rsa_exptmod.c - third_party/dropbear - Git at Google

 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
  *
  * LibTomCrypt is a library that provides various cryptographic
  * algorithms in a highly modular and flexible manner.
  *
  * The library is free for all purposes without any express
  * guarantee it works.
  *
  * Tom St Denis, tomstdenis@iahu.ca, http://libtomcrypt.org
  */

 /* RSA Code by Tom St Denis */
 #include "mycrypt.h"

 #ifdef MRSA

 /* compute an RSA modular exponentiation */
 int rsa_exptmod(const unsigned char *in,   unsigned long inlen,
                       unsigned char *out,  unsigned long *outlen, int which,
                       prng_state    *prng, int           prng_idx,
                       rsa_key *key)
 {
    mp_int        tmp, tmpa, tmpb;
    unsigned long x;
    int           err;

    _ARGCHK(in     != NULL);
    _ARGCHK(out    != NULL);
    _ARGCHK(outlen != NULL);
    _ARGCHK(key    != NULL);

    /* valid prng? */
    if ((err = prng_is_valid(prng_idx)) != CRYPT_OK) {
       return err;
    }

    /* is the key of the right type for the operation? */
    if (which == PK_PRIVATE && (key->type != PK_PRIVATE)) {
       return CRYPT_PK_NOT_PRIVATE;
    }

    /* must be a private or public operation */
    if (which != PK_PRIVATE && which != PK_PUBLIC) {
       return CRYPT_PK_INVALID_TYPE;
    }

    /* init and copy into tmp */
    if ((err = mp_init_multi(&tmp, &tmpa, &tmpb, NULL)) != MP_OKAY)                     { return mpi_to_ltc_error(err); }
    if ((err = mp_read_unsigned_bin(&tmp, (unsigned char *)in, (int)inlen)) != MP_OKAY) { goto error; }

    /* sanity check on the input */
    if (mp_cmp(&key->N, &tmp) == MP_LT) {
       err = CRYPT_PK_INVALID_SIZE;
       goto done;
    }

    /* are we using the private exponent and is the key optimized? */
    if (which == PK_PRIVATE) {
       /* tmpa = tmp^dP mod p */
       if ((err = tim_exptmod(prng, prng_idx, &tmp, &key->e, &key->dP, &key->p, &tmpa)) != MP_OKAY)    { goto error; }

       /* tmpb = tmp^dQ mod q */
       if ((err = tim_exptmod(prng, prng_idx, &tmp, &key->e,  &key->dQ, &key->q, &tmpb)) != MP_OKAY)    { goto error; }

       /* tmp = (tmpa - tmpb) * qInv (mod p) */
       if ((err = mp_sub(&tmpa, &tmpb, &tmp)) != MP_OKAY)                    { goto error; }
       if ((err = mp_mulmod(&tmp, &key->qP, &key->p, &tmp)) != MP_OKAY)      { goto error; }

       /* tmp = tmpb + q * tmp */
       if ((err = mp_mul(&tmp, &key->q, &tmp)) != MP_OKAY)                   { goto error; }
       if ((err = mp_add(&tmp, &tmpb, &tmp)) != MP_OKAY)                     { goto error; }
    } else {
       /* exptmod it */
       if ((err = mp_exptmod(&tmp, &key->e, &key->N, &tmp)) != MP_OKAY) { goto error; }
    }

    /* read it back */
    x = (unsigned long)mp_unsigned_bin_size(&key->N);
    if (x > *outlen) {
       err = CRYPT_BUFFER_OVERFLOW;
       goto done;
    }
    *outlen = x;

    /* convert it */
    zeromem(out, x);
    if ((err = mp_to_unsigned_bin(&tmp, out+(x-mp_unsigned_bin_size(&tmp)))) != MP_OKAY) { goto error; }

    /* clean up and return */
    err = CRYPT_OK;
    goto done;
 error:
    err = mpi_to_ltc_error(err);
 done:
    mp_clear_multi(&tmp, &tmpa, &tmpb, NULL);
    return err;
 }

 #endif
	/* LibTomCrypt, modular cryptographic library -- Tom St Denis
	*
	* LibTomCrypt is a library that provides various cryptographic
	* algorithms in a highly modular and flexible manner.
	*
	* The library is free for all purposes without any express
	* guarantee it works.
	*
	* Tom St Denis, tomstdenis@iahu.ca, http://libtomcrypt.org
	*/

	/* RSA Code by Tom St Denis */
	#include "mycrypt.h"

	#ifdef MRSA

	/* compute an RSA modular exponentiation */
	int rsa_exptmod(const unsigned char *in, unsigned long inlen,
	unsigned char out, unsigned long outlen, int which,
	prng_state *prng, int prng_idx,
	rsa_key *key)
	{
	mp_int tmp, tmpa, tmpb;
	unsigned long x;
	int err;

	_ARGCHK(in != NULL);
	_ARGCHK(out != NULL);
	_ARGCHK(outlen != NULL);
	_ARGCHK(key != NULL);

	/* valid prng? */
	if ((err = prng_is_valid(prng_idx)) != CRYPT_OK) {
	return err;
	}

	/* is the key of the right type for the operation? */
	if (which == PK_PRIVATE && (key->type != PK_PRIVATE)) {
	return CRYPT_PK_NOT_PRIVATE;
	}

	/* must be a private or public operation */
	if (which != PK_PRIVATE && which != PK_PUBLIC) {
	return CRYPT_PK_INVALID_TYPE;
	}

	/* init and copy into tmp */
	if ((err = mp_init_multi(&tmp, &tmpa, &tmpb, NULL)) != MP_OKAY) { return mpi_to_ltc_error(err); }
	if ((err = mp_read_unsigned_bin(&tmp, (unsigned char *)in, (int)inlen)) != MP_OKAY) { goto error; }

	/* sanity check on the input */
	if (mp_cmp(&key->N, &tmp) == MP_LT) {
	err = CRYPT_PK_INVALID_SIZE;
	goto done;
	}

	/* are we using the private exponent and is the key optimized? */
	if (which == PK_PRIVATE) {
	/* tmpa = tmp^dP mod p */
	if ((err = tim_exptmod(prng, prng_idx, &tmp, &key->e, &key->dP, &key->p, &tmpa)) != MP_OKAY) { goto error; }

	/* tmpb = tmp^dQ mod q */
	if ((err = tim_exptmod(prng, prng_idx, &tmp, &key->e, &key->dQ, &key->q, &tmpb)) != MP_OKAY) { goto error; }

	/* tmp = (tmpa - tmpb) * qInv (mod p) */
	if ((err = mp_sub(&tmpa, &tmpb, &tmp)) != MP_OKAY) { goto error; }
	if ((err = mp_mulmod(&tmp, &key->qP, &key->p, &tmp)) != MP_OKAY) { goto error; }

	/* tmp = tmpb + q * tmp */
	if ((err = mp_mul(&tmp, &key->q, &tmp)) != MP_OKAY) { goto error; }
	if ((err = mp_add(&tmp, &tmpb, &tmp)) != MP_OKAY) { goto error; }
	} else {
	/* exptmod it */
	if ((err = mp_exptmod(&tmp, &key->e, &key->N, &tmp)) != MP_OKAY) { goto error; }
	}

	/* read it back */
	x = (unsigned long)mp_unsigned_bin_size(&key->N);
	if (x > *outlen) {
	err = CRYPT_BUFFER_OVERFLOW;
	goto done;
	}
	*outlen = x;

	/* convert it */
	zeromem(out, x);
	if ((err = mp_to_unsigned_bin(&tmp, out+(x-mp_unsigned_bin_size(&tmp)))) != MP_OKAY) { goto error; }

	/* clean up and return */
	err = CRYPT_OK;
	goto done;
	error:
	err = mpi_to_ltc_error(err);
	done:
	mp_clear_multi(&tmp, &tmpa, &tmpb, NULL);
	return err;
	}

	#endif