本文整理匯總了C++中BN_bn2bin函數的典型用法代碼示例。如果您正苦於以下問題:C++ BN_bn2bin函數的具體用法?C++ BN_bn2bin怎麽用?C++ BN_bn2bin使用的例子?那麽, 這裏精選的函數代碼示例或許可以為您提供幫助。
在下文中一共展示了BN_bn2bin函數的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的C++代碼示例。
示例1: receive_and_decrypt
int receive_and_decrypt(byte * msg){
int length = readFromPipe(inputChannel , msg);
if(length < 0)
{
fprintf(stderr , " **** error reading message **** \n\n");
return -1;
}
if(strncmp(msg , ClientCloseConnection , length) == 0 && length == strlen(ClientCloseConnection))
return length;
if(encType == PLAIN)
return length;
if(encType == RSA64){
BIGNUM *message = BN_new();
message = BN_bin2bn((const unsigned char *) msg, RSA64_BYTE_LENGTH , NULL);
printf("%s\n", BN_bn2hex(message));
rsaEXP(message , &server64Rsa); //Decrypt with private keyExchange
BN_bn2bin(message , msg);
BN_free(message);
return length;
}
if(encType == RSA512){
BIGNUM *message = BN_new();
message = BN_bin2bn((const unsigned char *) msg, RSA512_BYTE_LENGTH , NULL);
printf("%s\n", BN_bn2hex(message));
rsaEXP(message , &server512Rsa); //Decrypt with private keyExchange
BN_bn2bin(message , msg);
BN_free(message);
return length;
}
if(encType == Cipher_ALL5){
BIGNUM *tm = BN_new();
tm = BN_bin2bn((const unsigned char *) msg, length , NULL);
printf("ALL5 : %s\n", BN_bn2hex(tm));
byte message[length - HASH_BYTE_LENGTH];
byte hash[HASH_BYTE_LENGTH];
int recv_length = length;
if(cipherSpec.hash_function == hash_spongeBunny)
{
recv_length -= HASH_BYTE_LENGTH;
memmove(hash , msg + (sizeof(byte) * recv_length) , sizeof(byte) * HASH_BYTE_LENGTH); //copy the hash
memcpy(message , msg , sizeof(byte) * recv_length); //copy the cihpertext
ALL5_decrypt(&cipherStruct.all5, message, message, recv_length); //decrypt
byte rec_hash[HASH_BYTE_LENGTH];
spongeBunnyComputeHash(message , rec_hash , recv_length); //compute the hash of the plaintext
if(memcmp(rec_hash, hash, sizeof(byte) * HASH_BYTE_LENGTH) != 0)
{
recv_length = 0;
fprintf(stderr , "Wrong HASH !!!!!!! \n");
}
tm = BN_bin2bn((const unsigned char *) hash, HASH_BYTE_LENGTH , NULL);
printf("HASH : %s\n", BN_bn2hex(tm));
memcpy(msg , message , sizeof(byte) * recv_length);
} //no hash function
else
ALL5_decrypt(&cipherStruct.all5, msg, msg, recv_length); //decrypt
BN_free(tm);
return recv_length;
}
if(encType == Cipher_MAJ5){
BIGNUM *tm = BN_new();
tm = BN_bin2bn((const unsigned char *) msg, length , NULL);
printf("MAJ5 : %s\n", BN_bn2hex(tm));
int recv_length = length;
if(cipherSpec.hash_function == hash_spongeBunny)
{
byte message[length - HASH_BYTE_LENGTH];
byte hash[HASH_BYTE_LENGTH];
recv_length -= HASH_BYTE_LENGTH;
memmove(hash , msg + (sizeof(byte) * recv_length) , sizeof(byte) * HASH_BYTE_LENGTH); //copy the hash
memcpy(message , msg , sizeof(byte) * recv_length); //copy the cihpertext
//.........這裏部分代碼省略.........
