/* nettle, low-level cryptographics library
*
- * Copyright (C) 2001, 2002 Niels Möller
+ * Copyright (C) 2001, 2002 Niels Möller
*
* The nettle library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
*
* You should have received a copy of the GNU Lesser General Public License
* along with the nettle library; see the file COPYING.LIB. If not, write to
- * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
- * MA 02111-1307, USA.
+ * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ * MA 02111-1301, USA.
*/
#ifndef NETTLE_RSA_H_INCLUDED
#include "nettle-types.h"
#include "md5.h"
-#include "sha.h"
-
-/* For nettle_random_func */
-#include "nettle-meta.h"
+#include "sha1.h"
+#include "sha2.h"
#ifdef __cplusplus
extern "C" {
#define rsa_private_key_init nettle_rsa_private_key_init
#define rsa_private_key_clear nettle_rsa_private_key_clear
#define rsa_private_key_prepare nettle_rsa_private_key_prepare
+#define rsa_pkcs1_verify nettle_rsa_pkcs1_verify
+#define rsa_pkcs1_sign nettle_rsa_pkcs1_sign
+#define rsa_pkcs1_sign_tr nettle_rsa_pkcs1_sign_tr
#define rsa_md5_sign nettle_rsa_md5_sign
#define rsa_md5_verify nettle_rsa_md5_verify
#define rsa_sha1_sign nettle_rsa_sha1_sign
#define rsa_sha512_verify_digest nettle_rsa_sha512_verify_digest
#define rsa_encrypt nettle_rsa_encrypt
#define rsa_decrypt nettle_rsa_decrypt
+#define rsa_decrypt_tr nettle_rsa_decrypt_tr
#define rsa_compute_root nettle_rsa_compute_root
#define rsa_generate_keypair nettle_rsa_generate_keypair
#define rsa_keypair_to_sexp nettle_rsa_keypair_to_sexp
#define rsa_keypair_to_openpgp nettle_rsa_keypair_to_openpgp
#define _rsa_verify _nettle_rsa_verify
#define _rsa_check_size _nettle_rsa_check_size
+#define _rsa_blind _nettle_rsa_blind
+#define _rsa_unblind _nettle_rsa_unblind
/* This limit is somewhat arbitrary. Technically, the smallest modulo
which makes sense at all is 15 = 3*5, phi(15) = 8, size 4 bits. But
/* PKCS#1 style signatures */
int
+rsa_pkcs1_sign(const struct rsa_private_key *key,
+ unsigned length, const uint8_t *digest_info,
+ mpz_t s);
+
+int
+rsa_pkcs1_sign_tr(const struct rsa_public_key *pub,
+ const struct rsa_private_key *key,
+ void *random_ctx, nettle_random_func *random,
+ unsigned length, const uint8_t *digest_info,
+ mpz_t s);
+int
+rsa_pkcs1_verify(const struct rsa_public_key *key,
+ unsigned length, const uint8_t *digest_info,
+ const mpz_t signature);
+
+int
rsa_md5_sign(const struct rsa_private_key *key,
struct md5_ctx *hash,
mpz_t signature);
int
rsa_encrypt(const struct rsa_public_key *key,
/* For padding */
- void *random_ctx, nettle_random_func random,
+ void *random_ctx, nettle_random_func *random,
unsigned length, const uint8_t *cleartext,
mpz_t cipher);
unsigned *length, uint8_t *cleartext,
const mpz_t ciphertext);
+/* Timing-resistant version, using randomized RSA blinding. */
+int
+rsa_decrypt_tr(const struct rsa_public_key *pub,
+ const struct rsa_private_key *key,
+ void *random_ctx, nettle_random_func *random,
+ unsigned *length, uint8_t *message,
+ const mpz_t gibberish);
+
/* Compute x, the e:th root of m. Calling it with x == m is allowed. */
void
rsa_compute_root(const struct rsa_private_key *key,
rsa_generate_keypair(struct rsa_public_key *pub,
struct rsa_private_key *key,
- void *random_ctx, nettle_random_func random,
- void *progress_ctx, nettle_progress_func progress,
+ void *random_ctx, nettle_random_func *random,
+ void *progress_ctx, nettle_progress_func *progress,
/* Desired size of modulo, in bits */
unsigned n_size,
unsigned
_rsa_check_size(mpz_t n);
+void
+_rsa_blind (const struct rsa_public_key *pub,
+ void *random_ctx, nettle_random_func *random,
+ mpz_t c, mpz_t ri);
+void
+_rsa_unblind (const struct rsa_public_key *pub, mpz_t c, const mpz_t ri);
+
#ifdef __cplusplus
}
#endif