Moved rsa_sign_pss / rsa_verify_pss to use PK for key reading

This commit is contained in:
Paul Bakker 2013-09-17 11:39:31 +02:00
parent 1525495330
commit 30520d1776
2 changed files with 40 additions and 29 deletions

View file

@ -45,7 +45,7 @@
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \
!defined(POLARSSL_RSA_C) || !defined(POLARSSL_SHA1_C) || \
!defined(POLARSSL_X509_PARSE_C) || !defined(POLARSSL_FS_IO) || \
!defined(POLARSSL_PK_PARSE_C) || !defined(POLARSSL_FS_IO) || \
!defined(POLARSSL_CTR_DRBG_C)
int main( int argc, char *argv[] )
{
@ -54,7 +54,7 @@ int main( int argc, char *argv[] )
printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or "
"POLARSSL_RSA_C and/or POLARSSL_SHA1_C and/or "
"POLARSSL_X509_PARSE_C and/or POLARSSL_FS_IO and/or "
"POLARSSL_PK_PARSE_C and/or POLARSSL_FS_IO and/or "
"POLARSSL_CTR_DRBG_C not defined.\n");
return( 0 );
}
@ -63,13 +63,14 @@ int main( int argc, char *argv[] )
{
FILE *f;
int ret;
rsa_context rsa;
pk_context pk;
entropy_context entropy;
ctr_drbg_context ctr_drbg;
unsigned char hash[20];
unsigned char buf[POLARSSL_MPI_MAX_SIZE];
char filename[512];
const char *pers = "rsa_sign_pss";
size_t olen = 0;
ret = 1;
@ -99,15 +100,22 @@ int main( int argc, char *argv[] )
printf( "\n . Reading private key from '%s'", argv[1] );
fflush( stdout );
rsa_init( &rsa, RSA_PKCS_V21, POLARSSL_MD_SHA1 );
pk_init( &pk );
if( ( ret = x509parse_keyfile_rsa( &rsa, argv[1], "" ) ) != 0 )
if( ( ret = pk_parse_keyfile( &pk, argv[1], "" ) ) != 0 )
{
ret = 1;
printf( " failed\n ! Could not open '%s'\n", argv[1] );
goto exit;
}
if( !pk_can_do( &pk, POLARSSL_PK_RSA ) )
{
ret = 1;
printf( " failed\n ! Key is not an RSA key\n" );
goto exit;
}
/*
* Compute the SHA-1 hash of the input file,
* then calculate the RSA signature of the hash.
@ -121,11 +129,10 @@ int main( int argc, char *argv[] )
goto exit;
}
if( ( ret = rsa_pkcs1_sign( &rsa, ctr_drbg_random, &ctr_drbg,
RSA_PRIVATE, POLARSSL_MD_SHA1,
20, hash, buf ) ) != 0 )
if( ( ret = pk_sign( &pk, POLARSSL_MD_SHA1, hash, 0, buf, &olen,
ctr_drbg_random, &ctr_drbg ) ) != 0 )
{
printf( " failed\n ! rsa_pkcs1_sign returned %d\n\n", ret );
printf( " failed\n ! pk_sign returned %d\n\n", ret );
goto exit;
}
@ -141,7 +148,7 @@ int main( int argc, char *argv[] )
goto exit;
}
if( fwrite( buf, 1, rsa.len, f ) != (size_t) rsa.len )
if( fwrite( buf, 1, olen, f ) != olen )
{
printf( "failed\n ! fwrite failed\n\n" );
goto exit;
@ -152,6 +159,7 @@ int main( int argc, char *argv[] )
printf( "\n . Done (created \"%s\")\n\n", filename );
exit:
pk_free( &pk );
#if defined(_WIN32)
printf( " + Press Enter to exit this program.\n" );
@ -161,5 +169,5 @@ exit:
return( ret );
}
#endif /* POLARSSL_BIGNUM_C && POLARSSL_ENTROPY_C && POLARSSL_RSA_C &&
POLARSSL_SHA1_C && POLARSSL_X509_PARSE_C && POLARSSL_FS_IO &&
POLARSSL_SHA1_C && POLARSSL_PK_PARSE_C && POLARSSL_FS_IO &&
POLARSSL_CTR_DRBG_C */

