コード例 #1
0
ファイル: sv_game.cpp プロジェクト: TheDushan/OpenWolf
/*
===============
SV_RSAGenMsg

Generate an encrypted RSA message
===============
*/
int SV_RSAGenMsg( const char *pubkey, char *cleartext, char *encrypted ) {
	struct        rsa_public_key public_key;
	mpz_t         message;
	unsigned char buffer[ RSA_KEY_LENGTH / 8 - 11 ];
	int           retval;

	Com_RandomBytes( buffer, RSA_KEY_LENGTH / 8 - 11 );

	nettle_mpz_init_set_str_256_u( message, RSA_KEY_LENGTH / 8 - 11, buffer );
	mpz_get_str( cleartext, 16, message );
	rsa_public_key_init( &public_key );
	mpz_set_ui( public_key.e, RSA_PUBLIC_EXPONENT );
	retval = mpz_set_str( public_key.n, pubkey, 16 ) + 1;
	
	if ( retval ) {
		rsa_public_key_prepare( &public_key );
		retval = rsa_encrypt( &public_key, NULL, qnettle_random, RSA_KEY_LENGTH / 8 - 11, buffer, message );
	}

	rsa_public_key_clear( &public_key );
	mpz_get_str( encrypted, 16, message );
	mpz_clear( message );

	return retval;
}
コード例 #2
0
static int
convert_rsa_private_key(struct nettle_buffer *buffer, unsigned length, const uint8_t *data)
{
  struct rsa_public_key pub;
  struct rsa_private_key priv;
  int res;
  
  rsa_public_key_init(&pub);
  rsa_private_key_init(&priv);

  if (rsa_keypair_from_der(&pub, &priv, 0,
			   length, data))
    {
      /* Reuses the buffer */
      nettle_buffer_reset(buffer);
      res = rsa_keypair_to_sexp(buffer, NULL, &pub, &priv);
    }
  else
    {
      werror("Invalid PKCS#1 private key.\n");
      res = 0;
    }
  rsa_public_key_clear(&pub);
  rsa_private_key_clear(&priv);

  return res;
}
コード例 #3
0
ファイル: hogweed-benchmark.c プロジェクト: gnutls/nettle
static void
bench_rsa_clear (void *p)
{
  struct rsa_ctx *ctx = p;

  rsa_public_key_clear (&ctx->pub);
  rsa_private_key_clear (&ctx->key);
  mpz_clear (ctx->s);
  
  free (ctx->digest);
  free (ctx);
}
コード例 #4
0
ファイル: rsa-verify.c プロジェクト: Distrotech/nettle
int
main(int argc, char **argv)
{
  struct rsa_public_key key;
  struct sha1_ctx hash;
  mpz_t s;
  
  if (argc != 3)
    {
      werror("Usage: rsa-verify PUBLIC-KEY SIGNATURE-FILE < FILE\n");
      return EXIT_FAILURE;
    }

  rsa_public_key_init(&key);
  
  if (!read_rsa_key(argv[1], &key, NULL))
    {
      werror("Invalid key\n");
      return EXIT_FAILURE;
    }

  mpz_init(s);

  if (!read_signature(argv[2], s))
    {
      werror("Failed to read signature file `%s'\n",
	      argv[2]);
      return EXIT_FAILURE;
    }
  
  sha1_init(&hash);
  if (!hash_file(&nettle_sha1, &hash, stdin))
    {
      werror("Failed reading stdin: %s\n",
	      strerror(errno));
      return 0;
    }

  if (!rsa_sha1_verify(&key, &hash, s))
    {
      werror("Invalid signature!\n");
      return EXIT_FAILURE;
    }
    
  mpz_clear(s);
  rsa_public_key_clear(&key);

  return EXIT_SUCCESS;
}
コード例 #5
0
ファイル: sexp2rsa-test.c プロジェクト: AllardJ/Tomato
void
test_main(void)
{
  struct rsa_public_key pub;
  struct rsa_private_key priv;
  const struct tstring *sexp;

  rsa_public_key_init(&pub);
  rsa_private_key_init(&priv);

  sexp = SHEX("2831313a707269766174652d6b657928"
		"333a72736128313a6e36333a085c3408"
		"989acae4faec3cbbad91c90d34c1d259"
		"cd74121a36f38b0b51424a9b2be514a0"
		"4377113a6cdafe79dd7d5f2ecc8b5e96"
		"61189b86a7b22239907c252928313a65"
		"343a36ad4b1d2928313a6436333a06ee"
		"6d4ff3c239e408150daf8117abfa36a4"
		"0ad4455d9059a86d52f33a2de07418a0"
		"a699594588c64810248c9412d554f74a"
		"f947c73c32007e87c92f0937ed292831"
		"3a7033323a03259879b24315e9cf1425"
		"4824c7935d807cdb6990f414a0f65e60"
		"65130a611f2928313a7133323a02a81b"
		"a73bad45fc73b36deffce52d1b73e074"
		"7f4d8a82648cecd310448ea63b292831"
		"3a6133323a026cbdad5dd0046e093f06"
		"0ecd5b4ac918e098b0278bb752b7cadd"
		"6a8944f0b92928313a6233323a014875"
		"1e622d6d58e3bb094afd6edacf737035"
		"1d068e2ce9f565c5528c4a7473292831"
		"3a6333323a00f8a458ea73a018dc6fa5"
		"6863e3bc6de405f364f77dee6f096267"
	      "9ea1a8282e292929");
  ASSERT(rsa_keypair_from_sexp
	 (&pub, &priv, 0, sexp->length, sexp->data));

  test_rsa_key(&pub, &priv);

  rsa_public_key_clear(&pub);
  rsa_private_key_clear(&priv);
}
コード例 #6
0
ファイル: rsa-test.c プロジェクト: ystk/debian-nettle
int
test_main(void)
{
  struct rsa_public_key pub;
  struct rsa_private_key key;

  mpz_t expected;
  
  mpz_init(expected);
  
  rsa_private_key_init(&key);
  rsa_public_key_init(&pub);

  test_rsa_set_key_1(&pub, &key);
  
  /* Test md5 signatures */
  mpz_set_str(expected,
	      "53bf517009fa956e" "3daa6adc95e8663d" "3759002f488bbbad"
	      "e49f62792d85dbcc" "293f68e2b68ef89a" "c5bd42d98f845325"
	      "3e6c1b76fc337db5" "e0053f255c55faf3" "eb6cc568ad7f5013"
	      "5b269a64acb9eaa7" "b7f09d9bd90310e6" "4c58f6dbe673ada2"
	      "67c97a9d99e19f9d" "87960d9ce3f0d5ce" "84f401fe7e10fa24"
	      "28b9bffcf9", 16);

  test_rsa_md5(&pub, &key, expected);

  /* Test sha1 signature */
  mpz_set_str(expected,
	      "129b405ed85db88c" "55d35344c4b52854" "496516b4d63d8211"
	      "80a0c24d6ced9047" "33065a564bbd33d0" "a5cdfd204b9c6d15"
	      "78337207c2f1662d" "c73906c7a0f2bf5c" "af92cef9121957b1"
	      "dcb111ff47b92389" "888e384d0cfd1b1e" "e5d7003a8feff3fd"
	      "dd6a71d242a79272" "25234d67ba369441" "c12ae555c697754e"
	      "a17f93fa92", 16);

  test_rsa_sha1(&pub, &key, expected);

  mpz_set_str(expected,
	      "13f9e43f7a401a73" "0a74985c01520d76" "bf5f2e2dff91e93b"
	      "9267d8c388d6937b" "d4bc6f1fa31618a9" "b5e3a1a875af72f5"
	      "0e805dbfebdf4348" "7d49763f0b365e78" "d2c0ea8fb3785897"
	      "782289a58f998907" "248c9cdf2c643d7e" "6ba6b55026227773"
	      "6f19caa69c4fc6d7" "7e2e5d4cd6b7a82b" "900d201ffd000448"
	      "685e5a4f3e", 16);

  test_rsa_sha256(&pub, &key, expected);
  
  /* 777-bit key, generated by
   *
   *   lsh-keygen -a rsa -l 777 -f advanced-hex
   *
   * Interesting because the size of n doesn't equal the sum of the
   * sizes of p and q. 
   *
   * (private-key (rsa-pkcs1
   *        (n #013b04440e3eef25 d51c738d508a7fa8 b3445180c342af0f
   *            4cb5a789047300e2 cfc5c5450974cfc2 448aeaaa7f43c374
   *            c9a3b038b181f2d1 0f1a2327fd2c087b a49bf1086969fd2c
   *            d1df3fd69f81fa4b 162cc8bbb363fc95 b7b24b9c53d0c67e
   *            f52b#)
   *        (e #3f1a012d#)
   *        (d #f9bae89dacca6cca c21e0412b4df8355 6fe7c5322bbae8ad
   *            3f11494fd12bc076 d4a7da3050fe109d 2074db09cc6a93b4
   *            745479522558379e a0ddfa74f86c9e9e a22c3b0e93d51447
   *            0feb38105dd35395 63b91ee32776f40c 67b2a175690f7abb
   *            25#)
   *        (p #0b73c990eeda0a2a 2c26416052c85560 0c5c0f5ce86a8326
   *            166acea91786237a 7ff884e66dbfdd3a ab9d9801414c1506
   *            8b#)
   *        (q #1b81c19a62802a41 9c99283331b0badb 08eb0c25ffce0fbf
   *            50017850036f32f3 2132a845b91a5236 61f7b451d587383f
   *            e1#)
   *        (a #0a912fc93a6cca6b 3521725a3065b3be 3c9745e29c93303d
   *            7d29316c6cafa4a2 89945f964fcdea59 1f9d248b0b6734be
   *            c9#)
   *        (b #1658eca933251813 1eb19c77aba13d73 e0b8f4ce986d7615
   *            764c6b0b03c18146 46b7f332c43e05c5 351e09006979ca5b
   *            05#)
   *        (c #0114720dace7b27f 2bf2850c1804869f 79a0aad0ec02e6b4
   *            05e1831619db2f10 bb9b6a8fd5c95df2 eb78f303ea0c0cc8
   *            06#)))
   */
  
  mpz_set_str(pub.n,
	      "013b04440e3eef25" "d51c738d508a7fa8" "b3445180c342af0f"
	      "4cb5a789047300e2" "cfc5c5450974cfc2" "448aeaaa7f43c374"
	      "c9a3b038b181f2d1" "0f1a2327fd2c087b" "a49bf1086969fd2c"
	      "d1df3fd69f81fa4b" "162cc8bbb363fc95" "b7b24b9c53d0c67e"
	      "f52b", 16);
  
  mpz_set_str(pub.e, "3f1a012d", 16);

  if (!rsa_public_key_prepare(&pub))
    FAIL();

#if 0  
  mpz_set_str(key.d,
	      "f9bae89dacca6cca" "c21e0412b4df8355" "6fe7c5322bbae8ad"
	      "3f11494fd12bc076" "d4a7da3050fe109d" "2074db09cc6a93b4"
	      "745479522558379e" "a0ddfa74f86c9e9e" "a22c3b0e93d51447"
	      "0feb38105dd35395" "63b91ee32776f40c" "67b2a175690f7abb"
	      "25", 16);
#endif
  
  mpz_set_str(key.p,
	      "0b73c990eeda0a2a" "2c26416052c85560" "0c5c0f5ce86a8326"
	      "166acea91786237a" "7ff884e66dbfdd3a" "ab9d9801414c1506"
	      "8b", 16);
  
  mpz_set_str(key.q,
	      "1b81c19a62802a41" "9c99283331b0badb" "08eb0c25ffce0fbf"
	      "50017850036f32f3" "2132a845b91a5236" "61f7b451d587383f"
	      "e1", 16);
  
  mpz_set_str(key.a,
	      "0a912fc93a6cca6b" "3521725a3065b3be" "3c9745e29c93303d"
	      "7d29316c6cafa4a2" "89945f964fcdea59" "1f9d248b0b6734be"
	      "c9", 16);
  
  mpz_set_str(key.b,
	      "1658eca933251813" "1eb19c77aba13d73" "e0b8f4ce986d7615"
	      "764c6b0b03c18146" "46b7f332c43e05c5" "351e09006979ca5b"
	      "05", 16);
  
  mpz_set_str(key.c,
	      "0114720dace7b27f" "2bf2850c1804869f" "79a0aad0ec02e6b4"
	      "05e1831619db2f10" "bb9b6a8fd5c95df2" "eb78f303ea0c0cc8"
	      "06", 16);

  if (!rsa_private_key_prepare(&key))
    FAIL();

  if (pub.size != key.size)
    FAIL();

  /* Test md5 signatures */
  mpz_set_str(expected,
	      "011b939f6fbacf7f" "7d3217b022d07477" "e582e34d4bbddd4c"
	      "31520647417fc8a6" "18b2e196d799cedd" "d8f5c062fd796b0f"
	      "72ab46db2ac6ec74" "39d856be3f746cc4" "3e0a15429954736a"
	      "60a8b3c6ea93d2cb" "c69085c307d72517" "07d43bf97a3b51eb"
	      "9e89", 16);

  test_rsa_md5(&pub, &key, expected);

  /* Test sha1 signature */
  mpz_set_str(expected,
	      "648c49e0ed045547" "08381d0bcd03b7bd" "b0f80a0e9030525d"
	      "234327a1c96b8660" "f1c01c6f15ae76d0" "4f53a53806b7e4db"
	      "1f789e6e89b538f6" "88fcbd2caa6abef0" "5432d52f3de463a4"
	      "a9e6de94f1b7bb68" "3c07edf0924fc93f" "56e1a0dba8f7491c"
	      "5c", 16);

  test_rsa_sha1(&pub, &key, expected);

  mpz_set_str(expected,
	      "d759bb28b4d249a2" "f8b67bdbb1ab7f50" "c88712fbcabc2956"
	      "1ec6ca3f8fdafe7a" "38433d7da287b8f7" "87857274c1640b2b"
	      "e652cd89c501d570" "3980a0af5c6bb60c" "f84feab25b099d06"
	      "e2519accb73dac43" "fb8bdad28835f3bd" "84c43678fe2ef41f"
	      "af", 16);

  test_rsa_sha256(&pub, &key, expected);

  rsa_private_key_clear(&key);
  rsa_public_key_clear(&pub);
  mpz_clear(expected);

  SUCCESS();
}
コード例 #7
0
ファイル: rsa-encrypt.c プロジェクト: Distrotech/nettle
int
main(int argc, char **argv)
{
  struct rsa_session ctx;
  struct rsa_session_info info;
  
  struct rsa_public_key key;
  mpz_t x;
  
  int c;
  const char *random_name = NULL;

  enum { OPT_HELP = 300 };
  
  static const struct option options[] =
    {
      /* Name, args, flag, val */
      { "help", no_argument, NULL, OPT_HELP },
      { "random", required_argument, NULL, 'r' },
      { NULL, 0, NULL, 0}
    };
  
  while ( (c = getopt_long(argc, argv, "o:r:", options, NULL)) != -1)
    switch (c)
      {
      case 'r':
	random_name = optarg;
	break;
	
      case '?':
	return EXIT_FAILURE;

      case OPT_HELP:
	usage(stdout);
	return EXIT_SUCCESS;
      default:
	abort();
      }

  argv += optind;
  argc -= optind;

  if (argc != 1)
    {
      usage (stderr);
      return EXIT_FAILURE;
    }

  rsa_public_key_init(&key);
  
  if (!read_rsa_key(argv[0], &key, NULL))
    {
      werror("Invalid key\n");
      return EXIT_FAILURE;
    }

  /* NOTE: No sources */
  yarrow256_init(&ctx.yarrow, 0, NULL);
  
  /* Read some data to seed the generator */
  if (!simple_random(&ctx.yarrow, random_name))
    {
      werror("Initialization of randomness generator failed.\n");
      return EXIT_FAILURE;
    }

  WRITE_UINT32(SESSION_VERSION(&info), RSA_VERSION);
  
  yarrow256_random(&ctx.yarrow, sizeof(info.key) - 4, info.key + 4);

  rsa_session_set_encrypt_key(&ctx, &info);
  
#ifdef WIN32
  _setmode(0, O_BINARY);
  _setmode(1, O_BINARY);
#endif

  write_version(stdout);
  
  mpz_init(x);

  if (!rsa_encrypt(&key,
		   &ctx.yarrow, (nettle_random_func *) yarrow256_random,
		   sizeof(info.key), info.key, 
		   x))
    {
      werror("RSA encryption failed.\n");
      return EXIT_FAILURE;
    }

  write_bignum(stdout, x);

  mpz_clear (x);

  if (!process_file(&ctx,
		    stdin, stdout))
    return EXIT_FAILURE;

  rsa_public_key_clear(&key);

  return EXIT_SUCCESS;
}
コード例 #8
0
ファイル: pk.c プロジェクト: intgr/gnutls
static int
wrap_nettle_pk_generate_params (gnutls_pk_algorithm_t algo,
                                unsigned int level /*bits */ ,
                                gnutls_pk_params_st * params)
{
  int ret;
  unsigned int i, q_bits;

  memset(params, 0, sizeof(*params));

  switch (algo)
    {

    case GNUTLS_PK_DSA:
      {
        struct dsa_public_key pub;
        struct dsa_private_key priv;

        dsa_public_key_init (&pub);
        dsa_private_key_init (&priv);

        /* the best would be to use _gnutls_pk_bits_to_subgroup_bits()
         * but we do NIST DSA here */
        if (level <= 1024)
          q_bits = 160;
        else
          q_bits = 256;

        ret =
          dsa_generate_keypair (&pub, &priv, NULL,
                                rnd_func, NULL, NULL, level, q_bits);
        if (ret != 1)
          {
            gnutls_assert ();
            ret = GNUTLS_E_INTERNAL_ERROR;
            goto dsa_fail;
          }

        params->params_nr = 0;
        for (i = 0; i < DSA_PRIVATE_PARAMS; i++)
          {
            params->params[i] = _gnutls_mpi_alloc_like (&pub.p);
            if (params->params[i] == NULL)
              {
                ret = GNUTLS_E_MEMORY_ERROR;
                goto dsa_fail;
              }
            params->params_nr++;
          }

        ret = 0;
        _gnutls_mpi_set (params->params[0], pub.p);
        _gnutls_mpi_set (params->params[1], pub.q);
        _gnutls_mpi_set (params->params[2], pub.g);
        _gnutls_mpi_set (params->params[3], pub.y);
        _gnutls_mpi_set (params->params[4], priv.x);

dsa_fail:
        dsa_private_key_clear (&priv);
        dsa_public_key_clear (&pub);

        if (ret < 0)
          goto fail;

        break;
      }
    case GNUTLS_PK_RSA:
      {
        struct rsa_public_key pub;
        struct rsa_private_key priv;

        rsa_public_key_init (&pub);
        rsa_private_key_init (&priv);

        _gnutls_mpi_set_ui (&pub.e, 65537);

        ret =
          rsa_generate_keypair (&pub, &priv, NULL,
                                rnd_func, NULL, NULL, level, 0);
        if (ret != 1)
          {
            gnutls_assert ();
            ret = GNUTLS_E_INTERNAL_ERROR;
            goto rsa_fail;
          }

        params->params_nr = 0;
        for (i = 0; i < RSA_PRIVATE_PARAMS; i++)
          {
            params->params[i] = _gnutls_mpi_alloc_like (&pub.n);
            if (params->params[i] == NULL)
              {
                ret = GNUTLS_E_MEMORY_ERROR;
                goto rsa_fail;
              }
            params->params_nr++;

          }
          
        ret = 0;

        _gnutls_mpi_set (params->params[0], pub.n);
        _gnutls_mpi_set (params->params[1], pub.e);
        _gnutls_mpi_set (params->params[2], priv.d);
        _gnutls_mpi_set (params->params[3], priv.p);
        _gnutls_mpi_set (params->params[4], priv.q);
        _gnutls_mpi_set (params->params[5], priv.c);
        _gnutls_mpi_set (params->params[6], priv.a);
        _gnutls_mpi_set (params->params[7], priv.b);

rsa_fail:
        rsa_private_key_clear (&priv);
        rsa_public_key_clear (&pub);

        if (ret < 0)
          goto fail;

        break;
      }
    case GNUTLS_PK_EC:
      {
        ecc_key key;
        ecc_set_type tls_ecc_set;
        const gnutls_ecc_curve_entry_st *st;

        st = _gnutls_ecc_curve_get_params(level);
        if (st == NULL)
          return gnutls_assert_val(GNUTLS_E_ECC_UNSUPPORTED_CURVE);
        
        tls_ecc_set.size = st->size;
        tls_ecc_set.prime = st->prime;
        tls_ecc_set.order = st->order;
        tls_ecc_set.Gx = st->Gx;
        tls_ecc_set.Gy = st->Gy;
        tls_ecc_set.A = st->A;
        tls_ecc_set.B = st->B;

        ret = ecc_make_key(NULL, rnd_func, &key, &tls_ecc_set, st->id);
        if (ret != 0)
          return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);