示例2: tgl_do_send_create_encr_chat
void tgl_do_send_create_encr_chat (struct tgl_state *TLS, void *x, unsigned char *random, void (*callback)(struct tgl_state *TLS, void *callback_extra, int success, struct tgl_secret_chat *E), void *callback_extra) {
int user_id = (long)x;
int i;
unsigned char random_here[256];
tglt_secure_random (random_here, 256);
for (i = 0; i < 256; i++) {
random[i] ^= random_here[i];
}
BIGNUM *a = BN_bin2bn (random, 256, 0);
ensure_ptr (a);
BIGNUM *p = BN_bin2bn (TLS->encr_prime, 256, 0);
ensure_ptr (p);
BIGNUM *g = BN_new ();
ensure_ptr (g);
ensure (BN_set_word (g, TLS->encr_root));
BIGNUM *r = BN_new ();
ensure_ptr (r);
ensure (BN_mod_exp (r, g, a, p, TLS->BN_ctx));
BN_clear_free (a);
static char g_a[256];
memset (g_a, 0, 256);
BN_bn2bin (r, (void *)(g_a + (256 - BN_num_bytes (r))));
int t = lrand48 ();
while (tgl_peer_get (TLS, TGL_MK_ENCR_CHAT (t))) {
t = lrand48 ();
}
//bl_do_encr_chat_init (TLS, t, user_id, (void *)random, (void *)g_a);
int state = sc_waiting;
bl_do_encr_chat_new (TLS, t, NULL, NULL, &TLS->our_id, &user_id, random, NULL, NULL, &state, NULL, NULL, NULL, NULL, NULL, NULL, TGLPF_CREATE | TGLPF_CREATED);
tgl_peer_t *_E = tgl_peer_get (TLS, TGL_MK_ENCR_CHAT (t));
assert (_E);
struct tgl_secret_chat *E = &_E->encr_chat;
clear_packet ();
out_int (CODE_messages_request_encryption);
tgl_peer_t *U = tgl_peer_get (TLS, TGL_MK_USER (E->user_id));
assert (U);
if (U && U->user.access_hash) {
out_int (CODE_input_user_foreign);
out_int (E->user_id);
out_long (U->user.access_hash);
} else {
out_int (CODE_input_user_contact);
out_int (E->user_id);
}
out_int (tgl_get_peer_id (E->id));
out_cstring (g_a, 256);
//write_secret_chat_file ();
BN_clear_free (g);
BN_clear_free (p);
BN_clear_free (r);
tglq_send_query (TLS, TLS->DC_working, packet_ptr - packet_buffer, packet_buffer, &send_encr_request_methods, E, callback, callback_extra);
}
示例3: RSA_eay_public_encrypt
static int RSA_eay_public_encrypt(int flen, const unsigned char *from,
unsigned char *to, RSA *rsa, int padding)
{
BIGNUM *f,*ret;
int i,j,k,num=0,r= -1;
unsigned char *buf=NULL;
BN_CTX *ctx=NULL;
if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS)
{
RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_MODULUS_TOO_LARGE);
return -1;
}
if (BN_ucmp(rsa->n, rsa->e) <= 0)
{
RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_BAD_E_VALUE);
return -1;
}
/* for large moduli, enforce exponent limit */
if (BN_num_bits(rsa->n) > OPENSSL_RSA_SMALL_MODULUS_BITS)
{
if (BN_num_bits(rsa->e) > OPENSSL_RSA_MAX_PUBEXP_BITS)
{
RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_BAD_E_VALUE);
return -1;
}
}
if ((ctx=BN_CTX_new()) == NULL) goto err;
BN_CTX_start(ctx);
f = BN_CTX_get(ctx);
ret = BN_CTX_get(ctx);
num=BN_num_bytes(rsa->n);
buf = OPENSSL_malloc(num);
if (!f || !ret || !buf)
{
RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,ERR_R_MALLOC_FAILURE);
goto err;
}
switch (padding)
{
case RSA_PKCS1_PADDING:
i=RSA_padding_add_PKCS1_type_2(buf,num,from,flen);
break;
#ifndef OPENSSL_NO_SHA
case RSA_PKCS1_OAEP_PADDING:
i=RSA_padding_add_PKCS1_OAEP(buf,num,from,flen,NULL,0);
break;
#endif
case RSA_SSLV23_PADDING:
i=RSA_padding_add_SSLv23(buf,num,from,flen);
break;
case RSA_NO_PADDING:
i=RSA_padding_add_none(buf,num,from,flen);
break;
default:
RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,RSA_R_UNKNOWN_PADDING_TYPE);
goto err;
}
if (i <= 0) goto err;
if (BN_bin2bn(buf,num,f) == NULL) goto err;
if (BN_ucmp(f, rsa->n) >= 0)
{
/* usually the padding functions would catch this */
RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS);
goto err;
}
if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx))
goto err;
if (!rsa->meth->bn_mod_exp(ret,f,rsa->e,rsa->n,ctx,
rsa->_method_mod_n)) goto err;
/* put in leading 0 bytes if the number is less than the
* length of the modulus */
j=BN_num_bytes(ret);
i=BN_bn2bin(ret,&(to[num-j]));
for (k=0; k<(num-i); k++)
to[k]=0;
r=num;
err:
if (ctx != NULL)
{
BN_CTX_end(ctx);
BN_CTX_free(ctx);
}
if (buf != NULL)
{
OPENSSL_cleanse(buf,num);
OPENSSL_free(buf);
}
return(r);
//.........這裏部分代碼省略.........
