Hence, the encoding is always in PKCS #1 version 1.5 format.
Any questions and comments regarding this modified version should be
- sent to priikone@poseidon.pspt.fi.
+ sent to priikone@silcnet.org.
References: ftp://ftp.rsasecurity.com/pub/pkcs/ascii/pkcs-1v2.asc,
ftp://ftp.rsasecurity.com/pub/pkcs/ascii/pkcs-1.asc,
*/
#include "silcincludes.h"
+#include "rsa_internal.h"
#include "rsa.h"
#define RSA_BLOCK_MIN_PAD_LEN 8
* the rules defined in PKCS #1.
*/
static unsigned char *
-RSA_FormatOneBlock(unsigned int modulusLen, RSA_BlockType blockType,
- unsigned char *data, unsigned int data_len)
+RSA_FormatOneBlock(SilcUInt32 modulusLen, RSA_BlockType blockType,
+ unsigned char *data, SilcUInt32 data_len)
{
unsigned char *block;
unsigned char *bp;
for (i = 0; i < padLen; i++) {
/* Pad with non-zero random data. */
do {
- silc_rng_global_get_byte(bp + i);
+ bp[i] = silc_rng_global_get_byte();
} while (bp[i] == RSA_BLOCK_AFTER_PAD_OCTET);
}
bp += padLen;
}
static int
-RSA_FormatBlock(unsigned char **result, unsigned int *result_len,
- unsigned int modulusLen,
+RSA_FormatBlock(unsigned char **result, SilcUInt32 *result_len,
+ SilcUInt32 modulusLen,
RSA_BlockType blockType, unsigned char *data,
- unsigned int data_len)
+ SilcUInt32 data_len)
{
/*
* XXX For now assume that the data length fits in a single
*/
unsigned char *
RSA_DecodeOneBlock(unsigned char *data,
- unsigned int modulusLen,
- unsigned int expectedLen,
+ SilcUInt32 modulusLen,
+ SilcUInt32 expectedLen,
RSA_BlockType bt,
- unsigned int *pResultLen)
+ SilcUInt32 *pResultLen)
{
RSA_BlockType blockType;
unsigned char *dp, *res;
- unsigned int i, len = 0;
+ SilcUInt32 i, len = 0;
dp = data;
if (dp[0] != RSA_BLOCK_FIRST_OCTET) {
if (blockType != bt)
return NULL;
+ if (modulusLen < 2 + 1)
+ return NULL;
+
dp += 2;
switch (blockType) {
SILC_PKCS_API_ENCRYPT(pkcs1)
{
RsaKey *key = (RsaKey *)context;
- SilcInt mp_tmp;
- SilcInt mp_dst;
+ SilcMPInt mp_tmp;
+ SilcMPInt mp_dst;
unsigned char *padded;
- unsigned int padded_len, len = key->bits / 8;
+ SilcUInt32 padded_len, len = (key->bits + 7) / 8;
/* Pad data */
if (!RSA_FormatBlock(&padded, &padded_len, len,
RSA_BlockPublic, src, src_len))
return FALSE;
- silc_mp_init_set_ui(&mp_tmp, 0);
- silc_mp_init_set_ui(&mp_dst, 0);
+ silc_mp_init(&mp_tmp);
+ silc_mp_init(&mp_dst);
/* Data to MP */
silc_mp_bin2mp(padded, padded_len, &mp_tmp);
memset(padded, 0, padded_len);
silc_free(padded);
- silc_mp_clear(&mp_tmp);
- silc_mp_clear(&mp_dst);
+ silc_mp_uninit(&mp_tmp);
+ silc_mp_uninit(&mp_dst);
return TRUE;
}
SILC_PKCS_API_DECRYPT(pkcs1)
{
RsaKey *key = (RsaKey *)context;
- SilcInt mp_tmp;
