3
|
1 /* LibTomCrypt, modular cryptographic library -- Tom St Denis |
|
2 * |
|
3 * LibTomCrypt is a library that provides various cryptographic |
|
4 * algorithms in a highly modular and flexible manner. |
|
5 * |
|
6 * The library is free for all purposes without any express |
|
7 * guarantee it works. |
|
8 * |
|
9 * Tom St Denis, [email protected], http://libtomcrypt.org |
|
10 */ |
|
11 |
|
12 /* RSA Code by Tom St Denis */ |
|
13 #include "mycrypt.h" |
|
14 |
|
15 #ifdef MRSA |
|
16 |
143
|
17 /* compute an RSA modular exponentiation */ |
15
|
18 int rsa_exptmod(const unsigned char *in, unsigned long inlen, |
|
19 unsigned char *out, unsigned long *outlen, int which, |
|
20 prng_state *prng, int prng_idx, |
3
|
21 rsa_key *key) |
|
22 { |
15
|
23 mp_int tmp, tmpa, tmpb; |
3
|
24 unsigned long x; |
15
|
25 int err; |
3
|
26 |
|
27 _ARGCHK(in != NULL); |
|
28 _ARGCHK(out != NULL); |
|
29 _ARGCHK(outlen != NULL); |
|
30 _ARGCHK(key != NULL); |
15
|
31 |
143
|
32 /* valid prng? */ |
15
|
33 if ((err = prng_is_valid(prng_idx)) != CRYPT_OK) { |
|
34 return err; |
|
35 } |
3
|
36 |
143
|
37 /* is the key of the right type for the operation? */ |
|
38 if (which == PK_PRIVATE && (key->type != PK_PRIVATE)) { |
3
|
39 return CRYPT_PK_NOT_PRIVATE; |
|
40 } |
|
41 |
|
42 /* must be a private or public operation */ |
|
43 if (which != PK_PRIVATE && which != PK_PUBLIC) { |
|
44 return CRYPT_PK_INVALID_TYPE; |
|
45 } |
|
46 |
|
47 /* init and copy into tmp */ |
143
|
48 if ((err = mp_init_multi(&tmp, &tmpa, &tmpb, NULL)) != MP_OKAY) { return mpi_to_ltc_error(err); } |
3
|
49 if ((err = mp_read_unsigned_bin(&tmp, (unsigned char *)in, (int)inlen)) != MP_OKAY) { goto error; } |
|
50 |
|
51 /* sanity check on the input */ |
|
52 if (mp_cmp(&key->N, &tmp) == MP_LT) { |
|
53 err = CRYPT_PK_INVALID_SIZE; |
|
54 goto done; |
|
55 } |
|
56 |
|
57 /* are we using the private exponent and is the key optimized? */ |
143
|
58 if (which == PK_PRIVATE) { |
3
|
59 /* tmpa = tmp^dP mod p */ |
15
|
60 if ((err = tim_exptmod(prng, prng_idx, &tmp, &key->e, &key->dP, &key->p, &tmpa)) != MP_OKAY) { goto error; } |
3
|
61 |
|
62 /* tmpb = tmp^dQ mod q */ |
15
|
63 if ((err = tim_exptmod(prng, prng_idx, &tmp, &key->e, &key->dQ, &key->q, &tmpb)) != MP_OKAY) { goto error; } |
3
|
64 |
143
|
65 /* tmp = (tmpa - tmpb) * qInv (mod p) */ |
|
66 if ((err = mp_sub(&tmpa, &tmpb, &tmp)) != MP_OKAY) { goto error; } |
|
67 if ((err = mp_mulmod(&tmp, &key->qP, &key->p, &tmp)) != MP_OKAY) { goto error; } |
|
68 |
|
69 /* tmp = tmpb + q * tmp */ |
|
70 if ((err = mp_mul(&tmp, &key->q, &tmp)) != MP_OKAY) { goto error; } |
|
71 if ((err = mp_add(&tmp, &tmpb, &tmp)) != MP_OKAY) { goto error; } |
3
|
72 } else { |
|
73 /* exptmod it */ |
143
|
74 if ((err = mp_exptmod(&tmp, &key->e, &key->N, &tmp)) != MP_OKAY) { goto error; } |
3
|
75 } |
|
76 |
|
77 /* read it back */ |
15
|
78 x = (unsigned long)mp_unsigned_bin_size(&key->N); |
3
|
79 if (x > *outlen) { |
|
80 err = CRYPT_BUFFER_OVERFLOW; |
|
81 goto done; |
|
82 } |
|
83 *outlen = x; |
|
84 |
|
85 /* convert it */ |
15
|
86 zeromem(out, x); |
|
87 if ((err = mp_to_unsigned_bin(&tmp, out+(x-mp_unsigned_bin_size(&tmp)))) != MP_OKAY) { goto error; } |
3
|
88 |
|
89 /* clean up and return */ |
|
90 err = CRYPT_OK; |
|
91 goto done; |
|
92 error: |
|
93 err = mpi_to_ltc_error(err); |
|
94 done: |
|
95 mp_clear_multi(&tmp, &tmpa, &tmpb, NULL); |
|
96 return err; |
|
97 } |
|
98 |
|
99 #endif |