tree checksum vpatch file split hunks
all signers: diana_coman
antecedents: eucrypt_ch11_serpent eucrypt_ch5_rsa_keys eucrypt_ch6_keccak_permutations eucrypt_oaep_fix_checks eucrypt_genesis ch2_truerandom ch1_mpi eucrypt_ch8_bit_keccak
press order:
patch:
(1 . 5)(1 . 11)-
5 This is the EuCrypt library that Eulora server (S.MG) uses for its communication needs.
6
7 To compile the whole EuCrypt library, simply run in the eucrypt folder (the -O3 switch is needed for specifying optimisation level for Serpent - if you don't care about that, you can skip this switch):
8 gprbuild -O3
9
10 To cleanup (recursively), simply run in the eucrypt folder:
11 gprclean -r
12
13 To understand EuCrypt, start from http://www.dianacoman.com/2017/12/07/introducing-eucrypt/
14
15 Components:
(23 . 6)(29 . 3)
17 RSA implementation using TMSR specification.
18 Implemented in C.
19
20 6. smg_comm
21 Communications for Eulora (server <-> client). Relies on all the other components.
22
(0 . 0)(1 . 16)
27 -- S.MG, 2018
28
29 aggregate library project EuCrypt is
30 for Project_Files use (
31 "mpi/mpi.gpr",
32 "smg_bit_keccak/smg_bit_keccak.gpr",
33 "smg_keccak/smg_keccak.gpr",
34 "smg_rsa/smg_rsa.gpr",
35 "smg_serpent/smg_serpent.gpr");
36
37 for Library_Name use "EuCrypt";
38 for Library_Kind use "static";
39
40 for Library_Dir use "lib";
41 end EuCrypt;
42
-(0 . 0)(1 . 1)
47 S.MG, 2018
- 602E3B72A508C925A7C892DB33A87A5183755D4E1413C8237DC368F49CF21E92728F65EC419B50245693588FD73F72E8F74632ADA327390533B6C02523172402(1 . 26)(0 . 0)
52 PROGRAM = mpi.a
53
54 BUILD=obj
55 DIST=bin
56
57 CXX = gcc
58 OBJECTS = $(addprefix $(BUILD)/, $(patsubst %.c,%.o,$(wildcard *.c)))
59 FLAGS = -g -Wall
60 INCLUDE = -I include
61
62 .SUFFIXES: .o .c
63
64 $(BUILD)/%.o:
65 $(CXX) $(FLAGS) $(INCLUDE) -c $*.c -o $@
66
67 all: $(PROGRAM)
68
69 $(PROGRAM): $(OBJECTS)
70 ar rcs $(DIST)/$(PROGRAM) $(OBJECTS)
71 #ld -o $(DIST)/$(PROGRAM).o $(OBJECTS) -lc
72
73 clean :
74 rm -rf nul core *flymake* $(BUILD)/*.o $(DIST)/$(PROGRAM) *~ bin/*
75
76 check-syntax:
77 $(CXX) -c $(FLAGS) $(INCLUDE) -o nul -Wall -S $(CHK_SOURCES)
- 9E9083C3AFA2A9B5528ACE65CFD5AB71DCF1B6FF27C4A6CB72FD3ECEBD1AE1F88133EA40AB6BEF2438375E8B93452AFD01E831BB628D7576CA21854650D1E5EF(8 . 11)(8 . 12)
82 SHA512(gnupg-1.4.10.tar.gz) :
83 d037041d2e6882fd3b999500b5a7b42be2c224836afc358e1f8a2465c1b74473d518f185b7c324b2c8dec4ffb70e9e34a03c94d1a54cc55d297f40c9745f6e1b
84
85 DEMO:
86 Recommended compilation:
87 1) gprbuild mpi.gpr
88
89 1) make
90 Tests:
91 2) cd tests
92 3) make
93 3) gprbuild
94 4) ./test_mpi
95 5) output is:
96 37A063D056817668C7AA3418F29
- 15F92B08B27C8218FF3311087EFB3CFDE38A237F153B1708F4011FA1E14C0A21543720156B24E037BDE2E43B02E8F3962A17689B6CA9E7ADA38F84B40584EB59(1 . 1)(1 . 1)
101 bin folder for mpi lib
102 S.MG, 2018
-(0 . 0)(1 . 13)
107 -- S.MG, 2018
108
109 project MPI is
110 for Languages use ("C");
111 for Library_Name use "MPI";
112 for Library_Kind use "static";
113
114 for Source_Dirs use (".", "include");
115 for Object_Dir use "obj";
116 for Library_Dir use "bin";
117
118 end MPI;
119
- A2DFDE45E25A7451BA7B26D345C4A422883A52D65B3F54D5890CD3E5B5D57E50C74F87AE20831D160F9E061500ACD8775F61C5984E8D9370C308C7A3C34C2145(1 . 1)(1 . 1)
124 obj
- E613A174AF5F4DB157C16D4E5780B5EE563D8DDA28821AF7459162A1C01F0A6F12D18C23DA54BF6F2A3A6287B174E6C28CC321AA5E167087617CB5FBD8462E8C(1 . 24)(0 . 0)
131 PROGRAM = test_mpi
132
133 CXX = gcc
134 OBJECTS := $(patsubst %.c,%.o,$(wildcard *.c))
135 FLAGS = -g -Wall
136 INCLUDE = -I ../include
137 MPI = ../bin/mpi.a
138 LIBS := $(MPI)
139
140 .SUFFIXES: .o .c
141
142 .c.o:
143 $(CXX) $(FLAGS) $(INCLUDE) -c $< -o $@
144
145 all: $(PROGRAM)
146
147 $(PROGRAM): $(OBJECTS)
148 $(CXX) $(FLAGS) $(INCLUDE) -o $(PROGRAM) $(OBJECTS) $(LIBS)
149
150 clean :
151 rm -rf nul core *flymake* *.o $(PROGRAM) *~ bin obj
152
153 check-syntax:
154 $(CXX) -c $(FLAGS) $(INCLUDE) -o nul -Wall -S $(CHK_SOURCES)
-(0 . 0)(1 . 8)
159 S.MG, 2018
160
161 Building:
162 gprbuild
163
164 Cleaning:
165 gprclean
166
-(0 . 0)(1 . 1)
171 S.MG, 2018
-(0 . 0)(1 . 14)
176 -- S.MG, 2018
177
178 with "../mpi.gpr";
179
180 project test_MPI is
181 for Languages use ("C");
182
183 for Source_Dirs use (".");
184 for Object_Dir use "obj";
185 for Exec_Dir use ".";
186
187 for Main use ("test_mpi.c");
188 end test_MPI;
189
- 112B5599EE6C96F9A6C2CBC3D4D84C3AFF5470794B0560D2C59820CB83B5D20F33F030A4B328FD7C5DBCEAB7ADEBDFC08C66FFDF722E097040DEB2AC3BD95618(1 . 9)(1 . 10)
