//file system
#include<stdio.h>
#include<stdlib.h>
#include<string.h>
//openssl
#include<openssl/evp.h>
#include<openssl/sha.h>
#include<openssl/rsa.h>
#include<openssl/aes.h>
#include<openssl/hmac.h>
#include<openssl/pem.h>
#include<openssl/err.h>
//socket
#include<netinet/in.h> // sockaddr_in
#include<sys/types.h> // socket
#include<sys/socket.h> // socket
#include<stdio.h> // printf
#include<stdlib.h> // exit
#include<string.h> // bzero
//time
#include<time.h>
#include <stdio.h>
#include <sys/time.h>
//file path
#define PUBEK "ek_pub.key"
#define PRIEK "ek.key"
#define PUBDA "DA_pub.key"
#define PRIDA "DA.key"
//socket parameter
#define SERVER_PORT 8000
#define LENGTH_OF_LISTEN_QUEUE 20
#define BUFFER_SIZE 1024
//unsigned char dupSensitive1[100]={0};
char* my_encrypt(char *str,char *path_key);//加密
char* my_decrypt(char *str,char *path_key);//解密
char* sign( )
{
EVP_MD_CTX mdctx;
EVP_PKEY *evpkey=NULL,*evpkey1=NULL;
char *signValue;
unsigned int signLen;
char *text="NO20171228";
int textLen=16;
//char *signID=NULL;
RSA *pri,*pub;
FILE *file;
if((file=fopen(PRIEK,"r"))==NULL){
perror("source TPM: open key file error");
return;
}
// printf("1\n");
//if((p_rsa=PEM_read_RSA_PUBKEY(file,NULL,NULL,NULL))==NULL){
if((pri=PEM_read_RSAPrivateKey(file,NULL,NULL,NULL))==NULL){
ERR_print_errors_fp(stdout);
return;
}
// printf("2\n");
evpkey=EVP_PKEY_new();
if(NULL==evpkey){
printf("EVP_KEY_new failed!\n");
return;
}
EVP_PKEY_assign_RSA(evpkey,pri);
//printf("3\n");
//以下是计算签名的代码
EVP_MD_CTX_init(&mdctx); //初始化摘要上下文
if(!EVP_SignInit_ex(&mdctx,EVP_md5(),NULL)) //签名初始化,设置摘要算法
{
printf("initerr\n");
return;
}
//printf("4\n");
if(!EVP_SignUpdate(&mdctx,text,textLen)) //计算签名(摘要)Update
{
printf("signupfate err\n");
return;
}
//printf("5\n");
if(!EVP_SignFinal(&mdctx,signValue,&signLen,evpkey)) //签名输出
{
printf("signfinal err\n");
return;
}
// printf("6\n");
//printf("消息%s的签名值是:\n",text);
//printf("---------------------------\n");
//printf("%s",signValue);
//printf("\n");
// return signValue;
// EVP_PKEY_free(evpkey);
EVP_MD_CTX_cleanup(&mdctx);
// return;
ERR_load_EVP_strings();
EVP_MD_CTX mdctx1; //摘要算法上下文变量
EVP_MD_CTX_init(&mdctx1); //初始化摘要上下文
FILE *file1;
int flen1;
if((file1=fopen(PUBEK,"r"))==NULL){
perror("source TPM: open key file error");
return;
}
if((pub=PEM_read_RSA_PUBKEY(file1,NULL,NULL,NULL))==NULL){
//if((pub=PEM_read_RSAPublicKey(file1,NULL,NULL,NULL))==NULL){
ERR_print_errors_fp(stdout);
return;
}
evpkey1=EVP_PKEY_new();
if(NULL==evpkey1){
printf("EVP_KEY_new failed!\n");
return;
}
EVP_PKEY_assign_RSA(evpkey1,pub);
if(!EVP_VerifyInit_ex(&mdctx1, EVP_md5(), NULL)) //验证初始化,设置摘要算法,一定要和签名一致
{
printf("EVP_VerifyInit_ex err\n");
return;
}
if(!EVP_VerifyUpdate(&mdctx1, text, textLen)) //验证签名(摘要)Update
{
printf("err\n");
return;
}
//printf("%s\n",text);
if(EVP_VerifyFinal(&mdctx1,signValue,signLen,evpkey1)==0)
{
// printf("verify err\n");
//printf("签名值是:\n");
// printf("%s\n",signValue);
//printf("end\n");
EVP_MD_CTX_cleanup(&mdctx1);
return;
}
else
{
// printf("验证签名正确.\n");
}
//释放内存
EVP_PKEY_free(evpkey1);
EVP_MD_CTX_cleanup(&mdctx1);
return signValue;
}
void aes_box_encrypt(unsigned char* source_string, unsigned char* des_string)
{
int iLoop = 0;
int iLen =0;
AES_KEY aes;
unsigned char key[AES_BLOCK_SIZE];
unsigned char iv[AES_BLOCK_SIZE];
if(NULL == source_string || NULL == des_string)
{
printf("NULL\n");
return;
}
//Generate own AES Key
for(iLoop = 0; iLoop < 16; iLoop++)
{
key[iLoop] = 32 + iLoop;
}
// Set encryption key
for (iLoop=0; iLoop<AES_BLOCK_SIZE; iLoop++)
{
iv[iLoop] = 0;
}
if (AES_set_encrypt_key(key, 128, &aes) < 0)
{
return ;
}
iLen = strlen(source_string) + 1;
AES_cbc_encrypt(source_string, des_string, iLen, &aes, iv, AES_ENCRYPT);
}
void aes_box_decrypt(unsigned char* source_string, unsigned char* des_string)
{
int iLoop = 0;
int iLen =0;
AES_KEY aes;
unsigned char key[AES_BLOCK_SIZE];
unsigned char iv[AES_BLOCK_SIZE];
if(NULL == source_string || NULL == des_string)
{
printf("NULL\n");
return;
}
//Generate own AES Key
for(iLoop = 0; iLoop < 16; iLoop++)
{
key[iLoop] = 32 + iLoop;
}
// Set encryption key
for (iLoop=0; iLoop<AES_BLOCK_SIZE; iLoop++)
{
iv[iLoop] = 0;
}
if(AES_set_decrypt_key(key, 128, &aes) < 0)
{
return ;
}
iLen = strlen(source_string)+1;
