/* * Check a private RSA key */ int rsa_check_privkey( rsa_context *ctx ) { int ret; mpi PQ, DE, P1, Q1, H, I, G; if( ( ret = rsa_check_pubkey( ctx ) ) != 0 ) return( ret ); if( !ctx->P.p || !ctx->Q.p || !ctx->D.p ) return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ); mpi_init( &PQ, &DE, &P1, &Q1, &H, &I, &G, NULL ); MPI_CHK( mpi_mul_mpi( &PQ, &ctx->P, &ctx->Q ) ); MPI_CHK( mpi_mul_mpi( &DE, &ctx->D, &ctx->E ) ); MPI_CHK( mpi_sub_int( &P1, &ctx->P, 1 ) ); MPI_CHK( mpi_sub_int( &Q1, &ctx->Q, 1 ) ); MPI_CHK( mpi_mul_mpi( &H, &P1, &Q1 ) ); MPI_CHK( mpi_mod_mpi( &I, &DE, &H ) ); MPI_CHK( mpi_gcd( &G, &ctx->E, &H ) ); if( mpi_cmp_mpi( &PQ, &ctx->N ) == 0 && mpi_cmp_int( &I, 1 ) == 0 && mpi_cmp_int( &G, 1 ) == 0 ) { mpi_free( &G, &I, &H, &Q1, &P1, &DE, &PQ, NULL ); return( 0 ); } cleanup: mpi_free( &G, &I, &H, &Q1, &P1, &DE, &PQ, NULL ); return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED | ret ); }
int to_public_key(lua_State* L, rsa_context* Prsa) { int ret = 0; int index; if ( !Prsa) return -1; memset( Prsa, 0, sizeof( rsa_context ) ); index = lua_gettop(L); ret = mpi_get_field(L, index, "N", &Prsa->N, 16); ret = mpi_get_field(L, index, "E", &Prsa->E, 16); mpi_init(&Prsa->D, NULL); mpi_init(&Prsa->P, NULL); mpi_init(&Prsa->Q, NULL); mpi_init(&Prsa->DP, NULL); mpi_init(&Prsa->DQ, NULL); mpi_init(&Prsa->QP, NULL); mpi_init(&Prsa->RN, NULL); mpi_init(&Prsa->RP, NULL); mpi_init(&Prsa->RQ, NULL); if((ret = rsa_check_pubkey(Prsa))!=0) printf("Erro na chave publica (%d)", ret); return ret; }
int rsa_get_public_key_fingerprint(rsa_context *rsa, uint64_t *fingerprint, char fingerprint_ascii[FLETCHER_SIZE_STR]) { int ret; if ((ret = rsa_check_pubkey(rsa)) != 0) { char err[128]; error_strerror(ret, err, sizeof err); dolog(D_ENC, "ERROR verifying public key: %s\n", err); return -ERR_NO_PUBKEY; } uint8_t pk[2048]; // public key is not bigger than this int pk_len = asn1_encode_public_key_der(pk, sizeof pk, rsa); if (pk_len <= 0) { return -ERR_UNKNOWN(901); } uint64_t fp; if (fingerprint == NULL ) { fingerprint = &fp; } *fingerprint = fletcher64(pk, pk_len); if (fingerprint_ascii) fletcher64_to_str(fingerprint_ascii, fingerprint); return 0; }
/* * RSAPublicKey ::= SEQUENCE { * modulus INTEGER, -- n * publicExponent INTEGER -- e * } */ static int pk_get_rsapubkey( unsigned char **p, const unsigned char *end, rsa_context *rsa ) { int ret; size_t len; if( ( ret = asn1_get_tag( p, end, &len, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) return( POLARSSL_ERR_PK_INVALID_PUBKEY + ret ); if( *p + len != end ) return( POLARSSL_ERR_PK_INVALID_PUBKEY + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); if( ( ret = asn1_get_mpi( p, end, &rsa->N ) ) != 0 || ( ret = asn1_get_mpi( p, end, &rsa->E ) ) != 0 ) return( POLARSSL_ERR_PK_INVALID_PUBKEY + ret ); if( *p != end ) return( POLARSSL_ERR_PK_INVALID_PUBKEY + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); if( ( ret = rsa_check_pubkey( rsa ) ) != 0 ) return( POLARSSL_ERR_PK_INVALID_PUBKEY ); rsa->len = mpi_size( &rsa->N ); return( 0 ); }
/* * Check a private RSA key */ int rsa_check_privkey( const rsa_context *ctx ) { int ret; mpi PQ, DE, P1, Q1, H, I, G, G2, L1, L2, DP, DQ, QP; if( ( ret = rsa_check_pubkey( ctx ) ) != 0 ) return( ret ); if( !ctx->P.p || !ctx->Q.p || !ctx->D.p ) return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ); mpi_init( &PQ ); mpi_init( &DE ); mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &I ); mpi_init( &G ); mpi_init( &G2 ); mpi_init( &L1 ); mpi_init( &L2 ); mpi_init( &DP ); mpi_init( &DQ ); mpi_init( &QP ); MPI_CHK( mpi_mul_mpi( &PQ, &ctx->P, &ctx->Q ) ); MPI_CHK( mpi_mul_mpi( &DE, &ctx->D, &ctx->E ) ); MPI_CHK( mpi_sub_int( &P1, &ctx->P, 1 ) ); MPI_CHK( mpi_sub_int( &Q1, &ctx->Q, 1 ) ); MPI_CHK( mpi_mul_mpi( &H, &P1, &Q1 ) ); MPI_CHK( mpi_gcd( &G, &ctx->E, &H ) ); MPI_CHK( mpi_gcd( &G2, &P1, &Q1 ) ); MPI_CHK( mpi_div_mpi( &L1, &L2, &H, &G2 ) ); MPI_CHK( mpi_mod_mpi( &I, &DE, &L1 ) ); MPI_CHK( mpi_mod_mpi( &DP, &ctx->D, &P1 ) ); MPI_CHK( mpi_mod_mpi( &DQ, &ctx->D, &Q1 ) ); MPI_CHK( mpi_inv_mod( &QP, &ctx->Q, &ctx->P ) ); /* * Check for a valid PKCS1v2 private key */ if( mpi_cmp_mpi( &PQ, &ctx->N ) != 0 || mpi_cmp_mpi( &DP, &ctx->DP ) != 0 || mpi_cmp_mpi( &DQ, &ctx->DQ ) != 0 || mpi_cmp_mpi( &QP, &ctx->QP ) != 0 || mpi_cmp_int( &L2, 0 ) != 0 || mpi_cmp_int( &I, 1 ) != 0 || mpi_cmp_int( &G, 1 ) != 0 ) { ret = POLARSSL_ERR_RSA_KEY_CHECK_FAILED; } cleanup: mpi_free( &PQ ); mpi_free( &DE ); mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &I ); mpi_free( &G ); mpi_free( &G2 ); mpi_free( &L1 ); mpi_free( &L2 ); mpi_free( &DP ); mpi_free( &DQ ); mpi_free( &QP ); if( ret == POLARSSL_ERR_RSA_KEY_CHECK_FAILED ) return( ret ); if( ret != 0 ) return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED + ret ); return( 0 ); }
/* * Check if contexts holding a public and private key match */ int rsa_check_pub_priv( const rsa_context *pub, const rsa_context *prv ) { if( rsa_check_pubkey( pub ) != 0 || rsa_check_privkey( prv ) != 0 ) { return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ); } if( mpi_cmp_mpi( &pub->N, &prv->N ) != 0 || mpi_cmp_mpi( &pub->E, &prv->E ) != 0 ) { return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ); } return( 0 ); }
/* * Check a private RSA key */ int rsa_check_privkey( const rsa_context *ctx ) { int ret; mpi PQ, DE, P1, Q1, H, I, G, G2, L1, L2; if( ( ret = rsa_check_pubkey( ctx ) ) != 0 ) return( ret ); if( !ctx->P.p || !ctx->Q.p || !ctx->D.p ) return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ); mpi_init( &PQ, &DE, &P1, &Q1, &H, &I, &G, &G2, &L1, &L2, NULL ); MPI_CHK( mpi_mul_mpi( &PQ, &ctx->P, &ctx->Q ) ); MPI_CHK( mpi_mul_mpi( &DE, &ctx->D, &ctx->E ) ); MPI_CHK( mpi_sub_int( &P1, &ctx->P, 1 ) ); MPI_CHK( mpi_sub_int( &Q1, &ctx->Q, 1 ) ); MPI_CHK( mpi_mul_mpi( &H, &P1, &Q1 ) ); MPI_CHK( mpi_gcd( &G, &ctx->E, &H ) ); MPI_CHK( mpi_gcd( &G2, &P1, &Q1 ) ); MPI_CHK( mpi_div_mpi( &L1, &L2, &H, &G2 ) ); MPI_CHK( mpi_mod_mpi( &I, &DE, &L1 ) ); /* * Check for a valid PKCS1v2 private key */ if( mpi_cmp_mpi( &PQ, &ctx->N ) == 0 && mpi_cmp_int( &L2, 0 ) == 0 && mpi_cmp_int( &I, 1 ) == 0 && mpi_cmp_int( &G, 1 ) == 0 ) { mpi_free( &G, &I, &H, &Q1, &P1, &DE, &PQ, &G2, &L1, &L2, NULL ); return( 0 ); } cleanup: mpi_free( &G, &I, &H, &Q1, &P1, &DE, &PQ, &G2, &L1, &L2, NULL ); return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED | ret ); }
void crypto_rsa_encrypt(int len, uint8 * in, uint8 * out, uint32 modulus_size, uint8 * modulus, uint8 * exponent) { rsa_context ctx; rsa_init(&ctx, 0, 0); ctx.len = modulus_size; mpi_init(&ctx.N, &ctx.E, NULL); mpi_read_binary(&ctx.N, modulus, modulus_size); mpi_read_binary(&ctx.E, exponent, SEC_EXPONENT_SIZE); ASSERT(!rsa_check_pubkey( &ctx )); ASSERT(modulus_size <= SEC_MAX_MODULUS_SIZE); uint8 in2[SEC_MAX_MODULUS_SIZE]; memset(in2, 0, modulus_size - len); memcpy(in2 + modulus_size - len, in, len); int err = rsa_public(&ctx, in2, out); ASSERT(!err); mpi_free(&ctx.N, &ctx.E, NULL); rsa_free(&ctx); }
kal_bool che_sw_rsa(STCHE* che_context, CHE_ACTION act, kal_uint8* data_src, kal_uint8* data_dst, kal_int32 length, kal_bool last_block){ rsa_context rsa; memset( &rsa, 0, sizeof( rsa ) ); rsa.len = length; mpi_read( &rsa.N , che_context->modulusN, 16, che_context->modulusNLen ); mpi_read( &rsa.E , che_context->pubExp, 16, che_context->pubExpLen ); mpi_read( &rsa.D , che_context->privExpD, 16, che_context->privExpDLen ); mpi_read( &rsa.P , che_context->primeP, 16, che_context->primePLen ); mpi_read( &rsa.Q , che_context->primeQ, 16,che_context->primeQLen ); mpi_read( &rsa.DP, che_context->dModPm1, 16,che_context->dModPm1Len ); mpi_read( &rsa.DQ, che_context->dModQm1, 16,che_context->dModQm1Len ); mpi_read( &rsa.QP, che_context->qInvModP, 16,che_context->qInvModPLen ); if( rsa_check_pubkey( &rsa ) != 0 || rsa_check_privkey( &rsa ) != 0 ){ ASSERT(0); } switch (act){ case RSA_PUBLIC_ENC: if( rsa_public_encrypt( &rsa, data_src, length, data_dst, length ) != 0 ){ ASSERT(0); } break; case RSA_PUBLIC_DEC: if( rsa_public_decrypt( &rsa, data_src, length, data_dst, length ) != 0 ){ ASSERT(0); } break; case RSA_PRIVATE_ENC: if( rsa_private_encrypt( &rsa, data_src, length, data_dst, length ) != 0 ){ ASSERT(0); } break; case RSA_PRIVATE_DEC: if( rsa_private_decrypt( &rsa, data_src, length, data_dst, length ) != 0 ){ ASSERT(0); } break; default: return KAL_FALSE; } return KAL_TRUE; }
int upload_public_key(VCRYPT_CTX *ctx) { // checking the public key first int ret; if ((ret = rsa_check_pubkey(&ctx->ssl_req.rsa)) != 0) { return -ERR_RSA_NO_KEYS; } VCRYPT_PACKET *packet = packet_new(DEST_SERVER, NULL, REQ_PUBKEY_UPLOAD, 1024); if (packet == NULL ) goto err; int pk_len = asn1_encode_public_key_der((uint8_t*) packet->payload + 8, packet->payload_len - 8, &ctx->ssl_req.rsa); if (pk_len <= 0) goto err; uint64_t fp = fletcher64(packet->payload + 8, pk_len); // consistency check assert(ctx->public_key_fp_local == fp); memcpy(packet->payload, &fp, 8); packet->payload_len = pk_len + 8; return vqueue_add_packet(&ctx->packet_queue, packet, VCRYPT_TIMEOUT_SERVER, 1); err: // if (packet) packet_free(packet); return -ERR_UNKNOWN(908); }
int ctr_rsa_init(ctr_rsa_context* ctx, rsakey2048* key) { rsa_init(&ctx->rsa, RSA_PKCS_V15, 0); ctx->rsa.len = 0x100; if (key->keytype == RSAKEY_INVALID) goto clean; if (mpi_read_binary(&ctx->rsa.N, key->n, sizeof(key->n))) goto clean; if (mpi_read_binary(&ctx->rsa.E, key->e, sizeof(key->e))) goto clean; if (rsa_check_pubkey(&ctx->rsa)) goto clean; if (key->keytype == RSAKEY_PRIV) { if (mpi_read_binary(&ctx->rsa.D, key->d, sizeof(key->d))) goto clean; if (mpi_read_binary(&ctx->rsa.P, key->p, sizeof(key->p))) goto clean; if (mpi_read_binary(&ctx->rsa.Q, key->q, sizeof(key->q))) goto clean; if (mpi_read_binary(&ctx->rsa.DP, key->dp, sizeof(key->dp))) goto clean; if (mpi_read_binary(&ctx->rsa.DQ, key->dq, sizeof(key->dq))) goto clean; if (mpi_read_binary(&ctx->rsa.QP, key->qp, sizeof(key->qp))) goto clean; if (rsa_check_privkey(&ctx->rsa)) goto clean; } return 1; clean: return 0; }
int main(int argc, char** argv) { int ret; FILE* fp; // Assumes no private key password ret = x509parse_keyfile(&privrsa, (char*)PRIVATEKEYFILE, NULL); if (ret != 0) { printf(" ! x509parse_keyfile returned %d\n\n", ret); return -1; } if (rsa_check_pubkey(&privrsa) != 0 || rsa_check_privkey(&privrsa) != 0) { printf("public/private key validation failed.\n"); return -2; } printf("Private/Public key loaded. Encrypting message.\n"); if (rsa_pkcs1_encrypt(&privrsa, RSA_PUBLIC, strlen(MESSAGE), (unsigned char*)MESSAGE, rsa_ciphertext) != 0) { printf("Encryption of message failed\n"); return -3; } printf("Encryption complete. Output in message.crypt\n"); fp = fopen("message.crypt", "wb"); if (!fp) { printf("Error opening message.crypt\n"); return -4; } fwrite(rsa_ciphertext, 128, 1, fp); fclose(fp); memset(&rsa_ciphertext, 0, sizeof(rsa_ciphertext)); // Now sign the message. sha1((unsigned char*)MESSAGE, strlen(MESSAGE), hash); // for (int i = 0; i < 20; i++) // printf("%02X%s", hash[i], (i + 1) % 16 == 0 ? "\r\n" : " "); // if (rsa_pkcs1_sign(&privrsa, RSA_PRIVATE, RSA_SHA1, 20, hash, rsa_ciphertext) != 0) { if (rsa_pkcs1_sign(&privrsa, RSA_PRIVATE, RSA_SHA1, 20, hash, rsa_ciphertext) != 0) { printf("Signature failed.