rsa.h   rsa.h 
skipping to change at line 154 skipping to change at line 154
mpi P; /*!< 1st prime factor */ mpi P; /*!< 1st prime factor */
mpi Q; /*!< 2nd prime factor */ mpi Q; /*!< 2nd prime factor */
mpi DP; /*!< D % (P - 1) */ mpi DP; /*!< D % (P - 1) */
mpi DQ; /*!< D % (Q - 1) */ mpi DQ; /*!< D % (Q - 1) */
mpi QP; /*!< 1 / (Q % P) */ mpi QP; /*!< 1 / (Q % P) */
mpi RN; /*!< cached R^2 mod N */ mpi RN; /*!< cached R^2 mod N */
mpi RP; /*!< cached R^2 mod P */ mpi RP; /*!< cached R^2 mod P */
mpi RQ; /*!< cached R^2 mod Q */ mpi RQ; /*!< cached R^2 mod Q */
#if !defined(POLARSSL_RSA_NO_CRT)
mpi Vi; /*!< cached blinding value */
mpi Vf; /*!< cached un-blinding value */
#endif
int padding; /*!< RSA_PKCS_V15 for 1.5 padding and int padding; /*!< RSA_PKCS_V15 for 1.5 padding and
RSA_PKCS_v21 for OAEP/PSS */ RSA_PKCS_v21 for OAEP/PSS */
int hash_id; /*!< Hash identifier of md_type_t as int hash_id; /*!< Hash identifier of md_type_t as
specified in the md.h header file specified in the md.h header file
for the EME-OAEP and EMSA-PSS for the EME-OAEP and EMSA-PSS
encoding */ encoding */
} }
rsa_context; rsa_context;
#ifdef __cplusplus #ifdef __cplusplus
skipping to change at line 245 skipping to change at line 250
* enough (eg. 128 bytes if RSA-1024 is used). * enough (eg. 128 bytes if RSA-1024 is used).
*/ */
int rsa_public( rsa_context *ctx, int rsa_public( rsa_context *ctx,
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output );
/** /**
* \brief Do an RSA private key operation * \brief Do an RSA private key operation
* *
* \param ctx RSA context * \param ctx RSA context
* \param f_rng RNG function (Needed for blinding)
* \param p_rng RNG parameter
* \param input input buffer * \param input input buffer
* \param output output buffer * \param output output buffer
* *
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
* *
* \note The input and output buffers must be large * \note The input and output buffers must be large
* enough (eg. 128 bytes if RSA-1024 is used). * enough (eg. 128 bytes if RSA-1024 is used).
*/ */
int rsa_private( rsa_context *ctx, int rsa_private( rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output );
/** /**
* \brief Generic wrapper to perform a PKCS#1 encryption using the * \brief Generic wrapper to perform a PKCS#1 encryption using the
* mode from the context. Add the message padding, then do an * mode from the context. Add the message padding, then do an
* RSA operation. * RSA operation.
* *
* \param ctx RSA context * \param ctx RSA context
* \param f_rng RNG function (Needed for padding and PKCS#1 v2.1 encodin * \param f_rng RNG function (Needed for padding and PKCS#1 v2.1 encodin
g) g
* and RSA_PRIVATE)
* \param p_rng RNG parameter * \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE * \param mode RSA_PUBLIC or RSA_PRIVATE
* \param ilen contains the plaintext length * \param ilen contains the plaintext length
* \param input buffer holding the data to be encrypted * \param input buffer holding the data to be encrypted
* \param output buffer that will hold the ciphertext * \param output buffer that will hold the ciphertext
* *
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
* *
* \note The output buffer must be as large as the size * \note The output buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used). * of ctx->N (eg. 128 bytes if RSA-1024 is used).
