/*
* Generate digital signature, ECDSA style.
*/
feeReturn feePubKeyCreateECDSASignature(feePubKey pubKey,
const unsigned char *data,
unsigned dataLen,
unsigned char **signature, /* fmalloc'd and RETURNED */
unsigned *signatureLen) /* RETURNED */
{
pubKeyInst *pkinst = (pubKeyInst *) pubKey;
sha1Obj sha1;
feeReturn frtn;
if(pkinst->privGiant == NULL) {
dbgLog(("feePubKeyCreateECDSASignature: Attempt to Sign "
"without private data\n"));
return FR_BadPubKey;
}
sha1 = sha1Alloc();
sha1AddData(sha1, data, dataLen);
frtn = feeECDSASign(pubKey,
sha1Digest(sha1),
sha1DigestLen(),
NULL, // randFcn
NULL,
signature,
signatureLen);
sha1Free(sha1);
return frtn;
}
/**
* @brief Return the string used for authenticating again OpenNebula
* @return
*/
void
OneRPCManager::setSecretOneAuthChain(void)
{
std::string oneUser = "";
std::string clearOneUserPass = "";
std::string clearOneAuthChain = "";
int rc = getOneAuthChain(clearOneAuthChain);
if ( rc == 0 ) {
rc = splitOneAuthChain(clearOneAuthChain, oneUser, clearOneUserPass);
if( rc == 0 ) {
std::string sha1Pass = sha1Digest( clearOneUserPass );
this->msecretOneAuthChain = oneUser + ":" + sha1Pass;
} else {
std::clog << "Wrong format for auth token, must be <username>:<passwd>";
}
}
}
/*
* Verify digital signature, ECDSA style.
*/
feeReturn feePubKeyVerifyECDSASignature(feePubKey pubKey,
const unsigned char *data,
unsigned dataLen,
const unsigned char *signature,
unsigned signatureLen)
{
sha1Obj sha1;
feeReturn frtn;
sha1 = sha1Alloc();
sha1AddData(sha1, data, dataLen);
frtn = feeECDSAVerify(signature,
signatureLen,
sha1Digest(sha1),
sha1DigestLen(),
pubKey);
sha1Free(sha1);
return frtn;
}
int main() {
FILE *rng;
unsigned long rnum;
int i, j;
randomGeneratorContext rngc;
byte keyTest[32];
char keyHex[80];
rsakp keypair;
unsigned char mac[6];
byte digest[20];
char digestHex[41];
sha1Param sha1param;
randomGeneratorContextInit(&rngc, randomGeneratorDefault());
rsakpInit(&keypair);
fscanf( stdin, "%02X:%02X:%02X:%02X:%02X:%02X", &(mac[0]),&(mac[1]),&(mac[2]),&(mac[3]),&(mac[4]),&(mac[5]) );
sha1Reset( &sha1param );
sha1Update( &sha1param, mac, 6 ); // put the MAC into the SHA-1
rngc.rng->next(rngc.param, (byte*) keyTest, 16);
sha1Update( &sha1param, keyTest, 16 ); // then add some random numbers for good measure
sha1Digest( &sha1param, digest );
toHex(digest, digestHex, 16); // and there you have our putative ID
// just in case we are a bit too deterministic, we push around
// the RNG some amount that is linked to the MAC...not really a permanent
// solution, but it should help avoid collisions.
