Thank you! I will try now to write the decrypt function...:-)
{Edited to point out that there was a bug in here - see later discussion. I've fixed the bug.} My bad - I meant to include it. Here 'tis : ////////////////////////////////////////////////////////////////////////////
//
void rsaDecrypt( hex_bignum_t *ciphertext_ptr, hex_bignum_t *plaintext_ptr, rsaKey_t *prikey_ptr )
{
modexp( plaintext_ptr, &(prikey_ptr->e), &(prikey_ptr->n), ciphertext_ptr );
}
Thank you for your decrypt, but I think it is not going to work. You need something like:
where, (d * e) % ((p-1)*(q-1)) = 1, p*q = n. ////////////////////////////////////////////////////////////////////////////
//
void rsaDecrypt( hex_bignum_t *ciphertext_ptr, hex_bignum_t *plaintext_ptr, rsaSecKey_t *privkey_ptr )
{
HB_modexp( ciphertext_ptr, &(privkey_ptr->d), &(privkey_ptr->n), plaintext_ptr );
}
It goes without saying (or maybe it doesn't!) that you must use valid p and q values when calculating your RSA keys. You don't say here what HB_modexp() looks like. Did you simply rename it, perhaps? The reason I didn't name it so in the first place, is because mod_exp() is not a public function. As a 'static', it is meant to be local, and only called from the encrypt/decrypt functions.
Here's some sample data and test code to try running through it - if I've made some mistake, I'd be happy to have it pointed out. // This example is from : http://www.di-mgt.com.au/rsa_alg.html#simpleexample
#define TEST_PUBLIC_KEY_EXP "010001" #define TEST_PUBLIC_KEY_MOD "A9E167983F39D55FF2A093415EA6798985C8355D9A915BFB1D01DA197026170F" \
"BDA522D035856D7A986614415CCFB7B7083B09C991B81969376DF9651E7BD9A9" \
"3324A37F3BBBAF460186363432CB07035952FC858B3104B8CC18081448E64F1C" \
"FB5D60C4E05C1F53D37F53D86901F105F87A70D1BE83C65F38CF1C2CAA6AA7EB" #define TEST_CRYPTOGRAM "0002257F48FD1F1793B7E5E02306F2D3228F5C95ADF5F31566729F132AA12009" \
"E3FC9B2B475CD6944EF191E3F59545E671E474B555799FE3756099F044964038" \
"B16B2148E9A2F9C6F44BB5C52E3C6C8061CF694145FAFDB24402AD1819EACEDF" \
"4A36C6E4D2CD8FC1D62E5A1268F496004E636AF98E40F3ADCFCCB698F4E80B9F" #define TEST_RESULT "3D2AB25B1EB667A40F504CC4D778EC399A899C8790EDECEF062CD739492C9CE5" \
"8B92B9ECF32AF4AAC7A61EAEC346449891F49A722378E008EFF0B0A8DBC6E621" \
"EDC90CEC64CF34C640F5B36C48EE9322808AF8F4A0212B28715C76F3CB99AC7E" \
"609787ADCE055839829E0142C44B676D218111FFE69F9D41424E177CBA3A435B" HB_hex_string_to_hex_bignum( TEST_PUBLIC_KEY_EXP, &(publicKey.e) );
HB_hex_string_to_hex_bignum( TEST_PUBLIC_KEY_MOD, &(publicKey.n) );
HB_int_to_hex_bignum( 0, &privateKey.e );
HB_int_to_hex_bignum( 0, &privateKey.n );
HB_hex_string_to_hex_bignum( TEST_CRYPTOGRAM, &rsaOrig );
rsaDecrypt( &rsaOrig, &rsaDecrypted, &publicKey );
HB_hex_string_to_hex_bignum( TEST_RESULT, &rsaEncrypted );
if ( HB_compare( &rsaEncrypted, &rsaDecrypted ) == 0 )
{
printf( "Passed!\n" );
}
else
{
printf( "Failed!\n" );
}
Sorry about the expmod function. As you said, I have just renamed it. This decrypt function works only for data encrypted with the private key (d,n). Thus, it is useful for checking signatures not for decrypting actual data. if you try the code below you will see it will fail: HB_hex_string_to_hex_bignum( TEST_PUBLIC_KEY_EXP, &(publicKey.e) );
HB_hex_string_to_hex_bignum( TEST_PUBLIC_KEY_MOD, &(publicKey.n) );
HB_int_to_hex_bignum( 0, &privateKey.e );
HB_int_to_hex_bignum( 0, &privateKey.n );
HB_hex_string_to_hex_bignum( TEST_RESULT, &rsaOrig );
rsaEncrypt( &rsaOrig, &rsaEncrypted, &publicKey );
rsaDecrypt( &rsaEncrypted, &rsaDecrypted, &publicKey );
if ( HB_compare( &rsaOrig, &rsaDecrypted ) == 0 )
{
printf( "Passed!\n" );
}
else
{
printf( "Failed!\n" );
}
If you encrypt data with the public key, you must decrypt it with the private key, not the public key.