int TestPK(prng_state * PRNG)
{
int err = CRYPT_OK;
int i;
ecc_key eccKey;
uint8_t PT[PTsize];
uint8_t CT[256];
uint8_t DT[PTsize];
unsigned long z,w;
uint8_t PrivKey[256];
uint8_t PubKey[256];
// uint8_t tempBuf[256];
// unsigned long tempLen;
printf("\nTesting PK\n");
// fill PT
for(i = 0; i< PTsize; i++) PT[i]= i;
DO( ecc_make_key(PRNG, find_prng ("yarrow"), 384/8, &eccKey));
z = sizeof(PubKey);
DO( ecc_export(PubKey, &z, PK_PUBLIC, &eccKey));
printf("\tPub Key (%ld bytes)\n", z);
dumpHex(PubKey, z, 8);
z = sizeof(PrivKey);
DO( ecc_export(PrivKey, &z, PK_PRIVATE, &eccKey));
printf("\n\tPriv Key (%ld bytes)\n", z);
dumpHex(PrivKey, z, 8);
z = 384;
DO( ecc_encrypt_key(PT, PTsize, CT, &z,
PRNG,
find_prng("yarrow"),
find_hash("sha256"),
&eccKey));
printf("\n\tEncrypted message (%ld bytes)\n", z);
dumpHex(CT, z, 0);
DO( ecc_decrypt_key(CT, z, DT, &w, &eccKey));
/* check against know-answer */
DO(compareResults( DT, PT, PTsize , kResultFormat_Byte, "ECC Decrypt"));
printf("\n\tDecrypted OK\n");
dumpHex(DT, w, 0);
ecc_free(&eccKey);
return err;
}
/* { saveKeyToFile start } */
void saveKeyToFile(ecc_key* key, char* fileName, int type){
int err;
unsigned char keyArray[2048];
unsigned long keyLength = 2048;
if ((err = ecc_export(keyArray, &keyLength, type, key)) != CRYPT_OK) {
printf("Error setting ,%i, %s\n",err, error_to_string(err));
exit(EXIT_FAILURE);
}
FILE *file;
file = fopen(fileName,"wb"); // w for write, b for binary
fwrite((char*)&keyLength, 4,1,file);
fwrite(keyArray,keyLength,1,file);
fclose(file);
}
C4Err ECC_Export(ECC_ContextRef ctx, int exportPrivate, void *outData, size_t bufSize, size_t *datSize)
{
C4Err err = kC4Err_NoErr;
unsigned long length = bufSize;
int keyType = PK_PUBLIC;
validateECCContext(ctx);
ValidateParam(ctx->isInited);
keyType = exportPrivate?PK_PRIVATE:PK_PUBLIC;
err = ecc_export(outData, &length, keyType, &ctx->key); CKERR;
*datSize = length;
done:
return (err);
}
/** Generates and returns a new (privkey, pubkey) ECDH key pair.
* Keys are represented as Lua strings, the private one under a libtomcrypt
* proprietary format, the public one under X9.63 format. */
static int lnew( lua_State *L) {
prng_state prng;
int prng_initialized = 0;
ecc_key key;
int idx = find_prng("fortuna");
if( -1 == idx) goto failure;
if( CRYPT_OK != rng_make_prng( ENTROPY, idx, & prng, NULL)) goto failure;
prng_initialized=1;
/* Generate the 512 bits ECC key in privkey. */
if( CRYPT_OK != ecc_make_key( & prng, idx, 64, & key)) goto failure;
/* Buffer will hold both the private and public key transiently,
* until each of them is transformed into a Lua string. */
unsigned char buff [BUFF_SIZE];
unsigned long buff_len = BUFF_SIZE;
/* Push the string representation of privkey (tomcrypt's proprietary format). */
if( CRYPT_OK != ecc_export( buff, & buff_len, PK_PRIVATE, & key)) goto failure;
lua_pushlstring( L, (const char*) buff, buff_len);
/* Push the string representation of pubkey (ANSI X9.63 format, which only
