From 21eb2802fe70df92216f4c9a13b45e8c3e96fa7a Mon Sep 17 00:00:00 2001 From: Paul Bakker Date: Mon, 16 Aug 2010 11:10:02 +0000 Subject: [PATCH] - Changed origins of random function and pointer in rsa_pkcs1_encrypt, rsa_init, rsa_gen_key. Moved to parameters of function instead of context pointers as within ssl_cli, context pointer cannot be set easily. --- ChangeLog | 5 +++-- include/polarssl/rsa.h | 21 ++++++++++++--------- library/rsa.c | 28 ++++++++++++++-------------- library/ssl_cli.c | 4 +++- 4 files changed, 32 insertions(+), 26 deletions(-) diff --git a/ChangeLog b/ChangeLog index 9e77f2c86..555739469 100644 --- a/ChangeLog +++ b/ChangeLog @@ -11,8 +11,9 @@ Features Changes * Made Makefile cleaner * Removed dependency on rand() in rsa_pkcs1_encrypt(). - Now using random fuction provided to context. - Requires initialization with rsa_init() before use! + Now using random fuction provided to function and + changed the prototype of rsa_pkcs1_encrypt(), + rsa_init() and rsa_gen_key(). * Some SSL defines were renamed in order to avoid future confusion diff --git a/include/polarssl/rsa.h b/include/polarssl/rsa.h index 03f7956dd..5fae7947c 100644 --- a/include/polarssl/rsa.h +++ b/include/polarssl/rsa.h @@ -144,8 +144,6 @@ typedef struct int padding; /*!< 1.5 or OAEP/PSS */ int hash_id; /*!< hash identifier */ - int (*f_rng)(void *); /*!< RNG function */ - void *p_rng; /*!< RNG parameter */ } rsa_context; @@ -159,8 +157,6 @@ extern "C" { * \param ctx RSA context to be initialized * \param padding RSA_PKCS_V15 or RSA_PKCS_V21 * \param hash_id RSA_PKCS_V21 hash identifier - * \param f_rng RNG function - * \param p_rng RNG parameter * * \note The hash_id parameter is actually ignored * when using RSA_PKCS_V15 padding. @@ -170,23 +166,26 @@ extern "C" { */ void rsa_init( rsa_context *ctx, int padding, - int hash_id, - int (*f_rng)(void *), - void *p_rng ); + int hash_id); /** * \brief Generate an RSA keypair * * \param ctx RSA context that will hold the key + * \param f_rng RNG function + * \param p_rng RNG parameter * \param nbits size of the public key in bits * \param exponent public exponent (e.g., 65537) * * \note rsa_init() must be called beforehand to setup - * the RSA context (especially f_rng and p_rng). + * the RSA context. * * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code */ -int rsa_gen_key( rsa_context *ctx, int nbits, int exponent ); +int rsa_gen_key( rsa_context *ctx, + int (*f_rng)(void *), + void *p_rng, + int nbits, int exponent ); /** * \brief Check a public RSA key @@ -246,6 +245,8 @@ int rsa_private( rsa_context *ctx, * \brief Add the message padding, then do an RSA operation * * \param ctx RSA context + * \param f_rng RNG function + * \param p_rng RNG parameter * \param mode RSA_PUBLIC or RSA_PRIVATE * \param ilen contains the plaintext length * \param input buffer holding the data to be encrypted @@ -257,6 +258,8 @@ int rsa_private( rsa_context *ctx, * of ctx->N (eg. 128 bytes if RSA-1024 is used). */ int rsa_pkcs1_encrypt( rsa_context *ctx, + int (*f_rng)(void *), + void *p_rng, int mode, int ilen, const unsigned