ARMmbed/mbedtls
1
0
Fork 0
mirror of https://github.com/ARMmbed/mbedtls.git synced 2025-05-11 01:11:42 +08:00
Code Issues Releases Wiki Activity

- Changed origins of random function and pointer in rsa_pkcs1_encrypt, rsa_init, rsa_gen_key.

Browse Source 
Moved to parameters of function instead of context pointers as within ssl_cli, context pointer cannot be set easily.
This commit is contained in:
Paul Bakker 2010-08-16 11:10:02 +00:00
parent 61c324bbdd
commit 21eb2802fe
4 changed files with 32 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
ChangeLog
View File

@ -11,8 +11,9 @@ Features
Changes Changes
* Made Makefile cleaner * Made Makefile cleaner
* Removed dependency on rand() in rsa_pkcs1_encrypt(). * Removed dependency on rand() in rsa_pkcs1_encrypt().
Now using random fuction provided to context. Now using random fuction provided to function and
Requires initialization with rsa_init() before use! changed the prototype of rsa_pkcs1_encrypt(),
rsa_init() and rsa_gen_key().
* Some SSL defines were renamed in order to avoid * Some SSL defines were renamed in order to avoid
future confusion future confusion

21
include/polarssl/rsa.h
View File

@ -144,8 +144,6 @@ typedef struct
int padding; /*!< 1.5 or OAEP/PSS */ int padding; /*!< 1.5 or OAEP/PSS */
int hash_id; /*!< hash identifier */ int hash_id; /*!< hash identifier */
int (*f_rng)(void *); /*!< RNG function */
void *p_rng; /*!< RNG parameter */
} }
rsa_context; rsa_context;
@ -159,8 +157,6 @@ extern "C" {
* \param ctx RSA context to be initialized * \param ctx RSA context to be initialized
* \param padding RSA_PKCS_V15 or RSA_PKCS_V21 * \param padding RSA_PKCS_V15 or RSA_PKCS_V21
* \param hash_id RSA_PKCS_V21 hash identifier * \param hash_id RSA_PKCS_V21 hash identifier
* \param f_rng RNG function
* \param p_rng RNG parameter
* *
* \note The hash_id parameter is actually ignored * \note The hash_id parameter is actually ignored
* when using RSA_PKCS_V15 padding. * when using RSA_PKCS_V15 padding.
@ -170,23 +166,26 @@ extern "C" {
*/ */
void rsa_init( rsa_context *ctx, void rsa_init( rsa_context *ctx,
int padding, int padding,
int hash_id, int hash_id);
int (*f_rng)(void *),
void *p_rng );
/** /**
* \brief Generate an RSA keypair * \brief Generate an RSA keypair
* *
* \param ctx RSA context that will hold the key * \param ctx RSA context that will hold the key
* \param f_rng RNG function
* \param p_rng RNG parameter
* \param nbits size of the public key in bits * \param nbits size of the public key in bits
* \param exponent public exponent (e.g., 65537) * \param exponent public exponent (e.g., 65537)
* *
* \note rsa_init() must be called beforehand to setup * \note rsa_init() must be called beforehand to setup
* the RSA context (especially f_rng and p_rng). * the RSA context.
* *
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
*/ */
int rsa_gen_key( rsa_context *ctx, int nbits, int exponent ); int rsa_gen_key( rsa_context *ctx,
int (*f_rng)(void *),
void *p_rng,
int nbits, int exponent );
/** /**
* \brief Check a public RSA key * \brief Check a public RSA key
@ -246,6 +245,8 @@ int rsa_private( rsa_context *ctx,
* \brief Add the message padding, then do an RSA operation * \brief Add the message padding, then do an RSA operation
* *
* \param ctx RSA context * \param ctx RSA context
* \param f_rng RNG function
* \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE * \param mode RSA_PUBLIC or RSA_PRIVATE
* \param ilen contains the plaintext length * \param ilen contains the plaintext length
* \param input buffer holding the data to be encrypted * \param input buffer holding the data to be encrypted
@ -257,6 +258,8 @@ int rsa_private( rsa_context *ctx,
* of ctx->N (eg. 128 bytes if RSA-1024 is used). * of ctx->N (eg. 128 bytes if RSA-1024 is used).
*/ */
int rsa_pkcs1_encrypt( rsa_context *ctx, int rsa_pkcs1_encrypt( rsa_context *ctx,
int (*f_rng)(void *),
void *p_rng,
int mode, int ilen, int mode, int ilen,
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output );

