int main( void ) { mpi E, P, Q, N, H, D, X, Y, Z; mpi_init( &E, &P, &Q, &N, &H, &D, &X, &Y, &Z, NULL ); mpi_read_string( &P, 10, "2789" ); mpi_read_string( &Q, 10, "3203" ); mpi_read_string( &E, 10, "257" ); mpi_mul_mpi( &N, &P, &Q ); printf( "\n Public key:\n\n" ); mpi_write_file( " N = ", &N, 10, NULL ); mpi_write_file( " E = ", &E, 10, NULL ); printf( "\n Private key:\n\n" ); mpi_write_file( " P = ", &P, 10, NULL ); mpi_write_file( " Q = ", &Q, 10, NULL ); mpi_sub_int( &P, &P, 1 ); mpi_sub_int( &Q, &Q, 1 ); mpi_mul_mpi( &H, &P, &Q ); mpi_inv_mod( &D, &E, &H ); mpi_write_file( " D = E^-1 mod (P-1)*(Q-1) = ", &D, 10, NULL ); mpi_read_string( &X, 10, "55555" ); mpi_exp_mod( &Y, &X, &E, &N, NULL ); mpi_exp_mod( &Z, &Y, &D, &N, NULL ); printf( "\n RSA operation:\n\n" ); mpi_write_file( " X (plaintext) = ", &X, 10, NULL ); mpi_write_file( " Y (ciphertext) = X^E mod N = ", &Y, 10, NULL ); mpi_write_file( " Z (decrypted) = Y^D mod N = ", &Z, 10, NULL ); printf( "\n" ); mpi_free( &Z, &Y, &X, &D, &H, &N, &Q, &P, &E, NULL ); #ifdef WIN32 printf( " Press Enter to exit this program.\n" ); fflush( stdout ); getchar(); #endif return( 0 ); }
int main( int argc, char *argv[] ) { int ret = 0; rsa_context rsa; char buf[1024]; int i, j, n; char *p, *q; /* * Set to sane values */ memset( &rsa, 0, sizeof( rsa_context ) ); memset( buf, 0, 1024 ); if( argc == 0 ) { usage: printf( USAGE ); goto exit; } opt.mode = DFL_MODE; opt.filename = DFL_FILENAME; opt.debug_level = DFL_DEBUG_LEVEL; for( i = 1; i < argc; i++ ) { n = strlen( argv[i] ); for( j = 0; j < n; j++ ) { if( argv[i][j] >= 'A' && argv[i][j] <= 'Z' ) argv[i][j] |= 0x20; } p = argv[i]; if( ( q = strchr( p, '=' ) ) == NULL ) goto usage; *q++ = '\0'; if( strcmp( p, "mode" ) == 0 ) { if( strcmp( q, "private" ) == 0 ) opt.mode = MODE_PRIVATE; else if( strcmp( q, "public" ) == 0 ) opt.mode = MODE_PUBLIC; else goto usage; } else if( strcmp( p, "filename" ) == 0 ) opt.filename = q; else if( strcmp( p, "debug_level" ) == 0 ) { opt.debug_level = atoi( q ); if( opt.debug_level < 0 || opt.debug_level > 65535 ) goto usage; } else goto usage; } if( opt.mode == MODE_PRIVATE ) { /* * 1.1. Load the key */ printf( "\n . Loading the private key ..." ); fflush( stdout ); ret = x509parse_keyfile( &rsa, opt.filename, NULL ); if( ret != 0 ) { #ifdef POLARSSL_ERROR_C error_strerror( ret, buf, 1024 ); #endif printf( " failed\n ! x509parse_key returned %d - %s\n\n", ret, buf ); rsa_free( &rsa ); goto exit; } printf( " ok\n" ); /* * 1.2 Print the key */ printf( " . Key information ...\n" ); mpi_write_file( "N: ", &rsa.N, 16, NULL ); mpi_write_file( "E: ", &rsa.E, 16, NULL ); mpi_write_file( "D: ", &rsa.D, 16, NULL ); mpi_write_file( "P: ", &rsa.P, 16, NULL ); mpi_write_file( "Q: ", &rsa.Q, 16, NULL ); mpi_write_file( "DP: ", &rsa.DP, 16, NULL ); mpi_write_file( "DQ: ", &rsa.DQ, 16, NULL ); mpi_write_file( "QP: ", &rsa.QP, 16, NULL ); } else if( opt.mode == MODE_PUBLIC ) { /* * 1.1. Load the key */ printf( "\n . Loading the public key ..." ); fflush( stdout ); ret = x509parse_public_keyfile( &rsa, opt.filename ); if( ret != 0 ) { #ifdef POLARSSL_ERROR_C error_strerror( ret, buf, 1024 ); #endif printf( " failed\n ! x509parse_public_key returned %d - %s\n\n", ret, buf ); rsa_free( &rsa ); goto exit; } printf( " ok\n" ); /* * 1.2 Print the key */ printf( " . Key information ...\n" ); mpi_write_file( "N: ", &rsa.N, 16, NULL ); mpi_write_file( "E: ", &rsa.E, 16, NULL ); } else goto usage; exit: rsa_free( &rsa ); #ifdef WIN32 printf( " + Press Enter to exit this program.\n" ); fflush( stdout ); getchar(); #endif return( ret ); }
int main( int argc, char *argv[] ) { int ret = 1; mpi G, P, Q; entropy_context entropy; ctr_drbg_context ctr_drbg; const char *pers = "dh_genprime"; FILE *fout; ((void) argc); ((void) argv); mpi_init( &G ); mpi_init( &P ); mpi_init( &Q ); entropy_init( &entropy ); if( ( ret = mpi_read_string( &G, 10, GENERATOR ) ) != 0 ) { polarssl_printf( " failed\n ! mpi_read_string returned %d\n", ret ); goto exit; } polarssl_printf( "\nWARNING: You should not generate and use your own DHM primes\n" ); polarssl_printf( " unless you are very certain of what you are doing!