JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_RSA_doEnc (JNIEnv* jenv, jobject jcl, jobject in, jlong inSz, jobject out, jintArray outSz, jobject keyDer, jlong keySz) { int ret; RsaKey myKey; RNG rng; unsigned int idx; unsigned int tmpOut; /* check in and key sz */ if ((inSz < 0) || (keySz < 0)) { return -1; } /* get pointers to our buffers */ unsigned char* inBuf = (*jenv)->GetDirectBufferAddress(jenv, in); if (inBuf == NULL) { printf("problem getting in buffer address\n"); return -1; } unsigned char* outBuf = (*jenv)->GetDirectBufferAddress(jenv, out); if (outBuf == NULL) { printf("problem getting out buffer address\n"); return -1; } unsigned char* keyBuf = (*jenv)->GetDirectBufferAddress(jenv, keyDer); if (keyBuf == NULL) { printf("problem getting key buffer address\n"); return -1; } /* get output buffer size */ (*jenv)->GetIntArrayRegion(jenv, outSz, 0, 1, (jint*)&tmpOut); wc_InitRng(&rng); wc_InitRsaKey(&myKey, NULL); idx = 0; ret = wc_RsaPublicKeyDecode(keyBuf, &idx, &myKey, (unsigned int)keySz); if (ret == 0) { ret = wc_RsaPublicEncrypt(inBuf, (unsigned int)inSz, outBuf, tmpOut, &myKey, &rng); if (ret > 0) { /* save and convert to 0 for success */ (*jenv)->SetIntArrayRegion(jenv, outSz, 0, 1, (jint*)&ret); ret = 0; } } else { printf("wc_RsaPublicKeyDecode failed, ret = %d\n", ret); } wc_FreeRsaKey(&myKey); return ret; }
int RSA_public_encrypt(word32 len, byte* fr, byte* to, RSA* rsa, int padding) { RsaKey *rsaKey = (RsaKey*)rsa->internal, rsaKeyBak; int ret; memcpy(&rsaKeyBak, rsaKey, sizeof(rsaKeyBak)); rsaKey->n = *(mp_int*)rsa->n->internal; rsaKey->e = *(mp_int*)rsa->e->internal; ret = wc_RsaPublicEncrypt(fr, 0, to, len, rsaKey, NULL); memcpy(rsaKey, &rsaKeyBak, sizeof(rsaKeyBak)); return ret; }
int main(void) { board_init(); board_console_init(BOARD_DEBUG_BAUD); SysTick_Config(BOARD_SYSTICK_100MS); PRINTF("ubirch #1 r0.2 RSA/ECC encryption/signature benchmark\r\n"); if (init_ltc() != 0) PRINTF("No LTC, may crash\r\n"); if (init_trng() != 0) error("failed to initialize TRNG"); if (init_board_key(2048) != 0) error("failed to generate key pair"); if (init_recipient_public_key(recipient_pubkey, recipient_pubkey_length)) error("failed to load recipient public key"); byte cipher[256]; // 256 bytes is large enough to store 2048 bit RSA ciphertext word32 plaintextLength = strlen(plaintext); word32 cipherLength = sizeof(cipher); PRINTF("- signing message with board private key\r\n"); uint32_t total = 0; int signatureLength = 0; byte *signature = NULL; for (int i = 0; i < BENCHMARK_LOOPS; i++) { const uint32_t start = timer_read(); signatureLength = wc_SignatureGetSize(WC_SIGNATURE_TYPE_RSA, &board_rsa_key, sizeof(board_rsa_key)); signature = malloc((size_t) signatureLength); if (wc_SignatureGenerate( WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA, (const byte *) plaintext, plaintextLength, signature, (word32 *) &signatureLength, &board_rsa_key, sizeof(board_rsa_key), &rng) != 0) error("failed to sign plain text message"); const uint32_t elapsed = timer_read() - start; total += elapsed; char loop_str[64]; sprintf(loop_str, "%d", i); timestamp(loop_str, elapsed); } timestamp("Average:", total / BENCHMARK_LOOPS); PRINTF("-- SIGNATURE\r\n"); PRINTF("- encrypting message\r\n"); total = 0; int r = -1; for (int i = 0; i < BENCHMARK_LOOPS; i++) { const uint32_t start = timer_read(); r = wc_RsaPublicEncrypt((const byte *) plaintext, plaintextLength, cipher, cipherLength, &recipient_public_key, &rng); if (r < 0) error("failed to encrypt message"); const uint32_t elapsed = timer_read() - start; total += elapsed; char loop_str[64]; sprintf(loop_str, "%d", i); timestamp(loop_str, elapsed); } timestamp("Average:", total / BENCHMARK_LOOPS); PRINTF("-- CIPHER (%d bytes)\r\n", r); wc_FreeRsaKey(&board_rsa_key); wc_FreeRsaKey(&recipient_public_key); PRINTF("THE END\r\n"); while (true) { uint8_t ch = (uint8_t) GETCHAR(); if (ch == '\r') PUTCHAR('\n'); PUTCHAR(ch); } }
