rdemo.c

Netscape公司提供的安全套接字层

    if (GetPrivateKey (&privateKey))
      break;

    if (GetDigestAlgorithm (&digestAlgorithm))
      break;

    if ((status = R_SignInit (&context, digestAlgorithm)) != 0)
      break;

    while (!ReadUpdate (file, partIn, &partInLen, sizeof (partIn)))
      if ((status = R_SignUpdate (&context, partIn, partInLen)) != 0)
        break;
    if (status)
      break;

    if ((status = R_SignFinal
         (&context, signature, &signatureLen, privateKey)) != 0)
      break;

    if (WriteBlock
        (signature, signatureLen, "  Enter filename to save the signature"))
      break;
  } while (0);

  ReadFinal (file);

  if (status)
    PrintError ("signing file", status);

  R_memset ((POINTER)&context, 0, sizeof (context));
  R_memset ((POINTER)partIn, 0, sizeof (partIn));
}

static void DoVerifyFile ()
{
  FILE *file;
  R_RSA_PUBLIC_KEY *publicKey;
  R_SIGNATURE_CTX context;
  int digestAlgorithm, status;
  unsigned char partIn[16], signature[MAX_SIGNATURE_LEN];
  unsigned int partInLen, signatureLen;

  status = 0;

  if (ReadInit (&file, "  Enter name of file to verify"))
    return;

  do {
    if (GetPublicKey (&publicKey))
      break;

    if (GetDigestAlgorithm (&digestAlgorithm))
      break;

    if (ReadBlock
        (signature, &signatureLen, sizeof (signature),
         "  Enter filename of signature"))
      break;

    if ((status = R_VerifyInit (&context, digestAlgorithm)) != 0)
      break;

    while (!ReadUpdate (file, partIn, &partInLen, sizeof (partIn)))
      if ((status = R_VerifyUpdate (&context, partIn, partInLen)) != 0)
        break;
    if (status)
      break;

    if ((status = R_VerifyFinal
         (&context, signature, signatureLen, publicKey)) != 0)
      break;

    PrintMessage ("Signature verified.");
  } while (0);

  ReadFinal (file);

  if (status)
    PrintError ("verifying file", status);

  R_memset ((POINTER)&context, 0, sizeof (context));
  R_memset ((POINTER)partIn, 0, sizeof (partIn));
}

static void DoSealFile (randomStruct)
R_RANDOM_STRUCT *randomStruct;
{
  FILE *inFile, *outFile;
  R_ENVELOPE_CTX context;
  R_RSA_PUBLIC_KEY *publicKey;
  int encryptionAlgorithm, status;
  unsigned char encryptedKey[MAX_ENCRYPTED_KEY_LEN], *encryptedKeys[1],
    iv[8], partIn[24], partOut[31];
  unsigned int encryptedKeyLen, partInLen, partOutLen;

  status = 0;

  if (ReadInit (&inFile, "  Enter filename of content to seal"))
    return;
  if (WriteInit (&outFile, "  Enter filename to save the encrypted content")) {
    ReadFinal (inFile);
    return;
  }

  do {
    if (GetPublicKey (&publicKey))
      break;

    if (GetEncryptionAlgorithm (&encryptionAlgorithm))
      break;

    encryptedKeys[0] = encryptedKey;

    if ((status = R_SealInit
         (&context, encryptedKeys, &encryptedKeyLen, iv, 1, &publicKey,
          encryptionAlgorithm, randomStruct)) != 0)
      break;

    while (!ReadUpdate (inFile, partIn, &partInLen, sizeof (partIn))) {
      if ((status = R_SealUpdate
           (&context, partOut, &partOutLen, partIn, partInLen)) != 0)
        break;
      WriteUpdate (outFile, partOut, partOutLen);
    }
    if (status)
      break;

    if ((status = R_SealFinal (&context, partOut, &partOutLen)))
      break;
    WriteUpdate (outFile, partOut, partOutLen);
  
    if (WriteBlock
        (encryptedKey, encryptedKeyLen,
         "  Enter filename to save the encrypted key"))
      break;
    if (WriteBlock
        (iv, 8, "  Enter filename to save the initializing vector"))
      break;
  } while (0);
  
  ReadFinal (inFile);
  WriteFinal (outFile);

  if (status)
    PrintError ("sealing file", status);

  R_memset ((POINTER)&context, 0, sizeof (context));
  R_memset ((POINTER)partIn, 0, sizeof (partIn));
}

static void DoOpenFile ()
{
  FILE *inFile, *outFile;
  R_ENVELOPE_CTX context;
  R_RSA_PRIVATE_KEY *privateKey;
  int encryptionAlgorithm, status;
  unsigned char encryptedKey[MAX_ENCRYPTED_KEY_LEN], iv[8], partIn[24],
    partOut[31];
  unsigned int encryptedKeyLen, ivLen, partInLen, partOutLen;

  status = 0;

  if (ReadInit (&inFile, "  Enter filename of encrypted content to open"))
    return;

  if (WriteInit (&outFile, "  Enter filename to save the recovered content")) {
    ReadFinal (inFile);
    return;
  }

  do {
    if (GetPrivateKey (&privateKey))
      break;

    if (GetEncryptionAlgorithm (&encryptionAlgorithm))
      break;

    if (ReadBlock
        (encryptedKey, &encryptedKeyLen, sizeof (encryptedKey),
         "  Enter filename of the encrypted key"))
      break;  
    if (ReadBlock
        (iv, &ivLen, 8, "  Enter filename of the initializing vector"))
      break;

    if ((status = R_OpenInit
         (&context, encryptionAlgorithm, encryptedKey, encryptedKeyLen, iv,
          privateKey)) != 0)
      break;
    
    while (!ReadUpdate (inFile, partIn, &partInLen, sizeof (partIn))) {
      if ((status = R_OpenUpdate
           (&context, partOut, &partOutLen, partIn, partInLen)) != 0)
        break;
      WriteUpdate (outFile, partOut, partOutLen);
    }
    if (status)
      break;

    if ((status = R_OpenFinal (&context, partOut, &partOutLen)) != 0)
      break;
    WriteUpdate (outFile, partOut, partOutLen);
  } while (0);
  
  ReadFinal (inFile);
  WriteFinal (outFile);

  if (status)
    PrintError ("opening file", status);

  R_memset ((POINTER)&context, 0, sizeof (context));
  R_memset ((POINTER)partOut, 0, sizeof (partOut));
}

static void DoGenerateKeys (randomStruct)
R_RANDOM_STRUCT *randomStruct;
{
  R_RSA_PROTO_KEY protoKey;
  char command[80];
  int status, keySize;

  GetCommand
    (command, sizeof (command),
     "  Enter key size in bits, (508 to 1024)");
  if (! *command)
    return;
  sscanf (command, "%d", &keySize);
  
  protoKey.bits = (unsigned int)keySize;
  protoKey.useFermat4 = 1;
  
  if (status = R_GeneratePEMKeys
      (&PUBLIC_KEY3, &PRIVATE_KEY3, &protoKey, randomStruct)) {
    PrintError ("generating keys", status);
    return;
  }

  PrintMessage ("Public key 3 and private key 3 are now ready to use.");
  KEYPAIR3_READY = 1;
  
  WriteKeypair3 ();
}

static void WriteKeypair3 ()
{
  FILE *file;
  char filename[256];
  
  while (1) {
    GetCommand
      (filename, sizeof (filename),
       "  Enter filename to save the keypair");
    if (! *filename)
      return;
    
    if (filename[0] == '-' && filename[1] == '\0') {
      /* use stdout */
      file = stdout;
      break;
    }
    if ((file = fopen (filename, "w")) != NULL)
      /* successfully opened */
      break;
    
    PrintError ("ERROR: Cannot open a file with that name.  Try again.", 0);
  }

  fprintf (file, "Public Key, %u bits:\n", PUBLIC_KEY3.bits);
  fprintf (file, "  modulus: ");
  WriteBigInteger (file, PUBLIC_KEY3.modulus, sizeof (PUBLIC_KEY3.modulus));
  fprintf (file, "  exponent: ");
  WriteBigInteger (file, PUBLIC_KEY3.exponent, sizeof (PUBLIC_KEY3.exponent));

  fprintf (file, "\nPrivate Key, %u bits:\n", PRIVATE_KEY3.bits);
  fprintf (file, "  modulus: ");
  WriteBigInteger (file, PRIVATE_KEY3.modulus, sizeof (PRIVATE_KEY3.modulus));
  fprintf (file, "  public exponent: ");
  WriteBigInteger
    (file, PRIVATE_KEY3.publicExponent, sizeof (PRIVATE_KEY3.publicExponent));
  fprintf (file, "  exponent: ");
  WriteBigInteger
    (file, PRIVATE_KEY3.exponent, sizeof (PRIVATE_KEY3.exponent));
  fprintf (file, "  prime 1: ");
  WriteBigInteger
    (file, PRIVATE_KEY3.prime[0], sizeof (PRIVATE_KEY3.prime[0]));
  fprintf (file, "  prime 2: ");
  WriteBigInteger
    (file, PRIVATE_KEY3.prime[1], sizeof (PRIVATE_KEY3.prime[1]));
  fprintf (file, "  prime exponent 1: ");
  WriteBigInteger
    (file, PRIVATE_KEY3.primeExponent[0],
     sizeof (PRIVATE_KEY3.primeExponent[0]));
  fprintf (file, "  prime exponent 2: ");
  WriteBigInteger
    (file, PRIVATE_KEY3.primeExponent[1],
     sizeof (PRIVATE_KEY3.primeExponent[1]));
  fprintf (file, "  coefficient: ");
  WriteBigInteger
    (file, PRIVATE_KEY3.coefficient, sizeof (PRIVATE_KEY3.coefficient));

  if (file != stdout)
    fclose (file);
}

/* Write the byte string 'integer' to 'file', skipping over leading zeros.
 */
static void WriteBigInteger (file, integer, integerLen)
FILE *file;
unsigned char *integer;
unsigned int integerLen;
{
  while (*integer == 0 && integerLen > 0) {
    integer++;
    integerLen--;
  }
  
  if (integerLen == 0) {
    /* Special case, just print a zero. */
    fprintf (file, "00\n");
    return;
  }
  
  for (; integerLen > 0; integerLen--)
    fprintf (file, "%02x ", (unsigned int)(*integer++));

  fprintf (file, "\n");
}

/* Ask the user to use public key 1, 2 or 3 and point publicKey to
     the answer.
   Return 0 on success or 1 if user cancels by entering a blank.
 */
static int GetPublicKey (publicKey)
R_RSA_PUBLIC_KEY **publicKey;
{
  char command[80];
  
  while (1) {
    if (!KEYPAIR3_READY)
      GetCommand (command, sizeof (command), "  Public key 1 or 2?");
    else
      GetCommand (command, sizeof (command), "  Public key 1, 2 or 3?");

    switch (*command) {
    case '\0':
      return (1);
      
    case '1':
      *publicKey = &PUBLIC_KEY1;
      return (0);
      
    case '2':
      *publicKey = &PUBLIC_KEY2;
      return (0);
      
    case '3':
      if (!KEYPAIR3_READY)
        break;
      *publicKey = &PUBLIC_KEY3;
      return (0);
      
    default:
      if (KEYPAIR3_READY)
        PrintError ("ERROR: Please enter 1, 2 or 3.  Try again.", 0);
      else
        PrintError ("ERROR: Please enter 1 or 2.  Try again.", 0);
      break;
    }
  }
}

/* Ask the user to use private key 1, 2 or 3 and point privateKey to
     the answer.
   Return 0 on success or 1 if user cancels by entering a blank.