tree checksum vpatch file split hunks
all signers: diana_coman
antecedents: smg_comms_files smg_comms_io_rsa_tests_only smg_comms_rsa_oaep smg_comms_actions_rsa smg_comms_c_wrappers
press order:
patch:
(27 . 10)(27 . 10)- C24569926E5388672B1AF9E79B01B55902F2176DE3F2887C978327871820CF1EE19BC9B0B52BA614A90FF197FAC4A91C0975133EC55B38F362BE48E3DEACE1B3
5 MPI u = mpi_alloc(nlimbs_a);
6 MPI v = mpi_alloc(nlimbs_b);
7
8 //set the given octets as the values of the 2 MPIs
9 //set the given octets as the values of the 2 MPIs and normalize
10 //the sign is set to 0 (last parameter).
11 mpi_set_buffer(u, a, len_a, 0);
12 mpi_set_buffer(v, b, len_b, 0);
13 mpi_set_normalized(u, a, len_a, 0);
14 mpi_set_normalized(v, b, len_b, 0);
15
16 //compare the MPIs as numbers and store the result
17 result = mpi_cmp(u, v);
(66 . 17)(66 . 16)
19 MPI out_mpi = mpi_alloc(nlimbs_out);
20
21 //set input as buffer for in_mpi
22 mpi_set_buffer(in_mpi, input, len_input, 0);
23
24 mpi_set_normalized(in_mpi, input, len_input, 0);
25 //create public key structure and set its contents to given n, e
26 RSA_public_key pk;
27 unsigned int nlimbs_n = mpi_nlimb_hint_from_nbytes( len_n );
28 unsigned int nlimbs_e = mpi_nlimb_hint_from_nbytes( len_e );
29 pk.n = mpi_alloc(nlimbs_n);
30 pk.e = mpi_alloc(nlimbs_e);
31 mpi_set_buffer(pk.n, n, len_n, 0);
32 mpi_set_buffer(pk.e, e, len_e, 0);
33
34 //NB MPI lib gets STUCK on 0-leading MPIs so set + normalize
35 mpi_set_normalized(pk.n, n, len_n, 0);
36 mpi_set_normalized(pk.e, e, len_e, 0);
37 //call rsa public_key encryption and retrieve the result, storing it in out
38 public_rsa( out_mpi, in_mpi, &pk);
39 int len = len_out;
(118 . 7)(117 . 7)
41 MPI out_mpi = mpi_alloc(nlimbs_out);
42
43 //set input as buffer for in_mpi
44 mpi_set_buffer(in_mpi, input, len_input, 0);
45 mpi_set_normalized(in_mpi, input, len_input, 0);
46
47 //create private key structure and set its contents to given n,e,d,p,q,u
48 RSA_secret_key sk;
(134 . 12)(133 . 13)
50 sk.p = mpi_alloc(nlimbs_p);
51 sk.q = mpi_alloc(nlimbs_q);
52 sk.u = mpi_alloc(nlimbs_u);
53 mpi_set_buffer(sk.n, n, len_n, 0);
54 mpi_set_buffer(sk.e, e, len_e, 0);
55 mpi_set_buffer(sk.d, d, len_d, 0);
56 mpi_set_buffer(sk.p, p, len_p, 0);
57 mpi_set_buffer(sk.q, q, len_q, 0);
58 mpi_set_buffer(sk.u, u, len_u, 0);
59 //HAVE TO set AND normalize those or lib MPI gets stuck idiotically on 0-led
60 mpi_set_normalized(sk.n, n, len_n, 0);
61 mpi_set_normalized(sk.e, e, len_e, 0);
62 mpi_set_normalized(sk.d, d, len_d, 0);
63 mpi_set_normalized(sk.p, p, len_p, 0);
64 mpi_set_normalized(sk.q, q, len_q, 0);
65 mpi_set_normalized(sk.u, u, len_u, 0);
66
67 //call rsa secret_key encryption and retrieve the result, storing it in out
68 secret_rsa( out_mpi, in_mpi, &sk );
(220 . 3)(220 . 9)
70
71 xfree( buffer ); //free the buffer that was allocated by mpi_get_buffer
72 }
73
74 void mpi_set_normalized(MPI m, const char *buffer,
75 unsigned int noctets, int sign) {
76 mpi_set_buffer( m, buffer, noctets, sign );
77 mpi_normalize( m );
78 }
(103 . 3)(103 . 11)
83 //@param len_out size of out; will be replaced by actual number of octets copied
84 //@param m The MPI whose octets are to be retrieved
85 void mpi_to_octets( char *out, unsigned int *len_out, MPI m);
86
87
88 //This calls mpi_set_buffer and then mpi_normalize - i.e. it *changes* given MPI
89 //by setting its internal buffer and trimming any leading 0.
90 //NB: the MPI lib fails to work correctly with non-normalized MPIs....
91 //NB: this may allocate/deallocate memory for the mpi!
92 void mpi_set_normalized(MPI m, const char *buffer,
93 unsigned int noctets, int sign);
- A11EC7A815179C71A1C1B0239EE392930B811CFFC2D83328BC4D6D9D7182EB9D5D55F3C010ED9FB8A1A98B14E578407331FB6229B479386ABE16F6DFF21B98F1(10 . 3)(10 . 4)
98 550310 smg_comms_keymgm diana_coman Adds read/write for Keys Management messages (both Serpent and RSA). Refactors the read/write of Serpent Keys messages so that the same core is called by RSA/Serpent specific-methods, adding also read/write of keys from/to RSA messages.
99 551086 smg_comms_files diana_coman Adds read/write for File Transfer (4.3) and File Request (4.4). Refactors the rest to have read/write of 16 bits values in one single place (i.e. separate method called from everywhere else) because of how common it is + sensitive to endianness.
100 551832 smg_comms_actions_rsa diana_coman Adds read/write for RSA keys (5.1) and Client Action (4.5). Refactors to allow choice of padding and enable direct testing of private procedure in Messages.
101 552633 smg_comms_shorter_e diana_coman Changes to support arbitrary size of public exponent both at key generation time (rsa.c) and at use for packing/unpacking messages. Also adds required changes to c_wrappers to work around the idiocy in MPI lib that means it will get stuck in endless loop in some cases when the buffer of an mpi is set to 0-leading values.
- 73247011FCC9996859CAB02ADE955CD8D5FA04B85593E182645EBE0F497686ABFC771ECDF1E43B0E39506C85B25F365D80A81031FB82F13919E2FF5824EDA5EF(22 . 6)(22 . 16)
106 */
107 static const int KEY_LENGTH_OCTETS = 490;
108
109 /**
110 * This is the length of the public exponent e, given in octets.
111 * TMSR standard e has KEY_LENGTH_OCTETS / 2 octets.
112 * Eulora's communication protocol uses however e with 8 octets length.
113 * New keypairs generated will have e precisely this length.
114 * Change this to your preferred size of e for generating new keys with that size of e.
115 * NB: this impacts key generation ONLY! (i.e. NOT encrypt/decrypt).
116 */
117 static const int E_LENGTH_OCTETS = 8;
118
119 typedef struct {
120 MPI n; /* modulus */
121 MPI e; /* public exponent */
- 388A33BE262FAA152FB74089B6AC814C7E5C6248A5B52F91A8C69C0E19EC9F9EEA12B0551B0AADC751F73CDD5AC4004C8C493AA1E6041118A922070EAD3A7ECB(52 . 7)(52 . 7)
126 /* choose random prime e, public exponent, with 3 < e < phi */
127 /* because e is prime, gcd(e, phi) is always 1 so no need to check it */
128 do {
129 gen_random_prime( noctets_pq, sk->e);
130 gen_random_prime( E_LENGTH_OCTETS, sk->e);
131 } while ( (mpi_cmp_ui(sk->e, 3) < 0) || (mpi_cmp(sk->e, phi) > 0));
132
133 /* calculate private exponent d, 1 < d < phi, where e * d = 1 mod phi */