28
library/rsa.c
View File

@ -44,17 +44,12 @@
*/ */
void rsa_init( rsa_context *ctx, void rsa_init( rsa_context *ctx,
int padding, int padding,
int hash_id, int hash_id )
int (*f_rng)(void *),
void *p_rng )
{ {
memset( ctx, 0, sizeof( rsa_context ) ); memset( ctx, 0, sizeof( rsa_context ) );
ctx->padding = padding; ctx->padding = padding;
ctx->hash_id = hash_id; ctx->hash_id = hash_id;
ctx->f_rng = f_rng;
ctx->p_rng = p_rng;
} }
#if defined(POLARSSL_GENPRIME) #if defined(POLARSSL_GENPRIME)
@ -62,12 +57,15 @@ void rsa_init( rsa_context *ctx,
/* /*
* Generate an RSA keypair * Generate an RSA keypair
*/ */
int rsa_gen_key( rsa_context *ctx, int nbits, int exponent ) int rsa_gen_key( rsa_context *ctx,
int (*f_rng)(void *),
void *p_rng,
int nbits, int exponent )
{ {
int ret; int ret;
mpi P1, Q1, H, G; mpi P1, Q1, H, G;
if( ctx->f_rng == NULL || nbits < 128 || exponent < 3 ) if( f_rng == NULL || nbits < 128 || exponent < 3 )
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
mpi_init( &P1, &Q1, &H, &G, NULL ); mpi_init( &P1, &Q1, &H, &G, NULL );
@ -81,10 +79,10 @@ int rsa_gen_key( rsa_context *ctx, int nbits, int exponent )
do do
{ {
MPI_CHK( mpi_gen_prime( &ctx->P, ( nbits + 1 ) >> 1, 0, MPI_CHK( mpi_gen_prime( &ctx->P, ( nbits + 1 ) >> 1, 0,
ctx->f_rng, ctx->p_rng ) ); f_rng, p_rng ) );
MPI_CHK( mpi_gen_prime( &ctx->Q, ( nbits + 1 ) >> 1, 0, MPI_CHK( mpi_gen_prime( &ctx->Q, ( nbits + 1 ) >> 1, 0,
ctx->f_rng, ctx->p_rng ) ); f_rng, p_rng ) );
if( mpi_cmp_mpi( &ctx->P, &ctx->Q ) < 0 ) if( mpi_cmp_mpi( &ctx->P, &ctx->Q ) < 0 )
mpi_swap( &ctx->P, &ctx->Q ); mpi_swap( &ctx->P, &ctx->Q );
@ -297,6 +295,8 @@ cleanup:
* Add the message padding, then do an RSA operation * Add the message padding, then do an RSA operation
*/ */
int rsa_pkcs1_encrypt( rsa_context *ctx, int rsa_pkcs1_encrypt( rsa_context *ctx,
int (*f_rng)(void *),
void *p_rng,
int mode, int ilen, int mode, int ilen,
const unsigned char *input, const unsigned char *input,
unsigned char *output ) unsigned char *output )
@ -310,7 +310,7 @@ int rsa_pkcs1_encrypt( rsa_context *ctx,
{ {
case RSA_PKCS_V15: case RSA_PKCS_V15:
if( ilen < 0 || olen < ilen + 11 || ctx->f_rng == NULL ) if( ilen < 0 || olen < ilen + 11 || f_rng == NULL )
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
nb_pad = olen - 3 - ilen; nb_pad = olen - 3 - ilen;
@ -323,7 +323,7 @@ int rsa_pkcs1_encrypt( rsa_context *ctx,
int rng_dl = 100; int rng_dl = 100;
do { do {
*p = (unsigned char) ctx->f_rng( ctx->p_rng ); *p = (unsigned char) f_rng( p_rng );
} while( *p == 0 && --rng_dl ); } while( *p == 0 && --rng_dl );
// Check if RNG failed to generate data // Check if RNG failed to generate data
@ -725,7 +725,7 @@ int rsa_self_test( int verbose )
unsigned char rsa_decrypted[PT_LEN]; unsigned char rsa_decrypted[PT_LEN];
unsigned char rsa_ciphertext[KEY_LEN]; unsigned char rsa_ciphertext[KEY_LEN];
rsa_init( &rsa, RSA_PKCS_V15, 0, &myrand, NULL ); rsa_init( &rsa, RSA_PKCS_V15, 0 );
rsa.len = KEY_LEN; rsa.len = KEY_LEN;
mpi_read_string( &rsa.N , 16, RSA_N ); mpi_read_string( &rsa.N , 16, RSA_N );
@ -754,7 +754,7 @@ int rsa_self_test( int verbose )
memcpy( rsa_plaintext, RSA_PT, PT_LEN ); memcpy( rsa_plaintext, RSA_PT, PT_LEN );
if( rsa_pkcs1_encrypt( &rsa, RSA_PUBLIC, PT_LEN, if( rsa_pkcs1_encrypt( &rsa, &myrand, NULL, RSA_PUBLIC, PT_LEN,
rsa_plaintext, rsa_ciphertext ) != 0 ) rsa_plaintext, rsa_ciphertext ) != 0 )
{ {
if( verbose != 0 ) if( verbose != 0 )

4
library/ssl_cli.c
View File

@ -584,7 +584,9 @@ static int ssl_write_client_key_exchange( ssl_context *ssl )
ssl->out_msg[5] = (unsigned char)( n ); ssl->out_msg[5] = (unsigned char)( n );
} }
ret = rsa_pkcs1_encrypt( &ssl->peer_cert->rsa, RSA_PUBLIC, ret = rsa_pkcs1_encrypt( &ssl->peer_cert->rsa,
ssl->f_rng, ssl->p_rng,
RSA_PUBLIC,
ssl->pmslen, ssl->premaster, ssl->pmslen, ssl->premaster,
ssl->out_msg + i ); ssl->out_msg + i );
if( ret != 0 ) if( ret != 0 )