diff options
author | Niels Möller <nisse@lysator.liu.se> | 2012-06-09 14:30:24 +0200 |
---|---|---|
committer | Niels Möller <nisse@lysator.liu.se> | 2012-06-09 14:44:18 +0200 |
commit | a3eb7a92ee86bb01ebe1a52de88244a9c0c39ca8 (patch) | |
tree | 93d13f02fa3ffde6849f0b2210b939eb7ed021d5 /rsa-decrypt-tr.c | |
parent | adad6eaac2d03fba830eb1630b5458c1ac7f1907 (diff) | |
download | nettle-a3eb7a92ee86bb01ebe1a52de88244a9c0c39ca8.tar.gz |
Moved rsa blinding code to a separate file.
Diffstat (limited to 'rsa-decrypt-tr.c')
-rw-r--r-- | rsa-decrypt-tr.c | 43 |
1 files changed, 3 insertions, 40 deletions
diff --git a/rsa-decrypt-tr.c b/rsa-decrypt-tr.c index d130a069..1e21e985 100644 --- a/rsa-decrypt-tr.c +++ b/rsa-decrypt-tr.c @@ -33,47 +33,10 @@ #include "bignum.h" #include "pkcs1.h" -/* Blinds the c, by computing c *= r^e (mod n), for a random r. Also - returns the inverse (ri), for use by rsa_unblind. */ -static void -rsa_blind (const struct rsa_public_key *pub, - void *random_ctx, nettle_random_func random, - mpz_t c, mpz_t ri) -{ - mpz_t r; - - mpz_init(r); - - /* c = c*(r^e) - * ri = r^(-1) - */ - do - { - nettle_mpz_random(r, random_ctx, random, pub->n); - /* invert r */ - } - while (!mpz_invert (ri, r, pub->n)); - - /* c = c*(r^e) mod n */ - mpz_powm(r, r, pub->e, pub->n); - mpz_mul(c, c, r); - mpz_fdiv_r(c, c, pub->n); - - mpz_clear(r); -} - -/* c *= ri mod n */ -static void -rsa_unblind (const struct rsa_public_key *pub, mpz_t c, const mpz_t ri) -{ - mpz_mul(c, c, ri); - mpz_fdiv_r(c, c, pub->n); -} - int rsa_decrypt_tr(const struct rsa_public_key *pub, const struct rsa_private_key *key, - void *random_ctx, nettle_random_func random, + void *random_ctx, nettle_random_func random, unsigned *length, uint8_t *message, const mpz_t gibberish) { @@ -83,9 +46,9 @@ rsa_decrypt_tr(const struct rsa_public_key *pub, mpz_init_set(m, gibberish); mpz_init (ri); - rsa_blind (pub, random_ctx, random, m, ri); + _rsa_blind (pub, random_ctx, random, m, ri); rsa_compute_root(key, m, m); - rsa_unblind (pub, m, ri); + _rsa_unblind (pub, m, ri); mpz_clear (ri); res = pkcs1_decrypt (key->size, m, length, message); |