📄 rsakey.cpp
字号:
#include <stdlib.h>
#include <string.h>
#include "rsakey.h"
#ifdef FLINT_TEST
static void cout_mess (const char* const, const int, const char* const);
#endif
// Member functions of class RSAkey
// Constructor 1
RSAkey::RSAkey (const int bitlen)
{
int done;
seedBBS ((unsigned long)time (NULL));
do
{
done = RSAkey::makekey (bitlen);
}
while (!done);
}
// Constructor 2 with random seed in rnd and optional public exponent PubExp
// The constructor generates RSA keys of distinct binary length and optional
// given public exponent (must be odd). The pseudorandom number generator
// randBBS() is initialized with given LINT-parameter rnd.
// In case that PubExp == 1 or omitted, a random exponent is created. If
// given exponen is even, an error condition is generated, that can be handelt
// by try() and catch() if exceptions are enabled.
RSAkey::RSAkey (const int bitlen, const LINT& rnd, const LINT& PubExp )
{
int done;
seedBBS (rnd);
do
{
done = RSAkey::makekey (bitlen, PubExp);
}
while (!done);
}
/*
RSAkey::RSAkey ( const KEYSTRUCT& k)
{
key.pubexp = k.pubexp;
key.prvexp = k.prvexp;
key.mod = k.mod;
key.p = k.p;
key.q = k.q;
key.ep = k.ep;
key.eq = k.eq;
key.r = k.r;
key.bitlen_mod = k.bitlen_mod;
key.bytelen_mod = k.bytelen_mod;
}*/
// Export public key
PKEYSTRUCT RSAkey::export_public (void) const
{
PKEYSTRUCT pktmp;
pktmp.pubexp = key.pubexp;
pktmp.mod = key.mod;
pktmp.bitlen_mod = key.bitlen_mod;
pktmp.bytelen_mod = key.bytelen_mod;
return pktmp;
}
void RSAkey::copycreate(const KEYSTRUCT& k)
{
key.pubexp = k.pubexp;
key.prvexp = k.prvexp;
key.mod = k.mod;
key.p = k.p;
key.q = k.q;
key.ep = k.ep;
key.eq = k.eq;
key.r = k.r;
key.bitlen_mod = k.bitlen_mod;
key.bytelen_mod = k.bytelen_mod;
}
// Decryption
UCHAR* RSAkey::decrypt (const LINT& Ciph, int* LenMess)
{
UCHAR* Mess = lint2byte (fastdecrypt (Ciph), LenMess);
#ifdef FLINT_TEST
cout_mess ((const char*)Mess, key.bytelen_mod - 1, "Encryption Block after decryption");
#endif
// Parsing decrypted Encryption Block, PKCS#1-formatted
return parse_pkcs1 (Mess, LenMess);
}
// Sign
// Returns 0 if message too long
LINT RSAkey::sign (const UCHAR* const Mess, const int LenMess)
{
#ifdef FLINT_TEST
cout << "Length of modulus = " << key.bytelen_mod << " byte." << endl;
#endif
int LenEncryptionBlock = key.bytelen_mod - 1;
//UCHAR HashRes[RMDVER>>3];
UCHAR* EncryptionBlock = new UCHAR[LenEncryptionBlock];
//ripemd160 (HashRes, (UCHAR*)Mess, (ULONG)LenMess);
// if (NULL == format_pkcs1 (EncryptionBlock, LenEncryptionBlock,
// BLOCKTYPE_SIGN, HashRes, RMDVER >> 3))
if (NULL == format_pkcs1 (EncryptionBlock, LenEncryptionBlock,
BLOCKTYPE_SIGN, Mess, ULONG(LenMess)))
{
delete [] EncryptionBlock;
return LINT (0); // Error: Message too long
}
#ifdef FLINT_TEST
cout_mess ((const char*)EncryptionBlock, LenEncryptionBlock, "Encryption Block");
#endif
// Convert Encryption Block into LINT value (Constructor 3)
LINT m = LINT (EncryptionBlock, LenEncryptionBlock);
delete [] EncryptionBlock;
return fastdecrypt (m);
}
// Key deletion
void RSAkey::purge (void)
{
key.pubexp.purge ();
key.prvexp.purge ();
key.mod.purge ();
key.p.purge ();
key.q.purge ();
key.ep.purge ();
key.eq.purge ();
key.r.purge ();
key.bitlen_mod = 0;
key.bytelen_mod = 0;
}
// RSAkey auxiliary functions
// Generation of RSA keys acc. to IEEE P1363, Annex A.
