패킷 덤프 파일이 주어지고 SSL 관련 문제를 푸는 문제가 많이 보인다. 이런 문제들은 접해본 경험이 없어 풀이를 보고 따라 푸는 것으로 이해하는 수 밖에... 🙁
이제 풀이를 시작해 보도록 하자. 우선 해당 패킷에서 공개키 부분을 추출하도록 한다.
추출을 한 후 아래와 같이 OpenSSL을 이용하여 어떤 알고리즘으로 되어 있는지 확인할 수 있다.
C:\Users\ByJJoon\Downloads>openssl.exe x509 -inform DER -in test.der -text
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
d7:08:17:fc:61:41:b3:1c
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=KR, ST=Seoul, L=Seoul, O=CodeGate, OU=LM**2, CN=ctf1.codegate.org
Validity
Not Before: Mar 11 19:28:25 2010 GMT
Not After : Mar 11 19:28:25 2011 GMT
Subject: C=KR, ST=Seoul, L=Seoul, O=CodeGate, OU=LM**2, CN=ctf1.codegate.org
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (768 bit)
Modulus (768 bit):
00:ca:d9:84:55:7c:97:e0:39:43:1a:22:6a:d7:27:
f0:c6:d4:3e:f3:d4:18:46:9f:1b:37:50:49:b2:29:
84:3e:e9:f8:3b:1f:97:73:8a:c2:74:f5:f6:1f:40:
1f:21:f1:91:3e:4b:64:bb:31:b5:5a:38:d3:98:c0:
df:ed:00:b1:39:2f:08:89:71:1c:44:b3:59:e7:97:
6c:61:7f:cc:73:4f:06:e3:e9:5c:26:47:60:91:b5:
2f:46:2e:79:41:3d:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:35:CC:D2:D9:A5:5E:B7:E7:9C:03:E4:40:30:3A:9E:B3:BD:9D:F6
X509v3 Authority Key Identifier:
keyid:3E:35:CC:D2:D9:A5:5E:B7:E7:9C:03:E4:40:30:3A:9E:B3:BD:9D:F6
DirName:/C=KR/ST=Seoul/L=Seoul/O=CodeGate/OU=LM**2/CN=ctf1.codegate.org
serial:D7:08:17:FC:61:41:B3:1C
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: sha1WithRSAEncryption
75:e9:15:ba:b2:b9:ec:d0:ef:ec:fd:27:44:a7:d9:0a:e6:ad:
84:57:8d:5f:3e:9b:97:0d:34:cb:d7:d4:2b:2e:9f:8d:d6:51:
a2:7c:cf:c1:5d:47:5a:83:1b:89:fd:f5:da:32:c9:73:00:2a:
58:8f:9a:bc:e7:fb:fe:69:0c:70:bd:a2:3f:01:4a:d1:95:8d:
4e:b4:6a:f1:83:dc:4d:97:e0:6f:e7:89:86:24:80:19:af:22:
b2:cd:7e:d0:8f:4e
-----BEGIN CERTIFICATE-----
MIIC4zCCAm2gAwIBAgIJANcIF/xhQbMcMA0GCSqGSIb3DQEBBQUAMGwxCzAJBgNV
BAYTAktSMQ4wDAYDVQQIEwVTZW91bDEOMAwGA1UEBxMFU2VvdWwxETAPBgNVBAoT
CENvZGVHYXRlMQ4wDAYDVQQLFAVMTSoqMjEaMBgGA1UEAxMRY3RmMS5jb2RlZ2F0
ZS5vcmcwHhcNMTAwMzExMTkyODI1WhcNMTEwMzExMTkyODI1WjBsMQswCQYDVQQG
EwJLUjEOMAwGA1UECBMFU2VvdWwxDjAMBgNVBAcTBVNlb3VsMREwDwYDVQQKEwhD
b2RlR2F0ZTEOMAwGA1UECxQFTE0qKjIxGjAYBgNVBAMTEWN0ZjEuY29kZWdhdGUu
b3JnMHwwDQYJKoZIhvcNAQEBBQADawAwaAJhAMrZhFV8l+A5Qxoiatcn8MbUPvPU
GEafGzdQSbIphD7p+Dsfl3OKwnT19h9AHyHxkT5LZLsxtVo405jA3+0AsTkvCIlx
HESzWeeXbGF/zHNPBuPpXCZHYJG1L0YueUE9tQIDAQABo4HRMIHOMB0GA1UdDgQW
BBQ+NczS2aVet+ecA+RAMDqes72d9jCBngYDVR0jBIGWMIGTgBQ+NczS2aVet+ec
A+RAMDqes72d9qFwpG4wbDELMAkGA1UEBhMCS1IxDjAMBgNVBAgTBVNlb3VsMQ4w
DAYDVQQHEwVTZW91bDERMA8GA1UEChMIQ29kZUdhdGUxDjAMBgNVBAsUBUxNKioy
MRowGAYDVQQDExFjdGYxLmNvZGVnYXRlLm9yZ4IJANcIF/xhQbMcMAwGA1UdEwQF
MAMBAf8wDQYJKoZIhvcNAQEFBQADYQB16RW6srns0O/s/SdEp9kK5q2EV41fPpuX
DTTL19QrLp+N1lGifM/BXUdagxuJ/fXaMslzACpYj5q85/v+aQxwvaI/AUrRlY1O
tGrxg9xNl+Bv54mGJIAZryKyzX7Qj04=
-----END CERTIFICATE-----RSA 768bit로 암호화 되어 있음을 알 수 있다. RSA 768bit 는 이미 소인수분해가 성공되었다. 아래 위키피디아 페이지에서 인수분해가 성공된 RSA 알고리즘을 확인할 수 있다.
http://en.wikipedia.org/wiki/RSA_numbers
RSA-768 의 P, Q 값은 아래와 같다.
P-33478071698956898786044169848212690817704794983713768568912431388982883793878002287614711652531743087737814467999489
Q-36746043666799590428244633799627952632279158164343087642676032283815739666511279233373417143396810270092798736308917
이 제 P, Q 값을 확인하였으니 비밀키를 생성해 보도록 하자. 생성하는 코드는 Didier Stevens' Authenticode Challenge 의 풀이에 나오는 코드를 그대로 사용할 수 있다.
Didier Stevens' Authenticode Challenge : http://blog.didierstevens.com/2008/07/22/authenticode-challenge/
풀이 : http://blog.didierstevens.com/2008/09/07/mister-p-and-qs-excellent-solution/
파일 : solution
CreatePEM.c
/**********************************************************************
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
************************************************************************
(c) 2008 by Mister P and Q < [email protected] >
***********************************************************************/
#define _GNU_SOURCE
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "e_os.h"
#include <openssl/bio.h>
#include <openssl/ssl.h>
#include <openssl/bn.h>
#include <openssl/crypto.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
// This is a modified version of the genrsa.c sample that is part of the OpenSSL package
int main(int argc, char *argv[])
{
BIGNUM *p_tBNExp = NULL;
RSA *p_tRSAKey = NULL;
BN_CTX *ctx = NULL;
BIGNUM *r0=NULL,*r1=NULL,*r2=NULL,*r3=NULL,*tmp;
BIGNUM local_r0,local_d,local_p;
BIGNUM *pr0,*d,*p;
BIO *out;
unsigned long f4 = RSA_F4;
int ok = -1;
// The two values we obtained from FindPQ or msieve
char *p_acP = "33478071698956898786044169848212690817704794983713768568912431388982883793878002287614711652531743087737814467999489";
char *p_acQ = "36746043666799590428244633799627952632279158164343087642676032283815739666511279233373417143396810270092798736308917";
// Init OpenSSL
CRYPTO_malloc_init();
ERR_load_crypto_strings();
OpenSSL_add_all_algorithms();
ENGINE_load_builtin_engines();
ctx=BN_CTX_new();
BN_CTX_start(ctx);
r0 = BN_CTX_get(ctx);
r1 = BN_CTX_get(ctx);
r2 = BN_CTX_get(ctx);
r3 = BN_CTX_get(ctx);
if (r3 == NULL) goto err;
p_tBNExp = BN_new();
p_tRSAKey = RSA_new();
BN_set_word(p_tBNExp, f4);
/* We need the RSA components non-NULL */
if(!p_tRSAKey->n && ((p_tRSAKey->n=BN_new()) == NULL)) goto err;
if(!p_tRSAKey->d && ((p_tRSAKey->d=BN_new()) == NULL)) goto err;
if(!p_tRSAKey->e && ((p_tRSAKey->e=BN_new()) == NULL)) goto err;
if(!p_tRSAKey->p && ((p_tRSAKey->p=BN_new()) == NULL)) goto err;
if(!p_tRSAKey->q && ((p_tRSAKey->q=BN_new()) == NULL)) goto err;
if(!p_tRSAKey->dmp1 && ((p_tRSAKey->dmp1=BN_new()) == NULL)) goto err;
if(!p_tRSAKey->dmq1 && ((p_tRSAKey->dmq1=BN_new()) == NULL)) goto err;
if(!p_tRSAKey->iqmp && ((p_tRSAKey->iqmp=BN_new()) == NULL)) goto err;
// Copy the defauld (F4) exponent to the RSA key
BN_copy(p_tRSAKey->e, p_tBNExp);
