stategen.c 6.94 KB
#include <openssl/rsa.h>
#include <openssl/bn.h>
#include <stdlib.h>
#include <sha1.h>
#include <PR/bbmetadata.h>
#include <PR/bbcert.h>
#include <aes.h>
#include <openssl/rand.h>
#include <stdlib.h>
#include <bb_nn.h>
#include <PR/bbcrl.h>
#include <sys/types.h>
#include <sys/stat.h>
#include "util.h"



#define MAX_KEY_SIZE 4096
/*
#define DEBUG
*/

#define MAX_REVOKED 256
   
   
     
int main(int argc, char **argv){
    RSA *prsa;
    int equal =0;
    BbRsaCert cert;
    int iter;
    int count;
    int size, newsize, i, e_size, n_size;
    int num_bytes, num_word, max_long, int_max;  
    unsigned char hash_data[20];
    unsigned char input_string[2048];
    unsigned char e_string[512];
    unsigned char n_string[512];
    unsigned char signature[512];
    unsigned long certpublickey[128];
    unsigned long certsign[128];
    unsigned long certexponent;
    
    char *root_string;
    char *temp_string;
    char tmp_name[2048];
   
    unsigned char customResult[512];
    unsigned char *padded_data;
    unsigned char *verify;
    unsigned long number;
    int inputLen = 20;
    SHA1Context sha;
    FILE *stateptr;
    u8 *stateBlob;
    u32 date;
    int j;
    FILE *statedataptr;
    FILE *signerptr;
    FILE *signatureptr;
    FILE *stateoutptr;
    FILE *sigptr;
    char dummy[512];
    char pvtkeyfile[512];
    struct stat statbuf;
    int state_size;

    BbEccCert bbcert;
    FILE *bbcertptr;
    BbEccPublicKey publickey;
    BbEccSig sig;
    boolean res;
    BbShaHash hash_word;
    padded_data = (unsigned char *)malloc(512);
    verify = (unsigned char *) malloc(512);
   
    if(argc < 5){
      fprintf(stderr,"usage: %s signerfile statefile signaturefilsprefix number\n", argv[0]);
      exit(1);
    }

    if((root_string = getenv("ROOT")) == NULL){
        fprintf(stderr,"Root not set\n");
        exit(1);
    }
    /* signer data is local */
    /*
    sprintf(tmp_name,"%s/usr/host_data/%s", root_string, argv[1]);
    signerptr = fopen(tmp_name, "r");    
    */
    signerptr = fopen(argv[1], "r");
    if(signerptr ==0){
        fprintf(stderr,"couldnt find key data for signer\n");
	exit(1);
    }    


    /* put state data for now */
#if 0
    stateoutptr = fopen("state.dat", "w");

    stateBlob = malloc(1024);
    for(i=0; i< 1024; i++){
      stateBlob[i] = i;
    }
    fwrite(stateBlob, 1024, 1, stateoutptr);
    fclose(stateoutptr);
    exit(1);
#endif
    statedataptr = fopen(argv[2], "r");
    if(statedataptr ==0){
      fprintf(stderr,"couldnt find your state data in local directory\n");
      exit(1);
    }
      
    signatureptr = fopen(argv[3], "w");
    if(signatureptr ==0){
      fprintf(stderr,"couldnt open signature file for writing\n");
      exit(1);
    }


    /* read in state data */
    stat(argv[2], &statbuf);
    printf("state file size = %ld\n", (long)statbuf.st_size);
    state_size = (long) statbuf.st_size;
    stateBlob= malloc(state_size);
    fread(stateBlob, state_size, 1, statedataptr);

    /* compute hash */
    SHA1Reset(&sha);
    SHA1Input(&sha, ((u8 *)(stateBlob)),state_size);
    SHA1Result(&sha, hash_data);  

    prsa = RSA_new();
    readRsaData(signerptr, prsa);
    size = RSA_size(prsa);
    num_bytes = size;

    /* sign it : each time sign is different because of the padding*/
    for(iter=0; iter < atoi(argv[4]); iter++){
      RSA_padding_add_PKCS1_type_2(padded_data, num_bytes, hash_data, 20);
#ifdef DEBUG
      for (i = 0; i <  20; i++){
        printf("hash[%d] of state data= %02x\n",i,hash_data[i]);
      }
#endif
      size = RSA_private_encrypt(num_bytes, 
                               padded_data, signature, prsa, RSA_NO_PADDING);

