eden-emu/mbedtls
15
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Moved rsa_sign_pss / rsa_verify_pss to use PK for key reading

Browse source
This commit is contained in:
Paul Bakker 2013-09-17 11:39:31 +02:00
parent 1525495330
commit 30520d1776
2 changed files with 40 additions and 29 deletions
Download patch file Download diff file Expand all files Collapse all files

30
programs/pkey/rsa_sign_pss.c
View file

@ -45,7 +45,7 @@
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \ #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \
!defined(POLARSSL_RSA_C) || !defined(POLARSSL_SHA1_C) || \ !defined(POLARSSL_RSA_C) || !defined(POLARSSL_SHA1_C) || \
!defined(POLARSSL_X509_PARSE_C) || !defined(POLARSSL_FS_IO) || \ !defined(POLARSSL_PK_PARSE_C) || !defined(POLARSSL_FS_IO) || \
!defined(POLARSSL_CTR_DRBG_C) !defined(POLARSSL_CTR_DRBG_C)
int main( int argc, char *argv[] ) int main( int argc, char *argv[] )
{ {
@ -54,7 +54,7 @@ int main( int argc, char *argv[] )
printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or " printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or "
"POLARSSL_RSA_C and/or POLARSSL_SHA1_C and/or " "POLARSSL_RSA_C and/or POLARSSL_SHA1_C and/or "
"POLARSSL_X509_PARSE_C and/or POLARSSL_FS_IO and/or " "POLARSSL_PK_PARSE_C and/or POLARSSL_FS_IO and/or "
"POLARSSL_CTR_DRBG_C not defined.\n"); "POLARSSL_CTR_DRBG_C not defined.\n");
return( 0 ); return( 0 );
} }
@ -63,13 +63,14 @@ int main( int argc, char *argv[] )
{ {
FILE *f; FILE *f;
int ret; int ret;
rsa_context rsa; pk_context pk;
entropy_context entropy; entropy_context entropy;
ctr_drbg_context ctr_drbg; ctr_drbg_context ctr_drbg;
unsigned char hash[20]; unsigned char hash[20];
unsigned char buf[POLARSSL_MPI_MAX_SIZE]; unsigned char buf[POLARSSL_MPI_MAX_SIZE];
char filename[512]; char filename[512];
const char *pers = "rsa_sign_pss"; const char *pers = "rsa_sign_pss";
size_t olen = 0;
ret = 1; ret = 1;
@ -99,15 +100,22 @@ int main( int argc, char *argv[] )
printf( "\n . Reading private key from '%s'", argv[1] ); printf( "\n . Reading private key from '%s'", argv[1] );
fflush( stdout ); fflush( stdout );
rsa_init( &rsa, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); pk_init( &pk );
if( ( ret = x509parse_keyfile_rsa( &rsa, argv[1], "" ) ) != 0 ) if( ( ret = pk_parse_keyfile( &pk, argv[1], "" ) ) != 0 )
{ {
ret = 1; ret = 1;
printf( " failed\n ! Could not open '%s'\n", argv[1] ); printf( " failed\n ! Could not open '%s'\n", argv[1] );
goto exit; goto exit;
} }
if( !pk_can_do( &pk, POLARSSL_PK_RSA ) )
{
ret = 1;
printf( " failed\n ! Key is not an RSA key\n" );
goto exit;
}
/* /*
* Compute the SHA-1 hash of the input file, * Compute the SHA-1 hash of the input file,
* then calculate the RSA signature of the hash. * then calculate the RSA signature of the hash.
@ -121,11 +129,10 @@ int main( int argc, char *argv[] )
goto exit; goto exit;
} }
if( ( ret = rsa_pkcs1_sign( &rsa, ctr_drbg_random, &ctr_drbg, if( ( ret = pk_sign( &pk, POLARSSL_MD_SHA1, hash, 0, buf, &olen,
RSA_PRIVATE, POLARSSL_MD_SHA1, ctr_drbg_random, &ctr_drbg ) ) != 0 )
20, hash, buf ) ) != 0 )
{ {
printf( " failed\n ! rsa_pkcs1_sign returned %d\n\n", ret ); printf( " failed\n ! pk_sign returned %d\n\n", ret );
goto exit; goto exit;
} }
@ -141,7 +148,7 @@ int main( int argc, char *argv[] )
goto exit; goto exit;
} }
if( fwrite( buf, 1, rsa.len, f ) != (size_t) rsa.len ) if( fwrite( buf, 1, olen, f ) != olen )
{ {
printf( "failed\n ! fwrite failed\n\n" ); printf( "failed\n ! fwrite failed\n\n" );
goto exit; goto exit;
@ -152,6 +159,7 @@ int main( int argc, char *argv[] )
printf( "\n . Done (created \"%s\")\n\n", filename ); printf( "\n . Done (created \"%s\")\n\n", filename );
exit: exit:
pk_free( &pk );
#if defined(_WIN32) #if defined(_WIN32)
printf( " + Press Enter to exit this program.\n" ); printf( " + Press Enter to exit this program.\n" );
@ -161,5 +169,5 @@ exit:
return( ret ); return( ret );
} }
#endif /* POLARSSL_BIGNUM_C && POLARSSL_ENTROPY_C && POLARSSL_RSA_C && #endif /* POLARSSL_BIGNUM_C && POLARSSL_ENTROPY_C && POLARSSL_RSA_C &&
POLARSSL_SHA1_C && POLARSSL_X509_PARSE_C && POLARSSL_FS_IO && POLARSSL_SHA1_C && POLARSSL_PK_PARSE_C && POLARSSL_FS_IO &&
POLARSSL_CTR_DRBG_C */ POLARSSL_CTR_DRBG_C */

