File Coverage

inc/CryptX_PK_RSA.xs.inc

Criterion	Covered	Total	%
statement	308	402	76.6
branch	159	302	52.6
condition			n/a
subroutine			n/a
pod			n/a
total	467	704	66.3

line	stmt	bran	code
1			MODULE = CryptX PACKAGE = Crypt::PK::RSA
2
3			PROTOTYPES: DISABLE
4
5			Crypt::PK::RSA
6			_new(Class)
7			CODE:
8			{
9			int rv;
10	116		Newz(0, RETVAL, 1, struct rsa_struct);
11	116	50	if (!RETVAL) croak("FATAL: Newz failed");
12	116		RETVAL->key.type = -1;
13	116		RETVAL->pindex = find_prng("chacha20");
14	116		RETVAL->last_pid = (IV)PerlProc_getpid();
15	116	50	if (RETVAL->pindex == -1) {
16	0		zeromem(RETVAL, sizeof(*RETVAL));
17	0		Safefree(RETVAL);
18	0		croak("FATAL: find_prng('chacha20') failed");
19			}
20	116		rv = rng_make_prng(320, RETVAL->pindex, &RETVAL->pstate, NULL); /* 320bits = 40bytes */
21	116	50	if (rv != CRYPT_OK) {
22	0		zeromem(RETVAL, sizeof(*RETVAL));
23	0		Safefree(RETVAL);
24	0		croak("FATAL: rng_make_prng failed: %s", error_to_string(rv));
25			}
26			}
27			OUTPUT:
28			RETVAL
29
30			void
31			generate_key(Crypt::PK::RSA self, int key_size=256, long key_e=65537)
32			PPCODE:
33			{
34			/* key_size is in octets */
35			int rv;
36	4		cryptx_internal_pk_prng_reseed(&self->pstate, self->pindex, &self->last_pid);
37	4	100	if (self->key.type != -1) { rsa_free(&self->key); self->key.type = -1; }
38			/* gen the key */
39	4		rv = rsa_make_key(&self->pstate, self->pindex, key_size, key_e, &self->key);
40	4	50	if (rv != CRYPT_OK) croak("FATAL: rsa_make_key failed: %s", error_to_string(rv));
41	4	50	XPUSHs(ST(0)); /* return self */
42			}
43
44			void
45			_import(Crypt::PK::RSA self, SV * key_data)
46			PPCODE:
47			{
48			int rv;
49	93		unsigned char *data=NULL;
50	93		STRLEN data_len=0;
51
52	93		data = (unsigned char *)SvPVbyte(key_data, data_len);
53	93	100	if (self->key.type != -1) { rsa_free(&self->key); self->key.type = -1; }
54	93		rv = rsa_import(data, (unsigned long)data_len, &self->key);
55	93	100	if (rv != CRYPT_OK) croak("FATAL: rsa_import failed: %s", error_to_string(rv));
56	91	50	XPUSHs(ST(0)); /* return self */
57			}
58
59			void
60			_import_pkcs8(Crypt::PK::RSA self, SV * key_data, SV * passwd)
61			PPCODE:
62			{
63			int rv;
64	2		unsigned char *data = NULL;
65	2		STRLEN data_len = 0;
66	2		password_ctx pw_ctx = { cryptx_internal_password_cb_getpw, cryptx_internal_password_cb_free, passwd };
67
68	2		data = (unsigned char *)SvPVbyte(key_data, data_len);
69	2	50	if (self->key.type != -1) { rsa_free(&self->key); self->key.type = -1; }
70	2	100	if (SvOK(passwd)) {
71	1		rv = rsa_import_pkcs8(data, (unsigned long)data_len, &pw_ctx, &self->key);
72			}
73			else {
74	1		rv = rsa_import_pkcs8(data, (unsigned long)data_len, NULL, &self->key);
75			}
76	2	50	if (rv != CRYPT_OK) croak("FATAL: rsa_import_pkcs8 failed: %s", error_to_string(rv));
77	2	50	XPUSHs(ST(0)); /* return self */
78			}
79
80			void
81			_import_pem(Crypt::PK::RSA self, SV * key_data, SV * passwd)
82			PPCODE:
83			{
84			int rv;
85	56		unsigned char *data = NULL;
86	56		STRLEN data_len = 0;
87	56		password_ctx pw_ctx = { cryptx_internal_password_cb_getpw, cryptx_internal_password_cb_free, passwd };
88			ltc_pka_key key_from_pem;
89
90	56		data = (unsigned char *)SvPVbyte(key_data, data_len);
91	56	100	if (self->key.type != -1) { rsa_free(&self->key); self->key.type = -1; }
92	56	100	if (SvOK(passwd)) {
93	22		rv = pem_decode_pkcs(data, (unsigned long)data_len, &key_from_pem, &pw_ctx);
94			}
95			else {
96	34		rv = pem_decode_pkcs(data, (unsigned long)data_len, &key_from_pem, NULL);
97			}
98	56	50	if (rv != CRYPT_OK) croak("FATAL: pem_decode_pkcs failed: %s", error_to_string(rv));
99	56	50	if (key_from_pem.id != LTC_PKA_RSA && key_from_pem.id != LTC_PKA_RSA_PSS) {
		0
100	0		pka_key_free(&key_from_pem);
101	0		croak("FATAL: pem_decode_pkcs decoded non-RSA key");
102			}
103	56		self->key = key_from_pem.u.rsa;
104	56	50	XPUSHs(ST(0)); /* return self */
105			}
106
107
108			void
109			_import_openssh(Crypt::PK::RSA self, SV * key_data, SV * passwd)
110			PPCODE:
111			{
112			int rv;
113	18		unsigned char *data = NULL;
114	18		STRLEN data_len = 0;
115	18		password_ctx pw_ctx = { cryptx_internal_password_cb_getpw, cryptx_internal_password_cb_free, passwd };
116			ltc_pka_key key_from_pem;
117
118	18		data = (unsigned char *)SvPVbyte(key_data, data_len);
119	18	50	if (self->key.type != -1) { rsa_free(&self->key); self->key.type = -1; }
120	18	100	if (SvOK(passwd)) {
121	6		rv = pem_decode_openssh(data, (unsigned long)data_len, &key_from_pem, &pw_ctx);
122			}
123			else {
124	12		rv = pem_decode_openssh(data, (unsigned long)data_len, &key_from_pem, NULL);
125			}
126	18	50	if (rv != CRYPT_OK) croak("FATAL: pem_decode_openssh failed: %s", error_to_string(rv));
127	18	50	if (key_from_pem.id != LTC_PKA_RSA && key_from_pem.id != LTC_PKA_RSA_PSS) {
		0
128	0		pka_key_free(&key_from_pem);
129	0		croak("FATAL: pem_decode_openssh decoded non-RSA key");
130			}
131	18		self->key = key_from_pem.u.rsa;
132	18	50	XPUSHs(ST(0)); /* return self */
133			}
134
135			void
136			_import_x509(Crypt::PK::RSA self, SV * key_data)
137			PPCODE:
138			{
139			int rv;
140	0		unsigned char *data=NULL;
141	0		STRLEN data_len=0;
142
143	0		data = (unsigned char *)SvPVbyte(key_data, data_len);
144	0	0	if (self->key.type != -1) { rsa_free(&self->key); self->key.type = -1; }
145	0		rv = rsa_import_x509(data, (unsigned long)data_len, &self->key);
146	0	0	if (rv != CRYPT_OK) croak("FATAL: rsa_import_x509 failed: %s", error_to_string(rv));
147	0	0	XPUSHs(ST(0)); /* return self */
148			}
149
150			void
151			_import_hex(Crypt::PK::RSA self, char N, char e, char d=NULL, char p=NULL, char q=NULL, char dP=NULL, char dQ=NULL, char qP=NULL)
152			PPCODE:
153			{
154			int rv;
155			unsigned char Nbin[1024], ebin[128], dbin[1024], pbin[512], qbin[512], dPbin[512], dQbin[512], qPbin[512];
156	9		unsigned long Nlen=sizeof(Nbin), elen=sizeof(ebin), dlen=sizeof(dbin), plen=sizeof(pbin),
157	9		qlen=sizeof(qbin), dPlen=sizeof(dPbin), dQlen=sizeof(dQbin), qPlen=sizeof(qPbin);
158
159	9		rv = radix_to_bin(N, 16, Nbin, &Nlen);
160	9	50	if (rv != CRYPT_OK) croak("FATAL: radix_to_bin(N) failed: %s", error_to_string(rv));
161	9		rv = radix_to_bin(e, 16, ebin, &elen);
162	9	50	if (rv != CRYPT_OK) croak("FATAL: radix_to_bin(e) failed: %s", error_to_string(rv));
163	9	100	if (self->key.type != -1) { rsa_free(&self->key); self->key.type = -1; }
164
165	9	100	if (d && strlen(d) > 0) {
		50
166			/* private */
167	2		rv = radix_to_bin(d, 16, dbin, &dlen);
168	2	50	if (rv != CRYPT_OK) croak("FATAL: radix_to_bin(d) failed: %s", error_to_string(rv));
169	2		rv = rsa_set_key(Nbin, Nlen, ebin, elen, dbin, dlen, &self->key);
170	2	50	if (rv != CRYPT_OK) croak("FATAL: rsa_set_key failed: %s", error_to_string(rv));
171			}
172			else {
173			/* public */
174	7		rv = rsa_set_key(Nbin, Nlen, ebin, elen, NULL, 0, &self->key);
175	7	50	if (rv != CRYPT_OK) croak("FATAL: rsa_set_key failed: %s", error_to_string(rv));
176			}
177
178	9	100	if (p && strlen(p) > 0 && q && strlen(q) > 0) {
		50
		50
		50
179			/* private only */
180	2		rv = radix_to_bin(p, 16, pbin, &plen);
181	2	50	if (rv != CRYPT_OK) croak("FATAL: radix_to_bin(p) failed: %s", error_to_string(rv));
182	2		rv = radix_to_bin(q, 16, qbin, &qlen);
183	2	50	if (rv != CRYPT_OK) croak("FATAL: radix_to_bin(q) failed: %s", error_to_string(rv));
184	2		rv = rsa_set_factors(pbin, plen, qbin, qlen, &self->key);
185	2	50	if (rv != CRYPT_OK) croak("FATAL: rsa_set_factors failed: %s", error_to_string(rv));
186			}
187
188	9	100	if (dP && strlen(dP) > 0 && dQ && strlen(dQ) > 0 && qP && strlen(qP) > 0) {
		50
		50
		50
		50
		50
189			/* private only */
190	2		rv = radix_to_bin(dP, 16, dPbin, &dPlen);
191	2	50	if (rv != CRYPT_OK) croak("FATAL: radix_to_bin(dP) failed: %s", error_to_string(rv));
192	2		rv = radix_to_bin(dQ, 16, dQbin, &dQlen);
193	2	50	if (rv != CRYPT_OK) croak("FATAL: radix_to_bin(dQ) failed: %s", error_to_string(rv));
194	2		rv = radix_to_bin(qP, 16, qPbin, &qPlen);
195	2	50	if (rv != CRYPT_OK) croak("FATAL: radix_to_bin(qP) failed: %s", error_to_string(rv));
196	2		rv = rsa_set_crt_params(dPbin, dPlen, dQbin, dQlen, qPbin, qPlen, &self->key);
197	2	50	if (rv != CRYPT_OK) croak("FATAL: rsa_set_crt_params failed: %s", error_to_string(rv));
198			}
199
200	9	50	XPUSHs(ST(0)); /* return self */
201			}
202
203			int
204			is_private(Crypt::PK::RSA self)
205			CODE:
206	89	50	if (self->key.type == -1 \|\| self->key.N == NULL) XSRETURN_UNDEF;
		50
207	89	100	RETVAL = (self->key.type == PK_PRIVATE) ? 1 : 0;
208			OUTPUT:
209			RETVAL
210
211			size_t
212			size(Crypt::PK::RSA self)
213			CODE:
214	2	50	if (self->key.type == -1 \|\| self->key.N == NULL) XSRETURN_UNDEF;
		50
215	2		RETVAL = mp_ubin_size(self->key.N);
216			OUTPUT:
217			RETVAL
218
219			SV*
220			key2hash(Crypt::PK::RSA self)
221			PREINIT:
222			HV *rv_hash;
223			size_t siz, nsize;
224			char buf[20001];
225			SV **not_used;
226			CODE:
227	141	50	if (self->key.type == -1 \|\| self->key.N == NULL) XSRETURN_UNDEF;
		50
228	141		nsize = mp_ubin_size(self->key.N);
229	141		rv_hash = newHV();
230			/* e */
231	141	50	siz = (self->key.e) ? mp_ubin_size(self->key.e) : 0;
232	141	50	if (siz>10000) {
233	0		zeromem(buf, sizeof(buf));
234	0		croak("FATAL: key2hash failed - 'e' too big number");
235			}
236	141	50	if (siz>0) {
237	141		cryptx_internal_mp2hex_with_leading_zero(self->key.e, buf, 20000, 0);
238	141		not_used = hv_store(rv_hash, "e", 1, newSVpv(buf, strlen(buf)), 0);
239			}
240			else{
241	0		not_used = hv_store(rv_hash, "e", 1, newSVpv("", 0), 0);
242			}
243			/* d */
244	141	50	siz = (self->key.d) ? mp_ubin_size(self->key.d) : 0;
245	141	50	if (siz>10000) {
246	0		zeromem(buf, sizeof(buf));
247	0		croak("FATAL: key2hash failed - 'd' too big number");
248			}
249	141	100	if (siz>0) {
250	81		cryptx_internal_mp2hex_with_leading_zero(self->key.d, buf, 20000, 0);
251	81		not_used = hv_store(rv_hash, "d", 1, newSVpv(buf, strlen(buf)), 0);
252			}
253			else{
254	60		not_used = hv_store(rv_hash, "d", 1, newSVpv("", 0), 0);
255			}
256			/* N */
257	141	50	siz = (self->key.N) ? nsize : 0;
258	141	50	if (siz>10000) {
259	0		zeromem(buf, sizeof(buf));
260	0		croak("FATAL: key2hash failed - 'N' too big number");
261			}
262	141	50	if (siz>0) {
263	141		cryptx_internal_mp2hex_with_leading_zero(self->key.N, buf, 20000, 0);
264	141		not_used = hv_store(rv_hash, "N", 1, newSVpv(buf, strlen(buf)), 0);
265			}
266			else{
267	0		not_used = hv_store(rv_hash, "N", 1, newSVpv("", 0), 0);
268			}
269			/* q */
270	141	50	siz = (self->key.q) ? mp_ubin_size(self->key.q) : 0;
271	141	50	if (siz>10000) {
272	0		zeromem(buf, sizeof(buf));
273	0		croak("FATAL: key2hash failed - 'q' too big number");
274			}
275	141	100	if (siz>0) {
276	81		cryptx_internal_mp2hex_with_leading_zero(self->key.q, buf, 20000, 0);