skipping to change at line 286 skipping to change at line 296
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
int mode, size_t ilen, int mode, size_t ilen,
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output );
/** /**
* \brief Perform a PKCS#1 v1.5 encryption (RSAES-PKCS1-v1_5-ENCRY PT) * \brief Perform a PKCS#1 v1.5 encryption (RSAES-PKCS1-v1_5-ENCRY PT)
* *
* \param ctx RSA context * \param ctx RSA context
* \param f_rng RNG function (Needed for padding) * \param f_rng RNG function (Needed for padding and RSA_PRIVATE)
* \param p_rng RNG parameter * \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE * \param mode RSA_PUBLIC or RSA_PRIVATE
* \param ilen contains the plaintext length * \param ilen contains the plaintext length
* \param input buffer holding the data to be encrypted * \param input buffer holding the data to be encrypted
* \param output buffer that will hold the ciphertext * \param output buffer that will hold the ciphertext
* *
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
* *
* \note The output buffer must be as large as the size * \note The output buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used). * of ctx->N (eg. 128 bytes if RSA-1024 is used).
skipping to change at line 309 skipping to change at line 319
int (*f_rng)(void *, unsigned char *, size _t), int (*f_rng)(void *, unsigned char *, size _t),
void *p_rng, void *p_rng,
int mode, size_t ilen, int mode, size_t ilen,
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output );
/** /**
* \brief Perform a PKCS#1 v2.1 OAEP encryption (RSAES-OAEP-ENCRYP T) * \brief Perform a PKCS#1 v2.1 OAEP encryption (RSAES-OAEP-ENCRYP T)
* *
* \param ctx RSA context * \param ctx RSA context
* \param f_rng RNG function (Needed for padding and PKCS#1 v2.1 encodin * \param f_rng RNG function (Needed for padding and PKCS#1 v2.1 encodin
g) g
* and RSA_PRIVATE)
* \param p_rng RNG parameter * \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE * \param mode RSA_PUBLIC or RSA_PRIVATE
* \param label buffer holding the custom label to use * \param label buffer holding the custom label to use
* \param label_len contains the label length * \param label_len contains the label length
* \param ilen contains the plaintext length * \param ilen contains the plaintext length
* \param input buffer holding the data to be encrypted * \param input buffer holding the data to be encrypted
* \param output buffer that will hold the ciphertext * \param output buffer that will hold the ciphertext
* *
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
* *
skipping to change at line 338 skipping to change at line 349
size_t ilen, size_t ilen,
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output );
/** /**
* \brief Generic wrapper to perform a PKCS#1 decryption using the * \brief Generic wrapper to perform a PKCS#1 decryption using the
* mode from the context. Do an RSA operation, then remove * mode from the context. Do an RSA operation, then remove
* the message padding * the message padding
* *
* \param ctx RSA context * \param ctx RSA context
* \param f_rng RNG function (Only needed for RSA_PRIVATE)
* \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE * \param mode RSA_PUBLIC or RSA_PRIVATE
* \param olen will contain the plaintext length * \param olen will contain the plaintext length
* \param input buffer holding the encrypted data * \param input buffer holding the encrypted data
* \param output buffer that will hold the plaintext * \param output buffer that will hold the plaintext
* \param output_max_len maximum length of the output buffer * \param output_max_len maximum length of the output buffer
* *
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
* *
* \note The output buffer must be as large as the size * \note The output buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise * of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise
* an error is thrown. * an error is thrown.
*/ */
int rsa_pkcs1_decrypt( rsa_context *ctx, int rsa_pkcs1_decrypt( rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
int mode, size_t *olen, int mode, size_t *olen,
const unsigned char *input, const unsigned char *input,
unsigned char *output, unsigned char *output,
size_t output_max_len ); size_t output_max_len );
/** /**
* \brief Perform a PKCS#1 v1.5 decryption (RSAES-PKCS1-v1_5-DECRY PT) * \brief Perform a PKCS#1 v1.5 decryption (RSAES-PKCS1-v1_5-DECRY PT)
* *
* \param ctx RSA context * \param ctx RSA context
* \param f_rng RNG function (Only needed for RSA_PRIVATE)
* \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE * \param mode RSA_PUBLIC or RSA_PRIVATE
* \param olen will contain the plaintext length * \param olen will contain the plaintext length
* \param input buffer holding the encrypted data * \param input buffer holding the encrypted data
* \param output buffer that will hold the plaintext * \param output buffer that will hold the plaintext
* \param output_max_len maximum length of the output buffer * \param output_max_len maximum length of the output buffer
* *
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
* *
* \note The output buffer must be as large as the size * \note The output buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise * of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise
* an error is thrown. * an error is thrown.