for( i = 0; i < digest[0]; i++ ) {
rngc.rng->next(rngc.param, (byte*) keyTest, 16);
}
for( i = 0; i < digest[12]; i++ ) {
rngc.rng->next(rngc.param, (byte*) keyTest, 16);
}
for( i = 0; i < digest[7]; i++ ) {
rngc.rng->next(rngc.param, (byte*) keyTest, 16);
}
for( i = 0; i < digest[17]; i++ ) {
rngc.rng->next(rngc.param, (byte*) keyTest, 16);
}
fprintf(stdout, "# Indeed, these are crypto keys. The overall system is designed to tolerate people finding these keys. Please note that modifying or copying these keys may cause us to be unable to recover your account information.\n" );
for( i = 0; i < MAX_KEY_INDEX; i++ ) {
rngc.rng->next(rngc.param, (byte*) keyTest, 16);
toHex(keyTest, keyHex, 16);
fprintf(stdout, "AES:%d:", i );
fprintf(stdout, "%s\n", keyHex );
fflush(stdout);
}
fprintf( stderr, "Generating 2048-bit RSA key pair..." );
rsakpMake(&keypair, &rngc, 2048);
fprintf( stderr, "Done.\n" );
fflush( stderr );
for( j = 0; j < MAX_KEY_INDEX; j++ ) {
// create the putative index
//rngc.rng->next(rngc.param, (byte*) keyTest, 16);
//toHex(keyTest, keyHex, 16);
fprintf(stdout, "PKI_I:%d:", j );
// fprintf(stdout, "%s", keyHex );
fprintf(stdout, "%s", digestHex );
// save the public key
fprintf(stdout, "\nPKI_N:%d:", j );
for( i = 0; i < keypair.n.size; i++ )
fprintf(stdout, "%08X", keypair.n.modl[i] );
fprintf(stdout, "\nPKI_E:%d:", j );
for( i = 0; i < keypair.e.size; i++ )
fprintf(stdout, "%08X", keypair.e.data[i]);
// now save the private key components used in the CRT
fprintf(stdout, "\nPKI_P:%d:", j );
for( i = 0; i < keypair.p.size; i++ )
fprintf(stdout, "%08X", keypair.p.modl[i] );
fprintf(stdout, "\nPKI_Q:%d:", j );
for( i = 0; i < keypair.q.size; i++ )
fprintf(stdout, "%08X", keypair.q.modl[i] );
fprintf(stdout, "\nPKI_DP:%d:", j );
for( i = 0; i < keypair.dp.size; i++ )
fprintf(stdout, "%08X", keypair.dp.data[i]);
fprintf(stdout, "\nPKI_DQ:%d:", j );
for( i = 0; i < keypair.dq.size; i++ )
fprintf(stdout, "%08X", keypair.dq.data[i]);
fprintf(stdout, "\nPKI_QI:%d:", j );
for( i = 0; i < keypair.qi.size; i++ )
fprintf(stdout, "%08X", keypair.qi.data[i]);
fprintf(stdout, "\n" );
}
return 0;
}
void doInteraction() {
char *cmd;
// i/o
opRec oprec;
unsigned char dataStr[256];
// aes
aesParam aesparam;
byte aesSrc[16];
byte aesDst[16];
// rsa
rsakp keypair;
mpnumber m, cipher, signature;
// sha1
byte digest[20];
char digestHex[41];
sha1Param sha1param;
int i;
oprec.data = dataStr;
oprec.dataLen = MAXDATLEN;
while(1) {
// reset the data string
for( i = 0; i < MAXDATLEN; i++ ) {
oprec.data[i] = '0';
}
oprec.dataLen = MAXDATLEN;
// grab the string and parse it
cmd = getString();
if(parseString(cmd, &oprec) != 1) {
oprec.dataLen = MAXDATLEN;
continue;
}
switch(oprec.cipherType) {
case CH_AES:
for( i = 0; i < 16; i++ ) {
aesSrc[i] = 0;
}
if(aesSetup(&aesparam, AESkeyTable[oprec.keyIndex].key, 128, oprec.opType == CH_ENCRYPT ? ENCRYPT : DECRYPT ))
continue;
fromhex(aesSrc, oprec.data);
if( oprec.opType == CH_ENCRYPT ) {
if( aesEncrypt(&aesparam, (uint32_t *)aesDst, (uint32_t *)aesSrc) )
