static int compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh)
{
BN_CTX ctx;
BN_MONT_CTX *mont;
BIGNUM *tmp;
int ret= -1;
BN_CTX_init(&ctx);
BN_CTX_start(&ctx);
tmp = BN_CTX_get(&ctx);
if (dh->priv_key == NULL)
goto err;
if ((dh->method_mont_p == NULL) && (dh->flags & DH_FLAG_CACHE_MONT_P))
{
if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p,
dh->p,&ctx)) goto err;
}
mont=(BN_MONT_CTX *)dh->method_mont_p;
if (!dh->meth->bn_mod_exp(dh, tmp, pub_key,
dh->priv_key,dh->p,&ctx,mont))
goto err;
ret=BN_bn2bin(tmp,key);
err:
BN_CTX_end(&ctx);
BN_CTX_free(&ctx);
return(ret);
}
EAC_CTX *
EAC_CTX_new(void)
{
EAC_CTX *ctx = OPENSSL_malloc(sizeof(EAC_CTX));
if (!ctx)
return NULL;
ctx->bn_ctx = BN_CTX_new();
ctx->ca_ctxs = (STACK_OF(CA_CTX *)) sk_new_null();
ctx->cipher_ctx = EVP_CIPHER_CTX_new();
ctx->md_ctx = EVP_MD_CTX_create();
ctx->pace_ctxs = (STACK_OF(PACE_CTX *)) sk_new_null();
ctx->ri_ctxs = (STACK_OF(RI_CTX *)) sk_new_null();
ctx->ssc = BN_new();
ctx->ta_ctx = TA_CTX_new();
if (!ctx->bn_ctx || !ctx->md_ctx || !ctx->pace_ctxs
|| !ctx->ta_ctx || !ctx->ca_ctxs || !ctx->cipher_ctx
|| !ctx->ri_ctxs || !ctx->ssc)
goto err;
BN_CTX_init(ctx->bn_ctx);
EVP_CIPHER_CTX_init(ctx->cipher_ctx);
ctx->ca_ctx = NULL;
ctx->key_ctx = NULL;
ctx->pace_ctx = NULL;
ctx->ri_ctx = NULL;
ctx->tr_version = EAC_TR_VERSION_2_02;
return ctx;
err:
EAC_CTX_clear_free(ctx);
return NULL;
}
static int generate_key(DH *dh)
{
int ok=0;
int generate_new_key=0;
unsigned l;
BN_CTX ctx;
BN_MONT_CTX *mont;
BIGNUM *pub_key=NULL,*priv_key=NULL;
BN_CTX_init(&ctx);
if (dh->priv_key == NULL)
{
priv_key=BN_new();
if (priv_key == NULL) goto err;
generate_new_key=1;
}
else
priv_key=dh->priv_key;
if (dh->pub_key == NULL)
{
pub_key=BN_new();
if (pub_key == NULL) goto err;
}
else
pub_key=dh->pub_key;
if ((dh->method_mont_p == NULL) && (dh->flags & DH_FLAG_CACHE_MONT_P))
{
if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p,
dh->p,&ctx)) goto err;
}
mont=(BN_MONT_CTX *)dh->method_mont_p;
if (generate_new_key)
{
l = dh->length ? dh->length : BN_num_bits(dh->p)-1; /* secret exponent length */
if (!BN_rand(priv_key, l, 0, 0)) goto err;
}
if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g,
priv_key,dh->p,&ctx,mont))
goto err;
dh->pub_key=pub_key;
dh->priv_key=priv_key;
ok=1;
err:
if ((pub_key != NULL) && (dh->pub_key == NULL)) BN_free(pub_key);
if ((priv_key != NULL) && (dh->priv_key == NULL)) BN_free(priv_key);
BN_CTX_free(&ctx);
return(ok);
}
void start_crypt(void)
{
ctx = BN_CTX_new();
BN_CTX_init(ctx);
rsa = RSA_new();
e = BN_new();
BN_dec2bn(&e,"65537");
RSA_generate_key_ex(rsa, 2048, e, NULL);
}
BN_CTX *BN_CTX_new(void) {
BN_CTX *ret;
//ret=(BN_CTX *)OPENSSL_malloc(sizeof(BN_CTX));
ret = (BN_CTX *)malloc(sizeof(BN_CTX));
if (ret == NULL)
//BNerr(BN_F_BN_CTX_NEW,ERR_R_MALLOC_FAILURE);//hmf .. no error
return NULL;
BN_CTX_init(ret);
ret->flags = BN_FLG_MALLOCED;
return ret;
}
static int generate_key(DH *dh)
{
int ok=0;
BN_CTX ctx;
BN_MONT_CTX *mont;
BIGNUM *pub_key=NULL,*priv_key=NULL;
BN_CTX_init(&ctx);
if (dh->priv_key == NULL)
{
priv_key=BN_new();
if (priv_key == NULL) goto err;
do
if (!BN_rand_range(priv_key, dh->p)) goto err;
while (BN_is_zero(priv_key));
}
else
priv_key=dh->priv_key;
if (dh->pub_key == NULL)
{
pub_key=BN_new();
if (pub_key == NULL) goto err;
}
else
pub_key=dh->pub_key;
if ((dh->method_mont_p == NULL) && (dh->flags & DH_FLAG_CACHE_MONT_P))
{
if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p,
dh->p,&ctx)) goto err;
}
mont=(BN_MONT_CTX *)dh->method_mont_p;
if (!dh->meth->bn_mod_exp(dh, pub_key,dh->g,priv_key,dh->p,&ctx,mont))
goto err;
dh->pub_key=pub_key;
dh->priv_key=priv_key;
ok=1;
err:
if (ok != 1)
DHerr(DH_F_DH_GENERATE_KEY,ERR_R_BN_LIB);
if ((pub_key != NULL) && (dh->pub_key == NULL)) BN_free(pub_key);
if ((priv_key != NULL) && (dh->priv_key == NULL)) BN_free(priv_key);
BN_CTX_free(&ctx);
return(ok);
}
BN_CTX *BN_CTX_new(void)
{
BN_CTX *ret;
ret=(BN_CTX *)OPENSSL_malloc(sizeof(BN_CTX));
if (ret == NULL)
{
BNerr(BN_F_BN_CTX_NEW,ERR_R_MALLOC_FAILURE);
return(NULL);
}
BN_CTX_init(ret);
ret->flags=BN_FLG_MALLOCED;
return(ret);
}
/**
* Helper method to calculate the y-value
* for a given x-value and a polynomial
*
* @param x X-value
* @param polynomial The underlying polynomial
* @param t Threshold (determines the degree of the polynomial)
* @param prime Prime for finite field arithmetic
* @param y Pointer for storage of calculated y-value
*/
static void calculatePolynomialValue(const BIGNUM x, BIGNUM **polynomial, const unsigned char t, const BIGNUM prime, BIGNUM *y) {
BIGNUM **pp;
BIGNUM temp;
BIGNUM exponent;
unsigned long exp;
BN_CTX *ctx;
// Create context for temporary variables of OpenSSL engine
ctx = BN_CTX_new();
BN_CTX_init(ctx);
BN_init(&temp);
BN_init(&exponent);
// Set y to ZERO
BN_zero(y);
/* Initialize the result using the secret value at position 0 of the polynomial */
pp = polynomial;
BN_copy(y, *pp);
pp++;
for (exp = 1; exp < t; exp++) {
BN_copy(&temp, &x);
BN_set_word(&exponent, exp);
// temp = x^exponent mod prime
BN_mod_exp(&temp, &x, &exponent, &prime, ctx);
// exponent = temp * a = a * x^exponent mod prime
BN_mod_mul(&exponent, &temp, *pp, &prime, ctx);
// add the temp value from exponent to y
BN_copy(&temp, y);
BN_mod_add(y, &temp, &exponent, &prime, ctx);
pp++;
}
BN_clear_free(&temp);
BN_clear_free(&exponent);
BN_CTX_free(ctx);
}
int millerrabin(BIGNUM *bn_n, int maxitr, FILE *primesfile, int num_idnt){
int s = 0;
BIGNUM *bn_r = NULL;
BIGNUM *bn_n_1 = NULL;
BN_CTX *bn_ctx = NULL;
BIGNUM *bn_a = NULL;
BIGNUM *bn_y = NULL;
BIGNUM *bn_1 = NULL;
int i = 0;
int j = 0;
bn_a = BN_new();
bn_y = BN_new();
bn_r = BN_new();
bn_1 = BN_new();
BN_one(bn_1);
bn_ctx = BN_CTX_new();
bn_n_1 = BN_new();
BN_CTX_init(bn_ctx);
fseek(primesfile, 0 ,SEEK_SET);
s = compute_sr(bn_n, bn_r, bn_n_1, bn_ctx);
if(s == -1){
return -1;
}
if(num_idnt == 0){
fprintf(stdout, "n = %s\n", BN_bn2dec(bn_n));
}
printIndents(num_idnt);
fprintf(stdout, " n-1 = %s\n", BN_bn2dec(bn_n_1));
printIndents(num_idnt);
fprintf(stdout, " s = %d\n", s);
printIndents(num_idnt);
fprintf(stdout, " r = %s\n", BN_bn2dec(bn_r));
for(i = 1; i <= maxitr; i++){
printIndents(num_idnt);
fprintf(stdout, " Itr %d of %d, ", i, maxitr);
ithPrime(i, primesfile, bn_a);
if(BN_cmp(bn_a, bn_n_1) == 1){
return -1;
}
compute_y(bn_y, bn_a, bn_r, bn_n, bn_ctx);
if(BN_cmp(bn_y, bn_1) != 0 && BN_cmp(bn_y, bn_n_1) != 0){
fprintf(stdout, "a = %s, y = %s\n", BN_bn2dec(bn_a), BN_bn2dec(bn_y));
for(j = 1; j <= s - 1; j++){
BN_mod_mul(bn_y, bn_y, bn_y, bn_n, bn_ctx);
printIndents(num_idnt);
fprintf(stdout, " j = %d of %d, y = %s", j, s - 1, BN_bn2dec(bn_y));
if(BN_cmp(bn_y, bn_n_1) == 0){
fprintf(stdout, " (which is n-1)\n");
break;
}
putchar('\n');
if(BN_cmp(bn_y, bn_1) == 0){
return 0;
}
}
if(BN_cmp(bn_y, bn_n_1) != 0){
printIndents(num_idnt);
fprintf(stdout, "Miller-Rabin found a strong witness %s\n", BN_bn2dec(bn_a));
return 0;
}
}
else{
if(BN_cmp(bn_y, bn_n_1) == 0){
fprintf(stdout, "a = %s, y = %s (which is n-1)\n", BN_bn2dec(bn_a), BN_bn2dec(bn_y));
}
else{
fprintf(stdout, "a = %s, y = %s\n", BN_bn2dec(bn_a), BN_bn2dec(bn_y));
}
}
}
printIndents(num_idnt);
fprintf(stdout, "Miller-Rabin declares n to be a prime number\n");
return 1;
BN_free(bn_1);
BN_free(bn_a);
BN_free(bn_y);
BN_free(bn_r);
BN_CTX_free(bn_ctx);
}
/**
* Reconstruct secret using the provided shares
*
* @param shares Shares used to reconstruct secret (should contain t entries)
* @param t Threshold used to reconstruct the secret
* @param prime Prime for finite field arithmetic
* @param s Pointer for storage of calculated secred
*/
static int reconstructSecret(secret_share_t *shares, unsigned char t, const BIGNUM prime, BIGNUM *s) {
unsigned char i;
unsigned char j;
// Array representing the polynomial a(x) = s + a_1 * x + ... + a_n-1 * x^n-1 mod p
BIGNUM **bValue = malloc(t * sizeof(BIGNUM *));
BIGNUM **pbValue;
BIGNUM numerator;
BIGNUM denominator;
BIGNUM temp;
secret_share_t *sp_i;
secret_share_t *sp_j;
BN_CTX *ctx;
// Initialize
pbValue = bValue;
for (i = 0; i < t; i++) {
*pbValue = BN_new();
BN_init(*pbValue);
pbValue++;
}
BN_init(&numerator);
BN_init(&denominator);
BN_init(&temp);
// Create context for temporary variables of engine
ctx = BN_CTX_new();
BN_CTX_init(ctx);
pbValue = bValue;
sp_i = shares;
for (i = 0; i < t; i++) {
BN_one(&numerator);
BN_one(&denominator);
sp_j = shares;
for (j = 0; j < t; j++) {
if (i == j) {
sp_j++;
continue;
}
BN_mul(&numerator, &numerator, &(sp_j->x), ctx);
BN_sub(&temp, &(sp_j->x), &(sp_i->x));
BN_mul(&denominator, &denominator, &temp, ctx);
sp_j++;
}
/*
* Use the modular inverse value of the denominator for the
* multiplication
*/
if (BN_mod_inverse(&denominator, &denominator, &prime, ctx) == NULL ) {
return -1;
}
BN_mod_mul(*pbValue, &numerator, &denominator, &prime, ctx);
pbValue++;
sp_i++;
}
/*
* Calculate the secret by multiplying all y-values with their
* corresponding intermediate values
*/
pbValue = bValue;
sp_i = shares;
BN_zero(s);
for (i = 0; i < t; i++) {
BN_mul(&temp, &(sp_i->y), *pbValue, ctx);
BN_add(s, s, &temp);
pbValue++;
sp_i++;
}
// Perform modulo operation and copy result
BN_nnmod(&temp, s, &prime, ctx);
BN_copy(s, &temp);
BN_clear_free(&numerator);
BN_clear_free(&denominator);
BN_clear_free(&temp);
BN_CTX_free(ctx);
// Deallocate the resource of the polynomial
pbValue = bValue;
for (i = 0; i < t; i++) {
BN_clear_free(*pbValue);
pbValue++;
}
free(bValue);
return 0;
}