char *
backend_x509_get_serial (openvpn_x509_cert_t *cert, struct gc_arena *gc)
{
char *buf = NULL;
size_t buflen = 0;
mpi serial_mpi = { 0 };
/* Transform asn1 integer serial into PolarSSL MPI */
mpi_init(&serial_mpi);
if (!polar_ok(mpi_read_binary(&serial_mpi, cert->serial.p, cert->serial.len)))
{
msg(M_WARN, "Failed to retrieve serial from certificate.");
return NULL;
}
/* Determine decimal representation length, allocate buffer */
mpi_write_string(&serial_mpi, 10, buf, &buflen);
buf = gc_malloc(buflen, true, gc);
/* Write MPI serial as decimal string into buffer */
if (!polar_ok(mpi_write_string(&serial_mpi, 10, buf, &buflen)))
{
msg(M_WARN, "Failed to write serial to string.");
return NULL;
}
return buf;
}
result_t X509Cert::get_serial(std::string &retVal)
{
x509_crt *crt = get_crt();
if (!crt)
return CHECK_ERROR(CALL_E_INVALID_CALL);
int ret;
mpi serial;
mpi_init(&serial);
ret = mpi_read_binary(&serial, crt->serial.p, crt->serial.len);
if (ret != 0)
return CHECK_ERROR(_ssl::setError(ret));
retVal.resize(8192);
size_t sz = retVal.length();
ret = mpi_write_string(&serial, 10, &retVal[0], &sz);
mpi_free(&serial);
if (ret != 0)
return CHECK_ERROR(_ssl::setError(ret));
retVal.resize(sz - 1);
return 0;
}
void mpi_print(char* format, mpi *X) {
char buffer[1024];
int length = 1024;
int res;
memset(buffer, 0, 1024);
printf(format, "");
res = mpi_write_string(X, 16, buffer, &length);
if(res==0)
printf(format, buffer);
printf(".");
}
static int Btohex(lua_State *L)
{
mpi *a=Bget(L,1);
int n = mpi_msb(a);
size_t numChars = 3 + n/4;
char *s = (char *) malloc(numChars); /*for radix 16, we are safe with one char for every 4 bits with one extra for the terminating 0*/
mpi_write_string(a, 16, s, &numChars);
lua_pushstring(L,s);
free(s);
return 1;
}
char *
backend_x509_get_serial (openvpn_x509_cert_t *cert, struct gc_arena *gc)
{
char *buf = NULL;
size_t buflen = 0;
mpi serial_mpi = { 0 };
int retval = 0;
/* Transform asn1 integer serial into PolarSSL MPI */
mpi_init(&serial_mpi);
retval = mpi_read_binary(&serial_mpi, cert->serial.p, cert->serial.len);
if (retval < 0)
{
char errbuf[128];
polarssl_strerror(retval, errbuf, sizeof(errbuf));
msg(M_WARN, "Failed to retrieve serial from certificate: %s.", errbuf);
return NULL;
}
/* Determine decimal representation length, allocate buffer */
mpi_write_string(&serial_mpi, 10, buf, &buflen);
buf = gc_malloc(buflen, true, gc);
/* Write MPI serial as decimal string into buffer */
retval = mpi_write_string(&serial_mpi, 10, buf, &buflen);
if (retval < 0)
{
char errbuf[128];
polarssl_strerror(retval, errbuf, sizeof(errbuf));
msg(M_WARN, "Failed to write serial to string: %s.", errbuf);
return NULL;
}
return buf;
}
int mpi_push_field(lua_State*L, const char *fieldname, mpi *X, int radix) {
int res = 0;
int slen = KEY_SIZE*2;
char *buffer = (char*)malloc(slen);
memset(buffer, 0, slen);
res = mpi_write_string(X, radix, buffer, &slen);
if(!res) {
lua_pushstring(L, fieldname);
lua_pushlstring(L, buffer, slen);
lua_settable(L, -3);
}
free(buffer);
return res;
}
int main()
{
int ret = 0;
size_t len = STR_LEN;
char E[STR_LEN], D[STR_LEN], N[STR_LEN];
uchar source[MSG_LEN];
uchar encrypted[MSG_LEN], decrypted[MSG_LEN]; // Buffers
public_key pub;
private_key priv;
MPI_CHK(rsa_generate_keys(65537, pub, priv, 1024));
MPI_CHK(mpi_write_string(&pub.e, 10, E, &len));
len = STR_LEN;
MPI_CHK(mpi_write_string(&pub.n, 10, N, &len));
len = STR_LEN;
MPI_CHK(mpi_write_string(&priv.d, 10, D, &len));
printf("e = %s\nd = %s\nn = %s\n", E, D, N);
printf("Enter message to encrypt:\n");
scanf("%[^\n]", source);
len = strnlen((const char *)source, MSG_LEN) + 1; // Length of string + zero-char
try
{
MPI_CHK(rsa_encrypt_block(source, len, encrypted, MSG_LEN, pub));
print_buffer("Encrypted", encrypted, MSG_LEN);
MPI_CHK(rsa_decrypt_block(encrypted, MSG_LEN, decrypted, MSG_LEN, priv));
print_buffer("Decrypted", decrypted, MSG_LEN);
MPI_CHK(rsa_sign_block(source, len, encrypted, MSG_LEN, priv));
print_buffer("Signature", encrypted, MSG_LEN);
MPI_CHK(rsa_check_block(encrypted, MSG_LEN, decrypted, MSG_LEN, pub));
print_buffer("Preimage", decrypted, MSG_LEN);
source[0] = InvertBit(source[0], 2);
printf("Corrupted:\n%s\n\n", source);
MPI_CHK(rsa_sign_block(source, len, encrypted, MSG_LEN, priv));
print_buffer("Signature of corrupted", encrypted, MSG_LEN);
}
catch (char *e)
{
printf("Error: %s\n", e);
}
cleanup:
mpi_free(&pub.e);
mpi_free(&priv.d);
mpi_free(&priv.n);
return ret;
}
