Merge pull request #1 from canokeys/support_rsa4096

Support rsa4096
canokeys · May 21, 2020 · 969d40a · 969d40a
2 parents 24d022e + 3727cc4
commit 969d40a
Show file tree

Hide file tree

Showing 3 changed files with 41 additions and 21 deletions.
diff --git a/include/rsa.h b/include/rsa.h
@@ -5,20 +5,39 @@
 #include <stddef.h>
 #include <stdint.h>
 
-#define RSA_N_BIT 2048u
+#define RSA_N_BIT_MAX 4096
 #define E_LENGTH 4
-#define N_LENGTH (RSA_N_BIT / 8)
-#define PQ_LENGTH (RSA_N_BIT / 16)
+#define PQ_LENGTH_MAX (RSA_N_BIT_MAX / 16)
 
 typedef struct {
+  uint16_t nbits;
   alignas(4) uint8_t e[E_LENGTH];
-  alignas(4) uint8_t p[PQ_LENGTH];
-  alignas(4) uint8_t q[PQ_LENGTH];
-  alignas(4) uint8_t n[N_LENGTH];
+  alignas(4) uint8_t p[PQ_LENGTH_MAX];
+  alignas(4) uint8_t q[PQ_LENGTH_MAX];
+  alignas(4) uint8_t dp[PQ_LENGTH_MAX];
+  alignas(4) uint8_t dq[PQ_LENGTH_MAX];
+  alignas(4) uint8_t qinv[PQ_LENGTH_MAX];
 } rsa_key_t;
 
-int rsa_generate_key(rsa_key_t *key);
-int rsa_complete_key(rsa_key_t *key);
+/**
+ * Generate a new RSA key. We always set e = 65537.
+ *
+ * @param key   The generated key.
+ * @param nbits The size of the public key in bits.
+ *
+ * @return 0 on success.
+ */
+int rsa_generate_key(rsa_key_t *key, uint16_t nbits);
+
+/**
+ * Compute the public key given a RSA private key.
+ *
+ * @param key The given private key.
+ * @param n   The corresponding public key.
+ *
+ * @return 0 on success.
+ */
+int rsa_get_public_key(rsa_key_t *key, uint8_t *n);
 int rsa_private(rsa_key_t *key, const uint8_t *input, uint8_t *output);
 int rsa_sign_pkcs_v15(rsa_key_t *key, const uint8_t *data, size_t len, uint8_t *sig);
 int rsa_decrypt_pkcs_v15(rsa_key_t *key, const uint8_t *in, size_t *olen, uint8_t *out);

diff --git a/mbed-crypto b/mbed-crypto
diff --git a/src/rsa.c b/src/rsa.c
@@ -33,27 +33,28 @@ static int pkcs1_v15_remove_padding(const uint8_t *in, uint16_t in_len, uint8_t
   return in_len - (i + 1);
 }
 
-__attribute__((weak)) int rsa_generate_key(rsa_key_t *key) {
+__attribute__((weak)) int rsa_generate_key(rsa_key_t *key, uint16_t nbits) {
 #ifdef USE_MBEDCRYPTO
   mbedtls_rsa_context rsa;
   mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V15, 0);
-  if (mbedtls_rsa_gen_key(&rsa, rnd, NULL, RSA_N_BIT, 65537) < 0) return -1;
-  if (mbedtls_rsa_export_raw(&rsa, key->n, N_LENGTH, key->p, PQ_LENGTH, key->q, PQ_LENGTH, NULL, 0, key->e, 4) < 0)
-    return -1;
+  if (mbedtls_rsa_gen_key(&rsa, rnd, NULL, nbits, 65537) < 0) return -1;
+  key->nbits = nbits;
+  int pq_len = nbits / 16;
+  if (mbedtls_rsa_export_raw(&rsa, NULL, 0, key->p, pq_len, key->q, pq_len, NULL, 0, key->e, 4) < 0) return -1;
 #else
   (void)key;
 #endif
   return 0;
 }
 
-__attribute__((weak)) int rsa_complete_key(rsa_key_t *key) {
+__attribute__((weak)) int rsa_get_public_key(rsa_key_t *key, uint8_t *n) {
 #ifdef USE_MBEDCRYPTO
   mbedtls_rsa_context rsa;
   mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V15, 0);
-  if (mbedtls_rsa_import_raw(&rsa, NULL, 0, key->p, PQ_LENGTH, key->q, PQ_LENGTH, NULL, 0, key->e, 4) < 0) return -1;
+  int pq_len = key->nbits / 16;
+  if (mbedtls_rsa_import_raw(&rsa, NULL, 0, key->p, pq_len, key->q, pq_len, NULL, 0, key->e, 4) < 0) return -1;
   if (mbedtls_rsa_complete(&rsa) < 0) return -1;
-  if (mbedtls_rsa_export_raw(&rsa, key->n, N_LENGTH, key->p, PQ_LENGTH, key->q, PQ_LENGTH, NULL, 0, key->e, 4) < 0)
-    return -1;
+  if (mbedtls_rsa_export_raw(&rsa, n, pq_len * 2, NULL, 0, NULL, 0, NULL, 0, NULL, 0) < 0) return -1;
 #else
   (void)key;
 #endif
@@ -64,8 +65,8 @@ __attribute__((weak)) int rsa_private(rsa_key_t *key, const uint8_t *input, uint
 #ifdef USE_MBEDCRYPTO
   mbedtls_rsa_context rsa;
   mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V15, 0);
-  if (mbedtls_rsa_import_raw(&rsa, key->n, N_LENGTH, key->p, PQ_LENGTH, key->q, PQ_LENGTH, NULL, 0, key->e, 4) < 0)
-    return -1;
+  int pq_len = key->nbits / 16;
+  if (mbedtls_rsa_import_raw(&rsa, NULL, 0, key->p, pq_len, key->q, pq_len, NULL, 0, key->e, 4) < 0) return -1;
   if (mbedtls_rsa_complete(&rsa) < 0) return -1;
   if (mbedtls_rsa_private(&rsa, rnd, NULL, input, output) < 0) return -1;
 #else
@@ -77,13 +78,13 @@ __attribute__((weak)) int rsa_private(rsa_key_t *key, const uint8_t *input, uint
 }
 
 int rsa_sign_pkcs_v15(rsa_key_t *key, const uint8_t *data, size_t len, uint8_t *sig) {
-  if (pkcs1_v15_add_padding(data, len, sig, N_LENGTH) < 0) return -1;
+  if (pkcs1_v15_add_padding(data, len, sig, key->nbits / 8) < 0) return -1;
   return rsa_private(key, sig, sig);
 }
 
 int rsa_decrypt_pkcs_v15(rsa_key_t *key, const uint8_t *in, size_t *olen, uint8_t *out) {
   if (rsa_private(key, in, out) < 0) return -1;
-  int len = pkcs1_v15_remove_padding(out, N_LENGTH, out);
+  int len = pkcs1_v15_remove_padding(out, key->nbits / 8, out);
   if (len < 0) return -1;
   *olen = len;
   return 0;