1.13.1
by Colin Watson
Import upstream version 4.6p1 |
1 |
/* $OpenBSD: rsa.c,v 1.29 2006/11/06 21:25:28 markus Exp $ */
|
1
by Noah Meyerhans
Import upstream version 3.8.1p1 |
2 |
/*
|
3 |
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
|
4 |
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
|
5 |
* All rights reserved
|
|
6 |
*
|
|
7 |
* As far as I am concerned, the code I have written for this software
|
|
8 |
* can be used freely for any purpose. Any derived versions of this
|
|
9 |
* software must be clearly marked as such, and if the derived work is
|
|
10 |
* incompatible with the protocol description in the RFC file, it must be
|
|
11 |
* called by a name other than "ssh" or "Secure Shell".
|
|
12 |
*
|
|
13 |
*
|
|
14 |
* Copyright (c) 1999 Niels Provos. All rights reserved.
|
|
15 |
*
|
|
16 |
* Redistribution and use in source and binary forms, with or without
|
|
17 |
* modification, are permitted provided that the following conditions
|
|
18 |
* are met:
|
|
19 |
* 1. Redistributions of source code must retain the above copyright
|
|
20 |
* notice, this list of conditions and the following disclaimer.
|
|
21 |
* 2. Redistributions in binary form must reproduce the above copyright
|
|
22 |
* notice, this list of conditions and the following disclaimer in the
|
|
23 |
* documentation and/or other materials provided with the distribution.
|
|
24 |
*
|
|
25 |
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
|
|
26 |
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
|
|
27 |
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
|
|
28 |
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
|
|
29 |
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
30 |
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
31 |
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
32 |
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
33 |
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
|
34 |
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
35 |
*
|
|
36 |
*
|
|
37 |
* Description of the RSA algorithm can be found e.g. from the following
|
|
38 |
* sources:
|
|
39 |
*
|
|
40 |
* Bruce Schneier: Applied Cryptography. John Wiley & Sons, 1994.
|
|
41 |
*
|
|
42 |
* Jennifer Seberry and Josed Pieprzyk: Cryptography: An Introduction to
|
|
43 |
* Computer Security. Prentice-Hall, 1989.
|
|
44 |
*
|
|
45 |
* Man Young Rhee: Cryptography and Secure Data Communications. McGraw-Hill,
|
|
46 |
* 1994.
|
|
47 |
*
|
|
48 |
* R. Rivest, A. Shamir, and L. M. Adleman: Cryptographic Communications
|
|
49 |
* System and Method. US Patent 4,405,829, 1983.
|
|
50 |
*
|
|
51 |
* Hans Riesel: Prime Numbers and Computer Methods for Factorization.
|
|
52 |
* Birkhauser, 1994.
|
|
53 |
*
|
|
54 |
* The RSA Frequently Asked Questions document by RSA Data Security,
|
|
55 |
* Inc., 1995.
|
|
56 |
*
|
|
57 |
* RSA in 3 lines of perl by Adam Back <aba@atlax.ex.ac.uk>, 1995, as
|
|
58 |
* included below:
|
|
59 |
*
|
|
60 |
* [gone - had to be deleted - what a pity]
|
|
61 |
*/
|
|
62 |
||
63 |
#include "includes.h" |
|
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
64 |
|
65 |
#include <sys/types.h> |
|
66 |
||
67 |
#include <stdarg.h> |
|
68 |
#include <string.h> |
|
69 |
||
70 |
#include "xmalloc.h" |
|
1
by Noah Meyerhans
Import upstream version 3.8.1p1 |
71 |
#include "rsa.h" |
72 |
#include "log.h" |
|
73 |
||
74 |
void
|
|
75 |
rsa_public_encrypt(BIGNUM *out, BIGNUM *in, RSA *key) |
|
76 |
{
|
|
77 |
u_char *inbuf, *outbuf; |
|
78 |
int len, ilen, olen; |
|
79 |
||
80 |
if (BN_num_bits(key->e) < 2 || !BN_is_odd(key->e)) |
|
81 |
fatal("rsa_public_encrypt() exponent too small or not odd"); |
|
82 |
||
83 |
olen = BN_num_bytes(key->n); |
|
84 |
outbuf = xmalloc(olen); |
|
85 |
||
86 |
ilen = BN_num_bytes(in); |
|
87 |
inbuf = xmalloc(ilen); |
|
88 |
BN_bn2bin(in, inbuf); |
|
89 |
||
90 |
if ((len = RSA_public_encrypt(ilen, inbuf, outbuf, key, |
|
91 |
RSA_PKCS1_PADDING)) <= 0) |
|
92 |
fatal("rsa_public_encrypt() failed"); |
|
93 |
||
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
94 |
if (BN_bin2bn(outbuf, len, out) == NULL) |
95 |
fatal("rsa_public_encrypt: BN_bin2bn failed"); |
|
1
by Noah Meyerhans
Import upstream version 3.8.1p1 |
96 |
|
97 |
memset(outbuf, 0, olen); |
|
98 |
memset(inbuf, 0, ilen); |
|
99 |
xfree(outbuf); |
|
100 |
xfree(inbuf); |
|
101 |
}
|
|
102 |
||
103 |
int
|
|
104 |
rsa_private_decrypt(BIGNUM *out, BIGNUM *in, RSA *key) |
|
105 |
{
|
|
106 |
u_char *inbuf, *outbuf; |
|
107 |
int len, ilen, olen; |
|
108 |
||
109 |
olen = BN_num_bytes(key->n); |
|
110 |
outbuf = xmalloc(olen); |
|
111 |
||
112 |
ilen = BN_num_bytes(in); |
|
113 |
inbuf = xmalloc(ilen); |
|
114 |
BN_bn2bin(in, inbuf); |
|
115 |
||
116 |
if ((len = RSA_private_decrypt(ilen, inbuf, outbuf, key, |
|
117 |
RSA_PKCS1_PADDING)) <= 0) { |
|
118 |
error("rsa_private_decrypt() failed"); |
|
119 |
} else { |
|
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
120 |
if (BN_bin2bn(outbuf, len, out) == NULL) |
121 |
fatal("rsa_private_decrypt: BN_bin2bn failed"); |
|
1
by Noah Meyerhans
Import upstream version 3.8.1p1 |
122 |
}
|
123 |
memset(outbuf, 0, olen); |
|
124 |
memset(inbuf, 0, ilen); |
|
125 |
xfree(outbuf); |
|
126 |
xfree(inbuf); |
|
127 |
return len; |
|
128 |
}
|
|
129 |
||
130 |
/* calculate p-1 and q-1 */
|
|
131 |
void
|
|
132 |
rsa_generate_additional_parameters(RSA *rsa) |
|
133 |
{
|
|
134 |
BIGNUM *aux; |
|
135 |
BN_CTX *ctx; |
|
136 |
||
137 |
if ((aux = BN_new()) == NULL) |
|
138 |
fatal("rsa_generate_additional_parameters: BN_new failed"); |
|
139 |
if ((ctx = BN_CTX_new()) == NULL) |
|
140 |
fatal("rsa_generate_additional_parameters: BN_CTX_new failed"); |
|
141 |
||
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
142 |
if ((BN_sub(aux, rsa->q, BN_value_one()) == 0) || |
143 |
(BN_mod(rsa->dmq1, rsa->d, aux, ctx) == 0) || |
|
144 |
(BN_sub(aux, rsa->p, BN_value_one()) == 0) || |
|
145 |
(BN_mod(rsa->dmp1, rsa->d, aux, ctx) == 0)) |
|
146 |
fatal("rsa_generate_additional_parameters: BN_sub/mod failed"); |
|
1
by Noah Meyerhans
Import upstream version 3.8.1p1 |
147 |
|
148 |
BN_clear_free(aux); |
|
149 |
BN_CTX_free(ctx); |
|
150 |
}
|
|
151 |