// Convert the 2 decimal values for P and Q to the RSA key
BN_dec2bn(&p_tRSAKey->p, p_acP);
BN_dec2bn(&p_tRSAKey->q, p_acQ);
// If P is bigger van Q, swap values
if (BN_cmp(p_tRSAKey->p,p_tRSAKey->q) < 0)
{
tmp=p_tRSAKey->p;
p_tRSAKey->p=p_tRSAKey->q;
p_tRSAKey->q=tmp;
}
/* calculate n */
if (!BN_mul(p_tRSAKey->n,p_tRSAKey->p,p_tRSAKey->q,ctx)) goto err;
/* calculate d */
if (!BN_sub(r1,p_tRSAKey->p,BN_value_one())) goto err; /* p-1 */
if (!BN_sub(r2,p_tRSAKey->q,BN_value_one())) goto err; /* q-1 */
if (!BN_mul(r0,r1,r2,ctx)) goto err; /* (p-1)(q-1) */
if (!(p_tRSAKey->flags & RSA_FLAG_NO_CONSTTIME))
{
pr0 = &local_r0;
BN_with_flags(pr0, r0, BN_FLG_CONSTTIME);
}
else
pr0 = r0;
if (!BN_mod_inverse(p_tRSAKey->d,p_tRSAKey->e,pr0,ctx)) goto err; /* d */
/* set up d for correct BN_FLG_CONSTTIME flag */
if (!(p_tRSAKey->flags & RSA_FLAG_NO_CONSTTIME))
{
d = &local_d;
BN_with_flags(d, p_tRSAKey->d, BN_FLG_CONSTTIME);
}
else
d = p_tRSAKey->d;
/* calculate d mod (p-1) */
if (!BN_mod(p_tRSAKey->dmp1,d,r1,ctx)) goto err;
/* calculate d mod (q-1) */
if (!BN_mod(p_tRSAKey->dmq1,d,r2,ctx)) goto err;
/* calculate inverse of q mod p */
if (!(p_tRSAKey->flags & RSA_FLAG_NO_CONSTTIME))
{
p = &local_p;
BN_with_flags(p, p_tRSAKey->p, BN_FLG_CONSTTIME);
}
else
p = p_tRSAKey->p;
if (!BN_mod_inverse(p_tRSAKey->iqmp,p_tRSAKey->q,p,ctx)) goto err;
// Write the RSA structure to a PEM file
if ((out=BIO_new(BIO_s_file())) == NULL)
{
printf("unable to create BIO for output\n");
goto err;
}
if (BIO_write_filename(out,"newkey.pem") <= 0)
{
perror("newkey.pem");
goto err;
}
// Output RSA Key in PEM format (without password !)
if (!PEM_write_bio_RSAPrivateKey(out,p_tRSAKey,NULL,NULL,0,NULL,NULL))
goto err;
// ALL OK !
ok=1;
err:
if (ok == -1)
{
printf("Actions failed\n");
ok=0;
}
if (ctx != NULL)
{
BN_CTX_end(ctx);
BN_CTX_free(ctx);
}
return ok;
}e_os.h
/* e_os.h */
/* Copyright (C) 1995-1998 Eric Young ([email protected])
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young ([email protected]).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson ([email protected]).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young ([email protected])"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson ([email protected])"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#ifndef HEADER_E_OS_H
#define HEADER_E_OS_H
#include <openssl/opensslconf.h>
#include <openssl/e_os2.h>
/* <openssl/e_os2.h> contains what we can justify to make visible
* to the outside; this file e_os.h is not part of the exported
* interface. */
#ifdef __cplusplus
extern "C" {
#endif
/* Used to checking reference counts, most while doing perl5 stuff :-) */
#ifdef REF_PRINT
#undef REF_PRINT
#define REF_PRINT(a,b) fprintf(stderr,"%08X:%4d:%s\n",(int)b,b->references,a)
#endif
#ifndef DEVRANDOM
/* set this to a comma-separated list of 'random' device files to try out.
* My default, we will try to read at least one of these files */
#define DEVRANDOM "/dev/urandom","/dev/random","/dev/srandom"
#endif
#ifndef DEVRANDOM_EGD
/* set this to a comma-seperated list of 'egd' sockets to try out. These
* sockets will be tried in the order listed in case accessing the device files
* listed in DEVRANDOM did not return enough entropy. */
#define DEVRANDOM_EGD "/var/run/egd-pool","/dev/egd-pool","/etc/egd-pool","/etc/entropy"
#endif
#if defined(OPENSSL_SYS_VXWORKS)
# define NO_SYS_PARAM_H
# define NO_CHMOD
# define NO_SYSLOG
#endif
#if defined(OPENSSL_SYS_MACINTOSH_CLASSIC)
# if macintosh==1
# ifndef MAC_OS_GUSI_SOURCE
# define MAC_OS_pre_X
# define NO_SYS_TYPES_H
typedef long ssize_t;
# endif
# define NO_SYS_PARAM_H
# define NO_CHMOD
# define NO_SYSLOG
# undef DEVRANDOM
# define GETPID_IS_MEANINGLESS
# endif
#endif
/********************************************************************
The Microsoft section
********************************************************************/
/* The following is used becaue of the small stack in some
* Microsoft operating systems */
#if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYSNAME_WIN32)
# define MS_STATIC static
#else
# define MS_STATIC
#endif
#if defined(OPENSSL_SYS_WIN32) && !defined(WIN32)
# define WIN32
#endif
#if defined(OPENSSL_SYS_WIN16) && !defined(WIN16)
# define WIN16
#endif
#if defined(OPENSSL_SYS_WINDOWS) && !defined(WINDOWS)
# define WINDOWS
#endif
#if defined(OPENSSL_SYS_MSDOS) && !defined(MSDOS)
# define MSDOS
#endif
#if defined(MSDOS) && !defined(GETPID_IS_MEANINGLESS)
# define GETPID_IS_MEANINGLESS
#endif
#ifdef WIN32
#define get_last_sys_error() GetLastError()
#define clear_sys_error() SetLastError(0)
#if !defined(WINNT)
#define WIN_CONSOLE_BUG
#endif
#else
#define get_last_sys_error() errno
#define clear_sys_error() errno=0
#endif
#if defined(WINDOWS)
#define get_last_socket_error() WSAGetLastError()
#define clear_socket_error() WSASetLastError(0)
#define readsocket(s,b,n) recv((s),(b),(n),0)
#define writesocket(s,b,n) send((s),(b),(n),0)
#define EADDRINUSE WSAEADDRINUSE
#elif defined(__DJGPP__)
#define WATT32
#define get_last_socket_error() errno
#define clear_socket_error() errno=0
#define closesocket(s) close_s(s)
#define readsocket(s,b,n) read_s(s,b,n)
#define writesocket(s,b,n) send(s,b,n,0)
#elif defined(MAC_OS_pre_X)
#define get_last_socket_error() errno
#define clear_socket_error() errno=0
#define closesocket(s) MacSocket_close(s)
#define readsocket(s,b,n) MacSocket_recv((s),(b),(n),true)
#define writesocket(s,b,n) MacSocket_send((s),(b),(n))
#elif defined(OPENSSL_SYS_VMS)
#define get_last_socket_error() errno
#define clear_socket_error() errno=0
#define ioctlsocket(a,b,c) ioctl(a,b,c)
#define closesocket(s) close(s)
#define readsocket(s,b,n) recv((s),(b),(n),0)
#define writesocket(s,b,n) send((s),(b),(n),0)
#elif defined(OPENSSL_SYS_VXWORKS)
#define get_last_socket_error() errno
#define clear_socket_error() errno=0
#define ioctlsocket(a,b,c) ioctl((a),(b),(int)(c))
#define closesocket(s) close(s)
#define readsocket(s,b,n) read((s),(b),(n))
#define writesocket(s,b,n) write((s),(char *)(b),(n))
#elif defined(OPENSSL_SYS_NETWARE)
#if defined(NETWARE_BSDSOCK)
#define get_last_socket_error() errno
#define clear_socket_error() errno=0
#define closesocket(s) close(s)
#define ioctlsocket(a,b,c) ioctl(a,b,c)
#if defined(NETWARE_LIBC)
#define readsocket(s,b,n) recv((s),(b),(n),0)
