Provides APIs for low-level RSA operations.

Required Header

#include <yaca/yaca_rsa.h>

Overview

It provides advanced APIs for low-level encryption/decryption operations with asymmetric RSA keys.

Examples

Public RSA Encrypt API example

#include <stdio.h>

#include <yaca_crypto.h>
#include <yaca_rsa.h>
#include <yaca_key.h>
#include <yaca_error.h>

/* include helpers functions and definitions */
#include "misc.h"

int main()
{
    int ret;
    yaca_key_h rsa_priv = YACA_KEY_NULL;
    yaca_key_h rsa_pub = YACA_KEY_NULL;

    char *encrypted = NULL;
    char *decrypted = NULL;
    size_t encrypted_len;
    size_t decrypted_len;

    const size_t key_bit_len = YACA_KEY_LENGTH_1024BIT;
    const size_t input_len = key_bit_len / 8 - 12;

    printf("Plain data (16 of %zu bytes): %.16s\n", input_len, INPUT_DATA);

    ret = yaca_initialize();
    if (ret != YACA_ERROR_NONE)
        goto exit;

    /* Key generation */
    ret = yaca_key_generate(YACA_KEY_TYPE_RSA_PRIV, key_bit_len, &rsa_priv);
    if (ret != YACA_ERROR_NONE)
        goto exit;

    ret = yaca_key_extract_public(rsa_priv, &rsa_pub);
    if (ret != YACA_ERROR_NONE)
        goto exit;

    /* Encryption */
    {
        ret = yaca_rsa_public_encrypt(YACA_PADDING_PKCS1, rsa_pub, INPUT_DATA, input_len,
                                      &encrypted, &encrypted_len);
        if (ret != YACA_ERROR_NONE)
            goto exit;

        /* display encrypted data in hexadecimal format */
        dump_hex(encrypted, 16, "Encrypted data (16 of %zu bytes): ", encrypted_len);
    }

    /*
     * YACA_PADDING_PKCS1_SSLV23 is compatible with YACA_PADDING_PKCS1. It is used to detect if
     * both the encrypting and decrypting side used YACA_PADDING_PKCS1_SSLV23, that is, both are
     * SSL3 capable but use the SSL2 (rollback attack detection).
     */

    /* Decryption */
    {
        ret = yaca_rsa_private_decrypt(YACA_PADDING_PKCS1, rsa_priv, encrypted, encrypted_len,
                                       &decrypted, &decrypted_len);
        if (ret != YACA_ERROR_NONE)
            goto exit;

        printf("Decrypted data (16 of %zu bytes): %.16s\n\n", decrypted_len, decrypted);
    }

exit:
    yaca_free(encrypted);
    yaca_free(decrypted);
    yaca_key_destroy(rsa_priv);
    yaca_key_destroy(rsa_pub);

    yaca_cleanup();
    return ret;
}

Private RSA Encrypt API example

#include <stdio.h>

#include <yaca_crypto.h>
#include <yaca_rsa.h>
#include <yaca_key.h>
#include <yaca_error.h>

/* include helpers functions and definitions */
#include "misc.h"

int main()
{
    int ret;
    yaca_key_h rsa_priv = YACA_KEY_NULL;
    yaca_key_h rsa_pub = YACA_KEY_NULL;

    char *encrypted = NULL;
    char *decrypted = NULL;
    size_t encrypted_len;
    size_t decrypted_len;

    const size_t key_bit_len = YACA_KEY_LENGTH_1024BIT;
    const size_t input_len = key_bit_len / 8 - 12;

    printf("Plain data (16 of %zu bytes): %.16s\n", input_len, INPUT_DATA);

    ret = yaca_initialize();
    if (ret != YACA_ERROR_NONE)
        goto exit;

    /* Key generation */
    ret = yaca_key_generate(YACA_KEY_TYPE_RSA_PRIV, key_bit_len, &rsa_priv);
    if (ret != YACA_ERROR_NONE)
        goto exit;

    ret = yaca_key_extract_public(rsa_priv, &rsa_pub);
    if (ret != YACA_ERROR_NONE)
        goto exit;

