45 #define EACCES_VERIFY \ 46 __einfo_error ( EINFO_EACCES_VERIFY ) 47 #define EINFO_EACCES_VERIFY \ 48 __einfo_uniqify ( EINFO_EACCES, 0x01, "RSA signature incorrect" ) 108 size_t exponent_len ) {
115 bigint_t ( exponent_size ) exponent;
122 dynamic =
malloc (
sizeof ( *dynamic ) );
128 context->
modulus0 = &dynamic->modulus.element[0];
130 context->
max_len = modulus_len;
131 context->
exponent0 = &dynamic->exponent.element[0];
133 context->
input0 = &dynamic->input.element[0];
134 context->
output0 = &dynamic->output.element[0];
135 context->
tmp = &dynamic->tmp;
151 memcpy ( integer,
raw,
sizeof ( *integer ) );
155 if ( ( integer->
len > 1 ) &&
162 if ( ! integer->
len )
185 memcpy ( &cursor,
raw,
sizeof ( cursor ) );
199 &rsa_encryption_algorithm ) == 0 ) {
262 memset ( context, 0,
sizeof ( *context ) );
266 DBGC ( context,
"RSA %p invalid modulus/exponent:\n", context );
271 DBGC ( context,
"RSA %p modulus:\n", context );
273 DBGC ( context,
"RSA %p exponent:\n", context );
323 const void *
in,
void *
out ) {
350 size_t plaintext_len,
void *ciphertext ) {
355 size_t random_nz_len;
358 DBGC ( &context,
"RSA %p encrypting:\n", &context );
359 DBGC_HDA ( &context, 0, plaintext, plaintext_len );
367 random_nz_len = (
max_len - plaintext_len + 8 );
370 if ( plaintext_len >
max_len ) {
371 DBGC ( &context,
"RSA %p plaintext too long (%zd bytes, max " 372 "%zd)\n", &context, plaintext_len,
max_len );
385 DBGC ( &context,
"RSA %p could not generate random data: %s\n",
389 encoded[ 2 + random_nz_len ] = 0x00;
391 plaintext, plaintext_len );
395 DBGC ( &context,
"RSA %p encrypted:\n", &context );
420 size_t ciphertext_len,
void *plaintext ) {
427 size_t plaintext_len;
430 DBGC ( &context,
"RSA %p decrypting:\n", &context );
431 DBGC_HDA ( &context, 0, ciphertext, ciphertext_len );
438 if ( ciphertext_len != context.
max_len ) {
439 DBGC ( &context,
"RSA %p ciphertext incorrect length (%zd " 440 "bytes, should be %zd)\n",
441 &context, ciphertext_len, context.
max_len );
455 if ( ( encoded[0] != 0x00 ) || ( encoded[1] != 0x02 ) ) {
459 zero =
memchr ( &encoded[2], 0, (
end - &encoded[2] ) );
464 start = ( zero + 1 );
469 DBGC ( &context,
"RSA %p decrypted:\n", &context );
470 DBGC_HDA ( &context, 0, plaintext, plaintext_len );
475 return plaintext_len;
478 DBGC ( &context,
"RSA %p invalid decrypted message:\n", &context );
497 const void *
value,
void *encoded ) {
501 size_t digestinfo_len;
508 DBGC ( context,
"RSA %p has no prefix for %s\n",
512 digestinfo_len = (
prefix->len + digest_len );
515 max_len = ( context->
max_len - 11 );
516 if ( digestinfo_len > max_len ) {
517 DBGC ( context,
"RSA %p %s digestInfo too long (%zd bytes, " 518 "max %zd)\n", context,
digest->
name, digestinfo_len,
522 DBGC ( context,
"RSA %p encoding %s digest:\n",
529 pad_len = ( max_len - digestinfo_len + 8 );
538 DBGC ( context,
"RSA %p encoded %s digest:\n", context,
digest->
name );
560 DBGC ( &context,
"RSA %p signing %s digest:\n",
561 &context, digest->
name );
577 DBGC ( &context,
"RSA %p signed %s digest:\n", &context, digest->
name );
603 const void *
signature,
size_t signature_len ) {
610 DBGC ( &context,
"RSA %p verifying %s digest:\n",
611 &context, digest->
name );
620 if ( signature_len != context.
max_len ) {
621 DBGC ( &context,
"RSA %p signature incorrect length (%zd " 622 "bytes, should be %zd)\n",
623 &context, signature_len, context.
max_len );
634 DBGC ( &context,
"RSA %p deciphered signature:\n", &context );
648 DBGC ( &context,
"RSA %p signature verification failed\n",
657 DBGC ( &context,
"RSA %p signature verified successfully\n", &context );
688 public_key ) ) != 0 )
692 if (
asn1_compare ( &private_modulus, &public_modulus ) != 0 )
static int rsa_parse_mod_exp(struct asn1_cursor *modulus, struct asn1_cursor *exponent, const struct asn1_cursor *raw)
Parse RSA modulus and exponent.
void * tmp
Temporary working space for modular exponentiation.
#define EINVAL
Invalid argument.
struct arbelprm_rc_send_wqe rc
bigint_element_t * output0
Output buffer.
int asn1_compare(const struct asn1_cursor *cursor1, const struct asn1_cursor *cursor2)
Compare two ASN.1 objects.
