int main() { int i,bytes,res; unsigned long ran; char m[RFS],ml[RFS],c[RFS],e[RFS],raw[100]; rsa_public_key pub; rsa_private_key priv; csprng RNG; octet M={0,sizeof(m),m}; octet ML={0,sizeof(ml),ml}; octet C={0,sizeof(c),c}; octet E={0,sizeof(e),e}; octet RAW={0,sizeof(raw),raw}; time((time_t *)&ran); RAW.len=100; /* fake random seed source */ RAW.val[0]=ran; RAW.val[1]=ran>>8; RAW.val[2]=ran>>16; RAW.val[3]=ran>>24; for (i=4;i<100;i++) RAW.val[i]=i; CREATE_CSPRNG(&RNG,&RAW); /* initialise strong RNG */ printf("Generating public/private key pair\n"); RSA_KEY_PAIR(&RNG,65537,&priv,&pub); printf("Encrypting test string\n"); OCT_jstring(&M,(char *)"Hello World\n"); OAEP_ENCODE(&M,&RNG,NULL,&E); /* OAEP encode message m to e */ RSA_ENCRYPT(&pub,&E,&C); /* encrypt encoded message */ printf("Ciphertext= "); OCT_output(&C); printf("Decrypting test string\n"); RSA_DECRYPT(&priv,&C,&ML); /* ... and then decrypt it */ OAEP_DECODE(NULL,&ML); /* decode it */ OCT_output_string(&ML); if (!OCT_comp(&M,&ML)) { printf("FAILURE RSA Encryption failed"); return 1; } OCT_clear(&M); OCT_clear(&ML); /* clean up afterwards */ OCT_clear(&C); OCT_clear(&RAW); OCT_clear(&E); KILL_CSPRNG(&RNG); RSA_PRIVATE_KEY_KILL(&priv); printf("SUCCESS\n"); return 0; }
int test_utils() { printf("test_utils() started\n"); int i,otp; char x[32]; octet X= {sizeof(x),sizeof(x),x}; char vector[32]; octet VECTOR= {sizeof(vector),sizeof(vector),vector}; char seed[32] = {0}; octet SEED = {0,sizeof(seed),seed}; csprng RNG; /* unrandom seed value! */ SEED.len=32; for (i=0; i<32; i++) SEED.val[i]=i+1; /* initialise random number generator */ CREATE_CSPRNG(&RNG,&SEED); for (i=0; i<nIter; i++) { otp = generateOTP(&RNG); if (otp != V1[i]) { printf("test_utils() FAILURE generateOTP failure\n"); return 1; } } for (i=0; i<nIter; i++) { generateRandom(&RNG,&X); OCT_fromHex(&VECTOR,V2[i]); if (!OCT_comp(&X,&VECTOR)) { printf("test_utils() FAILURE generateRandom failure\n"); return 1; } } for (i=0; i<nIter; i++) { amcl_hex2bin(V2[i], bintemp, 64); amcl_bin2hex(bintemp, temp, 32); if (strncmp(V2[i], temp, 64)) { printf("test_utils() FAILURE conversion hex/bin\n"); return 1; } } printf("test_utils() SUCCESS\n"); return 0; }
int X509_find_entity_property(octet *c,octet *SOID,int start,int *flen) { int i,j,k,fin,len,tlen; char foid[50]; /*****/ octet FOID= {0,sizeof(foid),foid}; j=start; tlen=getalen(SEQ,c->val,j); if (tlen<0) return 0; j+=skip(tlen); for (k=j; j<k+tlen;) { // search for Owner OID len=getalen(SET,c->val,j); if (len<0) return 0; j+=skip(len); len=getalen(SEQ,c->val,j); if (len<0) return 0; j+=skip(len); len=getalen(OID,c->val,j); if (len<0) return 0; j+=skip(len); fin=j+len; // extract OID FOID.len=len; for (i=0; j<fin; j++) FOID.val[i++]= c->val[j]; len=getalen(ANY,c->val,j); // get text, could be any type if (len<0) return 0; j+=skip(len); if (OCT_comp(&FOID,SOID)) { // if its the right one return *flen=len; return j; } j+=len; // skip over it } *flen=0; /*****/ return 0; }
