mirror of
https://github.com/jart/cosmopolitan.git
synced 2025-01-31 11:37:35 +00:00
cc1920749e
Your redbean can now interoperate with clients that require TLS crypto. This is accomplished using a protocol polyglot that lets us distinguish between HTTP and HTTPS regardless of the port number. Certificates will be generated automatically, if none are supplied by the user. Footprint increases by only a few hundred kb so redbean in MODY=tiny is now 1.0mb - Add lseek() polyfills for ZIP executable - Automatically polyfill /tmp/FOO paths on NT - Fix readdir() / ftw() / nftw() bugs on Windows - Introduce -B flag for slower SSL that's stronger - Remove mbedtls features Cosmopolitan doesn't need - Have base64 decoder support the uri-safe alternative - Remove Truncated HMAC because it's forbidden by the IETF - Add all the mbedtls test suites and make them go 3x faster - Support opendir() / readdir() / closedir() on ZIP executable - Use Everest for ECDHE-ECDSA because it's so good it's so good - Add tinier implementation of sha1 since it's not worth the rom - Add chi-square monte-carlo mean correlation tests for getrandom() - Source entropy on Windows from the proper interface everyone uses We're continuing to outperform NGINX and other servers on raw message throughput. Using SSL means that instead of 1,000,000 qps you can get around 300,000 qps. However redbean isn't as fast as NGINX yet at SSL handshakes, since redbean can do 2,627 per second and NGINX does 4.3k Right now, the SSL UX story works best if you give your redbean a key signing key since that can be easily generated by openssl using a one liner then redbean will do all the things that are impossibly hard to do like signing ecdsa and rsa certificates that'll work in chrome. We should integrate the let's encrypt acme protocol in the future. Live Demo: https://redbean.justine.lol/ Root Cert: https://redbean.justine.lol/redbean1.crt
165 lines
6.6 KiB
C
165 lines
6.6 KiB
C
#ifndef MBEDTLS_RSA_INTERNAL_H
|
|
#define MBEDTLS_RSA_INTERNAL_H
|
|
#include "third_party/mbedtls/bignum.h"
|
|
#include "third_party/mbedtls/config.h"
|
|
/* clang-format off */
|
|
|
|
#ifdef __cplusplus
|
|
extern "C" {
|
|
#endif
|
|
|
|
|
|
/**
|
|
* \brief Compute RSA prime moduli P, Q from public modulus N=PQ
|
|
* and a pair of private and public key.
|
|
*
|
|
* \note This is a 'static' helper function not operating on
|
|
* an RSA context. Alternative implementations need not
|
|
* overwrite it.
|
|
*
|
|
* \param N RSA modulus N = PQ, with P, Q to be found
|
|
* \param E RSA public exponent
|
|
* \param D RSA private exponent
|
|
* \param P Pointer to MPI holding first prime factor of N on success
|
|
* \param Q Pointer to MPI holding second prime factor of N on success
|
|
*
|
|
* \return
|
|
* - 0 if successful. In this case, P and Q constitute a
|
|
* factorization of N.
|
|
* - A non-zero error code otherwise.
|
|
*
|
|
* \note It is neither checked that P, Q are prime nor that
|
|
* D, E are modular inverses wrt. P-1 and Q-1. For that,
|
|
* use the helper function \c mbedtls_rsa_validate_params.
|
|
*
|
|
*/
|
|
int mbedtls_rsa_deduce_primes( mbedtls_mpi const *N, mbedtls_mpi const *E,
|
|
mbedtls_mpi const *D,
|
|
mbedtls_mpi *P, mbedtls_mpi *Q );
|
|
|
|
/**
|
|
* \brief Compute RSA private exponent from
|
|
* prime moduli and public key.
|
|
*
|
|
* \note This is a 'static' helper function not operating on
|
|
* an RSA context. Alternative implementations need not
|
|
* overwrite it.
|
|
*
|
|
* \param P First prime factor of RSA modulus
|
|
* \param Q Second prime factor of RSA modulus
|
|
* \param E RSA public exponent
|
|
* \param D Pointer to MPI holding the private exponent on success.
|
|
*
|
|
* \return
|
|
* - 0 if successful. In this case, D is set to a simultaneous
|
|
* modular inverse of E modulo both P-1 and Q-1.
|
|
* - A non-zero error code otherwise.
|
|
*
|
|
* \note This function does not check whether P and Q are primes.
|
|
*
|
|
*/
|
|
int mbedtls_rsa_deduce_private_exponent( mbedtls_mpi const *P,
|
|
mbedtls_mpi const *Q,
|
|
mbedtls_mpi const *E,
|
|
mbedtls_mpi *D );
|
|
|
|
|
|
/**
|
|
* \brief Generate RSA-CRT parameters
|
|
*
|
|
* \note This is a 'static' helper function not operating on
|
|
* an RSA context. Alternative implementations need not
|
|
* overwrite it.
