JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_RSA_doSign
(JNIEnv* jenv, jobject jcl, jobject in, jlong inSz, jobject out,
jintArray outSz, jobject keyDer, jlong keySz)
{
int ret;
RNG rng;
RsaKey myKey;
unsigned int idx;
unsigned int tmpOut;
/* check in and key sz */
if ((inSz < 0) || (keySz < 0)) {
return -1;
}
/* get pointers to our buffers */
unsigned char* inBuf = (*jenv)->GetDirectBufferAddress(jenv, in);
if (inBuf == NULL) {
printf("problem getting in buffer address\n");
return -1;
}
unsigned char* outBuf = (*jenv)->GetDirectBufferAddress(jenv, out);
if (outBuf == NULL) {
printf("problem getting out buffer address\n");
return -1;
}
unsigned char* keyBuf = (*jenv)->GetDirectBufferAddress(jenv, keyDer);
if (keyBuf == NULL) {
printf("problem getting key buffer address\n");
return -1;
}
/* get output buffer size */
(*jenv)->GetIntArrayRegion(jenv, outSz, 0, 1, (jint*)&tmpOut);
wc_InitRng(&rng);
wc_InitRsaKey(&myKey, NULL);
idx = 0;
ret = wc_RsaPrivateKeyDecode(keyBuf, &idx, &myKey, (unsigned int)keySz);
if (ret == 0) {
ret = wc_RsaSSL_Sign(inBuf, (unsigned int)inSz, outBuf, tmpOut,
&myKey, &rng);
if (ret > 0) {
/* save and convert to 0 for success */
(*jenv)->SetIntArrayRegion(jenv, outSz, 0, 1, (jint*)&tmpOut);
ret = 0;
}
} else {
printf("wc_RsaPrivateKeyDecode failed, ret = %d\n", ret);
}
wc_FreeRsaKey(&myKey);
return ret;
}
JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_RSA_doVerify
(JNIEnv* jenv, jobject jcl, jobject sig, jlong sigSz, jobject out,
jlong outSz, jobject keyDer, jlong keySz)
{
int ret;
RsaKey myKey;
unsigned int idx;
/* check in and key sz */
if ((sigSz < 0) || (keySz < 0) || (outSz < 0)) {
return -1;
}
/* get pointers to our buffers */
unsigned char* sigBuf = (*jenv)->GetDirectBufferAddress(jenv, sig);
if (sigBuf == NULL) {
printf("problem getting sig buffer address\n");
return -1;
}
unsigned char* outBuf = (*jenv)->GetDirectBufferAddress(jenv, out);
if (outBuf == NULL) {
printf("problem getting out buffer address\n");
return -1;
}
unsigned char* keyBuf = (*jenv)->GetDirectBufferAddress(jenv, keyDer);
if (keyBuf == NULL) {
printf("problem getting key buffer address\n");
return -1;
}
wc_InitRsaKey(&myKey, NULL);
idx = 0;
ret = wc_RsaPublicKeyDecode(keyBuf, &idx, &myKey, (unsigned int)keySz);
if (ret == 0) {
ret = wc_RsaSSL_Verify(sigBuf, (unsigned int)sigSz, outBuf,
(unsigned int)outSz, &myKey);
if (ret < 0) {
printf("wc_RsaSSL_Verify failed, ret = %d\n", ret);
return ret;
}
} else {
printf("wc_RsaPublicKeyDecode failed, ret = %d\n", ret);
}
wc_FreeRsaKey(&myKey);
return ret;
}
int main(void) {
board_init();
board_console_init(BOARD_DEBUG_BAUD);
SysTick_Config(BOARD_SYSTICK_100MS);
PRINTF("ubirch #1 r0.2 RSA/ECC encryption/signature benchmark\r\n");
if (init_ltc() != 0) PRINTF("No LTC, may crash\r\n");
if (init_trng() != 0) error("failed to initialize TRNG");
if (init_board_key(2048) != 0) error("failed to generate key pair");
if (init_recipient_public_key(recipient_pubkey, recipient_pubkey_length))
error("failed to load recipient public key");
byte cipher[256]; // 256 bytes is large enough to store 2048 bit RSA ciphertext
word32 plaintextLength = strlen(plaintext);
word32 cipherLength = sizeof(cipher);
PRINTF("- signing message with board private key\r\n");
uint32_t total = 0;
int signatureLength = 0;
byte *signature = NULL;
for (int i = 0; i < BENCHMARK_LOOPS; i++) {
const uint32_t start = timer_read();
signatureLength = wc_SignatureGetSize(WC_SIGNATURE_TYPE_RSA, &board_rsa_key, sizeof(board_rsa_key));