\n" ); polarssl_printf( " Failing to follow this instruction may result in\n" ); polarssl_printf( " weak security for your connections! Use the\n" ); polarssl_printf( " predefined DHM parameters from dhm.h instead!\n\n" ); polarssl_printf( "============================================================\n\n" ); polarssl_printf( " ! Generating large primes may take minutes!\n" ); polarssl_printf( "\n . Seeding the random number generator..." ); fflush( stdout ); if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy, (const unsigned char *) pers, strlen( pers ) ) ) != 0 ) { polarssl_printf( " failed\n ! ctr_drbg_init returned %d\n", ret ); goto exit; } polarssl_printf( " ok\n . Generating the modulus, please wait..." ); fflush( stdout ); /* * This can take a long time... */ if( ( ret = mpi_gen_prime( &P, DH_P_SIZE, 1, ctr_drbg_random, &ctr_drbg ) ) != 0 ) { polarssl_printf( " failed\n ! mpi_gen_prime returned %d\n\n", ret ); goto exit; } polarssl_printf( " ok\n . Verifying that Q = (P-1)/2 is prime..." ); fflush( stdout ); if( ( ret = mpi_sub_int( &Q, &P, 1 ) ) != 0 ) { polarssl_printf( " failed\n ! mpi_sub_int returned %d\n\n", ret ); goto exit; } if( ( ret = mpi_div_int( &Q, NULL, &Q, 2 ) ) != 0 ) { polarssl_printf( " failed\n ! mpi_div_int returned %d\n\n", ret ); goto exit; } if( ( ret = mpi_is_prime( &Q, ctr_drbg_random, &ctr_drbg ) ) != 0 ) { polarssl_printf( " failed\n ! mpi_is_prime returned %d\n\n", ret ); goto exit; } polarssl_printf( " ok\n . Exporting the value in dh_prime.txt..." ); fflush( stdout ); if( ( fout = fopen( "dh_prime.txt", "wb+" ) ) == NULL ) { ret = 1; polarssl_printf( " failed\n ! Could not create dh_prime.txt\n\n" ); goto exit; } if( ( ret = mpi_write_file( "P = ", &P, 16, fout ) != 0 ) || ( ret = mpi_write_file( "G = ", &G, 16, fout ) != 0 ) ) { polarssl_printf( " failed\n ! mpi_write_file returned %d\n\n", ret ); goto exit; } polarssl_printf( " ok\n\n" ); fclose( fout ); exit: mpi_free( &G ); mpi_free( &P ); mpi_free( &Q ); ctr_drbg_free( &ctr_drbg ); entropy_free( &entropy ); #if defined(_WIN32) polarssl_printf( " Press Enter to exit this program.\n" ); fflush( stdout ); getchar(); #endif return( ret ); }
int main( void ) { int ret; rsa_context rsa; havege_state hs; FILE *fpub = NULL; FILE *fpriv = NULL; printf( "\n . Seeding the random number generator..." ); fflush( stdout ); havege_init( &hs ); printf( " ok\n . Generating the RSA key [ %d-bit ]...", KEY_SIZE ); fflush( stdout ); rsa_init( &rsa, RSA_PKCS_V15, 0 ); if( ( ret = rsa_gen_key( &rsa, havege_rand, &hs, KEY_SIZE, EXPONENT ) ) != 0 ) { printf( " failed\n ! rsa_gen_key returned %d\n\n", ret ); goto exit; } printf( " ok\n . Exporting the public key in rsa_pub.txt...." ); fflush( stdout ); if( ( fpub = fopen( "rsa_pub.txt", "wb+" ) ) == NULL ) { printf( " failed\n ! could not open rsa_pub.txt for writing\n\n" ); ret = 1; goto exit; } if( ( ret = mpi_write_file( "N = ", &rsa.N, 16, fpub ) ) != 0 || ( ret = mpi_write_file( "E = ", &rsa.E, 16, fpub ) ) != 0 ) { printf( " failed\n ! mpi_write_file returned %d\n\n", ret ); goto exit; } printf( " ok\n . Exporting the private key in rsa_priv.txt..." ); fflush( stdout ); if( ( fpriv = fopen( "rsa_priv.txt", "wb+" ) ) == NULL ) { printf( " failed\n ! could not open rsa_priv.txt for writing\n" ); ret = 1; goto exit; } if( ( ret = mpi_write_file( "N = " , &rsa.N , 16, fpriv ) ) != 0 || ( ret = mpi_write_file( "E = " , &rsa.E , 16, fpriv ) ) != 0 || ( ret = mpi_write_file( "D = " , &rsa.D , 16, fpriv ) ) != 0 || ( ret = mpi_write_file( "P = " , &rsa.P , 16, fpriv ) ) != 0 || ( ret = mpi_write_file( "Q = " , &rsa.Q , 16, fpriv ) ) != 0 || ( ret = mpi_write_file( "DP = ", &rsa.DP, 16, fpriv ) ) != 0 || ( ret = mpi_write_file( "DQ = ", &rsa.DQ, 16, fpriv ) ) != 0 || ( ret = mpi_write_file( "QP = ", &rsa.QP, 16, fpriv ) ) != 0 ) { printf( " failed\n ! mpi_write_file returned %d\n\n", ret ); goto exit; } /* printf( " ok\n . Generating the certificate..." ); x509write_init_raw( &cert ); x509write_add_pubkey( &cert, &rsa ); x509write_add_subject( &cert, "CN='localhost'" ); x509write_add_validity( &cert, "2007-09-06 17:00:32", "2010-09-06 17:00:32" ); x509write_create_selfsign( &cert, &rsa ); x509write_crtfile( &cert, "cert.der", X509_OUTPUT_DER ); x509write_crtfile( &cert, "cert.pem", X509_OUTPUT_PEM ); x509write_free_raw( &cert ); */ printf( " ok\n\n" ); exit: if( fpub != NULL ) fclose( fpub ); if( fpriv != NULL ) fclose( fpriv ); rsa_free( &rsa ); #ifdef WIN32 printf( " Press Enter to exit this program.\n" ); fflush( stdout ); getchar(); #endif return( ret ); }
