void JNICALL Java_beecrypt_provider_RSAKeyPairGenerator_generate(JNIEnv* env, jobject obj)
{
jclass cls = (*env)->GetObjectClass(env, obj);
jfieldID sid = (*env)->GetFieldID(env, cls, "_size", "I");
jfieldID fid;
if (sid)
{
randomGeneratorContext rngc;
rsakp pair;
jint keybits = (*env)->GetIntField(env, obj, sid);
randomGeneratorContextInit(&rngc, randomGeneratorDefault());
rsakpInit(&pair);
fid = (*env)->GetFieldID(env, cls, "_e", "[B");
if (fid)
{
mpnsetbigint(&pair.e, env, (*env)->GetObjectField(env, obj, fid));
}
rsakpMake(&pair, &rngc, (size_t) keybits);
if ((fid = (*env)->GetFieldID(env, cls, "_n", "[B")))
(*env)->SetObjectField(env, obj, fid, mp_to_bigint(env, pair.n.size, pair.n.modl));
if ((fid = (*env)->GetFieldID(env, cls, "_e", "[B")))
(*env)->SetObjectField(env, obj, fid, mp_to_bigint(env, pair.e.size, pair.e.data));
if ((fid = (*env)->GetFieldID(env, cls, "_d", "[B")))
(*env)->SetObjectField(env, obj, fid, mp_to_bigint(env, pair.d.size, pair.d.data));
if ((fid = (*env)->GetFieldID(env, cls, "_p", "[B")))
(*env)->SetObjectField(env, obj, fid, mp_to_bigint(env, pair.p.size, pair.p.modl));
if ((fid = (*env)->GetFieldID(env, cls, "_q", "[B")))
(*env)->SetObjectField(env, obj, fid, mp_to_bigint(env, pair.q.size, pair.q.modl));
if ((fid = (*env)->GetFieldID(env, cls, "_dp", "[B")))
(*env)->SetObjectField(env, obj, fid, mp_to_bigint(env, pair.dp.size, pair.dp.data));
if ((fid = (*env)->GetFieldID(env, cls, "_dq", "[B")))
(*env)->SetObjectField(env, obj, fid, mp_to_bigint(env, pair.dq.size, pair.dq.data));
if ((fid = (*env)->GetFieldID(env, cls, "_qi", "[B")))
(*env)->SetObjectField(env, obj, fid, mp_to_bigint(env, pair.qi.size, pair.qi.data));
rsakpFree(&pair);
randomGeneratorContextFree(&rngc);
}
}
int main(int argc, char * argv[])
{
rsakp keypair;
mpnumber m, cipher, decipher;
randomGeneratorContext randg;
int e =0, keylen = 1024, flag = 0;
char buf[8192] = {0};
if ( randomGeneratorContextInit(&randg, randomGeneratorDefault()) != 0 )
{
return flag;
}
if ( argc > 1 ) {
keylen = atoi(argv[1]);
}
rsakpInit(&keypair);
if ( argc > 2 ) {
/* e 为奇数 */
e = ((atoi(argv[2]) >> 1) << 1) + 1;
mpnsetw(&keypair.e, e);
}
int encode_function_beecrpt(V6_AUTHENTICATION_REQUEST_T in, V6_AUTHENTICATION_RESULT_T *out)
{
char rsa_m[256+1];
char temp[256+1];
char buff[1024];
char confirm[1024];
unsigned char un_buff[128+1];
int len=0, file_folder_offset=0;
int reserved_offset=0, i;
mpnumber m, cipher;
rsakp keypair;
randomGeneratorContext rngc;
if (randomGeneratorContextInit(&rngc, randomGeneratorDefault()) == 0) {
rsakpInit(&keypair);
rsakpMake(&keypair, &rngc, 1024);
//Set publicKey1
memset(temp, 0, 256+1);
getHexFromMPW(keypair.n.size, keypair.n.modl, temp);
printLog(HEAD_KEY, "(**)UUID(%.48s)PRODUCT_ID(%.18s) ==> PUBLIC_KEY1(%s)\n", in.uuid, in.product, temp);
memset(buff, 0, 1024);
Hex2Str__((unsigned char*)temp, 256, (unsigned char*)buff);
memcpy(out->decKey1, buff, 128);
//Set publicKey2
memcpy(out->decKey2, "10001", 5);
//Logging privateKey
memset(temp, 0, 256+1);
getHexFromMPW(keypair.d.size, keypair.d.data, temp);
printLog(HEAD_KEY, "(**)UUID(%.48s)PRODUCT_ID(%.18s) ==> PRIVATE_KEY(%s)\n", in.uuid, in.product, temp);
memset(un_buff, 0, 128+1); len = 0;
memcpy(&un_buff[len], in.uuid, UUID_SIZE-2); len += UUID_SIZE-2;
memcpy(&un_buff[len], in.device_type, DEVICE_TYPE_SIZE); len += DEVICE_TYPE_SIZE;
memcpy(&un_buff[len], in.register_version, REGISTER_VERSION_SIZE); len += REGISTER_VERSION_SIZE;
memcpy(&un_buff[len], in.app_version, APP_VERSION_SIZE); len += APP_VERSION_SIZE;
memcpy(&un_buff[len], in.app_build_num, APP_BUILD_NUM_SIZE); len += APP_BUILD_NUM_SIZE;
memcpy(&un_buff[len], in.map_version, MAP_VER_SIZE); len += MAP_VER_SIZE;
memcpy(&un_buff[len], in.os_version, OS_VER_SIZE_M31); len += OS_VER_SIZE_M31;
//in order not to alter m31-device's decoding function released at interface 3 protocol(0x15)
file_folder_offset = len; len += FILE_SIZE;
memcpy(&un_buff[len], in.expire_date, EXPIRE_DATE_SIZE); len += EXPIRE_DATE_SIZE;
reserved_offset = len;
for(i=0; i<in.reqEncCnt; i++) {
//Set changing part(file size, reserved)
memcpy(&un_buff[file_folder_offset], in.AuthFileInfo[i].file_size, FILE_SIZE);
memcpy(&un_buff[reserved_offset], in.AuthFileInfo[i].reserved, RESERVED_SIZE);
memset(rsa_m, 0, 256+1);
Str2Hex__(un_buff, 128, (unsigned char *)rsa_m);
mpnzero(&m);
mpnzero(&cipher);
mpnsethex(&m, rsa_m);
if( rsapri(&keypair.n, &keypair.d, &m, &cipher) != 0 )
return -1;
//Set encryptStr
memset(temp, 0, 256+1);
getHexFromMPW(cipher.size, cipher.data, temp);
printLog(HEAD_KEY, "(%.2d)UUID(%.48s)PRODUCT_ID(%.18s) ==> ENCRYPT_STR(%s)\n",i, in.uuid, in.product, temp);
memset(buff, 0, 1024);
Hex2Str__((unsigned char*)temp, 256, (unsigned char*)buff);
memcpy(out->AuthResultData[i].encStr, buff, 128);
// 검증용..
decode_function_m31(out->decKey1, out->decKey2, out->AuthResultData[i].encStr, confirm);
if(memcmp(un_buff, confirm, 128) != 0) {
printLog(HEAD, "ERR::ENCODINGINPUT(%s)OUTPUT(%s) not same\n", un_buff, confirm);
mpnfree(&cipher);
mpnfree(&m);
rsakpFree(&keypair);
randomGeneratorContextFree(&rngc);
out->resultCnt = 0;
return -1;
}
// free mpn objects
mpnfree(&cipher);
mpnfree(&m);
}
out->resultCnt = i;
// free rsakp object & random generator context
rsakpFree(&keypair);
randomGeneratorContextFree(&rngc);
return 1;
}
return -1;
}
int main() {
FILE *rng;
unsigned long rnum;
int i, j;
randomGeneratorContext rngc;
byte keyTest[32];
char keyHex[80];
rsakp keypair;
unsigned char mac[6];
byte digest[20];
char digestHex[41];
sha1Param sha1param;
randomGeneratorContextInit(&rngc, randomGeneratorDefault());
rsakpInit(&keypair);
fscanf( stdin, "%02X:%02X:%02X:%02X:%02X:%02X", &(mac[0]),&(mac[1]),&(mac[2]),&(mac[3]),&(mac[4]),&(mac[5]) );
sha1Reset( &sha1param );
sha1Update( &sha1param, mac, 6 ); // put the MAC into the SHA-1
rngc.rng->next(rngc.param, (byte*) keyTest, 16);
sha1Update( &sha1param, keyTest, 16 ); // then add some random numbers for good measure
sha1Digest( &sha1param, digest );
toHex(digest, digestHex, 16); // and there you have our putative ID
// just in case we are a bit too deterministic, we push around
// the RNG some amount that is linked to the MAC...not really a permanent
// solution, but it should help avoid collisions.
