From 6116f5f6cfc2ddb1a15736f98fdba0b2ab336d99 Mon Sep 17 00:00:00 2001
From: Nikolay Neupokoev <neupokoev.n@gmail.com>
Date: Tue, 22 Oct 2024 16:25:28 -0700
Subject: [PATCH] Add RSA code; move YAML

---
 cli/CMakeLists.txt                          |   2 +
 {yaml => serialization/yaml}/CMakeLists.txt |   0
 {yaml => serialization/yaml}/config.yaml    |   0
 {yaml => serialization/yaml}/yaml.cpp       |   0
 src/SUMMARY.md                              |   2 +-
 src/crypto/README.md                        |  11 +-
 src/crypto/rsa_encrypt_decrypt.md           | 118 ++++++++++++++++++++
 src/crypto/sha.md                           |   4 +
 src/serialization/README.md                 |   6 +
 9 files changed, 139 insertions(+), 4 deletions(-)
 rename {yaml => serialization/yaml}/CMakeLists.txt (100%)
 rename {yaml => serialization/yaml}/config.yaml (100%)
 rename {yaml => serialization/yaml}/yaml.cpp (100%)

diff --git a/cli/CMakeLists.txt b/cli/CMakeLists.txt
index a093645..31c2685 100644
--- a/cli/CMakeLists.txt
+++ b/cli/CMakeLists.txt
@@ -2,6 +2,8 @@
 include_directories(thirdparty)
 add_executable(cryptor cryptor.cpp)
 
+#-----------------------------------
+
 include(FetchContent)
 
 FetchContent_Declare(ftxui
diff --git a/yaml/CMakeLists.txt b/serialization/yaml/CMakeLists.txt
similarity index 100%
rename from yaml/CMakeLists.txt
rename to serialization/yaml/CMakeLists.txt
diff --git a/yaml/config.yaml b/serialization/yaml/config.yaml
similarity index 100%
rename from yaml/config.yaml
rename to serialization/yaml/config.yaml
diff --git a/yaml/yaml.cpp b/serialization/yaml/yaml.cpp
similarity index 100%
rename from yaml/yaml.cpp
rename to serialization/yaml/yaml.cpp
diff --git a/src/SUMMARY.md b/src/SUMMARY.md
index 05277d5..8970061 100644
--- a/src/SUMMARY.md
+++ b/src/SUMMARY.md
@@ -50,8 +50,8 @@
 - [LLVM]()
 - [Lua]()
 - [Cryptography](./crypto/README.md)
-  - [SHA256](./crypto/sha.md)
   - [RSA](./crypto/rsa_encrypt_decrypt.md)
+  - [SHA256](./crypto/sha.md)
 - [Audio]()
 - [Optimization]()
   - [Big files]()
diff --git a/src/crypto/README.md b/src/crypto/README.md
index 504d2a7..d8eeefd 100644
--- a/src/crypto/README.md
+++ b/src/crypto/README.md
@@ -1,5 +1,10 @@
-# RSA
+# Cryptography
 
-You cannot do a "private encrypt" operation using EVP_PKEY_encrypt. That function only does a public encrypt operation. Similarly you cannot do "public decrypt" with EVP_PKEY_decrypt.
+## RSA
+
+- [Encrypt - Decrypt](./rsa_encrypt_decrypt.md)
+
+## Hashes
+
+- [SHA256](./sha.md)
 
