Wire Sysio Wire Sysion 1.0.0
Loading...
Searching...
No Matches
Macros | Functions | Variables
decrypt_rsa.c File Reference
#include <assert.h>
#include <stdbool.h>
#include <stdio.h>
#include <stdint.h>
#include <stdlib.h>
#include <string.h>
#include <openssl/evp.h>
#include <openssl/rsa.h>
#include "util.h"
#include <yubihsm.h>
#include "openssl-compat.h"
Include dependency graph for decrypt_rsa.c:

Go to the source code of this file.

Macros

#define DEFAULT_CONNECTOR_URL   "http://127.0.0.1:12345"
 

Functions

int main (void)
 

Variables

const char rsa2048_pvtkey_file [] = "rsa2048_pvtkey.pem"
 
const char * key_label = "label"
 
const uint8_t password [] = "password"
 
const uint8_t data [] = "sudo make me a sandwich"
 
const uint8_t sha1_empty_string []
 

Macro Definition Documentation

◆ DEFAULT_CONNECTOR_URL

#define DEFAULT_CONNECTOR_URL   "http://127.0.0.1:12345"

Definition at line 37 of file decrypt_rsa.c.

Function Documentation

◆ main()

int main ( void )

Definition at line 48 of file decrypt_rsa.c.

48 {
49 yh_connector *connector = NULL;
50 yh_session *session = NULL;
51 yh_rc yrc = YHR_GENERIC_ERROR;
52
53 uint16_t authkey = 1;
54
55 const char *connector_url;
56
57 connector_url = getenv("DEFAULT_CONNECTOR_URL");
58 if (connector_url == NULL) {
59 connector_url = DEFAULT_CONNECTOR_URL;
60 }
61
62 yrc = yh_init();
63 assert(yrc == YHR_SUCCESS);
64
65 yrc = yh_init_connector(connector_url, &connector);
66 assert(yrc == YHR_SUCCESS);
67
68 yrc = yh_connect(connector, 0);
69 assert(yrc == YHR_SUCCESS);
70
71 yrc = yh_create_session_derived(connector, authkey, password,
72 sizeof(password), false, &session);
73 assert(yrc == YHR_SUCCESS);
74
75 yrc = yh_authenticate_session(session);
76 assert(yrc == YHR_SUCCESS);
77
78 uint8_t session_id;
79 yrc = yh_get_session_id(session, &session_id);
80 assert(yrc == YHR_SUCCESS);
81
82 printf("Successfully established session %02d\n", session_id);
83
84 FILE *fp = fopen(rsa2048_pvtkey_file, "rb");
85 assert(fp != NULL);
86
87 yh_algorithm algorithm = 0;
88 uint8_t key[2048];
89 size_t key_material_len = sizeof(key);
90 if (!read_file(fp, key, &key_material_len)) {
91 assert(false);
92 }
93 bool ret2 = read_private_key(key, key_material_len, &algorithm, key,
94 &key_material_len, false);
95 assert(ret2 == true);
96 assert(algorithm == YH_ALGO_RSA_2048);
97
98 yh_capabilities capabilities = {{0}};
99 yrc = yh_string_to_capabilities("decrypt-pkcs,decrypt-oaep", &capabilities);
100 assert(yrc == YHR_SUCCESS);
101
102 uint16_t domain_five = 0;
103 yrc = yh_string_to_domains("5", &domain_five);
104 assert(yrc == YHR_SUCCESS);
105
106 uint16_t key_id = 0; // ID 0 lets the device generate an ID
107 yrc = yh_util_import_rsa_key(session, &key_id, key_label, domain_five,
108 &capabilities, algorithm, key,
109 key + (key_material_len / 2));
110 assert(yrc == YHR_SUCCESS);
111
112 printf("Key imported with ID %04x\n", key_id);
113
114 uint8_t public_key[512];
115 size_t public_key_len = sizeof(public_key);
116 yrc =
117 yh_util_get_public_key(session, key_id, public_key, &public_key_len, NULL);
118 assert(yrc == YHR_SUCCESS);
119
120 printf("Public key (%zu bytes) is:", public_key_len);
121 for (unsigned int i = 0; i < public_key_len; i++) {
