1/* LibTomCrypt, modular cryptographic library -- Tom St Denis
2 *
3 * LibTomCrypt is a library that provides various cryptographic
4 * algorithms in a highly modular and flexible manner.
5 *
6 * The library is free for all purposes without any express
7 * guarantee it works.
8 *
9 * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
10 */
11#include "tomcrypt.h"
12
13/**
14  @file rsa_decrypt_key.c
15  RSA PKCS #1 Decryption, Tom St Denis and Andreas Lange
16*/
17
18#ifdef MRSA
19
20/**
21   PKCS #1 decrypt then v1.5 or OAEP depad
22   @param in          The ciphertext
23   @param inlen       The length of the ciphertext (octets)
24   @param out         [out] The plaintext
25   @param outlen      [in/out] The max size and resulting size of the plaintext (octets)
26   @param lparam      The system "lparam" value
27   @param lparamlen   The length of the lparam value (octets)
28   @param hash_idx    The index of the hash desired
29   @param padding     Type of padding (LTC_PKCS_1_OAEP or LTC_PKCS_1_V1_5)
30   @param stat        [out] Result of the decryption, 1==valid, 0==invalid
31   @param key         The corresponding private RSA key
32   @return CRYPT_OK if succcessul (even if invalid)
33*/
34int rsa_decrypt_key_ex(const unsigned char *in,       unsigned long  inlen,
35                             unsigned char *out,      unsigned long *outlen,
36                       const unsigned char *lparam,   unsigned long  lparamlen,
37                             int            hash_idx, int            padding,
38                             int           *stat,     rsa_key       *key)
39{
40  unsigned long modulus_bitlen, modulus_bytelen, x;
41  int           err;
42  unsigned char *tmp;
43
44  LTC_ARGCHK(out    != NULL);
45  LTC_ARGCHK(outlen != NULL);
46  LTC_ARGCHK(key    != NULL);
47  LTC_ARGCHK(stat   != NULL);
48
49  /* default to invalid */
50  *stat = 0;
51
52  /* valid padding? */
53
54  if ((padding != LTC_PKCS_1_V1_5) &&
55      (padding != LTC_PKCS_1_OAEP)) {
56    return CRYPT_PK_INVALID_PADDING;
57  }
58
59  if (padding == LTC_PKCS_1_OAEP) {
60    /* valid hash ? */
61    if ((err = hash_is_valid(hash_idx)) != CRYPT_OK) {
62       return err;
63    }
64  }
65
66  /* get modulus len in bits */
67  modulus_bitlen = mp_count_bits( (key->N));
68
69  /* outlen must be at least the size of the modulus */
70  modulus_bytelen = mp_unsigned_bin_size( (key->N));
71  if (modulus_bytelen != inlen) {
72     return CRYPT_INVALID_PACKET;
73  }
74
75  /* allocate ram */
76  tmp = XMALLOC(inlen);
77  if (tmp == NULL) {
78     return CRYPT_MEM;
79  }
80
81  /* rsa decode the packet */
82  x = inlen;
83  if ((err = ltc_mp.rsa_me(in, inlen, tmp, &x, PK_PRIVATE, key)) != CRYPT_OK) {
84     XFREE(tmp);
85     return err;
86  }
87
88  if (padding == LTC_PKCS_1_OAEP) {
89    /* now OAEP decode the packet */
90    err = pkcs_1_oaep_decode(tmp, x, lparam, lparamlen, modulus_bitlen, hash_idx,
91                             out, outlen, stat);
92  } else {
93    /* now PKCS #1 v1.5 depad the packet */
94    err = pkcs_1_v1_5_decode(tmp, x, LTC_PKCS_1_EME, modulus_bitlen, out, outlen, stat);
95  }
96
97  XFREE(tmp);
98  return err;
99}
100
101#endif /* MRSA */
102
103/* $Source: /cvs/libtom/libtomcrypt/src/pk/rsa/rsa_decrypt_key.c,v $ */
104/* $Revision: 1.8 $ */
105/* $Date: 2006/11/01 09:18:22 $ */
106