I have c++ code that read 16 byte from a file as char value
And I have a table of unsigned char from 0 to 255
I want to use byte values from file as a index in my unsigned char table to change the original file byte values but I get negative value from file and as you know you can't use negative value as a index in array
What should I do ?
Edit
const unsigned char TopSbox[256] = {
0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76,
0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0,
0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15,
0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75,
0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84,
0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b, 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf,
0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8,
0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2,
0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17, 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73,
0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb,
0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79,
0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9, 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08,
0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a,
0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e,
0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf,
0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
};
void RunFunction(){
ifstream reader;
ofstream writer;
reader.open(myfile_address, ifstream::binary);
writer.open(storage_file,ofstream::out);
unsigned int BufferSize =16;
char *Transform_Buffer = new char[BufferSize];
reader.read(Transform_Buffer, BufferSize);
ExchangeData(Transform_Buffer, BufferSize);
writer.write(Transform_Buffer, BufferSize);
writer.flush();
}
void EData::ExchangeData(char data[], const unsigned int size){
for (unsigned int i = 0; i<size; i++){
data[i] = TopSbox[data[i]];
}
}
Don't use operator new unless absolutely necessary.
Rather than
char *Transform_Buffer = new char[BufferSize];
you can define the buffer as a local array:
const unsigned int BufferSize = 16;
unsigned char Transform_Buffer[BufferSize];
For this to work, you should declare BufferSize as const. Notice also that I declared the elements of the buffer as unsigned char.
Then, this line
reader.read(Transform_Buffer, BufferSize);
can be replaced with
reader.read(reinterpret_cast<char*>(Transform_Buffer), BufferSize);
and similarly for writer.
Please also replace all char* in function declarations with unsigned char*, eg:
void EData::ExchangeData(unsigned char data[], const unsigned int size){
I guess everything should work as expected now.
Just have buffer of unsigned chars. Then pass it as char* to ifstream::read. Let's say char* works kind of like a generic pointer.
You may want to prefer to use standard containers.
std::vector<unsigned char> transform_buffer(buffer_size);
reader.read(static_cast<char*>(transform_buffer.data()), transform_buffer.size());
exchange_data(transform_buffer);
}
void exchange_data(std::vector<unsigned char>& transform_buffer) {
for (auto&& i : transform_buffer) {
i = TopSbox[i];
}
}
I am having problems with the last characters of the encrypted message that I am generating with the OpenSSL library and the AES 128 algorithm in CBC mode, these are the data I am using:
Message in Hex = "7b22494443223a2232363930393439376434222c22444553223a2256656e74616d656e7564656f222c22414d4f223a3530302c22444154223a313530383233303035383730362c22524546223a302c22434f4d223a312c22545950223a31392c2276223a7b224e414d223a2252616661656c56616c656e7a75656c614172656e6173222c22414343223a2235383732313233343536373836303132222c2242414e223a34303132372c22545943223a332c22444556223a22353532373139323132382f30227d7da"
