#include "hfal/hfal_sha1.h"
+#include "cli.h"
+#include "uart_lowlevel.h"
+
mgf1_parameter_t mgf1_default_parameter = {
&sha1_desc
};
return 1;
}
uint16_t buffer_len = bigint_length_B(key->modulus);
+ cli_putstr("\r\n buffer_len = ");
+ cli_hexdump_rev(&buffer_len, 2);
+ cli_putstr("\r\n modulus_len = ");
+ cli_hexdump_rev(&key->modulus->length_B, 2);
uint8_t* buffer = (uint8_t*)dest;
uint8_t off;
/* the following needs some explanation:
% (sizeof(bigint_word_t));
buffer += off;
buffer_len -= off;
+ cli_putstr("\r\n off = ");
+ cli_hexdump_byte(off);
uint8_t* seed_buffer = buffer + 1;
uint16_t db_len = buffer_len - hv_len - 1;
uint8_t* db = seed_buffer + hv_len;
uint8_t maskbuffer[maskbuffer_len];
bigint_t x;
- memset(buffer, 0, seed_buffer - buffer);
+ memset(dest, 0, seed_buffer - buffer + off);
memset(db + hv_len, 0, db_len - hv_len - length_B -1);
hfal_hash_mem(p->hf, db, label->label, label->length_b);
db[db_len - length_B - 1] = 0x01;
seed_buffer[i] = prng_get_byte();
}
}
-
+ cli_putstr("\r\n msg (raw, pre-feistel):\r\n");
+ cli_hexdump_block(dest, bigint_length_B(key->modulus), 4, 16);
p->mgf(maskbuffer, seed_buffer, hv_len, db_len, p->mgf_parameter);
memxor(db, maskbuffer, db_len);
p->mgf(maskbuffer, db, db_len, hv_len, p->mgf_parameter);
memxor(seed_buffer, maskbuffer, hv_len);
+ cli_putstr("\r\n msg (raw, post-feistel):\r\n");
+ cli_hexdump_block(dest, bigint_length_B(key->modulus), 4, 16);
x.wordv = dest;
x.length_B = key->modulus->length_B;
rsa_privatekey_t* key, const rsa_oaep_parameter_t *p,
const rsa_label_t* label, void* seed){
+ cli_putstr("\r\n -->rsa_decrypt_oaep()"); uart_flush(0);
if(!label){
label = &rsa_oaep_default_label;
}
if(!p){
p = &rsa_oaep_default_parameter;
}
- uint8_t *buffer = dest;
uint16_t x_len, data_len;
bigint_t x;
uint16_t hv_len = hfal_hash_getHashsize(p->hf)/8;
uint8_t label_hv[hv_len];
- uint16_t msg_len = (bigint_get_first_set_bit(key->modulus)+7)/8;
- uint16_t db_len = msg_len - 1 - hv_len;
+ uint16_t msg_len = bigint_get_first_set_bit(key->modulus) / 8 + 1;
+ uint16_t db_len = msg_len - hv_len - 1;
uint8_t maskbuffer[db_len>hv_len?db_len:hv_len];
- uint8_t *seed_buffer = buffer + 1;
+ uint8_t *seed_buffer = dest;
uint8_t *db_buffer = seed_buffer + hv_len;
- x_len = bigint_length_B(key->modulus);
- memset(dest, 0, x_len - length_B);
- buffer = (uint8_t*)dest + x_len - length_B;
- memcpy(buffer, src, length_B);
+ x_len = bigint_get_first_set_bit(key->modulus)/8;
+ memset(dest, 0, bigint_length_B(key->modulus) - length_B);
+ memcpy((uint8_t*)dest + bigint_length_B(key->modulus) - length_B, src, length_B);
+
+ cli_putc('a'); uart_flush(0);
x.wordv = dest;
x.length_B = key->modulus->length_B;
+ x.info = 0;
bigint_adjust(&x);
+
+ cli_putc('b'); uart_flush(0);
rsa_os2ip(&x, NULL, bigint_length_B(key->modulus));
+ cli_putc('c'); uart_flush(0);
rsa_dec(&x, key);
+ cli_putc('d'); uart_flush(0);
rsa_i2osp(NULL, &x, &data_len);
-/*
- if(data_len != x_len){
- memmove(buffer + x_len - data_len, buffer, data_len);
- memset(buffer, 0, x_len - data_len);
- }
-*/
- if(data_len > msg_len){
+
+ cli_putstr("\r\n msg (raw, pre-move):\r\n");
+ cli_hexdump_block(dest, bigint_length_B(key->modulus), 4, 16);
+
+ if(data_len > x_len){
return 7;
}
- memmove(buffer + msg_len - data_len, buffer, data_len);
+ cli_putstr("\r\n moving some bytes; x_len = ");
+ cli_hexdump_rev(&x_len, 2);
+ cli_putstr(" data_len = ");
+ cli_hexdump_rev(&data_len, 2);
+ uart_flush(0);
+
+ if(x_len != data_len){
+ memmove((uint8_t*)dest + x_len - data_len, dest, data_len);
+ cli_putstr(" (oh, not dead yet?!)");
+ uart_flush(0);
+ memset(dest, 0, x_len - data_len);
+ }
hfal_hash_mem(p->hf, label_hv, label->label, label->length_b);
/*
return 1;
}
*/
+ cli_putstr("\r\n msg (raw, pre-feistel):\r\n");
+ cli_hexdump_block(seed_buffer, bigint_length_B(key->modulus), 4, 16);
+
+ uart_flush(0);
+
p->mgf(maskbuffer, db_buffer, db_len, hv_len, p->mgf_parameter);
memxor(seed_buffer, maskbuffer, hv_len);
p->mgf(maskbuffer, seed_buffer, hv_len, db_len, p->mgf_parameter);
memxor(db_buffer, maskbuffer, db_len);
if(memcmp(label_hv, db_buffer, hv_len)){
+ cli_putstr("\r\nDBG: DB:\r\n");
+ cli_hexdump_block(db_buffer, db_len, 4, 16);
return 2;
}
const char* algo_name = "RSA-OAEP";
+#define BIGINT_CEIL(x) ((((x) + sizeof(bigint_word_t) - 1) / sizeof(bigint_word_t)) * sizeof(bigint_word_t))
+#define BIGINT_OFF(x) ((sizeof(bigint_word_t) - (x) % sizeof(bigint_word_t)) % sizeof(bigint_word_t))
+
/*****************************************************************************
* additional validation-functions *
*****************************************************************************/
0x15, 0x91, 0x2d, 0xf6, 0x96, 0xff, 0xe0, 0x70, 0x29, 0x32, 0x94, 0x6d, 0x71, 0x49, 0x2b, 0x44
};
+/**********************************************************************************************/
+/* ---------------------------------
+ * RSAES-OAEP Encryption Example 2.1
+ * --------------------------------- */
+
+/* Message to be encrypted: */
+const uint8_t message3[] = {
+0x8f, 0xf0, 0x0c, 0xaa, 0x60, 0x5c, 0x70, 0x28, 0x30, 0x63, 0x4d, 0x9a, 0x6c, 0x3d, 0x42, 0xc6,
+0x52, 0xb5, 0x8c, 0xf1, 0xd9, 0x2f, 0xec, 0x57, 0x0b, 0xee, 0xe7
+};
+
+/* Seed: */
+const uint8_t seed3[] = {
+0x8c, 0x40, 0x7b, 0x5e, 0xc2, 0x89, 0x9e, 0x50, 0x99, 0xc5, 0x3e, 0x8c, 0xe7, 0x93, 0xbf, 0x94,
+0xe7, 0x1b, 0x17, 0x82
+};
+
+/* Encryption: */
+const uint8_t encrypted3[] = {
+0x01, 0x81, 0xaf, 0x89, 0x22, 0xb9, 0xfc, 0xb4, 0xd7, 0x9d, 0x92, 0xeb, 0xe1, 0x98, 0x15, 0x99,
+0x2f, 0xc0, 0xc1, 0x43, 0x9d, 0x8b, 0xcd, 0x49, 0x13, 0x98, 0xa0, 0xf4, 0xad, 0x3a, 0x32, 0x9a,
+0x5b, 0xd9, 0x38, 0x55, 0x60, 0xdb, 0x53, 0x26, 0x83, 0xc8, 0xb7, 0xda, 0x04, 0xe4, 0xb1, 0x2a,
+0xed, 0x6a, 0xac, 0xdf, 0x47, 0x1c, 0x34, 0xc9, 0xcd, 0xa8, 0x91, 0xad, 0xdc, 0xc2, 0xdf, 0x34,
+0x56, 0x65, 0x3a, 0xa6, 0x38, 0x2e, 0x9a, 0xe5, 0x9b, 0x54, 0x45, 0x52, 0x57, 0xeb, 0x09, 0x9d,
+0x56, 0x2b, 0xbe, 0x10, 0x45, 0x3f, 0x2b, 0x6d, 0x13, 0xc5, 0x9c, 0x02, 0xe1, 0x0f, 0x1f, 0x8a,
+0xbb, 0x5d, 0xa0, 0xd0, 0x57, 0x09, 0x32, 0xda, 0xcf, 0x2d, 0x09, 0x01, 0xdb, 0x72, 0x9d, 0x0f,
+0xef, 0xcc, 0x05, 0x4e, 0x70, 0x96, 0x8e, 0xa5, 0x40, 0xc8, 0x1b, 0x04, 0xbc, 0xae, 0xfe, 0x72,
+0x0e
+};
+
+/**********************************************************************************************/
+
+/* RSA modulus n: */
+const uint8_t modulus2[] = {
+0x01, 0x94, 0x7c, 0x7f, 0xce, 0x90, 0x42, 0x5f, 0x47, 0x27, 0x9e, 0x70, 0x85, 0x1f, 0x25, 0xd5,
+0xe6, 0x23, 0x16, 0xfe, 0x8a, 0x1d, 0xf1, 0x93, 0x71, 0xe3, 0xe6, 0x28, 0xe2, 0x60, 0x54, 0x3e,
+0x49, 0x01, 0xef, 0x60, 0x81, 0xf6, 0x8c, 0x0b, 0x81, 0x41, 0x19, 0x0d, 0x2a, 0xe8, 0xda, 0xba,
+0x7d, 0x12, 0x50, 0xec, 0x6d, 0xb6, 0x36, 0xe9, 0x44, 0xec, 0x37, 0x22, 0x87, 0x7c, 0x7c, 0x1d,
+0x0a, 0x67, 0xf1, 0x4b, 0x16, 0x94, 0xc5, 0xf0, 0x37, 0x94, 0x51, 0xa4, 0x3e, 0x49, 0xa3, 0x2d,
+0xde, 0x83, 0x67, 0x0b, 0x73, 0xda, 0x91, 0xa1, 0xc9, 0x9b, 0xc2, 0x3b, 0x43, 0x6a, 0x60, 0x05,
+0x5c, 0x61, 0x0f, 0x0b, 0xaf, 0x99, 0xc1, 0xa0, 0x79, 0x56, 0x5b, 0x95, 0xa3, 0xf1, 0x52, 0x66,
+0x32, 0xd1, 0xd4, 0xda, 0x60, 0xf2, 0x0e, 0xda, 0x25, 0xe6, 0x53, 0xc4, 0xf0, 0x02, 0x76, 0x6f,
+0x45
+};
+
+/* RSA public exponent e: */
+const uint8_t public_exponent2[] = {
+0x01, 0x00, 0x01
+};
+
+/* RSA private exponent d: */
+const uint8_t private_exponent2[] = {
+0x08, 0x23, 0xf2, 0x0f, 0xad, 0xb5, 0xda, 0x89, 0x08, 0x8a, 0x9d, 0x00, 0x89, 0x3e, 0x21, 0xfa,
+0x4a, 0x1b, 0x11, 0xfb, 0xc9, 0x3c, 0x64, 0xa3, 0xbe, 0x0b, 0xaa, 0xea, 0x97, 0xfb, 0x3b, 0x93,
+0xc3, 0xff, 0x71, 0x37, 0x04, 0xc1, 0x9c, 0x96, 0x3c, 0x1d, 0x10, 0x7a, 0xae, 0x99, 0x05, 0x47,