AES_cbc_encrypt(source_string, des_string, iLen, &aes, iv, AES_DECRYPT);
}
char *my_encrypt(char *str,char *path_key){
char *p_en;
RSA *p_rsa;
FILE *file;
int flen,rsa_len;
if((file=fopen(path_key,"r"))==NULL){
perror("source TPM: open key file error");
return NULL;
}
if((p_rsa=PEM_read_RSA_PUBKEY(file,NULL,NULL,NULL))==NULL){
//if((p_rsa=PEM_read_RSAPublicKey(file,NULL,NULL,NULL))==NULL){ // 换成这句死活通不过,无论是否将公钥分离源文件
ERR_print_errors_fp(stdout);
return NULL;
}
flen=strlen(str);
rsa_len=RSA_size(p_rsa);
p_en=(unsigned char *)malloc(rsa_len+1);
memset(p_en,0,rsa_len+1);
if(RSA_public_encrypt(rsa_len,(unsigned char *)str,(unsigned char*)p_en,p_rsa,RSA_NO_PADDING)<0){
return NULL;
}
RSA_free(p_rsa);
fclose(file);
//printf("p_en is %s\n",p_en);
return p_en;
}
char *my_decrypt(char *str,char *path_key){
char *p_de;
RSA *p_rsa;
FILE *file;
int rsa_len;
if((file=fopen(path_key,"r"))==NULL){
perror("source TPM: open key file error");
return NULL;
}
if((p_rsa=PEM_read_RSAPrivateKey(file,NULL,NULL,NULL))==NULL){
ERR_print_errors_fp(stdout);
return NULL;
}
rsa_len=RSA_size(p_rsa);
p_de=(unsigned char *)malloc(rsa_len+1);
memset(p_de,0,rsa_len+1);
if(RSA_private_decrypt(rsa_len,(unsigned char *)str,(unsigned char*)p_de,p_rsa,RSA_NO_PADDING)<0){
return NULL;
}
RSA_free(p_rsa);
fclose(file);
return p_de;
}
void my_innerwrap( unsigned char* encryptionKeyin,unsigned char* source_string,unsigned char* des_string)
{
unsigned char* innerHash,*temp={0};
int iLoop = 0;
int iLen =0;
AES_KEY aes;
unsigned char key[AES_BLOCK_SIZE],privatekey[]="songmin";
unsigned char iv[AES_BLOCK_SIZE];
printf("source TPM:innerwrap start....\n");
if(NULL == source_string || NULL == des_string)
{
printf("NULL\n");
return;
}
printf("source TPM:innerwrap hash to get innerIntegrity....\n");
SHA1(source_string, strlen(source_string), innerHash);
//printf("after hash is:%s\n",innerHash);
printf("source TPM:innerwrap encrypt to get encSensitive....\n");
// temp=strcat(innerHash,source_string);
//printf("afetr strcat is:%s\n",innerHash);
//printf("1111....\n");
//Generate own AES Key
for(iLoop = 0; iLoop < 16; iLoop++)
{
key[iLoop] = 32 + iLoop;
}
// Set encryption key
for (iLoop=0; iLoop<AES_BLOCK_SIZE; iLoop++)
{
iv[iLoop] = 0;
}
//printf("222....\n");
if (AES_set_encrypt_key(key, 128, &aes) < 0)
{
return ;
}
//printf("333....\n");
iLen = strlen(privatekey)+1;
//printf("444...\n");
AES_cbc_encrypt(privatekey, des_string, iLen, &aes, iv, AES_ENCRYPT);
//printf("555....\n");
return ;
}
unsigned char* my_outerwarp(unsigned char* source_string)
{
int i=0;
unsigned char* hmackey="123ecc";
unsigned char* algo,*outerHMAC;
unsigned int outerHMAClen;
HMAC_CTX ctx;
printf("source TPM:hmac dupSensitive to get outerHMAC....\n");
//进行HMAC
outerHMAC=(unsigned char*)malloc(EVP_MAX_MD_SIZE);
//printf("dupSensitive1 is:%s\n",dupSensitive1);
//printf("666....\n");
HMAC_CTX_init(&ctx);
//printf("dupSensitive1 is:%s\n",dupSensitive1);
//printf("777....\n");
HMAC_Init_ex(&ctx,hmackey,strlen(hmackey),EVP_sha1(),NULL);
//printf("dupSensitive1 is:%s\n",dupSensitive1);
//printf("888....\n");
HMAC_Update(&ctx,source_string,strlen(source_string));
//printf("dupSensitive1 is:%s\n",dupSensitive1);
//printf("dupSensitive is:%s\n",dupSensitive);
//printf("999....\n");
HMAC_Final(&ctx,outerHMAC,&outerHMAClen);
//printf("101010....\n");
HMAC_CTX_cleanup(&ctx);
//printf("111111....\n");
//printf("dupSensitive is:%s\n",source_string);
//printf("outerHMAC IS :%s\n",outerHMAC);
//printf("outerHMAC is:");
//for(i=0;i<outerHMAClen;i++)
//{
// printf("%03x",(unsigned int)outerHMAC[i]);
// }
//printf("\n");
//printf(".............source TPM:outerwarp finished........\n");
return outerHMAC;
}
int my_server1(int cases,char *sysencseed,char *encryKeyout,char *dups,char *outerHMAC)
{
// 声明并初始化一个服务器端的socket地址结构
struct sockaddr_in server_addr;
bzero(&server_addr, sizeof(server_addr));
server_addr.sin_family = AF_INET;
server_addr.sin_addr.s_addr = htons(INADDR_ANY);
server_addr.sin_port = htons(SERVER_PORT);
// 创建socket,若成功,返回socket描述符
int server_socket_fd = socket(PF_INET, SOCK_STREAM, 0);
if(server_socket_fd < 0)
{
perror("Create Socket Failed:");
exit(1);
}
int opt = 1;
setsockopt(server_socket_fd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt));
// 绑定socket和socket地址结构
if(-1 == (bind(server_socket_fd, (struct sockaddr*)&server_addr, sizeof(server_addr))))
{
perror("Server Bind Failed:");
exit(1);
}
// socket监听
if(-1 == (listen(server_socket_fd, LENGTH_OF_LISTEN_QUEUE)))
{
perror("Server Listen Failed:");
exit(1);
}
printf("source TPM:waiting for client connect...........\n");
// 定义客户端的socket
struct sockaddr_in client_addr;
socklen_t client_addr_length = sizeof(client_addr);
// 接受连接请求,返回一个新的socket(描述符),这个新socket用于同连接的客户端>通信
// accept函数会把连接到的客户端信息写到client_addr中
int new_server_socket_fd = accept(server_socket_fd, (struct sockaddr*)&client_addr, &client_addr_length);
if(new_server_socket_fd < 0)
{
perror("Server Accept Failed:");
// break;
return -1;
}
else
{
printf("source TPM: client connect success!\n");
}
FILE *fp ;
if(cases==0)
{
char buffer0[BUFFER_SIZE],dstStringTemp[17]={0};
int RA=1,Ntpm=1;
char *Nda0="2";
//send seed
printf("-------------source TPM:init stage start--------------\n");
bzero(buffer0, BUFFER_SIZE);
strncpy( buffer0, sysencseed,strlen(sysencseed)>BUFFER_SIZE?BUFFER_SIZE:strlen(sysencseed));
send(new_server_socket_fd, sysencseed, BUFFER_SIZE, 0);
send(new_server_socket_fd, dups, BUFFER_SIZE, 0);
printf("source TPM:recieve data from DA.....\n");
recv(new_server_socket_fd, buffer0, BUFFER_SIZE, 0);
printf("source TPM:using ks decrypt to get RA,Ntpm,Nda0...\n");
aes_box_decrypt(buffer0,dstStringTemp);
//printf("source TPM:after decrypt is :%s\n",dstStringTemp);
printf("source TPM:Verify Ntpm.....\n");
printf("source TPM:Verify success,send data to DA...\n");
bzero(buffer0, BUFFER_SIZE);
aes_box_encrypt(Nda0,buffer0);
send(new_server_socket_fd, buffer0, BUFFER_SIZE, 0);
printf("-------------source TPM:init stage end--------------\n");
}
/* if(cases==2)
{
// recv函数接收数据到缓冲区buffer中
char buffer2[BUFFER_SIZE];
bzero(buffer2, BUFFER_SIZE);
if(recv(new_server_socket_fd, buffer2, BUFFER_SIZE, 0) < 0)
{
perror("Server Recieve Data Failed:");
//break;
return -1;
}
// 然后从buffer(缓冲区)拷贝到file_name中
char file_name[FILE_NAME_MAX_SIZE+1];
bzero(file_name, FILE_NAME_MAX_SIZE+1);
strncpy(file_name, buffer2, strlen(buffer2)>FILE_NAME_MAX_SIZE?FILE_NAME_MAX_SIZE:strlen(buffer2));
//printf("%s\n", file_name);
// 打开文件并读取文件数据
fp = fopen(file_name, "r");
if(NULL == fp)
{
printf("File:%s Not Found\n", file_name);
}
else
{
bzero(buffer2, BUFFER_SIZE);
int length = 0;
// 每读取一段数据,便将其发送给客户端,循环直到文件读完为止
while((length = fread(buffer2, sizeof(char), BUFFER_SIZE, fp)) > 0)
{
if(send(new_server_socket_fd, buffer2, length, 0) < 0)
{
end(new_server_socket_fd, dups, BUFFER_SIZE, 0);
printf("Send File:%s Failed./n", file_name);
break;
}
bzero(buffer2, BUFFER_SIZE);
}
}
// 关闭文件
fclose(fp);
}
if(cases==3)
{
// send data
char buffer3[BUFFER_SIZE];
//send seed
bzero(buffer3, BUFFER_SIZE);
strncpy( buffer3, sysencseed,strlen(sysencseed)>BUFFER_SIZE?BUFFER_SIZE:strlen(sysencseed));
send(new_server_socket_fd, sysencseed, BUFFER_SIZE, 0);
send(new_server_socket_fd, dups, BUFFER_SIZE, 0);
send(new_server_socket_fd, outerHMAC, BUFFER_SIZE, 0);
}
if(cases==4)
{
// send data
char buffer4[BUFFER_SIZE];
//send seed
bzero(buffer4, BUFFER_SIZE);
strncpy( buffer4, sysencseed,strlen(sysencseed)>BUFFER_SIZE?BUFFER_SIZE:strlen(sysencseed));
send(new_server_socket_fd, sysencseed, BUFFER_SIZE, 0);
send(new_server_socket_fd,encryKeyout,BUFFER_SIZE,0);
send(new_server_socket_fd, dups, BUFFER_SIZE, 0);
send(new_server_socket_fd, outerHMAC, BUFFER_SIZE, 0);
}
if(cases==5)
{
send(new_server_socket_fd, dups, BUFFER_SIZE, 0);
}
if(cases==6)
{
char buffer6[BUFFER_SIZE];
//send seed
bzero(buffer6, BUFFER_SIZE);
strncpy( buffer6, sysencseed,strlen(sysencseed)>BUFFER_SIZE?BUFFER_SIZE:strlen(sysencseed));
send(new_server_socket_fd, sysencseed, BUFFER_SIZE, 0);
send(new_server_socket_fd, dups, BUFFER_SIZE, 0);
send(new_server_socket_fd, outerHMAC, BUFFER_SIZE, 0);
}
if(cases==7)
{
// send data
char buffer7[BUFFER_SIZE];
//send seed
bzero(buffer7, BUFFER_SIZE);
strncpy( buffer7, sysencseed,strlen(sysencseed)>BUFFER_SIZE?BUFFER_SIZE:strlen(sysencseed));
send(new_server_socket_fd, sysencseed, BUFFER_SIZE, 0);
send(new_server_socket_fd,encryKeyout,BUFFER_SIZE,0);
send(new_server_socket_fd, dups, BUFFER_SIZE, 0);
send(new_server_socket_fd, outerHMAC, BUFFER_SIZE, 0);
}
if(cases==8)
{
send(new_server_socket_fd, dups, BUFFER_SIZE, 0);
}
if(cases==9)
{
char buffer9[BUFFER_SIZE];
int timeuse;
char dstStringTemp[17]={0},dupSensitive1[17]={0},*sss;
unsigned char*outerHMAC1;
unsigned char str[]="你好icd";
struct timeval start, end;
gettimeofday( &start, NULL );
bzero(buffer9, BUFFER_SIZE);
printf("source TPM:recieve seed from target TPM......\n");
recv(new_server_socket_fd,buffer9,BUFFER_SIZE,0);
my_decrypt(buffer9,PRIMIG);
//printf("%s\n",my_decrypt(buffer9,PRIMIG));
printf("source TPM:decrypt seed success\n");
printf("source TPM:outerwrap start...\n");
printf("source TPM:using seed create encrypt key-ks and hmac key....\n");
printf("source TPM:using ks encrypt to get dupSensitive...\n");
aes_box_encrypt(str,dstStringTemp);
strcpy(dupSensitive1,dstStringTemp);
outerHMAC=my_outerwarp(dstStringTemp);
printf("source TPM:transfer data to target TPM......\n");
//printf("source TPM:using newparentkey's public key protected seed to get sysmetricSeed...\n");
//sss=my_encrypt("seed",PUBMIG);//保护加密种子seed
//send(new_server_socket_fd, sss, BUFFER_SIZE, 0);
send(new_server_socket_fd, dupSensitive1, BUFFER_SIZE, 0);
send(new_server_socket_fd, outerHMAC1, BUFFER_SIZE, 0);
printf("source TPM:transfer finished\n");
printf("---------------source TPM:migration key finished------------\n");
gettimeofday( &end, NULL );
timeuse = 1000000 * ( end.tv_sec - start.tv_sec ) + end.tv_usec - start.tv_usec;
printf("source TPM:migration key total run time: %d us\n", timeuse);
}
if(cases==10)
{
char buffer10[BUFFER_SIZE];
int timeuse10;
char dstStringTemp10[17]={0},dupSensitive10[17]={0};
unsigned char*outerHMAC10,encSensitive10[17]={0};
unsigned char str10[]="你好icd";
struct timeval start10, end10;
gettimeofday( &start10, NULL );
bzero(buffer10, BUFFER_SIZE);
printf("source TPM:recieve seed and encryptionKeyin from target TPM......\n");
recv(new_server_socket_fd,buffer10,BUFFER_SIZE,0);
my_decrypt(buffer10,PRIMIG);
//printf("%s\n",my_decrypt(buffer10,PRIMIG));
bzero(buffer10,BUFFER_SIZE);
recv(new_server_socket_fd,buffer10,BUFFER_SIZE,0);
my_decrypt(buffer10,PRIMIG);
//printf("%s\n",my_decrypt(buffer10,PRIMIG));
printf("source TPM:decrypt seed and encryptionKeyin success\n");
my_innerwrap(NULL,"songmin",encSensitive10);
printf("source TPM:outerwrap start....\n");
printf("source TPM:using seed create encrypt key-ks and hmac key....\n");
printf("source TPM:using ks encrypt to get dupSensitive...\n");
aes_box_encrypt(encSensitive10,dstStringTemp10);
strcpy(dupSensitive10,dstStringTemp10);
outerHMAC10=my_outerwarp(dstStringTemp10);
printf("source TPM:transfer data to target TPM......\n");
send(new_server_socket_fd, dupSensitive10, BUFFER_SIZE, 0);
send(new_server_socket_fd, outerHMAC10, BUFFER_SIZE, 0);
printf("source TPM:transfer finished\n");
printf("---------------source TPM:migration key finished------------\n");
gettimeofday( &end10, NULL );
timeuse10 = 1000000 * ( end10.tv_sec - start10.tv_sec ) + end10.tv_usec - start10.tv_usec;
printf("source TPM:migration key total run time: %d us\n", timeuse10);
}
if(cases==11)
{
send(new_server_socket_fd, dups, BUFFER_SIZE, 0);
}
if(cases==12)
{
printf("source TPM:seed will clear tranfer\n");
printf("source TPM:seed is 1234567ss\n");
send(new_server_socket_fd, sysencseed, BUFFER_SIZE, 0);
send(new_server_socket_fd, dups, BUFFER_SIZE, 0);
send(new_server_socket_fd, outerHMAC, BUFFER_SIZE, 0);
}
if(cases==13)
{
printf("source TPM:seed and encryptionKeyin will clear tranfer\n");
printf("source TPM:seed is 1234567ss and encryptionKeyin is abcdefgg\n");
char buffer13[BUFFER_SIZE];
//send seed
bzero(buffer13, BUFFER_SIZE);
strncpy( buffer13, sysencseed,strlen(sysencseed)>BUFFER_SIZE?BUFFER_SIZE:strlen(sysencseed));
send(new_server_socket_fd, sysencseed, BUFFER_SIZE, 0);
send(new_server_socket_fd,encryKeyout,BUFFER_SIZE,0);
send(new_server_socket_fd, dups, BUFFER_SIZE, 0);
send(new_server_socket_fd, outerHMAC, BUFFER_SIZE, 0);
}*/
close(new_server_socket_fd);
// 关闭监听用的socket
close(server_socket_fd);
return 0;
}
int my_createKey(int bits,char *prikey_path,char *pubkey_path)
{
//生成密钥对
RSA *r = RSA_new();
BIGNUM *e = BN_new();
BN_set_word(e, 65537);
RSA_generate_key_ex(r, bits, e, NULL);
//RSA_print_fp(stdout, r, 0);
BIO *pri,*pub;
pri= BIO_new_file(prikey_path,"w");
//这里生成的私钥没有加密,可选加密
int ret = PEM_write_bio_RSAPrivateKey(pri, r, NULL, NULL, 0, NULL, NULL);
//printf("writepri:%d\n",ret);
BIO_flush(pri);
BIO_free(pri);
pub = BIO_new_file(pubkey_path,"w");
ret = PEM_write_bio_RSAPublicKey(pub, r);
//printf("writepub:%d\n",ret);
BIO_flush(pub);
BIO_free(pub);
BN_free(e);
RSA_free(r);
return 1;
}
int main(void){
int c,timeuse;
char dstStringTemp[17]={0},dst[17]={0},dupSensitive1[17]={0},*sss,*encryptionKeyout;
unsigned char*outerHMAC,encSensitive[17]={0};
unsigned char *dupSensitive={0};
unsigned char str[]="你好icd";
unsigned char* encryptionKeyin="abcdefghijklmnop";
FILE *migkeyfp;
char *sysmetricSeed;
struct timeval start, end;
//printf("source TPM:init stage start.............\n");
//初始化阶段
char *signID=NULL,*encks=NULL,*decks=NULL;
//1.用EK签名ID
signID=sign();
char ks[]="123456";
//2.用DA加密ks
encks=my_encrypt(ks,PUBDA);
//printf("DA加密后:%s\n",encks);
decks=my_decrypt(encks,PRIDA);
//printf("DA解密后:%s\n",decks);
unsigned char source_string[]="EK&NO1&01&", des_string[128]={0};
// strcat(source_string,signID);
//printf("%s\n",source_string);
//3.用ks加密EK,ID,signID,N
aes_box_encrypt(source_string,des_string) ;
//printf("ks加密:%s\n",des_string);
// printf("signid=%s\n",signID);
//4.发送数据
my_server1(0,encks,NULL,des_string,NULL);
/*printf("please input which case you want to go:");
scanf("%d",&c);
int fixedTPM,fixedParent,FlagParentKey,FlagMigKey,innerwarp,outerwarp,encryptionkeyin,newParentHandle;
switch(c){
case 1:
fixedTPM=1;
fixedParent=1;
printf("source TPM:Going to case 1\n");
printf("source TPM:fixedTPM=%d,fixedParent=%d\n",fixedTPM,fixedParent);
printf("source TPM:migration key end\n");
gettimeofday( &start, NULL );
gettimeofday( &end, NULL );
timeuse = 1000000 * ( end.tv_sec - start.tv_sec ) + end.tv_usec - start.tv_usec;
printf("source TPM:migration key total run time: %d us\n", timeuse);
break;
case 2:
fixedTPM=0;
fixedParent=0;
FlagParentKey=0;
FlagMigKey=0;
innerwarp=0;
outerwarp=0;
printf("source TPM:Going to case 2\n");
printf("source TPM:fixedTPM=%d\n fixedParent=%d\n encryptionkeyin=%d\n newParentHandle=TPM_RH_NULL\n",fixedTPM,fixedParent,innerwarp);
printf("---------------source TPM:migration key start---------------\n");
gettimeofday( &start, NULL );
//既不进行进行outerwarp也不进行outerwarp
printf("source TPM:this case will not do innerwrap,outerwrap\n nparentkey and migratekey is asymmetric key\n");
printf("source TPM:tansfer data to target TPM......\n");
gettimeofday( &end, NULL );
timeuse = 1000000 * ( end.tv_sec - start.tv_sec ) + end.tv_usec - start.tv_usec;
printf("source TPM:migration key total run time: %d us\n", timeuse);
my_server1(2,NULL,NULL,str,NULL);
printf("source TPM:transfer finished\n");
printf("---------------source TPM:migration key finished------------\n");
break;
case 3:
fixedTPM=0;
fixedParent=0;
FlagParentKey=0;
FlagMigKey=0;
innerwarp=0;
outerwarp=1;
printf("source TPM:Going to case 3\n");
printf("source TPM:fixedTPM=%d\n fixedParent=%d\n encryptionkeyin=%d\n newParentHandle!=TPM_RH_NULL\n",fixedTPM,fixedParent,innerwarp);
printf("---------------source TPM:migration key start--------------\n");
printf("source TPM:this case will only do outerwrap\n nparentkey and migratekey is asymmetric key\n");
gettimeofday( &start, NULL );
printf("source TPM:outerwrap start...\n");
printf("source TPM:using seed create encrypt key-ks and hmac key....\n");
printf("source TPM:using ks encrypt to get dupSensitive...\n");
aes_box_encrypt(str,dstStringTemp);
strcpy(dupSensitive1,dstStringTemp);
outerHMAC=my_outerwarp(dstStringTemp);
printf("source TPM:using nparentkey protected seed to get sysmetricSeed...\n");
sss=my_encrypt("seed",NPPUBKEY);//保护加密种子seed
printf("source TPM:tansfer data to target TPM......\n");
gettimeofday( &end, NULL );
timeuse = 1000000 * ( end.tv_sec - start.tv_sec ) + end.tv_usec - start.tv_usec;
printf("source TPM:migration key total run time: %d us\n", timeuse);
my_server1(3,sss,NULL,dupSensitive1,outerHMAC);
printf("source TPM:transfer finished\n");
printf("---------------source TPM:migration key finished------------\n");
break;
case 4:
fixedTPM=0;
fixedParent=0;
FlagParentKey=0;
FlagMigKey=0;
innerwarp=1;
outerwarp=1;
printf("source TPM:Going to case 4\n");
printf("source TPM:fixedTPM=%d\n fixedParent=%d\n encryptionkeyin=%d\n newParentHandle!=TPM_RH_NULL\n",fixedTPM,fixedParent,innerwarp);
printf("---------------source TPM:migration key start--------------\n");
