vg_context_t * vg_prefix_context_new(int addrtype, int privtype, int caseinsensitive) { vg_prefix_context_t *vcpp; vcpp = (vg_prefix_context_t *) malloc(sizeof(*vcpp)); if (vcpp) { memset(vcpp, 0, sizeof(*vcpp)); vcpp->base.vc_addrtype = addrtype; vcpp->base.vc_privtype = privtype; vcpp->base.vc_npatterns = 0; vcpp->base.vc_npatterns_start = 0; vcpp->base.vc_found = 0; vcpp->base.vc_chance = 0.0; vcpp->base.vc_free = vg_prefix_context_free; vcpp->base.vc_add_patterns = vg_prefix_context_add_patterns; vcpp->base.vc_clear_all_patterns = vg_prefix_context_clear_all_patterns; vcpp->base.vc_test = vg_prefix_test; vcpp->base.vc_hash160_sort = vg_prefix_hash160_sort; avl_root_init(&vcpp->vcp_avlroot); BN_init(&vcpp->vcp_difficulty); vcpp->vcp_caseinsensitive = caseinsensitive; } return &vcpp->base; }
static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) { BN_CTX *ctx; BIGNUM k,*kinv=NULL,*r=NULL; int ret=0; if (ctx_in == NULL) { if ((ctx=BN_CTX_new()) == NULL) goto err; } else ctx=ctx_in; BN_init(&k); if ((r=BN_new()) == NULL) goto err; kinv=NULL; /* Get random k */ for (;;) { if (!BN_rand(&k, BN_num_bits(dsa->q), 1, 0)) goto err; if (BN_cmp(&k,dsa->q) >= 0) BN_sub(&k,&k,dsa->q); if (!BN_is_zero(&k)) break; } if ((dsa->method_mont_p == NULL) && (dsa->flags & DSA_FLAG_CACHE_MONT_P)) { if ((dsa->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL) if (!BN_MONT_CTX_set((BN_MONT_CTX *)dsa->method_mont_p, dsa->p,ctx)) goto err; } /* Compute r = (g^k mod p) mod q */ if (!dsa->meth->bn_mod_exp(dsa, r,dsa->g,&k,dsa->p,ctx, (BN_MONT_CTX *)dsa->method_mont_p)) goto err; if (!BN_mod(r,r,dsa->q,ctx)) goto err; /* Compute part of 's = inv(k) (m + xr) mod q' */ if ((kinv=BN_mod_inverse(NULL,&k,dsa->q,ctx)) == NULL) goto err; if (*kinvp != NULL) BN_clear_free(*kinvp); *kinvp=kinv; kinv=NULL; if (*rp != NULL) BN_clear_free(*rp); *rp=r; ret=1; err: if (!ret) { DSAerr(DSA_F_DSA_SIGN_SETUP,ERR_R_BN_LIB); if (kinv != NULL) BN_clear_free(kinv); if (r != NULL) BN_clear_free(r); } if (ctx_in == NULL) BN_CTX_free(ctx); if (kinv != NULL) BN_clear_free(kinv); BN_clear_free(&k); return(ret); }
qint32 CryptoUtils::checkDHParams (BIGNUM *p, qint32 g) { if (g < 2 || g > 7) { return -1; } BIGNUM t; BN_init (&t); BIGNUM dh_g; BN_init (&dh_g); Utils::ensure (BN_set_word (&dh_g, 4 * g)); Utils::ensure (BN_mod (&t, p, &dh_g, BN_ctx)); qint32 x = BN_get_word (&t); Q_ASSERT(x >= 0 && x < 4 * g); BN_free (&dh_g); switch (g) { case 2: if (x != 7) { return -1; } break; case 3: if (x % 3 != 2 ) { return -1; } break; case 4: break; case 5: if (x % 5 != 1 && x % 5 != 4) { return -1; } break; case 6: if (x != 19 && x != 23) { return -1; } break; case 7: if (x % 7 != 3 && x % 7 != 5 && x % 7 != 6) { return -1; } break; } if (!checkPrime (p)) { return -1; } BIGNUM b; BN_init (&b); Utils::ensure (BN_set_word (&b, 2)); Utils::ensure (BN_div (&t, 0, p, &b, BN_ctx)); if (!checkPrime (&t)) { return -1; } BN_free (&b); BN_free (&t); return 0; }
