void JNICALL Java_beecrypt_provider_RSAKeyPairGenerator_generate(JNIEnv* env, jobject obj) { jclass cls = (*env)->GetObjectClass(env, obj); jfieldID sid = (*env)->GetFieldID(env, cls, "_size", "I"); jfieldID fid; if (sid) { randomGeneratorContext rngc; rsakp pair; jint keybits = (*env)->GetIntField(env, obj, sid); randomGeneratorContextInit(&rngc, randomGeneratorDefault()); rsakpInit(&pair); fid = (*env)->GetFieldID(env, cls, "_e", "[B"); if (fid) { mpnsetbigint(&pair.e, env, (*env)->GetObjectField(env, obj, fid)); } rsakpMake(&pair, &rngc, (size_t) keybits); if ((fid = (*env)->GetFieldID(env, cls, "_n", "[B"))) (*env)->SetObjectField(env, obj, fid, mp_to_bigint(env, pair.n.size, pair.n.modl)); if ((fid = (*env)->GetFieldID(env, cls, "_e", "[B"))) (*env)->SetObjectField(env, obj, fid, mp_to_bigint(env, pair.e.size, pair.e.data)); if ((fid = (*env)->GetFieldID(env, cls, "_d", "[B"))) (*env)->SetObjectField(env, obj, fid, mp_to_bigint(env, pair.d.size, pair.d.data)); if ((fid = (*env)->GetFieldID(env, cls, "_p", "[B"))) (*env)->SetObjectField(env, obj, fid, mp_to_bigint(env, pair.p.size, pair.p.modl)); if ((fid = (*env)->GetFieldID(env, cls, "_q", "[B"))) (*env)->SetObjectField(env, obj, fid, mp_to_bigint(env, pair.q.size, pair.q.modl)); if ((fid = (*env)->GetFieldID(env, cls, "_dp", "[B"))) (*env)->SetObjectField(env, obj, fid, mp_to_bigint(env, pair.dp.size, pair.dp.data)); if ((fid = (*env)->GetFieldID(env, cls, "_dq", "[B"))) (*env)->SetObjectField(env, obj, fid, mp_to_bigint(env, pair.dq.size, pair.dq.data)); if ((fid = (*env)->GetFieldID(env, cls, "_qi", "[B"))) (*env)->SetObjectField(env, obj, fid, mp_to_bigint(env, pair.qi.size, pair.qi.data)); rsakpFree(&pair); randomGeneratorContextFree(&rngc); } }
int encode_function_beecrpt(V6_AUTHENTICATION_REQUEST_T in, V6_AUTHENTICATION_RESULT_T *out) { char rsa_m[256+1]; char temp[256+1]; char buff[1024]; char confirm[1024]; unsigned char un_buff[128+1]; int len=0, file_folder_offset=0; int reserved_offset=0, i; mpnumber m, cipher; rsakp keypair; randomGeneratorContext rngc; if (randomGeneratorContextInit(&rngc, randomGeneratorDefault()) == 0) { rsakpInit(&keypair); rsakpMake(&keypair, &rngc, 1024); //Set publicKey1 memset(temp, 0, 256+1); getHexFromMPW(keypair.n.size, keypair.n.modl, temp); printLog(HEAD_KEY, "(**)UUID(%.48s)PRODUCT_ID(%.18s) ==> PUBLIC_KEY1(%s)\n", in.uuid, in.product, temp); memset(buff, 0, 1024); Hex2Str__((unsigned char*)temp, 256, (unsigned char*)buff); memcpy(out->decKey1, buff, 128); //Set publicKey2 memcpy(out->decKey2, "10001", 5); //Logging privateKey memset(temp, 0, 256+1); getHexFromMPW(keypair.d.size, keypair.d.data, temp); printLog(HEAD_KEY, "(**)UUID(%.48s)PRODUCT_ID(%.18s) ==> PRIVATE_KEY(%s)\n", in.uuid, in.product, temp); memset(un_buff, 0, 128+1); len = 0; memcpy(&un_buff[len], in.uuid, UUID_SIZE-2); len += UUID_SIZE-2; memcpy(&un_buff[len], in.device_type, DEVICE_TYPE_SIZE); len += DEVICE_TYPE_SIZE; memcpy(&un_buff[len], in.register_version, REGISTER_VERSION_SIZE); len += REGISTER_VERSION_SIZE; memcpy(&un_buff[len], in.app_version, APP_VERSION_SIZE); len += APP_VERSION_SIZE; memcpy(&un_buff[len], in.app_build_num, APP_BUILD_NUM_SIZE); len += APP_BUILD_NUM_SIZE; memcpy(&un_buff[len], in.map_version, MAP_VER_SIZE); len += MAP_VER_SIZE; memcpy(&un_buff[len], in.os_version, OS_VER_SIZE_M31); len += OS_VER_SIZE_M31; //in order not to alter m31-device's decoding function released at interface 3 protocol(0x15) file_folder_offset = len; len += FILE_SIZE; memcpy(&un_buff[len], in.expire_date, EXPIRE_DATE_SIZE); len += EXPIRE_DATE_SIZE; reserved_offset = len; for(i=0; i<in.reqEncCnt; i++) { //Set changing part(file size, reserved) memcpy(&un_buff[file_folder_offset], in.AuthFileInfo[i].file_size, FILE_SIZE); memcpy(&un_buff[reserved_offset], in.AuthFileInfo[i].reserved, RESERVED_SIZE); memset(rsa_m, 0, 256+1); Str2Hex__(un_buff, 128, (unsigned char *)rsa_m); mpnzero(&m); mpnzero(&cipher); mpnsethex(&m, rsa_m); if( rsapri(&keypair.n, &keypair.d, &m, &cipher) != 0 ) return -1; //Set encryptStr memset(temp, 0, 256+1); getHexFromMPW(cipher.size, cipher.data, temp); printLog(HEAD_KEY, "(%.2d)UUID(%.48s)PRODUCT_ID(%.18s) ==> ENCRYPT_STR(%s)\n",i, in.uuid, in.product, temp); memset(buff, 0, 1024); Hex2Str__((unsigned char*)temp, 256, (unsigned char*)buff); memcpy(out->AuthResultData[i].encStr, buff, 128); // 검증용.. decode_function_m31(out->decKey1, out->decKey2, out->AuthResultData[i].encStr, confirm); if(memcmp(un_buff, confirm, 128) != 0) { printLog(HEAD, "ERR::ENCODINGINPUT(%s)OUTPUT(%s) not same\n", un_buff, confirm); mpnfree(&cipher); mpnfree(&m); rsakpFree(&keypair); randomGeneratorContextFree(&rngc); out->resultCnt = 0; return -1; } // free mpn objects mpnfree(&cipher); mpnfree(&m); } out->resultCnt = i; // free rsakp object & random generator context rsakpFree(&keypair); randomGeneratorContextFree(&rngc); return 1; } return -1; }
void doInteraction() { char *cmd; // i/o opRec oprec; unsigned char dataStr[256]; // aes aesParam aesparam; byte aesSrc[16]; byte aesDst[16]; // rsa rsakp keypair; mpnumber m, cipher, signature; // sha1 byte digest[20]; char digestHex[41]; sha1Param sha1param; int i; oprec.data = dataStr; oprec.dataLen = MAXDATLEN; while(1) { // reset the data string for( i = 0; i < MAXDATLEN; i++ ) { oprec.data[i] = '0'; } oprec.dataLen = MAXDATLEN; // grab the string and parse it cmd = getString(); if(parseString(cmd, &oprec) != 1) { oprec.dataLen = MAXDATLEN; continue; } switch(oprec.cipherType) { case CH_AES: for( i = 0; i < 16; i++ ) { aesSrc[i] = 0; } if(aesSetup(&aesparam, AESkeyTable[oprec.keyIndex].key, 128, oprec.opType == CH_ENCRYPT ? ENCRYPT : DECRYPT )) continue; fromhex(aesSrc, oprec.data); if( oprec.opType == CH_ENCRYPT ) { if( aesEncrypt(&aesparam, (uint32_t *)aesDst, (uint32_t *)aesSrc) ) continue; } else { if( aesDecrypt(&aesparam, (uint32_t *)aesDst, (uint32_t *)aesSrc) ) continue; } for( i = 0; i < 16; i++ ) { printf("%02X", aesDst[i] ); } printf( "\n" ); break; case CH_SGN: // init