/*
* Check if contexts holding a public and private key match
*/
int rsa_check_pub_priv( const rsa_context *pub, const rsa_context *prv )
{
if( rsa_check_pubkey( pub ) != 0 ||
rsa_check_privkey( prv ) != 0 )
{
return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED );
}
if( mpi_cmp_mpi( &pub->N, &prv->N ) != 0 ||
mpi_cmp_mpi( &pub->E, &prv->E ) != 0 )
{
return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED );
}
return( 0 );
}
result_t PKey::isPrivate(bool &retVal)
{
pk_type_t type = pk_get_type(&m_key);
if (type == POLARSSL_PK_RSA)
{
retVal = rsa_check_privkey(pk_rsa(m_key)) == 0;
return 0;
}
if (type == POLARSSL_PK_ECKEY)
{
ecp_keypair *ecp = pk_ec(m_key);
retVal = ecp_check_privkey(&ecp->grp, &ecp->d) == 0;
return 0;
}
return CHECK_ERROR(CALL_E_INVALID_CALL);
}
kal_bool che_sw_rsa(STCHE* che_context, CHE_ACTION act, kal_uint8* data_src, kal_uint8* data_dst, kal_int32 length, kal_bool last_block){
rsa_context rsa;
memset( &rsa, 0, sizeof( rsa ) );
rsa.len = length;
mpi_read( &rsa.N , che_context->modulusN, 16, che_context->modulusNLen );
mpi_read( &rsa.E , che_context->pubExp, 16, che_context->pubExpLen );
mpi_read( &rsa.D , che_context->privExpD, 16, che_context->privExpDLen );
mpi_read( &rsa.P , che_context->primeP, 16, che_context->primePLen );
mpi_read( &rsa.Q , che_context->primeQ, 16,che_context->primeQLen );
mpi_read( &rsa.DP, che_context->dModPm1, 16,che_context->dModPm1Len );
mpi_read( &rsa.DQ, che_context->dModQm1, 16,che_context->dModQm1Len );
mpi_read( &rsa.QP, che_context->qInvModP, 16,che_context->qInvModPLen );
if( rsa_check_pubkey( &rsa ) != 0 || rsa_check_privkey( &rsa ) != 0 ){
ASSERT(0);
}
switch (act){
case RSA_PUBLIC_ENC:
if( rsa_public_encrypt( &rsa, data_src, length, data_dst, length ) != 0 ){
ASSERT(0);
}
break;
case RSA_PUBLIC_DEC:
if( rsa_public_decrypt( &rsa, data_src, length, data_dst, length ) != 0 ){
ASSERT(0);
}
break;
case RSA_PRIVATE_ENC:
if( rsa_private_encrypt( &rsa, data_src, length, data_dst, length ) != 0 ){
ASSERT(0);
}
break;
case RSA_PRIVATE_DEC:
if( rsa_private_decrypt( &rsa, data_src, length, data_dst, length ) != 0 ){
ASSERT(0);
}
break;
default:
return KAL_FALSE;
}
return KAL_TRUE;
}
int ctr_rsa_init(ctr_rsa_context* ctx, rsakey2048* key)
{
rsa_init(&ctx->rsa, RSA_PKCS_V15, 0);
ctx->rsa.len = 0x100;
if (key->keytype == RSAKEY_INVALID)
goto clean;
if (mpi_read_binary(&ctx->rsa.N, key->n, sizeof(key->n)))
goto clean;
if (mpi_read_binary(&ctx->rsa.E, key->e, sizeof(key->e)))
goto clean;
if (rsa_check_pubkey(&ctx->rsa))
goto clean;
if (key->keytype == RSAKEY_PRIV)
{
if (mpi_read_binary(&ctx->rsa.D, key->d, sizeof(key->d)))
goto clean;
if (mpi_read_binary(&ctx->rsa.P, key->p, sizeof(key->p)))
goto clean;
if (mpi_read_binary(&ctx->rsa.Q, key->q, sizeof(key->q)))
goto clean;
if (mpi_read_binary(&ctx->rsa.DP, key->dp, sizeof(key->dp)))
goto clean;
if (mpi_read_binary(&ctx->rsa.DQ, key->dq, sizeof(key->dq)))
goto clean;
if (mpi_read_binary(&ctx->rsa.QP, key->qp, sizeof(key->qp)))
goto clean;
if (rsa_check_privkey(&ctx->rsa))
goto clean;
}
return 1;
clean:
return 0;
}
int to_private_key(lua_State* L, rsa_context* Prsa) {
int ret = 0;
int index;
if ( !Prsa)
return -1;
memset( Prsa, 0, sizeof( rsa_context ) );
index = lua_gettop(L);
ret += mpi_get_field(L, index, "N" , &Prsa->N , 16 );
ret += mpi_get_field(L, index, "E" , &Prsa->E , 16 );
