Commit 6a0bed19 authored by Niels Möller's avatar Niels Möller

Extracted padding code from rsa_encrypt to new function pkcs1_encrypt.

parent 4d73f83e
2012-05-18 Niels Möller <nisse@lysator.liu.se>
* pkcs1-encrypt.c (pkcs1_encrypt): New file and function.
* rsa-encrypt.c (rsa_encrypt): Use pkcs1_encrypt.
2012-05-09 Niels Möller <nisse@lysator.liu.se> 2012-05-09 Niels Möller <nisse@lysator.liu.se>
* rsa-decrypt-tr.c (rsa_decrypt_tr): Added missing mpz_clear, * rsa-decrypt-tr.c (rsa_decrypt_tr): Added missing mpz_clear,
......
...@@ -99,7 +99,8 @@ hogweed_SOURCES = sexp.c sexp-format.c \ ...@@ -99,7 +99,8 @@ hogweed_SOURCES = sexp.c sexp-format.c \
bignum.c bignum-next-prime.c \ bignum.c bignum-next-prime.c \
bignum-random.c bignum-random-prime.c \ bignum-random.c bignum-random-prime.c \
sexp2bignum.c \ sexp2bignum.c \
pkcs1.c pkcs1-decrypt.c pkcs1-rsa-md5.c pkcs1-rsa-sha1.c \ pkcs1.c pkcs1-encrypt.c pkcs1-decrypt.c \
pkcs1-md5.c pkcs1-rsa-sha1.c \
pkcs1-rsa-sha256.c pkcs1-rsa-sha512.c \ pkcs1-rsa-sha256.c pkcs1-rsa-sha512.c \
rsa.c rsa-sign.c rsa-verify.c \ rsa.c rsa-sign.c rsa-verify.c \
rsa-md5-sign.c rsa-md5-verify.c \ rsa-md5-sign.c rsa-md5-verify.c \
......
/* pkcs1-encrypt.c
*
* The RSA publickey algorithm. PKCS#1 encryption.
*/
/* nettle, low-level cryptographics library
*
* Copyright (C) 2001, 2012 Niels Möller
*
* The nettle library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation; either version 2.1 of the License, or (at your
* option) any later version.
*
* The nettle library is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
* License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with the nettle library; see the file COPYING.LIB. If not, write to
* the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
* MA 02111-1307, USA.
*/
#if HAVE_CONFIG_H
# include "config.h"
#endif
#include <assert.h>
#include <stdlib.h>
#include <string.h>
#include "pkcs1.h"
#include "bignum.h"
#include "nettle-internal.h"
int
pkcs1_encrypt (unsigned key_size,
/* For padding */
void *random_ctx, nettle_random_func random,
unsigned length, const uint8_t *message,
mpz_t m)
{
TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_SIZE);
unsigned padding;
unsigned i;
/* The message is encoded as a string of the same length as the
* modulo n, of the form
*
* 00 02 pad 00 message
*
* where padding should be at least 8 pseudorandomly generated
* *non-zero* octets. */
if (length + 11 > key_size)
/* Message too long for this key. */
return 0;
/* At least 8 octets of random padding */
padding = key_size - length - 3;
assert(padding >= 8);
TMP_ALLOC(em, key_size - 1);
em[0] = 2;
random(random_ctx, padding, em + 1);
/* Replace 0-octets with 1 */
for (i = 0; i<padding; i++)
if (!em[i+1])
em[i+1] = 1;
em[padding+1] = 0;
memcpy(em + padding + 2, message, length);
nettle_mpz_set_str_256_u(m, key_size - 1, em);
return 1;
}
...@@ -43,6 +43,7 @@ extern "C" { ...@@ -43,6 +43,7 @@ extern "C" {
#define pkcs1_rsa_sha256_encode_digest nettle_pkcs1_rsa_sha256_encode_digest #define pkcs1_rsa_sha256_encode_digest nettle_pkcs1_rsa_sha256_encode_digest
#define pkcs1_rsa_sha512_encode nettle_pkcs1_rsa_sha512_encode #define pkcs1_rsa_sha512_encode nettle_pkcs1_rsa_sha512_encode
#define pkcs1_rsa_sha512_encode_digest nettle_pkcs1_rsa_sha512_encode_digest #define pkcs1_rsa_sha512_encode_digest nettle_pkcs1_rsa_sha512_encode_digest
#define pkcs1_encrypt nettle_pkcs1_encrypt
#define pkcs1_decrypt nettle_pkcs1_decrypt #define pkcs1_decrypt nettle_pkcs1_decrypt
struct md5_ctx; struct md5_ctx;
...@@ -57,6 +58,13 @@ pkcs1_signature_prefix(unsigned size, ...@@ -57,6 +58,13 @@ pkcs1_signature_prefix(unsigned size,
const uint8_t *id, const uint8_t *id,
unsigned digest_size); unsigned digest_size);
int
pkcs1_encrypt (unsigned key_size,
/* For padding */
void *random_ctx, nettle_random_func random,
unsigned length, const uint8_t *message,
mpz_t m);
int int
pkcs1_decrypt (unsigned key_size, pkcs1_decrypt (unsigned key_size,
const mpz_t m, const mpz_t m,
......
/* rsa_encrypt.c /* rsa-encrypt.c
* *
* The RSA publickey algorithm. PKCS#1 encryption. * The RSA publickey algorithm. PKCS#1 encryption.
*/ */
...@@ -27,57 +27,23 @@ ...@@ -27,57 +27,23 @@
# include "config.h" # include "config.h"
#endif #endif
#include <assert.h>
#include <stdlib.h>
#include <string.h>
#include "rsa.h" #include "rsa.h"
#include "bignum.h" #include "pkcs1.h"
#include "nettle-internal.h"
int int
rsa_encrypt(const struct rsa_public_key *key, rsa_encrypt(const struct rsa_public_key *key,
/* For padding */ /* For padding */
void *random_ctx, nettle_random_func random, void *random_ctx, nettle_random_func random,
unsigned length, const uint8_t *message, unsigned length, const uint8_t *message,
mpz_t gibbberish) mpz_t gibberish)
{ {
TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_SIZE); if (pkcs1_encrypt (key->size, random_ctx, random,
unsigned padding; length, message, gibberish))
unsigned i; {
mpz_powm(gibberish, gibberish, key->e, key->n);
/* The message is encoded as a string of the same length as the return 1;
* modulo n, of the form }
* else
* 00 02 pad 00 message
*
* where padding should be at least 8 pseudorandomly generated
* *non-zero* octets. */
if (length + 11 > key->size)
/* Message too long for this key. */
return 0; return 0;
/* At least 8 octets of random padding */
padding = key->size - length - 3;
assert(padding >= 8);
TMP_ALLOC(em, key->size - 1);
em[0] = 2;
random(random_ctx, padding, em + 1);
/* Replace 0-octets with 1 */
for (i = 0; i<padding; i++)
if (!em[i+1])
em[i+1] = 1;
em[padding+1] = 0;
memcpy(em + padding + 2, message, length);
nettle_mpz_set_str_256_u(gibbberish, key->size - 1, em);
mpz_powm(gibbberish, gibbberish, key->e, key->n);
return 1;
} }
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment