source: EcnlProtoTool/trunk/openssl-1.1.0e/crypto/rsa/rsa_x931g.c@ 331

Last change on this file since 331 was 331, checked in by coas-nagasima, 6 years ago

prototoolに関連するプロジェクトをnewlibからmuslを使うよう変更・更新
ntshellをnewlibの下位の実装から、muslのsyscallの実装に変更・更新
以下のOSSをアップデート
・mruby-1.3.0
・musl-1.1.18
・onigmo-6.1.3
・tcc-0.9.27
以下のOSSを追加
・openssl-1.1.0e
・curl-7.57.0
・zlib-1.2.11
以下のmrbgemsを追加
・iij/mruby-digest
・iij/mruby-env
・iij/mruby-errno
・iij/mruby-iijson
・iij/mruby-ipaddr
・iij/mruby-mock
・iij/mruby-require
・iij/mruby-tls-openssl
  • Property svn:eol-style set to native
  • Property svn:mime-type set to text/x-csrc
File size: 4.6 KB
Line 
1/*
2 * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the OpenSSL license (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10#include <stdio.h>
11#include <string.h>
12#include <time.h>
13#include <openssl/err.h>
14#include <openssl/bn.h>
15#include "rsa_locl.h"
16
17/* X9.31 RSA key derivation and generation */
18
19int RSA_X931_derive_ex(RSA *rsa, BIGNUM *p1, BIGNUM *p2, BIGNUM *q1,
20 BIGNUM *q2, const BIGNUM *Xp1, const BIGNUM *Xp2,
21 const BIGNUM *Xp, const BIGNUM *Xq1, const BIGNUM *Xq2,
22 const BIGNUM *Xq, const BIGNUM *e, BN_GENCB *cb)
23{
24 BIGNUM *r0 = NULL, *r1 = NULL, *r2 = NULL, *r3 = NULL;
25 BN_CTX *ctx = NULL, *ctx2 = NULL;
26 int ret = 0;
27
28 if (!rsa)
29 goto err;
30
31 ctx = BN_CTX_new();
32 if (ctx == NULL)
33 goto err;
34 BN_CTX_start(ctx);
35
36 r0 = BN_CTX_get(ctx);
37 r1 = BN_CTX_get(ctx);
38 r2 = BN_CTX_get(ctx);
39 r3 = BN_CTX_get(ctx);
40
41 if (r3 == NULL)
42 goto err;
43 if (!rsa->e) {
44 rsa->e = BN_dup(e);
45 if (!rsa->e)
46 goto err;
47 } else
48 e = rsa->e;
49
50 /*
51 * If not all parameters present only calculate what we can. This allows
52 * test programs to output selective parameters.
53 */
54
55 if (Xp && rsa->p == NULL) {
56 rsa->p = BN_new();
57 if (rsa->p == NULL)
58 goto err;
59
60 if (!BN_X931_derive_prime_ex(rsa->p, p1, p2,
61 Xp, Xp1, Xp2, e, ctx, cb))
62 goto err;
63 }
64
65 if (Xq && rsa->q == NULL) {
66 rsa->q = BN_new();
67 if (rsa->q == NULL)
68 goto err;
69 if (!BN_X931_derive_prime_ex(rsa->q, q1, q2,
70 Xq, Xq1, Xq2, e, ctx, cb))
71 goto err;
72 }
73
74 if (rsa->p == NULL || rsa->q == NULL) {
75 BN_CTX_end(ctx);
76 BN_CTX_free(ctx);
77 return 2;
78 }
79
80 /*
81 * Since both primes are set we can now calculate all remaining
82 * components.
83 */
84
85 /* calculate n */
86 rsa->n = BN_new();
87 if (rsa->n == NULL)
88 goto err;
89 if (!BN_mul(rsa->n, rsa->p, rsa->q, ctx))
90 goto err;
91
92 /* calculate d */
93 if (!BN_sub(r1, rsa->p, BN_value_one()))
94 goto err; /* p-1 */
95 if (!BN_sub(r2, rsa->q, BN_value_one()))
96 goto err; /* q-1 */
97 if (!BN_mul(r0, r1, r2, ctx))
98 goto err; /* (p-1)(q-1) */
99
100 if (!BN_gcd(r3, r1, r2, ctx))
101 goto err;
102
103 if (!BN_div(r0, NULL, r0, r3, ctx))
104 goto err; /* LCM((p-1)(q-1)) */
105
106 ctx2 = BN_CTX_new();
107 if (ctx2 == NULL)
108 goto err;
109
110 rsa->d = BN_mod_inverse(NULL, rsa->e, r0, ctx2); /* d */
111 if (rsa->d == NULL)
112 goto err;
113
114 /* calculate d mod (p-1) */
115 rsa->dmp1 = BN_new();
116 if (rsa->dmp1 == NULL)
117 goto err;
118 if (!BN_mod(rsa->dmp1, rsa->d, r1, ctx))
119 goto err;
120
121 /* calculate d mod (q-1) */
122 rsa->dmq1 = BN_new();
123 if (rsa->dmq1 == NULL)
124 goto err;
125 if (!BN_mod(rsa->dmq1, rsa->d, r2, ctx))
126 goto err;
127
128 /* calculate inverse of q mod p */
129 rsa->iqmp = BN_mod_inverse(NULL, rsa->q, rsa->p, ctx2);
130
131 ret = 1;
132 err:
133 if (ctx)
134 BN_CTX_end(ctx);
135 BN_CTX_free(ctx);
136 BN_CTX_free(ctx2);
137
138 return ret;
139
140}
141
142int RSA_X931_generate_key_ex(RSA *rsa, int bits, const BIGNUM *e,
143 BN_GENCB *cb)
144{
145 int ok = 0;
146 BIGNUM *Xp = NULL, *Xq = NULL;
147 BN_CTX *ctx = NULL;
148
149 ctx = BN_CTX_new();
150 if (ctx == NULL)
151 goto error;
152
153 BN_CTX_start(ctx);
154 Xp = BN_CTX_get(ctx);
155 Xq = BN_CTX_get(ctx);
156 if (!BN_X931_generate_Xpq(Xp, Xq, bits, ctx))
157 goto error;
158
159 rsa->p = BN_new();
160 rsa->q = BN_new();
161 if (rsa->p == NULL || rsa->q == NULL)
162 goto error;
163
164 /* Generate two primes from Xp, Xq */
165
166 if (!BN_X931_generate_prime_ex(rsa->p, NULL, NULL, NULL, NULL, Xp,
167 e, ctx, cb))
168 goto error;
169
170 if (!BN_X931_generate_prime_ex(rsa->q, NULL, NULL, NULL, NULL, Xq,
171 e, ctx, cb))
172 goto error;
173
174 /*
175 * Since rsa->p and rsa->q are valid this call will just derive remaining
176 * RSA components.
177 */
178
179 if (!RSA_X931_derive_ex(rsa, NULL, NULL, NULL, NULL,
180 NULL, NULL, NULL, NULL, NULL, NULL, e, cb))
181 goto error;
182
183 ok = 1;
184
185 error:
186 if (ctx)
187 BN_CTX_end(ctx);
188 BN_CTX_free(ctx);
189
190 if (ok)
191 return 1;
192
193 return 0;
194
195}
Note: See TracBrowser for help on using the repository browser.