changed LTC_LTC_PKCS_1_* enum members to LTC_PKCS_1_*
This commit is contained in:
Steffen Jaeckel
parent
0a432b6b08
commit
3522c754aa
@ -46,16 +46,16 @@ void rsa_free(rsa_key *key);
|
||||
|
||||
/* These use LTC_PKCS #1 v2.0 padding */
|
||||
#define rsa_encrypt_key(_in, _inlen, _out, _outlen, _lparam, _lparamlen, _prng, _prng_idx, _hash_idx, _key) \
|
||||
rsa_encrypt_key_ex(_in, _inlen, _out, _outlen, _lparam, _lparamlen, _prng, _prng_idx, _hash_idx, LTC_LTC_PKCS_1_OAEP, _key)
|
||||
rsa_encrypt_key_ex(_in, _inlen, _out, _outlen, _lparam, _lparamlen, _prng, _prng_idx, _hash_idx, LTC_PKCS_1_OAEP, _key)
|
||||
|
||||
#define rsa_decrypt_key(_in, _inlen, _out, _outlen, _lparam, _lparamlen, _hash_idx, _stat, _key) \
|
||||
rsa_decrypt_key_ex(_in, _inlen, _out, _outlen, _lparam, _lparamlen, _hash_idx, LTC_LTC_PKCS_1_OAEP, _stat, _key)
|
||||
rsa_decrypt_key_ex(_in, _inlen, _out, _outlen, _lparam, _lparamlen, _hash_idx, LTC_PKCS_1_OAEP, _stat, _key)
|
||||
|
||||
#define rsa_sign_hash(_in, _inlen, _out, _outlen, _prng, _prng_idx, _hash_idx, _saltlen, _key) \
|
||||
rsa_sign_hash_ex(_in, _inlen, _out, _outlen, LTC_LTC_PKCS_1_PSS, _prng, _prng_idx, _hash_idx, _saltlen, _key)
|
||||
rsa_sign_hash_ex(_in, _inlen, _out, _outlen, LTC_PKCS_1_PSS, _prng, _prng_idx, _hash_idx, _saltlen, _key)
|
||||
|
||||
#define rsa_verify_hash(_sig, _siglen, _hash, _hashlen, _hash_idx, _saltlen, _stat, _key) \
|
||||
rsa_verify_hash_ex(_sig, _siglen, _hash, _hashlen, LTC_LTC_PKCS_1_PSS, _hash_idx, _saltlen, _stat, _key)
|
||||
rsa_verify_hash_ex(_sig, _siglen, _hash, _hashlen, LTC_PKCS_1_PSS, _hash_idx, _saltlen, _stat, _key)
|
||||
|
||||
/* These can be switched between LTC_PKCS #1 v2.x and LTC_PKCS #1 v1.5 paddings */
|
||||
int rsa_encrypt_key_ex(const unsigned char *in, unsigned long inlen,
|
||||
|
||||
@ -5,15 +5,15 @@
|
||||
|
||||
enum ltc_pkcs_1_v1_5_blocks
|
||||
{
|
||||
LTC_LTC_PKCS_1_EMSA = 1, /* Block type 1 (LTC_PKCS #1 v1.5 signature padding) */
|
||||
LTC_LTC_PKCS_1_EME = 2 /* Block type 2 (LTC_PKCS #1 v1.5 encryption padding) */
|
||||
LTC_PKCS_1_EMSA = 1, /* Block type 1 (LTC_PKCS #1 v1.5 signature padding) */
|
||||
LTC_PKCS_1_EME = 2 /* Block type 2 (LTC_PKCS #1 v1.5 encryption padding) */
|
||||
};
|
||||
|
||||
enum ltc_pkcs_1_paddings
|
||||
{
|
||||
LTC_LTC_PKCS_1_V1_5 = 1, /* LTC_PKCS #1 v1.5 padding (\sa ltc_pkcs_1_v1_5_blocks) */
|
||||
LTC_LTC_PKCS_1_OAEP = 2, /* LTC_PKCS #1 v2.0 encryption padding */
|
||||
LTC_LTC_PKCS_1_PSS = 3 /* LTC_PKCS #1 v2.1 signature padding */
|
||||
LTC_PKCS_1_V1_5 = 1, /* LTC_PKCS #1 v1.5 padding (\sa ltc_pkcs_1_v1_5_blocks) */
|
||||
LTC_PKCS_1_OAEP = 2, /* LTC_PKCS #1 v2.0 encryption padding */
|
||||
LTC_PKCS_1_PSS = 3 /* LTC_PKCS #1 v2.1 signature padding */
|
||||
};
|
||||
|
||||
int pkcs_1_mgf1( int hash_idx,
|
||||
|
||||
@ -58,7 +58,7 @@ int pkcs_1_v1_5_decode(const unsigned char *msg,
|
||||
goto bail;
|
||||
}
|
||||
|
||||
if (block_type == LTC_LTC_PKCS_1_EME) {
|
||||
if (block_type == LTC_PKCS_1_EME) {
|
||||
for (i = 2; i < modulus_len; i++) {
|
||||
/* separator */
|
||||
if (msg[i] == 0x00) { break; }
|
||||
|
||||
@ -23,8 +23,8 @@
|
||||
* \param msglen The length of the data to encode (octets)
|
||||
* \param block_type Block type to use in padding (\sa ltc_pkcs_1_v1_5_blocks)
|
||||
* \param modulus_bitlen The bit length of the RSA modulus
|
||||
* \param prng An active PRNG state (only for LTC_LTC_PKCS_1_EME)
|
||||
* \param prng_idx The index of the PRNG desired (only for LTC_LTC_PKCS_1_EME)
|
||||
* \param prng An active PRNG state (only for LTC_PKCS_1_EME)
|
||||
* \param prng_idx The index of the PRNG desired (only for LTC_PKCS_1_EME)
|
||||
* \param out [out] The destination for the encoded data
|
||||
* \param outlen [in/out] The max size and resulting size of the encoded data
|
||||
*
|
||||
@ -44,12 +44,12 @@ int pkcs_1_v1_5_encode(const unsigned char *msg,
|
||||
int result;
|
||||
|
||||
/* valid block_type? */
|
||||
if ((block_type != LTC_LTC_PKCS_1_EMSA) &&
|
||||
(block_type != LTC_LTC_PKCS_1_EME)) {
|
||||
if ((block_type != LTC_PKCS_1_EMSA) &&
|
||||
(block_type != LTC_PKCS_1_EME)) {
|
||||
return CRYPT_PK_INVALID_PADDING;
|
||||
}
|
||||
|
||||
if (block_type == LTC_LTC_PKCS_1_EME) { /* encryption padding, we need a valid PRNG */
|
||||
if (block_type == LTC_PKCS_1_EME) { /* encryption padding, we need a valid PRNG */
|
||||
if ((result = prng_is_valid(prng_idx)) != CRYPT_OK) {
|
||||
return result;
|
||||
}
|
||||
@ -72,7 +72,7 @@ int pkcs_1_v1_5_encode(const unsigned char *msg,
|
||||
ps = &out[2];
|
||||
ps_len = modulus_len - msglen - 3;
|
||||
|
||||
if (block_type == LTC_LTC_PKCS_1_EME) {
|
||||
if (block_type == LTC_PKCS_1_EME) {
|
||||
/* now choose a random ps */
|
||||
if (prng_descriptor[prng_idx].read(ps, ps_len, prng) != ps_len) {
|
||||
result = CRYPT_ERROR_READPRNG;
|
||||
|
||||
@ -26,7 +26,7 @@
|
||||
@param lparam The system "lparam" value
|
||||
@param lparamlen The length of the lparam value (octets)
|
||||
@param hash_idx The index of the hash desired
|
||||
@param padding Type of padding (LTC_LTC_PKCS_1_OAEP or LTC_LTC_PKCS_1_V1_5)
|
||||
@param padding Type of padding (LTC_PKCS_1_OAEP or LTC_PKCS_1_V1_5)
|
||||
@param stat [out] Result of the decryption, 1==valid, 0==invalid
|
||||
@param key The corresponding private RSA key
|
||||
@return CRYPT_OK if succcessul (even if invalid)
|
||||
@ -51,12 +51,12 @@ int rsa_decrypt_key_ex(const unsigned char *in, unsigned long inlen,
|
||||
|
||||
/* valid padding? */
|
||||
|
||||
if ((padding != LTC_LTC_PKCS_1_V1_5) &&
|
||||
(padding != LTC_LTC_PKCS_1_OAEP)) {
|
||||
if ((padding != LTC_PKCS_1_V1_5) &&
|
||||
(padding != LTC_PKCS_1_OAEP)) {
|
||||
return CRYPT_PK_INVALID_PADDING;
|
||||
}
|
||||
|
||||
if (padding == LTC_LTC_PKCS_1_OAEP) {
|
||||
if (padding == LTC_PKCS_1_OAEP) {
|
||||
/* valid hash ? */
|
||||
if ((err = hash_is_valid(hash_idx)) != CRYPT_OK) {
|
||||
return err;
|
||||
@ -85,13 +85,13 @@ int rsa_decrypt_key_ex(const unsigned char *in, unsigned long inlen,
|
||||
return err;
|
||||
}
|
||||
|
||||
if (padding == LTC_LTC_PKCS_1_OAEP) {
|
||||
if (padding == LTC_PKCS_1_OAEP) {
|
||||
/* now OAEP decode the packet */
|
||||
err = pkcs_1_oaep_decode(tmp, x, lparam, lparamlen, modulus_bitlen, hash_idx,
|
||||
out, outlen, stat);
|
||||
} else {
|
||||
/* now LTC_PKCS #1 v1.5 depad the packet */
|
||||
err = pkcs_1_v1_5_decode(tmp, x, LTC_LTC_PKCS_1_EME, modulus_bitlen, out, outlen, stat);
|
||||
err = pkcs_1_v1_5_decode(tmp, x, LTC_PKCS_1_EME, modulus_bitlen, out, outlen, stat);
|
||||
}
|
||||
|
||||
XFREE(tmp);
|
||||
|
||||
@ -28,7 +28,7 @@
|
||||
@param prng An active PRNG
|
||||
@param prng_idx The index of the desired prng
|
||||
@param hash_idx The index of the desired hash
|
||||
@param padding Type of padding (LTC_LTC_PKCS_1_OAEP or LTC_LTC_PKCS_1_V1_5)
|
||||
@param padding Type of padding (LTC_PKCS_1_OAEP or LTC_PKCS_1_V1_5)
|
||||
@param key The RSA key to encrypt to
|
||||
@return CRYPT_OK if successful
|
||||
*/
|
||||
@ -46,8 +46,8 @@ int rsa_encrypt_key_ex(const unsigned char *in, unsigned long inlen,
|
||||
LTC_ARGCHK(key != NULL);
|
||||
|
||||
/* valid padding? */
|
||||
if ((padding != LTC_LTC_PKCS_1_V1_5) &&
|
||||
(padding != LTC_LTC_PKCS_1_OAEP)) {
|
||||
if ((padding != LTC_PKCS_1_V1_5) &&
|
||||
(padding != LTC_PKCS_1_OAEP)) {
|
||||
return CRYPT_PK_INVALID_PADDING;
|
||||
}
|
||||
|
||||
@ -56,7 +56,7 @@ int rsa_encrypt_key_ex(const unsigned char *in, unsigned long inlen,
|
||||
return err;
|
||||
}
|
||||
|
||||
if (padding == LTC_LTC_PKCS_1_OAEP) {
|
||||
if (padding == LTC_PKCS_1_OAEP) {
|
||||
/* valid hash? */
|
||||
if ((err = hash_is_valid(hash_idx)) != CRYPT_OK) {
|
||||
return err;
|
||||
@ -73,7 +73,7 @@ int rsa_encrypt_key_ex(const unsigned char *in, unsigned long inlen,
|
||||
return CRYPT_BUFFER_OVERFLOW;
|
||||
}
|
||||
|
||||
if (padding == LTC_LTC_PKCS_1_OAEP) {
|
||||
if (padding == LTC_PKCS_1_OAEP) {
|
||||
/* OAEP pad the key */
|
||||
x = *outlen;
|
||||
if ((err = pkcs_1_oaep_encode(in, inlen, lparam,
|
||||
@ -84,7 +84,7 @@ int rsa_encrypt_key_ex(const unsigned char *in, unsigned long inlen,
|
||||
} else {
|
||||
/* LTC_PKCS #1 v1.5 pad the key */
|
||||
x = *outlen;
|
||||
if ((err = pkcs_1_v1_5_encode(in, inlen, LTC_LTC_PKCS_1_EME,
|
||||
if ((err = pkcs_1_v1_5_encode(in, inlen, LTC_PKCS_1_EME,
|
||||
modulus_bitlen, prng, prng_idx,
|
||||
out, &x)) != CRYPT_OK) {
|
||||
return err;
|
||||
|
||||
@ -23,7 +23,7 @@
|
||||
@param inlen The length of the hash to sign (octets)
|
||||
@param out [out] The signature
|
||||
@param outlen [in/out] The max size and resulting size of the signature
|
||||
@param padding Type of padding (LTC_LTC_PKCS_1_PSS or LTC_LTC_PKCS_1_V1_5)
|
||||
@param padding Type of padding (LTC_PKCS_1_PSS or LTC_PKCS_1_V1_5)
|
||||
@param prng An active PRNG state
|
||||
@param prng_idx The index of the PRNG desired
|
||||
@param hash_idx The index of the hash desired
|
||||
@ -47,11 +47,11 @@ int rsa_sign_hash_ex(const unsigned char *in, unsigned long inlen,
|
||||
LTC_ARGCHK(key != NULL);
|
||||
|
||||
/* valid padding? */
|
||||
if ((padding != LTC_LTC_PKCS_1_V1_5) && (padding != LTC_LTC_PKCS_1_PSS)) {
|
||||
if ((padding != LTC_PKCS_1_V1_5) && (padding != LTC_PKCS_1_PSS)) {
|
||||
return CRYPT_PK_INVALID_PADDING;
|
||||
}
|
||||
|
||||
if (padding == LTC_LTC_PKCS_1_PSS) {
|
||||
if (padding == LTC_PKCS_1_PSS) {
|
||||
/* valid prng and hash ? */
|
||||
if ((err = prng_is_valid(prng_idx)) != CRYPT_OK) {
|
||||
return err;
|
||||
@ -71,7 +71,7 @@ int rsa_sign_hash_ex(const unsigned char *in, unsigned long inlen,
|
||||
return CRYPT_BUFFER_OVERFLOW;
|
||||
}
|
||||
|
||||
if (padding == LTC_LTC_PKCS_1_PSS) {
|
||||
if (padding == LTC_PKCS_1_PSS) {
|
||||
/* PSS pad the key */
|
||||
x = *outlen;
|
||||
if ((err = pkcs_1_pss_encode(in, inlen, saltlen, prng, prng_idx,
|
||||
@ -114,7 +114,7 @@ int rsa_sign_hash_ex(const unsigned char *in, unsigned long inlen,
|
||||
}
|
||||
|
||||
x = *outlen;
|
||||
if ((err = pkcs_1_v1_5_encode(tmpin, y, LTC_LTC_PKCS_1_EMSA,
|
||||
if ((err = pkcs_1_v1_5_encode(tmpin, y, LTC_PKCS_1_EMSA,
|
||||
modulus_bitlen, NULL, 0,
|
||||
out, &x)) != CRYPT_OK) {
|
||||
XFREE(tmpin);
|
||||
|
||||
@ -23,7 +23,7 @@
|
||||
@param siglen The length of the signature data (octets)
|
||||
@param hash The hash of the message that was signed
|
||||
@param hashlen The length of the hash of the message that was signed (octets)
|
||||
@param padding Type of padding (LTC_LTC_PKCS_1_PSS or LTC_LTC_PKCS_1_V1_5)
|
||||
@param padding Type of padding (LTC_PKCS_1_PSS or LTC_PKCS_1_V1_5)
|
||||
@param hash_idx The index of the desired hash
|
||||
@param saltlen The length of the salt used during signature
|
||||
@param stat [out] The result of the signature comparison, 1==valid, 0==invalid
|
||||
@ -50,12 +50,12 @@ int rsa_verify_hash_ex(const unsigned char *sig, unsigned long siglen,
|
||||
|
||||
/* valid padding? */
|
||||
|
||||
if ((padding != LTC_LTC_PKCS_1_V1_5) &&
|
||||
(padding != LTC_LTC_PKCS_1_PSS)) {
|
||||
if ((padding != LTC_PKCS_1_V1_5) &&
|
||||
(padding != LTC_PKCS_1_PSS)) {
|
||||
return CRYPT_PK_INVALID_PADDING;