277	81		not_used = hv_store(rv_hash, "q", 1, newSVpv(buf, strlen(buf)), 0);
278			}
279			else{
280	60		not_used = hv_store(rv_hash, "q", 1, newSVpv("", 0), 0);
281			}
282			/* p */
283	141	50	siz = (self->key.p) ? mp_ubin_size(self->key.p) : 0;
284	141	50	if (siz>10000) {
285	0		zeromem(buf, sizeof(buf));
286	0		croak("FATAL: key2hash failed - 'p' too big number");
287			}
288	141	100	if (siz>0) {
289	81		cryptx_internal_mp2hex_with_leading_zero(self->key.p, buf, 20000, 0);
290	81		not_used = hv_store(rv_hash, "p", 1, newSVpv(buf, strlen(buf)), 0);
291			}
292			else{
293	60		not_used = hv_store(rv_hash, "p", 1, newSVpv("", 0), 0);
294			}
295			/* qP */
296	141	50	siz = (self->key.qP) ? mp_ubin_size(self->key.qP) : 0;
297	141	50	if (siz>10000) {
298	0		zeromem(buf, sizeof(buf));
299	0		croak("FATAL: key2hash failed - 'qP' too big number");
300			}
301	141	100	if (siz>0) {
302	81		cryptx_internal_mp2hex_with_leading_zero(self->key.qP, buf, 20000, 0);
303	81		not_used = hv_store(rv_hash, "qP", 2, newSVpv(buf, strlen(buf)), 0);
304			}
305			else{
306	60		not_used = hv_store(rv_hash, "qP", 2, newSVpv("", 0), 0);
307			}
308			/* dP */
309	141	50	siz = (self->key.dP) ? mp_ubin_size(self->key.dP) : 0;
310	141	50	if (siz>10000) {
311	0		zeromem(buf, sizeof(buf));
312	0		croak("FATAL: key2hash failed - 'dP' too big number");
313			}
314	141	100	if (siz>0) {
315	81		cryptx_internal_mp2hex_with_leading_zero(self->key.dP, buf, 20000, 0);
316	81		not_used = hv_store(rv_hash, "dP", 2, newSVpv(buf, strlen(buf)), 0);
317			}
318			else{
319	60		not_used = hv_store(rv_hash, "dP", 2, newSVpv("", 0), 0);
320			}
321			/* dQ */
322	141	50	siz = (self->key.dQ) ? mp_ubin_size(self->key.dQ) : 0;
323	141	50	if (siz>10000) {
324	0		zeromem(buf, sizeof(buf));
325	0		croak("FATAL: key2hash failed - 'dQ' too big number");
326			}
327	141	100	if (siz>0) {
328	81		cryptx_internal_mp2hex_with_leading_zero(self->key.dQ, buf, 20000, 0);
329	81		not_used = hv_store(rv_hash, "dQ", 2, newSVpv(buf, strlen(buf)), 0);
330			}
331			else{
332	60		not_used = hv_store(rv_hash, "dQ", 2, newSVpv("", 0), 0);
333			}
334			/* size */
335	141		not_used = hv_store(rv_hash, "size", 4, newSViv(nsize), 0);
336			/* type */
337	141		not_used = hv_store(rv_hash, "type", 4, newSViv(self->key.type), 0);
338			LTC_UNUSED_PARAM(not_used);
339	141		zeromem(buf, sizeof(buf));
340	141		RETVAL = newRV_noinc((SV*)rv_hash);
341			OUTPUT:
342			RETVAL
343
344			SV*
345			export_key_der(Crypt::PK::RSA self, char * type)
346			CODE:
347			{
348			int rv;
349			unsigned char out[4096];
350	5		unsigned long out_len = 4096;
351
352	5		RETVAL = newSVpvn(NULL, 0); /* undef */
353	5	100	if (strEQ(type, "private")) {
354	2		rv = rsa_export(out, &out_len, PK_PRIVATE, &self->key);
355	2	50	if (rv != CRYPT_OK) { zeromem(out, sizeof(out)); croak("FATAL: rsa_export(PK_PRIVATE) failed: %s", error_to_string(rv)); }
356	2		sv_setpvn(RETVAL, (char*)out, out_len);
357			}
358	3	50	else if (strEQ(type, "public")) {
359	3		rv = rsa_export(out, &out_len, PK_PUBLIC\|PK_STD, &self->key);
360	3	50	if (rv != CRYPT_OK) { zeromem(out, sizeof(out)); croak("FATAL: rsa_export(PK_PUBLIC\|PK_STD) failed: %s", error_to_string(rv)); }
361	3		sv_setpvn(RETVAL, (char*)out, out_len);
362			}
363			else {
364	0		croak("FATAL: export_key_der invalid type '%s'", type);
365			}
366	5		zeromem(out, sizeof(out));
367			}
368			OUTPUT:
369			RETVAL
370
371			SV *
372			encrypt(Crypt::PK::RSA self, SV * data, const char * padding = "oaep", const char * mgf_hash = "SHA1", SV * oaep_lparam = NULL, const char * lparam_hash = NULL)
