- Changed origins of random function and pointer in rsa_pkcs1_encrypt, rsa_init, rsa_gen_key.
Moved to parameters of function instead of context pointers as within ssl_cli, context pointer cannot be set easily.
This commit is contained in:
parent
61c324bbdd
commit
21eb2802fe
@ -11,8 +11,9 @@ Features
|
||||
Changes
|
||||
* Made Makefile cleaner
|
||||
* Removed dependency on rand() in rsa_pkcs1_encrypt().
|
||||
Now using random fuction provided to context.
|
||||
Requires initialization with rsa_init() before use!
|
||||
Now using random fuction provided to function and
|
||||
changed the prototype of rsa_pkcs1_encrypt(),
|
||||
rsa_init() and rsa_gen_key().
|
||||
* Some SSL defines were renamed in order to avoid
|
||||
future confusion
|
||||
|
||||
|
@ -144,8 +144,6 @@ typedef struct
|
||||
|
||||
int padding; /*!< 1.5 or OAEP/PSS */
|
||||
int hash_id; /*!< hash identifier */
|
||||
int (*f_rng)(void *); /*!< RNG function */
|
||||
void *p_rng; /*!< RNG parameter */
|
||||
}
|
||||
rsa_context;
|
||||
|
||||
@ -159,8 +157,6 @@ extern "C" {
|
||||
* \param ctx RSA context to be initialized
|
||||
* \param padding RSA_PKCS_V15 or RSA_PKCS_V21
|
||||
* \param hash_id RSA_PKCS_V21 hash identifier
|
||||
* \param f_rng RNG function
|
||||
* \param p_rng RNG parameter
|
||||
*
|
||||
* \note The hash_id parameter is actually ignored
|
||||
* when using RSA_PKCS_V15 padding.
|
||||
@ -170,23 +166,26 @@ extern "C" {
|
||||
*/
|
||||
void rsa_init( rsa_context *ctx,
|
||||
int padding,
|
||||
int hash_id,
|
||||
int (*f_rng)(void *),
|
||||
void *p_rng );
|
||||
int hash_id);
|
||||
|
||||
/**
|
||||
* \brief Generate an RSA keypair
|
||||
*
|
||||
* \param ctx RSA context that will hold the key
|
||||
* \param f_rng RNG function
|
||||
* \param p_rng RNG parameter
|
||||
* \param nbits size of the public key in bits
|
||||
* \param exponent public exponent (e.g., 65537)
|
||||
*
|
||||
* \note rsa_init() must be called beforehand to setup
|
||||
* the RSA context (especially f_rng and p_rng).
|
||||
* the RSA context.
|
||||
*
|
||||
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
|
||||
*/
|
||||
int rsa_gen_key( rsa_context *ctx, int nbits, int exponent );
|
||||
int rsa_gen_key( rsa_context *ctx,
|
||||
int (*f_rng)(void *),
|
||||
void *p_rng,
|
||||
int nbits, int exponent );
|
||||
|
||||
/**
|
||||
* \brief Check a public RSA key
|
||||
@ -246,6 +245,8 @@ int rsa_private( rsa_context *ctx,
|
||||
* \brief Add the message padding, then do an RSA operation
|
||||
*
|
||||
* \param ctx RSA context
|
||||
* \param f_rng RNG function
|
||||
* \param p_rng RNG parameter
|
||||
* \param mode RSA_PUBLIC or RSA_PRIVATE
|
||||
* \param ilen contains the plaintext length
|
||||
* \param input buffer holding the data to be encrypted
|
||||
@ -257,6 +258,8 @@ int rsa_private( rsa_context *ctx,
|
||||
* of ctx->N (eg. 128 bytes if RSA-1024 is used).