194 -- Tests for SMG_Bit_Keccak (part of EuCrypt)
195 -- S.MG, 2018
196
197 with "../smg_bit_keccak.gpr";
198
199 project SMG_Bit_Keccak_Test is
200 for Source_Dirs use (".", "../");
201 for Source_Dirs use (".");
202 for Object_Dir use "obj";
203 for Exec_Dir use ".";
204
- FE2917EF90A8E9DEB4D9F7450CBBC20FDF3CA9F76630B6956137B4648916E143C89F857E0BF0FDE968FD241F3049050EF7F146254A9E8DAEAD54FC0B720C7620(1 . 2)(0 . 0)
209 S.MG, 2017
210
- 6F76C1A956F79131D310EC0AC023F10FEBD27376C54D01332EE47B623904816F6469E483B575B86A8F0B568EE224E9812A8FF3D665D891512D2C8BFA3124BAC4(2 . 6)(2 . 37)- 64E606C3F54EE3585735C6B2050A7C2262AF782632635616EB363A9DD6A48E4C43AFEAD5370DA655644B4194E2F974D936AF97F4425C568EC382E23D747D40F3
215
216 package body SMG_OAEP is
217
218 -- This copies first Len characters from A to the first Len positions in S
219 -- NB: this does NOT allocate /check memory!
220 -- Caller has to ensure that:
221 -- S has space for at least Len characters
222 -- A has at least Len characters
223 procedure Char_Array_To_String( A : in Interfaces.C.char_array;
224 Len : in Natural;
225 S : out String) is
226 begin
227 for Index in 0 .. Len - 1 loop
228 S( S'First + Index ) := Character( A( Interfaces.C.size_t( Index )));
229 end loop;
230 end Char_Array_To_String;
231
232 -- This copies first Len characters from S to the first Len positions in A
233 -- NB: there are NO checks or memory allocations here!
234 -- Caller has to make sure that:
235 -- S'Length >= Len
236 -- A has allocated space for at least Len characters
237 procedure String_To_Char_Array( S : in String;
238 Len : in Natural;
239 A : out Interfaces.C.char_array) is
240 C : Character;
241 begin
242 for Index in 0 .. Len - 1 loop
243 C := S( S'First + Index );
244 A( Interfaces.C.size_t( Index )) := Interfaces.C.Char( C );
245 end loop;
246 end String_To_Char_Array;
247
248
249 procedure HashKeccak( Input : in String;
250 Output : out String;
251 Block_Len : in Keccak_Rate := Default_Bitrate) is
(13 . 23)(44 . 21)
253 ToString( BOut, Output );
254 end HashKeccak;
255
256 function Hash( Input : Interfaces.C.Char_Array;
257 LenIn : Interfaces.C.size_t;
258 LenOut : Interfaces.C.size_t;
259 Block_Len : Interfaces.C.int := Default_Bitrate)
260 return Interfaces.C.Char_Array is
261 AdaLenIn : Natural := Natural(LenIn);
262 AdaLenOut : Natural := Natural(LenOut);
263 InStr : String( 0 .. AdaLenIn-1 ) := (others => '0');
264 OutStr : String( 0 .. AdaLenOut-1 ) := (others => '0');
265 COut : Interfaces.C.Char_Array( 0 .. LenOut-1 );
266 Count : Natural := AdaLenOut;
267 CCount : Interfaces.C.size_t := LenOut;
268 begin
269 Interfaces.C.To_Ada( Input, InStr, AdaLenIn );
270 HashKeccak( InStr, OutStr, Keccak_Rate(Block_Len) );
271 Interfaces.C.To_C( OutStr, COut, CCount );
272 return COut;
273 procedure Hash( Input : in Interfaces.C.Char_Array;
274 LenIn : in Interfaces.C.size_t;
275 LenOut : in Interfaces.C.size_t;
276 Output : out Interfaces.C.Char_Array) is
277 AdaLenIn : Natural := Natural( LenIn );
278 AdaLenOut : Natural := Natural( LenOut );
279 InStr : String( 1 .. AdaLenIn ) := (others => '0');
280 OutStr : String( 1 .. AdaLenOut ) := (others => '0');
281 Block_Len : Keccak_Rate := Default_Bitrate;
282 begin
283 -- Interfaces.C.To_Ada( Input, InStr, AdaLenIn );
284 Char_Array_To_String( Input, AdaLenIn, InStr );
285 HashKeccak( InStr, OutStr, Block_Len );
286 String_To_Char_Array( OutStr, AdaLenOut, Output );
287 -- Interfaces.C.To_C( OutStr, COut, CCount );
288 end Hash;
289
290 -- conversion between types
(146 . 6)(175 . 78)
292
293 end OAEP_Encrypt;
294
295 procedure OAEP_Encrypt_C( Msg : in Interfaces.C.char_array;
296 MsgLen : in Interfaces.C.size_t;
297 Entropy : in Interfaces.C.char_array;
298 EntLen : in Interfaces.C.size_t;
299 Encr : out Interfaces.C.char_array;
300 EncrLen : in Interfaces.C.size_t;
301 Success : out Interfaces.C.Int) is
302 AdaMsgLen : Natural := Natural( MsgLen );
303 AdaEntLen : Natural := Natural( EntLen );
304 AdaEncrLen : Natural := Natural( EncrLen );
305 AdaMsg : String( 1 .. AdaMsgLen );
306 AdaEntBlock: OAEP_Block;
307 AdaResult : OAEP_Block := ( others => '0' );
308 begin
309 Success := 0;
310 -- check there is enough entropy and enoug output space, fail otherwise
311 if AdaEntLen /= AdaEntBlock'Length or AdaEncrLen < AdaResult'Length then
312 return;
313 end if;
314 -- translate to Ada