signature = malloc((size_t) signatureLength);
if (wc_SignatureGenerate(
WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA,
(const byte *) plaintext, plaintextLength,
signature, (word32 *) &signatureLength,
&board_rsa_key, sizeof(board_rsa_key),
&rng) != 0)
error("failed to sign plain text message");
const uint32_t elapsed = timer_read() - start;
total += elapsed;
char loop_str[64];
sprintf(loop_str, "%d", i);
timestamp(loop_str, elapsed);
}
timestamp("Average:", total / BENCHMARK_LOOPS);
PRINTF("-- SIGNATURE\r\n");
PRINTF("- encrypting message\r\n");
total = 0;
int r = -1;
for (int i = 0; i < BENCHMARK_LOOPS; i++) {
const uint32_t start = timer_read();
r = wc_RsaPublicEncrypt((const byte *) plaintext, plaintextLength, cipher, cipherLength, &recipient_public_key,
&rng);
if (r < 0) error("failed to encrypt message");
const uint32_t elapsed = timer_read() - start;
total += elapsed;
char loop_str[64];
sprintf(loop_str, "%d", i);
timestamp(loop_str, elapsed);
}
timestamp("Average:", total / BENCHMARK_LOOPS);
PRINTF("-- CIPHER (%d bytes)\r\n", r);
wc_FreeRsaKey(&board_rsa_key);
wc_FreeRsaKey(&recipient_public_key);
PRINTF("THE END\r\n");
while (true) {
uint8_t ch = (uint8_t) GETCHAR();
if (ch == '\r') PUTCHAR('\n');
PUTCHAR(ch);
}
}
int rsa_test(void)
{
byte* tmp = NULL;
size_t bytes;
RsaKey key;
WC_RNG rng;
word32 idx = 0;
int ret;
byte in[] = "Everyone gets Friday off.";
word32 inLen = (word32)XSTRLEN((char*)in);
byte out[256];
byte plain[256];
byte* outPtr = NULL;
tmp = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
if (tmp == NULL) {
ret = MEMORY_E;
goto exit;
}
XMEMCPY(tmp, privkey_der_2048, sizeof(privkey_der_2048));
bytes = sizeof(privkey_der_2048);
ret = wc_InitRsaKey_ex(&key, HEAP_HINT, INVALID_DEVID);
if (ret < 0) {
goto exit;
}
ret = wc_RsaPrivateKeyDecode(tmp, &idx, &key, (word32)bytes);
if (ret < 0) {
goto exit;
}
printf("Key Size: %d\n", wc_RsaEncryptSize(&key));
ret = wc_InitRng(&rng);
if (ret < 0) {
goto exit;
}
#ifdef WC_RSA_BLINDING
ret = wc_RsaSetRNG(&key, &rng);
if (ret < 0) {
goto exit;
}
#endif
ret = wc_RsaPublicEncrypt(in, inLen, out, sizeof(out), &key, &rng);
printf("wc_RsaPublicEncrypt: %d\n", ret);
if (ret < 0) {
goto exit;
}
idx = ret; /* save off encrypted length */
ret = wc_RsaPrivateDecrypt(out, idx, plain, sizeof(plain), &key);
printf("wc_RsaPrivateDecrypt: %d\n", ret);
printf("\n%d", ret);
if (ret < 0) {
goto exit;
}
if (XMEMCMP(plain, in, ret)) {
printf("Compare failed!\n");
goto exit;
}
ret = wc_RsaSSL_Sign(in, inLen, out, sizeof(out), &key, &rng);
printf("wc_RsaSSL_Sign: %d\n", ret);
if (ret < 0) {
goto exit;
}
idx = ret;
XMEMSET(plain, 0, sizeof(plain));
ret = wc_RsaSSL_VerifyInline(out, idx, &outPtr, &key);
printf("wc_RsaSSL_Verify: %d\n", ret);
if (ret < 0) {
goto exit;
}
if (XMEMCMP(in, outPtr, ret)) {
printf("Compare failed!\n");
goto exit;
}
ret = 0; /* success */
exit:
wc_FreeRsaKey(&key);
XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
wc_FreeRng(&rng);
return ret;
}
/* check mcapi rsa */
static int check_rsa(void)
{
CRYPT_RSA_CTX mcRsa;
RsaKey defRsa;
int ret;
int ret2;
unsigned int keySz = (unsigned int)sizeof(client_key_der_1024);
unsigned int idx = 0;
byte out1[256];
byte out2[256];
ret = wc_InitRsaKey(&defRsa, NULL);
if (ret == 0)
ret = CRYPT_RSA_Initialize(&mcRsa);
if (ret != 0) {
printf("mcapi rsa init failed\n");
return -1;
}
ret = CRYPT_RSA_PrivateKeyDecode(&mcRsa, client_key_der_1024, keySz);
if (ret != 0) {
printf("mcapi rsa private key decode failed\n");
