|
From: | Mads Kiilerich |
Subject: | Re: Raw RSA encryption |
Date: | Sun, 25 Jul 2010 04:33:26 +0200 |
User-agent: | Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.4) Gecko/20100624 Fedora/3.1-1.fc13 Thunderbird/3.1 |
Nikos Mavrogiannopoulos wrote, On 07/24/2010 11:05 AM:
On 07/24/2010 03:07 AM, Mads Kiilerich wrote:Hi The new gnutls/crypto.h exposes fine functionality for using stream/block ciphers and hash algorithms directly. But I also need raw RSA encryption and can't figure out how to do it - or if it is possible. I just need the basic modulo-exponentiation, for example with values from gnutls_x509_crt_get_pk_rsa_raw.I question might be, why you want to do that? GnuTLS tries to hide that by providing high level functions to manage certificates and keys.
I'm trying to use GnuTLS for the MS RDP protocol which both have a TLS mode and a homebrew mode where certificates and rc4 and md5 and sha and RSA is used in a different way.
I'm obviously trying to use GnuTLS for something it wasn't intended for. I assume that the new crypto.h stuff also don't have any use if GnuTLS is used for what it was intended to be used for through high level functions. Apparently PK stuff was left out from crypto.h. I wonder why you stopped there, but it is fair enough if that is how you want it.
It seems like it is possible to register such a function with gnutls_crypto_pk_register2, but there is no way to retrieve the internal implementation? Or is it OK to use _gnutls_pk_ops.encrypt?There is no exported API for that. It is probably possible to do it, but it is not trivial, and would require a big deal of new API functions and datatypes to maintain.
It seems to me like you already have the needed datatypes and that the API wouldn't have to be more complex than what already has been done for hash and ciphers. But I don't know which problems you see.
Or should I access gcrypt directly, possibly by duplicating the content of _wrap_gcry_pk_encrypt? (In either case it seems like I need to figure out how the simple bigendian format of gnutls_datum_t from gnutls_x509_crt_get_pk_rsa_raw relates to bigint_t?)The gnutls_datum_t contains the big integer in an unsigned format that is importable by almost all crypto libraries (and thus libgcrypt). The bigint_t is the gnutls crypto library's internal representation of that.
I will try something like that. Thanks. /Mads
[Prev in Thread] | Current Thread | [Next in Thread] |