315 --Interfaces.C.To_Ada( Msg, AdaMsg, AdaMsgLen );
316 Char_Array_To_String( Msg, AdaMsgLen, AdaMsg );
317 --Interfaces.C.To_Ada( Entropy, AdaEntropy, AdaEntLen );
318 Char_Array_To_String( Entropy, AdaEntLen, AdaEntBlock );
319
320 -- call the actual oaep encrypt
321 OAEP_Encrypt( AdaMsg, AdaEntBlock, AdaResult );
322
323 -- translate back to C, set success flag and return
324 --Interfaces.C.To_C( AdaResult, CEncr, CEncrLen, False );
325 -- EncrLen has already been tested to be at least AdaResult'Length
326 String_To_Char_Array( AdaResult, AdaEncrLen, Encr );
327 Success := 1;
328
329 end OAEP_Encrypt_C;
330
331 procedure oaep_decrypt_c( Encr : in Interfaces.C.Char_Array;
332 EncrLen : in Interfaces.C.Int;
333 Decr : out Interfaces.C.Char_Array;
334 DecrLen : in out Interfaces.C.Int;
335 Success : out Interfaces.C.Int) is
336 AdaDecr : OAEP_HALF := ( others => '0' );
337 AdaEncr : OAEP_Block:= ( others => '0' );
338 AdaEncrLen : Natural := Natural( EncrLen );
339 AdaDecrLen : Natural := 0;
340 AdaFlag : Boolean;
341 begin
342 -- check and set success flag/exit if needed
343 Success := 0;
344 if EncrLen /= OAEP_Block'Length then
345 return;
346 end if;
347
348 -- translate to Ada: copy octet by octet as C.To_Ada is problematic
349 -- Interfaces.C.To_Ada( Encr, AdaEncr, AdaEncrLen, False );
350 Char_Array_To_String( Encr, AdaEncrLen, AdaEncr );
351
352 -- actual decrypt
353 OAEP_Decrypt( AdaEncr, AdaDecrLen, AdaDecr, AdaFlag );
354
355 -- translate back to C
356 AdaDecrLen := AdaDecrLen / 8; -- from bits to octets
357 if AdaFlag and
358 Natural( DecrLen ) >= AdaDecrLen and
359 AdaDecr'Length >= AdaDecrLen then
360 Success := 1;
361 DecrLen := Interfaces.C.Int( AdaDecrLen );
362 -- Interfaces.C.To_C( AdaDecr, Decr, AdaDecrLen );
363 String_To_Char_Array( AdaDecr, AdaDecrLen, Decr );
364 end if;
365 end oaep_decrypt_c;
366
367 procedure OAEP_Decrypt( Encr : in OAEP_Block;
368 Len : out Natural;
369 Output : out OAEP_HALF;
(14 . 12)(14 . 33)- E6F6EDB899B7070B7BD14EF2E76DAAB49AC6E098AAD88D9FAE8ADB63C4153361F3CDA7E98261A87B0CC12E5DCC6C44EEA5B6226A917F724526D5696102397A4B
374 OAEP_LENGTH_OCTETS : constant := 512;
375 OAEP_HALF_OCTETS : constant := OAEP_LENGTH_OCTETS / 2;
376 TMSR : constant String := "TMSR-RSA";
377 MAX_LEN_MSG : constant := OAEP_HALF_OCTETS - TMSR'Length - 3;
378 MAX_LEN_MSG : constant Natural := OAEP_HALF_OCTETS - TMSR'Length - 3;
379 pragma Export( C, MAX_LEN_MSG, "max_len_msg"); -- to be accessed from rsa.c
380
381 -- subtypes used by the OAEP encrypt/decrypt
382 subtype OAEP_Block is String( 1 .. OAEP_LENGTH_OCTETS );
383 subtype OAEP_HALF is String( 1 .. OAEP_HALF_OCTETS );
384
385 -- copy from Ada String to C char array and back, octet by octet
386
387 -- This copies first Len characters from A to the first Len positions in S
388 -- NB: this does NOT allocate /check memory!
389 -- Caller has to ensure that:
390 -- S has space for at least Len characters
391 -- A has at least Len characters
392 procedure Char_Array_To_String( A : in Interfaces.C.char_array;
393 Len : in Natural;
394 S : out String);
395
396 -- This copies first Len characters from S to the first Len positions in A
397 -- NB: there are NO checks or memory allocations here!
398 -- Caller has to make sure that:
399 -- S'Length >= Len
400 -- A has allocated space for at least Len characters
401 procedure String_To_Char_Array( S : in String;
402 Len : in Natural;
403 A : out Interfaces.C.char_array);
404
405 -- padding & formatting of maximum 1960 bits of the given String
406 -- uses TMSR's OAEP schema:
407 -- 1.format M00 as: [random octet][sz1][sz2]"TMSR-RSA"[random]*Message
(32 . 9)(53 . 25)
409 -- NB: the Entropy parameter should be random octets from which this method
410 -- will use as many as required for the OAEP encryption of given Msg
411 -- NB: at MOST MAX_LEN_MSG octets of Msg! (Msg at most 1960 bits)
412 procedure OAEP_Encrypt( Msg : in String;
413 Entropy : in OAEP_Block;
414 Output : out OAEP_Block);
415 procedure OAEP_Encrypt( Msg : in String;
416 Entropy : in OAEP_Block;
417 Output : out OAEP_Block);
418
419
420 -- wrapper of oaep_encrypt for direct use from C
421 -- NB: caller HAS TO provide the length of the Message (parameter LenMsg)
422 -- NB: caller HAS TO provide the length of the Entropy (parameter LenEnt)
423 -- NB: caller HAS TO provide the allocated space for result (LenEncr)
424 -- NB: LenEncr HAS TO be at least OAEP_LENGTH_OCTETS!
