/* Zeroize
*/
static int Zeroize()
{
RSA *key;
unsigned char userkey[16] =
{ 0x48, 0x50, 0xf0, 0xa3, 0x3a, 0xed, 0xd3, 0xaf, 0x6e, 0x47, 0x7f, 0x83, 0x02, 0xb1, 0x09, 0x68 };
int i, n;
key = RSA_generate_key(1024,65537,NULL,NULL);
if (!key)
return 0;
n = BN_num_bytes(key->d);
printf(" Generated %d byte RSA private key\n", n);
printf("\tBN key before overwriting:\n%s\n", BN_bn2hex(key->d));
BN_rand(key->d,n*8,-1,0);
printf("\tBN key after overwriting:\n%s\n", BN_bn2hex(key->d));
printf("\tchar buffer key before overwriting: \n\t\t");
for(i = 0; i < sizeof(userkey); i++) printf("%02x", userkey[i]);
printf("\n");
RAND_bytes(userkey, sizeof userkey);
printf("\tchar buffer key after overwriting: \n\t\t");
for(i = 0; i < sizeof(userkey); i++) printf("%02x", userkey[i]);
printf("\n");
return 1;
}
void save_public_key(FILE *fp)
{
char *temp;
if (!fp) return;
if (!rsa) return;
/* we write only the public modulus... */
temp = BN_bn2hex(rsa->n);
if (!temp)
{
writelog(ERROR, "Unable to write public key to file!\n");
abort();
}
fprintf(fp, "%s\n", temp);
/* ...and exponent */
free(temp);
temp = BN_bn2hex(rsa->e);
if (!temp)
{
writelog(ERROR, "Unable to write public key to file!\n");
abort();
}
fprintf(fp, "%s\n", temp);
free(temp);
}
// Extract the private and public keys from the PEM file, using the supplied
// password to decrypt the file if encrypted. priv_key and pub_key must point to
// an array o at least 65 and 131 character respectively.
int load_pem_key(char *pemstr, size_t pemstr_len, char *password,
char *out_priv_key, char *out_pub_key) {
BIO *in = NULL;
BN_CTX *ctx = NULL;
const EC_GROUP *group;
EC_KEY *eckey = NULL;
const EC_POINT *pub_key_point = NULL;
const BIGNUM *priv_key = NULL, *pub_key = NULL;
char *priv_key_hex = NULL;
char *pub_key_hex = NULL;
in = BIO_new_mem_buf(pemstr, (int)pemstr_len);
// Read key from stream, decrypting with password if not NULL
if (password != NULL && strcmp("", password) != 0) {
// Initialize ciphers
ERR_load_crypto_strings ();
OpenSSL_add_all_algorithms ();
eckey = PEM_read_bio_ECPrivateKey(in, NULL, NULL, password);
if (eckey == NULL) {
return -1; // Failed to decrypt or decode private key
}
} else {
if ((eckey = PEM_read_bio_ECPrivateKey(in, NULL, NULL, NULL)) == NULL) {
return -1; // Failed to decode private key
}
}
BIO_free(in);
// Deconstruct key into big numbers
if ((ctx = BN_CTX_new()) == NULL) {
return -2; // Failed to create new big number context
}
if ((group = EC_KEY_get0_group(eckey)) == NULL) {
return -3; // Failed to load group
}
if ((priv_key = EC_KEY_get0_private_key(eckey)) == NULL) {
return -4; // Failed to load private key
}
if ((pub_key_point = EC_KEY_get0_public_key(eckey)) == NULL) {
return -5; // Failed to load public key point
}
pub_key = EC_POINT_point2bn(group, pub_key_point, EC_KEY_get_conv_form(eckey), NULL, ctx);
if (pub_key == NULL) {
return -6; // Failed to construct public key from point
}
priv_key_hex = BN_bn2hex(priv_key);
pub_key_hex = BN_bn2hex(pub_key);
strncpy_s(out_priv_key, 64 + 1, priv_key_hex, 64 + 1);
strncpy_s(out_pub_key, 130 + 1, pub_key_hex, 130 + 1);
OPENSSL_free(priv_key_hex);
OPENSSL_free(pub_key_hex);
return 0;
}
int main(int arc, char *argv[])
{
DH *dh = DH_new();
BN_GENCB *(*cb)(BN_GENCB *, int, int);
cb = &callback;
char buf[400];
char *bufPtr = &buf[0];
/* Load the human readable error strings for libcrypto */
ERR_load_crypto_strings();
/* Load all digest and cipher algorithms */
OpenSSL_add_all_algorithms();
/* Load config file, and other important initialisation */
OPENSSL_config(NULL);
/*
use special PRNG if possible:
* /dev/random
* /dev/hwrng
* ...
