Separating rsa-verify and rsa-verify?.

Uploading snow packages with pkcs1 padding.
2025-07-08 21:47:33 +02:00 · 2014-06-23 00:08:19 +09:00 · 2014-06-23 00:08:19 +09:00 · 34e1a27cb1
commit 34e1a27cb1
parent ce3f1ab3e8
4 changed files with 51 additions and 22 deletions
--- a/lib/chibi/crypto/rsa.scm
+++ b/lib/chibi/crypto/rsa.scm
@ -58,7 +58,7 @@
 (define (rsa-encrypt-integer pub-key msg)
  (if (>= msg (rsa-key-n pub-key))
-      (error "message larger than modulus"))
+      (error "message larger than modulus" msg (rsa-key-n pub-key)))
  (modular-expt msg (rsa-key-e pub-key) (rsa-key-n pub-key)))
 (define (rsa-decrypt-integer priv-key cipher)
@ -66,9 +66,9 @@
      (error "cipher larger than modulus"))
  (modular-expt cipher (rsa-key-d priv-key) (rsa-key-n priv-key)))
-;; Arbitrary messages are encrypted by converting padded bytevectors
+;; Arbitrary messages are encrypted by converting encoded bytevectors
 ;; to and from integers.
-;; TODO: user better padding
+;; TODO: user emsa-pss encoding
 (define (convert-plain f key msg)
  (cond
@ -115,10 +115,14 @@
      (error "can't sign without a private key" priv-key)
      (convert-plain rsa-decrypt-integer priv-key msg)))
 ;;> Returns the verified (decrypted) message for the signature \var{sig}.
 (define (rsa-verify pub-key sig)
  (if (not (rsa-key-e pub-key))
      (error "can't verify without a public key" pub-key)
      (convert-cipher rsa-encrypt-integer pub-key sig)))
 ;;> Returns true iff \var{sig} is a valid signature of \var{msg} for
 ;;> the given public key \var{pub-key}.
 (define (rsa-verify? pub-key msg sig)
-  (if (not (rsa-key-e pub-key))
+  (equal? (if (string? msg) (string->utf8 msg) msg)
-      (error "can't verify without a public key" pub-key)
+          (rsa-verify pub-key sig)))
      (equal? (if (string? msg) (string->utf8 msg) msg)
              (convert-cipher rsa-encrypt-integer pub-key sig))))
--- a/lib/chibi/crypto/rsa.sld
+++ b/lib/chibi/crypto/rsa.sld
@ -1,7 +1,9 @@
 (define-library (chibi crypto rsa)
-  (import (scheme base) (srfi 33) (chibi bytevector) (chibi math prime))
+  (import (scheme base) (srfi 27) (srfi 33)
          (chibi bytevector) (chibi math prime))
  (export make-rsa-key rsa-key-gen rsa-key-gen-from-primes rsa-pub-key
-          rsa-encrypt rsa-decrypt rsa-sign rsa-verify?
+          rsa-encrypt rsa-decrypt rsa-sign rsa-verify rsa-verify?