#define writesocket(s,b,n) send((s),(b),(n),0)
#else
#define readsocket(s,b,n) recv((s),(char*)(b),(n),0)
#define writesocket(s,b,n) send((s),(char*)(b),(n),0)
#endif
#else
#define get_last_socket_error() WSAGetLastError()
#define clear_socket_error() WSASetLastError(0)
#define readsocket(s,b,n) recv((s),(b),(n),0)
#define writesocket(s,b,n) send((s),(b),(n),0)
#endif
#else
#define get_last_socket_error() errno
#define clear_socket_error() errno=0
#define ioctlsocket(a,b,c) ioctl(a,b,c)
#define closesocket(s) close(s)
#define readsocket(s,b,n) read((s),(b),(n))
#define writesocket(s,b,n) write((s),(b),(n))
#endif
#ifdef WIN16
# define MS_CALLBACK _far _loadds
# define MS_FAR _far
#else
# define MS_CALLBACK
# define MS_FAR
#endif
#ifdef OPENSSL_NO_STDIO
# undef OPENSSL_NO_FP_API
# define OPENSSL_NO_FP_API
#endif
#if (defined(WINDOWS) || defined(MSDOS))
# ifdef __DJGPP__
# include <unistd.h>
# include <sys/stat.h>
# include <sys/socket.h>
# include <tcp.h>
# include <netdb.h>
# define _setmode setmode
# define _O_TEXT O_TEXT
# define _O_BINARY O_BINARY
# undef DEVRANDOM
# define DEVRANDOM "/dev/urandom\x24"
# endif /* __DJGPP__ */
# ifndef S_IFDIR
# define S_IFDIR _S_IFDIR
# endif
# ifndef S_IFMT
# define S_IFMT _S_IFMT
# endif
# if !defined(WINNT) && !defined(__DJGPP__)
# define NO_SYSLOG
# endif
# define NO_DIRENT
# ifdef WINDOWS
# if !defined(_WIN32_WCE) && !defined(_WIN32_WINNT)
/*
* Defining _WIN32_WINNT here in e_os.h implies certain "discipline."
* Most notably we ought to check for availability of each specific
* routine with GetProcAddress() and/or quard NT-specific calls with
* GetVersion() < 0x80000000. One can argue that in latter "or" case
* we ought to /DELAYLOAD some .DLLs in order to protect ourselves
* against run-time link errors. This doesn't seem to be necessary,
* because it turned out that already Windows 95, first non-NT Win32
* implementation, is equipped with at least NT 3.51 stubs, dummy
* routines with same name, but which do nothing. Meaning that it's
* apparently appropriate to guard generic NT calls with GetVersion
* alone, while NT 4.0 and above calls ought to be additionally
* checked upon with GetProcAddress.
*/
# define _WIN32_WINNT 0x0400
# endif
# include <windows.h>
# include <stdio.h>
# include <stddef.h>
# include <errno.h>
# include <string.h>
# ifdef _WIN64
# define strlen(s) _strlen31(s)
/* cut strings to 2GB */
static unsigned int _strlen31(const char *str)
{
unsigned int len=0;
while (*str && len<0x80000000U) str++, len++;
return len&0x7FFFFFFF;
}
# endif
# include <malloc.h>
# if defined(_MSC_VER) && _MSC_VER<=1200 && defined(_MT) && defined(isspace)
/* compensate for bug in VC6 ctype.h */
# undef isspace
# undef isdigit
# undef isalnum
# undef isupper
# undef isxdigit
# endif
# if defined(_MSC_VER) && !defined(_DLL) && defined(stdin)
# if _MSC_VER>=1300
# undef stdin
# undef stdout
# undef stderr
FILE *__iob_func();
# define stdin (&__iob_func()[0])
# define stdout (&__iob_func()[1])
# define stderr (&__iob_func()[2])
# elif defined(I_CAN_LIVE_WITH_LNK4049)
# undef stdin
# undef stdout
# undef stderr
/* pre-1300 has __p__iob(), but it's available only in msvcrt.lib,
* or in other words with /MD. Declaring implicit import, i.e.
* with _imp_ prefix, works correctly with all compiler options,
* but without /MD results in LINK warning LNK4049:
* 'locally defined symbol "__iob" imported'.
*/
extern FILE *_imp___iob;
# define stdin (&_imp___iob[0])
# define stdout (&_imp___iob[1])
# define stderr (&_imp___iob[2])
# endif
# endif
# endif
# include <io.h>
# include <fcntl.h>
# ifdef OPENSSL_SYS_WINCE
# include <winsock_extras.h>
# endif
# define ssize_t long
# if defined (__BORLANDC__)
# define _setmode setmode
# define _O_TEXT O_TEXT
# define _O_BINARY O_BINARY
# define _int64 __int64
# define _kbhit kbhit
# endif
# if defined(WIN16) && defined(SSLEAY) && defined(_WINEXITNOPERSIST)
# define EXIT(n) _wsetexit(_WINEXITNOPERSIST)
# define OPENSSL_EXIT(n) do { if (n == 0) EXIT(n); return(n); } while(0)
# else
# define EXIT(n) exit(n)
# endif
# define LIST_SEPARATOR_CHAR ';'
# ifndef X_OK
# define X_OK 0
# endif
# ifndef W_OK
# define W_OK 2
# endif
# ifndef R_OK
# define R_OK 4
# endif
# define OPENSSL_CONF "openssl.cnf"
# define SSLEAY_CONF OPENSSL_CONF
# define NUL_DEV "nul"
# define RFILE ".rnd"
# ifdef OPENSSL_SYS_WINCE
# define DEFAULT_HOME ""
# else
# define DEFAULT_HOME "C:"
# endif
#else /* The non-microsoft world world */
# ifdef OPENSSL_SYS_VMS
# define VMS 1
/* some programs don't include stdlib, so exit() and others give implicit
function warnings */
# include <stdlib.h>
# if defined(__DECC)
# include <unistd.h>
# else
# include <unixlib.h>
# endif
# define OPENSSL_CONF "openssl.cnf"
# define SSLEAY_CONF OPENSSL_CONF
# define RFILE ".rnd"
# define LIST_SEPARATOR_CHAR ','
# define NUL_DEV "NLA0:"
/* We don't have any well-defined random devices on VMS, yet... */
# undef DEVRANDOM
/* We need to do this since VMS has the following coding on status codes:
Bits 0-2: status type: 0 = warning, 1 = success, 2 = error, 3 = info ...
The important thing to know is that odd numbers are considered
good, while even ones are considered errors.
Bits 3-15: actual status number
Bits 16-27: facility number. 0 is considered "unknown"
Bits 28-31: control bits. If bit 28 is set, the shell won't try to
output the message (which, for random codes, just looks ugly)
So, what we do here is to change 0 to 1 to get the default success status,
and everything else is shifted up to fit into the status number field, and
the status is tagged as an error, which I believe is what is wanted here.
-- Richard Levitte
*/
# define EXIT(n) do { int __VMS_EXIT = n; \
if (__VMS_EXIT == 0) \
__VMS_EXIT = 1; \
else \
__VMS_EXIT = (n << 3) | 2; \
__VMS_EXIT |= 0x10000000; \
exit(__VMS_EXIT); } while(0)
# define NO_SYS_PARAM_H
# elif defined(OPENSSL_SYS_NETWARE)
# include <fcntl.h>
# include <unistd.h>
# define NO_SYS_TYPES_H
# undef DEVRANDOM
# ifdef NETWARE_CLIB
# define getpid GetThreadID
extern int GetThreadID(void);
/* # include <conio.h> */
extern int kbhit(void);
extern void delay(unsigned milliseconds);
# else
# include <screen.h>
# endif
# define NO_SYSLOG
# define _setmode setmode
# define _kbhit kbhit
# define _O_TEXT O_TEXT
# define _O_BINARY O_BINARY
# define OPENSSL_CONF "openssl.cnf"
# define SSLEAY_CONF OPENSSL_CONF
# define RFILE ".rnd"
# define LIST_SEPARATOR_CHAR ';'
# define EXIT(n) { if (n) printf("ERROR: %d\n", (int)n); exit(n); }
# else
/* !defined VMS */
# ifdef OPENSSL_SYS_MPE
# define NO_SYS_PARAM_H
# endif
# ifdef OPENSSL_UNISTD
# include OPENSSL_UNISTD
# else
# include <unistd.h>
# endif
# ifndef NO_SYS_TYPES_H
# include <sys/types.h>
# endif
# if defined(NeXT) || defined(OPENSSL_SYS_NEWS4)
# define pid_t int /* pid_t is missing on NEXTSTEP/OPENSTEP
* (unless when compiling with -D_POSIX_SOURCE,
* which doesn't work for us) */
# endif
# if defined(NeXT) || defined(OPENSSL_SYS_NEWS4) || defined(OPENSSL_SYS_SUNOS)
# define ssize_t int /* ditto */
# endif
# ifdef OPENSSL_SYS_NEWS4 /* setvbuf is missing on mips-sony-bsd */
# define setvbuf(a, b, c, d) setbuffer((a), (b), (d))
typedef unsigned long clock_t;
# endif
# define OPENSSL_CONF "openssl.cnf"
# define SSLEAY_CONF OPENSSL_CONF
# define RFILE ".rnd"
# define LIST_SEPARATOR_CHAR ':'
# define NUL_DEV "/dev/null"
# define EXIT(n) exit(n)
# endif
# define SSLeay_getpid() getpid()
#endif
/*************/
#ifdef USE_SOCKETS
# if defined(WINDOWS) || defined(MSDOS)
/* windows world */
# ifdef OPENSSL_NO_SOCK
# define SSLeay_Write(a,b,c) (-1)
# define SSLeay_Read(a,b,c) (-1)
# define SHUTDOWN(fd) close(fd)
# define SHUTDOWN2(fd) close(fd)
# elif !defined(__DJGPP__)
# include <winsock.h>
extern HINSTANCE _hInstance;
# ifdef _WIN64
/*
* Even though sizeof(SOCKET) is 8, it's safe to cast it to int, because
* the value constitutes an index in per-process table of limited size
* and not a real pointer.
