--- /dev/null
+/* crypto/rsa/rsa.h */\r
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)\r
+ * All rights reserved.\r
+ *\r
+ * This package is an SSL implementation written\r
+ * by Eric Young (eay@cryptsoft.com).\r
+ * The implementation was written so as to conform with Netscapes SSL.\r
+ * \r
+ * This library is free for commercial and non-commercial use as long as\r
+ * the following conditions are aheared to. The following conditions\r
+ * apply to all code found in this distribution, be it the RC4, RSA,\r
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation\r
+ * included with this distribution is covered by the same copyright terms\r
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).\r
+ * \r
+ * Copyright remains Eric Young's, and as such any Copyright notices in\r
+ * the code are not to be removed.\r
+ * If this package is used in a product, Eric Young should be given attribution\r
+ * as the author of the parts of the library used.\r
+ * This can be in the form of a textual message at program startup or\r
+ * in documentation (online or textual) provided with the package.\r
+ * \r
+ * Redistribution and use in source and binary forms, with or without\r
+ * modification, are permitted provided that the following conditions\r
+ * are met:\r
+ * 1. Redistributions of source code must retain the copyright\r
+ * notice, this list of conditions and the following disclaimer.\r
+ * 2. Redistributions in binary form must reproduce the above copyright\r
+ * notice, this list of conditions and the following disclaimer in the\r
+ * documentation and/or other materials provided with the distribution.\r
+ * 3. All advertising materials mentioning features or use of this software\r
+ * must display the following acknowledgement:\r
+ * "This product includes cryptographic software written by\r
+ * Eric Young (eay@cryptsoft.com)"\r
+ * The word 'cryptographic' can be left out if the rouines from the library\r
+ * being used are not cryptographic related :-).\r
+ * 4. If you include any Windows specific code (or a derivative thereof) from \r
+ * the apps directory (application code) you must include an acknowledgement:\r
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"\r
+ * \r
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND\r
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE\r
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE\r
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE\r
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL\r
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS\r
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)\r
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT\r
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY\r
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF\r
+ * SUCH DAMAGE.\r
+ * \r
+ * The licence and distribution terms for any publically available version or\r
+ * derivative of this code cannot be changed. i.e. this code cannot simply be\r
+ * copied and put under another distribution licence\r
+ * [including the GNU Public Licence.]\r
+ */\r
+\r
+#ifndef HEADER_RSA_H\r
+#define HEADER_RSA_H\r
+\r
+#include <openssl/asn1.h>\r
+\r
+#ifndef OPENSSL_NO_BIO\r
+#include <openssl/bio.h>\r
+#endif\r
+#include <openssl/crypto.h>\r
+#include <openssl/ossl_typ.h>\r
+#ifndef OPENSSL_NO_DEPRECATED\r
+#include <openssl/bn.h>\r
+#endif\r
+\r
+#ifdef OPENSSL_NO_RSA\r
+#error RSA is disabled.\r
+#endif\r
+\r
+#ifdef __cplusplus\r