for( i = 0; i < digest[0]; i++ ) {
rngc.rng->next(rngc.param, (byte*) keyTest, 16);
}
for( i = 0; i < digest[12]; i++ ) {
rngc.rng->next(rngc.param, (byte*) keyTest, 16);
}
for( i = 0; i < digest[7]; i++ ) {
rngc.rng->next(rngc.param, (byte*) keyTest, 16);
}
for( i = 0; i < digest[17]; i++ ) {
rngc.rng->next(rngc.param, (byte*) keyTest, 16);
}
fprintf(stdout, "# Indeed, these are crypto keys. The overall system is designed to tolerate people finding these keys. Please note that modifying or copying these keys may cause us to be unable to recover your account information.\n" );
for( i = 0; i < MAX_KEY_INDEX; i++ ) {
rngc.rng->next(rngc.param, (byte*) keyTest, 16);
toHex(keyTest, keyHex, 16);
fprintf(stdout, "AES:%d:", i );
fprintf(stdout, "%s\n", keyHex );
fflush(stdout);
}
fprintf( stderr, "Generating 2048-bit RSA key pair..." );
rsakpMake(&keypair, &rngc, 2048);
fprintf( stderr, "Done.\n" );
fflush( stderr );
for( j = 0; j < MAX_KEY_INDEX; j++ ) {
// create the putative index
//rngc.rng->next(rngc.param, (byte*) keyTest, 16);
//toHex(keyTest, keyHex, 16);
fprintf(stdout, "PKI_I:%d:", j );
// fprintf(stdout, "%s", keyHex );
fprintf(stdout, "%s", digestHex );
// save the public key
fprintf(stdout, "\nPKI_N:%d:", j );
for( i = 0; i < keypair.n.size; i++ )
fprintf(stdout, "%08X", keypair.n.modl[i] );
fprintf(stdout, "\nPKI_E:%d:", j );
for( i = 0; i < keypair.e.size; i++ )
fprintf(stdout, "%08X", keypair.e.data[i]);
// now save the private key components used in the CRT
fprintf(stdout, "\nPKI_P:%d:", j );
for( i = 0; i < keypair.p.size; i++ )
fprintf(stdout, "%08X", keypair.p.modl[i] );
fprintf(stdout, "\nPKI_Q:%d:", j );
for( i = 0; i < keypair.q.size; i++ )
fprintf(stdout, "%08X", keypair.q.modl[i] );
fprintf(stdout, "\nPKI_DP:%d:", j );
for( i = 0; i < keypair.dp.size; i++ )
fprintf(stdout, "%08X", keypair.dp.data[i]);
fprintf(stdout, "\nPKI_DQ:%d:", j );
for( i = 0; i < keypair.dq.size; i++ )
fprintf(stdout, "%08X", keypair.dq.data[i]);
fprintf(stdout, "\nPKI_QI:%d:", j );
for( i = 0; i < keypair.qi.size; i++ )
fprintf(stdout, "%08X", keypair.qi.data[i]);
fprintf(stdout, "\n" );
}
return 0;
}
int main(int argc, char * argv[])
{
int i = 0, failures = 0;
char buf[8192] = {0};
rsakp keypair;
mpnumber m, cipher, decipher;
randomGeneratorContext rngc;
if (randomGeneratorContextInit(&rngc, randomGeneratorDefault()) == 0)
{
/* First we do the fixed value verification */
rsakpInit(&keypair);
