diff options
author | Niels Möller <nisse@lysator.liu.se> | 2003-01-23 23:42:04 +0100 |
---|---|---|
committer | Niels Möller <nisse@lysator.liu.se> | 2003-01-23 23:42:04 +0100 |
commit | 5e6440f059550340b24509a20ac6e35b3215b1f5 (patch) | |
tree | 0fb20f3b9c9e6c4d998897852b8116ef3b9558c0 /rsa.c | |
parent | 97453327a55aeaaebd620a7d1776fba694f6d727 (diff) | |
download | nettle-5e6440f059550340b24509a20ac6e35b3215b1f5.tar.gz |
* rsa_md5.c, rsa_sha1.c: Deleted files, contents spread over
several files for signing and verification.
* rsa-sign.c, rsa-sha1-verify.c, rsa-sha1-sign.c,
rsa-md5-verify.c, rsa-md5-sign.c: New files.
* rsa-sha1-verify.c (rsa_sha1_verify_digest): New function.
* rsa-sha1-sign.c (rsa_sha1_sign_digest): New function.
* rsa-md5-verify.c (rsa_md5_verify_digest): New function.
* rsa-md5-sign.c (rsa_md5_sign_digest): New function.
* rsa-verify.c (_rsa_verify): New file, new function.
* rsa.c (_rsa_check_size): Renamed from rsa_check_size, and made
non-static. Private key functions moved to rsa-sign.c.
Rev: src/nettle/rsa-md5-sign.c:1.1
Rev: src/nettle/rsa-md5-verify.c:1.1
Rev: src/nettle/rsa-sha1-sign.c:1.1
Rev: src/nettle/rsa-sha1-verify.c:1.1
Rev: src/nettle/rsa-sign.c:1.1
Rev: src/nettle/rsa-verify.c:1.1
Rev: src/nettle/rsa.c:1.10
Rev: src/nettle/rsa.h:1.18
Diffstat (limited to 'rsa.c')
-rw-r--r-- | rsa.c | 116 |
1 files changed, 5 insertions, 111 deletions
@@ -55,11 +55,11 @@ rsa_clear_public_key(struct rsa_public_key *key) mpz_clear(key->e); } -/* Computes the size, in octets, of a size BITS modulo. - * Returns 0 if the modulo is too small to be useful. */ +/* Computes the size, in octets, of a the modulo. Returns 0 if the + * modulo is too small to be useful. */ -static unsigned -rsa_check_size(mpz_t n) +unsigned +_rsa_check_size(mpz_t n) { /* Round upwards */ unsigned size = (mpz_sizeinbase(n, 2) + 7) / 8; @@ -80,115 +80,9 @@ rsa_prepare_public_key(struct rsa_public_key *key) return 0; #endif - key->size = rsa_check_size(key->n); + key->size = _rsa_check_size(key->n); return (key->size > 0); } -void -rsa_init_private_key(struct rsa_private_key *key) -{ - mpz_init(key->d); - mpz_init(key->p); - mpz_init(key->q); - mpz_init(key->a); - mpz_init(key->b); - mpz_init(key->c); - - /* Not really necessary, but it seems cleaner to initialize all the - * storage. */ - key->size = 0; -} - -void -rsa_clear_private_key(struct rsa_private_key *key) -{ - mpz_clear(key->d); - mpz_clear(key->p); - mpz_clear(key->q); - mpz_clear(key->a); - mpz_clear(key->b); - mpz_clear(key->c); -} - -int -rsa_prepare_private_key(struct rsa_private_key *key) -{ - /* FIXME: Add further sanity checks. */ - - mpz_t n; - - /* The size of the product is the sum of the sizes of the factors, - * or sometimes one less. It's possible but tricky to compute the - * size without computing the full product. */ - - mpz_init(n); - mpz_mul(n, key->p, key->q); - - key->size = rsa_check_size(n); - - mpz_clear(n); - - return (key->size > 0); -} - -/* Computing an rsa root. */ -void -rsa_compute_root(const struct rsa_private_key *key, - mpz_t x, const mpz_t m) -{ - mpz_t xp; /* modulo p */ - mpz_t xq; /* modulo q */ - - mpz_init(xp); mpz_init(xq); - - /* Compute xq = m^d % q = (m%q)^b % q */ - mpz_fdiv_r(xq, m, key->q); - mpz_powm(xq, xq, key->b, key->q); - - /* Compute xp = m^d % p = (m%p)^a % p */ - mpz_fdiv_r(xp, m, key->p); - mpz_powm(xp, xp, key->a, key->p); - - /* Set xp' = (xp - xq) c % p. */ - mpz_sub(xp, xp, xq); - mpz_mul(xp, xp, key->c); - mpz_fdiv_r(xp, xp, key->p); - - /* Finally, compute x = xq + q xp' - * - * To prove that this works, note that - * - * xp = x + i p, - * xq = x + j q, - * c q = 1 + k p - * - * for some integers i, j and k. Now, for some integer l, - * - * xp' = (xp - xq) c + l p - * = (x + i p - (x + j q)) c + l p - * = (i p - j q) c + l p - * = (i c + l) p - j (c q) - * = (i c + l) p - j (1 + kp) - * = (i c + l - j k) p - j - * - * which shows that xp' = -j (mod p). We get - * - * xq + q xp' = x + j q + (i c + l - j k) p q - j q - * = x + (i c + l - j k) p q - * - * so that - * - * xq + q xp' = x (mod pq) - * - * We also get 0 <= xq + q xp' < p q, because - * - * 0 <= xq < q and 0 <= xp' < p. - */ - mpz_mul(x, key->q, xp); - mpz_add(x, x, xq); - - mpz_clear(xp); mpz_clear(xq); -} - #endif /* WITH_PUBLIC_KEY */ |