/home/dko/projects/mobilec/trunk/src/security/xyssl-0.7/programs/pkey/dh_server.c

Go to the documentation of this file.
00001 /* SVN FILE INFO
00002  * $Revision: 174 $ : Last Committed Revision
00003  * $Date: 2008-06-24 10:50:29 -0700 (Tue, 24 Jun 2008) $ : Last Committed Date */
00004 /*
00005  *  Diffie-Hellman-Merkle key exchange (server side)
00006  *
00007  *  Copyright (C) 2006-2007  Christophe Devine
00008  *
00009  *  This library is free software; you can redistribute it and/or
00010  *  modify it under the terms of the GNU Lesser General Public
00011  *  License, version 2.1 as published by the Free Software Foundation.
00012  *
00013  *  This library is distributed in the hope that it will be useful,
00014  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
00015  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
00016  *  Lesser General Public License for more details.
00017  *
00018  *  You should have received a copy of the GNU Lesser General Public
00019  *  License along with this library; if not, write to the Free Software
00020  *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
00021  *  MA  02110-1301  USA
00022  */
00023 
00024 #ifndef _CRT_SECURE_NO_DEPRECATE
00025 #define _CRT_SECURE_NO_DEPRECATE 1
00026 #endif
00027 
00028 #include <string.h>
00029 #include <stdio.h>
00030 
00031 #include "xyssl/net.h"
00032 #include "xyssl/aes.h"
00033 #include "xyssl/dhm.h"
00034 #include "xyssl/rsa.h"
00035 #include "xyssl/sha1.h"
00036 #include "xyssl/havege.h"
00037 
00038 #define SERVER_PORT 11999
00039 #define PLAINTEXT "0123456_89ABCDE_"
00040 
00041 int main( void )
00042 {
00043     FILE *f;
00044 
00045     int ret, n, buflen;
00046     int listen_fd = -1;
00047     int client_fd = -1;
00048 
00049     unsigned char buf[1024];
00050     unsigned char hash[20];
00051     unsigned char buf2[2];
00052 
00053     havege_state hs;
00054     rsa_context rsa;
00055     dhm_context dhm;
00056     aes_context aes;
00057 
00058     memset( &rsa, 0, sizeof( rsa ) );
00059     memset( &dhm, 0, sizeof( dhm ) );
00060 
00061     /*
00062      * 1. Setup the RNG
00063      */
00064     printf( "\n  . Seeding the random number generator" );
00065     fflush( stdout );
00066 
00067     havege_init( &hs );
00068 
00069     /*
00070      * 2a. Read the server's private RSA key
00071      */
00072     printf( "\n  . Reading private key from rsa_priv.txt" );
00073     fflush( stdout );
00074 
00075     if( ( f = fopen( "rsa_priv.txt", "rb" ) ) == NULL )
00076     {
00077         ret = 1;
00078         printf( " failed\n  ! Could not open rsa_priv.txt\n" \
00079                 "  ! Please run rsa_genkey first\n\n" );
00080         goto exit;
00081     }
00082 
00083     if( ( ret = rsa_read_private( &rsa, f ) ) != 0 )
00084     {
00085         printf( " failed\n  ! rsa_read_private returned %08x\n\n", ret );
00086         goto exit;
00087     }
00088 
00089     fclose( f );
00090 
00091     /*
00092      * 2b. Get the DHM modulus and generator
00093      */
00094     printf( "\n  . Reading DH parameters from dh_prime.txt" );
00095     fflush( stdout );
00096 
00097     if( ( f = fopen( "dh_prime.txt", "rb" ) ) == NULL )
00098     {
00099         ret = 1;
00100         printf( " failed\n  ! Could not open dh_prime.txt\n" \
00101                 "  ! Please run dh_genprime first\n\n" );
00102         goto exit;
00103     }
00104 
00105     if( mpi_read_file( &dhm.P, 16, f ) != 0 ||
00106         mpi_read_file( &dhm.G, 16, f ) != 0 )
00107     {
00108         printf( " failed\n  ! Invalid DH parameter file\n\n" );
00109         goto exit;
00110     }
00111 
00112     /*
00113      * 3. Wait for a client to connect
00114      */
00115     printf( "\n  . Waiting for a remote connection" );
00116     fflush( stdout );
00117 
00118     if( ( ret = net_bind( &listen_fd, NULL, SERVER_PORT ) ) != 0 )
00119     {
00120         printf( " failed\n  ! net_bind returned %08x\n\n", ret );