425 -- NB: LenEnt HAS TO be at least OAEP_LENGTH_OCTETS or this will FAIL!
426 procedure OAEP_Encrypt_C( Msg : in Interfaces.C.char_array;
427 MsgLen : in Interfaces.C.size_t;
428 Entropy : in Interfaces.C.char_array;
429 EntLen : in Interfaces.C.size_t;
430 Encr : out Interfaces.C.char_array;
431 EncrLen : in Interfaces.C.size_t;
432 Success : out Interfaces.C.Int);
433 pragma Export( C, OAEP_Encrypt_C, "oaep_encrypt_c" );
434
435 -- This is the opposite of OAEP_Encrypt above.
436 -- @param Encr - an OAEP block previously obtained from OAEP_Encrypt
(47 . 6)(84 . 14)
438 Output : out OAEP_HALF;
439 Success : out Boolean);
440
441 -- wrapper for use from C
442 procedure oaep_decrypt_c( Encr : in Interfaces.C.Char_Array;
443 EncrLen : in Interfaces.C.Int;
444 Decr : out Interfaces.C.Char_Array;
445 DecrLen : in out Interfaces.C.Int;
446 Success : out Interfaces.C.Int);
447 pragma Export( C, oaep_decrypt_c, "oaep_decrypt_c");
448
449 -- helper method, xor on strings
450 -- NB: only Output'Length bits will be considered from S1 and S2
451 -- NB: caller is responsible for S1 and S2 being long enough!
(73 . 20)(118 . 17)
453 Output : out String;
454 Block_Len : in Keccak_Rate := Default_Bitrate);
455
456 -- wrapper for calling from C
457 -- wrapper for calling Keccak hashing from C, with DEFAULT bitrate
458 -- @param Input the input string, as array of characters (C style)
459 -- @param LenIn the length of the input string (as number of BITS)
460 -- @param LenOut the desired number of bits to be returned as output
461 -- @param Block_Len the bitrate used by the Keccak sponge (number of BITS)
462 -- @return an array of characters with first LenOut bits set to Keccak output
463
464 -- @param LenIn the length of the input string (as number of OCTETS)
465 -- @param LenOut the desired number of OCTETS to be returned as output
466 -- @param Output array of at least LenOut characters; will contain the hash
467 -- NB: caller HAS TO provide the length of the Input (parameter LenIn)
468 -- NB: caller HAS TO provide the length of the Output (parameter LenOut)
469 function Hash( Input : Interfaces.C.Char_Array;
470 LenIn : Interfaces.C.size_t;
471 LenOut : Interfaces.C.size_t;
472 Block_Len : Interfaces.C.int := Default_Bitrate)
473 return Interfaces.C.Char_Array;
474 procedure Hash( Input : in Interfaces.C.Char_Array;
475 LenIn : in Interfaces.C.size_t;
476 LenOut : in Interfaces.C.size_t;
477 Output : out Interfaces.C.Char_Array);
478 pragma Export( C, Hash, "hash" );
479
480 end SMG_OAEP;
(1 . 9)(1 . 10)
485 -- Tests for SMG_Keccak (part of EuCrypt)
486 -- S.MG, 2018
487
488 with "../smg_keccak.gpr";
489
490 project SMG_Keccak_Test is
491 for Source_Dirs use (".", "../");
492 for Source_Dirs use (".");
493 for Object_Dir use "obj";
494 for Exec_Dir use ".";
495
- 8EBD567A5F4B3C1A8AABCCA0501ED2D4EB3C4EADB593F99CE07C8FE7C1DFB9879EC8457C7125D99CBDA9CEB9D8E3EAB7931F0A4879E33344DF6E0904E489FAEA(1 . 27)(0 . 0)
500 PROGRAM = smg_rsa.a
501
502 BUILD=obj
503 DIST=bin
504
505 CXX = gcc
506 OBJECTS = $(addprefix $(BUILD)/, $(patsubst %.c,%.o,$(wildcard *.c)))
507 MPI = ../mpi
508 FLAGS = -g -Wall
509 INCLUDE = -I include -I $(MPI)/include
510
511 .SUFFIXES: .o .c
512
513 $(BUILD)/%.o:
514 $(CXX) $(FLAGS) $(INCLUDE) -c $*.c -o $@
515
516 all: $(PROGRAM)
517
518 $(PROGRAM): $(OBJECTS)
519 ar rcs $(DIST)/$(PROGRAM) $(OBJECTS)
520 #ld -o $(DIST)/$(PROGRAM).o $(OBJECTS) -lc
521
522 clean :
523 rm -rf nul core *flymake* $(BUILD)/*.o $(DIST)/$(PROGRAM) *~ bin/*
524
525 check-syntax:
526 $(CXX) -c $(FLAGS) $(INCLUDE) -o nul -Wall -S $(CHK_SOURCES)
- ABC69ADFA42130E5269734F91C5F3F61F4C42055E27E9EA4B8B664801F2DC83B8A5ED6C6E339982805B4FFDDA8548CC61D8FD6CF3FDFEEEEC77324F6D95C54D0(3 . 3)(3 . 10)