+0x39, 0xf7, 0x9e, 0x02, 0xe1, 0x86, 0xde, 0x86, 0xf8, 0x7a, 0x6d, 0xde, 0xfe, 0xa6, 0xd8, 0xcc,
+0xd1, 0xd3, 0xc8, 0x1a, 0x47, 0xbf, 0xa7, 0x25, 0x5b, 0xe2, 0x06, 0x01, 0xa4, 0xa4, 0xb2, 0xf0,
+0x8a, 0x16, 0x7b, 0x5e, 0x27, 0x9d, 0x71, 0x5b, 0x1b, 0x45, 0x5b, 0xdd, 0x7e, 0xab, 0x24, 0x59,
+0x41, 0xd9, 0x76, 0x8b, 0x9a, 0xce, 0xfb, 0x3c, 0xcd, 0xa5, 0x95, 0x2d, 0xa3, 0xce, 0xe7, 0x25,
+0x25, 0xb4, 0x50, 0x16, 0x63, 0xa8, 0xee, 0x15, 0xc9, 0xe9, 0x92, 0xd9, 0x24, 0x62, 0xfe, 0x39
+};
+
+/* Prime p: */
+const uint8_t p2[] = {
+0x01, 0x59, 0xdb, 0xde, 0x04, 0xa3, 0x3e, 0xf0, 0x6f, 0xb6, 0x08, 0xb8, 0x0b, 0x19, 0x0f, 0x4d,
+0x3e, 0x22, 0xbc, 0xc1, 0x3a, 0xc8, 0xe4, 0xa0, 0x81, 0x03, 0x3a, 0xbf, 0xa4, 0x16, 0xed, 0xb0,
+0xb3, 0x38, 0xaa, 0x08, 0xb5, 0x73, 0x09, 0xea, 0x5a, 0x52, 0x40, 0xe7, 0xdc, 0x6e, 0x54, 0x37,
+0x8c, 0x69, 0x41, 0x4c, 0x31, 0xd9, 0x7d, 0xdb, 0x1f, 0x40, 0x6d, 0xb3, 0x76, 0x9c, 0xc4, 0x1a,
+0x43
+};
+
+/* Prime q: */
+const uint8_t q2[] = {
+0x01, 0x2b, 0x65, 0x2f, 0x30, 0x40, 0x3b, 0x38, 0xb4, 0x09, 0x95, 0xfd, 0x6f, 0xf4, 0x1a, 0x1a,
+0xcc, 0x8a, 0xda, 0x70, 0x37, 0x32, 0x36, 0xb7, 0x20, 0x2d, 0x39, 0xb2, 0xee, 0x30, 0xcf, 0xb4,
+0x6d, 0xb0, 0x95, 0x11, 0xf6, 0xf3, 0x07, 0xcc, 0x61, 0xcc, 0x21, 0x60, 0x6c, 0x18, 0xa7, 0x5b,
+0x8a, 0x62, 0xf8, 0x22, 0xdf, 0x03, 0x1b, 0xa0, 0xdf, 0x0d, 0xaf, 0xd5, 0x50, 0x6f, 0x56, 0x8b,
+0xd7
+};
+
+/* p's CRT exponent dP: */
+const uint8_t dp2[] = {
+0x43, 0x6e, 0xf5, 0x08, 0xde, 0x73, 0x65, 0x19, 0xc2, 0xda, 0x4c, 0x58, 0x0d, 0x98, 0xc8, 0x2c,
+0xb7, 0x45, 0x2a, 0x3f, 0xb5, 0xef, 0xad, 0xc3, 0xb9, 0xc7, 0x78, 0x9a, 0x1b, 0xc6, 0x58, 0x4f,
+0x79, 0x5a, 0xdd, 0xbb, 0xd3, 0x24, 0x39, 0xc7, 0x46, 0x86, 0x55, 0x2e, 0xcb, 0x6c, 0x2c, 0x30,
+0x7a, 0x4d, 0x3a, 0xf7, 0xf5, 0x39, 0xee, 0xc1, 0x57, 0x24, 0x8c, 0x7b, 0x31, 0xf1, 0xa2, 0x55
+};
+
+/* q's CRT exponent dQ: */
+const uint8_t dq2[] = {
+0x01, 0x2b, 0x15, 0xa8, 0x9f, 0x3d, 0xfb, 0x2b, 0x39, 0x07, 0x3e, 0x73, 0xf0, 0x2b, 0xdd, 0x0c,
+0x1a, 0x7b, 0x37, 0x9d, 0xd4, 0x35, 0xf0, 0x5c, 0xdd, 0xe2, 0xef, 0xf9, 0xe4, 0x62, 0x94, 0x8b,
+0x7c, 0xec, 0x62, 0xee, 0x90, 0x50, 0xd5, 0xe0, 0x81, 0x6e, 0x07, 0x85, 0xa8, 0x56, 0xb4, 0x91,
+0x08, 0xdc, 0xb7, 0x5f, 0x36, 0x83, 0x87, 0x4d, 0x1c, 0xa6, 0x32, 0x9a, 0x19, 0x01, 0x30, 0x66,
+0xff
+};
+
+/* CRT coefficient qInv: */
+const uint8_t qinv2[] = {
+0x02, 0x70, 0xdb, 0x17, 0xd5, 0x91, 0x4b, 0x01, 0x8d, 0x76, 0x11, 0x8b, 0x24, 0x38, 0x9a, 0x73,
+0x50, 0xec, 0x83, 0x6b, 0x00, 0x63, 0xa2, 0x17, 0x21, 0x23, 0x6f, 0xd8, 0xed, 0xb6, 0xd8, 0x9b,
+0x51, 0xe7, 0xee, 0xb8, 0x7b, 0x61, 0x1b, 0x71, 0x32, 0xcb, 0x7e, 0xa7, 0x35, 0x6c, 0x23, 0x15,
