(nuttx) 01/05: crypto: export rsa with pkcs1.5 and pss mode

Tue, 27 Jan 2026 03:30:27 -0800 

This is an automated email from the ASF dual-hosted git repository.

xiaoxiang pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/nuttx.git

commit 2878fa3c38a36711b21602180295c9802531f23c
Author: makejian <[email protected]>
AuthorDate: Tue Nov 5 16:06:59 2024 +0800

    crypto: export rsa with pkcs1.5 and pss mode
    
    Add support for exporting RSA operations with PKCS#1 v1.5 and PSS padding 
schemes through the cryptodev interface.
    
    This enables both traditional and modern RSA signature schemes:
    - CRK_RSA_PKCS15_SIGN/VERIFY for PKCS#1 v1.5 padding
    - CRK_RSA_PSS_SIGN/VERIFY for PSS padding
    
    Signed-off-by: makejian <[email protected]>
---
 crypto/cryptodev.c         | 21 +++++++++++++++++++++
 include/crypto/cryptodev.h | 40 +++++++++++++++++++++++-----------------
 2 files changed, 44 insertions(+), 17 deletions(-)

diff --git a/crypto/cryptodev.c b/crypto/cryptodev.c
index 40cf9c11d4f..23e8414a052 100644
--- a/crypto/cryptodev.c
+++ b/crypto/cryptodev.c
@@ -558,6 +558,13 @@ static int cryptodev_key(FAR struct fcrypt *fcr, FAR 
struct crypt_kop *kop)
             break;
           }
 
+        return -EINVAL;
+      case CRK_RSA_PKCS15_SIGN:
+        if (in == 4 && out == 1)
+          {
+            break;
+          }
+
         return -EINVAL;
       case CRK_RSA_PKCS15_VERIFY:
         if (in == 5 && out == 0)
@@ -565,6 +572,20 @@ static int cryptodev_key(FAR struct fcrypt *fcr, FAR 
struct crypt_kop *kop)
             break;
           }
 
+        return -EINVAL;
+      case CRK_RSA_PSS_SIGN:
+        if (in == 3 && out == 1)
+          {
+            break;
+          }
+
+        return -EINVAL;
+      case CRK_RSA_PSS_VERIFY:
+        if (in == 4 && out == 0)
+          {
+            break;
+          }
+
         return -EINVAL;
       case CRK_ECDSA_SECP256R1_SIGN:
         if (in == 2 && out == 2)
diff --git a/include/crypto/cryptodev.h b/include/crypto/cryptodev.h
index c26810f3d6a..fa8240bfb86 100644
--- a/include/crypto/cryptodev.h
+++ b/include/crypto/cryptodev.h
@@ -270,33 +270,39 @@ struct crypt_kop
 #define CRK_DSA_VERIFY             3
 #define CRK_DH_MAKE_PUBLIC         4
 #define CRK_DH_COMPUTE_KEY         5
-#define CRK_RSA_PKCS15_VERIFY      6
-#define CRK_ECDSA_SECP256R1_SIGN   7
-#define CRK_ECDSA_SECP256R1_VERIFY 8
-#define CRK_ECDSA_SECP256R1_GENKEY 9
+#define CRK_RSA_PKCS15_SIGN        6
+#define CRK_RSA_PKCS15_VERIFY      7
+#define CRK_RSA_PSS_SIGN           8
+#define CRK_RSA_PSS_VERIFY         10
+#define CRK_ECDSA_SECP256R1_SIGN   11
+#define CRK_ECDSA_SECP256R1_VERIFY 12
+#define CRK_ECDSA_SECP256R1_GENKEY 13
 
 /* key management */
 
-#define CRK_ALLOCATE_KEY           10 /* Request an available keyid from the 
driver */
-#define CRK_VALIDATE_KEYID         11 /* Check the specified keyid is 
available */
-#define CRK_IMPORT_KEY             12 /* Import key data into driver */
-#define CRK_DELETE_KEY             13 /* Request to remove key with specified 
keyid */
-#define CRK_EXPORT_KEY             14 /* Export raw data or private key if 
keypair */
-#define CRK_EXPORT_PUBLIC_KEY      15 /* Export public key of keypair */
-#define CRK_GENERATE_AES_KEY       16 /* Generate key data for AES with 
specified keyid */
-#define CRK_GENERATE_RSA_KEY       17 /* Generate keypair for RSA with 
specified keyid */
-#define CRK_GENERATE_SECP256R1_KEY 18 /* Generate keypair for ECC256 with 
specified keyid */
-#define CRK_SAVE_KEY               19 /* Save key data into FLASH */
-#define CRK_LOAD_KEY               20 /* Load key data from FLASH into RAM */
-#define CRK_UNLOAD_KEY             21 /* Unload key data from RAM */
-#define CRK_ALGORITHM_MAX          21 /* Keep updated */
+#define CRK_ALLOCATE_KEY           14 /* Request an available keyid from the 
driver */
+#define CRK_VALIDATE_KEYID         15 /* Check the specified keyid is 
available */
+#define CRK_IMPORT_KEY             16 /* Import key data into driver */
+#define CRK_DELETE_KEY             17 /* Request to remove key with specified 
keyid */
+#define CRK_EXPORT_KEY             18 /* Export raw data or private key if 
keypair */
+#define CRK_EXPORT_PUBLIC_KEY      19 /* Export public key of keypair */
+#define CRK_GENERATE_AES_KEY       20 /* Generate key data for AES with 
specified keyid */
+#define CRK_GENERATE_RSA_KEY       21 /* Generate keypair for RSA with 
specified keyid */
+#define CRK_GENERATE_SECP256R1_KEY 22 /* Generate keypair for ECC256 with 
specified keyid */
+#define CRK_SAVE_KEY               23 /* Save key data into FLASH */
+#define CRK_LOAD_KEY               24 /* Load key data from FLASH into RAM */
+#define CRK_UNLOAD_KEY             25 /* Unload key data from RAM */
+#define CRK_ALGORITHM_MAX          25 /* Keep updated */
 
 #define CRF_MOD_EXP                (1 << CRK_MOD_EXP)
 #define CRF_MOD_EXP_CRT            (1 << CRK_MOD_EXP_CRT)
 #define CRF_DSA_SIGN               (1 << CRK_DSA_SIGN)
 #define CRF_DSA_VERIFY             (1 << CRK_DSA_VERIFY)
 #define CRF_DH_COMPUTE_KEY         (1 << CRK_DH_COMPUTE_KEY)
+#define CRF_RSA_PKCS15_SIGN        (1 << CRK_RSA_PKCS15_SIGN)
 #define CRF_RSA_PKCS15_VERIFY      (1 << CRK_RSA_PKCS15_VERIFY)
+#define CRF_RSA_PSS_SIGN           (1 << CRK_RSA_PSS_SIGN)
+#define CRF_RSA_PSS_VERIFY         (1 << CRK_RSA_PSS_VERIFY)
 #define CRF_ECDSA_SECP256R1_SIGN   (1 << CRK_ECDSA_SECP256R1_SIGN)
 #define CRF_ECDSA_SECP256R1_VERIFY (1 << CRK_ECDSA_SECP256R1_VERIFY)
 #define CRF_ECDSA_SECP256R1_GENKEY (1 << CRK_ECDSA_SECP256R1_GENKEY)

Reply via email to