result_t PKey::exportPem(std::string &retVal) { result_t hr; bool priv; hr = isPrivate(priv); if (hr < 0) return hr; int ret; std::string buf; buf.resize(pk_get_len(&m_key) * 8 + 128); if (priv) ret = pk_write_key_pem(&m_key, (unsigned char *)&buf[0], buf.length()); else ret = pk_write_pubkey_pem(&m_key, (unsigned char *)&buf[0], buf.length()); if (ret != 0) return CHECK_ERROR(_ssl::setError(ret)); buf.resize(qstrlen(buf.c_str())); retVal = buf; return 0; }
static int write_private_key( pk_context *key, const char *output_file ) { int ret; FILE *f; unsigned char output_buf[16000]; unsigned char *c = output_buf; size_t len = 0; memset(output_buf, 0, 16000); if( opt.output_format == OUTPUT_FORMAT_PEM ) { if( ( ret = pk_write_key_pem( key, output_buf, 16000 ) ) != 0 ) return( ret ); len = strlen( (char *) output_buf ); } else { if( ( ret = pk_write_key_der( key, output_buf, 16000 ) ) < 0 ) return( ret ); len = ret; c = output_buf + sizeof(output_buf) - len - 1; } if( ( f = fopen( output_file, "w" ) ) == NULL ) return( -1 ); if( fwrite( c, 1, len, f ) != len ) return( -1 ); fclose(f); return( 0 ); }
int main( int argc, char *argv[] ) { int ret; rainbow_context rb; pk_context ctx; entropy_context entropy; ctr_drbg_context ctr_drbg; FILE *fpub = NULL; FILE *fpriv = NULL; const char *pers = "rb_genkey"; unsigned char large_buffer[256000]; ctx.pk_info = &rainbow_info; ctx.pk_ctx = &rb; ((void) argc); ((void) argv); printf( "\n . Seeding the random number generator..." ); fflush( stdout ); entropy_init( &entropy ); if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy, (const unsigned char *) pers, strlen( pers ) ) ) != 0 ) { printf( " failed\n ! ctr_drbg_init returned %d\n", ret ); goto exit; } printf( " ok\n . Generating the TTS key [ %d-bit ]...", TTS_PUBKEY_SIZE_BYTE * 8 ); fflush( stdout ); if( ( ret = rb_genkey( (uint8_t *) &rb.pk, (uint8_t *) &rb.sk, &myrand, NULL ) ) != 0 ) { printf( " failed\n ! rb_genkey returned %d\n\n", ret ); goto exit; } printf( " ok\n . Exporting the public key in ./self-signed/rb-pub.pem...." ); fflush( stdout ); if( ( fpub = fopen( "./self-signed/rb-pub.pem", "wb+" ) ) == NULL ) { printf( " failed\n ! could not open ./self-signed/rb-pub.pem for writing\n\n" ); ret = 1; goto exit; } pk_write_pubkey_pem( &ctx, large_buffer, 256000 ); fwrite( large_buffer, 1, 256000, fpub ); printf( " ok\n . Exporting the private key in ./self-signed/rb-prv.pem..." ); fflush( stdout ); if( ( fpriv = fopen( "./self-signed/rb-prv.pem", "wb+" ) ) == NULL ) { printf( " failed\n ! could not open ./self-signed/rb-prv.pem for writing\n" ); ret = 1; goto exit; } pk_write_key_pem( &ctx, large_buffer, 256000 ); fwrite( large_buffer, 1, 256000, fpriv ); printf( " ok\n\n" ); exit: if( fpub != NULL ) fclose( fpub ); if( fpriv != NULL ) fclose( fpriv ); ctr_drbg_free( &ctr_drbg ); entropy_free( &entropy ); #if defined(_WIN32) printf( " Press Enter to exit this program.\n" ); fflush( stdout ); getchar(); #endif return( ret ); }
void attacker_send_keys(havege_state *havege_state, void* socket) //@ requires attacker_invariant(?pub, ?pred, ?kc, havege_state, socket, ?attacker); //@ ensures attacker_invariant(pub, pred, kc, havege_state, socket, attacker); { pk_context context; pk_context context_pub; pk_context context_priv; unsigned int key_size; //@ open attacker_invariant(pub, pred, kc, havege_state, socket, attacker); unsigned int temp; //@ close_havege_util(pub, pred, attacker); r_u_int_with_bounds(havege_state, &temp, 1024, 8192); //@ open_havege_util(pub, pred, attacker); key_size = temp; char* key = malloc((int) key_size); if ((key) == 0) abort(); char* pub_key = malloc((int) key_size); if ((pub_key) == 0) abort(); char* priv_key = malloc((int) key_size); if ((priv_key) == 0) abort(); //@ close random_request(attacker, temp, true); if (havege_random(havege_state, key, key_size) != 0) abort(); //@ close pk_context(&context); pk_init(&context); //@ close pk_context(&context_pub); pk_init(&context_pub); //@ close pk_context(&context_priv); pk_init(&context_priv); if (pk_init_ctx(&context, pk_info_from_type(POLARSSL_PK_RSA)) != 0) abort(); //@ close rsa_key_request(attacker, 0); //@ close random_state_predicate(havege_state_initialized); /*@ produce_function_pointer_chunk random_function( attacker_key_item_havege_random_stub) (havege_state_initialized)(state, out, len) { call(); } @*/ if (rsa_gen_key(context.pk_ctx, attacker_key_item_havege_random_stub, havege_state, key_size, 65537) != 0) abort(); if (pk_write_pubkey_pem(&context, pub_key, key_size) != 0) abort(); if (pk_write_key_pem(&context, priv_key, key_size) != 0) abort(); if (pk_parse_public_key(&context_pub, pub_key, key_size) != 0) abort(); if (pk_parse_key(&context_priv, priv_key, key_size, NULL, 0) != 0) abort(); //@ assert is_bad_key_is_public(?proof1, pub, pred); //@ assert cryptogram(key, key_size, ?key_ccs, ?key_cg); //@ proof1(key_cg); //@ public_cryptogram(key, key_cg); net_send(socket, key, key_size); //@ assert is_public_key_is_public(?proof2, pub, pred); //@ assert cryptogram(pub_key, key_size, ?pub_key_ccs, ?pub_key_cg); //@ proof2(pub_key_cg); //@ public_cryptogram(pub_key, pub_key_cg); net_send(socket, pub_key, key_size); //@ assert is_bad_private_key_is_public(?proof3, pub, pred); //@ assert cryptogram(priv_key, key_size, ?priv_key_ccs, ?priv_key_cg); //@ proof3(priv_key_cg); //@ public_cryptogram(priv_key, priv_key_cg); net_send(socket, priv_key, key_size); //@ open random_state_predicate(havege_state_initialized); //@ pk_release_context_with_keys(&context); pk_free(&context); //@ open pk_context(&context); //@ pk_release_context_with_key(&context_pub); pk_free(&context_pub); //@ open pk_context(&context_pub); //@ pk_release_context_with_key(&context_priv); pk_free(&context_priv); //@ open pk_context(&context_priv); free(key); free(pub_key); free(priv_key); //@ close attacker_invariant(pub, pred, kc, havege_state, socket, attacker); }