コード例 #1
0
ファイル: rsa-tfm.c プロジェクト: Henauxg/minix
static int
tfm_rsa_private_calculate(fp_int * in, fp_int * p,  fp_int * q,
			  fp_int * dmp1, fp_int * dmq1, fp_int * iqmp,
			  fp_int * out)
{
    fp_int vp, vq, u;

    fp_init_multi(&vp, &vq, &u, NULL);

    /* vq = c ^ (d mod (q - 1)) mod q */
    /* vp = c ^ (d mod (p - 1)) mod p */
    fp_mod(in, p, &u);
    fp_exptmod(&u, dmp1, p, &vp);
    fp_mod(in, q, &u);
    fp_exptmod(&u, dmq1, q, &vq);

    /* C2 = 1/q mod p  (iqmp) */
    /* u = (vp - vq)C2 mod p. */
    fp_sub(&vp, &vq, &u);
    if (fp_isneg(&u))
	fp_add(&u, p, &u);
    fp_mul(&u, iqmp, &u);
    fp_mod(&u, p, &u);

    /* c ^ d mod n = vq + u q */
    fp_mul(&u, q, &u);
    fp_add(&u, &vq, out);

    fp_zero_multi(&vp, &vq, &u, NULL);

    return 0;
}
コード例 #2
0
static int exptmod(void *a, void *b, void *c, void *d) {
    LTC_ARGCHK(a != NULL);
    LTC_ARGCHK(b != NULL);
    LTC_ARGCHK(c != NULL);
    LTC_ARGCHK(d != NULL);
    return tfm_to_ltc_error(fp_exptmod(a, b, c, d));
}
コード例 #3
0
ファイル: dh-tfm.c プロジェクト: DavidMulder/heimdal
static int
tfm_dh_compute_key(unsigned char *shared, const BIGNUM * pub, DH *dh)
{
    fp_int s, priv_key, p, peer_pub;
    size_t size = 0;
    int ret;

    if (dh->pub_key == NULL || dh->g == NULL || dh->priv_key == NULL)
	return -1;

    fp_init(&p);
    BN2mpz(&p, dh->p);

    fp_init(&peer_pub);
    BN2mpz(&peer_pub, pub);

    /* check if peers pubkey is reasonable */
    if (fp_isneg(&peer_pub)
	|| fp_cmp(&peer_pub, &p) >= 0
	|| fp_cmp_d(&peer_pub, 1) <= 0)
    {
	fp_zero(&p);
	fp_zero(&peer_pub);
	return -1;
    }

    fp_init(&priv_key);
    BN2mpz(&priv_key, dh->priv_key);

    fp_init(&s);

    ret = fp_exptmod(&peer_pub, &priv_key, &p, &s);

    fp_zero(&p);
    fp_zero(&peer_pub);
    fp_zero(&priv_key);

    if (ret != 0)
	return -1;

    size = fp_unsigned_bin_size(&s);
    fp_to_unsigned_bin(&s, shared);
    fp_zero(&s);

    return size;
}
コード例 #4
0
int do_rsa_proc(char *pSRC, int nDataLen,char *pOUT,int *pOUTLen,fp_int *key, int procedure)
{
	// fp_int *key--> key[0], key[1], key[2]	
	int in_size = nDataLen;
	int nret=-1;
	int nlen;		
	fp_int c,m;
	fp_int* k,* t;	
	
	unsigned char *pSRCBuff = (unsigned char *)pSRC;
	unsigned char *pOUTBuff = (unsigned char *)pOUT;	
	memset(pOUTBuff,0,*pOUTLen);
	*pOUTLen = 0;
	
	//get key length
	//for RSA1024 : 1028bit -> 128 bytes
	//dec-i_len : 128 dec-o_len:127
	//enc-i_len : 127 dec-o_len:128
	uint32_t bits=fp_count_bits(&key[0]);
	uint32_t o_len,i_len;

	//dec
	i_len=(bits+7)>>3;
	o_len=i_len-1;
	
