Mercurial > dropbear
comparison src/pk/katja/katja_decrypt_key.c @ 380:d5faf4814ddb libtomcrypt-orig libtomcrypt-1.16
Update to LibTomCrypt 1.16
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Thu, 11 Jan 2007 02:22:00 +0000 |
parents | |
children |
comparison
equal
deleted
inserted
replaced
280:59400faa4b44 | 380:d5faf4814ddb |
---|---|
1 /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
2 * | |
3 * LibTomCrypt is a library that provides various cryptographic | |
4 * algorithms in a highly modular and flexible manner. | |
5 * | |
6 * The library is free for all purposes without any express | |
7 * guarantee it works. | |
8 * | |
9 * Tom St Denis, [email protected], http://libtomcrypt.com | |
10 */ | |
11 #include "tomcrypt.h" | |
12 | |
13 /** | |
14 @file katja_decrypt_key.c | |
15 Katja PKCS #1 OAEP Decryption, Tom St Denis | |
16 */ | |
17 | |
18 #ifdef MKAT | |
19 | |
20 /** | |
21 (PKCS #1 v2.0) decrypt then OAEP depad | |
22 @param in The ciphertext | |
23 @param inlen The length of the ciphertext (octets) | |
24 @param out [out] The plaintext | |
25 @param outlen [in/out] The max size and resulting size of the plaintext (octets) | |
26 @param lparam The system "lparam" value | |
27 @param lparamlen The length of the lparam value (octets) | |
28 @param hash_idx The index of the hash desired | |
29 @param stat [out] Result of the decryption, 1==valid, 0==invalid | |
30 @param key The corresponding private Katja key | |
31 @return CRYPT_OK if succcessul (even if invalid) | |
32 */ | |
33 int katja_decrypt_key(const unsigned char *in, unsigned long inlen, | |
34 unsigned char *out, unsigned long *outlen, | |
35 const unsigned char *lparam, unsigned long lparamlen, | |
36 int hash_idx, int *stat, | |
37 katja_key *key) | |
38 { | |
39 unsigned long modulus_bitlen, modulus_bytelen, x; | |
40 int err; | |
41 unsigned char *tmp; | |
42 | |
43 LTC_ARGCHK(out != NULL); | |
44 LTC_ARGCHK(outlen != NULL); | |
45 LTC_ARGCHK(key != NULL); | |
46 LTC_ARGCHK(stat != NULL); | |
47 | |
48 /* default to invalid */ | |
49 *stat = 0; | |
50 | |
51 /* valid hash ? */ | |
52 if ((err = hash_is_valid(hash_idx)) != CRYPT_OK) { | |
53 return err; | |
54 } | |
55 | |
56 /* get modulus len in bits */ | |
57 modulus_bitlen = mp_count_bits( (key->N)); | |
58 | |
59 /* payload is upto pq, so we know q is 1/3rd the size of N and therefore pq is 2/3th the size */ | |
60 modulus_bitlen = ((modulus_bitlen << 1) / 3); | |
61 | |
62 /* round down to next byte */ | |
63 modulus_bitlen -= (modulus_bitlen & 7) + 8; | |
64 | |
65 /* outlen must be at least the size of the modulus */ | |
66 modulus_bytelen = mp_unsigned_bin_size( (key->N)); | |
67 if (modulus_bytelen != inlen) { | |
68 return CRYPT_INVALID_PACKET; | |
69 } | |
70 | |
71 /* allocate ram */ | |
72 tmp = XMALLOC(inlen); | |
73 if (tmp == NULL) { | |
74 return CRYPT_MEM; | |
75 } | |
76 | |
77 /* rsa decode the packet */ | |
78 x = inlen; | |
79 if ((err = katja_exptmod(in, inlen, tmp, &x, PK_PRIVATE, key)) != CRYPT_OK) { | |
80 XFREE(tmp); | |
81 return err; | |
82 } | |
83 | |
84 /* shift right by modulus_bytelen - modulus_bitlen/8 bytes */ | |
85 for (x = 0; x < (modulus_bitlen >> 3); x++) { | |
86 tmp[x] = tmp[x+(modulus_bytelen-(modulus_bitlen>>3))]; | |
87 } | |
88 | |
89 /* now OAEP decode the packet */ | |
90 err = pkcs_1_oaep_decode(tmp, x, lparam, lparamlen, modulus_bitlen, hash_idx, | |
91 out, outlen, stat); | |
92 | |
93 XFREE(tmp); | |
94 return err; | |
95 } | |
96 | |
97 #endif /* MRSA */ | |
98 | |
99 | |
100 | |
101 | |
102 | |
103 /* $Source: /cvs/libtom/libtomcrypt/src/pk/katja/katja_decrypt_key.c,v $ */ | |
104 /* $Revision: 1.4 $ */ | |
105 /* $Date: 2006/03/31 14:15:35 $ */ |