|
||||
}
|
||||
|
||||
if (padding == LTC_LTC_PKCS_1_PSS) {
|
||||
if (padding == LTC_PKCS_1_PSS) {
|
||||
/* valid hash ? */
|
||||
if ((err = hash_is_valid(hash_idx)) != CRYPT_OK) {
|
||||
return err;
|
||||
@ -90,7 +90,7 @@ int rsa_verify_hash_ex(const unsigned char *sig, unsigned long siglen,
|
||||
return CRYPT_INVALID_PACKET;
|
||||
}
|
||||
|
||||
if (padding == LTC_LTC_PKCS_1_PSS) {
|
||||
if (padding == LTC_PKCS_1_PSS) {
|
||||
/* PSS decode and verify it */
|
||||
err = pkcs_1_pss_decode(hash, hashlen, tmpbuf, x, saltlen, hash_idx, modulus_bitlen, stat);
|
||||
} else {
|
||||
@ -114,7 +114,7 @@ int rsa_verify_hash_ex(const unsigned char *sig, unsigned long siglen,
|
||||
goto bail_2;
|
||||
}
|
||||
|
||||
if ((err = pkcs_1_v1_5_decode(tmpbuf, x, LTC_LTC_PKCS_1_EMSA, modulus_bitlen, out, &outlen, &decoded)) != CRYPT_OK) {
|
||||
if ((err = pkcs_1_v1_5_decode(tmpbuf, x, LTC_PKCS_1_EMSA, modulus_bitlen, out, &outlen, &decoded)) != CRYPT_OK) {
|
||||
XFREE(out);
|
||||
goto bail_2;
|
||||
}
|
||||
|
||||
@ -261,10 +261,10 @@ for (cnt = 0; cnt < len; ) {
|
||||
for (rsa_msgsize = 1; rsa_msgsize <= 117; rsa_msgsize++) {
|
||||
len = sizeof(out);
|
||||
len2 = rsa_msgsize;
|
||||
DO(rsa_encrypt_key_ex(in, rsa_msgsize, out, &len, NULL, 0, &yarrow_prng, prng_idx, 0, LTC_LTC_PKCS_1_V1_5, &key));
|
||||
DO(rsa_encrypt_key_ex(in, rsa_msgsize, out, &len, NULL, 0, &yarrow_prng, prng_idx, 0, LTC_PKCS_1_V1_5, &key));
|
||||
|
||||
len2 = rsa_msgsize;
|
||||
DO(rsa_decrypt_key_ex(out, len, tmp, &len2, NULL, 0, 0, LTC_LTC_PKCS_1_V1_5, &stat, &key));
|
||||
DO(rsa_decrypt_key_ex(out, len, tmp, &len2, NULL, 0, 0, LTC_PKCS_1_V1_5, &stat, &key));
|
||||
if (!(stat == 1 && stat2 == 0)) {
|
||||
fprintf(stderr, "rsa_decrypt_key_ex failed, %d, %d", stat, stat2);
|
||||
return 1;
|
||||
@ -351,11 +351,11 @@ for (cnt = 0; cnt < len; ) {
|
||||
|
||||
/* sign a message with LTC_PKCS #1 v1.5 */
|
||||
len = sizeof(out);
|
||||
DO(rsa_sign_hash_ex(in, 20, out, &len, LTC_LTC_PKCS_1_V1_5, &yarrow_prng, prng_idx, hash_idx, 8, &privKey));
|
||||
DO(rsa_verify_hash_ex(out, len, in, 20, LTC_LTC_PKCS_1_V1_5, hash_idx, 8, &stat, &pubKey));
|
||||
DO(rsa_sign_hash_ex(in, 20, out, &len, LTC_PKCS_1_V1_5, &yarrow_prng, prng_idx, hash_idx, 8, &privKey));
|
||||
DO(rsa_verify_hash_ex(out, len, in, 20, LTC_PKCS_1_V1_5, hash_idx, 8, &stat, &pubKey));
|
||||
/* change a byte */
|
||||
in[0] ^= 1;
|
||||
DO(rsa_verify_hash_ex(out, len, in, 20, LTC_LTC_PKCS_1_V1_5, hash_idx, 8, &stat2, &pubKey));
|
||||
DO(rsa_verify_hash_ex(out, len, in, 20, LTC_PKCS_1_V1_5, hash_idx, 8, &stat2, &pubKey));
|
||||
|
||||
if (!(stat == 1 && stat2 == 0)) {
|
||||
fprintf(stderr, "rsa_verify_hash_ex failed, %d, %d", stat, stat2);
|
||||
|
||||
Loading…
Reference in New Issue
Block a user