int test_octet_consistency() { int i,j,len=100; int len64 = ((len/3) + 2)*4+1, lenHex = 28*len; char raw[256], bytes[len+1], bytes64[len64+1], bytesHex[lenHex+1], v[len], w[len]; octet V= {0,sizeof(v),v}, W= {0,sizeof(w),w}; csprng rng; /* Fake random source */ RAND_clean(&rng); for (i=0; i<256; i++) raw[i]=(char)i; RAND_seed(&rng,256,raw); /* test comparison */ for (len = 1; len <= 101; len=len+10) { OCT_rand(&W,&rng,len); OCT_copy(&V,&W); if(!OCT_comp(&V,&W)) { printf("ERROR comparing two equal octet, OCTET\n"); exit(EXIT_FAILURE); } for (i = 0; i < len; ++i) { if(!OCT_ncomp(&V,&W,i)) { printf("ERROR comparing two equal octet, OCTET\n"); exit(EXIT_FAILURE); } } OCT_rand(&V,&rng,len); if(OCT_comp(&V,&W)) { printf("ERROR comparing two different octet, OCTET\n"); exit(EXIT_FAILURE); } } OCT_rand(&W,&rng,0); OCT_copy(&V,&W); if(!OCT_comp(&V,&W)) { printf("ERROR comparing two equal octet, OCTET\n"); exit(EXIT_FAILURE); } for (len = 100; len > 0; len=len-10) { W.max = len; V.max = len; /* test conversion to and from base64 */ for (j = 0; j < 10; ++j) { OCT_rand(&W,&rng,len); OCT_copy(&V,&W); OCT_tobase64(bytes64,&W); OCT_frombase64(&W,bytes64); if(!OCT_comp(&V,&W)) { printf("ERROR converting to and from base64 OCTET\n"); exit(EXIT_FAILURE); } } /* test conversion to and from hex */ for (i = 0; i < 10; ++i) { OCT_rand(&W,&rng,len); OCT_copy(&V,&W); OCT_toHex(&W,bytesHex); OCT_fromHex(&W,bytesHex); if(!OCT_comp(&V,&W)) { printf("ERROR converting to and from Hex OCTET\n"); exit(EXIT_FAILURE); } } /* test conversion to and from string */ for (i = 0; i < 10; ++i) { OCT_rand(&W,&rng,len); OCT_copy(&V,&W); OCT_toStr(&W,bytes); OCT_jstring(&W,bytes); if(!OCT_comp(&V,&W)) { printf("ERROR converting to and from string, OCTET\n"); exit(EXIT_FAILURE); } } } printf("SUCCESS\n"); return 0; }
int main() { int res,len,sha; int c,ic; rsa_public_key_2048 PK; pktype st,ca,pt; printf("First check signature on self-signed cert and extract CA public key\n"); OCT_frombase64(&IO,ca_b64); printf("CA Self-Signed Cert= \n"); OCT_output(&IO); printf("\n"); st=X509_extract_cert_sig(&IO,&SIG); // returns signature type if (st.type==0) { printf("Unable to extract cert signature\n"); return 0; } if (st.type==ECC) { OCT_chop(&SIG,&S,SIG.len/2); OCT_copy(&R,&SIG); printf("ECC SIG= \n"); OCT_output(&R); OCT_output(&S); printf("\n"); } if (st.type==RSA) { printf("RSA SIG= \n"); OCT_output(&SIG); printf("\n"); } if (st.hash==H256) printf("Hashed with SHA256\n"); if (st.hash==H384) printf("Hashed with SHA384\n"); if (st.hash==H512) printf("Hashed with SHA512\n"); // Extract Cert from signed Cert c=X509_extract_cert(&IO,&H); printf("\nCert= \n"); OCT_output(&H); printf("\n"); // show some details printf("Issuer Details\n"); ic=X509_find_issuer(&H); c=X509_find_entity_property(&H,&ON,ic,&len); print_out("owner=",&H,c,len); c=X509_find_entity_property(&H,&CN,ic,&len); print_out("country=",&H,c,len); c=X509_find_entity_property(&H,&EN,ic,&len); print_out("email=",&H,c,len); printf("\n"); ca=X509_extract_public_key(&H,&CAKEY); if (ca.type==0) { printf("Not supported by library\n"); return 0; } if (ca.type!