/* signing */ static int RSA_eay_private_encrypt(FIPS_RSA_SIZE_T flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { BIGNUM f,ret; int i,j,k,num=0,r= -1; unsigned char *buf=NULL; BN_CTX *ctx=NULL; int local_blinding = 0; BN_BLINDING *blinding = NULL; BN_init(&f); BN_init(&ret); if ((ctx=BN_CTX_new()) == NULL) goto err; num=BN_num_bytes(rsa->n); if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL) { RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,ERR_R_MALLOC_FAILURE); goto err; } switch (padding) { case RSA_PKCS1_PADDING: i=RSA_padding_add_PKCS1_type_1(buf,num,from,flen); break; case RSA_NO_PADDING: i=RSA_padding_add_none(buf,num,from,flen); break; case RSA_SSLV23_PADDING: default: RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,RSA_R_UNKNOWN_PADDING_TYPE); goto err; } if (i <= 0) goto err; if (BN_bin2bn(buf,num,&f) == NULL) goto err; if (BN_ucmp(&f, rsa->n) >= 0) { /* usually the padding functions would catch this */ RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS); goto err; } BLINDING_HELPER(rsa, ctx, goto err;);
void CECKey::SetSecretBytes(const unsigned char vch[32]) { BIGNUM bn; BN_init(&bn); assert(BN_bin2bn(vch, 32, &bn)); assert(EC_KEY_regenerate_key(pkey, &bn)); BN_clear_free(&bn); }
static int crypto_rsa_common(const BYTE* input, int length, UINT32 key_length, const BYTE* modulus, const BYTE* exponent, int exponent_size, BYTE* output) { BN_CTX* ctx; int output_length; BYTE* input_reverse; BYTE* modulus_reverse; BYTE* exponent_reverse; BIGNUM mod, exp, x, y; input_reverse = (BYTE*) malloc(2 * key_length + exponent_size); modulus_reverse = input_reverse + key_length; exponent_reverse = modulus_reverse + key_length; memcpy(modulus_reverse, modulus, key_length); crypto_reverse(modulus_reverse, key_length); memcpy(exponent_reverse, exponent, exponent_size); crypto_reverse(exponent_reverse, exponent_size); memcpy(input_reverse, input, length); crypto_reverse(input_reverse, length); ctx = BN_CTX_new(); BN_init(&mod); BN_init(&exp); BN_init(&x); BN_init(&y); BN_bin2bn(modulus_reverse, key_length, &mod); BN_bin2bn(exponent_reverse, exponent_size, &exp); BN_bin2bn(input_reverse, length, &x); BN_mod_exp(&y, &x, &exp, &mod, ctx); output_length = BN_bn2bin(&y, output); crypto_reverse(output, output_length); if (output_length < (int) key_length) memset(output + output_length, 0, key_length - output_length); BN_free(&y); BN_clear_free(&x); BN_free(&exp); BN_free(&mod); BN_CTX_free(ctx); free(input_reverse); return output_length; }
EC_GROUP *EC_GROUP_new(const EC_METHOD *meth) { EC_GROUP *ret; if (meth == NULL) { ECerr(EC_F_EC_GROUP_NEW, EC_R_SLOT_FULL); return NULL; } if (meth->group_init == 0) { ECerr(EC_F_EC_GROUP_NEW, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return NULL; } ret = clBnAlloc( "EC_GROUP_new",sizeof *ret); /* pcg */ if (ret == NULL) { ECerr(EC_F_EC_GROUP_NEW, ERR_R_MALLOC_FAILURE); return NULL; } memset( ret, 0, sizeof( EC_GROUP ) ); /* pcg */ ret->meth = meth; ret->extra_data = NULL; ret->generator = NULL; BN_init(&ret->order); BN_init(&ret->cofactor); ret->curve_name = 0; ret->asn1_flag = 0; ret->asn1_form = POINT_CONVERSION_UNCOMPRESSED; ret->seed = NULL; ret->seed_len = 0; if (!meth->group_init(ret)) { OPENSSL_free(ret); return NULL; } return ret; }