sha1 if( sha1Reset( &sha1param ) ) continue; if( sha1Update( &sha1param, oprec.data, oprec.dataLen )) continue; if( sha1Digest( &sha1param, digest ) ) continue; // digest now contains the 160-bit message we want to sign toHex(digest, digestHex, 20); // digestHex now has the correct large number representation of the message #if TESTING fprintf( stderr, "sha1 of message: %s\n", digestHex ); #endif // init rsa rsakpInit(&keypair); mpbsethex(&keypair.n, RSAkeyTable[oprec.keyIndex].rsa_n); mpnsethex(&keypair.e, RSAkeyTable[oprec.keyIndex].rsa_e); mpbsethex(&keypair.p, RSAkeyTable[oprec.keyIndex].rsa_p); mpbsethex(&keypair.q, RSAkeyTable[oprec.keyIndex].rsa_q); mpnsethex(&keypair.dp, RSAkeyTable[oprec.keyIndex].rsa_dp); mpnsethex(&keypair.dq, RSAkeyTable[oprec.keyIndex].rsa_dq); mpnsethex(&keypair.qi, RSAkeyTable[oprec.keyIndex].rsa_qi); mpnzero(&m); mpnzero(&cipher); mpnzero(&signature); mpnsethex(&m, digestHex); // we are now all set to do the signing // need to: // write signing alg here // make test case // this link is very helpful in writing this code: // http://tools.ietf.org/html/rfc3447#page-12 rsapricrt(&keypair.n, &keypair.p, &keypair.q, &keypair.dp, &keypair.dq, &keypair.qi, &m, &signature); for( i = 0; i < signature.size; i++ ) { printf("%08X", signature.data[i] ); } printf( "\n" ); #if TESTING mpnfree(&m); mpnzero(&m); rsapub(&keypair.n, &keypair.e, &signature, &m); for( i = 0; i < m.size; i++ ) { printf("%08X", m.data[i] ); } printf( "\n" ); #endif rsakpFree(&keypair); break; case CH_VRF: rsakpInit(&keypair); mpbsethex(&keypair.n, RSAkeyTable[oprec.keyIndex].rsa_n); mpnsethex(&keypair.e, RSAkeyTable[oprec.keyIndex].rsa_e); mpbsethex(&keypair.p, RSAkeyTable[oprec.keyIndex].rsa_p); mpbsethex(&keypair.q, RSAkeyTable[oprec.keyIndex].rsa_q); mpnsethex(&keypair.dp, RSAkeyTable[oprec.keyIndex].rsa_dp); mpnsethex(&keypair.dq, RSAkeyTable[oprec.keyIndex].rsa_dq); mpnsethex(&keypair.qi, RSAkeyTable[oprec.keyIndex].rsa_qi); mpnzero(&m); mpnzero(&cipher); mpnzero(&signature); mpnsethex(&m, oprec.data); rsapub(&keypair.n, &keypair.e, &m, &cipher); for( i = 0; i < cipher.size; i++ ) printf("%08X", cipher.data[i]); printf( "\n" ); break; case CH_SHA: // init sha1 if( sha1Reset( &sha1param ) ) continue; if( sha1Update( &sha1param, oprec.data, oprec.dataLen )) continue; if( sha1Digest( &sha1param, digest ) ) continue; // digest now contains the 160-bit message we want to sign toHex(digest, digestHex, 20); printf( "%s\n", digestHex ); break; default: fprintf( stderr, "unknown cipher type caught.\n" ); } // switch // prevent the leak! #if (TESTING == 0) if( cmd != NULL ) free(cmd); #endif } // while }
