Skip to content

Commit e4d3bd2

Browse files
karel-msjaeckel
karel-m
authored and
sjaeckel
committed
RSA: replace hash_alg + mgf1_hash_alg with hash_idx + mgf1_hash_idx
1 parent 7fa7c2a commit e4d3bd2

10 files changed

Lines changed: 63 additions & 56 deletions

File tree

src/headers/tomcrypt_pk.h

Lines changed: 16 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -66,11 +66,10 @@ int rand_prime(void *N, long len, prng_state *prng, int wprng);
6666
typedef struct ltc_rsa_parameters {
6767
/** saltLength for PSS */
6868
unsigned long saltlen;
69-
/** lparam hash for OAEP
70-
* resp.
71-
* signature hash for PSS
72-
* and MGF hash algorithms */
73-
const char *hash_alg, *mgf1_hash_alg;
69+
/** Hash algorithm index for OAEP/PSS, -1 if unset */
70+
int hash_idx;
71+
/** MGF1 hash algorithm index, -1 if unset */
72+
int mgf1_hash_idx;
7473
} ltc_rsa_parameters;
7574

7675
/** RSA key */
@@ -152,44 +151,44 @@ int rsa_verify_hash_v2(const unsigned char *sig, unsigned long siglen,
152151
const rsa_key *key);
153152

154153
/* These use PKCS #1 v2.0 padding */
155-
#define ltc_rsa_encrypt_key(in, inlen, out, outlen, lp, lplen, prng_, prng_idx, hash_idx, key) \
154+
#define ltc_rsa_encrypt_key(in, inlen, out, outlen, lp, lplen, prng_, prng_idx, hash_idx_, key) \
156155
rsa_encrypt_key_v2(in, inlen, out, outlen, \
157156
&(ltc_rsa_op_parameters){ \
158157
.u.crypt.lparam = lp, \
159158
.u.crypt.lparamlen = lplen,\
160159
.prng = prng_, \
161160
.wprng = prng_idx, \
162-
.params.mgf1_hash_alg = hash_is_valid(hash_idx) == CRYPT_OK ? hash_descriptor[hash_idx].name : NULL, \
163-
.params.hash_alg = hash_is_valid(hash_idx) == CRYPT_OK ? hash_descriptor[hash_idx].name : NULL, \
161+
.params.mgf1_hash_idx = hash_idx_, \
162+
.params.hash_idx = hash_idx_, \
164163
.padding = LTC_PKCS_1_OAEP, \
165164
}, key)
166165

167-
#define ltc_rsa_decrypt_key(in, inlen, out, outlen, lp, lplen, hash_idx, stat, key) \
166+
#define ltc_rsa_decrypt_key(in, inlen, out, outlen, lp, lplen, hash_idx_, stat, key) \
168167
rsa_decrypt_key_v2(in, inlen, out, outlen, \
169168
&(ltc_rsa_op_parameters){ \
170169
.u.crypt.lparam = lp, \
171170
.u.crypt.lparamlen = lplen,\
172-
.params.mgf1_hash_alg = hash_is_valid(hash_idx) == CRYPT_OK ? hash_descriptor[hash_idx].name : NULL, \
173-
.params.hash_alg = hash_is_valid(hash_idx) == CRYPT_OK ? hash_descriptor[hash_idx].name : NULL, \
171+
.params.mgf1_hash_idx = hash_idx_, \
172+
.params.hash_idx = hash_idx_, \
174173
.padding = LTC_PKCS_1_OAEP, \
175174
}, stat, key)
176175

177-
#define ltc_rsa_sign_hash(hash, hashlen, sig, siglen, prng_, prng_idx, hash_idx, saltlen_, key) \
176+
#define ltc_rsa_sign_hash(hash, hashlen, sig, siglen, prng_, prng_idx, hash_idx_, saltlen_, key) \
178177
rsa_sign_hash_v2(hash, hashlen, sig, siglen, \
179178
&(ltc_rsa_op_parameters){ \
180179
.prng = prng_, \
181180
.wprng = prng_idx, \
182-
.params.mgf1_hash_alg = hash_is_valid(hash_idx) == CRYPT_OK ? hash_descriptor[hash_idx].name : NULL, \
183-
.params.hash_alg = hash_is_valid(hash_idx) == CRYPT_OK ? hash_descriptor[hash_idx].name : NULL, \
181+
.params.mgf1_hash_idx = hash_idx_, \
182+
.params.hash_idx = hash_idx_, \
184183
.params.saltlen = saltlen_, \
185184
.padding = LTC_PKCS_1_PSS, \
186185
}, key)
187186