/** * Create shares depending on the provided parameters * * @param s Secret value to share * @param t Threshold needed to reconstruct the secret * @param n Total number of shares * @param prime Prime for finite field arithmetic * @param shares Pointer for storage of calculated shares (must be big enough to hold n shares) */ static int createShares(const BIGNUM *s, const unsigned char t, const unsigned char n, const BIGNUM prime, secret_share_t *shares) { // Array representing the polynomial a(x) = s + a_1 * x + ... + a_n-1 * x^n-1 mod p BIGNUM **polynomial = malloc(n * sizeof(BIGNUM *)); BIGNUM **pp; unsigned long i; secret_share_t *sp; // Set the secret value as the constant part of the polynomial pp = polynomial; *pp = BN_new(); BN_init(*pp); BN_copy(*pp, s); pp++; // Initialize and generate some random values for coefficients a_x in the remaining polynomial for (i = 1; i < t; i++) { *pp = BN_new(); BN_init(*pp); BN_rand_range(*pp, &prime); pp++; } sp = shares; // Now calculate n secret shares for (i = 1; i <= n; i++) { BN_init(&(sp->x)); BN_init(&(sp->y)); BN_set_word(&(sp->x), i); calculatePolynomialValue(sp->x, polynomial, t, prime, &(sp->y)); sp++; } // Deallocate the resource of the polynomial pp = polynomial; for (i = 0; i < t; i++) { BN_clear_free(*pp); pp++; } free(polynomial); return 0; }
/** * Helper method to calculate the y-value * for a given x-value and a polynomial * * @param x X-value * @param polynomial The underlying polynomial * @param t Threshold (determines the degree of the polynomial) * @param prime Prime for finite field arithmetic * @param y Pointer for storage of calculated y-value */ static void calculatePolynomialValue(const BIGNUM x, BIGNUM **polynomial, const unsigned char t, const BIGNUM prime, BIGNUM *y) { BIGNUM **pp; BIGNUM temp; BIGNUM exponent; unsigned long exp; BN_CTX *ctx; // Create context for temporary variables of OpenSSL engine ctx = BN_CTX_new(); BN_CTX_init(ctx); BN_init(&temp); BN_init(&exponent); // Set y to ZERO BN_zero(y); /* Initialize the result using the secret value at position 0 of the polynomial */ pp = polynomial; BN_copy(y, *pp); pp++; for (exp = 1; exp < t; exp++) { BN_copy(&temp, &x); BN_set_word(&exponent, exp); // temp = x^exponent mod prime BN_mod_exp(&temp, &x, &exponent, &prime, ctx); // exponent = temp * a = a * x^exponent mod prime BN_mod_mul(&exponent, &temp, *pp, &prime, ctx); // add the temp value from exponent to y BN_copy(&temp, y); BN_mod_add(y, &temp, &exponent, &prime, ctx); pp++; } BN_clear_free(&temp); BN_clear_free(&exponent); BN_CTX_free(ctx); }
int VN_BN_lcm( BIGNUM * zr,const BIGNUM * za,const BIGNUM * zb,BN_CTX * ctx ) { BIGNUM gcd, n; BN_init( &gcd ); BN_init( &n ); BN_mul( &n, za, zb, ctx ); BN_gcd( &gcd, za, zb, ctx ); BN_div( zr, NULL, &n, &gcd, ctx ); BN_free( &gcd ); BN_free( &n ); return 0; }
void crypto_rsa_encrypt(uint8* input, int length, uint32 key_length, uint8* modulus, uint8* exponent, uint8* output) { BN_CTX* ctx; int output_length; uint8* input_reverse; uint8* modulus_reverse; uint8* exponent_reverse; BIGNUM mod, exp, x, y; input_reverse = (uint8*) xmalloc(2 * MODULUS_MAX_SIZE + EXPONENT_MAX_SIZE); modulus_reverse = input_reverse + MODULUS_MAX_SIZE; exponent_reverse = modulus_reverse + MODULUS_MAX_SIZE; memcpy(modulus_reverse, modulus, key_length); crypto_reverse(modulus_reverse, key_length); memcpy(exponent_reverse, exponent, EXPONENT_MAX_SIZE); crypto_reverse(exponent_reverse, EXPONENT_MAX_SIZE); memcpy(input_reverse, input, length); crypto_reverse(input_reverse, length); ctx = BN_CTX_new(); BN_init(&mod); BN_init(&exp); BN_init(&x); BN_init(&y); BN_bin2bn(modulus_reverse, key_length, &mod); BN_bin2bn(exponent_reverse, EXPONENT_MAX_SIZE, &exp); BN_bin2bn(input_reverse, length, &x); BN_mod_exp(&y, &x, &exp, &mod, ctx); output_length = BN_bn2bin(&y, output); crypto_reverse(output, output_length); if (output_length < (int) key_length) memset(output + output_length, 0, key_length - output_length); BN_free(&y); BN_clear_free(&x); BN_free(&exp); BN_free(&mod); BN_CTX_free(ctx); xfree(input_reverse); }
void VN_BN_gcdext( const BIGNUM * za, const BIGNUM * zb, BIGNUM * zx, BIGNUM * zy, BIGNUM * gcd, BN_CTX * ctx ) { BIGNUM zs, old_s, zt, old_t, zr, old_r, quot, tmp; BN_init( &zs ); BN_init( &old_s ); BN_init( &zt ); BN_init( &old_t ); BN_init( &zr ); BN_init( &old_r ); BN_init( " ); BN_init( &tmp ); BN_set_word( &zs, 0 ); BN_set_word( &old_s, 1 ); BN_set_word( &zt, 1 ); BN_set_word( &old_t, 0 ); BN_copy( &zr, zb ); BN_copy( &old_r, za ); while( ! BN_is_zero( &zr ) ) { BN_div( ", &tmp, &old_r, &zr, ctx ); BN_mul( &tmp, ", &zr, ctx ); BN_sub( &tmp, &old_r, &tmp ); BN_copy( &old_r, &zr ); BN_copy( &zr, &tmp ); BN_mul( &tmp, ", &zs, ctx ); BN_sub( &tmp, &old_s, &tmp ); BN_copy( &old_s, &zs ); BN_copy( &zs, &tmp ); BN_mul( &tmp, ", &zt, ctx ); BN_sub( &tmp, &old_t, &tmp ); BN_copy( &old_t, &zt ); BN_copy( &zt, &tmp ); } BN_copy( zx, &old_s ); BN_copy( zy, &old_t ); BN_copy( gcd, &old_r ); BN_free( &zs ); BN_free( &old_s ); BN_free( &zt ); BN_free( &old_t ); BN_free( &zr ); BN_free( &old_r ); BN_free( " ); BN_free( &tmp ); }
bool key_from_base58(secp256k1_context *secpctx, const char *base58, size_t base58_len, bool *test_net, struct privkey *priv, struct pubkey *key) { u8 keybuf[1 + 32 + 1 + 4]; u8 csum[4]; BIGNUM bn; bool compressed; size_t keylen; BN_init(&bn); if (!raw_decode_base58(&bn, base58, base58_len)) return false; keylen = BN_num_bytes(&bn); if (keylen == 1 + 32 + 4) compressed = false; else if (keylen == 1 + 32 + 1 + 4) compressed = true; else goto fail_free_bn; BN_bn2bin(&bn, keybuf); base58_get_checksum(csum, keybuf, keylen - sizeof(csum)); if (memcmp(csum, keybuf + keylen - sizeof(csum), sizeof(csum)) != 