JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_RSA_doEnc
(JNIEnv* jenv, jobject jcl, jobject in, jlong inSz, jobject out,
jintArray outSz, jobject keyDer, jlong keySz)
{
int ret;
RsaKey myKey;
RNG rng;
unsigned int idx;
unsigned int tmpOut;
/* check in and key sz */
if ((inSz < 0) || (keySz < 0)) {
return -1;
}
/* get pointers to our buffers */
unsigned char* inBuf = (*jenv)->GetDirectBufferAddress(jenv, in);
if (inBuf == NULL) {
printf("problem getting in buffer address\n");
return -1;
}
unsigned char* outBuf = (*jenv)->GetDirectBufferAddress(jenv, out);
if (outBuf == NULL) {
printf("problem getting out buffer address\n");
return -1;
}
unsigned char* keyBuf = (*jenv)->GetDirectBufferAddress(jenv, keyDer);
if (keyBuf == NULL) {
printf("problem getting key buffer address\n");
return -1;
}
/* get output buffer size */
(*jenv)->GetIntArrayRegion(jenv, outSz, 0, 1, (jint*)&tmpOut);
wc_InitRng(&rng);
wc_InitRsaKey(&myKey, NULL);
idx = 0;
ret = wc_RsaPublicKeyDecode(keyBuf, &idx, &myKey, (unsigned int)keySz);
if (ret == 0) {
ret = wc_RsaPublicEncrypt(inBuf, (unsigned int)inSz, outBuf, tmpOut,
&myKey, &rng);
if (ret > 0) {
/* save and convert to 0 for success */
(*jenv)->SetIntArrayRegion(jenv, outSz, 0, 1, (jint*)&ret);
ret = 0;
}
} else {
printf("wc_RsaPublicKeyDecode failed, ret = %d\n", ret);
}
wc_FreeRsaKey(&myKey);
return ret;
}
JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_RSA_doVerify
(JNIEnv* jenv, jobject jcl, jobject sig, jlong sigSz, jobject out,
jlong outSz, jobject keyDer, jlong keySz)
{
int ret;
RsaKey myKey;
unsigned int idx;
/* check in and key sz */
if ((sigSz < 0) || (keySz < 0) || (outSz < 0)) {
return -1;
}
/* get pointers to our buffers */
unsigned char* sigBuf = (*jenv)->GetDirectBufferAddress(jenv, sig);
if (sigBuf == NULL) {
printf("problem getting sig buffer address\n");
return -1;
}
unsigned char* outBuf = (*jenv)->GetDirectBufferAddress(jenv, out);
if (outBuf == NULL) {
printf("problem getting out buffer address\n");
return -1;
}
unsigned char* keyBuf = (*jenv)->GetDirectBufferAddress(jenv, keyDer);
if (keyBuf == NULL) {
printf("problem getting key buffer address\n");
return -1;
}
wc_InitRsaKey(&myKey, NULL);
idx = 0;
ret = wc_RsaPublicKeyDecode(keyBuf, &idx, &myKey, (unsigned int)keySz);
if (ret == 0) {
ret = wc_RsaSSL_Verify(sigBuf, (unsigned int)sigSz, outBuf,
(unsigned int)outSz, &myKey);
if (ret < 0) {
printf("wc_RsaSSL_Verify failed, ret = %d\n", ret);
return ret;
}
} else {
printf("wc_RsaPublicKeyDecode failed, ret = %d\n", ret);
}
wc_FreeRsaKey(&myKey);
return ret;
}
int main(void)
{
int ret, i;
int sigType;
int nameSz;
int derCertSz;
byte derCert[4096];
word32 idx;
FILE* file;
RsaKey pubKey;
WOLFSSL_X509* cert;
WOLFSSL_EVP_PKEY* pubKeyTmp;
WOLFSSL_X509_NAME* name;
char commonName[80];
char countryName[80];
char localityName[80];
char stateName[80];
char orgName[80];
char orgUnit[80];
/* ------ PARSE ORIGINAL SELF-SIGNED CERTIFICATE ------ */
/* open and read DER-formatted cert into buffer */
file = fopen("../certs/client-cert.der", "rb");
if (!file)
err_sys("can't open client certificate", 0);
derCertSz = fread(derCert, 1, sizeof(derCert), file);
fclose(file);
/* convert cert from DER to internal WOLFSSL_X509 struct */
cert = wolfSSL_X509_d2i(&cert, derCert, derCertSz);
if (cert == NULL)
err_sys("Failed to convert DER to WOLFSSL_X509", 0);
/* ------ EXTRACT CERTIFICATE ELEMENTS ------ */
/* extract PUBLIC KEY from cert */
pubKeyTmp = wolfSSL_X509_get_pubkey(cert);
if (pubKeyTmp == NULL)
err_sys("wolfSSL_X509_get_pubkey failed", 0);
wc_InitRsaKey(&pubKey, 0);
idx = 0;
ret = wc_RsaPublicKeyDecode((byte*)pubKeyTmp->pkey.ptr, &idx, &pubKey,
pubKeyTmp->pkey_sz);
if (ret != 0)
err_sys("wc_RsaPublicKeyDecode failed", ret);
printf("PUBLIC KEY:\n");
for (i = 0; i < pubKeyTmp->pkey_sz; i++) {
printf("%02X", pubKeyTmp->pkey.ptr[i] & 0xFF);
} printf("\n");
/* extract signatureType */
sigType = wolfSSL_X509_get_signature_type(cert);
if (sigType == 0)
err_sys("wolfSSL_X509_get_signature_type failed", 0);
printf("SIG TYPE = %d\n", sigType);
/* extract subjectName info */
name = wolfSSL_X509_get_subject_name(cert);
if (name == NULL)
err_sys("wolfSSL_X509_get_subject_name failed", 0);
nameSz = wolfSSL_X509_NAME_get_text_by_NID(name, ASN_COMMON_NAME,
commonName, sizeof(commonName));
printf("CN = %s (%d)\n", commonName, nameSz);
nameSz = wolfSSL_X509_NAME_get_text_by_NID(name, ASN_COUNTRY_NAME,
countryName, sizeof(countryName));
printf("COUNTRY = %s (%d)\n", countryName, nameSz);
nameSz = wolfSSL_X509_NAME_get_text_by_NID(name, ASN_LOCALITY_NAME,
localityName, sizeof(localityName));
printf("LOCALITY = %s (%d)\n", localityName, nameSz);
nameSz = wolfSSL_X509_NAME_get_text_by_NID(name, ASN_STATE_NAME,
stateName, sizeof(stateName));
printf("STATE = %s (%d)\n", stateName, nameSz);
nameSz = wolfSSL_X509_NAME_get_text_by_NID(name, ASN_ORG_NAME,
orgName, sizeof(orgName));
printf("ORG = %s (%d)\n", orgName, nameSz);
nameSz = wolfSSL_X509_NAME_get_text_by_NID(name, ASN_ORGUNIT_NAME,
orgUnit, sizeof(orgUnit));
printf("ORG UNIT = %s (%d)\n", orgUnit, nameSz);
wolfSSL_EVP_PKEY_free(pubKeyTmp);
wolfSSL_X509_free(cert);
return 0;
}
int init_recipient_public_key(byte *key, size_t length) {
PRINTF("- loading recipient public key\r\n");
word32 idx = 0;
wc_InitRsaKey(&recipient_public_key, NULL); // not using heap hint. No custom memory
return wc_RsaPublicKeyDecode(key, &idx, &recipient_public_key, length);
}