*/ */
int rsa_rsaes_pkcs1_v15_decrypt( rsa_context *ctx, int rsa_rsaes_pkcs1_v15_decrypt( rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size
_t),
void *p_rng,
int mode, size_t *olen, int mode, size_t *olen,
const unsigned char *input, const unsigned char *input,
unsigned char *output, unsigned char *output,
size_t output_max_len ); size_t output_max_len );
/** /**
* \brief Perform a PKCS#1 v2.1 OAEP decryption (RSAES-OAEP-DECRYP T) * \brief Perform a PKCS#1 v2.1 OAEP decryption (RSAES-OAEP-DECRYP T)
* *
* \param ctx RSA context * \param ctx RSA context
* \param f_rng RNG function (Only needed for RSA_PRIVATE)
* \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE * \param mode RSA_PUBLIC or RSA_PRIVATE
* \param label buffer holding the custom label to use * \param label buffer holding the custom label to use
* \param label_len contains the label length * \param label_len contains the label length
* \param olen will contain the plaintext length * \param olen will contain the plaintext length
* \param input buffer holding the encrypted data * \param input buffer holding the encrypted data
* \param output buffer that will hold the plaintext * \param output buffer that will hold the plaintext
* \param output_max_len maximum length of the output buffer * \param output_max_len maximum length of the output buffer
* *
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
* *
* \note The output buffer must be as large as the size * \note The output buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise * of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise
* an error is thrown. * an error is thrown.
*/ */
int rsa_rsaes_oaep_decrypt( rsa_context *ctx, int rsa_rsaes_oaep_decrypt( rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
int mode, int mode,
const unsigned char *label, size_t label_len, const unsigned char *label, size_t label_len,
size_t *olen, size_t *olen,
const unsigned char *input, const unsigned char *input,
unsigned char *output, unsigned char *output,
size_t output_max_len ); size_t output_max_len );
/** /**
* \brief Generic wrapper to perform a PKCS#1 signature using the * \brief Generic wrapper to perform a PKCS#1 signature using the
* mode from the context. Do a private RSA operation to sig n * mode from the context. Do a private RSA operation to sig n
* a message digest * a message digest
* *
* \param ctx RSA context * \param ctx RSA context
* \param f_rng RNG function (Needed for PKCS#1 v2.1 encoding) * \param f_rng RNG function (Needed for PKCS#1 v2.1 encoding and for
* RSA_PRIVATE)
* \param p_rng RNG parameter * \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE * \param mode RSA_PUBLIC or RSA_PRIVATE
* \param hash_id SIG_RSA_RAW, SIG_RSA_MD{2,4,5} or SIG_RSA_SHA{1,224,256, 384,512} * \param hash_id SIG_RSA_RAW, SIG_RSA_MD{2,4,5} or SIG_RSA_SHA{1,224,256, 384,512}
* \param hashlen message digest length (for SIG_RSA_RAW only) * \param hashlen message digest length (for SIG_RSA_RAW only)
* \param hash buffer holding the message digest * \param hash buffer holding the message digest
* \param sig buffer that will hold the ciphertext * \param sig buffer that will hold the ciphertext
* *
* \return 0 if the signing operation was successful, * \return 0 if the signing operation was successful,
* or an POLARSSL_ERR_RSA_XXX error code * or an POLARSSL_ERR_RSA_XXX error code
* *
skipping to change at line 443 skipping to change at line 467
int mode, int mode,
int hash_id, int hash_id,
unsigned int hashlen, unsigned int hashlen,
const unsigned char *hash, const unsigned char *hash,
unsigned char *sig ); unsigned char *sig );
/** /**
* \brief Perform a PKCS#1 v1.5 signature (RSASSA-PKCS1-v1_5-SIGN) * \brief Perform a PKCS#1 v1.5 signature (RSASSA-PKCS1-v1_5-SIGN)
* *
* \param ctx RSA context * \param ctx RSA context
* \param f_rng RNG function (Only needed for RSA_PRIVATE)
* \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE * \param mode RSA_PUBLIC or RSA_PRIVATE
