draft

Author: NegaScout

docs/src/examples.md

@@ -19,9 +19,10 @@ using ToyPublicKeys
 Random.seed!(42)
 private_key, public_key = ToyPublicKeys.generate_rsa_key_pair(ToyPublicKeys.pkcs1_v1_5, 2048)
 msg = "Super authentic message!"
-println(msg)
-signature = ToyPublicKeys.sign(ToyPublicKeys.pkcs1_v1_5, msg, private_key)
-println(signature)
-authentic = ToyPublicKeys.verify_signature(ToyPublicKeys.pkcs1_v1_5, msg, signature, public_key)
-println(authentic)
+println("Currently this feature is disabled")
+#println(msg)
+#signature = ToyPublicKeys.sign(ToyPublicKeys.pkcs1_v1_5, msg, private_key)
+#println(signature)
+#authentic = ToyPublicKeys.verify_signature(ToyPublicKeys.pkcs1_v1_5, msg, signature, public_key)
+#println(authentic)
 ```

src/rsa.jl

@@ -83,15 +83,50 @@ RSA exponentiation step when only public key is available.
 Uses [repeated squares](https://en.wikipedia.org/wiki/Exponentiation_by_squaring)
 and other fast modulo exponentiation tricks in its GMP implementation (Base.GMP.MPZ.powm).
 """
-function RSADP(::pkcs1_v1_5_t, msg::BigInt, key::RSAPublicKey)
+function RSADP(v::pkcs1_v1_5_t, msg::BigInt, key::RSAPublicKey)
+    return RSAStep(v, msg, key)
+end
+
+"""
+    RSASP1(::pkcs1_v1_5_t, msg::BigInt, key::RSAPrivateKey)
+
+"""
+function RSASP1(v::pkcs1_v1_5_t, msg::BigInt, key::RSAPrivateKey)
+    return RSAStep(v, msg, key)
+end
+
+"""
+    RSAVP1(::pkcs1_v1_5_t, msg::BigInt, key::RSAPublicKey)
+
+"""
+function RSAVP1(v::pkcs1_v1_5_t, msg::BigInt, key::RSAPublicKey)
+    return RSAStep(v, msg, key)
+end
+
+function RSAStep(::pkcs1_v1_5_t, msg::BigInt, key::RSAPrivateKey)
     if !(0 <= msg < key.modulus)
         error("msg has to be 0 <= msg < n, got: msg = $msg, n = $key.modulus")
     end
-    return Base.GMP.MPZ.powm(msg, key.exponent, key.modulus)
+    ret = power_crt(
+        msg,
+        key.primes[1],
+        key.primes[2],
+        key.crt_exponents[1],
+        key.crt_exponents[2],
+        key.crt_coefficients[1],
+    )
+    ret < 0 && (ret += key.modulus)
+    return ret
 end
 
-RSAStep(a::pkcs1_v1_5_t, msg::BigInt, key::RSAPrivateKey) = RSAEP(a, msg, key)
-RSAStep(a::pkcs1_v1_5_t, msg::BigInt, key::RSAPublicKey) = RSADP(a, msg, key)
+function RSAStep(::pkcs1_v1_5_t, msg::BigInt, key::RSAPublicKey)
+    if !(0 <= msg < key.modulus)
+        error("msg has to be 0 <= msg < n, got: msg = $msg, n = $key.modulus")
+    end
+    ret = Base.GMP.MPZ.powm(msg, key.exponent, key.modulus)
+    ret < 0 && (ret += key.modulus)
+    return ret
+end
 
 """
     RSAStep(::pkcs1_v1_5_t, msg::AbstractVector{T}, key::RSAKey) where {T<:Base.BitInteger}
@@ -130,6 +165,38 @@ function RSAStep(::pkcs1_v1_5_t, msg::String, key::RSAKey)
     return transformed_msg
 end
 
+function rsaes_oaep_encrypt(M::String, key::RSAPublicKey; label="", hash=SHA.sha1, MGF=MGF1)
+    EM = pad(pkcs1_v2_2, M, key, label=label, hash=hash, MGF=MGF)
+    m = OS2IP(EM)
+    c = RSAEP(pkcs1_v1_5, m, key)
+    C = I2OSP(c, k)
+    return C
+end
+
+function rsaes_oaep_decrypt(C::String, key::RSAPublicKey; label="", hash=SHA.sha1, MGF=MGF1)
+    c = OS2IP(C)
+    m = RSADP(pkcs1_v1_5, c, key)
+    EM = I2OSP(m, k)
+    M = unpad(pkcs1_v2_2, EM, key, label=label, hash=hash, MGF=MGF)
+    return M
+end
+
+function rsaes_pkvs1_v1_5_encrypt(M::String, key::RSAPublicKey)
+    EM = pad(pkcs1_v1_5, M)
+    m = OS2IP(EM)
+    c = RSAEP(pkcs1_v1_5, m, key)
+    C = I2OSP(c)
+    return C
+end
+
+function rsaes_pkvs1_v1_5_decrypt(C::String, key::RSAPrivateKey)
+    c = OS2IP(C)
+    m = RSADP(pkcs1_v1_5, c, key)
+    EM = I2OSP(m)
+    m = unpad(pkcs1_v1_5, EM)
+    return m
+end
+
 """
     encrypt(::pkcs1_v1_5_t,
             msg::Union{AbstractString,AbstractVector},
@@ -207,8 +274,9 @@ end
 
 Sign string with RSA key.
 """
-function sign(::pkcs1_v1_5_t, msg::String, key::RSAPrivateKey; pad_length=32)
-    digest = SHA.sha256(msg)
+function sign(::pkcs1_v1_5_t, msg::String, key::RSAPrivateKey; pad_length=32, hash=SHA.sha1)
+    error("needs reimplementing to be pkcs1_v1_5_t compliant") |> throw
+    digest = hash(msg)
     msg_padded = ToyPublicKeys.pad(pkcs1_v1_5, digest, pad_length)
     return String(RSAStep(pkcs1_v1_5, msg_padded, key))
 end
@@ -218,8 +286,9 @@ end
 
 Sign AbstractVector (arbitrary buffer using [SHA256](https://en.wikipedia.org/wiki/SHA-2)) with RSA key.
 """
-function sign(::pkcs1_v1_5_t, msg::AbstractVector, key::RSAPrivateKey; pad_length=32)
-    digest = SHA.sha256(String(msg))
+function sign(::pkcs1_v1_5_t, msg::AbstractVector, key::RSAPrivateKey; pad_length=32, hash=SHA.sha1)
+    error("needs reimplementing to be pkcs1_v1_5_t compliant") |> throw
+    digest = hash(String(msg))
     msg_padded = ToyPublicKeys.pad(pkcs1_v1_5, digest, pad_length)
     return RSAStep(pkcs1_v1_5, msg_padded, key)
 end
@@ -229,10 +298,11 @@ end
 
 Verify the signature.
 """
-function verify_signature(::pkcs1_v1_5_t, msg::String, signature::String, key::RSAPublicKey)
+function verify_signature(::pkcs1_v1_5_t, msg::String, signature::String, key::RSAPublicKey, hash=SHA.sha1)
+    error("needs reimplementing to be pkcs1_v1_5_t compliant") |> throw
     signature_ = codeunits(signature)
     signature_decr = ToyPublicKeys.RSAStep(pkcs1_v1_5, signature_, key)
     unpaded_hash = ToyPublicKeys.unpad(pkcs1_v1_5, vcat(typeof(signature_decr)([0]), signature_decr)) # todo: leading zero is ignored, gotta deal with this
-    digest = SHA.sha256(msg)
+    digest = hash(msg)
     return unpaded_hash == digest
 end

test/rsa.jl

@@ -68,7 +68,7 @@ end
 @testset "RSAStep(RSAStep) is identity ~ BigInt" begin
     Random.seed!(42)
     private_key, public_key = ToyPublicKeys.generate_rsa_key_pair(ToyPublicKeys.pkcs1_v1_5, 2048)
-    msg = big"2"
+    msg = big"123"
     encrypted = ToyPublicKeys.RSAStep(ToyPublicKeys.pkcs1_v1_5, msg, public_key)
     decrypted = ToyPublicKeys.RSAStep(ToyPublicKeys.pkcs1_v1_5, encrypted, private_key)
     @test msg == decrypted
@@ -77,7 +77,7 @@ end
 @testset "RSAStep(RSAStep) is identity ~ CodeUnits" begin
     Random.seed!(42)
     private_key, public_key = ToyPublicKeys.generate_rsa_key_pair(ToyPublicKeys.pkcs1_v1_5, 2048)
-    msg = codeunits("2")
+    msg = codeunits("123")
     encrypted = ToyPublicKeys.RSAStep(ToyPublicKeys.pkcs1_v1_5, msg, public_key)
     decrypted = ToyPublicKeys.RSAStep(ToyPublicKeys.pkcs1_v1_5, encrypted, private_key)
     @test msg == decrypted
@@ -86,7 +86,7 @@ end
 @testset "RSAStep(RSAStep) is identity ~ String" begin
     Random.seed!(42)
     private_key, public_key = ToyPublicKeys.generate_rsa_key_pair(ToyPublicKeys.pkcs1_v1_5, 2048)
-    msg = "2"
+    msg = "123"
     encrypted = ToyPublicKeys.RSAStep(ToyPublicKeys.pkcs1_v1_5, msg, public_key)
     decrypted = ToyPublicKeys.RSAStep(ToyPublicKeys.pkcs1_v1_5, encrypted, private_key)
     @test msg == decrypted
@@ -95,7 +95,7 @@ end
 @testset "Decryption(Encryption) is identity ~ CodeUnits" begin
     Random.seed!(42)
     private_key, public_key = ToyPublicKeys.generate_rsa_key_pair(ToyPublicKeys.pkcs1_v1_5, 2048)
-    msg = Base.CodeUnits("1")
+    msg = Base.CodeUnits("123")
     encrypted = ToyPublicKeys.encrypt(ToyPublicKeys.pkcs1_v1_5, msg, public_key)
     decrypted = ToyPublicKeys.decrypt(ToyPublicKeys.pkcs1_v1_5, encrypted, private_key)
     @test decrypted == msg
@@ -104,16 +104,16 @@ end
 @testset "Decryption(Encryption) is identity ~ String" begin
     Random.seed!(42)
     private_key, public_key = ToyPublicKeys.generate_rsa_key_pair(ToyPublicKeys.pkcs1_v1_5, 2048)
-    msg = "1"
+    msg = "123"
     encrypted = ToyPublicKeys.encrypt(ToyPublicKeys.pkcs1_v1_5, msg, public_key)
     decrypted = ToyPublicKeys.decrypt(ToyPublicKeys.pkcs1_v1_5, encrypted, private_key)
     @test decrypted == msg
 end
 
-@testset "verify_signature(sign) is true ~ String" begin
+@testset "RSASP1(RSAVP1) is true" begin
     Random.seed!(42)
     private_key, public_key = ToyPublicKeys.generate_rsa_key_pair(ToyPublicKeys.pkcs1_v1_5, 2048)
-    msg = "1"
-    signature = ToyPublicKeys.sign(ToyPublicKeys.pkcs1_v1_5, msg, private_key)
-    @test ToyPublicKeys.verify_signature(ToyPublicKeys.pkcs1_v1_5, msg, signature, public_key) == true
+    msg = big"3"
+    signature = ToyPublicKeys.RSASP1(ToyPublicKeys.pkcs1_v1_5, msg, private_key)
+    @test ToyPublicKeys.RSAVP1(ToyPublicKeys.pkcs1_v1_5, signature, public_key) == msg
 end