JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_RSA_doSign
  (JNIEnv* jenv, jobject jcl, jobject in, jlong inSz, jobject out,
   jintArray outSz, jobject keyDer, jlong keySz)
{
    int     ret;
    RNG     rng;
    RsaKey  myKey;
    unsigned int idx;
    unsigned int tmpOut;

    /* check in and key sz */
    if ((inSz  < 0) || (keySz < 0)) {
        return -1;
    }

    /* get pointers to our buffers */
    unsigned char* inBuf = (*jenv)->GetDirectBufferAddress(jenv, in);
    if (inBuf == NULL) {
        printf("problem getting in buffer address\n");
        return -1;
    }

    unsigned char* outBuf = (*jenv)->GetDirectBufferAddress(jenv, out);
    if (outBuf == NULL) {
        printf("problem getting out buffer address\n");
        return -1;
    }

    unsigned char* keyBuf = (*jenv)->GetDirectBufferAddress(jenv, keyDer);
    if (keyBuf == NULL) {
        printf("problem getting key buffer address\n");
        return -1;
    }

    /* get output buffer size */
    (*jenv)->GetIntArrayRegion(jenv, outSz, 0, 1, (jint*)&tmpOut);

    wc_InitRng(&rng);
    wc_InitRsaKey(&myKey, NULL);

    idx = 0;

    ret = wc_RsaPrivateKeyDecode(keyBuf, &idx, &myKey, (unsigned int)keySz);
    if (ret == 0) {
        ret = wc_RsaSSL_Sign(inBuf, (unsigned int)inSz, outBuf, tmpOut,
                &myKey, &rng);
        if (ret > 0) {
            /* save and convert to 0 for success */
            (*jenv)->SetIntArrayRegion(jenv, outSz, 0, 1, (jint*)&tmpOut);
            ret = 0;
        }
    } else {
        printf("wc_RsaPrivateKeyDecode failed, ret = %d\n", ret);
    }

    wc_FreeRsaKey(&myKey);

    return ret;
}
JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_RSA_doVerify
  (JNIEnv* jenv, jobject jcl, jobject sig, jlong sigSz, jobject out,
   jlong outSz, jobject keyDer, jlong keySz)
{
    int     ret;
    RsaKey  myKey;
    unsigned int idx;

    /* check in and key sz */
    if ((sigSz < 0) || (keySz < 0) || (outSz < 0)) {
        return -1;
    }

    /* get pointers to our buffers */
    unsigned char* sigBuf = (*jenv)->GetDirectBufferAddress(jenv, sig);
    if (sigBuf == NULL) {
        printf("problem getting sig buffer address\n");
        return -1;
    }

    unsigned char* outBuf = (*jenv)->GetDirectBufferAddress(jenv, out);
    if (outBuf == NULL) {
        printf("problem getting out buffer address\n");
        return -1;
    }

    unsigned char* keyBuf = (*jenv)->GetDirectBufferAddress(jenv, keyDer);
    if (keyBuf == NULL) {
        printf("problem getting key buffer address\n");
        return -1;
    }

    wc_InitRsaKey(&myKey, NULL);
    idx = 0;

    ret = wc_RsaPublicKeyDecode(keyBuf, &idx, &myKey, (unsigned int)keySz);
    if (ret == 0) {
        ret = wc_RsaSSL_Verify(sigBuf, (unsigned int)sigSz, outBuf,
                (unsigned int)outSz, &myKey);
        if (ret < 0) {
            printf("wc_RsaSSL_Verify failed, ret = %d\n", ret);
            return ret;
        }
    } else {
        printf("wc_RsaPublicKeyDecode failed, ret = %d\n", ret);
    }

    wc_FreeRsaKey(&myKey);

    return ret;
}
Beispiel #3
0
int init_board_key(unsigned int size) {
  PRINTF("- benchmarking ED25519\r\n");

  bench_ed25519KeyGen();
  bench_ed25519KeySign();