continue;
} else {
if( aesDecrypt(&aesparam, (uint32_t *)aesDst, (uint32_t *)aesSrc) )
continue;
}
for( i = 0; i < 16; i++ ) {
printf("%02X", aesDst[i] );
}
printf( "\n" );
break;
case CH_SGN:
// init sha1
if( sha1Reset( &sha1param ) )
continue;
if( sha1Update( &sha1param, oprec.data, oprec.dataLen ))
continue;
if( sha1Digest( &sha1param, digest ) )
continue;
// digest now contains the 160-bit message we want to sign
toHex(digest, digestHex, 20);
// digestHex now has the correct large number representation of the message
#if TESTING
fprintf( stderr, "sha1 of message: %s\n", digestHex );
#endif
// init rsa
rsakpInit(&keypair);
mpbsethex(&keypair.n, RSAkeyTable[oprec.keyIndex].rsa_n);
mpnsethex(&keypair.e, RSAkeyTable[oprec.keyIndex].rsa_e);
mpbsethex(&keypair.p, RSAkeyTable[oprec.keyIndex].rsa_p);
mpbsethex(&keypair.q, RSAkeyTable[oprec.keyIndex].rsa_q);
mpnsethex(&keypair.dp, RSAkeyTable[oprec.keyIndex].rsa_dp);
mpnsethex(&keypair.dq, RSAkeyTable[oprec.keyIndex].rsa_dq);
mpnsethex(&keypair.qi, RSAkeyTable[oprec.keyIndex].rsa_qi);
mpnzero(&m);
mpnzero(&cipher);
mpnzero(&signature);
mpnsethex(&m, digestHex);
// we are now all set to do the signing
// need to:
// write signing alg here
// make test case
// this link is very helpful in writing this code:
// http://tools.ietf.org/html/rfc3447#page-12
rsapricrt(&keypair.n, &keypair.p, &keypair.q, &keypair.dp, &keypair.dq, &keypair.qi, &m, &signature);
for( i = 0; i < signature.size; i++ ) {
printf("%08X", signature.data[i] );
}
printf( "\n" );
#if TESTING
mpnfree(&m);
mpnzero(&m);
rsapub(&keypair.n, &keypair.e, &signature, &m);
for( i = 0; i < m.size; i++ ) {
printf("%08X", m.data[i] );
}
printf( "\n" );
#endif
rsakpFree(&keypair);
break;
case CH_VRF:
rsakpInit(&keypair);
mpbsethex(&keypair.n, RSAkeyTable[oprec.keyIndex].rsa_n);
mpnsethex(&keypair.e, RSAkeyTable[oprec.keyIndex].rsa_e);
mpbsethex(&keypair.p, RSAkeyTable[oprec.keyIndex].rsa_p);
mpbsethex(&keypair.q, RSAkeyTable[oprec.keyIndex].rsa_q);
mpnsethex(&keypair.dp, RSAkeyTable[oprec.keyIndex].rsa_dp);
mpnsethex(&keypair.dq, RSAkeyTable[oprec.keyIndex].rsa_dq);
mpnsethex(&keypair.qi, RSAkeyTable[oprec.keyIndex].rsa_qi);
mpnzero(&m);
mpnzero(&cipher);
mpnzero(&signature);
mpnsethex(&m, oprec.data);
rsapub(&keypair.n, &keypair.e, &m, &cipher);
for( i = 0; i < cipher.size; i++ )
printf("%08X", cipher.data[i]);
printf( "\n" );
break;
case CH_SHA:
// init sha1
if( sha1Reset( &sha1param ) )
continue;
if( sha1Update( &sha1param, oprec.data, oprec.dataLen ))
continue;
if( sha1Digest( &sha1param, digest ) )
continue;
// digest now contains the 160-bit message we want to sign
toHex(digest, digestHex, 20);
printf( "%s\n", digestHex );
break;
default:
fprintf( stderr, "unknown cipher type caught.\n" );
} // switch
// prevent the leak!
#if (TESTING == 0)
if( cmd != NULL )
free(cmd);
#endif
} // while
}
/* As above, with copy. */
void sha1GetDigest(sha1Obj sha1,
unsigned char *digest)
{
unsigned char *dig = sha1Digest(sha1);
memmove(digest, dig, SHS_DIGESTSIZE);
}
