int rsa_encrypt (const char *const private_key_name, void *input, int ilen, void **output, int *olen) {
  vkprintf (3, "rsa_encrypt (private_key_name = %s, ilen = %d)\n", private_key_name, ilen);
  int err = 0;
  RSA *privKey = NULL;
  *output = NULL;
  *olen = -1;
  FILE *f = fopen (private_key_name, "rb");
  if (f == NULL) {
    kprintf ("Couldn't open private key file: %s\n", private_key_name);
    return -1;
  }
  privKey = PEM_read_RSAPrivateKey (f, NULL, NULL, NULL);
  if (privKey == NULL) {
    kprintf ("PEM_read_RSAPrivateKey returns NULL.\n");
    err = -2;
    goto clean;
  }
  fclose (f);
  f = NULL;
  unsigned char key[32], iv[32];
  generate_aes_key (key, iv);
  const int rsa_size = RSA_size (privKey);
  *olen = 4 + rsa_size + 32 + ilen + AES_BLOCK_SIZE;
  unsigned char *b = *output = malloc (*olen);

  memcpy (b, &rsa_size, 4);
  if (!RSA_private_encrypt (32, key, b + 4, privKey, RSA_PKCS1_PADDING)) {
    kprintf ("RSA_private_encrypt fail.\n");
    err = -3;
    goto clean;
  }
  memcpy (b + 4 + rsa_size, iv, 32);
  EVP_CIPHER_CTX e;
  EVP_CIPHER_CTX_init (&e);
  EVP_EncryptInit_ex (&e, EVP_aes_256_cbc(), NULL, key, iv);
  int c_len, f_len;
  EVP_EncryptUpdate (&e, b + 4 + rsa_size + 32, &c_len, input, ilen);
  EVP_EncryptFinal_ex (&e, b + 4 + rsa_size + 32 + c_len, &f_len);
  EVP_CIPHER_CTX_cleanup (&e);
  int r = 4 + rsa_size + 32 + c_len + f_len;
  vkprintf (3, "c_len = %d, f_len = %d\n", c_len, f_len);
  assert (r <= *olen);
  *olen = r;
  clean:
  if (f != NULL) {
    fclose (f);
  }
  if (privKey) {
    RSA_free (privKey);
  }

  return err;
}
Beispiel #2
0
/**
 * Callback function to handle the sipc reg response.
 */
static gboolean
sipc_reg_cb(gint sk, gpointer user_data)
{
    gchar  buf[BUF_LENGTH];
    gchar *digest;
    gchar *nonce, *key, *aeskey;
    gchar *response;
    gint   n;

    fetion_account *ac = (fetion_account*)user_data;

    if ((n = recv(sk, buf, sizeof(buf), 0)) == -1) {
        hybrid_account_error_reason(ac->account, _("sipc reg error."));
        return FALSE;
    }

    buf[n] = '\0';

    hybrid_debug_info("fetion", "recv:\n%s", buf);

    /* parse response, we need the key and nouce */
    digest = sip_header_get_attr(buf, "W");

    if (parse_sipc_reg_response(digest, &nonce, &key) != HYBRID_OK) {
        g_free(digest);
        return FALSE;
    }

    aeskey = generate_aes_key();

    response = generate_response(nonce, ac->userid, ac->password, key, aeskey);

    /* fill verify_data for pic confirm */
    strncpy(verify_data.response, response, sizeof(verify_data.response));

    /* now we start to handle the pushed messages */
    ac->source = hybrid_event_add(sk, HYBRID_EVENT_READ, hybrid_push_cb, ac);

    /* start sipc authencation action. */
    sipc_aut_action(sk, ac, response);

    g_free(digest);
    g_free(nonce);
    g_free(key);
    g_free(aeskey);
    g_free(response);

    return FALSE;
}
Beispiel #3
0
static int rsa_test()
{
	static unsigned char encrypted_buf[130];
	static unsigned char decrypted_buf[34];
	static unsigned char *msg;

	int i=0;
	for(; i<3; i++) {
		msg = generate_aes_key();

		log_debug(LOG_VERB, "i = %d", i);
		log_debug(LOG_VERB, "AES key           : %s \n", base64_encode(msg, 32));


		dyn_rsa_encrypt(msg, encrypted_buf);

		dyn_rsa_decrypt(encrypted_buf, decrypted_buf);

		log_debug(LOG_VERB, "Decrypted message : %s \n", base64_encode(decrypted_buf, 32));
	}

	return 0;
}
Beispiel #4
0
int main() {
    RSA *rsa_key = generate_rsa_keys();

    unsigned char *rsa_pubkey_pem; 
    unsigned int pub_pem_size = rsa_publickey_to_pem(rsa_key, &rsa_pubkey_pem);

    printf ("%s\n", rsa_pubkey_pem);

    unsigned char *rsa_privkey_pem;
    unsigned int priv_pem_size = rsa_privatekey_to_pem(rsa_key, &rsa_privkey_pem, NULL);

    printf ("%s\n", rsa_privkey_pem);

    printf ("RSA keys generated\n");

    unsigned char *plaintext = (unsigned char *)"Hello World!";
    unsigned int plaintext_length = 12;

    unsigned char *encrypted_message = (unsigned char *)malloc(kBits);

    printf ("beginning rsa encryption\n");

