Beispiel #1
0
C4Err ECC_Sign(ECC_ContextRef  privCtx, void *inData, size_t inDataLen,  void *outData, size_t bufSize, size_t *outDataLen)
{
    C4Err     err = kC4Err_NoErr;
    int          status  =  CRYPT_OK;
    unsigned long   length = bufSize;
    
    validateECCContext(privCtx);
    ValidateParam(privCtx->isInited);
    
    if(privCtx->isBLCurve)
    {
        status = ecc_bl_sign_hash(inData, inDataLen, outData,  &length,
                                  0, find_prng("sprng"),
                                  &privCtx->key);
        
    }
    else
    {
        
        status = ecc_sign_hash(inData, inDataLen, outData,  &length,
                               0, find_prng("sprng"),
                               &privCtx->key);
    }
    
    if(status != CRYPT_OK)
    {
        err = sCrypt2C4Err(status); CKERR;
    }
    
    *outDataLen = length;
    
done:
    
    return err;
}
Beispiel #2
0
C4Err ECC_Generate(ECC_ContextRef  ctx, size_t keysize )
{
    C4Err   err = kC4Err_NoErr;
    
    validateECCContext(ctx);
    
    if(keysize == 414)
    {
        ctx->isBLCurve = true;
        err = ecc_bl_make_key(NULL, find_prng("sprng"),  (int) keysize/8, &ctx->key);CKERR;
        
    }
    else
    {
        ctx->isBLCurve = false;
        err = ecc_make_key(NULL, find_prng("sprng"),   (int)keysize/8, &ctx->key);CKERR;
    }
    
    ctx->isInited = true;
    
done:
    
    return (err);
    
}
Beispiel #3
0
int TestPK(prng_state * PRNG)
{
    int     err = CRYPT_OK;
    int     i;
    
    ecc_key     eccKey;
    uint8_t        PT[PTsize];
    uint8_t        CT[256];
    uint8_t        DT[PTsize];
    unsigned long   z,w;
    
 
    uint8_t        PrivKey[256];
    uint8_t        PubKey[256];
   
 //   uint8_t             tempBuf[256];
 //   unsigned long       tempLen;

    
    printf("\nTesting PK\n");
   
    // fill PT
    for(i = 0; i< PTsize; i++) PT[i]= i;
      
    DO( ecc_make_key(PRNG, find_prng ("yarrow"),  384/8, &eccKey));
  
    z = sizeof(PubKey);
     DO( ecc_export(PubKey, &z, PK_PUBLIC, &eccKey));
    printf("\tPub Key (%ld bytes)\n", z);
    dumpHex(PubKey,  z, 8);
     
    z = sizeof(PrivKey);
   DO( ecc_export(PrivKey, &z, PK_PRIVATE, &eccKey));
    printf("\n\tPriv Key (%ld bytes)\n", z);
    dumpHex(PrivKey,  z, 8);
     
    z = 384; 
    DO( ecc_encrypt_key(PT, PTsize, CT, &z, 
                        PRNG, 
                        find_prng("yarrow"), 
                        find_hash("sha256"),
                        &eccKey));
 
    printf("\n\tEncrypted message (%ld bytes)\n", z);
    dumpHex(CT,  z, 0);
    
    DO( ecc_decrypt_key(CT, z, DT, &w, &eccKey));
      
    /* check against know-answer */
    DO(compareResults( DT, PT, PTsize , kResultFormat_Byte, "ECC Decrypt"));
    printf("\n\tDecrypted OK\n");
    dumpHex(DT,  w, 0);
 
      ecc_free(&eccKey);
    
    return err;
    
}
Beispiel #4
0
int dsa_test(void)
{
   unsigned char msg[16], out[1024], out2[1024];
   unsigned long x;
   int stat1, stat2;
   dsa_key key, key2;

   /* make a random key */
   DO(dsa_make_key(&yarrow_prng, find_prng("yarrow"), 20, 128, &key));

   /* verify it */
   DO(dsa_verify_key(&key, &stat1));
   if (stat1 == 0) { fprintf(stderr, "dsa_verify_key "); return 1; }

   /* sign the message */
   x = sizeof(out);
   DO(dsa_sign_hash(msg, sizeof(msg), out, &x, &yarrow_prng, find_prng("yarrow"), &key));

   /* verify it once */
   DO(dsa_verify_hash(out, x, msg, sizeof(msg), &stat1, &key));

   /* Modify and verify again */
   msg[0] ^= 1;
   DO(dsa_verify_hash(out, x, msg, sizeof(msg), &stat2, &key));
   msg[0] ^= 1;
   if (!(stat1 == 1 && stat2 == 0)) { fprintf(stderr, "dsa_verify %d %d", stat1, stat2); return 1; }

   /* test exporting it */
   x = sizeof(out2);
   DO(dsa_export(out2, &x, PK_PRIVATE, &key));
   DO(dsa_import(out2, x, &key2));

   /* verify a signature with it */
   DO(dsa_verify_hash(out, x, msg, sizeof(msg), &stat1, &key2));
   if (stat1 == 0) { fprintf(stderr, "dsa_verify (import private) %d ", stat1); return 1; }
   dsa_free(&key2);

   /* export as public now */
   x = sizeof(out2);
   DO(dsa_export(out2, &x, PK_PUBLIC, &key));

