Home Explore Help
Register Sign In
tittof
/
FiSH-irssi
Watch 1
Star 0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: fish2
Branches Tags
FiSH-irssi
/
src
/
DH1080.c

DH1080.c 5.2 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165 
  1. // New Diffie-Hellman 1080bit Key-exchange
    2. 

  2. 

  3. /* For Diffie-Hellman key-exchange a 1080bit germain prime is used, the
    4. 

  4.    generator g=2 renders a field Fp from 1 to p-1. Therefore breaking it
    5. 

  5.    means to solve a discrete logarithm problem with no less than 1080bit.
    6. 

  6. 

  7.    Base64 format is used to send the public keys over IRC.
    8. 

  8. 

  9.    The calculated secret key is hashed with SHA-256, the result is converted
    10. 

  10.    to base64 for final use with blowfish. */
    11. 

  11. 

  12. #include "DH1080.h"
    13. 

  13. 

  14. // ### new sophie-germain 1080bit prime number ###
    15. 

  15. static const unsigned char prime1080[DH1080_PRIME_BYTES] = 
    16. 

  16. {
    17. 

  17.     0xFB, 0xE1, 0x02, 0x2E, 0x23, 0xD2, 0x13, 0xE8, 0xAC, 0xFA, 0x9A, 0xE8,
    18. 

  18.     0xB9, 0xDF, 0xAD, 0xA3, 0xEA,
    19. 

  19.     0x6B, 0x7A, 0xC7, 0xA7, 0xB7, 0xE9, 0x5A, 0xB5, 0xEB, 0x2D, 0xF8, 0x58,
    20. 

  20.     0x92, 0x1F, 0xEA, 0xDE, 0x95,
    21. 

  21.     0xE6, 0xAC, 0x7B, 0xE7, 0xDE, 0x6A, 0xDB, 0xAB, 0x8A, 0x78, 0x3E, 0x7A,
    22. 

  22.     0xF7, 0xA7, 0xFA, 0x6A, 0x2B,
    23. 

  23.     0x7B, 0xEB, 0x1E, 0x72, 0xEA, 0xE2, 0xB7, 0x2F, 0x9F, 0xA2, 0xBF, 0xB2,
    24. 

  24.     0xA2, 0xEF, 0xBE, 0xFA, 0xC8,
    25. 

  25.     0x68, 0xBA, 0xDB, 0x3E, 0x82, 0x8F, 0xA8, 0xBA, 0xDF, 0xAD, 0xA3, 0xE4,
    26. 

  26.     0xCC, 0x1B, 0xE7, 0xE8, 0xAF,
    27. 

  27.     0xE8, 0x5E, 0x96, 0x98, 0xA7, 0x83, 0xEB, 0x68, 0xFA, 0x07, 0xA7, 0x7A,
    28. 

  28.     0xB6, 0xAD, 0x7B, 0xEB, 0x61,
    29. 

  29.     0x8A, 0xCF, 0x9C, 0xA2, 0x89, 0x7E, 0xB2, 0x8A, 0x61, 0x89, 0xEF, 0xA0,
    30. 

  30.     0x7A, 0xB9, 0x9A, 0x8A, 0x7F,
    31. 

  31.     0xA9, 0xAE, 0x29, 0x9E, 0xFA, 0x7B, 0xA6, 0x6D, 0xEA, 0xFE, 0xFB, 0xEF,
    32. 

  32.     0xBF, 0x0B, 0x7D, 0x8B
    33. 

  33. };
    34. 

  34. 

  35. // base16: FBE1022E23D213E8ACFA9AE8B9DFADA3EA6B7AC7A7B7E95AB5EB2DF858921FEADE95E6AC7BE7DE6ADBAB8A783E7AF7A7FA6A2B7BEB1E72EAE2B72F9FA2BFB2A2EFBEFAC868BADB3E828FA8BADFADA3E4CC1BE7E8AFE85E9698A783EB68FA07A77AB6AD7BEB618ACF9CA2897EB28A6189EFA07AB99A8A7FA9AE299EFA7BA66DEAFEFBEFBF0B7D8B
    36. 

  36. // base10: 12745216229761186769575009943944198619149164746831579719941140425076456621824834322853258804883232842877311723249782818608677050956745409379781245497526069657222703636504651898833151008222772087491045206203033063108075098874712912417029101508315117935752962862335062591404043092163187352352197487303798807791605274487594646923
    37. 

  37. 

  38. static DH * g_dh;
    39. 

  39. 

  40. int DH1080_Init(void)
    41. 

  41. {
    42. 

  42.     initb64();
    43. 

  43.     g_dh = DH_new();
    44. 

  44.     if(g_dh) {
    45. 

  45.         int codes = 0;
    46. 

  46. #if (OPENSSL_VERSION_NUMBER < 0x10100000L)
    47. 

  47.         g_dh->p = BN_bin2bn(prime1080, DH1080_PRIME_BYTES, NULL);
    48. 

  48.         g_dh->g = BN_new(); BN_set_word(g_dh->g, 2);
    49. 

  49.         return DH_check(g_dh, &codes) && codes == 0;
    50. 

  50. #else
    51. 

  51.         BIGNUM *p;
    52. 

  52.         BIGNUM *g = BN_new();
    53. 

  53.         p = BN_bin2bn(prime1080, DH1080_PRIME_BYTES, NULL);
    54. 

  54.         BN_set_word(g, 2);
    55. 

  55.         DH_set0_pqg(g_dh, p, NULL, g);
    56. 

  56.         return DH_check(g_dh, &codes) && codes == 0;
    57. 

  57. #endif
    58. 

  58.     }
    59. 

  59.     return 0;
    60. 

  60. }
    61. 

  61. 

  62. void DH1080_DeInit(void)
    63. 

  63. {
    64. 

  64.     DH_free(g_dh);
    65. 

  65. }
    66. 

  66. 

  67. // verify the Diffie-Hellman public key as described in RFC 2631
    68. 

  68. int DH_verifyPubKey(BIGNUM * pk)
    69. 

  69. {
    70. 

  70.     int codes = 0;
    71. 

  71.     return DH_check_pub_key(g_dh, pk, &codes) && codes == 0;
    72. 

  72. }
    73. 

  73. 

  74. // Input:  priv_key = buffer of 200 bytes
    75. 

  75. //         pub_key  = buffer of 200 bytes
    76. 

  76. // Output: priv_key = Your private key
    77. 

  77. //         pub_key  = Your public key
    78. 

  78. int DH1080_gen(char *priv_key, char *pub_key)
    79. 

  79. {
    80. 

  80.     unsigned char w[DH1080_PRIME_BYTES];
    81. 

  81.     int n;
    82. 

  82. 

  83.     DH * dh = DHparams_dup(g_dh);
    84. 

  84. 

  85.     DH_generate_key(dh);
    86. 

  86. 

  87. #if (OPENSSL_VERSION_NUMBER < 0x10100000L)
    88. 

  88.     memset(w, 0, sizeof w);
    89. 

  89.     n = BN_bn2bin(dh->priv_key, w);
    90. 

  90.     htob64((char *)w, priv_key, n);
    91. 

  91. 

  92.     memset(w, 0, sizeof w);
    93. 

  93.     n = BN_bn2bin(dh->pub_key, w);
    94. 

  94.     htob64((char *)w, pub_key, n);
    95. 

  95. #else
    96. 

  96.     const BIGNUM *pubkey, *privkey;
    97. 

  97.     DH_get0_key(dh, &pubkey, &privkey);
    98. 

  98. 

  99.     memset(w, 0, sizeof w);
    100. 

  100.     n = BN_bn2bin(privkey, w);
    101. 

  101.     htob64((char *)w, priv_key, n);
    102. 

  102. 

  103.     memset(w, 0, sizeof w);
    104. 

  104.     n = BN_bn2bin(pubkey, w);
    105. 

  105.     htob64((char *)w, pub_key, n);
    106. 

  106. #endif
    107. 

  107. 

  108.     OPENSSL_cleanse(w, sizeof w);
    109. 

  109.     DH_free(dh);
    110. 

  110.     return 1;
    111. 

  111. }
    112. 

  112. 

  113. // Input:  MyPrivKey = Your private key
    114. 

  114. //         HisPubKey = Someones public key
    115. 

  115. // Output: MyPrivKey has been destroyed for security reasons
    116. 

  116. //         HisPubKey = the secret key
    117. 

  117. int DH1080_comp(char *MyPrivKey, char *HisPubKey)
    118. 

  118. {
    119. 

  119.     unsigned char base64_tmp[512] = {0};
    120. 

  120.     int result = 0;
    121. 

  121.     int len;
    122. 

  122.     BIGNUM * pk = NULL;
    123. 

  123.     DH * dh = NULL;
    124. 

  124. 

  125.     // Verify base64 strings
    126. 

  126.     if ((strspn(MyPrivKey, B64ABC) != strlen(MyPrivKey))
    127. 

  127.             || (strspn(HisPubKey, B64ABC) != strlen(HisPubKey))) {
    128. 

  128.         memset(MyPrivKey, 0x20, strlen(MyPrivKey));
    129. 

  129.         memset(HisPubKey, 0x20, strlen(HisPubKey));
    130. 

  130.         return 0;
    131. 

  131.     }
    132. 

  132. 

  133.     dh = DHparams_dup(g_dh);
    134. 

  134. 

  135.     len = b64toh(HisPubKey, (char *)base64_tmp);
    136. 

  136.     pk = BN_bin2bn(base64_tmp, len, NULL);
    137. 

  137. 

  138.     if( DH_verifyPubKey(pk) ) {
    139. 

  139.         unsigned char shared_key[DH1080_PRIME_BYTES] = {0};
    140. 

  140.         unsigned char sha256[32] = {0};
    141. 

  141. 

  142.         len = b64toh(MyPrivKey, (char *)base64_tmp);
    143. 

  143. 

  144. #if (OPENSSL_VERSION_NUMBER < 0x10100000L)
    145. 

  145.         dh->priv_key = BN_bin2bn(base64_tmp, len, NULL);
    146. 

  146. #else
    147. 

  147.         BIGNUM *temp_pub_key = BN_new();
    148. 

  148.         BIGNUM *priv_key = BN_bin2bn(base64_tmp, len, NULL);
    149. 

  149.         DH_set0_key(dh, temp_pub_key, priv_key);
    150. 

  150. #endif
    151. 

  151.         memset(MyPrivKey, 0x20, strlen(MyPrivKey));
    152. 

  152. 

  153.         len = DH_compute_key(shared_key, pk, dh);
    154. 

  154. 

  155.         SHA256(shared_key, len, sha256);
    156. 

  156.         htob64((char *)sha256, HisPubKey, 32);
    157. 

  157.         result = 1;
    158. 

  158.     }
    159. 

  159. 

  160.     BN_free(pk);
    161. 

  161.     DH_free(dh);
    162. 

  162.     OPENSSL_cleanse(base64_tmp, sizeof base64_tmp);
    163. 

  163.     return result;
    164. 

  164. }
    165. 

  165.