        params->params_nr = 0;
        for (i = 0; i < ECC_PRIVATE_PARAMS; i++)
          {
            params->params[i] = _gnutls_mpi_alloc_like(&key.prime);
            if (params->params[i] == NULL)
              {
                ret = GNUTLS_E_MEMORY_ERROR;
                goto ecc_fail;
              }
            params->params_nr++;
          }
        params->flags = level;

        mpz_set(TOMPZ(params->params[ECC_PRIME]), key.prime);
        mpz_set(TOMPZ(params->params[ECC_ORDER]), key.order);
        mpz_set(TOMPZ(params->params[ECC_A]), key.A);
        mpz_set(TOMPZ(params->params[ECC_B]), key.B);
        mpz_set(TOMPZ(params->params[ECC_GX]), key.Gx);
        mpz_set(TOMPZ(params->params[ECC_GY]), key.Gy);
        mpz_set(TOMPZ(params->params[ECC_X]), key.pubkey.x);
        mpz_set(TOMPZ(params->params[ECC_Y]), key.pubkey.y);
        mpz_set(TOMPZ(params->params[ECC_K]), key.k);
        
ecc_fail:
        ecc_free(&key);
        
        if (ret < 0)
          goto fail;

        break;
      }
    default:
      gnutls_assert ();
      return GNUTLS_E_INVALID_REQUEST;
    }

  return 0;

fail:

  for (i = 0; i < params->params_nr; i++)
    {
      _gnutls_mpi_release (&params->params[i]);
    }
  params->params_nr = 0;

  return ret;
}
コード例 #9
0
void
test_main(void)
{
  struct rsa_public_key pub;
  struct rsa_private_key key;
  struct knuth_lfib_ctx lfib;

  /* FIXME: How is this spelled? */
  const uint8_t *msg = "Squemish ossifrage";
  size_t msg_length;

  uint8_t *decrypted;
  size_t decrypted_length;
  uint8_t after;

  mpz_t gibberish;

  rsa_private_key_init(&key);
  rsa_public_key_init(&pub);
  mpz_init(gibberish);

  knuth_lfib_init(&lfib, 17);
  
  test_rsa_set_key_1(&pub, &key);
  msg_length = strlen(msg);

  if (verbose)
    fprintf(stderr, "msg: `%s', length = %d\n", msg, (int) msg_length);
  
  ASSERT(rsa_encrypt(&pub,
		     &lfib, (nettle_random_func *) knuth_lfib_random,
		     msg_length, msg,
		     gibberish));

  if (verbose)
    {
      fprintf(stderr, "encrypted: ");
      mpz_out_str(stderr, 10, gibberish);
    }
  
  decrypted = xalloc(msg_length + 1);

  knuth_lfib_random (&lfib, msg_length + 1, decrypted);
  after = decrypted[msg_length];
  
  decrypted_length = msg_length - 1;
  ASSERT(!rsa_decrypt(&key, &decrypted_length, decrypted, gibberish));

  decrypted_length = msg_length;
  ASSERT(rsa_decrypt(&key, &decrypted_length, decrypted, gibberish));
  ASSERT(decrypted_length == msg_length);
  ASSERT(MEMEQ(msg_length, msg, decrypted));
  ASSERT(decrypted[msg_length] == after);

  knuth_lfib_random (&lfib, msg_length + 1, decrypted);
  after = decrypted[msg_length];

  decrypted_length = key.size;
  ASSERT(rsa_decrypt(&key, &decrypted_length, decrypted, gibberish));
  ASSERT(decrypted_length == msg_length);
  ASSERT(MEMEQ(msg_length, msg, decrypted));
  ASSERT(decrypted[msg_length] == after);
  
  knuth_lfib_random (&lfib, msg_length + 1, decrypted);
  after = decrypted[msg_length];

  decrypted_length = msg_length;
  ASSERT(rsa_decrypt_tr(&pub, &key,
			&lfib, (nettle_random_func *) knuth_lfib_random,
			&decrypted_length, decrypted, gibberish));
  ASSERT(decrypted_length == msg_length);
  ASSERT(MEMEQ(msg_length, msg, decrypted));
  ASSERT(decrypted[msg_length] == after);

  /* Test invalid key. */
  mpz_add_ui (key.q, key.q, 2);
  decrypted_length = key.size;
  ASSERT(!rsa_decrypt_tr(&pub, &key,
			 &lfib, (nettle_random_func *) knuth_lfib_random,
			 &decrypted_length, decrypted, gibberish));

  rsa_private_key_clear(&key);
  rsa_public_key_clear(&pub);
  mpz_clear(gibberish);
  free(decrypted);
}
コード例 #10
0
ファイル: pk.c プロジェクト: randombit/hacrypto
static int
wrap_nettle_pk_generate_params(gnutls_pk_algorithm_t algo,
			       unsigned int level /*bits */ ,
			       gnutls_pk_params_st * params)
{
	int ret;
	unsigned int i, q_bits;

	memset(params, 0, sizeof(*params));

	switch (algo) {

	case GNUTLS_PK_DSA:
		{
			struct dsa_public_key pub;
			struct dsa_private_key priv;

			dsa_public_key_init(&pub);
			dsa_private_key_init(&priv);

