static int readDlpPrivateKey( INOUT STREAM *stream,
INOUT CONTEXT_INFO *contextInfoPtr )
{
PKC_INFO *dlpKey = contextInfoPtr->ctxPKC;
assert( isWritePtr( stream, sizeof( STREAM ) ) );
assert( isWritePtr( contextInfoPtr, sizeof( CONTEXT_INFO ) ) );
REQUIRES( contextInfoPtr->type == CONTEXT_PKC && \
( contextInfoPtr->capabilityInfo->cryptAlgo == CRYPT_ALGO_DH || \
contextInfoPtr->capabilityInfo->cryptAlgo == CRYPT_ALGO_DSA || \
contextInfoPtr->capabilityInfo->cryptAlgo == CRYPT_ALGO_ELGAMAL ) );
/* Read the key components */
if( peekTag( stream ) == BER_SEQUENCE )
{
/* Erroneously written in older code */
readSequence( stream, NULL );
return( readBignumTag( stream, &dlpKey->dlpParam_x,
DLPPARAM_MIN_X, DLPPARAM_MAX_X,
&dlpKey->dlpParam_p, 0 ) );
}
return( readBignum( stream, &dlpKey->dlpParam_x,
DLPPARAM_MIN_X, DLPPARAM_MAX_X,
&dlpKey->dlpParam_p ) );
}
static int readDsaPrivateKeyOld( INOUT STREAM *stream,
INOUT CONTEXT_INFO *contextInfoPtr )
{
CRYPT_ALGO_TYPE cryptAlgo;
PKC_INFO *dlpKey = contextInfoPtr->ctxPKC;
int dummy, status;
assert( isWritePtr( stream, sizeof( STREAM ) ) );
assert( isWritePtr( contextInfoPtr, sizeof( CONTEXT_INFO ) ) );
REQUIRES( contextInfoPtr->type == CONTEXT_PKC && \
contextInfoPtr->capabilityInfo->cryptAlgo == CRYPT_ALGO_DSA );
/* Skip the PKCS #8 wrapper */
readSequence( stream, NULL ); /* Outer wrapper */
readShortInteger( stream, NULL ); /* Version */
status = readAlgoIDparam( stream, &cryptAlgo, &dummy,
ALGOID_CLASS_PKC );
if( cryptStatusError( status ) || cryptAlgo != CRYPT_ALGO_DSA )
return( CRYPT_ERROR_BADDATA );
/* Read the DSA parameters if we haven't already got them via the
associated public key/certificate */
if( BN_is_zero( &dlpKey->dlpParam_p ) )
{
readSequence( stream, NULL ); /* Parameter wrapper */
status = readBignumChecked( stream, &dlpKey->dlpParam_p,
DLPPARAM_MIN_P, DLPPARAM_MAX_P,
NULL );
if( cryptStatusOK( status ) )
status = readBignumChecked( stream, &dlpKey->dlpParam_q,
DLPPARAM_MIN_Q, DLPPARAM_MAX_Q,
NULL );
if( cryptStatusOK( status ) )
status = readBignumChecked( stream, &dlpKey->dlpParam_g,
DLPPARAM_MIN_G, DLPPARAM_MAX_G,
NULL );
}
else
status = readUniversal( stream );
if( cryptStatusError( status ) )
return( status );
/* Read the DSA private key component */
status = readOctetStringHole( stream, NULL, 20, DEFAULT_TAG );
if( cryptStatusOK( status ) ) /* OCTET STRING encapsulation */
status = readBignum( stream, &dlpKey->dlpParam_x,
DLPPARAM_MIN_X, DLPPARAM_MAX_X,
&dlpKey->dlpParam_p );
return( status );
}
static int readEccPrivateKey( INOUT STREAM *stream,
INOUT CONTEXT_INFO *contextInfoPtr )
{
PKC_INFO *eccKey = contextInfoPtr->ctxPKC;
assert( isWritePtr( stream, sizeof( STREAM ) ) );
assert( isWritePtr( contextInfoPtr, sizeof( CONTEXT_INFO ) ) );
REQUIRES( contextInfoPtr->type == CONTEXT_PKC && \
contextInfoPtr->capabilityInfo->cryptAlgo == CRYPT_ALGO_ECDSA );
/* Read the key components. Note that we can't use the ECC p value for
a range check because it hasn't been set yet, all that we have at
this point is a curve ID */
return( readBignum( stream, &eccKey->eccParam_d,
ECCPARAM_MIN_D, ECCPARAM_MAX_D, NULL ) );