373			CODE:
374			{
375			int rv, mgf_hash_id, lparam_hash_id;
376	3		unsigned char *lparam_ptr=NULL;
377	3		STRLEN lparam_len=0;
378	3		unsigned char *data_ptr=NULL;
379	3		STRLEN data_len=0;
380			unsigned char buffer[1024];
381	3		unsigned long buffer_len = 1024;
382			ltc_rsa_op_parameters rsa_oparams;
383
384	3		data_ptr = (unsigned char *)SvPVbyte(data, data_len);
385
386	3		RETVAL = newSVpvn(NULL, 0); /* undef */
387	3		cryptx_internal_pk_prng_reseed(&self->pstate, self->pindex, &self->last_pid);
388	3	100	if (strnEQ(padding, "oaep", 4)) {
389	2		mgf_hash_id = cryptx_internal_find_hash(mgf_hash);
390	2	50	if (mgf_hash_id == -1) croak("FATAL: find_hash failed for '%s'", mgf_hash);
391	2	50	if (lparam_hash) {
392	0		lparam_hash_id = cryptx_internal_find_hash(lparam_hash);
393	0	0	if (lparam_hash_id == -1) croak("FATAL: find_hash failed for '%s'", lparam_hash);
394			}
395			else {
396	2		lparam_hash_id = mgf_hash_id;
397			}
398	2	50	if (oaep_lparam) lparam_ptr = (unsigned char *)SvPVbyte(oaep_lparam, lparam_len);
399	2		rsa_oparams.prng = &self->pstate;
400	2		rsa_oparams.wprng = self->pindex;
401	2		rsa_oparams.padding = LTC_PKCS_1_OAEP;
402	2		rsa_oparams.u.crypt.lparam = lparam_ptr;
403	2		rsa_oparams.u.crypt.lparamlen = (unsigned long)lparam_len;
404	2		rsa_oparams.params.hash_idx = lparam_hash_id;
405	2		rsa_oparams.params.mgf1_hash_idx = mgf_hash_id;
406	2		rsa_oparams.params.saltlen = 0;
407	2		rv = rsa_encrypt_key_v2(data_ptr, (unsigned long)data_len, buffer, &buffer_len, &rsa_oparams, &self->key);
408	2	50	if (rv != CRYPT_OK) { zeromem(buffer, sizeof(buffer)); croak("FATAL: rsa_encrypt_key_v2/oaep failed: %s", error_to_string(rv)); }
409	2		sv_setpvn(RETVAL, (char*)buffer, buffer_len);
410			}
411	1	50	else if (strnEQ(padding, "v1.5", 4)) {
412	0		rsa_oparams.prng = &self->pstate;
413	0		rsa_oparams.wprng = self->pindex;
414	0		rsa_oparams.padding = LTC_PKCS_1_V1_5;
415	0		rsa_oparams.u.crypt.lparam = NULL; /* OAEP only */
416	0		rsa_oparams.u.crypt.lparamlen = 0; /* OAEP only */
417	0		rsa_oparams.params.hash_idx = -1; /* OAEP only */
418	0		rsa_oparams.params.mgf1_hash_idx = -1; /* OAEP only */
419	0		rsa_oparams.params.saltlen = 0; /* PSS only */
420	0		rv = rsa_encrypt_key_v2(data_ptr, (unsigned long)data_len, buffer, &buffer_len, &rsa_oparams, &self->key);
421	0	0	if (rv != CRYPT_OK) { zeromem(buffer, sizeof(buffer)); croak("FATAL: rsa_encrypt_key_v2/v1.5 failed: %s", error_to_string(rv)); }
422	0		sv_setpvn(RETVAL, (char*)buffer, buffer_len);
423			}
424	1	50	else if (strnEQ(padding, "none", 4)) {
425			/* raw RSA */
426	1		rv = ltc_mp.rsa_me(data_ptr, (unsigned long)data_len, buffer, &buffer_len, PK_PUBLIC, &self->key);
427	1	50	if (rv != CRYPT_OK) { zeromem(buffer, sizeof(buffer)); croak("FATAL: rsa_me failed: %s", error_to_string(rv)); }
428	1		sv_setpvn(RETVAL, (char*)buffer, buffer_len);
429			}
430			else {
431	0		croak("FATAL: rsa_encrypt invalid padding '%s'", padding);
432			}
433	3		zeromem(buffer, sizeof(buffer));
434			}
435			OUTPUT:
436			RETVAL
437
438			SV *
439			decrypt(Crypt::PK::RSA self, SV * data, const char * padding = "oaep", const char * mgf_hash = "SHA1", SV * oaep_lparam = NULL, const char * lparam_hash = NULL)
440			CODE:
441			{
442			int rv, lparam_hash_id, mgf_hash_id, stat;
443	40		unsigned char *lparam_ptr=NULL;
444	40		STRLEN lparam_len=0;
445	40		unsigned char *data_ptr=NULL;
446	40		STRLEN data_len=0;
447			unsigned char buffer[1024];
448	40		unsigned long buffer_len = 1024;
449			ltc_rsa_op_parameters rsa_oparams;
450
451	40		data_ptr = (unsigned char *)SvPVbyte(data, data_len);
