int dldp_pInit(dldp_p* dp) { mpbzero(&dp->p); mpbzero(&dp->q); mpnzero(&dp->g); mpnzero(&dp->r); mpbzero(&dp->n); return 0; }
int decode_function_m31(char *publicKey1, char *publicKey2, char *encryptStr, int encryptStrLen, char *source) { mpnumber pubKey1, cipher, decipher; mpbarrett mpbar; unsigned char encryptStrHex[256+1]; char publicKey1Hex[256+1]; char temp[256+1]; unsigned char buff[1024]; memset(encryptStrHex, 0, 256+1); Str2Hex__((unsigned char*)encryptStr, 128, encryptStrHex); memset(publicKey1Hex, 0, 256+1); Str2Hex__((unsigned char*)publicKey1, 128, publicKey1Hex); mpnzero(&pubKey1); mpnzero(&cipher); mpnzero(&decipher); mpbzero(&mpbar); mpnsethex(&pubKey1, publicKey2); mpnsethex(&cipher, encryptStrHex); mpbsethex(&mpbar, publicKey1Hex); if( rsapub( &mpbar ,&pubKey1 , &cipher, &decipher) ) return -1; memset(temp, 0, 256+1); getHexFromMPW(decipher.size, decipher.data, temp); memset(buff, 0, 1024); Hex2Str__((unsigned char*)temp, 256, buff); memcpy(source, buff, 128); return 1; }
int dldp_pgoqMakeSafe(dldp_p* dp, randomGeneratorContext* rgc, size_t bits) { /* * Generate parameters with a safe prime; p = 2q+1 i.e. r=2 * */ register size_t size = MP_BITS_TO_WORDS(bits + MP_WBITS - 1); register mpw* temp = (mpw*) malloc((8*size+2) * sizeof(mpw)); if (temp) { /* generate p */ mpprndsafe_w(&dp->p, rgc, bits, mpptrials(bits), temp); /* set q */ mpcopy(size, temp, dp->p.modl); mpdivtwo(size, temp); mpbset(&dp->q, size, temp); /* set r = 2 */ mpnsetw(&dp->r, 2); /* clear n */ mpbzero(&dp->n); dldp_pgoqGenerator_w(dp, rgc, temp); free(temp); return 0; } return -1; }
int dldp_pgoqMake(dldp_p* dp, randomGeneratorContext* rgc, size_t pbits, size_t qbits, int cofactor) { /* * Generate parameters as described by IEEE P1363, A.16.1 */ register size_t psize = MP_BITS_TO_WORDS(pbits + MP_WBITS - 1); register mpw* temp = (mpw*) malloc((8*psize+2) * sizeof(mpw)); if (temp) { /* first generate q */ mpprnd_w(&dp->q, rgc, qbits, mpptrials(qbits), (const mpnumber*) 0, temp); /* generate p with the appropriate congruences */ mpprndconone_w(&dp->p, rgc, pbits, mpptrials(pbits), &dp->q, (const mpnumber*) 0, &dp->r, cofactor, temp); /* clear n */ mpbzero(&dp->n); /* clear g */ mpnzero(&dp->g); dldp_pgoqGenerator_w(dp, rgc, temp); free(temp); return 0; } return -1; }
void mpprndsafe_w(mpbarrett* p, randomGeneratorContext* rc, size_t bits, int t, mpw* wksp) { /* * Initialize with a probable safe prime of 'size' words, with probability factor t * * A safe prime p has the property that p = 2q+1, where q is also prime * Use for ElGamal type schemes, where a generator of order (p-1) is required */ size_t size = MP_BITS_TO_WORDS(bits + MP_WBITS - 1); mpbinit(p, size); if (p->modl != (mpw*) 0) { mpbarrett q; mpbzero(&q); mpbinit(&q, size); while (1) { /* * Generate a random appropriate candidate prime, and test * it with small prime divisor test BEFORE computing mu */ mpprndbits(p, bits, 2, (mpnumber*) 0, (mpnumber*) 0, rc, wksp); mpcopy(size, q.modl, p->modl); mpdivtwo(size, q.modl); /* do a small prime product trial division on q */ if (!mppsppdiv_w(&q, wksp)) continue; /* do a small prime product trial division on p */ if (!mppsppdiv_w(p, wksp)) continue; /* candidate prime has passed small prime division test for p and q */ mpbmu_w(&q, wksp); if (!mppmilrab_w(&q, rc, t, wksp)) continue; mpbmu_w(p, wksp); if (!mppmilrab_w(p, rc, t, wksp)) continue; mpbfree(&q); return; } } }
int main(int argc, char *argv[]) { poptContext optCon = poptGetContext(argv[0], argc, argv, optionsTable, 0); mpbarrett q; mpnumber s; size_t qsize; mpw* qtemp; mpw* qwksp; int rc; int i; while ((rc = poptGetNextOpt(optCon)) > 0) { switch (rc) { default: /*@switchbreak@*/ break; } } mpbzero(&q); mpbsethex(&q, dsa_q); qsize = q.size; qtemp = malloc((13*qsize+13) * sizeof(*qtemp)); qwksp = qtemp+2*qsize; for (i = 0; i < 9; i++) { if (dsa_s[i] == NULL) break; fprintf(stderr, "================================================== %d\n", i); fprintf(stderr, " s: %s\n", dsa_s[i]); mpnzero(&s); mpnsethex(&s, dsa_s[i]); fprintf(stderr, "-------------------------------------------------- %d\n", i); rc = Xmpbinv_w(&q, s.size, s.data, qtemp, qwksp); fprintf(stderr, "BeeCrypt: "); mpfprintln(stderr, qsize, qtemp); fprintf(stderr, "-------------------------------------------------- %d\n", i); rc = Ympbinv_w(&q, s.size, s.data, qtemp, qwksp); fprintf(stderr, " Knuth: "); mpfprintln(stderr, qsize, qtemp); fprintf(stderr, "-------------------------------------------------- %d\n", i); rc = Zmpbinv_w(&q, s.size, s.data, qtemp, qwksp); fprintf(stderr, " Brent: "); mpfprintln(stderr, qsize, qtemp); fprintf(stderr, "-------------------------------------------------- %d\n", i); fprintf(stderr, " q: %s\n", dsa_q); fprintf(stderr, " s: %s\n", dsa_s[i]); fprintf(stderr, " GOOD: %s\n", dsa_w_good[i]); fprintf(stderr, " BAD: %s\n", dsa_w_bad[i]); } return 0; }
/* * needs workspace of (8*size+2) words */ void mpprndconone_w(mpbarrett* p, randomGeneratorContext* rc, size_t bits, int t, const mpbarrett* q, const mpnumber* f, mpnumber* r, int cofactor, mpw* wksp) { /* * Generate a prime p with n bits such that p mod q = 1, and p = qr+1 where r = 2s * * Conditions: q > 2 and size(q) < size(p) and size(f) <= size(p) * * Conditions: r must be chosen so that r is even, otherwise p will be even! * * if cofactor == 0, then s will be chosen randomly * if cofactor == 1, then make sure that q does not divide r, i.e.: * q cannot be equal to r, since r is even, and q > 2; hence if q <= r make sure that GCD(q,r) == 1 * if cofactor == 2, then make sure that s is prime * * Optional input f: if f is not null, then search p so that GCD(p-1,f) = 1 */ mpbinit(p, MP_BITS_TO_WORDS(bits + MP_WBITS - 1)); if (p->modl != (mpw*) 0) { size_t sbits = bits - mpbits(q->size, q->modl) - 1; mpbarrett s; mpbzero(&s); mpbinit(&s, MP_BITS_TO_WORDS(sbits + MP_WBITS - 1)); while (1) { mpprndbits(&s, sbits, 0, (mpnumber*) 0, (mpnumber*) 0, rc, wksp); if (cofactor == 1) { mpsetlsb(s.size, s.modl); /* if (q <= s) check if GCD(q,s) != 1 */ if (mplex(q->size, q->modl, s.size, s.modl)) { /* we can find adequate storage for computing the gcd in s->wksp */ mpsetx(s.size, wksp, q->size, q->modl); mpgcd_w(s.size, s.modl, wksp, wksp+s.size, wksp+2*s.size); if (!mpisone(s.size, wksp+s.size)) continue; } } else if (cofactor == 2) { mpsetlsb(s.size, s.modl); } if (cofactor == 2) { /* do a small prime product trial division test on r */ if (!mppsppdiv_w(&s, wksp)) continue; } /* multiply q*s */ mpmul(wksp, s.size, s.modl, q->size, q->modl); /* s.size + q.size may be greater than p.size by 1, but the product will fit exactly into p */ mpsetx(p->size, p->modl, s.size+q->size, wksp); /* multiply by two and add 1 */ mpmultwo(p->size, p->modl); mpaddw(p->size, p->modl, 1); /* test if the product actually contains enough bits */ if (mpbits(p->size, p->modl) < bits) continue; /* do a small prime product trial division test on p */ if (!mppsppdiv_w(p, wksp)) continue; /* if we have an f, do the congruence test */ if (f != (mpnumber*) 0) { mpcopy(p->size, wksp, p->modl); mpsubw(p->size, wksp, 1); mpsetx(p->size, wksp, f->size, f->data); mpgcd_w(p->size, wksp, wksp+p->size, wksp+2*p->size, wksp+3*p->size); if (!mpisone(p->size, wksp+2*p->size)) continue; } /* if cofactor is two, test if s is prime */ if (cofactor == 2) { mpbmu_w(&s, wksp); if (!mppmilrab_w(&s, rc, mpptrials(sbits), wksp)) continue; } /* candidate has passed so far, now we do the probabilistic test on p */ mpbmu_w(p, wksp); if (!mppmilrab_w(p, rc, t, wksp)) continue; mpnset(r, s.size, s.modl); mpmultwo(r->size, r->data); mpbfree(&s); return; } } }
int main( int argc, char **argv ) { FILE *secblock; unsigned char packetType; unsigned short packetLen; unsigned char buffer[4096]; unsigned char hexrep[8192]; // for CRT computation mpbarrett psubone, qsubone; // for testing mpnumber m, cipher, decipher, holder; rsakp keypair; size_t bits = 2048; size_t pbits = (bits+1) >> 1; size_t qbits = (bits - pbits); size_t psize = MP_BITS_TO_WORDS(pbits+MP_WBITS-1); size_t qsize = MP_BITS_TO_WORDS(qbits+MP_WBITS-1); size_t pqsize = psize+qsize; mpw* temp = (mpw*) malloc((16*pqsize+6)*sizeof(mpw)); if( argc < 2 ) { printf( "usage: %s <secblock>\n", argv[0] ); exit( 1 ); } mpbzero(&psubone); mpbzero(&qsubone); secblock = fopen(argv[1], "rb"); if( secblock == NULL ) { printf( "Can't open %s\n", argv[1] ); exit(0); } packetType = fgetc(secblock); packetLen = 0; //big endianness... big16read(&packetLen, secblock); printf( "Packet type: 0x%02X\n", packetType ); printf( "Packet length: %04d\n", (int) packetLen ); // skip ahead six bytes, this includes key generation time and other attributes fread( buffer, 6, 1, secblock); rsakpInit(&keypair); big16read(&packetLen, secblock); printf( "n Packet length: %02d bits, %02d bytes\n", (int) packetLen, (int) bytesFromMpn(packetLen) ); printf( "offset: %x\n", ftell( secblock ) ); fread( buffer, bytesFromMpn(packetLen), 1, secblock ); mpbsetbin(&keypair.n, buffer, bytesFromMpn(packetLen)); mpprintln(packetLen/32, keypair.n.modl); big16read(&packetLen, secblock); printf( "e Packet length: %02d bits, %02d bytes\n", (int) packetLen, (int) bytesFromMpn(packetLen) ); printf( "offset: %x\n", ftell( secblock ) ); fread( buffer, bytesFromMpn(packetLen), 1, secblock ); mpnsetbin(&keypair.e, buffer, bytesFromMpn(packetLen)); mpprintln(keypair.e.size, keypair.e.data); packetType = fgetc(secblock); if( packetType == 0 ) { printf( "secret data is plaintext\n" ); } else { printf( "secret data is encrypted\n" ); } big16read(&packetLen, secblock); printf( "d Packet length: %02d bits, %02d bytes\n", (int) packetLen, (int) bytesFromMpn(packetLen) ); printf( "offset: %x\n", ftell( secblock ) ); fread( buffer, bytesFromMpn(packetLen), 1, secblock ); mpnsetbin(&keypair.d, buffer, bytesFromMpn(packetLen)); mpprintln(keypair.d.size, keypair.d.data); big16read(&packetLen, secblock); printf( "p Packet length: %02d bits, %02d bytes\n", (int) packetLen, (int) bytesFromMpn(packetLen) ); printf( "offset: %x\n", ftell( secblock ) ); fread( buffer, bytesFromMpn(packetLen), 1, secblock ); mpbsetbin(&keypair.p, buffer, bytesFromMpn(packetLen)); mpprintln(packetLen/32, keypair.p.modl); big16read(&packetLen, secblock); printf( "q Packet length: %02d bits, %02d bytes\n", (int) packetLen, (int) bytesFromMpn(packetLen) ); printf( "offset: %x\n", ftell( secblock ) ); fread( buffer, bytesFromMpn(packetLen), 1, secblock ); mpbsetbin(&keypair.q, buffer, bytesFromMpn(packetLen)); mpprintln(packetLen/32, keypair.q.modl); big16read(&packetLen, secblock); printf( "mystery packet length: %02d bits, %02d bytes\n", (int) packetLen, (int) bytesFromMpn(packetLen) ); printf( "offset: %x\n", ftell( secblock ) ); fread( buffer, bytesFromMpn(packetLen), 1, secblock ); mpnzero(&holder); mpnsetbin(&holder, buffer, bytesFromMpn(packetLen)); mpprintln(holder.size, holder.data); fread( buffer, 4, 1, secblock ); // advance by two bytes printf( "offset: %x\n", ftell( secblock ) ); fread( buffer, bytesFromMpn(packetLen), 1, secblock ); printf( "%s\n", buffer ); #ifdef USE_CRT // compute CRT elements /* compute p-1 */ mpbsubone(&keypair.p, temp); mpbset(&psubone, psize, temp); /* compute q-1 */ mpbsubone(&keypair.q, temp); mpbset(&qsubone, qsize, temp); /* compute dp = d mod (p-1) */ mpnsize(&keypair.dp, psize); mpbmod_w(&psubone, keypair.d.data, keypair.dp.data, temp); /* compute dq = d mod (q-1) */ mpnsize(&keypair.dq, qsize); mpbmod_w(&qsubone, keypair.d.data, keypair.dq.data, temp); /* compute qi = inv(q) mod p */ mpninv(&keypair.qi, (mpnumber*) &keypair.q, (mpnumber*) &keypair.p); #endif // now test mpnzero(&m); mpnzero(&cipher); mpnzero(&decipher); mpnsethex(&m, "d436e99569fd32a7c8a05bbc90d32c49"); printf( "Original: " ); mpprintln(m.size, m.data); rsapub(&keypair.n, &keypair.e, &m, &cipher); printf( "Encrypted: " ); mpprintln(cipher.size, cipher.data); #ifdef USE_CRT rsapricrt(&keypair.n, &keypair.p, &keypair.q, &keypair.dp, &keypair.dq, &keypair.qi, &cipher, &decipher); #else rsapri(&keypair.n, &keypair.d, &cipher, &decipher); #endif printf( "Recovered: " ); mpprintln(decipher.size, decipher.data); if (mpnex(m.size, m.data, decipher.size, decipher.data)) printf ( "results don't match\n" ); else printf ( "before and after encyrption sizes match\n" ); printf( "special test routine for STM32 validation\n" ); mpnzero(&cipher); mpnzero(&decipher); mpnsethex(&cipher, "6fa1bf55e15b47f4662f86e8fc7fadf0dc02c603c20c1090096fdbeafbd56897794ee106d0fcd8a58392ee7e14fd4e15b49c4adb02f0eebeb9587e9823e9e11048c1754c5e6ba273a08c35dd68f72bf4758b8c31dee196f683298cdbd259c28976c1459058c37be29b52589f3919dcb41cf57fd0c64796a056702be8c1f7574a005cad8b0aedb8f833d1fcfe5383b6d6695d766cc1a9a3413f7609fa18b0a1214486f8fec17febd3f4cbc177dd6f26568b715249853280c570e2ef8519f51fe78fb1978061a48fcc6730fb24e365120b54e6f4e2c3815997176167456b2a2b8f1a13b66967765fc42d4aeec2b4f8211e54ba9cbbbbfdd8ac7b2f20af8d44cd68" ); printf( "Decrypting: " ); mpprintln(cipher.size, cipher.data); rsapub(&keypair.n, &keypair.e, &cipher, &decipher); printf( "Recovered: " ); mpprintln(decipher.size, decipher.data); free(temp); return 0; }