+0x1c, 0x1e, 0x77, 0x51, 0x50, 0x7c, 0x78, 0x6d, 0x9e, 0xe1, 0x79, 0x41, 0x70, 0xa8, 0xc8, 0xe8
+};
+
+/**********************************************************************************************/
+
+
+uint8_t keys_allocated = 0;
rsa_publickey_t pub_key;
rsa_privatekey_t priv_key;
+#if 0
+ #define MSG message
+ #define SEED seed
+ #define ENCRYPTED encrypted
+ #define MODULUS modulus
+ #define PUB_EXPONENT public_exponent
+ #define PRIV_EXPONENT private_exponent
+ #define P p
+ #define Q q
+ #define DP dp
+ #define DQ dq
+ #define QINV qinv
+#else
+ #define MSG message3
+ #define SEED seed3
+ #define ENCRYPTED encrypted3
+ #define MODULUS modulus2
+ #define PUB_EXPONENT public_exponent2
+ #define PRIV_EXPONENT private_exponent2
+ #define P p2
+ #define Q q2
+ #define DP dp2
+ #define DQ dq2
+ #define QINV qinv2
+#endif
+
+
+uint8_t convert_nibble(uint8_t c){
+ if(c>='0' && c<='9'){
+ return c - '0';
+ }
+ c |= 'A' ^ 'a';
+ if(c>='a' && c<='f'){
+ return c - 'a' + 10;
+ }
+ return 0xff;
+}
+
+const char *block_ignore_string=" \t\r\n,;";
+
+uint16_t read_os(void* dst, uint16_t length, const char* ignore_string){
+ uint16_t counter = 0;
+ uint16_t c;
+ uint8_t v, tmp = 0, idx = 0;
+ if(!ignore_string){
+ ignore_string = block_ignore_string;
+ }
+ while(counter < length){
+ c = cli_getc();
+ if(c > 0xff){
+ return counter;
+ }
+ if(strchr(ignore_string, c)){
+ continue;
+ }
+ v = convert_nibble(c);
+ if(v > 0x0f){
+ return counter;
+ }
+ if(idx){
+ ((uint8_t*)dst)[counter++] = (tmp << 4) | v;
+ idx = 0;
+ }else{
+ tmp = v;
+ idx = 1;
+ }
+ }
+ return counter;
+}
+
+uint16_t own_atou(const char* str){
+ uint16_t r=0;
+ while(*str && *str >= '0' && *str <= '9'){
+ r *= 10;
+ r += *str++ - '0';
+ }
+ return r;
+}
+
+uint8_t read_bigint(bigint_t* a, char* prompt){
+ uint16_t read_length, actual_length;
+ uint8_t off;
+ uint8_t *buffer;
+ char read_int_str[18];
+ cli_putstr(prompt);
+ cli_putstr("\r\n length: ");
+ cli_getsn(read_int_str, 16);
+ read_length = own_atou(read_int_str);
+ off = (sizeof(bigint_word_t) - (read_length % sizeof(bigint_word_t))) % sizeof(bigint_word_t);
+ buffer = malloc(((read_length + sizeof(bigint_word_t) - 1) / sizeof(bigint_word_t)) * sizeof(bigint_word_t));
+ if(!buffer){
+ cli_putstr("\r\nERROR: OOM!");
+ return 2;
+ }
+ cli_putstr("\r\n data: ");
+ memset(buffer, 0, sizeof(bigint_word_t));
+ actual_length = read_os(buffer + off, read_length, NULL);
+ if(actual_length != read_length){
+ cli_putstr("\r\nERROR: unexpected end of data!");
+ free(buffer);