   DO(dsa_import(out2, x, &key2));
   /* verify a signature with it */
   DO(dsa_verify_hash(out, x, msg, sizeof(msg), &stat1, &key2));
   if (stat1 == 0) { fprintf(stderr, "dsa_verify (import public) %d ", stat1); return 1; }
   dsa_free(&key2);
   dsa_free(&key);

   return 0;
}
Beispiel #5
0
static
int rpmltcSignECDSA(pgpDig dig)
	/*@*/
{
    rpmltc ltc = dig->impl;
    int rc = 0;		/* assume failure. */
unsigned char sig[2048];
unsigned long siglen = sizeof(sig);

if (ltc->digest == NULL || ltc->digestlen == 0) goto exit;

    rc = rpmltcErr(ltc, "ecc_sign_hash",
		ecc_sign_hash(ltc->digest, ltc->digestlen, sig, &siglen,
			&yarrow_prng, find_prng ("yarrow"), &ltc->ecdsa));
    if (rc == CRYPT_OK) {
	int xx;
	_initBN(ltc->r);
	_initBN(ltc->s);
	xx = der_decode_sequence_multi(sig, siglen,
				LTC_ASN1_INTEGER, 1UL, ltc->r,
				LTC_ASN1_INTEGER, 1UL, ltc->s,
				LTC_ASN1_EOL, 0UL, NULL);
    }
    rc = (rc == CRYPT_OK);

#ifdef	DYING
rpmltcDumpECDSA(__FUNCTION__, ltc);
#endif

exit:
SPEW(!rc, rc, dig);
    return rc;
}
Beispiel #6
0
static
int rpmltcGenerateDSA(pgpDig dig)
	/*@*/
{
    rpmltc ltc = dig->impl;
    int rc = 0;		/* assume failure. */
int xx;
int _group_size;
int _modulus_size;

if (ltc->qbits == 0) ltc->qbits = 160;	/* XXX FIXME */
if (ltc->nbits == 0) ltc->nbits = 1024;	/* XXX FIXME */

_group_size = ltc->qbits/8;
_modulus_size = ltc->nbits/8;

    xx = rpmltcErr(ltc, "dsa_make_key",
		dsa_make_key(&yarrow_prng, find_prng("yarrow"),
			_group_size, _modulus_size, &ltc->dsa));
#ifdef	NOTYET
    xx = rpmltcErr(ltc, "dsa_verify_key",
		dsa_verify_key(&ltc->dsa, &rc));
#else
    rc = (xx == CRYPT_OK);
#endif
#ifdef	DYING
rpmltcDumpDSA(__FUNCTION__, ltc);
#endif

SPEW(!rc, rc, dig);

    return rc;
}
Beispiel #7
0
static
int rpmltcSignDSA(pgpDig dig)
	/*@*/
{
    rpmltc ltc = dig->impl;
    int rc = 0;		/* assume failure */
int xx;

if (ltc->digest == NULL || ltc->digestlen == 0) goto exit;

    _initBN(ltc->r);
    _initBN(ltc->s);
    rc = rpmltcErr(ltc, "dsa_sign_hash_raw",
		dsa_sign_hash_raw(ltc->digest, ltc->digestlen, ltc->r, ltc->s,
			&yarrow_prng, find_prng("yarrow"), &ltc->dsa));

#ifdef	DYING
rpmltcDumpDSA(__FUNCTION__, ltc);
#endif

    rc = (rc == CRYPT_OK);

exit:
SPEW(!rc, rc, dig);

    return rc;
}
Beispiel #8
0
static void register_algs(void)
{
  int err;

  atexit(_unregister_all);

#ifndef LTC_YARROW
   #error This demo requires Yarrow.
#endif
   if ((err = register_all_ciphers()) != CRYPT_OK) {
      fprintf(stderr, "register_all_ciphers err=%s\n", error_to_string(err));
      exit(EXIT_FAILURE);
   }
   if ((err = register_all_hashes()) != CRYPT_OK) {
      fprintf(stderr, "register_all_hashes err=%s\n", error_to_string(err));
      exit(EXIT_FAILURE);
   }
   if ((err = register_all_prngs()) != CRYPT_OK) {
      fprintf(stderr, "register_all_prngs err=%s\n", error_to_string(err));
      exit(EXIT_FAILURE);
   }

   if ((err = rng_make_prng(128, find_prng("yarrow"), &yarrow_prng, NULL)) != CRYPT_OK) {
      fprintf(stderr, "rng_make_prng failed: %s\n", error_to_string(err));
      exit(EXIT_FAILURE);
   }

   if (strcmp("CRYPT_OK", error_to_string(err))) {
       exit(EXIT_FAILURE);
   }
}
Beispiel #9
0
  		CTomcryptInternals(void)
  	  {
  	    int ErrorCode = register_cipher(&rijndael_desc);
  	    if (ErrorCode == -1)
  	    {
  	    	throw ExInternalError(std::string("Cannot register AES cipher."));
  	    }

  	    ErrorCode = register_prng(&fortuna_desc);
  	    if (ErrorCode == -1)
  	    {
  	    	throw ExInternalError(std::string("Cannot register fortuna pseudo random generator."));
  	    }

  	    int const GeneratorID = find_prng("fortuna");
  	    ErrorCode = rng_make_prng(128, GeneratorID, &mRandomGenerator, NULL);
  	    if (ErrorCode != CRYPT_OK)
  	    {
  	    	throw ExInternalError(std::string("Error while starting random generator: ")+std::string(error_to_string(ErrorCode)));
  	    }

  	    ErrorCode = register_hash(&sha256_desc);
  	    if (ErrorCode == -1)
  	    {
  	    	throw ExInternalError(std::string("Cannot register SHA2 hash."));
  	    }

  			return;
  	  }
Beispiel #10
0
int main(int argc, char **argv)
{
	int err;
	rsa_key key;

	init_libtom();