- 4835EBBC34C00A3A78A2A4EE13C9F553697525A2A21CB137E629D65D8B7E70A7DD1283F395A2C4590024E522C82D1DC027BBCBBB26C27A7D844B4A1FBD6F2941(305 . 6)(305 . 104)- 6E8E85BFAFE5928021EE613A17D9F7D1BEFE761771E1508141128BE52B52424D380199D14EC42A5B1256373030BC474F3568038DBB2B3DA034715A9D7B61C5D6
138
139 }
140
141 void test_rsa_8e(int nruns) {
142 RSA_secret_key sk;
143 int noctets = KEY_LENGTH_OCTETS;
144 int noctets_pq = noctets / 2;
145 int nlimbs_pq = mpi_nlimb_hint_from_nbytes(noctets_pq);
146
147 sk.n = mpi_alloc(0);
148 sk.e = mpi_alloc(0);
149 sk.d = mpi_alloc(0);
150 sk.p = mpi_alloc(0);
151 sk.q = mpi_alloc(0);
152 sk.u = mpi_alloc(0);
153
154 mpi_fromstr(sk.n, "0x\
155 B51BE851F39159EAC714F3E0376713A84DAD36A82D446D0A257A391870F45FAE13C4CC\
156 F400DDA9F604991134C0934161554EEFEAA3147BF0EADC77B99E2B9B6E4EE942EA9D07\
157 5F015EE2465B491F4130E04E1BBB6CCDC98F6E8789D4F7FCA3E3FF83C6100CAF2B764E\
158 A5AF7CBA9B27C13EE72EA7A8602F34B32E17C2BA56CFBA4223F7D9A03C23336095D34F\
159 BF66E88BF5CE661D66C251DFAD4CB2BA8D1E1669AC927894EA20DABABD2495BC2A4BA3\
160 A25C79ABEC2D57F45F0F889D962C777A663D0AB25D3650DFDC6D77C528803C0C6E12BD\
161 05281B33C603BEA66A0C2ACBEBD1CA53D32C2269294C9B93E742CA563AF39E939C32CE\
162 51D5ED827F9C217EF58CC518B635D0E03BA778BCEBAF9A2CDB493282D751A5977CB907\
163 C8708D1EF1CAE644C1F2525DDE98E29761B1ADF0965F08AA856DF540AEFD67F96B92AE\
164 83636C31A507C59635C6D435C5E7EE333DC2257C07BC0FCE27CF400F6EB7A6B90FFF00\
165 C3C1179615BF5DA6137476926C09D8CCD03257DFCAEF12BE9DC1D3F621D6C97D7F3E6D\
166 534337579B4B65AE212ACC26FC3861E24033E6F12A601D473A65EFC5F25ABD5D6049EA\
167 DD6D76BA60AA218C5EBE13439AAFFF0088C49ACC0E9F7DE56DB03F585E1AC2862EB990\
168 59724FD407C4ACD3DD14A53A6A35F6AFAE03EA53A4E742CC370087692E206A2422FF9D");
169
170 sk.e = mpi_alloc(nlimbs_pq);
171 int i;
172 char echar[109];
173 int ne = 109;
174 for (i=0;i<ne;i++)
175 echar[i] = 0;
176
177 echar[ne-1] = 59;
178 echar[ne-2] = 153;
179 echar[ne-3] = 145;
180 echar[ne-4] = 109;
181 echar[ne-5] = 236;
182 echar[ne-6] = 157;
183 echar[ne-7] = 64;
184 echar[ne-8] = 195;
185 //NB: this test WILL FAIL if only mpi_set_buffer called.
186 mpi_set_buffer(sk.e, echar, ne, 0);
187 mpi_normalize(sk.e);
188
189 mpi_fromstr(sk.d, "0x\
190 7694F5266A995D31DCF3AE40A35AAE4B6F6E2D625EDE8AEF3DF4418C1C5B6D46FBC8AC\
191 1C018B475BB531807C6CB649A3D2A3044B11560B15DFD17E29E2294CBBE4D2E787B048\
192 D7EF19DB02392534DBBE8C0F57DCA17448B5DCDA08A69C3177749BEA150BBC506372DD\
193 D6DBE48869567B31B00FB855AB4700A0458570393F2AA6A5887DAB0E6FD194B970AED2\
194 A6AA1AE13C1B4BA1154F7D2C55699429CD634425460B961C581639E6CC005B6FDEF273\
195 E5A8A34F39E5F7999AEA6E6767A9842203C00763BEDECFB2FCBC4D071AADB81D3DBB32\
196 58872EBA06804183AE66DE1859758BB1752486DC95887DA71BA231E115FFA43AB5F596\
197 21F5DA9BDF780BB35E3DAA06C2BE83FFE160BE6C625D8D33A42491510E22AD545AE0FE\
198 933F2A70FCBF794156EE6FDB4351404706EC528BD865A3F75B66ACE3186620B5713F44\