Key128 in Hex = "dadf11e74d014a62d73ccadd9591442a"
Initialization Vector in Hex = "cab9da8940cd7dc9510c7249fe47c6e6"
This is the Code I'm using:
#include <string.h>
#include <stdio.h>
#include <stdlib.h>
#include <stdarg.h>
#include <unistd.h>
#include <math.h>
#include <assert.h>
#include <stdint.h>
#include <stdbool.h>
#include <sstream>
#include <iostream>
#include <algorithm>
#include <iomanip>
#include <locale>
#include <openssl/aes.h>
#include <openssl/des.h>
#include <openssl/sha.h>
#include <openssl/hmac.h>
using namespace std;
/* AES key for Encryption and Decryption */
const static unsigned char aes_key[16]={0xda, 0xdf, 0x11, 0xe7, 0x4d, 0x01, 0x4a, 0x62, 0xd7, 0x3c, 0xca, 0xdd, 0x95, 0x91, 0x44, 0x2a};
/* Print Encrypted and Decrypted data packets */
void print_data(const char *tittle, const void* data, int len)
{
printf("%s : ",tittle);
const unsigned char * p = (const unsigned char*)data;
int i = 0;
for (; i<len; ++i)
{
printf("%02X ", *p++);
}
printf("\n");
}
int main( )
{
/* Input data to encrypt */
unsigned char enc_out[235]={0x7b, 0x22, 0x49, 0x44, 0x43, 0x22, 0x3a, 0x22, 0x32, 0x36, 0x39, 0x30, 0x39, 0x34, 0x39, 0x37, 0x64, 0x34, 0x22, 0x2c, 0x22, 0x44, 0x45, 0x53, 0x22, 0x3a, 0x22, 0x56, 0x65, 0x6e, 0x74, 0x61, 0x6d, 0x65, 0x6e, 0x75, 0x64, 0x65, 0x6f, 0x22, 0x2c, 0x22, 0x41, 0x4d, 0x4f, 0x22, 0x3a, 0x35, 0x30, 0x30, 0x2c, 0x22, 0x44, 0x41, 0x54, 0x22, 0x3a, 0x31, 0x35, 0x30, 0x38, 0x32, 0x33, 0x30, 0x30, 0x35, 0x38, 0x37, 0x30, 0x36, 0x2c, 0x22, 0x52, 0x45, 0x46, 0x22, 0x3a, 0x30, 0x2c, 0x22, 0x43, 0x4f, 0x4d, 0x22, 0x3a, 0x31, 0x2c, 0x22, 0x54, 0x59, 0x50, 0x22, 0x3a, 0x31, 0x39, 0x2c, 0x22, 0x76, 0x22, 0x3a, 0x7b, 0x22, 0x4e, 0x41, 0x4d, 0x22, 0x3a, 0x22, 0x52, 0x61, 0x66, 0x61, 0x65, 0x6c, 0x56, 0x61, 0x6c, 0x65, 0x6e, 0x7a, 0x75, 0x65, 0x6c, 0x61, 0x41, 0x72, 0x65, 0x6e, 0x61, 0x73, 0x22, 0x2c, 0x22, 0x41, 0x43, 0x43, 0x22, 0x3a, 0x22, 0x35, 0x38, 0x37, 0x32, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x36, 0x30, 0x31, 0x32, 0x22, 0x2c, 0x22, 0x42, 0x41, 0x4e, 0x22, 0x3a, 0x34, 0x30, 0x31, 0x32, 0x37, 0x2c, 0x22, 0x54, 0x59, 0x43, 0x22, 0x3a, 0x33, 0x2c, 0x22, 0x44, 0x45, 0x56, 0x22, 0x3a, 0x22, 0x35, 0x35, 0x32, 0x37, 0x31, 0x39, 0x32, 0x31, 0x32, 0x38, 0x2f, 0x30, 0x22, 0x7d, 0x7d, 0xa};
/* Init vector */
unsigned char iv[16]={0xca, 0xb9, 0xda, 0x89, 0x40, 0xcd, 0x7d, 0xc9, 0x51, 0x0c, 0x72, 0x49, 0xfe, 0x47, 0xc6, 0xe6};
//memset(iv, 0x00, AES_BLOCK_SIZE);
/* Buffers for Encryption and Decryption */
unsigned char dec_out[400];
unsigned char aux_out[400];
memset(dec_out, 0, sizeof(dec_out));
memset(aux_out, 0, sizeof(aux_out));
/* AES-128 bit CBC Encryption */
AES_KEY enc_key, dec_key;
AES_set_encrypt_key(aes_key, sizeof(aes_key)*8, &enc_key);
AES_cbc_encrypt(enc_out, dec_out, sizeof(enc_out), &enc_key, iv, AES_ENCRYPT);
/* AES-128 bit CBC Decryption */
memset(iv, 0x00, AES_BLOCK_SIZE); // don't forget to set iv vector again, else you can't decrypt data properly
AES_set_decrypt_key(aes_key, sizeof(aes_key)*8, &dec_key); // Size of key is in bits
AES_cbc_encrypt(dec_out, aux_out, sizeof(enc_out), &dec_key, iv, AES_DECRYPT);
/* Printing and Verifying */
print_data("\n Original ",enc_out, sizeof(enc_out)); // you can not print data as a string, because after Encryption its not ASCII
print_data("\n Encrypted",dec_out, sizeof(enc_out));
print_data("\n Decrypted",aux_out, sizeof(dec_out));
return 0;
}
Apparently only the end of the chain is the one that is incorrect (the last 32 characters) the rest is fine, I have researched a bit and everything points to what is the type of padding of the text but according to what I read it is already paddated with PKCS5 (which is the padding I need in fact) so I can not see what the error is.