	//pub key
	k=&key[1];

	switch(procedure & RSA_ENC_DEC_MASK)
	{
	case ENC_WITH_PRIV:o_len=i_len;--i_len;;k=&key[2];break;
	case DEC_WITH_PUB:break;
	case ENC_WITH_PUB:o_len=i_len;--i_len;break;
	case DEC_WITH_PRIV:k=&key[2];break;
	default: 
		//printf("Internal error! Not support this enc-dec mode %d\n",procedure);
		//dbg_print("Internal error! Not support this enc-dec mode ", procedure);
		return nret; break;
	}
		
	//buffer process
	if((procedure & RSA_BUF_IN_TYPE_MASK) != RSA_BUF_IN_TYPE_IGNORE)
		aml_buffer_proc_before(pSRCBuff,nDataLen,i_len,procedure);
	
	for(nlen=0;nlen<in_size;nlen+=i_len)
	{		
		fp_init(&c);
		fp_init(&m);		
		memcpy(c.dp,pSRCBuff,i_len);
		pSRCBuff += i_len;
		c.used=FP_SIZE;
		fp_clamp(&c);		
		fp_exptmod(&c,k,&key[0],&m);			
		memcpy(pOUTBuff+*pOUTLen,m.dp,o_len);
		*pOUTLen += o_len;		
	}	
	
	//buffer process	
	if((procedure & RSA_BUF_OUT_TYPE_MASK) != RSA_BUF_OUT_TYPE_IGNORE)
		aml_buffer_proc_after(pOUTBuff,pOUTLen,o_len,procedure);	
	
	nret = 0;	
	return nret;		
}
コード例 #5
0
ファイル: dh-tfm.c プロジェクト: DavidMulder/heimdal
static int
tfm_dh_generate_key(DH *dh)
{
    fp_int pub, priv_key, g, p;
    int have_private_key = (dh->priv_key != NULL);
    int codes, times = 0;
    int res;

    if (dh->p == NULL || dh->g == NULL)
	return 0;

    while (times++ < DH_NUM_TRIES) {
	if (!have_private_key) {
	    size_t bits = BN_num_bits(dh->p);

	    if (dh->priv_key)
		BN_free(dh->priv_key);

	    dh->priv_key = BN_new();
	    if (dh->priv_key == NULL)
		return 0;
	    if (!BN_rand(dh->priv_key, bits - 1, 0, 0)) {
		BN_clear_free(dh->priv_key);
		dh->priv_key = NULL;
		return 0;
	    }
	}
	if (dh->pub_key)
	    BN_free(dh->pub_key);

	fp_init_multi(&pub, &priv_key, &g, &p, NULL);

	BN2mpz(&priv_key, dh->priv_key);
	BN2mpz(&g, dh->g);
	BN2mpz(&p, dh->p);

	res = fp_exptmod(&g, &priv_key, &p, &pub);

	fp_zero(&priv_key);
	fp_zero(&g);
	fp_zero(&p);
	if (res != 0)
	    continue;

	dh->pub_key = mpz2BN(&pub);
	fp_zero(&pub);
	if (dh->pub_key == NULL)
	    return 0;

	if (DH_check_pubkey(dh, dh->pub_key, &codes) && codes == 0)
	    break;
	if (have_private_key)
	    return 0;
    }

    if (times >= DH_NUM_TRIES) {
	if (!have_private_key && dh->priv_key) {
	    BN_free(dh->priv_key);
	    dh->priv_key = NULL;
	}
	if (dh->pub_key) {
	    BN_free(dh->pub_key);
	    dh->pub_key = NULL;
	}
	return 0;
    }

    return 1;
}
コード例 #6
0
ファイル: rsa.c プロジェクト: Aerobota/tomsfastmath
int main(void)
{
   fp_int d, e, n, c, m, e_m;
   clock_t t1;
   int x;

