Commit 17c7e236 authored by Niels Möller's avatar Niels Möller

(rsa_check_size): New function, for computing and checking

the size of the modulo in octets.
(rsa_prepare_public_key): Usa rsa_check_size.
(rsa_init_private_key): Removed code handling n, e and d.
(rsa_clear_private_key): Likewise.
(rsa_compute_root): Always use CRT.

Rev: src/nettle/rsa.c:1.4
parent 010df288
......@@ -55,10 +55,14 @@ rsa_clear_public_key(struct rsa_public_key *key)
mpz_clear(key->e);
}
int
rsa_prepare_public_key(struct rsa_public_key *key)
/* Computes the size, in octets, of a size BITS modulo.
* Returns 0 if the modulo is too small to be useful. */
static unsigned
rsa_check_size(unsigned bits)
{
unsigned size = (mpz_sizeinbase(key->n, 2) + 7) / 8;
/* Round upwards */
unsigned size = (bits + 7) / 8;
/* For PKCS#1 to make sense, the size of the modulo, in octets, must
* be at least 11 + the length of the DER-encoded Digest Info.
......@@ -67,39 +71,43 @@ rsa_prepare_public_key(struct rsa_public_key *key)
* 46 octets is 368 bits. */
if (size < 46)
{
/* Make sure the signing and verification functions doesn't
* try to use this key. */
key->size = 0;
return 0;
return size;
}
int
rsa_prepare_public_key(struct rsa_public_key *key)
{
/* FIXME: Add further sanity checks, like 0 < e < n. */
#if 0
if ( (mpz_sgn(key->e) <= 0)
|| mpz_cmp(key->e, key->n) >= 0)
return 0;
}
else
{
key->size = size;
return 1;
}
#endif
key->size = rsa_check_size(mpz_sizeinbase(key->n, 2));
return (key->size > 0);
}
void
rsa_init_private_key(struct rsa_private_key *key)
{
rsa_init_public_key(&key->pub);
mpz_init(key->d);
mpz_init(key->p);
mpz_init(key->q);
mpz_init(key->a);
mpz_init(key->b);
mpz_init(key->c);
/* Not really necessary, but it seems cleaner to initialize all the
* storage. */
key->size = 0;
}
void
rsa_clear_private_key(struct rsa_private_key *key)
{
rsa_clear_public_key(&key->pub);
mpz_clear(key->d);
mpz_clear(key->p);
mpz_clear(key->q);
mpz_clear(key->a);
......@@ -110,24 +118,19 @@ rsa_clear_private_key(struct rsa_private_key *key)
int
rsa_prepare_private_key(struct rsa_private_key *key)
{
return rsa_prepare_public_key(&key->pub);
}
/* FIXME: Add further sanity checks. */
#ifndef RSA_CRT
#define RSA_CRT 1
#endif
/* The size of the product is the sum of the sizes of the factors. */
key->size = rsa_check_size(mpz_sizeinbase(key->p, 2)
+ mpz_sizeinbase(key->p, 2));
/* Computing an rsa root.
*
* NOTE: We don't really need n not e, so we could drop the public
* key info from struct rsa_private_key. */
return (key->size > 0);
}
/* Computing an rsa root. */
void
rsa_compute_root(struct rsa_private_key *key, mpz_t x, const mpz_t m)
{
#if RSA_CRT
{
mpz_t xp; /* modulo p */
mpz_t xq; /* modulo q */
......@@ -180,10 +183,6 @@ rsa_compute_root(struct rsa_private_key *key, mpz_t x, const mpz_t m)
mpz_add(x, x, xq);
mpz_clear(xp); mpz_clear(xq);
}
#else /* !RSA_CRT */
mpz_powm(x, m, key->d, key->pub->n);
#endif /* !RSA_CRT */
}
#endif /* HAVE_LIBGMP */
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment