Gray C++ Libraries  0.0.2
A set of C++ libraries for MSVC, GNU on Windows, WinCE, Linux
cKeyRSA.h
Go to the documentation of this file.
1 //
4 //
5 #ifndef _INC_cKeyRSA_H
6 #define _INC_cKeyRSA_H
7 
8 #include "cKeyBase.h"
9 #include "cKeyRSA1.h"
10 #include "../Hash/cHashWrap.h"
11 #include "../Key/cKeyTypeDef.h"
12 #include "../File/cASNReader.h"
13 #include "../File/cASNWriterRev.h"
14 #include "../Math/cBigUnsigned.h"
15 
16 namespace GrayLib
17 {
18  UNITTEST2_PREDEF(cKeyRSA);
19 
20  enum PKCS1_VER_TYPE
21  {
26  PKCS1_VER_15 = 0,
27  PKCS1_VER_21 = 1,
28  };
29 
30  class GRAYLIB_LINK cKeyRSASignOptions
31  {
35  public:
36  SSL_Hash_TYPE m_eHashTypeMGF1; // mgf1 = maskGenAlgorithm
37  int m_nSizeSaltExpected;
38  public:
39  cKeyRSASignOptions(SSL_Hash_TYPE eHashType = SSL_Hash_SHA1, size_t nSizeSalt = 20) noexcept
40  : m_eHashTypeMGF1(eHashType)
41  , m_nSizeSaltExpected((int)nSizeSalt)
42  {
43  }
44  HRESULT ReadHashAlg(const cASNBuf& alg);
45  HRESULT ReadRsaSsaPssParams(const cASNBuf& params, OUT SSL_Hash_TYPE& eSignHashType);
46  };
47 
48  class GRAYLIB_LINK cKeyRSA : public cKeyBase, public cKeyRSA1
49  {
52 
53  public:
54  static const int k_nSizeSaltAny = -1;
55 
56  size_t m_nSizeBlock;
57  PKCS1_VER_TYPE m_ePadding;
58  SSL_Hash_TYPE m_eHashType;
59 
60  // Support for private key. Stored in RSAPrivateKey ::= SEQUENCE
61  VAL_t m_D;
62  VAL_t m_P;
63  VAL_t m_Q;
64 
65  VAL_t m_DP;
66  VAL_t m_DQ;
67  VAL_t m_QP;
68 
69  // Work data.
70  mutable cThreadLockMutex m_Mutex;
71 
72  mutable VAL_t m_RN;
73  mutable VAL_t m_RP;
74  mutable VAL_t m_RQ;
75 
76  mutable VAL_t m_BlindAdd;
77  mutable VAL_t m_BlindRemove;
78 
79  protected:
80  HRESULT CreateBlindingValues(IRandomNoise* pRandom) const;
81 
82  public:
83  cKeyRSA(PKCS1_VER_TYPE ePadding = PKCS1_VER_15, SSL_Hash_TYPE eHashType = SSL_Hash_NONE);
84  virtual ~cKeyRSA();
85 
86  bool IsValidPrivateKey() const;
87 
88  virtual size_t get_KeySize() const override
89  {
91  return this->m_nSizeBlock;
92  }
93  virtual int GetKeyValues(cValue* items) const override
94  {
96  items->m_eValueType = cKeyBase::VALTYPE_RSA;
97  items->m_pszName = "rsa.N";
98  items->m_pValue = &(this->m_N);
99 
100  items++;
101  items->m_eValueType = cKeyBase::VALTYPE_RSA;
102  items->m_pszName = "rsa.E";
103  items->m_pValue = &(this->m_E);
104  return 2;
105  }
106 
107  virtual void SetZeroKey() override;
108  void SetCopyKey(const cKeyRSA& src);
109 
110  HRESULT DoRSAPublic(BYTE* pOutput, const BYTE* pInput) const;
111  HRESULT DoRSAPrivate(BYTE* pOutput, const BYTE* pInput, IRandomNoise* pRandom) const;
112 
113  protected:
114  // PKCS1_VER_15
115  HRESULT EncryptWithKeyV15(BYTE* pOutput, const BYTE* pInput, size_t nSizeIn, IRandomNoise* pRandom);
116  // PKCS1_VER_21
117  HRESULT EncryptWithKeyV21(BYTE* pOutput, const BYTE* pInput, size_t nSizeIn, IRandomNoise* pRandom, const BYTE* pLabel = nullptr, size_t nSizeLabel = 0);
118 
