int rsa_DECRYPTPUBLIC(RSA_CTX *ctx,unsigned char *data,unsigned long int *datLen){ int t; struct BigNum enc,m; /* decrypt (verify) data encrypted with private key (verfied by public key) */ /* datLen must be == to bitsize/8 */ if(*datLen!=ctx->bits/8) return BADDATALEN; bnBegin(&enc); bnBegin(&m); t=bnInsertLittleBytes(&m,(void*)data,0,ctx->bits/8); if(t<0){ bnEnd(&enc); bnEnd(&m); return BADTHINGS; } t=bnExpMod(&enc,&m,&ctx->e,&ctx->n); if(t<0){ bnEnd(&enc); bnEnd(&m); return BADMOD; } bnExtractLittleBytes(&enc,(void*)data,0,ctx->bits/8); bnEnd(&enc); bnEnd(&m); return OK; }
int rsa_ENCRYPTPRIVATE(RSA_CTX *ctx,unsigned char *data,unsigned long int *datLen){ int t; struct BigNum enc,m; /* encrypt (sign) data with private key */ /* datLen must be == to bitsize/8 */ if(*datLen!=ctx->bits/8) return BADDATALEN; bnBegin(&enc); bnBegin(&m); t=bnInsertLittleBytes(&m,(void*)data,0,ctx->bits/8); if(t<0){ bnEnd(&enc); bnEnd(&m); return BADTHINGS; } t=bnExpMod(&enc,&m,&ctx->d,&ctx->n); if(t<0){ bnEnd(&enc); bnEnd(&m); return BADMOD; } bnExtractLittleBytes(&enc,(void*)data,0,ctx->bits/8); bnEnd(&enc); bnEnd(&m); return OK; }
int rsa_ENCRYPTPUBLIC(RSA_CTX *ctx,unsigned char *data,unsigned long int *datLen){ int t; struct BigNum enc,m; /* encrypt data using public key */ /* datLen must be == to bitsize/8 */ if(*datLen!=ctx->bits/8) return BADDATALEN; bnBegin(&enc); bnBegin(&m); t=bnInsertLittleBytes(&m,(void*)data,0,ctx->bits/8); if(t<0){ bnEnd(&enc); bnEnd(&m); return BADTHINGS; } t=bnExpMod(&enc,&m,&ctx->e,&ctx->n); if(t<0){ bnEnd(&enc); bnEnd(&m); return BADTHINGS; } bnExtractLittleBytes(&enc,(void*)data,0,(ctx->bits/8)); bnEnd(&enc); bnEnd(&m); return OK; }
int32_t ZrtpDH::getPubKeyBytes(uint8_t *buf) const { dhCtx* tmpCtx = static_cast<dhCtx*>(ctx); if (pkType == DH2K || pkType == DH3K) { // get len of pub_key, prepend with zeros to DH size int size = getPubKeySize(); int32_t prepend = getDhSize() - size; if (prepend > 0) { memset(buf, 0, prepend); } bnExtractBigBytes(&tmpCtx->pubKey, buf + prepend, 0, size); return size; } if (pkType == EC25 || pkType == EC38 || pkType == E414) { int32_t len = getPubKeySize() / 2; bnExtractBigBytes(tmpCtx->pubPoint.x, buf, 0, len); bnExtractBigBytes(tmpCtx->pubPoint.y, buf+len, 0, len); return len * 2; } if (pkType == E255) { int32_t len = getPubKeySize(); bnExtractLittleBytes(tmpCtx->pubPoint.x, buf, 0, len); return len; } return 0; }
/* * Helper function: seed a RandomContext from a BigNum. * Be very sure to leave nothing in memory! */ static void pgpRandomBnSeed(PGPRandomContext const *rc, BigNum const *bn) { PGPByte buf[32]; /* Big enough for 99.9% of all keys */ unsigned bytes = (bnBits(bn) + 7)/8; unsigned off = 0; while (bytes > sizeof(buf)) { bnExtractLittleBytes(bn, buf, off, sizeof(buf)); pgpRandomAddBytes(rc, buf, sizeof(buf)); bytes -= sizeof(buf); off += sizeof(buf); } bnExtractLittleBytes(bn, buf, off, bytes); pgpRandomAddBytes(rc, buf, bytes); pgpClearMemory( buf, sizeof(buf)); }
/* The same, but the buffer is little-endian. */ PGPError PGPBigNumExtractLittleEndianBytes( PGPBigNumRef bn, PGPByte * dest, PGPUInt32 lsbyte, PGPUInt32 len ) { PGPError err = kPGPError_NoErr; pgpValidateBigNum( bn ); bnExtractLittleBytes( &bn->bn, dest, lsbyte, len ); return( err ); }
int32_t ZrtpDH::computeSecretKey(uint8_t *pubKeyBytes, uint8_t *secret) { dhCtx* tmpCtx = static_cast<dhCtx*>(ctx); int32_t length = getDhSize(); BigNum sec; if (pkType == DH2K || pkType == DH3K) { BigNum pubKeyOther; bnBegin(&pubKeyOther); bnBegin(&sec); bnInsertBigBytes(&pubKeyOther, pubKeyBytes, 0, length); if (pkType == DH2K) { bnExpMod(&sec, &pubKeyOther, &tmpCtx->privKey, &bnP2048); } else if (pkType == DH3K) { bnExpMod(&sec, &pubKeyOther, &tmpCtx->privKey, &bnP3072); } else { return 0; } bnEnd(&pubKeyOther); bnExtractBigBytes(&sec, secret, 0, length); bnEnd(&sec); return length; } if (pkType == EC25 || pkType == EC38 || pkType == E414) { int32_t len = getPubKeySize() / 2; EcPoint pub; bnBegin(&sec); INIT_EC_POINT(&pub); bnSetQ(pub.z, 1); // initialze Z to one, these are affine coords bnInsertBigBytes(pub.x, pubKeyBytes, 0, len); bnInsertBigBytes(pub.y, pubKeyBytes+len, 0, len); /* Generate agreement for responder: sec = pub * privKey */ ecdhComputeAgreement(&tmpCtx->curve, &sec, &pub, &tmpCtx->privKey); bnExtractBigBytes(&sec, secret, 0, length); bnEnd(&sec); FREE_EC_POINT(&pub); return length; } if (pkType == E255) { int32_t len = getPubKeySize(); EcPoint pub; bnBegin(&sec); INIT_EC_POINT(&pub); bnInsertLittleBytes(pub.x, pubKeyBytes, 0, len); /* Generate agreement for responder: sec = pub * privKey */ ecdhComputeAgreement(&tmpCtx->curve, &sec, &pub, &tmpCtx->privKey); bnExtractLittleBytes(&sec, secret, 0, length); bnEnd(&sec); FREE_EC_POINT(&pub); return length; } return -1; }