Additional rsa signing functions, using rsa_compute_root_tr.

7 files changed, 409 insertions, 4 deletions

diff --git a/ChangeLog b/ChangeLog
index 2ff02f5c..70cc1c28 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,16 @@
+2015-09-17  Niels Möller  <nisse@lysator.liu.se>
+
+	* rsa-md5-sign-tr.c (rsa_md5_sign_tr, rsa_md5_sign_digest_tr): New
+	file, new functions.
+	* rsa-sha1-sign-tr.c (rsa_sha1_sign_tr, rsa_sha1_sign_digest_tr):
+	Likewise.
+	* rsa-sha256-sign-tr.c (rsa_sha256_sign_tr)
+	(rsa_sha256_sign_digest_tr): Likewise.
+	* rsa-sha512-sign-tr.c (rsa_sha512_sign_tr)
+	(rsa_sha512_sign_digest_tr): Likewise.
+	* rsa.h: Added corresponding prototypes.
+	* Makefile.in (hogweed_SOURCES): Added new files.
+
 2015-09-14  Niels Möller  <nisse@lysator.liu.se>
 
 	* rsa-decrypt-tr.c (rsa_decrypt_tr): Use rsa_compute_root_tr.
diff --git a/Makefile.in b/Makefile.in
index 03f1177c..9d47552b 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -146,10 +146,10 @@ hogweed_SOURCES = sexp.c sexp-format.c \
 		  pkcs1-rsa-sha256.c pkcs1-rsa-sha512.c \
 		  rsa.c rsa-sign.c rsa-sign-tr.c rsa-verify.c \
 		  rsa-pkcs1-sign.c rsa-pkcs1-sign-tr.c rsa-pkcs1-verify.c \
-		  rsa-md5-sign.c rsa-md5-verify.c \
-		  rsa-sha1-sign.c rsa-sha1-verify.c \
-		  rsa-sha256-sign.c rsa-sha256-verify.c \
-		  rsa-sha512-sign.c rsa-sha512-verify.c \
+		  rsa-md5-sign.c rsa-md5-sign-tr.c rsa-md5-verify.c \
+		  rsa-sha1-sign.c rsa-sha1-sign-tr.c rsa-sha1-verify.c \
+		  rsa-sha256-sign.c rsa-sha256-sign-tr.c rsa-sha256-verify.c \
+		  rsa-sha512-sign.c rsa-sha512-sign-tr.c rsa-sha512-verify.c \
 		  rsa-encrypt.c rsa-decrypt.c rsa-decrypt-tr.c \
 		  rsa-keygen.c rsa-blind.c \
 		  rsa2sexp.c sexp2rsa.c \
diff --git a/rsa-md5-sign-tr.c b/rsa-md5-sign-tr.c
new file mode 100644
index 00000000..318d5390
--- /dev/null
+++ b/rsa-md5-sign-tr.c
@@ -0,0 +1,81 @@
+/* rsa-md5-sign-tr.c
+
+   Signatures using RSA and MD5.
+
+   Copyright (C) 2001, 2003, 2015 Niels Möller
+
+   This file is part of GNU Nettle.
+
+   GNU Nettle is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+
+   GNU Nettle is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   General Public License for more details.
+
+   You should have received copies of the GNU General Public License and
+   the GNU Lesser General Public License along with this program.  If
+   not, see http://www.gnu.org/licenses/.
+*/
+
+#if HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include <assert.h>
+
+#include "rsa.h"
+
+#include "bignum.h"
+#include "pkcs1.h"
+
+int
+rsa_md5_sign_tr(const struct rsa_public_key *pub,
+		const struct rsa_private_key *key,
+		void *random_ctx, nettle_random_func *random,
+		struct md5_ctx *hash, mpz_t s)
+{
+  mpz_t m;
+  int res;
+
+  mpz_init (m);
+  res = (pkcs1_rsa_md5_encode(m, key->size, hash)
+	 && rsa_compute_root_tr (pub, key,
+				 random_ctx, random,
+				 s, m));
+  mpz_clear (m);
+  return res;
+}
+
+int
+rsa_md5_sign_digest_tr(const struct rsa_public_key *pub,
+		       const struct rsa_private_key *key,
+		       void *random_ctx, nettle_random_func *random,
+		       const uint8_t *digest, mpz_t s)
+{
+  mpz_t m;
+  int res;
+
+  mpz_init (m);
+
+  res = (pkcs1_rsa_md5_encode_digest(m, key->size, digest)
+	 && rsa_compute_root_tr (pub, key,
+				 random_ctx, random,
+				 s, m));
+
+  mpz_clear (m);
+  return res;
+}
diff --git a/rsa-sha1-sign-tr.c b/rsa-sha1-sign-tr.c
