1/* LibTomCrypt, modular cryptographic library -- Tom St Denis
2 *
3 * LibTomCrypt is a library that provides various cryptographic
4 * algorithms in a highly modular and flexible manner.
5 *
6 * The library is free for all purposes without any express
7 * guarantee it works.
8 *
9 * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
10 */
11#include "tomcrypt.h"
12
13/**
14  @file katja_decrypt_key.c
15  Katja PKCS #1 OAEP Decryption, Tom St Denis
16*/
17
18#ifdef MKAT
19
20/**
21   (PKCS #1 v2.0) decrypt then OAEP depad
22   @param in          The ciphertext
23   @param inlen       The length of the ciphertext (octets)
24   @param out         [out] The plaintext
25   @param outlen      [in/out] The max size and resulting size of the plaintext (octets)
26   @param lparam      The system "lparam" value
27   @param lparamlen   The length of the lparam value (octets)
28   @param hash_idx    The index of the hash desired
29   @param stat        [out] Result of the decryption, 1==valid, 0==invalid
30   @param key         The corresponding private Katja key
31   @return CRYPT_OK if succcessul (even if invalid)
32*/
33int katja_decrypt_key(const unsigned char *in,       unsigned long  inlen,
34                          unsigned char *out,      unsigned long *outlen,
35                    const unsigned char *lparam,   unsigned long  lparamlen,
36                          int            hash_idx, int           *stat,
37                          katja_key       *key)
38{
39  unsigned long modulus_bitlen, modulus_bytelen, x;
40  int           err;
41  unsigned char *tmp;
42
43  LTC_ARGCHK(out    != NULL);
44  LTC_ARGCHK(outlen != NULL);
45  LTC_ARGCHK(key    != NULL);
46  LTC_ARGCHK(stat   != NULL);
47
48  /* default to invalid */
49  *stat = 0;
50
51  /* valid hash ? */
52  if ((err = hash_is_valid(hash_idx)) != CRYPT_OK) {
53     return err;
54  }
55
56  /* get modulus len in bits */
57  modulus_bitlen = mp_count_bits( (key->N));
58
59  /* payload is upto pq, so we know q is 1/3rd the size of N and therefore pq is 2/3th the size */
60 modulus_bitlen = ((modulus_bitlen << 1) / 3);
61
62  /* round down to next byte */
63  modulus_bitlen -= (modulus_bitlen & 7) + 8;
64
65  /* outlen must be at least the size of the modulus */
66  modulus_bytelen = mp_unsigned_bin_size( (key->N));
67  if (modulus_bytelen != inlen) {
68     return CRYPT_INVALID_PACKET;
69  }
70
71  /* allocate ram */
72  tmp = XMALLOC(inlen);
73  if (tmp == NULL) {
74     return CRYPT_MEM;
75  }
76
77  /* rsa decode the packet */
78  x = inlen;
79  if ((err = katja_exptmod(in, inlen, tmp, &x, PK_PRIVATE, key)) != CRYPT_OK) {
80     XFREE(tmp);
81     return err;
82  }
83
84  /* shift right by modulus_bytelen - modulus_bitlen/8  bytes */
85  for (x = 0; x < (modulus_bitlen >> 3); x++) {
86     tmp[x] = tmp[x+(modulus_bytelen-(modulus_bitlen>>3))];
87  }
88
89  /* now OAEP decode the packet */
90  err = pkcs_1_oaep_decode(tmp, x, lparam, lparamlen, modulus_bitlen, hash_idx,
91                           out, outlen, stat);
92
93  XFREE(tmp);
94  return err;
95}
96
97#endif /* MRSA */
98
99
100
101
102
103/* $Source: /cvs/libtom/libtomcrypt/src/pk/katja/katja_decrypt_key.c,v $ */
104/* $Revision: 1.4 $ */
105/* $Date: 2006/03/31 14:15:35 $ */
106