* supports public keys. This is the format expected by the server). */
if( CRYPT_OK != ecc_ansi_x963_export( & key, buff, & buff_len)) goto failure;
lua_pushlstring( L, (const char *) buff, buff_len);
fortuna_done( & prng);
return 2;
failure:
/* TODO: release resources */
if( prng_initialized) fortuna_done( & prng);
lua_pushnil( L);
lua_pushstring( L, "error");
return 2;
}
/**
Encrypt a symmetric key with ECC
@param in The symmetric key you want to encrypt
@param inlen The length of the key to encrypt (octets)
@param out [out] The destination for the ciphertext
@param outlen [in/out] The max size and resulting size of the ciphertext
@param prng An active PRNG state
@param wprng The index of the PRNG you wish to use
@param hash The index of the hash you want to use
@param key The ECC key you want to encrypt to
@return CRYPT_OK if successful
*/
int ecc_encrypt_key(const unsigned char *in, unsigned long inlen,
unsigned char *out, unsigned long *outlen,
prng_state *prng, int wprng, int hash,
ecc_key *key)
{
unsigned char *pub_expt, *ecc_shared, *skey;
ecc_key pubkey;
unsigned long x, y, pubkeysize;
int err;
LTC_ARGCHK(in != NULL);
LTC_ARGCHK(out != NULL);
LTC_ARGCHK(outlen != NULL);
LTC_ARGCHK(key != NULL);
/* check that wprng/cipher/hash are not invalid */
if ((err = prng_is_valid(wprng)) != CRYPT_OK) {
return err;
}
if ((err = hash_is_valid(hash)) != CRYPT_OK) {
return err;
}
if (inlen > hash_descriptor[hash].hashsize) {
return CRYPT_INVALID_HASH;
}
/* make a random key and export the public copy */
if ((err = ecc_make_key_ex(prng, wprng, &pubkey, key->dp)) != CRYPT_OK) {
return err;
}
pub_expt = XMALLOC(ECC_BUF_SIZE);
ecc_shared = XMALLOC(ECC_BUF_SIZE);
skey = XMALLOC(MAXBLOCKSIZE);
if (pub_expt == NULL || ecc_shared == NULL || skey == NULL) {
if (pub_expt != NULL) {
XFREE(pub_expt);
}
if (ecc_shared != NULL) {
XFREE(ecc_shared);
}
if (skey != NULL) {
XFREE(skey);
}
ecc_free(&pubkey);
return CRYPT_MEM;
}
pubkeysize = ECC_BUF_SIZE;
if ((err = ecc_export(pub_expt, &pubkeysize, PK_PUBLIC, &pubkey)) != CRYPT_OK) {
ecc_free(&pubkey);
goto LBL_ERR;
}
/* make random key */
x = ECC_BUF_SIZE;
if ((err = ecc_shared_secret(&pubkey, key, ecc_shared, &x)) != CRYPT_OK) {
ecc_free(&pubkey);
goto LBL_ERR;
}
ecc_free(&pubkey);
y = MAXBLOCKSIZE;
if ((err = hash_memory(hash, ecc_shared, x, skey, &y)) != CRYPT_OK) {
goto LBL_ERR;
}
/* Encrypt key */
for (x = 0; x < inlen; x++) {
skey[x] ^= in[x];
}
err = der_encode_sequence_multi(out, outlen,
LTC_ASN1_OBJECT_IDENTIFIER, hash_descriptor[hash].OIDlen, hash_descriptor[hash].OID,
LTC_ASN1_OCTET_STRING, pubkeysize, pub_expt,
LTC_ASN1_OCTET_STRING, inlen, skey,
LTC_ASN1_EOL, 0UL, NULL);
LBL_ERR:
#ifdef LTC_CLEAN_STACK
/* clean up */
zeromem(pub_expt, ECC_BUF_SIZE);
zeromem(ecc_shared, ECC_BUF_SIZE);
zeromem(skey, MAXBLOCKSIZE);
#endif
XFREE(skey);
XFREE(ecc_shared);
XFREE(pub_expt);
return err;
}
int ecc_tests (void)
{
unsigned char buf[4][4096];
unsigned long x, y, z, s;
int stat, stat2;
