zte's code,first commit
Change-Id: I9a04da59e459a9bc0d67f101f700d9d7dc8d681b
diff --git a/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/rsa.h b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/rsa.h
new file mode 100644
index 0000000..3164351
--- /dev/null
+++ b/ap/lib/libwolfssl/install/include/wolfssl/wolfcrypt/rsa.h
@@ -0,0 +1,388 @@
+/* rsa.h
+ *
+ * Copyright (C) 2006-2021 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/rsa.h
+*/
+
+/*
+
+DESCRIPTION
+This library provides the interface to the RSA.
+RSA keys can be used to encrypt, decrypt, sign and verify data.
+
+*/
+#ifndef WOLF_CRYPT_RSA_H
+#define WOLF_CRYPT_RSA_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#ifndef NO_RSA
+
+
+/* RSA default exponent */
+#ifndef WC_RSA_EXPONENT
+ #define WC_RSA_EXPONENT 65537L
+#endif
+
+#if defined(WC_RSA_NONBLOCK)
+ /* enable support for fast math based non-blocking exptmod */
+ /* this splits the RSA function into many smaller operations */
+ #ifndef USE_FAST_MATH
+ #error RSA non-blocking mode only supported using fast math
+ #endif
+ #ifndef TFM_TIMING_RESISTANT
+ #error RSA non-blocking mode only supported with timing resistance enabled
+ #endif
+
+ /* RSA bounds check is not supported with RSA non-blocking mode */
+ #undef NO_RSA_BOUNDS_CHECK
+ #define NO_RSA_BOUNDS_CHECK
+#endif
+
+/* allow for user to plug in own crypto */
+#if !defined(HAVE_FIPS) && (defined(HAVE_USER_RSA) || defined(HAVE_FAST_RSA))
+ #include "user_rsa.h"
+#else
+
+#if defined(HAVE_FIPS) && \
+ (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
+/* for fips @wc_fips */
+#include <cyassl/ctaocrypt/rsa.h>
+#if defined(CYASSL_KEY_GEN) && !defined(WOLFSSL_KEY_GEN)
+ #define WOLFSSL_KEY_GEN
+#endif
+#else
+ #include <wolfssl/wolfcrypt/integer.h>
+ #include <wolfssl/wolfcrypt/random.h>
+#endif /* HAVE_FIPS && HAVE_FIPS_VERION 1 */
+#if defined(HAVE_FIPS) && \
+ defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
+#include <wolfssl/wolfcrypt/fips.h>
+#endif
+
+/* header file needed for OAEP padding */
+#include <wolfssl/wolfcrypt/hash.h>
+
+#ifdef WOLFSSL_XILINX_CRYPT
+#include "xsecure_rsa.h"
+#endif
+
+#if defined(WOLFSSL_CRYPTOCELL)
+ #include <wolfssl/wolfcrypt/port/arm/cryptoCell.h>
+#endif
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+enum {
+ RSA_MIN_SIZE = 512,
+ RSA_MAX_SIZE = 4096,
+};
+
+/* avoid redefinition of structs */
+#if !defined(HAVE_FIPS) || \
+ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
+
+#ifdef WOLFSSL_ASYNC_CRYPT
+ #include <wolfssl/wolfcrypt/async.h>
+ #ifdef WOLFSSL_CERT_GEN
+ #include <wolfssl/wolfcrypt/asn.h>
+ #endif
+#endif
+
+enum {
+ RSA_PUBLIC = 0,
+ RSA_PRIVATE = 1,
+
+ RSA_TYPE_UNKNOWN = -1,
+ RSA_PUBLIC_ENCRYPT = 0,
+ RSA_PUBLIC_DECRYPT = 1,
+ RSA_PRIVATE_ENCRYPT = 2,
+ RSA_PRIVATE_DECRYPT = 3,
+
+ RSA_BLOCK_TYPE_1 = 1,
+ RSA_BLOCK_TYPE_2 = 2,
+
