for-
* byte compare of the expected decrypted value against memory
* passed in to us, in-place in the decrypted giant.
* This saves two stack-allocated byte arrays, each of
* MAX_PRIME_SIZE_BYTES - one here, and one in RSA_SigVerify().
*/
RSAStatus rsaCheckNoPaddingForSigVfy(
giant decryptResult,
const unsigned char *expectPlainText,
gi_uint16 expectPlainTextLen);
RSAStatus rsaAddPkcs1Padding(
const unsigned char *plainText,
gi_uint16 plainTextLen,
gi_uint16 totalLength, /* intended total length */
unsigned char padMarker, /* RSA_PKCS1_PAD_{SIGN,ENCRYPT} */
RSARngCallback *rngCallback, /* required for RP_PKCS1, RP_OAEP */
giant result);
/*
* Given decrypted plaintext in the form of a giant, which should
* be the same size as n, verify proper PKCS1 padding and copy
* resulting plaintext and length into caller-supplied buffer.
* On entry, *plainTextLen indicates the size of the available
* plaintext buffer. On return, *plainTextLen indicates the
* number of valid bytes of plaintext recovered.
*/
RSAStatus rsaCheckPkcs1Padding(
giant decryptResult,
unsigned char padMarker, /* RSA_PKCS1_PAD_{SIGN,ENCRYPT} */
unsigned char *plainText, /* data RETURNED here */
gi_uint16 *plainTextLen); /* IN/OUT */
/*
* Specialized PKCS1 padding check for signature verify operation.
* We don't deserialize the decrypted giant; we check for padding
* in place (in the decrypted giant's n[]), AND we do a byte-for-
* byte compare of the expected decrypted value against memory
* passed in to us. This saves two stack-allocated byte arrays,
* each of MAX_PRIME_SIZE_BYTES - one here, and one in RSA_SigVerify().
*
* Returns:
* -- RSA_Success, padding good and result compares OK
* -- RSA_VerifyFail, padding good but data miscompare
* -- RSA_BadSigFormat, bad padding
* -- RSA_Overflow, expectPlainText too big for this key with PKCS1 padding
* -- else usual gross errors
*/
RSAStatus rsaCheckPkcs1PaddingForSigVfy(
giant decryptResult,
const unsigned char *expectPlainText,
gi_uint16 expectPlainTextLen);
#ifdef __cplusplus
}
#endif
#endif /* _LIBGRSA_RSA_PADDING_H_ */