int main( int argc, char *argv[] ) { int ret = 0; pk_context pk; char buf[1024]; int i; char *p, *q; /* * Set to sane values */ pk_init( &pk ); memset( buf, 0, sizeof(buf) ); if( argc == 0 ) { usage: printf( USAGE ); goto exit; } opt.mode = DFL_MODE; opt.filename = DFL_FILENAME; opt.password = DFL_PASSWORD; opt.password_file = DFL_PASSWORD_FILE; for( i = 1; i < argc; i++ ) { p = argv[i]; if( ( q = strchr( p, '=' ) ) == NULL ) goto usage; *q++ = '\0'; if( strcmp( p, "mode" ) == 0 ) { if( strcmp( q, "private" ) == 0 ) opt.mode = MODE_PRIVATE; else if( strcmp( q, "public" ) == 0 ) opt.mode = MODE_PUBLIC; else goto usage; } else if( strcmp( p, "filename" ) == 0 ) opt.filename = q; else if( strcmp( p, "password" ) == 0 ) opt.password = q; else if( strcmp( p, "password_file" ) == 0 ) opt.password_file = q; else goto usage; } if( opt.mode == MODE_PRIVATE ) { if( strlen( opt.password ) && strlen( opt.password_file ) ) { printf( "Error: cannot have both password and password_file\n" ); goto usage; } if( strlen( opt.password_file ) ) { FILE *f; printf( "\n . Loading the password file ..." ); if( ( f = fopen( opt.password_file, "rb" ) ) == NULL ) { printf( " failed\n ! fopen returned NULL\n" ); goto exit; } fgets( buf, sizeof(buf), f ); fclose( f ); i = (int) strlen( buf ); if( buf[i - 1] == '\n' ) buf[i - 1] = '\0'; if( buf[i - 2] == '\r' ) buf[i - 2] = '\0'; opt.password = buf; } /* * 1.1. Load the key */ printf( "\n . Loading the private key ..." ); fflush( stdout ); ret = pk_parse_keyfile( &pk, opt.filename, opt.password ); if( ret != 0 ) { printf( " failed\n ! pk_parse_keyfile returned -0x%04x\n", -ret ); goto exit; } printf( " ok\n" ); /* * 1.2 Print the key */ printf( " . Key information ...\n" ); #if defined(POLARSSL_RSA_C) if( pk_get_type( &pk ) == POLARSSL_PK_RSA ) { rsa_context *rsa = pk_rsa( pk ); mpi_write_file( "N: ", &rsa->N, 16, NULL ); mpi_write_file( "E: ", &rsa->E, 16, NULL ); mpi_write_file( "D: ", &rsa->D, 16, NULL ); mpi_write_file( "P: ", &rsa->P, 16, NULL ); mpi_write_file( "Q: ", &rsa->Q, 16, NULL ); mpi_write_file( "DP: ", &rsa->DP, 16, NULL ); mpi_write_file( "DQ: ", &rsa->DQ, 16, NULL ); mpi_write_file( "QP: ", &rsa->QP, 16, NULL ); } else #endif #if defined(POLARSSL_ECP_C) if( pk_get_type( &pk ) == POLARSSL_PK_ECKEY ) { ecp_keypair *ecp = pk_ec( pk ); mpi_write_file( "Q(X): ", &ecp->Q.X, 16, NULL ); mpi_write_file( "Q(Y): ", &ecp->Q.Y, 16, NULL ); mpi_write_file( "Q(Z): ", &ecp->Q.Z, 16, NULL ); mpi_write_file( "D : ", &ecp->d , 16, NULL ); } else #endif { printf("Do not know how to print key information for this type\n" ); goto exit; } } else if( opt.mode == MODE_PUBLIC ) { /* * 1.1. Load the key */ printf( "\n . Loading the public key ..." ); fflush( stdout ); ret = pk_parse_public_keyfile( &pk, opt.filename ); if( ret != 0 ) { printf( " failed\n ! pk_parse_public_keyfile returned -0x%04x\n", -ret ); goto exit; } printf( " ok\n" ); printf( " . Key information ...\n" ); #if defined(POLARSSL_RSA_C) if( pk_get_type( &pk ) == POLARSSL_PK_RSA ) { rsa_context *rsa = pk_rsa( pk ); mpi_write_file( "N: ", &rsa->N, 16, NULL ); mpi_write_file( "E: ", &rsa->E, 16, NULL ); } else #endif #if defined(POLARSSL_ECP_C) if( pk_get_type( &pk ) == POLARSSL_PK_ECKEY ) { ecp_keypair *ecp = pk_ec( pk ); mpi_write_file( "Q(X): ", &ecp->Q.X, 16, NULL ); mpi_write_file( "Q(Y): ", &ecp->Q.Y, 16, NULL ); mpi_write_file( "Q(Z): ", &ecp->Q.Z, 16, NULL ); } else #endif { printf("Do not know how to print key information for this type\n" ); goto exit; } } else goto usage; exit: #if defined(POLARSSL_ERROR_C) polarssl_strerror( ret, buf, sizeof(buf) ); printf( " ! Last error was: %s\n", buf ); #endif pk_free( &pk ); #if defined(_WIN32) printf( " + Press Enter to exit this program.\n" ); fflush( stdout ); getchar(); #endif return( ret ); }
