KBNODE
make_mpi_comment_node( const char *s, gcry_mpi_t a )
{
PACKET *pkt;
byte *buf, *pp;
size_t n1, nb1;
size_t n = strlen(s);
nb1 = mpi_get_nbits( a );
if (gcry_mpi_print (GCRYMPI_FMT_PGP, NULL, 0, &n1, a))
BUG ();
/* fixme: allocate it on the stack */
buf = xmalloc (n1);
if (gcry_mpi_print (GCRYMPI_FMT_PGP, buf, n1, &n1, a))
BUG ();
pkt = xcalloc (1, sizeof *pkt );
pkt->pkttype = PKT_COMMENT;
pkt->pkt.comment = xmalloc ( sizeof *pkt->pkt.comment + n + 2 + n1 );
pkt->pkt.comment->len = n+1+2+n1;
pp = pkt->pkt.comment->data;
memcpy(pp, s, n+1);
memcpy(pp+n+1, buf, n1 );
xfree (buf);
return new_kbnode( pkt );
}
/* Turn VALUE into an octet string and store it in an allocated buffer
at R_FRAME. If the resulting octet string is shorter than NBYTES
the result will be left padded with zeroes. If VALUE does not fit
into NBYTES an error code is returned. */
static gpg_err_code_t
int2octets (unsigned char **r_frame, gcry_mpi_t value, size_t nbytes)
{
gpg_err_code_t rc;
size_t nframe, noff, n;
unsigned char *frame;
rc = gpg_err_code (gcry_mpi_print (GCRYMPI_FMT_USG, NULL, 0,
&nframe, value));
if (rc)
return rc;
if (nframe > nbytes)
return GPG_ERR_TOO_LARGE; /* Value too long to fit into NBYTES. */
noff = (nframe < nbytes)? nbytes - nframe : 0;
n = nframe + noff;
frame = mpi_is_secure (value)? gcry_malloc_secure (n) : gcry_malloc (n);
if (!frame)
return gpg_err_code_from_syserror ();
if (noff)
memset (frame, 0, noff);
nframe += noff;
rc = gpg_err_code (gcry_mpi_print (GCRYMPI_FMT_USG, frame+noff, nframe-noff,
NULL, value));
if (rc)
{
gcry_free (frame);
return rc;
}
*r_frame = frame;
return 0;
}
int main(int argc, char **argv)
{
unsigned char *argbuf;
size_t argbuflen;
gcry_mpi_t our_x, our_y, their_y;
unsigned char *pubbuf;
size_t publen;
unsigned char sessionid[20], sendenc[16], rcvenc[16];
unsigned char sendmac[20], rcvmac[20];
int is_high;
if (argc != 3) {
usage(argv[0]);
}
argv_to_buf(&argbuf, &argbuflen, argv[1]);
/* Private keys are only 320 bits long, so check for that to make
* sure they didn't get the args the wrong way around */
if (!argbuf || argbuflen > 40) usage(argv[0]);
gcry_mpi_scan(&our_x, GCRYMPI_FMT_USG, argbuf, argbuflen, NULL);
free(argbuf);
argv_to_buf(&argbuf, &argbuflen, argv[2]);
if (!argbuf) usage(argv[0]);
gcry_mpi_scan(&their_y, GCRYMPI_FMT_USG, argbuf, argbuflen, NULL);
free(argbuf);
sesskeys_gen(sessionid, sendenc, rcvenc, &is_high, &our_y, our_x, their_y);
sesskeys_make_mac(sendmac, sendenc);
sesskeys_make_mac(rcvmac, rcvenc);
/* Print our public key into a buffer */
gcry_mpi_print(GCRYMPI_FMT_USG, NULL, 0, &publen, our_y);
pubbuf = malloc(publen);
if (!pubbuf) {
fprintf(stderr, "Out of memory!\n");
exit(1);
}
gcry_mpi_print(GCRYMPI_FMT_USG, pubbuf, publen, NULL, our_y);
puts("");
printf("We are the %s end of this key exchange.\n",
is_high ? "high" : "low");
puts("");
dump_data(stdout, "Our public key", pubbuf, publen);
puts("");
dump_data(stdout, "Session id", sessionid, 20);
puts("");
dump_data(stdout, "Sending AES key", sendenc, 16);
dump_data(stdout, "Sending MAC key", sendmac, 20);
dump_data(stdout, "Receiving AES key", rcvenc, 16);
dump_data(stdout, "Receiving MAC key", rcvmac, 20);
puts("");
fflush(stdout);
return 0;
}
/* Dump an mpi to a FILE * */
void dump_mpi(FILE *stream, const char *title, gcry_mpi_t val)
{
size_t plen;
unsigned char *d;
gcry_mpi_print(GCRYMPI_FMT_USG, NULL, 0, &plen, val);