示例4: ssh_dss_sign
int
ssh_dss_sign(const Key *key, u_char **sigp, u_int *lenp,
const u_char *data, u_int datalen)
{
DSA_SIG *sig;
const EVP_MD *evp_md = EVP_sha1();
EVP_MD_CTX md;
u_char digest[EVP_MAX_MD_SIZE], sigblob[SIGBLOB_LEN];
u_int rlen, slen, len, dlen;
Buffer b;
if (key == NULL || key->dsa == NULL || (key->type != KEY_DSA &&
key->type != KEY_DSA_CERT && key->type != KEY_DSA_CERT_V00)) {
error("ssh_dss_sign: no DSA key");
return -1;
}
EVP_DigestInit(&md, evp_md);
EVP_DigestUpdate(&md, data, datalen);
EVP_DigestFinal(&md, digest, &dlen);
sig = DSA_do_sign(digest, dlen, key->dsa);
memset(digest, 'd', sizeof(digest));
if (sig == NULL) {
error("ssh_dss_sign: sign failed");
return -1;
}
rlen = BN_num_bytes(sig->r);
slen = BN_num_bytes(sig->s);
if (rlen > INTBLOB_LEN || slen > INTBLOB_LEN) {
error("bad sig size %u %u", rlen, slen);
DSA_SIG_free(sig);
return -1;
}
memset(sigblob, 0, SIGBLOB_LEN);
BN_bn2bin(sig->r, sigblob+ SIGBLOB_LEN - INTBLOB_LEN - rlen);
BN_bn2bin(sig->s, sigblob+ SIGBLOB_LEN - slen);
DSA_SIG_free(sig);
if (datafellows & SSH_BUG_SIGBLOB) {
if (lenp != NULL)
*lenp = SIGBLOB_LEN;
if (sigp != NULL) {
*sigp = xmalloc(SIGBLOB_LEN);
memcpy(*sigp, sigblob, SIGBLOB_LEN);
}
} else {
/* ietf-drafts */
buffer_init(&b);
buffer_put_cstring(&b, "ssh-dss");
buffer_put_string(&b, sigblob, SIGBLOB_LEN);
len = buffer_len(&b);
if (lenp != NULL)
*lenp = len;
if (sigp != NULL) {
*sigp = xmalloc(len);
memcpy(*sigp, buffer_ptr(&b), len);
}
buffer_free(&b);
}
return 0;
}
示例5: memcpy
SESSION *session_init_client (void)
{
SESSION *session;
if ((session = (SESSION *) calloc (1, sizeof (SESSION))) == NULL)
return NULL;
session->client_OS = 0x00; /* 0x00 == Windows, 0x01 == Mac OS X */
memcpy(session->client_id, "\x01\x04\x01\x01", 4);
session->client_revision = 99999;
/*
* Client and server generate 16 random bytes each.
*/
RAND_bytes (session->client_random_16, 16);
if ((session->rsa =
RSA_generate_key (1024, 65537, NULL, NULL)) == NULL) {
DSFYDEBUG ("RSA key generation failed with error %lu\n",
ERR_get_error ());
}
assert (session->rsa != NULL);
/*
* Create a private and public key.
* This, along with key signing, is used to securely
* agree on a session key for the Shannon stream cipher.
*
*/
session->dh = DH_new ();
session->dh->p = BN_bin2bn (DH_prime, 96, NULL);
session->dh->g = BN_bin2bn (DH_generator, 1, NULL);
assert (DH_generate_key (session->dh) == 1);
BN_bn2bin (session->dh->priv_key, session->my_priv_key);
BN_bn2bin (session->dh->pub_key, session->my_pub_key);
/*
* Found in Storage.dat (cache) at offset 16.
* Automatically generated, but we're lazy.
*
*/
memcpy (session->cache_hash,
"\xf4\xc2\xaa\x05\xe8\x25\xa7\xb5\xe4\xe6\x59\x0f\x3d\xd0\xbe\x0a\xef\x20\x51\x95",
20);
session->cache_hash[0] = (unsigned char) getpid ();
session->ap_sock = -1;
session->username[0] = 0;
session->server_host[0] = 0;
session->server_port = 0;
session->key_recv_IV = 0;
session->key_send_IV = 0;
session->user_info.username[0] = 0;
session->user_info.country[0] = 0;
session->user_info.server_host[0] = 0;
session->user_info.server_port = 0;
return session;
}
示例6: cop_bn_new_sz
BigNumber *cop_convert_bignum(BIGNUM * bn)
{
BigNumber *r = cop_bn_new_sz((size_t) BN_num_bytes(bn));
BN_bn2bin(bn, r->number);
return r;
}
示例7: MAIN
//.........這裏部分代碼省略.........