*/
/*
---------------------------- PARAMATER GEN ------------------------
*/
printf("start generation\n");
DH_generate_parameters_ex(dh, 256, 2, NULL);
printf("paramters DONE\n");
if(dh->pub_key == NULL)
printf("pubkey init to NULL\n");
DH_generate_key(dh);
printf("key DONE\n");
bufPtr = BN_bn2hex(dh->p);
printf ("prime : %s\n", bufPtr);
bufPtr = BN_bn2hex(dh->g);
printf ("generator: %s\n", bufPtr);
bufPtr = BN_bn2hex(dh->pub_key);
printf ("pubkey : %s\n", bufPtr);
bufPtr = BN_bn2hex(dh->priv_key);
printf ("privkey : %s\n", bufPtr);
/* Clean up */
/* Removes all digests and ciphers */
EVP_cleanup();
/* if you omit the next, a small leak may be left when you make use of the BIO (low level API) for e.g. base64 transformations */
CRYPTO_cleanup_all_ex_data();
/* Remove error strings */
ERR_free_strings();
return 0;
}
int main() {
uint8_t pub_bytes[33] = {
0x02,
0x82, 0x00, 0x6e, 0x93, 0x98, 0xa6, 0x98, 0x6e,
0xda, 0x61, 0xfe, 0x91, 0x67, 0x4c, 0x3a, 0x10,
0x8c, 0x39, 0x94, 0x75, 0xbf, 0x1e, 0x73, 0x8f,
0x19, 0xdf, 0xc2, 0xdb, 0x11, 0xdb, 0x1d, 0x28
};
uint8_t der_bytes[] = {
0x30, 0x44, 0x02, 0x20, 0x2b, 0x2b, 0x52, 0x9b,
0xdb, 0xdc, 0x93, 0xe7, 0x8a, 0xf7, 0xe0, 0x02,
0x28, 0xb1, 0x79, 0x91, 0x8b, 0x03, 0x2d, 0x76,
0x90, 0x2f, 0x74, 0xef, 0x45, 0x44, 0x26, 0xf7,
0xd0, 0x6c, 0xd0, 0xf9, 0x02, 0x20, 0x62, 0xdd,
0xc7, 0x64, 0x51, 0xcd, 0x04, 0xcb, 0x56, 0x7c,
0xa5, 0xc5, 0xe0, 0x47, 0xe8, 0xac, 0x41, 0xd3,
0xd4, 0xcf, 0x7c, 0xb9, 0x24, 0x34, 0xd5, 0x5c,
0xb4, 0x86, 0xcc, 0xcf, 0x6a, 0xf2
};
const char message[] = "This is a very confidential message\n";
EC_KEY *key;
const uint8_t *der_bytes_copy;
ECDSA_SIG *signature;
uint8_t digest[32];
int verified;
key = bbp_ec_new_pubkey(pub_bytes, sizeof(pub_bytes));
if (!key) {
puts("Unable to create keypair");
return -1;
}
der_bytes_copy = der_bytes;
signature = d2i_ECDSA_SIG(NULL, &der_bytes_copy, sizeof(der_bytes));
printf("r: %s\n", BN_bn2hex(signature->r));
printf("s: %s\n", BN_bn2hex(signature->s));
bbp_sha256(digest, (uint8_t *)message, strlen(message));
bbp_print_hex("digest", digest, 32);
verified = ECDSA_do_verify(digest, sizeof(digest), signature, key);
switch (verified) {
case 1:
puts("verified");
break;
case 0:
puts("not verified");
break;
case -1:
puts("library error");
break;
}
ECDSA_SIG_free(signature);
EC_KEY_free(key);
return 0;
}
int rsa_prvkey_to_str(const rsa_prvkey_t *sk, char *buf, size_t len)
{
int ret = -1;
char *n = NULL;
char *e = NULL;
char *d = NULL;
unsigned int outlen;
OPENSSL_assert(sk);
OPENSSL_assert(sk->n);
OPENSSL_assert(sk->e);
OPENSSL_assert(sk->d);
if (!(n = BN_bn2hex(sk->n))) {
ERR_print_errors_fp(stderr);
goto end;
}
if (!(e = BN_bn2hex(sk->e))) {