ret += mpi_get_field(L, index, "D" , &Prsa->D , 16 );
ret += mpi_get_field(L, index, "P" , &Prsa->P , 16 );
ret += mpi_get_field(L, index, "Q" , &Prsa->Q , 16 );
ret += mpi_get_field(L, index, "DP", &Prsa->DP, 16 );
ret += mpi_get_field(L, index, "DQ", &Prsa->DQ, 16 );
ret += mpi_get_field(L, index, "QP", &Prsa->QP, 16 );
if(ret = rsa_check_privkey(Prsa))
printf("Erro na chave privada (%d)", ret);
return ret;
}
TEST_FIXTURE(HandshakeFixture, FixturePrivateKeyIsValid)
{
rsa_context rsa;
init_rsa_context_with_private_key(&rsa, private_key);
CHECK_EQUAL(0, rsa_check_privkey(&rsa));
}
/*
* Checkup routine
*/
int rsa_self_test( int verbose )
{
int len;
rsa_context rsa;
unsigned char sha1sum[20];
unsigned char rsa_plaintext[PT_LEN];
unsigned char rsa_decrypted[PT_LEN];
unsigned char rsa_ciphertext[KEY_LEN];
memset( &rsa, 0, sizeof( rsa_context ) );
rsa.len = KEY_LEN;
mpi_read_string( &rsa.N , 16, RSA_N );
mpi_read_string( &rsa.E , 16, RSA_E );
mpi_read_string( &rsa.D , 16, RSA_D );
mpi_read_string( &rsa.P , 16, RSA_P );
mpi_read_string( &rsa.Q , 16, RSA_Q );
mpi_read_string( &rsa.DP, 16, RSA_DP );
mpi_read_string( &rsa.DQ, 16, RSA_DQ );
mpi_read_string( &rsa.QP, 16, RSA_QP );
if( verbose != 0 )
printf( " RSA key validation: " );
if( rsa_check_pubkey( &rsa ) != 0 ||
rsa_check_privkey( &rsa ) != 0 )
{
if( verbose != 0 )
printf( "failed\n" );
return( 1 );
}
if( verbose != 0 )
printf( "passed\n PKCS#1 encryption : " );
memcpy( rsa_plaintext, RSA_PT, PT_LEN );
if( rsa_pkcs1_encrypt( &rsa, RSA_PUBLIC, PT_LEN,
rsa_plaintext, rsa_ciphertext ) != 0 )
{
if( verbose != 0 )
printf( "failed\n" );
return( 1 );
}
if( verbose != 0 )
printf( "passed\n PKCS#1 decryption : " );
if( rsa_pkcs1_decrypt( &rsa, RSA_PRIVATE, &len,
rsa_ciphertext, rsa_decrypted,
sizeof(rsa_decrypted) ) != 0 )
{
if( verbose != 0 )
printf( "failed\n" );
return( 1 );
}
if( memcmp( rsa_decrypted, rsa_plaintext, len ) != 0 )
{
if( verbose != 0 )
printf( "failed\n" );
return( 1 );
}
if( verbose != 0 )
printf( "passed\n PKCS#1 data sign : " );
sha1( rsa_plaintext, PT_LEN, sha1sum );
if( rsa_pkcs1_sign( &rsa, RSA_PRIVATE, SIG_RSA_SHA1, 20,
sha1sum, rsa_ciphertext ) != 0 )
{
if( verbose != 0 )
printf( "failed\n" );
return( 1 );
}
if( verbose != 0 )
printf( "passed\n PKCS#1 sig. verify: " );
if( rsa_pkcs1_verify( &rsa, RSA_PUBLIC, SIG_RSA_SHA1, 20,
sha1sum, rsa_ciphertext ) != 0 )
{
if( verbose != 0 )
printf( "failed\n" );
return( 1 );
}
if( verbose != 0 )
printf( "passed\n\n" );
rsa_free( &rsa );
return( 0 );
}
int main(int argc, char** argv) {
int ret;
FILE* fp;
// Assumes no private key password
ret = x509parse_keyfile(&privrsa, (char*)PRIVATEKEYFILE, NULL);
if (ret != 0) {
printf(" ! x509parse_keyfile returned %d\n\n", ret);
return -1;
}
if (rsa_check_pubkey(&privrsa) != 0 || rsa_check_privkey(&privrsa) != 0) {
printf("public/private key validation failed.\n");
return -2;
}
printf("Private/Public key loaded. Encrypting message.\n");
if (rsa_pkcs1_encrypt(&privrsa, RSA_PUBLIC, strlen(MESSAGE),
(unsigned char*)MESSAGE, rsa_ciphertext) != 0) {
printf("Encryption of message failed\n");
return -3;
}
printf("Encryption complete. Output in message.crypt\n");
fp = fopen("message.crypt", "wb");
if (!fp) {
printf("Error opening message.crypt\n");
return -4;
}
fwrite(rsa_ciphertext, 128, 1, fp);
fclose(fp);
memset(&rsa_ciphertext, 0, sizeof(rsa_ciphertext));
// Now sign the message.
sha1((unsigned char*)MESSAGE, strlen(MESSAGE), hash);
// for (int i = 0; i < 20; i++)
// printf("%02X%s", hash[i], (i + 1) % 16 == 0 ? "\r\n" : " ");
// if (rsa_pkcs1_sign(&privrsa, RSA_PRIVATE, RSA_SHA1, 20, hash, rsa_ciphertext) != 0) {
if (rsa_pkcs1_sign(&privrsa, RSA_PRIVATE, RSA_SHA1, 20, hash, rsa_ciphertext) != 0) {
printf("Signature failed.\n");
return -5;
}
printf("Signing complete. Output in message.sig\n");
fp = fopen("message.sig", "wb");
if (!fp) {
printf("Error opening message.sig\n");
return -4;
}
fwrite(rsa_ciphertext, 128, 1, fp);
fclose(fp);
return 0;
}
/*
* Parse a private RSA key
*/
int rsa_parse_key( rsa_context *rsa, unsigned char *buf, int buflen,
unsigned char *pwd, int pwdlen )
{
int ret, len, enc;
unsigned char *s1, *s2;
unsigned char *p, *end;
s1 = (unsigned char *) strstr( (char *) buf,
"-----BEGIN RSA PRIVATE KEY-----" );
if( s1 != NULL )
{
s2 = (unsigned char *) strstr( (char *) buf,
"-----END RSA PRIVATE KEY-----" );
if( s2 == NULL || s2 <= s1 )
return( POLARSSL_ERR_X509_KEY_INVALID_PEM );
s1 += 31;
if( *s1 == '\r' ) s1++;
if( *s1 == '\n' ) s1++;
else return( POLARSSL_ERR_X509_KEY_INVALID_PEM );
enc = 0;
if( memcmp( s1, "Proc-Type: 4,ENCRYPTED", 22 ) == 0 )
{
return( POLARSSL_ERR_X509_FEATURE_UNAVAILABLE );
}
len = 0;
ret = base64_decode( NULL, &len, s1, s2 - s1 );
if( ret == POLARSSL_ERR_BASE64_INVALID_CHARACTER )
return( ret | POLARSSL_ERR_X509_KEY_INVALID_PEM );
if( ( buf = (unsigned char *) malloc( len ) ) == NULL )
return( 1 );
if( ( ret = base64_decode( buf, &len, s1, s2 - s1 ) ) != 0 )
{
free( buf );
return( ret | POLARSSL_ERR_X509_KEY_INVALID_PEM );
}
buflen = len;
if( enc != 0 )
{
return( POLARSSL_ERR_X509_FEATURE_UNAVAILABLE );
}
}
memset( rsa, 0, sizeof( rsa_context ) );
p = buf;
end = buf + buflen;
/*
* RSAPrivateKey ::= SEQUENCE {
* version Version,
* modulus INTEGER, -- n
* publicExponent INTEGER, -- e
* privateExponent INTEGER, -- d
* prime1 INTEGER, -- p
* prime2 INTEGER, -- q
* exponent1 INTEGER, -- d mod (p-1)
* exponent2 INTEGER, -- d mod (q-1)
* coefficient INTEGER, -- (inverse of q) mod p
* otherPrimeInfos OtherPrimeInfos OPTIONAL
* }
*/
if( ( ret = asn1_get_tag( &p, end, &len,
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
{
if( s1 != NULL )
free( buf );
rsa_free( rsa );
return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT | ret );
}
end = p + len;
if( ( ret = asn1_get_int( &p, end, &rsa->ver ) ) != 0 )
{
if( s1 != NULL )
free( buf );
rsa_free( rsa );
return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT | ret );
}
if( rsa->ver != 0 )
{
if( s1 != NULL )
free( buf );
rsa_free( rsa );
return( ret | POLARSSL_ERR_X509_KEY_INVALID_VERSION );
}
if( ( ret = asn1_get_mpi( &p, end, &rsa->N ) ) != 0 ||
( ret = asn1_get_mpi( &p, end, &rsa->E ) ) != 0 ||
( ret = asn1_get_mpi( &p, end, &rsa->D ) ) != 0 ||
( ret = asn1_get_mpi( &p, end, &rsa->P ) ) != 0 ||
( ret = asn1_get_mpi( &p, end, &rsa->Q ) ) != 0 ||
( ret = asn1_get_mpi( &p, end, &rsa->DP ) ) != 0 ||
( ret = asn1_get_mpi( &p, end, &rsa->DQ ) ) != 0 ||
( ret = asn1_get_mpi( &p, end, &rsa->QP ) ) != 0 )
{
if( s1 != NULL )
free( buf );
rsa_free( rsa );
return( ret | POLARSSL_ERR_X509_KEY_INVALID_FORMAT );
}
rsa->len = mpi_size( &rsa->N );
if( p != end )
{
if( s1 != NULL )
free( buf );
rsa_free( rsa );
return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT |
POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
}
if( ( ret = rsa_check_privkey( rsa ) ) != 0 )
{
if( s1 != NULL )
free( buf );
rsa_free( rsa );
return( ret );
}
if( s1 != NULL )
free( buf );
return( 0 );
}
int main( int argc, char *argv[] )
{
FILE *f;
int ret;
size_t i;
rsa_context rsa;
unsigned char hash[20];
