實驗二-init階段
//file system
#include<stdio.h>
#include<stdlib.h>
#include<string.h>
//openssl
#include<openssl/evp.h>
#include<openssl/sha.h>
#include<openssl/rsa.h>
#include<openssl/aes.h>
#include<openssl/hmac.h>
#include<openssl/pem.h>
#include<openssl/err.h>
//socket
#include<netinet/in.h> // sockaddr_in
#include<sys/types.h> // socket
#include<sys/socket.h> // socket
#include<stdio.h> // printf
#include<stdlib.h> // exit
#include<string.h> // bzero
//time
#include<time.h>
#include <stdio.h>
#include <sys/time.h>
//file path
#define PUBEK "ek_pub.key"
#define PRIEK "ek.key"
#define PUBDA "DA_pub.key"
#define PRIDA "DA.key"
//socket parameter
#define SERVER_PORT 8000
#define LENGTH_OF_LISTEN_QUEUE 20
#define BUFFER_SIZE 1024算法
char* sign( )
{
EVP_MD_CTX mdctx;
EVP_PKEY *evpkey=NULL,*evpkey1=NULL;
char *signValue;
unsigned int signLen;
char *text="NO20171228";
int textLen=16;
//char *signID=NULL;服務器
RSA *pri,*pub;
FILE *file;
if((file=fopen(PRIEK,"r"))==NULL){
perror("source TPM: open key file error");
return;
}
// printf("1\n");
//if((p_rsa=PEM_read_RSA_PUBKEY(file,NULL,NULL,NULL))==NULL){
if((pri=PEM_read_RSAPrivateKey(file,NULL,NULL,NULL))==NULL){
ERR_print_errors_fp(stdout);
return;
}
// printf("2\n");
evpkey=EVP_PKEY_new();
if(NULL==evpkey){
printf("EVP_KEY_new failed!\n");
return;
}
EVP_PKEY_assign_RSA(evpkey,pri);
//printf("3\n");
//如下是計算簽名的代碼
EVP_MD_CTX_init(&mdctx); //初始化摘要上下文
if(!EVP_SignInit_ex(&mdctx,EVP_md5(),NULL)) //簽名初始化,設置摘要算法
{
printf("initerr\n");
return;
}
//printf("4\n");
if(!EVP_SignUpdate(&mdctx,text,textLen)) //計算簽名(摘要)Update
{
printf("signupfate err\n");
return;
}
//printf("5\n");
if(!EVP_SignFinal(&mdctx,signValue,&signLen,evpkey)) //簽名輸出
{
printf("signfinal err\n");
return;
}
// printf("6\n");
//printf("消息%s的簽名值是:\n",text);
//printf("---------------------------\n");
//printf("%s",signValue);
//printf("\n");
// return signValue;
// EVP_PKEY_free(evpkey);
EVP_MD_CTX_cleanup(&mdctx);
// return;
ERR_load_EVP_strings();
EVP_MD_CTX mdctx1; //摘要算法上下文變量
EVP_MD_CTX_init(&mdctx1); //初始化摘要上下文
FILE *file1;
int flen1;
if((file1=fopen(PUBEK,"r"))==NULL){
perror("source TPM: open key file error");
return;
}
if((pub=PEM_read_RSA_PUBKEY(file1,NULL,NULL,NULL))==NULL){
//if((pub=PEM_read_RSAPublicKey(file1,NULL,NULL,NULL))==NULL){
ERR_print_errors_fp(stdout);
return;
}
evpkey1=EVP_PKEY_new();
if(NULL==evpkey1){
printf("EVP_KEY_new failed!\n");
return;
}
EVP_PKEY_assign_RSA(evpkey1,pub);socket
if(!EVP_VerifyInit_ex(&mdctx1, EVP_md5(), NULL)) //驗證初始化,設置摘要算法,必定要和簽名一致
{
printf("EVP_VerifyInit_ex err\n");
return;
}
if(!EVP_VerifyUpdate(&mdctx1, text, textLen)) //驗證簽名(摘要)Update
{
printf("err\n");
return;
}
//printf("%s\n",text);
if(EVP_VerifyFinal(&mdctx1,signValue,signLen,evpkey1)==0)
{
// printf("verify err\n");
//printf("簽名值是:\n");
// printf("%s\n",signValue);
//printf("end\n");
EVP_MD_CTX_cleanup(&mdctx1);
return;
}
else
{
// printf("驗證簽名正確.\n");
}
//釋放內存
EVP_PKEY_free(evpkey1);
EVP_MD_CTX_cleanup(&mdctx1);
return signValue;函數
}