if (text)
{
DHparams_print(out,dh);
}
if (check)
{
if (!DH_check(dh,&i))
{
ERR_print_errors(bio_err);
goto end;
}
if (i & DH_CHECK_P_NOT_PRIME)
printf("p value is not prime\n");
if (i & DH_CHECK_P_NOT_SAFE_PRIME)
printf("p value is not a safe prime\n");
if (i & DH_UNABLE_TO_CHECK_GENERATOR)
printf("unable to check the generator value\n");
if (i & DH_NOT_SUITABLE_GENERATOR)
printf("the g value is not a generator\n");
if (i == 0)
printf("DH parameters appear to be ok.\n");
}
if (C)
{
unsigned char *data;
int len,l,bits;
len=BN_num_bytes(dh->p);
bits=BN_num_bits(dh->p);
data=(unsigned char *)OPENSSL_malloc(len);
if (data == NULL)
{
perror("OPENSSL_malloc");
goto end;
}
printf("#ifndef HEADER_DH_H\n"
"#include <openssl/dh.h>\n"
"#endif\n");
printf("DH *get_dh%d()\n\t{\n",bits);
l=BN_bn2bin(dh->p,data);
printf("\tstatic unsigned char dh%d_p[]={",bits);
for (i=0; i<l; i++)
{
if ((i%12) == 0) printf("\n\t\t");
printf("0x%02X,",data[i]);
}
printf("\n\t\t};\n");
l=BN_bn2bin(dh->g,data);
printf("\tstatic unsigned char dh%d_g[]={",bits);
for (i=0; i<l; i++)
{
if ((i%12) == 0) printf("\n\t\t");
printf("0x%02X,",data[i]);
}
printf("\n\t\t};\n");
printf("\tDH *dh;\n\n");
printf("\tif ((dh=DH_new()) == NULL) return(NULL);\n");
printf("\tdh->p=BN_bin2bn(dh%d_p,sizeof(dh%d_p),NULL);\n",
bits,bits);
printf("\tdh->g=BN_bin2bn(dh%d_g,sizeof(dh%d_g),NULL);\n",
bits,bits);
printf("\tif ((dh->p == NULL) || (dh->g == NULL))\n");
printf("\t\t{ DH_free(dh); return(NULL); }\n");
if (dh->length)
printf("\tdh->length = %ld;\n", dh->length);
printf("\treturn(dh);\n\t}\n");
OPENSSL_free(data);
}
if (!noout)
{
if (outformat == FORMAT_ASN1)
i=i2d_DHparams_bio(out,dh);
else if (outformat == FORMAT_PEM)
i=PEM_write_bio_DHparams(out,dh);
else {
BIO_printf(bio_err,"bad output format specified for outfile\n");
goto end;
}
if (!i)
{
BIO_printf(bio_err,"unable to write DH parameters\n");
ERR_print_errors(bio_err);
goto end;
}
}
ret=0;
end:
if (in != NULL) BIO_free(in);
if (out != NULL) BIO_free_all(out);
if (dh != NULL) DH_free(dh);
apps_shutdown();
OPENSSL_EXIT(ret);
}
示例8: main2
int main2()
{
// Seed RNG
// Generate Key Pair
ERR_load_crypto_strings();
char error[400];
int modulus_length = 2048; // bits
unsigned long e = 65537;
const char* e_hex = "100001";
RSA *rsa = NULL;
rsa = RSA_generate_key(modulus_length, e, NULL /*keygen_progress*/, NULL);
if (rsa == NULL)
{
ERR_error_string(ERR_get_error(), error);
printf("Failed to generate RSA key pair.OpenSSL error:\n %s\n", error);
return -1;
}
unsigned char *n_hex = (unsigned char*)calloc(1, 2*2048/8);
unsigned char *d_hex = (unsigned char*)calloc(1, 2*2048/8);
unsigned char *p_hex = (unsigned char*)calloc(1, 2*2048/8);
unsigned char *q_hex = (unsigned char*)calloc(1, 2*2048/8);
if (!( n_hex = (unsigned char*) BN_bn2hex((const BIGNUM*)rsa->n) ))
{
printf("Modulo parsing error\n");
return -1;
}
if (!( d_hex = (unsigned char*) BN_bn2hex((const BIGNUM*)rsa->d) ))
{
printf("Private exponent parsing error\n");
return -1;
}
if (!( p_hex = (unsigned char*) BN_bn2hex((const BIGNUM*)rsa->q) ))
{
printf("Private exponent parsing error\n");
return -1;
}
if (!( q_hex = (unsigned char*) BN_bn2hex((const BIGNUM*)rsa->p) ))
{
printf("Private exponent parsing error\n");
return -1;
}
printf("Public modulus:\n\t%s\n", n_hex);
printf("Private exponent:\n\t%s\n", d_hex);
printf("Prime p:\n\t%s\n", p_hex);
printf("Prime q:\n\t%s\n", q_hex);
// Import Key Pair
sc_cardctl_openpgp_keystore_info_t key_info;
key_info.keytype = SC_OPENPGP_KEY_ENCR;
key_info.keyformat = SC_OPENPGP_KEYFORMAT_STD;
/* n */
unsigned char* n_bin = (unsigned char*)calloc(1, modulus_length/8);
key_info.n_len = BN_bn2bin(rsa->n, n_bin);
key_info.n = n_bin;
/* e */
key_info.e = (u8*)calloc(1, 4);
hex_to_bin(e_hex, key_info.e, &(key_info.e_len));
/* p */
unsigned char* p_bin = (unsigned char*)calloc(1, strlen((const char*)p_hex)/2);
key_info.p_len = BN_bn2bin(rsa->p, p_bin);
key_info.p = p_bin;
/* q */
unsigned char* q_bin = (unsigned char*)calloc(1, strlen((const char*)q_hex)/2);
key_info.q_len = BN_bn2bin(rsa->q, q_bin);
key_info.q = q_bin;
printf("Lengths: n = %lu\ne= %lu\np = %lu\nq = %lu\n",key_info.n_len, key_info.e_len, key_info.p_len, key_info.q_len);
// List readers
int r;
card_t* card;
reader_list* readerList = (reader_list*)malloc(sizeof(reader_list));
r = pcsc_detect_readers(readerList);
if( !r==SC_SUCCESS)
{
printf("pcsc_detect_readers: %s\n",sc_strerror(r));
return -1;
}
connect_card(readerList->root->reader, &card);
card_init(card);
csVerifyAdminPIN(card, (unsigned char*)"12345678", 8);
if( (r = pgp_store_key(card, &key_info)) != 0)
printf("pgp_store_key error: %d\n",r);
// Cleanups
//.........這裏部分代碼省略.........
