Mercurial > dropbear

comparison rsa.c @ 760:f336d232fc63 ecc

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Make _sign and _verify functions take a buffer* rather than void* and int
author Matt Johnston <matt@ucc.asn.au>
date Sat, 06 Apr 2013 16:00:37 +0800
parents a98a2138364a
children 7dcb46da72d9
comparison
equal deleted inserted replaced
759:76fba0856749 760:f336d232fc63
37 #include "random.h" 37 #include "random.h"
38 38
39 #ifdef DROPBEAR_RSA 39 #ifdef DROPBEAR_RSA
40 40
41 static void rsa_pad_em(dropbear_rsa_key * key, 41 static void rsa_pad_em(dropbear_rsa_key * key,
42 const unsigned char * data, unsigned int len, 42 buffer *data_buf, mp_int * rsa_em);
43 mp_int * rsa_em);
44 43
45 /* Load a public rsa key from a buffer, initialising the values. 44 /* Load a public rsa key from a buffer, initialising the values.
46 * The key will have the same format as buf_put_rsa_key. 45 * The key will have the same format as buf_put_rsa_key.
47 * These should be freed with rsa_key_free. 46 * These should be freed with rsa_key_free.
48 * Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ 47 * Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */
211 } 210 }
212 211
213 #ifdef DROPBEAR_SIGNKEY_VERIFY 212 #ifdef DROPBEAR_SIGNKEY_VERIFY
214 /* Verify a signature in buf, made on data by the key given. 213 /* Verify a signature in buf, made on data by the key given.
215 * Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ 214 * Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */
216 int buf_rsa_verify(buffer * buf, dropbear_rsa_key *key, const unsigned char* data, 215 int buf_rsa_verify(buffer * buf, dropbear_rsa_key *key, buffer *data_buf) {
217 unsigned int len) {
218
219 unsigned int slen; 216 unsigned int slen;
220 DEF_MP_INT(rsa_s); 217 DEF_MP_INT(rsa_s);
221 DEF_MP_INT(rsa_mdash); 218 DEF_MP_INT(rsa_mdash);
222 DEF_MP_INT(rsa_em); 219 DEF_MP_INT(rsa_em);
223 int ret = DROPBEAR_FAILURE; 220 int ret = DROPBEAR_FAILURE;
245 TRACE(("s > n-1")) 242 TRACE(("s > n-1"))
246 goto out; 243 goto out;
247 } 244 }
248 245
249 /* create the magic PKCS padded value */ 246 /* create the magic PKCS padded value */
250 rsa_pad_em(key, data, len, &rsa_em); 247 rsa_pad_em(key, data_buf, &rsa_em);
251 248
252 if (mp_exptmod(&rsa_s, key->e, key->n, &rsa_mdash) != MP_OKAY) { 249 if (mp_exptmod(&rsa_s, key->e, key->n, &rsa_mdash) != MP_OKAY) {
253 TRACE(("failed exptmod rsa_s")) 250 TRACE(("failed exptmod rsa_s"))
254 goto out; 251 goto out;
255 } 252 }
268 265
269 #endif /* DROPBEAR_SIGNKEY_VERIFY */ 266 #endif /* DROPBEAR_SIGNKEY_VERIFY */
270 267
271 /* Sign the data presented with key, writing the signature contents 268 /* Sign the data presented with key, writing the signature contents
272 * to the buffer */ 269 * to the buffer */
273 void buf_put_rsa_sign(buffer* buf, dropbear_rsa_key *key, const unsigned char* data, 270 void buf_put_rsa_sign(buffer* buf, dropbear_rsa_key *key, buffer *data_buf) {
274 unsigned int len) {
275
276 unsigned int nsize, ssize; 271 unsigned int nsize, ssize;
277 unsigned int i; 272 unsigned int i;
278 DEF_MP_INT(rsa_s); 273 DEF_MP_INT(rsa_s);
279 DEF_MP_INT(rsa_tmp1); 274 DEF_MP_INT(rsa_tmp1);
280 DEF_MP_INT(rsa_tmp2); 275 DEF_MP_INT(rsa_tmp2);
283 TRACE(("enter buf_put_rsa_sign")) 278 TRACE(("enter buf_put_rsa_sign"))
284 dropbear_assert(key != NULL); 279 dropbear_assert(key != NULL);
285 280
286 m_mp_init_multi(&rsa_s, &rsa_tmp1, &rsa_tmp2, &rsa_tmp3, NULL); 281 m_mp_init_multi(&rsa_s, &rsa_tmp1, &rsa_tmp2, &rsa_tmp3, NULL);
287 282
288 rsa_pad_em(key, data, len, &rsa_tmp1); 283 rsa_pad_em(key, data_buf, &rsa_tmp1);
289 284
290 /* the actual signing of the padded data */ 285 /* the actual signing of the padded data */
291 286
292 #ifdef RSA_BLINDING 287 #ifdef RSA_BLINDING
293 288
375 * hex 30 21 30 09 06 05 2B 0E 03 02 1A 05 00 04 14 370 * hex 30 21 30 09 06 05 2B 0E 03 02 1A 05 00 04 14
376 * 371 *
377 * rsa_em must be a pointer to an initialised mp_int. 372 * rsa_em must be a pointer to an initialised mp_int.
378 */ 373 */
379 static void rsa_pad_em(dropbear_rsa_key * key, 374 static void rsa_pad_em(dropbear_rsa_key * key,
380 const unsigned char * data, unsigned int len, 375 buffer *data_buf, mp_int * rsa_em) {
381 mp_int * rsa_em) {
382 376
383 /* ASN1 designator (including the 0x00 preceding) */ 377 /* ASN1 designator (including the 0x00 preceding) */
384 const unsigned char rsa_asn1_magic[] = 378 const unsigned char rsa_asn1_magic[] =
385 {0x00, 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 379 {0x00, 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b,
386 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14}; 380 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14};
389 buffer * rsa_EM = NULL; 383 buffer * rsa_EM = NULL;
390 hash_state hs; 384 hash_state hs;
391 unsigned int nsize; 385 unsigned int nsize;
392 386
393 dropbear_assert(key != NULL); 387 dropbear_assert(key != NULL);
394 dropbear_assert(data != NULL);
395 nsize = mp_unsigned_bin_size(key->n); 388 nsize = mp_unsigned_bin_size(key->n);
396 389
397 rsa_EM = buf_new(nsize-1); 390 rsa_EM = buf_new(nsize-1);
398 /* type byte */ 391 /* type byte */
399 buf_putbyte(rsa_EM, 0x01); 392 buf_putbyte(rsa_EM, 0x01);
406 rsa_asn1_magic, RSA_ASN1_MAGIC_LEN); 399 rsa_asn1_magic, RSA_ASN1_MAGIC_LEN);
407 buf_incrwritepos(rsa_EM, RSA_ASN1_MAGIC_LEN); 400 buf_incrwritepos(rsa_EM, RSA_ASN1_MAGIC_LEN);
408 401
409 /* The hash of the data */ 402 /* The hash of the data */
410 sha1_init(&hs); 403 sha1_init(&hs);
411 sha1_process(&hs, data, len); 404 sha1_process(&hs, data_buf->data, data_buf->len);
412 sha1_done(&hs, buf_getwriteptr(rsa_EM, SHA1_HASH_SIZE)); 405 sha1_done(&hs, buf_getwriteptr(rsa_EM, SHA1_HASH_SIZE));
413 buf_incrwritepos(rsa_EM, SHA1_HASH_SIZE); 406 buf_incrwritepos(rsa_EM, SHA1_HASH_SIZE);
414 407
415 dropbear_assert(rsa_EM->pos == rsa_EM->size); 408 dropbear_assert(rsa_EM->pos == rsa_EM->size);
416 409