I am encrypting 3gpp test data with openssl code in c language in linux platform.
i have taken example from stack over flow and tried.But in the final encryption output zeros's are not displayed.i need to encrypt with 128 bit key.
Thanks in advance.
#include <openssl/aes.h>
#include <openssl/rand.h>
#include <openssl/hmac.h>
#include <openssl/buffer.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <math.h>
#define u32 unsigned int
#define u8 unsigned char
#define bufferSize 16
struct ctr_state
{
unsigned char ivec[AES_BLOCK_SIZE];
unsigned int num;
unsigned char ecount[AES_BLOCK_SIZE];
};
AES_KEY key;
unsigned char indata[AES_BLOCK_SIZE];
unsigned char outdata[AES_BLOCK_SIZE];
unsigned char iv[AES_BLOCK_SIZE];
struct ctr_state state;
int init_ctr(struct ctr_state *state, const unsigned char iv[16])
{
/* aes_ctr128_encrypt requires 'num' and 'ecount' set to zero on the
* first call. */
state->num = 0;
memset(state->ecount, 0, AES_BLOCK_SIZE);
/* Initialise counter in 'ivec' to 0 */
memset(state->ivec + 8, 0, 8);
/* Copy IV into 'ivec' */
memcpy(state->ivec, iv, 8);
}
int main(int argc, char *argv[])
{
u8 key1[16] = {
0xd3,0xc5,0xd5,0x92,0x32,0x7f,0xb1,0x1c,
0x40,0x35,0xc6,0x68,0x0a,0xf8,0xc6,0xd1
};
u8 count[4] ={0x39,0x8a,0x59,0xb4};
u32 tempCount = 0;
u8 bearer = 0x15;
u8 dir =0x01,i;
u32 length = 253 ;
u8 indata[32] = {
0x98, 0x1b, 0xa6, 0x82, 0x4c, 0x1b, 0xfb, 0x1a,
0xb4, 0x85, 0x47, 0x20, 0x29, 0xb7, 0x1d, 0x80,
0x8c, 0xe3, 0x3e, 0x2c, 0xc3, 0xc0, 0xb5, 0xfc,
0x1f, 0x3d, 0xe8, 0xa6, 0xdc, 0x66, 0xb1, 0xf0
};
tempCount = htonl((count[0] | (count[1] << 8) | count[2]<< 16 | count[3] << 24)); /* Jyothi Added */
iv[0] = (tempCount >> 24) & 0xff ;
iv[1] = (tempCount >> 16) & 0xff ;
iv[2] = (tempCount >> 8) & 0xff;
iv[3] = tempCount & 0xff;
iv[4] = htonl((( (bearer << 27) | ((dir & 0x1) << 26))));
iv[5] = iv[6]= iv[7] = 0;
printf("iv=\n");
for(i=0;i<16;i++)
printf("%x",iv[i]);
printf("\n");
printf("key1=\n");
for(i=0;i<16;i++)
printf("%x",key1[i]);
printf("\n");
//Initializing the encryption KEY
if (AES_set_encrypt_key(key1, 128, &key) < 0)
{
fprintf(stderr, "Could not set decryption key.");
exit(1);
}
init_ctr(&state, iv);//Counter call
printf("state.ivec after call=\n");
for(i=0;i<16;i++)
printf("%x",state.ivec[i]);
printf("\n");
printf("indata=\n");
for(i=0;i<32;i++)
printf("%x",indata[i]);
printf("\n");
for(i=1;i<2;i++){
//Encrypting Blocks of 16 bytes
AES_ctr128_encrypt(indata, outdata,253, &key, state.ivec, state.ecount, &state.num);
printf("outdata\n");
for(i=0;i<32;i++)
printf("%x",outdata[i]);
printf("\n");
}
}
i am getting output as below.
iv=
398a59b4ac00000000000
key1=
d3c5d592327fb11c4035c668af8c6d1
state.ivec after call=
398a59b4ac00000000000
indata=
981ba6824c1bfb1ab485472029b71d808ce33e2cc3c0b5fc1f3de8a6dc66b1f0
outdata
e9fed8a63d15534d71df2bf3e82214b2ed7dad2f233dc3c22d7bdeeed8e78
algorithm has to generate key stream as below:
71e57e24 710ea81e 6398b52b da5f3f94 3eede9f6 11328620 231f3f1b 328b3f88
but instead it is generating final encryption output without zero's
final expected output is as below:
e9fed8a6 3d155304 d71df20b f3e82214 b20ed7da d2f233dc 3c22d7bd eeed8e78
Change your printf format string to require that each char is output as two hex digits - currently you're losing leading zeroes.
printf("%02x",outdata[i]);
The zero tells it to pad up to two digits using zeroes, the default would be spaces.