* \param hash_id SIG_RSA_RAW, SIG_RSA_MD{2,4,5} or SIG_RSA_SHA{1,224,256, 384,512} * \param hash_id SIG_RSA_RAW, SIG_RSA_MD{2,4,5} or SIG_RSA_SHA{1,224,256, 384,512}
* \param hashlen message digest length (for SIG_RSA_RAW only) * \param hashlen message digest length (for SIG_RSA_RAW only)
* \param hash buffer holding the message digest * \param hash buffer holding the message digest
* \param sig buffer that will hold the ciphertext * \param sig buffer that will hold the ciphertext
* *
* \return 0 if the signing operation was successful, * \return 0 if the signing operation was successful,
* or an POLARSSL_ERR_RSA_XXX error code * or an POLARSSL_ERR_RSA_XXX error code
* *
* \note The "sig" buffer must be as large as the size * \note The "sig" buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used). * of ctx->N (eg. 128 bytes if RSA-1024 is used).
*/ */
int rsa_rsassa_pkcs1_v15_sign( rsa_context *ctx, int rsa_rsassa_pkcs1_v15_sign( rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t
),
void *p_rng,
int mode, int mode,
int hash_id, int hash_id,
unsigned int hashlen, unsigned int hashlen,
const unsigned char *hash, const unsigned char *hash,
unsigned char *sig ); unsigned char *sig );
/** /**
* \brief Perform a PKCS#1 v2.1 PSS signature (RSASSA-PSS-SIGN) * \brief Perform a PKCS#1 v2.1 PSS signature (RSASSA-PSS-SIGN)
* *
* \param ctx RSA context * \param ctx RSA context
* \param f_rng RNG function (Needed for PKCS#1 v2.1 encoding) * \param f_rng RNG function (Needed for PKCS#1 v2.1 encoding and for
* RSA_PRIVATE)
* \param p_rng RNG parameter * \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE * \param mode RSA_PUBLIC or RSA_PRIVATE
* \param hash_id SIG_RSA_RAW, SIG_RSA_MD{2,4,5} or SIG_RSA_SHA{1,224,256, 384,512} * \param hash_id SIG_RSA_RAW, SIG_RSA_MD{2,4,5} or SIG_RSA_SHA{1,224,256, 384,512}
* \param hashlen message digest length (for SIG_RSA_RAW only) * \param hashlen message digest length (for SIG_RSA_RAW only)
* \param hash buffer holding the message digest * \param hash buffer holding the message digest
* \param sig buffer that will hold the ciphertext * \param sig buffer that will hold the ciphertext
* *
* \return 0 if the signing operation was successful, * \return 0 if the signing operation was successful,
* or an POLARSSL_ERR_RSA_XXX error code * or an POLARSSL_ERR_RSA_XXX error code
* *
skipping to change at line 501 skipping to change at line 530
unsigned int hashlen, unsigned int hashlen,
const unsigned char *hash, const unsigned char *hash,
unsigned char *sig ); unsigned char *sig );
/** /**
* \brief Generic wrapper to perform a PKCS#1 verification using t he * \brief Generic wrapper to perform a PKCS#1 verification using t he
* mode from the context. Do a public RSA operation and che ck * mode from the context. Do a public RSA operation and che ck
* the message digest * the message digest
* *
* \param ctx points to an RSA public key * \param ctx points to an RSA public key
* \param f_rng RNG function (Only needed for RSA_PRIVATE)
* \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE * \param mode RSA_PUBLIC or RSA_PRIVATE
* \param hash_id SIG_RSA_RAW, SIG_RSA_MD{2,4,5} or SIG_RSA_SHA{1,224,256, 384,512} * \param hash_id SIG_RSA_RAW, SIG_RSA_MD{2,4,5} or SIG_RSA_SHA{1,224,256, 384,512}
* \param hashlen message digest length (for SIG_RSA_RAW only) * \param hashlen message digest length (for SIG_RSA_RAW only)
* \param hash buffer holding the message digest * \param hash buffer holding the message digest
* \param sig buffer holding the ciphertext * \param sig buffer holding the ciphertext
* *
* \return 0 if the verify operation was successful, * \return 0 if the verify operation was successful,
* or an POLARSSL_ERR_RSA_XXX error code * or an POLARSSL_ERR_RSA_XXX error code
* *
* \note The "sig" buffer must be as large as the size * \note The "sig" buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used). * of ctx->N (eg. 128 bytes if RSA-1024 is used).