452
453	40		RETVAL = newSVpvn(NULL, 0); /* undef */
454	40		cryptx_internal_pk_prng_reseed(&self->pstate, self->pindex, &self->last_pid);
455	40	100	if (strnEQ(padding, "oaep", 4)) {
456	3		mgf_hash_id = cryptx_internal_find_hash(mgf_hash);
457	3	50	if (mgf_hash_id == -1) croak("FATAL: find_hash failed for '%s'", mgf_hash);
458	3	100	if (lparam_hash) {
459	2		lparam_hash_id = cryptx_internal_find_hash(lparam_hash);
460	2	50	if (lparam_hash_id == -1) croak("FATAL: find_hash failed for '%s'", lparam_hash);
461			}
462			else {
463	1		lparam_hash_id = mgf_hash_id;
464			}
465	3	100	if (oaep_lparam) lparam_ptr = (unsigned char *)SvPVbyte(oaep_lparam, lparam_len);
466	3		rsa_oparams.prng = NULL;
467	3		rsa_oparams.wprng = 0;
468	3		rsa_oparams.padding = LTC_PKCS_1_OAEP;
469	3		rsa_oparams.u.crypt.lparam = lparam_ptr;
470	3		rsa_oparams.u.crypt.lparamlen = (unsigned long)lparam_len;
471	3		rsa_oparams.params.hash_idx = lparam_hash_id;
472	3		rsa_oparams.params.mgf1_hash_idx = mgf_hash_id;
473	3		rsa_oparams.params.saltlen = 0;
474	3		rv = rsa_decrypt_key_v2(data_ptr, (unsigned long)data_len, buffer, &buffer_len, &rsa_oparams, &stat, &self->key);
475	3	100	if (rv != CRYPT_OK) { zeromem(buffer, sizeof(buffer)); croak("FATAL: rsa_decrypt_key_v2 failed: %s", error_to_string(rv)); }
476	1	50	if (stat != 1) { zeromem(buffer, sizeof(buffer)); croak("FATAL: rsa_decrypt - not valid OAEP packet"); }
477	1		sv_setpvn(RETVAL, (char*)buffer, buffer_len);
478			}
479	37	100	else if (strnEQ(padding, "v1.5", 4)) {
480	36		rsa_oparams.prng = &self->pstate;
481	36		rsa_oparams.wprng = self->pindex;
482	36		rsa_oparams.padding = LTC_PKCS_1_V1_5;
483	36		rsa_oparams.u.crypt.lparam = NULL; /* OAEP only */
484	36		rsa_oparams.u.crypt.lparamlen = 0; /* OAEP only */
485	36		rsa_oparams.params.hash_idx = -1; /* OAEP only */
486	36		rsa_oparams.params.mgf1_hash_idx = -1; /* OAEP only */
487	36		rsa_oparams.params.saltlen = 0; /* PSS only */
488	36		rv = rsa_decrypt_key_v2(data_ptr, (unsigned long)data_len, buffer, &buffer_len, &rsa_oparams, &stat, &self->key);
489	36	50	if (rv != CRYPT_OK) { zeromem(buffer, sizeof(buffer)); croak("FATAL: rsa_decrypt_key_v2 failed: %s", error_to_string(rv)); }
490	36	50	if (stat != 1) { zeromem(buffer, sizeof(buffer)); croak("FATAL: rsa_decrypt - invalid"); }
491	36		sv_setpvn(RETVAL, (char*)buffer, buffer_len);
492			}
493	1	50	else if (strnEQ(padding, "none", 4)) {
494			/* raw RSA */
495	1		rv = ltc_mp.rsa_me(data_ptr, (unsigned long)data_len, buffer, &buffer_len, PK_PRIVATE, &self->key);
496	1	50	if (rv != CRYPT_OK) { zeromem(buffer, sizeof(buffer)); croak("FATAL: rsa_me failed: %s", error_to_string(rv)); }
497	1		sv_setpvn(RETVAL, (char*)buffer, buffer_len);
498			}
499			else {
500	0		croak("FATAL: rsa_decrypt invalid padding '%s'", padding);
501			}
502	38		zeromem(buffer, sizeof(buffer));
503			}
504			OUTPUT:
505			RETVAL
506
507			SV *
508			sign_hash(Crypt::PK::RSA self, SV * data, const char * hash_name = "SHA1", const char * padding = "pss", unsigned long saltlen=12, const char * mgf_hash_name = NULL)
509			ALIAS:
510			sign_message = 1
511			CODE:
512			{
513			int rv, hash_id, mgf_hash_id;
514	9		unsigned char buffer[1024], tmp[MAXBLOCKSIZE], *data_ptr = NULL;
515	9		unsigned long tmp_len = MAXBLOCKSIZE, buffer_len = 1024;
516	9		STRLEN data_len = 0;
517			ltc_rsa_op_parameters rsa_oparams;
518
519	9		data_ptr = (unsigned char *)SvPVbyte(data, data_len);
520	9		cryptx_internal_pk_prng_reseed(&self->pstate, self->pindex, &self->last_pid);
521	9	100	if (ix == 1) {
522	5		hash_id = cryptx_internal_find_hash(hash_name);