printf("source TPM:this case will do innerwrap,outerwrap\n nparentkey and migratekey is asymmetric key\n");
gettimeofday( &start, NULL );
my_innerwrap(NULL,"songmin",encSensitive);
printf("source TPM:outerwrap start....\n");
printf("source TPM:using seed create encrypt key-ks and hmac key....\n");
aes_box_encrypt(encSensitive,dstStringTemp);
printf("source TPM:using ks encrypt encSensitive to get dupSensitive\n");
strcpy(dupSensitive1,dstStringTemp);
outerHMAC=my_outerwarp(dstStringTemp);
printf("source TPM:using nparentkey protected seed and encryptionKeyin...\n");
sss=my_encrypt("seed",NPPUBKEY);//保护加密种子seed
encryptionKeyout=my_encrypt(encryptionKeyin,NPPUBKEY);//保护innerwrap加密密钥
//printf("keyout==%s\n",encryptionKeyout);
printf("source TPM:tansfer data to target TPM......\n");
gettimeofday( &end, NULL );
timeuse = 1000000 * ( end.tv_sec - start.tv_sec ) + end.tv_usec - start.tv_usec;
printf("source TPM:migration key total run time: %d us\n", timeuse);
my_server1(4,sss,encryptionKeyout,dupSensitive1,outerHMAC);
printf("source TPM:transfer finished\n");
printf("---------------source TPM:migration key finished------------\n");
break;
case 5:
fixedTPM=0;
fixedParent=0;
FlagParentKey=0;
FlagMigKey=1;
innerwarp=0;
outerwarp=0;
printf("source TPM:Going to case 5\n");
printf("source TPM:fixedTPM=%d\n fixedParent=%d\n encryptionkeyin=%d\n newParentHandle=TPM_RH_NULL\n",fixedTPM,fixedParent,innerwarp);
printf("---------------source TPM:migration key start--------------\n");
gettimeofday( &start, NULL );
printf("source TPM:this case will not do innerwrap,outerwrap\n nparentkey is asymmetric,migratekey is symmetric\n");
printf("source TPM:tansfer data to target TPM......\n");
gettimeofday( &end, NULL );
timeuse = 1000000 * ( end.tv_sec - start.tv_sec ) + end.tv_usec - start.tv_usec;
printf("source TPM:migration key total run time: %d us\n", timeuse);
my_server1(5,NULL,NULL,str,NULL);
printf("source TPM:transfer finished\n");
printf("---------------source TPM:migration key finished------------\n");
break;
case 6:
fixedTPM=0;
fixedParent=0;
FlagParentKey=0;
FlagMigKey=1;
innerwarp=0;
outerwarp=1;
printf("source TPM:Going to case 6\n");
printf("source TPM:fixedTPM=%d\n fixedParent=%d\n encryptionkeyin=%d\n newParentHandle!=TPM_RH_NULL\n",fixedTPM,fixedParent,innerwarp);
printf("---------------source TPM:migration key start--------------\n");
gettimeofday( &start, NULL );
printf("source TPM:this case will only do outerwrap\n nparentkey is asymmetric,migratekey is symmetric\n");
printf("source TPM:outerwrap start...\n");
printf("source TPM:using seed create encrypt key-ks and hmac key....\n");
printf("source TPM:using ks encrypt to get dupSensitive...\n");
aes_box_encrypt(str,dstStringTemp);
strcpy(dupSensitive1,dstStringTemp);
outerHMAC=my_outerwarp(dstStringTemp);
printf("source TPM:using nparentkey protected seed to get sysmetricSeed...\n");
sss=my_encrypt("seed",NPPUBKEY);//保护加密种子seed
printf("source TPM:tansfer data to target TPM......\n");
gettimeofday( &end, NULL );
timeuse = 1000000 * ( end.tv_sec - start.tv_sec ) + end.tv_usec - start.tv_usec;
printf("source TPM:migration key total run time: %d us\n", timeuse);
my_server1(3,sss,NULL,dupSensitive1,outerHMAC);
printf("source TPM:transfer finished\n");
printf("---------------source TPM:migration key finished------------\n");
break;
case 7:
fixedTPM=0;
fixedParent=0;
FlagParentKey=0;
FlagMigKey=1;
innerwarp=1;
outerwarp=1;
printf("source TPM:Going to case 7\n");
printf("source TPM:fixedTPM=%d\n fixedParent=%d\n encryptionkeyin=%d\n newParentHandle!=TPM_RH_NULL\n",fixedTPM,fixedParent,innerwarp);
printf("---------------source TPM:migration key start--------------\n");
printf("source TPM:this case will do innerwrap,outerwrap\n nparentkey is asymmetric,migratekey is symmetric\n");
gettimeofday( &start, NULL );
my_innerwrap(NULL,"你好TPM,key1",encSensitive);
printf("source TPM:outerwrap start....\n");
printf("source TPM:using seed create encrypt key-ks and hmac key....\n");
printf("source TPM:using ks encrypt encSensitive to get dupSensitive\n");
aes_box_encrypt(encSensitive,dstStringTemp);
strcpy(dupSensitive1,dstStringTemp);
outerHMAC=my_outerwarp(dstStringTemp);
printf("source TPM:using nparentkey protected seed and encryptionKeyin...\n");