122 printf(" %02x", public_key[i]);
123 }
124 printf("\n");
125
126 BIGNUM *n = BN_bin2bn(public_key, public_key_len, NULL);
127 assert(n != NULL);
128
129 BIGNUM *e = BN_bin2bn((const unsigned char *) "\x01\x00\x01", 3, NULL);
130 assert(e != NULL);
131
132 RSA *rsa = RSA_new();
133 assert(RSA_set0_key(rsa, n, e, NULL) != 0);
134
135 uint8_t encrypted[512];
136 int ret =
137 RSA_public_encrypt(sizeof(data), data, encrypted, rsa, RSA_PKCS1_PADDING);
138 assert(ret == RSA_size(rsa));
139
140 uint8_t decrypted[512];
141 size_t decrypted_len = sizeof(decrypted);
142 yrc = yh_util_decrypt_pkcs1v1_5(session, key_id, encrypted, ret, decrypted,
143 &decrypted_len);
144 assert(yrc == YHR_SUCCESS);
145
146 assert(memcmp(data, decrypted, decrypted_len) == 0);
147
148 printf("PKCS1v1.5 decrypted data matches\n");
149
150 ret = RSA_public_encrypt(sizeof(data), data, encrypted, rsa,
151 RSA_PKCS1_OAEP_PADDING);
152 assert(ret == RSA_size(rsa));
153
154 decrypted_len = sizeof(decrypted);
155 yrc =
156 yh_util_decrypt_oaep(session, key_id, encrypted, ret, decrypted,
157 &decrypted_len, (const uint8_t *) sha1_empty_string,
158 sizeof(sha1_empty_string), YH_ALGO_MGF1_SHA1);
159 assert(yrc == YHR_SUCCESS);
160
161 assert(memcmp(data, decrypted, decrypted_len) == 0);
162
163 printf("OAEP decrypted data matches\n");
164
165 RSA_free(rsa);
166 rsa = NULL;
167
168 yrc = yh_util_close_session(session);
169 assert(yrc == YHR_SUCCESS);
170
171 yrc = yh_destroy_session(&session);
172 assert(yrc == YHR_SUCCESS);
173
174 yh_disconnect(connector);
175 assert(yrc == YHR_SUCCESS);
176
177 yrc = yh_exit();
178 assert(yrc == YHR_SUCCESS);
179
180 return 0;
181}
DEFAULT_CONNECTOR_URL
#define DEFAULT_CONNECTOR_URL
Definition decrypt_rsa.c:37
key_label
const char * key_label
Definition decrypt_rsa.c:41
sha1_empty_string
const uint8_t sha1_empty_string[]
Definition decrypt_rsa.c:44
rsa2048_pvtkey_file
const char rsa2048_pvtkey_file[]
Definition decrypt_rsa.c:40
session
CK_SESSION_HANDLE session
Definition ecdh_derive_test.c:45
BIGNUM
bignum_st BIGNUM
Definition bigint.hpp:7
Log::printf
LOGGING_API void printf(Category category, const char *format,...)
Definition Logging.cpp:30
RSA_set0_key
int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d)
Definition openssl-compat.c:13
uint16_t
unsigned short uint16_t
Definition stdint.h:125
uint8_t
unsigned char uint8_t
Definition stdint.h:124
yh_capabilities
Capabilities representation.
Definition yubihsm.h:162
yh_connector
Definition internal.h:37
yh_session
Definition internal.h:25
read_file
bool read_file(FILE *fp, uint8_t *buf, size_t *buf_len)
Definition util.c:476
read_private_key
bool read_private_key(uint8_t *buf, size_t len, yh_algorithm *algo, uint8_t *bytes, size_t *bytes_len, bool internal_repr)
Definition util.c:116
key
uint8_t key[16]
Definition yubico_otp.c:41
yh_destroy_session
yh_rc yh_destroy_session(yh_session **session)
Definition yubihsm.c:890
yh_exit
yh_rc yh_exit(void)
Definition yubihsm.c:3910
yh_create_session_derived
yh_rc yh_create_session_derived(yh_connector *connector, uint16_t authkey_id, const uint8_t *password, size_t password_len, bool recreate, yh_session **session)
Definition yubihsm.c:593
yh_init
yh_rc yh_init(void)
Definition yubihsm.c:3857
