diff options
| -rw-r--r-- | Makefile | 2 | ||||
| -rw-r--r-- | lib/lib6.c | 98 | ||||
| -rw-r--r-- | lib/lib6.h | 16 | ||||
| -rw-r--r-- | set6/task42.c | 70 |
4 files changed, 185 insertions, 1 deletions
@@ -1,5 +1,5 @@ # call all makefiles in sudirs -DIRS = set1 set2 set3 set4 +DIRS = set1 set2 set3 set4 set5 set6 compile: @+for i in $(DIRS); do \ @@ -0,0 +1,98 @@ +#include "lib6.h" +#include "lib5.h" +#include "lib4.h" +#include "lib3.h" +#include "lib2.h" +#include "lib.h" + + +int rsa_sign_bignum(BIGNUM *message, BIGNUM *signed_message, struct rsa_key_bignum *private) +{ + rsa_encrypt_bignum(message, signed_message, private); +} + +int rsa_verify_bignum(BIGNUM *signed_message, BIGNUM *org_message, struct rsa_key_bignum *public) +{ + BIGNUM *res = BN_new(); + int ret = -1; + + rsa_decrypt_bignum(signed_message, res, public); + ret = BN_cmp(res, org_message); + printf("\nverfied mess ret: %i, message:\n", ret); + BN_print(out, res); + printf("\n"); + BN_free(res); + + return ret == 0; +} +/** + * construct a VALID pkcs_padding + **/ +void pkcs1_5_padding(char *message, char *result, unsigned int target_length_byte) +{ + SHA1Context sha1; + char sha1_hash[20]; + int i; + + memset(result, 0xff, target_length_byte); + result[0] = 0x00; + result[1] = 0x01; + result[target_length_byte-21] = 0x00; + + // TODO ASN.1 things + + SHA1Reset(&sha1); + SHA1Input(&sha1, message, strlen(message)); + SHA1Result(&sha1); + memcpy(sha1_hash, &(sha1.Message_Digest), 20); + + for(i = 20;i>0;i--) + result[target_length_byte-i] = sha1_hash[20-i]; +} + +int pkcs1_5_padding_verify(char *to_verify, int len, char *message) +{ + char result[1024/8]; + int i; + + // construct the padding how the expect it and than compare + pkcs1_5_padding(message, result, 1024/8); + // printf both paddings + char buf[(1024/8)*2]; + hex_binary_to_string(result, buf, 1024/8); + printf("expected padding:\n%s\n", buf); + hex_binary_to_string(to_verify, buf, len); + printf("got:\n%s\n", buf); + + return memcmp(to_verify, result, 128) == 0; +} + +int shitty_pkcs1_5_padding_verify(char *to_verify, int len, char *message) +{ + int i = 2; + SHA1Context sha1; + char sha1_hash[20]; + + if (len < 2 && to_verify[0] != 0x00 && to_verify[1] != 0x01) + return 0; + + // search for the next 0x00 no matter what's in between + while(to_verify[i] != 0x00) + i++; + + i++; + // TODO check asn.1 things + // verfiy the hash + SHA1Reset(&sha1); + SHA1Input(&sha1, message, strlen(message)); + SHA1Result(&sha1); + memcpy(sha1_hash, &(sha1.Message_Digest), 20); + + int j; + for(j=0;j<20;j++, i++) { + if (to_verify[i] != sha1_hash[j]) + return 0; + } + + return 1; +} @@ -0,0 +1,16 @@ +#ifndef __LIB_6_H__ +#define __LIB_6_H__ +#include "lib6.h" +#include "lib5.h" +#include "lib4.h" +#include "lib3.h" +#include "lib2.h" +#include "lib.h" + + +int rsa_sign_bignum(BIGNUM *message, BIGNUM *signed_message, struct rsa_key_bignum *private); +int rsa_verify_bignum(BIGNUM *signed_message, BIGNUM *org_message, struct rsa_key_bignum *public); +int shitty_pkcs1_5_padding_verify(char *to_verify, int len, char *message); +int pkcs1_5_padding_verify(char *to_verify, int len, char *message); + +#endif /* __LIB_6_H__ */ diff --git a/set6/task42.c b/set6/task42.c new file mode 100644 index 0000000..253836c --- /dev/null +++ b/set6/task42.c @@ -0,0 +1,70 @@ +#include "../lib/lib.h" +#include "../lib/lib2.h" +#include "../lib/lib3.h" +#include "../lib/lib4.h" +#include "../lib/lib5.h" +#include "../lib/lib6.h" +/** + * you do not have the secrect key to sign the message + * but you try to find a number which gives a "valid" padding + * if the number is e-th rooted + * to verfiy the signature the message is exponiated with e + * when this didn't wrap around then it is a "valid" padding + * + * make the littlest possible number and exponiated it with e + * hope that it did not wrap around and the e-th root is + * + **/ +int main() +{ + struct rsa_key_bignum public, private; + SHA1Context sha1; + + BIGNUM *mess = BN_new(); + BIGNUM *forged = BN_new(); + BIGNUM *signed_mess = BN_new(); + BIGNUM *restored = BN_new(); + out = BIO_new(BIO_s_file()); + BIO_set_fp(out, stdout, BIO_NOCLOSE); + + ctx = BN_CTX_new(); + + char *str_mess = "hi mom"; + char *sha1_hash[20]; + int pk_mess_len = 20 + strlen(str_mess) + 4 + 50; + char *pk_mes = malloc(pk_mess_len); + + rsa_generate_key_bignum(&public, &private); + + SHA1Reset(&sha1); + SHA1Input(&sha1, str_mess, strlen(str_mess)); + SHA1Result(&sha1); + memcpy(sha1_hash, &(sha1.Message_Digest), 20); + + pk_mes[0] = 0x00; + pk_mes[1] = 0x01; + pk_mes[2] = 0xff; + pk_mes[3] = 0x00; + memcpy(&pk_mes[4], sha1_hash, 20); + + // does this padding verify? + printf("padding verfied: %i\n", shitty_pkcs1_5_padding_verify(pk_mes, pk_mess_len, str_mess)); + BN_bin2bn(pk_mes, pk_mess_len, mess); + // sign with knowing the private key + //rsa_encrypt_bignum(mess, signed_mess, &private); + // "sign" without knowing the private key + BIGNUM *n3 = BN_new(); + BN_set_word(n3, 3); + nth_root_bignum(signed_mess, mess, n3); + + + // verfiy + rsa_decrypt_bignum(signed_mess, restored, &public); + + char *rest_mess = malloc(BN_num_bytes(restored)); + BN_bn2bin(restored, rest_mess); + + printf("\nverfied after cube root and exp: %i\n", shitty_pkcs1_5_padding_verify(rest_mess, BN_num_bytes(restored), str_mess)); + printf("padding from better verifier function: %i\n", + pkcs1_5_padding_verify(pk_mes, pk_mess_len, str_mess)); +} |