188-
#define ltc_rsa_verify_hash(sig, siglen, hash, hashlen, hash_idx, saltlen_, stat, key) \
187+
#define ltc_rsa_verify_hash(sig, siglen, hash, hashlen, hash_idx_, saltlen_, stat, key) \
189188
rsa_verify_hash_v2(sig, siglen, hash, hashlen, \
190189
&(ltc_rsa_op_parameters){ \
191-
.params.mgf1_hash_alg = hash_is_valid(hash_idx) == CRYPT_OK ? hash_descriptor[hash_idx].name : NULL, \
192-
.params.hash_alg = hash_is_valid(hash_idx) == CRYPT_OK ? hash_descriptor[hash_idx].name : NULL, \
190+
.params.mgf1_hash_idx = hash_idx_, \
191+
.params.hash_idx = hash_idx_, \
193192
.params.saltlen = saltlen_, \
194193
.padding = LTC_PKCS_1_PSS, \
195194
}, stat, key)

src/misc/deprecated.c

Lines changed: 4 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -223,13 +223,12 @@ int rsa_args_to_op_params(const unsigned char *lparam, unsigned long lparamlen,
223223
.wprng = prng_idx,
224224
.padding = padding,
225225
.params.saltlen = saltlen,
226+
.params.hash_idx = -1,
227+
.params.mgf1_hash_idx = -1,
226228
};
227229
if ((err = hash_is_valid(hash_idx)) == CRYPT_OK) {
228-
if (hash_descriptor[hash_idx].name == NULL) {
229-
return CRYPT_INVALID_HASH;
230-
}
231-
p.params.hash_alg = hash_descriptor[hash_idx].name;
232-
p.params.mgf1_hash_alg = p.params.hash_alg;
230+
p.params.hash_idx = hash_idx;
231+
p.params.mgf1_hash_idx = hash_idx;
233232
*params = p;
234233
} else if (padding == LTC_PKCS_1_V1_5 || padding == LTC_PKCS_1_V1_5_NA1) {
235234
/* PKCS#1 1.5 does not necessarily require a hash */

src/pk/rsa/rsa_import_x509.c

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -84,7 +84,8 @@ static int s_rsa_decode_parameters(const rsa_pss_parameters_data *d, ltc_rsa_par
8484
int err, idx;
8585

8686
rsa_params->saltlen = 20;
87-
rsa_params->hash_alg = rsa_params->mgf1_hash_alg = "sha1";
87+
rsa_params->hash_idx = find_hash("sha1");
88+
rsa_params->mgf1_hash_idx = rsa_params->hash_idx;
8889

8990
for (n = 0; n < 4; ++n) {
9091
if (d->params[n].used == 0)
@@ -95,7 +96,7 @@ static int s_rsa_decode_parameters(const rsa_pss_parameters_data *d, ltc_rsa_par
9596
if (idx == -1) {
9697
return CRYPT_INVALID_HASH;
9798
}
98-
rsa_params->hash_alg = hash_descriptor[idx].name;
99+
rsa_params->hash_idx = idx;
99100
break;
100101
case 1:
101102
if ((err = pk_get_oid_from_asn1(&d->mgf[0], &oid_id)) != CRYPT_OK) {
@@ -108,7 +109,7 @@ static int s_rsa_decode_parameters(const rsa_pss_parameters_data *d, ltc_rsa_par
108109
if (idx == -1) {
109110
return CRYPT_INVALID_HASH;
110111
}
111-
rsa_params->mgf1_hash_alg = hash_descriptor[idx].name;
112+
rsa_params->mgf1_hash_idx = idx;
112113
break;
113114
case 2:
114115
rsa_params->saltlen = d->salt_length;