unsigned char buf[POLARSSL_MPI_MAX_SIZE];
ret = 1;
if( argc != 2 )
{
printf( "usage: rsa_sign <filename>\n" );
#if defined(_WIN32)
printf( "\n" );
#endif
goto exit;
}
printf( "\n . Reading private key from rsa_priv.txt" );
fflush( stdout );
if( ( f = fopen( "rsa_priv.txt", "rb" ) ) == NULL )
{
ret = 1;
printf( " failed\n ! Could not open rsa_priv.txt\n" \
" ! Please run rsa_genkey first\n\n" );
goto exit;
}
rsa_init( &rsa, RSA_PKCS_V15, 0 );
if( ( ret = mpi_read_file( &rsa.N , 16, f ) ) != 0 ||
( ret = mpi_read_file( &rsa.E , 16, f ) ) != 0 ||
( ret = mpi_read_file( &rsa.D , 16, f ) ) != 0 ||
( ret = mpi_read_file( &rsa.P , 16, f ) ) != 0 ||
( ret = mpi_read_file( &rsa.Q , 16, f ) ) != 0 ||
( ret = mpi_read_file( &rsa.DP, 16, f ) ) != 0 ||
( ret = mpi_read_file( &rsa.DQ, 16, f ) ) != 0 ||
( ret = mpi_read_file( &rsa.QP, 16, f ) ) != 0 )
{
printf( " failed\n ! mpi_read_file returned %d\n\n", ret );
goto exit;
}
rsa.len = ( mpi_msb( &rsa.N ) + 7 ) >> 3;
fclose( f );
printf( "\n . Checking the private key" );
fflush( stdout );
if( ( ret = rsa_check_privkey( &rsa ) ) != 0 )
{
printf( " failed\n ! rsa_check_privkey failed with -0x%0x\n", -ret );
goto exit;
}
/*
* Compute the SHA-1 hash of the input file,
* then calculate the RSA signature of the hash.
*/
printf( "\n . Generating the RSA/SHA-1 signature" );
fflush( stdout );
if( ( ret = sha1_file( argv[1], hash ) ) != 0 )
{
printf( " failed\n ! Could not open or read %s\n\n", argv[1] );
goto exit;
}
if( ( ret = rsa_pkcs1_sign( &rsa, NULL, NULL, RSA_PRIVATE, POLARSSL_MD_SHA1,
20, hash, buf ) ) != 0 )
{
printf( " failed\n ! rsa_pkcs1_sign returned -0x%0x\n\n", -ret );
goto exit;
}
/*
* Write the signature into <filename>-sig.txt
*/
memcpy( argv[1] + strlen( argv[1] ), ".sig", 5 );
if( ( f = fopen( argv[1], "wb+" ) ) == NULL )
{
ret = 1;
printf( " failed\n ! Could not create %s\n\n", argv[1] );
goto exit;
}
for( i = 0; i < rsa.len; i++ )
fprintf( f, "%02X%s", buf[i],
( i + 1 ) % 16 == 0 ? "\r\n" : " " );
fclose( f );
printf( "\n . Done (created \"%s\")\n\n", argv[1] );
exit:
#if defined(_WIN32)
printf( " + Press Enter to exit this program.\n" );
fflush( stdout ); getchar();
#endif
return( ret );
}
/*
* Parse a PKCS#1 encoded private RSA key
*/
static int pk_parse_key_pkcs1_der( rsa_context *rsa,
const unsigned char *key,
size_t keylen )
{
int ret;
size_t len;
unsigned char *p, *end;
p = (unsigned char *) key;
end = p + keylen;
/*
* This function parses the RSAPrivateKey (PKCS#1)
*
* RSAPrivateKey ::= SEQUENCE {
* version Version,
* modulus INTEGER, -- n
* publicExponent INTEGER, -- e
* privateExponent INTEGER, -- d
* prime1 INTEGER, -- p
* prime2 INTEGER, -- q
* exponent1 INTEGER, -- d mod (p-1)
* exponent2 INTEGER, -- d mod (q-1)
* coefficient INTEGER, -- (inverse of q) mod p
* otherPrimeInfos OtherPrimeInfos OPTIONAL
* }
*/
if( ( ret = asn1_get_tag( &p, end, &len,
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
{
return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + ret );
}
end = p + len;
if( ( ret = asn1_get_int( &p, end, &rsa->ver ) ) != 0 )
{
return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + ret );
}
if( rsa->ver != 0 )
{
return( POLARSSL_ERR_PK_KEY_INVALID_VERSION );
}
if( ( ret = asn1_get_mpi( &p, end, &rsa->N ) ) != 0 ||
( ret = asn1_get_mpi( &p, end, &rsa->E ) ) != 0 ||
( ret = asn1_get_mpi( &p, end, &rsa->D ) ) != 0 ||
( ret = asn1_get_mpi( &p, end, &rsa->P ) ) != 0 ||
( ret = asn1_get_mpi( &p, end, &rsa->Q ) ) != 0 ||
( ret = asn1_get_mpi( &p, end, &rsa->DP ) ) != 0 ||
( ret = asn1_get_mpi( &p, end, &rsa->DQ ) ) != 0 ||
( ret = asn1_get_mpi( &p, end, &rsa->QP ) ) != 0 )
{
rsa_free( rsa );
return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT + ret );
}
rsa->len = mpi_size( &rsa->N );
if( p != end )
{
rsa_free( rsa );
return( POLARSSL_ERR_PK_KEY_INVALID_FORMAT +
POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
}
if( ( ret = rsa_check_privkey( rsa ) ) != 0 )
{
rsa_free( rsa );
return( ret );
}
return( 0 );
}
/*
* Checkup routine
*/
int main ( void )
{
int len;
rsa_context rsa;
unsigned char md5sum[16];
unsigned char rsa_plaintext[PTLEN];
unsigned char rsa_decrypted[PTLEN];
unsigned char rsa_ciphertext[CTLEN];
memset( &rsa, 0, sizeof( rsa ) );
rsa.len = 128;
mpi_read( &rsa.N , "9292758453063D803DD603D5E777D788" \
"8ED1D5BF35786190FA2F23EBC0848AEA" \
"DDA92CA6C3D80B32C4D109BE0F36D6AE" \
"7130B9CED7ACDF54CFC7555AC14EEBAB" \
"93A89813FBF3C4F8066D2D800F7C38A8" \
"1AE31942917403FF4946B0A83D3D3E05" \
"EE57C6F5F5606FB5D4BC6CD34EE0801A" \
"5E94BB77B07507233A0BC7BAC8F90F79", 16 );
mpi_read( &rsa.E , "10001", 16 );
mpi_read( &rsa.D , "24BF6185468786FDD303083D25E64EFC" \
"66CA472BC44D253102F8B4A9D3BFA750" \
"91386C0077937FE33FA3252D28855837" \
"AE1B484A8A9A45F7EE8C0C634F99E8CD" \
"DF79C5CE07EE72C7F123142198164234" \
"CABB724CF78B8173B9F880FC86322407" \
"AF1FEDFDDE2BEB674CA15F3E81A1521E" \
"071513A1E85B5DFA031F21ECAE91A34D", 16 );
mpi_read( &rsa.P , "C36D0EB7FCD285223CFB5AABA5BDA3D8" \
"2C01CAD19EA484A87EA4377637E75500" \
"FCB2005C5C7DD6EC4AC023CDA285D796" \
"C3D9E75E1EFC42488BB4F1D13AC30A57", 16 );
mpi_read( &rsa.Q , "C000DF51A7C77AE8D7C7370C1FF55B69" \
"E211C2B9E5DB1ED0BF61D0D9899620F4" \
"910E4168387E3C30AA1E00C339A79508" \
"8452DD96A9A5EA5D9DCA68DA636032AF", 16 );
mpi_read( &rsa.DP, "C1ACF567564274FB07A0BBAD5D26E298" \
"3C94D22288ACD763FD8E5600ED4A702D" \
"F84198A5F06C2E72236AE490C93F07F8" \
"3CC559CD27BC2D1CA488811730BB5725", 16 );
mpi_read( &rsa.DQ, "4959CBF6F8FEF750AEE6977C155579C7" \
"D8AAEA56749EA28623272E4F7D0592AF" \
"7C1F1313CAC9471B5C523BFE592F517B" \
"407A1BD76C164B93DA2D32A383E58357", 16 );
mpi_read( &rsa.QP, "9AE7FBC99546432DF71896FC239EADAE" \
"F38D18D2B2F0E2DD275AA977E2BF4411" \
"F5A3B2A5D33605AEBBCCBA7FEB9F2D2F" \
"A74206CEC169D74BF5A8C50D6F48EA08", 16 );
printf( " RSA key validation: " );
if( rsa_check_pubkey( &rsa ) != 0 ||
rsa_check_privkey( &rsa ) != 0 )
{
printf( "failed\n" );
return( 1 );
}
printf( "passed\n PKCS#1 encryption : " );
memcpy( rsa_plaintext,
"\xAA\xBB\xCC\x03\x02\x01\x00\xFF\xFF\xFF\xFF\xFF" \
"\x11\x22\x33\x0A\x0B\x0C\xCC\xDD\xDD\xDD\xDD\xDD", PTLEN );
len = CTLEN;
if( rsa_pkcs1_encrypt( &rsa, rsa_plaintext, PTLEN,
rsa_ciphertext, &len ) != 0 )
{
printf( "failed\n" );
return( 1 );
}
printf( "passed\n PKCS#1 decryption : " );
len = sizeof( rsa_decrypted );
if( rsa_pkcs1_decrypt( &rsa, rsa_ciphertext, CTLEN,
rsa_decrypted, &len ) != 0 ||
memcmp( rsa_decrypted, rsa_plaintext, len ) != 0 )
{
printf( "failed\n" );
return( 1 );
}
printf( "passed\n" );
#if 0
md5_csum( rsa_plaintext, PTLEN, md5sum );
if( rsa_pkcs1_sign( &rsa, RSA_MD5, md5sum, 16,
rsa_ciphertext, CTLEN ) != 0 )
{
printf( "failed\n" );
return( 1 );
}
printf( "passed\n PKCS#1 sig. verify: " );
if( rsa_pkcs1_verify( &rsa, RSA_MD5, md5sum, 16,
rsa_ciphertext, CTLEN ) != 0 )
{
printf( "failed\n" );
return( 1 );
}
printf( "passed\n\n" );
#endif
rsa_free( &rsa );
return( 0 );
}
int main( int argc, char *argv[] )
{
int ret, i;
x509_crt cacert;
x509_crl crl;
char buf[10240];
((void) argc);
((void) argv);
x509_crt_init( &cacert );
x509_crl_init( &crl );
/*
* 1.1. Load the trusted CA
*/
printf( "\n . Loading the CA root certificate ..." );
fflush( stdout );
/*
* Alternatively, you may load the CA certificates from a .pem or
* .crt file by calling x509_crt_parse_file( &cacert, "myca.crt" ).