#define bigint_mod_exp(base, modulus, exponent, result, tmp)
Perform modular exponentiation of big integers.
int asn1_enter(struct asn1_cursor *cursor, unsigned int type)
Enter ASN.1 object.
static int rsa_sign(const struct asn1_cursor *key, struct digest_algorithm *digest, const void *value, void *signature)
Sign digest value using RSA.
uint8_t size
Entry size (in 32-bit words)
static int rsa_encode_digest(struct rsa_context *context, struct digest_algorithm *digest, const void *value, void *encoded)
Encode RSA digest.
const void * data
Start of data.
unsigned int exponent_size
Exponent size.
int get_random_nz(void *data, size_t len)
Get random non-zero bytes.
static void rsa_cipher(struct rsa_context *context, const void *in, void *out)
Perform RSA cipher operation.
#define bigint_init(value, data, len)
Initialise big integer.
FILE_LICENCE(GPL2_OR_LATER_OR_UBDL)
static unsigned int asn1_type(const struct asn1_cursor *cursor)
Extract ASN.1 type.
static struct rsa_digestinfo_prefix * rsa_find_prefix(struct digest_algorithm *digest)
Identify RSA prefix.
REQUIRING_SYMBOL(rsa_algorithm)
int asn1_skip_any(struct asn1_cursor *cursor)
Skip ASN.1 object of any type.
bigint_element_t * modulus0
Modulus.
#define ENOTSUP
Operation not supported.
void * memchr(const void *src, int character, size_t len)
Find character within a memory region.
size_t len
Length of data.
uint32_t start
Starting offset.
#define ENOMEM
Not enough space.
void * memcpy(void *dest, const void *src, size_t len) __nonnull
assert((readw(&hdr->flags) &(GTF_reading|GTF_writing))==0)
static int rsa_parse_integer(struct asn1_cursor *integer, const struct asn1_cursor *raw)
Parse RSA integer.
static int rsa_match(const struct asn1_cursor *private_key, const struct asn1_cursor *public_key)
Check for matching RSA public/private key pair.
pseudo_bit_t value[0x00020]
unsigned int size
Modulus size.
size_t max_len
Modulus length.
void * dynamic
Allocated memory.
uint32_t bigint_element_t
Element of a big integer.
bigint_element_t * input0
Input buffer.
int asn1_check_algorithm(const struct asn1_cursor *cursor, struct asn1_algorithm *expected)
Check ASN.1 OID-identified algorithm.
#define bigint_done(value, out, len)
Finalise big integer.
int asn1_integral_bit_string(const struct asn1_cursor *cursor, struct asn1_bit_string *bits)
Parse ASN.1 bit string that must be an integral number of bytes.
static void rsa_free(struct rsa_context *context)
Free RSA dynamic storage.
#define ERANGE
Result too large.
char * strerror(int errno)
Retrieve string representation of error number.
static void(* free)(struct refcnt *refcnt))
#define bigint_required_size(len)
Determine number of elements required for a big-integer type.
#define for_each_table_entry(pointer, table)
Iterate through all entries within a linker table.
An RSA digestInfo prefix.
#define ASN1_SEQUENCE
ASN.1 sequence.
void * malloc(size_t size)
Allocate memory.
#define ASN1_INTEGER
ASN.1 integer.
bigint_element_t * exponent0
Exponent.
RSA public-key cryptography.
static volatile void * bits
#define ENOTTY
Inappropriate I/O control operation.
size_t digestsize
Digest size.
const char * name
Algorithm name.
int asn1_skip(struct asn1_cursor *cursor, unsigned int type)
Skip ASN.1 object.
struct pubkey_algorithm rsa_algorithm
RSA public-key algorithm.
A message digest algorithm.
uint32_t end
Ending offset.
static int rsa_decrypt(const struct asn1_cursor *key, const void *ciphertext, size_t ciphertext_len, void *plaintext)
Decrypt using RSA.
struct digest_algorithm * digest
Digest algorithm.
static int rsa_verify(const struct asn1_cursor *key, struct digest_algorithm *digest, const void *value, const void *signature, size_t signature_len)
Verify signed digest value using RSA.
static size_t rsa_max_len(const struct asn1_cursor *key)
Calculate RSA maximum output length.
REQUIRE_OBJECT(config_crypto)
static int rsa_init(struct rsa_context *context, const struct asn1_cursor *key)
Initialise RSA cipher.
static int rsa_encrypt(const struct asn1_cursor *key, const void *plaintext, size_t plaintext_len, void *ciphertext)
Encrypt using RSA.
#define bigint_mod_exp_tmp_len(modulus)
Calculate temporary working space required for moduluar exponentiation.
#define ASN1_OCTET_STRING
ASN.1 octet string.
u8 signature
CPU signature.
int memcmp(const void *first, const void *second, size_t len)
Compare memory regions.
#define NULL
NULL pointer (VOID *)
static int rsa_alloc(struct rsa_context *context, size_t modulus_len, size_t exponent_len)
Allocate RSA dynamic storage.
const char * name
Algorithm name.
typedef bigint_t(X25519_SIZE) x25519_t
An X25519 unsigned big integer used in internal calculations.
void * memset(void *dest, int character, size_t len) __nonnull
#define RSA_DIGESTINFO_PREFIXES
RSA digestInfo prefix table.