    /* Encryption */
    {
        ret = yaca_rsa_private_encrypt(YACA_PADDING_PKCS1, rsa_priv, INPUT_DATA, input_len,
                                       &encrypted, &encrypted_len);
        if (ret != YACA_ERROR_NONE)
            goto exit;

        /* display encrypted data in hexadecimal format */
        dump_hex(encrypted, 16, "Encrypted data (16 of %zu bytes): ", encrypted_len);
    }

    /* Decryption */
    {
        ret = yaca_rsa_public_decrypt(YACA_PADDING_PKCS1, rsa_pub, encrypted, encrypted_len,
                                      &decrypted, &decrypted_len);
        if (ret != YACA_ERROR_NONE)
            goto exit;

        printf("Decrypted data (16 of %zu bytes): %.16s\n\n", decrypted_len, decrypted);
    }

exit:
    yaca_free(encrypted);
    yaca_free(decrypted);
    yaca_key_destroy(rsa_priv);
    yaca_key_destroy(rsa_pub);

    yaca_cleanup();
    return ret;
}

Functions
int	yaca_rsa_public_encrypt (yaca_padding_e padding, const yaca_key_h pub_key, const char plaintext, size_t plaintext_len, char ciphertext, size_t ciphertext_len)
	Encrypts data using a RSA public key (low-level encrypt equivalent).
int	yaca_rsa_private_decrypt (yaca_padding_e padding, const yaca_key_h prv_key, const char ciphertext, size_t ciphertext_len, char plaintext, size_t plaintext_len)
	Decrypts data using a RSA private key (low-level decrypt equivalent).
int	yaca_rsa_private_encrypt (yaca_padding_e padding, const yaca_key_h prv_key, const char plaintext, size_t plaintext_len, char ciphertext, size_t ciphertext_len)
	Encrypts data using a RSA private key (low-level sign equivalent).
int	yaca_rsa_public_decrypt (yaca_padding_e padding, const yaca_key_h pub_key, const char ciphertext, size_t ciphertext_len, char plaintext, size_t plaintext_len)
	Decrypts data using a RSA public key (low-level verify equivalent).

Function Documentation

int yaca_rsa_private_decrypt	(	yaca_padding_e	padding,
		const yaca_key_h	prv_key,
		const char *	ciphertext,
		size_t	ciphertext_len,
		char **	plaintext,
		size_t *	plaintext_len
	)

Decrypts data using a RSA private key (low-level decrypt equivalent).

Since :: 3.0

Remarks:: The plaintext should be freed using yaca_free().; The prv_key used has to be of a YACA_KEY_TYPE_RSA_PRIV type.

Parameters:

[in]	padding	Padding method
[in]	prv_key	Private RSA key matching the public one used to encrypt the data
[in]	ciphertext	Ciphertext to be decrypted
[in]	ciphertext_len	Length of ciphertext
[out]	plaintext	Decrypted data, will be allocated by the library
[out]	plaintext_len	Length of the decrypted data

Returns:: YACA_ERROR_NONE on success, negative on error

Return values:

YACA_ERROR_NONE	Successful
YACA_ERROR_INVALID_PARAMETER	Required parameters have incorrect values (NULL, 0 invalid padding or prv_key), padding check failed
YACA_ERROR_OUT_OF_MEMORY	Out of memory error
YACA_ERROR_INTERNAL	Internal error

See also:: yaca_key_type_e; yaca_padding_e; yaca_rsa_public_encrypt(); yaca_free()

int yaca_rsa_private_encrypt	(	yaca_padding_e	padding,
		const yaca_key_h	prv_key,
		const char *	plaintext,
		size_t	plaintext_len,
		char **	ciphertext,
		size_t *	ciphertext_len
	)

Encrypts data using a RSA private key (low-level sign equivalent).