* *
* \note In case of PKCS#1 v2.1 encoding keep in mind that * \note In case of PKCS#1 v2.1 encoding keep in mind that
* the hash_id in the RSA context is the one used for the * the hash_id in the RSA context is the one used for the
* verification. hash_id in the function call is the type o f hash * verification. hash_id in the function call is the type o f hash
* that is verified. According to RFC 3447 it is advised to * that is verified. According to RFC 3447 it is advised to
* keep both hashes the same. * keep both hashes the same.
*/ */
int rsa_pkcs1_verify( rsa_context *ctx, int rsa_pkcs1_verify( rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
int mode, int mode,
int hash_id, int hash_id,
unsigned int hashlen, unsigned int hashlen,
const unsigned char *hash, const unsigned char *hash,
unsigned char *sig ); unsigned char *sig );
/** /**
* \brief Perform a PKCS#1 v1.5 verification (RSASSA-PKCS1-v1_5-VE RIFY) * \brief Perform a PKCS#1 v1.5 verification (RSASSA-PKCS1-v1_5-VE RIFY)
* *
* \param ctx points to an RSA public key * \param ctx points to an RSA public key
* \param f_rng RNG function (Only needed for RSA_PRIVATE)
* \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE * \param mode RSA_PUBLIC or RSA_PRIVATE
* \param hash_id SIG_RSA_RAW, SIG_RSA_MD{2,4,5} or SIG_RSA_SHA{1,224,256, 384,512} * \param hash_id SIG_RSA_RAW, SIG_RSA_MD{2,4,5} or SIG_RSA_SHA{1,224,256, 384,512}
* \param hashlen message digest length (for SIG_RSA_RAW only) * \param hashlen message digest length (for SIG_RSA_RAW only)
* \param hash buffer holding the message digest * \param hash buffer holding the message digest
* \param sig buffer holding the ciphertext * \param sig buffer holding the ciphertext
* *
* \return 0 if the verify operation was successful, * \return 0 if the verify operation was successful,
* or an POLARSSL_ERR_RSA_XXX error code * or an POLARSSL_ERR_RSA_XXX error code
* *
* \note The "sig" buffer must be as large as the size * \note The "sig" buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used). * of ctx->N (eg. 128 bytes if RSA-1024 is used).
*/ */
int rsa_rsassa_pkcs1_v15_verify( rsa_context *ctx, int rsa_rsassa_pkcs1_v15_verify( rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size
_t),
void *p_rng,
int mode, int mode,
int hash_id, int hash_id,
unsigned int hashlen, unsigned int hashlen,
const unsigned char *hash, const unsigned char *hash,
unsigned char *sig ); unsigned char *sig );
/** /**
* \brief Perform a PKCS#1 v2.1 PSS verification (RSASSA-PSS-VERIF Y) * \brief Perform a PKCS#1 v2.1 PSS verification (RSASSA-PSS-VERIF Y)
* \brief Do a public RSA and check the message digest * \brief Do a public RSA and check the message digest
* *
* \param ctx points to an RSA public key * \param ctx points to an RSA public key
* \param f_rng RNG function (Only needed for RSA_PRIVATE)
* \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE * \param mode RSA_PUBLIC or RSA_PRIVATE
* \param hash_id SIG_RSA_RAW, SIG_RSA_MD{2,4,5} or SIG_RSA_SHA{1,224,256, 384,512} * \param hash_id SIG_RSA_RAW, SIG_RSA_MD{2,4,5} or SIG_RSA_SHA{1,224,256, 384,512}
* \param hashlen message digest length (for SIG_RSA_RAW only) * \param hashlen message digest length (for SIG_RSA_RAW only)
* \param hash buffer holding the message digest * \param hash buffer holding the message digest
* \param sig buffer holding the ciphertext * \param sig buffer holding the ciphertext
* *
* \return 0 if the verify operation was successful, * \return 0 if the verify operation was successful,
* or an POLARSSL_ERR_RSA_XXX error code * or an POLARSSL_ERR_RSA_XXX error code
* *
* \note The "sig" buffer must be as large as the size * \note The "sig" buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used). * of ctx->N (eg. 128 bytes if RSA-1024 is used).
* *
* \note In case of PKCS#1 v2.1 encoding keep in mind that * \note In case of PKCS#1 v2.1 encoding keep in mind that
* the hash_id in the RSA context is the one used for the * the hash_id in the RSA context is the one used for the
* verification. hash_id in the function call is the type o f hash * verification. hash_id in the function call is the type o f hash
* that is verified. According to RFC 3447 it is advised to * that is verified. According to RFC 3447 it is advised to
* keep both hashes the same. * keep both hashes the same.
*/ */
int rsa_rsassa_pss_verify( rsa_context *ctx, int rsa_rsassa_pss_verify( rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
int mode, int mode,
int hash_id, int hash_id,
unsigned int hashlen, unsigned int hashlen,
const unsigned char *hash, const unsigned char *hash,
unsigned char *sig ); unsigned char *sig );
/** /**
* \brief Free the components of an RSA key * \brief Free the components of an RSA key
* *
* \param ctx RSA Context to free * \param ctx RSA Context to free
 End of changes. 22 change blocks. 
7 lines changed or deleted 51 lines changed or added


 ssl.h   ssl.h 
skipping to change at line 272 skipping to change at line 272
#define TLS_EXT_SERVERNAME_HOSTNAME 0 #define TLS_EXT_SERVERNAME_HOSTNAME 0
#define TLS_EXT_SIG_ALG 13 #define TLS_EXT_SIG_ALG 13
#define TLS_EXT_RENEGOTIATION_INFO 0xFF01 #define TLS_EXT_RENEGOTIATION_INFO 0xFF01
/* /*
* Generic function pointers for allowing external RSA private key * Generic function pointers for allowing external RSA private key
* implementations. * implementations.
*/ */
typedef int (*rsa_decrypt_func)( void *ctx, int mode, size_t *olen, typedef int (*rsa_decrypt_func)( void *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, int mode, size_t *olen,
const unsigned char *input, unsigned char *output, const unsigned char *input, unsigned char *output,
size_t output_max_len ); size_t output_max_len );
typedef int (*rsa_sign_func)( void *ctx, typedef int (*rsa_sign_func)( void *ctx,
int (*f_rng)(void *, unsigned char *, size_t), void *p _rng, int (*f_rng)(void *, unsigned char *, size_t), void *p _rng,
int mode, int hash_id, unsigned int hashlen, int mode, int hash_id, unsigned int hashlen,
const unsigned char *hash, unsigned char *sig ); const unsigned char *hash, unsigned char *sig );
typedef size_t (*rsa_key_len_func)( void *ctx ); typedef size_t (*rsa_key_len_func)( void *ctx );
/* /*
* SSL state machine * SSL state machine
skipping to change at line 1133 skipping to change at line 1135
int ssl_parse_certificate( ssl_context *ssl ); int ssl_parse_certificate( ssl_context *ssl );
int ssl_write_certificate( ssl_context *ssl ); int ssl_write_certificate( ssl_context *ssl );
int ssl_parse_change_cipher_spec( ssl_context *ssl ); int ssl_parse_change_cipher_spec( ssl_context *ssl );
int ssl_write_change_cipher_spec( ssl_context *ssl ); int ssl_write_change_cipher_spec( ssl_context *ssl );
int ssl_parse_finished( ssl_context *ssl ); int ssl_parse_finished( ssl_context *ssl );
int ssl_write_finished( ssl_context *ssl ); int ssl_write_finished( ssl_context *ssl );
void ssl_optimize_checksum( ssl_context *ssl, int ciphersuite ); void ssl_optimize_checksum( ssl_context *ssl, int ciphersuite );
int ssl_get_ciphersuite_min_version( const int ciphersuite_id );
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#endif /* ssl.h */ #endif /* ssl.h */
 End of changes. 2 change blocks. 