View file

@ -34,7 +34,7 @@
#include "polarssl/md.h"
#include "polarssl/pem.h"
#include "polarssl/rsa.h"
#include "polarssl/pk.h"
#include "polarssl/sha1.h"
#include "polarssl/x509.h"
@ -43,7 +43,7 @@
#endif
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \
!defined(POLARSSL_SHA1_C) || !defined(POLARSSL_X509_PARSE_C) || \
!defined(POLARSSL_SHA1_C) || !defined(POLARSSL_PK_PARSE_C) || \
!defined(POLARSSL_FS_IO)
int main( int argc, char *argv[] )
{
@ -51,7 +51,7 @@ int main( int argc, char *argv[] )
((void) argv);
printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or "
"POLARSSL_SHA1_C and/or POLARSSL_X509_PARSE_C and/or "
"POLARSSL_SHA1_C and/or POLARSSL_PK_PARSE_C and/or "
"POLARSSL_FS_IO not defined.\n");
return( 0 );
}
@ -61,7 +61,7 @@ int main( int argc, char *argv[] )
FILE *f;
int ret;
size_t i;
rsa_context rsa;
pk_context pk;
unsigned char hash[20];
unsigned char buf[POLARSSL_MPI_MAX_SIZE];
char filename[512];
@ -81,11 +81,18 @@ int main( int argc, char *argv[] )
printf( "\n . Reading public key from '%s'", argv[1] );
fflush( stdout );
rsa_init( &rsa, RSA_PKCS_V21, POLARSSL_MD_SHA1 );
pk_init( &pk );
if( ( ret = x509parse_public_keyfile_rsa( &rsa, argv[1] ) ) != 0 )
if( ( ret = pk_parse_public_keyfile( &pk, argv[1] ) ) != 0 )
{
printf( " failed\n ! x509parse_public_key_rsa returned %d\n\n", ret );
printf( " failed\n ! pk_parse_public_keyfile returned %d\n\n", ret );
goto exit;
}
if( !pk_can_do( &pk, POLARSSL_PK_RSA ) )
{
ret = 1;
printf( " failed\n ! Key is not an RSA key\n" );
goto exit;
}
@ -101,16 +108,11 @@ int main( int argc, char *argv[] )
goto exit;
}
i = fread( buf, 1, rsa.len, f );
i = fread( buf, 1, POLARSSL_MPI_MAX_SIZE, f );
fclose( f );
if( i != rsa.len )
{
printf( "\n ! Invalid RSA signature format\n\n" );
goto exit;
}
/*
* Compute the SHA-1 hash of the input file and compare
* it with the hash decrypted from the RSA signature.
@ -124,10 +126,10 @@ int main( int argc, char *argv[] )
goto exit;
}
if( ( ret = rsa_pkcs1_verify( &rsa, NULL, NULL, RSA_PUBLIC,
POLARSSL_MD_SHA1, 20, hash, buf ) ) != 0 )
if( ( ret = pk_verify( &pk, POLARSSL_MD_SHA1, hash, 0,
buf, i ) ) != 0 )
{
printf( " failed\n ! rsa_pkcs1_verify returned %d\n\n", ret );
printf( " failed\n ! pk_verify returned %d\n\n", ret );
goto exit;
}
@ -136,6 +138,7 @@ int main( int argc, char *argv[] )
ret = 0;
exit:
pk_free( &pk );
#if defined(_WIN32)
printf( " + Press Enter to exit this program.\n" );
@ -145,4 +148,4 @@ exit:
return( ret );
}
#endif /* POLARSSL_BIGNUM_C && POLARSSL_RSA_C && POLARSSL_SHA1_C &&
POLARSSL_X509_PARSE_C && POLARSSL_FS_IO */
POLARSSL_PK_PARSE_C && POLARSSL_FS_IO */