Since :: 3.0

Remarks:: The ciphertext should be freed using yaca_free().; The prv_key used has to be of a YACA_KEY_TYPE_RSA_PRIV type.; The maximum length of plaintext depends on the key length and padding method, see yaca_padding_e for details.; The plaintext can be NULL but then the plaintext_len must be 0.

Parameters:

[in]	padding	Padding method
[in]	prv_key	Private RSA key (see yaca_key.h for key generation functions)
[in]	plaintext	Plaintext to be encrypted
[in]	plaintext_len	Length of the plaintext
[out]	ciphertext	Encrypted data, will be allocated by the library
[out]	ciphertext_len	Length of the encrypted data (may be larger than decrypted)

Returns:: YACA_ERROR_NONE on success, negative on error

Return values:

YACA_ERROR_NONE	Successful
YACA_ERROR_INVALID_PARAMETER	Required parameters have incorrect values (NULL, 0 invalid padding, prv_key or plaintext_len)
YACA_ERROR_OUT_OF_MEMORY	Out of memory error
YACA_ERROR_INTERNAL	Internal error

See also:: yaca_key_type_e; yaca_padding_e; yaca_rsa_public_decrypt(); yaca_free()

int yaca_rsa_public_decrypt	(	yaca_padding_e	padding,
		const yaca_key_h	pub_key,
		const char *	ciphertext,
		size_t	ciphertext_len,
		char **	plaintext,
		size_t *	plaintext_len
	)

Decrypts data using a RSA public key (low-level verify equivalent).

Since :: 3.0

Remarks:: The plaintext should be freed using yaca_free().; The pub_key used has to be of a YACA_KEY_TYPE_RSA_PUB type.

Parameters:

[in]	padding	Padding method
[in]	pub_key	Public RSA key matching the private one used to encrypt the data
[in]	ciphertext	Ciphertext to be decrypted
[in]	ciphertext_len	Length of ciphertext
[out]	plaintext	Decrypted data, will be allocated by the library
[out]	plaintext_len	Length of the decrypted data

Returns:: YACA_ERROR_NONE on success, negative on error

Return values:

YACA_ERROR_NONE	Successful
YACA_ERROR_INVALID_PARAMETER	Required parameters have incorrect values (NULL, 0 invalid padding or pub_key), padding check failed
YACA_ERROR_OUT_OF_MEMORY	Out of memory error
YACA_ERROR_INTERNAL	Internal error

See also:: yaca_key_type_e; yaca_padding_e; yaca_rsa_private_encrypt(); yaca_free()

int yaca_rsa_public_encrypt	(	yaca_padding_e	padding,
		const yaca_key_h	pub_key,
		const char *	plaintext,
		size_t	plaintext_len,
		char **	ciphertext,
		size_t *	ciphertext_len
	)

Encrypts data using a RSA public key (low-level encrypt equivalent).

Since :: 3.0

Remarks:: The ciphertext should be freed using yaca_free().; The pub_key used has to be of a YACA_KEY_TYPE_RSA_PUB type.; The maximum length of plaintext depends on the key length and padding method. See yaca_padding_e for details.; The plaintext can be NULL but then the plaintext_len must be 0.

Parameters:

[in]	padding	Padding method
[in]	pub_key	Public RSA key (see yaca_key.h for key generation functions)
[in]	plaintext	Plaintext to be encrypted
[in]	plaintext_len	Length of the plaintext
[out]	ciphertext	Encrypted data, will be allocated by the library
[out]	ciphertext_len	Length of the encrypted data (may be larger than decrypted)

Returns:: YACA_ERROR_NONE on success, negative on error

Return values:

YACA_ERROR_NONE	Successful
YACA_ERROR_INVALID_PARAMETER	Required parameters have incorrect values (NULL, 0 invalid padding, pub_key or plaintext_len)
YACA_ERROR_OUT_OF_MEMORY	Out of memory error
YACA_ERROR_INTERNAL	Internal error

See also:: yaca_key_type_e; yaca_padding_e; yaca_rsa_private_decrypt(); yaca_free()

Required Header

Overview

Examples

Functions

Function Documentation