199 D2D185BC2F8B42B2C9BD8274D11D4E4449D9237398A4D576A0722871B96C2675E32EAD\
200 C8E2DB958FB016D9DBDE9653FC7A346689D348F1161C3E183C19DDD92A313E2191435E\
201 449E819FC3B04CA8B7874B3283AE52FEE822525BAAA14F7E28DF2B1EA9383FBEFA7A4B\
202 AB22BC178CDCF5064E09D8EAAAC4EEF50550E8CB5D3F3079D80FECC4A7B2587BFA6B68\
203 0798D6A6175BA3ABAC52B2BE583849FC3C47A6B7B9BB6CE18AF23BFC54E8F04AA6AF3");
204 mpi_fromstr(sk.p, "0x\
205 C9AE5920BA2CFC9A765C25D8B75E8A42845F5B13F8B9386698C31D01BDDE572BD181E4\
206 5FD46666BB9D3F5043D2B3F7B4B3D301DA403CED22ADBB60544D2000EBB3FEF3E1674D\
207 B2F2BB81A81573B3556689FD2AF740367EB9C7CFFC08BD95471849C456B9AD93BA9462\
208 A541FBD7618E9BF8F8B8DC76233D22826085E06F8CC22C4DB46DE8A6E666FBF678052E\
209 80B5D116B4CAC4FCA1C3348F45895D823842E6A4E2B605F0F8CCD9A75F59B3B4BBC102\
210 B9B7F948EC28AB60BF4FD5441E4EF48B25D6A50C5AAEB882EE9862E042F54510366730\
211 B8DD56C02FC43CD95F6EF7B92379E6DED28764CDD22899C845F484EF8F777B9A527FC1");
212 mpi_fromstr(sk.q, "0x\
213 E5E324CDCAEA29DE1EFB3E2280B51E4461A692A5844F64E6917677907A7825A8ABBEF1\
214 1E0D8A5D70DF703D4D4014FE0A125E5A409AD7DC9B5F2ECBDF518C8ECE783F217268CF\
215 ED93689AEB5D970B3C898B7ACB8868E2D284A85F1B82926C67F6F6675F78799CC280E4\
216 197AB3800B00ED9B063B9A00F483CDD5158DCE31B575F579E4206D32E483994B58D5EA\
217 7FBE224326672ED00BA1B432796E78B80816D641BE4F81BF8CCA5A2E93A0E9FA4D6133\
218 4E893903E133DA215295FAF00F9BA1F224BC700ABCD6A94FB4C1A006BD5673D304B207\
219 F8EE6752F41C4D2F7DE310266EAF61B0545A26FAC66A46B90015FC2374D4FD01F836DD");
220 mpi_fromstr(sk.u, "0x\
221 746B5BD406C84FDBC8EF4DEC7D79831630B45579D7865695BDB288C0E8DB39749200B0\
222 720F6FAF1CBB3F2EE6C6FF3DA72B4C8505D50732DBEE2E92CD9A13B6919D5173DBA708\
223 B44C36129A3494DCD77B9991F88F528FF11706E0D6EFC67705937F5A11FCBC984F89F2\
224 A4168A8ED2A391FAD06C1E15F838B890126DF650DA803661448F8CEA755F15432A83C8\
225 99CB0AFCB5D922514DF19697416DDC79CA2AC7CB30AEADEC2D68B0F43D178DAB33656E\
226 3CDF08A3D2B903797E74210478526D49AA740F906789740826DDD3CF2E5F032B9E0536\
227 85560848F127A1A844BF00C5819FFEB2016E0DBC86BF375554DC28EC2DC7FD8830AA3D");
228
229 test_rsa_keys(&sk, noctets_pq, stdout);
230
231 mpi_free(sk.n);
232 mpi_free(sk.e);
233 mpi_free(sk.d);
234 mpi_free(sk.p);
235 mpi_free(sk.q);
236 mpi_free(sk.u);
237 }
238
239 void test_rsa_exp() {
240 MPI msg = mpi_alloc(0);
241 MPI expected = mpi_alloc(0);
(588 . 6)(686 . 9)
243 case 13:
244 test_uint64_rng(nruns);
245 break;
246 case 14:
247 test_rsa_8e(nruns);
248 break;
249 default:
250 printf("Current test ids:\n");
251 printf("0 for timing entropy source\n");
(605 . 6)(706 . 7)
253 printf("11 for testing smg_rng ieee 745/1985 float\n");
254 printf("12 for testing smg_rng uint32 \n");
255 printf("13 for testing smg_rng uint64 \n");
256 printf("14 for testing rsa with 8-octets e \n");
257 }
258
259 return 0;
(36 . 6)(36 . 11)-
264 -- a. it's C code that should import this, not the other way around.