new file mode 100644
index 00000000..707acdec
--- /dev/null
+++ b/rsa-sha1-sign-tr.c
@@ -0,0 +1,83 @@
+/* rsa-sha1-sign-tr.c
+
+   Signatures using RSA and SHA1.
+
+   Copyright (C) 2001, 2003, 2015 Niels Möller
+
+   This file is part of GNU Nettle.
+
+   GNU Nettle is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+
+   GNU Nettle is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   General Public License for more details.
+
+   You should have received copies of the GNU General Public License and
+   the GNU Lesser General Public License along with this program.  If
+   not, see http://www.gnu.org/licenses/.
+*/
+
+#if HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include <assert.h>
+
+#include "rsa.h"
+
+#include "bignum.h"
+#include "pkcs1.h"
+
+int
+rsa_sha1_sign_tr(const struct rsa_public_key *pub,
+		 const struct rsa_private_key *key,
+		 void *random_ctx, nettle_random_func *random,
+		 struct sha1_ctx *hash,
+		 mpz_t s)
+{
+  mpz_t m;
+  int res;
+
+  mpz_init (m);
+  res = (pkcs1_rsa_sha1_encode(m, key->size, hash)
+	 && rsa_compute_root_tr (pub, key,
+				 random_ctx, random,
+				 s, m));
+  mpz_clear (m);
+  return res;
+}
+
+int
+rsa_sha1_sign_digest_tr(const struct rsa_public_key *pub,
+			const struct rsa_private_key *key,
+			void *random_ctx, nettle_random_func *random,
+			const uint8_t *digest,
+			mpz_t s)
+{
+  mpz_t m;
+  int res;
+
+  mpz_init (m);
+
+  res = (pkcs1_rsa_sha1_encode_digest(m, key->size, digest)
+	 && rsa_compute_root_tr (pub, key,
+				 random_ctx, random,
+				 s, m));
+
+  mpz_clear (m);
+  return res;
+}
diff --git a/rsa-sha256-sign-tr.c b/rsa-sha256-sign-tr.c
new file mode 100644
index 00000000..4179af8f
--- /dev/null
+++ b/rsa-sha256-sign-tr.c
@@ -0,0 +1,83 @@
+/* rsa-sha256-sign-tr.c
+
+   Signatures using RSA and SHA256.
+
+   Copyright (C) 2001, 2003, 2015 Niels Möller
+
+   This file is part of GNU Nettle.
+
+   GNU Nettle is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+
+   GNU Nettle is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   General Public License for more details.
+
+   You should have received copies of the GNU General Public License and
+   the GNU Lesser General Public License along with this program.  If
+   not, see http://www.gnu.org/licenses/.
+*/
+
+#if HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include <assert.h>
+
+#include "rsa.h"
+
+#include "bignum.h"
+#include "pkcs1.h"
+
+int
+rsa_sha256_sign_tr(const struct rsa_public_key *pub,
+		   const struct rsa_private_key *key,
+		   void *random_ctx, nettle_random_func *random,
+		   struct sha256_ctx *hash,
+		   mpz_t s)
+{
+  mpz_t m;
+  int res;
+
+  mpz_init (m);
+  res = (pkcs1_rsa_sha256_encode(m, key->size, hash)
+	 && rsa_compute_root_tr (pub, key,
+				 random_ctx, random,
+				 s, m));
+  mpz_clear (m);
+  return res;
+}
+
+int
+rsa_sha256_sign_digest_tr(const struct rsa_public_key *pub,
+			  const struct rsa_private_key *key,
+			  void *random_ctx, nettle_random_func *random,
+			  const uint8_t *digest,
+			  mpz_t s)
+{
+  mpz_t m;
+  int res;
+
+  mpz_init (m);
+
+  res = (pkcs1_rsa_sha256_encode_digest(m, key->size, digest)
+	 && rsa_compute_root_tr (pub, key,
+				 random_ctx, random,
+				 s, m));
+
+  mpz_clear (m);
+  return res;
+}
diff --git a/rsa-sha512-sign-tr.c b/rsa-sha512-sign-tr.c
new file mode 100644