	//prng_state yarrow_prng;
	err = rsa_make_key(NULL, find_prng ("sprng"), 1024/8, 65537, &key);
	//err = rsa_make_key(NULL, find_prng ("sprng"), 1024/8, 17, &key);
	if (err) {
		printf("make_key failed\n");
		return err;
	}

	err = export_key_to_file(&key, "private.key", PK_PRIVATE);
	if (err) {
		printf("export key failed\n");
		return err;
	}
	err = export_key_to_file(&key, "public.key", PK_PUBLIC);
	if (err) {
		printf("export key failed\n");
		return err;
	}

	return 0;
}
Beispiel #11
0
SgObject Sg_MakePseudoRandom(SgString *name, SgObject seed)
{
  const char *cname = Sg_Utf32sToUtf8s(name);
  int wprng = find_prng(cname), err;
  SgBuiltinPrng *prng;
  
  if (wprng == -1) {
    Sg_Error(UC("%A is not supported"), name);
    return SG_UNDEF;
  }

  prng = make_prng(name);
  SG_BUILTIN_PRNG(prng)->wprng = wprng;
  err = prng_descriptor[wprng].start(&prng->prng);
  if (err != CRYPT_OK) goto err;

  if (!SG_FALSEP(seed)) {
    if (SG_BVECTORP(seed)) {
      err = prng_descriptor[wprng]
	.add_entropy(SG_BVECTOR_ELEMENTS(seed), 
		     SG_BVECTOR_SIZE(seed), &prng->prng);
      if (err != CRYPT_OK) goto err;
    } else { goto err; }
  }

  err = prng_descriptor[wprng].ready(&prng->prng);
  if (err != CRYPT_OK) goto err;

  Sg_RegisterFinalizer(prng, finalize_prng, NULL);
  return SG_OBJ(prng);
 err:
  Sg_Error(UC("Failed to initialize pseudo random: %A"),
	   Sg_MakeStringC(error_to_string(err)));
  return SG_UNDEF;
}
Beispiel #12
0
int prng_test(void)
{
   int           err = CRYPT_NOP;
   int           x;
   unsigned char buf[4096] = { 0 };
   unsigned long n, one;
   prng_state    nprng;

#ifdef LTC_PRNG_ENABLE_LTC_RNG
   unsigned long before;

   unsigned long (*previous)(unsigned char *, unsigned long , void (*)(void)) = ltc_rng;
   ltc_rng = my_test_rng;

   before = my_test_rng_read;

   if ((err = rng_make_prng(128, find_prng("yarrow"), &yarrow_prng, NULL)) != CRYPT_OK) {
      fprintf(stderr, "rng_make_prng with 'my_test_rng' failed: %s\n", error_to_string(err));
      exit(EXIT_FAILURE);
   }

   if (before == my_test_rng_read) {
      fprintf(stderr, "somehow there was no read from the ltc_rng! %lu == %lu\n", before, my_test_rng_read);
      exit(EXIT_FAILURE);
   }

   ltc_rng = previous;
#endif

   /* test prngs (test, import/export) */
   for (x = 0; prng_descriptor[x].name != NULL; x++) {
      if(strstr(prng_descriptor[x].name, "no_prng") == prng_descriptor[x].name) continue;
      err = CRYPT_OK;
      DOX(prng_descriptor[x].test(), prng_descriptor[x].name);
      DOX(prng_descriptor[x].start(&nprng), prng_descriptor[x].name);
      DOX(prng_descriptor[x].add_entropy((unsigned char *)"helloworld12", 12, &nprng), prng_descriptor[x].name);
      DOX(prng_descriptor[x].ready(&nprng), prng_descriptor[x].name);
      n = sizeof(buf);
      if (strcmp(prng_descriptor[x].name, "sprng")) {
         one = 1;
         if (prng_descriptor[x].pexport(buf, &one, &nprng) != CRYPT_BUFFER_OVERFLOW) {
            fprintf(stderr, "Error testing pexport with a short buffer (%s)\n", prng_descriptor[x].name);
            return CRYPT_ERROR;
         }
      }
      DOX(prng_descriptor[x].pexport(buf, &n, &nprng), prng_descriptor[x].name);
      prng_descriptor[x].done(&nprng);
      DOX(prng_descriptor[x].pimport(buf, n, &nprng), prng_descriptor[x].name);
      DOX(prng_descriptor[x].pimport(buf, 4096, &nprng), prng_descriptor[x].name); /* try to import larger data */
      DOX(prng_descriptor[x].ready(&nprng), prng_descriptor[x].name);
      if (prng_descriptor[x].read(buf, 100, &nprng) != 100) {
         fprintf(stderr, "Error reading from imported PRNG (%s)!\n", prng_descriptor[x].name);
         return CRYPT_ERROR;
      }
      prng_descriptor[x].done(&nprng);
   }
   return err;
}
Beispiel #13
0
int setup_crypt(void)
{
    int err;

    if(register_prng(&yarrow_desc) != CRYPT_OK) {
        printf("Could not register prng.\n");
        return -1;
    }
    printf("prng registered...\n");

    if ((err = rng_make_prng(128, find_prng("yarrow"), &prng, NULL)) != CRYPT_OK)  {
        printf("Could not make prng: %s\n", error_to_string(err));
        return -1;
    }

    /* generate a 1536 bit RSA key.  This duplicates the exported key size
       of Mythic's algorithm, but other sizes would work as well */
    if ((err = rsa_make_key(&prng, find_prng("yarrow"), 192, 65537, &key)) != CRYPT_OK) {
        printf("Could not generate RSA key: %s\n", error_to_string(err));
        return -1;
    }
    printf("RSA key generated...\n");

