int main() { ecc_key key; byte der[4096]; byte buf[4096]; word32 idx = 0; FILE* derFile; size_t sz; RNG rng; wc_InitRng(&rng); wc_ecc_init(&key); if (wc_ecc_make_key(&rng, 32, &key) != 0) { printf("error making ecc key\n"); return -1; } /* write private key */ if (wc_EccKeyToDer(&key, der, sizeof(der)) < 0) { printf("error in ecc to der\n"); return -1; } printf("writing private key to ecc-key.der\n"); derFile = fopen("ecc-key.der", "w"); if (!derFile) { printf("error loading file\n"); return -1; } sz = fwrite(der, 1, 4096, derFile); fclose(derFile); wc_ecc_free(&key); /* open and read from der file */ printf("reading in private key\n"); derFile = fopen("ecc-key.der", "rb"); if (!derFile) { printf("error reading from file\n"); return -1; } sz = fread(buf, 1, 4096, derFile); fclose(derFile); /* load private ecc key */ printf("storing private key in ecc struct\n"); wc_ecc_init(&key); if (wc_EccPrivateKeyDecode(buf, &idx, &key, (word32)sz) != 0) { printf("error decoding private key\n"); return -1; } wc_ecc_free(&key); /* Or the der file can be loaded into a TLS connection using something like int wc_DerToPem(der, sizeof(der), pemOut, sizeof(pemOut), ECC_PRIVATEKEY_TYPE); int wolfSSL_use_PrivateKey_file(&ssl, pemOut, SSL_FILETYPE_PEM); */ /* to store a public key */ wc_ecc_init(&key); if (wc_ecc_make_key(&rng, 32, &key) != 0) { printf("error making ecc key\n"); return -1; } printf("storing public key into ecc-public.x963\n"); memset(buf, 0, sizeof(buf)); idx = sizeof(buf); if (wc_ecc_export_x963(&key, buf, &idx) != 0) { printf("error exporting public ecc key\n"); return -1; } derFile = fopen("ecc-public.x963", "w"); /* reused the derFile pointer */ if (!derFile) { printf("error loading file\n"); return -1; } sz = fwrite(buf, 1, idx, derFile); /* close stuff up */ fclose(derFile); wc_ecc_free(&key); wc_FreeRng(&rng); return 0; }
JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_ECC_doSign (JNIEnv* jenv, jobject jcl, jobject in, jlong inSz, jobject out, jlongArray outSz, jobject keyDer, jlong keySz) { int ret; RNG rng; ecc_key myKey; unsigned int tmpOut; unsigned int idx = 0; /* check in and key sz */ if ((inSz < 0) || (keySz < 0)) { return -1; } /* get pointers to our buffers */ unsigned char* inBuf = (*jenv)->GetDirectBufferAddress(jenv, in); if (inBuf == NULL) { printf("problem getting in buffer address\n"); return -1; } unsigned char* outBuf = (*jenv)->GetDirectBufferAddress(jenv, out); if (outBuf == NULL) { printf("problem getting out buffer address\n"); return -1; } unsigned char* keyBuf = (*jenv)->GetDirectBufferAddress(jenv, keyDer); if (keyBuf == NULL) { printf("problem getting key buffer address\n"); return -1; } /* set previous value of outSz */ jlong tmp; (*jenv)->GetLongArrayRegion(jenv, outSz, 0, 1, &tmp); tmpOut = (unsigned int)tmp; wc_InitRng(&rng); wc_ecc_init(&myKey); ret = wc_EccPrivateKeyDecode(keyBuf, &idx, &myKey, keySz); if (ret == 0) { ret = wc_ecc_sign_hash(inBuf, (unsigned int)inSz, outBuf, &tmpOut, &rng, &myKey); if (ret != 0) { printf("wc_ecc_sign_hash failed, ret = %d\n", ret); wc_ecc_free(&myKey); return -1; } } else { printf("wc_EccPrivateKeyDecode failed, ret = %d\n", ret); return -1; } wc_ecc_free(&myKey); (*jenv)->SetLongArrayRegion(jenv, outSz, 0, 1, (jlong*)&tmpOut); return ret; }