Related
I've been playing with openssl and am trying to write a simple program in C for encrypting a string. I'm trying to replicate the following command to encrypt the string "test" and then see the encrypted version using a given key and IV and AES-CBC-128:
echo test | openssl enc -e -aes-128-cbc -nosalt -K 5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a -iv 00000000000000000000000000000000 | xxd
and this returns the encrypted string in hex of
a63b e13d 47a5 b94c c1cb 466e 28af 19d8
I'm trying to replicate this in C with the following:
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <openssl/aes.h>
int main() {
AES_KEY aes;
unsigned char* input_string = "test";
unsigned char* encrypt_string;
unsigned int len;
unsigned char key[] = {0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A,
0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A, 0x5A};
unsigned char iv[] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
uint32_t result;
result = AES_set_encrypt_key(key, 128, &aes);
if (result < 0) {
fprintf(stderr, "Unable to set encryption key in AES\n");
printf("%i", result);
exit(-1);
}
// set the encryption length
len = 0;
if ((strlen("test") + 1) % AES_BLOCK_SIZE == 0) {
len = strlen("test") + 1;
} else {
len = ((strlen("test") + 1) / AES_BLOCK_SIZE + 1) * AES_BLOCK_SIZE;
}
encrypt_string = (unsigned char*)calloc(len, sizeof(unsigned char));
AES_cbc_encrypt(input_string, encrypt_string, 128, &aes, iv , AES_ENCRYPT);
printf("encrypted string = ");
for (int i=0; i<len; ++i) {
printf("%02X ", encrypt_string[i]);
}
printf("\n");
return 0;
}
and this returns the encrypted string as
encrypted string = C2 5D 07 2D D5 EC DB 94 3B FE 31 9F 51 DE EE 93
which doesn't match what I get from the CLI. What am I missing here that causing these not to match?
I've been trying to use the AES CTR 128 from tiny-aes-c (https://github.com/kokke/tiny-AES-c) to encrypt a randomly generated token, and it works, but not all the time. In some cases the retrieved string after encrypting and decrypting is cut off at some point. Here's the code:
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <time.h>
#include "token_auth.h"
#include "aes.h"
uint8_t * create_token() {
static char charset[] = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
uint8_t *token = malloc(sizeof(uint8_t) * (TOKEN_LENGTH + 1));
int i = 0;
srand ( time(NULL) );
for (i = 0; i < TOKEN_LENGTH; i++) {
int pos = rand() % (int)(strlen(charset) - 1);
token[i] = (int) charset[pos] - 0;
}
token[TOKEN_LENGTH] = 0;
return token;
}
int main() {
uint8_t key[16] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F };
uint8_t iv[16] = { 0x0F, 0x0E, 0x0D, 0x0C, 0x0B, 0x0A, 0x09, 0x08, 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00 };
uint8_t *in = create_token();
printf("\nInput: %s\nSize: %d", (char *) in, strlen((char *) in));
struct AES_ctx ctx;
AES_init_ctx_iv(&ctx, key, iv);
AES_CTR_xcrypt_buffer(&ctx, in, strlen((char *) in));
AES_init_ctx_iv(&ctx, key, iv);
AES_CTR_xcrypt_buffer(&ctx, in, strlen((char *) in));
printf("\nDEC: %s\n", (char *) in);
return 0;
}
TOKEN_LENGTH is 128. As an example of the behavior, the string NM5DlWyYInbeNtEWhBxGCdEjHSv2I6FzTMffJNgudrL2UsYe6zVJMA3wvAyhHeQD18UMXckcF8gBAfPGQNqGqwdW9MgS39w7huVfIgtoqJ212SKSIdBaJP9VErOJAmQT comes out NM5DlWyYInbeNtEWhBxGCdEjHSv2 after being encrypted and decrypted. I'm not really good at C, so it might just well be a problem with something else I've done, but at this point I'm lost. Any ideas? Thanks in advance.