  PRINTF("- generating board private key (please wait)\r\n");

  wc_InitRsaKey(&board_rsa_key, NULL);

  word32 idx = 0;
  int r = wc_RsaPrivateKeyDecode(test_der, &idx, &board_rsa_key, test_der_len);
  // int r = wc_MakeRsaKey(&board_rsa_key, size, 65537, &rng);
  if (r != 0) return r;

//  PRINTF("-- BOARD PRIVATE KEY\r\n");
//  print_private_key(&board_rsa_key);
//
  PRINTF("-- BOARD PUBLIC KEY\r\n");
  print_public_key(&board_rsa_key);
  return 0;
}
Beispiel #4
0
int main(void)
{
    int   ret, i;
    int   sigType;
    int   nameSz;
    int   derCertSz;
    byte  derCert[4096];
    word32 idx;
    FILE* file;

    RsaKey pubKey;
    WOLFSSL_X509* cert;
    WOLFSSL_EVP_PKEY* pubKeyTmp;
    WOLFSSL_X509_NAME* name;

    char commonName[80];
    char countryName[80];
    char localityName[80];
    char stateName[80];
    char orgName[80];
    char orgUnit[80];

    /* ------ PARSE ORIGINAL SELF-SIGNED CERTIFICATE ------ */

    /* open and read DER-formatted cert into buffer */
    file = fopen("../certs/client-cert.der", "rb");
    if (!file)
        err_sys("can't open client certificate", 0);

    derCertSz = fread(derCert, 1, sizeof(derCert), file);
    fclose(file);

    /* convert cert from DER to internal WOLFSSL_X509 struct */
    cert = wolfSSL_X509_d2i(&cert, derCert, derCertSz);
    if (cert == NULL)
        err_sys("Failed to convert DER to WOLFSSL_X509", 0);

    /* ------ EXTRACT CERTIFICATE ELEMENTS ------ */

    /* extract PUBLIC KEY from cert */
    pubKeyTmp = wolfSSL_X509_get_pubkey(cert);
    if (pubKeyTmp == NULL)
        err_sys("wolfSSL_X509_get_pubkey failed", 0);

    wc_InitRsaKey(&pubKey, 0);
    idx = 0;
    ret = wc_RsaPublicKeyDecode((byte*)pubKeyTmp->pkey.ptr, &idx, &pubKey,
                                pubKeyTmp->pkey_sz);
    if (ret != 0)
        err_sys("wc_RsaPublicKeyDecode failed", ret);

    printf("PUBLIC KEY:\n");
    for (i = 0; i < pubKeyTmp->pkey_sz; i++) {
        printf("%02X", pubKeyTmp->pkey.ptr[i] & 0xFF);
    } printf("\n");

    /* extract signatureType */
    sigType = wolfSSL_X509_get_signature_type(cert);
    if (sigType == 0)
        err_sys("wolfSSL_X509_get_signature_type failed", 0);
    printf("SIG TYPE = %d\n", sigType);

    /* extract subjectName info */
    name = wolfSSL_X509_get_subject_name(cert);
    if (name == NULL)
        err_sys("wolfSSL_X509_get_subject_name failed", 0);

    nameSz = wolfSSL_X509_NAME_get_text_by_NID(name, ASN_COMMON_NAME,
                                            commonName, sizeof(commonName));
    printf("CN = %s (%d)\n", commonName, nameSz);

    nameSz = wolfSSL_X509_NAME_get_text_by_NID(name, ASN_COUNTRY_NAME,
                                            countryName, sizeof(countryName));
    printf("COUNTRY = %s (%d)\n", countryName, nameSz);

    nameSz = wolfSSL_X509_NAME_get_text_by_NID(name, ASN_LOCALITY_NAME,
                                            localityName, sizeof(localityName));
    printf("LOCALITY = %s (%d)\n", localityName, nameSz);

