static void check_keys (gcry_sexp_t pkey, gcry_sexp_t skey, unsigned int nbits_data, gpg_err_code_t decrypt_fail_code) { gcry_sexp_t plain; gcry_mpi_t x; int rc; /* Create plain text. */ x = gcry_mpi_new (nbits_data); gcry_mpi_randomize (x, nbits_data, GCRY_WEAK_RANDOM); rc = gcry_sexp_build (&plain, NULL, "(data (flags raw) (value %m))", x); if (rc) die ("converting data for encryption failed: %s\n", gcry_strerror (rc)); check_keys_crypt (pkey, skey, plain, decrypt_fail_code); gcry_sexp_release (plain); gcry_mpi_release (x); /* Create plain text. */ x = gcry_mpi_new (nbits_data); gcry_mpi_randomize (x, nbits_data, GCRY_WEAK_RANDOM); rc = gcry_sexp_build (&plain, NULL, "(data (flags raw no-blinding) (value %m))", x); gcry_mpi_release (x); if (rc) die ("converting data for encryption failed: %s\n", gcry_strerror (rc)); check_keys_crypt (pkey, skey, plain, decrypt_fail_code); gcry_sexp_release (plain); }
int _libssh2_dsa_sha1_verify(libssh2_dsa_ctx * dsactx, const unsigned char *sig, const unsigned char *m, unsigned long m_len) { unsigned char hash[SHA_DIGEST_LENGTH + 1]; gcry_sexp_t s_sig, s_hash; int rc = -1; libssh2_sha1(m, m_len, hash + 1); hash[0] = 0; if(gcry_sexp_build(&s_hash, NULL, "(data(flags raw)(value %b))", SHA_DIGEST_LENGTH + 1, hash)) { return -1; } if(gcry_sexp_build(&s_sig, NULL, "(sig-val(dsa(r %b)(s %b)))", 20, sig, 20, sig + 20)) { gcry_sexp_release(s_hash); return -1; } rc = gcry_pk_verify(s_sig, s_hash, dsactx); gcry_sexp_release(s_sig); gcry_sexp_release(s_hash); return (rc == 0) ? 0 : -1; }
int _libssh2_dsa_new(libssh2_dsa_ctx ** dsactx, const unsigned char *p, unsigned long p_len, const unsigned char *q, unsigned long q_len, const unsigned char *g, unsigned long g_len, const unsigned char *y, unsigned long y_len, const unsigned char *x, unsigned long x_len) { int rc; if(x_len) { rc = gcry_sexp_build (dsactx, NULL, "(private-key(dsa(p%b)(q%b)(g%b)(y%b)(x%b)))", p_len, p, q_len, q, g_len, g, y_len, y, x_len, x); } else { rc = gcry_sexp_build(dsactx, NULL, "(public-key(dsa(p%b)(q%b)(g%b)(y%b)))", p_len, p, q_len, q, g_len, g, y_len, y); } if(rc) { *dsactx = NULL; return -1; } return 0; }
static cdk_error_t pubenc_to_sexp (gcry_sexp_t * r_sexp, cdk_pkt_pubkey_enc_t enc) { gcry_sexp_t sexp = NULL; gcry_error_t err; const char *fmt; if (!r_sexp || !enc) return CDK_Inv_Value; *r_sexp = NULL; if (is_RSA (enc->pubkey_algo)) { fmt = "(enc-val(openpgp-rsa((a%m))))"; err = gcry_sexp_build (&sexp, NULL, fmt, enc->mpi[0]); } else if (is_ELG (enc->pubkey_algo)) { fmt = "(enc-val(openpgp-elg((a%m)(b%m))))"; err = gcry_sexp_build (&sexp, NULL, fmt, enc->mpi[0], enc->mpi[1]); } else return CDK_Inv_Algo; if (err) return map_gcry_error (err); *r_sexp = sexp; return 0; }
int _libssh2_rsa_sha1_verify(libssh2_rsa_ctx * rsa, const unsigned char *sig, unsigned long sig_len, const unsigned char *m, unsigned long m_len) { unsigned char hash[SHA_DIGEST_LENGTH]; gcry_sexp_t s_sig, s_hash; int rc = -1; libssh2_sha1(m, m_len, hash); rc = gcry_sexp_build(&s_hash, NULL, "(data (flags pkcs1) (hash sha1 %b))", SHA_DIGEST_LENGTH, hash); if(rc != 0) { return -1; } rc = gcry_sexp_build(&s_sig, NULL, "(sig-val(rsa(s %b)))", sig_len, sig); if(rc != 0) { gcry_sexp_release(s_hash); return -1; } rc = gcry_pk_verify(s_sig, s_hash, rsa); gcry_sexp_release(s_sig); gcry_sexp_release(s_hash); return (rc == 0) ? 0 : -1; }
static cdk_error_t sig_to_sexp (gcry_sexp_t *r_sig_sexp, cdk_pkt_signature_t sig) { gcry_error_t err; cdk_error_t rc; const char *fmt; if (!r_sig_sexp || !sig) return CDK_Inv_Value; if (is_ELG (sig->pubkey_algo)) return CDK_Not_Implemented; rc = 0; if (is_RSA (sig->pubkey_algo)) { fmt = "(sig-val(openpgp-rsa(s%m)))"; err = gcry_sexp_build (r_sig_sexp, NULL, fmt, sig->mpi[0]); if (err) rc = map_gcry_error (err); } else if (is_DSA (sig->pubkey_algo)) { fmt = "(sig-val(openpgp-dsa(r%m)(s%m)))"; err = gcry_sexp_build (r_sig_sexp, NULL, fmt, sig->mpi[0], sig->mpi[1]); if (err) rc = map_gcry_error (err); } else rc = CDK_Inv_Algo; return rc; }
/* Verify a signature on data using a public key. The data must be * small enough to be signed (i.e. already hashed, if necessary). */ gcry_error_t otrl_privkey_verify(const unsigned char *sigbuf, size_t siglen, unsigned short pubkey_type, gcry_sexp_t pubs, const unsigned char *data, size_t len) { gcry_error_t err; gcry_mpi_t datampi,r,s; gcry_sexp_t datas, sigs; if (pubkey_type != OTRL_PUBKEY_TYPE_DSA || siglen != 40) return gcry_error(GPG_ERR_INV_VALUE); if (len) { gcry_mpi_scan(&datampi, GCRYMPI_FMT_USG, data, len, NULL); } else { datampi = gcry_mpi_set_ui(NULL, 0); } gcry_sexp_build(&datas, NULL, "(%m)", datampi); gcry_mpi_release(datampi); gcry_mpi_scan(&r, GCRYMPI_FMT_USG, sigbuf, 20, NULL); gcry_mpi_scan(&s, GCRYMPI_FMT_USG, sigbuf+20, 20, NULL); gcry_sexp_build(&sigs, NULL, "(sig-val (dsa (r %m)(s %m)))", r, s); gcry_mpi_release(r); gcry_mpi_release(s); err = gcry_pk_verify(sigs, datas, pubs); gcry_sexp_release(datas); gcry_sexp_release(sigs); return err; }
static int generate_subkey( cdk_keygen_ctx_t hd ) { gcry_sexp_t s_params = NULL, s_key; size_t n = hd->key[1].len; int rc; if( !hd ) return CDK_Inv_Value; if( is_DSA( hd->key[1].algo) ) rc = gcry_sexp_build( &s_params, NULL, "(genkey(dsa(nbits %d)))", n ); else if( is_ELG( hd->key[1].algo) ) rc = gcry_sexp_build( &s_params, NULL, "(genkey(elg(nbits %d)))", n ); else if( is_RSA( hd->key[1].algo) ) rc = gcry_sexp_build( &s_params, NULL, "(genkey(rsa(nbits %d)))", n ); else rc = CDK_Inv_Algo; if( !rc ) rc = gcry_pk_genkey( &s_key, s_params ); gcry_sexp_release( s_params ); if( !rc ) { if( is_DSA( hd->key[1].algo) ) rc = read_dsa_key( s_key, hd->key[1].resarr ); else if( is_ELG( hd->key[1].algo) ) rc = read_elg_key( s_key, hd->key[1].resarr ); else if( is_RSA( hd->key[1].algo) ) rc = read_rsa_key( s_key, hd->key[1].resarr ); } hd->key[1].n = cdk_pk_get_npkey( hd->key[1].algo ); gcry_sexp_release( s_key ); return rc; }
/* this function signs the session id */ STRING *ssh_sign_session_id(SSH_SESSION *session, PRIVATE_KEY *privatekey){ SHACTX ctx; unsigned char hash[SHA_DIGEST_LEN+1]; SIGNATURE *sign; STRING *signature; CRYPTO *crypto=session->current_crypto?session->current_crypto:session->next_crypto; #ifdef HAVE_LIBGCRYPT gcry_sexp_t data_sexp; #endif ctx=sha1_init(); sha1_update(ctx,crypto->session_id,SHA_DIGEST_LEN); sha1_final(hash+1,ctx); hash[0]=0; #ifdef DEBUG_CRYPTO ssh_print_hexa("Hash being signed with dsa",hash+1,SHA_DIGEST_LEN); #endif sign=malloc(sizeof(SIGNATURE)); switch(privatekey->type){ case TYPE_DSS: #ifdef HAVE_LIBGCRYPT gcry_sexp_build(&data_sexp,NULL,"%b",SHA_DIGEST_LEN+1,hash); gcry_pk_sign(&sign->dsa_sign,data_sexp,privatekey->dsa_priv); #elif defined HAVE_LIBCRYPTO sign->dsa_sign=DSA_do_sign(hash+1,SHA_DIGEST_LEN,privatekey->dsa_priv); #ifdef DEBUG_CRYPTO ssh_print_bignum("r",sign->dsa_sign->r); ssh_print_bignum("s",sign->dsa_sign->s); #endif #endif sign->rsa_sign=NULL; break; case TYPE_RSA: #ifdef HAVE_LIBGCRYPT gcry_sexp_build(&data_sexp,NULL,"(data(flags pkcs1)(hash sha1 %b))",SHA_DIGEST_LEN,hash+1); gcry_pk_sign(&sign->rsa_sign,data_sexp,privatekey->rsa_priv); #elif defined HAVE_LIBCRYPTO sign->rsa_sign=RSA_do_sign(hash+1,SHA_DIGEST_LEN,privatekey->rsa_priv); #endif sign->dsa_sign=NULL; break; } #ifdef HAVE_LIBGCRYPT gcry_sexp_release(data_sexp); #endif sign->type=privatekey->type; if(!sign->dsa_sign && !sign->rsa_sign){ #ifdef HAVE_LIBGCRYPT ssh_set_error(session,SSH_FATAL,"Signing : libgcrypt error"); #elif defined HAVE_LIBCRYPTO ssh_set_error(session,SSH_FATAL,"Signing : openssl error"); #endif signature_free(sign); return NULL; } signature=signature_to_string(sign); signature_free(sign); return signature; }
/* * Verify an OpenPGP signature made on some SHA-1 hash, with some DSA public key */ int verify_signature( uint8_t *p_r, uint8_t *p_s, public_key_packet_t *p_key, uint8_t *p_hash ) { /* the data to be verified (a SHA-1 hash) */ const char *hash_sexp_s = "(data(flags raw)(value %m))"; /* the public key */ const char *key_sexp_s = "(public-key(dsa(p %m)(q %m)(g %m)(y %m)))"; /* the signature */ const char *sig_sexp_s = "(sig-val(dsa(r %m )(s %m )))"; size_t erroff; gcry_mpi_t p, q, g, y, r, s, hash; p = q = g = y = r = s = hash = NULL; gcry_sexp_t key_sexp, hash_sexp, sig_sexp; key_sexp = hash_sexp = sig_sexp = NULL; int i_p_len = mpi_len( p_key->p ); int i_q_len = mpi_len( p_key->q ); int i_g_len = mpi_len( p_key->g ); int i_y_len = mpi_len( p_key->y ); if( gcry_mpi_scan( &p, GCRYMPI_FMT_USG, p_key->p + 2, i_p_len, NULL ) || gcry_mpi_scan( &q, GCRYMPI_FMT_USG, p_key->q + 2, i_q_len, NULL ) || gcry_mpi_scan( &g, GCRYMPI_FMT_USG, p_key->g + 2, i_g_len, NULL ) || gcry_mpi_scan( &y, GCRYMPI_FMT_USG, p_key->y + 2, i_y_len, NULL ) || gcry_sexp_build( &key_sexp, &erroff, key_sexp_s, p, q, g, y ) ) goto problem; int i_r_len = mpi_len( p_r ); int i_s_len = mpi_len( p_s ); if( gcry_mpi_scan( &r, GCRYMPI_FMT_USG, p_r + 2, i_r_len, NULL ) || gcry_mpi_scan( &s, GCRYMPI_FMT_USG, p_s + 2, i_s_len, NULL ) || gcry_sexp_build( &sig_sexp, &erroff, sig_sexp_s, r, s ) ) goto problem; int i_hash_len = 20; if( gcry_mpi_scan( &hash, GCRYMPI_FMT_USG, p_hash, i_hash_len, NULL ) || gcry_sexp_build( &hash_sexp, &erroff, hash_sexp_s, hash ) ) goto problem; if( gcry_pk_verify( sig_sexp, hash_sexp, key_sexp ) ) goto problem; return VLC_SUCCESS; problem: if( p ) gcry_mpi_release( p ); if( q ) gcry_mpi_release( q ); if( g ) gcry_mpi_release( g ); if( y ) gcry_mpi_release( y ); if( r ) gcry_mpi_release( r ); if( s ) gcry_mpi_release( s ); if( hash ) gcry_mpi_release( hash ); if( key_sexp ) gcry_sexp_release( key_sexp ); if( sig_sexp ) gcry_sexp_release( sig_sexp ); if( hash_sexp ) gcry_sexp_release( hash_sexp ); return VLC_EGENERIC; }
void crypto_rsa_encrypt(int len, uint8 * in, uint8 * out, uint32 modulus_size, uint8 * modulus, uint8 * exponent) { /* GnuTLS do not expose raw RSA, so we use the underlying gcrypt lib instead */ ASSERT(modulus_size <= SEC_MAX_MODULUS_SIZE); gcry_mpi_t m; gcry_error_t rc = gcry_mpi_scan(&m, GCRYMPI_FMT_USG, modulus, modulus_size, NULL); ASSERT(!rc); gcry_mpi_t e; rc = gcry_mpi_scan(&e, GCRYMPI_FMT_USG, exponent, SEC_EXPONENT_SIZE, NULL); gcry_sexp_t publickey_sexp; rc = gcry_sexp_build(&publickey_sexp, NULL, "(public-key(rsa(n%m)(e%m)))", m, e); ASSERT(!rc); gcry_mpi_release(m); gcry_mpi_release(e); gcry_mpi_t in_gcry; rc = gcry_mpi_scan(&in_gcry, GCRYMPI_FMT_USG, in, len, NULL); ASSERT(!rc); gcry_sexp_t in_sexp; rc = gcry_sexp_build(&in_sexp, NULL, "%m", in_gcry); ASSERT(!rc); gcry_sexp_t out_sexp; rc = gcry_pk_encrypt(&out_sexp, in_sexp, publickey_sexp); ASSERT(!rc); gcry_sexp_t out_list_sexp; out_list_sexp = gcry_sexp_find_token(out_sexp, "a", 0); ASSERT(out_list_sexp); gcry_mpi_t out_gcry = gcry_sexp_nth_mpi(out_list_sexp, 1, GCRYMPI_FMT_NONE); ASSERT(out_gcry); size_t s; rc = gcry_mpi_print(GCRYMPI_FMT_USG, out, modulus_size, &s, out_gcry); ASSERT(!rc); ASSERT(s == modulus_size); gcry_mpi_release(out_gcry); gcry_sexp_release(out_list_sexp); gcry_mpi_release(in_gcry); gcry_sexp_release(out_sexp); gcry_sexp_release(in_sexp); gcry_sexp_release(publickey_sexp); }
/* * Verify an OpenPGP signature made with some RSA public key */ static int verify_signature_rsa( signature_packet_t *sign, public_key_packet_t *p_key, uint8_t *p_hash ) { int ret = VLC_EGENERIC; /* the data to be verified (a hash) */ const char *hash_sexp_s = "(data(flags raw)(value %m))"; /* the public key */ const char *key_sexp_s = "(public-key(rsa(n %m)(e %m)))"; /* the signature */ const char *sig_sexp_s = "(sig-val(rsa(s%m)))"; size_t erroff; gcry_mpi_t n, e, s, hash; n = e = s = hash = NULL; gcry_sexp_t key_sexp, hash_sexp, sig_sexp; key_sexp = hash_sexp = sig_sexp = NULL; int i_n_len = mpi_len( p_key->sig.rsa.n ); int i_e_len = mpi_len( p_key->sig.rsa.e ); if( gcry_mpi_scan( &n, GCRYMPI_FMT_USG, p_key->sig.rsa.n + 2, i_n_len, NULL ) || gcry_mpi_scan( &e, GCRYMPI_FMT_USG, p_key->sig.rsa.e + 2, i_e_len, NULL ) || gcry_sexp_build( &key_sexp, &erroff, key_sexp_s, n, e ) ) goto out; uint8_t *p_s = sign->algo_specific.rsa.s; int i_s_len = mpi_len( p_s ); if( gcry_mpi_scan( &s, GCRYMPI_FMT_USG, p_s + 2, i_s_len, NULL ) || gcry_sexp_build( &sig_sexp, &erroff, sig_sexp_s, s ) ) goto out; if( rsa_pkcs1_encode_sig (&hash, i_n_len, p_hash, sign->digest_algo) || gcry_sexp_build( &hash_sexp, &erroff, hash_sexp_s, hash ) ) goto out; if( gcry_pk_verify( sig_sexp, hash_sexp, key_sexp ) ) goto out; ret = VLC_SUCCESS; out: if( n ) gcry_mpi_release( n ); if( e ) gcry_mpi_release( e ); if( s ) gcry_mpi_release( s ); if( hash ) gcry_mpi_release( hash ); if( key_sexp ) gcry_sexp_release( key_sexp ); if( sig_sexp ) gcry_sexp_release( sig_sexp ); if( hash_sexp ) gcry_sexp_release( hash_sexp ); return ret; }
CK_RV gkm_dsa_mechanism_verify (gcry_sexp_t sexp, CK_BYTE_PTR data, CK_ULONG n_data, CK_BYTE_PTR signature, CK_ULONG n_signature) { gcry_sexp_t ssig, splain; gcry_error_t gcry; gcry_mpi_t mpi, mpi2; g_return_val_if_fail (sexp, CKR_GENERAL_ERROR); g_return_val_if_fail (signature, CKR_ARGUMENTS_BAD); g_return_val_if_fail (data, CKR_ARGUMENTS_BAD); if (n_data != 20) return CKR_DATA_LEN_RANGE; if (n_signature != 40) return CKR_SIGNATURE_LEN_RANGE; /* Prepare the input s-expressions */ gcry = gcry_mpi_scan (&mpi, GCRYMPI_FMT_USG, data, n_data, NULL); g_return_val_if_fail (gcry == 0, CKR_GENERAL_ERROR); gcry = gcry_sexp_build (&splain, NULL, "(data (flags raw) (value %m))", mpi); gcry_mpi_release (mpi); g_return_val_if_fail (gcry == 0, CKR_GENERAL_ERROR); gcry = gcry_mpi_scan (&mpi, GCRYMPI_FMT_USG, signature, 20, NULL); g_return_val_if_fail (gcry == 0, CKR_GENERAL_ERROR); gcry = gcry_mpi_scan (&mpi2, GCRYMPI_FMT_USG, signature + 20, 20, NULL); g_return_val_if_fail (gcry == 0, CKR_GENERAL_ERROR); gcry = gcry_sexp_build (&ssig, NULL, "(sig-val (dsa (r %m) (s %m)))", mpi, mpi2); gcry_mpi_release (mpi); gcry_mpi_release (mpi2); g_return_val_if_fail (gcry == 0, CKR_GENERAL_ERROR); /* Do the magic */ gcry = gcry_pk_verify (ssig, splain, sexp); gcry_sexp_release (splain); gcry_sexp_release (ssig); /* TODO: See if any other codes should be mapped */ if (gcry_err_code (gcry) == GPG_ERR_BAD_SIGNATURE) { return CKR_SIGNATURE_INVALID; } else if (gcry) { g_message ("signing of the data failed: %s", gcry_strerror (gcry)); return CKR_FUNCTION_FAILED; } return CKR_OK; }
PUBLIC_KEY *publickey_make_rsa(SSH_SESSION *session, BUFFER *buffer, char *type){ STRING *e,*n; PUBLIC_KEY *key=malloc(sizeof(PUBLIC_KEY)); if(!strcmp(type,"ssh-rsa")) key->type=TYPE_RSA; else key->type=TYPE_RSA1; key->type_c=type; e=buffer_get_ssh_string(buffer); n=buffer_get_ssh_string(buffer); buffer_free(buffer); /* we don't need it anymore */ if(!e || !n){ ssh_set_error(session,SSH_FATAL,"Invalid RSA public key"); if(e) free(e); if(n) free(n); free(key); return NULL; } #ifdef HAVE_LIBGCRYPT gcry_sexp_build(&key->rsa_pub,NULL,"(public-key(rsa(n %b)(e %b)))",string_len(n),n->string,string_len(e),e->string); #elif HAVE_LIBCRYPTO key->rsa_pub=RSA_new(); key->rsa_pub->e=make_string_bn(e); key->rsa_pub->n=make_string_bn(n); #endif #ifdef DEBUG_CRYPTO ssh_print_hexa("e",e->string,string_len(e)); ssh_print_hexa("n",n->string,string_len(n)); #endif free(e); free(n); return key; }
/** * Extract the public key of the given private key. * * @param priv the private key * @retur NULL on error, otherwise the public key */ struct GNUNET_CRYPTO_rsa_PublicKey * GNUNET_CRYPTO_rsa_private_key_get_public (const struct GNUNET_CRYPTO_rsa_PrivateKey *priv) { struct GNUNET_CRYPTO_rsa_PublicKey *pub; gcry_mpi_t ne[2]; int rc; gcry_sexp_t result; rc = key_from_sexp (ne, priv->sexp, "public-key", "ne"); if (0 != rc) rc = key_from_sexp (ne, priv->sexp, "private-key", "ne"); if (0 != rc) rc = key_from_sexp (ne, priv->sexp, "rsa", "ne"); if (0 != rc) { GNUNET_break_op (0); return NULL; } rc = gcry_sexp_build (&result, NULL, "(public-key(rsa(n %m)(e %m)))", ne[0], ne[1]); gcry_mpi_release (ne[0]); gcry_mpi_release (ne[1]); pub = GNUNET_new (struct GNUNET_CRYPTO_rsa_PublicKey); pub->sexp = result; return pub; }
STRING *ssh_encrypt_rsa1(SSH_SESSION *session, STRING *data, PUBLIC_KEY *key){ int len=string_len(data); #ifdef HAVE_LIBGCRYPT STRING *ret; gcry_sexp_t ret_sexp; gcry_sexp_t data_sexp; const char *tmp; size_t size; gcry_sexp_build(&data_sexp,NULL,"(data(flags pkcs1)(value %b))",len,data->string); gcry_pk_encrypt(&ret_sexp,data_sexp,key->rsa_pub); gcry_sexp_release(data_sexp); data_sexp=gcry_sexp_find_token(ret_sexp,"a",0); tmp=gcry_sexp_nth_data(data_sexp,1,&size); if (*tmp == 0) { size--; tmp++; } ret=string_new(size); string_fill(ret,(char *)tmp,size); gcry_sexp_release(ret_sexp); #elif defined HAVE_LIBCRYPTO int flen=RSA_size(key->rsa_pub); STRING *ret=string_new(flen); RSA_public_encrypt(len,data->string,ret->string,key->rsa_pub, RSA_PKCS1_PADDING); #endif return ret; }
static cdk_error_t digest_to_sexp (gcry_sexp_t *r_md_sexp, int digest_algo, const byte *md, size_t mdlen) { gcry_mpi_t m; gcry_error_t err; if (!r_md_sexp || !md) return CDK_Inv_Value; if (!mdlen) mdlen = gcry_md_get_algo_dlen (digest_algo); if (!mdlen) return CDK_Inv_Algo; err = gcry_mpi_scan (&m, GCRYMPI_FMT_USG, md, mdlen, &mdlen); if (err) return map_gcry_error (err); err = gcry_sexp_build (r_md_sexp, NULL, "%m", m); gcry_mpi_release (m); if (err) return map_gcry_error (err); return 0; }
int jwk2prikey (const json_t *jwk, gcry_sexp_t *prikey) { assert (NULL != jwk); assert (NULL != prikey); int rc = -1; json_t *j_d = json_object_get(jwk, "d"); uint8_t *d; size_t d_len; if (NULL == j_d) return rc; d_len = base64url_decode_alloc (json_string_value (j_d), strlen (json_string_value (j_d)), (char **)&d); if (d_len <= 0 || d_len > 256) goto OUT; rc = gcry_sexp_build (prikey, NULL, "(private-key\n" " (ecdsa\n" " (curve \"NIST P-256\")\n" " (d %b)" "))", d_len, d); OUT: free (d); return rc; }
static int tagcrypt_key_gen (gcry_sexp_t *key_pair, int size) { gcry_sexp_t param; gcry_error_t err; err = gcry_sexp_build (¶m, NULL, "(6:genkey(3:rsa(5:nbits%d)))", size); if (err) { GCRY_CRITICAL (gcry_strerror (err)); goto ERR; } err = gcry_pk_genkey (key_pair, param); if (err) { GCRY_CRITICAL (gcry_strerror (err)); goto ERR; } gcry_sexp_release(param); return 0; ERR: if (param) gcry_sexp_release (param); return -1; }
short verify(char *public_key, char *document, char *signature){ gcry_error_t error; gcry_mpi_t r_mpi; if ((error = gcry_mpi_scan(&r_mpi, GCRYMPI_FMT_HEX, document, 0, NULL))) { printf("Error in gcry_mpi_scan() in encrypt(): %s\nSource: %s\n", gcry_strerror(error), gcry_strsource(error)); exit(1); } gcry_sexp_t data; size_t erroff; if ((error = gcry_sexp_build(&data, &erroff, "(data (flags raw) (value %m))", r_mpi))) { printf("Error in gcry_sexp_build() in sign() at %ld: %s\nSource: %s\n", erroff, gcry_strerror(error), gcry_strsource(error)); exit(1); } gcry_sexp_t sig = sexp_new(signature); gcry_sexp_t public_sexp = sexp_new(public_key); short good_sig = 1; struct timeval timer; timer_start(&timer); if ((error = gcry_pk_verify(sig, data, public_sexp))) { if (gcry_err_code(error) != GPG_ERR_BAD_SIGNATURE) { printf("Error in gcry_pk_verify(): %s\nSource: %s\n", gcry_strerror(error), gcry_strsource(error)); exit(1); } good_sig = 0; } timer_poll("libgcrypt Verify: %d.%06d seconds\n", &timer); return good_sig; }
static gboolean read_public_dsa (EggBuffer *req, gsize *offset, gcry_sexp_t *sexp) { gcry_mpi_t p, q, g, y; int gcry; if (!read_mpi (req, offset, &p) || !read_mpi (req, offset, &q) || !read_mpi (req, offset, &g) || !read_mpi (req, offset, &y)) return FALSE; gcry = gcry_sexp_build (sexp, NULL, SEXP_PUBLIC_DSA, p, q, g, y); if (gcry) { g_warning ("couldn't parse incoming public DSA key: %s", gcry_strerror (gcry)); return FALSE; } gcry_mpi_release (p); gcry_mpi_release (q); gcry_mpi_release (g); gcry_mpi_release (y); return TRUE; }
void serialize_point(struct gotr_point *buf, const size_t len, const gcry_mpi_point_t p) { gcry_sexp_t s; gcry_ctx_t ctx; gcry_error_t rc; gcry_mpi_t q; gotr_assert(buf && len >= SERIALIZED_POINT_LEN); rc = gcry_sexp_build(&s, NULL, "(public-key(ecc(curve " CURVE ")))"); gotr_assert_gpgerr(rc); gotr_assert(NULL != s); rc = gcry_mpi_ec_new(&ctx, s, NULL); gotr_assert_gpgerr(rc); gcry_sexp_release(s); rc = gcry_mpi_ec_set_point("q", p, ctx); gotr_assert_gpgerr(rc); q = gcry_mpi_ec_get_mpi("q@eddsa", ctx, 0); gotr_assert(NULL != q); gcry_ctx_release(ctx); gotr_mpi_print_unsigned(buf, len, q); gcry_mpi_release(q); }
char* sign(char *private_key, char *document){ gcry_error_t error; gcry_mpi_t r_mpi; if ((error = gcry_mpi_scan(&r_mpi, GCRYMPI_FMT_HEX, document, 0, NULL))) { printf("Error in gcry_mpi_scan() in encrypt(): %s\nSource: %s\n", gcry_strerror(error), gcry_strsource(error)); exit(1); } gcry_sexp_t data; size_t erroff; if ((error = gcry_sexp_build(&data, &erroff, "(data (flags raw) (value %m))", r_mpi))) { printf("Error in gcry_sexp_build() in sign() at %ld: %s\nSource: %s\n", erroff, gcry_strerror(error), gcry_strsource(error)); exit(1); } gcry_sexp_t private_sexp = sexp_new(private_key); gcry_sexp_t r_sig; struct timeval timer; timer_start(&timer); if ((error = gcry_pk_sign(&r_sig, data, private_sexp))) { printf("Error in gcry_pk_sign(): %s\nSource: %s\n", gcry_strerror(error), gcry_strsource(error)); exit(1); } timer_poll("libgcrypt Sign: %d.%06d seconds\n", &timer); return sexp_string(r_sig); }
char* encrypt(rsa_packet * packet, char *public_key, char *plaintext){ gcry_error_t error; gcry_mpi_t r_mpi; if ((error = gcry_mpi_scan(&r_mpi, GCRYMPI_FMT_HEX, plaintext, 0, NULL))) { printf("Error in gcry_mpi_scan() in encrypt(): %s\nSource: %s\n", gcry_strerror(error), gcry_strsource(error)); exit(1); } gcry_sexp_t data; size_t erroff; if ((error = gcry_sexp_build(&data, &erroff, "(data (flags raw) (value %m))", r_mpi))) { printf("Error in gcry_sexp_build() in encrypt() at %ld: %s\nSource: %s\n", erroff, gcry_strerror(error), gcry_strsource(error)); exit(1); } gcry_sexp_t public_sexp = sexp_new(public_key); gcry_sexp_t r_ciph; struct timeval timer; timer_start(&timer); if ((error = gcry_pk_encrypt(&r_ciph, data, public_sexp))) { printf("Error in gcry_pk_encrypt(): %s\nSource: %s\n", gcry_strerror(error), gcry_strsource(error)); exit(1); } timer_poll("\nSoftware encrypt: %d.%06d seconds\n", &timer); gcry_sexp_t cipher_sexp = gcry_sexp_cdr(gcry_sexp_find_token(r_ciph, "a", 1)); gcry_mpi_t cipher_mpi = gcry_sexp_nth_mpi(cipher_sexp, 0, GCRYMPI_FMT_USG); gcry_mpi_print(GCRYMPI_FMT_USG, packet->ciphertext, 256, &packet->cipher_len, cipher_mpi); return sexp_string(r_ciph); }
static void genkey (int algo) { gcry_sexp_t s_key = NULL, s_param = NULL; gsti_error_t err; gsti_key_t key; const char * s; int nbits = 1024; algo = SSH_PK_RSA; /* XXX */ switch (algo) { case SSH_PK_DSS: s = "(genkey(dsa(nbits %d)))"; break; case SSH_PK_RSA: s = "(genkey(rsa(nbits %d)))"; break; default: printf ("invalid pk algo '%d'\n", algo); return; } err = gcry_sexp_build (&s_param, NULL, s, nbits); if (!err) err = gcry_pk_genkey (&s_key, s_param); if (err) printf ("genkey: %s\n", gsti_strerror (err)); gcry_sexp_release (s_param); gcry_sexp_dump (s_key); gsti_key_from_sexp (s_key, &key); gcry_sexp_release (s_key); gsti_key_save (RSA_PUBKEY, 0, key); gsti_key_save (RSA_SECKEY, 1, key); gsti_key_free (key); }
CK_RV gkm_dsa_mechanism_sign (gcry_sexp_t sexp, CK_BYTE_PTR data, CK_ULONG n_data, CK_BYTE_PTR signature, CK_ULONG_PTR n_signature) { gcry_sexp_t ssig, splain; gcry_error_t gcry; gcry_mpi_t mpi; CK_ULONG size; CK_RV rv; g_return_val_if_fail (sexp, CKR_GENERAL_ERROR); g_return_val_if_fail (n_signature, CKR_ARGUMENTS_BAD); g_return_val_if_fail (data, CKR_ARGUMENTS_BAD); if (n_data != 20) return CKR_DATA_LEN_RANGE; /* If no output, then don't process */ if (!signature) { *n_signature = 40; return CKR_OK; } else if (*n_signature < 40) { *n_signature = 40; return CKR_BUFFER_TOO_SMALL; } /* Prepare the input s-expression */ gcry = gcry_mpi_scan (&mpi, GCRYMPI_FMT_USG, data, n_data, NULL); g_return_val_if_fail (gcry == 0, CKR_GENERAL_ERROR); gcry = gcry_sexp_build (&splain, NULL, "(data (flags raw) (value %m))", mpi); gcry_mpi_release (mpi); g_return_val_if_fail (gcry == 0, CKR_GENERAL_ERROR); /* Do the magic */ gcry = gcry_pk_sign (&ssig, splain, sexp); gcry_sexp_release (splain); /* TODO: Certain codes should be returned (data too big etc... ) */ if (gcry) { g_message ("signing of the data failed: %s", gcry_strerror (gcry)); return CKR_FUNCTION_FAILED; } g_assert (*n_signature >= 40); size = 20; rv = gkm_crypto_sexp_to_data (ssig, 20 * 8, signature, &size, NULL, "dsa", "r", NULL); if (rv == CKR_OK) { g_return_val_if_fail (size == 20, CKR_GENERAL_ERROR); rv = gkm_crypto_sexp_to_data (ssig, 20 * 8, signature + 20, &size, NULL, "dsa", "s", NULL); if (rv == CKR_OK) { g_return_val_if_fail (size == 20, CKR_GENERAL_ERROR); *n_signature = 40; } } gcry_sexp_release (ssig); return CKR_OK; }
static int read_dsa_privatekey(FILE *fp, gcry_sexp_t *r, ssh_auth_callback cb, void *userdata, const char *desc) { ssh_buffer buffer = NULL; ssh_string p = NULL; ssh_string q = NULL; ssh_string g = NULL; ssh_string y = NULL; ssh_string x = NULL; ssh_string v = NULL; int rc = 1; buffer = privatekey_file_to_buffer(fp, TYPE_DSS, cb, userdata, desc); if (buffer == NULL) { return 0; } if (!asn1_check_sequence(buffer)) { buffer_free(buffer); return 0; } v = asn1_get_int(buffer); if (ntohl(v->size) != 1 || v->string[0] != 0) { buffer_free(buffer); return 0; } p = asn1_get_int(buffer); q = asn1_get_int(buffer); g = asn1_get_int(buffer); y = asn1_get_int(buffer); x = asn1_get_int(buffer); buffer_free(buffer); if (p == NULL || q == NULL || g == NULL || y == NULL || x == NULL) { rc = 0; goto error; } if (gcry_sexp_build(r, NULL, "(private-key(dsa(p %b)(q %b)(g %b)(y %b)(x %b)))", ntohl(p->size), p->string, ntohl(q->size), q->string, ntohl(g->size), g->string, ntohl(y->size), y->string, ntohl(x->size), x->string)) { rc = 0; } error: string_free(p); string_free(q); string_free(g); string_free(y); string_free(x); string_free(v); return rc; }
pub_t::pub_t(const n_t& n, const e_t& e) throw(exception) { error_t err = gcry_sexp_build( &m_key.native(), NULL, "(public-key(rsa(n%m)(e%d)))", n.native(), e ); if ( GPG_ERR_NO_ERROR != err ) { throw exception( err ); } }
int p2p_sign(unsigned char *msg, size_t msglen, unsigned char *buf, size_t buflen, gcry_sexp_t d_key) { gcry_sexp_t data; size_t err; gcry_sexp_build(&data, &err, "(data (flags pkcs1) (hash sha256 %b))", msglen, msg); gcry_sexp_dump(data); return 0; }
/** Convert X.509 RSA public key into gcrypt internal sexp form. Only RSA public keys are accepted at the moment. The resul is stored in *sexp, which must be freed (using ) when not needed anymore. *sexp must be NULL on entry, since it is overwritten. */ gpg_err_code_t keyutil_get_cert_sexp ( unsigned char *der, size_t len, gcry_sexp_t *p_sexp ) { gpg_err_code_t error = GPG_ERR_GENERAL; gcry_mpi_t n_mpi = NULL; gcry_mpi_t e_mpi = NULL; gcry_sexp_t sexp = NULL; if ( (error = keyutil_get_cert_mpi ( der, len, &n_mpi, &e_mpi )) != GPG_ERR_NO_ERROR ) { goto cleanup; } if ( gcry_sexp_build ( &sexp, NULL, "(public-key (rsa (n %m) (e %m)))", n_mpi, e_mpi ) ) { error = GPG_ERR_BAD_KEY; goto cleanup; } *p_sexp = sexp; sexp = NULL; error = GPG_ERR_NO_ERROR; cleanup: if (n_mpi != NULL) { gcry_mpi_release (n_mpi); n_mpi = NULL; } if (e_mpi != NULL) { gcry_mpi_release (e_mpi); e_mpi = NULL; } if (sexp != NULL) { gcry_sexp_release (sexp); sexp = NULL; } return error; }