From 9dcff17ee0075213fa3f2fefcaa6579336f68be1 Mon Sep 17 00:00:00 2001 From: Justus Winter Date: Thu, 16 Jan 2020 15:21:33 +0100 Subject: openpgp: Consolidate public key encryption code. --- openpgp/src/crypto/asymmetric.rs | 36 ++++++++++++++++++++++++++++++++++++ openpgp/src/packet/pkesk.rs | 39 ++------------------------------------- 2 files changed, 38 insertions(+), 37 deletions(-) (limited to 'openpgp') diff --git a/openpgp/src/crypto/asymmetric.rs b/openpgp/src/crypto/asymmetric.rs index 7185a471..e8dd32e4 100644 --- a/openpgp/src/crypto/asymmetric.rs +++ b/openpgp/src/crypto/asymmetric.rs @@ -269,3 +269,39 @@ impl From for Key { key.mark_parts_secret().expect("XXX") } } + +impl Key { + /// Encrypts the given data with this key. + pub fn encrypt(&self, data: &SessionKey) -> Result { + use crate::PublicKeyAlgorithm::*; + + #[allow(deprecated)] + match self.pk_algo() { + RSAEncryptSign | RSAEncrypt => { + // Extract the public recipient. + match self.mpis() { + mpis::PublicKey::RSA { e, n } => { + // The ciphertext has the length of the modulus. + let mut esk = vec![0u8; n.value().len()]; + let mut rng = Yarrow::default(); + let pk = rsa::PublicKey::new(n.value(), e.value())?; + rsa::encrypt_pkcs1(&pk, &mut rng, data, + &mut esk)?; + Ok(mpis::Ciphertext::RSA { + c: MPI::new(&esk), + }) + }, + pk => { + Err(Error::MalformedPacket( + format!( + "Key: Expected RSA public key, got {:?}", + pk)).into()) + }, + } + }, + ECDH => crate::crypto::ecdh::encrypt(self.mark_parts_public_ref(), + data), + algo => Err(Error::UnsupportedPublicKeyAlgorithm(algo).into()), + } + } +} diff --git a/openpgp/src/packet/pkesk.rs b/openpgp/src/packet/pkesk.rs index 5b2a9ae9..3554f991 100644 --- a/openpgp/src/packet/pkesk.rs +++ b/openpgp/src/packet/pkesk.rs @@ -12,14 +12,12 @@ use crate::packet::key; use crate::packet::Key; use crate::KeyID; use crate::crypto::Decryptor; -use crate::crypto::mpis::{self, MPI, Ciphertext}; +use crate::crypto::mpis::Ciphertext; use crate::Packet; use crate::PublicKeyAlgorithm; use crate::Result; use crate::SymmetricAlgorithm; use crate::crypto::SessionKey; -use crate::crypto::ecdh; -use nettle::{rsa, Yarrow}; use crate::packet; /// Holds an asymmetrically encrypted session key. @@ -81,9 +79,6 @@ impl PKESK3 { -> Result where R: key::KeyRole { - use crate::PublicKeyAlgorithm::*; - let mut rng = Yarrow::default(); - // We need to prefix the cipher specifier to the session key, // and a two-octet checksum. let mut psk = Vec::with_capacity(1 + session_key.len() + 2); @@ -96,37 +91,7 @@ impl PKESK3 { psk.push((checksum >> 8) as u8); psk.push((checksum >> 0) as u8); let psk: SessionKey = psk.into(); - - #[allow(deprecated)] - let esk = match recipient.pk_algo() { - RSAEncryptSign | RSAEncrypt => { - // Extract the public recipient. - match recipient.mpis() { - &mpis::PublicKey::RSA { ref e, ref n } => { - // The ciphertext has the length of the modulus. - let mut esk = vec![0u8; n.value().len()]; - - let pk = rsa::PublicKey::new(n.value(), e.value())?; - rsa::encrypt_pkcs1(&pk, &mut rng, &psk, &mut esk)?; - Ciphertext::RSA {c: MPI::new(&esk)} - } - - pk => { - return Err( - Error::MalformedPacket( - format!( - "Key: Expected RSA public key, got {:?}", - pk)).into()); - } - } - }, - - ECDH => ecdh::encrypt(recipient, &psk)?, - - algo => - return Err(Error::UnsupportedPublicKeyAlgorithm(algo).into()), - }; - + let esk = recipient.encrypt(&psk)?; Ok(PKESK3{ common: Default::default(), recipient: recipient.keyid(), -- cgit v1.2.3