    /* export the key starting at keybuff[10] so we can prepend the
       fixed header the client expects */
    exported_key_len = sizeof(exported_key_buffer);
    if ((err = rsa_export(&exported_key_buffer[10], &exported_key_len, PK_PUBLIC, &key)) != CRYPT_OK) {
        printf("Could not export RSA public key: %s\n", error_to_string(err));
        return -1;
    }
    printf("RSA public key exported (%lu bytes)...\n", exported_key_len);

    /* some sort of protocol version information proceeds the key when
       we send it. If not correct, login.dll generates version mismatch 
	       error message. */
    *((unsigned long *)&exported_key_buffer[0]) = htonl(LOGIN_PROTOCOL_VERSION);
    *((unsigned short *)&exported_key_buffer[4]) = htons(1);
    /* add the size */
    *((unsigned short *)&exported_key_buffer[6]) = htons(exported_key_len);
    *((unsigned short *)&exported_key_buffer[8]) = htons(exported_key_len);

    return 0;
}
Beispiel #14
0
static
int rpmltcSignRSA(pgpDig dig)
	/*@*/
{
    rpmltc ltc = dig->impl;
    int rc = 0;		/* assume failure. */
int _padding = LTC_LTC_PKCS_1_V1_5;
int hash_idx = find_hash("sha1");
unsigned long saltlen = 0;
unsigned char sig[2048];
unsigned long siglen = sizeof(sig);

if (ltc->digest == NULL || ltc->digestlen == 0) goto exit;

#ifdef	NOTYET
    rc = rpmltcErr(ltc, "rsa_sign_hash_ex",
		rsa_sign_hash_ex(ltc->digest, ltc->digestlen, sig, &siglen,
			_padding, &yarrow_prng, find_prng("yarrow"),
			hash_idx, saltlen, &ltc->rsa));
#else
    rc = rpmltcErr(ltc, "rsa_encrypt_key_ex",
		rsa_encrypt_key_ex(ltc->digest, ltc->digestlen, sig, &siglen,
			NULL, 0, &yarrow_prng, find_prng("yarrow"),
			hash_idx, _padding, &ltc->rsa));
#endif
    if (rc == CRYPT_OK) {
	int xx;
	_initBN(ltc->c);
	xx = mp_read_unsigned_bin(ltc->c, sig, siglen);
    }

#ifdef	DYING
rpmltcDumpRSA(__FUNCTION__, ltc);
#endif

    rc = (rc == CRYPT_OK);

exit:
SPEW(!rc, rc, dig);

    return rc;
}
Beispiel #15
0
/* { generateKeys start } */
int generateKeys(prng_state* prng){
	ecc_key key;
	int err;
	if ((err = ecc_make_key(prng,find_prng("fortuna"),24,&key))!= CRYPT_OK) {
		printf("Error setting up , %s\n", error_to_string(err));
		exit(EXIT_FAILURE);
	}
	saveKeyToFile(&key, "private.key", PK_PRIVATE);
	saveKeyToFile(&key, "public.key", PK_PUBLIC);
	return 0;
}
Beispiel #16
0
int initEncrypt(){
	prng_index = register_prng(&fortuna_desc);
	hash_index = register_hash(&sha256_desc);

	int err;
	if ((err = rng_make_prng(128, find_prng("fortuna"), &prng, NULL)) != CRYPT_OK) {
		printf("Error setting up PRNG, %s\n", error_to_string(err));
		exit(EXIT_FAILURE);
	}
	return 0;
}
Beispiel #17
0
/** new() */
static int Lnew(lua_State* L) {
    prng_state* prng = (prng_state*) lua_newuserdata(L, sizeof(prng_state));
    luaL_getmetatable(L, MYTYPE);
    lua_setmetatable(L, -2);
    int idx = find_prng("fortuna");
    if (idx == -1) {
        lua_pushnil(L);
        lua_pushstring (L, "cannot find 'fortuna' implementation");
        return 2;
    }
    CHECK(rng_make_prng(ENTROPY, idx, prng, NULL));
    return 1;
}
Beispiel #18
0
C4Err ECC_Encrypt(ECC_ContextRef  pubCtx, void *inData, size_t inDataLen,  void *outData, size_t bufSize, size_t *outDataLen)
{
    C4Err     err = kC4Err_NoErr;
    int          status  =  CRYPT_OK;
    unsigned long   length = bufSize;
    
    validateECCContext(pubCtx);
    ValidateParam(pubCtx->isInited);
    
    if(pubCtx->isBLCurve)
    {
        status = ecc_bl_encrypt_key(inData, inDataLen, outData,  &length,
                                    NULL,
                                    find_prng("sprng"),
                                    find_hash(inDataLen > 32?"sha512":"sha256"),
                                    &pubCtx->key);
        
    }
    else
    {
        status = ecc_encrypt_key(inData, inDataLen, outData,  &length,
                                 NULL,
                                 find_prng("sprng"),
                                 find_hash(inDataLen > 32?"sha512":"sha256"),
                                 &pubCtx->key);
        
    }; 
    
    if(status != CRYPT_OK)
    {
        err = sCrypt2C4Err(status); CKERR;
    }
    
    *outDataLen = length;
    
done:
    
    return err;
}
Beispiel #19
0
DLL_EXPORT int ECDHEMakeKey(char *x, char *y, char *z, char *k) {
    ecc_key ecc_dhe;
    init_dependencies();
    int res = ecc_make_key_ex(NULL, find_prng("sprng"), &ecc_dhe, &ecc256);
    if (!res) {
        mp_toradix(ecc_dhe.pubkey.x, x, 16);
        mp_toradix(ecc_dhe.pubkey.y, y, 16);
        mp_toradix(ecc_dhe.pubkey.z, z, 16);
        mp_toradix(ecc_dhe.k, k, 16);
        ecc_free(&ecc_dhe);
    }