sss=my_encrypt("seed",NPPUBKEY);//保护加密种子seed
encryptionKeyout=my_encrypt(encryptionKeyin,NPPUBKEY);//保护innerwrap加密密钥
//printf("keyout==%s\n",encryptionKeyout);
printf("source TPM:tansfer data to target TPM......\n");
gettimeofday( &end, NULL );
timeuse = 1000000 * ( end.tv_sec - start.tv_sec ) + end.tv_usec - start.tv_usec;
printf("source TPM:migration key total run time: %d us\n", timeuse);
my_server1(7,sss,encryptionKeyout,dupSensitive1,outerHMAC);
printf("source TPM:transfer finished\n");
printf("---------------source TPM:migration key finished------------\n");
break;
case 8:
fixedTPM=0;
fixedParent=0;
FlagParentKey=1;
FlagMigKey=0;
innerwarp=0;
outerwarp=0;
printf("source TPM:Going to case 8\n");
printf("source TPM:fixedTPM=%d\n fixedParent=%d\n encryptionkeyin=%d\n newParentHandle=TPM_RH_NULL\n",fixedTPM,fixedParent,innerwarp);
printf("---------------source TPM:migration key start--------------\n");
gettimeofday( &start, NULL );
printf("source TPM:this case will not do innerwrap,outerwrap\n nparentkey is symmetric,migratekey is asymmetric\n");
printf("source TPM:tansfer data to target TPM......\n");
gettimeofday( &end, NULL );
timeuse = 1000000 * ( end.tv_sec - start.tv_sec ) + end.tv_usec - start.tv_usec;
printf("source TPM:migration key total run time: %d us\n", timeuse);
my_server1(8,NULL,NULL,str,NULL);
printf("source TPM:transfer finished\n");
printf("---------------source TPM:migration key finished------------\n");
break;
case 9:
fixedTPM=0;
fixedParent=0;
FlagParentKey=1;
FlagMigKey=0;
innerwarp=0;
outerwarp=1;
printf("source TPM:Going to case 9\n");
printf("source TPM:fixedTPM=%d\n fixedParent=%d\n encryptionkeyin=%d\n newParentHandle!=TPM_RH_NULL\n",fixedTPM,fixedParent,innerwarp);
printf("---------------source TPM:migration key start--------------\n");
//gettimeofday( &start, NULL );
printf("source TPM:this case will only do outerwrap\n nparentkey is symmetric,migratekey is asymmetric\n");
// printf("source TPM:recieve seed success\n");
//printf("source TPM:using see create encrypt key-ks and hmac key....\n");
//printf("source TPM:using ks encrypt migkey's private part to get dupSensitive...\n");
//aes_box_encrypt(str,dstStringTemp);
//strcpy(dupSensitive1,dstStringTemp);
//outerHMAC=my_outerwarp(dstStringTemp);
//printf("source TPM:using newparentkey's public key protected seed to get sysmetricSeed...\n");
//sss=my_encrypt("seed",PUBMIG);//保护加密种子seed
//printf("source TPM:tansfer data to target TPM......\n");
//gettimeofday( &end, NULL );
//timeuse = 1000000 * ( end.tv_sec - start.tv_sec ) + end.tv_usec - start.tv_usec;
//printf("source TPM:migration key total run time: %d us\n", timeuse);
my_server1(9,NULL,NULL,NULL,NULL);
//printf("source TPM:transfer finished\n");
//printf("---------------source TPM:migration key finished------------\n");
break;
case 10:
fixedTPM=0;
fixedParent=0;
FlagParentKey=1;
FlagMigKey=0;
innerwarp=1;
outerwarp=1;
printf("source TPM:Going to case 10\n");
printf("source TPM:fixedTPM=%d\n fixedParent=%d\n encryptionkeyin=%d\n newParentHandle!=TPM_RH_NULL\n",fixedTPM,fixedParent,innerwarp);
printf("---------------source TPM:migration key start--------------\n");
printf("source TPM:this case will do innerwrap,outerwrap\n nparentkey is symmetric,migratekey is asymmetric\n");
//gettimeofday( &start, NULL );
my_server1(10,NULL,NULL,NULL,NULL);
// gettimeofday( &end, NULL );
//timeuse = 1000000 * ( end.tv_sec - start.tv_sec ) + end.tv_usec - start.tv_usec;
//printf("source TPM:migration key total run time: %d us\n", timeuse);
break;
case 11:
fixedTPM=0;
fixedParent=0;
FlagParentKey=1;
FlagMigKey=1;
innerwarp=0;
outerwarp=0;
printf("source TPM:Going to case 11\n");
printf("source TPM:fixedTPM=%d\n fixedParent=%d\n encryptionkeyin=%d\n newParentHandle=TPM_RH_NULL\n",fixedTPM,fixedParent,innerwarp);
printf("---------------source TPM:migration key start--------------\n");
gettimeofday( &start, NULL );
printf("source TPM:this case will not do innerwrap,outerwrap\n nparentkey is symmetric,migratekey is symmetric\n");
printf("source TPM:tansfer data to target TPM......\n");
gettimeofday( &end, NULL );
timeuse = 1000000 * ( end.tv_sec - start.tv_sec ) + end.tv_usec - start.tv_usec;
printf("source TPM:migration key total run time: %d us\n", timeuse);