The Correct Encryption = EFC063DD33406D424D359809695D0B1E2D65027E803962C6A115DF7CCABEEB0C8C358830E556ED23943FA4F02E6461D235EF913CFCE5519F7CE2279DD07D3C4054D045827D5D7D9FE94DA3C5B718A24E79539B3FFC1E68E4C3FF441EEA176F61EE3D7B33B622E3069D95815F6407FBC79342BB972A2DDE4E50FDE9302BDE4409B7D2BD388AB6A043B9EF236D982937D8537F954564FF4134BD8A6EAB994FE4C29E9DC4E54D53A561A4688C45C90961EDB1763B6EF6C86B593C7E16FDF35C49CE16B1E6948BB1EAE6A8692326A019960B
The Output of the Program = EFC063DD33406D424D359809695D0B1E2D65027E803962C6A115DF7CCABEEB0C8C358830E556ED23943FA4F02E6461D235EF913CFCE5519F7CE2279DD07D3C4054D045827D5D7D9FE94DA3C5B718A24E79539B3FFC1E68E4C3FF441EEA176F61EE3D7B33B622E3069D95815F6407FBC79342BB972A2DDE4E50FDE9302BDE4409B7D2BD388AB6A043B9EF236D982937D8537F954564FF4134BD8A6EAB994FE4C29E9DC4E54D53A561A4688C45C90961EDB1763B6EF6C86B593C7E16FDF35C49CE608E3F73FC8E3DDF1D3BCF40B3DFACD00B732A9FCC10F6E0FB18E126A1C21A082D7A4F053F131A9329474D
I understand that the code has many improvements and I am not contemplating the desencryption, but at the moment I do not need it.
AES_cbc_encrypt is encrypting using the low level primitives. It does not perform any kind of padding. Here is a link to the underlying CBC source code that the AES CBC code directly calls: https://github.com/openssl/openssl/blob/master/crypto/modes/cbc128.c - no padding indicated at all.
The real question is why you would use ill-described, low level implementation functions rather than the EVP API that OpenSSL itself advocates. You may think that the lower level primitives are more performant, but this may not be the case if e.g. AES-NI is deployed; the calling overhead will be minimal compared to the cipher itself anyway.
The enc_out-array is dimensioned for 235 bytes, but is only initialized explicitly for 200 bytes, i.e. the remaining bytes are implicitly initialized with 0x00-values. This corresponds to a ciphertext with a length of 240 bytes (= 15 x 16 bytes). Therefore, the current code returns a ciphertext with a length of 240 bytes whose last three blocks are:
608E3F73FC8E3DDF1D3BCF40B3DFACD0 0B732A9FCC10F6E0FB18E126A1C21A08 2D7A4F053F131A9329474DE44DA772BC
This corresponds to an implicit padding with 0x00-values. The last 5 bytes are missing in the posted ciphertext, which is because the length of the plaintext (instead of the ciphertext) is used for the output.
Most likely only the first 200 bytes should be encrypted. This would correspond to a ciphertext with a length of 208 bytes (= 13 x 16 bytes), which is just the length of the expected ciphertext. For this, the size of the enc_out-array must be reduced from 235 to 200, or even better, the size should not be explicitly specified at all.