=st.type) { printf("Not self-signed\n"); } if (ca.type==ECC) { printf("EXTRACTED ECC PUBLIC KEY= \n"); OCT_output(&CAKEY); } if (ca.type==RSA) { printf("EXTRACTED RSA PUBLIC KEY= \n"); OCT_output(&CAKEY); } printf("\n"); // Cert is self-signed - so check signature printf("Checking Self-Signed Signature\n"); if (ca.type==ECC) { if (ca.curve!=CHOICE) { printf("Curve is not supported\n"); return 0; } res=ECP_NIST256_PUBLIC_KEY_VALIDATE(1,&CAKEY); if (res!=0) { printf("ECP Public Key is invalid!\n"); return 0; } else printf("ECP Public Key is Valid\n"); sha=0; if (st.hash==H256) sha=SHA256; if (st.hash==H384) sha=SHA384; if (st.hash==H512) sha=SHA512; if (st.hash==0) { printf("Hash Function not supported\n"); return 0; } if (ECP_NIST256_VP_DSA(sha,&CAKEY,&H,&R,&S)!=0) { printf("***ECDSA Verification Failed\n"); return 0; } else printf("ECDSA Signature/Verification succeeded \n"); } if (ca.type==RSA) { if (ca.curve!=2048) { printf("RSA bit size is not supported\n"); return 0; } PK.e=65537; // assuming this! RSA_2048_fromOctet(PK.n,&CAKEY); sha=0; if (st.hash==H256) sha=SHA256; if (st.hash==H384) sha=SHA384; if (st.hash==H512) sha=SHA512; if (st.hash==0) { printf("Hash Function not supported\n"); return 0; } PKCS15(sha,&H,&HP); RSA_2048_ENCRYPT(&PK,&SIG,&HH); if (OCT_comp(&HP,&HH)) printf("RSA Signature/Verification succeeded \n"); else { printf("***RSA Verification Failed\n"); return 0; } } printf("\nNext check CA signature on cert, and extract public key\n"); OCT_frombase64(&IO,cert_b64); printf("Example Cert= \n"); OCT_output(&IO); printf("\n"); st=X509_extract_cert_sig(&IO,&SIG); if (st.type==0) { printf("Unable to check cert signature\n"); return 0; } if (st.type==ECC) { OCT_chop(&SIG,&S,SIG.len/2); OCT_copy(&R,&SIG); printf("SIG= \n"); OCT_output(&R); OCT_output(&S); printf("\n"); } if (st.type==RSA) { printf("SIG= \n"); OCT_output(&SIG); printf("\n"); } c=X509_extract_cert(&IO,&H); printf("Cert= \n"); OCT_output(&H); printf("\n"); printf("Subject Details\n"); ic=X509_find_subject(&H); c=X509_find_entity_property(&H,&ON,ic,&len); print_out("owner=",&H,c,len); c=X509_find_entity_property(&H,&CN,ic,&len); print_out("country=",&H,c,len); c=X509_find_entity_property(&H,&EN,ic,&len); print_out("email=",&H,c,len); printf("\n"); ic=X509_find_validity(&H); c=X509_find_start_date(&H,ic); print_date("start date= ",&H,c); c=X509_find_expiry_date(&H,ic); print_date("expiry date=",&H,c); printf("\n"); pt=X509_extract_public_key(&H,&CERTKEY); if (pt.type==0) { printf("Not supported by library\n"); return 0; } if (pt.type==ECC) { printf("EXTRACTED ECC PUBLIC KEY= \n"); OCT_output(&CERTKEY); } if (pt.type==RSA) { printf("EXTRACTED RSA PUBLIC KEY= \n"); OCT_output(&CERTKEY); } printf("\n"); /* Check CA signature */ if (ca.type==ECC) { printf("Checking CA's ECC Signature on Cert\n"); res=ECP_NIST256_PUBLIC_KEY_VALIDATE(1,&CAKEY); if (res!=0) printf("ECP Public Key is invalid!