			/* the best would be to use _gnutls_pk_bits_to_subgroup_bits()
			 * but we do NIST DSA here */
			if (level <= 1024)
				q_bits = 160;
			else
				q_bits = 256;

			ret =
			    dsa_generate_keypair(&pub, &priv, NULL,
						 rnd_func, NULL, NULL,
						 level, q_bits);
			if (ret != 1) {
				gnutls_assert();
				ret = GNUTLS_E_INTERNAL_ERROR;
				goto dsa_fail;
			}

			params->params_nr = 0;
			for (i = 0; i < DSA_PRIVATE_PARAMS; i++) {
				params->params[i] =
				    _gnutls_mpi_alloc_like(&pub.p);
				if (params->params[i] == NULL) {
					ret = GNUTLS_E_MEMORY_ERROR;
					goto dsa_fail;
				}
				params->params_nr++;
			}

			ret = 0;
			_gnutls_mpi_set(params->params[0], pub.p);
			_gnutls_mpi_set(params->params[1], pub.q);
			_gnutls_mpi_set(params->params[2], pub.g);
			_gnutls_mpi_set(params->params[3], pub.y);
			_gnutls_mpi_set(params->params[4], priv.x);

		      dsa_fail:
			dsa_private_key_clear(&priv);
			dsa_public_key_clear(&pub);

			if (ret < 0)
				goto fail;

			break;
		}
	case GNUTLS_PK_RSA:
		{
			struct rsa_public_key pub;
			struct rsa_private_key priv;

			rsa_public_key_init(&pub);
			rsa_private_key_init(&priv);

			_gnutls_mpi_set_ui(&pub.e, 65537);

			ret =
			    rsa_generate_keypair(&pub, &priv, NULL,
						 rnd_func, NULL, NULL,
						 level, 0);
			if (ret != 1) {
				gnutls_assert();
				ret = GNUTLS_E_INTERNAL_ERROR;
				goto rsa_fail;
			}

			params->params_nr = 0;
			for (i = 0; i < RSA_PRIVATE_PARAMS; i++) {
				params->params[i] =
				    _gnutls_mpi_alloc_like(&pub.n);
				if (params->params[i] == NULL) {
					ret = GNUTLS_E_MEMORY_ERROR;
					goto rsa_fail;
				}
				params->params_nr++;

			}

			ret = 0;

			_gnutls_mpi_set(params->params[0], pub.n);
			_gnutls_mpi_set(params->params[1], pub.e);
			_gnutls_mpi_set(params->params[2], priv.d);
			_gnutls_mpi_set(params->params[3], priv.p);
			_gnutls_mpi_set(params->params[4], priv.q);
			_gnutls_mpi_set(params->params[5], priv.c);
			_gnutls_mpi_set(params->params[6], priv.a);
			_gnutls_mpi_set(params->params[7], priv.b);

		      rsa_fail:
			rsa_private_key_clear(&priv);
			rsa_public_key_clear(&pub);

			if (ret < 0)
				goto fail;

			break;
		}
	case GNUTLS_PK_EC:
		{
			struct ecc_scalar key;
			struct ecc_point pub;
			const struct ecc_curve *curve;

			curve = get_supported_curve(level);
			if (curve == NULL)
				return
				    gnutls_assert_val
				    (GNUTLS_E_ECC_UNSUPPORTED_CURVE);

			ecc_scalar_init(&key, curve);
			ecc_point_init(&pub, curve);

			ecdsa_generate_keypair(&pub, &key, NULL, rnd_func);

			params->params[ECC_X] = _gnutls_mpi_new(0);
			params->params[ECC_Y] = _gnutls_mpi_new(0);
			params->params[ECC_K] = _gnutls_mpi_new(0);

			if (params->params[ECC_X] == NULL
			    || params->params[ECC_Y] == NULL
			    || params->params[ECC_K] == NULL) {
				_gnutls_mpi_release(&params->
						    params[ECC_X]);
				_gnutls_mpi_release(&params->
						    params[ECC_Y]);
				_gnutls_mpi_release(&params->
						    params[ECC_K]);
				goto ecc_cleanup;
			}

			params->flags = level;
			params->params_nr = ECC_PRIVATE_PARAMS;

			ecc_point_get(&pub, TOMPZ(params->params[ECC_X]),
				      TOMPZ(params->params[ECC_Y]));
			ecc_scalar_get(&key, TOMPZ(params->params[ECC_K]));

		      ecc_cleanup:
			ecc_point_clear(&pub);
			ecc_scalar_clear(&key);

			break;
		}
	default:
		gnutls_assert();
		return GNUTLS_E_INVALID_REQUEST;
	}

	return 0;

      fail:

	for (i = 0; i < params->params_nr; i++) {
		_gnutls_mpi_release(&params->params[i]);
	}
	params->params_nr = 0;

	return ret;
}
コード例 #11
0
ファイル: pk.c プロジェクト: Drakey83/steamlink-sdk
/* To generate a DH key either q must be set in the params or
 * level should be set to the number of required bits.
 */
static int
wrap_nettle_pk_generate_keys(gnutls_pk_algorithm_t algo,
			       unsigned int level /*bits */ ,
			       gnutls_pk_params_st * params)
{
	int ret;
	unsigned int i;

	switch (algo) {
	case GNUTLS_PK_DSA:
#ifdef ENABLE_FIPS140
		{
			struct dsa_public_key pub;
			struct dsa_private_key priv;

			if (params->params[DSA_Q] == NULL)
				return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);

			_dsa_params_to_pubkey(params, &pub);

			dsa_private_key_init(&priv);
			mpz_init(pub.y);

			ret =
			    dsa_generate_dss_keypair(&pub, &priv, 
						 NULL, rnd_func, 
						 NULL, NULL);
			if (ret != 1) {
				gnutls_assert();
				ret = GNUTLS_E_PK_GENERATION_ERROR;
				goto dsa_fail;
			}

			ret = _gnutls_mpi_init_multi(&params->params[DSA_Y], &params->params[DSA_X], NULL);
			if (ret < 0) {
				gnutls_assert();
				goto dsa_fail;
			}

			mpz_set(TOMPZ(params->params[DSA_Y]), pub.y);
			mpz_set(TOMPZ(params->params[DSA_X]), priv.x);
			params->params_nr += 2;

		      dsa_fail:
			dsa_private_key_clear(&priv);
			mpz_clear(pub.y);

			if (ret < 0)
				goto fail;

			break;
		}
#endif
	case GNUTLS_PK_DH:
		{
			struct dsa_public_key pub;
			mpz_t r;
			mpz_t x, y;
			int max_tries;
			unsigned have_q = 0;

			if (algo != params->algo)
				return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);

			_dsa_params_to_pubkey(params, &pub);

			if (params->params[DSA_Q] != NULL)
				have_q = 1;

			/* This check is for the case !ENABLE_FIPS140 */
			if (algo == GNUTLS_PK_DSA && have_q == 0)
				return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);

			mpz_init(r);
			mpz_init(x);
			mpz_init(y);

			max_tries = 3;
			do {
				if (have_q) {
					mpz_set(r, pub.q);
					mpz_sub_ui(r, r, 2);
					nettle_mpz_random(x, NULL, rnd_func, r);
					mpz_add_ui(x, x, 1);
				} else {
					unsigned size = mpz_sizeinbase(pub.p, 2);
					if (level == 0)
						level = MIN(size, DH_EXPONENT_SIZE(size));
					nettle_mpz_random_size(x, NULL, rnd_func, level);

					if (level >= size)
						mpz_mod(x, x, pub.p);
				}

				mpz_powm(y, pub.g, x, pub.p);

				max_tries--;
				if (max_tries <= 0) {
					gnutls_assert();
					ret = GNUTLS_E_RANDOM_FAILED;
					goto dh_fail;
				}
			} while(mpz_cmp_ui(y, 1) == 0);

			ret = _gnutls_mpi_init_multi(&params->params[DSA_Y], &params->params[DSA_X], NULL);
			if (ret < 0) {
				gnutls_assert();
				goto dh_fail;
			}

			mpz_set(TOMPZ(params->params[DSA_Y]), y);
			mpz_set(TOMPZ(params->params[DSA_X]), x);
			params->params_nr += 2;

			ret = 0;

		      dh_fail:
			mpz_clear(r);
			mpz_clear(x);
			mpz_clear(y);

			if (ret < 0)
				goto fail;

			break;
		}
	case GNUTLS_PK_RSA:
		{
			struct rsa_public_key pub;
			struct rsa_private_key priv;

			rsa_public_key_init(&pub);
			rsa_private_key_init(&priv);

			mpz_set_ui(pub.e, 65537);
#ifdef ENABLE_FIPS140
			ret =
			    rsa_generate_fips186_4_keypair(&pub, &priv, NULL,
						 rnd_func, NULL, NULL,
						 level);
#else
			ret =
			    rsa_generate_keypair(&pub, &priv, NULL,
						 rnd_func, NULL, NULL,
						 level, 0);
#endif
			if (ret != 1) {
				gnutls_assert();
				ret = GNUTLS_E_PK_GENERATION_ERROR;
				goto rsa_fail;
			}

			params->params_nr = 0;
			for (i = 0; i < RSA_PRIVATE_PARAMS; i++) {
				ret = _gnutls_mpi_init(&params->params[i]);
				if (ret < 0) {
					gnutls_assert();
					goto rsa_fail;
				}
				params->params_nr++;
			}

			mpz_set(TOMPZ(params->params[0]), pub.n);
			mpz_set(TOMPZ(params->params[1]), pub.e);
			mpz_set(TOMPZ(params->params[2]), priv.d);
			mpz_set(TOMPZ(params->params[3]), priv.p);
			mpz_set(TOMPZ(params->params[4]), priv.q);
			mpz_set(TOMPZ(params->params[5]), priv.c);
			mpz_set(TOMPZ(params->params[6]), priv.a);
			mpz_set(TOMPZ(params->params[7]), priv.b);

			ret = 0;

		      rsa_fail:
			rsa_private_key_clear(&priv);
			rsa_public_key_clear(&pub);

			if (ret < 0)
				goto fail;

			break;
		}
	case GNUTLS_PK_EC:
		{
			struct ecc_scalar key;
			struct ecc_point pub;
			const struct ecc_curve *curve;

			curve = get_supported_curve(level);
			if (curve == NULL)
				return
				    gnutls_assert_val
				    (GNUTLS_E_ECC_UNSUPPORTED_CURVE);

			ecc_scalar_init(&key, curve);
			ecc_point_init(&pub, curve);

			ecdsa_generate_keypair(&pub, &key, NULL, rnd_func);

			ret = _gnutls_mpi_init_multi(&params->params[ECC_X], &params->params[ECC_Y], 
					&params->params[ECC_K], NULL);
			if (ret < 0) {
				gnutls_assert();
				goto ecc_fail;
			}