39
programs/pkey/rsa_verify_pss.c
View file

@ -34,7 +34,7 @@
#include "polarssl/md.h" #include "polarssl/md.h"
#include "polarssl/pem.h" #include "polarssl/pem.h"
#include "polarssl/rsa.h" #include "polarssl/pk.h"
#include "polarssl/sha1.h" #include "polarssl/sha1.h"
#include "polarssl/x509.h" #include "polarssl/x509.h"
@ -43,7 +43,7 @@
#endif #endif
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \ #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \
!defined(POLARSSL_SHA1_C) || !defined(POLARSSL_X509_PARSE_C) || \ !defined(POLARSSL_SHA1_C) || !defined(POLARSSL_PK_PARSE_C) || \
!defined(POLARSSL_FS_IO) !defined(POLARSSL_FS_IO)
int main( int argc, char *argv[] ) int main( int argc, char *argv[] )
{ {
@ -51,7 +51,7 @@ int main( int argc, char *argv[] )
((void) argv); ((void) argv);
printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or " printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or "
"POLARSSL_SHA1_C and/or POLARSSL_X509_PARSE_C and/or " "POLARSSL_SHA1_C and/or POLARSSL_PK_PARSE_C and/or "
"POLARSSL_FS_IO not defined.\n"); "POLARSSL_FS_IO not defined.\n");
return( 0 ); return( 0 );
} }
@ -61,7 +61,7 @@ int main( int argc, char *argv[] )
FILE *f; FILE *f;
int ret; int ret;
size_t i; size_t i;
rsa_context rsa; pk_context pk;
unsigned char hash[20]; unsigned char hash[20];
unsigned char buf[POLARSSL_MPI_MAX_SIZE]; unsigned char buf[POLARSSL_MPI_MAX_SIZE];
char filename[512]; char filename[512];
@ -81,11 +81,18 @@ int main( int argc, char *argv[] )
printf( "\n . Reading public key from '%s'", argv[1] ); printf( "\n . Reading public key from '%s'", argv[1] );
fflush( stdout ); fflush( stdout );
rsa_init( &rsa, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); pk_init( &pk );
if( ( ret = x509parse_public_keyfile_rsa( &rsa, argv[1] ) ) != 0 ) if( ( ret = pk_parse_public_keyfile( &pk, argv[1] ) ) != 0 )
{ {
printf( " failed\n ! x509parse_public_key_rsa returned %d\n\n", ret ); printf( " failed\n ! pk_parse_public_keyfile returned %d\n\n", ret );
goto exit;
}
if( !pk_can_do( &pk, POLARSSL_PK_RSA ) )
{
ret = 1;
printf( " failed\n ! Key is not an RSA key\n" );
goto exit; goto exit;
} }
@ -101,16 +108,11 @@ int main( int argc, char *argv[] )
goto exit; goto exit;
} }
i = fread( buf, 1, rsa.len, f );
i = fread( buf, 1, POLARSSL_MPI_MAX_SIZE, f );
fclose( f ); fclose( f );
if( i != rsa.len )
{
printf( "\n ! Invalid RSA signature format\n\n" );
goto exit;
}
/* /*
* Compute the SHA-1 hash of the input file and compare * Compute the SHA-1 hash of the input file and compare
* it with the hash decrypted from the RSA signature. * it with the hash decrypted from the RSA signature.
@ -124,10 +126,10 @@ int main( int argc, char *argv[] )
goto exit; goto exit;
} }
if( ( ret = rsa_pkcs1_verify( &rsa, NULL, NULL, RSA_PUBLIC, if( ( ret = pk_verify( &pk, POLARSSL_MD_SHA1, hash, 0,
POLARSSL_MD_SHA1, 20, hash, buf ) ) != 0 ) buf, i ) ) != 0 )
{ {
printf( " failed\n ! rsa_pkcs1_verify returned %d\n\n", ret ); printf( " failed\n ! pk_verify returned %d\n\n", ret );
goto exit; goto exit;
} }
@ -136,6 +138,7 @@ int main( int argc, char *argv[] )
ret = 0; ret = 0;
exit: exit:
pk_free( &pk );
#if defined(_WIN32) #if defined(_WIN32)
printf( " + Press Enter to exit this program.\n" ); printf( " + Press Enter to exit this program.\n" );
@ -145,4 +148,4 @@ exit:
return( ret ); return( ret );
} }
#endif /* POLARSSL_BIGNUM_C && POLARSSL_RSA_C && POLARSSL_SHA1_C && #endif /* POLARSSL_BIGNUM_C && POLARSSL_RSA_C && POLARSSL_SHA1_C &&
POLARSSL_X509_PARSE_C && POLARSSL_FS_IO */ POLARSSL_PK_PARSE_C && POLARSSL_FS_IO */