\n"); else printf("ECP Public Key is Valid\n"); sha=0; if (st.hash==H256) sha=SHA256; if (st.hash==H384) sha=SHA384; if (st.hash==H512) sha=SHA512; if (st.hash==0) { printf("Hash Function not supported\n"); return 0; } if (ECP_NIST256_VP_DSA(sha,&CAKEY,&H,&R,&S)!=0) printf("***ECDSA Verification Failed\n"); else printf("ECDSA Signature/Verification succeeded \n"); } if (ca.type==RSA) { printf("Checking CA's RSA Signature on Cert\n"); PK.e=65537; // assuming this! RSA_2048_fromOctet(PK.n,&CAKEY); sha=0; if (st.hash==H256) sha=SHA256; if (st.hash==H384) sha=SHA384; if (st.hash==H512) sha=SHA512; if (st.hash==0) { printf("Hash Function not supported\n"); return 0; } PKCS15(sha,&H,&HP); RSA_2048_ENCRYPT(&PK,&SIG,&HH); if (OCT_comp(&HP,&HH)) printf("RSA Signature/Verification succeeded \n"); else printf("***RSA Verification Failed\n"); } return 0; }
// Extract Public Key from inside Certificate pktype X509_extract_public_key(octet *c,octet *key) { int i,j,fin,len,sj; char koid[12]; /*****/ octet KOID= {0,sizeof(koid),koid}; pktype ret; ret.type=ret.hash=0; ret.curve=-1; j=0; len=getalen(SEQ,c->val,j); if (len<0) return ret; j+=skip(len); if (len+j!=c->len) return ret; len=getalen(0,c->val,j); if (len<0) return ret; j+=skip(len)+len; //jump over version clause len=getalen(INT,c->val,j); if (len>0) j+=skip(len)+len; // jump over serial number clause (if there is one) len=getalen(SEQ,c->val,j); if (len<0) return ret; j+=skip(len)+len; // jump over signature algorithm len=getalen(SEQ,c->val,j); if (len<0) return ret; j+=skip(len)+len; // skip issuer len=getalen(SEQ,c->val,j); if (len<0) return ret; j+=skip(len)+len; // skip validity len=getalen(SEQ,c->val,j); if (len<0) return ret; j+=skip(len)+len; // skip subject len=getalen(SEQ,c->val,j); if (len<0) return ret; j+=skip(len); // len=getalen(SEQ,c->val,j); if (len<0) return ret; j+=skip(len); // ** Maybe dive in and check Public Key OIDs here? // ecpublicKey & prime256v1, secp384r1 or secp521r1 for ECC // rsapublicKey for RSA sj=j+len; len=getalen(OID,c->val,j); if (len<0) return ret; j+=skip(len); fin=j+len; KOID.len=len; for (i=0; j<fin; j++) KOID.val[i++]= c->val[j]; ret.type=0; if (OCT_comp(&ECPK,&KOID)) ret.type=ECC; if (OCT_comp(&RSAPK,&KOID)) ret.type=RSA; if (ret.type==0) return ret; if (ret.type==ECC) { // which elliptic curve? len=getalen(OID,c->val,j); if (len<0) { ret.type=0; return ret; } j+=skip(len); fin=j+len; KOID.len=len; for (i=0; j<fin; j++) KOID.val[i++]= c->val[j]; if (OCT_comp(&PRIME25519,&KOID)) ret.curve=C25519; /*****/ if (OCT_comp(&PRIME256V1,&KOID)) ret.curve=NIST256; if (OCT_comp(&SECP384R1,&KOID)) ret.curve=NIST384; if (OCT_comp(&SECP521R1,&KOID)) ret.curve=NIST521; } j=sj; // skip to actual Public Key len=getalen(BIT,c->val,j); if (len<0) { ret.type=0; return ret; } j+=skip(len); // j++; len--; // skip bit shift (hopefully 0!) // extract key if (ret.type==ECC) { key->len=len; fin=j+len; for (i=0; j<fin; j++) key->val[i++]= c->val[j]; } if (ret.type==RSA) { // Key is (modulus,exponent) - assume exponent is 65537 len=getalen(SEQ,c->val,j); if (len<0) { ret.type=0; return ret; } j+=skip(len); // len=getalen(INT,c->val,j); // get modulus if (len<0) { ret.type=0; return ret; } j+=skip(len); // if (c->val[j]==0) { j++; len--; // remove leading zero } key->len=len; fin=j+len; for (i=0; j<fin; j++) key->val[i++]= c->val[j]; ret.curve=8*len; } return ret; }
pktype X509_extract_cert_sig(octet *sc,octet *sig) { int i,j,k,fin,len,rlen,sj,ex; char soid[9]; octet SOID= {0,sizeof(soid),soid}; pktype ret; ret.type=0; ret.hash=0; j=0; len=getalen(SEQ,sc->val,j); // Check for expected SEQ clause, and get length if (len<0) return ret; // if not a SEQ clause, there is a problem, exit j+=skip(len); // skip over length to clause contents. Add len to skip clause if (len+j!=sc->len) return ret; len=getalen(SEQ,sc->val,j); if (len<0) return ret; j+=skip(len)+len; // jump over cert to signature OID len=getalen(SEQ,sc->val,j); if (len<0) return ret; j+=skip(len); sj=j+len; // Needed to jump over signature OID // dive in to extract OID len=getalen(OID,sc->val,j); if (len<0) return ret; j+=skip(len); fin=j+len; SOID.len=len; for (i=0; j<fin; j++) SOID.val[i++]= sc->val[j]; // check OID here.. if (OCT_comp(&ECCSHA256,&SOID)) { ret.type=ECC; ret.hash=H256; } if (OCT_comp(&ECCSHA384,&SOID)) { ret.type=ECC; ret.hash=H384; } if (OCT_comp(&ECCSHA512,&SOID)) { ret.type=ECC; ret.hash=H512; } if (OCT_comp(&RSASHA256,&SOID)) { ret.type=RSA; ret.hash=H256; } if (OCT_comp(&RSASHA384,&SOID)) { ret.type=RSA; ret.hash=H384; } if (OCT_comp(&RSASHA512,&SOID)) { ret.type=RSA; ret.hash=H512; } if (ret.type==0) return ret; // unsupported type j=sj; // jump out to signature len=getalen(BIT,sc->val,j); if (len<0) { ret.type=0; return ret; } j+=skip(len); j++; len--; // skip bit shift (hopefully 0!) if (ret.type==ECC) { // signature in the form (r,s) len=getalen(SEQ,sc->val,j); if (len<0) { ret.type=0; return ret; } j+=skip(len); // pick up r part of signature len=getalen(INT,sc->val,j); if (len<0) { ret.type=0; return ret; } j+=skip(len); if (sc->val[j]==0) { // skip leading zero j++; len--; } rlen=bround(len); ex=rlen-len; sig->len=2*rlen; i=0; for (k=0; k<ex; k++) sig->val[i++]=0; fin=j+len; for (; j<fin; j++) sig->val[i++]= sc->val[j]; // pick up s part of signature len=getalen(INT,sc->val,j); if (len<0) { ret.type=0; return ret; } j+=skip(len); if (sc->val[j]==0) { // skip leading zeros j++; len--; } rlen=bround(len); ex=rlen-len; for (k=0; k<ex; k++) sig->val[i++]=0; fin=j+len; for (; j<fin; j++) sig->val[i++]= sc->val[j]; } if (ret.type==RSA) { rlen=bround(len); ex=rlen-len; sig->len=rlen; i=0; for (k=0; k<ex; k++) sig->val[i++]=0; fin=j+len; for (; j<fin; j++) sig->val[i++]= sc->val[j]; } if (ret.hash==H256) ret.curve=NIST256; if (ret.hash==H384) ret.curve=NIST384; if (ret.hash==H512) ret.curve=NIST521; return ret; }
int main() { int i,j=0,res; int result; unsigned long ran; char *pp="M0ng00se"; /* These octets are automatically protected against buffer overflow attacks */ /* Note salt must be big enough to include an appended word */ /* Note ECIES ciphertext C must be big enough to include at least 1 appended block */ /* Recall EFS is field size in bytes. So EFS=32 for 256-bit curve */ char s0[EGS],s1[EGS],w0[2*EFS+1],w1[2*EFS+1],z0[EFS],z1[EFS],raw[100],key[EAS],salt[32],pw[20],p1[30],p2[30],v[2*EFS+1],m[32],c[64],t[32],cs[EGS],ds[EGS]; octet S0={0,sizeof(s0),s0}; octet S1={0,sizeof(s1),s1}; octet W0={0,sizeof(w0),w0}; octet W1={0,sizeof(w1),w1}; octet Z0={0,sizeof(z0),z0}; octet Z1={0,sizeof(z1),z1}; octet RAW={0,sizeof(raw),raw}; octet KEY={0,sizeof(key),key}; octet SALT={0,sizeof(salt),salt}; octet PW={0,sizeof(pw),pw}; octet P1={0,sizeof(p1),p1}; octet P2={0,sizeof(p2),p2}; octet V={0,sizeof(v),v}; octet M={0,sizeof(m),m}; octet C={0,sizeof(c),c}; octet T={0,sizeof(t),t}; octet CS={0,sizeof(cs),cs}; octet DS={0,sizeof(ds),ds}; /* Crypto Strong RNG */ csprng RNG; time((time_t *)&ran); /* fake random seed source */ RAW.len=100; RAW.val[0]=ran; RAW.val[1]=ran>>8; RAW.val[2]=ran>>16; RAW.val[3]=ran>>24; for (i=0;i<100;i++) RAW.val[i]=i; /* initialise strong RNG */ CREATE_CSPRNG(&RNG,&RAW); SALT.len=8; for (i=0;i<8;i++) SALT.val[i]=i+1; // set Salt printf("Alice's Passphrase= %s\n",pp); OCT_empty(&PW); OCT_jstring(&PW,pp); // set Password from string /* private key S0 of size EGS bytes derived from Password and Salt */ PBKDF2(&PW,&SALT,1000,EGS,&S0); printf("Alices private key= 0x"); OCT_output(&S0); /* Generate Key pair S/W */ ECP_KEY_PAIR_GENERATE(NULL,&S0,&W0); res=ECP_PUBLIC_KEY_VALIDATE(1,&W0); if (res!=0) { printf("ECP Public Key is invalid!\n"); return 1; } printf("Alice's public key= 0x"); OCT_output(&W0); /* Random private key for other party */ ECP_KEY_PAIR_GENERATE(&RNG,&S1,&W1); res=ECP_PUBLIC_KEY_VALIDATE(1,&W1); if (res!=0) { printf("ECP Public Key is invalid!\n"); return 1; } printf("Servers private key= 0x"); OCT_output(&S1); printf("Servers public key= 0x"); OCT_output(&W1); /* Calculate common key using DH - IEEE 1363 method */ ECPSVDP_DH(&S0,&W1,&Z0); ECPSVDP_DH(&S1,&W0,&Z1); if (!OCT_comp(&Z0,&Z1)) { printf("*** ECPSVDP-DH Failed\n"); return 0; } KDF2(&Z0,NULL,EAS,&KEY); printf("Alice's DH Key= 0x"); OCT_output(&KEY); printf("Servers DH Key= 0x"); OCT_output(&KEY); printf("Testing ECIES\n"); P1.len=3; P1.val[0]=0x0; P1.val[1]=0x1; P1.val[2]=0x2; P2.len=4; P2.val[0]=0x0; P2.val[1]=0x1; P2.val[2]=0x2; P2.val[3]=0x3; M.len=17; for (i=0;i<=16;i++) M.val[i]=i; ECP_ECIES_ENCRYPT(&P1,&P2,&RNG,&W1,&M,12,&V,&C,&T); printf("Ciphertext= \n"); printf("V= 0x"); OCT_output(&V); printf("C= 0x"); OCT_output(&C); printf("T= 0x"); OCT_output(&T); if (!ECP_ECIES_DECRYPT(&P1,&P2,&V,&C,&T,&S1,&M)) { printf("*** ECIES Decryption Failed\n"); return 1; } else printf("Decryption succeeded\n"); printf("Message is 0x"); OCT_output(&M); printf("Testing ECDSA\n"); if (ECPSP_DSA(&RNG,&S0,&M,&CS,&DS)!=0) { printf("***ECDSA Signature Failed\n"); return 1; } printf("Signature C = 0x"); OCT_output(&CS); printf("Signature D = 0x"); OCT_output(&DS); if (ECPVP_DSA(&W0,&M,&CS,&DS)!=0) { printf("***ECDSA Verification Failed\n"); return 1; } else printf("ECDSA Signature/Verification succeeded %d\n",j); KILL_CSPRNG(&RNG); printf("SUCCESS\n"); return 0; }
int test_ecdsa_keypair(int argc, char** argv) { if (argc != 2) { printf("usage: ./test_ecdsa_sign [path to test vector file]\n"); exit(EXIT_FAILURE); } int rc; FILE * fp = NULL; char line[LINE_LEN]; char * linePtr = NULL; int l1=0; int l2=0; char * d = NULL; const char* dStr = "d = "; octet dOct; char Qx[EGS]; const char* QxStr = "Qx = "; octet QxOct = {EGS,EGS,Qx}; char Qy[EGS]; const char* QyStr = "Qy = "; octet QyOct = {EGS,EGS,Qy}; char q2[2*EFS+1]; octet Q2Oct= {0,sizeof(q2),q2}; fp = fopen(argv[1], "r"); if (fp == NULL) { printf("ERROR opening test vector file\n"); exit(EXIT_FAILURE); } bool readLine = false; int i=0; while (fgets(line, LINE_LEN, fp) != NULL) { i++; readLine = true; if (!strncmp(line, dStr, strlen(dStr))) { #ifdef DEBUG printf("line %d %s\n", i,line); #endif // Find hex value in string linePtr = line + strlen(dStr); // Allocate memory l1 = strlen(linePtr)-1; l2 = l1/2; d = (char*) malloc (l2); if (d==NULL) exit(EXIT_FAILURE); // d binary value amcl_hex2bin(linePtr, d, l1); dOct.len=l2; dOct.max=l2; dOct.val=d; } if (!strncmp(line, QxStr, strlen(QxStr))) { #ifdef DEBUG printf("line %d %s\n", i,line); #endif // Find hex value in string linePtr = line + strlen(QxStr); // Allocate data l1 = strlen(linePtr)-1; // Qx binary value amcl_hex2bin(linePtr, Qx, l1); } if (!strncmp(line, QyStr, strlen(QyStr))) { #ifdef DEBUG printf("line %d %s\n", i,line); #endif // Find hex value in string linePtr = line + strlen(QyStr); // Allocate data l1 = strlen(linePtr)-1; // Qy binary value amcl_hex2bin(linePtr, Qy, l1); // Assign Public Key BIG qx, qy; char q[2*EFS+1]; BIG_fromBytes(qx,QxOct.val); BIG_fromBytes(qy,QyOct.val); octet QOct= {sizeof(q),sizeof(q),q}; QOct.val[0]=4; BIG_toBytes(&(QOct.val[1]),qx); BIG_toBytes(&(QOct.val[EFS+1]),qy); // Generate Key pair ECP_KEY_PAIR_GENERATE(NULL,&dOct,&Q2Oct); #ifdef DEBUG printf("QOct: "); OCT_output(&QOct); printf("\r\n"); printf("Q2Oct: "); OCT_output(&Q2Oct); printf("\r\n"); #endif rc = OCT_comp(&QOct,&Q2Oct); if (!rc) { printf("TEST ECDSA KEYPAIR FAILED LINE %d\n",i); exit(EXIT_FAILURE); } free(d); d = NULL; } } fclose(fp); if (!readLine) { printf("ERROR Empty test vector file\n"); exit(EXIT_FAILURE); } printf("SUCCESS TEST ECDSA KEYPAIR PASSED\n"); exit(EXIT_SUCCESS); }
int main() { char* KT="feffe9928665731c6d6a8f9467308308"; char* MT="d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39"; char* HT="feedfacedeadbeeffeedfacedeadbeefabaddad2"; char* NT="9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b"; // Tag should be 619cc5aefffe0bfa462af43c1699d050 int lenM=strlen(MT)/2; int lenH=strlen(HT)/2; int lenK=strlen(KT)/2; int lenIV=strlen(NT)/2; char t1[16]; // Tag char t2[16]; // Tag char k[16]; // AES Key char h[64]; // Header - to be included in Authentication, but not encrypted char iv[100]; // IV - Initialisation vector char m[100]; // Plaintext to be encrypted/authenticated char c[100]; // Ciphertext char p[100]; // Recovered Plaintext octet T1= {sizeof(t1),sizeof(t1),t1}; octet T2= {sizeof(t2),sizeof(t2),t2}; octet K= {0,sizeof(k),k}; octet H= {0,sizeof(h),h}; octet IV= {0,sizeof(iv),iv}; octet M= {0,sizeof(m),m}; octet C= {0,sizeof(c),c}; octet P= {0,sizeof(p),p}; M.len=lenM; K.len=lenK; H.len=lenH; IV.len=lenIV; hex2bytes(MT, m); hex2bytes(HT, h); hex2bytes(NT, iv); hex2bytes(KT, k); printf("Plaintext: "); OCT_output(&M); printf("\n"); AES_GCM_ENCRYPT(&K, &IV, &H, &M, &C, &T1); printf("Ciphertext: "); OCT_output(&C); printf("\n"); printf("Encryption Tag: "); OCT_output(&T1); printf("\n"); AES_GCM_DECRYPT(&K, &IV, &H, &C, &P, &T2); printf("Plaintext: "); OCT_output(&P); printf("\n"); printf("Decryption Tag: "); OCT_output(&T2); printf("\n"); if (!OCT_comp(&M,&P)) { printf("FAILURE Decryption\n"); return 1; } if (!OCT_comp(&T1,&T2)) { printf("FAILURE TAG mismatch\n"); return 1; } printf("SUCCESS\n"); return 0; }
int main() { int i,j=0,res; int result; unsigned long ran; char *pp="M0ng00se"; /* These octets are automatically protected against buffer overflow attacks */ /* Note salt must be big enough to include an appended word */ /* Note ECIES ciphertext C must be big enough to include at least 1 appended block */ /* Recall EFS is field size in bytes. So EFS=32 for 256-bit curve */ char s0[EGS],s1[EGS],w0[2*EFS+1],w1[2*EFS+1],z0[EFS],z1[EFS],raw[100],key[EAS],salt[32],pw[20]; octet S0={0,sizeof(s0),s0}; octet S1={0,sizeof(s1),s1}; octet W0={0,sizeof(w0),w0}; octet W1={0,sizeof(w1),w1}; octet Z0={0,sizeof(z0),z0}; octet Z1={0,sizeof(z1),z1}; octet RAW={0,sizeof(raw),raw}; octet KEY={0,sizeof(key),key}; octet SALT={0,sizeof(salt),salt}; octet PW={0,sizeof(pw),pw}; /* Crypto Strong RNG */ csprng RNG; time((time_t *)&ran); /* fake random seed source */ RAW.len=100; RAW.val[0]=ran; RAW.val[1]=ran>>8; RAW.val[2]=ran>>16; RAW.val[3]=ran>>24; for (i=4;i<100;i++) RAW.val[i]=i; CREATE_CSPRNG(&RNG,&RAW); /* initialise strong RNG */ SALT.len=8; for (i=0;i<8;i++) SALT.val[i]=i+1; // set Salt printf("Alice's Passphrase= %s\n",pp); OCT_clear(&PW); OCT_jstring(&PW,pp); // set Password from string /* private key S0 of size EGS bytes derived from Password and Salt */ PBKDF2(&PW,&SALT,1000,EGS,&S0); printf("Alices private key= 0x"); OCT_output(&S0); /* Generate Key pair S/W */ ECP_KEY_PAIR_GENERATE(NULL,&S0,&W0); res=ECP_PUBLIC_KEY_VALIDATE(1,&W0); if (res!=0) { printf("Alice's ECP Public Key is invalid!\n"); return 1; } printf("Alice's public key= 0x"); OCT_output(&W0); /* Random private key for other party */ ECP_KEY_PAIR_GENERATE(&RNG,&S1,&W1); printf("Servers private key= 0x"); OCT_output(&S1); printf("Servers public key= 0x"); OCT_output(&W1); res=ECP_PUBLIC_KEY_VALIDATE(1,&W1); if (res!=0) { printf("Server's ECP Public Key is invalid!\n"); return 1; } /* Calculate common key using DH - IEEE 1363 method */ ECPSVDP_DH(&S0,&W1,&Z0); ECPSVDP_DH(&S1,&W0,&Z1); if (!OCT_comp(&Z0,&Z1)) { printf("*** ECPSVDP-DH Failed\n"); return 1; } KDF2(&Z0,NULL,EAS,&KEY); printf("Alice's DH Key= 0x"); OCT_output(&KEY); printf("Servers DH Key= 0x"); OCT_output(&KEY); printf("SUCCESS\n"); return 0; }