2 * Copyright (C) 2017 Denys Vlasenko
4 * Licensed under GPLv2, see file LICENSE in this source tree.
8 #define pkcs1Pad(in, inlen, out, outlen, cryptType, userPtr) \
9 pkcs1Pad(in, inlen, out, outlen, cryptType)
11 int32 pkcs1Pad(unsigned char *in, uint32 inlen, unsigned char *out,
12 uint32 outlen, int32 cryptType, void *userPtr)
17 randomLen = outlen - 3 - inlen;
19 psTraceCrypto("pkcs1Pad failure\n");
25 *c = (unsigned char)cryptType;
27 if (cryptType == PUBKEY_TYPE) {
28 while (randomLen-- > 0) {
32 if (matrixCryptoGetPrngData(c, (uint32)randomLen, userPtr) < 0) {
33 return PS_PLATFORM_FAIL;
36 SECURITY: Read through the random data and change all 0x0 to 0x01.
37 This is per spec that no random bytes should be 0
39 while (randomLen-- > 0) {
53 #define psRsaCrypt(pool, in, inlen, out, outlen, key, type, data) \
54 psRsaCrypt(pool, in, inlen, out, outlen, key, type)
56 int32 psRsaCrypt(psPool_t *pool, const unsigned char *in, uint32 inlen,
57 unsigned char *out, uint32 *outlen, psRsaKey_t *key, int32 type,
60 pstm_int tmp, tmpa, tmpb;
64 if (in == NULL || out == NULL || outlen == NULL || key == NULL) {
65 psTraceCrypto("NULL parameter error in psRsaCrypt\n");
69 tmp.dp = tmpa.dp = tmpb.dp = NULL;
71 /* Init and copy into tmp */
72 if (pstm_init_for_read_unsigned_bin(pool, &tmp, inlen + sizeof(pstm_digit))
76 if (pstm_read_unsigned_bin(&tmp, (unsigned char *)in, inlen) != PS_SUCCESS){
80 /* Sanity check on the input */
81 if (pstm_cmp(&key->N, &tmp) == PSTM_LT) {
85 if (type == PRIVKEY_TYPE) {
87 if (pstm_init_size(pool, &tmpa, key->p.alloc) != PS_SUCCESS) {
91 if (pstm_init_size(pool, &tmpb, key->q.alloc) != PS_SUCCESS) {
96 if (pstm_exptmod(pool, &tmp, &key->dP, &key->p, &tmpa) !=
98 psTraceCrypto("decrypt error: pstm_exptmod dP, p\n");
101 if (pstm_exptmod(pool, &tmp, &key->dQ, &key->q, &tmpb) !=
103 psTraceCrypto("decrypt error: pstm_exptmod dQ, q\n");
106 if (pstm_sub(&tmpa, &tmpb, &tmp) != PS_SUCCESS) {
107 psTraceCrypto("decrypt error: sub tmpb, tmp\n");
110 if (pstm_mulmod(pool, &tmp, &key->qP, &key->p, &tmp) != PS_SUCCESS) {
111 psTraceCrypto("decrypt error: pstm_mulmod qP, p\n");
114 if (pstm_mul_comba(pool, &tmp, &key->q, &tmp, NULL, 0)
116 psTraceCrypto("decrypt error: pstm_mul q \n");
119 if (pstm_add(&tmp, &tmpb, &tmp) != PS_SUCCESS) {
120 psTraceCrypto("decrypt error: pstm_add tmp \n");
124 if (pstm_exptmod(pool, &tmp, &key->d, &key->N, &tmp) !=
126 psTraceCrypto("psRsaCrypt error: pstm_exptmod\n");
130 } else if (type == PUBKEY_TYPE) {
131 if (pstm_exptmod(pool, &tmp, &key->e, &key->N, &tmp) != PS_SUCCESS) {
132 psTraceCrypto("psRsaCrypt error: pstm_exptmod\n");
136 psTraceCrypto("psRsaCrypt error: invalid type param\n");
140 x = pstm_unsigned_bin_size(&key->N);
142 if ((uint32)x > *outlen) {
144 psTraceCrypto("psRsaCrypt error: pstm_unsigned_bin_size\n");
147 /* We want the encrypted value to always be the key size. Pad with 0x0 */
148 while ((uint32)x < (unsigned long)key->size) {
157 if (pstm_to_unsigned_bin(pool, &tmp, out+(x-pstm_unsigned_bin_size(&tmp)))
159 psTraceCrypto("psRsaCrypt error: pstm_to_unsigned_bin\n");
162 /* Clean up and return */
168 if (type == PRIVKEY_TYPE && key->optimized) {
169 pstm_clear_multi(&tmpa, &tmpb, NULL, NULL, NULL, NULL, NULL, NULL);
175 int32 psRsaEncryptPub(psPool_t *pool, psRsaKey_t *key,
176 unsigned char *in, uint32 inlen,
177 unsigned char *out, uint32 outlen, void *data)
184 psTraceCrypto("Error on bad outlen parameter to psRsaEncryptPub\n");
188 if ((err = pkcs1Pad(in, inlen, out, size, PRIVKEY_TYPE, data))
190 psTraceCrypto("Error padding psRsaEncryptPub. Likely data too long\n");
193 if ((err = psRsaCrypt(pool, out, size, out, (uint32*)&outlen, key,
194 PUBKEY_TYPE, data)) < PS_SUCCESS) {
195 psTraceCrypto("Error performing psRsaEncryptPub\n");
198 if (outlen != size) {
199 psTraceCrypto("Encrypted size error in psRsaEncryptPub\n");