- SilcInt mp_dst;
+ SilcMPInt mp_tmp;
+ SilcMPInt mp_dst;
unsigned char *padded, *unpadded;
- unsigned int padded_len;
+ SilcUInt32 padded_len;
- silc_mp_init_set_ui(&mp_tmp, 0);
- silc_mp_init_set_ui(&mp_dst, 0);
+ silc_mp_init(&mp_tmp);
+ silc_mp_init(&mp_dst);
/* Data to MP */
silc_mp_bin2mp(src, src_len, &mp_tmp);
rsa_en_de_crypt(&mp_dst, &mp_tmp, &key->d, &key->n);
/* MP to data */
- padded = silc_mp_mp2bin(&mp_dst, key->bits / 8, &padded_len);
+ padded = silc_mp_mp2bin(&mp_dst, (key->bits + 7) / 8, &padded_len);
/* Unpad data */
unpadded = RSA_DecodeOneBlock(padded, padded_len, 0,
if (!unpadded) {
memset(padded, 0, padded_len);
silc_free(padded);
- silc_mp_clear(&mp_tmp);
- silc_mp_clear(&mp_dst);
+ silc_mp_uninit(&mp_tmp);
+ silc_mp_uninit(&mp_dst);
return FALSE;
}
memset(unpadded, 0, padded_len);
silc_free(padded);
silc_free(unpadded);
- silc_mp_clear(&mp_tmp);
- silc_mp_clear(&mp_dst);
+ silc_mp_uninit(&mp_tmp);
+ silc_mp_uninit(&mp_dst);
return TRUE;
}
SILC_PKCS_API_SIGN(pkcs1)
{
RsaKey *key = (RsaKey *)context;
- SilcInt mp_tmp;
- SilcInt mp_dst;
+ SilcMPInt mp_tmp;
+ SilcMPInt mp_dst;
unsigned char *padded;
- unsigned int padded_len;
- unsigned int len = key->bits / 8;
+ SilcUInt32 padded_len;
+ SilcUInt32 len = (key->bits + 7) / 8;
/* Pad data */
if (!RSA_FormatBlock(&padded, &padded_len, len, RSA_BlockPrivate,
src, src_len))
return FALSE;
- silc_mp_init_set_ui(&mp_tmp, 0);
- silc_mp_init_set_ui(&mp_dst, 0);
+ silc_mp_init(&mp_tmp);
+ silc_mp_init(&mp_dst);
/* Data to MP */
silc_mp_bin2mp(padded, len, &mp_tmp);
memset(padded, 0, padded_len);
silc_free(padded);
- silc_mp_clear(&mp_tmp);
- silc_mp_clear(&mp_dst);
+ silc_mp_uninit(&mp_tmp);
+ silc_mp_uninit(&mp_dst);
return TRUE;
}
{
RsaKey *key = (RsaKey *)context;
int ret = TRUE;
- SilcInt mp_tmp2;
- SilcInt mp_dst;
+ SilcMPInt mp_tmp2;
+ SilcMPInt mp_dst;
unsigned char *verify, *unpadded;
- unsigned int verify_len, len = key->bits / 8;
+ SilcUInt32 verify_len, len = (key->bits + 7) / 8;
- silc_mp_init_set_ui(&mp_tmp2, 0);
- silc_mp_init_set_ui(&mp_dst, 0);
+ silc_mp_init(&mp_tmp2);
+ silc_mp_init(&mp_dst);
/* Format the signature into MP int */
silc_mp_bin2mp(signature, signature_len, &mp_tmp2);
if (!unpadded) {
memset(verify, 0, verify_len);
silc_free(verify);
- silc_mp_clear(&mp_tmp2);
- silc_mp_clear(&mp_dst);
+ silc_mp_uninit(&mp_tmp2);
+ silc_mp_uninit(&mp_dst);
return FALSE;
}
memset(unpadded, 0, verify_len);
silc_free(verify);
silc_free(unpadded);
- silc_mp_clear(&mp_tmp2);
- silc_mp_clear(&mp_dst);
+ silc_mp_uninit(&mp_tmp2);
+ silc_mp_uninit(&mp_dst);
return ret;
}
projects / silc.git / blobdiff