119  HRESULT DecryptWithKeyV15(BYTE* pOutput, size_t output_max_len, const BYTE* pInput, IRandomNoise* pRandom);
120  HRESULT DecryptWithKeyV21(BYTE* pOutput, size_t output_max_len, const BYTE* pInput, IRandomNoise* pRandom, const BYTE* pLabel = nullptr, size_t nSizeLabel = 0);
121 
122  HRESULT MakeSignatureV15(BYTE* pSig, SSL_Hash_TYPE eHashType, const BYTE* pHash, size_t nSizeHash, IRandomNoise* pRandom) const;
123  HRESULT MakeSignatureV21(BYTE* pSig, SSL_Hash_TYPE eHashType, const BYTE* pHash, size_t nSizeHash, IRandomNoise* pRandom) const;
124 
125  public:
126  HRESULT VerifySignatureV15(SSL_Hash_TYPE eHashType, const BYTE* pHash, size_t nSizeHash, const BYTE* pSig) const;
127  HRESULT VerifySignatureV21(SSL_Hash_TYPE eHashType, const BYTE* pHash, size_t nSizeHash, const BYTE* pSig, SSL_Hash_TYPE mgf1_hash_id, int expected_salt_len) const;
128 
129  public:
130  virtual HRESULT CheckPublicPrivatePair(const cKeyBase* pKeyPrivate) const override;
131  virtual HRESULT VerifySignature(SSL_Hash_TYPE eHashType, const BYTE* pHash, size_t nSizeHash, const BYTE* pSig, size_t nSizeSig) const override;
132  virtual HRESULT MakeSignature(BYTE* pSig, SSL_Hash_TYPE eHashType, const BYTE* pHash, size_t nSizeHash, IRandomNoise* pRandom) const override;
133 
134  HRESULT DecryptWithKey(BYTE* pOutput, size_t nSizeOut, const BYTE* pInput, size_t nSizeIn, IRandomNoise* pRandom);
135  HRESULT EncryptWithKey(BYTE* pOutput, size_t nSizeOut, const BYTE* pInput, size_t nSizeIn, IRandomNoise* pRandom);
136 
137  bool UpdateReadPrivate();
138 
139  virtual HRESULT ReadPublicKey(cASNReader& r, cASNBuf* pAlgParams) override
140  {
141  UNREFERENCED_PARAMETER(pAlgParams);
142  HRESULT hRes = cKeyRSA1::ReadPublicKey(r);
143  this->m_nSizeBlock = this->m_N.get_BinarySize();
144  return hRes;
145  }
146  virtual HRESULT WritePublicKey(cASNWriterRev& w) const override
147  {
148  return cKeyRSA1::WritePublicKey(w);
149  }
150 
151  HRESULT ReadPrivateKeyPVK(const BYTE* pKeyData, int nSize);
152  virtual HRESULT ReadPrivateKey(cASNReader& r, cASNBuf* pAlgParams) override;
153  virtual HRESULT WritePrivateKey(cASNWriterRev& w) const override;
154 
155  HRESULT GenerateKeys(BIT_ENUM_t nBits, UINT nExpoMax, IRandomNoise* pRandom);
156 
157  UNITTEST_FRIEND(cKeyRSA);
158  };
159 
160  class GRAYLIB_LINK cKeyTypeRSA : public cKeyTypeDef
161  {
164  public:
165  cKeyTypeRSA() noexcept
166  : cKeyTypeDef(SSL_Key_RSA, "RSA")
167  {
168  }
169  virtual bool HasKeyType(SSL_Key_TYPE eKeyType) const noexcept override
170  {
171  // Allow signing with SSL_Key_RSASSA_PSS
172  return eKeyType == SSL_Key_RSA || eKeyType == SSL_Key_RSASSA_PSS ;
173  }
174  virtual cKeyBase* AllocKey(void) const override
175  {
176  return new cKeyRSA();
177  }
178  };
179 }
180 
181 #endif // _INC_cKeyRSA_H
GRAYLIB_LINK
#define GRAYLIB_LINK
Definition: GrayLibBase.h:35
UNREFERENCED_PARAMETER
#define UNREFERENCED_PARAMETER(P)
< _WIN32 type thing. get rid of stupid warning.