1 lines changed or deleted 4 lines changed or added


 version.h   version.h 
skipping to change at line 42 skipping to change at line 42
#define POLARSSL_VERSION_H #define POLARSSL_VERSION_H
#include "config.h" #include "config.h"
/** /**
* The version number x.y.z is split into three parts. * The version number x.y.z is split into three parts.
* Major, Minor, Patchlevel * Major, Minor, Patchlevel
*/ */
#define POLARSSL_VERSION_MAJOR 1 #define POLARSSL_VERSION_MAJOR 1
#define POLARSSL_VERSION_MINOR 2 #define POLARSSL_VERSION_MINOR 2
#define POLARSSL_VERSION_PATCH 8 #define POLARSSL_VERSION_PATCH 9
/** /**
* The single version number has the following structure: * The single version number has the following structure:
* MMNNPP00 * MMNNPP00
* Major version | Minor version | Patch version * Major version | Minor version | Patch version
*/ */
#define POLARSSL_VERSION_NUMBER 0x01020800 #define POLARSSL_VERSION_NUMBER 0x01020900
#define POLARSSL_VERSION_STRING "1.2.8" #define POLARSSL_VERSION_STRING "1.2.9"
#define POLARSSL_VERSION_STRING_FULL "PolarSSL 1.2.8" #define POLARSSL_VERSION_STRING_FULL "PolarSSL 1.2.9"
#if defined(POLARSSL_VERSION_C) #if defined(POLARSSL_VERSION_C)
/** /**
* Get the version number. * Get the version number.
* *
* \return The constructed version number in the format * \return The constructed version number in the format
* MMNNPP00 (Major, Minor, Patch). * MMNNPP00 (Major, Minor, Patch).
*/ */
unsigned int version_get_number( void ); unsigned int version_get_number( void );
 End of changes. 2 change blocks. 
4 lines changed or deleted 4 lines changed or added


 x509write.h   x509write.h 
skipping to change at line 32 skipping to change at line 32
* *
* You should have received a copy of the GNU General Public License along * You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_X509_WRITE_H #ifndef POLARSSL_X509_WRITE_H
#define POLARSSL_X509_WRITE_H #define POLARSSL_X509_WRITE_H
#include "rsa.h" #include "rsa.h"
#ifdef __cplusplus
extern "C" {
#endif
typedef struct _x509_req_name typedef struct _x509_req_name
{ {
char oid[128]; char oid[128];
char name[128]; char name[128];
struct _x509_req_name *next; struct _x509_req_name *next;
} }
x509_req_name; x509_req_name;
int x509_write_pubkey_der( unsigned char *buf, size_t size, rsa_context *rs a ); int x509_write_pubkey_der( unsigned char *buf, size_t size, rsa_context *rs a );
int x509_write_key_der( unsigned char *buf, size_t size, rsa_context *rsa ) ; int x509_write_key_der( unsigned char *buf, size_t size, rsa_context *rsa ) ;
int x509_write_cert_req( unsigned char *buf, size_t size, rsa_context *rsa, int x509_write_cert_req( unsigned char *buf, size_t size, rsa_context *rsa,
x509_req_name *req_name, int hash_id ); x509_req_name *req_name, int hash_id );
#ifdef __cplusplus
}
#endif
#endif /* POLARSSL_X509_WRITE_H */ #endif /* POLARSSL_X509_WRITE_H */
 End of changes. 2 change blocks. 
0 lines changed or deleted 8 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/