d = malloc(plen);
gcry_mpi_print(GCRYMPI_FMT_USG, d, plen, NULL, val);
dump_data(stream, title, d, plen);
free(d);
}
void print_mpi(gcry_mpi_t to_print)
{
unsigned char *buf;
size_t s;
gcry_mpi_print(GCRYMPI_FMT_HEX,NULL,0,&s,to_print);
buf = malloc(s+2);
gcry_mpi_print(GCRYMPI_FMT_HEX,buf,s,NULL,to_print);
buf[s-1]='\n';
buf[s]='\0';
fprintf(stderr, buf);
}
static libspectrum_error
serialise_mpis( libspectrum_byte **signature, size_t *signature_length,
gcry_mpi_t r, gcry_mpi_t s )
{
gcry_error_t error;
size_t length, length_s;
unsigned char *ptr;
error = gcry_mpi_print( GCRYMPI_FMT_PGP, NULL, 0, &length, r );
if( error ) {
libspectrum_print_error( LIBSPECTRUM_ERROR_LOGIC,
"serialise_mpis: length of r: %s",
gcry_strerror( error ) );
return LIBSPECTRUM_ERROR_LOGIC;
}
error = gcry_mpi_print( GCRYMPI_FMT_PGP, NULL, 0, &length_s, s );
if( error ) {
libspectrum_print_error( LIBSPECTRUM_ERROR_LOGIC,
"serialise_mpis: length of s: %s",
gcry_strerror( error ) );
return LIBSPECTRUM_ERROR_LOGIC;
}
length += length_s; *signature_length = length;
*signature = libspectrum_malloc( length );
error = gcry_mpi_print( GCRYMPI_FMT_PGP, *signature, length, &length, r );
if( error ) {
libspectrum_print_error( LIBSPECTRUM_ERROR_LOGIC,
"serialise_mpis: printing r: %s",
gcry_strerror( error ) );
libspectrum_free( *signature );
return LIBSPECTRUM_ERROR_LOGIC;
}
ptr = *signature + length; length = *signature_length - length;
error = gcry_mpi_print( GCRYMPI_FMT_PGP, ptr, length, NULL, s );
if( error ) {
libspectrum_print_error( LIBSPECTRUM_ERROR_LOGIC,
"serialise_mpis: printing s: %s",
gcry_strerror( error ) );
libspectrum_free( *signature );
return LIBSPECTRUM_ERROR_LOGIC;
}
return LIBSPECTRUM_ERROR_NONE;
}
/**
* Output the given MPI value to the given buffer in
* network byte order.
* The MPI @a val may not be negative.
*
* @param buf where to output to
* @param size number of bytes in @a buf
* @param val value to write to @a buf
*/
void
GNUNET_CRYPTO_mpi_print_unsigned (void *buf,
size_t size,
gcry_mpi_t val)
{
size_t rsize;
if (gcry_mpi_get_flag (val, GCRYMPI_FLAG_OPAQUE))
{
/* Store opaque MPIs left aligned into the buffer. */
unsigned int nbits;
const void *p;
p = gcry_mpi_get_opaque (val, &nbits);
GNUNET_assert (p);
rsize = (nbits+7)/8;
if (rsize > size)
rsize = size;
memcpy (buf, p, rsize);
if (rsize < size)
memset (buf+rsize, 0, size - rsize);
}
else
{
/* Store regular MPIs as unsigned integers right aligned into
the buffer. */
rsize = size;
GNUNET_assert (0 ==
gcry_mpi_print (GCRYMPI_FMT_USG, buf, rsize, &rsize,
val));
adjust (buf, rsize, size);
}
}
/*output this number*/
void mpiOut2(gcry_mpi_t value)
{ int i=0;
char buffer[1024/8],buffer2[1024/8]; //buffer for the output
gcry_randomize (buffer, 1024/8, GCRY_STRONG_RANDOM);
printf("\n random buffer: ");
for (i = 0; i<1024/8; i++){
if(i%32==0)
printf("\n");
printf("%0u", (unsigned char)buffer[i]);
}
printf("\n");
gcry_mpi_t test;
test=gcry_mpi_snew(1024/8);
gcry_mpi_scan(&test,GCRYMPI_FMT_STD,buffer,sizeof(buffer),NULL);
gcry_mpi_print(GCRYMPI_FMT_STD,buffer2,sizeof(buffer2),NULL,test); //converts the MPI to a writable buffer
printf("\n random buffer2:\n");
for (i = 0; i<1024/8; i++){
if(i%32==0)
printf("\n");
printf("%0u", (unsigned char)buffer2[i]);
}
printf("\n test");
}
/**
* cdk_pk_get_keyid:
* @pk: the public key
* @keyid: buffer to store the key ID
*
* Calculate the key ID of the given public key.
