struct dh_message *dh_shared_secret(EVP_PKEY *priv_key, EVP_PKEY *peer_key)
{
EVP_PKEY_CTX *derive_ctx;
struct dh_message *msg = NULL, *digest = NULL;
if ((msg = OPENSSL_malloc(sizeof(struct dh_message))) == NULL)
return NULL;
if ((derive_ctx = EVP_PKEY_CTX_new(priv_key, NULL)) == NULL)
goto BAILOUT1;
if (EVP_PKEY_derive_init(derive_ctx) != 1
|| EVP_PKEY_derive_set_peer(derive_ctx, peer_key) != 1
|| EVP_PKEY_derive(derive_ctx, NULL, &msg->message_len) != 1
|| (msg->message = OPENSSL_malloc(msg->message_len)) == NULL)
goto BAILOUT2;
if (EVP_PKEY_derive(derive_ctx, msg->message, &msg->message_len) != 1)
goto BAILOUT3;
EVP_PKEY_CTX_free(derive_ctx);
digest = digest_message(msg);
free_dh_message(msg);
return digest;
BAILOUT3:
OPENSSL_free(msg->message);
BAILOUT2:
EVP_PKEY_CTX_free(derive_ctx);
BAILOUT1:
OPENSSL_free(msg);
return NULL;
}
int write_encrypted_tag_key (MifareTag tag, keyvault_t *kv, RSA *global_public, RSA *shop_public, RSA *shop_private, size_t len)
{
int res = 0;
uint8_t *crypted = malloc (RSA_size(global_public));
res = RSA_public_encrypt (len, (unsigned char*) kv->k, (unsigned char*) crypted, global_public, RSA_PKCS1_PADDING);
if (res < 0)
fprintf (stderr, "Something went wrong while ciphering\n");
printf ("Encrypted key has length %d\n", RSA_size(global_public));
unsigned int siglen = RSA_size (shop_private);
unsigned int digestlen = RSA_size(global_public);
unsigned char *digest = digest_message (crypted, &digestlen);
uint8_t *signature = malloc (siglen);
res = RSA_sign (NID_sha1, digest, digestlen, (unsigned char *) signature, &siglen , shop_private);
if (res <= 0)
fprintf (stderr, "Something went wrong while signing\n");
res = RSA_verify (NID_sha1, (unsigned char*) digest, digestlen, (unsigned char *) signature, siglen, shop_public);
if (res <= 0)
fprintf (stderr, "Something went wrong while signing, can't verify the thing with our pubkey\n");
MifareDESFireAID aid = mifare_desfire_aid_new (0x1);
res = mifare_desfire_select_application(tag, aid);
if (res < 0)
errx (EXIT_FAILURE, "Application selection failed");
free (aid);
MifareDESFireKey key = mifare_desfire_3des_key_new_with_version (kv->k_w_1);
mifare_desfire_key_set_version (key, 0x01);
res = mifare_desfire_authenticate (tag, 1, key);
if (res < 0)
freefare_perror(tag, "Authentication to application #1 failed");
mifare_desfire_key_free (key);
ssize_t written = mifare_desfire_write_data (tag, 0x01, 0x0, 0x80, crypted);
if (written < 0)
freefare_perror(tag, "Writing data to tag");
else
printf ("Wrote %ld bytes E(K) to card ...\n", written);
written = mifare_desfire_write_data (tag, 0x02, 0x0, 0x80, signature);
if (written < 0)
freefare_perror(tag, "Writing data to tag");
else
printf ("Wrote %ld bytes Sign(E(K)) to card ...\n", written);
free (crypted);
free (signature);
free (digest);
return res;
}
