void DH_generate_key(DH_CTX *dh_ctx) { BI_CTX *bi_ctx = bi_initialize(); int len = dh_ctx->len; bigint *p = bi_import(bi_ctx, dh_ctx->p, len); //p modulus bigint *g = bi_import(bi_ctx, dh_ctx->g, dh_ctx->glen); //generator bigint *x, *gx; bi_permanent(g); //generate private key X get_random_NZ(len, dh_ctx->x); x = bi_import(bi_ctx, dh_ctx->x, len); bi_permanent(x); //calculate public key gx = g^x mod p bi_set_mod(bi_ctx, p, BIGINT_M_OFFSET); bi_ctx->mod_offset = BIGINT_M_OFFSET; gx = bi_mod_power(bi_ctx, g, x); bi_permanent(gx); bi_export(bi_ctx, x, dh_ctx->x, len); bi_export(bi_ctx, gx, dh_ctx->gx, len); bi_depermanent(g); bi_depermanent(x); bi_depermanent(gx); bi_free(bi_ctx, g); bi_free(bi_ctx, x); bi_free(bi_ctx, gx); bi_free_mod(bi_ctx, BIGINT_M_OFFSET); bi_terminate(bi_ctx); }
/** * Use PKCS1.5 for encryption/signing. * see http://www.rsasecurity.com/rsalabs/node.asp?id=2125 */ int RSA_encrypt(const RSA_CTX *ctx, const uint8_t *in_data, uint16_t in_len, uint8_t *out_data, int is_signing) { int byte_size = ctx->num_octets; int num_pads_needed = byte_size-in_len-3; bigint *dat_bi, *encrypt_bi; /* note: in_len+11 must be > byte_size */ out_data[0] = 0; /* ensure encryption block is < modulus */ if (is_signing) { out_data[1] = 1; /* PKCS1.5 signing pads with "0xff"'s */ memset(&out_data[2], 0xff, num_pads_needed); } else /* randomize the encryption padding with non-zero bytes */ { out_data[1] = 2; if (get_random_NZ(num_pads_needed, &out_data[2]) < 0) return -1; } out_data[2+num_pads_needed] = 0; memcpy(&out_data[3+num_pads_needed], in_data, in_len); /* now encrypt it */ dat_bi = bi_import(ctx->bi_ctx, out_data, byte_size); encrypt_bi = is_signing ? RSA_private(ctx, dat_bi) : RSA_public(ctx, dat_bi); bi_export(ctx->bi_ctx, encrypt_bi, out_data, byte_size); /* save a few bytes of memory */ bi_clear_cache(ctx->bi_ctx); return byte_size; }
/** * Use PKCS1.5 for encryption/signing. * see http://www.rsasecurity.com/rsalabs/node.asp?id=2125 */ int RSA_encrypt(const RSA_CTX *ctx, const uint8_t *in_data, uint16_t in_len, uint8_t *out_data, int is_signing) { int byte_size = ctx->num_octets;printf("byte_size:%d\n",byte_size); int num_pads_needed = byte_size-in_len-3;printf("num_pads_needed:%d\n",num_pads_needed); bigint *dat_bi, *encrypt_bi; /* note: in_len+11 must be > byte_size */ out_data[0] = 0; /* ensure encryption block is < modulus */ if (is_signing) { out_data[1] = 1; /* PKCS1.5 signing pads with "0xff"'s */ memset(&out_data[2], 0xff, num_pads_needed); } else /* randomize the encryption padding with non-zero bytes */ { out_data[1] = 2; get_random_NZ(num_pads_needed, &out_data[2]); } out_data[2+num_pads_needed] = 0; memcpy(&out_data[3+num_pads_needed], in_data, in_len); /* now encrypt it */ dat_bi = bi_import(ctx->bi_ctx, out_data, byte_size); bi_print("pre_dispose_data",dat_bi); encrypt_bi = is_signing ? RSA_private(ctx, dat_bi) : RSA_public(ctx, dat_bi); bi_export(ctx->bi_ctx, encrypt_bi, out_data, byte_size); int i=0; printf("encrypted message in uint8_t:"); for (i;i<byte_size;i++) printf("0x%02x ",out_data[i]); printf("\n\n"); return byte_size; }