The first call to AES_CTR_xcrypt_buffer encrypts the buffer in place in CTR mode.
The buffer still has the same size (128 in your case), but can contain NUL bytes.
The strlen call in the second call of AES_CTR_xcrypt_buffer for decryption can therefore result in a length < 128 if the buffer contains a NUL byte.
By the way: It works in cases where the encryption does not result in a NUL byte in the buffer.
So if you call it with TOKEN_LENGTH as the length parameter decryption will give the original string again:
AES_CTR_xcrypt_buffer(&ctx, in, TOKEN_LENGTH);
I am writing a DAC driver for the Freedom KL25z and it does not work. I am testing it with an oscilloscope, but there is no rise in voltage.
My configuration function is using the only DAC channel available for the KL25...
Connected oscilloscope voltage to PORTE30 pin and oscilloscope ground to KL25 GND pin.
UPDATE, forgot to write filenames and actual question
Here is my DACDriver.c file
#include "DACDriver.h"
unsigned char bflgSendingData = 0;
unsigned short* wpSetPattern;
unsigned short wSetPatternSize;
void vfnDACInit()
{
SIM_SCGC6 |= SIM_SCGC6_DAC0_MASK;
DAC0_C0 |= DAC_C0_DACRFS_MASK;
PORTE_PCR30 = PORT_PCR_MUX(0);
DAC0_DAT0L = 0x00;
DAC0_DAT0H |= 0x0;
DAC0_DAT1L = 0xFF;
DAC0_DAT1H |= 0xF;
DAC0_C0 |= DAC_C0_DACEN_MASK;
}
void vfnDACSetValue(unsigned short wValue)
{
DAC0_DAT0L = (unsigned char)(wValue & 0xFF);
DAC0_DAT0H = (unsigned char)(wValue >> 8);
}
unsigned char bfnDACDriver(void)
{
vfnDACSetValue(0xFF);
/*This is just a test; in my main, I'm just trying to see an output here.
But the main logic should be like the code below*/
/*if(bflgSendingData){
if(wSetPatternSize){
vfnDACSetValue(wpSetPattern);
wpSetPattern++;
wSetPatternSize--;
}
return 1;
}else{
return 0;
}
*/
}
unsigned char bfnDACSetPattern(unsigned short* wpPattern, unsigned short wPatternSize)
{
if(0 == bflgSendingData){
wpSetPattern = wpPattern;
wSetPatternSize = wPatternSize;
bflgSendingData = 1;
return 1;
}else{
return 0;
}
}
UPDATE, forgot to include this file
Here is my DACDriver.h file
#ifndef __DACDRIVER_H_
#define __DACDRIVER_H_
#include "derivative.h"
void vfnDACInit(void);
unsigned char bfnDACDriver(void);
unsigned char bfnDACSetPattern(unsigned short* wpPattern, unsigned short wPatternSize);
#endif /* __DACDRIVER_H_ */
Here is my main.c file, which right now only has a little test so I can see some output
#include "DACDriver.h"
int main(void)
{
unsigned char pattern[] = {
0xFF, 0xEF, 0xDF, 0xCF, 0xBF, 0xAF,
0x9F, 0x8F, 0x7F, 0x6F, 0x5F, 0x4F, 0x3F, 0x2F, 0x1F,
0x0F, 0x0E, 0x0D, 0x0C, 0x0B, 0x0A,
0x09, 0x08, 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00};
vfnDACInit();
for(;;) {
bfnDACDriver();
}
return 0;
}
I am trying to be the most autodidact possible, but I have run out of ideas...
My main questions are:
Do you see any error here?
How do I make it work?
Am I missing something?
Thanks a lot!!
So my real problem was not seeing that my oscilloscope didn't have the right voltage/time resolution hence the "null" output so to speak. My driver is fine. Thank you very much to everyone answering and taking an interest in my problem.
I've written some C code witch should sign an hash.
It seems to work fine; sign, generate public key and verify correctly.
but then using the sign result into another know-working code give me a key verification error (the sign is used over a bitcoin transaction)
Testing code is working fine, it can sign and verify, also used a third library (bitcoin's own implementation) and again it works fine.
So there is a bug in how I use OpenSSH but I can't find it. Any help appreciated, thanks.