|
|
*
|
|
* \param P First prime factor of N
|
|
* \param Q Second prime factor of N
|
|
* \param D RSA private exponent
|
|
* \param DP Output variable for D modulo P-1
|
|
* \param DQ Output variable for D modulo Q-1
|
|
* \param QP Output variable for the modular inverse of Q modulo P.
|
|
*
|
|
* \return 0 on success, non-zero error code otherwise.
|
|
*
|
|
* \note This function does not check whether P, Q are
|
|
* prime and whether D is a valid private exponent.
|
|
*
|
|
*/
|
|
int mbedtls_rsa_deduce_crt( const mbedtls_mpi *P, const mbedtls_mpi *Q,
|
|
const mbedtls_mpi *D, mbedtls_mpi *DP,
|
|
mbedtls_mpi *DQ, mbedtls_mpi *QP );
|
|
|
|
|
|
/**
|
|
* \brief Check validity of core RSA parameters
|
|
*
|
|
* \note This is a 'static' helper function not operating on
|
|
* an RSA context. Alternative implementations need not
|
|
* overwrite it.
|
|
*
|
|
* \param N RSA modulus N = PQ
|
|
* \param P First prime factor of N
|
|
* \param Q Second prime factor of N
|
|
* \param D RSA private exponent
|
|
* \param E RSA public exponent
|
|
* \param f_rng PRNG to be used for primality check, or NULL
|
|
* \param p_rng PRNG context for f_rng, or NULL
|
|
*
|
|
* \return
|
|
* - 0 if the following conditions are satisfied
|
|
* if all relevant parameters are provided:
|
|
* - P prime if f_rng != NULL (%)
|
|
* - Q prime if f_rng != NULL (%)
|
|
* - 1 < N = P * Q
|
|
* - 1 < D, E < N
|
|
* - D and E are modular inverses modulo P-1 and Q-1
|
|
* (%) This is only done if MBEDTLS_GENPRIME is defined.
|
|
* - A non-zero error code otherwise.
|
|
*
|
|
* \note The function can be used with a restricted set of arguments
|
|
* to perform specific checks only. E.g., calling it with
|
|
* (-,P,-,-,-) and a PRNG amounts to a primality check for P.
|
|
*/
|
|
int mbedtls_rsa_validate_params( const mbedtls_mpi *N, const mbedtls_mpi *P,
|
|
const mbedtls_mpi *Q, const mbedtls_mpi *D,
|
|
const mbedtls_mpi *E,
|
|
int (*f_rng)(void *, unsigned char *, size_t),
|
|
void *p_rng );
|
|
|
|
/**
|
|
* \brief Check validity of RSA CRT parameters
|
|
*
|
|
* \note This is a 'static' helper function not operating on
|
|
* an RSA context. Alternative implementations need not
|
|
* overwrite it.
|
|
*
|
|
* \param P First prime factor of RSA modulus
|
|
* \param Q Second prime factor of RSA modulus
|
|
* \param D RSA private exponent
|
|
* \param DP MPI to check for D modulo P-1
|
|
* \param DQ MPI to check for D modulo P-1
|
|
* \param QP MPI to check for the modular inverse of Q modulo P.
|
|
*
|
|
* \return
|
|
* - 0 if the following conditions are satisfied:
|
|
* - D = DP mod P-1 if P, D, DP != NULL
|
|
* - Q = DQ mod P-1 if P, D, DQ != NULL
|
|
* - QP = Q^-1 mod P if P, Q, QP != NULL
|
|
* - \c MBEDTLS_ERR_RSA_KEY_CHECK_FAILED if check failed,
|
|
* potentially including \c MBEDTLS_ERR_MPI_XXX if some
|
|
* MPI calculations failed.
|
|
* - \c MBEDTLS_ERR_RSA_BAD_INPUT_DATA if insufficient
|
|
* data was provided to check DP, DQ or QP.
|
|
*
|
|
* \note The function can be used with a restricted set of arguments
|
|
* to perform specific checks only. E.g., calling it with the
|
|
* parameters (P, -, D, DP, -, -) will check DP = D mod P-1.
|
|
*/
|
|
int mbedtls_rsa_validate_crt( const mbedtls_mpi *P, const mbedtls_mpi *Q,
|
|
const mbedtls_mpi *D, const mbedtls_mpi *DP,
|
|
const mbedtls_mpi *DQ, const mbedtls_mpi *QP );
|
|
|
|
#ifdef __cplusplus
|
|
}
|
|
#endif
|
|
|
|
#endif /* rsa_internal.h */
|