Updated calls of md5 functions.
* rsa_sha1.c: Likewise.
* rsa.c (rsa_prepare_public_key): Renamed function, was
rsa_init_public_key.
(rsa_prepare_private_key): Renamed function, was
rsa_init_private_key.
Rev: src/nettle/rsa.c:1.2
Rev: src/nettle/rsa.h:1.3
Rev: src/nettle/rsa_md5.c:1.2
Rev: src/nettle/rsa_sha1.c:1.2
* verify functions. */
int
-rsa_init_public_key(struct rsa_public_key *key)
+rsa_prepare_public_key(struct rsa_public_key *key)
{
unsigned size = (mpz_sizeinbase(key->n, 2) + 7) / 8;
}
int
-rsa_init_private_key(struct rsa_private_key *key)
+rsa_prepare_private_key(struct rsa_private_key *key)
{
- return rsa_init_public_key(&key->pub);
+ return rsa_prepare_public_key(&key->pub);
}
#ifndef RSA_CRT
#define RSA_CRT 1
#endif
-/* Internal function for computing an rsa root.
+/* Computing an rsa root.
*
- * NOTE: We don't really need n not e, so we could delete the public
- * key info from struct rsa_private_key. We do need the size,
- * though. */
+ * NOTE: We don't really need n not e, so we could drop the public
+ * key info from struct rsa_private_key. */
void
-rsa_compute_root(struct rsa_private_key *key, mpz_t x, mpz_t m)
+rsa_compute_root(struct rsa_private_key *key, mpz_t x, const mpz_t m)
{
#if RSA_CRT
{
*
* Store the private key in a rsa_private_key struct.
*
- * Call rsa_init_private_key. This initializes the size attribute
+ * Call rsa_prepare_private_key. This initializes the size attribute
* to the length of a signature.
*
* Initialize a hashing context, by callling
* Hash the message by calling
* md5_update
*
- * Finally, call
+ * Create the signature by calling
* rsa_md5_sign
*
- * The final call stores the signature, of length size, in the supplied buffer,
- * and resets the hashing context.
+ * The signature is represented as a mpz_t bignum. This call also
+ * resets the hashing context.
+ *
+ * When done with the key, don't forget to call mpz_clear.
*/
int
-rsa_init_public_key(struct rsa_public_key *key);
+rsa_prepare_public_key(struct rsa_public_key *key);
int
-rsa_init_private_key(struct rsa_private_key *key);
+rsa_prepare_private_key(struct rsa_private_key *key);
/* PKCS#1 style signatures */
void
rsa_md5_sign(struct rsa_private_key *key,
struct md5_ctx *hash,
- uint8_t *signature);
+ mpz_t signature);
int
rsa_md5_verify(struct rsa_public_key *key,
struct md5_ctx *hash,
- const uint8_t *signature);
+ const mpz_t signature);
void
rsa_sha1_sign(struct rsa_private_key *key,
struct sha1_ctx *hash,
- uint8_t *signature);
+ mpz_t signature);
int
rsa_sha1_verify(struct rsa_public_key *key,
struct sha1_ctx *hash,
- const uint8_t *signature);
+ const mpz_t signature);
/* Compute x, the d:th root of m. Calling it with x == m is allowed. */
void
-rsa_compute_root(struct rsa_private_key *key, mpz_t x, mpz_t m);
+rsa_compute_root(struct rsa_private_key *key, mpz_t x, const mpz_t m);
#endif /* NETTLE_RSA_H_INCLUDED */
void
rsa_md5_sign(struct rsa_private_key *key,
struct md5_ctx *hash,
- uint8_t *signature)
+ mpz_t s)
{
- mpz_t m;
- mpz_init(m);
-
assert(key->pub.size >= 45);
- pkcs1_encode_md5(m, key->pub.size - 1, hash);
-
- rsa_compute_root(key, m, m);
-
- nettle_mpz_get_str_256(key->pub.size, signature, m);
+ pkcs1_encode_md5(s, key->pub.size - 1, hash);
- mpz_clear(m);
+ rsa_compute_root(key, s, s);
}
int
rsa_md5_verify(struct rsa_public_key *key,
struct md5_ctx *hash,
- const uint8_t *signature)
+ const mpz_t s)
{
int res;
- mpz_t m;
- mpz_t s;
-
- mpz_init(m);
+ mpz_t m1;
+ mpz_t m2;
+
+ if ( (mpz_sgn(s) <= 0)
+ || (mpz_cmp(s, key->n) >= 0) )
+ return 0;
+
+ mpz_init(m1); mpz_init(m2);
- nettle_mpz_init_set_str_256(s, key->size, signature);
- mpz_powm(s, s, key->e, key->n);
+ mpz_powm(m1, s, key->e, key->n);
- /* FIXME: Is it cheaper to convert s to a string and check that? */
- pkcs1_encode_md5(m, key->size - 1, hash);
- res = !mpz_cmp(m, s);
+ /* FIXME: Is it cheaper to convert m1 to a string and check that? */
+ pkcs1_encode_md5(m2, key->size - 1, hash);
+ res = !mpz_cmp(m1, m2);
- mpz_clear(m); mpz_clear(s);
+ mpz_clear(m1); mpz_clear(m2);
return res;
}
i = length - MD5_DIGEST_SIZE;
- md5_final(hash);
md5_digest(hash, MD5_DIGEST_SIZE, em + i);
- md5_init(hash);
assert(i >= sizeof(md5_prefix));
void
rsa_sha1_sign(struct rsa_private_key *key,
struct sha1_ctx *hash,
- uint8_t *signature)
+ mpz_t s)
{
- mpz_t m;
- mpz_init(m);
-
assert(key->pub.size >= 45);
- pkcs1_encode_sha1(m, key->pub.size - 1, hash);
-
- rsa_compute_root(key, m, m);
-
- nettle_mpz_get_str_256(key->pub.size, signature, m);
+ pkcs1_encode_sha1(s, key->pub.size - 1, hash);
- mpz_clear(m);
+ rsa_compute_root(key, s, s);
}
int
rsa_sha1_verify(struct rsa_public_key *key,
struct sha1_ctx *hash,
- const uint8_t *signature)
+ const mpz_t s)
{
int res;
- mpz_t m;
- mpz_t s;
+ mpz_t m1;
+ mpz_t m2;
- mpz_init(m);
+ if ( (mpz_sgn(s) <= 0)
+ || (mpz_cmp(s, key->n) >= 0) )
+ return 0;
+
+ mpz_init(m1); mpz_init(m2);
- nettle_mpz_init_set_str_256(s, key->size, signature);
- mpz_powm(s, s, key->e, key->n);
+ mpz_powm(m1, s, key->e, key->n);
/* FIXME: Is it cheaper to convert s to a string and check that? */
- pkcs1_encode_sha1(m, key->size - 1, hash);
- res = !mpz_cmp(m, s);
-
- mpz_clear(m); mpz_clear(s);
+ pkcs1_encode_sha1(m2, key->size - 1, hash);
+ res = !mpz_cmp(m1, m2);
+ mpz_clear(m1); mpz_clear(m2);
+
return res;
}
i = length - SHA1_DIGEST_SIZE;
- sha1_final(hash);
sha1_digest(hash, SHA1_DIGEST_SIZE, em + i);
- sha1_init(hash);
assert(i >= sizeof(sha1_prefix));
projects / thirdparty / nettle.git / commitdiff