00121         goto exit;
00122     }
00123 
00124     if( ( ret = net_accept( listen_fd, &client_fd, NULL ) ) != 0 )
00125     {
00126         printf( " failed\n  ! net_accept returned %08x\n\n", ret );
00127         goto exit;
00128     }
00129 
00130     /*
00131      * 4. Setup the DH parameters (P,G,Ys)
00132      */
00133     printf( "\n  . Sending the server's DH parameters" );
00134     fflush( stdout );
00135 
00136     memset( buf, 0, sizeof( buf ) );
00137 
00138     if( ( ret = dhm_make_params( &dhm, havege_rand, &hs,
00139                                  buf, &n ) ) != 0 )
00140     {
00141         printf( " failed\n  ! dhm_make_params returned %08x\n\n", ret );
00142         goto exit;
00143     }
00144 
00145     /*
00146      * 5. Sign the parameters and send them
00147      */
00148     sha1( buf, n, hash );
00149 
00150     buf[n] = rsa.len >> 8;
00151     buf[n + 1] = rsa.len;
00152 
00153     if( ( ret = rsa_pkcs1_sign( &rsa, RSA_SHA1, hash, 20,
00154                                 buf + n + 2, rsa.len ) ) != 0 )
00155     {
00156         printf( " failed\n  ! rsa_pkcs1_sign returned %08x\n\n", ret );
00157         goto exit;
00158     }
00159 
00160     buflen = n + 2 + rsa.len;
00161     buf2[0] = buflen >> 8;
00162     buf2[1] = buflen;
00163     n = 2;
00164 
00165     if( ( ret = net_send( client_fd, buf2, &n ) ) != 0 )
00166     {
00167         printf( " failed\n  ! net_send returned %08x\n\n", ret );
00168         goto exit;
00169     }
00170 
00171     if( ( ret = net_send( client_fd, buf, &buflen ) ) != 0 )
00172     {
00173         printf( " failed\n  ! net_send returned %08x\n\n", ret );
00174         goto exit;
00175     }
00176 
00177     /*
00178      * 6. Get the client's public value: Yc = G ^ Xc mod P
00179      */
00180     printf( "\n  . Receiving the client's public value" );
00181     fflush( stdout );
00182 
00183     n = dhm.len;
00184     if( ( ret = net_recv( client_fd, buf, &n ) ) != 0 )
00185     {
00186         printf( " failed\n  ! net_recv returned %08x\n\n", ret );
00187         goto exit;
00188     }
00189 
00190     if( ( ret = dhm_read_public( &dhm, buf, n ) ) != 0 )
00191     {
00192         printf( " failed\n  ! net_recv returned %08x\n\n", ret );
00193         goto exit;
00194     }
00195 
00196     /*
00197      * 7. Derive the shared secret: K = Ys ^ Xc mod P
00198      */
00199     printf( "\n  . Shared secret: " );
00200     fflush( stdout );
00201 
00202     if( ( ret = dhm_calc_secret( &dhm, buf, &n ) ) != 0 )
00203     {
00204         printf( " failed\n  ! dhm_calc_secret returned %08x\n\n", ret );
00205         goto exit;
00206     }
00207 
00208     for( n = 0; n < 16; n++ )
00209         printf( "%02x", buf[n] );
00210 
00211     /*
00212      * 8. Setup the AES-256 encryption key
00213      *
00214      * This is an overly simplified example; best practice is
00215      * to hash the shared secret with a random value to derive
00216      * the keying material for the encryption/decryption keys
00217      * and MACs.
00218      */
00219     printf( "...\n  . Encrypting and sending the ciphertext" );
00220     fflush( stdout );
00221 
00222     aes_set_key( &aes, buf, 256 );
00223     memcpy( buf, PLAINTEXT, 16 );
00224     aes_encrypt( &aes, buf, buf );
00225 
00226     n = 16;
00227     if( ( ret = net_send( client_fd, buf, &n ) ) != 0 )
00228     {
00229         printf( " failed\n  ! net_send returned %08x\n\n", ret );
00230         goto exit;
00231     }
00232 
00233     printf( "\n\n" );
00234 
00235 exit:
00236 
00237     net_close( client_fd );
00238     rsa_free( &rsa );
00239     dhm_free( &dhm );
00240 
00241 #ifdef WIN32
00242     printf( "  + Press Enter to exit this program.\n" );
00243     fflush( stdout ); getchar();
00244 #endif
00245 
00246     return( ret );
00247 }
Generated on Tue Jul 1 15:29:59 2008 for Mobile-C by  doxygen 1.5.4