}
static int readRsaPrivateKeyOld( INOUT STREAM *stream,
INOUT CONTEXT_INFO *contextInfoPtr )
{
CRYPT_ALGO_TYPE cryptAlgo;
PKC_INFO *rsaKey = contextInfoPtr->ctxPKC;
const int startPos = stell( stream );
int length, endPos, iterationCount, status;
assert( isWritePtr( stream, sizeof( STREAM ) ) );
assert( isWritePtr( contextInfoPtr, sizeof( CONTEXT_INFO ) ) );
REQUIRES( contextInfoPtr->type == CONTEXT_PKC && \
contextInfoPtr->capabilityInfo->cryptAlgo == CRYPT_ALGO_RSA );
/* Skip the PKCS #8 wrapper. When we read the OCTET STRING
encapsulation we use MIN_PKCSIZE_THRESHOLD rather than MIN_PKCSIZE
so that a too-short key will get to readBignumChecked(), which
returns an appropriate error code */
readSequence( stream, &length ); /* Outer wrapper */
readShortInteger( stream, NULL ); /* Version */
status = readAlgoID( stream, &cryptAlgo, ALGOID_CLASS_PKC );
if( cryptStatusError( status ) || cryptAlgo != CRYPT_ALGO_RSA )
return( CRYPT_ERROR_BADDATA );
status = readOctetStringHole( stream, NULL,
( 2 * MIN_PKCSIZE_THRESHOLD ) + \
( 5 * ( MIN_PKCSIZE_THRESHOLD / 2 ) ),
DEFAULT_TAG );
if( cryptStatusError( status ) ) /* OCTET STRING encapsulation */
return( status );
/* Read the header */
readSequence( stream, NULL );
status = readShortInteger( stream, NULL );
if( cryptStatusError( status ) )
return( status );
/* Read the RSA key components, skipping n and e if we've already got
them via the associated public key/certificate */
if( BN_is_zero( &rsaKey->rsaParam_n ) )
{
status = readBignumChecked( stream, &rsaKey->rsaParam_n,
RSAPARAM_MIN_N, RSAPARAM_MAX_N,
NULL );
if( cryptStatusOK( status ) )
status = readBignum( stream, &rsaKey->rsaParam_e,
RSAPARAM_MIN_E, RSAPARAM_MAX_E,
&rsaKey->rsaParam_n );
}
else
{
readUniversal( stream );
status = readUniversal( stream );
}
if( cryptStatusOK( status ) )
{
/* d isn't used so we skip it */
status = readUniversal( stream );
}
if( cryptStatusOK( status ) )
status = readBignum( stream, &rsaKey->rsaParam_p,
RSAPARAM_MIN_P, RSAPARAM_MAX_P,
&rsaKey->rsaParam_n );
if( cryptStatusOK( status ) )
status = readBignum( stream, &rsaKey->rsaParam_q,
RSAPARAM_MIN_Q, RSAPARAM_MAX_Q,
&rsaKey->rsaParam_n );
if( cryptStatusOK( status ) )
status = readBignum( stream, &rsaKey->rsaParam_exponent1,
RSAPARAM_MIN_EXP1, RSAPARAM_MAX_EXP1,
&rsaKey->rsaParam_n );
if( cryptStatusOK( status ) )
status = readBignum( stream, &rsaKey->rsaParam_exponent2,
RSAPARAM_MIN_EXP2, RSAPARAM_MAX_EXP2,
&rsaKey->rsaParam_n );
if( cryptStatusOK( status ) )
status = readBignum( stream, &rsaKey->rsaParam_u,
RSAPARAM_MIN_U, RSAPARAM_MAX_U,
&rsaKey->rsaParam_n );
if( cryptStatusError( status ) )
return( status );
/* Check whether there are any attributes present */
if( stell( stream ) >= startPos + length )
return( CRYPT_OK );
/* Read the attribute wrapper */
status = readConstructed( stream, &length, 0 );
if( cryptStatusError( status ) )
return( status );
endPos = stell( stream ) + length;
/* Read the collection of attributes. Unlike any other key-storage
format, PKCS #8 stores the key usage information as an X.509
attribute alongside the encrypted private key data so we have to
process whatever attributes may be present in order to find the
keyUsage (if there is any) in order to set the object action
permissions */
for( iterationCount = 0;
stell( stream ) < endPos && \
iterationCount < FAILSAFE_ITERATIONS_MED;
iterationCount++ )
{
BYTE oid[ MAX_OID_SIZE + 8 ];
int oidLength, actionFlags, value;
/* Read the attribute. Since there's only one attribute type that
we can use, we hardcode the read in here rather than performing a
general-purpose attribute read */
readSequence( stream, NULL );
status = readEncodedOID( stream, oid, MAX_OID_SIZE, &oidLength,
BER_OBJECT_IDENTIFIER );
if( cryptStatusError( status ) )
return( status );
/* If it's not a key-usage attribute, we can't do much with it */
if( oidLength != sizeofOID( OID_X509_KEYUSAGE ) || \
memcmp( oid, OID_X509_KEYUSAGE, oidLength ) )
{
status = readUniversal( stream );
if( cryptStatusError( status ) )
return( status );
continue;
}
/* Read the keyUsage attribute and convert it into cryptlib action
permissions */
readSet( stream, NULL );
status = readBitString( stream, &value );
if( cryptStatusError( status ) )
return( status );
actionFlags = ACTION_PERM_NONE;
if( value & ( KEYUSAGE_SIGN | KEYUSAGE_CA ) )
{
actionFlags |= MK_ACTION_PERM( MESSAGE_CTX_SIGN, \
ACTION_PERM_ALL ) | \
MK_ACTION_PERM( MESSAGE_CTX_SIGCHECK, \
ACTION_PERM_ALL );
}
if( value & KEYUSAGE_CRYPT )
{
actionFlags |= MK_ACTION_PERM( MESSAGE_CTX_ENCRYPT, \
ACTION_PERM_ALL ) | \
MK_ACTION_PERM( MESSAGE_CTX_DECRYPT, \
ACTION_PERM_ALL );
}
#if 0 /* 11/6/13 Windows sets these flags to what are effectively
gibberish values (dataEncipherment for a signing key,
digitalSignature for an encryption key) so in order
to be able to use the key we have to ignore the keyUsage
settings, in the same way that every other application
seems to */
if( actionFlags == ACTION_PERM_NONE )
return( CRYPT_ERROR_NOTAVAIL );
status = krnlSendMessage( contextInfoPtr->objectHandle,
IMESSAGE_SETATTRIBUTE, &actionFlags,
CRYPT_IATTRIBUTE_ACTIONPERMS );
if( cryptStatusError( status ) )
return( status );
#else
assert( actionFlags != ACTION_PERM_NONE ); /* Warn in debug mode */
#endif /* 0 */
}
ENSURES( iterationCount < FAILSAFE_ITERATIONS_MED );
return( CRYPT_OK );
}
/** * <p>Factorisation using Pollard's rho method</p> * <p> * Advanced algorithms, KTH – Project 1 * DD2440 “avag11” * </p> * <p> * Enter large integer that you want factorised into primes, exit with empty line * Each prime will be printed on a separate line each, directly after your input, * when the factorisation is complete. * </p> * * @author Mattias Andrée, [email protected], 900223-3253 * @author Joel Mickelin, [email protected], 880729-0070 * * @param argc Number of elements in argv * @param argv The command line used to start the program: the program followed by options */ int main(int argc, String argv[]) { unused argc; unused argv; //Creating seed list, evens are prime, odds are composites seeds = malloc((SEED_LIMIT + 1) * sizeof(llong)); *(seeds + 1) = 10000; *(seeds + 2) = 15319; *(seeds + 3) = 10001; *(seeds + 4) = 15401; *(seeds + 5) = 10002; *(seeds + 6) = 10007; *(seeds + 7) = 10003; *(seeds + 8) = 22541; *(seeds + 9) = 10004; *seeds = 0; //Integers Bignum q; mpz_init(q); //Quotient Bignum r; mpz_init(r); //Remainder int rootOrder; //The order of the integer = max {i : x↑i = integer} int fx; //The number of factors of small primes Bignum integer; mpz_init(integer); //Integer to factorise //Prime factor buffer long* bufptr = malloc(sizeof(long)); Buffer buffer = new_Buffer(1); //Constants, it is very important for speed to test this primes Bignum _3; mpz_init_set_ui(_3, 3); Bignum _5; mpz_init_set_ui(_5, 5); Bignum _7; mpz_init_set_ui(_7, 7); #define appendFactors(X) appendToBuffer(buffer, (*bufptr)++, X) #define printFactors printBuffer(buffer, *bufptr) while (readBignum(integer)) { *bufptr = 0; free(*buffer); *buffer = malloc(0); //Remove all factors of 2 if ((fx = lowestBit(integer)) > 0) { shiftRight(integer, integer, fx); if (fx & 1) appendFactors(STR_1(2)); if (fx & 2) appendFactors(STR_2(2)); if (fx & 4) appendFactors(STR_4(2)); if (fx & 8) appendFactors(STR_8(2)); if (fx & 16) appendFactors(STR_16(2)); if (fx & 32) appendFactors(STR_32(2)); if (fx & 64) appendFactors(STR_64(2)); //limit, 127 factors of 2, we will not reach that if (equals(integer, 1)) { printFactors; printf("\n"); continue; } } //Remove all factors of X #define factorIt(X) \ if (fx = contDiv(integer, integer, _##X, null, null, 0)) \ { \ if (fx & 1) appendFactors(STR_1(X)); \ if (fx & 2) appendFactors(STR_2(X)); \ if (fx & 4) appendFactors(STR_4(X)); \ if (fx & 8) appendFactors(STR_8(X)); \ if (fx & 16) appendFactors(STR_16(X)); \ if (fx & 32) appendFactors(STR_32(X)); \ if (fx & 64) appendFactors(STR_64(X)); \ \ if (equals(integer, 1)) \ { \ printFactors; \ printf("\n"); \ continue; \ } \ } factorIt(3) factorIt(5) //factorIt(7) if (isPrime(integer)) { printFactors; printf("%s\n\n", bignumToString(integer)); } else if (factorisePollardsRho(integer, 0, buffer, bufptr, 1)) { printFactors; printf("\n"); } else printf(FAIL); } free(bufptr); free(buffer); successful; }
RSA* readRSA()
{
nfc_device *device = NULL;
MifareTag *tag = NULL;
MifareDESFireAID aid;
RSA *rsa = NULL;
uint8_t key_data_null[8] = { 0,0,0,0,0,0,0,0};
MifareDESFireKey defaultKey = mifare_desfire_des_key_new_with_version (key_data_null);
device = getRfidDevice();
if (!device)
return NULL;
tag = freefare_get_tags(device);
mifare_desfire_connect (tag[0]);
aid = mifare_desfire_aid_new(AID_NUMBER);
mifare_desfire_select_application (tag[0], aid);
if (authApplication(tag[0], defaultKeyNumber) < 0)
{
fprintf(stderr,"Falscher Key\n");
nfc_close(device);
return NULL;
}
if (!rsa)
rsa = RSA_new();
if (!rsa->n)
rsa->n = BN_new();
if (!rsa->d)
rsa->d = BN_new();
if (!rsa->e)
rsa->e = BN_new();
if (readBignum(tag[0],aid,rsa->n,0) < 0)
{
fprintf(stderr,"readBignum %d failed\n",0);
nfc_close(device);
return NULL;
}
if (readBignum(tag[0],aid,rsa->d,5) < 0)
{
fprintf(stderr,"readBignum %d failed\n",0);
nfc_close(device);
return NULL;
}
if (readBignum(tag[0],aid,rsa->e,10) < 0)
{
fprintf(stderr,"readBignum %d failed\n",0);
nfc_close(device);
return NULL;
}
nfc_close(device);
return rsa;
}