*/
ret = x509_crt_parse_file( &cacert, "ssl/test-ca/test-ca.crt" );
if( ret != 0 )
{
printf( " failed\n ! x509_crt_parse_file returned %d\n\n", ret );
goto exit;
}
printf( " ok\n" );
x509_crt_info( buf, 1024, "CRT: ", &cacert );
printf("%s\n", buf );
/*
* 1.2. Load the CRL
*/
printf( " . Loading the CRL ..." );
fflush( stdout );
ret = x509_crl_parse_file( &crl, "ssl/test-ca/crl.pem" );
if( ret != 0 )
{
printf( " failed\n ! x509_crl_parse_file returned %d\n\n", ret );
goto exit;
}
printf( " ok\n" );
x509_crl_info( buf, 1024, "CRL: ", &crl );
printf("%s\n", buf );
for( i = 0; i < MAX_CLIENT_CERTS; i++ )
{
/*
* 1.3. Load own certificate
*/
char name[512];
int flags;
x509_crt clicert;
pk_context pk;
x509_crt_init( &clicert );
pk_init( &pk );
snprintf(name, 512, "ssl/test-ca/%s", client_certificates[i]);
printf( " . Loading the client certificate %s...", name );
fflush( stdout );
ret = x509_crt_parse_file( &clicert, name );
if( ret != 0 )
{
printf( " failed\n ! x509_crt_parse_file returned %d\n\n", ret );
goto exit;
}
printf( " ok\n" );
/*
* 1.4. Verify certificate validity with CA certificate
*/
printf( " . Verify the client certificate with CA certificate..." );
fflush( stdout );
ret = x509_crt_verify( &clicert, &cacert, &crl, NULL, &flags, NULL,
NULL );
if( ret != 0 )
{
if( ret == POLARSSL_ERR_X509_CERT_VERIFY_FAILED )
{
if( flags & BADCERT_CN_MISMATCH )
printf( " CN_MISMATCH " );
if( flags & BADCERT_EXPIRED )
printf( " EXPIRED " );
if( flags & BADCERT_REVOKED )
printf( " REVOKED " );
if( flags & BADCERT_NOT_TRUSTED )
printf( " NOT_TRUSTED " );
if( flags & BADCRL_NOT_TRUSTED )
printf( " CRL_NOT_TRUSTED " );
if( flags & BADCRL_EXPIRED )
printf( " CRL_EXPIRED " );
} else {
printf( " failed\n ! x509_crt_verify returned %d\n\n", ret );
goto exit;
}
}
printf( " ok\n" );
/*
* 1.5. Load own private key
*/
snprintf(name, 512, "ssl/test-ca/%s", client_private_keys[i]);
printf( " . Loading the client private key %s...", name );
fflush( stdout );
ret = pk_parse_keyfile( &pk, name, NULL );
if( ret != 0 )
{
printf( " failed\n ! pk_parse_keyfile returned %d\n\n", ret );
goto exit;
}
printf( " ok\n" );
/*
* 1.6. Verify certificate validity with private key
*/
printf( " . Verify the client certificate with private key..." );
fflush( stdout );
/* EC NOT IMPLEMENTED YET */
if( ! pk_can_do( &clicert.pk, POLARSSL_PK_RSA ) )
{
printf( " failed\n ! certificate's key is not RSA\n\n" );
ret = POLARSSL_ERR_X509_FEATURE_UNAVAILABLE;
goto exit;
}
ret = mpi_cmp_mpi(&pk_rsa( pk )->N, &pk_rsa( clicert.pk )->N);
if( ret != 0 )
{
printf( " failed\n ! mpi_cmp_mpi for N returned %d\n\n", ret );
goto exit;
}
ret = mpi_cmp_mpi(&pk_rsa( pk )->E, &pk_rsa( clicert.pk )->E);
if( ret != 0 )
{
printf( " failed\n ! mpi_cmp_mpi for E returned %d\n\n", ret );
goto exit;
}
ret = rsa_check_privkey( pk_rsa( pk ) );
if( ret != 0 )
{
printf( " failed\n ! rsa_check_privkey returned %d\n\n", ret );
goto exit;
}
printf( " ok\n" );
x509_crt_free( &clicert );
pk_free( &pk );
}
exit:
x509_crt_free( &cacert );
x509_crl_free( &crl );
#if defined(_WIN32)
printf( " + Press Enter to exit this program.\n" );
fflush( stdout ); getchar();
#endif
return( ret );
}
/*
* Checkup routine
*/
int rsa_self_test( int verbose )
{
int ret = 0;
#if defined(POLARSSL_PKCS1_V15)
size_t len;
rsa_context rsa;
unsigned char rsa_plaintext[PT_LEN];
unsigned char rsa_decrypted[PT_LEN];
unsigned char rsa_ciphertext[KEY_LEN];
#if defined(POLARSSL_SHA1_C)
unsigned char sha1sum[20];
#endif
rsa_init( &rsa, RSA_PKCS_V15, 0 );
rsa.len = KEY_LEN;
MPI_CHK( mpi_read_string( &rsa.N , 16, RSA_N ) );
MPI_CHK( mpi_read_string( &rsa.E , 16, RSA_E ) );
MPI_CHK( mpi_read_string( &rsa.D , 16, RSA_D ) );
MPI_CHK( mpi_read_string( &rsa.P , 16, RSA_P ) );
MPI_CHK( mpi_read_string( &rsa.Q , 16, RSA_Q ) );
MPI_CHK( mpi_read_string( &rsa.DP, 16, RSA_DP ) );
MPI_CHK( mpi_read_string( &rsa.DQ, 16, RSA_DQ ) );
MPI_CHK( mpi_read_string( &rsa.QP, 16, RSA_QP ) );
if( verbose != 0 )
polarssl_printf( " RSA key validation: " );
if( rsa_check_pubkey( &rsa ) != 0 ||
rsa_check_privkey( &rsa ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
}
if( verbose != 0 )
polarssl_printf( "passed\n PKCS#1 encryption : " );
memcpy( rsa_plaintext, RSA_PT, PT_LEN );
if( rsa_pkcs1_encrypt( &rsa, myrand, NULL, RSA_PUBLIC, PT_LEN,
rsa_plaintext, rsa_ciphertext ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
}
if( verbose != 0 )
polarssl_printf( "passed\n PKCS#1 decryption : " );
if( rsa_pkcs1_decrypt( &rsa, myrand, NULL, RSA_PRIVATE, &len,
rsa_ciphertext, rsa_decrypted,
sizeof(rsa_decrypted) ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
}
if( memcmp( rsa_decrypted, rsa_plaintext, len ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
}
#if defined(POLARSSL_SHA1_C)
if( verbose != 0 )
polarssl_printf( "passed\n PKCS#1 data sign : " );
sha1( rsa_plaintext, PT_LEN, sha1sum );
if( rsa_pkcs1_sign( &rsa, myrand, NULL, RSA_PRIVATE, POLARSSL_MD_SHA1, 0,
sha1sum, rsa_ciphertext ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
}
if( verbose != 0 )
polarssl_printf( "passed\n PKCS#1 sig. verify: " );
if( rsa_pkcs1_verify( &rsa, NULL, NULL, RSA_PUBLIC, POLARSSL_MD_SHA1, 0,
sha1sum, rsa_ciphertext ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
}
if( verbose != 0 )
polarssl_printf( "passed\n\n" );
#endif /* POLARSSL_SHA1_C */
cleanup:
rsa_free( &rsa );
#else /* POLARSSL_PKCS1_V15 */
((void) verbose);
#endif /* POLARSSL_PKCS1_V15 */
return( ret );
}
/*
* Checkup routine
*/
int rsa_self_test( void )
{
int len;
rsa_context rsa;
uchar md5sum[16];
uchar decrypted[PTLEN];
uchar ciphertext[CTLEN];
memset( &rsa, 0, sizeof( rsa ) );
rsa.len = 128;
#if 0
mpi_read( &rsa.N , "9292758453063D803DD603D5E777D788" \
"8ED1D5BF35786190FA2F23EBC0848AEA" \
"DDA92CA6C3D80B32C4D109BE0F36D6AE" \
"7130B9CED7ACDF54CFC7555AC14EEBAB" \
"93A89813FBF3C4F8066D2D800F7C38A8" \
"1AE31942917403FF4946B0A83D3D3E05" \
"EE57C6F5F5606FB5D4BC6CD34EE0801A" \
"5E94BB77B07507233A0BC7BAC8F90F79", 16 );
mpi_read( &rsa.E , "10001", 16 );
mpi_read( &rsa.D , "24BF6185468786FDD303083D25E64EFC" \
"66CA472BC44D253102F8B4A9D3BFA750" \
"91386C0077937FE33FA3252D28855837" \
"AE1B484A8A9A45F7EE8C0C634F99E8CD" \
"DF79C5CE07EE72C7F123142198164234" \
"CABB724CF78B8173B9F880FC86322407" \
"AF1FEDFDDE2BEB674CA15F3E81A1521E" \
"071513A1E85B5DFA031F21ECAE91A34D", 16 );
mpi_read( &rsa.P , "C36D0EB7FCD285223CFB5AABA5BDA3D8" \
"2C01CAD19EA484A87EA4377637E75500" \
"FCB2005C5C7DD6EC4AC023CDA285D796" \