   /* read in the parameters */
   fp_read_radix(&n, "ce032e860a9809a5ec31e4b0fd4b546f8c40043e3d2ec3d8f49d8f2f3dd19e887094ee1af75caa1c2e6cd9ec78bf1dfd6280002ac8c30ecd72da2e4c59a28a9248048aaae2a8fa627f71bece979cebf9f8eee2bd594d4a4f2e791647573c7ec1fcbd320d3825be3fa8a17c97086fdae56f7086ce512b81cc2fe44161270ec5e9", 16);
   fp_read_radix(&e, "10001", 16);
   fp_read_radix(&m, "39f5a911250f45b99390e2df322b33c729099ab52b5879d06b00818cce57c649a66ed7eb6d8ae214d11caf9c81e83a7368cf0edb2b71dad791f13fecf546123b40377851e67835ade1d6be57f4de18a62db4cdb1880f4ab2e6a29acfd85ca22a13dc1f6fee2621ef0fc8689cd738e6f065c033ec7c148d8d348688af83d6f6bd", 16);
   fp_read_radix(&c, "9ff70ea6968a04530e6b06bf01aa937209cc8450e76ac19477743de996ba3fb445923c947f8d0add8c57efa51d15485309918459da6c1e5a97f215193b797dce98db51bdb4639c2ecfa90ebb051e3a2daeffd27a7d6e62043703a7b15e0ada5170427b63099cd01ef52cd92d8723e5774bea32716aaa7f5adbae817fb12a5b50", 16);

   /* test it */
   fp_exptmod(&m, &e, &n, &e_m);
   if (fp_cmp(&e_m, &c)) {
      char buf[1024];
      printf("Encrypted text not equal\n");
      fp_toradix(&e_m, buf, 16);
      printf("e_m == %s\n", buf);
      return 0;
   }

   printf("CLOCKS_PER_SEC = %llu\n", (unsigned long long)CLOCKS_PER_SEC);
   t1 = clock();
   for (x = 0; x < 1000; x++) {
      fp_exptmod(&m, &e, &n, &e_m);
   }
   t1 = clock() - t1;
   printf("1000 RSA operations took     %10.5g seconds\n", (double)t1 / (double)CLOCKS_PER_SEC);
   printf("RSA encrypt/sec              %10.5g\n", (double)CLOCKS_PER_SEC / ((double)t1 / 1000.0) );

   /* read in the parameters */
   fp_read_radix(&n, "a7f30e2e04d31acc6936916af1e404a4007adfb9e97864de28d1c7ba3034633bee2cd9d5da3ea3cdcdc9a6f3daf5702ef750f4c3aadb0e27410ac04532176795995148cdb4691bd09a8a846e3e24e073ce2f89b34dfeb2ee89b646923ca60ee3f73c4d5397478380425e7260f75dfdc54826e160395b0889b1162cf115a9773f", 16);
   fp_read_radix(&d, "16d166f3c9a404d810d3611e6e8ed43293fe1db75c8906eb4810785a4b82529929dade1db7f11ac0335d5a59773e3167b022479eedefa514a0399db5c900750a56323cf9f5b0f21e7d60a46d75f3fcaabf30a63cbe34048b741a57ac36a13914afda798709dea5771f8d456cf72ec5f3afc1d88d023de40311143a36e7028739", 16);
   fp_read_radix(&c, "7d216641c32543f5b8428bdd0b11d819cfbdb16f1df285247f677aa4d44de62ab064f4a0d060ec99cb94aa398113a4317f2c550d0371140b0fd2c88886cac771812e72faad4b7adf495b9b850b142ccd7f45c0a27f164c8c7731731c0015f69d0241812e769d961054618aeb9e8e8989dba95714a2cf56c9e525c5e34b5812dd", 16);
   fp_read_radix(&m, "5f323bf0b394b98ffd78727dc9883bb4f42287def6b60fa2a964b2510bc55d61357bf5a6883d2982b268810f8fef116d3ae68ebb41fd10d65a0af4bec0530eb369f37c14b55c3be60223b582372fb6589b648d5a0c7252d1ae2dae5809785d993e9e5d0c4d9b0bcba0cde0d6671734747fba5483c735e1dab7df7b10ec6f62d8", 16);

   /* test it */
   fp_exptmod(&c, &d, &n, &e_m);
   if (fp_cmp(&e_m, &m)) {
      char buf[1024];
      printf("Decrypted text not equal\n");
      fp_toradix(&e_m, buf, 16);
      printf("e_m == %s\n", buf);
      return 0;
   }

   t1 = clock();
   for (x = 0; x < 100; x++) {
      fp_exptmod(&c, &d, &n, &e_m);
   }
   t1 = clock() - t1;
   printf("100 RSA operations took      %10.5g seconds\n", (double)t1 / (double)CLOCKS_PER_SEC);
   printf("RSA decrypt/sec              %10.5g\n", (double)CLOCKS_PER_SEC / ((double)t1 / 100.0) );


   /* test half size */
   fp_rshd(&n, n.used >> 1);
   fp_rshd(&d, d.used >> 1);
   fp_rshd(&c, c.used >> 1);
   printf("n.used == %4d bits\n", n.used * DIGIT_BIT);

   /* ensure n is odd */
   n.dp[0] |= 1;
   t1 = clock();
   for (x = 0; x < 100; x++) {
      fp_exptmod(&c, &d, &n, &e_m);
   }
   t1 = clock() - t1;
   printf("100 RSA-half operations took %10.5g seconds\n", (double)t1 / (double)CLOCKS_PER_SEC);
   printf("RSA decrypt/sec              %10.5g (estimate of RSA-1024-CRT) \n", (double)CLOCKS_PER_SEC / ((double)t1 / 50.0) );



   return 0;
}
コード例 #7
0
ファイル: rsa-tfm.c プロジェクト: Henauxg/minix
static int
tfm_rsa_private_decrypt(int flen, const unsigned char* from,
			unsigned char* to, RSA* rsa, int padding)
{
    unsigned char *ptr;
    int res;
    int size;
    fp_int in, out, n, e;

    if (padding != RSA_PKCS1_PADDING)
	return -1;

    size = RSA_size(rsa);
    if (flen > size)
	return -2;

    fp_init_multi(&in, &out, NULL);

    BN2mpz(&n, rsa->n);
    BN2mpz(&e, rsa->e);

    fp_read_unsigned_bin(&in, rk_UNCONST(from), flen);

    if(fp_isneg(&in) || fp_cmp(&in, &n) >= 0) {
	size = -2;
	goto out;
    }

    if (rsa->p && rsa->q && rsa->dmp1 && rsa->dmq1 && rsa->iqmp) {
	fp_int p, q, dmp1, dmq1, iqmp;

	BN2mpz(&p, rsa->p);
	BN2mpz(&q, rsa->q);
	BN2mpz(&dmp1, rsa->dmp1);
	BN2mpz(&dmq1, rsa->dmq1);
	BN2mpz(&iqmp, rsa->iqmp);

	res = tfm_rsa_private_calculate(&in, &p, &q, &dmp1, &dmq1, &iqmp, &out);

	fp_zero_multi(&p, &q, &dmp1, &dmq1, &iqmp, NULL);

	if (res != 0) {
	    size = -3;
	    goto out;
	}

    } else {
	fp_int d;

	if(fp_isneg(&in) || fp_cmp(&in, &n) >= 0)
	    return -4;

	BN2mpz(&d, rsa->d);
	res = fp_exptmod(&in, &d, &n, &out);
	fp_zero(&d);
	if (res != 0) {
	    size = -5;
	    goto out;
	}
    }

    ptr = to;
    {
	size_t ssize;
	ssize = fp_unsigned_bin_size(&out);
	assert(size >= ssize);
	fp_to_unsigned_bin(&out, ptr);
	size = ssize;
    }

    /* head zero was skipped by mp_int_to_unsigned */
    if (*ptr != 2) {
	size = -6;
	goto out;
    }
    size--; ptr++;
    while (size && *ptr != 0) {
	size--; ptr++;
    }
    if (size == 0)
	return -7;
    size--; ptr++;

    memmove(to, ptr, size);

 out:
    fp_zero_multi(&e, &n, &in, &out, NULL);

    return size;
}
コード例 #8
0
ファイル: rsa-tfm.c プロジェクト: Henauxg/minix
static int
tfm_rsa_private_encrypt(int flen, const unsigned char* from,
			unsigned char* to, RSA* rsa, int padding)
{
    unsigned char *p, *p0;
    int res;
    int size;
    fp_int in, out, n, e;

    if (padding != RSA_PKCS1_PADDING)
	return -1;

    size = RSA_size(rsa);

    if (size < RSA_PKCS1_PADDING_SIZE || size - RSA_PKCS1_PADDING_SIZE < flen)
	return -2;

    p0 = p = malloc(size);
    *p++ = 0;
    *p++ = 1;
    memset(p, 0xff, size - flen - 3);
    p += size - flen - 3;
    *p++ = 0;
    memcpy(p, from, flen);
    p += flen;
    assert((p - p0) == size);