*/
# define socket(d,t,p) ((int)socket(d,t,p))
# define accept(s,f,l) ((int)accept(s,f,l))
# endif
# define SSLeay_Write(a,b,c) send((a),(b),(c),0)
# define SSLeay_Read(a,b,c) recv((a),(b),(c),0)
# define SHUTDOWN(fd) { shutdown((fd),0); closesocket(fd); }
# define SHUTDOWN2(fd) { shutdown((fd),2); closesocket(fd); }
# else
# define SSLeay_Write(a,b,c) write_s(a,b,c,0)
# define SSLeay_Read(a,b,c) read_s(a,b,c)
# define SHUTDOWN(fd) close_s(fd)
# define SHUTDOWN2(fd) close_s(fd)
# endif
# elif defined(MAC_OS_pre_X)
# include "MacSocket.h"
# define SSLeay_Write(a,b,c) MacSocket_send((a),(b),(c))
# define SSLeay_Read(a,b,c) MacSocket_recv((a),(b),(c),true)
# define SHUTDOWN(fd) MacSocket_close(fd)
# define SHUTDOWN2(fd) MacSocket_close(fd)
# elif defined(OPENSSL_SYS_NETWARE)
/* NetWare uses the WinSock2 interfaces by default, but can be configured for BSD
*/
# if defined(NETWARE_BSDSOCK)
# include <sys/socket.h>
# include <netinet/in.h>
# include <sys/time.h>
# if defined(NETWARE_CLIB)
# include <sys/bsdskt.h>
# else
# include <sys/select.h>
# endif
# define INVALID_SOCKET (int)(~0)
# else
# include <novsock2.h>
# endif
# define SSLeay_Write(a,b,c) send((a),(b),(c),0)
# define SSLeay_Read(a,b,c) recv((a),(b),(c),0)
# define SHUTDOWN(fd) { shutdown((fd),0); closesocket(fd); }
# define SHUTDOWN2(fd) { shutdown((fd),2); closesocket(fd); }
# else
# ifndef NO_SYS_PARAM_H
# include <sys/param.h>
# endif
# ifdef OPENSSL_SYS_VXWORKS
# include <time.h>
# elif !defined(OPENSSL_SYS_MPE)
# include <sys/time.h> /* Needed under linux for FD_XXX */
# endif
# include <netdb.h>
# if defined(OPENSSL_SYS_VMS_NODECC)
# include <socket.h>
# include <in.h>
# include <inet.h>
# else
# include <sys/socket.h>
# ifdef FILIO_H
# include <sys/filio.h> /* Added for FIONBIO under unixware */
# endif
# include <netinet/in.h>
# include <arpa/inet.h>
# endif
# if defined(NeXT) || defined(_NEXT_SOURCE)
# include <sys/fcntl.h>
# include <sys/types.h>
# endif
# ifdef OPENSSL_SYS_AIX
# include <sys/select.h>
# endif
# ifdef __QNX__
# include <sys/select.h>
# endif
# if defined(sun)
# include <sys/filio.h>
# else
# ifndef VMS
# include <sys/ioctl.h>
# else
/* ioctl is only in VMS > 7.0 and when socketshr is not used */
# if !defined(TCPIP_TYPE_SOCKETSHR) && defined(__VMS_VER) && (__VMS_VER > 70000000)
# include <sys/ioctl.h>
# endif
# endif
# endif
# ifdef VMS
# include <unixio.h>
# if defined(TCPIP_TYPE_SOCKETSHR)
# include <socketshr.h>
# endif
# endif
# define SSLeay_Read(a,b,c) read((a),(b),(c))
# define SSLeay_Write(a,b,c) write((a),(b),(c))
# define SHUTDOWN(fd) { shutdown((fd),0); closesocket((fd)); }
# define SHUTDOWN2(fd) { shutdown((fd),2); closesocket((fd)); }
# ifndef INVALID_SOCKET
# define INVALID_SOCKET (-1)
# endif /* INVALID_SOCKET */
# endif
#endif
#if defined(__ultrix)
# ifndef ssize_t
# define ssize_t int
# endif
#endif
#if defined(sun) && !defined(__svr4__) && !defined(__SVR4)
/* include headers first, so our defines don't break it */
#include <stdlib.h>
#include <string.h>
/* bcopy can handle overlapping moves according to SunOS 4.1.4 manpage */
# define memmove(s1,s2,n) bcopy((s2),(s1),(n))
# define strtoul(s,e,b) ((unsigned long int)strtol((s),(e),(b)))
extern char *sys_errlist[]; extern int sys_nerr;
# define strerror(errnum) \
(((errnum)<0 || (errnum)>=sys_nerr) ? NULL : sys_errlist[errnum])
/* Being signed SunOS 4.x memcpy breaks ASN1_OBJECT table lookup */
#include "crypto/o_str.h"
# define memcmp OPENSSL_memcmp
#endif
#ifndef OPENSSL_EXIT
# if defined(MONOLITH) && !defined(OPENSSL_C)
# define OPENSSL_EXIT(n) return(n)
# else
# define OPENSSL_EXIT(n) do { EXIT(n); return(n); } while(0)
# endif
#endif
/***********************************************/
/* do we need to do this for getenv.