531 This is the S.MG implementation of RSA, used by the Eulora server.
532
533 NB: this lib is part of EuCrypt and as such, it relies on other EuCrypt components (most notably: mpi).
534
535 Compilation:
536 gprbuild
537
538 Tests:
539 cd tests
540 gprbuild
- F0D2AC0848E2E2B0EF2826F5E5D747A4E9A8FC20B79C2FCCDB02B390C14F2B1B59902024F294E28710844F6B3512537C23F9B46B887015F4556C8C31262CCFF4(15 . 6)(15 . 27)- 99E516C7C6B48C92437207404D2605637575722DF4D49F11C35D9B9E90A93C26EE6EB0DD5472EEAF364ECCC49F66F48A6C966FB8DDF3CD1DAE459450D573EFA9
545 */
546 static const int KEY_LENGTH_OCTETS = 512;
547
548 /*
549 * This is the maximum length of a plain-text message (in octets) that can be
550 * oeap+rsa encrypted in a single block. Its value is defined in smg_oaep.ads
551 */
552 extern int max_len_msg;
553
554 /*
555 * ada-exported oaep encrypt
556 */
557 extern void oaep_encrypt_c( char* msg, int msglen,
558 char* entropy, int entlen,
559 char* encr, int encrlen,
560 int* success);
561
562 /*
563 * ada-exported oaep decrypt
564 */
565 extern void oaep_decrypt_c( char* encr, int encrlen,
566 char* decr, int* decrlen,
567 int* success);
568
569 typedef struct {
570 MPI n; /* modulus */
571 MPI e; /* public exponent */
(163 . 6)(184 . 34)
573 */
574 void secret_rsa( MPI output, MPI input, RSA_secret_key *sk );
575
576 /*********
577 * @param output - an MPI with KEY_LENGTH_OCTETS octets allocated space;
578 it will hold the result: (rsa(oaep(input), pk))
579 @param input - the plain-text message to be encrypted; maximum length is
580 245 octets (1960 bits)
581 @param pk - public key with which to encrypt
582 NB: this method does NOT allocate memory for output!
583 preconditions:
584 - output IS different from input!
585 - output has at least KEY_LENGTH_OCTETS octets allocated space
586 - input is AT MOST max_len_msg octets long (ct defined in smg_oaep.ads)
587 */
588 void rsa_oaep_encrypt( MPI output, MPI input, RSA_public_key *pk);
589
590 /*
591 * Opposite operation to rsa_oaep_encrypt.
592 * Attempts oaep_decrypt(rsa_decrypt(input))
593 * @param output - an MPI to hold the result; allocated >= max_len_msg octets
594 * @param input - an MPI previously obtained with rsa_oaep_encrypt
595 * @param sk - the secret key with which to decrypt
596 * @param success - this will be set to -1 if there is an error
597 *
598 * preconditions:
599 * - output IS different from input!
600 * - output has at least KEY_LENGTH_OCTETS octets allocated space
601 * - input is precisely KEY_LENGTH_OCTETS
602 */
603 void rsa_oaep_decrypt( MPI output, MPI input, RSA_secret_key *sk, int *success);
604
605 #endif /*SMG_RSA*/
606
(69 . 7)(69 . 9)-
611 /* mpi_powm can't handle output and input being same */
612 assert (output != input);
613
614 /* the actual rsa op */
615 mpi_powm( output, input, pk->e, pk->n );
616
617 }
618
619 void secret_rsa( MPI output, MPI input, RSA_secret_key *skey ) {
(136 . 3)(138 . 94)
621
622 }
623
624 void rsa_oaep_encrypt( MPI output, MPI input, RSA_public_key *pk) {
625 /* precondition: output is different from input */
626 assert( output != input );
627
628 /* precondition: output has enough memory allocated */
629 unsigned int nlimbs_n = mpi_nlimb_hint_from_nbytes( KEY_LENGTH_OCTETS);
630 assert( mpi_get_alloced( output ) >= nlimbs_n);
631
632 /* precondition: input is at most max_len_msg octets long */
633 unsigned int nlimbs_msg = mpi_nlimb_hint_from_nbytes( max_len_msg );
634 assert( mpi_get_nlimbs( input ) <= nlimbs_msg);
635
636 /* Step 1: oaep padding */
637 /* get message char array and length */
638 int msglen = 0;
639 int sign;
640 unsigned char * msg = mpi_get_buffer( input, &msglen, &sign);
641 /* allocate memory for result */
642 int encrlen = KEY_LENGTH_OCTETS;
643 unsigned char * encr = xmalloc( encrlen );
644 int entlen = KEY_LENGTH_OCTETS;
645 unsigned char * entropy = xmalloc( entlen );
646 int success = -10;
647 /* call oaep until result is strictly < N of the rsa key to use */
648 MPI oaep = mpi_alloc( nlimbs_n ); /* result of oaep encrypt/pad */
649
650 int nread;
651 do {
652 /* get random bits */
653 do {
654 nread = get_random_octets( entlen, entropy );
655 } while (nread != entlen);
656
657 oaep_encrypt_c( msg, msglen, entropy, entlen, encr, encrlen, &success);
658 if (success > 0) {
659 /* set the obtained oaep to output mpi and compare to N of the rsa key */
660 /* NB: 0-led encr WILL GET TRUNCATED!! */
661 mpi_set_buffer( oaep, encr, encrlen, 0);
662 }
663 printf(".");
664 }
665 while ( success <=0 || mpi_cmp( oaep, pk->n ) >= 0 );
666
667 printf("\n");
668 /* Step2 : call rsa for final result */
669 public_rsa( output, oaep, pk );
670
671 /* clear up */
672 xfree( msg );
673 xfree( encr );
674 xfree( entropy );
675 mpi_free( oaep );
676 }
677
678 void rsa_oaep_decrypt( MPI output, MPI input, RSA_secret_key *sk, int *success)
679 {
680 *success = -1;
681 unsigned int nlimbs_n = mpi_nlimb_hint_from_nbytes( KEY_LENGTH_OCTETS);
682 unsigned int nlimbs_msg = mpi_nlimb_hint_from_nbytes( max_len_msg );
683
684 /* preconditions */
685 assert( output != input );
686 assert( mpi_get_alloced( output ) >= nlimbs_msg);
687 assert( mpi_get_nlimbs( input ) == nlimbs_n);
688
689 /* rsa */
690 MPI rsa_decr = mpi_alloc( nlimbs_n );
691 secret_rsa( rsa_decr, input, sk );
692
693 /* oaep */
694 unsigned encr_len, decr_len;
695 int sign, flag;
696 char *oaep_encr = mpi_get_buffer( rsa_decr, &encr_len, &sign );
697 char *oaep_decr = xmalloc( encr_len );
698 decr_len = encr_len;
699 oaep_decrypt_c( oaep_encr, encr_len, oaep_decr, &decr_len, &flag );
700
701 /* check status */
702 if ( flag > 0 ) {
703 *success = 1;
704 mpi_set_buffer( output, oaep_decr, decr_len, 0 );
705 }
706 else
707 *success = -1;
708
709 /* cleanup */
710 mpi_free( rsa_decr );
711 xfree( oaep_encr );
712 xfree( oaep_decr );
713 }
714
(0 . 0)(1 . 16)
719 -- S.MG, 2018
720
721 with "../mpi/mpi.gpr";
722 with "../smg_keccak/smg_keccak.gpr";
723
724 project SMG_RSA is
725 for Languages use ("C");
726 for Library_Name use "SMG_RSA";
727 for Library_Kind use "static";
728
729 for Source_Dirs use (".", "include");
730 for Object_Dir use "obj";
731 for Library_Dir use "bin";
732
733 end SMG_RSA;
734
- E426FDCA88EDC45327759E751831FA6CB81F88D9C65A1DA25AE513E391CFDC69A99027CCDDEF4D02AA8893EBBAC32CC60A853101962B51F4269DC86EE41F311D(1 . 25)(0 . 0)
739 PROGRAM = tests
740
741 CXX = gcc
742 OBJECTS := $(patsubst %.c,%.o,$(wildcard *.c))
743 FLAGS = -g -Wall
744 INCLUDE = -I ../include -I ../../mpi/include
745 SMG_RSA = ../bin/smg_rsa.a
746 MPI = ../../mpi/bin/mpi.a
747 LIBS := $(SMG_RSA) $(MPI)
748
749 .SUFFIXES: .o .c
750
751 .c.o:
752 $(CXX) $(FLAGS) $(INCLUDE) -c $< -o $@
753
754 all: $(PROGRAM)
755
756 $(PROGRAM): $(OBJECTS)
757 $(CXX) $(FLAGS) $(INCLUDE) -o $(PROGRAM) $(OBJECTS) $(LIBS)
758
759 clean :
760 rm -rf nul core *flymake* *.o $(PROGRAM) *~ bin obj
761
762 check-syntax:
763 $(CXX) -c $(FLAGS) $(INCLUDE) -o nul -Wall -S $(CHK_SOURCES)
-(0 . 0)(1 . 1)
768 obj folder for smg_rsa
-(0 . 0)(1 . 13)
773 -- Tests for SMG_RSA (part of EuCrypt)
774 -- S.MG, 2018
775
776 with "../smg_rsa.gpr";
777
778 project SMG_RSA_Tests is
779 for Languages use("C");
780 for Source_Dirs use (".");
781 for Object_Dir use "obj";
782 for Exec_Dir use ".";
783
784 for Main use ("tests.c");
785 end SMG_RSA_Tests;
- 8293DE5FE325F0499D3FC0B882E94B3E8E297911D2C9AA83ECDCBCAA13914273DB14ED6A077CA24F75B34D9258224E72806F917DEF17D5CF7762B06D5A54F008(6 . 6)(6 . 9)- E0F2FD60A9E3ECEAB2D5BFEBA67A8C7DFB0017C72F9992DA3E6499CFEF2D000F614FB9A86E6979A672B20B42A6991E4BC6EF8EB26B61D489D9F7BDDCDBFB85ED
790 #include <time.h>
791 #include <stdio.h>
792
793 extern void adainit(void);
794 extern void adafinal(void);
795
796 void err(char *msg)
797 {
798 fprintf(stderr, "%s\n", msg);
(406 . 6)(409 . 198)
800 mpi_free(sk.u);
801 }
802
803 void test_oaep_encr_decr( int nruns ) {
804 /* a set of RSA keys previously generated with eucrypt */
805 RSA_public_key pk;
806 pk.n = mpi_alloc(0);
807 pk.e = mpi_alloc(0);
808
809 RSA_secret_key sk;
810 sk.n = mpi_alloc(0);
811 sk.e = mpi_alloc(0);
812 sk.d = mpi_alloc(0);
813 sk.p = mpi_alloc(0);
814 sk.q = mpi_alloc(0);
815 sk.u = mpi_alloc(0);
816
817 mpi_fromstr(sk.n, "0x\
818 CD2C025323BEA46FFF2FA8D7A9D39817EA713421F4AE03FA8120641193892A70BFECF5\
819 83101635A432110D3DDE6339E3CC7ECC0AD91C026FCACE832DD3888A6FCA7BCE56C390\
