JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_RSA_doEnc (JNIEnv* jenv, jobject jcl, jobject in, jlong inSz, jobject out, jintArray outSz, jobject keyDer, jlong keySz) { int ret; RsaKey myKey; RNG rng; unsigned int idx; unsigned int tmpOut; /* check in and key sz */ if ((inSz < 0) || (keySz < 0)) { return -1; } /* get pointers to our buffers */ unsigned char* inBuf = (*jenv)->GetDirectBufferAddress(jenv, in); if (inBuf == NULL) { printf("problem getting in buffer address\n"); return -1; } unsigned char* outBuf = (*jenv)->GetDirectBufferAddress(jenv, out); if (outBuf == NULL) { printf("problem getting out buffer address\n"); return -1; } unsigned char* keyBuf = (*jenv)->GetDirectBufferAddress(jenv, keyDer); if (keyBuf == NULL) { printf("problem getting key buffer address\n"); return -1; } /* get output buffer size */ (*jenv)->GetIntArrayRegion(jenv, outSz, 0, 1, (jint*)&tmpOut); wc_InitRng(&rng); wc_InitRsaKey(&myKey, NULL); idx = 0; ret = wc_RsaPublicKeyDecode(keyBuf, &idx, &myKey, (unsigned int)keySz); if (ret == 0) { ret = wc_RsaPublicEncrypt(inBuf, (unsigned int)inSz, outBuf, tmpOut, &myKey, &rng); if (ret > 0) { /* save and convert to 0 for success */ (*jenv)->SetIntArrayRegion(jenv, outSz, 0, 1, (jint*)&ret); ret = 0; } } else { printf("wc_RsaPublicKeyDecode failed, ret = %d\n", ret); } wc_FreeRsaKey(&myKey); return ret; }
JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_RSA_doVerify (JNIEnv* jenv, jobject jcl, jobject sig, jlong sigSz, jobject out, jlong outSz, jobject keyDer, jlong keySz) { int ret; RsaKey myKey; unsigned int idx; /* check in and key sz */ if ((sigSz < 0) || (keySz < 0) || (outSz < 0)) { return -1; } /* get pointers to our buffers */ unsigned char* sigBuf = (*jenv)->GetDirectBufferAddress(jenv, sig); if (sigBuf == NULL) { printf("problem getting sig buffer address\n"); return -1; } unsigned char* outBuf = (*jenv)->GetDirectBufferAddress(jenv, out); if (outBuf == NULL) { printf("problem getting out buffer address\n"); return -1; } unsigned char* keyBuf = (*jenv)->GetDirectBufferAddress(jenv, keyDer); if (keyBuf == NULL) { printf("problem getting key buffer address\n"); return -1; } wc_InitRsaKey(&myKey, NULL); idx = 0; ret = wc_RsaPublicKeyDecode(keyBuf, &idx, &myKey, (unsigned int)keySz); if (ret == 0) { ret = wc_RsaSSL_Verify(sigBuf, (unsigned int)sigSz, outBuf, (unsigned int)outSz, &myKey); if (ret < 0) { printf("wc_RsaSSL_Verify failed, ret = %d\n", ret); return ret; } } else { printf("wc_RsaPublicKeyDecode failed, ret = %d\n", ret); } wc_FreeRsaKey(&myKey); return ret; }
int main(void) { int ret, i; int sigType; int nameSz; int derCertSz; byte derCert[4096]; word32 idx; FILE* file; RsaKey pubKey; WOLFSSL_X509* cert; WOLFSSL_EVP_PKEY* pubKeyTmp; WOLFSSL_X509_NAME* name; char commonName[80]; char countryName[80]; char localityName[80]; char stateName[80]; char orgName[80]; char orgUnit[80]; /* ------ PARSE ORIGINAL SELF-SIGNED CERTIFICATE ------ */ /* open and read DER-formatted cert into buffer */ file = fopen("../certs/client-cert.der", "rb"); if (!file) err_sys("can't open client certificate", 0); derCertSz = fread(derCert, 1, sizeof(derCert), file); fclose(file); /* convert cert from DER to internal WOLFSSL_X509 struct */ cert = wolfSSL_X509_d2i(&cert, derCert, derCertSz); if (cert == NULL) err_sys("Failed to convert DER to WOLFSSL_X509", 0); /* ------ EXTRACT CERTIFICATE ELEMENTS ------ */ /* extract PUBLIC KEY from cert */ pubKeyTmp = wolfSSL_X509_get_pubkey(cert); if (pubKeyTmp == NULL) err_sys("wolfSSL_X509_get_pubkey failed", 0); wc_InitRsaKey(&pubKey, 0); idx = 0; ret = wc_RsaPublicKeyDecode((byte*)pubKeyTmp->pkey.ptr, &idx, &pubKey, pubKeyTmp->pkey_sz); if (ret != 0) err_sys("wc_RsaPublicKeyDecode failed", ret); printf("PUBLIC KEY:\n"); for (i = 0; i < pubKeyTmp->pkey_sz; i++) { printf("%02X", pubKeyTmp->pkey.ptr[i] & 0xFF); } printf("\n"); /* extract signatureType */ sigType = wolfSSL_X509_get_signature_type(cert); if (sigType == 0) err_sys("wolfSSL_X509_get_signature_type failed", 0); printf("SIG TYPE = %d\n", sigType); /* extract subjectName info */ name = wolfSSL_X509_get_subject_name(cert); if (name == NULL) err_sys("wolfSSL_X509_get_subject_name failed", 0); nameSz = wolfSSL_X509_NAME_get_text_by_NID(name, ASN_COMMON_NAME, commonName, sizeof(commonName)); printf("CN = %s (%d)\n", commonName, nameSz); nameSz = wolfSSL_X509_NAME_get_text_by_NID(name, ASN_COUNTRY_NAME, countryName, sizeof(countryName)); printf("COUNTRY = %s (%d)\n", countryName, nameSz); nameSz = wolfSSL_X509_NAME_get_text_by_NID(name, ASN_LOCALITY_NAME, localityName, sizeof(localityName)); printf("LOCALITY = %s (%d)\n", localityName, nameSz); nameSz = wolfSSL_X509_NAME_get_text_by_NID(name, ASN_STATE_NAME, stateName, sizeof(stateName)); printf("STATE = %s (%d)\n", stateName, nameSz); nameSz = wolfSSL_X509_NAME_get_text_by_NID(name, ASN_ORG_NAME, orgName, sizeof(orgName)); printf("ORG = %s (%d)\n", orgName, nameSz); nameSz = wolfSSL_X509_NAME_get_text_by_NID(name, ASN_ORGUNIT_NAME, orgUnit, sizeof(orgUnit)); printf("ORG UNIT = %s (%d)\n", orgUnit, nameSz); wolfSSL_EVP_PKEY_free(pubKeyTmp); wolfSSL_X509_free(cert); return 0; }
int init_recipient_public_key(byte *key, size_t length) { PRINTF("- loading recipient public key\r\n"); word32 idx = 0; wc_InitRsaKey(&recipient_public_key, NULL); // not using heap hint. No custom memory return wc_RsaPublicKeyDecode(key, &idx, &recipient_public_key, length); }