Moved rsa_sign_pss / rsa_verify_pss to use PK for key reading
This commit is contained in:
parent
1525495330
commit
30520d1776
2 changed files with 40 additions and 29 deletions
|
@ -45,7 +45,7 @@
|
|||
|
||||
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \
|
||||
!defined(POLARSSL_RSA_C) || !defined(POLARSSL_SHA1_C) || \
|
||||
!defined(POLARSSL_X509_PARSE_C) || !defined(POLARSSL_FS_IO) || \
|
||||
!defined(POLARSSL_PK_PARSE_C) || !defined(POLARSSL_FS_IO) || \
|
||||
!defined(POLARSSL_CTR_DRBG_C)
|
||||
int main( int argc, char *argv[] )
|
||||
{
|
||||
|
@ -54,7 +54,7 @@ int main( int argc, char *argv[] )
|
|||
|
||||
printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or "
|
||||
"POLARSSL_RSA_C and/or POLARSSL_SHA1_C and/or "
|
||||
"POLARSSL_X509_PARSE_C and/or POLARSSL_FS_IO and/or "
|
||||
"POLARSSL_PK_PARSE_C and/or POLARSSL_FS_IO and/or "
|
||||
"POLARSSL_CTR_DRBG_C not defined.\n");
|
||||
return( 0 );
|
||||
}
|
||||
|
@ -63,13 +63,14 @@ int main( int argc, char *argv[] )
|
|||
{
|
||||
FILE *f;
|
||||
int ret;
|
||||
rsa_context rsa;
|
||||
pk_context pk;
|
||||
entropy_context entropy;
|
||||
ctr_drbg_context ctr_drbg;
|
||||
unsigned char hash[20];
|
||||
unsigned char buf[POLARSSL_MPI_MAX_SIZE];
|
||||
char filename[512];
|
||||
const char *pers = "rsa_sign_pss";
|
||||
size_t olen = 0;
|
||||
|
||||
ret = 1;
|
||||
|
||||
|
@ -99,15 +100,22 @@ int main( int argc, char *argv[] )
|
|||
printf( "\n . Reading private key from '%s'", argv[1] );
|
||||
fflush( stdout );
|
||||
|
||||
rsa_init( &rsa, RSA_PKCS_V21, POLARSSL_MD_SHA1 );
|
||||
pk_init( &pk );
|
||||
|
||||
if( ( ret = x509parse_keyfile_rsa( &rsa, argv[1], "" ) ) != 0 )
|
||||
if( ( ret = pk_parse_keyfile( &pk, argv[1], "" ) ) != 0 )
|
||||
{
|
||||
ret = 1;
|
||||
printf( " failed\n ! Could not open '%s'\n", argv[1] );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( !pk_can_do( &pk, POLARSSL_PK_RSA ) )
|
||||
{
|
||||
ret = 1;
|
||||
printf( " failed\n ! Key is not an RSA key\n" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
/*
|
||||
* Compute the SHA-1 hash of the input file,
|
||||
* then calculate the RSA signature of the hash.
|
||||
|
@ -121,11 +129,10 @@ int main( int argc, char *argv[] )
|
|||
goto exit;
|
||||
}
|
||||
|
||||
if( ( ret = rsa_pkcs1_sign( &rsa, ctr_drbg_random, &ctr_drbg,
|
||||
RSA_PRIVATE, POLARSSL_MD_SHA1,
|
||||
20, hash, buf ) ) != 0 )
|
||||
if( ( ret = pk_sign( &pk, POLARSSL_MD_SHA1, hash, 0, buf, &olen,
|
||||
ctr_drbg_random, &ctr_drbg ) ) != 0 )
|
||||
{
|
||||
printf( " failed\n ! rsa_pkcs1_sign returned %d\n\n", ret );
|
||||
printf( " failed\n ! pk_sign returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
|
@ -141,7 +148,7 @@ int main( int argc, char *argv[] )
|
|||
goto exit;
|
||||
}
|
||||
|
||||
if( fwrite( buf, 1, rsa.len, f ) != (size_t) rsa.len )
|
||||
if( fwrite( buf, 1, olen, f ) != olen )
|
||||
{
|
||||
printf( "failed\n ! fwrite failed\n\n" );
|
||||
goto exit;
|
||||
|
@ -152,6 +159,7 @@ int main( int argc, char *argv[] )
|
|||
printf( "\n . Done (created \"%s\")\n\n", filename );
|
||||
|
||||
exit:
|
||||
pk_free( &pk );
|
||||
|
||||
#if defined(_WIN32)
|
||||
printf( " + Press Enter to exit this program.\n" );
|
||||
|
@ -161,5 +169,5 @@ exit:
|
|||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_BIGNUM_C && POLARSSL_ENTROPY_C && POLARSSL_RSA_C &&
|
||||
POLARSSL_SHA1_C && POLARSSL_X509_PARSE_C && POLARSSL_FS_IO &&
|
||||