**/
u32
cdk_pk_get_keyid (cdk_pubkey_t pk, u32 *keyid)
{
u32 lowbits = 0;
byte buf[24];
if (pk && (!pk->keyid[0] || !pk->keyid[1]))
{
if (pk->version < 4 && is_RSA (pk->pubkey_algo))
{
byte p[MAX_MPI_BYTES];
size_t n;
gcry_mpi_print (GCRYMPI_FMT_USG, p, MAX_MPI_BYTES, &n, pk->mpi[0]);
pk->keyid[0] = p[n-8] << 24 | p[n-7] << 16 | p[n-6] << 8 | p[n-5];
pk->keyid[1] = p[n-4] << 24 | p[n-3] << 16 | p[n-2] << 8 | p[n-1];
}
else if (pk->version == 4)
{
cdk_pk_get_fingerprint (pk, buf);
pk->keyid[0] = _cdk_buftou32 (buf + 12);
pk->keyid[1] = _cdk_buftou32 (buf + 16);
}
}
lowbits = pk ? pk->keyid[1] : 0;
if (keyid && pk)
{
keyid[0] = pk->keyid[0];
keyid[1] = pk->keyid[1];
}
return lowbits;
}
/*
* Write the mpi A to OUT.
*/
gpg_error_t
gpg_mpi_write (iobuf_t out, gcry_mpi_t a)
{
int rc;
if (gcry_mpi_get_flag (a, GCRYMPI_FLAG_OPAQUE))
{
unsigned int nbits;
const void *p;
p = gcry_mpi_get_opaque (a, &nbits);
rc = iobuf_write (out, p, (nbits+7)/8);
}
else
{
char buffer[(MAX_EXTERN_MPI_BITS+7)/8+2]; /* 2 is for the mpi length. */
size_t nbytes;
nbytes = DIM(buffer);
rc = gcry_mpi_print (GCRYMPI_FMT_PGP, buffer, nbytes, &nbytes, a );
if( !rc )
rc = iobuf_write( out, buffer, nbytes );
else if (gpg_err_code(rc) == GPG_ERR_TOO_SHORT )
{
log_info ("mpi too large (%u bits)\n", gcry_mpi_get_nbits (a));
/* The buffer was too small. We better tell the user about the MPI. */
rc = gpg_error (GPG_ERR_TOO_LARGE);
}
}
return rc;
}
gcry_error_t
jsapi_privkey_get_dsa_token(OtrlPrivKey *keyToExport, const char* token,
unsigned char *buffer, size_t buflen, size_t *nbytes)
{
gcry_error_t err;
gcry_mpi_t x;
gcry_sexp_t dsas,xs;
size_t nx;
gcry_sexp_t privkey = keyToExport->privkey;
dsas = gcry_sexp_find_token(privkey, "dsa", 0);
if (dsas == NULL) {
return gcry_error(GPG_ERR_UNUSABLE_SECKEY);
}
xs = gcry_sexp_find_token(dsas, token, 0);
gcry_sexp_release(dsas);
if (!xs) return gcry_error(GPG_ERR_UNUSABLE_SECKEY);
x = gcry_sexp_nth_mpi(xs, 1, GCRYMPI_FMT_USG);
gcry_sexp_release(xs);
if (!x) return gcry_error(GPG_ERR_UNUSABLE_SECKEY);
err = gcry_mpi_print(GCRYMPI_FMT_HEX, buffer,buflen,nbytes,x);
gcry_mpi_release(x);
return err;
}
char* encrypt(rsa_packet * packet, char *public_key, char *plaintext){
gcry_error_t error;
gcry_mpi_t r_mpi;
if ((error = gcry_mpi_scan(&r_mpi, GCRYMPI_FMT_HEX, plaintext, 0, NULL))) {
printf("Error in gcry_mpi_scan() in encrypt(): %s\nSource: %s\n", gcry_strerror(error), gcry_strsource(error));
exit(1);
}
gcry_sexp_t data;
size_t erroff;
if ((error = gcry_sexp_build(&data, &erroff, "(data (flags raw) (value %m))", r_mpi))) {
printf("Error in gcry_sexp_build() in encrypt() at %ld: %s\nSource: %s\n", erroff, gcry_strerror(error), gcry_strsource(error));
exit(1);
}