}
Beispiel #20
0
int generateRandom(unsigned char *array, unsigned long len)
{
    int err, x;
    prng_state prng;
    if (register_prng(&yarrow_desc) == -1) {
        return ERROR_PRNG;
    }
    if ((err = rng_make_prng(128, find_prng("yarrow"), &prng, NULL)) != CRYPT_OK) {
        return err;
    } 
    x = yarrow_read(array, len, &prng);
    if (x != len) {
        return ERROR_READ_IV;
    }
    sprng_done(&prng);
    return CRYPT_OK;
}
Beispiel #21
0
BOOL CRSADlg::OnInitDialog()
{
    CDialog::OnInitDialog();

    // TODO:  Add extra initialization here

    // 添加list数据
    for(int i = 0; i < MAX_LIST; i++)
    {
        if(!g_AsyAlgList[i].strName.IsEmpty())
        {
            m_ListBox.InsertString(i, g_AsyAlgList[i].strName);
        }
    }

    m_ListBox.SetCurSel(0);
    g_AsyAlgList_Index = g_AsyAlgList[0].index;


    /* register prng/hash */
    if (register_prng(&sprng_desc) == -1)
    {
        MessageBox("Error registering sprng");
    }

    /* register a math library (in this case TomsFastMath)*/
    ltc_mp = ltm_desc;
    if (register_hash(&sha1_desc) == -1)
    {
        MessageBox("Error registering sha1");
    }

    hash_idx = find_hash("sha1");
    prng_idx = find_prng("sprng");

	UpdateData(TRUE);
	m_e = _T("010001");
	m_e_n = _T("3");
	UpdateData(FALSE);

    return TRUE;  // return TRUE unless you set the focus to a control
    // EXCEPTION: OCX Property Pages should return FALSE
}
Beispiel #22
0
bool SlotGetPrng(JSContext *cx, JS::HandleObject obj, int *prngIndex, prng_state **prngState) {

	JS::RootedValue prngVal(cx);
	JL_CHK( JL_GetReservedSlot( obj, ASYMMETRIC_CIPHER_PRNG_SLOT, &prngVal) );
	JL_ASSERT_OBJECT_STATE( prngVal.isObject(), JL_CLASS_NAME(Prng) );
	{
	JS::RootedObject prngObj(cx, &prngVal.toObject());
	JL_ASSERT_INSTANCE( prngObj, JL_CLASS(Prng) );
	PrngPrivate *prngPrivate;
	prngPrivate = (PrngPrivate *)JL_GetPrivate(prngObj);
	JL_ASSERT_OBJECT_STATE( prngPrivate, JL_CLASS_NAME(Prng) );
	*prngState = &prngPrivate->state;
	*prngIndex = find_prng(prngPrivate->prng.name);
	JL_ASSERT( *prngIndex != -1, E_STR("PRNG"), E_NAME(prngPrivate->prng.name), E_NOTFOUND );
	
	}

	return true;
	JL_BAD;
}
Beispiel #23
0
static
int rpmltcGenerateECDSA(pgpDig dig)
	/*@*/
{
    rpmltc ltc = dig->impl;
    int rc;

if (ltc->nbits == 0) ltc->nbits = 256;	/* XXX FIXME */

    rc = rpmltcErr(ltc, "ecc_make_key",
		ecc_make_key(&yarrow_prng, find_prng ("yarrow"),
			ltc->nbits/8, &ltc->ecdsa));
    rc = (rc == CRYPT_OK);

#ifdef	DYING
rpmltcDumpECDSA(__FUNCTION__, ltc);
#endif

SPEW(!rc, rc, dig);
    return rc;
}
Beispiel #24
0
void nabto_random(uint8_t* buf, size_t len) {
    static bool isInitialized = false;
    size_t bytes;
    if (!isInitialized) {
        int wprng;
        int status;
        register_prng(&fortuna_desc);
        wprng = find_prng("fortuna");

        status = rng_make_prng(128, wprng, &unabto_prng_state, NULL);
        if (status != CRYPT_OK) {
            NABTO_LOG_FATAL(("Could not initialize random function"));
            return;
        }
        isInitialized = true;
    }
    bytes = fortuna_desc.read(buf, len, &unabto_prng_state);

    if (bytes != len) {
        NABTO_LOG_FATAL(("Random function did not give required bytes"));
    }
}
Beispiel #25
0
static
int rpmltcGenerateRSA(pgpDig dig)
	/*@*/
{
    rpmltc ltc = dig->impl;
    int rc = 0;		/* assume failure. */
static long _e = 0x10001;	/* XXX FIXME */

if (ltc->nbits == 0) ltc->nbits = 1024;	/* XXX FIXME */

    rc = rpmltcErr(ltc, "rsa_make_key",
		rsa_make_key(&yarrow_prng, find_prng("yarrow"),
			ltc->nbits/8, _e, &ltc->rsa));
    rc = (rc == CRYPT_OK);