+ return 1;
+ }
+ a->wordv = (bigint_word_t*)buffer;
+ a->length_B = (read_length + sizeof(bigint_word_t) - 1) / sizeof(bigint_word_t);
+ bigint_changeendianess(a);
+ bigint_adjust(a);
+ return 0;
+}
+
+uint8_t pre_alloc_key_crt(void){
+ uint8_t c;
+ pub_key.modulus = malloc(sizeof(bigint_t));
+ if(!pub_key.modulus){
+ cli_putstr("\r\nERROR: OOM!");
+ return 2;
+ }
+ priv_key.modulus = pub_key.modulus;
+ priv_key.n = 5;
+ priv_key.components = malloc(5 * sizeof(bigint_t*));
+ if(!priv_key.components){
+ cli_putstr("\r\nERROR: OOM!");
+ return 2;
+ }
+ pub_key.exponent = malloc(sizeof(bigint_t));
+ if(!pub_key.exponent){
+ cli_putstr("\r\nERROR: OOM!");
+ return 2;
+ }
+ for(c=0; c<5; ++c){
+ priv_key.components[c] = malloc(sizeof(bigint_t));
+ if(!priv_key.components[c]){
+ cli_putstr("\r\nERROR: OOM!");
+ return 2;
+ }
+ }
+ return 0;
+}
+
+void free_key(void){
+ uint8_t c;
+ free(pub_key.modulus->wordv);
+ free(pub_key.exponent->wordv);
+ free(pub_key.modulus);
+ pub_key.modulus = priv_key.modulus = NULL;
+ free(pub_key.exponent);
+ pub_key.exponent = NULL;
+ for(c = 0; c < priv_key.n; ++c){
+ free(priv_key.components[c]->wordv);
+ free(priv_key.components[c]);
+ }
+ free(priv_key.components);
+ priv_key.components = NULL;
+}
+
+uint8_t read_key_crt(void){
+ uint8_t r;
+ cli_putstr("\r\n== reading key (crt) ==");
+ r = pre_alloc_key_crt();
+ if(r) return r;
+ r = read_bigint(pub_key.modulus,"\r\n = module =");
+ if(r) return r;
+ r = read_bigint(pub_key.exponent,"\r\n = public exponent =");
+ if(r) return r;
+ r = read_bigint(priv_key.components[0],"\r\n = p (first prime) =");
+ if(r) return r;
+ r = read_bigint(priv_key.components[1],"\r\n = q (second prime) =");
+ if(r) return r;
+ r = read_bigint(priv_key.components[2],"\r\n = dp (p's exponent) =");
+ if(r) return r;
+ r = read_bigint(priv_key.components[3],"\r\n = dq (q's exponent) =");
+ if(r) return r;
+ r = read_bigint(priv_key.components[4],"\r\n = qInv (q' coefficient) =");
+ return r;
+}
+
+uint8_t read_key_conv(void){
+ uint8_t r;
+ cli_putstr("\r\n== reading key (crt) ==");
+ pub_key.modulus = malloc(sizeof(bigint_t));
+ if(!pub_key.modulus){
+ cli_putstr("\r\nERROR: OOM!");
+ return 2;
+ }
+ r = read_bigint(pub_key.modulus,"\r\n = module =");
+ if(r) return r;
+ priv_key.modulus = pub_key.modulus;
+ priv_key.n = 1;
+ pub_key.exponent = malloc(sizeof(bigint_t));
+ if(!pub_key.exponent){
+ cli_putstr("\r\nERROR: OOM!");
+ return 2;
+ }
+ priv_key.components = malloc(sizeof(bigint_t*));
+ if(!priv_key.components){
+ cli_putstr("\r\nERROR: OOM!");
