string RSAEncryptString(const char *pubFilename, const char *seed, const char *message)
{
FileSource pubFile(pubFilename, true, new HexDecoder);
RSAES_OAEP_SHA_Encryptor pub(pubFile);
RandomPool randPool;
randPool.Put((byte *)seed, strlen(seed));
string result;
StringSource(message, true, new PK_EncryptorFilter(randPool, pub, new HexEncoder(new StringSink(result))));
return result;
}
void GenerateRSAKey(unsigned int keyLength, const char *privFilename, const char *pubFilename, const char *seed)
{
RandomPool randPool;
randPool.Put((byte *)seed, strlen(seed));
RSAES_PKCS1v15_Decryptor priv(randPool, keyLength);
FileSink privFile(privFilename);
priv.DEREncode(privFile);
privFile.MessageEnd();
RSAES_PKCS1v15_Encryptor pub(priv);
FileSink pubFile(pubFilename);
pub.DEREncode(pubFile);
pubFile.MessageEnd();
}
void GenerateRSAKey(unsigned int keyLength, const char *privFilename, const char *pubFilename, const char *seed)
{
RandomPool randPool;
randPool.IncorporateEntropy((byte *)seed, strlen(seed));
RSAES_OAEP_SHA_Decryptor priv(randPool, keyLength);
HexEncoder privFile(new FileSink(privFilename));
priv.DEREncode(privFile);
privFile.MessageEnd();
RSAES_OAEP_SHA_Encryptor pub(priv);
HexEncoder pubFile(new FileSink(pubFilename));
pub.DEREncode(pubFile);
pubFile.MessageEnd();
}
bool RSAVerifyFile(const char *pubFilename, const char *messageFilename, const char *signatureFilename)
{
FileSource pubFile(pubFilename, true);
RSASSA_PKCS1v15_SHA_Verifier pub(pubFile);
FileSource signatureFile(signatureFilename, true);
if (signatureFile.MaxRetrievable() != pub.SignatureLength())
return false;
SecByteBlock signature(pub.SignatureLength());
signatureFile.Get(signature, signature.size());
VerifierFilter *verifierFilter = new VerifierFilter(pub);
verifierFilter->Put(signature, pub.SignatureLength());
FileSource f(messageFilename, true, verifierFilter);
return verifierFilter->GetLastResult();
}
bool ValidateRSA()
{
cout << "\nRSA validation suite running...\n\n";
byte out[100], outPlain[100];
bool pass = true, fail;
{
static const char plain[] = "Everyone gets Friday off.";
byte *signature = (byte *)
"\x05\xfa\x6a\x81\x2f\xc7\xdf\x8b\xf4\xf2\x54\x25\x09\xe0\x3e\x84"
"\x6e\x11\xb9\xc6\x20\xbe\x20\x09\xef\xb4\x40\xef\xbc\xc6\x69\x21"
"\x69\x94\xac\x04\xf3\x41\xb5\x7d\x05\x20\x2d\x42\x8f\xb2\xa2\x7b"
"\x5c\x77\xdf\xd9\xb1\x5b\xfc\x3d\x55\x93\x53\x50\x34\x10\xc1\xe1";
FileSource keys("TestData/rsa512a.dat", true, new HexDecoder);
Weak::RSASSA_PKCS1v15_MD2_Signer rsaPriv(keys);
Weak::RSASSA_PKCS1v15_MD2_Verifier rsaPub(rsaPriv);
size_t signatureLength = rsaPriv.SignMessage(GlobalRNG(), (byte *)plain, strlen(plain), out);
fail = !VerifyBufsEqual(signature, out, 64);
pass = pass && !fail;
cout << (fail ? "FAILED " : "passed ");
cout << "signature check against test vector\n";
fail = !rsaPub.VerifyMessage((byte *)plain, strlen(plain), out, signatureLength);
pass = pass && !fail;
cout << (fail ? "FAILED " : "passed ");
cout << "verification check against test vector\n";
out[10]++;
fail = rsaPub.VerifyMessage((byte *)plain, strlen(plain), out, signatureLength);
pass = pass && !fail;
cout << (fail ? "FAILED " : "passed ");
cout << "invalid signature verification\n";
}
{
FileSource keys("TestData/rsa1024.dat", true, new HexDecoder);
RSAES_PKCS1v15_Decryptor rsaPriv(keys);
RSAES_PKCS1v15_Encryptor rsaPub(rsaPriv);
pass = CryptoSystemValidate(rsaPriv, rsaPub) && pass;
}
{
RSAES<OAEP<SHA> >::Decryptor rsaPriv(GlobalRNG(), 512);
RSAES<OAEP<SHA> >::Encryptor rsaPub(rsaPriv);
pass = CryptoSystemValidate(rsaPriv, rsaPub) && pass;
}
{
byte *plain = (byte *)
"\x54\x85\x9b\x34\x2c\x49\xea\x2a";