POLARSSL_SHA1_C && POLARSSL_PK_PARSE_C && POLARSSL_FS_IO &&
|
||||
POLARSSL_CTR_DRBG_C */
|
||||
|
|
|
@ -34,7 +34,7 @@
|
|||
|
||||
#include "polarssl/md.h"
|
||||
#include "polarssl/pem.h"
|
||||
#include "polarssl/rsa.h"
|
||||
#include "polarssl/pk.h"
|
||||
#include "polarssl/sha1.h"
|
||||
#include "polarssl/x509.h"
|
||||
|
||||
|
@ -43,7 +43,7 @@
|
|||
#endif
|
||||
|
||||
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \
|
||||
!defined(POLARSSL_SHA1_C) || !defined(POLARSSL_X509_PARSE_C) || \
|
||||
!defined(POLARSSL_SHA1_C) || !defined(POLARSSL_PK_PARSE_C) || \
|
||||
!defined(POLARSSL_FS_IO)
|
||||
int main( int argc, char *argv[] )
|
||||
{
|
||||
|
@ -51,7 +51,7 @@ int main( int argc, char *argv[] )
|
|||
((void) argv);
|
||||
|
||||
printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or "
|
||||
"POLARSSL_SHA1_C and/or POLARSSL_X509_PARSE_C and/or "
|
||||
"POLARSSL_SHA1_C and/or POLARSSL_PK_PARSE_C and/or "
|
||||
"POLARSSL_FS_IO not defined.\n");
|
||||
return( 0 );
|
||||
}
|
||||
|
@ -61,7 +61,7 @@ int main( int argc, char *argv[] )
|
|||
FILE *f;
|
||||
int ret;
|
||||
size_t i;
|
||||
rsa_context rsa;
|
||||
pk_context pk;
|
||||
unsigned char hash[20];
|
||||
unsigned char buf[POLARSSL_MPI_MAX_SIZE];
|
||||
char filename[512];
|
||||
|
@ -81,11 +81,18 @@ int main( int argc, char *argv[] )
|
|||
printf( "\n . Reading public key from '%s'", argv[1] );
|
||||
fflush( stdout );
|
||||
|
||||
rsa_init( &rsa, RSA_PKCS_V21, POLARSSL_MD_SHA1 );
|
||||
pk_init( &pk );
|
||||
|
||||
if( ( ret = x509parse_public_keyfile_rsa( &rsa, argv[1] ) ) != 0 )
|
||||
if( ( ret = pk_parse_public_keyfile( &pk, argv[1] ) ) != 0 )
|
||||
{
|
||||
printf( " failed\n ! x509parse_public_key_rsa returned %d\n\n", ret );
|
||||
printf( " failed\n ! pk_parse_public_keyfile returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( !pk_can_do( &pk, POLARSSL_PK_RSA ) )
|
||||
{
|
||||
ret = 1;
|
||||
printf( " failed\n ! Key is not an RSA key\n" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
|
@ -101,16 +108,11 @@ int main( int argc, char *argv[] )
|
|||
goto exit;
|
||||
}
|
||||
|
||||
i = fread( buf, 1, rsa.len, f );
|
||||
|
||||
i = fread( buf, 1, POLARSSL_MPI_MAX_SIZE, f );
|
||||
|
||||
fclose( f );
|
||||
|
||||
if( i != rsa.len )
|
||||
{
|
||||
printf( "\n ! Invalid RSA signature format\n\n" );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
/*
|
||||
* Compute the SHA-1 hash of the input file and compare
|
||||
* it with the hash decrypted from the RSA signature.
|
||||
|
@ -124,10 +126,10 @@ int main( int argc, char *argv[] )
|
|||
goto exit;
|
||||
}
|
||||
|
||||
if( ( ret = rsa_pkcs1_verify( &rsa, NULL, NULL, RSA_PUBLIC,
|
||||
POLARSSL_MD_SHA1, 20, hash, buf ) ) != 0 )
|
||||
if( ( ret = pk_verify( &pk, POLARSSL_MD_SHA1, hash, 0,
|
||||
buf, i ) ) != 0 )
|
||||
{
|
||||
printf( " failed\n ! rsa_pkcs1_verify returned %d\n\n", ret );
|
||||
printf( " failed\n ! pk_verify returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
|
@ -136,6 +138,7 @@ int main( int argc, char *argv[] )
|
|||
ret = 0;
|
||||
|
||||
exit:
|
||||
pk_free( &pk );
|
||||
|
||||
#if defined(_WIN32)
|
||||
printf( " + Press Enter to exit this program.\n" );
|
||||
|
@ -145,4 +148,4 @@ exit:
|
|||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_BIGNUM_C && POLARSSL_RSA_C && POLARSSL_SHA1_C &&
|
||||
POLARSSL_X509_PARSE_C && POLARSSL_FS_IO */
|
||||
POLARSSL_PK_PARSE_C && POLARSSL_FS_IO */
|
||||
|
|
Loading…
Reference in a new issue