ERR_print_errors_fp(stderr);
goto end;
}
if (!(d = BN_bn2hex(sk->d))) {
ERR_print_errors_fp(stderr);
goto end;
}
outlen = strlen(n) + strlen(e) + strlen(d) + 3;
if (buf == NULL) {
ret = outlen;
goto end;
}
if (len < outlen) {
ret = -1;
goto end;
}
strcpy(buf, n);
strcat(buf, " ");
strcat(buf, e);
strcat(buf, " ");
strcat(buf, d);
ret = outlen;
end:
if (n) OPENSSL_free(n);
if (e) OPENSSL_free(e);
if (d) OPENSSL_free(d);
return ret;
}
int main(int argc, char ** argv) {
/* Generate 2 big random numbers (512 bits) */
primitive_p = initialize("1011011");
initialize_rand(SEED);
BIGNUM *p = get_long_prime_number(RSA_KEY_LENGTH);
printf("p=%s\n", BN_bn2hex(p));
BIGNUM *q = get_long_prime_number(RSA_KEY_LENGTH);
printf("q=%s\n", BN_bn2hex(q));
/* Compute phi = (p-1)*(q-1) and n = p*q */
BIGNUM *phi, *n;
BN_CTX *tmp;
tmp = BN_CTX_new();
n = BN_new();
phi = BN_new();
BN_copy(n, p);
BN_mul(n, n, q, tmp);
printf("n=%s\n", BN_bn2dec(n));
BN_sub_word(p, 1);
printf("p-1=%s\n", BN_bn2dec(p));
BN_sub_word(q, 1);
printf("q-1=%s\n", BN_bn2dec(q));
phi = BN_new();
BN_init(tmp);
BN_mul(phi, p, q, tmp);
printf("(p-1)(q-1)=%s\n", BN_bn2dec(phi));
/* Find the smallest integer coprime with phi */
BIGNUM * e = BN_new();
BIGNUM *gcd = BN_new();
BN_add_word(e, 3);
for ( ; ; BN_add_word(e, 2)) {
tmp = BN_CTX_new();
BN_gcd(gcd, e, phi, tmp);
if (BN_is_one(gcd))
break;
}
printf("e=%s\n", BN_bn2dec(e));
/* Find d, the inverse of e in Z_phi */
BIGNUM * d = BN_new();
BIGNUM * i = BN_new();
BIGNUM * rem = BN_new();
BIGNUM * prod = BN_new();
BN_add_word(i, 1);
for ( ; ; BN_add_word(i, 1)) {
BN_copy(prod, phi);
tmp = BN_CTX_new();
BN_mul(prod, prod, i, tmp);
BN_add_word(prod, 1);
BN_div(d, rem, prod, e, tmp);
if (BN_is_zero(rem)) {
break;
}
}
printf("d=%s\n", BN_bn2dec(d));
return 0;
}
int CRSA::RSAGenKey( int bitsKeyLen , unsigned long ulExponent , string &strOutPublicKeyN , string &strOutPublicKeyE , string &strOutPrivateKey )
{
int iResult = 0;
char * pKey = NULL;
if ( bitsKeyLen != KeyLen512 && bitsKeyLen != KeyLen1024 && bitsKeyLen != KeyLen2048 )
return -1;
if ( ulExponent != Exponent3 && ulExponent != Exponent17 && ulExponent != Exponent65537 )
return -1;
RSA * pRSA = RSA_generate_key( bitsKeyLen , ulExponent , NULL , NULL );
if ( !pRSA )
return -1;
do
{
pKey = BN_bn2hex( pRSA->n );
if ( pKey )
{
strOutPublicKeyN = pKey;
free( pKey );
}
else
{
iResult = -1;
break;
}
pKey = BN_bn2hex( pRSA->e );
if ( pKey )
{
strOutPublicKeyE = pKey;
free( pKey );
}
else
{
iResult = -1;
break;
}
pKey = BN_bn2hex( pRSA->d );
if ( pKey )
{
strOutPrivateKey = pKey;
free( pKey );
}
else
{
iResult = -1;
break;
}
} while ( 0 );
RSA_free( pRSA );
return iResult;
}
void
assert_bignum(const char *file, int line, const char *a1, const char *a2,
const BIGNUM *aa1, const BIGNUM *aa2, enum test_predicate pred)
{
int r = BN_cmp(aa1, aa2);
TEST_CHECK_INT(r, pred);
test_header(file, line, a1, a2, "BIGNUM", pred);
fprintf(stderr, "%12s = 0x%s\n", a1, BN_bn2hex(aa1));
fprintf(stderr, "%12s = 0x%s\n", a2, BN_bn2hex(aa2));
test_die();
}
static void
schnorr_selftest(void)
{
BIGNUM *x;
struct modp_group *grp;
u_int i;
char *hh;
grp = jpake_default_group();
if ((x = BN_new()) == NULL)
fatal("%s: BN_new", __func__);
SCHNORR_DEBUG_BN((grp->p, "%s: grp->p = ", __func__));
SCHNORR_DEBUG_BN((grp->q, "%s: grp->q = ", __func__));
SCHNORR_DEBUG_BN((grp->g, "%s: grp->g = ", __func__));
/* [1, 20) */
for (i = 1; i < 20; i++) {
printf("x = %u\n", i);
fflush(stdout);
if (BN_set_word(x, i) != 1)
fatal("%s: set x word", __func__);
schnorr_selftest_one(grp->p, grp->q, grp->g, x);
}
/* 100 x random [0, p) */
for (i = 0; i < 100; i++) {
if (BN_rand_range(x, grp->p) != 1)
fatal("%s: BN_rand_range", __func__);
hh = BN_bn2hex(x);
printf("x = (random) 0x%s\n", hh);
free(hh);
fflush(stdout);
schnorr_selftest_one(grp->p, grp->q, grp->g, x);
}
/* [q-20, q) */
if (BN_set_word(x, 20) != 1)
fatal("%s: BN_set_word (x = 20)", __func__);
if (BN_sub(x, grp->q, x) != 1)
fatal("%s: BN_sub (q - x)", __func__);
for (i = 0; i < 19; i++) {
hh = BN_bn2hex(x);
printf("x = (q - %d) 0x%s\n", 20 - i, hh);
free(hh);
fflush(stdout);
schnorr_selftest_one(grp->p, grp->q, grp->g, x);
if (BN_add(x, x, BN_value_one()) != 1)
fatal("%s: BN_add (x + 1)", __func__);
}
BN_free(x);
}
static int
dec2bin(uint8_t *out, const char *in)
{
int ret, l;
char *tmp = NULL;
BIGNUM *B;
if ((NULL == (B = BN_new())) ||
(0 == BN_dec2bn(&B, in)) ||
(NULL == (tmp = BN_bn2hex(B)))) {
ret = RFC6287_ERR_OPENSSL;
goto err;
}
if (256 < (l = strlen(tmp))) {
ret = RFC6287_INVALID_CHALLENGE;
goto err;
}
if (1 < l && '0' == tmp[0])
ret = hex2bin(out, tmp + 1);
else
ret = hex2bin(out, tmp);
err:
if (NULL != tmp)
OPENSSL_free(tmp);
if (NULL != B)
BN_free(B);
return ret;
}
void meteor_user_generate_x(SRPUser *usr,
char const *identity,
char const *salt,
char const *password,
unsigned char *buff,
BIGNUM **x) {
const static char *static_delim = ":";
BIGNUM *x_inner;
char *catString_i_p = malloc(strlen(identity)+1 + strlen(static_delim)+ 1 + strlen(password)+1 + 1);
strcpy(catString_i_p, identity);
strcat(catString_i_p, static_delim);
strcat(catString_i_p, password);
catString_i_p[strlen(catString_i_p)] = '\0';
unsigned char lbuff[SHA256_DIGEST_LENGTH] = "";
hash(usr->hash_alg, (const unsigned char *)catString_i_p, strlen(catString_i_p), lbuff);
x_inner = BN_bin2bn(lbuff, hash_length(usr->hash_alg), NULL);
char *x_inner_str_lower = convert_to_lower(BN_bn2hex(x_inner));
char *catString_s_i_p = malloc(strlen(salt)+1 + strlen(x_inner_str_lower)+1 + 1);
strcpy(catString_s_i_p, salt);
strcat(catString_s_i_p, x_inner_str_lower);
catString_s_i_p[strlen(catString_s_i_p)] = '\0';
unsigned char xbuff[SHA256_DIGEST_LENGTH] = "";
hash(usr->hash_alg, (const unsigned char *)catString_s_i_p, strlen((char *)catString_s_i_p), xbuff);
*x = BN_bin2bn(xbuff, hash_length(usr->hash_alg), NULL);
BN_free(x_inner);
free(catString_i_p);
free(catString_s_i_p);
}
int rsa_ciphertext_to_str(const rsa_ciphertext_t *c, char *buf, size_t len)
{
int ret = -1;
char *str = NULL;
unsigned int outlen;
OPENSSL_assert(c);
if (!(str = BN_bn2hex(c))) {
ERR_print_errors_fp(stderr);
goto end;
}
outlen = strlen(str) + 1;
if (buf == NULL) {
ret = outlen;
goto end;
}
if (len < outlen) {
ret = -1;
goto end;
}
strcpy(buf, str);
ret = outlen;
end:
if (str) OPENSSL_free(str);
return ret;
}
int bignum2mpz(const BIGNUM *bn, mpz_t g)
{
bn_check_top(bn);
if(((sizeof(bn->d[0]) * 8) == GMP_NUMB_BITS) && (BN_BITS2 == GMP_NUMB_BITS))
{
/* The common case */
if(!_mpz_realloc (g, bn->top))
return 0;
memcpy(&g->_mp_d[0], &bn->d[0], bn->top * sizeof(bn->d[0]));
g->_mp_size = bn->top;
if(bn->neg)
g->_mp_size = -g->_mp_size;
return 1;
}
else
{
char *tmpchar = BN_bn2hex(bn);
if(!tmpchar)
return 0;
OPENSSL_free(tmpchar);
return 0;
}
}
void meteor_user_generate_M_string( struct SRPUser *usr,
const char * S_str,
unsigned char *buff,
const char * B_str,
char ** M_str )
{
BIGNUM *M = BN_new();
char *ABS = malloc( strlen(usr->Astr) + strlen(B_str) + strlen(S_str) + 1 );
strcpy(ABS, usr->Astr);
strcat(ABS, B_str);
strcat(ABS, S_str);
hash( usr->hash_alg, (const unsigned char *)ABS, strlen(ABS), buff );
M = BN_bin2bn( buff, hash_length(usr->hash_alg), NULL );
if ( !M )
goto cleanup_and_exit;
*M_str = convert_to_lower( BN_bn2hex(M) );
cleanup_and_exit:
BN_free(M);
}
/* Most often limb sizes will be the same. If not, we use hex conversion
* which is neat, but extremely inefficient. */
static int bn2gmp(const BIGNUM *bn, mpz_t g)
{
bn_check_top(bn);
if(((sizeof(bn->d[0]) * 8) == GMP_NUMB_BITS) &&
(BN_BITS2 == GMP_NUMB_BITS))
{
/* The common case */
if(!_mpz_realloc (g, bn->top))
return 0;
TINYCLR_SSL_MEMCPY(&g->_mp_d[0], &bn->d[0], bn->top * sizeof(bn->d[0]));
g->_mp_size = bn->top;
if(bn->neg)
g->_mp_size = -g->_mp_size;
return 1;
}
else
{
int toret;
char *tmpchar = BN_bn2hex(bn);
if(!tmpchar) return 0;
toret = (mpz_set_str(g, tmpchar, 16) == 0 ? 1 : 0);
OPENSSL_free(tmpchar);
return toret;
}
}
/* Output: username, bytes_A, len_A, Astr */
void srp_user_start_authentication( struct SRPUser * usr, const char ** username,
const unsigned char ** bytes_A, int * len_A, const char ** Astr )
{
BN_CTX *ctx = BN_CTX_new();
BN_rand(usr->a, 256, -1, 0);
BN_mod_exp(usr->A, usr->ng->g, usr->a, usr->ng->N, ctx);
BN_CTX_free(ctx);
*len_A = BN_num_bytes(usr->A);
*bytes_A = malloc( *len_A );
if (!*bytes_A)
{
*len_A = 0;
*bytes_A = 0;
*username = 0;
return;
}
BN_bn2bin( usr->A, (unsigned char *) *bytes_A );
usr->bytes_A = *bytes_A;
usr->Astr = convert_to_lower( BN_bn2hex(usr->A) );
*Astr = usr->Astr;
*username = usr->username;
}
void meteor_user_generate_S_string( struct SRPUser *usr,
BN_CTX * ctx,
BIGNUM * kgx,
BIGNUM * aux,
const char * B_str,
char ** S_str)
{
BIGNUM *B = BN_new();
BIGNUM *bkgx = BN_new();
BIGNUM *S = BN_new();
BN_hex2bn( &B, B_str );
if ( !B )
goto cleanup_and_exit;
BN_sub( bkgx, B, kgx );
if ( !bkgx )
goto cleanup_and_exit;
BN_mod_exp(S, bkgx, aux, usr->ng->N, ctx);
if ( !S )
goto cleanup_and_exit;
*S_str = convert_to_lower( BN_bn2hex(S) );
cleanup_and_exit:
BN_free(B);
BN_free(bkgx);
BN_free(S);
}
void PRE_IO_rekey2file( char *file,PRE_REKEY *rekey,EC_GROUP *G )
{
FILE *fp;
if( NULL == (fp = fopen( file,"wb")) )exit(1);
/*Write order:
* v->U->W
*/
BN_CTX *ctx = BN_CTX_new();
char *v = BN_bn2hex(rekey->v);
char *U = EC_POINT_point2hex(G,rekey->U,PRE_POINT_CONVERSION,ctx);
char *W = EC_POINT_point2hex(G,rekey->W,PRE_POINT_CONVERSION,ctx);
int strlenOfV = strlen(v);
int strlenOfU = strlen(U);
int strlenOfW = strlen(W);
fwrite(&strlenOfV,sizeOfInt,1,fp);
fwrite(&strlenOfU,sizeOfInt,1,fp);
fwrite(&strlenOfW,sizeOfInt,1,fp);
fwrite(v,strlenOfV,1,fp);
fwrite(U,strlenOfU,1,fp);
fwrite(W,strlenOfW,1,fp);
BN_CTX_free(ctx);
fclose(fp);
}
const std::string bignum_hex(BIGNUM* bn)
{
char* repr = BN_bn2hex(bn);
std::string result = repr;
OPENSSL_free(repr);
boost::algorithm::to_lower(result);
return result;
}
QByteArray bnToHexArray(const BIGNUM *n)
{
char *hex = BN_bn2hex(n);
QByteArray result(hex);
OPENSSL_free(hex);
return result;
}
char * Condor_Diffie_Hellman :: getPrimeChar()
{
if (dh_ && dh_->p) {
return BN_bn2hex(dh_->p);
}
else {
return NULL;
}
}
/* HACK - use text I/O functions in openssl and GMP to handle conversions. This
* is vile. */
static int bn2gmp(const BIGNUM *bn, mpz_t g)
{
int toret;
char *tmpchar = BN_bn2hex(bn);
if(!tmpchar) return 0;
toret = (mpz_set_str(g, tmpchar, 16) == 0 ? 1 : 0);
OPENSSL_free(tmpchar);
return toret;
}
char * Condor_Diffie_Hellman :: getGeneratorChar()
{
if (dh_ && dh_->g) {
return BN_bn2hex(dh_->g);
}
else {
return NULL;
}
}
void VN_BN_dump_hex( const BIGNUM * za, struct vn_iovec * hex )
{
char * tmp = BN_bn2hex( za );
hex->i.iov_len = strlen( tmp );
hex->i.iov_base = strdup( tmp );
OPENSSL_free( tmp );
}
static int load_key_stub(struct expbuf_t *buf)
{
char *fn;
FILE *fp = NULL;
RSA *rsa = NULL;
size_t key_index = SIZE_MAX;
char *estr = NULL, *nstr = NULL, errbuf[NEVERBLEED_ERRBUF_SIZE] = "";
if ((fn = expbuf_shift_str(buf)) == NULL) {
warnf("%s: failed to parse request", __FUNCTION__);
return -1;
}
if ((fp = fopen(fn, "rt")) == NULL) {
strerror_r(errno, errbuf, sizeof(errbuf));
goto Respond;
}
if ((rsa = PEM_read_RSAPrivateKey(fp, NULL, NULL, NULL)) == NULL) {
snprintf(errbuf, sizeof(errbuf), "failed to parse the private key");
goto Respond;
}
key_index = daemon_set_rsa(rsa);
estr = BN_bn2hex(rsa->e);
nstr = BN_bn2hex(rsa->n);
Respond:
expbuf_dispose(buf);
expbuf_push_num(buf, rsa != NULL);
expbuf_push_num(buf, key_index);
expbuf_push_str(buf, estr != NULL ? estr : "");
expbuf_push_str(buf, nstr != NULL ? nstr : "");
expbuf_push_str(buf, errbuf);
if (rsa != NULL)
RSA_free(rsa);
if (estr != NULL)
OPENSSL_free(estr);
if (nstr != NULL)
OPENSSL_free(nstr);
if (fp != NULL)
fclose(fp);
return 0;
}
char *rsa_prvkey_to_new_str(const rsa_prvkey_t *sk)
{
char *ret = NULL;
char *n = NULL;
char *e = NULL;
char *d = NULL;
unsigned int len;
if (!(n = BN_bn2hex(sk->n))) {
ERR_print_errors_fp(stderr);
goto end;
}
if (!(e = BN_bn2hex(sk->e))) {
ERR_print_errors_fp(stderr);
goto end;
}
if (!(d = BN_bn2hex(sk->d))) {
ERR_print_errors_fp(stderr);
goto end;
}
len = strlen(n) + strlen(e) + strlen(d) + sizeof(" ");
if (!(ret = OPENSSL_malloc(len))) {
ERR_print_errors_fp(stderr);
goto end;
}
strcpy(ret, n);
strcat(ret, " ");
strcat(ret, e);
strcat(ret, " ");
strcat(ret, d);
end:
if (n) OPENSSL_free(n);
if (e) OPENSSL_free(e);
if (d) OPENSSL_free(d);
return ret;
}
// digest_public_modulus: calculates the SHA256 digest of the
// hexadecimal representation of the public modulus of an RSA
// key. digest must be initialized with at least 32 bytes of
// space and is used to return the SHA256 digest.
static void digest_public_modulus(RSA *key, BYTE *digest) {
char *hex;
EVP_MD_CTX *ctx = EVP_MD_CTX_create();
EVP_DigestInit_ex(ctx, EVP_sha256(), 0);
hex = BN_bn2hex(key->n);
EVP_DigestUpdate(ctx, hex, strlen(hex));
EVP_DigestFinal_ex(ctx, digest, 0);
EVP_MD_CTX_destroy(ctx);
OPENSSL_free(hex);
}
char * Condor_Diffie_Hellman :: getPublicKeyChar()
{
// This will return g^x, x is the secret, encoded in HEX format
if (dh_ && dh_->pub_key) {
return BN_bn2hex(dh_->pub_key);
}
else {
return NULL;
}
}
int PRE_IO_printBlock_hex(char *m,size_t size)
{
if ( NULL == m )return 0;
BIGNUM* bn = BN_new();
bn = BN_bin2bn((const unsigned char*)m,size,bn);
CHECK_IF_ERROR(bn);
printf("%s",BN_bn2hex(bn));
BN_free(bn);
return 1;
}