0) goto fail_free_bn; /* Byte after key should be 1 to represent a compressed key. */ if (compressed && keybuf[1 + 32] != 1) goto fail_free_bn; if (keybuf[0] == 128) *test_net = false; else if (keybuf[0] == 239) *test_net = true; else goto fail_free_bn; /* Copy out secret. */ memcpy(priv->secret, keybuf + 1, sizeof(priv->secret)); if (!secp256k1_ec_seckey_verify(secpctx, priv->secret)) goto fail_free_bn; /* Get public key, too, since we know if it's compressed. */ if (!pubkey_from_privkey(secpctx, priv, key, compressed ? SECP256K1_EC_COMPRESSED : 0)) goto fail_free_bn; BN_free(&bn); return true; fail_free_bn: BN_free(&bn); return false; }
void CECKey::SetSecretBytes(const unsigned char vch[32]) { bool ret; BIGNUM bn; BN_init(&bn); ret = BN_bin2bn(vch, 32, &bn) != NULL; assert(ret); ret = EC_KEY_regenerate_key(pkey, &bn) != 0; assert(ret); BN_clear_free(&bn); }
static bool bp_block_valid_target(struct bp_block *block) { BIGNUM target, sha256; BN_init(&target); BN_init(&sha256); u256_from_compact(&target, block->nBits); bu256_bn(&sha256, &block->sha256); int cmp = BN_cmp(&sha256, &target); BN_clear_free(&target); BN_clear_free(&sha256); if (cmp > 0) /* sha256 > target */ return false; return true; }
int test_add(BIO *bp) { BIGNUM a,b,c; int i; BN_init(&a); BN_init(&b); BN_init(&c); BN_bntest_rand(&a,512,0,0); for (i=0; i<num0; i++) { BN_bntest_rand(&b,450+i,0,0); a.neg=rand_neg(); b.neg=rand_neg(); BN_add(&c,&a,&b); if (bp != NULL) { if (!results) { BN_print(bp,&a); BIO_puts(bp," + "); BN_print(bp,&b); BIO_puts(bp," - "); } BN_print(bp,&c); BIO_puts(bp,"\n"); } a.neg=!a.neg; b.neg=!b.neg; BN_add(&c,&c,&b); BN_add(&c,&c,&a); if(!BN_is_zero(&c)) { fprintf(stderr,"Add test failed!\n"); return 0; } } BN_free(&a); BN_free(&b); BN_free(&c); return(1); }
/* * Compute rmp=mp1+mp2. */ static void _madd(const char *msg, const MINT *mp1, const MINT *mp2, MINT *rmp) { BIGNUM b; BN_init(&b); BN_ERRCHECK(msg, BN_add(&b, mp1->bn, mp2->bn)); _moveb(msg, &b, rmp); BN_free(&b); }
void BN_CTX_init(BN_CTX *ctx) { int i; ctx->tos = 0; ctx->flags = 0; ctx->depth = 0; ctx->too_many = 0; for (i = 0; i < BN_CTX_NUM; i++) BN_init(&(ctx->bn[i])); }
int BN_cmp_word(const BIGNUM *a, BN_ULONG b) { BIGNUM b_bn; BN_init(&b_bn); b_bn.d = &b; b_bn.width = b > 0; b_bn.dmax = 1; b_bn.flags = BN_FLG_STATIC_DATA; return BN_cmp(a, &b_bn); }
static int dsa_builtin_keygen(DSA *dsa) { int ok = 0; BN_CTX *ctx = NULL; BIGNUM *pub_key = NULL, *priv_key = NULL; if ((ctx = BN_CTX_new()) == NULL) goto err; if (dsa->priv_key == NULL) { if ((priv_key = BN_new()) == NULL) goto err; } else priv_key=dsa->priv_key; do { if (!BN_rand_range(priv_key, dsa->q)) goto err; } while (BN_is_zero(priv_key)); if (dsa->pub_key == NULL) { if ((pub_key = BN_new()) == NULL) goto err; } else pub_key=dsa->pub_key; { BIGNUM local_prk; BIGNUM *prk; if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) { BN_init(&local_prk); prk = &local_prk; BN_with_flags(prk, priv_key, BN_FLG_CONSTTIME); } else prk = priv_key; if (!BN_mod_exp(pub_key, dsa->g, prk, dsa->p, ctx)) goto err; } dsa->priv_key = priv_key; dsa->pub_key = pub_key; ok = 1; err: if (pub_key != NULL && dsa->pub_key == NULL) BN_free(pub_key); if (priv_key != NULL && dsa->priv_key == NULL) BN_free(priv_key); if (ctx != NULL) BN_CTX_free(ctx); return ok; }
int main(int argc, char ** argv) { /* Generate 2 big random numbers (512 bits) */ primitive_p = initialize("1011011"); initialize_rand(SEED); BIGNUM *p = get_long_prime_number(RSA_KEY_LENGTH); printf("p=%s\n", BN_bn2hex(p)); BIGNUM *q = get_long_prime_number(RSA_KEY_LENGTH); printf("q=%s\n", BN_bn2hex(q)); /* Compute phi = (p-1)*(q-1) and n = p*q */ BIGNUM *phi, *n; BN_CTX *tmp; tmp = BN_CTX_new(); n = BN_new(); phi = BN_new(); BN_copy(n, p); BN_mul(n, n, q, tmp); printf("n=%s\n", BN_bn2dec(n)); BN_sub_word(p, 1); printf("p-1=%s\n", BN_bn2dec(p)); BN_sub_word(q, 1); printf("q-1=%s\n", BN_bn2dec(q)); phi = BN_new(); BN_init(tmp); BN_mul(phi, p, q, tmp); printf("(p-1)(q-1)=%s\n", BN_bn2dec(phi)); /* Find the smallest integer coprime with phi */ BIGNUM * e = BN_new(); BIGNUM *gcd = BN_new(); BN_add_word(e, 3); for ( ; ; BN_add_word(e, 2)) { tmp = BN_CTX_new(); BN_gcd(gcd, e, phi, tmp); if (BN_is_one(gcd)) break; } printf("e=%s\n", BN_bn2dec(e)); /* Find d, the inverse of e in Z_phi */ BIGNUM * d = BN_new(); BIGNUM * i = BN_new(); BIGNUM * rem = BN_new(); BIGNUM * prod = BN_new(); BN_add_word(i, 1); for ( ; ; BN_add_word(i, 1)) { BN_copy(prod, phi); tmp = BN_CTX_new(); BN_mul(prod, prod, i, tmp); BN_add_word(prod, 1); BN_div(d, rem, prod, e, tmp); if (BN_is_zero(rem)) { break; } } printf("d=%s\n", BN_bn2dec(d)); return 0; }
void crypto_rsa_encrypt(int len, uint8 * in, uint8 * out, uint32 modulus_size, uint8 * modulus, uint8 * exponent) { #ifdef CRYPTO_OPENSSL BN_CTX *ctx; BIGNUM mod, exp, x, y; uint8 inr[SEC_MAX_MODULUS_SIZE]; int outlen; reverse(modulus, modulus_size); reverse(exponent, SEC_EXPONENT_SIZE); memcpy(inr, in, len); reverse(inr, len); ctx = BN_CTX_new(); BN_init(&mod); BN_init(&exp); BN_init(&x); BN_init(&y); BN_bin2bn(modulus, modulus_size, &mod); BN_bin2bn(exponent, SEC_EXPONENT_SIZE, &exp); BN_bin2bn(inr, len, &x); BN_mod_exp(&y, &x, &exp, &mod, ctx); outlen = BN_bn2bin(&y, out); reverse(out, outlen); if (outlen < (int) modulus_size) memset(out + outlen, 0, modulus_size - outlen); BN_free(&y); BN_clear_free(&x); BN_free(&exp); BN_free(&mod); BN_CTX_free(ctx); #else /* built-in crypto */ ssl_rsa_encrypt(out, in, len, modulus_size, modulus, exponent); #endif }
static int ubsec_dsa_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, DSA *dsa) { int v_len, d_len; int to_return = 0; int fd; BIGNUM v, *pv = &v; BN_init(&v); if(!bn_wexpand(pv, dsa->p->top)) { UBSECerr(UBSEC_F_UBSEC_DSA_VERIFY, UBSEC_R_BN_EXPAND_FAIL); goto err; } v_len = BN_num_bits(dsa->p); d_len = p_UBSEC_ubsec_bytes_to_bits((unsigned char *)dgst, dgst_len); if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) { const DSA_METHOD *meth; fd = 0; UBSECerr(UBSEC_F_UBSEC_DSA_VERIFY, UBSEC_R_UNIT_FAILURE); meth = DSA_OpenSSL(); to_return = meth->dsa_do_verify(dgst, dgst_len, sig, dsa); goto err; } if (p_UBSEC_dsa_verify_ioctl(fd, 0, /* compute hash before signing */ (unsigned char *)dgst, d_len, (unsigned char *)dsa->p->d, BN_num_bits(dsa->p), (unsigned char *)dsa->q->d, BN_num_bits(dsa->q), (unsigned char *)dsa->g->d, BN_num_bits(dsa->g), (unsigned char *)dsa->pub_key->d, BN_num_bits(dsa->pub_key), (unsigned char *)sig->r->d, BN_num_bits(sig->r), (unsigned char *)sig->s->d, BN_num_bits(sig->s), (unsigned char *)v.d, &v_len) != 0) { const DSA_METHOD *meth; UBSECerr(UBSEC_F_UBSEC_DSA_VERIFY, UBSEC_R_REQUEST_FAILED); p_UBSEC_ubsec_close(fd); meth = DSA_OpenSSL(); to_return = meth->dsa_do_verify(dgst, dgst_len, sig, dsa); goto err; } p_UBSEC_ubsec_close(fd); to_return = 1; err: BN_clear_free(&v); return to_return; }
int test_sqr(BIO *bp, BN_CTX *ctx) { BIGNUM a,c,d,e; int i; BN_init(&a); BN_init(&c); BN_init(&d); BN_init(&e); for (i=0; i<num0; i++) { BN_bntest_rand(&a,40+i*10,0,0); a.neg=rand_neg(); BN_sqr(&c,&a,ctx); if (bp != NULL) { if (!results) { BN_print(bp,&a); BIO_puts(bp," * "); BN_print(bp,&a); BIO_puts(bp," - "); } BN_print(bp,&c); BIO_puts(bp,"\n"); } BN_div(&d,&e,&c,&a,ctx); BN_sub(&d,&d,&a); if(!BN_is_zero(&d) || !BN_is_zero(&e)) { fprintf(stderr,"Square test failed!\n"); return 0; } } BN_free(&a); BN_free(&c); BN_free(&d); BN_free(&e); return(1); }
int main() { BIGNUM *x, *y, *exp, *m; BIGNUM t; COMPLEX a, b, r; BN_init( &t ); x = BN_new(); y = BN_new(); exp = BN_new(); m = BN_new(); COMP_init( &a ); COMP_init( &b ); COMP_init( &r ); if ( Context == NULL ) Context = BN_CTX_new(); if(!BN_set_word(m, 43l)) goto err; BN_set_word(x, 38l); BN_set_word(y, 13l); BN_set_word(exp, 168l); BN_copy( &t ,m ); if (!COMP_set(&a, x, y, m)) goto err; if (!COMP_pow(&r, &a, exp, m)) goto err; BN_free( &t ); BN_free( x ); BN_free( y ); BN_free( exp ); BN_free( m ); COMP_free( &a ); COMP_free( &b ); COMP_free( &r ); return 0; err: BN_free( &t ); BN_free( x ); BN_free( y ); BN_free( exp ); BN_free( m ); COMP_free( &a ); COMP_free( &b ); COMP_free( &r ); return 0; }
void VN_BN_bin2hex( const unsigned char * bin, int length, struct vn_iovec * hex ) { BIGNUM tmp; BN_init( &tmp ); BN_bin2bn( bin, length, &tmp ); VN_BN_dump_hex( &tmp, hex ); BN_free( &tmp ); }
EC_POINT *GFp_suite_b_make_point(const EC_GROUP *group, const uint8_t *peer_public_key_x, size_t peer_public_key_x_len, const uint8_t *peer_public_key_y, size_t peer_public_key_y_len) { BIGNUM x; BN_init(&x); BIGNUM y; BN_init(&y); int ok = 0; EC_POINT *result = EC_POINT_new(group); if (result == NULL) { goto err; } /* |ec_GFp_simple_point_set_affine_coordinates| verifies that (x, y) is on * the curve and that each coordinate is a valid field element (i.e. * non-negative and less than `q`). The point cannot be the point at infinity * because it was given as affine coordinates. */ if (BN_bin2bn(peer_public_key_x, peer_public_key_x_len, &x) == NULL || BN_bin2bn(peer_public_key_y, peer_public_key_y_len, &y) == NULL || !ec_GFp_simple_point_set_affine_coordinates(group, result, &x, &y, NULL)) { goto err; } ok = 1; err: BN_free(&x); BN_free(&y); if (!ok) { EC_POINT_free(result); result = NULL; } return result; }
/* signing */ static int RSA_eay_private_encrypt(int flen, unsigned char *from, unsigned char *to, RSA *rsa, int padding) { const RSA_METHOD *meth; BIGNUM f,ret; int i,j,k,num=0,r= -1; unsigned char *buf=NULL; BN_CTX *ctx=NULL; int local_blinding = 0; BN_BLINDING *blinding = NULL; meth = rsa->meth; BN_init(&f); BN_init(&ret); if ((ctx=BN_CTX_new()) == NULL) goto err; num=BN_num_bytes(rsa->n); if ((buf=(unsigned char *)rtlglue_malloc(num)) == NULL) goto err; switch (padding) { case RSA_PKCS1_PADDING: i=RSA_padding_add_PKCS1_type_1(buf,num,from,flen); break; case RSA_NO_PADDING: i=RSA_padding_add_none(buf,num,from,flen); break; case RSA_SSLV23_PADDING: default: goto err; } if (i <= 0) goto err; if (BN_bin2bn(buf,num,&f) == NULL) goto err; if (BN_ucmp(&f, rsa->n) >= 0) goto err; BLINDING_HELPER(rsa, ctx, goto err;);
double vg_prefix_get_difficulty(int addrtype, const char *pattern) { BN_CTX *bnctx; BIGNUM result, bntmp; BIGNUM *ranges[4]; char *dbuf; int ret; double diffret = 0.0; bnctx = BN_CTX_new(); BN_init(&result); BN_init(&bntmp); ret = get_prefix_ranges(addrtype, pattern, ranges, bnctx); if (ret == 0) { BN_sub(&bntmp, ranges[1], ranges[0]); BN_add(&result, &result, &bntmp); if (ranges[2]) { BN_sub(&bntmp, ranges[3], ranges[2]); BN_add(&result, &result, &bntmp); } free_ranges(ranges); BN_clear(&bntmp); BN_set_bit(&bntmp, 192); BN_div(&result, NULL, &bntmp, &result, bnctx); dbuf = BN_bn2dec(&result); diffret = strtod(dbuf, NULL); OPENSSL_free(dbuf); } BN_clear_free(&result); BN_clear_free(&bntmp); BN_CTX_free(bnctx); return diffret; }
int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx) { BIGNUM Ri,*R; BN_init(&Ri); R= &(mont->RR); /* grab RR as a temp */ BN_copy(&(mont->N),mod); /* Set N */ { BIGNUM tmod; BN_ULONG buf[2]; mont->ri=(BN_num_bits(mod)+(BN_BITS2-1))/BN_BITS2*BN_BITS2; if (!(BN_zero(R))) goto err; if (!(BN_set_bit(R,BN_BITS2))) goto err; /* R */ buf[0]=mod->d[0]; /* tmod = N mod word size */ buf[1]=0; tmod.d=buf; tmod.top=1; tmod.dmax=2; tmod.neg=mod->neg; /* Ri = R^-1 mod N*/ if ((BN_mod_inverse(&Ri,R,&tmod,ctx)) == NULL) goto err; /* R*Ri */ if (!(BN_lshift(&Ri,&Ri,BN_BITS2))) goto err; if (!BN_is_zero(&Ri)) { if (!BN_sub_word(&Ri,1)) goto err; } else /* if N mod word size == 1 */ /* Ri-- (mod word size) */ { if (!BN_set_word(&Ri,BN_MASK2)) goto err; } /* Ni = (R*Ri-1)/N, keep only least significant word: */ if (!(BN_div(&Ri,NULL,&Ri,&tmod,ctx))) goto err; mont->n0=Ri.d[0]; BN_free(&Ri); } /* setup RR for conversions */ if (!(BN_zero(&(mont->RR)))) goto err; if (!(BN_set_bit(&(mont->RR),mont->ri*2))) goto err; if (!(BN_mod(&(mont->RR),&(mont->RR),&(mont->N),ctx))) goto err; return(1); err: return(0); }