+extern "C" {\r
+#endif\r
+\r
+/* Declared already in ossl_typ.h */\r
+/* typedef struct rsa_st RSA; */\r
+/* typedef struct rsa_meth_st RSA_METHOD; */\r
+\r
+struct rsa_meth_st\r
+ {\r
+ const char *name;\r
+ int (*rsa_pub_enc)(int flen,const unsigned char *from,\r
+ unsigned char *to,\r
+ RSA *rsa,int padding);\r
+ int (*rsa_pub_dec)(int flen,const unsigned char *from,\r
+ unsigned char *to,\r
+ RSA *rsa,int padding);\r
+ int (*rsa_priv_enc)(int flen,const unsigned char *from,\r
+ unsigned char *to,\r
+ RSA *rsa,int padding);\r
+ int (*rsa_priv_dec)(int flen,const unsigned char *from,\r
+ unsigned char *to,\r
+ RSA *rsa,int padding);\r
+ int (*rsa_mod_exp)(BIGNUM *r0,const BIGNUM *I,RSA *rsa,BN_CTX *ctx); /* Can be null */\r
+ int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,\r
+ const BIGNUM *m, BN_CTX *ctx,\r
+ BN_MONT_CTX *m_ctx); /* Can be null */\r
+ int (*init)(RSA *rsa); /* called at new */\r
+ int (*finish)(RSA *rsa); /* called at free */\r
+ int flags; /* RSA_METHOD_FLAG_* things */\r
+ char *app_data; /* may be needed! */\r
+/* New sign and verify functions: some libraries don't allow arbitrary data\r
+ * to be signed/verified: this allows them to be used. Note: for this to work\r
+ * the RSA_public_decrypt() and RSA_private_encrypt() should *NOT* be used\r
+ * RSA_sign(), RSA_verify() should be used instead. Note: for backwards\r
+ * compatibility this functionality is only enabled if the RSA_FLAG_SIGN_VER\r
+ * option is set in 'flags'.\r
+ */\r
+ int (*rsa_sign)(int type,\r
+ const unsigned char *m, unsigned int m_length,\r
+ unsigned char *sigret, unsigned int *siglen, const RSA *rsa);\r
+ int (*rsa_verify)(int dtype,\r
+ const unsigned char *m, unsigned int m_length,\r
+ unsigned char *sigbuf, unsigned int siglen, const RSA *rsa);\r
+/* If this callback is NULL, the builtin software RSA key-gen will be used. This\r
+ * is for behavioural compatibility whilst the code gets rewired, but one day\r
+ * it would be nice to assume there are no such things as "builtin software"\r
+ * implementations. */\r
+ int (*rsa_keygen)(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);\r
+ };\r
+\r
+struct rsa_st\r
+ {\r
+ /* The first parameter is used to pickup errors where\r
+ * this is passed instead of aEVP_PKEY, it is set to 0 */\r
+ int pad;\r
+ long version;\r
+ const RSA_METHOD *meth;\r
+ /* functional reference if 'meth' is ENGINE-provided */\r
+ ENGINE *engine;\r
+ BIGNUM *n;\r
+ BIGNUM *e;\r
+ BIGNUM *d;\r
+ BIGNUM *p;\r
+ BIGNUM *q;\r
+ BIGNUM *dmp1;\r
+ BIGNUM *dmq1;\r
+ BIGNUM *iqmp;\r
+ /* be careful using this if the RSA structure is shared */\r
+ CRYPTO_EX_DATA ex_data;\r
+ int references;\r
+ int flags;\r
+\r
+ /* Used to cache montgomery values */\r
+ BN_MONT_CTX *_method_mod_n;\r
+ BN_MONT_CTX *_method_mod_p;\r
+ BN_MONT_CTX *_method_mod_q;\r
+\r
+ /* all BIGNUM values are actually in the following data, if it is not\r
+ * NULL */\r
+ char *bignum_data;\r
+ BN_BLINDING *blinding;\r
+ BN_BLINDING *mt_blinding;\r
+ };\r
+\r
+#define RSA_3 0x3L\r
+#define RSA_F4 0x10001L\r
+\r
+#define RSA_METHOD_FLAG_NO_CHECK 0x0001 /* don't check pub/private match */\r
+\r
+#define RSA_FLAG_CACHE_PUBLIC 0x0002\r
+#define RSA_FLAG_CACHE_PRIVATE 0x0004\r
+#define RSA_FLAG_BLINDING 0x0008\r
+#define RSA_FLAG_THREAD_SAFE 0x0010\r
+/* This flag means the private key operations will be handled by rsa_mod_exp\r
+ * and that they do not depend on the private key components being present:\r
+ * for example a key stored in external hardware. Without this flag bn_mod_exp\r
+ * gets called when private key components are absent.\r
+ */\r
+#define RSA_FLAG_EXT_PKEY 0x0020\r
+\r
+/* This flag in the RSA_METHOD enables the new rsa_sign, rsa_verify functions.\r
+ */\r
+#define RSA_FLAG_SIGN_VER 0x0040\r
+\r
+#define RSA_FLAG_NO_BLINDING 0x0080 /* new with 0.9.6j and 0.9.7b; the built-in\r
+ * RSA implementation now uses blinding by\r
+ * default (ignoring RSA_FLAG_BLINDING),\r
+ * but other engines might not need it\r
+ */\r
+#define RSA_FLAG_NO_EXP_CONSTTIME 0x0100 /* new with 0.9.7h; the built-in RSA\r
+ * implementation now uses constant time\r
+ * modular exponentiation for secret exponents\r
+ * by default. This flag causes the\r
+ * faster variable sliding window method to\r
+ * be used for all exponents.\r
+ */\r
+\r
+#define RSA_PKCS1_PADDING 1\r
+#define RSA_SSLV23_PADDING 2\r
+#define RSA_NO_PADDING 3\r
+#define RSA_PKCS1_OAEP_PADDING 4\r
+#define RSA_X931_PADDING 5\r
+\r
+#define RSA_PKCS1_PADDING_SIZE 11\r
+\r
+#define RSA_set_app_data(s,arg) RSA_set_ex_data(s,0,arg)\r
+#define RSA_get_app_data(s) RSA_get_ex_data(s,0)\r
+\r
+RSA * RSA_new(void);\r
+RSA * RSA_new_method(ENGINE *engine);\r
+int RSA_size(const RSA *);\r
+\r
+/* Deprecated version */\r
+#ifndef OPENSSL_NO_DEPRECATED\r
+RSA * RSA_generate_key(int bits, unsigned long e,void\r
+ (*callback)(int,int,void *),void *cb_arg);\r
+#endif /* !defined(OPENSSL_NO_DEPRECATED) */\r
+\r
+/* New version */\r
+int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);\r
+\r
+int RSA_check_key(const RSA *);\r
+ /* next 4 return -1 on error */\r
+int RSA_public_encrypt(int flen, const unsigned char *from,\r
+ unsigned char *to, RSA *rsa,int padding);\r
+int RSA_private_encrypt(int flen, const unsigned char *from,\r
+ unsigned char *to, RSA *rsa,int padding);\r
+int RSA_public_decrypt(int flen, const unsigned char *from, \r
+ unsigned char *to, RSA *rsa,int padding);\r
+int RSA_private_decrypt(int flen, const unsigned char *from, \r
+ unsigned char *to, RSA *rsa,int padding);\r
+void RSA_free (RSA *r);\r
+/* "up" the RSA object's reference count */\r
+int RSA_up_ref(RSA *r);\r
+\r
+int RSA_flags(const RSA *r);\r
+\r
+void RSA_set_default_method(const RSA_METHOD *meth);\r
+const RSA_METHOD *RSA_get_default_method(void);\r
+const RSA_METHOD *RSA_get_method(const RSA *rsa);\r
+int RSA_set_method(RSA *rsa, const RSA_METHOD *meth);\r
+\r
+/* This function needs the memory locking malloc callbacks to be installed */\r
+int RSA_memory_lock(RSA *r);\r
+\r
+/* these are the actual SSLeay RSA functions */\r
+const RSA_METHOD *RSA_PKCS1_SSLeay(void);\r
+\r
+const RSA_METHOD *RSA_null_method(void);\r
+\r
+DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPublicKey)\r
+DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPrivateKey)\r
+\r
+#ifndef OPENSSL_NO_FP_API\r
+int RSA_print_fp(FILE *fp, const RSA *r,int offset);\r
+#endif\r
+\r
+#ifndef OPENSSL_NO_BIO\r
+int RSA_print(BIO *bp, const RSA *r,int offset);\r
+#endif\r
+\r
+int i2d_RSA_NET(const RSA *a, unsigned char **pp,\r
+ int (*cb)(char *buf, int len, const char *prompt, int verify),\r
+ int sgckey);\r
+RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length,\r
+ int (*cb)(char *buf, int len, const char *prompt, int verify),\r
+ int sgckey);\r
+\r
+int i2d_Netscape_RSA(const RSA *a, unsigned char **pp,\r
+ int (*cb)(char *buf, int len, const char *prompt,\r
+ int verify));\r
+RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length,\r
+ int (*cb)(char *buf, int len, const char *prompt,\r
+ int verify));\r
+\r
+/* The following 2 functions sign and verify a X509_SIG ASN1 object\r
+ * inside PKCS#1 padded RSA encryption */\r
+int RSA_sign(int type, const unsigned char *m, unsigned int m_length,\r
+ unsigned char *sigret, unsigned int *siglen, RSA *rsa);\r
+int RSA_verify(int type, const unsigned char *m, unsigned int m_length,\r
+ unsigned char *sigbuf, unsigned int siglen, RSA *rsa);\r
+\r
+/* The following 2 function sign and verify a ASN1_OCTET_STRING\r
+ * object inside PKCS#1 padded RSA encryption */\r
+int RSA_sign_ASN1_OCTET_STRING(int type,\r
+ const unsigned char *m, unsigned int m_length,\r
+ unsigned char *sigret, unsigned int *siglen, RSA *rsa);\r
+int RSA_verify_ASN1_OCTET_STRING(int type,\r
+ const unsigned char *m, unsigned int m_length,\r
+ unsigned char *sigbuf, unsigned int siglen, RSA *rsa);\r
+\r
+int RSA_blinding_on(RSA *rsa, BN_CTX *ctx);\r
+void RSA_blinding_off(RSA *rsa);\r
+BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *ctx);\r
+\r
+int RSA_padding_add_PKCS1_type_1(unsigned char *to,int tlen,\r
+ const unsigned char *f,int fl);\r
+int RSA_padding_check_PKCS1_type_1(unsigned char *to,int tlen,\r
+ const unsigned char *f,int fl,int rsa_len);\r
+int RSA_padding_add_PKCS1_type_2(unsigned char *to,int tlen,\r
+ const unsigned char *f,int fl);\r
+int RSA_padding_check_PKCS1_type_2(unsigned char *to,int tlen,\r
+ const unsigned char *f,int fl,int rsa_len);\r
+int PKCS1_MGF1(unsigned char *mask, long len,\r
+ const unsigned char *seed, long seedlen, const EVP_MD *dgst);\r
+int RSA_padding_add_PKCS1_OAEP(unsigned char *to,int tlen,\r
+ const unsigned char *f,int fl,\r
+ const unsigned char *p,int pl);\r
+int RSA_padding_check_PKCS1_OAEP(unsigned char *to,int tlen,\r
+ const unsigned char *f,int fl,int rsa_len,\r
+ const unsigned char *p,int pl);\r
+int RSA_padding_add_SSLv23(unsigned char *to,int tlen,\r
+ const unsigned char *f,int fl);\r
+int RSA_padding_check_SSLv23(unsigned char *to,int tlen,\r
+ const unsigned char *f,int fl,int rsa_len);\r
+int RSA_padding_add_none(unsigned char *to,int tlen,\r
+ const unsigned char *f,int fl);\r
+int RSA_padding_check_none(unsigned char *to,int tlen,\r
+ const unsigned char *f,int fl,int rsa_len);\r
+int RSA_padding_add_X931(unsigned char *to,int tlen,\r
+ const unsigned char *f,int fl);\r
+int RSA_padding_check_X931(unsigned char *to,int tlen,\r
+ const unsigned char *f,int fl,int rsa_len);\r
+int RSA_X931_hash_id(int nid);\r
+\r
+int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,\r
+ const EVP_MD *Hash, const unsigned char *EM, int sLen);\r
+int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM,\r
+ const unsigned char *mHash,\r
+ const EVP_MD *Hash, int sLen);\r
+\r
+int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,\r
+ CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);\r
+int RSA_set_ex_data(RSA *r,int idx,void *arg);\r
+void *RSA_get_ex_data(const RSA *r, int idx);\r
+\r
+RSA *RSAPublicKey_dup(RSA *rsa);\r
+RSA *RSAPrivateKey_dup(RSA *rsa);\r
+\r
+/* BEGIN ERROR CODES */\r
+/* The following lines are auto generated by the script mkerr.pl. Any changes\r
+ * made after this point may be overwritten when the script is next run.\r
+ */\r
+void ERR_load_RSA_strings(void);\r
+\r
+/* Error codes for the RSA functions. */\r
+\r
+/* Function codes. */\r
+#define RSA_F_MEMORY_LOCK 100\r
+#define RSA_F_RSA_BUILTIN_KEYGEN 129\r
