1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
|
/*
* Copyright 1999-2002 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#pragma ident "%Z%%M% %I% %E% SMI"
/* Copyright (C) RSA Data Security, Inc. created 1990, 1996. This is an
unpublished work protected as such under copyright law. This work
contains proprietary, confidential, and trade secret information of
RSA Data Security, Inc. Use, disclosure or reproduction without the
express written authorization of RSA Data Security, Inc. is
prohibited.
*/
#include "port_before.h"
#include "global.h"
#include "algae.h"
#include "rsa.h"
#include "bigmath.h"
#include "port_after.h"
/* RSA encryption/decryption with full exponent.
*/
#define GENERATE_BREAK(type) { \
status = type; \
break; \
}
static int RSA PROTO_LIST
((A_RSA_CTX *, unsigned char *, unsigned int *, unsigned int,
const unsigned char *, A_SURRENDER_CTX *));
/* Returns 0, AE_MODULUS_LEN, AE_KEY_INFO.
*/
int A_RSAInit (context, key)
A_RSA_CTX *context;
A_RSA_KEY *key;
{
if (A_IntegerBits (key->modulus.data, key->modulus.len)
> MAX_RSA_MODULUS_BITS)
/* Key size is too big to handle. */
return (AE_MODULUS_LEN);
/* Set the block update blockLen to be big enough to hold the modulus. */
context->blockLen =
(A_IntegerBits (key->modulus.data, key->modulus.len) + 7) / 8;
context->inputLen = 0;
/* convert modulus to bignum representation */
if (CanonicalToBig
(context->modulus, MAX_RSA_MODULUS_WORDS, key->modulus.data,
key->modulus.len))
return (AE_KEY_INFO);
/* compute significant length of modulus */
context->modulusWords = BigLen
(context->modulus, MAX_RSA_MODULUS_WORDS) / 16 + 1;
/* convert exponent to bignum representation */
if (CanonicalToBig
(context->exponent, context->modulusWords,
key->exponent.data, key->exponent.len))
return (AE_KEY_INFO);
return (0);
}
int A_RSAUpdate
(context, partOut, partOutLen, maxPartOutLen, partIn, partInLen,
surrenderContext)
A_RSA_CTX *context;
unsigned char *partOut;
unsigned int *partOutLen;
unsigned int maxPartOutLen;
const unsigned char *partIn;
unsigned int partInLen;
A_SURRENDER_CTX *surrenderContext;
{
int status;
unsigned int partialLen, localPartOutLen;
/* Initialize partOutLen to zero. */
*partOutLen = 0;
if (context->inputLen + partInLen < context->blockLen) {
/* Not enough to encrypt - just accumulate.
*/
T_memcpy
((POINTER)(context->input + context->inputLen), (CPOINTER)partIn,
partInLen);
context->inputLen += partInLen;
return (0);
}
if (context->inputLen > 0) {
/* Need to accumulate the rest of the block bytes into the input and
encrypt from there (otherwise it's OK to encrypt straight from
the partIn).
*/
partialLen = context->blockLen - context->inputLen;
T_memcpy
((POINTER)(context->input + context->inputLen), (CPOINTER)partIn,
partialLen);
partIn += partialLen;
partInLen -= partialLen;
if ((status = RSA
(context, partOut, &localPartOutLen, maxPartOutLen, context->input,
surrenderContext)) != 0)
return (status);
(*partOutLen) += localPartOutLen;
partOut += localPartOutLen;
maxPartOutLen -= localPartOutLen;
}
/* Encrypt as many blocks of input as provided.
*/
while (partInLen >= context->blockLen) {
if ((status = RSA
(context, partOut, &localPartOutLen, maxPartOutLen, partIn,
surrenderContext)) != 0)
return (status);
partIn += context->blockLen;
partInLen -= context->blockLen;
(*partOutLen) += localPartOutLen;
partOut += localPartOutLen;
maxPartOutLen -= localPartOutLen;
}
/* Copy remaining input bytes to the context's input buffer.
*/
T_memcpy
((POINTER)context->input, partIn, context->inputLen = partInLen);
return (0);
}
int A_RSAFinal (context)
A_RSA_CTX *context;
{
if (context->inputLen != 0)
return (AE_INPUT_LEN);
/* Restart context to accumulate a new block. */
context->inputLen = 0;
return (0);
}
/* Assume input length is context->blockLen.
*/
static int RSA
(context, output, outputLen, maxOutputLen, input, surrenderContext)
A_RSA_CTX *context;
unsigned char *output;
unsigned int *outputLen;
unsigned int maxOutputLen;
const unsigned char *input;
A_SURRENDER_CTX *surrenderContext;
{
struct ModExpFrame {
UINT2 bigInBuf[MAX_RSA_MODULUS_WORDS], bigOutBuf[MAX_RSA_MODULUS_WORDS];
} *frame = (struct ModExpFrame *)NULL_PTR;
#if !USE_ALLOCED_FRAME
struct ModExpFrame stackFrame;
#endif
int status;
status = 0;
do {
if ((*outputLen = context->blockLen) > maxOutputLen)
return (AE_OUTPUT_LEN);
#if USE_ALLOCED_FRAME
if ((frame = (struct ModExpFrame *)T_malloc (sizeof (*frame)))
== (struct ModExpFrame *)NULL_PTR) {
status = AE_ALLOC;
break;
}
#else
/* Just use the buffers allocated on the stack. */
frame = &stackFrame;
#endif
/* Convert input to bignum representation.
This won't return AE_DATA since input length was checked at Update.
*/
CanonicalToBig
(frame->bigInBuf, context->modulusWords, input, context->blockLen);
/* Check for overflow. */
if (BigCmp (frame->bigInBuf, context->modulus, context->modulusWords) >= 0)
GENERATE_BREAK (AE_INPUT_DATA);
/* Exponentiate. */
if ((status = BigModExp
(frame->bigOutBuf, frame->bigInBuf, context->exponent,
context->modulus, context->modulusWords, surrenderContext)) != 0)
break;
/* Convert output to canonical representation.
This won't return AE_DATA since outputLen was set above.
*/
BigToCanonical
(output, *outputLen, frame->bigOutBuf, context->modulusWords);
} while (0);
if (frame != (struct ModExpFrame *)NULL_PTR) {
T_memset ((POINTER)frame, 0, sizeof (*frame));
#if USE_ALLOCED_FRAME
T_free ((POINTER)frame);
#endif
}
return (status);
}
|