index 00000000..158b80f2
--- /dev/null
+++ b/rsa-sha512-sign-tr.c
@@ -0,0 +1,83 @@
+/* rsa-sha512-sign-tr.c
+
+   Signatures using RSA and SHA512.
+
+   Copyright (C) 2001, 2003, 2015 Niels Möller
+
+   This file is part of GNU Nettle.
+
+   GNU Nettle is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+
+   GNU Nettle is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   General Public License for more details.
+
+   You should have received copies of the GNU General Public License and
+   the GNU Lesser General Public License along with this program.  If
+   not, see http://www.gnu.org/licenses/.
+*/
+
+#if HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include <assert.h>
+
+#include "rsa.h"
+
+#include "bignum.h"
+#include "pkcs1.h"
+
+int
+rsa_sha512_sign_tr(const struct rsa_public_key *pub,
+		   const struct rsa_private_key *key,
+		   void *random_ctx, nettle_random_func *random,
+		   struct sha512_ctx *hash,
+		   mpz_t s)
+{
+  mpz_t m;
+  int res;
+
+  mpz_init (m);
+  res = (pkcs1_rsa_sha512_encode(m, key->size, hash)
+	 && rsa_compute_root_tr (pub, key,
+				 random_ctx, random,
+				 s, m));
+  mpz_clear (m);
+  return res;
+}
+
+int
+rsa_sha512_sign_digest_tr(const struct rsa_public_key *pub,
+			  const struct rsa_private_key *key,
+			  void *random_ctx, nettle_random_func *random,
+			  const uint8_t *digest,
+			  mpz_t s)
+{
+  mpz_t m;
+  int res;
+
+  mpz_init (m);
+
+  res = (pkcs1_rsa_sha512_encode_digest(m, key->size, digest)
+	 && rsa_compute_root_tr (pub, key,
+				 random_ctx, random,
+				 s, m));
+
+  mpz_clear (m);
+  return res;
+}
diff --git a/rsa.h b/rsa.h
index 7d50ad90..aefef4b2 100644
--- a/rsa.h
+++ b/rsa.h
@@ -56,20 +56,28 @@ extern "C" {
 #define rsa_pkcs1_sign nettle_rsa_pkcs1_sign
 #define rsa_pkcs1_sign_tr nettle_rsa_pkcs1_sign_tr
 #define rsa_md5_sign nettle_rsa_md5_sign
+#define rsa_md5_sign_tr nettle_rsa_md5_sign_tr
 #define rsa_md5_verify nettle_rsa_md5_verify
 #define rsa_sha1_sign nettle_rsa_sha1_sign
+#define rsa_sha1_sign_tr nettle_rsa_sha1_sign_tr
 #define rsa_sha1_verify nettle_rsa_sha1_verify
 #define rsa_sha256_sign nettle_rsa_sha256_sign
+#define rsa_sha256_sign_tr nettle_rsa_sha256_sign_tr
 #define rsa_sha256_verify nettle_rsa_sha256_verify
 #define rsa_sha512_sign nettle_rsa_sha512_sign
+#define rsa_sha512_sign_tr nettle_rsa_sha512_sign_tr
 #define rsa_sha512_verify nettle_rsa_sha512_verify
 #define rsa_md5_sign_digest nettle_rsa_md5_sign_digest
+#define rsa_md5_sign_digest_tr nettle_rsa_md5_sign_digest_tr
 #define rsa_md5_verify_digest nettle_rsa_md5_verify_digest
 #define rsa_sha1_sign_digest nettle_rsa_sha1_sign_digest
+#define rsa_sha1_sign_digest_tr nettle_rsa_sha1_sign_digest_tr
 #define rsa_sha1_verify_digest nettle_rsa_sha1_verify_digest
 #define rsa_sha256_sign_digest nettle_rsa_sha256_sign_digest
+#define rsa_sha256_sign_digest_tr nettle_rsa_sha256_sign_digest_tr
 #define rsa_sha256_verify_digest nettle_rsa_sha256_verify_digest
 #define rsa_sha512_sign_digest nettle_rsa_sha512_sign_digest
+#define rsa_sha512_sign_digest_tr nettle_rsa_sha512_sign_digest_tr
 #define rsa_sha512_verify_digest nettle_rsa_sha512_verify_digest
 #define rsa_encrypt nettle_rsa_encrypt
 #define rsa_decrypt nettle_rsa_decrypt
@@ -202,6 +210,12 @@ rsa_md5_sign(const struct rsa_private_key *key,
              struct md5_ctx *hash,
              mpz_t signature);
 