Here the sign generator compiled with gcc -g -lssl -lcrypto
#include <openssl/ec.h> // for EC_GROUP_new_by_curve_name, EC_GROUP_free, EC_KEY_new, EC_KEY_set_group, EC_KEY_generate_key, EC_KEY_free
#include <openssl/ecdsa.h> // for ECDSA_do_sign, ECDSA_do_verify
#include <openssl/obj_mac.h> // for NID_secp192k1
#include <openssl/sha.h>
#include <stdio.h>
#include <stdint.h>
#include <stddef.h>
int create_signature (uint8_t * hash, int len)
{
/*
/ */ convert priv key from hexadecimal to BIGNUM
uint8_t hex[] =
{ 0x0C, 0xAE, 0xCF, 0x01, 0xD7, 0x41, 0x02, 0xA2, 0x8A, 0xED, 0x6A, 0x64,
0xDC, 0xF1, 0xCF, 0x7B, 0x0E, 0x41, 0xC4, 0xDD, 0x6C, 0x62, 0xF7, 0x0F, 0x46, 0xFE,
0xBD, 0xC3, 0x25, 0x14, 0xF0, 0xBD };*/
EC_KEY *eckey = NULL;
EC_POINT *pub_key = NULL;
const EC_GROUP *group = NULL;
BIGNUM start;
BIGNUM *res;
BN_CTX *ctx;
BN_init(&start);
ctx = BN_CTX_new(); // ctx is an optional buffer to save time from allocating and deallocating memory whenever required
res = &start;
BN_hex2bn(&res,"0caecf01d74102a28aed6a64dcf1cf7b0e41c4dd6c62f70f46febdc32514f0bd");
eckey = EC_KEY_new_by_curve_name(NID_secp256k1);
group = EC_KEY_get0_group(eckey);
EC_KEY_set_private_key(eckey, res);
int function_status = -1;
if (NULL == eckey)
{
printf ("\nFailed to create new EC Key\n");
function_status = -1;
} else {
unsigned int nSize = ECDSA_size(eckey);
uint8_t ris[nSize];
if (!ECDSA_sign(0, hash, sizeof(hash), ris, &nSize, eckey)){
printf ("\nFailed to generate EC Signature\n");
} else {
printf ("\nOK to generate EC Signature len: %d \n", nSize);
for (int i=0;i<nSize; i++) {
printf ("%02X", ris[i]);
}
{
pub_key = EC_POINT_new(group);
if (!EC_POINT_mul(group, pub_key, res, NULL, NULL, ctx))
printf("Error at EC_POINT_mul.\n");
EC_KEY_set_public_key(eckey, pub_key);
char *cc = EC_POINT_point2hex(group, pub_key, 4, ctx);
char *c=cc;
int i;
printf("\npublic key:");
for (i=0; i<130; i++) // 1 byte 0x42, 32 bytes for X coordinate, 32 bytes for Y coordinate
{
printf("%c", *c++);
}
free(cc);
}
int verify_status = ECDSA_verify(0, hash, sizeof(hash), ris, nSize, eckey);
const int verify_success = 1;
if (verify_success != verify_status)
{
printf("\nFailed to verify EC Signature\n");
function_status = -1;
} else {
printf("\nVerifed EC Signature\n");
function_status = 1;
}
}
EC_KEY_free (eckey);
}
return function_status;
}
int main() {
uint8_t double_hash[] = { 0x5f,0xda,0x68,0x72,0x9a,0x63,0x12,0xe1,0x7e,0x64,0x1e,0x9a,0x49,0xfa,0xc2,0xa4,0xa6,0xa6,0x80,0x12,0x66,0x10,0xaf,0x57,0x3c,0xaa,0xb2,0x70,0xd2,0x32,0xf8,0x50 };
printf ("\nhash len: %d \n", sizeof(double_hash));
create_signature( double_hash, sizeof(double_hash) );
}
I am trying out a small piece of code that would generate Hmac-sha1. I have been asked to code the hmac implementation myself using the OpenSSL libs for SHA1 calculation.
After 'wiki'ing for the algorithm, here is what I have below.I have used input with RFC 2246 specified test values:
Count Hexadecimal HMAC-SHA-1(secret, count)
0 cc93cf18508d94934c64b65d8ba7667fb7cde4b0
1 75a48a19d4cbe100644e8ac1397eea747a2d33ab
2 0bacb7fa082fef30782211938bc1c5e70416ff44
3 66c28227d03a2d5529262ff016a1e6ef76557ece
4 a904c900a64b35909874b33e61c5938a8e15ed1c
5 a37e783d7b7233c083d4f62926c7a25f238d0316
6 bc9cd28561042c83f219324d3c607256c03272ae
7 a4fb960c0bc06e1eabb804e5b397cdc4b45596fa
8 1b3c89f65e6c9e883012052823443f048b4332db
9 1637409809a679dc698207310c8c7fc07290d9e5
With the below code that I have done using example from RFC2104, I am getting the value for COUNTER = 0 as desired but when COUNTER value is set to other values like 2,3 etc as above, the HMAC SHA1 doesnt match with the above values in RFC 2246. Also another problem is if I use memcpy and memset instead of bzero or bcopy, the code shows a different(wrong) Hmac Sha1 value which doesnt match with COUNTER = 0 value. Please explain why this strange beahviour?
#include <openssl/evp.h>
#include <openssl/bn.h>
#include <openssl/sha.h>
#include <openssl/err.h>
#include <openssl/conf.h>
#include <openssl/engine.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h> /* for memset() */
#include <unistd.h>
#define IPAD 0x36
#define OPAD 0x5C
#define SHA1_DIGESTLENGTH 20
#define SHA1_BLOCK_LENGTH 64
#define COUNTER_LENGTH 8
typedef unsigned char uint8_t;
typedef unsigned short int uint16_t;
typedef unsigned int uint32_t;
/**
* Key
*/
#define SECRET { 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x30 }
#define COUNTER { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
void hmacsha1(){
uint8_t key[]= SECRET;
int key_len = sizeof(key);
uint8_t ctr[] = COUNTER;
unsigned char k_ipad[65]; /* inner padding -
* key XORd with ipad
*/
unsigned char k_opad[65]; /* outer padding -
* key XORd with opad
*/
int i;
uint8_t digest[20];
memset(digest, 0, sizeof(digest));
/*
* the HMAC_MD5 transform looks like:
*
* MD5(K XOR opad, MD5(K XOR ipad, text))
*
* where K is an n byte key
* ipad is the byte 0x36 repeated 64 times
* opad is the byte 0x5c repeated 64 times
* and text is the data being protected
*/
/* start out by storing key in pads */
bzero( k_ipad, sizeof k_ipad);
bzero( k_opad, sizeof k_opad);
bcopy( key, k_ipad, key_len);
bcopy( key, k_opad, key_len);
/*
memset( k_ipad, 0, sizeof k_ipad);
memset( k_opad, 0, sizeof k_opad);
memcpy( key, k_ipad, key_len);
memcpy( key, k_opad, key_len);
*/
/* XOR key with ipad and opad values */
for (i=0; i<64; i++) {
k_ipad[i] ^= 0x36;
k_opad[i] ^= 0x5c;
}
/*
* perform inner MD5
*/
EVP_MD_CTX mdctx;
const EVP_MD *md;
unsigned char md_value[EVP_MAX_MD_SIZE];
unsigned int md_len;
OpenSSL_add_all_digests();
md = EVP_get_digestbyname("sha1");
if(!md) {
printf("Unknown message digest\n");
exit(1);
}
EVP_MD_CTX_init(&mdctx);
EVP_DigestInit_ex(&mdctx, md, NULL);
EVP_DigestUpdate(&mdctx, k_ipad, 64 );
EVP_DigestUpdate(&mdctx, ctr, 8 );
EVP_DigestFinal_ex(&mdctx, md_value, &md_len);
EVP_MD_CTX_init(&mdctx);
EVP_DigestInit_ex(&mdctx, md, NULL);
EVP_DigestUpdate(&mdctx, k_opad, 64 );
EVP_DigestUpdate(&mdctx, md_value, md_len );
EVP_DigestFinal_ex(&mdctx, digest, &md_len);
EVP_MD_CTX_cleanup(&mdctx);
printf("Digest is: ");
for(i = 0; i < md_len; i++) printf("%02x", digest[i]);
printf("\n");
}
First, you have to do
memcpy(k_ipad, key, key_len);
memcpy(k_opad, key, key_len);
instead of
memcpy( key, k_ipad, key_len);
memcpy( key, k_opad, key_len);