Software APIs
rsa_key.h
1 // Copyright lowRISC contributors (OpenTitan project).
2 // Licensed under the Apache License, Version 2.0, see LICENSE for details.
3 // SPDX-License-Identifier: Apache-2.0
4 
5 #ifndef OPENTITAN_SW_DEVICE_SILICON_CREATOR_LIB_SIGVERIFY_RSA_KEY_H_
6 #define OPENTITAN_SW_DEVICE_SILICON_CREATOR_LIB_SIGVERIFY_RSA_KEY_H_
7 
8 #include <stdint.h>
9 
10 #include "sw/device/lib/base/macros.h"
11 
12 #ifdef __cplusplus
13 extern "C" {
14 #endif // __cplusplus
15 
16 enum {
17  /**
18  * Length of an RSA-3072 modulus or signature in bits.
19  */
20  kSigVerifyRsaNumBits = 3072,
21  /**
22  * Length of an RSA-3072 modulus or signature in bytes.
23  */
24  kSigVerifyRsaNumBytes = kSigVerifyRsaNumBits / 8,
25  /**
26  * Length of an RSA-3072 modulus or signature in words.
27  */
28  kSigVerifyRsaNumWords = kSigVerifyRsaNumBytes / sizeof(uint32_t),
29 };
30 
31 /**
32  * A type that holds `kSigVerifyRsaNumWords` words.
33  *
34  * This can be used for RSA-3072 moduli, signatures, and intermediate values
35  * during modular exponentiation.
36  */
37 typedef struct sigverify_rsa_buffer {
38  uint32_t data[kSigVerifyRsaNumWords];
39 } sigverify_rsa_buffer_t;
40 
41 /**
42  * An RSA public key with exponent 65537.
43  */
44 typedef struct sigverify_rsa_key {
45  /**
46  * Modulus, a `kSigVerifyRsaNumWords` base 2^32 digit integer, little-endian.
47  */
48  sigverify_rsa_buffer_t n;
49  /**
50  * Negative of the multiplicative inverse of n modulo 2^256, little-endian.
51  *
52  * Calculations performed on OTBN (word size: 256 bits) use the whole array
53  * while calculations performed on Ibex (word size: 32 bits) use only the
54  * first word, which is equal to -n^-1 mod 2^32.
55  */
56  uint32_t n0_inv[8];
57 } sigverify_rsa_key_t;
58 
59 /**
60  * Gets the ID of an RSA public key from its modulus.
61  *
62  * ID of a key is the least significant word of its modulus.
63  * Callers must make sure that `modulus` is valid before calling this function.
64  *
65  * @param key An RSA public key.
66  * @return ID of the key.
67  */
68 OT_WARN_UNUSED_RESULT
69 inline uint32_t sigverify_rsa_key_id_get(
70  const sigverify_rsa_buffer_t *modulus) {
71  return modulus->data[0];
72 }
73 
74 #ifdef __cplusplus
75 } // extern "C"
76 #endif // __cplusplus
77 
78 #endif // OPENTITAN_SW_DEVICE_SILICON_CREATOR_LIB_SIGVERIFY_RSA_KEY_H_
Return to OpenTitan Documentation