+ RSA_MIN_PAD_SZ = 11, /* separator + 0 + pad value + 8 pads */
+
+ RSA_PSS_PAD_SZ = 8,
+ RSA_PSS_SALT_MAX_SZ = 62,
+
+#ifdef OPENSSL_EXTRA
+ RSA_PKCS1_PADDING_SIZE = 11,
+ RSA_PKCS1_OAEP_PADDING_SIZE = 42, /* (2 * hashlen(SHA-1)) + 2 */
+#endif
+#ifdef WC_RSA_PSS
+ RSA_PSS_PAD_TERM = 0xBC,
+#endif
+
+ RSA_PSS_SALT_LEN_DEFAULT = -1,
+#ifdef WOLFSSL_PSS_SALT_LEN_DISCOVER
+ RSA_PSS_SALT_LEN_DISCOVER = -2,
+#endif
+
+#ifdef WOLF_CRYPTO_CB
+ RSA_MAX_ID_LEN = 32,
+ RSA_MAX_LABEL_LEN = 32,
+#endif
+};
+
+#ifdef WC_RSA_NONBLOCK
+typedef struct RsaNb {
+ exptModNb_t exptmod; /* non-block expt_mod */
+ mp_int tmp;
+} RsaNb;
+#endif
+
+/* RSA */
+struct RsaKey {
+ mp_int n, e;
+#ifndef WOLFSSL_RSA_PUBLIC_ONLY
+ mp_int d, p, q;
+#if defined(WOLFSSL_KEY_GEN) || defined(OPENSSL_EXTRA) || !defined(RSA_LOW_MEM)
+ mp_int dP, dQ, u;
+#endif
+#endif
+ void* heap; /* for user memory overrides */
+ byte* data; /* temp buffer for async RSA */
+ int type; /* public or private */
+ int state;
+ word32 dataLen;
+#ifdef WC_RSA_BLINDING
+ WC_RNG* rng; /* for PrivateDecrypt blinding */
+#endif
+#ifdef WOLF_CRYPTO_CB
+ int devId;
+#endif
+#ifdef WOLFSSL_ASYNC_CRYPT
+ WC_ASYNC_DEV asyncDev;
+ #ifdef WOLFSSL_CERT_GEN
+ CertSignCtx certSignCtx; /* context info for cert sign (MakeSignature) */
+ #endif
+#endif /* WOLFSSL_ASYNC_CRYPT */
+#ifdef WOLFSSL_XILINX_CRYPT
+ word32 pubExp; /* to keep values in scope they are here in struct */
+ byte* mod;
+ XSecure_Rsa xRsa;
+#endif
+#ifdef WOLF_CRYPTO_CB
+ byte id[RSA_MAX_ID_LEN];
+ int idLen;
+ char label[RSA_MAX_LABEL_LEN];
+ int labelLen;
+#endif
+#if defined(WOLFSSL_ASYNC_CRYPT) || !defined(WOLFSSL_RSA_VERIFY_INLINE)
+ byte dataIsAlloc;
+#endif
+#ifdef WC_RSA_NONBLOCK
+ RsaNb* nb;
+#endif
+#ifdef WOLFSSL_AFALG_XILINX_RSA
+ int alFd;
+ int rdFd;
+#endif
+#if defined(WOLFSSL_CRYPTOCELL)
+ rsa_context_t ctx;
+#endif
+};
+
+#ifndef WC_RSAKEY_TYPE_DEFINED
+ typedef struct RsaKey RsaKey;
+ #define WC_RSAKEY_TYPE_DEFINED
+#endif
+
+#endif /*HAVE_FIPS */
+
+WOLFSSL_API int wc_InitRsaKey(RsaKey* key, void* heap);
+WOLFSSL_API int wc_InitRsaKey_ex(RsaKey* key, void* heap, int devId);
+WOLFSSL_API int wc_FreeRsaKey(RsaKey* key);
+#ifdef WOLF_CRYPTO_CB
+WOLFSSL_API int wc_InitRsaKey_Id(RsaKey* key, unsigned char* id, int len,
+ void* heap, int devId);
+WOLFSSL_API int wc_InitRsaKey_Label(RsaKey* key, const char* label, void* heap,
+ int devId);
+#endif
+WOLFSSL_API int wc_CheckRsaKey(RsaKey* key);
+#ifdef WOLFSSL_XILINX_CRYPT
+WOLFSSL_LOCAL int wc_InitRsaHw(RsaKey* key);
+#endif /* WOLFSSL_XILINX_CRYPT */
+
+WOLFSSL_API int wc_RsaFunction(const byte* in, word32 inLen, byte* out,
+ word32* outLen, int type, RsaKey* key, WC_RNG* rng);
+
+WOLFSSL_API int wc_RsaPublicEncrypt(const byte* in, word32 inLen, byte* out,
+ word32 outLen, RsaKey* key, WC_RNG* rng);
+WOLFSSL_API int wc_RsaPrivateDecryptInline(byte* in, word32 inLen, byte** out,
