static int rsa_printkey2(FILE *out, RSA *rsa,
BIGNUM *Xq1, BIGNUM *Xq2, BIGNUM *Xq)
{
int ret = 0;
BIGNUM *q1 = NULL, *q2 = NULL;
q1 = BN_new();
q2 = BN_new();
if (!q1 || !q2)
goto error;
if (!RSA_X931_derive_ex(rsa, NULL, NULL, q1, q2, NULL, NULL, NULL,
Xq1, Xq2, Xq, NULL, NULL))
goto error;
do_bn_print_name(out, "q1", q1);
do_bn_print_name(out, "q2", q2);
do_bn_print_name(out, "q", rsa->q);
do_bn_print_name(out, "n", rsa->n);
do_bn_print_name(out, "d", rsa->d);
ret = 1;
error:
if (q1)
BN_free(q1);
if (q2)
BN_free(q2);
return ret;
}
static int rsa_printkey1(FILE *out, RSA *rsa,
BIGNUM *Xp1, BIGNUM *Xp2, BIGNUM *Xp,
BIGNUM *e)
{
int ret = 0;
BIGNUM *p1 = NULL, *p2 = NULL;
p1 = BN_new();
p2 = BN_new();
if (!p1 || !p2)
goto error;
if (!RSA_X931_derive_ex(rsa, p1, p2, NULL, NULL, Xp1, Xp2, Xp,
NULL, NULL, NULL, e, NULL))
goto error;
do_bn_print_name(out, "p1", p1);
do_bn_print_name(out, "p2", p2);
do_bn_print_name(out, "p", rsa->p);
ret = 1;
error:
if (p1)
BN_free(p1);
if (p2)
BN_free(p2);
return ret;
}
static void keypair(FILE *in, FILE *out)
{
char buf[1024];
char lbuf[1024];
char *keyword, *value;
int dsa2, L, N;
while(fgets(buf,sizeof buf,in) != NULL)
{
if (!parse_line(&keyword, &value, lbuf, buf))
{
continue;
}
if(!strcmp(keyword,"[mod"))
{
if (!parse_mod(value, &dsa2, &L, &N, NULL))
{
fprintf(stderr, "Mod Parse Error\n");
exit (1);
}
fputs(buf,out);
}
else if(!strcmp(keyword,"N"))
{
DSA *dsa;
int n=atoi(value);
dsa = FIPS_dsa_new();
if (!dsa2 && !dsa_builtin_paramgen(dsa, L, N, NULL, NULL, 0,
NULL, NULL, NULL, NULL))
{
fprintf(stderr, "Parameter Generation error\n");
exit(1);
}
if (dsa2 && dsa_builtin_paramgen2(dsa, L, N, NULL, NULL, 0, -1,
NULL, NULL, NULL, NULL) <= 0)
{
fprintf(stderr, "Parameter Generation error\n");
exit(1);
}
do_bn_print_name(out, "P",dsa->p);
do_bn_print_name(out, "Q",dsa->q);
do_bn_print_name(out, "G",dsa->g);
fputs(RESP_EOL, out);
while(n--)
{
if (!DSA_generate_key(dsa))
exit(1);
do_bn_print_name(out, "X",dsa->priv_key);
do_bn_print_name(out, "Y",dsa->pub_key);
fputs(RESP_EOL, out);
}
if (dsa)
FIPS_dsa_free(dsa);
}
}
}
static int KeyPair(FILE *in, FILE *out)
{
char buf[2048], lbuf[2048];
char *keyword, *value;
int curve_nid = NID_undef;
int i, count;
BIGNUM *Qx = NULL, *Qy = NULL;
const BIGNUM *d = NULL;
EC_KEY *key = NULL;
Qx = BN_new();
Qy = BN_new();
while (fgets(buf, sizeof buf, in) != NULL) {
if (*buf == '[' && buf[2] == '-') {
if (buf[2] == '-')
curve_nid = elookup_curve(buf, lbuf, NULL);
fputs(buf, out);
continue;
}
if (!parse_line(&keyword, &value, lbuf, buf)) {
fputs(buf, out);
continue;
}
if (!strcmp(keyword, "N")) {
count = atoi(value);
for (i = 0; i < count; i++) {
key = EC_KEY_new_by_curve_name(curve_nid);
if (!EC_KEY_generate_key(key)) {
fprintf(stderr, "Error generating key\n");
return 0;
}
if (!ec_get_pubkey(key, Qx, Qy)) {
fprintf(stderr, "Error getting public key\n");
return 0;
}
d = EC_KEY_get0_private_key(key);
do_bn_print_name(out, "d", d);
do_bn_print_name(out, "Qx", Qx);
do_bn_print_name(out, "Qy", Qy);
fputs(RESP_EOL, out);
EC_KEY_free(key);
}
}
}
BN_free(Qx);
BN_free(Qy);
return 1;
}
static void siggen(FILE *in, FILE *out)
{
char buf[1024];
char lbuf[1024];
char *keyword, *value;
int dsa2, L, N;
const EVP_MD *md = NULL;
DSA *dsa=NULL;
while(fgets(buf,sizeof buf,in) != NULL)
{
if (!parse_line(&keyword, &value, lbuf, buf))
{
fputs(buf,out);
continue;
}
fputs(buf,out);
if(!strcmp(keyword,"[mod"))
{
if (!parse_mod(value, &dsa2, &L, &N, &md))
{
fprintf(stderr, "Mod Parse Error\n");
exit (1);
}
if (dsa)
FIPS_dsa_free(dsa);
dsa = FIPS_dsa_new();
if (!dsa2 && !dsa_builtin_paramgen(dsa, L, N, md, NULL, 0,
NULL, NULL, NULL, NULL))
{
fprintf(stderr, "Parameter Generation error\n");
exit(1);
}
if (dsa2 && dsa_builtin_paramgen2(dsa, L, N, md, NULL, 0,
NULL, NULL, NULL, NULL) <= 0)
{
fprintf(stderr, "Parameter Generation error\n");
exit(1);
}
do_bn_print_name(out, "P",dsa->p);
do_bn_print_name(out, "Q",dsa->q);
do_bn_print_name(out, "G",dsa->g);
fputs("\n", out);
}
else if(!strcmp(keyword,"Msg"))
{
unsigned char msg[1024];
int n;
EVP_MD_CTX mctx;
DSA_SIG *sig;
FIPS_md_ctx_init(&mctx);
n=hex2bin(value,msg);
if (!DSA_generate_key(dsa))
exit(1);
do_bn_print_name(out, "Y",dsa->pub_key);
FIPS_digestinit(&mctx, md);
FIPS_digestupdate(&mctx, msg, n);
sig = FIPS_dsa_sign_ctx(dsa, &mctx);
do_bn_print_name(out, "R",sig->r);
do_bn_print_name(out, "S",sig->s);
fputs("\n", out);
FIPS_dsa_sig_free(sig);
FIPS_md_ctx_cleanup(&mctx);
}
}
if (dsa)
FIPS_dsa_free(dsa);
}
static void keyver(FILE *in, FILE *out)
{
char buf[1024];
char lbuf[1024];
char *keyword, *value;
BIGNUM *p = NULL, *q = NULL, *g = NULL, *X = NULL, *Y = NULL;
BIGNUM *Y2;
BN_CTX *ctx = NULL;
int dsa2, L, N;
int paramcheck = 0;
ctx = BN_CTX_new();
Y2 = BN_new();
while(fgets(buf,sizeof buf,in) != NULL)
{
if (!parse_line(&keyword, &value, lbuf, buf))
{
fputs(buf,out);
continue;
}
if(!strcmp(keyword,"[mod"))
{
if (p)
BN_free(p);
p = NULL;
if (q)
BN_free(q);
q = NULL;
if (g)
BN_free(g);
g = NULL;
paramcheck = 0;
if (!parse_mod(value, &dsa2, &L, &N, NULL))
{
fprintf(stderr, "Mod Parse Error\n");
exit (1);
}
}
else if(!strcmp(keyword,"P"))
p=hex2bn(value);
else if(!strcmp(keyword,"Q"))
q=hex2bn(value);
else if(!strcmp(keyword,"G"))
g=hex2bn(value);
else if(!strcmp(keyword,"X"))
X=hex2bn(value);
else if(!strcmp(keyword,"Y"))
{
Y=hex2bn(value);
if (!p || !q || !g || !X || !Y)
{
fprintf(stderr, "Parse Error\n");
exit (1);
}
do_bn_print_name(out, "P",p);
do_bn_print_name(out, "Q",q);
do_bn_print_name(out, "G",g);
do_bn_print_name(out, "X",X);
do_bn_print_name(out, "Y",Y);
if (!paramcheck)
{
if (dss_paramcheck(L, N, p, q, g, ctx))
paramcheck = 1;
else
paramcheck = -1;
}
if (paramcheck != 1)
fprintf(out, "Result = F\n");
else
{
if (!BN_mod_exp(Y2, g, X, p, ctx) || BN_cmp(Y2, Y))
fprintf(out, "Result = F\n");
else
fprintf(out, "Result = P\n");
}
BN_free(X);
BN_free(Y);
X = NULL;
Y = NULL;
}
}
if (p)
BN_free(p);
if (q)
BN_free(q);
if (g)
BN_free(g);
if (Y2)
BN_free(Y2);
}
static void pqg(FILE *in, FILE *out)
{
char buf[1024];
char lbuf[1024];
char *keyword, *value;
int dsa2, L, N;
const EVP_MD *md = NULL;
while(fgets(buf,sizeof buf,in) != NULL)
{
if (!parse_line(&keyword, &value, lbuf, buf))
{
fputs(buf,out);
continue;
}
if(!strcmp(keyword,"[mod"))
{
fputs(buf,out);
if (!parse_mod(value, &dsa2, &L, &N, &md))
{
fprintf(stderr, "Mod Parse Error\n");
exit (1);
}
}
else if(!strcmp(keyword,"N"))
{
int n=atoi(value);
while(n--)
{
unsigned char seed[EVP_MAX_MD_SIZE];
DSA *dsa;
int counter;
unsigned long h;
dsa = FIPS_dsa_new();
if (!dsa2 && !dsa_builtin_paramgen(dsa, L, N, md,
NULL, 0, seed,
&counter, &h, NULL))
{
fprintf(stderr, "Parameter Generation error\n");
exit(1);
}
if (dsa2 && dsa_builtin_paramgen2(dsa, L, N, md,
NULL, 0, seed,
&counter, &h, NULL) <= 0)
{
fprintf(stderr, "Parameter Generation error\n");
exit(1);
}
do_bn_print_name(out, "P",dsa->p);
do_bn_print_name(out, "Q",dsa->q);
do_bn_print_name(out, "G",dsa->g);
OutputValue("Seed",seed, M_EVP_MD_size(md), out, 0);
fprintf(out, "c = %d\n",counter);
fprintf(out, "H = %lx\n\n",h);
}
}
else
fputs(buf,out);
}
}
static void pqg(FILE *in, FILE *out)
{
char buf[1024];
char lbuf[1024];
char *keyword, *value;
int dsa2, L, N;
const EVP_MD *md = NULL;
BIGNUM *p = NULL, *q = NULL;
enum pqtype { PQG_NONE, PQG_PQ, PQG_G, PQG_GCANON}
pqg_type = PQG_NONE;
int seedlen=-1, idxlen, idx = -1;
unsigned char seed[1024], idtmp[1024];
while(fgets(buf,sizeof buf,in) != NULL)
{
if (buf[0] == '[')
{
if (strstr(buf, "Probable"))
pqg_type = PQG_PQ;
else if (strstr(buf, "Unverifiable"))
pqg_type = PQG_G;
else if (strstr(buf, "Canonical"))
pqg_type = PQG_GCANON;
}
if (!parse_line(&keyword, &value, lbuf, buf))
{
fputs(buf,out);
continue;
}
if (strcmp(keyword, "Num"))
fputs(buf,out);
if(!strcmp(keyword,"[mod"))
{
if (!parse_mod(value, &dsa2, &L, &N, &md))
{
fprintf(stderr, "Mod Parse Error\n");
exit (1);
}
}
else if(!strcmp(keyword,"N")
|| (!strcmp(keyword, "Num") && pqg_type == PQG_PQ))
{
int n=atoi(value);
while(n--)
{
DSA *dsa;
int counter;
unsigned long h;
dsa = FIPS_dsa_new();
if (!dsa2 && !dsa_builtin_paramgen(dsa, L, N, md,
NULL, 0, seed,
&counter, &h, NULL))
{
fprintf(stderr, "Parameter Generation error\n");
exit(1);
}
if (dsa2 && dsa_builtin_paramgen2(dsa, L, N, md,
NULL, 0, -1, seed,
&counter, &h, NULL) <= 0)
{
fprintf(stderr, "Parameter Generation error\n");
exit(1);
}
do_bn_print_name(out, "P",dsa->p);
do_bn_print_name(out, "Q",dsa->q);
if (!dsa2)
do_bn_print_name(out, "G",dsa->g);
OutputValue(dsa2 ? "domain_parameter_seed" : "Seed",
seed, M_EVP_MD_size(md), out, 0);
if (!dsa2)
{
fprintf(out, "c = %d" RESP_EOL, counter);
fprintf(out, "H = %lx" RESP_EOL RESP_EOL,h);
}
else
{
fprintf(out, "counter = %d" RESP_EOL RESP_EOL, counter);
}
FIPS_dsa_free(dsa);
}
}
else if(!strcmp(keyword,"P"))
p=hex2bn(value);
else if(!strcmp(keyword,"Q"))
q=hex2bn(value);
else if(!strcmp(keyword,"domain_parameter_seed"))
seedlen = hex2bin(value, seed);
else if(!strcmp(keyword,"firstseed"))
seedlen = hex2bin(value, seed);
else if(!strcmp(keyword,"pseed"))
seedlen += hex2bin(value, seed + seedlen);
else if(!strcmp(keyword,"qseed"))
seedlen += hex2bin(value, seed + seedlen);
else if(!strcmp(keyword,"index"))
{
idxlen = hex2bin(value, idtmp);
if (idxlen != 1)
{
fprintf(stderr, "Index value error\n");
exit (1);
}
idx = idtmp[0];
}
if ((idx >= 0 && pqg_type == PQG_GCANON) || (q && pqg_type == PQG_G))
{
DSA *dsa;
dsa = FIPS_dsa_new();
dsa->p = p;
dsa->q = q;
p = q = NULL;
if (dsa_builtin_paramgen2(dsa, L, N, md,
seed, seedlen, idx, NULL,
NULL, NULL, NULL) <= 0)
{
fprintf(stderr, "Parameter Generation error\n");
exit(1);
}
do_bn_print_name(out, "G",dsa->g);
FIPS_dsa_free(dsa);
idx = -1;
}
}
}
static int SigGen(FILE *in, FILE *out)
{
char buf[2048], lbuf[2048];
char *keyword, *value;
unsigned char *msg;
int curve_nid = NID_undef;
long mlen;
BIGNUM *Qx = NULL, *Qy = NULL;
EC_KEY *key = NULL;
ECDSA_SIG *sig = NULL;
const EVP_MD *digest = NULL;
Qx = BN_new();
Qy = BN_new();
while (fgets(buf, sizeof buf, in) != NULL) {
fputs(buf, out);
if (*buf == '[') {
curve_nid = elookup_curve(buf, lbuf, &digest);
if (curve_nid == NID_undef)
return 0;
}
if (!parse_line(&keyword, &value, lbuf, buf))
continue;
if (!strcmp(keyword, "Msg")) {
msg = hex2bin_m(value, &mlen);
if (!msg) {
fprintf(stderr, "Invalid Message\n");
return 0;
}
key = EC_KEY_new_by_curve_name(curve_nid);
if (!EC_KEY_generate_key(key)) {
fprintf(stderr, "Error generating key\n");
return 0;
}
if (!ec_get_pubkey(key, Qx, Qy)) {
fprintf(stderr, "Error getting public key\n");
return 0;
}
sig = FIPS_ecdsa_sign(key, msg, mlen, digest);
if (!sig) {
fprintf(stderr, "Error signing message\n");
return 0;
}
do_bn_print_name(out, "Qx", Qx);
do_bn_print_name(out, "Qy", Qy);
do_bn_print_name(out, "R", sig->r);
do_bn_print_name(out, "S", sig->s);
EC_KEY_free(key);
OPENSSL_free(msg);
FIPS_ecdsa_sig_free(sig);
}
}
BN_free(Qx);
BN_free(Qy);
return 1;
}