#ifdef	DYING
rpmltcDumpRSA(__FUNCTION__, ltc);
#endif

SPEW(!rc, rc, dig);

    return rc;
}
Beispiel #26
0
SgObject Sg_MakeSecureRandom(SgString *name, int bits)
{
  const char *cname = Sg_Utf32sToUtf8s(name);
  int wprng = find_prng(cname), err;
  SgBuiltinPrng *prng;
  
  if (wprng == -1) {
    Sg_Error(UC("%A is not supported"), name);
    return SG_UNDEF;
  }

  prng = make_prng(name);
  prng->wprng = wprng;

  err = rng_make_prng(bits, wprng, &prng->prng, NULL);
  if (err != CRYPT_OK) {
    Sg_Error(UC("Failed to initialize secure random: %A"),
	     Sg_MakeStringC(error_to_string(err)));
    return SG_UNDEF;
  }
  Sg_RegisterFinalizer(prng, finalize_prng, NULL);
  return SG_OBJ(prng);
}
Beispiel #27
0
/** Generates and returns a new (privkey, pubkey) ECDH key pair.
 * Keys are represented as Lua strings, the private one under a libtomcrypt
 * proprietary format, the public one under X9.63 format. */
static int lnew( lua_State *L) {
    prng_state prng;
    int prng_initialized = 0;
    ecc_key key;

    int idx = find_prng("fortuna");
    if( -1 == idx) goto failure;
    if( CRYPT_OK != rng_make_prng( ENTROPY, idx, & prng, NULL)) goto failure;
    prng_initialized=1;

    /* Generate the 512 bits ECC key in privkey. */
    if( CRYPT_OK != ecc_make_key( & prng, idx, 64, & key)) goto failure;

    /* Buffer will hold both the private and public key transiently,
     * until each of them is transformed into a Lua string. */
    unsigned char buff [BUFF_SIZE];
    unsigned long buff_len = BUFF_SIZE;

    /* Push the string representation of privkey (tomcrypt's proprietary format). */
    if( CRYPT_OK != ecc_export( buff, & buff_len, PK_PRIVATE, & key)) goto failure;
    lua_pushlstring( L, (const char*) buff, buff_len);

    /* Push the string representation of pubkey (ANSI X9.63 format, which only
     * supports public keys. This is the format expected by the server). */
    if( CRYPT_OK != ecc_ansi_x963_export( & key, buff, & buff_len)) goto failure;
    lua_pushlstring( L, (const char *) buff, buff_len);

    fortuna_done( & prng);
    return 2;

    failure:
    /* TODO: release resources */
    if( prng_initialized) fortuna_done( & prng);
    lua_pushnil( L);
    lua_pushstring( L, "error");
    return 2;
}
Beispiel #28
0
int main() {
	ltc_mp = ltm_desc;
	rsa_key priv_key, pub_key;
	int hash_idx, prng_idx;
	int ret = rsa_import(openssl_private_rsa, sizeof(openssl_private_rsa), &priv_key);
	ret = rsa_import(openssl_public_rsa, sizeof(openssl_public_rsa), &pub_key);

	if (register_hash(&sha1_desc) == -1) {
		printf("Error registering SHA1\n");
		return -1;
	}

	hash_idx = find_hash("sha1");
	register_prng(&sprng_desc);
	prng_idx = find_prng("sprng");
	prng_state prng;
	int err;
	if ((err = yarrow_start(&prng)) != CRYPT_OK) {
		printf("Start error: %s\n", error_to_string(err));
	}
	/* add entropy */
	if ((err = yarrow_add_entropy("hello world", 11, &prng))
	!= CRYPT_OK) {
		printf("Add_entropy error: %s\n", error_to_string(err));
	}
	int stat;
	unsigned char buf[1024];
	long size = 1024;
	//ret =  rsa_decrypt_key(sig, strlen(sig), buf, &size, 0, 0, hash_idx, &stat, &key);

	ret =  rsa_sign_hash(hash, strlen(hash), buf, &size, &prng, prng_idx, hash_idx, 0, &priv_key);
	ret = rsa_verify_hash(sig, strlen(sig), hash, strlen(hash), hash_idx, 0, &stat, &pub_key);
	printf("status is : %d\n", ret);
	//load stuff!
	return 0;
}
Beispiel #29
0
int dh_tests (void)
{
  unsigned char buf[3][4096];
  unsigned long x, y, z;
  int           stat, stat2;
  dh_key        usera, userb;

  DO(dh_test());

  /* make up two keys */
  DO(dh_make_key (&test_yarrow, find_prng ("yarrow"), 96, &usera));
  DO(dh_make_key (&test_yarrow, find_prng ("yarrow"), 96, &userb));

  /* make the shared secret */
  x = 4096;
  DO(dh_shared_secret (&usera, &userb, buf[0], &x));

  y = 4096;
  DO(dh_shared_secret (&userb, &usera, buf[1], &y));
  if (y != x) {
    printf ("DH Shared keys are not same size.\n");
    return 1;
  }
  if (memcmp (buf[0], buf[1], x)) {
    printf ("DH Shared keys not same contents.\n");
    return 1;
  }

  /* now export userb */
  y = 4096;
  DO(dh_export (buf[1], &y, PK_PUBLIC, &userb));
	  dh_free (&userb);

  /* import and make the shared secret again */
  DO(dh_import (buf[1], y, &userb));
  z = 4096;
  DO(dh_shared_secret (&usera, &userb, buf[2], &z));

  if (z != x) {
    printf ("failed.  Size don't match?\n");
    return 1;
  }
  if (memcmp (buf[0], buf[2], x)) {
    printf ("Failed.  Content didn't match.\n");
    return 1;
  }
  dh_free (&usera);
  dh_free (&userb);

/* test encrypt_key */
  dh_make_key (&test_yarrow, find_prng ("yarrow"), 128, &usera);
  for (x = 0; x < 16; x++) {
    buf[0][x] = x;
  }
  y = sizeof (buf[1]);
  DO(dh_encrypt_key (buf[0], 16, buf[1], &y, &test_yarrow, find_prng ("yarrow"), find_hash ("md5"), &usera));
  zeromem (buf[0], sizeof (buf[0]));
  x = sizeof (buf[0]);
  DO(dh_decrypt_key (buf[1], y, buf[0], &x, &usera));
  if (x != 16) {
    printf ("Failed (length)\n");
    return 1;
  }
  for (x = 0; x < 16; x++)
    if (buf[0][x] != x) {
      printf ("Failed (contents)\n");
      return 1;
    }