+ RsaKey* key);
+WOLFSSL_API int wc_RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out,
+ word32 outLen, RsaKey* key);
+WOLFSSL_API int wc_RsaSSL_Sign(const byte* in, word32 inLen, byte* out,
+ word32 outLen, RsaKey* key, WC_RNG* rng);
+WOLFSSL_API int wc_RsaPSS_Sign(const byte* in, word32 inLen, byte* out,
+ word32 outLen, enum wc_HashType hash, int mgf,
+ RsaKey* key, WC_RNG* rng);
+WOLFSSL_API int wc_RsaPSS_Sign_ex(const byte* in, word32 inLen, byte* out,
+ word32 outLen, enum wc_HashType hash,
+ int mgf, int saltLen, RsaKey* key,
+ WC_RNG* rng);
+WOLFSSL_API int wc_RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out,
+ RsaKey* key);
+WOLFSSL_API int wc_RsaSSL_Verify(const byte* in, word32 inLen, byte* out,
+ word32 outLen, RsaKey* key);
+WOLFSSL_API int wc_RsaSSL_Verify_ex(const byte* in, word32 inLen, byte* out,
+ word32 outLen, RsaKey* key, int pad_type);
+WOLFSSL_API int wc_RsaSSL_Verify_ex2(const byte* in, word32 inLen, byte* out,
+ word32 outLen, RsaKey* key, int pad_type,
+ enum wc_HashType hash);
+WOLFSSL_API int wc_RsaPSS_VerifyInline(byte* in, word32 inLen, byte** out,
+ enum wc_HashType hash, int mgf,
+ RsaKey* key);
+WOLFSSL_API int wc_RsaPSS_VerifyInline_ex(byte* in, word32 inLen, byte** out,
+ enum wc_HashType hash, int mgf,
+ int saltLen, RsaKey* key);
+WOLFSSL_API int wc_RsaPSS_Verify(byte* in, word32 inLen, byte* out,
+ word32 outLen, enum wc_HashType hash, int mgf,
+ RsaKey* key);
+WOLFSSL_API int wc_RsaPSS_Verify_ex(byte* in, word32 inLen, byte* out,
+ word32 outLen, enum wc_HashType hash,
+ int mgf, int saltLen, RsaKey* key);
+WOLFSSL_API int wc_RsaPSS_CheckPadding(const byte* in, word32 inLen, byte* sig,
+ word32 sigSz,
+ enum wc_HashType hashType);
+WOLFSSL_API int wc_RsaPSS_CheckPadding_ex(const byte* in, word32 inLen,
+ byte* sig, word32 sigSz,
+ enum wc_HashType hashType,
+ int saltLen, int bits);
+WOLFSSL_API int wc_RsaPSS_VerifyCheckInline(byte* in, word32 inLen, byte** out,
+ const byte* digest, word32 digentLen,
+ enum wc_HashType hash, int mgf,
+ RsaKey* key);
+WOLFSSL_API int wc_RsaPSS_VerifyCheck(byte* in, word32 inLen,
+ byte* out, word32 outLen,
+ const byte* digest, word32 digestLen,
+ enum wc_HashType hash, int mgf,
+ RsaKey* key);
+
+WOLFSSL_API int wc_RsaEncryptSize(const RsaKey* key);
+
+#if !defined(HAVE_FIPS) || \
+ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
+/* to avoid asn duplicate symbols @wc_fips */
+WOLFSSL_API int wc_RsaPrivateKeyDecode(const byte* input, word32* inOutIdx,
+ RsaKey*, word32);
+WOLFSSL_API int wc_RsaPublicKeyDecode(const byte* input, word32* inOutIdx,
+ RsaKey*, word32);
+WOLFSSL_API int wc_RsaPublicKeyDecodeRaw(const byte* n, word32 nSz,
+ const byte* e, word32 eSz, RsaKey* key);
+#ifdef WOLFSSL_KEY_GEN
+ WOLFSSL_API int wc_RsaKeyToDer(RsaKey*, byte* output, word32 inLen);
+#endif
+
+#ifdef WC_RSA_BLINDING
+ WOLFSSL_API int wc_RsaSetRNG(RsaKey* key, WC_RNG* rng);
+#endif
+#ifdef WC_RSA_NONBLOCK
+ WOLFSSL_API int wc_RsaSetNonBlock(RsaKey* key, RsaNb* nb);
+ #ifdef WC_RSA_NONBLOCK_TIME
+ WOLFSSL_API int wc_RsaSetNonBlockTime(RsaKey* key, word32 maxBlockUs,
+ word32 cpuMHz);
+ #endif
+#endif
+
+/*
+ choice of padding added after fips, so not available when using fips RSA
+ */
+
+/* Mask Generation Function Identifiers */
+#define WC_MGF1NONE 0
+#define WC_MGF1SHA1 26
+#define WC_MGF1SHA224 4
+#define WC_MGF1SHA256 1
+#define WC_MGF1SHA384 2
+#define WC_MGF1SHA512 3
+
+/* Padding types */
+#define WC_RSA_PKCSV15_PAD 0
+#define WC_RSA_OAEP_PAD 1
+#define WC_RSA_PSS_PAD 2
+#define WC_RSA_NO_PAD 3
+
+WOLFSSL_API int wc_RsaPublicEncrypt_ex(const byte* in, word32 inLen, byte* out,
+ word32 outLen, RsaKey* key, WC_RNG* rng, int type,
+ enum wc_HashType hash, int mgf, byte* label, word32 lableSz);
+WOLFSSL_API int wc_RsaPrivateDecrypt_ex(const byte* in, word32 inLen,
+ byte* out, word32 outLen, RsaKey* key, int type,
+ enum wc_HashType hash, int mgf, byte* label, word32 lableSz);
+WOLFSSL_API int wc_RsaPrivateDecryptInline_ex(byte* in, word32 inLen,
+ byte** out, RsaKey* key, int type, enum wc_HashType hash,
+ int mgf, byte* label, word32 lableSz);
+#if defined(WC_RSA_DIRECT) || defined(WC_RSA_NO_PADDING)
+WOLFSSL_API int wc_RsaDirect(byte* in, word32 inLen, byte* out, word32* outSz,
+ RsaKey* key, int type, WC_RNG* rng);
+#endif
+
+#endif /* HAVE_FIPS */
+
+WOLFSSL_API int wc_RsaFlattenPublicKey(RsaKey*, byte*, word32*, byte*,
+ word32*);
+WOLFSSL_API int wc_RsaExportKey(RsaKey* key,
+ byte* e, word32* eSz,
+ byte* n, word32* nSz,
+ byte* d, word32* dSz,
+ byte* p, word32* pSz,
+ byte* q, word32* qSz);
+
+WOLFSSL_API int wc_RsaKeyToPublicDer(RsaKey*, byte* output, word32 inLen);
+
+#ifdef WOLFSSL_KEY_GEN
+ WOLFSSL_API int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng);
+ WOLFSSL_API int wc_CheckProbablePrime_ex(const byte* p, word32 pSz,
+ const byte* q, word32 qSz,
+ const byte* e, word32 eSz,
+ int nlen, int* isPrime, WC_RNG* rng);
+ WOLFSSL_API int wc_CheckProbablePrime(const byte* p, word32 pSz,
+ const byte* q, word32 qSz,
+ const byte* e, word32 eSz,
+ int nlen, int* isPrime);
+#endif
+
+WOLFSSL_LOCAL int wc_RsaPad_ex(const byte* input, word32 inputLen, byte* pkcsBlock,
+ word32 pkcsBlockLen, byte padValue, WC_RNG* rng, int padType,
+ enum wc_HashType hType, int mgf, byte* optLabel, word32 labelLen,
+ int saltLen, int bits, void* heap);
+WOLFSSL_LOCAL int wc_RsaUnPad_ex(byte* pkcsBlock, word32 pkcsBlockLen, byte** out,
+ byte padValue, int padType, enum wc_HashType hType,
+ int mgf, byte* optLabel, word32 labelLen, int saltLen,
+ int bits, void* heap);
+
+WOLFSSL_LOCAL int wc_hash2mgf(enum wc_HashType hType);
+
+#endif /* HAVE_USER_RSA */
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* NO_RSA */
+#endif /* WOLF_CRYPT_RSA_H */
+