int main( int argc, char *argv[] ) { int ret; ecdsa_context ctx_sign, ctx_verify; entropy_context entropy; ctr_drbg_context ctr_drbg; unsigned char hash[] = "This should be the hash of a message."; unsigned char sig[512]; size_t sig_len; const char *pers = "ecdsa"; ((void) argv); ecdsa_init( &ctx_sign ); ecdsa_init( &ctx_verify ); memset(sig, 0, sizeof( sig ) ); ret = 1; if( argc != 1 ) { polarssl_printf( "usage: ecdsa\n" ); #if defined(_WIN32) polarssl_printf( "\n" ); #endif goto exit; } /* * Generate a key pair for signing */ polarssl_printf( "\n . Seeding the random number generator..." ); fflush( stdout ); entropy_init( &entropy ); if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy, (const unsigned char *) pers, strlen( pers ) ) ) != 0 ) { polarssl_printf( " failed\n ! ctr_drbg_init returned %d\n", ret ); goto exit; } polarssl_printf( " ok\n . Generating key pair..." ); fflush( stdout ); if( ( ret = ecdsa_genkey( &ctx_sign, ECPARAMS, ctr_drbg_random, &ctr_drbg ) ) != 0 ) { polarssl_printf( " failed\n ! ecdsa_genkey returned %d\n", ret ); goto exit; } polarssl_printf( " ok (key size: %d bits)\n", (int) ctx_sign.grp.pbits ); dump_pubkey( " + Public key: ", &ctx_sign ); /* * Sign some message hash */ polarssl_printf( " . Signing message..." ); fflush( stdout ); if( ( ret = ecdsa_write_signature( &ctx_sign, hash, sizeof( hash ), sig, &sig_len, ctr_drbg_random, &ctr_drbg ) ) != 0 ) { polarssl_printf( " failed\n ! ecdsa_genkey returned %d\n", ret ); goto exit; } polarssl_printf( " ok (signature length = %u)\n", (unsigned int) sig_len ); dump_buf( " + Hash: ", hash, sizeof hash ); dump_buf( " + Signature: ", sig, sig_len ); /* * Signature is serialized as defined by RFC 4492 p. 20, * but one can also access 'r' and 's' directly from the context */ #ifdef POLARSSL_FS_IO mpi_write_file( " r = ", &ctx_sign.r, 16, NULL ); mpi_write_file( " s = ", &ctx_sign.s, 16, NULL ); #endif /* * Transfer public information to verifying context * * We could use the same context for verification and signatures, but we * chose to use a new one in order to make it clear that the verifying * context only needs the public key (Q), and not the private key (d). */ polarssl_printf( " . Preparing verification context..." ); fflush( stdout ); if( ( ret = ecp_group_copy( &ctx_verify.grp, &ctx_sign.grp ) ) != 0 ) { polarssl_printf( " failed\n ! ecp_group_copy returned %d\n", ret ); goto exit; } if( ( ret = ecp_copy( &ctx_verify.Q, &ctx_sign.Q ) ) != 0 ) { polarssl_printf( " failed\n ! ecp_copy returned %d\n", ret ); goto exit; } ret = 0; /* * Verify signature */ polarssl_printf( " ok\n . Verifying signature..." ); fflush( stdout ); if( ( ret = ecdsa_read_signature( &ctx_verify, hash, sizeof( hash ), sig, sig_len ) ) != 0 ) { polarssl_printf( " failed\n ! ecdsa_read_signature returned %d\n", ret ); goto exit; } polarssl_printf( " ok\n" ); exit: #if defined(_WIN32) polarssl_printf( " + Press Enter to exit this program.\n" ); fflush( stdout ); getchar(); #endif ecdsa_free( &ctx_verify ); ecdsa_free( &ctx_sign ); ctr_drbg_free( &ctr_drbg ); entropy_free( &entropy ); return( ret ); }
int main( int argc, char *argv[] ) { int ret; rsa_context rsa; entropy_context entropy; ctr_drbg_context ctr_drbg; FILE *fpub = NULL; FILE *fpriv = NULL; const char *pers = "rsa_genkey"; ((void) argc); ((void) argv); printf( "\n . Seeding the random number generator..." ); fflush( stdout ); entropy_init( &entropy ); if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy, (const unsigned char *) pers, strlen( pers ) ) ) != 0 ) { printf( " failed\n ! ctr_drbg_init returned %d\n", ret ); goto exit; } printf( " ok\n . Generating the RSA key [ %d-bit ]...", KEY_SIZE ); fflush( stdout ); rsa_init( &rsa, RSA_PKCS_V15, 0 ); if( ( ret = rsa_gen_key( &rsa, ctr_drbg_random, &ctr_drbg, KEY_SIZE, EXPONENT ) ) != 0 ) { printf( " failed\n ! rsa_gen_key returned %d\n\n", ret ); goto exit; } printf( " ok\n . Exporting the public key in rsa_pub.txt...." ); fflush( stdout ); if( ( fpub = fopen( "rsa_pub.txt", "wb+" ) ) == NULL ) { printf( " failed\n ! could not open rsa_pub.txt for writing\n\n" ); ret = 1; goto exit; } if( ( ret = mpi_write_file( "N = ", &rsa.N, 16, fpub ) ) != 0 || ( ret = mpi_write_file( "E = ", &rsa.E, 16, fpub ) ) != 0 ) { printf( " failed\n ! mpi_write_file returned %d\n\n", ret ); goto exit; } printf( " ok\n . Exporting the private key in rsa_priv.txt..." ); fflush( stdout ); if( ( fpriv = fopen( "rsa_priv.txt", "wb+" ) ) == NULL ) { printf( " failed\n ! could not open rsa_priv.txt for writing\n" ); ret = 1; goto exit; } if( ( ret = mpi_write_file( "N = " , &rsa.N , 16, fpriv ) ) != 0 || ( ret = mpi_write_file( "E = " , &rsa.E , 16, fpriv ) ) != 0 || ( ret = mpi_write_file( "D = " , &rsa.D , 16, fpriv ) ) != 0 || ( ret = mpi_write_file( "P = " , &rsa.P , 16, fpriv ) ) != 0 || ( ret = mpi_write_file( "Q = " , &rsa.Q , 16, fpriv ) ) != 0 || ( ret = mpi_write_file( "DP = ", &rsa.DP, 16, fpriv ) ) != 0 || ( ret = mpi_write_file( "DQ = ", &rsa.DQ, 16, fpriv ) ) != 0 || ( ret = mpi_write_file( "QP = ", &rsa.QP, 16, fpriv ) ) != 0 ) { printf( " failed\n ! mpi_write_file returned %d\n\n", ret ); goto exit; } /* printf( " ok\n . Generating the certificate..." ); x509write_init_raw( &cert ); x509write_add_pubkey( &cert, &rsa ); x509write_add_subject( &cert, "CN='localhost'" ); x509write_add_validity( &cert, "2007-09-06 17:00:32", "2010-09-06 17:00:32" ); x509write_create_selfsign( &cert, &rsa ); x509write_crtfile( &cert, "cert.der", X509_OUTPUT_DER ); x509write_crtfile( &cert, "cert.pem", X509_OUTPUT_PEM ); x509write_free_raw( &cert ); */ printf( " ok\n\n" ); exit: if( fpub != NULL ) fclose( fpub ); if( fpriv != NULL ) fclose( fpriv ); rsa_free( &rsa ); #if defined(_WIN32) printf( " Press Enter to exit this program.\n" ); fflush( stdout ); getchar(); #endif return( ret ); }
int main( int argc, char *argv[] ) { int ret = 0; rsa_context rsa; char buf[1024]; int i; char *p, *q; /* * Set to sane values */ memset( &rsa, 0, sizeof( rsa_context ) ); memset( buf, 0, 1024 ); if( argc == 0 ) { usage: printf( USAGE ); goto exit; } opt.mode = DFL_MODE; opt.filename = DFL_FILENAME; opt.password = DFL_PASSWORD; opt.password_file = DFL_PASSWORD_FILE; opt.debug_level = DFL_DEBUG_LEVEL; for( i = 1; i < argc; i++ ) { p = argv[i]; if( ( q = strchr( p, '=' ) ) == NULL ) goto usage; *q++ = '\0'; if( strcmp( p, "mode" ) == 0 ) { if( strcmp( q, "private" ) == 0 ) opt.mode = MODE_PRIVATE; else if( strcmp( q, "public" ) == 0 ) opt.mode = MODE_PUBLIC; else goto usage; } else if( strcmp( p, "filename" ) == 0 ) opt.filename = q; else if( strcmp( p, "password" ) == 0 ) opt.password = q; else if( strcmp( p, "password_file" ) == 0 ) opt.password_file = q; else if( strcmp( p, "debug_level" ) == 0 ) { opt.debug_level = atoi( q ); if( opt.debug_level < 0 || opt.debug_level > 65535 ) goto usage; } else goto usage; } if( opt.mode == MODE_PRIVATE ) { if( strlen( opt.password ) && strlen( opt.password_file ) ) { printf( "Error: cannot have both password and password_file\n" ); goto usage; } if( strlen( opt.password_file ) ) { FILE *f; printf( "\n . Loading the password file ..." ); if( ( f = fopen( opt.password_file, "rb" ) ) == NULL ) { printf( " failed\n ! fopen returned NULL\n" ); goto exit; } fgets( buf, 1024, f ); fclose( f ); i = strlen( buf ); if( buf[i - 1] == '\n' ) buf[i - 1] = '\0'; if( buf[i - 2] == '\r' ) buf[i - 2] = '\0'; opt.password = buf; } /* * 1.1. Load the key */ printf( "\n . Loading the private key ..." ); fflush( stdout ); ret = x509parse_keyfile( &rsa, opt.filename, opt.password ); if( ret != 0 ) { #ifdef POLARSSL_ERROR_C error_strerror( ret, buf, 1024 ); #endif printf( " failed\n ! x509parse_key returned %d - %s\n\n", ret, buf ); rsa_free( &rsa ); goto exit; } printf( " ok\n" ); /* * 1.2 Print the key */ printf( " . Key information ...\n" ); mpi_write_file( "N: ", &rsa.N, 16, NULL ); mpi_write_file( "E: ", &rsa.E, 16, NULL ); mpi_write_file( "D: ", &rsa.D, 16, NULL ); mpi_write_file( "P: ", &rsa.P, 16, NULL ); mpi_write_file( "Q: ", &rsa.Q, 16, NULL ); mpi_write_file( "DP: ", &rsa.DP, 16, NULL ); mpi_write_file( "DQ: ", &rsa.DQ, 16, NULL ); mpi_write_file( "QP: ", &rsa.QP, 16, NULL ); } else if( opt.mode == MODE_PUBLIC ) { /* * 1.1. Load the key */ printf( "\n . Loading the public key ..." ); fflush( stdout ); ret = x509parse_public_keyfile( &rsa, opt.filename ); if( ret != 0 ) { #ifdef POLARSSL_ERROR_C error_strerror( ret, buf, 1024 ); #endif printf( " failed\n ! x509parse_public_key returned %d - %s\n\n", ret, buf ); rsa_free( &rsa ); goto exit; } printf( " ok\n" ); /* * 1.2 Print the key */ printf( " . Key information ...\n" ); mpi_write_file( "N: ", &rsa.N, 16, NULL ); mpi_write_file( "E: ", &rsa.E, 16, NULL ); } else goto usage; exit: rsa_free( &rsa ); #if defined(_WIN32) printf( " + Press Enter to exit this program.\n" ); fflush( stdout ); getchar(); #endif return( ret ); }
