From 9db10386430479067795bec66bb26343ff176ded Mon Sep 17 00:00:00 2001 From: Adam Harrison Date: Thu, 6 Jul 2023 06:37:41 -0400 Subject: Removed old mbedtls, replacing with submodule. --- lib/mbedtls-2.27.0/programs/pkey/dh_client.c | 312 --------------------------- 1 file changed, 312 deletions(-) delete mode 100644 lib/mbedtls-2.27.0/programs/pkey/dh_client.c (limited to 'lib/mbedtls-2.27.0/programs/pkey/dh_client.c') diff --git a/lib/mbedtls-2.27.0/programs/pkey/dh_client.c b/lib/mbedtls-2.27.0/programs/pkey/dh_client.c deleted file mode 100644 index d6e4990..0000000 --- a/lib/mbedtls-2.27.0/programs/pkey/dh_client.c +++ /dev/null @@ -1,312 +0,0 @@ -/* - * Diffie-Hellman-Merkle key exchange (client side) - * - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#include -#define mbedtls_printf printf -#define mbedtls_time_t time_t -#define mbedtls_exit exit -#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS -#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE -#endif /* MBEDTLS_PLATFORM_C */ - -#if defined(MBEDTLS_AES_C) && defined(MBEDTLS_DHM_C) && \ - defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_NET_C) && \ - defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA256_C) && \ - defined(MBEDTLS_FS_IO) && defined(MBEDTLS_CTR_DRBG_C) && \ - defined(MBEDTLS_SHA1_C) -#include "mbedtls/net_sockets.h" -#include "mbedtls/aes.h" -#include "mbedtls/dhm.h" -#include "mbedtls/rsa.h" -#include "mbedtls/sha1.h" -#include "mbedtls/entropy.h" -#include "mbedtls/ctr_drbg.h" - -#include -#include -#endif - -#define SERVER_NAME "localhost" -#define SERVER_PORT "11999" - -#if !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_DHM_C) || \ - !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_NET_C) || \ - !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) || \ - !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C) || \ - !defined(MBEDTLS_SHA1_C) -int main( void ) -{ - mbedtls_printf("MBEDTLS_AES_C and/or MBEDTLS_DHM_C and/or MBEDTLS_ENTROPY_C " - "and/or MBEDTLS_NET_C and/or MBEDTLS_RSA_C and/or " - "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO and/or " - "MBEDTLS_CTR_DRBG_C not defined.\n"); - mbedtls_exit( 0 ); -} -#else - - -int main( void ) -{ - FILE *f; - - int ret = 1; - int exit_code = MBEDTLS_EXIT_FAILURE; - size_t n, buflen; - mbedtls_net_context server_fd; - - unsigned char *p, *end; - unsigned char buf[2048]; - unsigned char hash[32]; - const char *pers = "dh_client"; - - mbedtls_entropy_context entropy; - mbedtls_ctr_drbg_context ctr_drbg; - mbedtls_rsa_context rsa; - mbedtls_dhm_context dhm; - mbedtls_aes_context aes; - - mbedtls_net_init( &server_fd ); - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_SHA256 ); - mbedtls_dhm_init( &dhm ); - mbedtls_aes_init( &aes ); - mbedtls_ctr_drbg_init( &ctr_drbg ); - - /* - * 1. Setup the RNG - */ - mbedtls_printf( "\n . Seeding the random number generator" ); - fflush( stdout ); - - mbedtls_entropy_init( &entropy ); - if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, - (const unsigned char *) pers, - strlen( pers ) ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret ); - goto exit; - } - - /* - * 2. Read the server's public RSA key - */ - mbedtls_printf( "\n . Reading public key from rsa_pub.txt" ); - fflush( stdout ); - - if( ( f = fopen( "rsa_pub.txt", "rb" ) ) == NULL ) - { - mbedtls_printf( " failed\n ! Could not open rsa_pub.txt\n" \ - " ! Please run rsa_genkey first\n\n" ); - goto exit; - } - - mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 ); - - if( ( ret = mbedtls_mpi_read_file( &rsa.N, 16, f ) ) != 0 || - ( ret = mbedtls_mpi_read_file( &rsa.E, 16, f ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_mpi_read_file returned %d\n\n", ret ); - fclose( f ); - goto exit; - } - - rsa.len = ( mbedtls_mpi_bitlen( &rsa.N ) + 7 ) >> 3; - - fclose( f ); - - /* - * 3. Initiate the connection - */ - mbedtls_printf( "\n . Connecting to tcp/%s/%s", SERVER_NAME, - SERVER_PORT ); - fflush( stdout ); - - if( ( ret = mbedtls_net_connect( &server_fd, SERVER_NAME, - SERVER_PORT, MBEDTLS_NET_PROTO_TCP ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_connect returned %d\n\n", ret ); - goto exit; - } - - /* - * 4a. First get the buffer length - */ - mbedtls_printf( "\n . Receiving the server's DH parameters" ); - fflush( stdout ); - - memset( buf, 0, sizeof( buf ) ); - - if( ( ret = mbedtls_net_recv( &server_fd, buf, 2 ) ) != 2 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_recv returned %d\n\n", ret ); - goto exit; - } - - n = buflen = ( buf[0] << 8 ) | buf[1]; - if( buflen < 1 || buflen > sizeof( buf ) ) - { - mbedtls_printf( " failed\n ! Got an invalid buffer length\n\n" ); - goto exit; - } - - /* - * 4b. Get the DHM parameters: P, G and Ys = G^Xs mod P - */ - memset( buf, 0, sizeof( buf ) ); - - if( ( ret = mbedtls_net_recv( &server_fd, buf, n ) ) != (int) n ) - { - mbedtls_printf( " failed\n ! mbedtls_net_recv returned %d\n\n", ret ); - goto exit; - } - - p = buf, end = buf + buflen; - - if( ( ret = mbedtls_dhm_read_params( &dhm, &p, end ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_dhm_read_params returned %d\n\n", ret ); - goto exit; - } - - if( dhm.len < 64 || dhm.len > 512 ) - { - mbedtls_printf( " failed\n ! Invalid DHM modulus size\n\n" ); - goto exit; - } - - /* - * 5. Check that the server's RSA signature matches - * the SHA-256 hash of (P,G,Ys) - */ - mbedtls_printf( "\n . Verifying the server's RSA signature" ); - fflush( stdout ); - - p += 2; - - if( ( n = (size_t) ( end - p ) ) != rsa.len ) - { - mbedtls_printf( " failed\n ! Invalid RSA signature size\n\n" ); - goto exit; - } - - if( ( ret = mbedtls_sha1_ret( buf, (int)( p - 2 - buf ), hash ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_sha1_ret returned %d\n\n", ret ); - goto exit; - } - - if( ( ret = mbedtls_rsa_pkcs1_verify( &rsa, NULL, NULL, MBEDTLS_RSA_PUBLIC, - MBEDTLS_MD_SHA256, 0, hash, p ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_verify returned %d\n\n", ret ); - goto exit; - } - - /* - * 6. Send our public value: Yc = G ^ Xc mod P - */ - mbedtls_printf( "\n . Sending own public value to server" ); - fflush( stdout ); - - n = dhm.len; - if( ( ret = mbedtls_dhm_make_public( &dhm, (int) dhm.len, buf, n, - mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_dhm_make_public returned %d\n\n", ret ); - goto exit; - } - - if( ( ret = mbedtls_net_send( &server_fd, buf, n ) ) != (int) n ) - { - mbedtls_printf( " failed\n ! mbedtls_net_send returned %d\n\n", ret ); - goto exit; - } - - /* - * 7. Derive the shared secret: K = Ys ^ Xc mod P - */ - mbedtls_printf( "\n . Shared secret: " ); - fflush( stdout ); - - if( ( ret = mbedtls_dhm_calc_secret( &dhm, buf, sizeof( buf ), &n, - mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 ) - { - mbedtls_printf( " failed\n ! mbedtls_dhm_calc_secret returned %d\n\n", ret ); - goto exit; - } - - for( n = 0; n < 16; n++ ) - mbedtls_printf( "%02x", buf[n] ); - - /* - * 8. Setup the AES-256 decryption key - * - * This is an overly simplified example; best practice is - * to hash the shared secret with a random value to derive - * the keying material for the encryption/decryption keys, - * IVs and MACs. - */ - mbedtls_printf( "...\n . Receiving and decrypting the ciphertext" ); - fflush( stdout ); - - mbedtls_aes_setkey_dec( &aes, buf, 256 ); - - memset( buf, 0, sizeof( buf ) ); - - if( ( ret = mbedtls_net_recv( &server_fd, buf, 16 ) ) != 16 ) - { - mbedtls_printf( " failed\n ! mbedtls_net_recv returned %d\n\n", ret ); - goto exit; - } - - mbedtls_aes_crypt_ecb( &aes, MBEDTLS_AES_DECRYPT, buf, buf ); - buf[16] = '\0'; - mbedtls_printf( "\n . Plaintext is \"%s\"\n\n", (char *) buf ); - - exit_code = MBEDTLS_EXIT_SUCCESS; - -exit: - - mbedtls_net_free( &server_fd ); - - mbedtls_aes_free( &aes ); - mbedtls_rsa_free( &rsa ); - mbedtls_dhm_free( &dhm ); - mbedtls_ctr_drbg_free( &ctr_drbg ); - mbedtls_entropy_free( &entropy ); - -#if defined(_WIN32) - mbedtls_printf( " + Press Enter to exit this program.\n" ); - fflush( stdout ); getchar(); -#endif - - mbedtls_exit( exit_code ); -} -#endif /* MBEDTLS_AES_C && MBEDTLS_DHM_C && MBEDTLS_ENTROPY_C && - MBEDTLS_NET_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C && - MBEDTLS_FS_IO && MBEDTLS_CTR_DRBG_C */ -- cgit v1.2.3