示例9: eap_pwd_perform_confirm_exchange
static void
eap_pwd_perform_confirm_exchange(struct eap_sm *sm, struct eap_pwd_data *data,
struct eap_method_ret *ret,
const struct wpabuf *reqData,
const u8 *payload, size_t payload_len)
{
BIGNUM *x = NULL, *y = NULL;
struct crypto_hash *hash;
u32 cs;
u16 grp;
u8 conf[SHA256_MAC_LEN], *cruft = NULL, *ptr;
int offset;
if (data->state != PWD_Confirm_Req) {
ret->ignore = TRUE;
goto fin;
}
if (payload_len != SHA256_MAC_LEN) {
wpa_printf(MSG_INFO,
"EAP-pwd: Unexpected Confirm payload length %u (expected %u)",
(unsigned int) payload_len, SHA256_MAC_LEN);
goto fin;
}
/*
* first build up the ciphersuite which is group | random_function |
* prf
*/
grp = htons(data->group_num);
ptr = (u8 *) &cs;
os_memcpy(ptr, &grp, sizeof(u16));
ptr += sizeof(u16);
*ptr = EAP_PWD_DEFAULT_RAND_FUNC;
ptr += sizeof(u8);
*ptr = EAP_PWD_DEFAULT_PRF;
/* each component of the cruft will be at most as big as the prime */
if (((cruft = os_malloc(BN_num_bytes(data->grp->prime))) == NULL) ||
((x = BN_new()) == NULL) || ((y = BN_new()) == NULL)) {
wpa_printf(MSG_INFO, "EAP-PWD (server): confirm allocation "
"fail");
goto fin;
}
/*
* server's commit is H(k | server_element | server_scalar |
* peer_element | peer_scalar | ciphersuite)
*/
hash = eap_pwd_h_init();
if (hash == NULL)
goto fin;
/*
* zero the memory each time because this is mod prime math and some
* value may start with a few zeros and the previous one did not.
*/
os_memset(cruft, 0, BN_num_bytes(data->grp->prime));
offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(data->k);
BN_bn2bin(data->k, cruft + offset);
eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->prime));
/* server element: x, y */
if (!EC_POINT_get_affine_coordinates_GFp(data->grp->group,
data->server_element, x, y,
data->bnctx)) {
wpa_printf(MSG_INFO, "EAP-PWD (server): confirm point "
"assignment fail");
goto fin;
}
os_memset(cruft, 0, BN_num_bytes(data->grp->prime));
offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(x);
BN_bn2bin(x, cruft + offset);
eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->prime));
os_memset(cruft, 0, BN_num_bytes(data->grp->prime));
offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(y);
BN_bn2bin(y, cruft + offset);
eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->prime));
/* server scalar */
os_memset(cruft, 0, BN_num_bytes(data->grp->prime));
offset = BN_num_bytes(data->grp->order) -
BN_num_bytes(data->server_scalar);
BN_bn2bin(data->server_scalar, cruft + offset);
eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->order));
/* my element: x, y */
if (!EC_POINT_get_affine_coordinates_GFp(data->grp->group,
data->my_element, x, y,
data->bnctx)) {
wpa_printf(MSG_INFO, "EAP-PWD (server): confirm point "
"assignment fail");
goto fin;
}
os_memset(cruft, 0, BN_num_bytes(data->grp->prime));
offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(x);
BN_bn2bin(x, cruft + offset);
eap_pwd_h_update(hash, cruft, BN_num_bytes(data->grp->prime));
os_memset(cruft, 0, BN_num_bytes(data->grp->prime));
//.........這裏部分代碼省略.........
