Codebase list libcryptx-perl / d22a1d9
RSA: sign/verify functions now support "none" padding (INSECURE!) Karel Miko 7 years ago
3 changed file(s) with 49 addition(s) and 21 deletion(s). Raw diff Collapse all Expand all
+3
-0
Changes less more
99 - maybe: switch yarrow > fortuna for Crypt::PK::*
1010 - maybe: add encode_b32/decode_b32
1111 - maybe: x509_rsa_pubkey + x509_rsa_pubkey_alg
12
13 0.041_001 2016/10/19
14 - RSA: sign/verify functions now support 'none' padding (INSECURE!)
1215
1316 0.041 2016/10/12
1417 - ECC: ltc_ecc_is_point memory leak
+34
-9
inc/CryptX_PK_RSA.xs.inc less more
320320 RETVAL
321321
322322 SV *
323 _sign(Crypt::PK::RSA self, SV * data, char * padding, char * hash_name, unsigned long saltlen=12)
323 _sign(Crypt::PK::RSA self, SV * data, char * padding, char * hash_name=NULL, unsigned long saltlen=12)
324324 CODE:
325325 {
326326 int rv, hash_id;
332332 data_ptr = (unsigned char *)SvPVbyte(data, data_len);
333333
334334 RETVAL = newSVpvn(NULL, 0); /* undef */
335 hash_id = find_hash(hash_name);
336 if(hash_id==-1) croak("FATAL: find_hash failed for '%s'", hash_name);
337335 if (strnEQ(padding, "pss", 3)) {
336 hash_id = find_hash(hash_name);
337 if(hash_id==-1) croak("FATAL: find_hash failed for '%s'", hash_name);
338338 rv = rsa_sign_hash_ex(data_ptr, (unsigned long)data_len, buffer, &buffer_len, LTC_PKCS_1_PSS,
339339 &self->yarrow_prng_state, self->yarrow_prng_index,
340340 hash_id, saltlen, &self->key);
342342 RETVAL = newSVpvn((char*)buffer, buffer_len);
343343 }
344344 else if (strnEQ(padding, "v1.5", 4)) {
345 hash_id = find_hash(hash_name);
346 if(hash_id==-1) croak("FATAL: find_hash failed for '%s'", hash_name);
345347 rv = rsa_sign_hash_ex(data_ptr, (unsigned long)data_len, buffer, &buffer_len, LTC_PKCS_1_V1_5,
346348 &self->yarrow_prng_state, self->yarrow_prng_index,
347349 hash_id, 0, &self->key);
348350 if (rv != CRYPT_OK) croak("FATAL: rsa_sign_hash_ex failed: %s", error_to_string(rv));
349351 RETVAL = newSVpvn((char*)buffer, buffer_len);
350352 }
353 else if (strnEQ(padding, "none", 4)) {
354 /* raw RSA */
355 rv = ltc_mp.rsa_me(data_ptr, (unsigned long)data_len, buffer, &buffer_len, PK_PRIVATE, &self->key);
356 if (rv != CRYPT_OK) croak("FATAL: rsa_me failed: %s", error_to_string(rv));
357 RETVAL = newSVpvn((char*)buffer, buffer_len);
358 }
351359 else {
352360 croak("FATAL: rsa_sign invalid padding '%s'", padding);
353361 }
356364 RETVAL
357365
358366 int
359 _verify(Crypt::PK::RSA self, SV * sig, SV * data, char * padding, char * hash_name, unsigned long saltlen=12)
360 CODE:
361 {
362 int rv, hash_id, stat;
367 _verify(Crypt::PK::RSA self, SV * sig, SV * data, char * padding, char * hash_name=NULL, unsigned long saltlen=12)
368 CODE:
369 {
370 int rv, hash_id, stat, i;
363371 unsigned char *data_ptr=NULL;
364372 STRLEN data_len=0;
365373 unsigned char *sig_ptr=NULL;
366374 STRLEN sig_len=0;
375 unsigned char buffer[1024];
376 unsigned long buffer_len = 1024;
367377
368378 data_ptr = (unsigned char *)SvPVbyte(data, data_len);
369379 sig_ptr = (unsigned char *)SvPVbyte(sig, sig_len);
370380
371381 RETVAL = 1;
372 hash_id = find_hash(hash_name);
373 if(hash_id==-1) croak("FATAL: find_hash failed for '%s'", hash_name);
374382 if (strnEQ(padding, "pss", 3)) {