gcry_sexp_t public_sexp = sexp_new(public_key);
gcry_sexp_t r_ciph;
struct timeval timer;
timer_start(&timer);
if ((error = gcry_pk_encrypt(&r_ciph, data, public_sexp))) {
printf("Error in gcry_pk_encrypt(): %s\nSource: %s\n", gcry_strerror(error), gcry_strsource(error));
exit(1);
}
timer_poll("\nSoftware encrypt: %d.%06d seconds\n", &timer);
gcry_sexp_t cipher_sexp = gcry_sexp_cdr(gcry_sexp_find_token(r_ciph, "a", 1));
gcry_mpi_t cipher_mpi = gcry_sexp_nth_mpi(cipher_sexp, 0, GCRYMPI_FMT_USG);
gcry_mpi_print(GCRYMPI_FMT_USG, packet->ciphertext, 256, &packet->cipher_len, cipher_mpi);
return sexp_string(r_ciph);
}
int32_t ZrtpDH::computeSecretKey(uint8_t *pubKeyBytes, uint8_t *secret) {
int32_t length = getDhSize();
gcryptCtx* tmpCtx = static_cast<gcryptCtx*>(ctx);
gcry_mpi_t pubKeyOther;
gcry_mpi_t sec = gcry_mpi_new(0);
gcry_mpi_scan(&pubKeyOther, GCRYMPI_FMT_USG, pubKeyBytes, length, NULL);
if (pkType == DH2K) {
gcry_mpi_powm(sec, pubKeyOther, tmpCtx->privKey, bnP2048);
}
else if (pkType == DH3K) {
gcry_mpi_powm(sec, pubKeyOther, tmpCtx->privKey, bnP3072);
}
else {
// gcry_mpi_powm(sec, pubKeyOther, tmpCtx->privKey, bnP4096);
return 0;
}
gcry_mpi_release(pubKeyOther);
size_t result;
gcry_mpi_print(GCRYMPI_FMT_USG, secret, length, &result, sec);
gcry_mpi_release(sec);
return result;
}
gpointer
egg_dh_gen_secret (gcry_mpi_t peer, gcry_mpi_t priv,
gcry_mpi_t prime, gsize *bytes)
{
gcry_error_t gcry;
guchar *value;
gsize n_value;
gcry_mpi_t k;
gint bits;
g_return_val_if_fail (peer, NULL);
g_return_val_if_fail (priv, NULL);
g_return_val_if_fail (prime, NULL);
bits = gcry_mpi_get_nbits (prime);
g_return_val_if_fail (bits >= 0, NULL);
k = gcry_mpi_snew (bits);
g_return_val_if_fail (k, NULL);
gcry_mpi_powm (k, peer, priv, prime);
/* Write out the secret */
gcry = gcry_mpi_print (GCRYMPI_FMT_USG, NULL, 0, &n_value, k);
g_return_val_if_fail (gcry == 0, NULL);
value = egg_secure_alloc (n_value);
gcry = gcry_mpi_print (GCRYMPI_FMT_USG, value, n_value, &n_value, k);
g_return_val_if_fail (gcry == 0, NULL);
#if DEBUG_DH_SECRET
g_printerr ("DH SECRET: ");
gcry_mpi_dump (k);
gcry_mpi_release (k);
#endif
*bytes = n_value;
#if DEBUG_DH_SECRET
gcry_mpi_scan (&k, GCRYMPI_FMT_USG, value, bytes, NULL);
g_printerr ("RAW SECRET: ");
gcry_mpi_dump (k);
gcry_mpi_release (k);
#endif
return value;
}
/*
* print mpi to std out
*/
void mpi_print(gcry_mpi_t x) {
unsigned char buf[10000];
size_t nbytes = 0;
unsigned int i;
gcry_mpi_print(GCRYMPI_FMT_HEX, buf, sizeof(buf), &nbytes, x);
for (i = 0; i < nbytes - 1; i++)
printf("%c", buf[i]);
printf("\n");
}
/*
* Extract an MPI from the given s-expression SEXP named NAME which is
* encoded using INFORMAT and store it in a newly allocated ssh_string
* encoded using OUTFORMAT.