    BN2mpz(&n, rsa->n);
    BN2mpz(&e, rsa->e);

    fp_init_multi(&in, &out, NULL);
    fp_read_unsigned_bin(&in, p0, size);
    free(p0);

    if(fp_isneg(&in) || fp_cmp(&in, &n) >= 0) {
	size = -3;
	goto out;
    }

    if (rsa->p && rsa->q && rsa->dmp1 && rsa->dmq1 && rsa->iqmp) {
	fp_int p, q, dmp1, dmq1, iqmp;

	BN2mpz(&p, rsa->p);
	BN2mpz(&q, rsa->q);
	BN2mpz(&dmp1, rsa->dmp1);
	BN2mpz(&dmq1, rsa->dmq1);
	BN2mpz(&iqmp, rsa->iqmp);

	res = tfm_rsa_private_calculate(&in, &p, &q, &dmp1, &dmq1, &iqmp, &out);

	fp_zero_multi(&p, &q, &dmp1, &dmq1, &iqmp, NULL);

	if (res != 0) {
	    size = -4;
	    goto out;
	}
    } else {
	fp_int d;

	BN2mpz(&d, rsa->d);
	res = fp_exptmod(&in, &d, &n, &out);
	fp_zero(&d);
	if (res != 0) {
	    size = -5;
	    goto out;
	}
    }

    if (size > 0) {
	size_t ssize;
	ssize = fp_unsigned_bin_size(&out);
	assert(size >= ssize);
	fp_to_unsigned_bin(&out, to);
	size = ssize;
    }

 out:
    fp_zero_multi(&e, &n, &in, &out, NULL);

    return size;
}
コード例 #9
0
ファイル: rsa-tfm.c プロジェクト: Henauxg/minix
static int
tfm_rsa_public_decrypt(int flen, const unsigned char* from,
		       unsigned char* to, RSA* rsa, int padding)
{
    unsigned char *p;
    int res;
    size_t size;
    fp_int s, us, n, e;

    if (padding != RSA_PKCS1_PADDING)
	return -1;

    if (flen > RSA_size(rsa))
	return -2;

    BN2mpz(&n, rsa->n);
    BN2mpz(&e, rsa->e);

#if 0
    /* Check that the exponent is larger then 3 */
    if (mp_int_compare_value(&e, 3) <= 0) {
	fp_zero_multi(&e, &n, NULL);
	return -3;
    }
#endif

    fp_init_multi(&s, &us, NULL);
    fp_read_unsigned_bin(&s, rk_UNCONST(from), flen);

    if (fp_cmp(&s, &n) >= 0) {
	fp_zero_multi(&e, &n, NULL);
	return -4;
    }

    res = fp_exptmod(&s, &e, &n, &us);

    fp_zero_multi(&s, &e, &n, NULL);

    if (res != 0)
	return -5;
    p = to;


    size = fp_unsigned_bin_size(&us);
    assert(size <= RSA_size(rsa));
    fp_to_unsigned_bin(&us, p);

    fp_zero(&us);

    /* head zero was skipped by fp_to_unsigned_bin */
    if (*p == 0)
	return -6;
    if (*p != 1)
	return -7;
    size--; p++;
    while (size && *p == 0xff) {
	size--; p++;
    }
    if (size == 0 || *p != 0)
	return -8;
    size--; p++;

    memmove(to, p, size);

    return size;
}
コード例 #10
0
ファイル: rsa-tfm.c プロジェクト: Henauxg/minix
static int
tfm_rsa_public_encrypt(int flen, const unsigned char* from,
			unsigned char* to, RSA* rsa, int padding)
{
    unsigned char *p, *p0;
    int res;
    size_t size, padlen;
    fp_int enc, dec, n, e;

    if (padding != RSA_PKCS1_PADDING)
	return -1;

    size = RSA_size(rsa);

    if (size < RSA_PKCS1_PADDING_SIZE || size - RSA_PKCS1_PADDING_SIZE < flen)
	return -2;

    BN2mpz(&n, rsa->n);
    BN2mpz(&e, rsa->e);

    p = p0 = malloc(size - 1);
    if (p0 == NULL) {
	fp_zero_multi(&e, &n, NULL);
	return -3;
    }

    padlen = size - flen - 3;

    *p++ = 2;
    if (RAND_bytes(p, padlen) != 1) {
	fp_zero_multi(&e, &n, NULL);
	free(p0);
	return -4;
    }
    while(padlen) {
	if (*p == 0)
	    *p = 1;
	padlen--;
	p++;
    }
    *p++ = 0;
    memcpy(p, from, flen);
    p += flen;
    assert((p - p0) == size - 1);

    fp_init_multi(&enc, &dec, NULL);
    fp_read_unsigned_bin(&dec, p0, size - 1);
    free(p0);

    res = fp_exptmod(&dec, &e, &n, &enc);

    fp_zero_multi(&dec, &e, &n, NULL);

    if (res != 0)
	return -4;

    {
	size_t ssize;
	ssize = fp_unsigned_bin_size(&enc);
	assert(size >= ssize);
	fp_to_unsigned_bin(&enc, to);
	size = ssize;
    }
    fp_zero(&enc);

    return size;
}
コード例 #11
0
int do_rsa_enc_dec(char *pSRC, int nDataLen,char *pOUT,int *pOUTLen,int procedure)
{	
	int in_size = nDataLen;
	int nret = 1;
	
	if ( NULL == pSRC || NULL == pOUT )
		return nret;
		
	//check nSRCLen for dec & enc
	//...	
	
	unsigned char *pSRCBuff = (unsigned char *)pSRC;
	unsigned char *pOUTBuff = (unsigned char *)pOUT;
	
	//clear output buffer??
	memset(pOUTBuff,0,*pOUTLen);
	*pOUTLen = 0;
	
	//prepare key
	fp_int key[3];
	memset(&key[0],0,sizeof(key));	
	//get key from efuse
	if(get_rsa_key(&key[0],&key[1],&key[2]))
		return nret;
	
	int nlen;		
	fp_int c,m;
	fp_int* k,* t;
	
	//get key length
	//for RSA1024 : 1028bit -> 128 bytes
	//dec-i_len : 128 dec-o_len:127
	//enc-i_len : 127 dec-o_len:128
	uint32_t bits=fp_count_bits(&key[0]);
	uint32_t o_len,i_len;

	//dec
	i_len=(bits+7)>>3;
	o_len=i_len-1;
	
	//pub key
	k=&key[1];

	switch(procedure & RSA_ENC_DEC_MASK)
	{
	case ENC_WITH_PRIV:o_len=i_len;--i_len;;k=&key[2];break;
	case DEC_WITH_PUB:break;
	case ENC_WITH_PUB:o_len=i_len;--i_len;break;
	case DEC_WITH_PRIV:k=&key[2];break;
	default: printf("Internal error! Not support this enc-dec mode %d\n",procedure);return nret; break;
	}

	//buffer process
	// aml_buffer_proc_before(pSRCBuff,nDataLen,i_len,procedure);

	for(nlen=0;nlen<in_size;nlen+=i_len)
	{		
		fp_init(&c);
		fp_init(&m);		
		memcpy(c.dp,pSRCBuff,i_len);
		pSRCBuff += i_len;
		c.used=FP_SIZE;
		fp_clamp(&c);		
		fp_exptmod(&c,k,&key[0],&m);			
		memcpy(pOUTBuff+*pOUTLen,m.dp,o_len);
		*pOUTLen += o_len;		
	}
	
	//buffer process
	// aml_buffer_proc_after(pOUTBuff,pOUTLen,o_len,procedure);
	
	
	nret = 0;
	
	return nret;
}