src/pk/rsa/rsa_key.c

Lines changed: 9 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -119,12 +119,10 @@ static LTC_INLINE int s_rsa_key_valid_rsa_params(ltc_rsa_op_checked *check)
119119
&& check->params->padding != LTC_PKCS_1_OAEP) {
120120
return CRYPT_PK_TYPE_MISMATCH;
121121
}
122-
if (key_params->hash_alg == NULL
123-
|| find_hash(key_params->hash_alg) != check->hash_alg) {
122+
if (key_params->hash_idx != check->hash_alg) {
124123
return CRYPT_INVALID_HASH;
125124
}
126-
if (key_params->mgf1_hash_alg == NULL
127-
|| find_hash(key_params->mgf1_hash_alg) != check->mgf1_hash_alg) {
125+
if (key_params->mgf1_hash_idx != check->mgf1_hash_alg) {
128126
return CRYPT_INVALID_HASH;
129127
}
130128
return CRYPT_OK;
@@ -133,14 +131,15 @@ static LTC_INLINE int s_rsa_key_valid_rsa_params(ltc_rsa_op_checked *check)
133131
static LTC_INLINE int s_rsa_key_set_hash_algs(ltc_rsa_op_checked *check)
134132
{
135133
ltc_rsa_op_parameters *params = check->params;
136-
if (params->params.hash_alg == NULL
137-
|| (check->hash_alg = find_hash(params->params.hash_alg)) == -1) {
134+
if (hash_is_valid(params->params.hash_idx) != CRYPT_OK) {
138135
return CRYPT_INVALID_HASH;
139136
}
140-
if (params->params.mgf1_hash_alg == NULL) {
137+
check->hash_alg = params->params.hash_idx;
138+
if (params->params.mgf1_hash_idx == -1) {
141139
if (params->padding != LTC_PKCS_1_PSS && params->padding != LTC_PKCS_1_OAEP)
142140
return CRYPT_OK;
143-
} else if ((check->mgf1_hash_alg = find_hash(params->params.mgf1_hash_alg)) != -1) {
141+
} else if (hash_is_valid(params->params.mgf1_hash_idx) == CRYPT_OK) {
142+
check->mgf1_hash_alg = params->params.mgf1_hash_idx;
144143
return CRYPT_OK;
145144
}
146145
return CRYPT_INVALID_HASH;
@@ -234,13 +233,9 @@ int rsa_params_equal(const ltc_rsa_parameters *a, const ltc_rsa_parameters *b)
234233
{
235234
if (a->saltlen != b->saltlen)
236235
return 0;
237-
if (!a->hash_alg || !b->hash_alg)
236+
if (a->hash_idx != b->hash_idx)
238237
return 0;
239-
if (XSTRCMP(a->hash_alg, b->hash_alg))
240-
return 0;
241-
if (!a->mgf1_hash_alg || !b->mgf1_hash_alg)
242-
return 0;
243-
if (XSTRCMP(a->mgf1_hash_alg, b->mgf1_hash_alg))
238+
if (a->mgf1_hash_idx != b->mgf1_hash_idx)
244239
return 0;
245240
return 1;
246241
}

tests/pkcs_1_eme_test.c

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,10 +14,11 @@ int pkcs_1_eme_test(void)
1414
ltc_rsa_op_parameters rsa_params = {
1515
.wprng = register_prng(no_prng_desc),
1616
.prng = (void*)no_prng_desc,
17-
.params.hash_alg = "sha1",
17+
.params.hash_idx = -1,
1818
.padding = LTC_PKCS_1_V1_5
1919
};
2020
unsigned int i, j;
21+
rsa_params.params.hash_idx = find_hash("sha1");
2122

2223
if (ltc_mp.name == NULL) return CRYPT_NOP;
2324

tests/pkcs_1_emsa_test.c

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -11,11 +11,12 @@
1111
int pkcs_1_emsa_test(void)
1212
{
1313
ltc_rsa_op_parameters rsa_params = {
14-
.params.hash_alg = "sha1",
14+
.params.hash_idx = -1,
1515
.padding = LTC_PKCS_1_V1_5
1616
};
1717
int hash_idx = find_hash("sha1");
1818
unsigned int i, j;
19+
rsa_params.params.hash_idx = hash_idx;
1920

2021
if (ltc_mp.name == NULL) return CRYPT_NOP;
2122

tests/pkcs_1_oaep_test.c

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -14,11 +14,13 @@ int pkcs_1_oaep_test(void)
1414
ltc_rsa_op_parameters rsa_params = {
1515
.wprng = register_prng(no_prng_desc),
1616
.prng = (void*)no_prng_desc,
17-
.params.hash_alg = "sha1",
18-
.params.mgf1_hash_alg = "sha1",
17+
.params.hash_idx = -1,
18+
.params.mgf1_hash_idx = -1,
1919
.padding = LTC_PKCS_1_OAEP
2020
};
2121
unsigned int i, j;
22+
rsa_params.params.hash_idx = find_hash("sha1");
23+
rsa_params.params.mgf1_hash_idx = rsa_params.params.hash_idx;
2224

2325
if (ltc_mp.name == NULL) return CRYPT_NOP;
2426

tests/pkcs_1_pss_test.c

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -14,12 +14,14 @@ int pkcs_1_pss_test(void)
1414
ltc_rsa_op_parameters rsa_params = {
1515
.wprng = register_prng(no_prng_desc),
1616
.prng = (void*)no_prng_desc,
17-
.params.hash_alg = "sha1",
18-
.params.mgf1_hash_alg = "sha1",
17+
.params.hash_idx = -1,
18+
.params.mgf1_hash_idx = -1,
1919
.padding = LTC_PKCS_1_PSS
2020
};
2121
int hash_idx = find_hash("sha1");
2222
unsigned int i, j;
23+
rsa_params.params.hash_idx = hash_idx;
24+
rsa_params.params.mgf1_hash_idx = hash_idx;
2325

