Author: Pekka Riikonen <priikone@silcnet.org>
- Copyright (C) 2003 - 2006 Pekka Riikonen
+ Copyright (C) 2003 - 2007 Pekka Riikonen
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
#include "silc.h"
#include "rsa.h"
+#include "silcpkcs1_i.h"
/************************** PKCS #1 message format ***************************/
case SILC_PKCS1_BT_PUB:
/* Encryption */
+ if (!rng) {
+ SILC_LOG_ERROR(("Cannot encrypt: random number generator not provided"));
+ return FALSE;
+ }
/* It is guaranteed this routine does not return zero byte. */
- if (rng)
- for (i = 2; i < padlen; i++)
- dest_data[i] = silc_rng_get_byte_fast(rng);
- else
- for (i = 2; i < padlen; i++)
- dest_data[i] = silc_rng_global_get_byte_fast();
+ for (i = 2; i < padlen; i++)
+ dest_data[i] = silc_rng_get_byte_fast(rng);
+
break;
}
}
/* Generate the actual keys */
- if (!rsa_generate_keys(keylen, &p, &q, ret_public_key, ret_private_key))
+ if (!silc_rsa_generate_keys(keylen, &p, &q, ret_public_key, ret_private_key))
return FALSE;
silc_mp_uninit(&p);
/* Import PKCS #1 compliant public key */
-SilcBool silc_pkcs1_import_public_key(unsigned char *key,
- SilcUInt32 key_len,
- void **ret_public_key)
+int silc_pkcs1_import_public_key(unsigned char *key,
+ SilcUInt32 key_len,
+ void **ret_public_key)
{
SilcAsn1 asn1 = NULL;
SilcBufferStruct alg_key;
RsaPublicKey *pubkey;
if (!ret_public_key)
- return FALSE;
+ return 0;
asn1 = silc_asn1_alloc();
if (!asn1)
- return FALSE;
+ return 0;
/* Allocate RSA public key */
*ret_public_key = pubkey = silc_calloc(1, sizeof(*pubkey));
silc_asn1_free(asn1);
- return TRUE;
+ return key_len;
err:
+ silc_free(pubkey);
silc_asn1_free(asn1);
- return FALSE;
+ return 0;
}
/* Export PKCS #1 compliant public key */
/* Import PKCS #1 compliant private key */
-SilcBool silc_pkcs1_import_private_key(unsigned char *key,
- SilcUInt32 key_len,
- void **ret_private_key)
+int silc_pkcs1_import_private_key(unsigned char *key,
+ SilcUInt32 key_len,
+ void **ret_private_key)
{
SilcAsn1 asn1;
SilcBufferStruct alg_key;
RsaPrivateKey *privkey;
+ SilcUInt32 ver;
if (!ret_private_key)
- return FALSE;
+ return 0;
asn1 = silc_asn1_alloc();
if (!asn1)
- return FALSE;
+ return 0;
/* Allocate RSA private key */
*ret_private_key = privkey = silc_calloc(1, sizeof(*privkey));
if (!silc_asn1_decode(asn1, &alg_key,
SILC_ASN1_OPTS(SILC_ASN1_ALLOC),
SILC_ASN1_SEQUENCE,
- SILC_ASN1_INT(NULL),
+ SILC_ASN1_SHORT_INT(&ver),
SILC_ASN1_INT(&privkey->n),
SILC_ASN1_INT(&privkey->e),
SILC_ASN1_INT(&privkey->d),
SILC_ASN1_END, SILC_ASN1_END))
goto err;
+ if (ver != 0)
+ goto err;
+
/* Set key length */
privkey->bits = silc_mp_sizeinbase(&privkey->n, 2);
silc_asn1_free(asn1);
- return TRUE;
+ return key_len;
err:
+ silc_free(privkey);
silc_asn1_free(asn1);
- return FALSE;
+ return 0;
}
/* Export PKCS #1 compliant private key */
RsaPrivateKey *key = private_key;
SilcAsn1 asn1;
SilcBufferStruct alg_key;
- SilcMPInt version;
unsigned char *ret;
asn1 = silc_asn1_alloc();
return FALSE;
/* Encode to PKCS #1 private key */
- silc_mp_init(&version);
- silc_mp_set_ui(&version, 0);
memset(&alg_key, 0, sizeof(alg_key));
if (!silc_asn1_encode(asn1, &alg_key,
SILC_ASN1_OPTS(SILC_ASN1_ALLOC),
SILC_ASN1_SEQUENCE,
- SILC_ASN1_INT(&version),
+ SILC_ASN1_SHORT_INT(0),
SILC_ASN1_INT(&key->n),
SILC_ASN1_INT(&key->e),
SILC_ASN1_INT(&key->d),
SILC_ASN1_INT(&key->qP),
SILC_ASN1_END, SILC_ASN1_END))
goto err;
- silc_mp_uninit(&version);
ret = silc_buffer_steal(&alg_key, ret_len);
silc_asn1_free(asn1);
SilcUInt32 src_len,
unsigned char *dst,
SilcUInt32 dst_size,
- SilcUInt32 *ret_dst_len)
+ SilcUInt32 *ret_dst_len,
+ SilcRng rng)
{
RsaPublicKey *key = public_key;
SilcMPInt mp_tmp;
/* Pad data */
if (!silc_pkcs1_encode(SILC_PKCS1_BT_PUB, src, src_len,
- padded, len, NULL))
+ padded, len, rng))
return FALSE;
silc_mp_init(&mp_tmp);
silc_mp_bin2mp(padded, len, &mp_tmp);
/* Encrypt */
- rsa_public_operation(key, &mp_tmp, &mp_dst);
+ silc_rsa_public_operation(key, &mp_tmp, &mp_dst);
/* MP to data */
silc_mp_mp2bin_noalloc(&mp_dst, dst, len);
silc_mp_bin2mp(src, src_len, &mp_tmp);
/* Decrypt */
- rsa_private_operation(key, &mp_tmp, &mp_dst);
+ silc_rsa_private_operation(key, &mp_tmp, &mp_dst);
/* MP to data */
padded = silc_mp_mp2bin(&mp_dst, (key->bits + 7) / 8, &padded_len);
return TRUE;
}
+/* PKCS #1 sign with appendix, hash OID included in the signature */
+
SilcBool silc_pkcs1_sign(void *private_key,
unsigned char *src,
SilcUInt32 src_len,
return FALSE;
}
+/* PKCS #1 verification with appendix. */
+
SilcBool silc_pkcs1_verify(void *public_key,
unsigned char *signature,
SilcUInt32 signature_len,
silc_mp_bin2mp(padded, len, &mp_tmp);
/* Sign */
- rsa_private_operation(key, &mp_tmp, &mp_dst);
+ silc_rsa_private_operation(key, &mp_tmp, &mp_dst);
/* MP to data */
silc_mp_mp2bin_noalloc(&mp_dst, signature, len);
silc_mp_bin2mp(signature, signature_len, &mp_tmp2);
/* Verify */
- rsa_public_operation(key, &mp_tmp2, &mp_dst);
+ silc_rsa_public_operation(key, &mp_tmp2, &mp_dst);
/* MP to data */
verify = silc_mp_mp2bin(&mp_dst, len, &verify_len);
if (hash) {
silc_hash_make(hash, data, data_len, hashr);
data = hashr;
+ data_len = silc_hash_len(hash);
}
/* Compare */
- if (memcmp(data, unpadded, len))
+ if (len != data_len)
+ ret = FALSE;
+ else if (memcmp(data, unpadded, len))
ret = FALSE;
memset(verify, 0, verify_len);