*/
ssh_string ssh_sexp_extract_mpi(const gcry_sexp_t sexp,
const char *name,
enum gcry_mpi_format informat,
enum gcry_mpi_format outformat)
{
gpg_error_t err;
ssh_string result = NULL;
gcry_sexp_t fragment = NULL;
gcry_mpi_t mpi = NULL;
size_t size;
fragment = gcry_sexp_find_token(sexp, name, 0);
if (fragment == NULL) {
goto fail;
}
mpi = gcry_sexp_nth_mpi(fragment, 1, informat);
if (mpi == NULL) {
goto fail;
}
err = gcry_mpi_print(outformat, NULL, 0, &size, mpi);
if (err != 0) {
goto fail;
}
result = ssh_string_new(size);
if (result == NULL) {
goto fail;
}
err = gcry_mpi_print(outformat, ssh_string_data(result), size, NULL, mpi);
if (err != 0) {
ssh_string_burn(result);
ssh_string_free(result);
result = NULL;
goto fail;
}
fail:
gcry_sexp_release(fragment);
gcry_mpi_release(mpi);
return result;
}
/* Sign data using a private key. The data must be small enough to be
* signed (i.e. already hashed, if necessary). The signature will be
* returned in *sigp, which the caller must free(). Its length will be
* returned in *siglenp. */
gcry_error_t otrl_privkey_sign(unsigned char **sigp, size_t *siglenp,
OtrlPrivKey *privkey, const unsigned char *data, size_t len)
{
gcry_mpi_t r,s, datampi;
gcry_sexp_t dsas, rs, ss, sigs, datas;
size_t nr, ns;
const enum gcry_mpi_format format = GCRYMPI_FMT_USG;
if (privkey->pubkey_type != OTRL_PUBKEY_TYPE_DSA)
return gcry_error(GPG_ERR_INV_VALUE);
*sigp = malloc(40);
if (sigp == NULL) return gcry_error(GPG_ERR_ENOMEM);
*siglenp = 40;
if (len) {
gcry_mpi_scan(&datampi, GCRYMPI_FMT_USG, data, len, NULL);
} else {
datampi = gcry_mpi_set_ui(NULL, 0);
}
gcry_sexp_build(&datas, NULL, "(%m)", datampi);
gcry_mpi_release(datampi);
gcry_pk_sign(&sigs, datas, privkey->privkey);
gcry_sexp_release(datas);
dsas = gcry_sexp_find_token(sigs, "dsa", 0);
gcry_sexp_release(sigs);
rs = gcry_sexp_find_token(dsas, "r", 0);
ss = gcry_sexp_find_token(dsas, "s", 0);
gcry_sexp_release(dsas);
r = gcry_sexp_nth_mpi(rs, 1, GCRYMPI_FMT_USG);
gcry_sexp_release(rs);
s = gcry_sexp_nth_mpi(ss, 1, GCRYMPI_FMT_USG);
gcry_sexp_release(ss);
gcry_mpi_print(format, NULL, 0, &nr, r);
gcry_mpi_print(format, NULL, 0, &ns, s);
memset(*sigp, 0, 40);
gcry_mpi_print(format, (*sigp)+(20-nr), nr, NULL, r);
gcry_mpi_print(format, (*sigp)+20+(20-ns), ns, NULL, s);
gcry_mpi_release(r);
gcry_mpi_release(s);
return gcry_error(GPG_ERR_NO_ERROR);
}
static guchar *
mpi_to_data (gcry_mpi_t mpi,
gsize *n_data)
{
gcry_error_t gcry;
guchar *data;
/* Get the size */
gcry = gcry_mpi_print (GCRYMPI_FMT_USG, NULL, 0, n_data, mpi);
g_return_val_if_fail (gcry == 0, NULL);
data = g_malloc0 (*n_data);
/* Write into buffer */
gcry = gcry_mpi_print (GCRYMPI_FMT_USG, data, *n_data, n_data, mpi);
g_return_val_if_fail (gcry == 0, NULL);
return data;
}