Then a two blocks shorter, but otherwise identical ciphertext is generated, which differs from the expected ciphertext only in the last block, which is now caused only by the missing PKCS7-padding.
I am using Crypto++ for the first time, and I am having some trouble. Why does this work in C# (with the same keys), but not with Crypto++? I will show my C# and C++ code below.
C# code (this works!):
byte[] Modulus = new byte[] { 0xA3, 0x1D, 0x6C, 0xE5, 0xFA, 0x95, 0xFD, 0xE8, 0x90, 0x21, 0xFA, 0xD1, 0x0C, 0x64, 0x19, 0x2B, 0x86, 0x58, 0x9B, 0x17, 0x2B, 0x10, 0x05, 0xB8, 0xD1, 0xF8, 0x4C, 0xEF, 0x53, 0x4C, 0xD5, 0x4E, 0x5C, 0xAE, 0x86, 0xEF, 0x92, 0x7B, 0x90, 0xD1, 0xE0, 0x62, 0xFD, 0x7C, 0x54, 0x55, 0x9E, 0xE0, 0xE7, 0xBE, 0xFA, 0x3F, 0x9E, 0x15, 0x6F, 0x6C, 0x38, 0x4E, 0xAF, 0x07, 0x0C, 0x61, 0xAB, 0x51, 0x5E, 0x23, 0x53, 0x14, 0x18, 0x88, 0xCB, 0x6F, 0xCB, 0xC5, 0xD6, 0x30, 0xF4, 0x06, 0xED, 0x24, 0x23, 0xEF, 0x25, 0x6D, 0x00, 0x91, 0x77, 0x24, 0x9B, 0xE5, 0xA3, 0xC0, 0x27, 0x90, 0xC2, 0x97, 0xF7, 0x74, 0x9D, 0x6F, 0x17, 0x83, 0x7E, 0xB5, 0x37, 0xDE, 0x51, 0xE8, 0xD7, 0x1C, 0xE1, 0x56, 0xD9, 0x56, 0xC8, 0xC3, 0xC3, 0x20, 0x9D, 0x64, 0xC3, 0x2F, 0x8C, 0x91, 0x92, 0x30, 0x6F, 0xDB };
byte[] Exponent = new byte[] { 0x00, 0x01, 0x00, 0x01 };
byte[] P = new byte[] { 0xCC, 0xE7, 0x5D, 0xFE, 0x72, 0xB6, 0xFD, 0xE7, 0x1D, 0xE3, 0x1A, 0x0E, 0xAC, 0x33, 0x7A, 0xB9, 0x21, 0xE8, 0x8A, 0x84, 0x9B, 0xDA, 0x9F, 0x1E, 0x58, 0x34, 0x68, 0x7A, 0xB1, 0x1D, 0x7E, 0x1C, 0x18, 0x52, 0x65, 0x7B, 0x97, 0x8E, 0xA7, 0x6A, 0x9D, 0xEE, 0x5A, 0x77, 0x52, 0x3B, 0x71, 0x8F, 0x33, 0xD0, 0x49, 0x5E, 0xC3, 0x30, 0x39, 0x72, 0x36, 0xBF, 0x1D, 0xD9, 0xF2, 0x24, 0xE8, 0x71 };
byte[] Q = new byte[] { 0xCB, 0xCA, 0x58, 0x74, 0xD4, 0x03, 0x62, 0x93, 0x06, 0x50, 0x1F, 0x42, 0xF6, 0xAA, 0x59, 0x36, 0xA7, 0xA1, 0xF3, 0x97, 0x5C, 0x9A, 0xC8, 0x6A, 0x27, 0xCF, 0x85, 0x05, 0x2A, 0x66, 0x41, 0x6A, 0x7F, 0x2F, 0x84, 0xC8, 0x18, 0x13, 0xC6, 0x1D, 0x8D, 0xC7, 0x32, 0x2F, 0x72, 0x19, 0x3F, 0xA4, 0xED, 0x71, 0xE7, 0x61, 0xC0, 0xCF, 0x61, 0xAE, 0x8B, 0xA0, 0x68, 0xA7, 0x7D, 0x83, 0x23, 0x0B };
byte[] DP = new byte[] { 0x4C, 0xCA, 0x74, 0xE6, 0x74, 0x35, 0x72, 0x48, 0x58, 0x62, 0x11, 0x14, 0xE8, 0xA2, 0x4E, 0x5E, 0xED, 0x7F, 0x49, 0xD2, 0x52, 0xDA, 0x87, 0x01, 0x87, 0x4A, 0xF4, 0xD0, 0xEE, 0x69, 0xC0, 0x26, 0x65, 0x53, 0x13, 0xE7, 0x52, 0xB0, 0x4A, 0xBB, 0xE1, 0x3E, 0x3F, 0xB7, 0x32, 0x21, 0x46, 0xF8, 0xC5, 0x11, 0x4D, 0x3D, 0xEF, 0x66, 0xB6, 0x50, 0xC0, 0x85, 0xB5, 0x79, 0x45, 0x8F, 0x61, 0x71 };
byte[] InverseQ = new byte[] { 0x28, 0x6A, 0xBB, 0xD1, 0x93, 0x95, 0x94, 0x1A, 0x6E, 0xED, 0xD7, 0x0E, 0xC0, 0x61, 0x2B, 0xC2, 0xEF, 0xE1, 0x86, 0x3D, 0x34, 0x12, 0x88, 0x6F, 0x94, 0xA4, 0x48, 0x6E, 0xC9, 0x87, 0x1E, 0x46, 0x00, 0x46, 0x00, 0x52, 0x8E, 0x9F, 0x47, 0xC0, 0x8C, 0xAB, 0xBC, 0x49, 0xAC, 0x5B, 0x13, 0xF2, 0xEC, 0x27, 0x8D, 0x1B, 0x6E, 0x51, 0x06, 0xA6, 0xF1, 0x62, 0x1A, 0xEB, 0x78, 0x2E, 0x88, 0x48 };
