Cryptography Reference
In-Depth Information
free_huge( &c );
free_huge( &m );
}
free( padded_block );
return out_len;
}
This should be easy to follow, after the description of
rsa_encrypt
in
Listing 3-21 — the primary differences are that the input is always a multiple
of
modulus_length
; exit with an error if this is not the case. The block-length
computation is simpler. Check for padding type 2; most likely, if the decrypted
padding type is not 2, this represents a decryption error (for example, you
decrypted using the wrong private key). Remove the padding and copy the
resultant output, one block at a time, into the output array.
NOTE
The previously described padding algorithm is called PKCS1.5 pad-
ding. There are other, even more secure padding algorithms such as OAEP.
For now, though, PKCS1.5 padding is just fi ne; the attacks that OAEP guards
against are all theoretical attacks, although interesting. Additionally, TLS v1.0
mandates this padding, so there's not much point in implementing another
format unless it is used outside of SSL.
Note also that, technically speaking, you should also permit CBC chaining, as
well as other chaining algorithms such as OFB. However, SSL never uses RSA
for more than a single block, so this won't be examined here. If you're inter-
ested, the discussion on CBC in the previous chapter should make it simple to
add this feature.
Testing RSA Encryption and Decryption
Finally, develop a
main
routine, shown in Listing 3-25, that you can use to test
this out. How to compute
e
,
d
, and
n
has still not been covered, so hardcode
some default values that are used if nothing is passed in.
Listing 3-25:
“rsa.c” test main routine
#ifdef TEST_RSA
const unsigned char TestModulus[] = {
0xC4, 0xF8, 0xE9, 0xE1, 0x5D, 0xCA, 0xDF, 0x2B,
0x96, 0xC7, 0x63, 0xD9, 0x81, 0x00, 0x6A, 0x64,
0x4F, 0xFB, 0x44, 0x15, 0x03, 0x0A, 0x16, 0xED,
0x12, 0x83, 0x88, 0x33, 0x40, 0xF2, 0xAA, 0x0E,
0x2B, 0xE2, 0xBE, 0x8F, 0xA6, 0x01, 0x50, 0xB9,
0x04, 0x69, 0x65, 0x83, 0x7C, 0x3E, 0x7D, 0x15,
Search WWH ::
Custom Search