123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198 |
- #include <openssl/pem.h>
- #include <stdint.h>
- #include <string.h>
- #include <unistd.h>
- int check(RSA* key) {
- int public_exponent = BN_get_word(key->e);
- int modulus = BN_num_bits(key->n);
- if (public_exponent != 65537) {
- fprintf(stderr, "WARNING: Public exponent should be 65537 (but is %d).\n",
- public_exponent);
- }
- if (modulus != 1024 && modulus != 2048 && modulus != 4096
- && modulus != 8192) {
- fprintf(stderr, "ERROR: Unknown modulus length = %d.\n", modulus);
- return 0;
- }
- return 1;
- }
- void output(RSA* key) {
- int i, nwords;
- BIGNUM *N = key->n;
- BIGNUM *Big1 = NULL, *Big2 = NULL, *Big32 = NULL, *BigMinus1 = NULL;
- BIGNUM *B = NULL;
- BIGNUM *N0inv= NULL, *R = NULL, *RR = NULL, *RRTemp = NULL, *NnumBits = NULL;
- BIGNUM *n = NULL, *rr = NULL;
- BN_CTX *bn_ctx = BN_CTX_new();
- uint32_t n0invout;
- N = key->n;
-
- nwords = BN_num_bits(N) / 32;
- if (-1 == write(1, &nwords, sizeof(nwords)))
- goto failure;
-
- Big1 = BN_new();
- Big2 = BN_new();
- Big32 = BN_new();
- BigMinus1 = BN_new();
- N0inv= BN_new();
- R = BN_new();
- RR = BN_new();
- RRTemp = BN_new();
- NnumBits = BN_new();
- n = BN_new();
- rr = BN_new();
- BN_set_word(Big1, 1L);
- BN_set_word(Big2, 2L);
- BN_set_word(Big32, 32L);
- BN_sub(BigMinus1, Big1, Big2);
- B = BN_new();
- BN_exp(B, Big2, Big32, bn_ctx);
-
- BN_mod_inverse(N0inv, N, B, bn_ctx);
- BN_sub(N0inv, B, N0inv);
- n0invout = BN_get_word(N0inv);
- if (-1 == write(1, &n0invout, sizeof(n0invout)))
- goto failure;
-
- BN_set_word(NnumBits, BN_num_bits(N));
- BN_exp(R, Big2, NnumBits, bn_ctx);
-
- BN_copy(RR, R);
- BN_mul(RRTemp, RR, R, bn_ctx);
- BN_mod(RR, RRTemp, N, bn_ctx);
-
- for (i = 0; i < nwords; ++i) {
- uint32_t nout;
- BN_mod(n, N, B, bn_ctx);
- nout = BN_get_word(n);
- if (-1 == write(1, &nout, sizeof(nout)))
- goto failure;
- BN_rshift(N, N, 32);
- }
-
- for (i = 0; i < nwords; ++i) {
- uint32_t rrout;
- BN_mod(rr, RR, B, bn_ctx);
- rrout = BN_get_word(rr);
- if (-1 == write(1, &rrout, sizeof(rrout)))
- goto failure;
- BN_rshift(RR, RR, 32);
- }
- failure:
-
- BN_free(Big1);
- BN_free(Big2);
- BN_free(Big32);
- BN_free(BigMinus1);
- BN_free(N0inv);
- BN_free(R);
- BN_free(RRTemp);
- BN_free(NnumBits);
- BN_free(n);
- BN_free(rr);
- }
- int main(int argc, char* argv[]) {
- int cert_mode = 0;
- FILE* fp;
- X509* cert = NULL;
- RSA* pubkey = NULL;
- EVP_PKEY* key;
- char *progname;
- if (argc != 3 || (strcmp(argv[1], "-cert") && strcmp(argv[1], "-pub"))) {
- progname = strrchr(argv[0], '/');
- if (progname)
- progname++;
- else
- progname = argv[0];
- fprintf(stderr, "Usage: %s <-cert | -pub> <file>\n", progname);
- return -1;
- }
- if (!strcmp(argv[1], "-cert"))
- cert_mode = 1;
- fp = fopen(argv[2], "r");
- if (!fp) {
- fprintf(stderr, "Couldn't open file %s!\n", argv[2]);
- return -1;
- }
- if (cert_mode) {
-
- if (!PEM_read_X509(fp, &cert, NULL, NULL)) {
- fprintf(stderr, "Couldn't read certificate.\n");
- goto fail;
- }
-
- key = X509_get_pubkey(cert);
-
- if (!(pubkey = EVP_PKEY_get1_RSA(key))) {
- fprintf(stderr, "Couldn't convert to a RSA style key.\n");
- goto fail;
- }
- } else {
-
- if (!(pubkey = PEM_read_RSA_PUBKEY(fp, NULL, NULL, NULL))) {
- fprintf(stderr, "Couldn't read public key file.\n");
- goto fail;
- }
- }
- if (check(pubkey)) {
- output(pubkey);
- }
- fail:
- X509_free(cert);
- RSA_free(pubkey);
- fclose(fp);
- return 0;
- }
|