зеркало из https://github.com/mozilla/gecko-dev.git
fix bugs where some nss code expects leading 0's (once used for signs). allows pkcs11 pairwise consistency check to operate correctly.
This commit is contained in:
Родитель
395497e0f8
Коммит
d236df63ea
|
@ -30,7 +30,7 @@
|
||||||
* may use your version of this file under either the MPL or the
|
* may use your version of this file under either the MPL or the
|
||||||
* GPL.
|
* GPL.
|
||||||
*
|
*
|
||||||
* $Id: rsa.c,v 1.8 2000/09/07 23:18:40 mcgreer%netscape.com Exp $
|
* $Id: rsa.c,v 1.9 2000/09/08 22:41:51 mcgreer%netscape.com Exp $
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "prerr.h"
|
#include "prerr.h"
|
||||||
|
@ -76,6 +76,7 @@ rsa_keygen_from_primes(mp_int *p, mp_int *q, mp_int *e, RSAPrivateKey *key)
|
||||||
CHECK_MPI_OK( mp_mul(&psub1, &qsub1, &phi) );
|
CHECK_MPI_OK( mp_mul(&psub1, &qsub1, &phi) );
|
||||||
/* 3. Compute d = e**-1 mod(phi) using extended Euclidean algorithm */
|
/* 3. Compute d = e**-1 mod(phi) using extended Euclidean algorithm */
|
||||||
CHECK_MPI_OK( mp_xgcd(e, &phi, &tmp, &d, NULL) );
|
CHECK_MPI_OK( mp_xgcd(e, &phi, &tmp, &d, NULL) );
|
||||||
|
CHECK_MPI_OK( mp_mod(&d, &phi, &d) );
|
||||||
/* Verify that phi(n) and e have no common divisors */
|
/* Verify that phi(n) and e have no common divisors */
|
||||||
if (mp_cmp_d(&tmp, 1) != 0) {
|
if (mp_cmp_d(&tmp, 1) != 0) {
|
||||||
PORT_SetError(SEC_ERROR_NEED_RANDOM);
|
PORT_SetError(SEC_ERROR_NEED_RANDOM);
|
||||||
|
@ -265,6 +266,8 @@ RSA_PublicKeyOp(RSAPublicKey *key,
|
||||||
PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
||||||
return SECFailure;
|
return SECFailure;
|
||||||
}
|
}
|
||||||
|
/* clear the output buffer */
|
||||||
|
memset(output, 0, key->modulus.len);
|
||||||
MP_DIGITS(&n) = 0;
|
MP_DIGITS(&n) = 0;
|
||||||
MP_DIGITS(&e) = 0;
|
MP_DIGITS(&e) = 0;
|
||||||
MP_DIGITS(&m) = 0;
|
MP_DIGITS(&m) = 0;
|
||||||
|
@ -319,10 +322,20 @@ RSA_PrivateKeyOp(RSAPrivateKey *key,
|
||||||
mp_err err = MP_OKAY;
|
mp_err err = MP_OKAY;
|
||||||
SECStatus rv = SECSuccess;
|
SECStatus rv = SECSuccess;
|
||||||
unsigned int modLen;
|
unsigned int modLen;
|
||||||
|
unsigned int offset;
|
||||||
|
modLen = rsa_modulusLen(&key->modulus);
|
||||||
if (!key || !output || !input) {
|
if (!key || !output || !input) {
|
||||||
PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
||||||
return SECFailure;
|
return SECFailure;
|
||||||
}
|
}
|
||||||
|
/* check input out of range (needs to be in range [0..n-1]) */
|
||||||
|
offset = (key->modulus.data[0] == 0) ? 1 : 0; /* may be leading 0 */
|
||||||
|
if (memcmp(input, key->modulus.data + offset, modLen) >= 0) {
|
||||||
|
PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
||||||
|
return SECFailure;
|
||||||
|
}
|
||||||
|
/* clear the output buffer */
|
||||||
|
memset(output, 0, key->modulus.len);
|
||||||
MP_DIGITS(&p) = 0;
|
MP_DIGITS(&p) = 0;
|
||||||
MP_DIGITS(&q) = 0;
|
MP_DIGITS(&q) = 0;
|
||||||
MP_DIGITS(&d_p) = 0;
|
MP_DIGITS(&d_p) = 0;
|
||||||
|
@ -352,9 +365,7 @@ RSA_PrivateKeyOp(RSAPrivateKey *key,
|
||||||
SECITEM_TO_MPINT(key->exponent2, &d_q); /* d_p = q mod (q-1) */
|
SECITEM_TO_MPINT(key->exponent2, &d_q); /* d_p = q mod (q-1) */
|
||||||
SECITEM_TO_MPINT(key->coefficient, &qInv); /* qInv = q**-1 mod p */
|
SECITEM_TO_MPINT(key->coefficient, &qInv); /* qInv = q**-1 mod p */
|
||||||
/* copy input into mp integer c */
|
/* copy input into mp integer c */
|
||||||
modLen = rsa_modulusLen(&key->modulus);
|
|
||||||
OCTETS_TO_MPINT(input, &c, modLen);
|
OCTETS_TO_MPINT(input, &c, modLen);
|
||||||
/* XXX check input out of range */
|
|
||||||
/* 1. m1 = c**d_p mod p */
|
/* 1. m1 = c**d_p mod p */
|
||||||
CHECK_MPI_OK( mp_exptmod(&c, &d_p, &p, &m1) );
|
CHECK_MPI_OK( mp_exptmod(&c, &d_p, &p, &m1) );
|
||||||
/* 2. m2 = c**d_q mod q */
|
/* 2. m2 = c**d_q mod q */
|
||||||
|
@ -365,8 +376,8 @@ RSA_PrivateKeyOp(RSAPrivateKey *key,
|
||||||
/* 4. m = m2 + h * q */
|
/* 4. m = m2 + h * q */
|
||||||
CHECK_MPI_OK( mp_mul(&h, &q, &m) );
|
CHECK_MPI_OK( mp_mul(&h, &q, &m) );
|
||||||
CHECK_MPI_OK( mp_add(&m, &m2, &m) );
|
CHECK_MPI_OK( mp_add(&m, &m2, &m) );
|
||||||
/* m is the output */
|
/* m is the output (plus a possible leading 0)*/
|
||||||
err = mp_to_unsigned_octets(&m, output, modLen);
|
err = mp_to_unsigned_octets(&m, output + offset, modLen);
|
||||||
if (err >= 0) err = MP_OKAY;
|
if (err >= 0) err = MP_OKAY;
|
||||||
cleanup:
|
cleanup:
|
||||||
mp_clear(&p);
|
mp_clear(&p);
|
||||||
|
|
Загрузка…
Ссылка в новой задаче