return -1;
}
ret = wc_RsaPrivateKeyDecode(client_key_der_1024, &idx, &defRsa, keySz);
if (ret != 0) {
printf("default rsa private key decode failed\n");
return -1;
}
ret = CRYPT_RSA_PublicEncrypt(&mcRsa, out1, sizeof(out1), ourData,
RSA_TEST_SIZE, &mcRng);
if (ret < 0) {
printf("mcapi rsa public encrypt failed\n");
return -1;
}
ret2 = wc_RsaPublicEncrypt(ourData, RSA_TEST_SIZE, out2, sizeof(out2),
&defRsa, &defRng);
if (ret2 < 0) {
printf("default rsa public encrypt failed\n");
return -1;
}
if (ret != ret2) {
printf("default rsa public encrypt sz != mcapi sz\n");
return -1;
}
if (ret != CRYPT_RSA_EncryptSizeGet(&mcRsa)) {
printf("mcapi encrypt sz get != mcapi sz\n");
return -1;
}
ret = CRYPT_RSA_PrivateDecrypt(&mcRsa, out2, sizeof(out2), out1, ret);
if (ret < 0) {
printf("mcapi rsa private derypt failed\n");
return -1;
}
if (ret != RSA_TEST_SIZE) {
printf("mcapi rsa private derypt plain size wrong\n");
return -1;
}
if (memcmp(out2, ourData, ret) != 0) {
printf("mcapi rsa private derypt plain text bad\n");
return -1;
}
wc_FreeRsaKey(&defRsa);
ret = CRYPT_RSA_Free(&mcRsa);
if (ret != 0) {
printf("mcapi rsa free failed\n");
return -1;
}
printf("rsa mcapi test passed\n");
return 0;
}
/* Make an RSA key for size bits, with e specified, 65537 is a good e */
int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
{
mp_int p, q, tmp1, tmp2, tmp3;
int err;
if (key == NULL || rng == NULL)
return BAD_FUNC_ARG;
if (size < RSA_MIN_SIZE || size > RSA_MAX_SIZE)
return BAD_FUNC_ARG;
if (e < 3 || (e & 1) == 0)
return BAD_FUNC_ARG;
if ((err = mp_init_multi(&p, &q, &tmp1, &tmp2, &tmp3, NULL)) != MP_OKAY)
return err;
err = mp_set_int(&tmp3, e);
/* make p */
if (err == MP_OKAY) {
do {
err = mp_rand_prime(&p, size/16, rng, key->heap); /* size in bytes/2 */
if (err == MP_OKAY)
err = mp_sub_d(&p, 1, &tmp1); /* tmp1 = p-1 */
if (err == MP_OKAY)
err = mp_gcd(&tmp1, &tmp3, &tmp2); /* tmp2 = gcd(p-1, e) */
} while (err == MP_OKAY && mp_cmp_d(&tmp2, 1) != 0); /* e divdes p-1 */
}
/* make q */
if (err == MP_OKAY) {
do {
err = mp_rand_prime(&q, size/16, rng, key->heap); /* size in bytes/2 */
if (err == MP_OKAY)
err = mp_sub_d(&q, 1, &tmp1); /* tmp1 = q-1 */
if (err == MP_OKAY)
err = mp_gcd(&tmp1, &tmp3, &tmp2); /* tmp2 = gcd(q-1, e) */
} while (err == MP_OKAY && mp_cmp_d(&tmp2, 1) != 0); /* e divdes q-1 */
}
if (err == MP_OKAY)
err = mp_init_multi(&key->n, &key->e, &key->d, &key->p, &key->q, NULL);
if (err == MP_OKAY)
err = mp_init_multi(&key->dP, &key->dQ, &key->u, NULL, NULL, NULL);
if (err == MP_OKAY)
err = mp_sub_d(&p, 1, &tmp2); /* tmp2 = p-1 */
if (err == MP_OKAY)
err = mp_lcm(&tmp1, &tmp2, &tmp1); /* tmp1 = lcm(p-1, q-1),last loop */
/* make key */
if (err == MP_OKAY)
err = mp_set_int(&key->e, e); /* key->e = e */
if (err == MP_OKAY) /* key->d = 1/e mod lcm(p-1, q-1) */
err = mp_invmod(&key->e, &tmp1, &key->d);
if (err == MP_OKAY)
err = mp_mul(&p, &q, &key->n); /* key->n = pq */
if (err == MP_OKAY)
err = mp_sub_d(&p, 1, &tmp1);
if (err == MP_OKAY)
err = mp_sub_d(&q, 1, &tmp2);
if (err == MP_OKAY)
err = mp_mod(&key->d, &tmp1, &key->dP);
if (err == MP_OKAY)
err = mp_mod(&key->d, &tmp2, &key->dQ);
if (err == MP_OKAY)
err = mp_invmod(&q, &p, &key->u);
if (err == MP_OKAY)
err = mp_copy(&p, &key->p);
if (err == MP_OKAY)
err = mp_copy(&q, &key->q);
if (err == MP_OKAY)
key->type = RSA_PRIVATE;
mp_clear(&tmp3);
mp_clear(&tmp2);
mp_clear(&tmp1);
mp_clear(&q);
mp_clear(&p);
if (err != MP_OKAY) {
wc_FreeRsaKey(key);
return err;
}
return 0;
}