523	5	50	if (hash_id == -1) croak("FATAL: find_hash failed for '%s'", hash_name);
524	5		rv = hash_memory(hash_id, data_ptr, (unsigned long)data_len, tmp, &tmp_len);
525	5	50	if (rv != CRYPT_OK) { zeromem(tmp, sizeof(tmp)); croak("FATAL: hash_memory failed: %s", error_to_string(rv)); }
526	5		data_ptr = tmp;
527	5		data_len = tmp_len;
528			}
529	9	50	if (strnEQ(padding, "pss", 3)) {
530	9		hash_id = cryptx_internal_find_hash(hash_name);
531	9	50	if (hash_id == -1) croak("FATAL: find_hash failed for '%s'", hash_name);
532	9	50	mgf_hash_id = mgf_hash_name ? cryptx_internal_find_hash(mgf_hash_name) : hash_id;
533	9	50	if (mgf_hash_id == -1) croak("FATAL: find_hash failed for '%s'", mgf_hash_name);
534	9		rsa_oparams.prng = &self->pstate;
535	9		rsa_oparams.wprng = self->pindex;
536	9		rsa_oparams.padding = LTC_PKCS_1_PSS;
537	9		rsa_oparams.u.crypt.lparam = NULL;
538	9		rsa_oparams.u.crypt.lparamlen = 0;
539	9		rsa_oparams.params.hash_idx = hash_id;
540	9		rsa_oparams.params.mgf1_hash_idx = mgf_hash_id;
541	9		rsa_oparams.params.saltlen = saltlen;
542	9		rv = rsa_sign_hash_v2(data_ptr, (unsigned long)data_len, buffer, &buffer_len, &rsa_oparams, &self->key);
543	9	50	if (rv != CRYPT_OK) {
544	0		zeromem(buffer, sizeof(buffer));
545	0		zeromem(tmp, sizeof(tmp));
546	0		croak("FATAL: rsa_sign_hash_v2 failed: %s", error_to_string(rv));
547			}
548	9		RETVAL = newSVpvn((char*)buffer, buffer_len);
549			}
550	0	0	else if (strnEQ(padding, "v1.5", 4)) {
551	0		hash_id = cryptx_internal_find_hash(hash_name);
552	0	0	if (hash_id == -1) croak("FATAL: find_hash failed for '%s'", hash_name);
553	0		rsa_oparams.prng = &self->pstate;
554	0		rsa_oparams.wprng = self->pindex;
555	0		rsa_oparams.padding = LTC_PKCS_1_V1_5;
556	0		rsa_oparams.u.crypt.lparam = NULL;
557	0		rsa_oparams.u.crypt.lparamlen = 0;
558	0		rsa_oparams.params.hash_idx = hash_id;
559	0		rsa_oparams.params.mgf1_hash_idx = -1;
560	0		rsa_oparams.params.saltlen = 0;
561	0		rv = rsa_sign_hash_v2(data_ptr, (unsigned long)data_len, buffer, &buffer_len, &rsa_oparams, &self->key);
562	0	0	if (rv != CRYPT_OK) {
563	0		zeromem(buffer, sizeof(buffer));
564	0		zeromem(tmp, sizeof(tmp));
565	0		croak("FATAL: rsa_sign_hash_v2 failed: %s", error_to_string(rv));
566			}
567	0		RETVAL = newSVpvn((char*)buffer, buffer_len);
568			}
569	0	0	else if (strnEQ(padding, "v1.5.na1", 8)) {
570	0		croak("FATAL: LTC_PKCS_1_V1_5_NA1 not implemented");
571			}
572	0	0	else if (strnEQ(padding, "none", 4)) {
573			/* raw RSA */
574	0		rv = ltc_mp.rsa_me(data_ptr, (unsigned long)data_len, buffer, &buffer_len, PK_PRIVATE, &self->key);
575	0	0	if (rv != CRYPT_OK) {
576	0		zeromem(buffer, sizeof(buffer));
577	0		zeromem(tmp, sizeof(tmp));
578	0		croak("FATAL: rsa_me failed: %s", error_to_string(rv));
579			}
580	0		RETVAL = newSVpvn((char*)buffer, buffer_len);
581			}
582			else {
583	0		croak("FATAL: rsa_sign invalid padding '%s'", padding);
584			}
585	9		zeromem(buffer, sizeof(buffer));
586	9		zeromem(tmp, sizeof(tmp));
587			}
588			OUTPUT:
589			RETVAL
590
591			int
592			verify_hash(Crypt::PK::RSA self, SV * sig, SV * data, const char * hash_name = "SHA1", const char * padding = "pss", unsigned long saltlen = 12, const char * mgf_hash_name = NULL)
593			ALIAS:
594			verify_message = 1
595			CODE:
596			{
597			int rv, hash_id, mgf_hash_id, stat;
598	115		unsigned char tmp[MAXBLOCKSIZE], buffer[1024], data_ptr = NULL, sig_ptr = NULL;
599	115		unsigned long i, tmp_len = MAXBLOCKSIZE, buffer_len = 1024;
600	115		STRLEN data_len = 0, sig_len = 0;
601			ltc_rsa_op_parameters rsa_oparams;
602
603	115		data_ptr = (unsigned char *)SvPVbyte(data, data_len);
