static int pkey_rsa_encrypt(EVP_PKEY_CTX *ctx,
unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen)
{
int ret;
RSA_PKEY_CTX *rctx = ctx->data;
if (rctx->pad_mode == RSA_PKCS1_OAEP_PADDING) {
int klen = RSA_size(ctx->pkey->pkey.rsa);
if (!setup_tbuf(rctx, ctx))
return -1;
if (!RSA_padding_add_PKCS1_OAEP_mgf1(rctx->tbuf, klen,
in, inlen,
rctx->oaep_label,
rctx->oaep_labellen,
rctx->md, rctx->mgf1md))
return -1;
ret = RSA_public_encrypt(klen, rctx->tbuf, out,
ctx->pkey->pkey.rsa, RSA_NO_PADDING);
} else
ret = RSA_public_encrypt(inlen, in, out, ctx->pkey->pkey.rsa,
rctx->pad_mode);
if (ret < 0)
return ret;
*outlen = ret;
return 1;
}
void
rsa_public_encrypt(BIGNUM *out, BIGNUM *in, RSA *key)
{
u_char *inbuf, *outbuf;
int len, ilen, olen;
if (BN_num_bits(key->e) < 2 || !BN_is_odd(key->e))
errx(1, "rsa_public_encrypt() exponent too small or not odd");
olen = BN_num_bytes(key->n);
outbuf = (u_char*)malloc(olen);
ilen = BN_num_bytes(in);
inbuf = (u_char*)malloc(ilen);
if (outbuf == NULL || inbuf == NULL)
err(1, "malloc");
BN_bn2bin(in, inbuf);
if ((len = RSA_public_encrypt(ilen, inbuf, outbuf, key,
RSA_PKCS1_PADDING)) <= 0)
errx(1, "rsa_public_encrypt() failed");
BN_bin2bn(outbuf, len, out);
memset(outbuf, 0, olen);
memset(inbuf, 0, ilen);
free(outbuf);
free(inbuf);
}
bool rsa::encrypt_by_public_key(const void* src, size_t src_size, void* dest, size_t dest_size, size_t* en_size)
{
if (RSA_ == NULL || src == NULL || dest == NULL || en_size == NULL)
{
return false;
}
// 정확한 SrcSize의 최대치를 구해낼 수 없다.
// 일단 확실 한 것은 key사이즈 보다는 작다. 1024비트(128바이트)일때 117바이트라는 값이 나온다.
// encrypt를 하면 항상 max_en_size_가 된다.
if (src_size > max_en_size_ || dest_size < max_en_size_)
{
return false;
}
const unsigned char* in = static_cast< const unsigned char* >(src);
unsigned char* out = static_cast< unsigned char* >(dest);
int en_temp = RSA_public_encrypt(static_cast< int >(src_size), in, out, RSA_, RSA_PKCS1_PADDING);
if (en_temp <= 0)
{
return false;
}
*en_size = en_temp;
return true;
}
/*
* rsa public key encrypt
*/
char* rsa_encrypt_public(unsigned char*txt,int txt_len,char* public_key_str,int p_len,int* enc_len)
{
//char *public_key = "-----BEGIN RSA PUBLIC KEY-----\nMIGJAoGBAL331YpDOljAJznk4eNt0TfZJREYypIhWTN/gx0g1iUIaLPlFR7ydjaB\npd9V7G3GvvOf3mGijP+9LjKdgQ8p1pgDW7DeXZk2dTAeQ4hdY287/sw6NFKJxMXA\nFGoUdARObVespCZBdHSqo8kFMAjVGge6ZoH6nAjGzvIfijgsj+2jAgMBAAE=\n-----END RSA PUBLIC KEY-----\n";
//char * private_key = "-----BEGIN RSA PRIVATE KEY-----\nMIICXQIBAAKBgQC999WKQzpYwCc55OHjbdE32SURGMqSIVkzf4MdINYlCGiz5RUe\n8nY2gaXfVextxr7zn95hooz/vS4ynYEPKdaYA1uw3l2ZNnUwHkOIXWNvO/7MOjRS\nicTFwBRqFHQETm1XrKQmQXR0qqPJBTAI1RoHumaB+pwIxs7yH4o4LI/towIDAQAB\nAoGBAI1ALF2EI2w+ZGxdzcBntXtLUI5n2qfReBwcogcUlWYv3Hp2yb+bFV7uA8IO\nh6AQeYd4xcffL+wwZJtqFb6Ko25XAei8Os3xjb9k5fCcyrmyY+5oeXdQHlcbd/f8\niy8/rOEHZTr4iBXe/8ADlQZlRUkYCblPZ4i4BgzBUB6HzhxhAkEA8wJRx/FjOo6F\noO1aTewbvFIv4Dckqq5j/pBu9fkv1AhMxSfdGnsYcuIn15Y1/RlnpxrmJNWgryvd\n+6LJGDgjWQJBAMgfoINe80YiPCdMoboMd/u1uf1BhwujbiJPSrS40lc3jfyPmHA4\n8hppo8QuELI4rXRE/im4c+zmyphxEyULpVsCQQDnD96JGin65MeE1AsYqpdYwmEJ\ndgVkUXt88wK+2ZizqMyubpAa/M6rdgTiRc7CASUAzF/myEYIKdLh0NAbOk3JAkAE\nxEQVfPh8bipSoU+k19EvzKdOcfYef9kKtirIXTKdYzRdlKoD2kdh+6wr6xD4vcLb\n5xzKr5sLRIAE24SiOEHLAkB1TBlvvvIltttSc9lOpq3UhmtHQJaS32lD2Lk2/zNx\nW6Jbsk+sCQXM0ww4GTCpHMISfokEPtqOPikPcVFs98Oj\n-----END RSA PRIVATE KEY-----\n";
RSA* rsa;
int rsa_len;
char *p_en;
#if 1
//public_key = rsa_key_seliaze(public_key_str);
BIO* p_bio = BIO_new_mem_buf(public_key_str, -1);
printf("rsa_encrypt is %p \n",p_bio);
rsa = PEM_read_bio_RSAPublicKey(p_bio, NULL, NULL, NULL); //PEM_read_bio_RSAPrivateKey
if ( rsa == NULL ) {
printf("RSA is NULL\n");
return NULL;
}
#else
FILE* file=fopen("/tmp/r_pub.key","r");
rsa=PEM_read_RSAPrivateKey(file,NULL,NULL,NULL);//PEM_read_RSAPrivateKey
#endif
rsa_len=RSA_size(rsa);
p_en=(unsigned char *)calloc(rsa_len+1,1);
printf("rsa length = %d\n",rsa_len);
int rc=0;
if((rc=RSA_public_encrypt(txt_len,(unsigned char *)txt,(unsigned char*)p_en,rsa,RSA_PKCS1_PADDING))<=0) {
int e=ERR_get_error();
printf("error code is:%s\n",ERR_error_string(e,NULL));
return NULL;
}
printf("rsa length = %d\n",strlen(p_en));
RSA_free(rsa);
*enc_len = rc;
return p_en;
}
array::array* rsa_encrypt(const array::array* data, RSA* rsa) {
if(data == nullptr || data == 0) {
std::cout << "(i) " << __func__ << ": empty or null data." << std::endl;
return nullptr;
}
if(rsa == nullptr || rsa == 0) {
std::cout << "(i)" << __func__ << ": empty or null key." << std::endl;
return nullptr;
}
int result;
byte* out = new byte[RSA_size(rsa)];
result = RSA_public_encrypt(data->length, data->data, out, rsa, RSA_PKCS1_PADDING);
if(result < 0) {
delete[] out;
return nullptr;
}
array::array* encrypted = array::create(result, out);
delete[] out;
return encrypted;
}
/* GMSSL: EVP_PKEY_encrypt_old() is modified */
int EVP_PKEY_encrypt_old(unsigned char *out, const unsigned char *in,
int inlen, EVP_PKEY *pkey)
{
int ret = 0;
EVP_PKEY_CTX *ctx = NULL;
size_t size;
if (pkey->type == EVP_PKEY_RSA) {
ret = RSA_public_encrypt(inlen, in, out, pkey->pkey.rsa,
RSA_PKCS1_PADDING);
} else {
if (!(ctx = EVP_PKEY_CTX_new(pkey, NULL))) {
return 0;
}
if (1 != EVP_PKEY_encrypt_init(ctx)) {
return 0;
}
if (1 != EVP_PKEY_encrypt(ctx, out, &size, in, inlen)) {
goto end;
}
ret = (int)size;
}
end:
EVP_PKEY_CTX_free(ctx);
return ret;
}
/**
* 功能描述:RSA加密
* @param pData:原始数据
* @param ilen: 原始数据长度
* @param pEncodeData: 加密后数据
* @return -1: 失败, 其他: 加密数据长度
**/
int RSAEncrypt(const char* pData , int iLen, char** pEncodeData)
{
char chPublicKey[] = "-----BEGIN PUBLIC KEY-----\n"