    RSA *rsa_pubkey = rsa_pem_to_publickey(rsa_pubkey_pem);

    unsigned int encrypted_length = rsa_encrypt_message(plaintext, plaintext_length, rsa_pubkey, &encrypted_message);

    printf ("\'Hello World!\' encrypted is:\n");
    printf ("%s\n", encrypted_message);

    unsigned char *decrypted_message = (unsigned char *)malloc(plaintext_length*sizeof(unsigned char));

    printf ("beginning rsa decryption\n");

    RSA *rsa_privkey = rsa_pem_to_privatekey(rsa_privkey_pem, rsa_key);

    rsa_decrypt_message(encrypted_message, encrypted_length, rsa_privkey, &decrypted_message);

    printf ("The decrypted message is:\n");
    printf ("%s\n", decrypted_message);

    ERR_load_crypto_strings();
    OpenSSL_add_all_algorithms();
    OPENSSL_config(NULL);

    unsigned char *aes_key = generate_aes_key();
    unsigned char *aes_iv = generate_aes_iv();

    printf ("AES key and iv generated\n");

    unsigned char *aes_encrypted_message = (unsigned char *)malloc(plaintext_length*(unsigned char) + AES_BLOCK_SIZE);

    printf ("beginning aes encryption\n");

    unsigned int aes_encrypted_length = aes_encrypt_message(plaintext, plaintext_length, aes_key, aes_iv, &aes_encrypted_message);

    printf ("\'Hello World encrypted is:\n");
    printf ("%s\n", aes_encrypted_message);
    printf ("%u\n", aes_encrypted_length);

    unsigned char *aes_decrypted_message = (unsigned char *)malloc(plaintext_length*(unsigned char) + AES_BLOCK_SIZE);

    unsigned int aes_decrypted_length = aes_decrypt_message(aes_encrypted_message, aes_encrypted_length, aes_key, aes_iv, &aes_decrypted_message);

    printf ("The decrypted message is:\n");
    printf ("%s\n", aes_decrypted_message);

    exit(EXIT_SUCCESS);
}
FX_RET_CODE fx_generate_response( __in char* sz_key, __in char* sz_nonce,		 \
								  __in char* sz_user_id, __in char* sz_password, \
								  __out char** sz_response )
{	
	
	FX_RET_CODE ret = FX_ERROR_OK;
	int n_ret = 0, n_user_id = 0, n_total_len = 0, n_nonce_len = strlen( sz_nonce );
	byte* hex_step1 = NULL, *hex_step2 = NULL, *hex_aes_key = NULL, *hex_in = NULL;
	char* sz_aes_key = NULL;
	
	if ( sz_key == NULL || sz_nonce == NULL || sz_user_id == NULL || \
		 sz_password == NULL )
	{
		return FX_ERROR_UNKOWN;
	}

	/*
	 *	step 1: sha1( domain:password )
	 */
	
	ret = fx_ssi_get_v4digest_1( (byte*)FX_SHA1_DOMAIN, strlen( FX_SHA1_DOMAIN ), \
								 (byte*)sz_password, strlen( sz_password ), &hex_step1 );
	if ( FX_ERROR_OK != ret )
	{
		return ret;
	}
	
	/*
	 *	step 2: sha1( hex(user_id) + $(step 1) )
	 */
	
	n_user_id = atoi( sz_user_id );
	
	ret = fx_ssi_get_v4digest_1( (byte*)&n_user_id, sizeof( int ), \
								 hex_step1, SHA1_DIGESTSIZE, &hex_step2 );
	if ( FX_ERROR_OK != ret )
	{
		free( hex_step1 );
		return ret;
	}
	
	free( hex_step1 );

	/*
	 * step 3: rsa( nonce + $(hex_step2) + hex(sz_ase_key) )	
	 */
	
	generate_aes_key( &sz_aes_key );
	n_ret = hex_str_2_byte( sz_aes_key, &hex_aes_key );
	
	if ( n_ret <= 0 )
	{
		free( hex_step2 );
		return FX_ERROR_UNKOWN;
	}
	
	n_total_len = n_nonce_len + SHA1_DIGESTSIZE + n_ret;
	hex_in = (byte*)malloc( n_total_len );
	memset( hex_in, 0, n_total_len );

	memcpy( hex_in, sz_nonce, n_nonce_len );
	memcpy( hex_in + n_nonce_len, hex_step2, SHA1_DIGESTSIZE );
	memcpy( hex_in + n_nonce_len + SHA1_DIGESTSIZE, hex_aes_key, n_ret );

	n_ret = do_hash_padding( sz_key, hex_in, n_total_len, sz_response );
	if ( n_ret <= 0 )
	{
		free( hex_step2 );
		return FX_ERROR_UNKOWN;
	}

	free( hex_step2 );
	free( sz_aes_key );
	return FX_ERROR_OK;
}