/* RESULT must have been initialized and is set on success to the
point given by VALUE. */
static gcry_error_t
os2ec (mpi_point_t *result, gcry_mpi_t value)
{
gcry_error_t err;
size_t n;
unsigned char *buf;
gcry_mpi_t x, y;
n = (mpi_get_nbits (value)+7)/8;
buf = gcry_xmalloc (n);
err = gcry_mpi_print (GCRYMPI_FMT_USG, buf, n, &n, value);
if (err)
{
gcry_free (buf);
return err;
}
if (n < 1)
{
gcry_free (buf);
return GPG_ERR_INV_OBJ;
}
if (*buf != 4)
{
gcry_free (buf);
return GPG_ERR_NOT_IMPLEMENTED; /* No support for point compression. */
}
if ( ((n-1)%2) )
{
gcry_free (buf);
return GPG_ERR_INV_OBJ;
}
n = (n-1)/2;
err = gcry_mpi_scan (&x, GCRYMPI_FMT_USG, buf+1, n, NULL);
if (err)
{
gcry_free (buf);
return err;
}
err = gcry_mpi_scan (&y, GCRYMPI_FMT_USG, buf+1+n, n, NULL);
gcry_free (buf);
if (err)
{
mpi_free (x);
return err;
}
mpi_set (result->x, x);
mpi_set (result->y, y);
mpi_set_ui (result->z, 1);
mpi_free (x);
mpi_free (y);
return 0;
}
static void
hash_mpi (gcry_md_hd_t md, gcry_mpi_t a)
{
byte buf[512];
size_t n;
if (gcry_mpi_print (GCRYMPI_FMT_SSH, buf, sizeof buf - 1, &n, a))
_gsti_log_info (0, "Oops: MPI too large for hashing\n");
else
gcry_md_write (md, buf, n);
}
static int
x25519_mpi(unsigned char *q, const unsigned char *n, gcry_mpi_t mpi_p)
{
unsigned char priv_be[32];
unsigned char result_be[32];
size_t result_len = 0;
gcry_mpi_t mpi = NULL;
gcry_ctx_t ctx = NULL;
gcry_mpi_point_t P = NULL;
gcry_mpi_point_t Q = NULL;
int r = -1;
/* Default to infinity (all zeroes). */
memset(q, 0, 32);
/* Keys are in little-endian, but gcry_mpi_scan expects big endian. Convert
* keys and ensure that the result is a valid Curve25519 secret scalar. */
copy_and_reverse(priv_be, n, 32);
priv_be[0] &= 127;
priv_be[0] |= 64;
priv_be[31] &= 248;
gcry_mpi_scan(&mpi, GCRYMPI_FMT_USG, priv_be, 32, NULL);
if (gcry_mpi_ec_new(&ctx, NULL, "Curve25519")) {
/* Should not happen, possibly out-of-memory. */
goto leave;
}
/* Compute Q = nP */
Q = gcry_mpi_point_new(0);
P = gcry_mpi_point_set(NULL, mpi_p, NULL, GCRYMPI_CONST_ONE);
gcry_mpi_ec_mul(Q, mpi, P, ctx);
/* Note: mpi is reused to store the result. */
if (gcry_mpi_ec_get_affine(mpi, NULL, Q, ctx)) {
/* Infinity. */
goto leave;
}
if (gcry_mpi_print(GCRYMPI_FMT_USG, result_be, 32, &result_len, mpi)) {
/* Should not happen, possibly out-of-memory. */
goto leave;
}
copy_and_reverse(q, result_be, result_len);
r = 0;
leave:
gcry_mpi_point_release(P);
gcry_mpi_point_release(Q);
gcry_ctx_release(ctx);
gcry_mpi_release(mpi);
/* XXX erase priv_be and result_be */
return r;
}
static void mpi_export(void *buf, size_t buflen, const gcry_mpi_t x) {
unsigned len;
size_t nwritten;
assert(gcry_mpi_cmp_ui(x, 0) >= 0);
len = (gcry_mpi_get_nbits(x) + 7) / 8;
assert(len <= buflen);
memset(buf, 0, buflen);
gcry_mpi_print(GCRYMPI_FMT_USG, buf + (buflen - len), len, &nwritten, x);
