Beispiel #1
0
int TestPK(prng_state * PRNG)
{
    int     err = CRYPT_OK;
    int     i;
    
    ecc_key     eccKey;
    uint8_t        PT[PTsize];
    uint8_t        CT[256];
    uint8_t        DT[PTsize];
    unsigned long   z,w;
    
 
    uint8_t        PrivKey[256];
    uint8_t        PubKey[256];
   
 //   uint8_t             tempBuf[256];
 //   unsigned long       tempLen;

    
    printf("\nTesting PK\n");
   
    // fill PT
    for(i = 0; i< PTsize; i++) PT[i]= i;
      
    DO( ecc_make_key(PRNG, find_prng ("yarrow"),  384/8, &eccKey));
  
    z = sizeof(PubKey);
     DO( ecc_export(PubKey, &z, PK_PUBLIC, &eccKey));
    printf("\tPub Key (%ld bytes)\n", z);
    dumpHex(PubKey,  z, 8);
     
    z = sizeof(PrivKey);
   DO( ecc_export(PrivKey, &z, PK_PRIVATE, &eccKey));
    printf("\n\tPriv Key (%ld bytes)\n", z);
    dumpHex(PrivKey,  z, 8);
     
    z = 384; 
    DO( ecc_encrypt_key(PT, PTsize, CT, &z, 
                        PRNG, 
                        find_prng("yarrow"), 
                        find_hash("sha256"),
                        &eccKey));
 
    printf("\n\tEncrypted message (%ld bytes)\n", z);
    dumpHex(CT,  z, 0);
    
    DO( ecc_decrypt_key(CT, z, DT, &w, &eccKey));
      
    /* check against know-answer */
    DO(compareResults( DT, PT, PTsize , kResultFormat_Byte, "ECC Decrypt"));
    printf("\n\tDecrypted OK\n");
    dumpHex(DT,  w, 0);
 
      ecc_free(&eccKey);
    
    return err;
    
}
Beispiel #2
0
/* { saveKeyToFile start } */
void saveKeyToFile(ecc_key* key, char* fileName, int type){
	int err;
	unsigned char keyArray[2048];
	unsigned long keyLength = 2048;
	if ((err = ecc_export(keyArray, &keyLength, type, key)) != CRYPT_OK) {
		printf("Error setting ,%i, %s\n",err, error_to_string(err));
		exit(EXIT_FAILURE);
	}
	FILE *file;
	file = fopen(fileName,"wb");  // w for write, b for binary
	fwrite((char*)&keyLength, 4,1,file);
	fwrite(keyArray,keyLength,1,file);
	fclose(file);
}
Beispiel #3
0
C4Err ECC_Export(ECC_ContextRef  ctx, int exportPrivate, void *outData, size_t bufSize, size_t *datSize)
{
    C4Err           err = kC4Err_NoErr;
    unsigned long   length = bufSize;
    int             keyType = PK_PUBLIC;
    
    validateECCContext(ctx);
    
    ValidateParam(ctx->isInited);
    
    keyType =  exportPrivate?PK_PRIVATE:PK_PUBLIC;
    
    err = ecc_export(outData, &length, keyType, &ctx->key); CKERR;
    
    *datSize = length;
    
done:
    
    return (err);
    
}
Beispiel #4
0
/** Generates and returns a new (privkey, pubkey) ECDH key pair.
 * Keys are represented as Lua strings, the private one under a libtomcrypt
 * proprietary format, the public one under X9.63 format. */
static int lnew( lua_State *L) {
    prng_state prng;
    int prng_initialized = 0;
    ecc_key key;

    int idx = find_prng("fortuna");
    if( -1 == idx) goto failure;
    if( CRYPT_OK != rng_make_prng( ENTROPY, idx, & prng, NULL)) goto failure;
    prng_initialized=1;

    /* Generate the 512 bits ECC key in privkey. */
    if( CRYPT_OK != ecc_make_key( & prng, idx, 64, & key)) goto failure;

    /* Buffer will hold both the private and public key transiently,
     * until each of them is transformed into a Lua string. */
    unsigned char buff [BUFF_SIZE];
    unsigned long buff_len = BUFF_SIZE;

    /* Push the string representation of privkey (tomcrypt's proprietary format). */
    if( CRYPT_OK != ecc_export( buff, & buff_len, PK_PRIVATE, & key)) goto failure;
    lua_pushlstring( L, (const char*) buff, buff_len);

