void JNICALL Java_beecrypt_provider_RSAKeyPairGenerator_generate(JNIEnv* env, jobject obj) { jclass cls = (*env)->GetObjectClass(env, obj); jfieldID sid = (*env)->GetFieldID(env, cls, "_size", "I"); jfieldID fid; if (sid) { randomGeneratorContext rngc; rsakp pair; jint keybits = (*env)->GetIntField(env, obj, sid); randomGeneratorContextInit(&rngc, randomGeneratorDefault()); rsakpInit(&pair); fid = (*env)->GetFieldID(env, cls, "_e", "[B"); if (fid) { mpnsetbigint(&pair.e, env, (*env)->GetObjectField(env, obj, fid)); } rsakpMake(&pair, &rngc, (size_t) keybits); if ((fid = (*env)->GetFieldID(env, cls, "_n", "[B"))) (*env)->SetObjectField(env, obj, fid, mp_to_bigint(env, pair.n.size, pair.n.modl)); if ((fid = (*env)->GetFieldID(env, cls, "_e", "[B"))) (*env)->SetObjectField(env, obj, fid, mp_to_bigint(env, pair.e.size, pair.e.data)); if ((fid = (*env)->GetFieldID(env, cls, "_d", "[B"))) (*env)->SetObjectField(env, obj, fid, mp_to_bigint(env, pair.d.size, pair.d.data)); if ((fid = (*env)->GetFieldID(env, cls, "_p", "[B"))) (*env)->SetObjectField(env, obj, fid, mp_to_bigint(env, pair.p.size, pair.p.modl)); if ((fid = (*env)->GetFieldID(env, cls, "_q", "[B"))) (*env)->SetObjectField(env, obj, fid, mp_to_bigint(env, pair.q.size, pair.q.modl)); if ((fid = (*env)->GetFieldID(env, cls, "_dp", "[B"))) (*env)->SetObjectField(env, obj, fid, mp_to_bigint(env, pair.dp.size, pair.dp.data)); if ((fid = (*env)->GetFieldID(env, cls, "_dq", "[B"))) (*env)->SetObjectField(env, obj, fid, mp_to_bigint(env, pair.dq.size, pair.dq.data)); if ((fid = (*env)->GetFieldID(env, cls, "_qi", "[B"))) (*env)->SetObjectField(env, obj, fid, mp_to_bigint(env, pair.qi.size, pair.qi.data)); rsakpFree(&pair); randomGeneratorContextFree(&rngc); } }
int main(int argc, char * argv[]) { rsakp keypair; mpnumber m, cipher, decipher; randomGeneratorContext randg; int e =0, keylen = 1024, flag = 0; char buf[8192] = {0}; if ( randomGeneratorContextInit(&randg, randomGeneratorDefault()) != 0 ) { return flag; } if ( argc > 1 ) { keylen = atoi(argv[1]); } rsakpInit(&keypair); if ( argc > 2 ) { /* e 为奇数 */ e = ((atoi(argv[2]) >> 1) << 1) + 1; mpnsetw(&keypair.e, e); }
int encode_function_beecrpt(V6_AUTHENTICATION_REQUEST_T in, V6_AUTHENTICATION_RESULT_T *out) { char rsa_m[256+1]; char temp[256+1]; char buff[1024]; char confirm[1024]; unsigned char un_buff[128+1]; int len=0, file_folder_offset=0; int reserved_offset=0, i; mpnumber m, cipher; rsakp keypair; randomGeneratorContext rngc; if (randomGeneratorContextInit(&rngc, randomGeneratorDefault()) == 0) { rsakpInit(&keypair); rsakpMake(&keypair, &rngc, 1024); //Set publicKey1 memset(temp, 0, 256+1); getHexFromMPW(keypair.n.size, keypair.n.modl, temp); printLog(HEAD_KEY, "(**)UUID(%.48s)PRODUCT_ID(%.18s) ==> PUBLIC_KEY1(%s)\n", in.uuid, in.product, temp); memset(buff, 0, 1024); Hex2Str__((unsigned char*)temp, 256, (unsigned char*)buff); memcpy(out->decKey1, buff, 128); //Set publicKey2 memcpy(out->decKey2, "10001", 5); //Logging privateKey memset(temp, 0, 256+1); getHexFromMPW(keypair.d.size, keypair.d.data, temp); printLog(HEAD_KEY, "(**)UUID(%.48s)PRODUCT_ID(%.18s) ==> PRIVATE_KEY(%s)\n", in.uuid, in.product, temp); memset(un_buff, 0, 128+1); len = 0; memcpy(&un_buff[len], in.uuid, UUID_SIZE-2); len += UUID_SIZE-2; memcpy(&un_buff[len], in.device_type, DEVICE_TYPE_SIZE); len += DEVICE_TYPE_SIZE; memcpy(&un_buff[len], in.register_version, REGISTER_VERSION_SIZE); len += REGISTER_VERSION_SIZE; memcpy(&un_buff[len], in.app_version, APP_VERSION_SIZE); len += APP_VERSION_SIZE; memcpy(&un_buff[len], in.app_build_num, APP_BUILD_NUM_SIZE); len += APP_BUILD_NUM_SIZE; memcpy(&un_buff[len], in.map_version, MAP_VER_SIZE); len += MAP_VER_SIZE; memcpy(&un_buff[len], in.os_version, OS_VER_SIZE_M31); len += OS_VER_SIZE_M31; //in order not to alter m31-device's decoding function released at interface 3 protocol(0x15) file_folder_offset = len; len += FILE_SIZE; memcpy(&un_buff[len], in.expire_date, EXPIRE_DATE_SIZE); len += EXPIRE_DATE_SIZE; reserved_offset = len; for(i=0; i<in.reqEncCnt; i++) { //Set changing part(file size, reserved) memcpy(&un_buff[file_folder_offset], in.AuthFileInfo[i].file_size, FILE_SIZE); memcpy(&un_buff[reserved_offset], in.AuthFileInfo[i].reserved, RESERVED_SIZE); memset(rsa_m, 0, 256+1); Str2Hex__(un_buff, 128, (unsigned char *)rsa_m); mpnzero(&m); mpnzero(&cipher); mpnsethex(&m, rsa_m); if( rsapri(&keypair.n, &keypair.d, &m, &cipher) != 0 ) return -1; //Set encryptStr memset(temp, 0, 256+1); getHexFromMPW(cipher.size, cipher.data, temp); printLog(HEAD_KEY, "(%.2d)UUID(%.48s)PRODUCT_ID(%.18s) ==> ENCRYPT_STR(%s)\n",i, in.uuid, in.product, temp); memset(buff, 0, 1024); Hex2Str__((unsigned char*)temp, 256, (unsigned char*)buff); memcpy(out->AuthResultData[i].encStr, buff, 128); // 검증용.. decode_function_m31(out->decKey1, out->decKey2, out->AuthResultData[i].encStr, confirm); if(memcmp(un_buff, confirm, 128) != 0) { printLog(HEAD, "ERR::ENCODINGINPUT(%s)OUTPUT(%s) not same\n", un_buff, confirm); mpnfree(&cipher); mpnfree(&m); rsakpFree(&keypair); randomGeneratorContextFree(&rngc); out->resultCnt = 0; return -1; } // free mpn objects mpnfree(&cipher); mpnfree(&m); } out->resultCnt = i; // free rsakp object & random generator context rsakpFree(&keypair); randomGeneratorContextFree(&rngc); return 1; } return -1; }
int main() { FILE *rng; unsigned long rnum; int i, j; randomGeneratorContext rngc; byte keyTest[32]; char keyHex[80]; rsakp keypair; unsigned char mac[6]; byte digest[20]; char digestHex[41]; sha1Param sha1param; randomGeneratorContextInit(&rngc, randomGeneratorDefault()); rsakpInit(&keypair); fscanf( stdin, "%02X:%02X:%02X:%02X:%02X:%02X", &(mac[0]),&(mac[1]),&(mac[2]),&(mac[3]),&(mac[4]),&(mac[5]) ); sha1Reset( &sha1param ); sha1Update( &sha1param, mac, 6 ); // put the MAC into the SHA-1 rngc.rng->next(rngc.param, (byte*) keyTest, 16); sha1Update( &sha1param, keyTest, 16 ); // then add some random numbers for good measure sha1Digest( &sha1param, digest ); toHex(digest, digestHex, 16); // and there you have our putative ID // just in case we are a bit too deterministic, we push around // the RNG some amount that is linked to the MAC...not really a permanent // solution, but it should help avoid collisions. for( i = 0; i < digest[0]; i++ ) { rngc.rng->next(rngc.param, (byte*) keyTest, 16); } for( i = 0; i < digest[12]; i++ ) { rngc.rng->next(rngc.param, (byte*) keyTest, 16); } for( i = 0; i < digest[7]; i++ ) { rngc.rng->next(rngc.param, (byte*) keyTest, 16); } for( i = 0; i < digest[17]; i++ ) { rngc.rng->next(rngc.param, (byte*) keyTest, 16); } fprintf(stdout, "# Indeed, these are crypto keys. The overall system is designed to tolerate people finding these keys. Please note that modifying or copying these keys may cause us to be unable to recover your account information.\n" ); for( i = 0; i < MAX_KEY_INDEX; i++ ) { rngc.rng->next(rngc.param, (byte*) keyTest, 16); toHex(keyTest, keyHex, 16); fprintf(stdout, "AES:%d:", i ); fprintf(stdout, "%s\n", keyHex ); fflush(stdout); } fprintf( stderr, "Generating 2048-bit RSA key pair..." ); rsakpMake(&keypair, &rngc, 2048); fprintf( stderr, "Done.\n" ); fflush( stderr ); for( j = 0; j < MAX_KEY_INDEX; j++ ) { // create the putative index //rngc.rng->next(rngc.param, (byte*) keyTest, 16); //toHex(keyTest, keyHex, 16); fprintf(stdout, "PKI_I:%d:", j ); // fprintf(stdout, "%s", keyHex ); fprintf(stdout, "%s", digestHex ); // save the public key fprintf(stdout, "\nPKI_N:%d:", j ); for( i = 0; i < keypair.n.size; i++ ) fprintf(stdout, "%08X", keypair.n.modl[i] ); fprintf(stdout, "\nPKI_E:%d:", j ); for( i = 0; i < keypair.e.size; i++ ) fprintf(stdout, "%08X", keypair.e.data[i]); // now save the private key components used in the CRT fprintf(stdout, "\nPKI_P:%d:", j ); for( i = 0; i < keypair.p.size; i++ ) fprintf(stdout, "%08X", keypair.p.modl[i] ); fprintf(stdout, "\nPKI_Q:%d:", j ); for( i = 0; i < keypair.q.size; i++ ) fprintf(stdout, "%08X", keypair.q.modl[i] ); fprintf(stdout, "\nPKI_DP:%d:", j ); for( i = 0; i < keypair.dp.size; i++ ) fprintf(stdout, "%08X", keypair.dp.data[i]); fprintf(stdout, "\nPKI_DQ:%d:", j ); for( i = 0; i < keypair.dq.size; i++ ) fprintf(stdout, "%08X", keypair.dq.data[i]); fprintf(stdout, "\nPKI_QI:%d:", j ); for( i = 0; i < keypair.qi.size; i++ ) fprintf(stdout, "%08X", keypair.qi.data[i]); fprintf(stdout, "\n" ); } return 0; }
int main(int argc, char * argv[]) { int i = 0, failures = 0; char buf[8192] = {0}; rsakp keypair; mpnumber m, cipher, decipher; randomGeneratorContext rngc; if (randomGeneratorContextInit(&rngc, randomGeneratorDefault()) == 0) { /* First we do the fixed value verification */ rsakpInit(&keypair); mpbsethex(&keypair.n, rsa_n); mpnsethex(&keypair.e, rsa_e); mpnsethex(&keypair.d, rsa_d); mpnzero(&m); mpnzero(&cipher); mpnzero(&decipher); if ( argv[1][0] == '-' && argv[1][1] == 'm') { mpnsetbin(&m, (argv[1] + 2), strlen(argv[1]) - 2); } else if ( argv[1][0] == '-' && argv[1][1] == 'h') { _hex_snprintf(buf, strlen(argv[1]) - 2, argv[1] + 2, sizeof(char)); mpnsethex(&m, buf); } printf("message:%s\n", argv[1] + 2); hex_dump((char *) m.data, m.size << 2); printf("\npublic:%d\n", (int) * keypair.e.data); hex_dump((char *) keypair.e.data, keypair.e.size << 2); /* it's safe to cast the keypair to a public key */ if ( rsapub(&keypair.n, &keypair.e, &m, &cipher) ) { failures++; } printf("\ncipher:\n"); hex_dump((char *) cipher.data, cipher.size << 2); i = mpntobin(buf, &cipher, 0); printf("\ncipher mpntobin:%d\n", i); hex_dump(buf, i); if ( rsapri(&keypair.n, &keypair.d, &cipher, &decipher) ) { failures++; } printf("\ndecipher:%s\n", (char *) decipher.data); hex_dump((char *) decipher.data, decipher.size << 2); _hex_snprintf(buf, decipher.size * sizeof(mpw), (char *) decipher.data, sizeof(mpw)); printf("\n_snprintf (%dbytes):\n%s\n", decipher.size << 2, buf); i = mpntobin(buf, &decipher, 0); printf("\nmpntobin:%d\n", i); hex_dump(buf, i); i = mpntobin(buf, &decipher, (strlen(argv[1])-2)); printf("\nmpntobin intercept:%d\n%s\n", i, buf); hex_dump(buf, i); mpntohex(buf, & decipher); printf("\nmpntohex:(%d)%s\n", decipher.size << 2, buf); mpnfree(&decipher); mpnfree(&cipher); mpnfree(&m); rsakpFree(&keypair); randomGeneratorContextFree(&rngc); } return failures; }
int main( int argc, char **argv ) { FILE *secblock; unsigned char packetType; unsigned short packetLen; unsigned char buffer[4096]; unsigned char hexrep[8192]; // for CRT computation mpbarrett psubone, qsubone; // for testing mpnumber m, cipher, decipher, holder; rsakp keypair; size_t bits = 2048; size_t pbits = (bits+1) >> 1; size_t qbits = (bits - pbits); size_t psize = MP_BITS_TO_WORDS(pbits+MP_WBITS-1); size_t qsize = MP_BITS_TO_WORDS(qbits+MP_WBITS-1); size_t pqsize = psize+qsize; mpw* temp = (mpw*) malloc((16*pqsize+6)*sizeof(mpw)); if( argc < 2 ) { printf( "usage: %s <secblock>\n", argv[0] ); exit( 1 ); } mpbzero(&psubone); mpbzero(&qsubone); secblock = fopen(argv[1], "rb"); if( secblock == NULL ) { printf( "Can't open %s\n", argv[1] ); exit(0); } packetType = fgetc(secblock); packetLen = 0; //big endianness... big16read(&packetLen, secblock); printf( "Packet type: 0x%02X\n", packetType ); printf( "Packet length: %04d\n", (int) packetLen ); // skip ahead six bytes, this includes key generation time and other attributes fread( buffer, 6, 1, secblock); rsakpInit(&keypair); big16read(&packetLen, secblock); printf( "n Packet length: %02d bits, %02d bytes\n", (int) packetLen, (int) bytesFromMpn(packetLen) ); printf( "offset: %x\n", ftell( secblock ) ); fread( buffer, bytesFromMpn(packetLen), 1, secblock ); mpbsetbin(&keypair.n, buffer, bytesFromMpn(packetLen)); mpprintln(packetLen/32, keypair.n.modl); big16read(&packetLen, secblock); printf( "e Packet length: %02d bits, %02d bytes\n", (int) packetLen, (int) bytesFromMpn(packetLen) ); printf( "offset: %x\n", ftell( secblock ) ); fread( buffer, bytesFromMpn(packetLen), 1, secblock ); mpnsetbin(&keypair.e, buffer, bytesFromMpn(packetLen)); mpprintln(keypair.e.size, keypair.e.data); packetType = fgetc(secblock); if( packetType == 0 ) { printf( "secret data is plaintext\n" ); } else { printf( "secret data is encrypted\n" ); } big16read(&packetLen, secblock); printf( "d Packet length: %02d bits, %02d bytes\n", (int) packetLen, (int) bytesFromMpn(packetLen) ); printf( "offset: %x\n", ftell( secblock ) ); fread( buffer, bytesFromMpn(packetLen), 1, secblock ); mpnsetbin(&keypair.d, buffer, bytesFromMpn(packetLen)); mpprintln(keypair.d.size, keypair.d.data); big16read(&packetLen, secblock); printf( "p Packet length: %02d bits, %02d bytes\n", (int) packetLen, (int) bytesFromMpn(packetLen) ); printf( "offset: %x\n", ftell( secblock ) ); fread( buffer, bytesFromMpn(packetLen), 1, secblock ); mpbsetbin(&keypair.p, buffer, bytesFromMpn(packetLen)); mpprintln(packetLen/32, keypair.p.modl); big16read(&packetLen, secblock); printf( "q Packet length: %02d bits, %02d bytes\n", (int) packetLen, (int) bytesFromMpn(packetLen) ); printf( "offset: %x\n", ftell( secblock ) ); fread( buffer, bytesFromMpn(packetLen), 1, secblock ); mpbsetbin(&keypair.q, buffer, bytesFromMpn(packetLen)); mpprintln(packetLen/32, keypair.q.modl); big16read(&packetLen, secblock); printf( "mystery packet length: %02d bits, %02d bytes\n", (int) packetLen, (int) bytesFromMpn(packetLen) ); printf( "offset: %x\n", ftell( secblock ) ); fread( buffer, bytesFromMpn(packetLen), 1, secblock ); mpnzero(&holder); mpnsetbin(&holder, buffer, bytesFromMpn(packetLen)); mpprintln(holder.size, holder.data); fread( buffer, 4, 1, secblock ); // advance by two bytes printf( "offset: %x\n", ftell( secblock ) ); fread( buffer, bytesFromMpn(packetLen), 1, secblock ); printf( "%s\n", buffer ); #ifdef USE_CRT // compute CRT elements /* compute p-1 */ mpbsubone(&keypair.p, temp); mpbset(&psubone, psize, temp); /* compute q-1 */ mpbsubone(&keypair.q, temp); mpbset(&qsubone, qsize, temp); /* compute dp = d mod (p-1) */ mpnsize(&keypair.dp, psize); mpbmod_w(&psubone, keypair.d.data, keypair.dp.data, temp); /* compute dq = d mod (q-1) */ mpnsize(&keypair.dq, qsize); mpbmod_w(&qsubone, keypair.d.data, keypair.dq.data, temp); /* compute qi = inv(q) mod p */ mpninv(&keypair.qi, (mpnumber*) &keypair.q, (mpnumber*) &keypair.p); #endif // now test mpnzero(&m); mpnzero(&cipher); mpnzero(&decipher); mpnsethex(&m, "d436e99569fd32a7c8a05bbc90d32c49"); printf( "Original: " ); mpprintln(m.size, m.data); rsapub(&keypair.n, &keypair.e, &m, &cipher); printf( "Encrypted: " ); mpprintln(cipher.size, cipher.data); #ifdef USE_CRT rsapricrt(&keypair.n, &keypair.p, &keypair.q, &keypair.dp, &keypair.dq, &keypair.qi, &cipher, &decipher); #else rsapri(&keypair.n, &keypair.d, &cipher, &decipher); #endif printf( "Recovered: " ); mpprintln(decipher.size, decipher.data); if (mpnex(m.size, m.data, decipher.size, decipher.data)) printf ( "results don't match\n" ); else printf ( "before and after encyrption sizes match\n" ); printf( "special test routine for STM32 validation\n" ); mpnzero(&cipher); mpnzero(&decipher); mpnsethex(&cipher, "6fa1bf55e15b47f4662f86e8fc7fadf0dc02c603c20c1090096fdbeafbd56897794ee106d0fcd8a58392ee7e14fd4e15b49c4adb02f0eebeb9587e9823e9e11048c1754c5e6ba273a08c35dd68f72bf4758b8c31dee196f683298cdbd259c28976c1459058c37be29b52589f3919dcb41cf57fd0c64796a056702be8c1f7574a005cad8b0aedb8f833d1fcfe5383b6d6695d766cc1a9a3413f7609fa18b0a1214486f8fec17febd3f4cbc177dd6f26568b715249853280c570e2ef8519f51fe78fb1978061a48fcc6730fb24e365120b54e6f4e2c3815997176167456b2a2b8f1a13b66967765fc42d4aeec2b4f8211e54ba9cbbbbfdd8ac7b2f20af8d44cd68" ); printf( "Decrypting: " ); mpprintln(cipher.size, cipher.data); rsapub(&keypair.n, &keypair.e, &cipher, &decipher); printf( "Recovered: " ); mpprintln(decipher.size, decipher.data); free(temp); return 0; }
void doInteraction() { char *cmd; // i/o opRec oprec; unsigned char dataStr[256]; // aes aesParam aesparam; byte aesSrc[16]; byte aesDst[16]; // rsa rsakp keypair; mpnumber m, cipher, signature; // sha1 byte digest[20]; char digestHex[41]; sha1Param sha1param; int i; oprec.data = dataStr; oprec.dataLen = MAXDATLEN; while(1) { // reset the data string for( i = 0; i < MAXDATLEN; i++ ) { oprec.data[i] = '0'; } oprec.dataLen = MAXDATLEN; // grab the string and parse it cmd = getString(); if(parseString(cmd, &oprec) != 1) { oprec.dataLen = MAXDATLEN; continue; } switch(oprec.cipherType) { case CH_AES: for( i = 0; i < 16; i++ ) { aesSrc[i] = 0; } if(aesSetup(&aesparam, AESkeyTable[oprec.keyIndex].key, 128, oprec.opType == CH_ENCRYPT ? ENCRYPT : DECRYPT )) continue; fromhex(aesSrc, oprec.data); if( oprec.opType == CH_ENCRYPT ) { if( aesEncrypt(&aesparam, (uint32_t *)aesDst, (uint32_t *)aesSrc) ) continue; } else { if( aesDecrypt(&aesparam, (uint32_t *)aesDst, (uint32_t *)aesSrc) ) continue; } for( i = 0; i < 16; i++ ) { printf("%02X", aesDst[i] ); } printf( "\n" ); break; case CH_SGN: // init sha1 if( sha1Reset( &sha1param ) ) continue; if( sha1Update( &sha1param, oprec.data, oprec.dataLen )) continue; if( sha1Digest( &sha1param, digest ) ) continue; // digest now contains the 160-bit message we want to sign toHex(digest, digestHex, 20); // digestHex now has the correct large number representation of the message #if TESTING fprintf( stderr, "sha1 of message: %s\n", digestHex ); #endif // init rsa rsakpInit(&keypair); mpbsethex(&keypair.n, RSAkeyTable[oprec.keyIndex].rsa_n); mpnsethex(&keypair.e, RSAkeyTable[oprec.keyIndex].rsa_e); mpbsethex(&keypair.p, RSAkeyTable[oprec.keyIndex].rsa_p); mpbsethex(&keypair.q, RSAkeyTable[oprec.keyIndex].rsa_q); mpnsethex(&keypair.dp, RSAkeyTable[oprec.keyIndex].rsa_dp); mpnsethex(&keypair.dq, RSAkeyTable[oprec.keyIndex].rsa_dq); mpnsethex(&keypair.qi, RSAkeyTable[oprec.keyIndex].rsa_qi); mpnzero(&m); mpnzero(&cipher); mpnzero(&signature); mpnsethex(&m, digestHex); // we are now all set to do the signing // need to: // write signing alg here // make test case // this link is very helpful in writing this code: // http://tools.ietf.org/html/rfc3447#page-12 rsapricrt(&keypair.n, &keypair.p, &keypair.q, &keypair.dp, &keypair.dq, &keypair.qi, &m, &signature); for( i = 0; i < signature.size; i++ ) { printf("%08X", signature.data[i] ); } printf( "\n" ); #if TESTING mpnfree(&m); mpnzero(&m); rsapub(&keypair.n, &keypair.e, &signature, &m); for( i = 0; i < m.size; i++ ) { printf("%08X", m.data[i] ); } printf( "\n" ); #endif rsakpFree(&keypair); break; case CH_VRF: rsakpInit(&keypair); mpbsethex(&keypair.n, RSAkeyTable[oprec.keyIndex].rsa_n); mpnsethex(&keypair.e, RSAkeyTable[oprec.keyIndex].rsa_e); mpbsethex(&keypair.p, RSAkeyTable[oprec.keyIndex].rsa_p); mpbsethex(&keypair.q, RSAkeyTable[oprec.keyIndex].rsa_q); mpnsethex(&keypair.dp, RSAkeyTable[oprec.keyIndex].rsa_dp); mpnsethex(&keypair.dq, RSAkeyTable[oprec.keyIndex].rsa_dq); mpnsethex(&keypair.qi, RSAkeyTable[oprec.keyIndex].rsa_qi); mpnzero(&m); mpnzero(&cipher); mpnzero(&signature); mpnsethex(&m, oprec.data); rsapub(&keypair.n, &keypair.e, &m, &cipher); for( i = 0; i < cipher.size; i++ ) printf("%08X", cipher.data[i]); printf( "\n" ); break; case CH_SHA: // init sha1 if( sha1Reset( &sha1param ) ) continue; if( sha1Update( &sha1param, oprec.data, oprec.dataLen )) continue; if( sha1Digest( &sha1param, digest ) ) continue; // digest now contains the 160-bit message we want to sign toHex(digest, digestHex, 20); printf( "%s\n", digestHex ); break; default: fprintf( stderr, "unknown cipher type caught.\n" ); } // switch // prevent the leak! #if (TESTING == 0) if( cmd != NULL ) free(cmd); #endif } // while }
int main() { int failures = 0; rsakp keypair; mpnumber m, cipher, decipher; randomGeneratorContext rngc; if (randomGeneratorContextInit(&rngc, randomGeneratorDefault()) == 0) { /* First we do the fixed value verification */ rsakpInit(&keypair); mpbsethex(&keypair.n, rsa_n); mpnsethex(&keypair.e, rsa_e); mpbsethex(&keypair.p, rsa_p); mpbsethex(&keypair.q, rsa_q); mpnsethex(&keypair.dp, rsa_d1); mpnsethex(&keypair.dq, rsa_d2); mpnsethex(&keypair.qi, rsa_c); mpnzero(&m); mpnzero(&cipher); mpnzero(&decipher); mpnsethex(&m, rsa_m); /* it's safe to cast the keypair to a public key */ if (rsapub(&keypair.n, &keypair.e, &m, &cipher)) failures++; if (rsapricrt(&keypair.n, &keypair.p, &keypair.q, &keypair.dp, &keypair.dq, &keypair.qi, &cipher, &decipher)) failures++; if (mpnex(m.size, m.data, decipher.size, decipher.data)) failures++; mpnfree(&decipher); mpnfree(&cipher); mpnfree(&m); rsakpFree(&keypair); mpnzero(&m); mpnzero(&cipher); mpnzero(&decipher); /* Now we generate a keypair and do some tests on it */ rsakpMake(&keypair, &rngc, 512); /* generate a random m in the range 0 < m < n */ mpbnrnd(&keypair.n, &rngc, &m); /* it's safe to cast the keypair to a public key */ if (rsapub(&keypair.n, &keypair.e, &m, &cipher)) failures++; if (rsapricrt(&keypair.n, &keypair.p, &keypair.q, &keypair.dp, &keypair.dq, &keypair.qi, &cipher, &decipher)) failures++; if (mpnex(m.size, m.data, decipher.size, decipher.data)) failures++; rsakpFree(&keypair); } return failures; }