10 * read encrypt/decrypt(msg)
12 * Sign (PKCS #1 using hash=sha1 or hash=md5)
15 * read signature(hash(msg))
20 * write signature(hash(msg))
23 * all numbers are hexadecimal biginits parsable with strtomp.
24 * must be lower case for attribute matching in start.
30 char *txt, buf[4096], *role;
42 c->state = "keylookup";
43 k = keylookup("%A", c->attr);
48 /* make sure have private half if needed */
49 role = strfindattr(c->attr, "role");
50 if(strcmp(role, "decrypt") == 0 && !key->c2){
51 werrstr("missing private half of key -- cannot decrypt");
57 if((n=convreadm(c, &txt)) < 0)
60 convprint(c, "data too short");
65 m = betomp((uchar*)txt, n, nil);
68 if(strcmp(role, "decrypt") == 0)
69 mm = rsadecrypt(key, m, nil);
71 mm = rsaencrypt(&key->pub, m, nil);
74 n = mptobe(mm, (uchar*)buf, sizeof buf, nil);
97 uchar sig[1024], digest[64];
103 c->state = "keylookup";
104 k = keylookup("%A", c->attr);
108 /* make sure have private half if needed */
110 role = strfindattr(c->attr, "role");
111 if(strcmp(role, "sign") == 0 && !key->c2){
112 werrstr("missing private half of key -- cannot sign");
116 /* get hash type from key */
117 hash = strfindattr(k->attr, "hash");
120 if(strcmp(hash, "sha1") == 0){
123 }else if(strcmp(hash, "md5") == 0){
127 werrstr("unknown hash function %s", hash);
132 c->state = "read hash";
133 if((n=convread(c, digest, dlen)) < 0)
136 if(strcmp(role, "sign") == 0){
138 if((n=rsasign(key, hashfn, digest, dlen, sig, sizeof sig)) < 0)
142 convwrite(c, sig, n);
145 if((n = convreadm(c, &sig2)) < 0)
149 if(rsaverify(&key->pub, hashfn, digest, dlen, (uchar*)sig2, n) == 0)
152 convprint(c, "signature does not verify");
163 * convert to canonical form (lower case)
164 * for use in attribute matches.
170 if('A' <= *a && *a <= 'Z')
181 priv = rsaprivalloc();
183 if((a=strfindattr(k->attr, "ek"))==nil
184 || (priv->pub.ek=strtomp(a, nil, 16, nil))==nil)
187 if((a=strfindattr(k->attr, "n"))==nil
188 || (priv->pub.n=strtomp(a, nil, 16, nil))==nil)
191 if(k->privattr == nil) /* only public half */
194 if((a=strfindattr(k->privattr, "!p"))==nil
195 || (priv->p=strtomp(a, nil, 16, nil))==nil)
198 if((a=strfindattr(k->privattr, "!q"))==nil
199 || (priv->q=strtomp(a, nil, 16, nil))==nil)
202 if(!probably_prime(priv->p, 20) || !probably_prime(priv->q, 20)) {
203 werrstr("rsa: p or q not prime");
206 if((a=strfindattr(k->privattr, "!kp"))==nil
207 || (priv->kp=strtomp(a, nil, 16, nil))==nil)
210 if((a=strfindattr(k->privattr, "!kq"))==nil
211 || (priv->kq=strtomp(a, nil, 16, nil))==nil)
214 if((a=strfindattr(k->privattr, "!c2"))==nil
215 || (priv->c2=strtomp(a, nil, 16, nil))==nil)
218 if((a=strfindattr(k->privattr, "!dk"))==nil
219 || (priv->dk=strtomp(a, nil, 16, nil))==nil)
232 static int first = 1;
235 fmtinstall('B', mpfmt);
239 if((k->priv = readrsapriv(k)) == nil){
240 werrstr("malformed key data");
249 rsaprivfree(k->priv);
257 "verify", xrsasign, /* public operation */
258 "decrypt", xrsadecrypt,
259 "encrypt", xrsadecrypt, /* public operation */