/* test sign_hash */
  for (x = 0; x < 16; x++) {
     buf[0][x] = x;
  }
  x = sizeof (buf[1]);
  DO(dh_sign_hash (buf[0], 16, buf[1], &x, &test_yarrow		, find_prng ("yarrow"), &usera));
  DO(dh_verify_hash (buf[1], x, buf[0], 16, &stat, &usera));
  buf[0][0] ^= 1;
  DO(dh_verify_hash (buf[1], x, buf[0], 16, &stat2, &usera));
  if (!(stat == 1 && stat2 == 0)) { 
     printf("dh_sign/verify_hash %d %d", stat, stat2);
     return 1;
  }
  dh_free (&usera);
  return 0;
}
Beispiel #30
0
static int _dhparam_test(void)
{
   dh_key k;
   unsigned char buf[1024];
   /* generated by: openssl dhparam -outform der -out dhparam.der 2048 */
   unsigned char dhparam_der[] = {
      0x30, 0x82, 0x01, 0x08, 0x02, 0x82, 0x01, 0x01, 0x00, 0xae, 0xfe, 0x78, 0xce, 0x80, 0xd5, 0xd7,
      0x8e, 0xcc, 0x4f, 0x0c, 0x1b, 0xb0, 0x95, 0x10, 0xe1, 0x41, 0x15, 0x53, 0x4d, 0x0e, 0x68, 0xb0,
      0xf8, 0x5a, 0x41, 0x0e, 0x65, 0x2f, 0x9f, 0xac, 0x9c, 0x30, 0xb0, 0x76, 0xec, 0x02, 0xe9, 0x43,
      0x55, 0x08, 0xb4, 0x20, 0x60, 0xd9, 0x52, 0xda, 0x2d, 0xab, 0x9a, 0xba, 0xe6, 0xcf, 0x11, 0xa7,
      0x00, 0x44, 0xc2, 0x5e, 0xd1, 0xba, 0x9b, 0xaa, 0xfe, 0x03, 0xdd, 0xdc, 0xef, 0x41, 0x89, 0x9c,
      0xac, 0x64, 0x13, 0xd9, 0x6a, 0x8a, 0x55, 0xa0, 0x5b, 0xff, 0x12, 0x92, 0x37, 0x52, 0x6a, 0x91,
      0xa4, 0x6e, 0x9e, 0x61, 0xb7, 0xfe, 0xb0, 0x17, 0x8e, 0x67, 0x0f, 0x88, 0x46, 0xa7, 0x9e, 0xb1,
      0xdb, 0x68, 0x77, 0x70, 0xb5, 0x77, 0xf2, 0x7e, 0x33, 0xb1, 0x3e, 0x10, 0xc4, 0x63, 0x36, 0xd0,
      0x13, 0x27, 0xd3, 0x29, 0xc3, 0xb6, 0x5d, 0xf6, 0x5d, 0xa7, 0xd8, 0x25, 0x5c, 0x0b, 0x65, 0x99,
      0xfa, 0xf9, 0x5f, 0x1d, 0xee, 0xd1, 0x86, 0x64, 0x7c, 0x44, 0xcb, 0xa0, 0x12, 0x52, 0x4c, 0xd4,
      0x46, 0x81, 0xae, 0x07, 0xdb, 0xc7, 0x13, 0x29, 0xce, 0x9b, 0xcf, 0x1c, 0x06, 0xd2, 0x0f, 0x2d,
      0xbb, 0x12, 0x33, 0xb9, 0xb1, 0x0f, 0x67, 0x5d, 0x3f, 0x0c, 0xe4, 0xfa, 0x67, 0x26, 0xe2, 0x89,
      0xa2, 0xd5, 0x66, 0x29, 0x1c, 0xe2, 0x8e, 0xbb, 0x7b, 0xcb, 0xcc, 0x70, 0x7e, 0x4f, 0x0e, 0xd3,
      0x5d, 0x64, 0x64, 0x1b, 0x27, 0xbb, 0xda, 0xa9, 0x08, 0x2b, 0x62, 0xd4, 0xca, 0xc3, 0x3a, 0x23,
      0x39, 0x58, 0x57, 0xaf, 0x7b, 0x8b, 0x0c, 0x5b, 0x2e, 0xfc, 0x42, 0x57, 0x59, 0x39, 0x2e, 0x6d,
      0x39, 0x97, 0xdb, 0x5b, 0x5c, 0xb9, 0x59, 0x71, 0x42, 0xf3, 0xcd, 0xea, 0xda, 0x86, 0x54, 0x86,
      0x61, 0x8d, 0x93, 0x66, 0xc7, 0x65, 0xd1, 0x98, 0xcb, 0x02, 0x01, 0x02
   };
   /* text dump: openssl dh -inform DER -in dhparam.der -text
      DH Parameters: (2048 bit)
          prime:
              00:ae:fe:78:ce:80:d5:d7:8e:cc:4f:0c:1b:b0:95:
              10:e1:41:15:53:4d:0e:68:b0:f8:5a:41:0e:65:2f:
              9f:ac:9c:30:b0:76:ec:02:e9:43:55:08:b4:20:60:
              d9:52:da:2d:ab:9a:ba:e6:cf:11:a7:00:44:c2:5e:
              d1:ba:9b:aa:fe:03:dd:dc:ef:41:89:9c:ac:64:13:
              d9:6a:8a:55:a0:5b:ff:12:92:37:52:6a:91:a4:6e:
              9e:61:b7:fe:b0:17:8e:67:0f:88:46:a7:9e:b1:db:
              68:77:70:b5:77:f2:7e:33:b1:3e:10:c4:63:36:d0:
              13:27:d3:29:c3:b6:5d:f6:5d:a7:d8:25:5c:0b:65:
              99:fa:f9:5f:1d:ee:d1:86:64:7c:44:cb:a0:12:52:
              4c:d4:46:81:ae:07:db:c7:13:29:ce:9b:cf:1c:06:
              d2:0f:2d:bb:12:33:b9:b1:0f:67:5d:3f:0c:e4:fa:
              67:26:e2:89:a2:d5:66:29:1c:e2:8e:bb:7b:cb:cc:
              70:7e:4f:0e:d3:5d:64:64:1b:27:bb:da:a9:08:2b:
              62:d4:ca:c3:3a:23:39:58:57:af:7b:8b:0c:5b:2e:
              fc:42:57:59:39:2e:6d:39:97:db:5b:5c:b9:59:71:
              42:f3:cd:ea:da:86:54:86:61:8d:93:66:c7:65:d1:
              98:cb
          generator: 2 (0x2)
   */
   unsigned char prime[] = {
            0xae, 0xfe, 0x78, 0xce, 0x80, 0xd5, 0xd7, 0x8e, 0xcc, 0x4f, 0x0c, 0x1b, 0xb0, 0x95,
      0x10, 0xe1, 0x41, 0x15, 0x53, 0x4d, 0x0e, 0x68, 0xb0, 0xf8, 0x5a, 0x41, 0x0e, 0x65, 0x2f,
      0x9f, 0xac, 0x9c, 0x30, 0xb0, 0x76, 0xec, 0x02, 0xe9, 0x43, 0x55, 0x08, 0xb4, 0x20, 0x60,
      0xd9, 0x52, 0xda, 0x2d, 0xab, 0x9a, 0xba, 0xe6, 0xcf, 0x11, 0xa7, 0x00, 0x44, 0xc2, 0x5e,
      0xd1, 0xba, 0x9b, 0xaa, 0xfe, 0x03, 0xdd, 0xdc, 0xef, 0x41, 0x89, 0x9c, 0xac, 0x64, 0x13,
      0xd9, 0x6a, 0x8a, 0x55, 0xa0, 0x5b, 0xff, 0x12, 0x92, 0x37, 0x52, 0x6a, 0x91, 0xa4, 0x6e,
      0x9e, 0x61, 0xb7, 0xfe, 0xb0, 0x17, 0x8e, 0x67, 0x0f, 0x88, 0x46, 0xa7, 0x9e, 0xb1, 0xdb,
      0x68, 0x77, 0x70, 0xb5, 0x77, 0xf2, 0x7e, 0x33, 0xb1, 0x3e, 0x10, 0xc4, 0x63, 0x36, 0xd0,
      0x13, 0x27, 0xd3, 0x29, 0xc3, 0xb6, 0x5d, 0xf6, 0x5d, 0xa7, 0xd8, 0x25, 0x5c, 0x0b, 0x65,
      0x99, 0xfa, 0xf9, 0x5f, 0x1d, 0xee, 0xd1, 0x86, 0x64, 0x7c, 0x44, 0xcb, 0xa0, 0x12, 0x52,
      0x4c, 0xd4, 0x46, 0x81, 0xae, 0x07, 0xdb, 0xc7, 0x13, 0x29, 0xce, 0x9b, 0xcf, 0x1c, 0x06,
      0xd2, 0x0f, 0x2d, 0xbb, 0x12, 0x33, 0xb9, 0xb1, 0x0f, 0x67, 0x5d, 0x3f, 0x0c, 0xe4, 0xfa,
      0x67, 0x26, 0xe2, 0x89, 0xa2, 0xd5, 0x66, 0x29, 0x1c, 0xe2, 0x8e, 0xbb, 0x7b, 0xcb, 0xcc,
      0x70, 0x7e, 0x4f, 0x0e, 0xd3, 0x5d, 0x64, 0x64, 0x1b, 0x27, 0xbb, 0xda, 0xa9, 0x08, 0x2b,
      0x62, 0xd4, 0xca, 0xc3, 0x3a, 0x23, 0x39, 0x58, 0x57, 0xaf, 0x7b, 0x8b, 0x0c, 0x5b, 0x2e,
      0xfc, 0x42, 0x57, 0x59, 0x39, 0x2e, 0x6d, 0x39, 0x97, 0xdb, 0x5b, 0x5c, 0xb9, 0x59, 0x71,
      0x42, 0xf3, 0xcd, 0xea, 0xda, 0x86, 0x54, 0x86, 0x61, 0x8d, 0x93, 0x66, 0xc7, 0x65, 0xd1,
      0x98, 0xcb
   };

   DO(dh_set_pg_dhparam(dhparam_der, sizeof(dhparam_der), &k));
   DO(dh_generate_key(&yarrow_prng, find_prng ("yarrow"), &k));
   if (mp_unsigned_bin_size(k.prime) > sizeof(buf)) {
      printf("dhparam_test: short buf\n");
      dh_free(&k);
      return CRYPT_ERROR;
   }
   DO(mp_to_unsigned_bin(k.prime, buf));
   if (compare_testvector(buf, sizeof(prime), prime, sizeof(prime), "dhparam_test", 1)) {
      printf("dhparam_test: prime mismatch\n");
      dh_free(&k);
      return CRYPT_ERROR;
   }
   if (mp_cmp_d(k.base, 2) != LTC_MP_EQ) {
      printf("dhparam_test: base mismatch\n");
      dh_free(&k);
      return CRYPT_ERROR;
   }
   dh_free(&k);
   return CRYPT_OK;
}