-          rsa-key? rsa-key-bits rsa-key-n rsa-key-e rsa-key-d)
+          rsa-key? rsa-key-bits rsa-key-n rsa-key-e rsa-key-d
          pkcs1-pad pkcs1-unpad)
  (include "rsa.scm"))
--- a/lib/chibi/snow/commands.scm
+++ b/lib/chibi/snow/commands.scm
@ -496,11 +496,12 @@
                                                  ,(rsa-key-n rsa-key)
                                                  #f
                                                  ,(rsa-key-d rsa-key))
-                                    ,(hex-string->integer digest))
+                                    ;;,(hex-string->integer digest)
                                    ,(hex-string->bytevector digest))
                         '((chibi crypto rsa))))
-         (hex-sig (integer->hex-string sig)))
+         (hex-sig (if (bytevector? sig)
-    (if (not (equal? sig (hex-string->integer hex-sig)))
+                      (bytevector->hex-string sig)
-        (error "hex-string conversion invalid" sig hex-sig))
+                      (integer->hex-string sig))))
    `(signature
      (email ,email)
      (digest ,digest-name)
@ -531,14 +532,11 @@
                                (find (rsa-identity=? email) keys))
                           (car keys)))
         (rsa-key (extract-rsa-public-key rsa-key-sexp))
-         (cipher (rsa-encrypt rsa-key (hex-string->integer sig))))
+         (cipher (rsa-verify rsa-key (hex-string->bytevector sig)))
-    ;; (rsa-verify? rsa-key
+         (digest-bv (hex-string->bytevector digest)))
-    ;;              (hex-string->integer digest)
+    (if (equal? cipher digest-bv)
    ;;              (hex-string->integer sig))
    (if (equal? cipher (hex-string->integer digest))
        (show #t "signature valid " nl)
-        (show #t "signature invalid "
+        (show #t "signature invalid " cipher " != " digest-bv nl))))
              cipher " " (hex-string->integer digest) nl))))
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;; Upload - upload a package.
--- a/tests/rsa-tests.scm
+++ b/tests/rsa-tests.scm
@ -1,5 +1,8 @@
-(import (scheme base) (scheme write) (chibi crypto rsa) (chibi test))
+(import (scheme base)
        (chibi crypto rsa)
        (chibi crypto sha2)
        (chibi test))
 (test-begin "rsa")
@ -53,4 +56,26 @@
 ;; (test-key (rsa-key-gen 512))   ; 4s
 ;; (test-key (rsa-key-gen 1024))  ; 92s
 ;; padding
 (test #u8(8 8 8 8 8 8 8 8) (pkcs1-pad #u8()))
 (test #u8(1 7 7 7 7 7 7 7) (pkcs1-pad #u8(1)))
 (test #u8(1 2 6 6 6 6 6 6) (pkcs1-pad #u8(1 2)))
 (test #u8(1 2 3 5 5 5 5 5) (pkcs1-pad #u8(1 2 3)))
 (test #u8(1 2 3 4 4 4 4 4) (pkcs1-pad #u8(1 2 3 4)))
 (test #u8(1 2 3 4 5 3 3 3) (pkcs1-pad #u8(1 2 3 4 5)))
 (test #u8(1 2 3 4 5 6 2 2) (pkcs1-pad #u8(1 2 3 4 5 6)))
 (test #u8(1 2 3 4 5 6 7 1) (pkcs1-pad #u8(1 2 3 4 5 6 7)))
 (test #u8(1 2 3 4 5 6 7 8 8 8 8 8 8 8 8 8) (pkcs1-pad #u8(1 2 3 4 5 6 7 8)))
 (test #u8() (pkcs1-unpad #u8(8 8 8 8 8 8 8 8)))
 (test #u8(1) (pkcs1-unpad #u8(1 7 7 7 7 7 7 7)))
 (test #u8(1 2) (pkcs1-unpad #u8(1 2 6 6 6 6 6 6)))
 (test #u8(1 2 3) (pkcs1-unpad #u8(1 2 3 5 5 5 5 5)))
 (test #u8(1 2 3 4) (pkcs1-unpad #u8(1 2 3 4 4 4 4 4)))
 (test #u8(1 2 3 4 5) (pkcs1-unpad #u8(1 2 3 4 5 3 3 3)))
 (test #u8(1 2 3 4 5 6) (pkcs1-unpad #u8(1 2 3 4 5 6 2 2)))
 (test #u8(1 2 3 4 5 6 7) (pkcs1-unpad #u8(1 2 3 4 5 6 7 1)))
 (test #u8(1 2 3 4 5 6 7 8) (pkcs1-unpad #u8(1 2 3 4 5 6 7 8 8 8 8 8 8 8 8 8)))
 (test-end)