ecc_key usera, userb, pubKey, privKey;
DO(ecc_test ());
DO(ecc_test ());
DO(ecc_test ());
DO(ecc_test ());
DO(ecc_test ());
for (s = 0; s < (sizeof(sizes)/sizeof(sizes[0])); s++) {
/* make up two keys */
DO(ecc_make_key (&yarrow_prng, find_prng ("yarrow"), sizes[s], &usera));
DO(ecc_make_key (&yarrow_prng, find_prng ("yarrow"), sizes[s], &userb));
/* make the shared secret */
x = sizeof(buf[0]);
DO(ecc_shared_secret (&usera, &userb, buf[0], &x));
y = sizeof(buf[1]);
DO(ecc_shared_secret (&userb, &usera, buf[1], &y));
if (y != x) {
fprintf(stderr, "ecc Shared keys are not same size.");
return 1;
}
if (memcmp (buf[0], buf[1], x)) {
fprintf(stderr, "ecc Shared keys not same contents.");
return 1;
}
/* now export userb */
y = sizeof(buf[0]);
DO(ecc_export (buf[1], &y, PK_PUBLIC, &userb));
ecc_free (&userb);
/* import and make the shared secret again */
DO(ecc_import (buf[1], y, &userb));
z = sizeof(buf[0]);
DO(ecc_shared_secret (&usera, &userb, buf[2], &z));
if (z != x) {
fprintf(stderr, "failed. Size don't match?");
return 1;
}
if (memcmp (buf[0], buf[2], x)) {
fprintf(stderr, "Failed. Contents didn't match.");
return 1;
}
/* export with ANSI X9.63 */
y = sizeof(buf[1]);
DO(ecc_ansi_x963_export(&userb, buf[1], &y));
ecc_free (&userb);
/* now import the ANSI key */
DO(ecc_ansi_x963_import(buf[1], y, &userb));
/* shared secret */
z = sizeof(buf[0]);
DO(ecc_shared_secret (&usera, &userb, buf[2], &z));
if (z != x) {
fprintf(stderr, "failed. Size don't match?");
return 1;
}
if (memcmp (buf[0], buf[2], x)) {
fprintf(stderr, "Failed. Contents didn't match.");
return 1;
}
ecc_free (&usera);
ecc_free (&userb);
/* test encrypt_key */
DO(ecc_make_key (&yarrow_prng, find_prng ("yarrow"), sizes[s], &usera));
/* export key */
x = sizeof(buf[0]);
DO(ecc_export(buf[0], &x, PK_PUBLIC, &usera));
DO(ecc_import(buf[0], x, &pubKey));
x = sizeof(buf[0]);
DO(ecc_export(buf[0], &x, PK_PRIVATE, &usera));
DO(ecc_import(buf[0], x, &privKey));
for (x = 0; x < 32; x++) {
buf[0][x] = x;
}
y = sizeof (buf[1]);
DO(ecc_encrypt_key (buf[0], 32, buf[1], &y, &yarrow_prng, find_prng ("yarrow"), find_hash ("sha256"), &pubKey));
zeromem (buf[0], sizeof (buf[0]));
x = sizeof (buf[0]);
DO(ecc_decrypt_key (buf[1], y, buf[0], &x, &privKey));
if (x != 32) {
fprintf(stderr, "Failed (length)");
return 1;
}
for (x = 0; x < 32; x++) {
if (buf[0][x] != x) {
fprintf(stderr, "Failed (contents)");
return 1;
}
}
/* test sign_hash */
for (x = 0; x < 16; x++) {
buf[0][x] = x;
}
x = sizeof (buf[1]);
DO(ecc_sign_hash (buf[0], 16, buf[1], &x, &yarrow_prng, find_prng ("yarrow"), &privKey));
DO(ecc_verify_hash (buf[1], x, buf[0], 16, &stat, &pubKey));
buf[0][0] ^= 1;
DO(ecc_verify_hash (buf[1], x, buf[0], 16, &stat2, &privKey));
if (!(stat == 1 && stat2 == 0)) {
fprintf(stderr, "ecc_verify_hash failed %d, %d, ", stat, stat2);
return 1;
}
ecc_free (&usera);
ecc_free (&pubKey);
ecc_free (&privKey);
}
#ifdef LTC_ECC_SHAMIR
return ecc_test_shamir();
#else
return 0;
#endif
}