int main( int argc, char *argv[] ) { int ret = 0; pk_context key; char buf[1024]; int i; char *p, *q; /* * Set to sane values */ pk_init( &key ); memset( buf, 0, sizeof( buf ) ); if( argc == 0 ) { usage: ret = 1; polarssl_printf( USAGE ); goto exit; } opt.mode = DFL_MODE; opt.filename = DFL_FILENAME; opt.output_mode = DFL_OUTPUT_MODE; opt.output_file = DFL_OUTPUT_FILENAME; opt.output_format = DFL_OUTPUT_FORMAT; for( i = 1; i < argc; i++ ) { p = argv[i]; if( ( q = strchr( p, '=' ) ) == NULL ) goto usage; *q++ = '\0'; if( strcmp( p, "mode" ) == 0 ) { if( strcmp( q, "private" ) == 0 ) opt.mode = MODE_PRIVATE; else if( strcmp( q, "public" ) == 0 ) opt.mode = MODE_PUBLIC; else goto usage; } else if( strcmp( p, "output_mode" ) == 0 ) { if( strcmp( q, "private" ) == 0 ) opt.output_mode = OUTPUT_MODE_PRIVATE; else if( strcmp( q, "public" ) == 0 ) opt.output_mode = OUTPUT_MODE_PUBLIC; else goto usage; } else if( strcmp( p, "output_format" ) == 0 ) { #if defined(POLARSSL_PEM_WRITE_C) if( strcmp( q, "pem" ) == 0 ) opt.output_format = OUTPUT_FORMAT_PEM; else #endif if( strcmp( q, "der" ) == 0 ) opt.output_format = OUTPUT_FORMAT_DER; else goto usage; } else if( strcmp( p, "filename" ) == 0 ) opt.filename = q; else if( strcmp( p, "output_file" ) == 0 ) opt.output_file = q; else goto usage; } if( opt.mode == MODE_NONE && opt.output_mode != OUTPUT_MODE_NONE ) { polarssl_printf( "\nCannot output a key without reading one.\n"); goto exit; } if( opt.mode == MODE_PUBLIC && opt.output_mode == OUTPUT_MODE_PRIVATE ) { polarssl_printf( "\nCannot output a private key from a public key.\n"); goto exit; } if( opt.mode == MODE_PRIVATE ) { /* * 1.1. Load the key */ polarssl_printf( "\n . Loading the private key ..." ); fflush( stdout ); ret = pk_parse_keyfile( &key, opt.filename, NULL ); if( ret != 0 ) { polarssl_strerror( ret, (char *) buf, sizeof(buf) ); polarssl_printf( " failed\n ! pk_parse_keyfile returned -0x%04x - %s\n\n", -ret, buf ); goto exit; } polarssl_printf( " ok\n" ); /* * 1.2 Print the key */ polarssl_printf( " . Key information ...\n" ); #if defined(POLARSSL_RSA_C) if( pk_get_type( &key ) == POLARSSL_PK_RSA ) { rsa_context *rsa = pk_rsa( key ); mpi_write_file( "N: ", &rsa->N, 16, NULL ); mpi_write_file( "E: ", &rsa->E, 16, NULL ); mpi_write_file( "D: ", &rsa->D, 16, NULL ); mpi_write_file( "P: ", &rsa->P, 16, NULL ); mpi_write_file( "Q: ", &rsa->Q, 16, NULL ); mpi_write_file( "DP: ", &rsa->DP, 16, NULL ); mpi_write_file( "DQ: ", &rsa->DQ, 16, NULL ); mpi_write_file( "QP: ", &rsa->QP, 16, NULL ); } else #endif #if defined(POLARSSL_ECP_C) if( pk_get_type( &key ) == POLARSSL_PK_ECKEY ) { ecp_keypair *ecp = pk_ec( key ); mpi_write_file( "Q(X): ", &ecp->Q.X, 16, NULL ); mpi_write_file( "Q(Y): ", &ecp->Q.Y, 16, NULL ); mpi_write_file( "Q(Z): ", &ecp->Q.Z, 16, NULL ); mpi_write_file( "D : ", &ecp->d , 16, NULL ); } else #endif polarssl_printf("key type not supported yet\n"); } else if( opt.mode == MODE_PUBLIC ) { /* * 1.1. Load the key */ polarssl_printf( "\n . Loading the public key ..." ); fflush( stdout ); ret = pk_parse_public_keyfile( &key, opt.filename ); if( ret != 0 ) { polarssl_strerror( ret, (char *) buf, sizeof(buf) ); polarssl_printf( " failed\n ! pk_parse_public_key returned -0x%04x - %s\n\n", -ret, buf ); goto exit; } polarssl_printf( " ok\n" ); /* * 1.2 Print the key */ polarssl_printf( " . Key information ...\n" ); #if defined(POLARSSL_RSA_C) if( pk_get_type( &key ) == POLARSSL_PK_RSA ) { rsa_context *rsa = pk_rsa( key ); mpi_write_file( "N: ", &rsa->N, 16, NULL ); mpi_write_file( "E: ", &rsa->E, 16, NULL ); } else #endif #if defined(POLARSSL_ECP_C) if( pk_get_type( &key ) == POLARSSL_PK_ECKEY ) { ecp_keypair *ecp = pk_ec( key ); mpi_write_file( "Q(X): ", &ecp->Q.X, 16, NULL ); mpi_write_file( "Q(Y): ", &ecp->Q.Y, 16, NULL ); mpi_write_file( "Q(Z): ", &ecp->Q.Z, 16, NULL ); } else #endif polarssl_printf("key type not supported yet\n"); } else goto usage; if( opt.output_mode == OUTPUT_MODE_PUBLIC ) { write_public_key( &key, opt.output_file ); } if( opt.output_mode == OUTPUT_MODE_PRIVATE ) { write_private_key( &key, opt.output_file ); } exit: if( ret != 0 && ret != 1) { #ifdef POLARSSL_ERROR_C polarssl_strerror( ret, buf, sizeof( buf ) ); polarssl_printf( " - %s\n", buf ); #else polarssl_printf("\n"); #endif } pk_free( &key ); #if defined(_WIN32) polarssl_printf( " + Press Enter to exit this program.\n" ); fflush( stdout ); getchar(); #endif return( ret ); }
int main( int argc, char *argv[] ) { int ret = 0; pk_context key; char buf[1024]; int i; char *p, *q; entropy_context entropy; ctr_drbg_context ctr_drbg; const char *pers = "gen_key"; #if defined(POLARSSL_ECP_C) const ecp_curve_info *curve_info; #endif /* * Set to sane values */ pk_init( &key ); memset( buf, 0, sizeof( buf ) ); if( argc == 0 ) { usage: ret = 1; printf( USAGE ); #if defined(POLARSSL_ECP_C) printf( " availabled ec_curve values:\n" ); curve_info = ecp_curve_list(); printf( " %s (default)\n", curve_info->name ); while( ( ++curve_info )->name != NULL ) printf( " %s\n", curve_info->name ); #endif goto exit; } opt.type = DFL_TYPE; opt.rsa_keysize = DFL_RSA_KEYSIZE; opt.ec_curve = DFL_EC_CURVE; opt.filename = DFL_FILENAME; opt.format = DFL_FORMAT; opt.use_dev_random = DFL_USE_DEV_RANDOM; for( i = 1; i < argc; i++ ) { p = argv[i]; if( ( q = strchr( p, '=' ) ) == NULL ) goto usage; *q++ = '\0'; if( strcmp( p, "type" ) == 0 ) { if( strcmp( q, "rsa" ) == 0 ) opt.type = POLARSSL_PK_RSA; else if( strcmp( q, "ec" ) == 0 ) opt.type = POLARSSL_PK_ECKEY; else goto usage; } else if( strcmp( p, "format" ) == 0 ) { if( strcmp( q, "pem" ) == 0 ) opt.format = FORMAT_PEM; else if( strcmp( q, "der" ) == 0 ) opt.format = FORMAT_DER; else goto usage; } else if( strcmp( p, "rsa_keysize" ) == 0 ) { opt.rsa_keysize = atoi( q ); if( opt.rsa_keysize < 1024 || opt.rsa_keysize > 8192 ) goto usage; } else if( strcmp( p, "ec_curve" ) == 0 ) { if( ( curve_info = ecp_curve_info_from_name( q ) ) == NULL ) goto usage; opt.ec_curve = curve_info->grp_id; } else if( strcmp( p, "filename" ) == 0 ) opt.filename = q; else if( strcmp( p, "use_dev_random" ) == 0 ) { opt.use_dev_random = atoi( q ); if( opt.use_dev_random < 0 || opt.use_dev_random > 1 ) goto usage; } else goto usage; } printf( "\n . Seeding the random number generator..." ); fflush( stdout ); entropy_init( &entropy ); #if !defined(_WIN32) && defined(POLARSSL_FS_IO) if( opt.use_dev_random ) { if( ( ret = entropy_add_source( &entropy, dev_random_entropy_poll, NULL, DEV_RANDOM_THRESHOLD ) ) != 0 ) { printf( " failed\n ! entropy_add_source returned -0x%04x\n", -ret ); goto exit; } printf("\n Using /dev/random, so can take a long time! " ); fflush( stdout ); } #endif /* !_WIN32 && POLARSSL_FS_IO */ if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy, (const unsigned char *) pers, strlen( pers ) ) ) != 0 ) { printf( " failed\n ! ctr_drbg_init returned -0x%04x\n", -ret ); goto exit; } /* * 1.1. Generate the key */ printf( "\n . Generating the private key ..." ); fflush( stdout ); if( ( ret = pk_init_ctx( &key, pk_info_from_type( opt.type ) ) ) != 0 ) { printf( " failed\n ! pk_init_ctx returned -0x%04x", -ret ); goto exit; } #if defined(POLARSSL_RSA_C) && defined(POLARSSL_GENPRIME) if( opt.type == POLARSSL_PK_RSA ) { ret = rsa_gen_key( pk_rsa( key ), ctr_drbg_random, &ctr_drbg, opt.rsa_keysize, 65537 ); if( ret != 0 ) { printf( " failed\n ! rsa_gen_key returned -0x%04x", -ret ); goto exit; } } else #endif /* POLARSSL_RSA_C */ #if defined(POLARSSL_ECP_C) if( opt.type == POLARSSL_PK_ECKEY ) { ret = ecp_gen_key( opt.ec_curve, pk_ec( key ), ctr_drbg_random, &ctr_drbg ); if( ret != 0 ) { printf( " failed\n ! rsa_gen_key returned -0x%04x", -ret ); goto exit; } } else #endif /* POLARSSL_ECP_C */ { printf( " failed\n ! key type not supported\n" ); goto exit; } /* * 1.2 Print the key */ printf( " ok\n . Key information:\n" ); #if defined(POLARSSL_RSA_C) if( pk_get_type( &key ) == POLARSSL_PK_RSA ) { rsa_context *rsa = pk_rsa( key ); mpi_write_file( "N: ", &rsa->N, 16, NULL ); mpi_write_file( "E: ", &rsa->E, 16, NULL ); mpi_write_file( "D: ", &rsa->D, 16, NULL ); mpi_write_file( "P: ", &rsa->P, 16, NULL ); mpi_write_file( "Q: ", &rsa->Q, 16, NULL ); mpi_write_file( "DP: ", &rsa->DP, 16, NULL ); mpi_write_file( "DQ: ", &rsa->DQ, 16, NULL ); mpi_write_file( "QP: ", &rsa->QP, 