byte[] D = new byte[] { 0x9B, 0xF9, 0xDE, 0xC2, 0x45, 0x93, 0x4C, 0x4C, 0xAC, 0x48, 0x2B, 0xA8, 0x4D, 0xFC, 0xD7, 0xED, 0xB2, 0xFB, 0x72, 0xE9, 0xEA, 0xC1, 0x88, 0x39, 0x07, 0x2A, 0x6F, 0x34, 0x07, 0x81, 0x97, 0x7E, 0xCD, 0xFA, 0x21, 0x02, 0xF5, 0xDD, 0x30, 0xDD, 0x22, 0x4A, 0xB3, 0x41, 0xE5, 0x89, 0x80, 0x73, 0xC4, 0xAF, 0x90, 0x9E, 0x2B, 0x50, 0x8A, 0x0A, 0xD4, 0x6E, 0xBD, 0x0F, 0x15, 0x79, 0x37, 0x95, 0xE8, 0x3D, 0xCF, 0x4C, 0x6D, 0xFF, 0x51, 0x65, 0xE7, 0x90, 0xC1, 0xAC, 0x2D, 0xC6, 0xEB, 0x47, 0x19, 0x2D, 0xD0, 0x58, 0x74, 0x79, 0xAC, 0x08, 0x1C, 0xA3, 0x1D, 0xD0, 0xCE, 0x39, 0x2E, 0xC3, 0xFA, 0x66, 0xEF, 0xC7, 0x8E, 0x10, 0x2F, 0xE4, 0xA1, 0xE7, 0x4E, 0xA8, 0x42, 0xF0, 0xF4, 0xFD, 0x10, 0xA6, 0x67, 0x64, 0xCB, 0x3A, 0x6D, 0x4D, 0x51, 0xEC, 0x1F, 0x9D, 0x56, 0x26, 0xC2, 0xFC };
byte[] DQ = new byte[] { 0xAF, 0xDC, 0x46, 0xE7, 0x52, 0x8A, 0x35, 0x47, 0xA1, 0x1C, 0x05, 0x4E, 0x39, 0x24, 0x99, 0xE6, 0x43, 0x54, 0xCB, 0xAB, 0xE3, 0xDB, 0x22, 0x76, 0x11, 0x32, 0xD0, 0x9C, 0xBB, 0x91, 0x10, 0x84, 0x81, 0x8B, 0x15, 0x2F, 0xC3, 0x2F, 0x55, 0x38, 0xED, 0xBF, 0x67, 0x3C, 0x70, 0x5E, 0xFF, 0x80, 0x28, 0xF3, 0xB1, 0x73, 0xB6, 0xFA, 0x7F, 0x56, 0x2B, 0xE1, 0xDA, 0x4E, 0x27, 0x4E, 0xC2, 0x2F };
RSAParameters rsaParams = new RSAParameters();
rsaParams.Modulus = Modulus;
rsaParams.Exponent = Exponent;
rsaParams.P = P;
rsaParams.Q = Q;
rsaParams.DP = DP;
rsaParams.InverseQ = InverseQ;
rsaParams.D = D;
rsaParams.DQ = DQ;
RSACryptoServiceProvider crypt = new RSACryptoServiceProvider();
crypt.ImportParameters(rsaParams);
RSAPKCS1SignatureFormatter formatter = new RSAPKCS1SignatureFormatter();
formatter.SetHashAlgorithm("SHA1");
formatter.SetKey(crypt);
byte[] dataFile = new byte[] { 0x6F, 0x9F, 0x07, 0x04, 0xE2, 0x1A, 0xF7, 0xB8, 0xB2, 0x4F, 0x8D, 0x66, 0x49, 0xA1, 0x09, 0xA7, 0xB2, 0x22, 0x3C, 0xF9};
byte[] signature = formatter.CreateSignature(dataFile);
Now, my C++ code, which doesn't work:
const char ModulusCON[0x80] = { 0xA3, 0x1D, 0x6C, 0xE5, 0xFA, 0x95, 0xFD, 0xE8, 0x90, 0x21, 0xFA, 0xD1, 0x0C, 0x64, 0x19, 0x2B, 0x86, 0x58, 0x9B, 0x17, 0x2B, 0x10, 0x05, 0xB8, 0xD1, 0xF8, 0x4C, 0xEF, 0x53, 0x4C, 0xD5, 0x4E, 0x5C, 0xAE, 0x86, 0xEF, 0x92, 0x7B, 0x90, 0xD1, 0xE0, 0x62, 0xFD, 0x7C, 0x54, 0x55, 0x9E, 0xE0, 0xE7, 0xBE, 0xFA, 0x3F, 0x9E, 0x15, 0x6F, 0x6C, 0x38, 0x4E, 0xAF, 0x07, 0x0C, 0x61, 0xAB, 0x51, 0x5E, 0x23, 0x53, 0x14, 0x18, 0x88, 0xCB, 0x6F, 0xCB, 0xC5, 0xD6, 0x30, 0xF4, 0x06, 0xED, 0x24, 0x23, 0xEF, 0x25, 0x6D, 0x00, 0x91, 0x77, 0x24, 0x9B, 0xE5, 0xA3, 0xC0, 0x27, 0x90, 0xC2, 0x97, 0xF7, 0x74, 0x9D, 0x6F, 0x17, 0x83, 0x7E, 0xB5, 0x37, 0xDE, 0x51, 0xE8, 0xD7, 0x1C, 0xE1, 0x56, 0xD9, 0x56, 0xC8, 0xC3, 0xC3, 0x20, 0x9D, 0x64, 0xC3, 0x2F, 0x8C, 0x91, 0x92, 0x30, 0x6F, 0xDB };
