2 // Open Service Platform
3 // Copyright (c) 2012 Samsung Electronics Co., Ltd.
5 // Licensed under the Apache License, Version 2.0 (the License);
6 // you may not use this file except in compliance with the License.
7 // You may obtain a copy of the License at
9 // http://www.apache.org/licenses/LICENSE-2.0
11 // Unless required by applicable law or agreed to in writing, software
12 // distributed under the License is distributed on an "AS IS" BASIS,
13 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 // See the License for the specific language governing permissions and
15 // limitations under the License.
19 * @file FSecCrypto_KeaCore.cpp
20 * @brief This file contains implementation of Kea Key Exchange algorithms and Shared Secret Generation.
23 #include <openssl/bn.h>
24 #include <unique_ptr.h>
25 #include <FBaseResult.h>
26 #include <FBaseErrors.h>
27 #include <FBaseSysLog.h>
28 #include "FSecCrypto_KeaCore.h"
29 #include "FSecCrypto_SkipJackCore.h"
31 namespace Tizen { namespace Security { namespace Crypto
34 static const int _DATA_ARRAY_SIZE = 2;
35 static const int _KEA_KEY_LOOP_VAR_1 = 5;
36 static const int _KEA_KEY_LOOP_VAR_2 = 7;
37 static const int _ONE_BIT_RESET_VAL = 0x00;
38 static const int _KEA_LSB_VAL_1 = 2;
39 static const int _KEA_LSB_VAL_2 = 3;
40 static const int _KEA_MSB_VAL_1 = 9;
41 static const int _KEA_MSB_VAL_2 = 8;
42 static const int _TWO_BYTE_VAL = 16;
43 static const int _CRYPTO_VARIABLE_SIGNIFICANT_BITS_ = 20;
44 static const int _PUBLIC_KEY_LENGTH = 1024;
47 _KeaCore::CreateKeaN(void)
51 std::unique_ptr <Kea> pRet (new (std::nothrow) Kea());
52 SysTryReturn(NID_SEC_CRYPTO, pRet != null, null, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] Allocating new Kea object failed.");
58 pRet->pPubKey1 = null;
59 pRet->pPrivKey1 = null;
60 pRet->pPubKey2 = null;
61 pRet->pPrivKey2 = null;
63 return pRet.release();
67 _KeaCore::DeleteKea(Kea* pKea)
71 BN_clear_free(pKea->pP);
76 BN_clear_free(pKea->pG);
79 if (pKea->pPubKey1 != null)
81 BN_clear_free(pKea->pPubKey1);
84 if (pKea->pPrivKey1 != null)
86 BN_clear_free(pKea->pPrivKey1);
89 if (pKea->pPubKey2 != null)
91 BN_clear_free(pKea->pPubKey2);
94 if (pKea->pPrivKey2 != null)
96 BN_clear_free(pKea->pPrivKey2);
103 _KeaCore::ComputeKeaKey(byte** ppKey, BIGNUM* pPublicKey1, BIGNUM* pPublicKey2, Kea& keaVar)
105 result r = E_SUCCESS;
107 byte secret[_PUBLIC_KEY_LENGTH] = {0, };
110 BIGNUM* pTmp1 = null;
113 SysTryReturn(NID_SEC_CRYPTO, ppKey != null && pPublicKey1 != null && pPublicKey2 != null
114 , E_INVALID_ARG, E_INVALID_ARG, "[E_INVALID_ARG] Input key data and public keys should be valid.");
117 SysTryReturn(NID_SEC_CRYPTO, pCtx != null, E_OUT_OF_MEMORY, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] Failed to allocate memory.");
119 // Managing 1st set of public and private key
121 pTmp = BN_CTX_get(pCtx);
122 SysTryCatch(NID_SEC_CRYPTO, pTmp != null, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
124 SysTryCatch(NID_SEC_CRYPTO, keaVar.pPrivKey1 != null, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] Private key is not available.");
126 ret = BN_mod_exp(pTmp, pPublicKey1, keaVar.pPrivKey1, keaVar.pP, pCtx);
127 SysTryCatch(NID_SEC_CRYPTO, ret == 1, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
129 // Managing 2nd set of public and private key
130 pTmp1 = BN_CTX_get(pCtx);
131 SysTryCatch(NID_SEC_CRYPTO, pTmp1 != null, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
133 SysTryCatch(NID_SEC_CRYPTO, keaVar.pPrivKey2 != null, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] Private key is not available.");
135 ret = BN_mod_exp(pTmp1, pPublicKey2, keaVar.pPrivKey2, keaVar.pP, pCtx);
136 SysTryCatch(NID_SEC_CRYPTO, ret == 1, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
138 // Performing operation pRem = (pTmp + pTmp1) mod p
139 pRem = BN_CTX_get(pCtx);
140 SysTryCatch(NID_SEC_CRYPTO, pRem != null, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
142 ret = BN_add(pRem, pTmp, pTmp1);
143 SysTryCatch(NID_SEC_CRYPTO, ret == 1, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
145 ret = BN_mod(pTmp, pRem, keaVar.pP, pCtx);
146 SysTryCatch(NID_SEC_CRYPTO, ret == 1, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
148 ret = BN_bn2bin(pTmp, secret);
149 SysTryCatch(NID_SEC_CRYPTO, ret > 0, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
153 *ppKey = ComputeKeaSecret(secret, ret);
154 SysTryCatch(NID_SEC_CRYPTO, *ppKey != null, r = GetLastResult(), GetLastResult(), "[%s] Kea key secret should be valid.", GetErrorMessage(GetLastResult()));
167 _KeaCore::ComputeKeaSecret(byte* pKey, int len)
169 result r = E_SUCCESS;
172 byte pad[_SKIPJACK_KEY_LENGTH] = {0x72, 0xf1, 0xa8, 0x7e, 0x92, 0x82, 0x41, 0x98, 0xab, 0x0b};
173 byte vector3[_DATA_ARRAY_SIZE] = {0, };
174 SkipJackKey sjVar = {{0, }, };
182 std::unique_ptr <byte[]> pVector1 (new (std::nothrow) byte[_SKIPJACK_KEY_LENGTH]);
183 SysTryReturn(NID_SEC_CRYPTO, pVector1 != null, null, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] Allocating new byte array failed.");
185 std::unique_ptr <byte[]> pVector2 (new (std::nothrow) byte[_SKIPJACK_KEY_LENGTH]);
186 SysTryCatch(NID_SEC_CRYPTO, pVector2 != null, r = E_OUT_OF_MEMORY, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] Allocating new byte array failed.");
189 SysTryCatch(NID_SEC_CRYPTO, pCtx != null, r = E_OUT_OF_MEMORY, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] Failed to allocate memory.");
191 memset(&sjVar, 0, sizeof(sjVar));
193 memcpy(pVector1.get(), (pKey + len - _SKIPJACK_KEY_LENGTH), _SKIPJACK_KEY_LENGTH);
195 memcpy(pVector2.get(), (pKey + len - _CRYPTO_VARIABLE_SIGNIFICANT_BITS_), _SKIPJACK_KEY_LENGTH);
197 for (index = 0; index < _KEA_KEY_LOOP_VAR_1; index++)
199 pVector1.get()[index] = pVector1.get()[index] + pVector1.get()[_KEA_MSB_VAL_1 - index];
200 pVector1.get()[_KEA_MSB_VAL_1 - index] = pVector1.get()[index] - pVector1.get()[_KEA_MSB_VAL_1 - index];
201 pVector1.get()[index] = pVector1.get()[index] - pVector1.get()[_KEA_MSB_VAL_1 - index];
203 pVector2.get()[index] = pVector2.get()[index] + pVector2.get()[_KEA_MSB_VAL_1 - index];
204 pVector2.get()[_KEA_MSB_VAL_1 - index] = pVector2.get()[index] - pVector2.get()[_KEA_MSB_VAL_1 - index];
205 pVector2.get()[index] = pVector2.get()[index] - pVector2.get()[_KEA_MSB_VAL_1 - index];