    /* Push the string representation of pubkey (ANSI X9.63 format, which only
     * supports public keys. This is the format expected by the server). */
    if( CRYPT_OK != ecc_ansi_x963_export( & key, buff, & buff_len)) goto failure;
    lua_pushlstring( L, (const char *) buff, buff_len);

    fortuna_done( & prng);
    return 2;

    failure:
    /* TODO: release resources */
    if( prng_initialized) fortuna_done( & prng);
    lua_pushnil( L);
    lua_pushstring( L, "error");
    return 2;
}
Beispiel #5
0
/**
  Encrypt a symmetric key with ECC 
  @param in         The symmetric key you want to encrypt
  @param inlen      The length of the key to encrypt (octets)
  @param out        [out] The destination for the ciphertext
  @param outlen     [in/out] The max size and resulting size of the ciphertext
  @param prng       An active PRNG state
  @param wprng      The index of the PRNG you wish to use 
  @param hash       The index of the hash you want to use 
  @param key        The ECC key you want to encrypt to
  @return CRYPT_OK if successful
*/
int ecc_encrypt_key(const unsigned char *in,   unsigned long inlen,
                          unsigned char *out,  unsigned long *outlen, 
                          prng_state *prng, int wprng, int hash, 
                          ecc_key *key)
{
    unsigned char *pub_expt, *ecc_shared, *skey;
    ecc_key        pubkey;
    unsigned long  x, y, pubkeysize;
    int            err;

    LTC_ARGCHK(in      != NULL);
    LTC_ARGCHK(out     != NULL);
    LTC_ARGCHK(outlen  != NULL);
    LTC_ARGCHK(key     != NULL);

    /* check that wprng/cipher/hash are not invalid */
    if ((err = prng_is_valid(wprng)) != CRYPT_OK) {
       return err;
    }

    if ((err = hash_is_valid(hash)) != CRYPT_OK) {
       return err;
    }

    if (inlen > hash_descriptor[hash].hashsize) {
       return CRYPT_INVALID_HASH;
    }

    /* make a random key and export the public copy */
    if ((err = ecc_make_key_ex(prng, wprng, &pubkey, key->dp)) != CRYPT_OK) {
       return err;
    }

    pub_expt   = XMALLOC(ECC_BUF_SIZE);
    ecc_shared = XMALLOC(ECC_BUF_SIZE);
    skey       = XMALLOC(MAXBLOCKSIZE);
    if (pub_expt == NULL || ecc_shared == NULL || skey == NULL) {
       if (pub_expt != NULL) {
          XFREE(pub_expt);
       }
       if (ecc_shared != NULL) {
          XFREE(ecc_shared);
       }
       if (skey != NULL) {
          XFREE(skey);
       }
       ecc_free(&pubkey);
       return CRYPT_MEM;
    }

    pubkeysize = ECC_BUF_SIZE;
    if ((err = ecc_export(pub_expt, &pubkeysize, PK_PUBLIC, &pubkey)) != CRYPT_OK) {
       ecc_free(&pubkey);
       goto LBL_ERR;
    }
    
    /* make random key */
    x        = ECC_BUF_SIZE;
    if ((err = ecc_shared_secret(&pubkey, key, ecc_shared, &x)) != CRYPT_OK) {
       ecc_free(&pubkey);
       goto LBL_ERR;
    }
    ecc_free(&pubkey);
    y = MAXBLOCKSIZE;
    if ((err = hash_memory(hash, ecc_shared, x, skey, &y)) != CRYPT_OK) {
       goto LBL_ERR;
    }
    
    /* Encrypt key */
    for (x = 0; x < inlen; x++) {
      skey[x] ^= in[x];
    }

    err = der_encode_sequence_multi(out, outlen,
                                    LTC_ASN1_OBJECT_IDENTIFIER,  hash_descriptor[hash].OIDlen,   hash_descriptor[hash].OID,
                                    LTC_ASN1_OCTET_STRING,       pubkeysize,                     pub_expt,
                                    LTC_ASN1_OCTET_STRING,       inlen,                          skey,
                                    LTC_ASN1_EOL,                0UL,                            NULL);

LBL_ERR:
#ifdef LTC_CLEAN_STACK
    /* clean up */
    zeromem(pub_expt,   ECC_BUF_SIZE);
    zeromem(ecc_shared, ECC_BUF_SIZE);
    zeromem(skey,       MAXBLOCKSIZE);
#endif

    XFREE(skey);
    XFREE(ecc_shared);
    XFREE(pub_expt);

    return err;
}
Beispiel #6
0
int ecc_tests (void)
{
  unsigned char buf[4][4096];
  unsigned long x, y, z, s;
  int           stat, stat2;
  ecc_key usera, userb, pubKey, privKey;
	
