int16 rsa_public_block(uint8 *input, uint16 input_len, uint8 *output, uint16 *output_len, rsa_public_key *public_key)
{
  uint32 c[MAX_NN_DIGITS] = {0}, e[MAX_NN_DIGITS] = {0}, m[MAX_NN_DIGITS] = {0},
  n[MAX_NN_DIGITS] = {0};
  uint16 eDigits = 0, nDigits = 0;

  memset (c, 0, sizeof (c));
  memset (m, 0, sizeof (m));
  memset (n, 0, sizeof (n));

  nn_decode (m, MAX_NN_DIGITS, input, input_len);
  nn_decode (n, MAX_NN_DIGITS, public_key->modulus, MAX_RSA_MODULUS_LEN);
  nn_decode (e, MAX_NN_DIGITS, public_key->public_exponent, MAX_RSA_MODULUS_LEN);
  nDigits = nn_digits (n, MAX_NN_DIGITS);
  eDigits = nn_digits (e, MAX_NN_DIGITS);

  if (nn_cmp (m, n, nDigits) >= 0)
  return -1;

  /* Compute c = m^e mod n. */
  nn_mod_exp (c, m, e, eDigits, n, nDigits);

	*output_len = (uint16)(public_key->bits + 7) / 8;
	nn_encode (output, *output_len, c, nDigits);

	return (0);
}
예제 #2
0
int sss_test2()
{
	uint32 D[MAX_N_LENGTH] = 
	{
		0x0e85980c, 0x64ed9426, 0x6965357b, 0x148d7858,
		0x1fccaf34, 0x9dbb975d, 0xdbd454bf, 0xd31430f7,
		0xbcad1f90, 0x8ff6a4ad, 0xec59636f, 0xd0b54bc8,
		0x14614184, 0x7a1bbf74, 0xa7838212, 0x6a782cb3,
		0xd7e372fd, 0x8c146b8d, 0x0ca47816, 0x781323e6,
		0x00e729c5, 0xc9e7a788, 0x4d9a3516, 0xf9b81076,
		0xdf9bbb1d, 0x3edf8067, 0xf10fe7c7, 0x2a147030,
		0x09d038d3, 0x95e72f37, 0x7678c1f9, 0xaf1a81a1
	};
	uint32 E[MAX_N_LENGTH] =
	{
		0x10001,
	};
	uint32 N[MAX_N_LENGTH] =
	{
		0xe6f18faf, 0x4db624a6, 0x9471fbeb, 0x0156b6db,
		0xcadff22a, 0x6cb96fd8, 0x70f28e44, 0x32b10c1b,
		0xeea8dc03, 0x3372e6c0, 0x83a74734, 0x01101ea6,
		0x1f04e6b3, 0x41ec9759, 0xf2f6f77c, 0x16c5dd97,
		0xf5db6c60, 0xbd53bca9, 0xbdd7aebf, 0x70f338f4,
		0xb45a259c, 0xcff12faf, 0xdb5d435a, 0xeb075da7,
		0xd844a150, 0x2a98baba, 0x81c16187, 0x093b548c,
		0x20dec362, 0x64cfc03f, 0xe797a77d, 0x658e31eb
	};

	uint32 rsa[MAX_N_LENGTH];      /* rsa加密后的数据 */
    uint32 rsaDec[MAX_N_LENGTH];   /* rsa解密后的数据 */
	uint32 org_data[MAX_N_LENGTH]; /*源数据*/
	uint32 tmp_cmn_buff[MAX_N_LENGTH];

	rsa_public_key key_input[2] = {{0,{0},{0}},{0,{0},{0}}};
	int ret = 0;
	int rsa_out_len = sizeof(rsa);
	int rsaDec_out_len = sizeof(rsaDec);
	int i = 0;

    rever(N, MAX_N_LENGTH);
    rever(D, MAX_N_LENGTH);

	memset(tmp_cmn_buff, 0, sizeof(u32) * MAX_N_LENGTH);
	memset(rsa, 0, 4 * MAX_N_LENGTH);
	memset(rsaDec, 0, 4 * MAX_N_LENGTH);
	memset(org_data, 0, sizeof(org_data));

	memcpy(tmp_cmn_buff, N, sizeof(u32) * MAX_N_LENGTH);
	nn_encode((uint8*)&N[0], (uint16)(sizeof(u32) * MAX_N_LENGTH), (uint32*)tmp_cmn_buff,(uint16) MAX_N_LENGTH);
	memcpy(tmp_cmn_buff, D, sizeof(u32) * MAX_N_LENGTH);
	nn_encode((uint8*)&D[0], (uint16)(sizeof(u32) * MAX_N_LENGTH), (uint32*)tmp_cmn_buff, (uint16)MAX_N_LENGTH);
	memcpy(tmp_cmn_buff, E, sizeof(u32) * MAX_N_LENGTH);
	nn_encode((uint8*)&E[0], (uint16)(sizeof(u32) * MAX_N_LENGTH), (uint32*)tmp_cmn_buff, (uint16)MAX_N_LENGTH);

	key_input[1].bits = 8*sizeof(N);
	memcpy(key_input[1].modulus, N, sizeof(N));
	memcpy(key_input[1].public_exponent, D, sizeof(D));

	org_data[0] = 0xFFFFFFFF;
	org_data[1] = 116;
	org_data[2] = 116;
	org_data[3] = 116;
	org_data[4] = 116;
	org_data[5] = 116;
	org_data[6] = 116;


	ret = crypto_rsa_encrypt((char*)org_data, 7*4, (char*)&key_input, sizeof(key_input), (char*)rsa, &rsa_out_len);
	if(BSP_ERROR == ret)
	{
		security_print("function : %s -- linenum : %d -- retval : %X\n", ret);
		return ret;
	}
	security_print("rsa_out_len : %d\n\n",rsa_out_len);
	for(i = 0; i < rsa_out_len/4; i++)
		security_print("%lx\n", rsa[i]);
	security_print("========================\n");

	key_input[1].bits = 8*sizeof(N);
	memcpy(key_input[1].modulus, N, sizeof(N));
	memcpy(key_input[1].public_exponent, E, sizeof(E));
	ret = crypto_rsa_decrypt((char*)rsa, rsa_out_len, (char*)&key_input, sizeof(key_input), (char*)rsaDec, &rsaDec_out_len);
	if(BSP_ERROR == ret)
	{
		security_print("function : %s -- linenum : %d -- retval : %X\n", ret);
		return ret;
	}

	security_print("rsaDec_out_len : %d\n\n", rsaDec_out_len);
	for(i = 0; i < rsaDec_out_len/4; i++)
		security_print("%lx\n",rsaDec[i]);

	ret = memcmp(org_data, rsaDec, (unsigned) rsaDec_out_len);
	if(BSP_ERROR == ret)
	{
		security_print("function : %s -- linenum : %d -- retval : %X\n", ret);
		return ret;
	}

	return ret;
}
int16 rsa_private_block(uint8 *input, uint16 input_len, uint8 *output, uint16 *output_len, rsa_private_key *private_key)
{
  uint32 c[MAX_NN_DIGITS] = {0}, cP[MAX_NN_DIGITS] = {0}, cQ[MAX_NN_DIGITS] = {0},
  dP[MAX_NN_DIGITS] = {0}, dQ[MAX_NN_DIGITS] = {0}, mP[MAX_NN_DIGITS] = {0},
  mQ[MAX_NN_DIGITS] = {0}, n[MAX_NN_DIGITS] = {0}, p[MAX_NN_DIGITS] = {0}, q[MAX_NN_DIGITS] = {0},
  qInv[MAX_NN_DIGITS] = {0}, t[MAX_NN_DIGITS] = {0};
  uint16 cDigits = 0, nDigits = 0, pDigits = 0;

  memset (c, 0, sizeof (c));
  memset (cP, 0, sizeof (cP));
  memset (cQ, 0, sizeof (cQ));
  memset (dP, 0, sizeof (dP));
  memset (dQ, 0, sizeof (dQ));
  memset (mP, 0, sizeof (mP));
  memset (mQ, 0, sizeof (mQ));
  memset (p, 0, sizeof (p));
  memset (q, 0, sizeof (q));
  memset (qInv, 0, sizeof (qInv));
  memset (t, 0, sizeof (t));

  nn_decode (c, MAX_NN_DIGITS, input, input_len);
  nn_decode (n, MAX_NN_DIGITS, private_key->modulus, MAX_RSA_MODULUS_LEN);
  nn_decode (p, MAX_NN_DIGITS, private_key->prime[0], MAX_RSA_PRIME_LEN);
  nn_decode (q, MAX_NN_DIGITS, private_key->prime[1], MAX_RSA_PRIME_LEN);
  nn_decode (dP, MAX_NN_DIGITS, private_key->prime_exponent[0], MAX_RSA_PRIME_LEN);
  nn_decode (dQ, MAX_NN_DIGITS, private_key->prime_exponent[1], MAX_RSA_PRIME_LEN);
  nn_decode (qInv, MAX_NN_DIGITS, private_key->coefficient, MAX_RSA_PRIME_LEN);


  cDigits = nn_digits (c, MAX_NN_DIGITS);
  nDigits = nn_digits (n, MAX_NN_DIGITS);
  pDigits = nn_digits (p, MAX_NN_DIGITS);

  if (nn_cmp (c, n, nDigits) >= 0)
  return -1;

  /* Compute mP = cP^dP mod p  and  mQ = cQ^dQ mod q. (Assumes q has length at most pDigits, i.e., p > q.) */
  nn_mod (cP, c, cDigits, p, pDigits);
  nn_mod (cQ, c, cDigits, q, pDigits);
  nn_mod_exp (mP, cP, dP, pDigits, p, pDigits);

  nn_assign_zero (mQ, nDigits);
  nn_mod_exp (mQ, cQ, dQ, pDigits, q, pDigits);

  /* Chinese Remainder Theorem:  m = ((((mP - mQ) mod p) * qInv) mod p) * q + mQ.   */
  if (nn_cmp (mP, mQ, pDigits) >= 0)
  {
    nn_sub (t, mP, mQ, pDigits);
  }
  else
  {
    nn_sub (t, mQ, mP, pDigits);
    nn_sub (t, p, t, pDigits);
  }
  nn_mod_mult (t, t, qInv, p, pDigits);
  nn_mult (t, t, q, pDigits);
  nn_add (t, t, mQ, nDigits);

	*output_len = (uint16)(private_key->bits + 7) / 8;
	nn_encode (output, *output_len, t, nDigits);

	return (0);
}