JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_RSA_doSign
(JNIEnv* jenv, jobject jcl, jobject in, jlong inSz, jobject out,
jintArray outSz, jobject keyDer, jlong keySz)
{
int ret;
RNG rng;
RsaKey myKey;
unsigned int idx;
unsigned int tmpOut;
/* check in and key sz */
if ((inSz < 0) || (keySz < 0)) {
return -1;
}
/* get pointers to our buffers */
unsigned char* inBuf = (*jenv)->GetDirectBufferAddress(jenv, in);
if (inBuf == NULL) {
printf("problem getting in buffer address\n");
return -1;
}
unsigned char* outBuf = (*jenv)->GetDirectBufferAddress(jenv, out);
if (outBuf == NULL) {
printf("problem getting out buffer address\n");
return -1;
}
unsigned char* keyBuf = (*jenv)->GetDirectBufferAddress(jenv, keyDer);
if (keyBuf == NULL) {
printf("problem getting key buffer address\n");
return -1;
}
/* get output buffer size */
(*jenv)->GetIntArrayRegion(jenv, outSz, 0, 1, (jint*)&tmpOut);
wc_InitRng(&rng);
wc_InitRsaKey(&myKey, NULL);
idx = 0;
ret = wc_RsaPrivateKeyDecode(keyBuf, &idx, &myKey, (unsigned int)keySz);
if (ret == 0) {
ret = wc_RsaSSL_Sign(inBuf, (unsigned int)inSz, outBuf, tmpOut,
&myKey, &rng);
if (ret > 0) {
/* save and convert to 0 for success */
(*jenv)->SetIntArrayRegion(jenv, outSz, 0, 1, (jint*)&tmpOut);
ret = 0;
}
} else {
printf("wc_RsaPrivateKeyDecode failed, ret = %d\n", ret);
}
wc_FreeRsaKey(&myKey);
return ret;
}
JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_RSA_doDec
(JNIEnv* jenv, jobject jcl, jobject in, jlong inSz, jobject out,
jlong outSz, jobject keyDer, jlong keySz)
{
int ret;
RsaKey myKey;
unsigned int idx;
/* check in and key sz */
if ((inSz < 0) || (keySz < 0) || (outSz < 0)) {
return -1;
}
/* get pointers to our buffers */
unsigned char* inBuf = (*jenv)->GetDirectBufferAddress(jenv, in);
if (inBuf == NULL) {
printf("problem getting in buffer address\n");
return -1;
}
unsigned char* outBuf = (*jenv)->GetDirectBufferAddress(jenv, out);
if (outBuf == NULL) {
printf("problem getting out buffer address\n");
return -1;
}
unsigned char* keyBuf = (*jenv)->GetDirectBufferAddress(jenv, keyDer);
if (keyBuf == NULL) {
printf("problem getting key buffer address\n");
return -1;
}
wc_InitRsaKey(&myKey, NULL);
idx = 0;
ret = wc_RsaPrivateKeyDecode(keyBuf, &idx, &myKey, (unsigned int)keySz);
if (ret == 0) {
ret = wc_RsaPrivateDecrypt(inBuf, (unsigned int)inSz, outBuf,
(unsigned int)outSz, &myKey);
if (ret < 0) {
printf("wc_RsaPrivateDecrypt failed, ret = %d\n", ret);
return ret;
}
} else {
printf("wc_RsaPrivateKeyDecode failed, ret = %d\n", ret);
}
wc_FreeRsaKey(&myKey);
return ret;
}
int init_board_key(unsigned int size) {
PRINTF("- benchmarking ED25519\r\n");
bench_ed25519KeyGen();
bench_ed25519KeySign();
PRINTF("- generating board private key (please wait)\r\n");
wc_InitRsaKey(&board_rsa_key, NULL);
word32 idx = 0;
int r = wc_RsaPrivateKeyDecode(test_der, &idx, &board_rsa_key, test_der_len);
// int r = wc_MakeRsaKey(&board_rsa_key, size, 65537, &rng);
if (r != 0) return r;
// PRINTF("-- BOARD PRIVATE KEY\r\n");
// print_private_key(&board_rsa_key);
//
PRINTF("-- BOARD PUBLIC KEY\r\n");
print_public_key(&board_rsa_key);
return 0;
}
#ifndef NO_RSA
if (ssl->specs.sig_algo == rsa_sa_algo) {
/* rsa sig size */
word32 i = 0;
ret = wc_RsaPrivateKeyDecode(ssl->buffers.key.buffer, &i,
&rsaKey, ssl->buffers.key.length);
if (ret != 0) {
goto done_a;
}
sigSz = wc_RsaEncryptSize(&rsaKey);
} else
#endif
if (ssl->specs.sig_algo == ecc_dsa_sa_algo) {
/* ecdsa sig size */
word32 i = 0;
ret = wc_EccPrivateKeyDecode(ssl->buffers.key.buffer, &i,
&dsaKey, ssl->buffers.key.length);
if (ret != 0) {
goto done_a;
}
