diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-05-23 21:19:48 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-05-23 21:19:48 +0200 |
| commit | 520827b6f8a49ee9351bb12f63160a773ad46997 (patch) | |
| tree | 3531e2aae719aa8bcfc63125947773c167cdbfd4 | |
| parent | cf87a7deefc96c09e17a4a80d45e4c0462c4c335 (diff) | |
| download | gnutls-520827b6f8a49ee9351bb12f63160a773ad46997.tar.gz | |
Common code for calculation of RSA exp1 and exp2. Also update the openpgp
code to calculate those values.
| -rw-r--r-- | lib/gcrypt/pk.c | 20 | ||||
| -rw-r--r-- | lib/gnutls_pk.c | 36 | ||||
| -rw-r--r-- | lib/gnutls_pk.h | 2 | ||||
| -rw-r--r-- | lib/opencdk/pubkey.c | 2 | ||||
| -rw-r--r-- | lib/openpgp/privkey.c | 16 | ||||
| -rw-r--r-- | lib/x509/privkey.c | 34 |
6 files changed, 69 insertions, 41 deletions
diff --git a/lib/gcrypt/pk.c b/lib/gcrypt/pk.c index 593c6e6cf0..fcc5e2a0fa 100644 --- a/lib/gcrypt/pk.c +++ b/lib/gcrypt/pk.c @@ -741,21 +741,13 @@ _rsa_generate_params (bigint_t * resarr, int *resarr_len, int bits) goto cleanup; } - /* [6] = d % p-1, [7] = d % q-1 */ - _gnutls_mpi_sub_ui(tmp, resarr[3]/*p*/, 1); - resarr[6] = _gnutls_mpi_mod(resarr[2]/*d*/, tmp); - - _gnutls_mpi_sub_ui(tmp, resarr[4]/*q*/, 1); - resarr[7] = _gnutls_mpi_mod(resarr[2]/*d*/, tmp); - - _gnutls_mpi_release(&tmp); - - if (resarr[6] == NULL || resarr[7] == NULL) + ret = _gnutls_calc_rsa_exp(resarr, 2 + *resarr_len); + if (ret < 0) { - gnutls_assert(); - ret= GNUTLS_E_MEMORY_ERROR; - goto cleanup; - } + gnutls_assert(); + ret= GNUTLS_E_MEMORY_ERROR; + goto cleanup; + } (*resarr_len)+=2; diff --git a/lib/gnutls_pk.c b/lib/gnutls_pk.c index 77d1434b79..38d50582ee 100644 --- a/lib/gnutls_pk.c +++ b/lib/gnutls_pk.c @@ -609,3 +609,39 @@ gnutls_pk_params_release (gnutls_pk_params_st * p) _gnutls_mpi_release (&p->params[i]); } } + +int _gnutls_calc_rsa_exp(bigint_t* params, unsigned int params_size) +{ +int ret; +bigint_t tmp = _gnutls_mpi_alloc_like(params[0]); + + if (params_size < RSA_PRIVATE_PARAMS) + { + gnutls_assert(); + return GNUTLS_E_INTERNAL_ERROR; + } + + if (tmp == NULL) + { + gnutls_assert (); + return GNUTLS_E_MEMORY_ERROR; + } + + /* [6] = d % p-1, [7] = d % q-1 */ + _gnutls_mpi_sub_ui(tmp, params[3], 1); + params[6] = _gnutls_mpi_mod(params[2]/*d*/, tmp); + + _gnutls_mpi_sub_ui(tmp, params[4], 1); + params[7] = _gnutls_mpi_mod(params[2]/*d*/, tmp); + + _gnutls_mpi_release(&tmp); + + if (params[7] == NULL || params[6] == NULL) + { + gnutls_assert (); + return GNUTLS_E_MEMORY_ERROR; + } + + return 0; +} + diff --git a/lib/gnutls_pk.h b/lib/gnutls_pk.h index 4fc97853bc..826c0e21a3 100644 --- a/lib/gnutls_pk.h +++ b/lib/gnutls_pk.h @@ -77,4 +77,6 @@ int _gnutls_decode_ber_rs (const gnutls_datum_t * sig_value, bigint_t * r, bigint_t * s); +int _gnutls_calc_rsa_exp(bigint_t* params, unsigned int params_size); + #endif /* GNUTLS_PK_H */ diff --git a/lib/opencdk/pubkey.c b/lib/opencdk/pubkey.c index d9f66f2474..12d940834f 100644 --- a/lib/opencdk/pubkey.c +++ b/lib/opencdk/pubkey.c @@ -193,7 +193,7 @@ cdk_pk_get_nskey (int algo) int ret; if (is_RSA (algo)) - ret = RSA_PRIVATE_PARAMS; + ret = RSA_PRIVATE_PARAMS-2; /* we don't have exp1 and exp2 */ else if (is_DSA (algo)) ret = DSA_PRIVATE_PARAMS; else if (is_ELG (algo)) diff --git a/lib/openpgp/privkey.c b/lib/openpgp/privkey.c index bc4c63518b..4bec39baa6 100644 --- a/lib/openpgp/privkey.c +++ b/lib/openpgp/privkey.c @@ -708,7 +708,7 @@ _gnutls_openpgp_privkey_get_mpis (gnutls_openpgp_privkey_t pkey, switch (pk_algorithm) { case GNUTLS_PK_RSA: - local_params = RSA_PRIVATE_PARAMS; + local_params = RSA_PRIVATE_PARAMS-2; break; case GNUTLS_PK_DSA: local_params = DSA_PRIVATE_PARAMS; @@ -726,7 +726,6 @@ _gnutls_openpgp_privkey_get_mpis (gnutls_openpgp_privkey_t pkey, *params_size = local_params; - for (i = 0; i < local_params; i++) { result = _gnutls_read_pgp_mpi (pkt, 1, i, ¶ms[i]); @@ -737,6 +736,19 @@ _gnutls_openpgp_privkey_get_mpis (gnutls_openpgp_privkey_t pkey, } } + if (pk_algorithm==GNUTLS_PK_RSA) + { + /* on RSA we need to calculate exp1 and exp2 */ + result = _gnutls_calc_rsa_exp(params, RSA_PRIVATE_PARAMS); + if (result < 0) + { + gnutls_assert(); + i = *params_size; + goto error; + } + *params_size = RSA_PRIVATE_PARAMS; + } + return 0; error: diff --git a/lib/x509/privkey.c b/lib/x509/privkey.c index b5b0f27626..f2dc648c71 100644 --- a/lib/x509/privkey.c +++ b/lib/x509/privkey.c @@ -588,32 +588,18 @@ gnutls_x509_privkey_import_rsa_raw2 (gnutls_x509_privkey_t key, return GNUTLS_E_MPI_SCAN_FAILED; } } - else /* calculate e1 and e2 */ + else { - bigint_t tmp = _gnutls_mpi_alloc_like(key->params[0]); - if (tmp == NULL) - { - gnutls_assert (); - FREE_RSA_PRIVATE_PARAMS; - return GNUTLS_E_MEMORY_ERROR; - } - - /* [6] = d % p-1, [7] = d % q-1 */ - _gnutls_mpi_sub_ui(tmp, key->params[3], 1); - key->params[6] = _gnutls_mpi_mod(key->params[2]/*d*/, tmp); - - _gnutls_mpi_sub_ui(tmp, key->params[4], 1); - key->params[7] = _gnutls_mpi_mod(key->params[2]/*d*/, tmp); - - _gnutls_mpi_release(&tmp); - - if (key->params[7] == NULL || key->params[6] == NULL) - { - gnutls_assert (); - FREE_RSA_PRIVATE_PARAMS; - return GNUTLS_E_MEMORY_ERROR; - } + /* calculate exp1 and exp2 */ + ret = _gnutls_calc_rsa_exp(key->params, key->params_size); + if (ret < 0) + { + gnutls_assert(); + FREE_RSA_PRIVATE_PARAMS; + return ret; + } } + if (!key->crippled) |