    nameSz = wolfSSL_X509_NAME_get_text_by_NID(name, ASN_STATE_NAME,
                                            stateName, sizeof(stateName));
    printf("STATE = %s (%d)\n", stateName, nameSz);

    nameSz = wolfSSL_X509_NAME_get_text_by_NID(name, ASN_ORG_NAME,
                                            orgName, sizeof(orgName));
    printf("ORG = %s (%d)\n", orgName, nameSz);

    nameSz = wolfSSL_X509_NAME_get_text_by_NID(name, ASN_ORGUNIT_NAME,
                                            orgUnit, sizeof(orgUnit));
    printf("ORG UNIT = %s (%d)\n", orgUnit, nameSz);

    wolfSSL_EVP_PKEY_free(pubKeyTmp);
    wolfSSL_X509_free(cert);

    return 0;
}
Beispiel #5
0
int init_recipient_public_key(byte *key, size_t length) {
  PRINTF("- loading recipient public key\r\n");
  word32 idx = 0;
  wc_InitRsaKey(&recipient_public_key, NULL); // not using heap hint. No custom memory
  return wc_RsaPublicKeyDecode(key, &idx, &recipient_public_key, length);
}
Beispiel #6
0
/* check mcapi rsa */
static int check_rsa(void)
{
    CRYPT_RSA_CTX mcRsa;
    RsaKey        defRsa;
    int           ret;
    int           ret2;
    unsigned int  keySz = (unsigned int)sizeof(client_key_der_1024);
    unsigned int  idx   = 0;
    byte          out1[256];
    byte          out2[256];

    ret = wc_InitRsaKey(&defRsa, NULL);
    if (ret == 0)
        ret = CRYPT_RSA_Initialize(&mcRsa);
    if (ret != 0) {
        printf("mcapi rsa init failed\n");
        return -1;
    }

    ret = CRYPT_RSA_PrivateKeyDecode(&mcRsa, client_key_der_1024, keySz);
    if (ret != 0) {
        printf("mcapi rsa private key decode failed\n");
        return -1;
    }

    ret = wc_RsaPrivateKeyDecode(client_key_der_1024, &idx, &defRsa, keySz);
    if (ret != 0) {
        printf("default rsa private key decode failed\n");
        return -1;
    }

    ret = CRYPT_RSA_PublicEncrypt(&mcRsa, out1, sizeof(out1), ourData,
                                  RSA_TEST_SIZE, &mcRng);
    if (ret < 0) {
        printf("mcapi rsa public encrypt failed\n");
        return -1;
    }

    ret2 = wc_RsaPublicEncrypt(ourData, RSA_TEST_SIZE, out2, sizeof(out2),
                            &defRsa, &defRng);
    if (ret2 < 0) {
        printf("default rsa public encrypt failed\n");
        return -1;
    }

    if (ret != ret2) {
        printf("default rsa public encrypt sz != mcapi sz\n");
        return -1;
    }

    if (ret != CRYPT_RSA_EncryptSizeGet(&mcRsa)) {
        printf("mcapi encrypt sz get != mcapi sz\n");
        return -1;
    }

    ret = CRYPT_RSA_PrivateDecrypt(&mcRsa, out2, sizeof(out2), out1, ret); 
    if (ret < 0) {
        printf("mcapi rsa private derypt failed\n");
        return -1;
    }

    if (ret != RSA_TEST_SIZE) {
        printf("mcapi rsa private derypt plain size wrong\n");
        return -1;
    }

    if (memcmp(out2, ourData, ret) != 0) {
        printf("mcapi rsa private derypt plain text bad\n");
        return -1;
    }

    wc_FreeRsaKey(&defRsa);
    ret = CRYPT_RSA_Free(&mcRsa);
    if (ret != 0) {
        printf("mcapi rsa free failed\n");
        return -1;
    }
    
    printf("rsa         mcapi test passed\n");

    return 0;
}