/* -*-c-*-
*
- * $Id: keyutil.c,v 1.5 2000/02/12 18:21:03 mdw Exp $
+ * $Id: keyutil.c,v 1.9 2000/08/15 21:40:49 mdw Exp $
*
* Simple key manager program
*
/*----- Revision history --------------------------------------------------*
*
* $Log: keyutil.c,v $
+ * Revision 1.9 2000/08/15 21:40:49 mdw
+ * Minor formatting change in listing attributes.
+ *
+ * Revision 1.8 2000/07/29 09:59:13 mdw
+ * Support Lim-Lee primes in Diffie-Hellman parameter generation.
+ *
+ * Revision 1.7 2000/07/01 11:18:51 mdw
+ * Use new interfaces for key manipulation.
+ *
+ * Revision 1.6 2000/06/17 11:28:22 mdw
+ * Use secure memory interface from MP library. `rand_getgood' is
+ * deprecated.
+ *
* Revision 1.5 2000/02/12 18:21:03 mdw
* Overhaul of key management (again).
*
enum {
f_bogus = 1, /* Error in parsing */
f_lock = 2, /* Passphrase-lock private key */
- f_quiet = 4 /* Don't show a progress indicator */
+ f_quiet = 4, /* Don't show a progress indicator */
+ f_limlee = 8, /* Generate Lim-Lee primes */
+ f_subgroup = 16 /* Generate a subgroup */
};
/* --- @dolock@ --- *
sz = (k->bits + 7) >> 3;
p = sub_alloc(sz);
m = (1 << (((k->bits - 1) & 7) + 1)) - 1;
- rand_getgood(RAND_GLOBAL, p, sz);
+ rand_get(RAND_GLOBAL, p, sz);
*p &= m;
key_binary(&k->k->k, p, sz);
k->k->k.e |= KCAT_SYMM | KF_BURN;
sz = k->bits / 7;
p = sub_alloc(sz);
- rand_getgood(RAND_GLOBAL, p, sz); /* Too much work done here! */
+ rand_get(RAND_GLOBAL, p, sz); /* Too much work done here! */
for (i = 0; i < sz; i++) {
octet x = p[i] | 0x01;
x = x ^ (x >> 4);
static void alg_rsa(keyopts *k)
{
- rsa_param rp;
+ rsa_priv rp;
key_data *kd;
/* --- Sanity checking --- */
{
grand *g = fibrand_create(rand_global.ops->word(&rand_global));
- mpmont mm;
+ rsa_pub rpp;
mp *m = mprand_range(MP_NEW, rp.n, g, 0);
mp *c;
- /* --- Encrypt the plaintext --- */
-
- mpmont_create(&mm, rp.n);
- c = mpmont_exp(&mm, MP_NEW, m, rp.e);
- mpmont_destroy(&mm);
-
- /* --- Decrypt the ciphertext --- */
-
- c = rsa_decrypt(&rp, c, c, g);
-
- /* --- Check everything went OK --- */
+ rpp.n = rp.n;
+ rpp.e = rp.e;
+ c = rsa_qpubop(&rpp, MP_NEW, m);
+ c = rsa_qprivop(&rp, c, c, g);
if (MP_CMP(c, !=, m))
die(EXIT_FAILURE, "test encryption failed");
mpkey(kd, "d-mod-q", rp.dq, KCAT_PRIV | KF_BURN);
dolock(k, kd, "private");
- mp_drop(rp.p); mp_drop(rp.q); mp_drop(rp.n); mp_drop(rp.q_inv);
- mp_drop(rp.e); mp_drop(rp.d); mp_drop(rp.dp); mp_drop(rp.dq);
+ rsa_privfree(&rp);
}
static void alg_dsaparam(keyopts *k)
sz = (k->qbits + 7) >> 3;
p = sub_alloc(sz);
- rand_getgood(RAND_GLOBAL, p, sz);
+ rand_get(RAND_GLOBAL, p, sz);
/* --- Allocate the parameters --- */
- if (dsa_seed(&dp, k->qbits, k->bits, 0, p, sz,
- (k->f & f_quiet) ? 0 : pgen_ev, 0))
+ if (dsa_gen(&dp, k->qbits, k->bits, 0, p, sz,
+ (k->f & f_quiet) ? 0 : pgen_ev, 0))
die(EXIT_FAILURE, "DSA parameter generation failed");