+int
+rsa_md5_sign_tr(const struct rsa_public_key *pub,
+		const struct rsa_private_key *key,
+		void *random_ctx, nettle_random_func *random,
+		struct md5_ctx *hash, mpz_t s);
+
 
 int
 rsa_md5_verify(const struct rsa_public_key *key,
@@ -214,6 +228,13 @@ rsa_sha1_sign(const struct rsa_private_key *key,
               mpz_t signature);
 
 int
+rsa_sha1_sign_tr(const struct rsa_public_key *pub,
+		 const struct rsa_private_key *key,
+		 void *random_ctx, nettle_random_func *random,
+		 struct sha1_ctx *hash,
+		 mpz_t s);
+
+int
 rsa_sha1_verify(const struct rsa_public_key *key,
                 struct sha1_ctx *hash,
 		const mpz_t signature);
@@ -224,6 +245,13 @@ rsa_sha256_sign(const struct rsa_private_key *key,
 		mpz_t signature);
 
 int
+rsa_sha256_sign_tr(const struct rsa_public_key *pub,
+		   const struct rsa_private_key *key,
+		   void *random_ctx, nettle_random_func *random,
+		   struct sha256_ctx *hash,
+		   mpz_t s);
+
+int
 rsa_sha256_verify(const struct rsa_public_key *key,
 		  struct sha256_ctx *hash,
 		  const mpz_t signature);
@@ -234,6 +262,13 @@ rsa_sha512_sign(const struct rsa_private_key *key,
 		mpz_t signature);
 
 int
+rsa_sha512_sign_tr(const struct rsa_public_key *pub,
+		   const struct rsa_private_key *key,
+		   void *random_ctx, nettle_random_func *random,
+		   struct sha512_ctx *hash,
+		   mpz_t s);
+
+int
 rsa_sha512_verify(const struct rsa_public_key *key,
 		  struct sha512_ctx *hash,
 		  const mpz_t signature);
@@ -245,6 +280,12 @@ rsa_md5_sign_digest(const struct rsa_private_key *key,
 		    mpz_t s);
 
 int
+rsa_md5_sign_digest_tr(const struct rsa_public_key *pub,
+		       const struct rsa_private_key *key,
+		       void *random_ctx, nettle_random_func *random,
+		       const uint8_t *digest, mpz_t s);
+
+int
 rsa_md5_verify_digest(const struct rsa_public_key *key,
 		      const uint8_t *digest,
 		      const mpz_t signature);
@@ -255,6 +296,13 @@ rsa_sha1_sign_digest(const struct rsa_private_key *key,
 		     mpz_t s);
 
 int
+rsa_sha1_sign_digest_tr(const struct rsa_public_key *pub,
+			const struct rsa_private_key *key,
+			void *random_ctx, nettle_random_func *random,
+			const uint8_t *digest,
+			mpz_t s);
+
+int
 rsa_sha1_verify_digest(const struct rsa_public_key *key,
 		       const uint8_t *digest,
 		       const mpz_t signature);
@@ -265,6 +313,13 @@ rsa_sha256_sign_digest(const struct rsa_private_key *key,
 		       mpz_t s);
 
 int
+rsa_sha256_sign_digest_tr(const struct rsa_public_key *pub,
+			  const struct rsa_private_key *key,
+			  void *random_ctx, nettle_random_func *random,
+			  const uint8_t *digest,
+			  mpz_t s);
+
+int
 rsa_sha256_verify_digest(const struct rsa_public_key *key,
 			 const uint8_t *digest,
 			 const mpz_t signature);
@@ -275,6 +330,13 @@ rsa_sha512_sign_digest(const struct rsa_private_key *key,
 		       mpz_t s);
 
 int
+rsa_sha512_sign_digest_tr(const struct rsa_public_key *pub,
+			  const struct rsa_private_key *key,
+			  void *random_ctx, nettle_random_func *random,
+			  const uint8_t *digest,
+			  mpz_t s);
+
+int
 rsa_sha512_verify_digest(const struct rsa_public_key *key,
 			 const uint8_t *digest,
 			 const mpz_t signature);