From: bg Date: Mon, 14 Nov 2011 01:11:45 +0000 (+0100) Subject: [arm-crypto] basic crt mode for RSA X-Git-Url: https://git.cryptolib.org/?a=commitdiff_plain;h=f47523ef3943cceaa73f0a80360472bc357d60fb;p=arm-crypto-lib.git [arm-crypto] basic crt mode for RSA --- diff --git a/rsa/rsa_basic.c b/rsa/rsa_basic.c index 3e536b8..d152be2 100644 --- a/rsa/rsa_basic.c +++ b/rsa/rsa_basic.c @@ -29,8 +29,55 @@ void rsa_enc(bigint_t* data, rsa_publickey_t* key){ bigint_expmod_u(data, data, key->exponent, key->modulus); } -void rsa_dec(bigint_t* data, rsa_privatekey_t* key){ - bigint_expmod_u(data, data, key->exponent, key->modulus); +/* +(p,q,dp,dq,qinv) +m1 = c**dp % p +m2 = c**dq % q +h = (m1 - m2) * qinv % p +m = m2 + q * h +*/ + +uint8_t rsa_dec_crt_mono(bigint_t* data, rsa_privatekey_t* key){ + bigint_t m1, m2; + m1.wordv = malloc(key->components[0]->length_B * sizeof(bigint_word_t)); + m2.wordv = malloc(key->components[1]->length_B * sizeof(bigint_word_t)); + if(!m1.wordv || !m2.wordv){ + free(m1.wordv); + free(m2.wordv); + return 1; + } + bigint_expmod_u(&m1, data, key->components[2], key->components[0]); + bigint_expmod_u(&m2, data, key->components[3], key->components[1]); + bigint_sub_s(&m1, &m1, &m2); + while(BIGINT_NEG_MASK & m1.info){ + bigint_add_s(&m1, &m1, key->components[0]); + } + bigint_reduce(&m1, key->components[0]); + bigint_mul_u(data, &m1, key->components[4]); + bigint_reduce(data, key->components[0]); + bigint_mul_u(data, data, key->components[1]); + bigint_add_u(data, data, &m2); + free(m1.wordv); + free(m2.wordv); + return 0; +} + +uint8_t rsa_dec(bigint_t* data, rsa_privatekey_t* key){ + if(key->n == 1){ + bigint_expmod_u(data, data, key->components[0], key->modulus); + return 0; + } + if(key->n == 5){ + if (rsa_dec_crt_mono(data, key)){ + return 3; + } + return 0; + } + if(key->n<8 || (key->n-5)%3 != 0){ + return 1; + } + //rsa_dec_crt_multi(data, key, (key->n-5)/3); + return 2; } void rsa_os2ip(bigint_t* dest, const void* data, uint32_t length_B){ diff --git a/rsa/rsa_basic.h b/rsa/rsa_basic.h index a8a2dc8..4dc705d 100644 --- a/rsa/rsa_basic.h +++ b/rsa/rsa_basic.h @@ -28,20 +28,20 @@ typedef struct { } rsa_publickey_t; typedef struct { - bigint_t* exponent; + uint8_t n; bigint_t* modulus; + bigint_t** components; } rsa_privatekey_t; typedef struct { - bigint_t* public_exponent; - bigint_t* private_exponent; - bigint_t* modulus; + rsa_privatekey_t priv; + rsa_publickey_t pub; } rsa_fullkey_t; void rsa_enc(bigint_t* data, rsa_publickey_t* key); -void rsa_dec(bigint_t* data, rsa_privatekey_t* key); +uint8_t rsa_dec(bigint_t* data, rsa_privatekey_t* key); void rsa_os2ip(bigint_t* dest, const void* data, uint32_t length_B); void rsa_i2osp(void* dest, bigint_t* src, uint16_t* out_length_B); diff --git a/rsa/rsa_pkcs15.c b/rsa/rsa_pkcs15.c index 781c9ba..359801e 100644 --- a/rsa/rsa_pkcs15.c +++ b/rsa/rsa_pkcs15.c @@ -69,7 +69,9 @@ uint8_t rsa_decrypt_pkcs15(void* dest, uint16_t* out_length, const void* src, uint16_t m_length, pad_length=0, idx=0; x.wordv = dest; rsa_os2ip(&x, src, length_B); + cli_putstr("\r\ncalling rsa_dec() ..."); rsa_dec(&x, key); + cli_putstr("\r\nfinished rsa_dec() ..."); rsa_i2osp(NULL, &x, &m_length); while(((uint8_t*)x.wordv)[idx]==0 && idxlength_B = (sizeof(private_exponent) + sizeof(bigint_word_t) - 1) / sizeof(bigint_word_t); + epriv->wordv = malloc(epriv->length_B * sizeof(bigint_word_t)); + if(!epriv->wordv){ + cli_putstr("\r\nERROR: OOM!"); + return; + } + memcpy(epriv->wordv, private_exponent, sizeof(private_exponent)); + priv_key.components = malloc(sizeof(bigint_t*)); + priv_key.components[0] = epriv; + priv_key.n = 1; + bigint_changeendianess(epriv); + bigint_adjust(epriv); +} + + +void load_priv_crt_mono(void){ + bigint_t **v; + const uint8_t *bv[5] = {p,q,dp,dq,qinv}; + uint16_t sv[5] = {sizeof(p), sizeof(q), sizeof(dp), sizeof(dq), sizeof(qinv)}; + uint8_t i; + v = malloc(5 * sizeof(bigint_t)); + if(!v){ + cli_putstr("\r\nERROR: OOM!"); + return; + } + priv_key.components = malloc(5*sizeof(bigint_t*)); + if(!priv_key.components){ + cli_putstr("\r\nERROR: OOM!"); + return; + } + priv_key.n = 5; + for(i=0; i<5; ++i){ + v[i] = malloc(sizeof(bigint_t)); + v[i]->info = 0; + v[i]->length_B = (sv[i] + sizeof(bigint_word_t) - 1) / sizeof(bigint_word_t); + v[i]->wordv = calloc(v[i]->length_B , sizeof(bigint_word_t)); + if(!v[i]->wordv){ + cli_putstr("\r\nERROR: OOM!"); + return; + } + memcpy(v[i]->wordv, bv[i], sv[i]); + bigint_changeendianess(v[i]); + bigint_adjust(v[i]); + priv_key.components[i] = v[i]; + } +} + + void load_fix_rsa(void){ - bigint_t *m, *epub, *epriv; + bigint_t *m, *epub; m = malloc(sizeof(bigint_t)); epub = malloc(sizeof(bigint_t)); - epriv = malloc(sizeof(bigint_t)); - if(!m || !epub || !epriv){ + if(!m || !epub){ cli_putstr("\r\nOOM!\r\n"); return; } m->length_B = (sizeof(modulus) + sizeof(bigint_word_t) - 1) / sizeof(bigint_word_t); epub->length_B = (sizeof(public_exponent) + sizeof(bigint_word_t) - 1) / sizeof(bigint_word_t); - epriv->length_B = (sizeof(private_exponent) + sizeof(bigint_word_t) - 1) / sizeof(bigint_word_t); m->wordv = malloc(m->length_B * sizeof(bigint_word_t)); epub->wordv = malloc(epub->length_B * sizeof(bigint_word_t)); - epriv->wordv = malloc(epriv->length_B * sizeof(bigint_word_t)); - if(!m->wordv || !epub->wordv || !epriv->wordv){ + if(!m->wordv || !epub->wordv){ cli_putstr("\r\nOOM!\r\n"); return; } memcpy(m->wordv, modulus, sizeof(modulus)); memcpy(epub->wordv, public_exponent, sizeof(public_exponent)); - memcpy(epriv->wordv, private_exponent, sizeof(private_exponent)); pub_key.modulus = priv_key.modulus = m; pub_key.exponent = epub; - priv_key.exponent = epriv; bigint_changeendianess(m); bigint_adjust(m); bigint_changeendianess(epub); bigint_adjust(epub); - bigint_changeendianess(epriv); - bigint_adjust(epriv); +// load_priv_conventional(); + load_priv_crt_mono(); } + +#define MSG message3 +#define SEED seed3 + void quick_test(void){ uint8_t *ciphertext, *plaintext, rc; uint16_t clen, plen; ciphertext = malloc(clen = pub_key.modulus->length_B * sizeof(bigint_word_t)); plaintext = malloc(pub_key.modulus->length_B * sizeof(bigint_word_t)); - memcpy(ciphertext, message, sizeof(message)); - cli_putstr("\r\nplaintext:\r\n"); - cli_hexdump_block(ciphertext, sizeof(message), 4, 8); - rc = rsa_encrypt_pkcs15(ciphertext, &clen, message, sizeof(message), &pub_key, seed); +// memcpy(ciphertext, message1, sizeof(message1)); + cli_putstr("\r\nplaintext:"); + cli_hexdump_block(MSG, sizeof(MSG), 4, 8); + rc = rsa_encrypt_pkcs15(ciphertext, &clen, MSG, sizeof(MSG), &pub_key, SEED); if(rc){ cli_putstr("\r\nERROR: rsa_encrypt_pkcs15 returned: "); cli_hexdump_byte(rc); return; } - cli_putstr("\r\nciphertext:\r\n"); + cli_putstr("\r\n\r\nciphertext:"); cli_hexdump_block(ciphertext, clen, 4, 8); + uart_flush(0); rc = rsa_decrypt_pkcs15(plaintext, &plen, ciphertext, clen, &priv_key, NULL); if(rc){ cli_putstr("\r\nERROR: rsa_encrypt_pkcs15 returned: "); cli_hexdump_byte(rc); return; } - cli_putstr("\r\nplaintext:\r\n"); + cli_putstr("\r\n\r\nplaintext:"); cli_hexdump_block(plaintext, plen, 4, 8); free(ciphertext); free(plaintext);