int rsa_test(void) { byte* tmp = NULL; size_t bytes; RsaKey key; WC_RNG rng; word32 idx = 0; int ret; byte in[] = "Everyone gets Friday off."; word32 inLen = (word32)XSTRLEN((char*)in); byte out[256]; byte plain[256]; byte* outPtr = NULL; tmp = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (tmp == NULL) { ret = MEMORY_E; goto exit; } XMEMCPY(tmp, privkey_der_2048, sizeof(privkey_der_2048)); bytes = sizeof(privkey_der_2048); ret = wc_InitRsaKey_ex(&key, HEAP_HINT, INVALID_DEVID); if (ret < 0) { goto exit; } ret = wc_RsaPrivateKeyDecode(tmp, &idx, &key, (word32)bytes); if (ret < 0) { goto exit; } printf("Key Size: %d\n", wc_RsaEncryptSize(&key)); ret = wc_InitRng(&rng); if (ret < 0) { goto exit; } #ifdef WC_RSA_BLINDING ret = wc_RsaSetRNG(&key, &rng); if (ret < 0) { goto exit; } #endif ret = wc_RsaPublicEncrypt(in, inLen, out, sizeof(out), &key, &rng); printf("wc_RsaPublicEncrypt: %d\n", ret); if (ret < 0) { goto exit; } idx = ret; /* save off encrypted length */ ret = wc_RsaPrivateDecrypt(out, idx, plain, sizeof(plain), &key); printf("wc_RsaPrivateDecrypt: %d\n", ret); printf("\n%d", ret); if (ret < 0) { goto exit; } if (XMEMCMP(plain, in, ret)) { printf("Compare failed!\n"); goto exit; } ret = wc_RsaSSL_Sign(in, inLen, out, sizeof(out), &key, &rng); printf("wc_RsaSSL_Sign: %d\n", ret); if (ret < 0) { goto exit; } idx = ret; XMEMSET(plain, 0, sizeof(plain)); ret = wc_RsaSSL_VerifyInline(out, idx, &outPtr, &key); printf("wc_RsaSSL_Verify: %d\n", ret); if (ret < 0) { goto exit; } if (XMEMCMP(in, outPtr, ret)) { printf("Compare failed!\n"); goto exit; } ret = 0; /* success */ exit: wc_FreeRsaKey(&key); XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); wc_FreeRng(&rng); return ret; }
/* check mcapi rsa */ static int check_rsa(void) { CRYPT_RSA_CTX mcRsa; RsaKey defRsa; int ret; int ret2; unsigned int keySz = (unsigned int)sizeof(client_key_der_1024); unsigned int idx = 0; byte out1[256]; byte out2[256]; ret = wc_InitRsaKey(&defRsa, NULL); if (ret == 0) ret = CRYPT_RSA_Initialize(&mcRsa); if (ret != 0) { printf("mcapi rsa init failed\n"); return -1; } ret = CRYPT_RSA_PrivateKeyDecode(&mcRsa, client_key_der_1024, keySz); if (ret != 0) { printf("mcapi rsa private key decode failed\n"); return -1; } ret = wc_RsaPrivateKeyDecode(client_key_der_1024, &idx, &defRsa, keySz); if (ret != 0) { printf("default rsa private key decode failed\n"); return -1; } ret = CRYPT_RSA_PublicEncrypt(&mcRsa, out1, sizeof(out1), ourData, RSA_TEST_SIZE, &mcRng); if (ret < 0) { printf("mcapi rsa public encrypt failed\n"); return -1; } ret2 = wc_RsaPublicEncrypt(ourData, RSA_TEST_SIZE, out2, sizeof(out2), &defRsa, &defRng); if (ret2 < 0) { printf("default rsa public encrypt failed\n"); return -1; } if (ret != ret2) { printf("default rsa public encrypt sz != mcapi sz\n"); return -1; } if (ret != CRYPT_RSA_EncryptSizeGet(&mcRsa)) { printf("mcapi encrypt sz get != mcapi sz\n"); return -1; } ret = CRYPT_RSA_PrivateDecrypt(&mcRsa, out2, sizeof(out2), out1, ret); if (ret < 0) { printf("mcapi rsa private derypt failed\n"); return -1; } if (ret != RSA_TEST_SIZE) { printf("mcapi rsa private derypt plain size wrong\n"); return -1; } if (memcmp(out2, ourData, ret) != 0) { printf("mcapi rsa private derypt plain text bad\n"); return -1; } wc_FreeRsaKey(&defRsa); ret = CRYPT_RSA_Free(&mcRsa); if (ret != 0) { printf("mcapi rsa free failed\n"); return -1; } printf("rsa mcapi test passed\n"); return 0; }