  DO(ecc_test ());
  DO(ecc_test ());
  DO(ecc_test ());
  DO(ecc_test ());
  DO(ecc_test ());

  for (s = 0; s < (sizeof(sizes)/sizeof(sizes[0])); s++) {
     /* make up two keys */
     DO(ecc_make_key (&yarrow_prng, find_prng ("yarrow"), sizes[s], &usera));
     DO(ecc_make_key (&yarrow_prng, find_prng ("yarrow"), sizes[s], &userb));

     /* make the shared secret */
     x = sizeof(buf[0]);
     DO(ecc_shared_secret (&usera, &userb, buf[0], &x));

     y = sizeof(buf[1]);
     DO(ecc_shared_secret (&userb, &usera, buf[1], &y));

     if (y != x) {
       fprintf(stderr, "ecc Shared keys are not same size.");
       return 1;
     }

     if (memcmp (buf[0], buf[1], x)) {
       fprintf(stderr, "ecc Shared keys not same contents.");
       return 1;
     }

     /* now export userb */
     y = sizeof(buf[0]);
     DO(ecc_export (buf[1], &y, PK_PUBLIC, &userb));
     ecc_free (&userb);

     /* import and make the shared secret again */
     DO(ecc_import (buf[1], y, &userb));

     z = sizeof(buf[0]);
     DO(ecc_shared_secret (&usera, &userb, buf[2], &z));

     if (z != x) {
       fprintf(stderr, "failed.  Size don't match?");
       return 1;
     }
     if (memcmp (buf[0], buf[2], x)) {
       fprintf(stderr, "Failed.  Contents didn't match.");
       return 1;
     }

     /* export with ANSI X9.63 */
     y = sizeof(buf[1]);
     DO(ecc_ansi_x963_export(&userb, buf[1], &y));
     ecc_free (&userb);

     /* now import the ANSI key */
     DO(ecc_ansi_x963_import(buf[1], y, &userb));

     /* shared secret */
     z = sizeof(buf[0]);
     DO(ecc_shared_secret (&usera, &userb, buf[2], &z));

     if (z != x) {
       fprintf(stderr, "failed.  Size don't match?");
       return 1;
     }
     if (memcmp (buf[0], buf[2], x)) {
       fprintf(stderr, "Failed.  Contents didn't match.");
       return 1;
     }

     ecc_free (&usera);
     ecc_free (&userb);

     /* test encrypt_key */
     DO(ecc_make_key (&yarrow_prng, find_prng ("yarrow"), sizes[s], &usera));

     /* export key */
     x = sizeof(buf[0]);
     DO(ecc_export(buf[0], &x, PK_PUBLIC, &usera));
     DO(ecc_import(buf[0], x, &pubKey));
     x = sizeof(buf[0]);
     DO(ecc_export(buf[0], &x, PK_PRIVATE, &usera));
     DO(ecc_import(buf[0], x, &privKey));

     for (x = 0; x < 32; x++) {
        buf[0][x] = x;
     }
     y = sizeof (buf[1]);
     DO(ecc_encrypt_key (buf[0], 32, buf[1], &y, &yarrow_prng, find_prng ("yarrow"), find_hash ("sha256"), &pubKey));
     zeromem (buf[0], sizeof (buf[0]));
     x = sizeof (buf[0]);
     DO(ecc_decrypt_key (buf[1], y, buf[0], &x, &privKey));
     if (x != 32) {
       fprintf(stderr, "Failed (length)");
       return 1;
     }
     for (x = 0; x < 32; x++) {
        if (buf[0][x] != x) {
           fprintf(stderr, "Failed (contents)");
           return 1;
        }
     }
     /* test sign_hash */
     for (x = 0; x < 16; x++) {
        buf[0][x] = x;
     }
     x = sizeof (buf[1]);
     DO(ecc_sign_hash (buf[0], 16, buf[1], &x, &yarrow_prng, find_prng ("yarrow"), &privKey));
     DO(ecc_verify_hash (buf[1], x, buf[0], 16, &stat, &pubKey));
     buf[0][0] ^= 1;
     DO(ecc_verify_hash (buf[1], x, buf[0], 16, &stat2, &privKey));
     if (!(stat == 1 && stat2 == 0)) { 
        fprintf(stderr, "ecc_verify_hash failed %d, %d, ", stat, stat2);
        return 1;
     }
     ecc_free (&usera); 
     ecc_free (&pubKey);
     ecc_free (&privKey);
  }
#ifdef LTC_ECC_SHAMIR
  return ecc_test_shamir();
#else
  return 0;
#endif
}