char *input, unsigned char *output ); diff --git a/library/rsa.c b/library/rsa.c index 333e25c41..77404fccb 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -44,17 +44,12 @@ */ void rsa_init( rsa_context *ctx, int padding, - int hash_id, - int (*f_rng)(void *), - void *p_rng ) + int hash_id ) { memset( ctx, 0, sizeof( rsa_context ) ); ctx->padding = padding; ctx->hash_id = hash_id; - - ctx->f_rng = f_rng; - ctx->p_rng = p_rng; } #if defined(POLARSSL_GENPRIME) @@ -62,12 +57,15 @@ void rsa_init( rsa_context *ctx, /* * Generate an RSA keypair */ -int rsa_gen_key( rsa_context *ctx, int nbits, int exponent ) +int rsa_gen_key( rsa_context *ctx, + int (*f_rng)(void *), + void *p_rng, + int nbits, int exponent ) { int ret; mpi P1, Q1, H, G; - if( ctx->f_rng == NULL || nbits < 128 || exponent < 3 ) + if( f_rng == NULL || nbits < 128 || exponent < 3 ) return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); mpi_init( &P1, &Q1, &H, &G, NULL ); @@ -81,10 +79,10 @@ int rsa_gen_key( rsa_context *ctx, int nbits, int exponent ) do { MPI_CHK( mpi_gen_prime( &ctx->P, ( nbits + 1 ) >> 1, 0, - ctx->f_rng, ctx->p_rng ) ); + f_rng, p_rng ) ); MPI_CHK( mpi_gen_prime( &ctx->Q, ( nbits + 1 ) >> 1, 0, - ctx->f_rng, ctx->p_rng ) ); + f_rng, p_rng ) ); if( mpi_cmp_mpi( &ctx->P, &ctx->Q ) < 0 ) mpi_swap( &ctx->P, &ctx->Q ); @@ -297,6 +295,8 @@ cleanup: * Add the message padding, then do an RSA operation */ int rsa_pkcs1_encrypt( rsa_context *ctx, + int (*f_rng)(void *), + void *p_rng, int mode, int ilen, const unsigned char *input, unsigned char *output ) @@ -310,7 +310,7 @@ int rsa_pkcs1_encrypt( rsa_context *ctx, { case RSA_PKCS_V15: - if( ilen < 0 || olen < ilen + 11 || ctx->f_rng == NULL ) + if( ilen < 0 || olen < ilen + 11 || f_rng == NULL ) return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); nb_pad = olen - 3 - ilen; @@ -323,7 +323,7 @@ int rsa_pkcs1_encrypt( rsa_context *ctx, int rng_dl = 100; do { - *p = (unsigned char) ctx->f_rng( ctx->p_rng ); + *p = (unsigned char) f_rng( p_rng ); } while( *p == 0 && --rng_dl ); // Check if RNG failed to generate data @@ -725,7 +725,7 @@ int rsa_self_test( int verbose ) unsigned char rsa_decrypted[PT_LEN]; unsigned char rsa_ciphertext[KEY_LEN]; - rsa_init( &rsa, RSA_PKCS_V15, 0, &myrand, NULL ); + rsa_init( &rsa, RSA_PKCS_V15, 0 ); rsa.len = KEY_LEN; mpi_read_string( &rsa.N , 16, RSA_N ); @@ -754,7 +754,7 @@ int rsa_self_test( int verbose ) memcpy( rsa_plaintext, RSA_PT, PT_LEN ); - if( rsa_pkcs1_encrypt( &rsa, RSA_PUBLIC, PT_LEN, + if( rsa_pkcs1_encrypt( &rsa, &myrand, NULL, RSA_PUBLIC, PT_LEN, rsa_plaintext, rsa_ciphertext ) != 0 ) { if( verbose != 0 ) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index ba1d287ab..cebcceb05 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -584,7 +584,9 @@ static int ssl_write_client_key_exchange( ssl_context *ssl ) ssl->out_msg[5] = (unsigned char)( n ); } - ret = rsa_pkcs1_encrypt( &ssl->peer_cert->rsa, RSA_PUBLIC, + ret = rsa_pkcs1_encrypt( &ssl->peer_cert->rsa, + ssl->f_rng, ssl->p_rng, + RSA_PUBLIC, ssl->pmslen, ssl->premaster, ssl->out_msg + i ); if( ret != 0 )