示例10: RSA_eay_public_encrypt
static int RSA_eay_public_encrypt(FIPS_RSA_SIZE_T flen, const unsigned char *from,
unsigned char *to, RSA *rsa, int padding)
{
BIGNUM f,ret;
int i,j,k,num=0,r= -1;
unsigned char *buf=NULL;
BN_CTX *ctx=NULL;
BN_init(&f);
BN_init(&ret);
if(FIPS_selftest_failed())
{
FIPSerr(FIPS_F_RSA_EAY_PUBLIC_ENCRYPT,FIPS_R_FIPS_SELFTEST_FAILED);
goto err;
}
if ((ctx=BN_CTX_new()) == NULL) goto err;
num=BN_num_bytes(rsa->n);
if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL)
{
RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,ERR_R_MALLOC_FAILURE);
goto err;
}
switch (padding)
{
case RSA_PKCS1_PADDING:
i=RSA_padding_add_PKCS1_type_2(buf,num,from,flen);
break;
#ifndef OPENSSL_NO_SHA
case RSA_PKCS1_OAEP_PADDING:
i=RSA_padding_add_PKCS1_OAEP(buf,num,from,flen,NULL,0);
break;
#endif
case RSA_SSLV23_PADDING:
i=RSA_padding_add_SSLv23(buf,num,from,flen);
break;
case RSA_NO_PADDING:
i=RSA_padding_add_none(buf,num,from,flen);
break;
default:
RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,RSA_R_UNKNOWN_PADDING_TYPE);
goto err;
}
if (i <= 0) goto err;
if (BN_bin2bn(buf,num,&f) == NULL) goto err;
if (BN_ucmp(&f, rsa->n) >= 0)
{
/* usually the padding functions would catch this */
RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS);
goto err;
}
if ((rsa->_method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC))
{
BN_MONT_CTX* bn_mont_ctx;
if ((bn_mont_ctx=BN_MONT_CTX_new()) == NULL)
goto err;
if (!BN_MONT_CTX_set(bn_mont_ctx,rsa->n,ctx))
{
BN_MONT_CTX_free(bn_mont_ctx);
goto err;
}
if (rsa->_method_mod_n == NULL) /* other thread may have finished first */
{
CRYPTO_w_lock(CRYPTO_LOCK_RSA);
if (rsa->_method_mod_n == NULL)
{
rsa->_method_mod_n = bn_mont_ctx;
bn_mont_ctx = NULL;
}
CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
}
if (bn_mont_ctx)
BN_MONT_CTX_free(bn_mont_ctx);
}
if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx,
rsa->_method_mod_n)) goto err;
/* put in leading 0 bytes if the number is less than the
* length of the modulus */
j=BN_num_bytes(&ret);
i=BN_bn2bin(&ret,&(to[num-j]));
for (k=0; k<(num-i); k++)
to[k]=0;
r=num;
err:
if (ctx != NULL) BN_CTX_free(ctx);
BN_clear_free(&f);
BN_clear_free(&ret);
if (buf != NULL)
{
OPENSSL_cleanse(buf,num);
OPENSSL_free(buf);
}
//.........這裏部分代碼省略.........
示例11: eap_pwd_perform_commit_exchange
//.........這裏部分代碼省略.........
"is at infinity!\n");
goto fin;
}
}
/* compute the shared key, k */
if ((!EC_POINT_mul(data->grp->group, K, NULL, data->grp->pwe,
data->server_scalar, data->bnctx)) ||
(!EC_POINT_add(data->grp->group, K, K, data->server_element,
data->bnctx)) ||
(!EC_POINT_mul(data->grp->group, K, NULL, K, data->private_value,
data->bnctx))) {
wpa_printf(MSG_INFO, "EAP-PWD (peer): computing shared key "
"fail");
goto fin;
}
/* ensure that the shared key isn't in a small sub-group */
if (BN_cmp(cofactor, BN_value_one())) {
if (!EC_POINT_mul(data->grp->group, K, NULL, K, cofactor,
NULL)) {
wpa_printf(MSG_INFO, "EAP-PWD (peer): cannot multiply "
"shared key point by order");
goto fin;
}
}
/*
* This check is strictly speaking just for the case above where
* co-factor > 1 but it was suggested that even though this is probably
* never going to happen it is a simple and safe check "just to be
* sure" so let's be safe.
*/
if (EC_POINT_is_at_infinity(data->grp->group, K)) {
wpa_printf(MSG_INFO, "EAP-PWD (peer): shared key point is at "
"infinity!\n");
goto fin;
}
if (!EC_POINT_get_affine_coordinates_GFp(data->grp->group, K, data->k,
NULL, data->bnctx)) {
wpa_printf(MSG_INFO, "EAP-PWD (peer): unable to extract "
"shared secret from point");
goto fin;
}
/* now do the response */
if (!EC_POINT_get_affine_coordinates_GFp(data->grp->group,
data->my_element, x, y,
data->bnctx)) {
wpa_printf(MSG_INFO, "EAP-PWD (peer): point assignment fail");
goto fin;
}
if (((scalar = os_malloc(BN_num_bytes(data->grp->order))) == NULL) ||
((element = os_malloc(BN_num_bytes(data->grp->prime) * 2)) ==
NULL)) {
wpa_printf(MSG_INFO, "EAP-PWD (peer): data allocation fail");
goto fin;
}
/*
* bignums occupy as little memory as possible so one that is
* sufficiently smaller than the prime or order might need pre-pending
* with zeros.