"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCb/vAGucNg3OJyBV6/aWEd7IK9"
"46GYnOT089mDzNY2zDBB9hPWwdSUYOTbDROlc3Gd4eOudeQqlnAgHB7zqwVGqWuG"
"vbqHWSSPpp6pMilpVVz9SMbL/1BgfhK+dKWIDYHJDRJFpBLFUpe0vq8n+8Mdgp1z"
"NPH3cR+rWK8zI5xF5wIDAQAB"
"\n-----END PUBLIC KEY-----\n";
BIO *bio = BIO_new_mem_buf(chPublicKey, -1);
if (!bio)
{
return -1;
}
RSA* rsa = PEM_read_bio_RSA_PUBKEY(bio, NULL, NULL, NULL);
if (!rsa)
{
return -1;
}
int nLen = RSA_size(rsa);
char* pEncode = (char*)malloc(nLen + 1);
int rc = RSA_public_encrypt(iLen, (const unsigned char*)pData, (unsigned char*)pEncode, rsa, RSA_PKCS1_PADDING);
*pEncodeData = pEncode;
RSA_free(rsa);
CRYPTO_cleanup_all_ex_data();
return rc;
}
//-------------------------------------------------------------------------------------
int KBE_RSA::encrypt(const std::string& instr, std::string& outCertifdata)
{
KBE_ASSERT(rsa_public != NULL);
unsigned char* certifdata =(unsigned char*)calloc(RSA_size(static_cast<RSA*>(rsa_public)) + 1, sizeof(unsigned char));
int certifsize = RSA_public_encrypt(instr.size(),
(unsigned char*)instr.c_str(), certifdata, static_cast<RSA*>(rsa_public), RSA_PKCS1_OAEP_PADDING);
if (certifsize < 0)
{
ERR_load_crypto_strings();
char err[1024];
char* errret = ERR_error_string(ERR_get_error(), err);
ERROR_MSG(fmt::format("KBE_RSA::encrypt: RSA_public_encrypt error({} : {})\n",
errret, err));
free(certifdata);
return certifsize;
}
outCertifdata.assign((const char*)certifdata, certifsize);
free(certifdata);
return certifsize;
}
//公钥加密会话密钥:
bool CRsaDesManager::RSAPubEncode(ui16 wKeyIdx, unsigned char *pcInData, unsigned long ulInLen, unsigned char *pcOutData, unsigned long *ulOutLen)
{
if(!CheckRSAKeyIdx(wKeyIdx))
return false;
*ulOutLen = 0;
unsigned long ulInTmpLen = std::min<int>(ulInLen, RSA_ENCODE_LEN_UNIT);
unsigned long ulOutTmpLen = 0;
while(ulInLen)
{
ulOutTmpLen = RSA_public_encrypt(ulInTmpLen, pcInData, pcOutData+(*ulOutLen), m_pPubRSA[wKeyIdx], 1);
if(ulOutTmpLen <= 0)
break;
*ulOutLen = (*ulOutLen) + ulOutTmpLen;
pcInData = pcInData+ulInTmpLen;
ulInLen -= ulInTmpLen;
ulInTmpLen = std::min<int>(ulInLen, RSA_ENCODE_LEN_UNIT);
}
if(ulInLen <= 0)
return true;
else
return false;
}
int32_t psRsaEncryptPub(psPool_t *pool, psRsaKey_t *key,
const unsigned char *in, psSize_t inlen,
unsigned char *out, psSize_t outlen,
void *data)
{
return RSA_public_encrypt(inlen, in, out, *key, RSA_PKCS1_PADDING);
}
ZBuffer& RSAZCryptor::publickey_encrypt(int in_len, unsigned char* in, ZBuffer& result)
{
if(in_len <= 0)
{
if(m_trace_level > 0)
printf("Warning: input to publickey_encrypt is empty\n");
return result;
}
ZBuffer onebuf(pub_size);
int onelen = 0;
int inc = pub_size - 42;
int resultlen = (in_len/inc + (((in_len%inc) == 0)?0:1)) * pub_size;
result.reserve(resultlen);