const char ExponentCON[0x4] = { 0x00, 0x01, 0x00, 0x01 };
const char PCON[0x40] = { 0xCC, 0xE7, 0x5D, 0xFE, 0x72, 0xB6, 0xFD, 0xE7, 0x1D, 0xE3, 0x1A, 0x0E, 0xAC, 0x33, 0x7A, 0xB9, 0x21, 0xE8, 0x8A, 0x84, 0x9B, 0xDA, 0x9F, 0x1E, 0x58, 0x34, 0x68, 0x7A, 0xB1, 0x1D, 0x7E, 0x1C, 0x18, 0x52, 0x65, 0x7B, 0x97, 0x8E, 0xA7, 0x6A, 0x9D, 0xEE, 0x5A, 0x77, 0x52, 0x3B, 0x71, 0x8F, 0x33, 0xD0, 0x49, 0x5E, 0xC3, 0x30, 0x39, 0x72, 0x36, 0xBF, 0x1D, 0xD9, 0xF2, 0x24, 0xE8, 0x71 };
const char QCON[0x40] = { 0xCB, 0xCA, 0x58, 0x74, 0xD4, 0x03, 0x62, 0x93, 0x06, 0x50, 0x1F, 0x42, 0xF6, 0xAA, 0x59, 0x36, 0xA7, 0xA1, 0xF3, 0x97, 0x5C, 0x9A, 0xC8, 0x6A, 0x27, 0xCF, 0x85, 0x05, 0x2A, 0x66, 0x41, 0x6A, 0x7F, 0x2F, 0x84, 0xC8, 0x18, 0x13, 0xC6, 0x1D, 0x8D, 0xC7, 0x32, 0x2F, 0x72, 0x19, 0x3F, 0xA4, 0xED, 0x71, 0xE7, 0x61, 0xC0, 0xCF, 0x61, 0xAE, 0x8B, 0xA0, 0x68, 0xA7, 0x7D, 0x83, 0x23, 0x0B };
const char DPCON[0x40] = { 0x4C, 0xCA, 0x74, 0xE6, 0x74, 0x35, 0x72, 0x48, 0x58, 0x62, 0x11, 0x14, 0xE8, 0xA2, 0x4E, 0x5E, 0xED, 0x7F, 0x49, 0xD2, 0x52, 0xDA, 0x87, 0x01, 0x87, 0x4A, 0xF4, 0xD0, 0xEE, 0x69, 0xC0, 0x26, 0x65, 0x53, 0x13, 0xE7, 0x52, 0xB0, 0x4A, 0xBB, 0xE1, 0x3E, 0x3F, 0xB7, 0x32, 0x21, 0x46, 0xF8, 0xC5, 0x11, 0x4D, 0x3D, 0xEF, 0x66, 0xB6, 0x50, 0xC0, 0x85, 0xB5, 0x79, 0x45, 0x8F, 0x61, 0x71 };
const char InverseQCON[0x40] = { 0x28, 0x6A, 0xBB, 0xD1, 0x93, 0x95, 0x94, 0x1A, 0x6E, 0xED, 0xD7, 0x0E, 0xC0, 0x61, 0x2B, 0xC2, 0xEF, 0xE1, 0x86, 0x3D, 0x34, 0x12, 0x88, 0x6F, 0x94, 0xA4, 0x48, 0x6E, 0xC9, 0x87, 0x1E, 0x46, 0x00, 0x46, 0x00, 0x52, 0x8E, 0x9F, 0x47, 0xC0, 0x8C, 0xAB, 0xBC, 0x49, 0xAC, 0x5B, 0x13, 0xF2, 0xEC, 0x27, 0x8D, 0x1B, 0x6E, 0x51, 0x06, 0xA6, 0xF1, 0x62, 0x1A, 0xEB, 0x78, 0x2E, 0x88, 0x48 };
const char DCON[0x80] = { 0x9B, 0xF9, 0xDE, 0xC2, 0x45, 0x93, 0x4C, 0x4C, 0xAC, 0x48, 0x2B, 0xA8, 0x4D, 0xFC, 0xD7, 0xED, 0xB2, 0xFB, 0x72, 0xE9, 0xEA, 0xC1, 0x88, 0x39, 0x07, 0x2A, 0x6F, 0x34, 0x07, 0x81, 0x97, 0x7E, 0xCD, 0xFA, 0x21, 0x02, 0xF5, 0xDD, 0x30, 0xDD, 0x22, 0x4A, 0xB3, 0x41, 0xE5, 0x89, 0x80, 0x73, 0xC4, 0xAF, 0x90, 0x9E, 0x2B, 0x50, 0x8A, 0x0A, 0xD4, 0x6E, 0xBD, 0x0F, 0x15, 0x79, 0x37, 0x95, 0xE8, 0x3D, 0xCF, 0x4C, 0x6D, 0xFF, 0x51, 0x65, 0xE7, 0x90, 0xC1, 0xAC, 0x2D, 0xC6, 0xEB, 0x47, 0x19, 0x2D, 0xD0, 0x58, 0x74, 0x79, 0xAC, 0x08, 0x1C, 0xA3, 0x1D, 0xD0, 0xCE, 0x39, 0x2E, 0xC3, 0xFA, 0x66, 0xEF, 0xC7, 0x8E, 0x10, 0x2F, 0xE4, 0xA1, 0xE7, 0x4E, 0xA8, 0x42, 0xF0, 0xF4, 0xFD, 0x10, 0xA6, 0x67, 0x64, 0xCB, 0x3A, 0x6D, 0x4D, 0x51, 0xEC, 0x1F, 0x9D, 0x56, 0x26, 0xC2, 0xFC };
const char DQCON[0x40] = { 0xAF, 0xDC, 0x46, 0xE7, 0x52, 0x8A, 0x35, 0x47, 0xA1, 0x1C, 0x05, 0x4E, 0x39, 0x24, 0x99, 0xE6, 0x43, 0x54, 0xCB, 0xAB, 0xE3, 0xDB, 0x22, 0x76, 0x11, 0x32, 0xD0, 0x9C, 0xBB, 0x91, 0x10, 0x84, 0x81, 0x8B, 0x15, 0x2F, 0xC3, 0x2F, 0x55, 0x38, 0xED, 0xBF, 0x67, 0x3C, 0x70, 0x5E, 0xFF, 0x80, 0x28, 0xF3, 0xB1, 0x73, 0xB6, 0xFA, 0x7F, 0x56, 0x2B, 0xE1, 0xDA, 0x4E, 0x27, 0x4E, 0xC2, 0x2F };
