Ejemplo n.º 1
0
void
rsa_sha256_sign_digest(const struct rsa_private_key *key,
		       const uint8_t *digest,
		       mpz_t s)
{
  assert(key->size >= RSA_MINIMUM_N_OCTETS);

  pkcs1_rsa_sha256_encode_digest(s, key->size - 1, digest);

  rsa_compute_root(key, s, s);
}
Ejemplo n.º 2
0
void
rsa_sha256_sign(const struct rsa_private_key *key,
		struct sha256_ctx *hash,
		mpz_t s)
{
  assert(key->size >= RSA_MINIMUM_N_OCTETS);

  pkcs1_rsa_sha256_encode(s, key->size - 1, hash);

  rsa_compute_root(key, s, s);
}
Ejemplo n.º 3
0
Archivo: rsa.c Proyecto: macssh/macssh
static struct lsh_string *
do_rsa_sign(struct signer *s,
	    int algorithm,
	    UINT32 msg_length,
	    const UINT8 *msg)
{
  CAST(rsa_signer, self, s);
  struct lsh_string *res;
  mpz_t m;

  trace("do_rsa_sign: Signing according to %a\n", algorithm);
  
  mpz_init(m);
  pkcs1_encode(m, self->verifier->params, self->verifier->size - 1,
	       msg_length, msg);

  rsa_compute_root(self, m, m);

  switch (algorithm)
    {
    case ATOM_SSH_RSA:
      /* Uses the encoding:
       *
       * string ssh-rsa
       * string signature-blob
       */
  
      res = ssh_format("%a%un", ATOM_SSH_RSA, m);
      break;
#if 0
    case ATOM_RSA_PKCS1_SHA1:
    case ATOM_RSA_PKCS1_SHA1_LOCAL:
      /* Uses the encoding:
       *
       * string rsa-pkcs1
       * string signature-blob
       */
  
      res = ssh_format("%a%un", ATOM_RSA_PKCS1_SHA1, m);
      break;
#endif
      /* It doesn't matter here which flavour of SPKI is used. */
    case ATOM_SPKI_SIGN_RSA:
    case ATOM_SPKI_SIGN_DSS:

      res = sexp_format(encode_rsa_sig_val(m), SEXP_CANONICAL, 0);
      break;
    default:
      fatal("do_rsa_sign: Internal error!\n");
    }
  mpz_clear(m);
  return res;
}
Ejemplo n.º 4
0
int
rsa_decrypt(const struct rsa_private_key *key,
	    unsigned *length, uint8_t *message,
	    const mpz_t gibberish)
{
  mpz_t m;
  int res;

  mpz_init(m);
  rsa_compute_root(key, m, gibberish);

  res = pkcs1_decrypt (key->size, m, length, message);
  mpz_clear(m);
  return res;
}
Ejemplo n.º 5
0
int
rsa_md5_sign_digest(const struct rsa_private_key *key,
                    const uint8_t *digest,
                    mpz_t s)
{
    if (pkcs1_rsa_md5_encode_digest(s, key->size, digest))
    {
        rsa_compute_root(key, s, s);
        return 1;
    }
    else
    {
        mpz_set_ui(s, 0);
        return 0;
    }
}
Ejemplo n.º 6
0
int
rsa_md5_sign(const struct rsa_private_key *key,
             struct md5_ctx *hash,
             mpz_t s)
{
    if (pkcs1_rsa_md5_encode(s, key->size, hash))
    {
        rsa_compute_root(key, s, s);
        return 1;
    }
    else
    {
        mpz_set_ui(s, 0);
        return 0;
    }
}
Ejemplo n.º 7
0
Archivo: rsa.c Proyecto: macssh/macssh
static struct sexp *
do_rsa_sign_spki(struct signer *s,
		 /* struct sexp *hash, struct sexp *principal, */
		 UINT32 msg_length,
		 const UINT8 *msg)
{
  CAST(rsa_signer, self, s);
  mpz_t m;
  struct sexp *signature;

  mpz_init(m);
  pkcs1_encode(m, self->verifier->params, self->verifier->size - 1,
	       msg_length, msg);

  rsa_compute_root(self, m, m);

  signature = encode_rsa_sig_val(m);
  
  mpz_clear(m);
  return signature;
}
Ejemplo n.º 8
0
int
rsa_decrypt_tr(const struct rsa_public_key *pub,
	       const struct rsa_private_key *key,
	       void *random_ctx, nettle_random_func *random,
	       unsigned *length, uint8_t *message,
	       const mpz_t gibberish)
{
  mpz_t m, ri;
  int res;

  mpz_init_set(m, gibberish);
  mpz_init (ri);

  _rsa_blind (pub, random_ctx, random, m, ri);
  rsa_compute_root(key, m, m);
  _rsa_unblind (pub, m, ri);
  mpz_clear (ri);

  res = pkcs1_decrypt (key->size, m, length, message);
  mpz_clear(m);
  return res;
}
Ejemplo n.º 9
0
/* in case of DSA puts into data, r,s
 */
static int
_wrap_nettle_pk_sign (gnutls_pk_algorithm_t algo,
                      gnutls_datum_t * signature,
                      const gnutls_datum_t * vdata,
                      const gnutls_pk_params_st * pk_params)
{
  int ret;
  unsigned int hash;
  unsigned int hash_len;

  switch (algo)
    {
    case GNUTLS_PK_EC: /* we do ECDSA */
      {
        ecc_key priv;
        struct dsa_signature sig;

        _ecc_params_to_privkey(pk_params, &priv);

        dsa_signature_init (&sig);

        hash = _gnutls_dsa_q_to_hash (algo, pk_params, &hash_len);
        if (hash_len > vdata->size)
          {
            gnutls_assert ();
            _gnutls_debug_log("Security level of algorithm requires hash %s(%d) or better\n", gnutls_mac_get_name(hash), hash_len);
            hash_len = vdata->size;
          }

        ret = ecc_sign_hash(vdata->data, hash_len, 
                            &sig, NULL, rnd_func, &priv);
        if (ret != 0)
          {
            gnutls_assert ();
            ret = GNUTLS_E_PK_SIGN_FAILED;
            goto ecdsa_fail;
          }

        ret = _gnutls_encode_ber_rs (signature, &sig.r, &sig.s);

      ecdsa_fail:
        dsa_signature_clear (&sig);
        _ecc_params_clear( &priv);

        if (ret < 0)
          {
            gnutls_assert ();
            goto cleanup;
          }
        break;
      }
    case GNUTLS_PK_DSA:
      {
        struct dsa_public_key pub;
        struct dsa_private_key priv;
        struct dsa_signature sig;

        memset(&priv, 0, sizeof(priv));
        memset(&pub, 0, sizeof(pub));
        _dsa_params_to_pubkey (pk_params, &pub);
        _dsa_params_to_privkey (pk_params, &priv);

        dsa_signature_init (&sig);

        hash = _gnutls_dsa_q_to_hash (algo, pk_params, &hash_len);
        if (hash_len > vdata->size)
          {
            gnutls_assert ();
            _gnutls_debug_log("Security level of algorithm requires hash %s(%d) or better\n", gnutls_mac_get_name(hash), hash_len);
            hash_len = vdata->size;
          }

        ret =
          _dsa_sign (&pub, &priv, NULL, rnd_func,
                     hash_len, vdata->data, &sig);
        if (ret == 0)
          {
            gnutls_assert ();
            ret = GNUTLS_E_PK_SIGN_FAILED;
            goto dsa_fail;
          }

        ret = _gnutls_encode_ber_rs (signature, &sig.r, &sig.s);

      dsa_fail:
        dsa_signature_clear (&sig);

        if (ret < 0)
          {
            gnutls_assert ();
            goto cleanup;
          }
        break;
      }
    case GNUTLS_PK_RSA:
      {
        struct rsa_private_key priv;
        bigint_t hash, nc, ri;

        if (_gnutls_mpi_scan_nz (&hash, vdata->data, vdata->size) != 0)
          {
            gnutls_assert ();
            return GNUTLS_E_MPI_SCAN_FAILED;
          }

        memset(&priv, 0, sizeof(priv));
        _rsa_params_to_privkey (pk_params, &priv);

        nc = rsa_blind (hash, pk_params->params[1] /*e */ ,
                        pk_params->params[0] /*m */ , &ri);

        _gnutls_mpi_release (&hash);

        if (nc == NULL)
          {
            gnutls_assert ();
            ret = GNUTLS_E_MEMORY_ERROR;
            goto rsa_fail;
          }

        rsa_compute_root (&priv, TOMPZ (nc), TOMPZ (nc));

        rsa_unblind (nc, ri, pk_params->params[0] /*m */ );

        ret = _gnutls_mpi_dprint (nc, signature);

rsa_fail:
        _gnutls_mpi_release (&nc);
        _gnutls_mpi_release (&ri);

        if (ret < 0)
          {
            gnutls_assert ();
            goto cleanup;
          }

        break;
      }
    default:
      gnutls_assert ();
      ret = GNUTLS_E_INTERNAL_ERROR;
      goto cleanup;
    }

  ret = 0;

cleanup:

  return ret;
}
Ejemplo n.º 10
0
static int
_wrap_nettle_pk_decrypt (gnutls_pk_algorithm_t algo,
                         gnutls_datum_t * plaintext,
                         const gnutls_datum_t * ciphertext,
                         const gnutls_pk_params_st * pk_params)
{
  int ret;

  /* make a sexp from pkey */
  switch (algo)
    {
    case GNUTLS_PK_RSA:
      {
        struct rsa_private_key priv;
        bigint_t c, ri, nc;

        if (_gnutls_mpi_scan_nz (&c, ciphertext->data, ciphertext->size) != 0)
          {
            gnutls_assert ();
            return GNUTLS_E_MPI_SCAN_FAILED;
          }

        nc = rsa_blind (c, pk_params->params[1] /*e */ ,
                        pk_params->params[0] /*m */ , &ri);
        _gnutls_mpi_release (&c);
        if (nc == NULL)
          {
            gnutls_assert ();
            return GNUTLS_E_MEMORY_ERROR;
          }

        memset(&priv, 0, sizeof(priv));
        _rsa_params_to_privkey (pk_params, &priv);

        rsa_compute_root (&priv, TOMPZ (nc), TOMPZ (nc));

        rsa_unblind (nc, ri, pk_params->params[0] /*m */ );

        ret = _gnutls_mpi_dprint_size (nc, plaintext, ciphertext->size);

        _gnutls_mpi_release (&nc);
        _gnutls_mpi_release (&ri);

        if (ret < 0)
          {
            gnutls_assert ();
            goto cleanup;
          }

        break;
      }
    default:
      gnutls_assert ();
      ret = GNUTLS_E_INTERNAL_ERROR;
      goto cleanup;
    }

  ret = 0;

cleanup:

  return ret;
}