int curpos = 0;
unsigned char* resultptr = result.buffer();
while(curpos < in_len)
{
int cur_inc = (in_len - curpos > inc)?inc:(in_len - curpos);
onelen = RSA_public_encrypt(cur_inc, in + curpos, onebuf.buffer(), pub_rsa, RSA_PKCS1_OAEP_PADDING);
if(onelen < 0)
{
throw_error();
}
memcpy(resultptr, onebuf.buffer(), onelen);
curpos += cur_inc;
resultptr += onelen;
}
return result;
}
//使用公钥加密
int rsa_encrypt(char *in, const char *key_path, char* out)
{
RSA *p_rsa;
FILE *file;
int rsa_len;
if ((file=fopen(key_path, "r"))==NULL)
{
perror("open key file error");
return 0;
}
//if ((p_rsa=PEM_read_RSA_PUBKEY(file, NULL, &ccbb, NULL))==NULL){
if ((p_rsa=PEM_read_RSAPublicKey(file, NULL, NULL, NULL))==NULL){
ERR_print_errors_fp(stdout);
return 0;
}
rsa_len=RSA_size(p_rsa);
if (RSA_public_encrypt(rsa_len, (unsigned char*)in, (unsigned char*)out, p_rsa, RSA_NO_PADDING)<0)
{
return 0;
}
RSA_free(p_rsa);
fclose(file);
return 1;
}
/**
\ingroup Core_Crypto
\brief RSA-encrypts data
\param out Where to write the encrypted data
\param in Plaintext
\param length Size of plaintext
\param pubkey RSA Public Key
*/
int
__ops_rsa_public_encrypt(uint8_t *out,
const uint8_t *in,
size_t length,
const __ops_rsa_pubkey_t *pubkey)
{
RSA *orsa;
int n;
/* printf("__ops_rsa_public_encrypt: length=%ld\n", length); */
orsa = RSA_new();
orsa->n = pubkey->n;
orsa->e = pubkey->e;
/* printf("len: %ld\n", length); */
/* __ops_print_bn("n: ", orsa->n); */
/* __ops_print_bn("e: ", orsa->e); */
n = RSA_public_encrypt((int)length, in, out, orsa, RSA_NO_PADDING);
if (n == -1) {
BIO *fd_out;
fd_out = BIO_new_fd(fileno(stderr), BIO_NOCLOSE);
ERR_print_errors(fd_out);
}
orsa->n = orsa->e = NULL;
RSA_free(orsa);
return n;
}
static int rsa_encrypt(u_int8_t *text, int len, u_int8_t *res)
{
RSA *rsa;
u_int8_t modules[256];
u_int8_t exponent[8];
int size;
char n[] =
"59dE8qLieItsH1WgjrcFRKj6eUWqi+bGLOX1HL3U3GhC/j0Qg90u3sG/1CUtwC"
"5vOYvfDmFI6oSFXi5ELabWJmT2dKHzBJKa3k9ok+8t9ucRqMd6DZHJ2YCCLlDR"
"KSKv6kDqnw4UwPdpOMXziC/AMj3Z/lUVX1G7WSHCAWKf1zNS1eLvqr+boEjXuB"
"OitnZ/bDzPHrTOZz0Dew0uowxf/+sG+NCK3eQJVxqcaJ/vEHKIVd2M+5qL71yJ"
"Q+87X6oV3eaYvt3zWZYD6z5vYTcrtij2VZ9Zmni/UAaHqn9JdsBWLUEpVviYnh"
"imNVvYFZeCXg/IdTQ+x4IRdiXNv5hEew==";
char e[] = "AQAB";
rsa=RSA_new();
size=base64_decode(n,modules);
rsa->n=BN_bin2bn(modules,size,NULL);
size=base64_decode(e,exponent);
rsa->e=BN_bin2bn(exponent,size,NULL);
size=RSA_public_encrypt(len, text, res, rsa, RSA_PKCS1_OAEP_PADDING);
RSA_free(rsa);
return size;
}
/**
\ingroup Core_Crypto
\brief RSA-encrypts data
\param out Where to write the encrypted data
\param in Plaintext
\param length Size of plaintext
\param rsa RSA Public Key
*/
int ops_rsa_public_encrypt(unsigned char *out,const unsigned char *in,
size_t length,const ops_rsa_public_key_t *rsa)
{
RSA *orsa;
int n;
// printf("ops_rsa_public_encrypt: length=%ld\n", length);
orsa=RSA_new();
orsa->n=rsa->n;
orsa->e=rsa->e;
// printf("len: %ld\n", length);
// ops_print_bn("n: ", orsa->n);
// ops_print_bn("e: ", orsa->e);
n=RSA_public_encrypt(length,in,out,orsa,RSA_NO_PADDING);
if (n==-1)
{
BIO *fd_out;
fd_out=BIO_new_fd(fileno(stderr), BIO_NOCLOSE);
ERR_print_errors(fd_out);
}
orsa->n=orsa->e=NULL;
RSA_free(orsa);
return n;
}
void RSACipher::cipher(const std::vector<unsigned char>& src, std::vector<unsigned char>& dest, const AsymmetricKey& key, KeyCompound key_compound)
{
const RSAKey& rsakey = static_cast<const RSAKey&>(key);
int len = 0;
size_t sumlen = 0;
size_t blen = RSA_size(rsakey.d_rsa.get()) - 11;
size_t c = (src.size() / blen) + 1;
dest.resize(RSA_size(rsakey.d_rsa.get()) * c);
for (size_t offset = 0; offset < src.size(); offset += blen)
{
if (blen + offset > src.size())
{
blen = src.size() - offset;
}
if (key_compound == KC_PUBLIC)
{
len = RSA_public_encrypt(static_cast<int>(blen), &src[offset], &dest[sumlen], rsakey.d_rsa.get(), RSA_PKCS1_PADDING);
}
else
{
len = RSA_private_encrypt(static_cast<int>(blen), &src[offset], &dest[sumlen], rsakey.d_rsa.get(), RSA_PKCS1_PADDING);
}
EXCEPTION_ASSERT_WITH_LOG(len >= 0, OpenSSLException, "RSA public encrypt failed");
sumlen += len;
}
dest.resize(sumlen);
}
static void rsa_public_encrypt(BIGNUM *out, BIGNUM *in, RSA *key)
{
u_char *inbuf, *outbuf;
int32 len, ilen, olen;
olen = BN_num_bytes(key->n);
outbuf = malloc(olen);
if (outbuf == NULL) /* oops, couldn't allocate memory */
return;
ilen = BN_num_bytes(in);
inbuf = malloc(ilen);
if (inbuf == NULL) { /* oops, couldn't allocate memory */
SAFE_FREE(outbuf);
return;
}
BN_bn2bin(in, inbuf);
len = RSA_public_encrypt(ilen, inbuf, outbuf, key, RSA_PKCS1_PADDING);
if (len != -1)
BN_bin2bn(outbuf, len, out);
free(outbuf);
free(inbuf);
}
static int ssl_rsa_public_encrypt(SESS_CERT *sc, int len, unsigned char *from,
unsigned char *to, int padding)
{
EVP_PKEY *pkey=NULL;
int i= -1;
if ((sc == NULL) || (sc->peer_key->x509 == NULL) ||
((pkey=X509_get_pubkey(sc->peer_key->x509)) == NULL))
{
SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT,SSL_R_NO_PUBLICKEY);
return(-1);
}
if (pkey->type != EVP_PKEY_RSA)
{
SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT,SSL_R_PUBLIC_KEY_IS_NOT_RSA);
goto end;
}
/* we have the public key */
i=RSA_public_encrypt(len,from,to,pkey->pkey.rsa,padding);
if (i < 0)
SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT,ERR_R_RSA_LIB);
end:
EVP_PKEY_free(pkey);
return(i);
}
void
rsa_public_encrypt(BIGNUM *out, BIGNUM *in, RSA *key)
{
u_char *inbuf, *outbuf;
int len, ilen, olen;
if (BN_num_bits(key->e) < 2 || !BN_is_odd(key->e))
fatal("rsa_public_encrypt() exponent too small or not odd");
olen = BN_num_bytes(key->n);
outbuf = xmalloc(olen);
ilen = BN_num_bytes(in);
inbuf = xmalloc(ilen);
BN_bn2bin(in, inbuf);
if ((len = RSA_public_encrypt(ilen, inbuf, outbuf, key,
RSA_PKCS1_PADDING)) <= 0)
fatal("rsa_public_encrypt() failed");
if (BN_bin2bn(outbuf, len, out) == NULL)
fatal("rsa_public_encrypt: BN_bin2bn failed");
explicit_bzero(outbuf, olen);
explicit_bzero(inbuf, ilen);
free(outbuf);
free(inbuf);
}
ndn_Error
ndn_RsaPublicKey_encrypt
(const struct ndn_RsaPublicKey *self, const uint8_t *plainData,
size_t plainDataLength, ndn_EncryptAlgorithmType algorithmType,
uint8_t *encryptedData, size_t *encryptedDataLength)
{
int padding;
int outputLength;
if (algorithmType == ndn_EncryptAlgorithmType_RsaPkcs)
padding = RSA_PKCS1_PADDING;
else if (algorithmType == ndn_EncryptAlgorithmType_RsaOaep)
padding = RSA_PKCS1_OAEP_PADDING;
else
return NDN_ERROR_Unsupported_algorithm_type;
outputLength = RSA_public_encrypt
((int)plainDataLength, (unsigned char *)plainData,
(unsigned char*)encryptedData, self->publicKey, padding);
if (outputLength < 0)
return NDN_ERROR_Error_in_encrypt_operation;
*encryptedDataLength = outputLength;
return NDN_ERROR_success;
}
biginteger OpenSSLRSAPermutation::computeRSA(biginteger elementP) {
ERR_load_crypto_strings();
//SSL_load_error_strings();
// Seed the random geneartor.
#ifdef _WIN32
RAND_screen(); // only defined for windows, reseeds from screen contents
#else
RAND_poll(); // reseeds using hardware state (clock, interrupts, etc).
#endif
// Allocate a new byte array to hold the output.
int size = RSA_size(rsa);
std::shared_ptr<byte> ret(new byte[size], std::default_delete<byte[]>());
size_t encodedSize = bytesCount(elementP);
std::shared_ptr<byte> encodedBi(new byte[encodedSize], std::default_delete<byte[]>());
encodeBigInteger(elementP, encodedBi.get(), encodedSize);
int success = RSA_public_encrypt(encodedSize, encodedBi.get(), ret.get(), rsa, RSA_NO_PADDING);
if (-1 == success)
{
string error(ERR_reason_error_string(ERR_get_error()));
throw runtime_error("failed to compute rsa " + error);
}
biginteger result = decodeBigInteger(ret.get(), size);
return result;
}
STRING *ssh_encrypt_rsa1(SSH_SESSION *session, STRING *data, PUBLIC_KEY *key){
int len=string_len(data);
#ifdef HAVE_LIBGCRYPT
STRING *ret;
gcry_sexp_t ret_sexp;
gcry_sexp_t data_sexp;
const char *tmp;
size_t size;
gcry_sexp_build(&data_sexp,NULL,"(data(flags pkcs1)(value %b))",len,data->string);
gcry_pk_encrypt(&ret_sexp,data_sexp,key->rsa_pub);
gcry_sexp_release(data_sexp);
data_sexp=gcry_sexp_find_token(ret_sexp,"a",0);
tmp=gcry_sexp_nth_data(data_sexp,1,&size);
if (*tmp == 0)
{
size--;
tmp++;
}
ret=string_new(size);
string_fill(ret,(char *)tmp,size);
gcry_sexp_release(ret_sexp);
#elif defined HAVE_LIBCRYPTO
int flen=RSA_size(key->rsa_pub);
STRING *ret=string_new(flen);
RSA_public_encrypt(len,data->string,ret->string,key->rsa_pub,
RSA_PKCS1_PADDING);
#endif
return ret;
}
std::vector<byte> DofusRSA::LoginPKeyEncrypt(std::vector<byte> credentials)
{
char * LoginPublicKeyByte = (char *) malloc(LoginPublicKey.size());
strcpy(LoginPublicKeyByte, LoginPublicKey.c_str());
BIO *bp_login = BIO_new_mem_buf(LoginPublicKeyByte, -1);
RSA *my_second_rsa = PEM_read_bio_RSA_PUBKEY(bp_login, NULL, NULL, NULL);
byte *pinputCredentials, *poutputCredentials;
pinputCredentials = (byte*) malloc(5000);
poutputCredentials = (byte*) malloc(5000);
pinputCredentials = reinterpret_cast<byte*> (&credentials[0]);
int buflen = RSA_public_encrypt(credentials.size(), pinputCredentials, poutputCredentials, my_second_rsa, RSA_PKCS1_PADDING);
if (buflen == -1)
{
char *buferr = new char[120];
for (int i = 0; i < 120; i++)
buferr[i] = 0;
buferr = ERR_error_string(ERR_get_error(), buferr);
qDebug() << buferr;
return credentials;
}
std::vector<byte> outputCredentialsVector(poutputCredentials, poutputCredentials+buflen);
return outputCredentialsVector;
}
bool RSAipher::Encrypt(const std::string& in, std::string& out)
{
if(!IsValid())
return false;
int32 nLeft = int32(in.length());
const unsigned char* pIn = (const unsigned char *)in.c_str();
do
{
memset( m_ptr0, 0, m_nRSALen);
memset( m_ptr1, 0, m_nRSALen);
const int32 inLen = nLeft > m_nRSALen - RSA_PKCS1_PADDING_SIZE ? m_nRSALen - RSA_PKCS1_PADDING_SIZE : nLeft;
memcpy( m_ptr0, pIn, inLen);
int32 nRetLen = IsPubKey() ?
RSA_public_encrypt( inLen, m_ptr0, m_ptr1, m_pKey, RSA_PKCS1_PADDING) :
RSA_private_encrypt( inLen, m_ptr0, m_ptr1, m_pKey, RSA_PKCS1_PADDING);
if( nRetLen < 0 )
break;
nLeft -= inLen;
pIn += inLen;
out += inLen;
} while ( nLeft > 0);
return nLeft <= 0;
}
char *my_encrypt(char *str,const char *path_key){
char *p_en;
RSA *p_rsa;
FILE *file;
int flen,rsa_len;
if((file=fopen(path_key,"r"))==NULL){
perror("open key file error");
return NULL;
}
if((p_rsa=PEM_read_RSA_PUBKEY(file,NULL,NULL,NULL))==NULL){
//if((p_rsa=PEM_read_RSAPublicKey(file,NULL,NULL,NULL))==NULL){ 换成这句死活通不过,无论是否将公钥分离源文件
ERR_print_errors_fp(stdout);
return NULL;
}
flen=strlen(str);
rsa_len=RSA_size(p_rsa);
p_en=(char *)malloc(rsa_len+1);
memset(p_en,0,rsa_len+1);
if(RSA_public_encrypt(rsa_len,(unsigned char *)str,(unsigned char*)p_en,p_rsa,RSA_NO_PADDING)<0){
return NULL;
}
RSA_free(p_rsa);
printf("length = %d\n",rsa_len+1);
fclose(file);
return p_en;
}
int
generate_challenge(char **r_challenge, char **r_response, RSA * rsa)
{
unsigned char secret[32], *tmp;
unsigned long length, ret;
if(!rsa)
return -1;
if(get_randomness(secret, 32) == 0)
{
report_crypto_errors();
return -1;
}
*r_response = MyMalloc(65);
binary_to_hex(secret, *r_response, 32);
length = RSA_size(rsa);
tmp = MyMalloc(length);
ret = RSA_public_encrypt(32, secret, tmp, rsa, RSA_PKCS1_PADDING);
*r_challenge = MyMalloc((length << 1) + 1);
binary_to_hex(tmp, *r_challenge, length);
(*r_challenge)[length << 1] = 0;
MyFree(tmp);
if(ret < 0)
{
report_crypto_errors();
return (-1);
}
return (0);
}
static int __ast_encrypt_bin(unsigned char *dst, const unsigned char *src, int srclen, struct ast_key *key)
{
int res;
int bytes;
int pos = 0;
if (key->ktype != AST_KEY_PUBLIC) {
ast_log(LOG_WARNING, "Cannot encrypt with a private key\n");
return -1;
}
while(srclen) {
bytes = srclen;
if (bytes > 128 - 41)
bytes = 128 - 41;
/* Process chunks 128-41 bytes at a time */
res = RSA_public_encrypt(bytes, src, dst, key->rsa, RSA_PKCS1_OAEP_PADDING);
if (res != 128) {
ast_log(LOG_NOTICE, "How odd, encrypted size is %d\n", res);
return -1;
}
src += bytes;
srclen -= bytes;
pos += res;
dst += res;
}
return pos;
}
int encrypt_with_public_key(RSA* pubkey,unsigned char* plaintext,unsigned char* ciphertext,int len){
int encrypt_len=RSA_public_encrypt(len,plaintext,ciphertext,pubkey,RSA_PKCS1_PADDING);
if(encrypt_len==-1){
printf("Error encrypting with public key\n");
}
return encrypt_len;
}
int fips_check_rsa(RSA *rsa)
{
const unsigned char tbs[] = "RSA Pairwise Check Data";
unsigned char *ctbuf = NULL, *ptbuf = NULL;
int len, ret = 0;
EVP_PKEY pk;
pk.type = EVP_PKEY_RSA;
pk.pkey.rsa = rsa;
/* Perform pairwise consistency signature test */
if (!fips_pkey_signature_test(FIPS_TEST_PAIRWISE, &pk, tbs, 0,
NULL, 0, NULL, RSA_PKCS1_PADDING, NULL)
|| !fips_pkey_signature_test(FIPS_TEST_PAIRWISE, &pk, tbs, 0,
NULL, 0, NULL, RSA_X931_PADDING, NULL)
|| !fips_pkey_signature_test(FIPS_TEST_PAIRWISE, &pk, tbs, 0,
NULL, 0, NULL, RSA_PKCS1_PSS_PADDING, NULL))
goto err;
/* Now perform pairwise consistency encrypt/decrypt test */
ctbuf = OPENSSL_malloc(RSA_size(rsa));
if (!ctbuf)
goto err;
len = RSA_public_encrypt(sizeof(tbs) - 1, tbs, ctbuf, rsa, RSA_PKCS1_PADDING);
if (len <= 0)
goto err;
/* Check ciphertext doesn't match plaintext */
if ((len == (sizeof(tbs) - 1)) && !memcmp(tbs, ctbuf, len))
goto err;
ptbuf = OPENSSL_malloc(RSA_size(rsa));
if (!ptbuf)
goto err;
len = RSA_private_decrypt(len, ctbuf, ptbuf, rsa, RSA_PKCS1_PADDING);
if (len != (sizeof(tbs) - 1))
goto err;
if (memcmp(ptbuf, tbs, len))
goto err;
ret = 1;
if (!ptbuf)
goto err;
err:
if (ret == 0)
{
fips_set_selftest_fail();
FIPSerr(FIPS_F_FIPS_CHECK_RSA,FIPS_R_PAIRWISE_TEST_FAILED);
}
if (ctbuf)
OPENSSL_free(ctbuf);
if (ptbuf)
OPENSSL_free(ptbuf);
return ret;
}
int Encrypt(int flen, const uint8_t* from, uint8_t* to) {
if (!rsa)
return -1;
if (ispub)
return RSA_public_encrypt(flen, from, to, rsa, RSA_PKCS1_PADDING);
return RSA_private_encrypt(flen, from, to, rsa, RSA_PKCS1_PADDING);
}