2426
if (ltc_mp.name == NULL) return CRYPT_NOP;
2527

tests/pkcs_1_test.c

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -19,9 +19,11 @@ int pkcs_1_test(void)
1919
ltc_rsa_op_parameters rsa_params = {
2020
.wprng = find_prng("yarrow"),
2121
.prng = &yarrow_prng,
22-
.params.hash_alg = "sha1",
23-
.params.mgf1_hash_alg = "sha1",
22+
.params.hash_idx = -1,
23+
.params.mgf1_hash_idx = -1,
2424
};
25+
rsa_params.params.hash_idx = find_hash("sha1");
26+
rsa_params.params.mgf1_hash_idx = rsa_params.params.hash_idx;
2527

2628
srand(LTC_TEST_RAND_SEED);
2729
/* do many tests */

tests/rsa_test.c

Lines changed: 14 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -322,7 +322,10 @@ static int s_rsa_cryptx_issue_69(void)
322322
unsigned char buf0[512], buf1[512];
323323
unsigned long l0, l1;
324324
int stat;
325-
ltc_rsa_op_parameters rsa_params = {0};
325+
ltc_rsa_op_parameters rsa_params = {
326+
.params.hash_idx = -1,
327+
.params.mgf1_hash_idx = -1,
328+
};
326329

327330
l0 = sizeof(buf0);
328331
l1 = sizeof(buf1);
@@ -495,11 +498,12 @@ static int s_rsa_pss_test(void)
495498
.padding = LTC_PKCS_1_OAEP,
496499
.u.crypt.lparam = tv,
497500
.u.crypt.lparamlen = (unsigned long)4,
498-
.params.hash_alg = "sha1",
499-
.params.mgf1_hash_alg = "sha256",
500501
.params.saltlen = 7,
501502
};
502503

504+
rsa_oparams.params.hash_idx = find_hash("sha1");
505+
rsa_oparams.params.mgf1_hash_idx = find_hash("sha256");
506+
503507
DO(rsa_import(ltc_rsa_private_test_key, sizeof(ltc_rsa_private_test_key), &key));
504508

505509
buf0len = sizeof(buf0);
@@ -536,9 +540,10 @@ int rsa_test(void)
536540
return 1;
537541
}
538542

539-
rsa_params.params.hash_alg = "sha1";
543+
rsa_params.params.hash_idx = find_hash("sha1");
544+
rsa_params.params.mgf1_hash_idx = rsa_params.params.hash_idx;
540545
rsa_params.wprng = find_prng("yarrow");
541-
mgf_hash = find_hash(rsa_params.params.hash_alg);
546+
mgf_hash = rsa_params.params.hash_idx;
542547
if (mgf_hash == -1 || rsa_params.wprng == -1) {
543548
fprintf(stderr, "rsa_test requires LTC_SHA1 and yarrow");
544549
return 1;
@@ -601,8 +606,8 @@ print_hex("q", tmp, len);
601606
if (2 * hash_descriptor[label_hash].hashsize > 126)
602607
continue;
603608
max_msgsize = 128 - (2 * hash_descriptor[label_hash].hashsize) - 2;
604-
rsa_params.params.hash_alg = hash_descriptor[label_hash].name;
605-
rsa_params.params.mgf1_hash_alg = hash_descriptor[mgf_hash].name;
609+
rsa_params.params.hash_idx = label_hash;
610+
rsa_params.params.mgf1_hash_idx = mgf_hash;
606611

607612
#if defined(LTC_TEST_DBG) && LTC_TEST_DBG > 1
608613
fprintf(stderr, "Test MGF(%s), Labelhash(%s) with max_msgsize %lu\n", hash_descriptor[mgf_hash].name, hash_descriptor[label_hash].name, max_msgsize);
@@ -652,8 +657,8 @@ print_hex("q", tmp, len);
652657

653658
}
654659
}
655-
rsa_params.params.hash_alg = "sha1";
656-
rsa_params.params.mgf1_hash_alg = "sha1";
660+
rsa_params.params.hash_idx = find_hash("sha1");
661+
rsa_params.params.mgf1_hash_idx = rsa_params.params.hash_idx;
657662

658663

659664
/* encrypt the key PKCS #1 v1.5 (payload from 1 to 117 bytes) */

0 commit comments

Comments
 (0)