/* zero the result */
      for(i = 0; i < size; i++){
        verify[i]  = 0;
      }

      newsize = RSA_public_decrypt(RSA_size(prsa), signature, verify, prsa, RSA_NO_PADDING);

#ifdef DEBUG
      for(i =0; i< num_bytes; i++){
	printf("state  signature = %02x verify [%d] = %02x padded_data = %02x\n", signature[i] , i, verify[i], padded_data[i]);
      }
#endif
      
    
    /* initialise bigint */

      e_size = BN_bn2bin(prsa->e, e_string);
      n_size = BN_bn2bin(prsa->n, n_string);


      count = 0;
      for(i=0; i< n_size; i= i+4){
        certsign[count] = htonl(get_word(signature + i));
        count++;
      }
      
#ifdef DEBUG
      for(i = 0; i < 128; i++){
	printf("sign in file in right format  = %08x\n", certsign[i]);
      }
#endif
      /* copy the sign to its rightful place */
      fwrite((void *)signature, 1, num_bytes, signatureptr);
      
  

      /* validate on x86 */
      e_size = BN_bn2bin(prsa->e, e_string);
      n_size = BN_bn2bin(prsa->n, n_string);

    
      certexponent = get_word(e_string);
      count = 0;
      for(i=0; i< n_size; i= i+4){
        certpublickey[count] = htonl(get_word(n_string + i));
        certsign[count] = htonl(get_word(signature + i));
        count++;
      }
      
      bsl_rsa_verify(customResult, certsign, certpublickey, &certexponent, num_bytes*8);
    
    /* print custom result of decryption */
      equal = 0;
      j= 0;

    /* print output*/
      for(i=num_bytes- 20; i < num_bytes; i++){
#ifdef DEBUG
        printf("input = %02x custom = %02x\n", padded_data[i], customResult[i]);
#endif
        if(hash_data[j] != customResult[i]){
	  equal = 1;
        }
        j++;
    }
    
      if(equal ==0){
        printf("state sign  test: OK PASS test \n");
      }
      else {
        printf("state test: NOT OK FAIL test\n");
      }
    }
    free(prsa);
    if(signatureptr) fclose(signatureptr);
    if(statedataptr) fclose(statedataptr);

    /* verify a sign from a BB: assumed BBs cert is ecccert.bin */
    if((bbcertptr = fopen("ecccert.bin", "r")) == 0){
      fprintf(stderr,"cant open bb cert file \n");
      exit(1);
    }
    fread((void *) &bbcert, sizeof(BbEccCert), 1, bbcertptr);
    for(i=0; i< sizeof(BbEccPublicKey)/4; i++){
      publickey[i] = ntohl(bbcert.publicKey[i]);
    }
    /* read in sign here */
    /*
    sig[0] = 0x0000007d;
    sig[1] = 0x02675e5f;
    sig[2] = 0xeffc1194;
    sig[3] = 0x63171483;
    sig[4] = 0x0563810f;
    sig[5] = 0x485bbf56;
    sig[6] = 0x125012c3;
    sig[7] = 0x479864be;
    sig[8] = 0x000000bb;
    sig[9] = 0xb803f2e2;
    sig[10] =0x780fcfd4;
    sig[11] =0x10743ae7;
    sig[12] =0xbe8c4be7;
    sig[13] =0x9f89f2cb;
    sig[14] =0xbf8bff96;
    sig[15] =0x471db7f2;
    */
    if((sigptr = fopen("ecc.sys.copy", "r")) == 0){
      fprintf(stderr,"cant open bb sig file\n");
      exit(1);
    }
    fread((void *) &sig, sizeof(BbEccSig), 1, sigptr);
    for(i=0; i< sizeof(BbEccSig)/4; i++){
      sig[i] = ntohl(sig[i]);
    }
#define API_IDENTITY (0x00000001)
    for(i=0; i< 5; i++){
      hash_word[i] = *((u32 *)(hash_data + (4*i)));
      printf("hash_word = %08x\n", hash_word[i]);
    }
    bsl_verify_ecc_sig(hash_word, sizeof(BbShaHash), publickey, 
		       sig, &res, API_IDENTITY);
    if(res != BSL_TRUE){
      printf("Ecc sign verify FAIL\n");
    }
    else{
      printf("Ecc sign verify PASS\n");
    }
			   
    return 0;
}