208 //for creating key pVector1 ^ pad
209 for (index = 0; index < _SKIPJACK_KEY_LENGTH; index++)
211 pVector1.get()[index] = pVector1.get()[index] ^ pad[index];
214 //for doing (pVector2 / 2^16) mod 2 ^64
215 //1st Step: we perform left shift on pVector2 by 2 bytes to perform (pVector2 / 2^16)
216 for (index = _KEA_KEY_LOOP_VAR_2; index >= 0; index--)
218 pVector2.get()[_DATA_ARRAY_SIZE + index] = pVector2.get()[index];
221 //Setting 1st 2 bytes as 0 in continuation from the above operation
222 // no need for explicitly doing mod 2^64 opeartion since number will be the same
223 // as 2^64 -1 = 0xFFFFFFFFFFFFFFFF and that is the biggest 64 bit number
224 // and x is also a 64 bit number
225 // therefore x mod 2^64 = x
226 for (index = 0; index < _DATA_ARRAY_SIZE; index++)
228 pVector2.get()[index] = _ONE_BIT_RESET_VAL;
231 // making modified pVector1 as key for doing skipjack operation
232 for (index = 0; index < _SKIPJACK_KEY_LENGTH; index++)
234 sjVar.keyVal[index] = pVector1.get()[index];
239 pBn2 = BN_CTX_get(pCtx);
240 SysTryCatch(NID_SEC_CRYPTO, pBn2 != null, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
242 pBn3 = BN_CTX_get(pCtx);
243 SysTryCatch(NID_SEC_CRYPTO, pBn3 != null, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
245 //Peforming pVector2 mod 2exp16 and storing it in vector3
246 //pVector2 in to big number
247 pBn1 = BN_bin2bn(pVector2.get(), _SKIPJACK_KEY_LENGTH, null);
248 SysTryCatch(NID_SEC_CRYPTO, pBn1 != null, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
250 //2^16 into big number
251 ret = BN_lshift(pBn2, BN_value_one(), _TWO_BYTE_VAL);
252 SysTryCatch(NID_SEC_CRYPTO, ret == 1, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
254 // performing pVector2 mod 2^16
255 ret = BN_mod(pBn3, pBn1, pBn2, pCtx);
256 SysTryCatch(NID_SEC_CRYPTO, ret == 1, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
258 // storing it in array
259 ret = BN_bn2bin(pBn3, vector3);
260 SysTryCatch(NID_SEC_CRYPTO, ret > 0, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
262 //Performing encryption over (pVector2/2^16) mod 2 ^ 64
263 _SkipJackCore::DoCipherEcb(static_cast< const byte* >(pVector2.get() + _DATA_ARRAY_SIZE), pVector1.get(), sjVar, static_cast< bool >(1));
265 //Performing second encryption on the output data from previous encryption
266 for (index = _KEA_KEY_LOOP_VAR_2; index >= 0; index--)
268 pVector1.get()[_DATA_ARRAY_SIZE + index] = pVector1.get()[index];
269 //printf("%c\t",pVector2[index]);
272 for (index = 0; index < _DATA_ARRAY_SIZE; index++)
274 pVector1.get()[index] = _ONE_BIT_RESET_VAL;
275 //printf("%c \t",pVector2[index]);
278 _SkipJackCore::DoCipherEcb(static_cast< const byte* >(pVector1.get() + _DATA_ARRAY_SIZE), pVector2.get(), sjVar, static_cast< bool >(1));
280 // xoring pVector1 msb with vector3
281 pVector1.get()[0] = pVector1.get()[0] ^ vector3[0];
282 pVector1.get()[1] = pVector1.get()[1] ^ vector3[1];
284 //adding the xored bits as lsb in pVector1
285 pVector2.get()[_KEA_MSB_VAL_2] = pVector1.get()[_KEA_LSB_VAL_1];
286 pVector2.get()[_KEA_MSB_VAL_1] = pVector1.get()[_KEA_LSB_VAL_2];
296 return pVector2.release();
299 } } } //Tizen::Security::Crypto