int main(int argc, char * argv[]) { int i = 0, failures = 0; char buf[8192] = {0}; rsakp keypair; mpnumber m, cipher, decipher; randomGeneratorContext rngc; if (randomGeneratorContextInit(&rngc, randomGeneratorDefault()) == 0) { /* First we do the fixed value verification */ rsakpInit(&keypair); mpbsethex(&keypair.n, rsa_n); mpnsethex(&keypair.e, rsa_e); mpnsethex(&keypair.d, rsa_d); mpnzero(&m); mpnzero(&cipher); mpnzero(&decipher); if ( argv[1][0] == '-' && argv[1][1] == 'm') { mpnsetbin(&m, (argv[1] + 2), strlen(argv[1]) - 2); } else if ( argv[1][0] == '-' && argv[1][1] == 'h') { _hex_snprintf(buf, strlen(argv[1]) - 2, argv[1] + 2, sizeof(char)); mpnsethex(&m, buf); } printf("message:%s\n", argv[1] + 2); hex_dump((char *) m.data, m.size << 2); printf("\npublic:%d\n", (int) * keypair.e.data); hex_dump((char *) keypair.e.data, keypair.e.size << 2); /* it's safe to cast the keypair to a public key */ if ( rsapub(&keypair.n, &keypair.e, &m, &cipher) ) { failures++; } printf("\ncipher:\n"); hex_dump((char *) cipher.data, cipher.size << 2); i = mpntobin(buf, &cipher, 0); printf("\ncipher mpntobin:%d\n", i); hex_dump(buf, i); if ( rsapri(&keypair.n, &keypair.d, &cipher, &decipher) ) { failures++; } printf("\ndecipher:%s\n", (char *) decipher.data); hex_dump((char *) decipher.data, decipher.size << 2); _hex_snprintf(buf, decipher.size * sizeof(mpw), (char *) decipher.data, sizeof(mpw)); printf("\n_snprintf (%dbytes):\n%s\n", decipher.size << 2, buf); i = mpntobin(buf, &decipher, 0); printf("\nmpntobin:%d\n", i); hex_dump(buf, i); i = mpntobin(buf, &decipher, (strlen(argv[1])-2)); printf("\nmpntobin intercept:%d\n%s\n", i, buf); hex_dump(buf, i); mpntohex(buf, & decipher); printf("\nmpntohex:(%d)%s\n", decipher.size << 2, buf); mpnfree(&decipher); mpnfree(&cipher); mpnfree(&m); rsakpFree(&keypair); randomGeneratorContextFree(&rngc); } return failures; }
int main() { int failures = 0; rsakp keypair; mpnumber m, cipher, decipher; randomGeneratorContext rngc; if (randomGeneratorContextInit(&rngc, randomGeneratorDefault()) == 0) { /* First we do the fixed value verification */ rsakpInit(&keypair); mpbsethex(&keypair.n, rsa_n); mpnsethex(&keypair.e, rsa_e); mpbsethex(&keypair.p, rsa_p); mpbsethex(&keypair.q, rsa_q); mpnsethex(&keypair.dp, rsa_d1); mpnsethex(&keypair.dq, rsa_d2); mpnsethex(&keypair.qi, rsa_c); mpnzero(&m); mpnzero(&cipher); mpnzero(&decipher); mpnsethex(&m, rsa_m); /* it's safe to cast the keypair to a public key */ if (rsapub(&keypair.n, &keypair.e, &m, &cipher)) failures++; if (rsapricrt(&keypair.n, &keypair.p, &keypair.q, &keypair.dp, &keypair.dq, &keypair.qi, &cipher, &decipher)) failures++; if (mpnex(m.size, m.data, decipher.size, decipher.data)) failures++; mpnfree(&decipher); mpnfree(&cipher); mpnfree(&m); rsakpFree(&keypair); mpnzero(&m); mpnzero(&cipher); mpnzero(&decipher); /* Now we generate a keypair and do some tests on it */ rsakpMake(&keypair, &rngc, 512); /* generate a random m in the range 0 < m < n */ mpbnrnd(&keypair.n, &rngc, &m); /* it's safe to cast the keypair to a public key */ if (rsapub(&keypair.n, &keypair.e, &m, &cipher)) failures++; if (rsapricrt(&keypair.n, &keypair.p, &keypair.q, &keypair.dp, &keypair.dq, &keypair.qi, &cipher, &decipher)) failures++; if (mpnex(m.size, m.data, decipher.size, decipher.data)) failures++; rsakpFree(&keypair); } return failures; }