265 -- b. it needs to be static here.
266 RSA_KEY_OCTETS : constant Positive := 490;
267
268 -- RSA public exponent (e) size in octets
269 -- NB: this should normally match the E_LENGTH_OCTETS in smg_rsa.h
270 -- NOT imported here for the same reason given at RSA_KEY_OCTETS above
271 E_LENGTH_OCTETS : constant Positive := 8;
272
273 -- OAEP constants: defined here as still part of standard spec.
274 -- OAEP package will use those values when using Raw_Types
(68 . 6)(73 . 7)
276 -- raw representations of RSA key components
277 subtype RSA_len is Octets ( 1 .. RSA_KEY_OCTETS);
278 subtype RSA_half is Octets( 1 .. RSA_KEY_OCTETS/2);
279 subtype RSA_e is Octets( 1 .. E_LENGTH_OCTETS);
280
281 -- RSA packets and contained raw messages
282 subtype RSA_Pkt is Octets( 1 .. RSA_PKT_OCTETS );
(0 . 0)(1 . 7)
287 B51BE851F39159EAC714F3E0376713A84DAD36A82D446D0A257A391870F45FAE13C4CCF400DDA9F604991134C0934161554EEFEAA3147BF0EADC77B99E2B9B6E4EE942EA9D075F015EE2465B491F4130E04E1BBB6CCDC98F6E8789D4F7FCA3E3FF83C6100CAF2B764EA5AF7CBA9B27C13EE72EA7A8602F34B32E17C2BA56CFBA4223F7D9A03C23336095D34FBF66E88BF5CE661D66C251DFAD4CB2BA8D1E1669AC927894EA20DABABD2495BC2A4BA3A25C79ABEC2D57F45F0F889D962C777A663D0AB25D3650DFDC6D77C528803C0C6E12BD05281B33C603BEA66A0C2ACBEBD1CA53D32C2269294C9B93E742CA563AF39E939C32CE51D5ED827F9C217EF58CC518B635D0E03BA778BCEBAF9A2CDB493282D751A5977CB907C8708D1EF1CAE644C1F2525DDE98E29761B1ADF0965F08AA856DF540AEFD67F96B92AE83636C31A507C59635C6D435C5E7EE333DC2257C07BC0FCE27CF400F6EB7A6B90FFF00C3C1179615BF5DA6137476926C09D8CCD03257DFCAEF12BE9DC1D3F621D6C97D7F3E6D534337579B4B65AE212ACC26FC3861E24033E6F12A601D473A65EFC5F25ABD5D6049EADD6D76BA60AA218C5EBE13439AAFFF0088C49ACC0E9F7DE56DB03F585E1AC2862EB99059724FD407C4ACD3DD14A53A6A35F6AFAE03EA53A4E742CC370087692E206A2422FF9D
288 C3409DEC6D91993B
289 7694F5266A995D31DCF3AE40A35AAE4B6F6E2D625EDE8AEF3DF4418C1C5B6D46FBC8AC1C018B475BB531807C6CB649A3D2A3044B11560B15DFD17E29E2294CBBE4D2E787B048D7EF19DB02392534DBBE8C0F57DCA17448B5DCDA08A69C3177749BEA150BBC506372DDD6DBE48869567B31B00FB855AB4700A0458570393F2AA6A5887DAB0E6FD194B970AED2A6AA1AE13C1B4BA1154F7D2C55699429CD634425460B961C581639E6CC005B6FDEF273E5A8A34F39E5F7999AEA6E6767A9842203C00763BEDECFB2FCBC4D071AADB81D3DBB3258872EBA06804183AE66DE1859758BB1752486DC95887DA71BA231E115FFA43AB5F59621F5DA9BDF780BB35E3DAA06C2BE83FFE160BE6C625D8D33A42491510E22AD545AE0FE933F2A70FCBF794156EE6FDB4351404706EC528BD865A3F75B66ACE3186620B5713F44D2D185BC2F8B42B2C9BD8274D11D4E4449D9237398A4D576A0722871B96C2675E32EADC8E2DB958FB016D9DBDE9653FC7A346689D348F1161C3E183C19DDD92A313E2191435E449E819FC3B04CA8B7874B3283AE52FEE822525BAAA14F7E28DF2B1EA9383FBEFA7A4BAB22BC178CDCF5064E09D8EAAAC4EEF50550E8CB5D3F3079D80FECC4A7B2587BFA6B680798D6A6175BA3ABAC52B2BE583849FC3C47A6B7B9BB6CE18AF23BFC54E8F04AA6AF3
