int main(int argc, const char **argv)
{
char buff[4096];
gmp_randstate_t state;
gmp_randinit_default(state);
mpz_t m, c, a;
mpz_inits(m, c, a, NULL);
rsa_private_t sk;
rsa_public_t pk;
if (argc == 2)
gmp_randseed_ui(state, atoi(argv[1]));
else gmp_randseed_ui(state, 0);
int fella = 1;
if (fella)
{
printf("Generating RSA parameters ...\n");
rsa_gen(&sk, &pk, state, BITS);
rsa_write_private(&sk, "fella");
rsa_write_public(&pk, "fella.pub");
}
else
{
printf("Reading RSA parameters ...\n");
rsa_read_private(&sk, "fella");
rsa_read_public(&pk, "fella.pub");
}
//printf("public key:\n");
//printf("N = %s\n", mpz_get_str(buff, 10, pk.N));
//printf("e = %s\n\n", mpz_get_str(buff, 10, pk.e));
//printf("secret key:\n");
//printf("N = %s\n", mpz_get_str(buff, 10, sk.N));
//printf("d = %s\n", mpz_get_str(buff, 10, sk.d));
//printf("p = %s\n", mpz_get_str(buff, 10, sk.p));
//printf("q = %s\n", mpz_get_str(buff, 10, sk.q));
//printf("id_p = %s\n", mpz_get_str(buff, 10, sk.id_p));
//printf("id_q = %s\n", mpz_get_str(buff, 10, sk.id_q));
mpz_urandomb(m, state, BITS);
//mpz_set_str(m, "12334324342343234234234234234324324324234324283758579832759871", 10);
int i = 0, ct = 0, total = 10 * 16;
printf("Testing a bunch (%d) of plaintexts ... \n", total);
for (i = 0; i < total; i++)
{
rsa_enc(c, m, &pk);
rsa_dec(a, c, &sk);
if (mpz_cmp(a, m) != 0)
{
printf("%-6d plaintext: %s\n", i,mpz_get_str(buff, 10, m));
printf(" ciphertext: %s\n", mpz_get_str(buff, 10, c));
printf(" verify: %s\n", mpz_get_str(buff, 10, a));
ct ++;
}
mpz_urandomb(m, state, BITS);
}
if (ct == 0)
printf("No problem!\n");
else
printf("There were %d f**k ups.\n", ct);
mpz_clears(m, c, a, NULL);
gmp_randclear(state);
rsa_free_private(&sk);
rsa_free_public(&pk);
return 0;
}
uint8_t rsa_decrypt_oaep(void* dest, uint16_t* out_length,
const void* src, uint16_t length_B,
rsa_privatekey_t* key, const rsa_oaep_parameter_t *p,
const rsa_label_t* label, void* seed){
// cli_putstr("\r\n -->rsa_decrypt_oaep()"); uart_flush(0);
if(!label){
label = &rsa_oaep_default_label;
}
if(!p){
p = &rsa_oaep_default_parameter;
}
uint16_t x_len, data_len;
bigint_t x;
uint16_t hv_len = hfal_hash_getHashsize(p->hf)/8;
uint8_t label_hv[hv_len];
uint16_t msg_len = bigint_get_first_set_bit(&key->modulus) / 8 + 1;
uint16_t db_len = msg_len - hv_len - 1;
uint8_t maskbuffer[db_len>hv_len?db_len:hv_len];
uint8_t *seed_buffer = dest;
uint8_t *db_buffer = seed_buffer + hv_len;
x_len = bigint_get_first_set_bit(&key->modulus)/8;
memset(dest, 0, bigint_length_B(&key->modulus) - length_B);
memcpy((uint8_t*)dest + bigint_length_B(&key->modulus) - length_B, src, length_B);
// cli_putc('a'); uart_flush(0);
x.wordv = dest;
x.length_B = key->modulus.length_B;
x.info = 0;
bigint_adjust(&x);
// cli_putc('b'); uart_flush(0);
rsa_os2ip(&x, NULL, bigint_length_B(&key->modulus));
#if DEBUG
cli_putstr_P(PSTR("\r\n rsa decrypting ..."));
#endif
rsa_dec(&x, key);
#if DEBUG
cli_putstr_P(PSTR(" [done]"));
#endif
rsa_i2osp(NULL, &x, &data_len);
// cli_putstr("\r\n msg (raw, pre-move):\r\n");
// cli_hexdump_block(dest, bigint_length_B(key->modulus), 4, 16);
if(data_len > x_len){
return 7;
}
/*
cli_putstr("\r\n moving some bytes; x_len = ");
cli_hexdump_rev(&x_len, 2);
cli_putstr(" data_len = ");
cli_hexdump_rev(&data_len, 2);
uart_flush(0);
*/
if(x_len != data_len){
memmove((uint8_t*)dest + x_len - data_len, dest, data_len);
// cli_putstr(" (oh, not dead yet?!)");
// uart_flush(0);
memset(dest, 0, x_len - data_len);
}
hfal_hash_mem(p->hf, label_hv, label->label, label->length_b);
/*
cli_putstr("\r\n msg (raw, pre-feistel):\r\n");
cli_hexdump_block(seed_buffer, bigint_length_B(key->modulus), 4, 16);
uart_flush(0);
*/
p->mgf(maskbuffer, db_buffer, db_len, hv_len, p->mgf_parameter);
memxor(seed_buffer, maskbuffer, hv_len);
p->mgf(maskbuffer, seed_buffer, hv_len, db_len, p->mgf_parameter);
memxor(db_buffer, maskbuffer, db_len);
if(memcmp(label_hv, db_buffer, hv_len)){
// cli_putstr("\r\nDBG: DB:\r\n");
// cli_hexdump_block(db_buffer, db_len, 4, 16);
return 2;
}
uint16_t ps_len=0;
while(db_buffer[hv_len + ps_len++] == 0)
;
--ps_len;
if(db_buffer[hv_len + ps_len] != 1){
return 3;
}
if(seed){
memcpy(seed, seed_buffer, hv_len);
}
msg_len = db_len - hv_len - 1 - ps_len;
memmove(dest, db_buffer + hv_len + ps_len + 1, msg_len);
*out_length = msg_len;
return 0;
}