			params->flags = level;
			params->params_nr = ECC_PRIVATE_PARAMS;

			ecc_point_get(&pub, TOMPZ(params->params[ECC_X]),
				      TOMPZ(params->params[ECC_Y]));
			ecc_scalar_get(&key, TOMPZ(params->params[ECC_K]));

			ret = 0;

		      ecc_fail:
			ecc_point_clear(&pub);
			ecc_scalar_clear(&key);

			if (ret < 0)
				goto fail;

			break;
		}
	default:
		gnutls_assert();
		return GNUTLS_E_INVALID_REQUEST;
	}

	FAIL_IF_LIB_ERROR;
	return 0;

      fail:

	for (i = 0; i < params->params_nr; i++) {
		_gnutls_mpi_release(&params->params[i]);
	}
	params->params_nr = 0;

	FAIL_IF_LIB_ERROR;
	return ret;
}
int
test_main(void)
{
  struct rsa_public_key pub;
  struct rsa_private_key priv;

  struct nettle_buffer buffer;
  
  rsa_public_key_init(&pub);
  rsa_private_key_init(&priv);

  mpz_set_str(pub.n,
	      "085c3408989acae4faec3cbbad91c90d34c1d259cd74121a"
	      "36f38b0b51424a9b2be514a04377113a6cdafe79dd7d5f2e"
	      "cc8b5e9661189b86a7b22239907c25", 16);
  mpz_set_str(pub.e, "36ad4b1d", 16);

  ASSERT(rsa_public_key_prepare(&pub));
  
  mpz_set_str(priv.d,
	      "06ee6d4ff3c239e408150daf8117abfa36a40ad4455d9059"
	      "a86d52f33a2de07418a0a699594588c64810248c9412d554"
	      "f74af947c73c32007e87c92f0937ed", 16);

  mpz_set_str(priv.p,
	      "03259879b24315e9cf14254824c7935d807cdb6990f414a0"
	      "f65e6065130a611f", 16);

  mpz_set_str(priv.q,
	      "02a81ba73bad45fc73b36deffce52d1b73e0747f4d8a8264"
	      "8cecd310448ea63b", 16);

  mpz_set_str(priv.a,
	      "026cbdad5dd0046e093f060ecd5b4ac918e098b0278bb752"
	      "b7cadd6a8944f0b9", 16);

  mpz_set_str(priv.b,
	      "0148751e622d6d58e3bb094afd6edacf7370351d068e2ce9"
	      "f565c5528c4a7473", 16);

  mpz_set_str(priv.c,
	      "f8a458ea73a018dc6fa56863e3bc6de405f364f77dee6f09"
	      "62679ea1a8282e", 16);

  ASSERT(rsa_private_key_prepare(&priv));
  
  nettle_buffer_init(&buffer);
  ASSERT(rsa_keypair_to_sexp(&buffer, "rsa", &pub, &priv));

  if (verbose)
    {
      printf("private:");
      print_hex(buffer.size, buffer.contents);  
    }
  
  ASSERT(MEMEQH(buffer.size, buffer.contents,
		"2831313a707269766174652d6b657928"
		"333a72736128313a6e36333a085c3408"
		"989acae4faec3cbbad91c90d34c1d259"
		"cd74121a36f38b0b51424a9b2be514a0"
		"4377113a6cdafe79dd7d5f2ecc8b5e96"
		"61189b86a7b22239907c252928313a65"
		"343a36ad4b1d2928313a6436333a06ee"
		"6d4ff3c239e408150daf8117abfa36a4"
		"0ad4455d9059a86d52f33a2de07418a0"
		"a699594588c64810248c9412d554f74a"
		"f947c73c32007e87c92f0937ed292831"
		"3a7033323a03259879b24315e9cf1425"
		"4824c7935d807cdb6990f414a0f65e60"
		"65130a611f2928313a7133323a02a81b"
		"a73bad45fc73b36deffce52d1b73e074"
		"7f4d8a82648cecd310448ea63b292831"
		"3a6133323a026cbdad5dd0046e093f06"
		"0ecd5b4ac918e098b0278bb752b7cadd"
		"6a8944f0b92928313a6233323a014875"
		"1e622d6d58e3bb094afd6edacf737035"
		"1d068e2ce9f565c5528c4a7473292831"
		"3a6333323a00f8a458ea73a018dc6fa5"
		"6863e3bc6de405f364f77dee6f096267"
		"9ea1a8282e292929"));

  nettle_buffer_clear(&buffer);
  ASSERT(rsa_keypair_to_sexp(&buffer, NULL, &pub, NULL));

  if (verbose)
    {
      printf("public:");
      print_hex(buffer.size, buffer.contents);  
    }
  ASSERT(MEMEQH(buffer.size, buffer.contents,
		"2831303a7075626c69632d6b65792839"
		"3a7273612d706b63733128313a6e3633"
		"3a085c3408989acae4faec3cbbad91c9"
		"0d34c1d259cd74121a36f38b0b51424a"
		"9b2be514a04377113a6cdafe79dd7d5f"
		"2ecc8b5e9661189b86a7b22239907c25"
		"2928313a65343a36ad4b1d292929"));

  rsa_public_key_clear(&pub);
  rsa_private_key_clear(&priv);
  
  SUCCESS();
}