diff --git a/client/emv/crypto_polarssl.c b/client/emv/crypto_polarssl.c index 8b36c397..49ac3188 100644 --- a/client/emv/crypto_polarssl.c +++ b/client/emv/crypto_polarssl.c @@ -150,13 +150,25 @@ static struct crypto_pk *crypto_pk_polarssl_open_priv_rsa(va_list vl) int res = rsa_check_privkey(&cp->ctx); if(res != 0) { fprintf(stderr, "PolarSSL private key error res=%x exp=%d mod=%d.\n", res * -1, explen, modlen); - return NULL; } return &cp->cp; } +static int myrand(void *rng_state, unsigned char *output, size_t len) { + size_t i; + + if(rng_state != NULL) + rng_state = NULL; + + for( i = 0; i < len; ++i ) + output[i] = rand(); + + return 0; +} + + static struct crypto_pk *crypto_pk_polarssl_genkey_rsa(va_list vl) { struct crypto_pk_polarssl *cp = malloc(sizeof(*cp)); @@ -166,35 +178,12 @@ static struct crypto_pk *crypto_pk_polarssl_genkey_rsa(va_list vl) unsigned int nbits = va_arg(vl, unsigned int); unsigned int exp = va_arg(vl, unsigned int); - - - - - - -/* err = gcry_sexp_build(¶ms, NULL, - transient ? - "(genkey (rsa (nbits %u) (rsa-use-e %u) (flags transient-key)))": - "(genkey (rsa (nbits %u) (rsa-use-e %u)))", - nbits, exp); - if (err) { - fprintf(stderr, "LibGCrypt error %s/%s\n", - gcry_strsource (err), - gcry_strerror (err)); - free(cp); + int res = rsa_gen_key(&cp->ctx, &myrand, NULL, nbits, exp); + if (res) { + fprintf(stderr, "PolarSSL private key generation error res=%x exp=%d nbits=%d.\n", res * -1, exp, nbits); return NULL; } - - err = gcry_pk_genkey(&cp->pk, params); - gcry_sexp_release(params); - if (err) { - fprintf(stderr, "LibGCrypt error %s/%s\n", - gcry_strsource (err), - gcry_strerror (err)); - free(cp); - return NULL; - }*/ - + return &cp->cp; } diff --git a/client/emv/crypto_test.c b/client/emv/crypto_test.c index 40b2db46..68e25ea4 100644 --- a/client/emv/crypto_test.c +++ b/client/emv/crypto_test.c @@ -19,9 +19,11 @@ #include "crypto.h" #include "dump.h" +#include "util_posix.h" #include #include +#include static int test_genkey(unsigned int keylength, unsigned char *msg, size_t msg_len, bool verbose) { @@ -30,28 +32,41 @@ static int test_genkey(unsigned int keylength, unsigned char *msg, size_t msg_le unsigned char *tmp, *tmp2; struct crypto_pk *pk; - printf("Testing key length %u\n", keylength); + printf("Testing key length %u ", keylength); + uint64_t ms = msclock(); pk = crypto_pk_genkey(PK_RSA, 1, keylength, 3); - if (!pk) + if (!pk) { + fprintf(stderr, "ERROR: key generation error.\n"); goto out; + } tmp_len = crypto_pk_get_nbits(pk); - if (tmp_len != keylength) + if (tmp_len != keylength) { + fprintf(stderr, "ERROR: crypto_pk_get_nbits.\n"); goto close; + } tmp = crypto_pk_decrypt(pk, msg, msg_len, &tmp_len); - if (!tmp) + if (!tmp) { + fprintf(stderr, "ERROR: crypto_pk_decrypt.\n"); goto close; + } tmp2 = crypto_pk_encrypt(pk, tmp, tmp_len, &tmp2_len); - if (!tmp2) + if (!tmp2) { + fprintf(stderr, "ERROR: crypto_pk_encrypt.\n"); goto free_tmp; + } - if (tmp2_len == msg_len && !memcmp(tmp2, msg, tmp2_len)) + if (tmp2_len == msg_len && !memcmp(tmp2, msg, tmp2_len)) { ret = 0; + } else { + fprintf(stderr, "ERROR: encrypt-decrypt sequence length or data error.\n"); + } free(tmp2); + printf("passed. (%"PRIu64" ms) \n", msclock() - ms); free_tmp: free(tmp); close: @@ -287,7 +302,7 @@ close_pub: int exec_crypto_test(bool verbose) { - unsigned int keylengths[] = {1024, 1152, 1408, 1984, 2048/*, 3072, 4096*/}; + unsigned int keylengths[] = {1024, 1152, 1408, 1984, 2048, 3072, 4096}; int i; int ret; fprintf(stdout, "\n"); @@ -297,7 +312,7 @@ int exec_crypto_test(bool verbose) fprintf(stderr, "Crypto raw test: failed\n"); return ret; } - fprintf(stdout, "Crypto raw test: passed\n"); + fprintf(stdout, "Crypto raw test: passed\n\n"); for (i = 0; i < sizeof(keylengths) / sizeof(keylengths[0]); i++) { unsigned int kl = keylengths[i]; diff --git a/client/emv/cryptotest.c b/client/emv/cryptotest.c index c8e24526..a6d06e68 100644 --- a/client/emv/cryptotest.c +++ b/client/emv/cryptotest.c @@ -54,8 +54,7 @@ int ExecuteCryptoTests(bool verbose) { res = exec_crypto_test(verbose); if (res) TestFail = true; - PrintAndLog("--------------------------"); - + PrintAndLog("\n--------------------------"); if (TestFail) PrintAndLog("Test(s) [ERROR]."); else