assert(nwritten == len);
}
void mpiOut(gcry_mpi_t value,size_t nbits)
{
int i=0;
char *buffer; //create a new buffer for the output
buffer=malloc(nbits/8); //allocate memory for the buffer, number of bits / 8 to generate byte
gcry_mpi_print(GCRYMPI_FMT_STD,buffer,sizeof(buffer),NULL,value); //converts the MPI to a writable buffer
for (i = 0; i<nbits; i++){ //printout numger
if(i%32==0)
printf("\n");
printf("%0u", (unsigned char)buffer[i]);
}
}
/*********************************************
************** interface ******************
*********************************************/
static gcry_mpi_t
ec2os (gcry_mpi_t x, gcry_mpi_t y, gcry_mpi_t p)
{
gpg_error_t err;
int pbytes = (mpi_get_nbits (p)+7)/8;
size_t n;
unsigned char *buf, *ptr;
gcry_mpi_t result;
buf = gcry_xmalloc ( 1 + 2*pbytes );
*buf = 04; /* Uncompressed point. */
ptr = buf+1;
err = gcry_mpi_print (GCRYMPI_FMT_USG, ptr, pbytes, &n, x);
if (err)
log_fatal ("mpi_print failed: %s\n", gpg_strerror (err));
if (n < pbytes)
{
memmove (ptr+(pbytes-n), ptr, n);
memset (ptr, 0, (pbytes-n));
}
ptr += pbytes;
err = gcry_mpi_print (GCRYMPI_FMT_USG, ptr, pbytes, &n, y);
if (err)
log_fatal ("mpi_print failed: %s\n", gpg_strerror (err));
if (n < pbytes)
{
memmove (ptr+(pbytes-n), ptr, n);
memset (ptr, 0, (pbytes-n));
}
err = gcry_mpi_scan (&result, GCRYMPI_FMT_USG, buf, 1+2*pbytes, NULL);
if (err)
log_fatal ("mpi_scan failed: %s\n", gpg_strerror (err));
gcry_free (buf);
mpi_free (x);
mpi_free (y);
return result;
}
static void
dump_mpi( gcry_mpi_t a )
{
char buffer[1000];
size_t n = 1000;
if( !a )
fputs("[no MPI]", stderr );
else if( gcry_mpi_print( GCRYMPI_FMT_HEX, buffer, &n, a ) )
fputs("[MPI too large to print]", stderr );
else
fputs( buffer, stderr );
}
gboolean
gkm_data_asn1_write_mpi (GNode *asn, gcry_mpi_t mpi)
{
gcry_error_t gcry;
gsize len;
guchar *buf;
g_return_val_if_fail (asn, FALSE);
g_return_val_if_fail (mpi, FALSE);
/* Get the size */
gcry = gcry_mpi_print (GCRYMPI_FMT_STD, NULL, 0, &len, mpi);
g_return_val_if_fail (gcry == 0, FALSE);
g_return_val_if_fail (len > 0, FALSE);
buf = gcry_calloc_secure (len, 1);
gcry = gcry_mpi_print (GCRYMPI_FMT_STD, buf, len, &len, mpi);
g_return_val_if_fail (gcry == 0, FALSE);
return egg_asn1x_set_integer_as_raw (asn, buf, len, gcry_free);
}
void serialize_mpi(char *outbuf, int outlen, enum disp_format df,
const gcry_mpi_t x)
{
switch(df) {
case DF_BIN: do {
int len = (gcry_mpi_get_nbits(x) + 7) / 8;
assert(len <= outlen);
memset(outbuf, 0, outlen - len);
gcry_mpi_print(GCRYMPI_FMT_USG, (unsigned char*)outbuf + (outlen - len),
len, NULL, x);
} while (0);
break;
case DF_COMPACT:
case DF_BASE36: do {
const char *digits = get_digits(df);
unsigned int digit_count = get_digit_count(df);
gcry_mpi_t base, Q, R;
int i;