mpbsethex(&keypair.n, rsa_n);
mpnsethex(&keypair.e, rsa_e);
mpnsethex(&keypair.d, rsa_d);
mpnzero(&m);
mpnzero(&cipher);
mpnzero(&decipher);
if ( argv[1][0] == '-' && argv[1][1] == 'm') {
mpnsetbin(&m, (argv[1] + 2), strlen(argv[1]) - 2);
} else if ( argv[1][0] == '-' && argv[1][1] == 'h') {
_hex_snprintf(buf, strlen(argv[1]) - 2, argv[1] + 2, sizeof(char));
mpnsethex(&m, buf);
}
printf("message:%s\n", argv[1] + 2);
hex_dump((char *) m.data, m.size << 2);
printf("\npublic:%d\n", (int) * keypair.e.data);
hex_dump((char *) keypair.e.data, keypair.e.size << 2);
/* it's safe to cast the keypair to a public key */
if ( rsapub(&keypair.n, &keypair.e, &m, &cipher) ) {
failures++;
}
printf("\ncipher:\n");
hex_dump((char *) cipher.data, cipher.size << 2);
i = mpntobin(buf, &cipher, 0);
printf("\ncipher mpntobin:%d\n", i);
hex_dump(buf, i);
if ( rsapri(&keypair.n, &keypair.d, &cipher, &decipher) ) {
failures++;
}
printf("\ndecipher:%s\n", (char *) decipher.data);
hex_dump((char *) decipher.data, decipher.size << 2);
_hex_snprintf(buf, decipher.size * sizeof(mpw), (char *) decipher.data, sizeof(mpw));
printf("\n_snprintf (%dbytes):\n%s\n", decipher.size << 2, buf);
i = mpntobin(buf, &decipher, 0);
printf("\nmpntobin:%d\n", i);
hex_dump(buf, i);
i = mpntobin(buf, &decipher, (strlen(argv[1])-2));
printf("\nmpntobin intercept:%d\n%s\n", i, buf);
hex_dump(buf, i);
mpntohex(buf, & decipher);
printf("\nmpntohex:(%d)%s\n", decipher.size << 2, buf);
mpnfree(&decipher);
mpnfree(&cipher);
mpnfree(&m);
rsakpFree(&keypair);
randomGeneratorContextFree(&rngc);
}
return failures;
}
int main( int argc, char **argv ) {
FILE *secblock;
unsigned char packetType;
unsigned short packetLen;
unsigned char buffer[4096];
unsigned char hexrep[8192];
// for CRT computation
mpbarrett psubone, qsubone;
// for testing
mpnumber m, cipher, decipher, holder;
rsakp keypair;
size_t bits = 2048;
size_t pbits = (bits+1) >> 1;
size_t qbits = (bits - pbits);
size_t psize = MP_BITS_TO_WORDS(pbits+MP_WBITS-1);
size_t qsize = MP_BITS_TO_WORDS(qbits+MP_WBITS-1);
size_t pqsize = psize+qsize;
mpw* temp = (mpw*) malloc((16*pqsize+6)*sizeof(mpw));
if( argc < 2 ) {
printf( "usage: %s <secblock>\n", argv[0] );
exit( 1 );
}
mpbzero(&psubone);
mpbzero(&qsubone);
secblock = fopen(argv[1], "rb");
if( secblock == NULL ) {
printf( "Can't open %s\n", argv[1] );
exit(0);
}
packetType = fgetc(secblock);
packetLen = 0;
//big endianness...