604	115		sig_ptr = (unsigned char *)SvPVbyte(sig, sig_len);
605	115		cryptx_internal_pk_prng_reseed(&self->pstate, self->pindex, &self->last_pid);
606	115	100	if (ix == 1) {
607	111		hash_id = cryptx_internal_find_hash(hash_name);
608	111	50	if (hash_id == -1) croak("FATAL: find_hash failed for '%s'", hash_name);
609	111		rv = hash_memory(hash_id, data_ptr, (unsigned long)data_len, tmp, &tmp_len);
610	111	50	if (rv != CRYPT_OK) croak("FATAL: hash_memory failed: %s", error_to_string(rv));
611	111		data_ptr = tmp;
612	111		data_len = tmp_len;
613			}
614	115		RETVAL = 1;
615	115		stat = 0;
616	115	100	if (strnEQ(padding, "pss", 3)) {
617	10		hash_id = cryptx_internal_find_hash(hash_name);
618	10	50	if (hash_id == -1) croak("FATAL: find_hash failed for '%s'", hash_name);
619	10	50	mgf_hash_id = mgf_hash_name ? cryptx_internal_find_hash(mgf_hash_name) : hash_id;
620	10	50	if (mgf_hash_id == -1) croak("FATAL: find_hash failed for '%s'", mgf_hash_name);
621	10		rsa_oparams.prng = &self->pstate;
622	10		rsa_oparams.wprng = self->pindex;
623	10		rsa_oparams.padding = LTC_PKCS_1_PSS;
624	10		rsa_oparams.u.crypt.lparam = NULL;
625	10		rsa_oparams.u.crypt.lparamlen = 0;
626	10		rsa_oparams.params.hash_idx = hash_id;
627	10		rsa_oparams.params.mgf1_hash_idx = mgf_hash_id;
628	10		rsa_oparams.params.saltlen = saltlen;
629	10		rv = rsa_verify_hash_v2(sig_ptr, (unsigned long)sig_len, data_ptr, (unsigned long)data_len, &rsa_oparams, &stat, &self->key);
630	10	50	if (rv != CRYPT_OK \|\| stat != 1) RETVAL = 0;
		100
631			}
632	105	50	else if (strnEQ(padding, "v1.5", 4)) {
633	105		hash_id = cryptx_internal_find_hash(hash_name);
634	105	50	if (hash_id == -1) croak("FATAL: find_hash failed for '%s'", hash_name);
635	105		rsa_oparams.prng = &self->pstate;
636	105		rsa_oparams.wprng = self->pindex;
637	105		rsa_oparams.padding = LTC_PKCS_1_V1_5;
638	105		rsa_oparams.u.crypt.lparam = NULL;
639	105		rsa_oparams.u.crypt.lparamlen = 0;
640	105		rsa_oparams.params.hash_idx = hash_id;
641	105		rsa_oparams.params.mgf1_hash_idx = -1;
642	105		rsa_oparams.params.saltlen = 0;
643	105		rv = rsa_verify_hash_v2(sig_ptr, (unsigned long)sig_len, data_ptr, (unsigned long)data_len, &rsa_oparams, &stat, &self->key);
644	105	50	if (rv != CRYPT_OK \|\| stat != 1) RETVAL = 0;
		100
645			}
646	0	0	else if (strnEQ(padding, "v1.5.na1", 8)) {
647	0		croak("FATAL: LTC_PKCS_1_V1_5_NA1 not implemented");
648			}
649	0	0	else if (strnEQ(padding, "none", 4)) {
650			/* raw RSA */
651	0		Zero(buffer, buffer_len, unsigned char);
652	0		rv = ltc_mp.rsa_me(sig_ptr, (unsigned long)sig_len, buffer, &buffer_len, PK_PUBLIC, &self->key);
653	0	0	if (rv != CRYPT_OK) croak("FATAL: rsa_me failed: %s", error_to_string(rv));
654	0	0	if (data_len <= buffer_len && buffer_len > 0 && data_len > 0) {
		0
		0
655	0		unsigned char acc = 0;
656	0	0	for (i = 0; i < buffer_len - data_len; i++) acc \|= buffer[i];
657	0	0	if (acc != 0) RETVAL = 0;
658	0	0	if (mem_neq(data_ptr, buffer + buffer_len - data_len, data_len)) RETVAL = 0;
659			}
660			else {
661	0		RETVAL = 0;
662			}
663			}
664			else {
665	0		croak("FATAL: rsa_verify invalid padding '%s'", padding);
666			}
667			}
668			OUTPUT:
669			RETVAL
670
671			void
672			DESTROY(Crypt::PK::RSA self)
673			CODE:
674	116	50	if (self->key.type != -1) { rsa_free(&self->key); self->key.type = -1; }
675	116	50	if (self->pindex >= 0 && prng_is_valid(self->pindex) == CRYPT_OK && prng_descriptor[self->pindex].done) {
		50
		50
676	116		prng_descriptor[self->pindex].done(&self->pstate);
677			}
678	116		zeromem(self, sizeof(*self));
679	116		Safefree(self);