byte *encrypted = (byte *)
"\x14\xbd\xdd\x28\xc9\x83\x35\x19\x23\x80\xe8\xe5\x49\xb1\x58\x2a"
"\x8b\x40\xb4\x48\x6d\x03\xa6\xa5\x31\x1f\x1f\xd5\xf0\xa1\x80\xe4"
"\x17\x53\x03\x29\xa9\x34\x90\x74\xb1\x52\x13\x54\x29\x08\x24\x52"
"\x62\x51";
byte *oaepSeed = (byte *)
"\xaa\xfd\x12\xf6\x59\xca\xe6\x34\x89\xb4\x79\xe5\x07\x6d\xde\xc2"
"\xf0\x6c\xb5\x8f";
ByteQueue bq;
bq.Put(oaepSeed, 20);
FixedRNG rng(bq);
FileSource privFile("TestData/rsa400pv.dat", true, new HexDecoder);
FileSource pubFile("TestData/rsa400pb.dat", true, new HexDecoder);
RSAES_OAEP_SHA_Decryptor rsaPriv;
rsaPriv.AccessKey().BERDecodePrivateKey(privFile, false, 0);
RSAES_OAEP_SHA_Encryptor rsaPub(pubFile);
memset(out, 0, 50);
memset(outPlain, 0, 8);
rsaPub.Encrypt(rng, plain, 8, out);
DecodingResult result = rsaPriv.FixedLengthDecrypt(GlobalRNG(), encrypted, outPlain);
fail = !result.isValidCoding || (result.messageLength!=8) || !VerifyBufsEqual(out, encrypted, 50) || !VerifyBufsEqual(plain, outPlain, 8);
pass = pass && !fail;
cout << (fail ? "FAILED " : "passed ");
cout << "PKCS 2.0 encryption and decryption\n";
}
return pass;
}
bool RSAValidate()
{
cout << "\nRSA validation suite running...\n\n";
byte out[100], outPlain[100];
unsigned int outLen;
bool pass = true, fail;
try
{
{
char *plain = "Everyone gets Friday off.";
byte *signature = (byte *)
"\x05\xfa\x6a\x81\x2f\xc7\xdf\x8b\xf4\xf2\x54\x25\x09\xe0\x3e\x84"
"\x6e\x11\xb9\xc6\x20\xbe\x20\x09\xef\xb4\x40\xef\xbc\xc6\x69\x21"
"\x69\x94\xac\x04\xf3\x41\xb5\x7d\x05\x20\x2d\x42\x8f\xb2\xa2\x7b"
"\x5c\x77\xdf\xd9\xb1\x5b\xfc\x3d\x55\x93\x53\x50\x34\x10\xc1\xe1";
LC_RNG rng(765);
FileSource keys("rsa512a.dat", true, new HexDecoder);
RSASSA_PKCS1v15_MD2_Signer rsaPriv(keys);
RSASSA_PKCS1v15_MD2_Verifier rsaPub(rsaPriv);
rsaPriv.SignMessage(rng, (byte *)plain, strlen(plain), out);
fail = memcmp(signature, out, 64) != 0;
pass = pass && !fail;
cout << (fail ? "FAILED " : "passed ");
cout << "signature check against test vector\n";
fail = !rsaPub.VerifyMessage((byte *)plain, strlen(plain), out);
pass = pass && !fail;
cout << (fail ? "FAILED " : "passed ");
cout << "verification check against test vector\n";
out[10]++;
fail = rsaPub.VerifyMessage((byte *)plain, strlen(plain), out);
pass = pass && !fail;
cout << (fail ? "FAILED " : "passed ");
cout << "invalid signature verification\n";
}
{
FileSource keys("rsa512.dat", true, new HexDecoder);
RSAES_PKCS1v15_Decryptor rsaPriv(keys);
RSAES_PKCS1v15_Encryptor rsaPub(rsaPriv);
pass = CryptoSystemValidate(rsaPriv, rsaPub) && pass;
}
{
byte *plain = (byte *)
"\x54\x85\x9b\x34\x2c\x49\xea\x2a";
byte *encrypted = (byte *)
"\x14\xbd\xdd\x28\xc9\x83\x35\x19\x23\x80\xe8\xe5\x49\xb1\x58\x2a"
"\x8b\x40\xb4\x48\x6d\x03\xa6\xa5\x31\x1f\x1f\xd5\xf0\xa1\x80\xe4"
"\x17\x53\x03\x29\xa9\x34\x90\x74\xb1\x52\x13\x54\x29\x08\x24\x52"
"\x62\x51";
byte *oaepSeed = (byte *)
"\xaa\xfd\x12\xf6\x59\xca\xe6\x34\x89\xb4\x79\xe5\x07\x6d\xde\xc2"
"\xf0\x6c\xb5\x8f";
ByteQueue bq;
bq.Put(oaepSeed, 20);
FixedRNG rng(bq);
FileSource privFile("rsa400pv.dat", true, new HexDecoder);
FileSource pubFile("rsa400pb.dat", true, new HexDecoder);
RSAES_OAEP_SHA_Decryptor rsaPriv(privFile);
RSAES_OAEP_SHA_Encryptor rsaPub(pubFile);
memset(out, 0, 50);
memset(outPlain, 0, 8);
rsaPub.Encrypt(rng, plain, 8, out);
outLen = rsaPriv.Decrypt(encrypted, outPlain);
fail = (outLen!=8) || memcmp(out, encrypted, 50) || memcmp(plain, outPlain, 8);
pass = pass && !fail;
cout << (fail ? "FAILED " : "passed ");
cout << "PKCS 2.0 encryption and decryption\n";
}
}
catch (BERDecodeErr)
{
cout << "FAILED Error decoding RSA key\n";
pass = false;
}
return pass;
}
