mirror of
https://github.com/ashinn/chibi-scheme.git
synced 2025-07-08 21:47:33 +02:00
Separating rsa-verify and rsa-verify?.
Uploading snow packages with pkcs1 padding.
This commit is contained in:
parent
ce3f1ab3e8
commit
34e1a27cb1
4 changed files with 51 additions and 22 deletions
|
@ -58,7 +58,7 @@
|
||||||
|
|
||||||
(define (rsa-encrypt-integer pub-key msg)
|
(define (rsa-encrypt-integer pub-key msg)
|
||||||
(if (>= msg (rsa-key-n pub-key))
|
(if (>= msg (rsa-key-n pub-key))
|
||||||
(error "message larger than modulus"))
|
(error "message larger than modulus" msg (rsa-key-n pub-key)))
|
||||||
(modular-expt msg (rsa-key-e pub-key) (rsa-key-n pub-key)))
|
(modular-expt msg (rsa-key-e pub-key) (rsa-key-n pub-key)))
|
||||||
|
|
||||||
(define (rsa-decrypt-integer priv-key cipher)
|
(define (rsa-decrypt-integer priv-key cipher)
|
||||||
|
@ -66,9 +66,9 @@
|
||||||
(error "cipher larger than modulus"))
|
(error "cipher larger than modulus"))
|
||||||
(modular-expt cipher (rsa-key-d priv-key) (rsa-key-n priv-key)))
|
(modular-expt cipher (rsa-key-d priv-key) (rsa-key-n priv-key)))
|
||||||
|
|
||||||
;; Arbitrary messages are encrypted by converting padded bytevectors
|
;; Arbitrary messages are encrypted by converting encoded bytevectors
|
||||||
;; to and from integers.
|
;; to and from integers.
|
||||||
;; TODO: user better padding
|
;; TODO: user emsa-pss encoding
|
||||||
|
|
||||||
(define (convert-plain f key msg)
|
(define (convert-plain f key msg)
|
||||||
(cond
|
(cond
|
||||||
|
@ -115,10 +115,14 @@
|
||||||
(error "can't sign without a private key" priv-key)
|
(error "can't sign without a private key" priv-key)
|
||||||
(convert-plain rsa-decrypt-integer priv-key msg)))
|
(convert-plain rsa-decrypt-integer priv-key msg)))
|
||||||
|
|
||||||
|
;;> Returns the verified (decrypted) message for the signature \var{sig}.
|
||||||
|
(define (rsa-verify pub-key sig)
|
||||||
|
(if (not (rsa-key-e pub-key))
|
||||||
|
(error "can't verify without a public key" pub-key)
|
||||||
|
(convert-cipher rsa-encrypt-integer pub-key sig)))
|
||||||
|
|
||||||
;;> Returns true iff \var{sig} is a valid signature of \var{msg} for
|
;;> Returns true iff \var{sig} is a valid signature of \var{msg} for
|
||||||
;;> the given public key \var{pub-key}.
|
;;> the given public key \var{pub-key}.
|
||||||
(define (rsa-verify? pub-key msg sig)
|
(define (rsa-verify? pub-key msg sig)
|
||||||
(if (not (rsa-key-e pub-key))
|
(equal? (if (string? msg) (string->utf8 msg) msg)
|
||||||
(error "can't verify without a public key" pub-key)
|
(rsa-verify pub-key sig)))
|
||||||
(equal? (if (string? msg) (string->utf8 msg) msg)
|
|
||||||
(convert-cipher rsa-encrypt-integer pub-key sig))))
|
|
||||||
|
|
|
@ -1,7 +1,9 @@
|
||||||
|
|
||||||
(define-library (chibi crypto rsa)
|
(define-library (chibi crypto rsa)
|
||||||
(import (scheme base) (srfi 33) (chibi bytevector) (chibi math prime))
|
(import (scheme base) (srfi 27) (srfi 33)
|
||||||
|
(chibi bytevector) (chibi math prime))
|
||||||
(export make-rsa-key rsa-key-gen rsa-key-gen-from-primes rsa-pub-key
|
(export make-rsa-key rsa-key-gen rsa-key-gen-from-primes rsa-pub-key
|
||||||
rsa-encrypt rsa-decrypt rsa-sign rsa-verify?
|
rsa-encrypt rsa-decrypt rsa-sign rsa-verify rsa-verify?
|
||||||
rsa-key? rsa-key-bits rsa-key-n rsa-key-e rsa-key-d)
|
rsa-key? rsa-key-bits rsa-key-n rsa-key-e rsa-key-d
|
||||||
|
pkcs1-pad pkcs1-unpad)
|
||||||
(include "rsa.scm"))
|
(include "rsa.scm"))
|
||||||
|
|
|
@ -496,11 +496,12 @@
|
||||||
,(rsa-key-n rsa-key)
|
,(rsa-key-n rsa-key)
|
||||||
#f
|
#f
|
||||||
,(rsa-key-d rsa-key))
|
,(rsa-key-d rsa-key))
|
||||||
,(hex-string->integer digest))
|
;;,(hex-string->integer digest)
|
||||||
|
,(hex-string->bytevector digest))
|
||||||
'((chibi crypto rsa))))
|
'((chibi crypto rsa))))
|
||||||
(hex-sig (integer->hex-string sig)))
|
(hex-sig (if (bytevector? sig)
|
||||||
(if (not (equal? sig (hex-string->integer hex-sig)))
|
(bytevector->hex-string sig)
|
||||||
(error "hex-string conversion invalid" sig hex-sig))
|
(integer->hex-string sig))))
|
||||||
`(signature
|
`(signature
|
||||||
(email ,email)
|
(email ,email)
|
||||||
(digest ,digest-name)
|
(digest ,digest-name)
|
||||||
|
@ -531,14 +532,11 @@
|
||||||
(find (rsa-identity=? email) keys))
|
(find (rsa-identity=? email) keys))
|
||||||
(car keys)))
|
(car keys)))
|
||||||
(rsa-key (extract-rsa-public-key rsa-key-sexp))
|
(rsa-key (extract-rsa-public-key rsa-key-sexp))
|
||||||
(cipher (rsa-encrypt rsa-key (hex-string->integer sig))))
|
(cipher (rsa-verify rsa-key (hex-string->bytevector sig)))
|
||||||
;; (rsa-verify? rsa-key
|
(digest-bv (hex-string->bytevector digest)))
|
||||||
;; (hex-string->integer digest)
|
(if (equal? cipher digest-bv)
|
||||||
;; (hex-string->integer sig))
|
|
||||||
(if (equal? cipher (hex-string->integer digest))
|
|
||||||
(show #t "signature valid " nl)
|
(show #t "signature valid " nl)
|
||||||
(show #t "signature invalid "
|
(show #t "signature invalid " cipher " != " digest-bv nl))))
|
||||||
cipher " " (hex-string->integer digest) nl))))
|
|
||||||
|
|
||||||
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
|
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
|
||||||
;; Upload - upload a package.
|
;; Upload - upload a package.
|
||||||
|
|
|
@ -1,5 +1,8 @@
|
||||||
|
|
||||||
(import (scheme base) (scheme write) (chibi crypto rsa) (chibi test))
|
(import (scheme base)
|
||||||
|
(chibi crypto rsa)
|
||||||
|
(chibi crypto sha2)
|
||||||
|
(chibi test))
|
||||||
|
|
||||||
(test-begin "rsa")
|
(test-begin "rsa")
|
||||||
|
|
||||||
|
@ -53,4 +56,26 @@
|
||||||
;; (test-key (rsa-key-gen 512)) ; 4s
|
;; (test-key (rsa-key-gen 512)) ; 4s
|
||||||
;; (test-key (rsa-key-gen 1024)) ; 92s
|
;; (test-key (rsa-key-gen 1024)) ; 92s
|
||||||
|
|
||||||
|
;; padding
|
||||||
|
|
||||||
|
(test #u8(8 8 8 8 8 8 8 8) (pkcs1-pad #u8()))
|
||||||
|
(test #u8(1 7 7 7 7 7 7 7) (pkcs1-pad #u8(1)))
|
||||||
|
(test #u8(1 2 6 6 6 6 6 6) (pkcs1-pad #u8(1 2)))
|
||||||
|
(test #u8(1 2 3 5 5 5 5 5) (pkcs1-pad #u8(1 2 3)))
|
||||||
|
(test #u8(1 2 3 4 4 4 4 4) (pkcs1-pad #u8(1 2 3 4)))
|
||||||
|
(test #u8(1 2 3 4 5 3 3 3) (pkcs1-pad #u8(1 2 3 4 5)))
|
||||||
|
(test #u8(1 2 3 4 5 6 2 2) (pkcs1-pad #u8(1 2 3 4 5 6)))
|
||||||
|
(test #u8(1 2 3 4 5 6 7 1) (pkcs1-pad #u8(1 2 3 4 5 6 7)))
|
||||||
|
(test #u8(1 2 3 4 5 6 7 8 8 8 8 8 8 8 8 8) (pkcs1-pad #u8(1 2 3 4 5 6 7 8)))
|
||||||
|
|
||||||
|
(test #u8() (pkcs1-unpad #u8(8 8 8 8 8 8 8 8)))
|
||||||
|
(test #u8(1) (pkcs1-unpad #u8(1 7 7 7 7 7 7 7)))
|
||||||
|
(test #u8(1 2) (pkcs1-unpad #u8(1 2 6 6 6 6 6 6)))
|
||||||
|
(test #u8(1 2 3) (pkcs1-unpad #u8(1 2 3 5 5 5 5 5)))
|
||||||
|
(test #u8(1 2 3 4) (pkcs1-unpad #u8(1 2 3 4 4 4 4 4)))
|
||||||
|
(test #u8(1 2 3 4 5) (pkcs1-unpad #u8(1 2 3 4 5 3 3 3)))
|
||||||
|
(test #u8(1 2 3 4 5 6) (pkcs1-unpad #u8(1 2 3 4 5 6 2 2)))
|
||||||
|
(test #u8(1 2 3 4 5 6 7) (pkcs1-unpad #u8(1 2 3 4 5 6 7 1)))
|
||||||
|
(test #u8(1 2 3 4 5 6 7 8) (pkcs1-unpad #u8(1 2 3 4 5 6 7 8 8 8 8 8 8 8 8 8)))
|
||||||
|
|
||||||
(test-end)
|
(test-end)
|
||||||
|
|
Loading…
Add table
Reference in a new issue