\n"); return -5; } printf("Signing complete. Output in message.sig\n"); fp = fopen("message.sig", "wb"); if (!fp) { printf("Error opening message.sig\n"); return -4; } fwrite(rsa_ciphertext, 128, 1, fp); fclose(fp); return 0; }
/* * Parse one or more certificates and add them to the chain */ int x509_add_certs( x509_cert *chain, unsigned char *buf, int buflen ) { int ret, len; unsigned char *s1, *s2; unsigned char *p, *end; x509_cert *crt; crt = chain; while( crt->version != 0 ) crt = crt->next; /* * check if the certificate is encoded in base64 */ s1 = (unsigned char *) strstr( (char *) buf, "-----BEGIN CERTIFICATE-----" ); if( s1 != NULL ) { s2 = (unsigned char *) strstr( (char *) buf, "-----END CERTIFICATE-----" ); if( s2 == NULL || s2 <= s1 ) return( ERR_X509_CERT_INVALID_PEM ); s1 += 27; if( *s1 == '\r' ) s1++; if( *s1 == '\n' ) s1++; else return( ERR_X509_CERT_INVALID_PEM ); /* * get the DER data length and decode the buffer */ len = 0; ret = base64_decode( NULL, &len, s1, s2 - s1 ); if( ret == ERR_BASE64_INVALID_CHARACTER ) return( ERR_X509_CERT_INVALID_PEM | ret ); if( ( p = (unsigned char *) malloc( len ) ) == NULL ) return( 1 ); if( ( ret = base64_decode( p, &len, s1, s2 - s1 ) ) != 0 ) { free( p ); return( ERR_X509_CERT_INVALID_PEM | ret ); } /* * update the buffer size and offset */ s2 += 25; if( *s2 == '\r' ) s2++; if( *s2 == '\n' ) s2++; else return( ERR_X509_CERT_INVALID_PEM ); buflen -= s2 - buf; buf = s2; } else { /* * nope, copy the raw DER data */ p = (unsigned char *) malloc( len = buflen ); if( p == NULL ) return( 1 ); memcpy( p, buf, buflen ); buflen = 0; } crt->raw.p = p; crt->raw.len = len; end = p + len; /* * Certificate ::= SEQUENCE { * tbsCertificate TBSCertificate, * signatureAlgorithm AlgorithmIdentifier, * signatureValue BIT STRING } */ if( ( ret = asn1_get_tag( &p, end, &len, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) { x509_free_cert( crt ); return( ERR_X509_CERT_INVALID_FORMAT ); } if( len != (int) ( end - p ) ) { x509_free_cert( crt ); return( ERR_X509_CERT_INVALID_FORMAT | ERR_ASN1_LENGTH_MISMATCH ); } /* * TBSCertificate ::= SEQUENCE { */ crt->tbs.p = p; if( ( ret = asn1_get_tag( &p, end, &len, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) { x509_free_cert( crt ); return( ERR_X509_CERT_INVALID_FORMAT | ret ); } end = p + len; crt->tbs.len = end - crt->tbs.p; /* * Version ::= INTEGER { v1(0), v2(1), v3(2) } * * CertificateSerialNumber ::= INTEGER * * signature AlgorithmIdentifier */ if( ( ret = x509_get_version( &p, end, &crt->version ) ) != 0 || ( ret = x509_get_serial( &p, end, &crt->serial ) ) != 0 || ( ret = x509_get_alg( &p, end, &crt->sig_oid1 ) ) != 0 ) { x509_free_cert( crt ); return( ret ); } crt->version++; if( crt->version > 3 ) { x509_free_cert( crt ); return( ERR_X509_CERT_UNKNOWN_VERSION ); } if( crt->sig_oid1.len != 9 || memcmp( crt->sig_oid1.p, OID_PKCS1, 8 ) != 0 ) { x509_free_cert( crt ); return( ERR_X509_CERT_UNKNOWN_SIG_ALG ); } if( crt->sig_oid1.p[8] < 2 || crt->sig_oid1.p[8] > 5 ) { x509_free_cert( crt ); return( ERR_X509_CERT_UNKNOWN_SIG_ALG ); } /* * issuer Name */ crt->issuer_raw.p = p; if( ( ret = asn1_get_tag( &p, end, &len, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) { x509_free_cert( crt ); return( ERR_X509_CERT_INVALID_FORMAT | ret ); } if( ( ret = x509_get_name( &p, p + len, &crt->issuer ) ) != 0 ) { x509_free_cert( crt ); return( ret ); } crt->issuer_raw.len = p - crt->issuer_raw.p; /* * Validity ::= SEQUENCE { * notBefore Time, * notAfter Time } * */ if( ( ret = x509_get_dates( &p, end, &crt->valid_from, &crt->valid_to ) ) != 0 ) { x509_free_cert( crt ); return( ret ); } /* * subject Name */ crt->subject_raw.p = p; if( ( ret = asn1_get_tag( &p, end, &len, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) { x509_free_cert( crt ); return( ERR_X509_CERT_INVALID_FORMAT | ret ); } if( ( ret = x509_get_name( &p, p + len, &crt->subject ) ) != 0 ) { x509_free_cert( crt ); return( ret ); } crt->subject_raw.len = p - crt->subject_raw.p; /* * SubjectPublicKeyInfo ::= SEQUENCE * algorithm AlgorithmIdentifier, * subjectPublicKey BIT STRING } */ if( ( ret = asn1_get_tag( &p, end, &len, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) { x509_free_cert( crt ); return( ERR_X509_CERT_INVALID_FORMAT | ret ); } if( ( ret = x509_get_pubkey( &p, p + len, &crt->pk_oid, &crt->rsa.N, &crt->rsa.E ) ) != 0 ) { x509_free_cert( crt ); return( ret ); } if( ( ret = rsa_check_pubkey( &crt->rsa ) ) != 0 ) { x509_free_cert( crt ); return( ret ); } crt->rsa.len = ( mpi_size( &crt->rsa.N ) + 7 ) >> 3; /* * issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL, * -- If present, version shall be v2 or v3 * subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL, * -- If present, version shall be v2 or v3 * extensions [3] EXPLICIT Extensions OPTIONAL * -- If present, version shall be v3 */ if( crt->version == 2 || crt->version == 3 ) { ret = x509_get_uid( &p, end, &crt->issuer_id, 1 ); if( ret != 0 ) { x509_free_cert( crt ); return( ret ); } } if( crt->version == 2 || crt->version == 3 ) { ret = x509_get_uid( &p, end, &crt->subject_id, 2 ); if( ret != 0 ) { x509_free_cert( crt ); return( ret ); } } if( crt->version == 3 ) { ret = x509_get_ext( &p, end, &crt->v3_ext, &crt->ca_istrue, &crt->max_pathlen ); if( ret != 0 ) { x509_free_cert( crt ); return( ret ); } } if( p != end ) { x509_free_cert( crt ); return( ERR_X509_CERT_INVALID_FORMAT | ERR_ASN1_LENGTH_MISMATCH ); } end = crt->raw.p + crt->raw.len; /* * signatureAlgorithm AlgorithmIdentifier, * signatureValue BIT STRING */ if( ( ret = x509_get_alg( &p, end, &crt->sig_oid2 ) ) != 0 ) { x509_free_cert( crt ); return( ret ); } if( memcmp( crt->sig_oid1.p, crt->sig_oid2.p, 9 ) != 0 ) { x509_free_cert( crt ); return( ERR_X509_CERT_SIG_MISMATCH ); } if( ( ret = x509_get_sig( &p, end, &crt->sig ) ) != 0 ) { x509_free_cert( crt ); return( ret ); } if( p != end ) { x509_free_cert( crt ); return( ERR_X509_CERT_INVALID_FORMAT | ERR_ASN1_LENGTH_MISMATCH ); } crt->next = (x509_cert *) malloc( sizeof( x509_cert ) ); if( crt->next == NULL ) { x509_free_cert( crt ); return( 1 ); } crt = crt->next; memset( crt, 0, sizeof( x509_cert ) ); if( buflen > 0 ) return( x509_add_certs( crt, buf, buflen ) ); return( 0 ); }
/* * Checkup routine */ int rsa_self_test( int verbose ) { int ret = 0; #if defined(POLARSSL_PKCS1_V15) size_t len; rsa_context rsa; unsigned char rsa_plaintext[PT_LEN]; unsigned char rsa_decrypted[PT_LEN]; unsigned char rsa_ciphertext[KEY_LEN]; #if defined(POLARSSL_SHA1_C) unsigned char sha1sum[20]; #endif rsa_init( &rsa, RSA_PKCS_V15, 0 ); rsa.len = KEY_LEN; MPI_CHK( mpi_read_string( &rsa.N , 16, RSA_N ) ); MPI_CHK( mpi_read_string( &rsa.E , 16, RSA_E ) ); MPI_CHK( mpi_read_string( &rsa.D , 16, RSA_D ) ); MPI_CHK( mpi_read_string( &rsa.P , 16, RSA_P ) ); MPI_CHK( mpi_read_string( &rsa.Q , 16, RSA_Q ) ); MPI_CHK( mpi_read_string( &rsa.DP, 16, RSA_DP ) ); MPI_CHK( mpi_read_string( &rsa.DQ, 16, RSA_DQ ) ); MPI_CHK( mpi_read_string( &rsa.QP, 16, RSA_QP ) ); if( verbose != 0 ) polarssl_printf( " RSA key validation: " ); if( rsa_check_pubkey( &rsa ) != 0 || rsa_check_privkey( &rsa ) != 0 ) { if( verbose != 0 ) polarssl_printf( "failed\n" ); return( 1 ); } if( verbose != 0 ) polarssl_printf( "passed\n PKCS#1 encryption : " ); memcpy( rsa_plaintext, RSA_PT, PT_LEN ); if( rsa_pkcs1_encrypt( &rsa, myrand, NULL, RSA_PUBLIC, PT_LEN, rsa_plaintext, rsa_ciphertext ) != 0 ) { if( verbose != 0 ) polarssl_printf( "failed\n" ); return( 1 ); } if( verbose != 0 ) polarssl_printf( "passed\n PKCS#1 decryption : " ); if( rsa_pkcs1_decrypt( &rsa, myrand, NULL, RSA_PRIVATE, &len, rsa_ciphertext, rsa_decrypted, sizeof(rsa_decrypted) ) != 0 ) { if( verbose != 0 ) polarssl_printf( "failed\n" ); return( 1 ); } if( memcmp( rsa_decrypted, rsa_plaintext, len ) != 0 ) { if( verbose != 0 ) polarssl_printf( "failed\n" ); return( 1 ); } #if defined(POLARSSL_SHA1_C) if( verbose != 0 ) polarssl_printf( "passed\n PKCS#1 data sign : " ); sha1( rsa_plaintext, PT_LEN, sha1sum ); if( rsa_pkcs1_sign( &rsa, myrand, NULL, RSA_PRIVATE, POLARSSL_MD_SHA1, 0, sha1sum, rsa_ciphertext ) != 0 ) { if( verbose != 0 ) polarssl_printf( "failed\n" ); return( 1 ); } if( verbose != 0 ) polarssl_printf( "passed\n PKCS#1 sig. verify: " ); if( rsa_pkcs1_verify( &rsa, NULL, NULL, RSA_PUBLIC, POLARSSL_MD_SHA1, 0, sha1sum, rsa_ciphertext ) != 0 ) { if( verbose != 0 ) polarssl_printf( "failed\n" ); return( 1 ); } if( verbose != 0 ) polarssl_printf( "passed\n\n" ); #endif /* POLARSSL_SHA1_C */ cleanup: rsa_free( &rsa ); #else /* POLARSSL_PKCS1_V15 */ ((void) verbose); #endif /* POLARSSL_PKCS1_V15 */ return( ret ); }
/* * Checkup routine */ int rsa_self_test( void ) { int len; rsa_context rsa; uchar md5sum[16]; uchar decrypted[PTLEN]; uchar ciphertext[CTLEN]; memset( &rsa, 0, sizeof( rsa ) ); rsa.len = 128; #if 0 mpi_read( &rsa.N , "9292758453063D803DD603D5E777D788" \ "8ED1D5BF35786190FA2F23EBC0848AEA" \ "DDA92CA6C3D80B32C4D109BE0F36D6AE" \ "7130B9CED7ACDF54CFC7555AC14EEBAB" \ "93A89813FBF3C4F8066D2D800F7C38A8" \ "1AE31942917403FF4946B0A83D3D3E05" \ "EE57C6F5F5606FB5D4BC6CD34EE0801A" \ "5E94BB77B07507233A0BC7BAC8F90F79", 16 ); mpi_read( &rsa.E , "10001", 16 ); mpi_read( &rsa.D , "24BF6185468786FDD303083D25E64EFC" \ "66CA472BC44D253102F8B4A9D3BFA750" \ "91386C0077937FE33FA3252D28855837" \ "AE1B484A8A9A45F7EE8C0C634F99E8CD" \ "DF79C5CE07EE72C7F123142198164234" \ "CABB724CF78B8173B9F880FC86322407" \ "AF1FEDFDDE2BEB674CA15F3E81A1521E" \ "071513A1E85B5DFA031F21ECAE91A34D", 16 ); mpi_read( &rsa.P , "C36D0EB7FCD285223CFB5AABA5BDA3D8" \ "2C01CAD19EA484A87EA4377637E75500" \ "FCB2005C5C7DD6EC4AC023CDA285D796" \ "C3D9E75E1EFC42488BB4F1D13AC30A57", 16 ); mpi_read( &rsa.Q , "C000DF51A7C77AE8D7C7370C1FF55B69" \ "E211C2B9E5DB1ED0BF61D0D9899620F4" \ "910E4168387E3C30AA1E00C339A79508" \ "8452DD96A9A5EA5D9DCA68DA636032AF", 16 ); mpi_read( &rsa.DP, "C1ACF567564274FB07A0BBAD5D26E298" \ "3C94D22288ACD763FD8E5600ED4A702D" \ "F84198A5F06C2E72236AE490C93F07F8" \ "3CC559CD27BC2D1CA488811730BB5725", 16 ); mpi_read( &rsa.DQ, "4959CBF6F8FEF750AEE6977C155579C7" \ "D8AAEA56749EA28623272E4F7D0592AF" \ "7C1F1313CAC9471B5C523BFE592F517B" \ "407A1BD76C164B93DA2D32A383E58357", 16 ); mpi_read( &rsa.QP, "9AE7FBC99546432DF71896FC239EADAE" \ "F38D18D2B2F0E2DD275AA977E2BF4411" \ "F5A3B2A5D33605AEBBCCBA7FEB9F2D2F" \ "A74206CEC169D74BF5A8C50D6F48EA08", 16 ); #else mpi_read( &rsa.N , "EEF43DF231F4FEFDA3FF0576F864912B" \ "F5D51D627C5911F4794F54C8BE178C66" \ "FD9C447BE512735818E93CF88AB1696C" \ "1C634A898DBFCE384F74CD347B715419" \ "EAE05016842B752F127CC224535C4708" \ "8DE7566D50F0CFC013B2592BAB1E042A" \ "76239E5262D931B84BDAB640028AFE7C" \ "39E2B75A353EABF827854EE249C6EA45", 16 ); mpi_read( &rsa.E , "010001", 16 ); mpi_read( &rsa.D , "B6F6044861BFF94E34379BF3901550A2" \ "9C44658F772EABF4C8BDD9692B43D499" \ "372E63B189A02AF91579E0D95D38A243" \ "C928AD75CD3743AB120B98E3CA70E7B6" \ "C5B3C1EA2065EF5A6347F80B247044D4" \ "775C4379C2286F8724E0DFE859F808E8" \ "BFBE3D257EF84E3A455C5BC452F5600E" \ "5CDD62818D7E937C7D4C9819C1FAF331", 16 ); mpi_read( &rsa.P , "FBD24AF8F6132E9E1D07B73CFD6D0ECE" \ "6E49DD602EF0F4D6FE6DF66493F016EA" \ "C19FF290749194145C3229D0CC57B31F" \ "199AE2819572271CFE40279063B5BEAB", 16 ); mpi_read( &rsa.Q , "F2EB4A3E41438F2690EC2DED0198E4BD" \ "7ABA01D374A27C92BDAEA3803FF8584C" \ "2B923C95868B4C53DCEEA3A750D7B702" \ "748522C8BF781CCED4E76B52A9DD3ACF", 16 ); mpi_read( &rsa.DP, "3947752C39F4D506BBFDB44D582BC551" \ "693EBDEF11DE5722CC0EC11BD196ABEF" \ "CC0910C890EB482E756627A2C9C82D03" \ "26F4D70EB8AA9580FFC821F7B2E6752F", 16 ); mpi_read( &rsa.DQ, "5A71D28DC55CF322A7D8D7ECA3A89A9A" \ "15E4C5A3468CED16F1BAE133721DF43A" \ "400ACDB5DA8768DEDCA69996455A5BD0" \ "7533D0D4AFBD77F4667ED78DCAA30D2F", 16 ); mpi_read( &rsa.QP, "81267EDB140CE8F07CA92F508FEA134B" \ "23C871D428C6EF870F08FFF2AD46D210" \ "8FCD67E28FF95E8E332B5EEE16EB8784" \ "AB3D1E59B078CB93EF5C6E0F12419439", 16 ); #endif printf( " RSA key validation: " ); if( rsa_check_pubkey( &rsa ) != 0 || rsa_check_privkey( &rsa ) != 0 ) { printf( "failed\n" ); return( 1 ); } printf( "passed\n PKCS#1 encryption : " ); if( rsa_pkcs1_encrypt( &rsa, plaintext, PTLEN, ciphertext, CTLEN ) != 0 ) { printf( "failed\n" ); return( 1 ); } printf( "passed\n PKCS#1 decryption : " ); len = sizeof( decrypted ); if( rsa_pkcs1_decrypt( &rsa, ciphertext, CTLEN, decrypted, &len ) != 0 || memcmp( decrypted, plaintext, len ) != 0 ) { printf( "failed\n" ); return( 1 ); } printf( "passed\n PKCS#1 data sign : " ); md5_csum( plaintext, PTLEN, md5sum ); if( rsa_pkcs1_sign( &rsa, RSA_MD5, md5sum, 16, ciphertext, CTLEN ) != 0 ) { printf( "failed\n" ); return( 1 ); } printf( "passed\n PKCS#1 sig. verify: " ); if( rsa_pkcs1_verify( &rsa, RSA_MD5, md5sum, 16, ciphertext, CTLEN ) != 0 ) { printf( "failed\n" ); return( 1 ); } printf( "passed\n\n" ); rsa_free( &rsa ); return( 0 ); }
/* * Checkup routine */ int rsa_self_test( int verbose ) { int len; rsa_context rsa; unsigned char sha1sum[20]; unsigned char rsa_plaintext[PT_LEN]; unsigned char rsa_decrypted[PT_LEN]; unsigned char rsa_ciphertext[KEY_LEN]; memset( &rsa, 0, sizeof( rsa_context ) ); rsa.len = KEY_LEN; mpi_read_string( &rsa.N , 16, RSA_N ); mpi_read_string( &rsa.E , 16, RSA_E ); mpi_read_string( &rsa.D , 16, RSA_D ); mpi_read_string( &rsa.P , 16, RSA_P ); mpi_read_string( &rsa.Q , 16, RSA_Q ); mpi_read_string( &rsa.DP, 16, RSA_DP ); mpi_read_string( &rsa.DQ, 16, RSA_DQ ); mpi_read_string( &rsa.QP, 16, RSA_QP ); if( verbose != 0 ) printf( " RSA key validation: " ); if( rsa_check_pubkey( &rsa ) != 0 || rsa_check_privkey( &rsa ) != 0 ) { if( verbose != 0 ) printf( "failed\n" ); return( 1 ); } if( verbose != 0 ) printf( "passed\n PKCS#1 encryption : " ); memcpy( rsa_plaintext, RSA_PT, PT_LEN ); if( rsa_pkcs1_encrypt( &rsa, RSA_PUBLIC, PT_LEN, rsa_plaintext, rsa_ciphertext ) != 0 ) { if( verbose != 0 ) printf( "failed\n" ); return( 1 ); } if( verbose != 0 ) printf( "passed\n PKCS#1 decryption : " ); if( rsa_pkcs1_decrypt( &rsa, RSA_PRIVATE, &len, rsa_ciphertext, rsa_decrypted, sizeof(rsa_decrypted) ) != 0 ) { if( verbose != 0 ) printf( "failed\n" ); return( 1 ); } if( memcmp( rsa_decrypted, rsa_plaintext, len ) != 0 ) { if( verbose != 0 ) printf( "failed\n" ); return( 1 ); } if( verbose != 0 ) printf( "passed\n PKCS#1 data sign : " ); sha1( rsa_plaintext, PT_LEN, sha1sum ); if( rsa_pkcs1_sign( &rsa, RSA_PRIVATE, SIG_RSA_SHA1, 20, sha1sum, rsa_ciphertext ) != 0 ) { if( verbose != 0 ) printf( "failed\n" ); return( 1 ); } if( verbose != 0 ) printf( "passed\n PKCS#1 sig. verify: " ); if( rsa_pkcs1_verify( &rsa, RSA_PUBLIC, SIG_RSA_SHA1, 20, sha1sum, rsa_ciphertext ) != 0 ) { if( verbose != 0 ) printf( "failed\n" ); return( 1 ); } if( verbose != 0 ) printf( "passed\n\n" ); rsa_free( &rsa ); return( 0 ); }
TEST_FIXTURE(HandshakeFixture, FixturePublicKeyIsValid) { rsa_context rsa; init_rsa_context_with_public_key(&rsa, pubkey); CHECK_EQUAL(0, rsa_check_pubkey(&rsa)); }
/* * Checkup routine */ int main ( void ) { int len; rsa_context rsa; unsigned char md5sum[16]; unsigned char rsa_plaintext[PTLEN]; unsigned char rsa_decrypted[PTLEN]; unsigned char rsa_ciphertext[CTLEN]; memset( &rsa, 0, sizeof( rsa ) ); rsa.len = 128; mpi_read( &rsa.N , "9292758453063D803DD603D5E777D788" \ "8ED1D5BF35786190FA2F23EBC0848AEA" \ "DDA92CA6C3D80B32C4D109BE0F36D6AE" \ "7130B9CED7ACDF54CFC7555AC14EEBAB" \ "93A89813FBF3C4F8066D2D800F7C38A8" \ "1AE31942917403FF4946B0A83D3D3E05" \ "EE57C6F5F5606FB5D4BC6CD34EE0801A" \ "5E94BB77B07507233A0BC7BAC8F90F79", 16 ); mpi_read( &rsa.E , "10001", 16 ); mpi_read( &rsa.D , "24BF6185468786FDD303083D25E64EFC" \ "66CA472BC44D253102F8B4A9D3BFA750" \ "91386C0077937FE33FA3252D28855837" \ "AE1B484A8A9A45F7EE8C0C634F99E8CD" \ "DF79C5CE07EE72C7F123142198164234" \ "CABB724CF78B8173B9F880FC86322407" \ "AF1FEDFDDE2BEB674CA15F3E81A1521E" \ "071513A1E85B5DFA031F21ECAE91A34D", 16 ); mpi_read( &rsa.P , "C36D0EB7FCD285223CFB5AABA5BDA3D8" \ "2C01CAD19EA484A87EA4377637E75500" \ "FCB2005C5C7DD6EC4AC023CDA285D796" \ "C3D9E75E1EFC42488BB4F1D13AC30A57", 16 ); mpi_read( &rsa.Q , "C000DF51A7C77AE8D7C7370C1FF55B69" \ "E211C2B9E5DB1ED0BF61D0D9899620F4" \ "910E4168387E3C30AA1E00C339A79508" \ "8452DD96A9A5EA5D9DCA68DA636032AF", 16 ); mpi_read( &rsa.DP, "C1ACF567564274FB07A0BBAD5D26E298" \ "3C94D22288ACD763FD8E5600ED4A702D" \ "F84198A5F06C2E72236AE490C93F07F8" \ "3CC559CD27BC2D1CA488811730BB5725", 16 ); mpi_read( &rsa.DQ, "4959CBF6F8FEF750AEE6977C155579C7" \ "D8AAEA56749EA28623272E4F7D0592AF" \ "7C1F1313CAC9471B5C523BFE592F517B" \ "407A1BD76C164B93DA2D32A383E58357", 16 ); mpi_read( &rsa.QP, "9AE7FBC99546432DF71896FC239EADAE" \ "F38D18D2B2F0E2DD275AA977E2BF4411" \ "F5A3B2A5D33605AEBBCCBA7FEB9F2D2F" \ "A74206CEC169D74BF5A8C50D6F48EA08", 16 ); printf( " RSA key validation: " ); if( rsa_check_pubkey( &rsa ) != 0 || rsa_check_privkey( &rsa ) != 0 ) { printf( "failed\n" ); return( 1 ); } printf( "passed\n PKCS#1 encryption : " ); memcpy( rsa_plaintext, "\xAA\xBB\xCC\x03\x02\x01\x00\xFF\xFF\xFF\xFF\xFF" \ "\x11\x22\x33\x0A\x0B\x0C\xCC\xDD\xDD\xDD\xDD\xDD", PTLEN ); len = CTLEN; if( rsa_pkcs1_encrypt( &rsa, rsa_plaintext, PTLEN, rsa_ciphertext, &len ) != 0 ) { printf( "failed\n" ); return( 1 ); } printf( "passed\n PKCS#1 decryption : " ); len = sizeof( rsa_decrypted ); if( rsa_pkcs1_decrypt( &rsa, rsa_ciphertext, CTLEN, rsa_decrypted, &len ) != 0 || memcmp( rsa_decrypted, rsa_plaintext, len ) != 0 ) { printf( "failed\n" ); return( 1 ); } printf( "passed\n" ); #if 0 md5_csum( rsa_plaintext, PTLEN, md5sum ); if( rsa_pkcs1_sign( &rsa, RSA_MD5, md5sum, 16, rsa_ciphertext, CTLEN ) != 0 ) { printf( "failed\n" ); return( 1 ); } printf( "passed\n PKCS#1 sig. verify: " ); if( rsa_pkcs1_verify( &rsa, RSA_MD5, md5sum, 16, rsa_ciphertext, CTLEN ) != 0 ) { printf( "failed\n" ); return( 1 ); } printf( "passed\n\n" ); #endif rsa_free( &rsa ); return( 0 ); }