void openssl_dsa_crypt() { DSA *d; unsigned int size, len; unsigned char inputs[COMM_LEN] = "dsa crypt"; unsigned char outputs[MAX1_LEN] = { 0 }; printf("\nDSA generate key:\n"); d = DSA_new(); DSA_generate_parameters_ex(d, LINE_LEN, NULL, 0, NULL, NULL, NULL); DSA_generate_key(d); DSA_print_fp(stdout, d, 0); DSA_sign(NID_md5_sha1, inputs, 20, outputs, &len, d); printf("DSA_sign(%s) = ", inputs); for (size = 0; size < len; size++) printf("%.02x", outputs[size]); printf("\n"); DSA_verify(NID_md5_sha1, inputs, 20, outputs, len, d); printf("DSA_verify("); for (size = 0; size < len; size++) printf("%.02x", outputs[size]); printf(") = %s\n", inputs); DSA_free(d); }
Key * key_load_private_pem(int fd, int type, const char *passphrase, char **commentp) { FILE *fp; EVP_PKEY *pk = NULL; Key *prv = NULL; char *name = "<no key>"; fp = fdopen(fd, "r"); if (fp == NULL) { error("fdopen failed: %s", strerror(errno)); close(fd); return NULL; } pk = PEM_read_PrivateKey(fp, NULL, NULL, (char *)passphrase); if (pk == NULL) { debug("PEM_read_PrivateKey failed"); (void)ERR_get_error(); } else if (pk->type == EVP_PKEY_RSA && (type == KEY_UNSPEC||type==KEY_RSA)) { prv = key_new(KEY_UNSPEC); prv->rsa = EVP_PKEY_get1_RSA(pk); prv->type = KEY_RSA; name = "rsa w/o comment"; #ifdef DEBUG_PK RSA_print_fp(stderr, prv->rsa, 8); #endif if (RSA_blinding_on(prv->rsa, NULL) != 1) { error("key_load_private_pem: RSA_blinding_on failed"); key_free(prv); prv = NULL; } } else if (pk->type == EVP_PKEY_DSA && (type == KEY_UNSPEC||type==KEY_DSA)) { prv = key_new(KEY_UNSPEC); prv->dsa = EVP_PKEY_get1_DSA(pk); prv->type = KEY_DSA; name = "dsa w/o comment"; #ifdef DEBUG_PK DSA_print_fp(stderr, prv->dsa, 8); #endif } else { error("PEM_read_PrivateKey: mismatch or " "unknown EVP_PKEY save_type %d", pk->save_type); } fclose(fp); if (pk != NULL) EVP_PKEY_free(pk); if (prv != NULL && commentp) *commentp = xstrdup(name); debug("read PEM private key done: type %s", prv ? key_type(prv) : "<unknown>"); return prv; }
int main() { DSA *key; FILE *fp1, *fp2; unsigned char digest[8] = "1234567"; int siglen; unsigned char signature[1000]; int retcode; key = DSA_generate_parameters(1024, NULL, 0, NULL, NULL, NULL, NULL); if (key == NULL) { printf("\nFailed to generate parameters\n"); exit(1); } fp1 = fopen("params.dat", "w"); DSAparams_print_fp(fp1, key); fclose(fp1); DSA_generate_key(key); if (key == NULL) { printf("\nFailed to generate key\n"); exit(1); } fp2 = fopen("key.dat", "w"); DSA_print_fp(fp2, key, 0); fclose(fp2); retcode = DSA_sign(0, digest, 8, signature, &siglen, key); if (retcode == 0) { printf("\n *** Error in signing ***\n\n"); exit(1); } printf("\n%s\n",signature); retcode = DSA_verify(0, digest, 8, signature, siglen, key); if (retcode == 1) printf("\n *** Valid signature ***\n\n"); if (retcode == 0) printf("\n *** Incorrect signature ***\n\n"); if (retcode == -1) printf("\n *** Error in verifying ***\n\n"); DSA_free(key); return 0; }
int main() { FILE *fp; int len, i; MD5_CTX ctx; unsigned char buf[1000]; unsigned char md5sum[16]; MD5_Init(&ctx); if(!( fp = fopen("input.dat", "rb"))) { printf("\nFailed to open file\n"); return (1); } while((len = fread( buf, 1, sizeof(buf), fp ) ) > 0 ) { MD5_Update(&ctx, buf, len); } MD5_Final(md5sum, &ctx); printf("MD5(input.dat) = "); for( i = 0; i < 16; i++ ) { printf("%02x", md5sum[i]); } printf("\n"); DSA *key; FILE *fp1, *fp2; /*unsigned char digest[8] = "1234567";*/ int siglen; unsigned char signature[1000]; int retcode; key = DSA_generate_parameters(1024, NULL, 0, NULL, NULL, NULL, NULL); if (key == NULL) { printf("\nFailed to generate parameters\n"); exit(1); } fp1 = fopen("params.dat", "w"); DSAparams_print_fp(fp1, key); fclose(fp1); DSA_generate_key(key); if (key == NULL) { printf("\nFailed to generate key\n"); exit(1); } fp2 = fopen("key.dat", "w"); DSA_print_fp(fp2, key, 0); fclose(fp2); retcode = DSA_sign(0, md5sum, 8, signature, &siglen, key); if (retcode == 0) { printf("\n *** Error in signing ***\n\n"); exit(1); } FILE *fp3; fp3 = fopen("signature.dat", "w"); fputs(signature, fp3); fclose(fp3); printf("\nSignature of the hash = "); printf("%s\n",signature); retcode = DSA_verify(0, md5sum, 8, signature, siglen, key); if (retcode == 1) printf("\n *** Valid signature ***\n\n"); if (retcode == 0) printf("\n *** Incorrect signature ***\n\n"); if (retcode == -1) printf("\n *** Error in verifying ***\n\n"); DSA_free(key); return 0; }
static int sshkey_parse_private_pem(struct sshbuf *blob, int type, const char *passphrase, struct sshkey **keyp, char **commentp) { EVP_PKEY *pk = NULL; struct sshkey *prv = NULL; char *name = "<no key>"; BIO *bio = NULL; int r; *keyp = NULL; if (commentp != NULL) *commentp = NULL; if ((bio = BIO_new(BIO_s_mem())) == NULL || sshbuf_len(blob) > INT_MAX) return SSH_ERR_ALLOC_FAIL; if (BIO_write(bio, sshbuf_ptr(blob), sshbuf_len(blob)) != (int)sshbuf_len(blob)) { r = SSH_ERR_ALLOC_FAIL; goto out; } if ((pk = PEM_read_bio_PrivateKey(bio, NULL, NULL, (char *)passphrase)) == NULL) { r = SSH_ERR_KEY_WRONG_PASSPHRASE; goto out; } if (pk->type == EVP_PKEY_RSA && (type == KEY_UNSPEC || type == KEY_RSA)) { if ((prv = sshkey_new(KEY_UNSPEC)) == NULL) { r = SSH_ERR_ALLOC_FAIL; goto out; } prv->rsa = EVP_PKEY_get1_RSA(pk); prv->type = KEY_RSA; name = "rsa w/o comment"; #ifdef DEBUG_PK RSA_print_fp(stderr, prv->rsa, 8); #endif if (RSA_blinding_on(prv->rsa, NULL) != 1) { r = SSH_ERR_LIBCRYPTO_ERROR; goto out; } } else if (pk->type == EVP_PKEY_DSA && (type == KEY_UNSPEC || type == KEY_DSA)) { if ((prv = sshkey_new(KEY_UNSPEC)) == NULL) { r = SSH_ERR_ALLOC_FAIL; goto out; } prv->dsa = EVP_PKEY_get1_DSA(pk); prv->type = KEY_DSA; name = "dsa w/o comment"; #ifdef DEBUG_PK DSA_print_fp(stderr, prv->dsa, 8); #endif } else if (pk->type == EVP_PKEY_EC && (type == KEY_UNSPEC || type == KEY_ECDSA)) { if ((prv = sshkey_new(KEY_UNSPEC)) == NULL) { r = SSH_ERR_ALLOC_FAIL; goto out; } prv->ecdsa = EVP_PKEY_get1_EC_KEY(pk); prv->type = KEY_ECDSA; prv->ecdsa_nid = sshkey_ecdsa_key_to_nid(prv->ecdsa); if (prv->ecdsa_nid == -1 || sshkey_curve_nid_to_name(prv->ecdsa_nid) == NULL || sshkey_ec_validate_public(EC_KEY_get0_group(prv->ecdsa), EC_KEY_get0_public_key(prv->ecdsa)) != 0 || sshkey_ec_validate_private(prv->ecdsa) != 0) { r = SSH_ERR_INVALID_FORMAT; goto out; } name = "ecdsa w/o comment"; #ifdef DEBUG_PK if (prv != NULL && prv->ecdsa != NULL) sshkey_dump_ec_key(prv->ecdsa); #endif } else { r = SSH_ERR_INVALID_FORMAT; goto out; } if (commentp != NULL && (*commentp = strdup(name)) == NULL) { r = SSH_ERR_ALLOC_FAIL; goto out; } r = 0; *keyp = prv; prv = NULL; out: BIO_free(bio); if (pk != NULL) EVP_PKEY_free(pk); if (prv != NULL) sshkey_free(prv); return r; }
EAPI void eet_identity_print(Eet_Key *key, FILE *out) { #ifdef HAVE_SIGNATURE # ifdef HAVE_GNUTLS const char *names[6] = { "Modulus", "Public exponent", "Private exponent", "First prime", "Second prime", "Coefficient" }; int err = 0; gnutls_datum_t data = { NULL, 0 }; gnutls_datum_t rsa_raw[6]; size_t size = 128; char *res = NULL; char buf[33]; unsigned int i, j; if (!key) return; if (!emile_cipher_init()) return ; if (key->private_key) { if (gnutls_x509_privkey_export_rsa_raw(key->private_key, rsa_raw + 0, /* Modulus */ rsa_raw + 1, /* Public exponent */ rsa_raw + 2, /* Private exponent */ rsa_raw + 3, /* First prime */ rsa_raw + 4, /* Second prime */ rsa_raw + 5)) /* Coefficient */ goto on_error; if (!(res = malloc(size))) goto on_error; fprintf(out, "Private Key:\n"); buf[32] = '\0'; for (i = 0; i < 6; i++) { while ((err = gnutls_hex_encode(rsa_raw + i, res, &size)) == GNUTLS_E_SHORT_MEMORY_BUFFER) { char *temp; size += 128; if (!(temp = realloc(res, size))) goto on_error; res = temp; } if (err) goto on_error; fprintf(out, "\t%s:\n", names[i]); for (j = 0; strlen(res) > j; j += 32) { snprintf(buf, 32, "%s", res + j); fprintf(out, "\t\t%s\n", buf); } } free(res); res = NULL; } if (key->certificate) { fprintf(out, "Public certificate:\n"); if (gnutls_x509_crt_print(key->certificate, GNUTLS_X509_CRT_FULL, &data)) goto on_error; fprintf(out, "%s\n", data.data); gnutls_free(data.data); data.data = NULL; } on_error: if (res) free(res); if (data.data) gnutls_free(data.data); return; # else /* ifdef HAVE_GNUTLS */ RSA *rsa; DSA *dsa; DH *dh; if (!key) return; if (!emile_cipher_init()) return ; rsa = EVP_PKEY_get1_RSA(key->private_key); if (rsa) { fprintf(out, "Private key (RSA):\n"); RSA_print_fp(out, rsa, 0); } dsa = EVP_PKEY_get1_DSA(key->private_key); if (dsa) { fprintf(out, "Private key (DSA):\n"); DSA_print_fp(out, dsa, 0); } dh = EVP_PKEY_get1_DH(key->private_key); if (dh) { fprintf(out, "Private key (DH):\n"); DHparams_print_fp(out, dh); } fprintf(out, "Public certificate:\n"); X509_print_fp(out, key->certificate); # endif /* ifdef HAVE_GNUTLS */ #else /* ifdef HAVE_SIGNATURE */ key = NULL; out = NULL; ERR("You need to compile signature support in EET."); #endif /* ifdef HAVE_SIGNATURE */ }
inline void dsa_key::print(file _file, int offset) const { error::throw_error_if_not(DSA_print_fp(_file.raw(), ptr().get(), offset) != 0); }