base = gcry_mpi_set_ui(NULL, digit_count);
Q = gcry_mpi_copy(x);
R = gcry_mpi_snew(0);
for(i = outlen - 1; i >= 0; i--) {
unsigned char digit = 0;
gcry_mpi_div(Q, R, Q, base, 0);
gcry_mpi_print(GCRYMPI_FMT_USG, &digit, 1, NULL, R);
assert(digit < digit_count);
outbuf[i] = digits[digit];
}
assert(! gcry_mpi_cmp_ui(Q, 0));
gcry_mpi_release(base);
gcry_mpi_release(Q);
gcry_mpi_release(R);
} while(0);
break;
default:
assert(0);
}
}
void
crypto_rsa_encrypt(int len, uint8 * in, uint8 * out, uint32 modulus_size, uint8 * modulus, uint8 * exponent)
{
/* GnuTLS do not expose raw RSA, so we use the underlying gcrypt lib instead */
ASSERT(modulus_size <= SEC_MAX_MODULUS_SIZE);
gcry_mpi_t m;
gcry_error_t rc = gcry_mpi_scan(&m, GCRYMPI_FMT_USG, modulus, modulus_size, NULL);
ASSERT(!rc);
gcry_mpi_t e;
rc = gcry_mpi_scan(&e, GCRYMPI_FMT_USG, exponent, SEC_EXPONENT_SIZE, NULL);
gcry_sexp_t publickey_sexp;
rc = gcry_sexp_build(&publickey_sexp, NULL, "(public-key(rsa(n%m)(e%m)))", m, e);
ASSERT(!rc);
gcry_mpi_release(m);
gcry_mpi_release(e);
gcry_mpi_t in_gcry;
rc = gcry_mpi_scan(&in_gcry, GCRYMPI_FMT_USG, in, len, NULL);
ASSERT(!rc);
gcry_sexp_t in_sexp;
rc = gcry_sexp_build(&in_sexp, NULL, "%m", in_gcry);
ASSERT(!rc);
gcry_sexp_t out_sexp;
rc = gcry_pk_encrypt(&out_sexp, in_sexp, publickey_sexp);
ASSERT(!rc);
gcry_sexp_t out_list_sexp;
out_list_sexp = gcry_sexp_find_token(out_sexp, "a", 0);
ASSERT(out_list_sexp);
gcry_mpi_t out_gcry = gcry_sexp_nth_mpi(out_list_sexp, 1, GCRYMPI_FMT_NONE);
ASSERT(out_gcry);
size_t s;
rc = gcry_mpi_print(GCRYMPI_FMT_USG, out, modulus_size, &s, out_gcry);
ASSERT(!rc);
ASSERT(s == modulus_size);
gcry_mpi_release(out_gcry);
gcry_sexp_release(out_list_sexp);
gcry_mpi_release(in_gcry);
gcry_sexp_release(out_sexp);
gcry_sexp_release(in_sexp);
gcry_sexp_release(publickey_sexp);
}
int32_t ZrtpDH::getPubKeyBytes(uint8_t *buf) const
{
gcryptCtx* tmpCtx = static_cast<gcryptCtx*>(ctx);
int32_t len = getPubKeySize();
// get length of Dh in bytes, prepend buffer with zeros if necessary
int32_t prepend = getDhSize() - getPubKeySize();
if (prepend > 0) {
memset(buf, 0, prepend);
}
size_t i = 0;
gcry_mpi_print(GCRYMPI_FMT_USG, buf + prepend, len, &i, tmpCtx->pubKey);
return i;
}
/**
* Encode the blinding key in a format suitable for
* storing it into a file.
*
* @param bkey the blinding key
* @param[out] buffer set to a buffer with the encoded key
* @return size of memory allocated in @a buffer
*/
size_t
GNUNET_CRYPTO_rsa_blinding_key_encode (const struct GNUNET_CRYPTO_rsa_BlindingKey *bkey,
char **buffer)
{
size_t n;
char *b;
size_t rsize;
gcry_mpi_print (GCRYMPI_FMT_USG,
NULL,
0,
&n,
bkey->r);
b = GNUNET_malloc (n);
GNUNET_assert (0 ==
gcry_mpi_print (GCRYMPI_FMT_USG,
(unsigned char *) b,
n,
&rsize,
bkey->r));
*buffer = b;
return n;
}
