int main()
{
ecc_key key;
byte der[4096];
byte buf[4096];
word32 idx = 0;
FILE* derFile;
size_t sz;
RNG rng;
wc_InitRng(&rng);
wc_ecc_init(&key);
if (wc_ecc_make_key(&rng, 32, &key) != 0) {
printf("error making ecc key\n");
return -1;
}
/* write private key */
if (wc_EccKeyToDer(&key, der, sizeof(der)) < 0) {
printf("error in ecc to der\n");
return -1;
}
printf("writing private key to ecc-key.der\n");
derFile = fopen("ecc-key.der", "w");
if (!derFile) {
printf("error loading file\n");
return -1;
}
sz = fwrite(der, 1, 4096, derFile);
fclose(derFile);
wc_ecc_free(&key);
/* open and read from der file */
printf("reading in private key\n");
derFile = fopen("ecc-key.der", "rb");
if (!derFile) {
printf("error reading from file\n");
return -1;
}
sz = fread(buf, 1, 4096, derFile);
fclose(derFile);
/* load private ecc key */
printf("storing private key in ecc struct\n");
wc_ecc_init(&key);
if (wc_EccPrivateKeyDecode(buf, &idx, &key, (word32)sz) != 0) {
printf("error decoding private key\n");
return -1;
}
wc_ecc_free(&key);
/* Or the der file can be loaded into a TLS connection using something like
int wc_DerToPem(der, sizeof(der), pemOut, sizeof(pemOut),
ECC_PRIVATEKEY_TYPE);
int wolfSSL_use_PrivateKey_file(&ssl, pemOut, SSL_FILETYPE_PEM);
*/
/* to store a public key */
wc_ecc_init(&key);
if (wc_ecc_make_key(&rng, 32, &key) != 0) {
printf("error making ecc key\n");
return -1;
}
printf("storing public key into ecc-public.x963\n");
memset(buf, 0, sizeof(buf));
idx = sizeof(buf);
if (wc_ecc_export_x963(&key, buf, &idx) != 0) {
printf("error exporting public ecc key\n");
return -1;
}
derFile = fopen("ecc-public.x963", "w"); /* reused the derFile pointer */
if (!derFile) {
printf("error loading file\n");
return -1;
}
sz = fwrite(buf, 1, idx, derFile);
/* close stuff up */
fclose(derFile);
wc_ecc_free(&key);
wc_FreeRng(&rng);
return 0;
}
JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_ECC_doSign
(JNIEnv* jenv, jobject jcl, jobject in, jlong inSz, jobject out,
jlongArray outSz, jobject keyDer, jlong keySz)
{
int ret;
RNG rng;
ecc_key myKey;
unsigned int tmpOut;
unsigned int idx = 0;
/* check in and key sz */
if ((inSz < 0) || (keySz < 0)) {
return -1;
}
/* get pointers to our buffers */
unsigned char* inBuf = (*jenv)->GetDirectBufferAddress(jenv, in);
if (inBuf == NULL) {
printf("problem getting in buffer address\n");
return -1;
}
unsigned char* outBuf = (*jenv)->GetDirectBufferAddress(jenv, out);
if (outBuf == NULL) {
printf("problem getting out buffer address\n");
return -1;
}
unsigned char* keyBuf = (*jenv)->GetDirectBufferAddress(jenv, keyDer);
if (keyBuf == NULL) {
printf("problem getting key buffer address\n");
return -1;
}
/* set previous value of outSz */
jlong tmp;
(*jenv)->GetLongArrayRegion(jenv, outSz, 0, 1, &tmp);
tmpOut = (unsigned int)tmp;
wc_InitRng(&rng);
wc_ecc_init(&myKey);
ret = wc_EccPrivateKeyDecode(keyBuf, &idx, &myKey, keySz);
if (ret == 0) {
ret = wc_ecc_sign_hash(inBuf, (unsigned int)inSz, outBuf, &tmpOut,
&rng, &myKey);
if (ret != 0) {
printf("wc_ecc_sign_hash failed, ret = %d\n", ret);
wc_ecc_free(&myKey);
return -1;
}
} else {
printf("wc_EccPrivateKeyDecode failed, ret = %d\n", ret);
return -1;
}
wc_ecc_free(&myKey);
(*jenv)->SetLongArrayRegion(jenv, outSz, 0, 1, (jlong*)&tmpOut);
return ret;
}