290 C9AE5920BA2CFC9A765C25D8B75E8A42845F5B13F8B9386698C31D01BDDE572BD181E45FD46666BB9D3F5043D2B3F7B4B3D301DA403CED22ADBB60544D2000EBB3FEF3E1674DB2F2BB81A81573B3556689FD2AF740367EB9C7CFFC08BD95471849C456B9AD93BA9462A541FBD7618E9BF8F8B8DC76233D22826085E06F8CC22C4DB46DE8A6E666FBF678052E80B5D116B4CAC4FCA1C3348F45895D823842E6A4E2B605F0F8CCD9A75F59B3B4BBC102B9B7F948EC28AB60BF4FD5441E4EF48B25D6A50C5AAEB882EE9862E042F54510366730B8DD56C02FC43CD95F6EF7B92379E6DED28764CDD22899C845F484EF8F777B9A527FC1
291 E5E324CDCAEA29DE1EFB3E2280B51E4461A692A5844F64E6917677907A7825A8ABBEF11E0D8A5D70DF703D4D4014FE0A125E5A409AD7DC9B5F2ECBDF518C8ECE783F217268CFED93689AEB5D970B3C898B7ACB8868E2D284A85F1B82926C67F6F6675F78799CC280E4197AB3800B00ED9B063B9A00F483CDD5158DCE31B575F579E4206D32E483994B58D5EA7FBE224326672ED00BA1B432796E78B80816D641BE4F81BF8CCA5A2E93A0E9FA4D61334E893903E133DA215295FAF00F9BA1F224BC700ABCD6A94FB4C1A006BD5673D304B207F8EE6752F41C4D2F7DE310266EAF61B0545A26FAC66A46B90015FC2374D4FD01F836DD
292 746B5BD406C84FDBC8EF4DEC7D79831630B45579D7865695BDB288C0E8DB39749200B0720F6FAF1CBB3F2EE6C6FF3DA72B4C8505D50732DBEE2E92CD9A13B6919D5173DBA708B44C36129A3494DCD77B9991F88F528FF11706E0D6EFC67705937F5A11FCBC984F89F2A4168A8ED2A391FAD06C1E15F838B890126DF650DA803661448F8CEA755F15432A83C899CB0AFCB5D922514DF19697416DDC79CA2AC7CB30AEADEC2D68B0F43D178DAB33656E3CDF08A3D2B903797E74210478526D49AA740F906789740826DDD3CF2E5F032B9E053685560848F127A1A844BF00C5819FFEB2016E0DBC86BF375554DC28EC2DC7FD8830AA3D
293
- 85D8EE9E1B9365BC2288699F301BF3D7109BDDBDB804F930EE855AAE7674806A57261DD216B816C2B5ECB6C8E8D62111065F6AB4AD9CD95AC8FA419F5FCCBC40(7 . 16)(7 . 20)- 57AD398331BF9B99C93592FCA3BDEFF7CA8EBFD630EC3FC142706498EB4A7DCB05F21520670D5945C26046237C7DE2C93E021801157B5BF8BF99308FB004D8E4
298
299 package body IO_RSA is
300
301 procedure ReadRSAKey( Filename: in String; Key: out RSA_OAEP.RSA_skey ) is
302 procedure ReadRSAKey( Filename : in String;
303 E_Len_Chars : in Positive;
304 D_Len_Chars : in Positive;
305 Key : out RSA_OAEP.RSA_skey ) is
306 package Char_IO is new Ada.Sequential_IO(Character);
307 use Char_IO;
308 Full : String(1..RSA_len'Length*2) := (others => '0');
309 Half : String(1..RSA_half'Length*2) := (others => '0');
310 e : String(1..E_Len_Chars) := (others => '0');
311 d : String(1..D_Len_Chars) := (others => '0');
312 F : Char_IO.File_Type;
313 C : Character;
314 begin
315 Open( File => F, Mode => In_File, Name => Filename );
316
317 -- read n
318 for I in Full'Range loop
319 Read(F, Full(I));
(24 . 23)(28 . 33)
321 -- read new line character and convert to hex
322 Read(F, C);
323 Hex2Octets(Full, Key.n);
324
325 -- read e
326 for I in Half'Range loop
327 Read(F, Half(I));
328 for I in e'Range loop
329 Read(F, e(I));
330 end loop;
331 -- read new line character and convert to hex
332 -- read new line character and convert to hex, pad with 0 if needed
333 Read(F, C);
334 -- move it to Half, possibly at the end if e'len < half'len (0-led)
335 if e'Length > Half'Length then
336 raise Incorrect_E_Len;
337 else
338 Half(Half'Last-e'Length+1 .. Half'Last) := e;
339 end if;
340 Hex2Octets(Half, Key.e);
341