my_server1(11,NULL,NULL,str,NULL);
printf("source TPM:transfer finished\n");
printf("---------------source TPM:migration key finished------------\n");
break;
case 12:
fixedTPM=0;
fixedParent=0;
FlagParentKey=1;
FlagMigKey=1;
innerwarp=0;
outerwarp=1;
printf("source TPM:Going to case 12\n");
printf("source TPM:fixedTPM=%d\n fixedParent=%d\n encryptionkeyin=%d\n newParentHandle!=TPM_RH_NULL\n",fixedTPM,fixedParent,innerwarp);
printf("---------------source TPM:migration key start--------------\n");
gettimeofday( &start, NULL );
printf("source TPM:this case will only do outerwrap\n nparentkey and migratekey is symmetric key\n");
printf("source TPM:using seed create encrypt key-ks and hmac key....\n");
printf("source TPM:using ks encrypt to get dupSensitive...\n");
aes_box_encrypt(str,dstStringTemp);
strcpy(dupSensitive1,dstStringTemp);
outerHMAC=my_outerwarp(dstStringTemp);
//printf("source TPM:seed will clear transfer...\n");
//sss=my_encrypt("seed",PUBMIG);//保护加密种子seed
printf("source TPM:tansfer data to target TPM......\n");
gettimeofday( &end, NULL );
timeuse = 1000000 * ( end.tv_sec - start.tv_sec ) + end.tv_usec - start.tv_usec;
printf("source TPM:migration key total run time: %d us\n", timeuse);
my_server1(12,"seed",NULL,dupSensitive1,outerHMAC);
printf("source TPM:transfer finished\n");
printf("---------------source TPM:migration key finished------------\n");
break;
case 13:
fixedTPM=0;
fixedParent=0;
FlagParentKey=1;
FlagMigKey=1;
innerwarp=1;
outerwarp=1;
printf("source TPM:Going to case 13\n");
printf("source TPM:fixedTPM=%d\n fixedParent=%d\n encryptionkeyin=%d\n newParentHandle!=TPM_RH_NULL\n",fixedTPM,fixedParent,innerwarp);
printf("---------------source TPM:migration key start--------------\n");
printf("source TPM:this case will do innerwrap,outerwrap\n newparentkey, migratekey is symmetric key\n");
gettimeofday( &start, NULL );
my_innerwrap(NULL,"songmin",encSensitive);
printf("source TPM:outerwrap start....\n");
printf("source TPM:using seed create encrypt key-ks and hmac key....\n");
printf("source TPM:using ks encrypt encSensitive to get dupSensitive\n");
aes_box_encrypt(encSensitive,dstStringTemp);
strcpy(dupSensitive1,dstStringTemp);
outerHMAC=my_outerwarp(dstStringTemp);
//printf("source TPM:using newparentkey's public key protected seed and encryptionKeyin...\n");
//sss=my_encrypt("seed",NPPUBKEY);//保护加密种子seed
//encryptionKeyout=my_encrypt(encryptionKeyin,NPPUBKEY);//保护innerwrap加密密钥
//printf("keyout==%s\n",encryptionKeyout);
printf("source TPM:tansfer data to target TPM......\n");
gettimeofday( &end, NULL );
timeuse = 1000000 * ( end.tv_sec - start.tv_sec ) + end.tv_usec - start.tv_usec;
printf("source TPM:migration key total run time: %d us\n", timeuse);
my_server1(13,"1234567ss","abcdefgg",dupSensitive1,outerHMAC);
printf("source TPM:transfer finished\n");
printf("---------------source TPM:migration key finished------------\n");
break;
default:
printf("source TPM:input error\n");
return -1;
}*/
return 0;
}
/*char *my_encrypt(char *str,char *path_key){
char *p_en;
RSA *p_rsa;
FILE *file;
int flen,rsa_len;
if((file=fopen(path_key,"r"))==NULL){
perror("source TPM: open key file error");
return NULL;
}
if((p_rsa=PEM_read_RSA_PUBKEY(file,NULL,NULL,NULL))==NULL){
// if((p_rsa=PEM_read_RSAPublicKey(file,NULL,NULL,NULL))==NULL){ // 换成这句死活通不过,无论是否将公钥分离源文件
ERR_print_errors_fp(stdout);
return NULL;
}
flen=strlen(str);
rsa_len=RSA_size(p_rsa);
p_en=(unsigned char *)malloc(rsa_len+1);
memset(p_en,0,rsa_len+1);
if(RSA_public_encrypt(rsa_len,(unsigned char *)str,(unsigned char*)p_en,p_rsa,RSA_NO_PADDING)<0){
return NULL;
}
RSA_free(p_rsa);
fclose(file);
//printf("p_en is %s\n",p_en);
return p_en;
}
char *my_decrypt(char *str,char *path_key){
char *p_de;
RSA *p_rsa;
FILE *file;
int rsa_len;
if((file=fopen(path_key,"r"))==NULL){
perror("source TPM: open key file error");
return NULL;
}
if((p_rsa=PEM_read_RSAPrivateKey(file,NULL,NULL,NULL))==NULL){
ERR_print_errors_fp(stdout);
return NULL;
}
rsa_len=RSA_size(p_rsa);
p_de=(unsigned char *)malloc(rsa_len+1);
memset(p_de,0,rsa_len+1);
if(RSA_private_decrypt(rsa_len,(unsigned char *)str,(unsigned char*)p_de,p_rsa,RSA_NO_PADDING)<0){
return NULL;
}
RSA_free(p_rsa);
fclose(file);
return p_de;
}*/
387
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