*/
os_memset(scalar, 0, BN_num_bytes(data->grp->order));
os_memset(element, 0, BN_num_bytes(data->grp->prime) * 2);
offset = BN_num_bytes(data->grp->order) -
BN_num_bytes(data->my_scalar);
BN_bn2bin(data->my_scalar, scalar + offset);
offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(x);
BN_bn2bin(x, element + offset);
offset = BN_num_bytes(data->grp->prime) - BN_num_bytes(y);
BN_bn2bin(y, element + BN_num_bytes(data->grp->prime) + offset);
data->outbuf = wpabuf_alloc(BN_num_bytes(data->grp->order) +
2 * BN_num_bytes(data->grp->prime));
if (data->outbuf == NULL)
goto fin;
/* we send the element as (x,y) follwed by the scalar */
wpabuf_put_data(data->outbuf, element,
2 * BN_num_bytes(data->grp->prime));
wpabuf_put_data(data->outbuf, scalar, BN_num_bytes(data->grp->order));
fin:
os_free(scalar);
os_free(element);
BN_clear_free(x);
BN_clear_free(y);
BN_clear_free(cofactor);
EC_POINT_clear_free(K);
EC_POINT_clear_free(point);
if (data->outbuf == NULL)
eap_pwd_state(data, FAILURE);
else
eap_pwd_state(data, PWD_Confirm_Req);
}
示例12: bn_to_bin
static void bn_to_bin(BIGNUM* bn, unsigned char* bin, int n) {
memset(bin, 0, n);
int m = BN_num_bytes(bn);
BN_bn2bin(bn, bin+n-m);
}
示例13: srp_verifier_new
/* Out: bytes_B, len_B.
*
* On failure, bytes_B will be set to NULL and len_B will be set to 0
*/
struct SRPVerifier * srp_verifier_new( SRP_HashAlgorithm alg, SRP_NGType ng_type, const char * username,
const unsigned char * bytes_s, int len_s,
const unsigned char * bytes_v, int len_v,
const unsigned char * bytes_A, int len_A,
const unsigned char ** bytes_B, int * len_B,
const char * n_hex, const char * g_hex )
{
BIGNUM *s = BN_bin2bn(bytes_s, len_s, NULL);
BIGNUM *v = BN_bin2bn(bytes_v, len_v, NULL);
BIGNUM *A = BN_bin2bn(bytes_A, len_A, NULL);
BIGNUM *u = 0;
BIGNUM *B = BN_new();
BIGNUM *S = BN_new();
BIGNUM *b = BN_new();
BIGNUM *k = 0;
BIGNUM *tmp1 = BN_new();
BIGNUM *tmp2 = BN_new();
BN_CTX *ctx = BN_CTX_new();
int ulen = strlen(username) + 1;
NGConstant *ng = new_ng( ng_type, n_hex, g_hex );
struct SRPVerifier *ver = 0;
*len_B = 0;
*bytes_B = 0;
if( !s || !v || !A || !B || !S || !b || !tmp1 || !tmp2 || !ctx || !ng )
goto cleanup_and_exit;
ver = (struct SRPVerifier *) malloc( sizeof(struct SRPVerifier) );
if (!ver)
goto cleanup_and_exit;
init_random(); /* Only happens once */
ver->username = (char *) malloc( ulen );
ver->hash_alg = alg;
ver->ng = ng;
if (!ver->username)
{
free(ver);
ver = 0;
goto cleanup_and_exit;
}
memcpy( (char*)ver->username, username, ulen );
ver->authenticated = 0;
/* SRP-6a safety check */
BN_mod(tmp1, A, ng->N, ctx);
if ( !BN_is_zero(tmp1) )
{
BN_rand(b, 256, -1, 0);
k = H_nn(alg, ng->N, ng->g);
/* B = kv + g^b */
BN_mul(tmp1, k, v, ctx);
BN_mod_exp(tmp2, ng->g, b, ng->N, ctx);
BN_add(B, tmp1, tmp2);
u = H_nn(alg, A, B);
/* S = (A *(v^u)) ^ b */
BN_mod_exp(tmp1, v, u, ng->N, ctx);
BN_mul(tmp2, A, tmp1, ctx);
BN_mod_exp(S, tmp2, b, ng->N, ctx);
hash_num(alg, S, ver->session_key);
calculate_M( alg, ng, ver->M, username, s, A, B, ver->session_key );
calculate_H_AMK( alg, ver->H_AMK, A, ver->M, ver->session_key );
*len_B = BN_num_bytes(B);
*bytes_B = malloc( *len_B );
if( !*bytes_B )
{
free( (void*) ver->username );
free( ver );
ver = 0;
*len_B = 0;
goto cleanup_and_exit;
}
BN_bn2bin( B, (unsigned char *) *bytes_B );
ver->bytes_B = *bytes_B;
}
cleanup_and_exit:
BN_free(s);
BN_free(v);
BN_free(A);
//.........這裏部分代碼省略.........