int main(int argc, char *argv[]) { pgpImplVecs_t * testImplVecs = &rpmnssImplVecs; pgpDig dig; pgpDigParams pubp; rpmbc bc; int printing = -1; int rc; pgpImplVecs = &rpmbcImplVecs; dig = pgpDigNew(RPMVSF_DEFAULT, 0); pubp = pgpGetPubkey(dig); bc = dig->impl; mpbzero(&bc->p); mpbsethex(&bc->p, fips_p); mpbzero(&bc->q); mpbsethex(&bc->q, fips_q); mpnzero(&bc->g); mpnsethex(&bc->g, fips_g); mpnzero(&bc->y); mpnsethex(&bc->y, fips_y); mpnzero(&bc->r); mpnsethex(&bc->r, fips_r); mpnzero(&bc->s); mpnsethex(&bc->s, fips_s); mpnzero(&bc->hm); mpnsethex(&bc->hm, fips_hm); pubp->pubkey_algo = PGPPUBKEYALGO_DSA; /* XXX assert? */ rc = pgpImplVerify(dig); fprintf(stderr, "=============================== DSA FIPS-186-1: rc %d\n", rc); dig = pgpDigFree(dig); pgpImplVecs = testImplVecs; dig = pgpDigNew(RPMVSF_DEFAULT, 0); pubp = pgpGetPubkey(dig); _pgp_debug = 1; _pgp_print = 1; fprintf(stderr, "=============================== DSA Public Key\n"); if ((rc = doit(DSApub, dig, printing)) != 0) fprintf(stderr, "==> FAILED: rc %d\n", rc); fprintf(stderr, "=============================== DSA Signature of \"%s\"\n", str); if ((rc = doit(DSAsig, dig, printing)) != 0) fprintf(stderr, "==> FAILED: rc %d\n", rc); { DIGEST_CTX ctx = rpmDigestInit(PGPHASHALGO_SHA1, RPMDIGEST_NONE); pgpDigParams dsig = pgpGetSignature(dig); rpmDigestUpdate(ctx, str, strlen(str)); rpmDigestUpdate(ctx, dsig->hash, dsig->hashlen); (void) pgpImplSetDSA(ctx, dig, dsig); } pubp->pubkey_algo = PGPPUBKEYALGO_DSA; /* XXX assert? */ rc = pgpImplVerify(dig); fprintf(stderr, "=============================== DSA verify: rc %d\n", rc); dig = pgpDigFree(dig); pgpImplVecs = testImplVecs; dig = pgpDigNew(RPMVSF_DEFAULT, 0); pubp = pgpGetPubkey(dig); _pgp_debug = 1; _pgp_print = 1; fprintf(stderr, "=============================== RSA Public Key\n"); if ((rc = doit(RSApub, dig, printing)) != 0) fprintf(stderr, "==> FAILED: rc %d\n", rc); fprintf(stderr, "=============================== RSA Signature of \"%s\"\n", str); if ((rc = doit(RSAsig, dig, printing)) != 0) fprintf(stderr, "==> FAILED: rc %d\n", rc); { DIGEST_CTX ctx = rpmDigestInit(PGPHASHALGO_SHA1, RPMDIGEST_NONE); pgpDigParams dsig = pgpGetSignature(dig); rpmDigestUpdate(ctx, str, strlen(str)); rpmDigestUpdate(ctx, dsig->hash, dsig->hashlen); (void) pgpImplSetRSA(ctx, dig, dsig); } pubp->pubkey_algo = PGPPUBKEYALGO_RSA; /* XXX assert? */ rc = pgpImplVerify(dig); fprintf(stderr, "=============================== RSA verify: rc %d\n", rc); dig = pgpDigFree(dig); pgpImplVecs = testImplVecs; dig = pgpDigNew(RPMVSF_DEFAULT, 0); pubp = pgpGetPubkey(dig); _pgp_debug = 1; _pgp_print = 1; fprintf(stderr, "=============================== ECDSA Public Key\n"); if ((rc = doit(ECDSApub, dig, printing)) != 0) fprintf(stderr, "==> FAILED: rc %d\n", rc); fprintf(stderr, "=============================== ECDSA Signature of \"%s\"\n", str); if ((rc = doit(ECDSAsig, dig, printing)) != 0) fprintf(stderr, "==> FAILED: rc %d\n", rc); { DIGEST_CTX ctx = rpmDigestInit(PGPHASHALGO_SHA256, RPMDIGEST_NONE); pgpDigParams dsig = pgpGetSignature(dig); rpmDigestUpdate(ctx, str, strlen(str)); rpmDigestUpdate(ctx, dsig->hash, dsig->hashlen); (void) pgpImplSetECDSA(ctx, dig, dsig); } pubp->pubkey_algo = PGPPUBKEYALGO_ECDSA; /* XXX assert? */ rc = pgpImplVerify(dig); fprintf(stderr, "=============================== ECDSA verify: rc %d\n", rc); dig = pgpDigFree(dig); if (pgpImplVecs == &rpmsslImplVecs) NSS_Shutdown(); return rc; }