* Just define getenv for use under windows */
#ifdef WIN16
/* How to do this needs to be thought out a bit more.... */
/*char *GETENV(char *);
#define Getenv GETENV*/
#define Getenv getenv
#else
#define Getenv getenv
#endif
#define DG_GCC_BUG /* gcc < 2.6.3 on DGUX */
#ifdef sgi
#define IRIX_CC_BUG /* all version of IRIX I've tested (4.* 5.*) */
#endif
#ifdef OPENSSL_SYS_SNI
#define IRIX_CC_BUG /* CDS++ up to V2.0Bsomething suffered from the same bug.*/
#endif
#if defined(OPENSSL_SYS_WINDOWS)
# define strcasecmp _stricmp
# define strncasecmp _strnicmp
#elif defined(OPENSSL_SYS_VMS)
/* VMS below version 7.0 doesn't have strcasecmp() */
# include "o_str.h"
# define strcasecmp OPENSSL_strcasecmp
# define strncasecmp OPENSSL_strncasecmp
# define OPENSSL_IMPLEMENTS_strncasecmp
#elif defined(OPENSSL_SYS_OS2) && defined(__EMX__)
# define strcasecmp stricmp
# define strncasecmp strnicmp
#elif defined(OPENSSL_SYS_NETWARE)
# include <string.h>
# if defined(NETWARE_CLIB)
# define strcasecmp stricmp
# define strncasecmp strnicmp
# endif /* NETWARE_CLIB */
#endif
#if defined(OPENSSL_SYS_OS2) && defined(__EMX__)
# include <io.h>
# include <fcntl.h>
# define NO_SYSLOG
#endif
/* vxworks */
#if defined(OPENSSL_SYS_VXWORKS)
#include <ioLib.h>
#include <tickLib.h>
#include <sysLib.h>
#define TTY_STRUCT int
#define sleep(a) taskDelay((a) * sysClkRateGet())
#include <vxWorks.h>
#include <sockLib.h>
#include <taskLib.h>
#define getpid taskIdSelf
/* NOTE: these are implemented by helpers in database app!
* if the database is not linked, we need to implement them
* elswhere */
struct hostent *gethostbyname(const char *name);
struct hostent *gethostbyaddr(const char *addr, int length, int type);
struct servent *getservbyname(const char *name, const char *proto);
#endif
/* end vxworks */
#ifdef __cplusplus
}
#endif
#endif이제 해당 코드를 컴파일 하여 키를 생성해 보도록 하자.
[byjjoon@ByJJoon SSL]$ gcc -lssl CreatePEM.c
[byjjoon@ByJJoon SSL]$ ./a.out
[byjjoon@ByJJoon SSL]$ ls
a.out CreatePEM.c e_os.h newkey.pem
[byjjoon@ByJJoon SSL]$생성된 키를 아래와 같이 Wireshark 에서 [Edit] - [Preferences] 메뉴에서 아래와 같이 설정 하도록 하자.
적용 후 패킷을 확인해 보도록 하자.
[참고]
http://www.vnsecurity.net/2010/03/codegate-2010-challenge7-weak-ssl-cracking/
http://blog.stalkr.net/2010/03/codegate-decrypting-https-ssl-rsa-768.html
http://linkc.tistory.com/133
