5 /* nettle, low-level cryptographics library
7 * Copyright (C) 2002 Niels Möller
9 * The nettle library is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU Lesser General Public License as published by
11 * the Free Software Foundation; either version 2.1 of the License, or (at your
12 * option) any later version.
14 * The nettle library is distributed in the hope that it will be useful, but
15 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
16 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
17 * License for more details.
19 * You should have received a copy of the GNU Lesser General Public License
20 * along with the nettle library; see the file COPYING.LIB. If not, write to
21 * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
35 /* string.h must be included before gmp.h */
43 #include "rsa-session.h"
48 rsa_session_set_encrypt_key(struct rsa_session *ctx,
49 const struct rsa_session_info *key)
51 const uint8_t *aes_key = SESSION_AES_KEY(key);
52 const uint8_t *iv = SESSION_IV(key);
53 const uint8_t *hmac_key = SESSION_HMAC_KEY(key);
55 aes_set_encrypt_key(&ctx->aes.ctx, AES_KEY_SIZE, aes_key);
56 CBC_SET_IV(&ctx->aes, iv);
57 hmac_sha1_set_key(&ctx->hmac, SHA1_DIGEST_SIZE, hmac_key);
61 write_uint32(FILE *f, uint32_t n)
64 WRITE_UINT32(buffer, n);
66 return write_string(f, sizeof(buffer), buffer);
70 write_version(FILE *f)
72 return write_uint32(f, 1);
76 write_bignum(FILE *f, mpz_t x)
78 unsigned size = nettle_mpz_sizeinbase_256_u(x);
82 if (!write_uint32(f, size))
86 nettle_mpz_get_str_256(size, p, x);
88 res = write_string(f, size, p);
94 process_file(struct rsa_session *ctx,
97 uint8_t buffer[AES_BLOCK_SIZE * 100];
101 padding = leftover = 0;
105 size_t size = fread(buffer, 1, sizeof(buffer), in);
108 werror("Reading input failed: %s\n", strerror(errno));
112 hmac_sha1_update(&ctx->hmac, size, buffer);
113 if (size < sizeof(buffer))
115 /* Setting padding != ends the loop */
116 leftover = size % AES_BLOCK_SIZE;
117 padding = AES_BLOCK_SIZE - leftover;
124 CBC_ENCRYPT(&ctx->aes, aes_encrypt, size, buffer, buffer);
125 if (!write_string(out, size, buffer))
127 werror("Writing output failed: %s\n", strerror(errno));
134 memcpy(buffer, buffer + size, leftover);
140 yarrow256_random(&ctx->yarrow, padding - 1, buffer + leftover);
142 buffer[AES_BLOCK_SIZE - 1] = padding;
143 CBC_ENCRYPT(&ctx->aes, aes_encrypt, AES_BLOCK_SIZE, buffer, buffer);
144 hmac_sha1_digest(&ctx->hmac, SHA1_DIGEST_SIZE, buffer + AES_BLOCK_SIZE);
146 if (!write_string(out, AES_BLOCK_SIZE + SHA1_DIGEST_SIZE, buffer))
148 werror("Writing output failed: %s\n", strerror(errno));
156 main(int argc, char **argv)
158 struct rsa_session ctx;
159 struct rsa_session_info info;
161 struct rsa_public_key key;
165 const char *random_name = NULL;
167 while ( (c = getopt(argc, argv, "o:r:")) != -1)
171 random_name = optarg;
175 if (isprint (optopt))
176 werror("Unknown option `-%c'.\n", optopt);
178 werror("Unknown option character `\\x%x'.\n",
190 werror("Usage: rsa-encrypt [-r random-file] PUBLIC-KEY < cleartext\n");
194 rsa_public_key_init(&key);
196 if (!read_rsa_key(argv[0], &key, NULL))
198 werror("Invalid key\n");
202 /* NOTE: No sources */
203 yarrow256_init(&ctx.yarrow, 0, NULL);
205 /* Read some data to seed the generator */
206 if (!simple_random(&ctx.yarrow, random_name))
208 werror("Initialization of randomness generator failed.\n");
212 WRITE_UINT32(SESSION_VERSION(&info), RSA_VERSION);
214 yarrow256_random(&ctx.yarrow, sizeof(info.key) - 4, info.key + 4);
216 rsa_session_set_encrypt_key(&ctx, &info);
218 write_version(stdout);
222 if (!rsa_encrypt(&key,
223 &ctx.yarrow, (nettle_random_func *) yarrow256_random,
224 sizeof(info.key), info.key,
227 werror("RSA encryption failed.\n");
231 write_bignum(stdout, x);
233 if (!process_file(&ctx,
237 rsa_public_key_clear(&key);