+ return 2;
+ }
+ priv_key.components[0] = malloc(sizeof(bigint_t));
+ if(!priv_key.components[0]){
+ cli_putstr("\r\nERROR: OOM!");
+ return 2;
+ }
+ r = read_bigint(pub_key.exponent,"\r\n = public exponent =");
+ if(r) return r;
+ r = read_bigint(priv_key.components[0],"\r\n = private exponent =");
+ return r;
+}
+
void load_priv_conventional(void){
bigint_t *epriv;
epriv = malloc(sizeof(bigint_t));
}
}
-
-void load_fix_rsa(void){
- bigint_t *m, *epub;
- m = malloc(sizeof(bigint_t));
- epub = malloc(sizeof(bigint_t));
- if(!m || !epub){
+uint8_t load_bigint_from_os(bigint_t* a, const void* os, uint16_t length_B){
+ a->length_B = BIGINT_CEIL(length_B) / sizeof(bigint_word_t);
+ a->wordv = malloc(BIGINT_CEIL(length_B));
+ if(!a->wordv){
cli_putstr("\r\nOOM!\r\n");
- return;
+ return 1;
}
+ memset(a->wordv, 0, sizeof(bigint_word_t));
+ memcpy((uint8_t*)a->wordv + BIGINT_OFF(length_B), os, length_B);
+ a->info = 0;
+ bigint_changeendianess(a);
+ bigint_adjust(a);
+ return 0;
+}
- m->length_B = (sizeof(modulus) + sizeof(bigint_word_t) - 1) / sizeof(bigint_word_t);
- epub->length_B = (sizeof(public_exponent) + sizeof(bigint_word_t) - 1) / sizeof(bigint_word_t);
-
- m->wordv = malloc(m->length_B * sizeof(bigint_word_t));
- epub->wordv = malloc(epub->length_B * sizeof(bigint_word_t));
+void load_fix_rsa(void){
+ if(keys_allocated){
+ free_key();
+ }
+ keys_allocated = 1;
- if(!m->wordv || !epub->wordv){
+ if(pre_alloc_key_crt()){
cli_putstr("\r\nOOM!\r\n");
return;
}
- memcpy(m->wordv, modulus, sizeof(modulus));
- memcpy(epub->wordv, public_exponent, sizeof(public_exponent));
-
- pub_key.modulus = priv_key.modulus = m;
- pub_key.exponent = epub;
-
- bigint_changeendianess(m);
- bigint_adjust(m);
- bigint_changeendianess(epub);
- bigint_adjust(epub);
+ load_bigint_from_os(pub_key.modulus, MODULUS, sizeof(MODULUS));
+ load_bigint_from_os(pub_key.exponent, PUB_EXPONENT, sizeof(PUB_EXPONENT));
+ priv_key.n = 5;
+ load_bigint_from_os(priv_key.components[0], P, sizeof(P));
+ load_bigint_from_os(priv_key.components[1], Q, sizeof(Q));
+ load_bigint_from_os(priv_key.components[2], DP, sizeof(DP));
+ load_bigint_from_os(priv_key.components[3], DQ, sizeof(DQ));
+ load_bigint_from_os(priv_key.components[4], QINV, sizeof(QINV));
// load_priv_conventional();
- load_priv_crt_mono();
+// load_priv_crt_mono();
}
-
-#define MSG message2
-#define SEED seed2
-#define ENCRYPTED encrypted2
-
void quick_test(void){
uint8_t *ciphertext, *plaintext, rc;
uint16_t clen, plen;
free(plaintext);
}
+void run_seed_test(void){