820 5A5AC8C7BC921DA675E4B62489B254EB34659D547D71165BC998983A81937BD251AEE1\
821 2D985EC387D5376F5DCC5EF7EC530FBD6FD2AA7285EE1AF3335EA73163F0954F30402E\
822 D7B374EE84A97B1849B0674B0DA0A2050BD79B71ABB1559F3A9CFDB8557DED7BC90CF2\
823 09E8A847E9C226140845B7D03842162E7DA5DD16326CB1F71A248D841FE9076A09911F\
824 2F4F5E3EA44EA8DE40332BF00406990BCCF61C322A03C456EF3A98B341E0BDBC1088CE\
825 683E78510E76B72C2BCC1EE9AEDD80FFF18ABFC5923B2F36B581C25114AB2DF9F6C2B1\
826 9481703FD19E313DCD7ACE15FA11B27D25BCE5388C180A7E21167FB87750599E1ED7C7\
827 50F4A844E1DC2270C62D19671CF8F4C25B81E366B09FC850AE642136D204A9160AEECE\
828 575B57378AA439E9DD46DC990288CD54BAA35EEE1C02456CD39458A6F1CBF012DCEDF4\
829 27CCF3F3F53645658FC49C9C9D7F2856DB571D92B967AB5845514E0054DDB49099F5DD\
830 04A6F6F5C5CE642276834B932881AEB648D1F25E9223971F56E249EF40CF7D80F22621\
831 CDD0260E9E7D23746960ADB52CF2987584FB1DE95A69A39E5CB12B76E0F5C1A0529C0C\
832 065D2E35720810F7C7983180B9A9EA0E00C11B79DC3D");
833
834 mpi_fromstr(sk.e, "0x\
835 DD4856B4EE3D099A8604AE392D8EFEC094CDF01546A28BE87CB484F999E8E75CDFCD01\
836 D04D455A6A9254C60BD28C0B03611FC3E751CC27EF768C0B401C4FD2B27C092834A6F2\
837 49A145C4EDC47A3B3D363EC352462C945334D160AF9AA72202862912493AC6190AA3A6\
838 149D4D8B9996BA7927D3D0D2AD00D30FD630CF464E6CAF9CF49355B9A70E05DB7AE915\
839 F9F602772F8D11E5FCDFC7709210F248052615967090CC1F43D410C83724AA5912B2F0\
840 52E6B39449A89A97C79C92DC8CB8DEEFCF248C1E1D2FC5BFE85165ECA31839CAA9CEB3\
841 3A92EBDC0EB3BAC0F810938BB173C7DA21DCBB2220D44CBA0FD40A2C868FC93AC5243E\
842 C137C27B0A76D65634EBB3");
843
844 mpi_fromstr(sk.d, "0x\
845 7C8A6FA1199D99DCA45E9BDF567CA49D02B237340D7E999150BC4883AE29DEC5158521\
846 B338F35DC883792356BDDBB3C8B3030A6DD4C6522599A3254E751F9BA1CB1061C5633C\
847 81BBFACF6FCD64502614102DFED3F3FA284066C342D5E00953B415915331E30812E5FB\
848 CD6680ADCCDEE40B8376A3A225F2E160EA59C7566804526D73BB660A648A3EF9802313\
849 B2F841E8458B2AAACE7AACF31083E8F3F630298138393BC88BBD7D4AA4334949651D25\
850 365B10DBF4A4A08E20A6CC74BFDD37C1C38E2ADC2A283DF06590DF06B46F67F6ACA67F\
851 AC464C795261659A2F9558802D0BBAA05FD1E1AF2CDC70654723DF7EFAEA148B8CDBEB\
852 C89EA2320AB9BBB1BC4311475DF3D91446F02EF192368DFEBAC598CCFD4407DEC58FDC\
853 1A94CCDD6E5FBA9C52164ACEA8AEE633E557BCCEACB7A1AF656C379482D784A120A725\
854 32F9B2B35173D505F21D5AD4CB9511BC836DC923730B70291B70290A216CA3B21CFF79\
855 E895C35F4F7AF80E1BD9ED2773BD26919A76E4298D169160593E0335BE2A2A2D2E8516\
856 948F657E1B1260E18808A9D463C108535FB60B3B28F711C81E5DE24F40214134A53CE5\
857 9A952C8970A1D771EBEFFA2F4359DCF157995B3F1950DE3C6EC41B7FF837148F55F323\
858 372AF3F20CE8B8038E750C23D8F5041FA951327859B0E47483F0A47103EF808C72C251\
859 006FA526245291C8C84C12D2EF63FB2301EA3EEDA42B");
860
861 mpi_fromstr(sk.p, "0x\
862 E236732452039C14EC1D3B8095BDDCFB7625CE27B1EA5394CF4ED09D3CEECAA4FC0BF6\
863 2F7CE975E0C8929CE84B0259D773EA038396479BF15DA065BA70E549B248D77B4B23ED\
864 A267308510DBEE2FD44E35D880EE7CFB81E0646AA8630165BD8988C3A8776D9E704C20\
865 AA25CA0A3C32F27F592D5FD363B04DD57D8C61FFDCDFCCC59E2913DE0EE47769180340\
866 E1EA5A803AA2301A010FF553A380F002601F0853FCACDB82D76FE2FACBCD6E5F294439\
867 0799EA5AE9D7880D4E1D4AE146DC1D4E8495B9DD30E57E883923C5FC26682B7142D35C\
868 D8A0FC561FE725A6CF419B15341F40FE0C31132CBD81DD8E50697BD1EBFFA16B522E16\
869 F5B49A03B707218C7DA60B");
870
871 mpi_fromstr(sk.q, "0x\
872 E830482A3C4F5C3A7E59C10FF8BA760DB1C6D55880B796FFDA4A82E0B60E974E81D04B\
873 2A4AD417823EBFB4E8EFB13782943562B19B6C4A680E3BA0C8E37B5023470F4F1AC1F8\
874 A0B10672EF75CD58BCD45E6B14503B8A6A70AFE79F6201AF56E7364A1C742BE1453FD2\
875 24FDC9D66522EAF4466A084BCB9E46D455A2946E94CBF028770F38D0B741C2CC59308F\
876 71D8C2B4B9C928E0AE8D68DEB48A3E9EFD84A10301EBD55F8221CA32FC567B306B2A8E\
877 116350AFB995859FDF4378C5CFD06901494E8CFA5D8FAC564D6531FA8A2E4761F5EFBA\
878 F78750B6F4662BE9EA4C2FAD67AF73EEB36B41FC15CB678810C19A51DF23555695C4C1\
879 546F3FACA39CAA7BB8DBD7");
880
881 mpi_fromstr(sk.u, "0x\
882 846232322775C1CD7D5569DC59E2F3E61A885AE2E9C4A4F8CB3ACBE8C3A5441E5FE348\
883 A2A8AC9C2998FBF282222BF508AA1ECF66A76AEDD2D9C97028BFD3F6CA0542E38A5312\
884 603C70B95650CE73F80FDD729988FBDB5595A5BF8A007EA34E54994A697906CE56354C\