342 -- read d
343 for I in Full'Range loop
344 Read(F, Full(I));
345 for I in d'Range loop
346 Read(F, d(I));
347 end loop;
348
349 -- read new line character and convert to hex
350 Read(F, C);
351 if d'Length > Full'Length then
352 raise Incorrect_D_Len;
353 else
354 Full := ( others => '0' );
355 Full(Full'Last-d'Length+1 .. Full'Last) := d;
356 end if;
357 Hex2Octets(Full, Key.d);
358
359 -- read p
360 for I in Half'Range loop
361 Read(F, Half(I));
(48 . 7)(62 . 6)
363 -- read new line character and convert to hex
364 Read(F, C);
365 Hex2Octets(Half, Key.p);
366
367 -- read q
368 for I in Half'Range loop
369 Read(F, Half(I));
(56 . 16)(69 . 13)
371 -- read new line character and convert to hex
372 Read(F, C);
373 Hex2Octets(Half, Key.q);
374
375 -- read u
376 for I in Half'Range loop
377 Read(F, Half(I));
378 end loop;
379 Hex2Octets(Half, Key.u);
380
381 -- Close file
382 Close( F );
383
384 exception
385 when Char_IO.End_Error =>
386 Put_Line("ReadRSAKey ERROR: Unexpected end of file in " & Filename);
(80 . 7)(90 . 7)
388 H : String(1..Hex'Length+Hex'Length mod 2) := (others=>'0');
389 begin
390 -- first char is 0 if needed to cover full octet...
391 H(H'Length-Hex'Length+1..H'Length) := Hex;
392 H(H'Last-Hex'Length+1..H'Last) := Hex;
393 O := (others => 0);
394 for I in 0 .. H'Length/2-1 loop
395 S := "16#" & H(H'First + I*2 .. H'First + I*2 + 1) & "#";
(7 . 13)(7 . 24)
400
401 package IO_RSA is
402
403 Incorrect_E_Len: exception;
404 Incorrect_D_Len: exception;
405
406 -- reads a full private key from specified file, in Hex format
407 -- one component per line, in order: n, e, d, p, q, u
408 -- NB: length of each component has to match *precisely* the expected length
409 -- e (public exponent) has the length given as argument
410 -- if E_Len < RSA_half'Length then e is stored 0-led in Key.e
411 -- if E_Len > RSA_half'Length then this will FAIL.
412 -- specifically, using Raw_Types:
413 -- n, d are RSA_len'Length*2;
414 -- e, p, q, u are RSA_half'Length*2
415 procedure ReadRSAKey( Filename: in String; Key: out RSA_OAEP.RSA_skey );
416 -- n is RSA_len'Length octets (so *2 chars read);
417 -- p, q, u are RSA_half'Length (so *2 chars read);
418 -- e is RSA_half'Length but E_Len_Chars chars will be read;
419 -- d is RSA_len'Length but D_Len_Chars chars will be read;
420 procedure ReadRSAKey( Filename : in String;
421 E_Len_Chars : in Positive;
422 D_Len_Chars : in Positive;
423 Key : out RSA_OAEP.RSA_skey );
424
425 -- convert hexadecimal strings to octets representation
426 procedure Hex2Octets( Hex: in String; O: out Raw_Types.Octets );
- A8A3F14CBACAEC0691D66C7058CD758C510E3ADDEC91D5529093F6259AD65D3353B714F316A32CDE7CC476CAC611B167250CE6615DB506CB7D62ED98CBCC8BDF(74 . 7)(74 . 8)
431 Pkt : RSA_Pkt;
432 begin
433 -- initialize with RSA pair previously generated
434 IO_RSA.ReadRSAKey( "keys_rsa.txt", SKey );
435 IO_RSA.ReadRSAKey( "keys_rsa.txt", Raw_Types.RSA_KEY_OCTETS,
436 Raw_Types.RSA_KEY_OCTETS*2, SKey );
437
438 -- copy n and e for public key
439 PKey.n := SKey.n;
- 6D2A795035290C00E290240A4D93260ACDC2D7253CE4742BEE41515920FDFB6EE78C4154753EF5F0FFF15DED3D28FC69CA0AA90EF417FAC0E914F3E4D4EB4A10(96 . 7)(96 . 9)- 30C188E997945F1E93BE60C3D4C9D19F96C316252CA5FD8E538BCE871D6E67C0538EE113EA9456B37E0E91572D2B218E70B139A5BDB8D79B64EED2D5E7AFC71B
444 end test_oaep;
445
446 -- test JUST RSA (i.e. without oaep) with RSA key pair previously generated
447 procedure test_rsa is
448 procedure test_rsa( E_Len : in Positive;
449 D_Len : in Positive;
450 Filename : in String) is
451 Plain: OAEP_Block := (others => 0);
452 Decr : OAEP_Block := (others => 0);
453 Encr : RSA_len;
(104 . 7)(106 . 7)
455 skey: RSA_skey;
456 begin
457 -- initialize with RSA pair previously generated
458 IO_RSA.ReadRSAKey( "keys_rsa.txt", skey );
459 IO_RSA.ReadRSAKey( Filename, E_Len, D_Len, skey );
460
461 -- copy n and e for public key
462 pkey.n := skey.n;
(114 . 11)(116 . 12)
464 -- make first octet < RSA key's modulus first octet
465 Plain(Plain'First) := 16#00#;
466 -- naked rsa encrypt/decrypt
467 Put_Line("Encrypting with RSA public key...");
468 Put_Line("Encrypting with RSA public key with e len " &
469 Positive'Image(E_Len) & "...");
470 Public_RSA( Plain, pkey, Encr );
471 Put_Line("Decrypting with RSA private key...");
472 Put_Line("Decrypting with RSA private key...");
473 Private_RSA( Encr, skey, Decr );
474 Put_Line("Checking...");
475 Put_Line("Checking...");
476
477 -- check result
478 if Decr /= Plain then
(140 . 7)(143 . 8)
480 Len : Natural;
481 begin
482 -- initialize with RSA pair previously generated
483 IO_RSA.ReadRSAKey( "keys_rsa.txt", skey );
484 IO_RSA.ReadRSAKey( "keys_rsa.txt", Raw_Types.RSA_KEY_OCTETS,
485 Raw_Types.RSA_KEY_OCTETS*2, skey );
486 -- copy n and e for public key
487 pkey.n := skey.n;
488 pkey.e := skey.e;
(6 . 7)(6 . 9)
493 package Test_RSA_OAEP is
494 procedure test_char_array;
495 procedure test_oaep; -- test oaep only
496 procedure test_rsa; -- test rsa only
497 procedure test_rsa( E_Len : in Positive;
498 D_Len : in Positive;
499 Filename : in String);-- test rsa only
500 procedure test_rsa_oaep; -- test rsa+oaep
501
502 procedure PrintOctets( O: in Raw_Types.Octets; Title: in String );
- 4FCBE6D5F83C385C895668661F49EC5994D54B274866F52ED032815938CE3B3CDF94D8DFC18523AAA45AD17F9D691263AA6EF4080FB8CC55F2184217AF041F4A(4 . 13)(4 . 17)
507 with Test_Packing;
508 with Test_RSA_OAEP;
509 with Messages.Test_Serializing;
510 with Raw_Types;
511
512 procedure testall is
513 begin
514 Test_Serpent.Selftest;
515 Test_RSA_OAEP.test_char_array;
516 Test_RSA_OAEP.test_oaep;
517 Test_RSA_OAEP.test_rsa;
518 Test_RSA_OAEP.test_rsa( Raw_Types.RSA_KEY_OCTETS,
519 Raw_Types.RSA_KEY_OCTETS*2, "keys_rsa.txt" );
520 Test_RSA_OAEP.test_rsa( Raw_Types.E_LENGTH_OCTETS*2,
521 Raw_Types.RSA_KEY_OCTETS*2 - 1, "8_keys.txt" );
522 Test_RSA_OAEP.test_rsa_oaep;
523 Test_Packing.Test_Pack_Unpack_Serpent;
524 Test_Packing.Test_Pack_Unpack_RSA;