Definition: SysTypes.h:299
HRESULT
INT32 HRESULT
_WIN32 style error codes. INT32
Definition: SysTypes.h:465
GrayLib::cASNBuf
Definition: cASN.h:78
GrayLib::cASNReader
Definition: cASNReader.h:22
GrayLib::cASNWriterRev
Definition: cASNWriterRev.h:22
GrayLib::cBigUnsigned
Definition: cBigUnsigned.h:22
GrayLib::cKeyBase
Definition: cKeyBase.h:56
GrayLib::cKeyBase::VALTYPE_RSA
@ VALTYPE_RSA
cBigUnsigned* for cKeyRSA
Definition: cKeyBase.h:67
GrayLib::cKeyRSA1
Definition: cKeyRSA1.h:27
GrayLib::cKeyRSA1::WritePublicKey
HRESULT WritePublicKey(cASNWriterRev &w) const
Definition: cKeyRSA1.cpp:266
GrayLib::cKeyRSA1::ReadPublicKey
HRESULT ReadPublicKey(cASNReader &r)
Definition: cKeyRSA1.cpp:292
GrayLib::cKeyRSASignOptions
Definition: cKeyRSA.h:31
GrayLib::cKeyRSASignOptions::cKeyRSASignOptions
cKeyRSASignOptions(SSL_Hash_TYPE eHashType=SSL_Hash_SHA1, size_t nSizeSalt=20) noexcept
Definition: cKeyRSA.h:39
GrayLib::cKeyRSASignOptions::m_eHashTypeMGF1
SSL_Hash_TYPE m_eHashTypeMGF1
Definition: cKeyRSA.h:36
GrayLib::cKeyRSASignOptions::m_nSizeSaltExpected
int m_nSizeSaltExpected
Definition: cKeyRSA.h:37
GrayLib::cKeyRSA
Definition: cKeyRSA.h:49
GrayLib::cKeyRSA::m_RP
VAL_t m_RP
cached R^2 mod P for DoRSAPrivate
Definition: cKeyRSA.h:73
GrayLib::cKeyRSA::m_BlindRemove
VAL_t m_BlindRemove
cached un-blinding value for DoRSAPrivate
Definition: cKeyRSA.h:77
GrayLib::cKeyRSA::m_DQ
VAL_t m_DQ
D % (Q - 1) const derived value.
Definition: cKeyRSA.h:66
GrayLib::cKeyRSA::ReadPublicKey
virtual HRESULT ReadPublicKey(cASNReader &r, cASNBuf *pAlgParams) override
Definition: cKeyRSA.h:139
GrayLib::cKeyRSA::m_QP
VAL_t m_QP
1 / (Q % P) const derived value.
Definition: cKeyRSA.h:67
GrayLib::cKeyRSA::m_eHashType
SSL_Hash_TYPE m_eHashType
Hash identifier for the EME-OAEP and EMSA-PSS encoding. MGF1.
Definition: cKeyRSA.h:58
GrayLib::cKeyRSA::GetKeyValues
virtual int GetKeyValues(cValue *items) const override
Interface with the debug module. get debug values.
Definition: cKeyRSA.h:93
GrayLib::cKeyRSA::m_ePadding
PKCS1_VER_TYPE m_ePadding
PKCS1_VER_15 for 1.5 padding and PKCS1_VER_21 for OAEP/PSS.
Definition: cKeyRSA.h:57
GrayLib::cKeyRSA::UNITTEST_FRIEND
UNITTEST_FRIEND(cKeyRSA)
GrayLib::cKeyRSA::m_BlindAdd
VAL_t m_BlindAdd
cached blinding value for DoRSAPrivate
Definition: cKeyRSA.h:76
GrayLib::cKeyRSA::m_nSizeBlock
size_t m_nSizeBlock
sizeof(N) in bytes. Block size for DecryptWithKey
Definition: cKeyRSA.h:56
GrayLib::cKeyRSA::get_KeySize
virtual size_t get_KeySize() const override
Get key size in bytes.
Definition: cKeyRSA.h:88
GrayLib::cKeyRSA::m_D
VAL_t m_D
private exponent
Definition: cKeyRSA.h:61
GrayLib::cKeyRSA::m_Q
VAL_t m_Q
2nd prime factor (private)
Definition: cKeyRSA.h:63
GrayLib::cKeyRSA::m_RN
VAL_t m_RN
cached R^2 mod N (for public)
Definition: cKeyRSA.h:72
GrayLib::cKeyRSA::m_RQ
VAL_t m_RQ
cached R^2 mod Q for DoRSAPrivate
Definition: cKeyRSA.h:74
GrayLib::cKeyRSA::WritePublicKey
virtual HRESULT WritePublicKey(cASNWriterRev &w) const override
Definition: cKeyRSA.h:146
GrayLib::cKeyRSA::m_P
VAL_t m_P
1st prime factor (private) (r)
Definition: cKeyRSA.h:62
GrayLib::cKeyRSA::m_Mutex
cThreadLockMutex m_Mutex
Thread-safety mutex for mutable cached stuff.
Definition: cKeyRSA.h:70
GrayLib::cKeyRSA::m_DP
VAL_t m_DP
D % (P - 1) const derived value.
Definition: cKeyRSA.h:65
GrayLib::cKeyTypeDef
Definition: cKeyTypeDef.h:22
GrayLib::cKeyTypeRSA
Definition: cKeyRSA.h:161
GrayLib::cKeyTypeRSA::cKeyTypeRSA
cKeyTypeRSA() noexcept
Definition: cKeyRSA.h:165
GrayLib::cKeyTypeRSA::AllocKey
virtual cKeyBase * AllocKey(void) const override
Allocate a new context.
Definition: cKeyRSA.h:174
GrayLib::cKeyTypeRSA::HasKeyType
virtual bool HasKeyType(SSL_Key_TYPE eKeyType) const noexcept override
Tell if the context implements this type (e.g. ECKEY can do ECDSA)
Definition: cKeyRSA.h:169
Gray::cThreadLockMutex
Definition: cThreadLock.h:252
GrayLib
Definition: cMesh.h:22
GrayLib::UNITTEST2_PREDEF
UNITTEST2_PREDEF(cQuadtree)
GrayLib::PKCS1_VER_TYPE
PKCS1_VER_TYPE
Definition: cKeyRSA.h:21
GrayLib::PKCS1_VER_15
@ PKCS1_VER_15
Definition: cKeyRSA.h:26
GrayLib::PKCS1_VER_21
@ PKCS1_VER_21
Definition: cKeyRSA.h:27
GrayLib::SSL_Key_TYPE
SSL_Key_TYPE
Definition: cKeyBase.h:24
GrayLib::SSL_Key_RSASSA_PSS
@ SSL_Key_RSASSA_PSS
OID_RSASSA_PSS "RSASSA-PSS" used for signing.
Definition: cKeyBase.h:34
GrayLib::SSL_Key_RSA
@ SSL_Key_RSA
SSL_KeyExchange_RSA = "PRIVATE KEY" = k_pszPEM_PK.
Definition: cKeyBase.h:29
GrayLib::SSL_Hash_TYPE
SSL_Hash_TYPE
Definition: cHashCode.h:23
GrayLib::SSL_Hash_NONE
@ SSL_Hash_NONE
Definition: cHashCode.h:30
GrayLib::SSL_Hash_SHA1
@ SSL_Hash_SHA1
Definition: cHashCode.h:32
Gray::BIT_ENUM_t
unsigned int BIT_ENUM_t
Enumerate number of bits or address a single bit in some array of bits.
Definition: cBits.h:20
GrayLib::cKeyBase::cValue
Definition: cKeyBase.h:74
GrayLib::cKeyBase::cValue::m_pszName
const char * m_pszName
Definition: cKeyBase.h:78
GrayLib::cKeyBase::cValue::m_pValue
const void * m_pValue
e.g. const cBigInt* if VALTYPE_RSA
Definition: cKeyBase.h:79
GrayLib::cKeyBase::cValue::m_eValueType
VALTYPE_TYPE m_eValueType
type of value.
Definition: cKeyBase.h:77
Gray::IRandomNoise
Definition: cRandom.h:19
Gray::cDebugSourceLine
Definition: cDebugAssert.h:29