// A public exponent may be given in PubExp. If PubExp is omitted or
// PubExp == 1 a public exponent of half the modulus length
// is choosen at random.
int RSAkey::makekey (const int length, const LINT& PubExp)
{
// Generate prime p
// 2^(m - r - 1) <= p < 2^(m - r), with
// m = floor((length + 1)/2) and r randomly chosen from intervall 2 <= r < 15
const USHORT m = (((const USHORT)length + 1) >> 1) - 2 - usrandBBS_l () % 13;
key.p = findprime (m, PubExp);
// Determine intervall qmin and qmax for prime q
// Set qmin = floor ((2^(length - 1))/p + 1)
LINT qmin = LINT(0).setbit (length - 1)/key.p + 1;
// Set qmax = floor ((2^length)/p)
LINT qmax = LINT(0).setbit (length)/key.p;
// Generate prime q > p
// qmin <= q <= qmax
key.q = findprime (qmin, qmax, PubExp);
// Generate modulus p*q
// 2^(length - 1) <= p*q < 2^length
key.mod = key.p * key.q;
// Calculate Euler's Phi-function
LINT phi_n = key.mod - key.p - key.q + 1;
// Generate public key, if not defined in PubExp, of half the number of
// the modulus digits
if (1 == PubExp)
{
key.pubexp = randBBS (length/2) | 1;
while (gcd (key.pubexp, phi_n) != 1)
{
++key.pubexp;
++key.pubexp;
}
}
else
{
key.pubexp = PubExp;
}
// Generate secret key
key.prvexp = key.pubexp.inv (phi_n);
// Generate secret key components for fast decryption
// acc. to Chinese Remainder Theorem
key.ep = key.prvexp % (key.p - 1);
key.eq = key.prvexp % (key.q - 1);
key.r = inv (key.p, key.q); // r = p^(-1) mod q, as an alternative
// r = q^(-1) mod p is possible
// Store keylength
key.bitlen_mod = ld (key.mod);
key.bytelen_mod = key.bitlen_mod >> 3;
if ((key.bitlen_mod % 8) > 0)
{
++key.bytelen_mod;
}
#ifdef FLINT_TEST
cout << "Modulus = " << key.mod << endl;
cout << "Public exponent e = " << key.pubexp << endl;
cout << "Private exponent d = " << key.prvexp << endl;
cout << "p = " << key.p << endl;
cout << "q = " << key.q << endl;
cout << "d mod p-1 = " << key.ep << endl;
cout << "d mod q-1 = " << key.eq << endl;
cout << "Inverse of p mod q = " << key.r << endl;
#endif // FLINT_TEST
return testkey ();
}
// Test keys
int RSAkey::testkey ()
{
LINT mess = randBBS (ld (key.mod) >> 1);
return (mess == fastdecrypt (mexpkm (mess, key.pubexp, key.mod)));
}
// Fast RSA-decryption acc. to Chinese Remainder Theorem (CRT)
LINT RSAkey::fastdecrypt (const LINT& mess)
{
LINT m, w; // If alternative CRT key component
m = mexpkm (mess, key.ep, key.p); // r = q^(-1) mod p
w = mexpkm (mess, key.eq, key.q); // is in use:
w.msub (m, key.q); // m.msub (w, key.p);
w = w.mmul (key.r, key.q) * key.p; // m = m.mmul (key.r, key.p) * key.q;
return (w + m);
}
// Operators =, ==, != in class RSAkey
RSAkey& RSAkey::operator= (const RSAkey &k)
{
if ((&k != this)) // Don't copy object into itself
{
key.pubexp = k.key.pubexp;
key.prvexp = k.key.prvexp;
key.mod = k.key.mod;
key.p = k.key.p;
key.q = k.key.q;
key.ep = k.key.ep;
key.eq = k.key.eq;
key.r = k.key.r;
key.bitlen_mod = k.key.bitlen_mod;
key.bytelen_mod = k.key.bytelen_mod;
}
return *this;
}
int operator== (const RSAkey& k1, const RSAkey& k2)
{
if (&k1 == &k2) //lint !e506
{
return 1;
}
return (k1.key.pubexp == k2.key.pubexp &&
k1.key.prvexp == k2.key.prvexp &&
k1.key.mod == k2.key.mod &&
k1.key.p == k2.key.p &&
k1.key.q == k2.key.q &&
k1.key.ep == k2.key.ep &&
k1.key.eq == k2.key.eq &&
k1.key.r == k2.key.r &&
k1.key.bitlen_mod == k2.key.bitlen_mod &&
k1.key.bytelen_mod == k2.key.bytelen_mod);
// Operator == returns 1 if k1 == k2, 0 else
}
int operator!= (const RSAkey& k1, const RSAkey& k2)
{
if (&k1 == &k2) //lint !e506
{
return 0;
}
return (k1.key.pubexp != k2.key.pubexp ||
k1.key.prvexp != k2.key.prvexp ||
k1.key.mod != k2.key.mod ||
k1.key.p != k2.key.p ||
k1.key.q != k2.key.q ||
k1.key.ep != k2.key.ep ||
k1.key.eq != k2.key.eq ||
k1.key.r != k2.key.r ||
k1.key.bitlen_mod != k2.key.bitlen_mod ||
k1.key.bytelen_mod != k2.key.bytelen_mod);
// Operator != returns 1 if k1 != k2, 0 else
}
fstream& operator<< (fstream& s, const RSAkey& k)
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -