Cryptography Reference
In-Depth Information
8. Returning to the
rsa_encrypt
function; now you've encrypted the input
block, and the result is in huge
c
. Convert this huge
c
into a byte array:
*output = ( unsigned char * ) realloc( *output, encrypted_size );
unload_huge( &c, *output + ( encrypted_size - modulus_length ),
modulus_length );
9. Allocate space for the output at the end of the
output
array — if this is
the fi rst iteration, the end is the beginning — and
unload_huge
, shown in
Listing 3-23, into it.
Listing 3-23:
“huge.c” unload_huge
void unload_huge( const huge *h, unsigned char *bytes, int length )
{
memcpy( bytes + ( length - h->size ), h->rep, length );
}
10. Adjust
len
and
input
and free the previously allocated
huge
s for the next
iteration.
len -= block_size;
input += block_size;
free_huge( &m );
free_huge( &c );
}
If the input is less than
modulus_length - 11
bytes (which, for SSL/TLS, is
actually always the case), there will only be one iteration.
Decrypting an RSA-Encrypted Message
Decryption is, of course, the opposite.
You operate on blocks of
modulus_length
at a time, decrypt the block — again
using
rsa_compute
, but this time with the private key — and remove the pad-
ding, as shown in Listing 3-24.
Listing 3-24:
“rsa.c” rsa_decrypt
/**
* Convert the input into key-length blocks and decrypt, unpadding
* each time.
* Return -1 if the input is not an even multiple of the key modulus
* length or if the padding type is not “2”, otherwise return the
* length of the decrypted data.
*/
int rsa_decrypt( unsigned char *input,
unsigned int len,
unsigned char **output,
rsa_key *private_key )
Search WWH ::
Custom Search