+ uint8_t *msg, *ciph, *msg_;
+ uint16_t msg_len, ciph_len, msg_len_;
+ uint8_t seed[20], seed_out[20];
+ char read_int_str[18];
+ cli_putstr("\r\n== test with given seed ==");
+ cli_putstr("\r\n = message =");
+ cli_putstr("\r\n length: ");
+ cli_getsn(read_int_str, 16);
+ msg_len = own_atou(read_int_str);
+ msg = malloc(msg_len);
+ if(!msg){
+ cli_putstr("\r\nERROR: OOM!");
+ return;
+ }
+ ciph = malloc(bigint_length_B(pub_key.modulus));
+ if(!ciph){
+ cli_putstr("\r\nERROR: OOM!");
+ return;
+ }
+ msg_ = malloc(bigint_length_B(pub_key.modulus));
+ if(!msg_){
+ cli_putstr("\r\nERROR: OOM!");
+ return;
+ }
+ cli_putstr("\r\n data: ");
+ read_os(msg, msg_len, NULL);
+ cli_putstr("\r\n seed (20 bytes): ");
+ read_os(seed, 20, NULL);
+
+ cli_putstr("\r\n encrypting ...");
+ rsa_encrypt_oaep(ciph, &ciph_len, msg, msg_len, &pub_key, NULL, NULL, seed);
+ cli_putstr("\r\n ciphertext:");
+ cli_hexdump_block(ciph, ciph_len, 4, 16);
+ cli_putstr("\r\n decrypting ...");
+ uart_flush(0);
+ rsa_decrypt_oaep(msg_, &msg_len_, ciph, ciph_len, &priv_key, NULL, NULL, seed_out);
+ if(msg_len != msg_len_){
+ cli_putstr("\r\nERROR: wrong decryted message length");
+ return;
+ }
+ if(memcmp(msg, msg_, msg_len)){
+ cli_putstr("\r\nERROR: wrong decryted message");
+ return;
+ }
+
+ if(memcmp(seed, seed_out, 20)){
+ cli_putstr("\r\nERROR: wrong decryted seed");
+ return;
+ }
+ cli_putstr("\r\n >>OK<<");
+}
+
void reset_prng(void){
uint8_t buf[16];
memset(buf, 0, 16);
}
void rsa_init(void){
- load_fix_rsa();
prng_get_byte = random8;
}
+void load_key(void){
+ if(keys_allocated){
+ free_key();
+ }
+ keys_allocated = 1;
+ read_key_crt();
+}
+
/*****************************************************************************
* main *
*****************************************************************************/
const char echo_test_str[] = "echo-test";
const char reset_prng_str[] = "reset-prng";
+const char load_key_str[] = "load-key";
+const char load_fix_key_str[] = "load-fix-key";
const char quick_test_str[] = "quick-test";
+const char seed_test_str[] = "seed-test";
const char performance_str[] = "performance";
const char echo_str[] = "echo";
cmdlist_entry_t cmdlist[] = {
{ reset_prng_str, NULL, reset_prng },
+ { load_key_str, NULL, load_key },
+ { load_fix_key_str, NULL, load_fix_rsa },
{ quick_test_str, NULL, quick_test },
+ { seed_test_str, NULL, run_seed_test },
// { performance_str, NULL, testrun_performance_bigint },
{ echo_str, (void*)1, (void_fpt)echo_ctrl },
{ NULL, NULL, NULL }
projects / arm-crypto-lib.git / commitdiff