/* --- Store the parameters --- */
/* --- Choose a private key --- */
- x = mprand_range(MP_NEW, q, &rand_global, 0);
- mp_burn(x);
+ x = mprand_range(MP_NEWSEC, q, &rand_global, 0);
mpmont_create(&mm, p);
y = mpmont_exp(&mm, MP_NEW, g, x);
if (!copyparam(k, pl)) {
dh_param dp;
key_data *kd = &k->k->k;
+ int rc;
if (!k->bits)
k->bits = 1024;
/* --- Choose a large safe prime number --- */
- if (dh_gen(&dp, k->qbits, k->bits, 0, &rand_global,
- (k->f & f_quiet) ? 0 : pgen_ev, 0))
+ if (k->f & f_limlee) {
+ mp **f;
+ size_t nf;
+ if (!k->qbits)
+ k->qbits = 256;
+ rc = dh_limlee(&dp, k->qbits, k->bits,
+ (k->f & f_subgroup) ? DH_SUBGROUP : 0,
+ 0, &rand_global, (k->f & f_quiet) ? 0 : pgen_ev, 0,
+ (k->f & f_quiet) ? 0 : pgen_evspin, 0, &nf, &f);
+ if (!rc) {
+ dstr d = DSTR_INIT;
+ size_t i;
+ for (i = 0; i < nf; i++) {
+ if (i)
+ dstr_puts(&d, ", ");
+ mp_writedstr(f[i], &d, 10);
+ mp_drop(f[i]);
+ }
+ key_putattr(k->kf, k->k, "factors", d.buf);
+ dstr_destroy(&d);
+ }
+ } else
+ rc = dh_gen(&dp, k->qbits, k->bits, 0, &rand_global,
+ (k->f & f_quiet) ? 0 : pgen_ev, 0);
+
+ if (rc)
die(EXIT_FAILURE, "Diffie-Hellman parameter generation failed");
key_structure(kd);
* Since %$g$% has order %$q$%, choose %$x < q$%.
*/
- x = mprand_range(MP_NEW, q, &rand_global, 0);
- mp_burn(x);
+ x = mprand_range(MP_NEWSEC, q, &rand_global, 0);
/* --- Compute the public key %$y = g^x \bmod p$% --- */
static void alg_bbs(keyopts *k)
{
- bbs_param bp;
+ bbs_priv bp;
key_data *kd;
/* --- Sanity checking --- */
mpkey(kd, "q", bp.q, KCAT_PRIV | KF_BURN);
dolock(k, kd, "private");
- mp_drop(bp.p); mp_drop(bp.q); mp_drop(bp.n);
+ bbs_privfree(&bp);
}
/* --- The algorithm tables --- */
{ "rand-id", OPTF_ARGREQ, 0, 'r' },
{ "lock", 0, 0, 'l' },
{ "quiet", 0, 0, 'q' },
+ { "lim-lee", 0, 0, 'L' },
+ { "subgroup", 0, 0, 'S' },
{ 0, 0, 0, 0 }
};
- int i = mdwopt(argc, argv, "+a:b:B:p:e:c:t:r:lq", opt, 0, 0, 0);
+ int i = mdwopt(argc, argv, "+a:b:B:p:e:c:t:r:lqLS", opt, 0, 0, 0);
if (i < 0)
break;
case 'q':
k.f |= f_quiet;
break;
+ case 'L':
+ k.f |= f_limlee;
+ break;
+ case 'S':
+ k.f |= f_subgroup;
+ break;
/* --- Other things are bogus --- */
o->f &= ~f_attr;
printf("attributes:");
for (key_mkattriter(&i, k); key_nextattr(&i, &an, &av); ) {
- printf("\n\t%s = %s", an, av);
+ printf("\n %s = %s", an, av);
o->f |= f_attr;
}
if (o->f & f_attr)
} cmds[] = {
{ "add", cmd_add,
"add [options] type [attr...]\n\
- Options: [-lq] [-a alg] [-b|-B bits] [-p param] [-r tag]\n\
+ Options: [-lqLS] [-a alg] [-b|-B bits] [-p param] [-r tag]\n\
[-e expire] [-t tag] [-c comment]"
},
{ "expire", cmd_expire, "expire tag..." },
/* --- Initialize the Catacomb random number generator --- */
- rand_init(RAND_GLOBAL);
rand_noisesrc(RAND_GLOBAL, &noise_source);
+ rand_seed(RAND_GLOBAL, 160);
/* --- Dispatch to appropriate command handler --- */