// set the params
CryptoPP::AutoSeededRandomPool rng;
InvertibleRSAFunction params;
Integer integ(ModulusCON);
params.SetModulus(integ);
Integer integ1(ExponentCON);
params.SetPublicExponent(integ1);
Integer integ2(PCON);
params.SetPrime1(integ2);
Integer integ3(QCON);
params.SetPrime2(integ3);
Integer integ4(DPCON);
params.SetModPrime1PrivateExponent(integ4);
Integer integ5(InverseQCON);
params.SetMultiplicativeInverseOfPrime2ModPrime1(integ5);
Integer integ6(DCON);
params.SetPrivateExponent(integ6);
Integer integ7(DQCON);
params.SetModPrime2PrivateExponent(integ7);
// create the keys
RSA::PrivateKey privateKey(params);
RSA::PublicKey publicKey(params);
CryptoPP::RSASSA_PKCS1v15_SHA_Signer signer(privateKey);
unsigned char data[20] = { 0x6F, 0x9F, 0x07, 0x04, 0xE2, 0x1A, 0xF7, 0xB8, 0xB2, 0x4F, 0x8D, 0x66, 0x49, 0xA1, 0x09, 0xA7, 0xB2, 0x22, 0x3C, 0xF9 };
BYTE *signature = new BYTE[0x80];
signer.SignMessage(rng, data, 20, signature);
Based on what I know, Crypto++'s 'RSASSA_PKCS1v15_SHA_Signer' is what I want equivalent to C#'s 'RSAPKCS1SignatureFormatter' and setting the hash algorithm to SHA1.
The error it throws is:
Unhandled exception at at 0x7646B9BC in proj.exe: Microsoft C++ exception: > CryptoPP::PK_SignatureScheme::KeyTooShort at memory location 0x0040EF18.
Thanks for any help, Hetelek.
I can't answer as to why this works in C#, but as for Crypto++, there are a couple of issues.
Firstly, you're probably invoking the wrong constructor of Integer. I guess you want this one which converts from big-endian byte array:
Integer (const byte *encodedInteger, size_t byteCount, Signedness s=UNSIGNED)
but are using this one which convert from a string in base 2, 8, 10, or 16 (in your case base 10).
So, using ExponentCON as an example, you should do:
const int ExponentSize(0x4);
const byte ExponentCON[ExponentSize] = { 0x00, 0x01, 0x00, 0x01 };
Integer integ1(ExponentCON, ExponentSize);
or possibly better still:
std::string ExponentCON("101h"); // <-- Note trailing 'h' indicating hex encoding
Integer integ1(ExponentCON.c_str());
Next, the members of InvertibleRSAFunction must satisfy certain conditions in order to qualify as a valid key. These can be seen by stepping through the InvertibleRSAFunction::Validate function and I assume check for the conditions described here.
params.Validate(rng, 3); // Returns false for your input data
There are some helper functions which are designed to avoid having to set everything explicitly as you're doing. I don't know if these are suitable for you, but I'm referring to InvertibleRSAFunction::GenerateRandomWithKeySize and the overloaded InvertibleRSAFunction::Initialize.