+#define RSA_F_RSA_CHECK_KEY 123\r
+#define RSA_F_RSA_EAY_PRIVATE_DECRYPT 101\r
+#define RSA_F_RSA_EAY_PRIVATE_ENCRYPT 102\r
+#define RSA_F_RSA_EAY_PUBLIC_DECRYPT 103\r
+#define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 104\r
+#define RSA_F_RSA_GENERATE_KEY 105\r
+#define RSA_F_RSA_MEMORY_LOCK 130\r
+#define RSA_F_RSA_NEW_METHOD 106\r
+#define RSA_F_RSA_NULL 124\r
+#define RSA_F_RSA_NULL_MOD_EXP 131\r
+#define RSA_F_RSA_NULL_PRIVATE_DECRYPT 132\r
+#define RSA_F_RSA_NULL_PRIVATE_ENCRYPT 133\r
+#define RSA_F_RSA_NULL_PUBLIC_DECRYPT 134\r
+#define RSA_F_RSA_NULL_PUBLIC_ENCRYPT 135\r
+#define RSA_F_RSA_PADDING_ADD_NONE 107\r
+#define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP 121\r
+#define RSA_F_RSA_PADDING_ADD_PKCS1_PSS 125\r
+#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 108\r
+#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 109\r
+#define RSA_F_RSA_PADDING_ADD_SSLV23 110\r
+#define RSA_F_RSA_PADDING_ADD_X931 127\r
+#define RSA_F_RSA_PADDING_CHECK_NONE 111\r
+#define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP 122\r
+#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1 112\r
+#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2 113\r
+#define RSA_F_RSA_PADDING_CHECK_SSLV23 114\r
+#define RSA_F_RSA_PADDING_CHECK_X931 128\r
+#define RSA_F_RSA_PRINT 115\r
+#define RSA_F_RSA_PRINT_FP 116\r
+#define RSA_F_RSA_SETUP_BLINDING 136\r
+#define RSA_F_RSA_SIGN 117\r
+#define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 118\r
+#define RSA_F_RSA_VERIFY 119\r
+#define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 120\r
+#define RSA_F_RSA_VERIFY_PKCS1_PSS 126\r
+\r
+/* Reason codes. */\r
+#define RSA_R_ALGORITHM_MISMATCH 100\r
+#define RSA_R_BAD_E_VALUE 101\r
+#define RSA_R_BAD_FIXED_HEADER_DECRYPT 102\r
+#define RSA_R_BAD_PAD_BYTE_COUNT 103\r
+#define RSA_R_BAD_SIGNATURE 104\r
+#define RSA_R_BLOCK_TYPE_IS_NOT_01 106\r
+#define RSA_R_BLOCK_TYPE_IS_NOT_02 107\r
+#define RSA_R_DATA_GREATER_THAN_MOD_LEN 108\r
+#define RSA_R_DATA_TOO_LARGE 109\r
+#define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 110\r
+#define RSA_R_DATA_TOO_LARGE_FOR_MODULUS 132\r
+#define RSA_R_DATA_TOO_SMALL 111\r
+#define RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE 122\r
+#define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY 112\r
+#define RSA_R_DMP1_NOT_CONGRUENT_TO_D 124\r
+#define RSA_R_DMQ1_NOT_CONGRUENT_TO_D 125\r
+#define RSA_R_D_E_NOT_CONGRUENT_TO_1 123\r
+#define RSA_R_FIRST_OCTET_INVALID 133\r
+#define RSA_R_INVALID_HEADER 137\r
+#define RSA_R_INVALID_MESSAGE_LENGTH 131\r
+#define RSA_R_INVALID_PADDING 138\r
+#define RSA_R_INVALID_TRAILER 139\r
+#define RSA_R_IQMP_NOT_INVERSE_OF_Q 126\r
+#define RSA_R_KEY_SIZE_TOO_SMALL 120\r
+#define RSA_R_LAST_OCTET_INVALID 134\r
+#define RSA_R_NO_PUBLIC_EXPONENT 140\r
+#define RSA_R_NULL_BEFORE_BLOCK_MISSING 113\r
+#define RSA_R_N_DOES_NOT_EQUAL_P_Q 127\r
+#define RSA_R_OAEP_DECODING_ERROR 121\r
+#define RSA_R_SLEN_RECOVERY_FAILED 135\r
+#define RSA_R_PADDING_CHECK_FAILED 114\r
+#define RSA_R_P_NOT_PRIME 128\r
+#define RSA_R_Q_NOT_PRIME 129\r
+#define RSA_R_RSA_OPERATIONS_NOT_SUPPORTED 130\r
+#define RSA_R_SSLV3_ROLLBACK_ATTACK 115\r
+#define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116\r
+#define RSA_R_UNKNOWN_ALGORITHM_TYPE 117\r
+#define RSA_R_UNKNOWN_PADDING_TYPE 118\r
+#define RSA_R_WRONG_SIGNATURE_LENGTH 119\r
+#define RSA_R_SLEN_CHECK_FAILED 136\r
+\r
+#ifdef __cplusplus\r
+}\r
+#endif\r
+#endif\r