885 E00DF10EB711DEC274A62494E3D350D88736CF67A477FB600AC9F1D6580727585092BF\
886 5EBC092CC4D6CF75769051033A1197103BE269942F372168A53771746FBA18ED6972D5\
887 0B935A9B1D6B5B3DD50CD89A27FE93C10924E9103FACF7B4C5724A046C3D3B50CC1C78\
888 5F5C8E00DBE1D6561F120F5294C170914BC10F978ED4356EED67A9F3A60D70AFE540FC\
889 5373CBAE3D0A7FD1C87273");
890
891 /* copy the public key components */
892 pk.n = mpi_copy( sk.n );
893 pk.e = mpi_copy( sk.e );
894
895 /* some plain text message */
896 MPI msg = mpi_alloc(0);
897 mpi_fromstr(msg, "0x\
898 5B6A8A0ACF4F4DB3F82EAC2D20255E4DF3E4B7C799603210766F26EF87C8980E737579\
899 EC08E6505A51D19654C26D806BAF1B62F9C032E0B13D02AF99F7313BFCFD68DA46836E\
900 CA529D7360948550F982C6476C054A97FD01635AB44BFBDBE2A90BE06F7984AC8534C3\
901 28097EF92F6E78CAE0CB97");
902
903 /* actual testing */
904 printf("TEST verify oaep_encr_decr on message: \n");
905 mpi_print( stdout, msg, 1);
906 printf("\n");
907
908 int nlimbs_n = mpi_nlimb_hint_from_nbytes( KEY_LENGTH_OCTETS);
909 MPI encr = mpi_alloc( nlimbs_n );
910 MPI decr = mpi_alloc( nlimbs_n );
911 int success;
912
913 adainit();
914 rsa_oaep_encrypt( encr, msg, &pk );
915 rsa_oaep_decrypt( decr, encr, &sk, &success );
916
917 if (success <= 0 ||
918 mpi_cmp(encr, msg) == 0 ||
919 mpi_cmp(msg, decr) != 0)
920 printf("FAILED: success flag is %d\n", success);
921 else
922 printf("PASSED\n");
923
924 /* attempt to decrypt corrupted block */
925 mpi_clear( decr );
926 rsa_oaep_decrypt( decr, pk.n, &sk, &success);
927 if (success > 0)
928 printf("FAILED: attempt to decrypt non-/corrupted oaep block\n");
929 else
930 printf("PASSED: attempt to decrypt non-/corrupted oaep block\n");
931 adafinal();
932
933 /* clean up */
934 mpi_free( sk.n );
935 mpi_free( sk.e );
936 mpi_free( sk.d );
937 mpi_free( sk.p );
938 mpi_free( sk.q );
939 mpi_free( sk.u );
940
941 mpi_free( pk.n );
942 mpi_free( pk.e );
943
944 mpi_free( msg );
945 mpi_free( encr );
946 mpi_free( decr );
947 }
948
949 void test_mpi_buffer() {
950 unsigned int noctets = 10;
951 int nlimbs = mpi_nlimb_hint_from_nbytes( noctets );
952 MPI m = mpi_alloc( nlimbs );
953 unsigned char *setbuffer = xmalloc( noctets );
954 unsigned char *getbuffer;
955 unsigned int i, sign, mpilen, nerrors;
956
957 for (i=0; i< noctets; i++)
958 setbuffer[i] = i;
959
960 mpi_set_buffer( m, setbuffer, noctets, 0);
961
962 getbuffer = mpi_get_buffer( m, &mpilen, &sign );
963
964 if (mpilen == noctets -1 ) {
965 nerrors = 0;
966 for (i=0;i<noctets-1;i++)
967 if (setbuffer[i+1] != getbuffer[i])
968 nerrors = nerrors + 1;
969 if (nerrors == 0) {
970 printf("WARNING: 0-led octet discarded by mpi_set_buffer!\n");
971 printf("Value ret by mpi_get_buffer != value given to set_buffer!\n");
972 }
973 else
974 printf("FAIL: got different lengths and %d different values!\n", nerrors);
975 }
976 else if (mpilen != noctets)
977 printf("FAIL: mpilen is %d; noctets is %d\n", mpilen, noctets);
978 else
979 {
980 nerrors = 0;
981 for (i=0;i<noctets-1;i++) {
982 if (setbuffer[i]!=getbuffer[i])
983 nerrors= nerrors+1;
984 }
985 if (nerrors>0)
986 printf("FAIL: got %d different values!\n", nerrors);
987 else printf("PASSED: mpi_get/set_buffer\n");
988 }
989
990 mpi_free(m);
991 xfree(setbuffer);
992 xfree(getbuffer);
993 }
994
995 int main(int ac, char **av)
996 {
997 int nruns;
(479 . 6)(674 . 12)
999 case 8:
1000 time_rsa_gen(nruns);
1001 break;
1002 case 9:
1003 test_oaep_encr_decr(nruns);
1004 break;
1005 case 10:
1006 test_mpi_buffer();
1007 break;
1008 default:
1009 printf("Current test ids:\n");
1010 printf("0 for timing entropy source\n");
(491 . 6)(692 . 8)
1012 writes to keys.asc and check_keys.asc\n");
1013 printf("7 for testing rsa exponentiation (fixed data)\n");
1014 printf("8 for timing rsa key pair generator\n");
1015 printf("9 for oaep encrypt/decrypt\n");
1016 printf("10 for testing mpi_set/get_buffer\n");
1017 }
1018
1019 return 0;
(1 . 8)(1 . 10)
1024 -- Tests for SMG_Serpent (part of EuCrypt)
1025 -- S.MG, 2018
1026
1027 with "../smg_serpent.gpr";
1028
1029 project SMG_Serpent_Tests is
1030 for Source_Dirs use (".", "../src");
1031 for Source_Dirs use (".");
1032 for Object_Dir use "obj";
1033 for Exec_Dir use ".";
1034