16, NULL ); } else #endif #if defined(POLARSSL_ECP_C) if( pk_get_type( &key ) == POLARSSL_PK_ECKEY ) { ecp_keypair *ecp = pk_ec( key ); printf( "curve: %s\n", ecp_curve_info_from_grp_id( ecp->grp.id )->name ); mpi_write_file( "X_Q: ", &ecp->Q.X, 16, NULL ); mpi_write_file( "Y_Q: ", &ecp->Q.Y, 16, NULL ); mpi_write_file( "D: ", &ecp->d , 16, NULL ); } else #endif printf(" ! key type not supported\n"); write_private_key( &key, opt.filename ); exit: if( ret != 0 && ret != 1) { #ifdef POLARSSL_ERROR_C polarssl_strerror( ret, buf, sizeof( buf ) ); printf( " - %s\n", buf ); #else printf("\n"); #endif } pk_free( &key ); ctr_drbg_free( &ctr_drbg ); entropy_free( &entropy ); #if defined(_WIN32) printf( " + Press Enter to exit this program.\n" ); fflush( stdout ); getchar(); #endif return( ret ); }
int main( void ) { int ret; mpi E, P, Q, N, H, D, X, Y, Z; mpi_init( &E ); mpi_init( &P ); mpi_init( &Q ); mpi_init( &N ); mpi_init( &H ); mpi_init( &D ); mpi_init( &X ); mpi_init( &Y ); mpi_init( &Z ); MPI_CHK( mpi_read_string( &P, 10, "2789" ) ); MPI_CHK( mpi_read_string( &Q, 10, "3203" ) ); MPI_CHK( mpi_read_string( &E, 10, "257" ) ); MPI_CHK( mpi_mul_mpi( &N, &P, &Q ) ); polarssl_printf( "\n Public key:\n\n" ); MPI_CHK( mpi_write_file( " N = ", &N, 10, NULL ) ); MPI_CHK( mpi_write_file( " E = ", &E, 10, NULL ) ); polarssl_printf( "\n Private key:\n\n" ); MPI_CHK( mpi_write_file( " P = ", &P, 10, NULL ) ); MPI_CHK( mpi_write_file( " Q = ", &Q, 10, NULL ) ); #if defined(POLARSSL_GENPRIME) MPI_CHK( mpi_sub_int( &P, &P, 1 ) ); MPI_CHK( mpi_sub_int( &Q, &Q, 1 ) ); MPI_CHK( mpi_mul_mpi( &H, &P, &Q ) ); MPI_CHK( mpi_inv_mod( &D, &E, &H ) ); mpi_write_file( " D = E^-1 mod (P-1)*(Q-1) = ", &D, 10, NULL ); #else polarssl_printf("\nTest skipped (POLARSSL_GENPRIME not defined).\n\n"); #endif MPI_CHK( mpi_read_string( &X, 10, "55555" ) ); MPI_CHK( mpi_exp_mod( &Y, &X, &E, &N, NULL ) ); MPI_CHK( mpi_exp_mod( &Z, &Y, &D, &N, NULL ) ); polarssl_printf( "\n RSA operation:\n\n" ); MPI_CHK( mpi_write_file( " X (plaintext) = ", &X, 10, NULL ) ); MPI_CHK( mpi_write_file( " Y (ciphertext) = X^E mod N = ", &Y, 10, NULL ) ); MPI_CHK( mpi_write_file( " Z (decrypted) = Y^D mod N = ", &Z, 10, NULL ) ); polarssl_printf( "\n" ); cleanup: mpi_free( &E ); mpi_free( &P ); mpi_free( &Q ); mpi_free( &N ); mpi_free( &H ); mpi_free( &D ); mpi_free( &X ); mpi_free( &Y ); mpi_free( &Z ); if( ret != 0 ) { polarssl_printf( "\nAn error occurred.\n" ); ret = 1; } #if defined(_WIN32) polarssl_printf( " Press Enter to exit this program.\n" ); fflush( stdout ); getchar(); #endif return( ret ); }
int main( void ) { int ret = 1; #if defined(XYSSL_GENPRIME) mpi G, P, Q; havege_state hs; FILE *fout; mpi_init( &G, &P, &Q, NULL ); mpi_read_string( &G, 10, GENERATOR ); printf( "\n . Seeding the random number generator..." ); fflush( stdout ); havege_init( &hs ); printf( " ok\n . Generating the modulus, please wait..." ); fflush( stdout ); /* * This can take a long time... */ if( ( ret = mpi_gen_prime( &P, DH_P_SIZE, 1, havege_rand, &hs ) ) != 0 ) { printf( " failed\n ! mpi_gen_prime returned %d\n\n", ret ); goto exit; } printf( " ok\n . Verifying that Q = (P-1)/2 is prime..." ); fflush( stdout ); if( ( ret = mpi_sub_int( &Q, &P, 1 ) ) != 0 ) { printf( " failed\n ! mpi_sub_int returned %d\n\n", ret ); goto exit; } if( ( ret = mpi_div_int( &Q, NULL, &Q, 2 ) ) != 0 ) { printf( " failed\n ! mpi_div_int returned %d\n\n", ret ); goto exit; } if( ( ret = mpi_is_prime( &Q, havege_rand, &hs ) ) != 0 ) { printf( " failed\n ! mpi_is_prime returned %d\n\n", ret ); goto exit; } printf( " ok\n . Exporting the value in dh_prime.txt..." ); fflush( stdout ); if( ( fout = fopen( "dh_prime.txt", "wb+" ) ) == NULL ) { ret = 1; printf( " failed\n ! Could not create dh_prime.txt\n\n" ); goto exit; } if( ( ret = mpi_write_file( "P = ", &P, 16, fout ) != 0 ) || ( ret = mpi_write_file( "G = ", &G, 16, fout ) != 0 ) ) { printf( " failed\n ! mpi_write_file returned %d\n\n", ret ); goto exit; } printf( " ok\n\n" ); fclose( fout ); exit: mpi_free( &Q, &P, &G, NULL ); #else printf( "\n ! Prime-number generation is not available.\n\n" ); #endif #ifdef WIN32 printf( " Press Enter to exit this program.\n" ); fflush( stdout ); getchar(); #endif return( ret ); }