|
||||
*/
|
||||
int rsa_pkcs1_encrypt( rsa_context *ctx,
|
||||
int (*f_rng)(void *),
|
||||
void *p_rng,
|
||||
int mode, int ilen,
|
||||
const unsigned char *input,
|
||||
unsigned char *output );
|
||||
|
@ -44,17 +44,12 @@
|
||||
*/
|
||||
void rsa_init( rsa_context *ctx,
|
||||
int padding,
|
||||
int hash_id,
|
||||
int (*f_rng)(void *),
|
||||
void *p_rng )
|
||||
int hash_id )
|
||||
{
|
||||
memset( ctx, 0, sizeof( rsa_context ) );
|
||||
|
||||
ctx->padding = padding;
|
||||
ctx->hash_id = hash_id;
|
||||
|
||||
ctx->f_rng = f_rng;
|
||||
ctx->p_rng = p_rng;
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_GENPRIME)
|
||||
@ -62,12 +57,15 @@ void rsa_init( rsa_context *ctx,
|
||||
/*
|
||||
* Generate an RSA keypair
|
||||
*/
|
||||
int rsa_gen_key( rsa_context *ctx, int nbits, int exponent )
|
||||
int rsa_gen_key( rsa_context *ctx,
|
||||
int (*f_rng)(void *),
|
||||
void *p_rng,
|
||||
int nbits, int exponent )
|
||||
{
|
||||
int ret;
|
||||
mpi P1, Q1, H, G;
|
||||
|
||||
if( ctx->f_rng == NULL || nbits < 128 || exponent < 3 )
|
||||
if( f_rng == NULL || nbits < 128 || exponent < 3 )
|
||||
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
|
||||
|
||||
mpi_init( &P1, &Q1, &H, &G, NULL );
|
||||
@ -81,10 +79,10 @@ int rsa_gen_key( rsa_context *ctx, int nbits, int exponent )
|
||||
do
|
||||
{
|
||||
MPI_CHK( mpi_gen_prime( &ctx->P, ( nbits + 1 ) >> 1, 0,
|
||||
ctx->f_rng, ctx->p_rng ) );
|
||||
f_rng, p_rng ) );
|
||||
|
||||
MPI_CHK( mpi_gen_prime( &ctx->Q, ( nbits + 1 ) >> 1, 0,
|
||||
ctx->f_rng, ctx->p_rng ) );
|
||||
f_rng, p_rng ) );
|
||||
|
||||
if( mpi_cmp_mpi( &ctx->P, &ctx->Q ) < 0 )
|
||||
mpi_swap( &ctx->P, &ctx->Q );
|
||||
@ -297,6 +295,8 @@ cleanup:
|
||||
* Add the message padding, then do an RSA operation
|
||||
*/
|
||||
int rsa_pkcs1_encrypt( rsa_context *ctx,
|
||||
int (*f_rng)(void *),
|
||||
void *p_rng,
|
||||
int mode, int ilen,
|
||||
const unsigned char *input,
|
||||
unsigned char *output )
|
||||
@ -310,7 +310,7 @@ int rsa_pkcs1_encrypt( rsa_context *ctx,
|
||||
{
|
||||
case RSA_PKCS_V15:
|
||||
|
||||
if( ilen < 0 || olen < ilen + 11 || ctx->f_rng == NULL )
|
||||
if( ilen < 0 || olen < ilen + 11 || f_rng == NULL )
|
||||
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
|
||||
|
||||
nb_pad = olen - 3 - ilen;
|
||||
@ -323,7 +323,7 @@ int rsa_pkcs1_encrypt( rsa_context *ctx,
|
||||
int rng_dl = 100;
|
||||
|
||||
do {
|
||||
*p = (unsigned char) ctx->f_rng( ctx->p_rng );
|
||||
*p = (unsigned char) f_rng( p_rng );
|
||||
} while( *p == 0 && --rng_dl );
|
||||
|
||||
// Check if RNG failed to generate data
|
||||
@ -725,7 +725,7 @@ int rsa_self_test( int verbose )
|
||||
unsigned char rsa_decrypted[PT_LEN];
|
||||
unsigned char rsa_ciphertext[KEY_LEN];
|
||||
|
||||
rsa_init( &rsa, RSA_PKCS_V15, 0, &myrand, NULL );
|
||||
rsa_init( &rsa, RSA_PKCS_V15, 0 );
|
||||
|
||||
rsa.len = KEY_LEN;
|
||||
mpi_read_string( &rsa.N , 16, RSA_N );
|
||||
@ -754,7 +754,7 @@ int rsa_self_test( int verbose )
|
||||
|
||||
memcpy( rsa_plaintext, RSA_PT, PT_LEN );
|
||||
|
||||
if( rsa_pkcs1_encrypt( &rsa, RSA_PUBLIC, PT_LEN,
|
||||
if( rsa_pkcs1_encrypt( &rsa, &myrand, NULL, RSA_PUBLIC, PT_LEN,
|
||||
rsa_plaintext, rsa_ciphertext ) != 0 )
|
||||
{
|
||||
if( verbose != 0 )
|
||||
|
@ -584,7 +584,9 @@ static int ssl_write_client_key_exchange( ssl_context *ssl )
|
||||
ssl->out_msg[5] = (unsigned char)( n );
|
||||
}
|
||||
|
||||
ret = rsa_pkcs1_encrypt( &ssl->peer_cert->rsa, RSA_PUBLIC,
|
||||
ret = rsa_pkcs1_encrypt( &ssl->peer_cert->rsa,
|
||||
ssl->f_rng, ssl->p_rng,
|
||||
RSA_PUBLIC,
|
||||
ssl->pmslen, ssl->premaster,
|
||||
ssl->out_msg + i );
|
||||
if( ret != 0 )
|
||||
|
Loading…
Reference in New Issue
Block a user