The Crypto++ Wiki describes the use of these functions with example code.
TLDR: your private exponent, d, is wrong in your sample program. You have other, more obvious problems, too. But d is causing the mathematical problems.
And it begs the question, how did that work in C#? The math does not change across computer languages and runtimes.
The first problem is the declarations using chars:
...
const char ExponentCON[0x4] = { 0x00, 0x01, 0x00, 0x01 };
...
This causes you to use the constructors for ASCII strings, which is the wrong Integer constructor. It results in at least two issues:
// Added for testing
if (integ != integ2 * integ3)
{
cerr << "error: n != p*q" << endl;
}
// Added for testing
params.ThrowIfInvalid(prng, 3);
When running the program, ThrowIfInvalid validates the parameters and its the source of CryptoMaterial: ...:
error: n != p*q
CryptoMaterial: this object contains invalid values
The const char need to be changed to const byte. Then:
Integer integ(ModulusCON, sizeof(ModulusCON));
params.SetModulus(integ);
Integer integ1(ExponentCON, sizeof(ExponentCON));
params.SetPublicExponent(integ1);
Integer integ2(PCON, sizeof(PCON));
params.SetPrime1(integ2);
Integer integ3(QCON, sizeof(QCON));
params.SetPrime2(integ3);
...
With that change in place, this error message from above disappears: error: n != p*q. But the CryptoMaterial: this object contains invalid values remains.
The second problem appears to be some of your private key parameters are not correct. You can see what tests InvertibleRSAFunction::Validate is performing by looking at the source code in rsa.cpp near line 250.
You can partially side step it by using Initialize that takes {n,e,d}, and let Initialize factor and solve:
Integer n(ModulusCON, sizeof(ModulusCON));
Integer e(ExponentCON, sizeof(ExponentCON));
Integer d(DCON, sizeof(DCON));
params.Initialize(n,e,d);
params.ThrowIfInvalid(prng, 3);
However, that results in:
InvertibleRSAFunction: input is not a valid RSA private key
Next, check p and q. #include <nbtheory.h>, and then:
Integer p(PCON, sizeof(PCON));
Integer q(QCON, sizeof(QCON));
cout << "P is prime: " << (VerifyPrime(prng, p, 10) ? "yes" : "no") << endl;
cout << "Q is prime: " << (VerifyPrime(prng, q, 10) ? "yes" : "no") << endl;
It results in:
$ ./test.exe
P is prime: yes
Q is prime: yes
At this point, it appears the problem is with one of the exponents.
Next, assume e is relatively prime to phi, #include <modarith.h>, and then:
Integer n(ModulusCON, sizeof(ModulusCON));
Integer p(PCON, sizeof(PCON));
Integer q(QCON, sizeof(QCON));
Integer e(ExponentCON, sizeof(ExponentCON));
Integer phi = (p-1)*(q-1);
ModularArithmetic ma(phi);
Integer d = ma.MultiplicativeInverse(e);
params.Initialize(n,e,d);
params.ThrowIfInvalid(prng, 3);
cout << "Validated parameters" << endl;
It results in:
$ ./test.exe
Validated parameters
So, the problem is with your d exponent. It is easy enough to print with cout << std::hex << d << endl:
$ ./test.exe
Validated parameters
174bcc91cc08400b470a9357e7fd23db2384e4219af4dedc56a0afdc3e796abd965f16c680954549
b4526f01a2c9d7b727620f3ba6c848f19bd9210650ae62593249d7a4e0522ad48aea559d4f6a1f3f
6ae9953bed7c947e273d455a4982523dd90640b0a25572ae8c5e064e39807ddf778af96afd492999
acc40919a4d4f601h
As you can see, the first octet of the calculated d is 0x17, but the first octet of the d you provided is 0x9B.
Also, you might want to do something like the following:
unsigned char data[20] = { 0x6F, 0x9F, 0x07, 0x04, 0xE2, 0x1A, 0xF7, 0xB8, 0xB2, 0x4F,
0x8D, 0x66, 0x49, 0xA1, 0x09, 0xA7, 0xB2, 0x22, 0x3C, 0xF9 };
const size_t req = signer.MaxSignatureLength(sizeof(data));
byte signature[req];
const size_t used = signer.SignMessage(prng, data, 20, signature);
// Trim 'signature' to 'used'