sigSz = wc_ecc_sig_size(&dsaKey); /* worst case estimate */
}
else {
#ifndef NO_RSA
wc_FreeRsaKey(&rsaKey);
#endif
wc_ecc_free(&dsaKey);
ERROR_OUT(ALGO_ID_E, done_a); /* unsupported type */
}
int rsa_test(void)
{
byte* tmp = NULL;
size_t bytes;
RsaKey key;
WC_RNG rng;
word32 idx = 0;
int ret;
byte in[] = "Everyone gets Friday off.";
word32 inLen = (word32)XSTRLEN((char*)in);
byte out[256];
byte plain[256];
byte* outPtr = NULL;
tmp = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
if (tmp == NULL) {
ret = MEMORY_E;
goto exit;
}
XMEMCPY(tmp, privkey_der_2048, sizeof(privkey_der_2048));
bytes = sizeof(privkey_der_2048);
ret = wc_InitRsaKey_ex(&key, HEAP_HINT, INVALID_DEVID);
if (ret < 0) {
goto exit;
}
ret = wc_RsaPrivateKeyDecode(tmp, &idx, &key, (word32)bytes);
if (ret < 0) {
goto exit;
}
printf("Key Size: %d\n", wc_RsaEncryptSize(&key));
ret = wc_InitRng(&rng);
if (ret < 0) {
goto exit;
}
#ifdef WC_RSA_BLINDING
ret = wc_RsaSetRNG(&key, &rng);
if (ret < 0) {
goto exit;
}
#endif
ret = wc_RsaPublicEncrypt(in, inLen, out, sizeof(out), &key, &rng);
printf("wc_RsaPublicEncrypt: %d\n", ret);
if (ret < 0) {
goto exit;
}
idx = ret; /* save off encrypted length */
ret = wc_RsaPrivateDecrypt(out, idx, plain, sizeof(plain), &key);
printf("wc_RsaPrivateDecrypt: %d\n", ret);
printf("\n%d", ret);
if (ret < 0) {
goto exit;
}
if (XMEMCMP(plain, in, ret)) {
printf("Compare failed!\n");
goto exit;
}
ret = wc_RsaSSL_Sign(in, inLen, out, sizeof(out), &key, &rng);
printf("wc_RsaSSL_Sign: %d\n", ret);
if (ret < 0) {
goto exit;
}
idx = ret;
XMEMSET(plain, 0, sizeof(plain));
ret = wc_RsaSSL_VerifyInline(out, idx, &outPtr, &key);
printf("wc_RsaSSL_Verify: %d\n", ret);
if (ret < 0) {
goto exit;
}
if (XMEMCMP(in, outPtr, ret)) {
printf("Compare failed!\n");
goto exit;
}
ret = 0; /* success */
exit:
wc_FreeRsaKey(&key);
XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
wc_FreeRng(&rng);
return ret;
}
/* check mcapi rsa */
static int check_rsa(void)
{
CRYPT_RSA_CTX mcRsa;
RsaKey defRsa;
int ret;
int ret2;
unsigned int keySz = (unsigned int)sizeof(client_key_der_1024);
unsigned int idx = 0;
byte out1[256];
byte out2[256];
ret = wc_InitRsaKey(&defRsa, NULL);
if (ret == 0)
ret = CRYPT_RSA_Initialize(&mcRsa);
if (ret != 0) {
printf("mcapi rsa init failed\n");
return -1;
}
ret = CRYPT_RSA_PrivateKeyDecode(&mcRsa, client_key_der_1024, keySz);
if (ret != 0) {
printf("mcapi rsa private key decode failed\n");
return -1;
}
ret = wc_RsaPrivateKeyDecode(client_key_der_1024, &idx, &defRsa, keySz);
if (ret != 0) {
printf("default rsa private key decode failed\n");
return -1;
}
ret = CRYPT_RSA_PublicEncrypt(&mcRsa, out1, sizeof(out1), ourData,
RSA_TEST_SIZE, &mcRng);
if (ret < 0) {
printf("mcapi rsa public encrypt failed\n");
return -1;
}
ret2 = wc_RsaPublicEncrypt(ourData, RSA_TEST_SIZE, out2, sizeof(out2),
&defRsa, &defRng);
if (ret2 < 0) {
printf("default rsa public encrypt failed\n");
return -1;
}
if (ret != ret2) {
printf("default rsa public encrypt sz != mcapi sz\n");
return -1;
}
if (ret != CRYPT_RSA_EncryptSizeGet(&mcRsa)) {
printf("mcapi encrypt sz get != mcapi sz\n");
return -1;
}
ret = CRYPT_RSA_PrivateDecrypt(&mcRsa, out2, sizeof(out2), out1, ret);
if (ret < 0) {
printf("mcapi rsa private derypt failed\n");
return -1;
}
if (ret != RSA_TEST_SIZE) {
printf("mcapi rsa private derypt plain size wrong\n");
return -1;
}
if (memcmp(out2, ourData, ret) != 0) {
printf("mcapi rsa private derypt plain text bad\n");
return -1;
}
wc_FreeRsaKey(&defRsa);
ret = CRYPT_RSA_Free(&mcRsa);
if (ret != 0) {
printf("mcapi rsa free failed\n");
return -1;
}
printf("rsa mcapi test passed\n");
return 0;
}