"C3D9E75E1EFC42488BB4F1D13AC30A57", 16 );
mpi_read( &rsa.Q , "C000DF51A7C77AE8D7C7370C1FF55B69" \
"E211C2B9E5DB1ED0BF61D0D9899620F4" \
"910E4168387E3C30AA1E00C339A79508" \
"8452DD96A9A5EA5D9DCA68DA636032AF", 16 );
mpi_read( &rsa.DP, "C1ACF567564274FB07A0BBAD5D26E298" \
"3C94D22288ACD763FD8E5600ED4A702D" \
"F84198A5F06C2E72236AE490C93F07F8" \
"3CC559CD27BC2D1CA488811730BB5725", 16 );
mpi_read( &rsa.DQ, "4959CBF6F8FEF750AEE6977C155579C7" \
"D8AAEA56749EA28623272E4F7D0592AF" \
"7C1F1313CAC9471B5C523BFE592F517B" \
"407A1BD76C164B93DA2D32A383E58357", 16 );
mpi_read( &rsa.QP, "9AE7FBC99546432DF71896FC239EADAE" \
"F38D18D2B2F0E2DD275AA977E2BF4411" \
"F5A3B2A5D33605AEBBCCBA7FEB9F2D2F" \
"A74206CEC169D74BF5A8C50D6F48EA08", 16 );
#else
mpi_read( &rsa.N , "EEF43DF231F4FEFDA3FF0576F864912B" \
"F5D51D627C5911F4794F54C8BE178C66" \
"FD9C447BE512735818E93CF88AB1696C" \
"1C634A898DBFCE384F74CD347B715419" \
"EAE05016842B752F127CC224535C4708" \
"8DE7566D50F0CFC013B2592BAB1E042A" \
"76239E5262D931B84BDAB640028AFE7C" \
"39E2B75A353EABF827854EE249C6EA45", 16 );
mpi_read( &rsa.E , "010001", 16 );
mpi_read( &rsa.D , "B6F6044861BFF94E34379BF3901550A2" \
"9C44658F772EABF4C8BDD9692B43D499" \
"372E63B189A02AF91579E0D95D38A243" \
"C928AD75CD3743AB120B98E3CA70E7B6" \
"C5B3C1EA2065EF5A6347F80B247044D4" \
"775C4379C2286F8724E0DFE859F808E8" \
"BFBE3D257EF84E3A455C5BC452F5600E" \
"5CDD62818D7E937C7D4C9819C1FAF331", 16 );
mpi_read( &rsa.P , "FBD24AF8F6132E9E1D07B73CFD6D0ECE" \
"6E49DD602EF0F4D6FE6DF66493F016EA" \
"C19FF290749194145C3229D0CC57B31F" \
"199AE2819572271CFE40279063B5BEAB", 16 );
mpi_read( &rsa.Q , "F2EB4A3E41438F2690EC2DED0198E4BD" \
"7ABA01D374A27C92BDAEA3803FF8584C" \
"2B923C95868B4C53DCEEA3A750D7B702" \
"748522C8BF781CCED4E76B52A9DD3ACF", 16 );
mpi_read( &rsa.DP, "3947752C39F4D506BBFDB44D582BC551" \
"693EBDEF11DE5722CC0EC11BD196ABEF" \
"CC0910C890EB482E756627A2C9C82D03" \
"26F4D70EB8AA9580FFC821F7B2E6752F", 16 );
mpi_read( &rsa.DQ, "5A71D28DC55CF322A7D8D7ECA3A89A9A" \
"15E4C5A3468CED16F1BAE133721DF43A" \
"400ACDB5DA8768DEDCA69996455A5BD0" \
"7533D0D4AFBD77F4667ED78DCAA30D2F", 16 );
mpi_read( &rsa.QP, "81267EDB140CE8F07CA92F508FEA134B" \
"23C871D428C6EF870F08FFF2AD46D210" \
"8FCD67E28FF95E8E332B5EEE16EB8784" \
"AB3D1E59B078CB93EF5C6E0F12419439", 16 );
#endif
printf( " RSA key validation: " );
if( rsa_check_pubkey( &rsa ) != 0 ||
rsa_check_privkey( &rsa ) != 0 )
{
printf( "failed\n" );
return( 1 );
}
printf( "passed\n PKCS#1 encryption : " );
if( rsa_pkcs1_encrypt( &rsa, plaintext, PTLEN,
ciphertext, CTLEN ) != 0 )
{
printf( "failed\n" );
return( 1 );
}
printf( "passed\n PKCS#1 decryption : " );
len = sizeof( decrypted );
if( rsa_pkcs1_decrypt( &rsa, ciphertext, CTLEN,
decrypted, &len ) != 0 ||
memcmp( decrypted, plaintext, len ) != 0 )
{
printf( "failed\n" );
return( 1 );
}
printf( "passed\n PKCS#1 data sign : " );
md5_csum( plaintext, PTLEN, md5sum );
if( rsa_pkcs1_sign( &rsa, RSA_MD5, md5sum, 16,
ciphertext, CTLEN ) != 0 )
{
printf( "failed\n" );
return( 1 );
}
printf( "passed\n PKCS#1 sig. verify: " );
if( rsa_pkcs1_verify( &rsa, RSA_MD5, md5sum, 16,
ciphertext, CTLEN ) != 0 )
{
printf( "failed\n" );
return( 1 );
}
printf( "passed\n\n" );
rsa_free( &rsa );
return( 0 );
}