-In reality a "private encrypt" operation is more commonly known as a signature. You need to use EVP_PKEY_sign for that. A "public decrypt" operaiton is more commonly known as a verify. You need to use EVP_PKEY_verify for that.
\ No newline at end of file
diff --git a/src/crypto/rsa_encrypt_decrypt.md b/src/crypto/rsa_encrypt_decrypt.md
index 38a585c..f4fff37 100644
--- a/src/crypto/rsa_encrypt_decrypt.md
+++ b/src/crypto/rsa_encrypt_decrypt.md
@@ -1 +1,119 @@
 # RSA
+
+You cannot do a "private encrypt" operation using `EVP_PKEY_encrypt`. That function only does a public encrypt operation. Similarly you cannot do "public decrypt" with `EVP_PKEY_decrypt`.
+
+In reality a "private encrypt" operation is more commonly known as a signature. You need to use `EVP_PKEY_sign` for that. A "public decrypt" operaiton is more commonly known as a verify. You need to use `EVP_PKEY_verify` for that.
+
+## Load public key
+
+```cpp
+OSSL_DECODER_CTX *dctx;
+EVP_PKEY *pkey = NULL;
+const char *format = "PEM";
+const char *structure = NULL; // any structure
+const char *keytype = "RSA";
+dctx = OSSL_DECODER_CTX_new_for_pkey(&pkey, format, structure,
+    keytype,
+    OSSL_KEYMGMT_SELECT_PUBLIC_KEY,
+    NULL, NULL);
+
+if(!dctx)
+{
+    unsigned long e = ERR_get_error();
+    print_error("Key decoder hiccup: '%X'.\n", e);
+    return NULL;
+}
+size_t size = key_size;
+// data pointer will be changed
+const unsigned char *data = const_cast<const unsigned char*>(key);
+if (!OSSL_DECODER_from_data(dctx, &data, &size)) {
+    unsigned long e = ERR_get_error();
+    print_error("Key decoding error: '%X'.\n", e);
+    print_error("load_rsa RSA error: %s %s %s\n", 
+        ERR_lib_error_string(e), 
+        ERR_reason_error_string(e),
+        ERR_error_string(e, NULL)
+    );
+}
+OSSL_DECODER_CTX_free(dctx);
+free(key);
+```
+
+## Encypt buffer
+
+```cpp
+const size_t pwd_buffer_size = 512;
+unsigned char pwd_buffer[pwd_buffer_size];
+memset(pwd_buffer, 0x00, pwd_buffer_size);
+// signs the `res_k0` using the private key rsa and stores the signature in `pwd_buffer`
+size_t pwd_size = pwd_buffer_size;
+EVP_PKEY *pkey = rsa;
+EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new(pkey, NULL);
+EVP_PKEY_encrypt_init(ctx);
+EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING);
+EVP_PKEY_encrypt(ctx, pwd_buffer, &pwd_size, res_k0, key_size);
+EVP_PKEY_CTX_free(ctx);
+```
+
+## Load private key with password
+
+```cpp
+OSSL_DECODER_CTX *dctx;
+EVP_PKEY *pkey = NULL;
+const char *format = "PEM";
+const char *structure = NULL; // any structure
+const char *keytype = "RSA";
+dctx = OSSL_DECODER_CTX_new_for_pkey(&pkey, format, structure,
+    keytype,
+    OSSL_KEYMGMT_SELECT_KEYPAIR,
+    NULL, NULL);
+
+if(!dctx)
+{
+    int e = ERR_get_error();
+    print_error("decoder hiccup: '%X'.\n", e);
+    return;
+}
+
+OSSL_DECODER_CTX_set_passphrase_cb(dctx, &pass_cb, NULL);
+
+size_t size = key_size;
+// data pointer will be changed
+const unsigned char *data = const_cast<const unsigned char*>(key); 
+if (!OSSL_DECODER_from_data(dctx, &data, &size)) {
+    int e = ERR_get_error();
+    print_error("decoding error: '%X'.\n", e);
+}
+OSSL_DECODER_CTX_free(dctx);
+```
+
+## Decrypt buffer
+
+```cpp
+const size_t buffer_size = 512;
+unsigned char crypted_pwd[buffer_size];
+memcpy(crypted_pwd, crypted, buffer_size);
+
+unsigned char pwd[buffer_size];
+memset(pwd, 0x00, buffer_size);
+size_t pwd_size = buffer_size;
+
+EVP_PKEY *pkey = _rsa;
+EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new(pkey, NULL);
+EVP_PKEY_decrypt_init(ctx);
+EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING);
+bool decrypt_ok = EVP_PKEY_decrypt(ctx, pwd, &pwd_size, crypted_pwd, buffer_size) == 1;
+EVP_PKEY_CTX_free(ctx);
+
+if(!decrypt_ok)
+{
+    unsigned long e = ERR_get_error();
+    print_error("Can't decrypt '%X'\n", e);
+    print_error("decrypt: %s %s %s\n", 
+        ERR_lib_error_string(e), 
+        ERR_reason_error_string(e),
+        ERR_error_string(e, NULL)
+    );
+    return false;
+}
+```
\ No newline at end of file
diff --git a/src/crypto/sha.md b/src/crypto/sha.md
index d27936c..5dbb139 100644
--- a/src/crypto/sha.md
+++ b/src/crypto/sha.md
@@ -1 +1,5 @@
 # SHA256
+
+```cpp
+{{#include ../../cryptography/sha256-test.cpp}}
+```
\ No newline at end of file
diff --git a/src/serialization/README.md b/src/serialization/README.md
index 0dfc62d..d793f6d 100644
--- a/src/serialization/README.md
+++ b/src/serialization/README.md
@@ -1 +1,7 @@
 # Serialization
+
+## JSON
+
+## YAML
+
+## Binary
\ No newline at end of file