示例14: make_fake_key
TSS_RESULT
make_fake_key(TSS_HCONTEXT hContext, TSS_HKEY *hCAKey, RSA **rsa, int padding)
{
TSS_RESULT result;
UINT32 encScheme, size_n, pub_size;
BYTE n[2048];
TCPA_PUBKEY pubkey;
UINT32 blob_size, size;
BYTE *blob, pub_blob[1024];
switch (padding) {
case RSA_PKCS1_PADDING:
encScheme = TSS_ES_RSAESPKCSV15;
break;
case RSA_PKCS1_OAEP_PADDING:
encScheme = TSS_ES_RSAESOAEP_SHA1_MGF1;
break;
case RSA_NO_PADDING:
encScheme = TSS_ES_NONE;
break;
default:
return TSS_E_INTERNAL_ERROR;
break;
}
//Create CA Key Object
result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY,
TSS_KEY_TYPE_LEGACY|TSS_KEY_SIZE_2048, hCAKey);
if (result != TSS_SUCCESS) {
check("Tspi_Context_CreateObject", result);
return result;
}
// generate a software key to represent the CA's key
if ((*rsa = RSA_generate_key(2048, 65537, NULL, NULL)) == NULL) {
ERR_print_errors_fp(stdout);
return 254; // ?
}
// get the pub CA key
if ((size_n = BN_bn2bin((*rsa)->n, n)) <= 0) {
fprintf(stderr, "BN_bn2bin failed\n");
ERR_print_errors_fp(stdout);
RSA_free(*rsa);
return 254; // ?
}
result = Tspi_GetAttribData(*hCAKey, TSS_TSPATTRIB_KEY_BLOB,
TSS_TSPATTRIB_KEYBLOB_PUBLIC_KEY, &blob_size, &blob);
if (result != TSS_SUCCESS) {
check("Tspi_GetAttribData", result);
return result;
}
pub_size = blob_pubkey(pub_blob, 1024, blob, blob_size, n, size_n);
result = Tspi_SetAttribData(*hCAKey, TSS_TSPATTRIB_KEY_BLOB,
TSS_TSPATTRIB_KEYBLOB_PUBLIC_KEY, pub_size, pub_blob);
if (result != TSS_SUCCESS) {
check("Tspi_SetAttribData", result);
return result;
}
// set the CA key's algorithm
result = Tspi_SetAttribUint32(*hCAKey, TSS_TSPATTRIB_KEY_INFO,
TSS_TSPATTRIB_KEYINFO_ALGORITHM,
TSS_ALG_RSA);
if (result != TSS_SUCCESS) {
check("Tspi_SetAttribUint32", result);
RSA_free(*rsa);
return result;
}
// set the CA key's number of primes
result = Tspi_SetAttribUint32(*hCAKey, TSS_TSPATTRIB_RSAKEY_INFO,
TSS_TSPATTRIB_KEYINFO_RSA_PRIMES,
2);
if (result != TSS_SUCCESS) {
check("Tspi_SetAttribUint32", result);
RSA_free(*rsa);
return result;
}
// set the CA key's encryption scheme
result = Tspi_SetAttribUint32(*hCAKey, TSS_TSPATTRIB_KEY_INFO,
TSS_TSPATTRIB_KEYINFO_ENCSCHEME,
encScheme);
if (result != TSS_SUCCESS) {
check("Tspi_SetAttribUint32", result);
RSA_free(*rsa);
return result;
}
return TSS_SUCCESS;
}
示例15: generateKey
* *
****************************************************************************/
/* The keys for testing the RSA, DSA, and Elgamal implementations. The key
values may be extracted with the following code pasted into the
generateKey() function in ctx_dsa.c/ctx_rsa.c */
#if 0
{
#include <stdio.h>
BYTE buffer[ CRYPT_MAX_PKCSIZE ];
int length, i;
printf( "static const RSA_KEY FAR_BSS rsaTestKey = {\n" );
length = BN_bn2bin( &contextInfoPtr->ctxPKC->rsaParam_n, buffer );
printf( "\t/* n */\n\t%d,", BN_num_bits( &contextInfoPtr->ctxPKC->rsaParam_n ) );
for( i = 0; i < length; i++ )
{ if( !( i % 8 ) ) printf( "\n\t " );
printf( "0x%02X, ", buffer[ i ] ); }
length = BN_bn2bin( &contextInfoPtr->ctxPKC->rsaParam_e, buffer );
printf( "\n\n\t/* e */\n\t%d,", BN_num_bits( &contextInfoPtr->ctxPKC->rsaParam_e ) );
for( i = 0; i < length; i++ )
{ if( !( i % 8 ) ) printf( "\n\t " );
printf( "0x%02X, ", buffer[ i ] ); }
length = BN_bn2bin( &contextInfoPtr->ctxPKC->rsaParam_d, buffer );
printf( "\n\n\t/* d */\n\t%d,", BN_num_bits( &contextInfoPtr->ctxPKC->rsaParam_d ) );
for( i = 0; i < length; i++ )
{ if( !( i % 8 ) ) printf( "\n\t " );
printf( "0x%02X, ", buffer[ i ] ); }
length = BN_bn2bin( &contextInfoPtr->ctxPKC->rsaParam_p, buffer );