big16read(&packetLen, secblock);
printf( "Packet type: 0x%02X\n", packetType );
printf( "Packet length: %04d\n", (int) packetLen );
// skip ahead six bytes, this includes key generation time and other attributes
fread( buffer, 6, 1, secblock);
rsakpInit(&keypair);
big16read(&packetLen, secblock);
printf( "n Packet length: %02d bits, %02d bytes\n", (int) packetLen, (int) bytesFromMpn(packetLen) );
printf( "offset: %x\n", ftell( secblock ) );
fread( buffer, bytesFromMpn(packetLen), 1, secblock );
mpbsetbin(&keypair.n, buffer, bytesFromMpn(packetLen));
mpprintln(packetLen/32, keypair.n.modl);
big16read(&packetLen, secblock);
printf( "e Packet length: %02d bits, %02d bytes\n", (int) packetLen, (int) bytesFromMpn(packetLen) );
printf( "offset: %x\n", ftell( secblock ) );
fread( buffer, bytesFromMpn(packetLen), 1, secblock );
mpnsetbin(&keypair.e, buffer, bytesFromMpn(packetLen));
mpprintln(keypair.e.size, keypair.e.data);
packetType = fgetc(secblock);
if( packetType == 0 ) {
printf( "secret data is plaintext\n" );
} else {
printf( "secret data is encrypted\n" );
}
big16read(&packetLen, secblock);
printf( "d Packet length: %02d bits, %02d bytes\n", (int) packetLen, (int) bytesFromMpn(packetLen) );
printf( "offset: %x\n", ftell( secblock ) );
fread( buffer, bytesFromMpn(packetLen), 1, secblock );
mpnsetbin(&keypair.d, buffer, bytesFromMpn(packetLen));
mpprintln(keypair.d.size, keypair.d.data);
big16read(&packetLen, secblock);
printf( "p Packet length: %02d bits, %02d bytes\n", (int) packetLen, (int) bytesFromMpn(packetLen) );
printf( "offset: %x\n", ftell( secblock ) );
fread( buffer, bytesFromMpn(packetLen), 1, secblock );
mpbsetbin(&keypair.p, buffer, bytesFromMpn(packetLen));
mpprintln(packetLen/32, keypair.p.modl);
big16read(&packetLen, secblock);
printf( "q Packet length: %02d bits, %02d bytes\n", (int) packetLen, (int) bytesFromMpn(packetLen) );
printf( "offset: %x\n", ftell( secblock ) );
fread( buffer, bytesFromMpn(packetLen), 1, secblock );
mpbsetbin(&keypair.q, buffer, bytesFromMpn(packetLen));
mpprintln(packetLen/32, keypair.q.modl);
big16read(&packetLen, secblock);
printf( "mystery packet length: %02d bits, %02d bytes\n", (int) packetLen, (int) bytesFromMpn(packetLen) );
printf( "offset: %x\n", ftell( secblock ) );
fread( buffer, bytesFromMpn(packetLen), 1, secblock );
mpnzero(&holder);
mpnsetbin(&holder, buffer, bytesFromMpn(packetLen));
mpprintln(holder.size, holder.data);
fread( buffer, 4, 1, secblock ); // advance by two bytes
printf( "offset: %x\n", ftell( secblock ) );
fread( buffer, bytesFromMpn(packetLen), 1, secblock );
printf( "%s\n", buffer );
#ifdef USE_CRT
// compute CRT elements
/* compute p-1 */
mpbsubone(&keypair.p, temp);
mpbset(&psubone, psize, temp);
/* compute q-1 */
mpbsubone(&keypair.q, temp);
mpbset(&qsubone, qsize, temp);
/* compute dp = d mod (p-1) */
mpnsize(&keypair.dp, psize);
mpbmod_w(&psubone, keypair.d.data, keypair.dp.data, temp);
/* compute dq = d mod (q-1) */
mpnsize(&keypair.dq, qsize);
mpbmod_w(&qsubone, keypair.d.data, keypair.dq.data, temp);
/* compute qi = inv(q) mod p */
mpninv(&keypair.qi, (mpnumber*) &keypair.q, (mpnumber*) &keypair.p);
#endif
// now test
mpnzero(&m);
mpnzero(&cipher);
mpnzero(&decipher);
mpnsethex(&m, "d436e99569fd32a7c8a05bbc90d32c49");
printf( "Original: " );
mpprintln(m.size, m.data);
rsapub(&keypair.n, &keypair.e, &m, &cipher);
printf( "Encrypted: " );
mpprintln(cipher.size, cipher.data);
#ifdef USE_CRT
rsapricrt(&keypair.n, &keypair.p, &keypair.q, &keypair.dp, &keypair.dq, &keypair.qi, &cipher, &decipher);
#else
rsapri(&keypair.n, &keypair.d, &cipher, &decipher);
#endif
printf( "Recovered: " );
mpprintln(decipher.size, decipher.data);
if (mpnex(m.size, m.data, decipher.size, decipher.data))
printf ( "results don't match\n" );
else
printf ( "before and after encyrption sizes match\n" );
printf( "special test routine for STM32 validation\n" );
mpnzero(&cipher);
mpnzero(&decipher);
mpnsethex(&cipher, "6fa1bf55e15b47f4662f86e8fc7fadf0dc02c603c20c1090096fdbeafbd56897794ee106d0fcd8a58392ee7e14fd4e15b49c4adb02f0eebeb9587e9823e9e11048c1754c5e6ba273a08c35dd68f72bf4758b8c31dee196f683298cdbd259c28976c1459058c37be29b52589f3919dcb41cf57fd0c64796a056702be8c1f7574a005cad8b0aedb8f833d1fcfe5383b6d6695d766cc1a9a3413f7609fa18b0a1214486f8fec17febd3f4cbc177dd6f26568b715249853280c570e2ef8519f51fe78fb1978061a48fcc6730fb24e365120b54e6f4e2c3815997176167456b2a2b8f1a13b66967765fc42d4aeec2b4f8211e54ba9cbbbbfdd8ac7b2f20af8d44cd68" );
printf( "Decrypting: " );
mpprintln(cipher.size, cipher.data);
rsapub(&keypair.n, &keypair.e, &cipher, &decipher);
printf( "Recovered: " );
mpprintln(decipher.size, decipher.data);
free(temp);
return 0;
}
void doInteraction() {
char *cmd;
// i/o
opRec oprec;
unsigned char dataStr[256];
// aes
aesParam aesparam;
byte aesSrc[16];
byte aesDst[16];
// rsa
rsakp keypair;
mpnumber m, cipher, signature;
// sha1
byte digest[20];
char digestHex[41];
sha1Param sha1param;
int i;
oprec.data = dataStr;
oprec.dataLen = MAXDATLEN;
while(1) {
// reset the data string
for( i = 0; i < MAXDATLEN; i++ ) {
oprec.data[i] = '0';
}
oprec.dataLen = MAXDATLEN;
// grab the string and parse it
cmd = getString();
if(parseString(cmd, &oprec) != 1) {
oprec.dataLen = MAXDATLEN;
continue;
}
switch(oprec.cipherType) {
case CH_AES:
for( i = 0; i < 16; i++ ) {
aesSrc[i] = 0;
}
if(aesSetup(&aesparam, AESkeyTable[oprec.keyIndex].key, 128, oprec.opType == CH_ENCRYPT ? ENCRYPT : DECRYPT ))
continue;
fromhex(aesSrc, oprec.data);
if( oprec.opType == CH_ENCRYPT ) {
if( aesEncrypt(&aesparam, (uint32_t *)aesDst, (uint32_t *)aesSrc) )
continue;
} else {
if( aesDecrypt(&aesparam, (uint32_t *)aesDst, (uint32_t *)aesSrc) )
continue;
}
for( i = 0; i < 16; i++ ) {
printf("%02X", aesDst[i] );
}
printf( "\n" );
break;
case CH_SGN:
// init sha1
if( sha1Reset( &sha1param ) )
continue;
if( sha1Update( &sha1param, oprec.data, oprec.dataLen ))
continue;
if( sha1Digest( &sha1param, digest ) )
continue;
// digest now contains the 160-bit message we want to sign
toHex(digest, digestHex, 20);
// digestHex now has the correct large number representation of the message
#if TESTING
fprintf( stderr, "sha1 of message: %s\n", digestHex );
#endif
// init rsa
rsakpInit(&keypair);
mpbsethex(&keypair.n, RSAkeyTable[oprec.keyIndex].rsa_n);
mpnsethex(&keypair.e, RSAkeyTable[oprec.keyIndex].rsa_e);
mpbsethex(&keypair.p, RSAkeyTable[oprec.keyIndex].rsa_p);
mpbsethex(&keypair.q, RSAkeyTable[oprec.keyIndex].rsa_q);
mpnsethex(&keypair.dp, RSAkeyTable[oprec.keyIndex].rsa_dp);
mpnsethex(&keypair.dq, RSAkeyTable[oprec.keyIndex].rsa_dq);
mpnsethex(&keypair.qi, RSAkeyTable[oprec.keyIndex].rsa_qi);
mpnzero(&m);
mpnzero(&cipher);
mpnzero(&signature);
mpnsethex(&m, digestHex);
// we are now all set to do the signing
// need to:
// write signing alg here
// make test case
// this link is very helpful in writing this code:
// http://tools.ietf.org/html/rfc3447#page-12
rsapricrt(&keypair.n, &keypair.p, &keypair.q, &keypair.dp, &keypair.dq, &keypair.qi, &m, &signature);
for( i = 0; i < signature.size; i++ ) {
printf("%08X", signature.data[i] );
}
printf( "\n" );
#if TESTING
mpnfree(&m);
mpnzero(&m);
rsapub(&keypair.n, &keypair.e, &signature, &m);
for( i = 0; i < m.size; i++ ) {
printf("%08X", m.data[i] );
}
printf( "\n" );
#endif
rsakpFree(&keypair);
break;
case CH_VRF:
rsakpInit(&keypair);
mpbsethex(&keypair.n, RSAkeyTable[oprec.keyIndex].rsa_n);
mpnsethex(&keypair.e, RSAkeyTable[oprec.keyIndex].rsa_e);
mpbsethex(&keypair.p, RSAkeyTable[oprec.keyIndex].rsa_p);
mpbsethex(&keypair.q, RSAkeyTable[oprec.keyIndex].rsa_q);
mpnsethex(&keypair.dp, RSAkeyTable[oprec.keyIndex].rsa_dp);
mpnsethex(&keypair.dq, RSAkeyTable[oprec.keyIndex].rsa_dq);
mpnsethex(&keypair.qi, RSAkeyTable[oprec.keyIndex].rsa_qi);
mpnzero(&m);
mpnzero(&cipher);
mpnzero(&signature);
mpnsethex(&m, oprec.data);
rsapub(&keypair.n, &keypair.e, &m, &cipher);
for( i = 0; i < cipher.size; i++ )
printf("%08X", cipher.data[i]);
printf( "\n" );
break;
case CH_SHA:
// init sha1
if( sha1Reset( &sha1param ) )
continue;
if( sha1Update( &sha1param, oprec.data, oprec.dataLen ))
continue;
if( sha1Digest( &sha1param, digest ) )
continue;
// digest now contains the 160-bit message we want to sign
toHex(digest, digestHex, 20);
printf( "%s\n", digestHex );
break;
default:
fprintf( stderr, "unknown cipher type caught.\n" );
} // switch
// prevent the leak!
#if (TESTING == 0)
if( cmd != NULL )
free(cmd);
#endif
} // while
}
int main()
{
int failures = 0;
rsakp keypair;
mpnumber m, cipher, decipher;
randomGeneratorContext rngc;
if (randomGeneratorContextInit(&rngc, randomGeneratorDefault()) == 0)
{
/* First we do the fixed value verification */
rsakpInit(&keypair);
mpbsethex(&keypair.n, rsa_n);
mpnsethex(&keypair.e, rsa_e);
mpbsethex(&keypair.p, rsa_p);
mpbsethex(&keypair.q, rsa_q);
mpnsethex(&keypair.dp, rsa_d1);
mpnsethex(&keypair.dq, rsa_d2);
mpnsethex(&keypair.qi, rsa_c);
mpnzero(&m);
mpnzero(&cipher);
mpnzero(&decipher);
mpnsethex(&m, rsa_m);
/* it's safe to cast the keypair to a public key */
if (rsapub(&keypair.n, &keypair.e, &m, &cipher))
failures++;
if (rsapricrt(&keypair.n, &keypair.p, &keypair.q, &keypair.dp, &keypair.dq, &keypair.qi, &cipher, &decipher))
failures++;
if (mpnex(m.size, m.data, decipher.size, decipher.data))
failures++;
mpnfree(&decipher);
mpnfree(&cipher);
mpnfree(&m);
rsakpFree(&keypair);
mpnzero(&m);
mpnzero(&cipher);
mpnzero(&decipher);
/* Now we generate a keypair and do some tests on it */
rsakpMake(&keypair, &rngc, 512);
/* generate a random m in the range 0 < m < n */
mpbnrnd(&keypair.n, &rngc, &m);
/* it's safe to cast the keypair to a public key */
if (rsapub(&keypair.n, &keypair.e, &m, &cipher))
failures++;
if (rsapricrt(&keypair.n, &keypair.p, &keypair.q, &keypair.dp, &keypair.dq, &keypair.qi, &cipher, &decipher))
failures++;
if (mpnex(m.size, m.data, decipher.size, decipher.data))
failures++;
rsakpFree(&keypair);
}
return failures;
}
