Software APIs
otbn_testutils_rsa.h
1 // Copyright lowRISC contributors (OpenTitan project).
2 // Licensed under the Apache License, Version 2.0, see LICENSE for details.
3 // SPDX-License-Identifier: Apache-2.0
4 
5 #ifndef OPENTITAN_SW_DEVICE_LIB_TESTING_OTBN_TESTUTILS_RSA_H_
6 #define OPENTITAN_SW_DEVICE_LIB_TESTING_OTBN_TESTUTILS_RSA_H_
7 
8 #include "sw/device/lib/base/status.h"
9 #include "sw/device/lib/dif/dif_otbn.h"
10 
11 /**
12  * @file Run RSA on OTBN as a testing tool.
13  * @brief This library is based on the DIF instead of a full OTBN driver, and
14  * should be used for testing only. The library does not include message
15  * hashing or encoding.
16  */
17 
18 /**
19  * Load the RSA application into OTBN.
20  *
21  * @param otbn The OTBN context object.
22  */
23 status_t otbn_testutils_rsa_load(dif_otbn_t *otbn);
24 
25 /**
26  * Start running modular exponentiation with the exponent 65537.
27  *
28  * Computes (in^65537) mod n. This corresponds to the core step in encryption
29  * or signature verification, and is much faster than a general modular
30  * exponentiation. 65537 is also called "F4" because it is the 4th Fermat
31  * number (2^16 + 1).
32  *
33  * The RSA app should be loaded into OTBN with `otbn_testutils_rsa_load` before
34  * calling this function.
35  *
36  * @param otbn The OTBN context object.
37  * @param modulus The modulus (n).
38  * @param in The plaintext message.
39  * @param size_bytes The size of all buffers in bytes, i.e. the key/modulus
40  * length (i.e. 128 for RSA 1024). Valid range: 32..512 in
41  * 32 byte-steps (i.e. RSA 256 to RSA 4096).
42  */
43 status_t otbn_testutils_rsa_modexp_f4_start(dif_otbn_t *otbn,
44  const uint8_t *modulus,
45  const uint8_t *in,
46  size_t size_bytes);
47 
48 /**
49  * Finish modular exponentiation with the exponent 65537.
50  *
51  * Waits for OTBN to complete and reads back the result of modular
52  * exponentiation. Call only after `otbn_testutils_rsa_modexp_f4_start`.
53  *
54  * @param otbn The OTBN context object.
55  * @param out The encrypted message.
56  * @param size_bytes The size of all buffers in bytes, i.e. the key/modulus
57  * length (i.e. 128 for RSA 1024). Valid range: 32..512 in
58  * 32 byte-steps (i.e. RSA 256 to RSA 4096).
59  */
60 status_t otbn_testutils_rsa_modexp_f4_finalize(dif_otbn_t *otbn, uint8_t *out,
61  size_t size_bytes);
62 
63 /**
64  * Start a constant-time modular exponentiation.
65  *
66  * Computes (in^d) mod n. This corresponds to the core step in decryption or
67  * signature generation and can be very slow.
68  *
69  * The RSA app should be loaded into OTBN with `otbn_testutils_rsa_load` before
70  * calling this function.
71  *
72  * @param otbn The OTBN context object.
73  * @param modulus The modulus (n).
74  * @param private_exponent The private exponent (d).
75  * @param in The encrypted message.
76  * @param out The decrypted (plaintext) message.
77  * @param size_bytes The size of all buffers in bytes, i.e. the key/modulus
78  * length (i.e. 128 for RSA 1024). Valid range: 32..512 in
79  * 32 byte-steps (i.e. RSA 256 to RSA 4096).
80  */
81 status_t otbn_testutils_rsa_modexp_consttime_start(
82  dif_otbn_t *otbn, const uint8_t *modulus, const uint8_t *private_exponent,
83  const uint8_t *in, size_t size_bytes);
84 /**
85  * Finish modular exponentiation with the exponent 65537.
86  *
87  * Waits for OTBN to complete and reads back the result of modular
88  * exponentiation. Call only after `otbn_testutils_rsa_modexp_consttime_start`.
89  *
90  * @param otbn The OTBN context object.
91  * @param out The encrypted message.
92  * @param size_bytes The size of all buffers in bytes, i.e. the key/modulus
93  * length (i.e. 128 for RSA 1024). Valid range: 32..512 in
94  * 32 byte-steps (i.e. RSA 256 to RSA 4096).
95  */
96 status_t otbn_testutils_rsa_modexp_consttime_finalize(dif_otbn_t *otbn,
97  uint8_t *out,
98  size_t size_bytes);
99 
100 #endif // OPENTITAN_SW_DEVICE_LIB_TESTING_OTBN_TESTUTILS_RSA_H_
Return to OpenTitan Documentation