yh_util_decrypt_pkcs1v1_5
yh_rc yh_util_decrypt_pkcs1v1_5(yh_session *session, uint16_t key_id, const uint8_t *in, size_t in_len, uint8_t *out, size_t *out_len)
Definition yubihsm.c:2059
yh_util_close_session
yh_rc yh_util_close_session(yh_session *session)
Definition yubihsm.c:1257
yh_authenticate_session
yh_rc yh_authenticate_session(yh_session *session)
Definition yubihsm.c:2927
yh_string_to_domains
yh_rc yh_string_to_domains(const char *domains, uint16_t *result)
Definition yubihsm.c:4535
yh_init_connector
yh_rc yh_init_connector(const char *url, yh_connector **connector)
Definition yubihsm.c:4024
yh_connect
yh_rc yh_connect(yh_connector *connector, int timeout)
Definition yubihsm.c:4079
yh_util_get_public_key
yh_rc yh_util_get_public_key(yh_session *session, uint16_t id, uint8_t *data, size_t *data_len, yh_algorithm *algorithm)
Definition yubihsm.c:1216
yh_util_decrypt_oaep
yh_rc yh_util_decrypt_oaep(yh_session *session, uint16_t key_id, const uint8_t *in, size_t in_len, uint8_t *out, size_t *out_len, const uint8_t *label, size_t label_len, yh_algorithm mgf1Algo)
Definition yubihsm.c:2107
yh_string_to_capabilities
yh_rc yh_string_to_capabilities(const char *capability, yh_capabilities *result)
Definition yubihsm.c:4115
yh_util_import_rsa_key
yh_rc yh_util_import_rsa_key(yh_session *session, uint16_t *key_id, const char *label, uint16_t domains, const yh_capabilities *capabilities, yh_algorithm algorithm, const uint8_t *p, const uint8_t *q)
Definition yubihsm.c:1655
yh_disconnect
yh_rc yh_disconnect(yh_connector *connector)
Definition yubihsm.c:4097
yh_get_session_id
yh_rc yh_get_session_id(yh_session *session, uint8_t *sid)
Definition yubihsm.c:2915
yh_algorithm
yh_algorithm
Definition yubihsm.h:390
YH_ALGO_RSA_2048
@ YH_ALGO_RSA_2048
rsa2048
Definition yubihsm.h:408
YH_ALGO_MGF1_SHA1
@ YH_ALGO_MGF1_SHA1
mgf1-sha1
Definition yubihsm.h:454
algorithm
yh_algorithm algorithm
Definition yubihsm.h:619
yh_rc
yh_rc
Definition yubihsm.h:170
YHR_GENERIC_ERROR
@ YHR_GENERIC_ERROR
Return value when encountering an unknown error.
Definition yubihsm.h:228
YHR_SUCCESS
@ YHR_SUCCESS
Returned value when function was successful.
Definition yubihsm.h:172
capabilities
yh_capabilities capabilities
Definition yubihsm_pkcs11.c:1305
ret
CK_RV ret
Definition yubihsm_pkcs11.c:973
yrc
yh_rc yrc
Definition yubihsm_pkcs11.c:606
key_id
uint16_t key_id
Definition yubihsm_pkcs11.c:1104
Here is the call graph for this function:

Variable Documentation

◆ data

const uint8_t data[] = "sudo make me a sandwich"

Definition at line 43 of file decrypt_rsa.c.

◆ key_label

const char* key_label = "label"

Definition at line 41 of file decrypt_rsa.c.

◆ password

const uint8_t password[] = "password"

Definition at line 42 of file decrypt_rsa.c.

◆ rsa2048_pvtkey_file

const char rsa2048_pvtkey_file[] = "rsa2048_pvtkey.pem"

Definition at line 40 of file decrypt_rsa.c.

◆ sha1_empty_string

const uint8_t sha1_empty_string[]
Initial value:
= {0xda, 0x39, 0xa3, 0xee, 0x5e, 0x6b, 0x4b,
0x0d, 0x32, 0x55, 0xbf, 0xef, 0x95, 0x60,
0x18, 0x90, 0xaf, 0xd8, 0x07, 0x09}

Definition at line 44 of file decrypt_rsa.c.

44 {0xda, 0x39, 0xa3, 0xee, 0x5e, 0x6b, 0x4b,
45 0x0d, 0x32, 0x55, 0xbf, 0xef, 0x95, 0x60,
46 0x18, 0x90, 0xaf, 0xd8, 0x07, 0x09};