void aes_box_encrypt(unsigned char* source_string, unsigned char* des_string)
{
int iLoop = 0;
int iLen =0;
AES_KEY aes;
unsigned char key[AES_BLOCK_SIZE];
unsigned char iv[AES_BLOCK_SIZE];
if(NULL == source_string || NULL == des_string)
{
printf("NULL\n");
return;
}
//Generate own AES Key
for(iLoop = 0; iLoop < 16; iLoop++)
{
key[iLoop] = 32 + iLoop;
}
// Set encryption key
for (iLoop=0; iLoop<AES_BLOCK_SIZE; iLoop++)
{
iv[iLoop] = 0;
}
if (AES_set_encrypt_key(key, 128, &aes) < 0)
{
return ;
}
iLen = strlen(source_string) + 1;
AES_cbc_encrypt(source_string, des_string, iLen, &aes, iv, AES_ENCRYPT);
}
void aes_box_decrypt(unsigned char* source_string, unsigned char* des_string)
{
int iLoop = 0;
int iLen =0;
AES_KEY aes;
unsigned char key[AES_BLOCK_SIZE];
unsigned char iv[AES_BLOCK_SIZE];
if(NULL == source_string || NULL == des_string)
{
printf("NULL\n");
return;
}
//Generate own AES Key
for(iLoop = 0; iLoop < 16; iLoop++)
{
key[iLoop] = 32 + iLoop;
}
// Set encryption key
for (iLoop=0; iLoop<AES_BLOCK_SIZE; iLoop++)
{
iv[iLoop] = 0;
}
if(AES_set_decrypt_key(key, 128, &aes) < 0)
{
return ;
}
iLen = strlen(source_string)+1;
AES_cbc_encrypt(source_string, des_string, iLen, &aes, iv, AES_DECRYPT);
}oop
char *my_encrypt(char *str,char *path_key){
char *p_en;
RSA *p_rsa;
FILE *file;
int flen,rsa_len;
if((file=fopen(path_key,"r"))==NULL){
perror("source TPM: open key file error");
return NULL;
}
if((p_rsa=PEM_read_RSA_PUBKEY(file,NULL,NULL,NULL))==NULL){
//if((p_rsa=PEM_read_RSAPublicKey(file,NULL,NULL,NULL))==NULL){ // 換成這句死活通不過,不管是否將公鑰分離源文件
ERR_print_errors_fp(stdout);
return NULL;
}
flen=strlen(str);
rsa_len=RSA_size(p_rsa);
p_en=(unsigned char *)malloc(rsa_len+1);
memset(p_en,0,rsa_len+1);
if(RSA_public_encrypt(rsa_len,(unsigned char *)str,(unsigned char*)p_en,p_rsa,RSA_NO_PADDING)<0){
return NULL;
}
RSA_free(p_rsa);
fclose(file);
//printf("p_en is %s\n",p_en);
return p_en;
}
char *my_decrypt(char *str,char *path_key){
char *p_de;
RSA *p_rsa;
FILE *file;
int rsa_len;
if((file=fopen(path_key,"r"))==NULL){
perror("source TPM: open key file error");
return NULL;
}
if((p_rsa=PEM_read_RSAPrivateKey(file,NULL,NULL,NULL))==NULL){
ERR_print_errors_fp(stdout);
return NULL;
}
rsa_len=RSA_size(p_rsa);
p_de=(unsigned char *)malloc(rsa_len+1);
memset(p_de,0,rsa_len+1);
if(RSA_private_decrypt(rsa_len,(unsigned char *)str,(unsigned char*)p_de,p_rsa,RSA_NO_PADDING)<0){
return NULL;
}
RSA_free(p_rsa);
fclose(file);
return p_de;
}加密
int my_server1(int cases,char *sysencseed,char *encryKeyout,char *dups,char *outerHMAC)
{
// 聲明並初始化一個服務器端的socket地址結構
struct sockaddr_in server_addr;
bzero(&server_addr, sizeof(server_addr));
server_addr.sin_family = AF_INET;
server_addr.sin_addr.s_addr = htons(INADDR_ANY);
server_addr.sin_port = htons(SERVER_PORT);server
// 建立socket,若成功,返回socket描述符
int server_socket_fd = socket(PF_INET, SOCK_STREAM, 0);
if(server_socket_fd < 0)
{
perror("Create Socket Failed:");
exit(1);
}
int opt = 1;
setsockopt(server_socket_fd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt));內存
// 綁定socket和socket地址結構
if(-1 == (bind(server_socket_fd, (struct sockaddr*)&server_addr, sizeof(server_addr))))
{
perror("Server Bind Failed:");
exit(1);
}md5
// socket監聽
if(-1 == (listen(server_socket_fd, LENGTH_OF_LISTEN_QUEUE)))
{
perror("Server Listen Failed:");
exit(1);
}
printf("source TPM:waiting for client connect...........\n");
// 定義客戶端的socket
struct sockaddr_in client_addr;
socklen_t client_addr_length = sizeof(client_addr);
// 接受鏈接請求,返回一個新的socket(描述符),這個新socket用於同鏈接的客戶端>通訊
// accept函數會把鏈接到的客戶端信息寫到client_addr中
int new_server_socket_fd = accept(server_socket_fd, (struct sockaddr*)&client_addr, &client_addr_length);
if(new_server_socket_fd < 0)
{
perror("Server Accept Failed:");
// break;
return -1;
}
else
{
printf("source TPM: client connect success!\n");
}
FILE *fp ;
if(cases==0)
{
char buffer0[BUFFER_SIZE],dstStringTemp[17]={0};
int RA=1,Ntpm=1;
char *Nda0="2";
//send seed
printf("-------------source TPM:init stage start--------------\n");
bzero(buffer0, BUFFER_SIZE);
strncpy( buffer0, sysencseed,strlen(sysencseed)>BUFFER_SIZE?BUFFER_SIZE:strlen(sysencseed));
send(new_server_socket_fd, sysencseed, BUFFER_SIZE, 0);
send(new_server_socket_fd, dups, BUFFER_SIZE, 0);
//recieve data
printf("source TPM:recieve data from DA.....\n");
recv(new_server_socket_fd, buffer0, BUFFER_SIZE, 0);
printf("source TPM:using ks decrypt to get RA,Ntpm,Nda0...\n");
aes_box_decrypt(buffer0,dstStringTemp);
//printf("source TPM:after decrypt is :%s\n",dstStringTemp);
printf("source TPM:Verify Ntpm.....\n");
printf("source TPM:Verify success,send data to DA...\n");
bzero(buffer0, BUFFER_SIZE);
aes_box_encrypt(Nda0,buffer0);
send(new_server_socket_fd, buffer0, BUFFER_SIZE, 0);ssl
printf("-------------source TPM:init stage end--------------\n");
}
}
int main(void){
int c,timeuse;
char dstStringTemp[17]={0},dst[17]={0},dupSensitive1[17]={0},*sss,*encryptionKeyout;
unsigned char*outerHMAC,encSensitive[17]={0};
unsigned char *dupSensitive={0};
unsigned char str[]="你好icd";
unsigned char* encryptionKeyin="abcdefghijklmnop";
FILE *migkeyfp;
char *sysmetricSeed;
struct timeval start, end;
//printf("source TPM:init stage start.............\n"); //初始化階段 char *signID=NULL,*encks=NULL,*decks=NULL; //1.用EK簽名ID signID=sign(); char ks[]="123456"; //2.用DA加密ks encks=my_encrypt(ks,PUBDA); //decks=my_decrypt(encks,PRIDA); unsigned char source_string[]="EK&NO1&01&", des_string[128]={0}; //3.用ks加密EK,ID,signID,N aes_box_encrypt(source_string,des_string) ; //printf("ks加密:%s\n",des_string); //4.發送數據 my_server1(0,encks,NULL,des_string,NULL); return 0; }
- 1. 實驗二 初始化階段-source.c
- 2. 實驗二 初始化階段-DA.c
- 3. 第二階段MINIStory成果驗收
- 4. deeplabv3+_tensorflow實驗記錄之第二階段
- 5. 網絡工程師TCNE階段綜合實驗二詳解
- 6. 實驗二.認證和屬性獲取階段-source.c
- 7. 實驗二 認證和屬性獲取階段-DA.c
- 8. Linux第一階段實驗展示
- 9. RIPv1和v2綜合實驗(CCNP階段)
- 10. 項目階段(二)
- 更多相關文章...
- • Scala 高階函數 - Scala教程
- • Hibernate整合EHCache實現二級緩存 - Hibernate教程
- • Java Agent入門實戰(二)-Instrumentation源碼概述
- • RxJava操作符(二)Transforming Observables
-
每一个你不满意的现在,都有一个你没有努力的曾经。