383 hash_id = find_hash(hash_name);
384 if(hash_id==-1) croak("FATAL: find_hash failed for '%s'", hash_name);
375385 rv = rsa_verify_hash_ex(sig_ptr, (unsigned long)sig_len, data_ptr, (unsigned long)data_len, LTC_PKCS_1_PSS,
376386 hash_id, saltlen, &stat, &self->key);
377387 if (rv != CRYPT_OK || stat != 1) RETVAL = 0;
378388 }
379389 else if (strnEQ(padding, "v1.5", 4)) {
390 hash_id = find_hash(hash_name);
391 if(hash_id==-1) croak("FATAL: find_hash failed for '%s'", hash_name);
380392 rv = rsa_verify_hash_ex(sig_ptr, (unsigned long)sig_len, data_ptr, (unsigned long)data_len, LTC_PKCS_1_V1_5,
381393 hash_id, 0, &stat, &self->key);
382394 if (rv != CRYPT_OK || stat != 1) RETVAL = 0;
383395 }
396 else if (strnEQ(padding, "none", 4)) {
397 /* raw RSA */
398 Zero(buffer, buffer_len, unsigned char);
399 rv = ltc_mp.rsa_me(sig_ptr, (unsigned long)sig_len, buffer, &buffer_len, PK_PUBLIC, &self->key);
400 if (rv != CRYPT_OK) croak("FATAL: rsa_me failed: %s", error_to_string(rv));
401 if (data_len <= buffer_len && buffer_len > 0 && data_len > 0) {
402 for (i = 0; i < buffer_len - data_len; i++) if (buffer[i] != 0) RETVAL = 0;
403 if (memNE(data_ptr, buffer + buffer_len - data_len, data_len)) RETVAL = 0;
404 }
405 else {
406 RETVAL = 0;
407 }
408 }
384409 else {
385410 croak("FATAL: rsa_verify invalid padding '%s'", padding);
386411 }
+12
-12
lib/Crypt/PK/RSA.pm less more
598598 #or
599599 my $ct = $pk->encrypt($message, 'oaep', $hash_name, $lparam);
600600
601 # $padding .................... 'oaep' (DEFAULT), 'v1.5' or 'none'
601 # $padding .................... 'oaep' (DEFAULT), 'v1.5' or 'none' (INSECURE)
602602 # $hash_name (only for oaep) .. 'SHA1' (DEFAULT), 'SHA256' or any other hash supported by Crypt::Digest
603603 # $lparam (only for oaep) ..... DEFAULT is empty string
604604
611611 #or
612612 my $pt = $pk->decrypt($ciphertext, 'oaep', $hash_name, $lparam);
613613
614 # $padding .................... 'oaep' (DEFAULT), 'v1.5' or 'none'
614 # $padding .................... 'oaep' (DEFAULT), 'v1.5' or 'none' (INSECURE)
615615 # $hash_name (only for oaep) .. 'SHA1' (DEFAULT), 'SHA256' or any other hash supported by Crypt::Digest
616616 # $lparam (only for oaep) ..... DEFAULT is empty string
617617
627627 my $signature = $priv->sign_message($message, $hash_name, 'pss', $saltlen);
628628
629629 # $hash_name ............... 'SHA1' (DEFAULT), 'SHA256' or any other hash supported by Crypt::Digest
630 # $padding ................. 'pss' (DEFAULT) or 'v1.5'
630 # $padding ................. 'pss' (DEFAULT) or 'v1.5' or 'none' (INSECURE)
631631 # $saltlen (only for pss) .. DEFAULT is 12
632632
633633 =head2 verify_message
642642 my $valid = $pub->verify_message($signature, $message, $hash_name, 'pss', $saltlen);
643643
644644 # $hash_name ............... 'SHA1' (DEFAULT), 'SHA256' or any other hash supported by Crypt::Digest
645 # $padding ................. 'pss' (DEFAULT) or 'v1.5'
645 # $padding ................. 'pss' (DEFAULT) or 'v1.5' or 'none' (INSECURE)
646646 # $saltlen (only for pss) .. DEFAULT is 12
647647
648648 =head2 sign_hash
657657 my $signature = $priv->sign_hash($message_hash, $hash_name, 'pss', $saltlen);
658658
659659 # $hash_name ............... 'SHA1' (DEFAULT), 'SHA256' or any other hash supported by Crypt::Digest
660 # $padding ................. 'pss' (DEFAULT) or 'v1.5'
660 # $padding ................. 'pss' (DEFAULT) or 'v1.5' or 'none' (INSECURE)
661661 # $saltlen (only for pss) .. DEFAULT is 12
662662
663663 =head2 verify_hash
672672 my $valid = $pub->verify_hash($signature, $message_hash, $hash_name, 'pss', $saltlen);
673673
674674 # $hash_name ............... 'SHA1' (DEFAULT), 'SHA256' or any other hash supported by Crypt::Digest
675 # $padding ................. 'pss' (DEFAULT) or 'v1.5'
675 # $padding ................. 'pss' (DEFAULT) or 'v1.5' or 'none' (INSECURE)
676676 # $saltlen (only for pss) .. DEFAULT is 12
677677
678678 =head2 is_private
720720 #or
721721 my $ct = rsa_encrypt($pub_key, $message, 'oaep', $hash_name, $lparam);
722722
723 # $padding .................... 'oaep' (DEFAULT), 'v1.5' or 'none'
723 # $padding .................... 'oaep' (DEFAULT), 'v1.5' or 'none' (INSECURE)
724724 # $hash_name (only for oaep) .. 'SHA1' (DEFAULT), 'SHA256' or any other hash supported by Crypt::Digest
725725 # $lparam (only for oaep) ..... DEFAULT is empty string
726726
736736 #or
737737 my $pt = rsa_decrypt($priv_key, $ciphertext, 'oaep', $hash_name, $lparam);
738738
739 # $padding .................... 'oaep' (DEFAULT), 'v1.5' or 'none'
739 # $padding .................... 'oaep' (DEFAULT), 'v1.5' or 'none' (INSECURE)
740740 # $hash_name (only for oaep) .. 'SHA1' (DEFAULT), 'SHA256' or any other hash supported by Crypt::Digest
741741 # $lparam (only for oaep) ..... DEFAULT is empty string
742742
755755 my $sig = rsa_sign_message($priv_key, $message, $hash_name, 'pss', $saltlen);
756756
757757 # $hash_name ............... 'SHA1' (DEFAULT), 'SHA256' or any other hash supported by Crypt::Digest
758 # $padding ................. 'pss' (DEFAULT) or 'v1.5'
758 # $padding ................. 'pss' (DEFAULT) or 'v1.5' or 'none' (INSECURE)
759759 # $saltlen (only for pss) .. DEFAULT is 12
760760
761761 =head2 rsa_verify_message
773773 rsa_verify_message($pub_key, $signature, $message, $hash_name, 'pss', $saltlen) or die "ERROR";
774774
775775 # $hash_name ............... 'SHA1' (DEFAULT), 'SHA256' or any other hash supported by Crypt::Digest
776 # $padding ................. 'pss' (DEFAULT) or 'v1.5'
776 # $padding ................. 'pss' (DEFAULT) or 'v1.5' or 'none' (INSECURE)
777777 # $saltlen (only for pss) .. DEFAULT is 12
778778
779779 =head2 rsa_sign_hash
791791 my $sig = rsa_sign_hash($priv_key, $message_hash, $hash_name, 'pss', $saltlen);
792792
793793 # $hash_name ............... 'SHA1' (DEFAULT), 'SHA256' or any other hash supported by Crypt::Digest
794 # $padding ................. 'pss' (DEFAULT) or 'v1.5'
794 # $padding ................. 'pss' (DEFAULT) or 'v1.5' or 'none' (INSECURE)
795795 # $saltlen (only for pss) .. DEFAULT is 12
796796
797797 =head2 rsa_verify_hash
809809 rsa_verify_hash($pub_key, $signature, $message_hash, $hash_name, 'pss', $saltlen) or die "ERROR";
810810
811811 # $hash_name ............... 'SHA1' (DEFAULT), 'SHA256' or any other hash supported by Crypt::Digest
812 # $padding ................. 'pss' (DEFAULT) or 'v1.5'
812 # $padding ................. 'pss' (DEFAULT) or 'v1.5' or 'none' (INSECURE)
813813 # $saltlen (only for pss) .. DEFAULT is 12
814814
815815 =head1 OpenSSL interoperability