From 30520d17764bc9b8422cfc79ba2ddd6edc8ac7b9 Mon Sep 17 00:00:00 2001 From: Paul Bakker Date: Tue, 17 Sep 2013 11:39:31 +0200 Subject: [PATCH] Moved rsa_sign_pss / rsa_verify_pss to use PK for key reading --- programs/pkey/rsa_sign_pss.c | 30 ++++++++++++++++---------- programs/pkey/rsa_verify_pss.c | 39 ++++++++++++++++++---------------- 2 files changed, 40 insertions(+), 29 deletions(-) diff --git a/programs/pkey/rsa_sign_pss.c b/programs/pkey/rsa_sign_pss.c index e848f545f..23846619f 100644 --- a/programs/pkey/rsa_sign_pss.c +++ b/programs/pkey/rsa_sign_pss.c @@ -45,7 +45,7 @@ #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \ !defined(POLARSSL_RSA_C) || !defined(POLARSSL_SHA1_C) || \ - !defined(POLARSSL_X509_PARSE_C) || !defined(POLARSSL_FS_IO) || \ + !defined(POLARSSL_PK_PARSE_C) || !defined(POLARSSL_FS_IO) || \ !defined(POLARSSL_CTR_DRBG_C) int main( int argc, char *argv[] ) { @@ -54,7 +54,7 @@ int main( int argc, char *argv[] ) printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or " "POLARSSL_RSA_C and/or POLARSSL_SHA1_C and/or " - "POLARSSL_X509_PARSE_C and/or POLARSSL_FS_IO and/or " + "POLARSSL_PK_PARSE_C and/or POLARSSL_FS_IO and/or " "POLARSSL_CTR_DRBG_C not defined.\n"); return( 0 ); } @@ -63,13 +63,14 @@ int main( int argc, char *argv[] ) { FILE *f; int ret; - rsa_context rsa; + pk_context pk; entropy_context entropy; ctr_drbg_context ctr_drbg; unsigned char hash[20]; unsigned char buf[POLARSSL_MPI_MAX_SIZE]; char filename[512]; const char *pers = "rsa_sign_pss"; + size_t olen = 0; ret = 1; @@ -99,15 +100,22 @@ int main( int argc, char *argv[] ) printf( "\n . Reading private key from '%s'", argv[1] ); fflush( stdout ); - rsa_init( &rsa, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); + pk_init( &pk ); - if( ( ret = x509parse_keyfile_rsa( &rsa, argv[1], "" ) ) != 0 ) + if( ( ret = pk_parse_keyfile( &pk, argv[1], "" ) ) != 0 ) { ret = 1; printf( " failed\n ! Could not open '%s'\n", argv[1] ); goto exit; } + if( !pk_can_do( &pk, POLARSSL_PK_RSA ) ) + { + ret = 1; + printf( " failed\n ! Key is not an RSA key\n" ); + goto exit; + } + /* * Compute the SHA-1 hash of the input file, * then calculate the RSA signature of the hash. @@ -121,11 +129,10 @@ int main( int argc, char *argv[] ) goto exit; } - if( ( ret = rsa_pkcs1_sign( &rsa, ctr_drbg_random, &ctr_drbg, - RSA_PRIVATE, POLARSSL_MD_SHA1, - 20, hash, buf ) ) != 0 ) + if( ( ret = pk_sign( &pk, POLARSSL_MD_SHA1, hash, 0, buf, &olen, + ctr_drbg_random, &ctr_drbg ) ) != 0 ) { - printf( " failed\n ! rsa_pkcs1_sign returned %d\n\n", ret ); + printf( " failed\n ! pk_sign returned %d\n\n", ret ); goto exit; } @@ -141,7 +148,7 @@ int main( int argc, char *argv[] ) goto exit; } - if( fwrite( buf, 1, rsa.len, f ) != (size_t) rsa.len ) + if( fwrite( buf, 1, olen, f ) != olen ) { printf( "failed\n ! fwrite failed\n\n" ); goto exit; @@ -152,6 +159,7 @@ int main( int argc, char *argv[] ) printf( "\n . Done (created \"%s\")\n\n", filename ); exit: + pk_free( &pk ); #if defined(_WIN32) printf( " + Press Enter to exit this program.\n" ); @@ -161,5 +169,5 @@ exit: return( ret ); } #endif /* POLARSSL_BIGNUM_C && POLARSSL_ENTROPY_C && POLARSSL_RSA_C && - POLARSSL_SHA1_C && POLARSSL_X509_PARSE_C && POLARSSL_FS_IO && + POLARSSL_SHA1_C && POLARSSL_PK_PARSE_C && POLARSSL_FS_IO && POLARSSL_CTR_DRBG_C */ diff --git a/programs/pkey/rsa_verify_pss.c b/programs/pkey/rsa_verify_pss.c index b243772e6..21be848a0 100644 --- a/programs/pkey/rsa_verify_pss.c +++ b/programs/pkey/rsa_verify_pss.c @@ -34,7 +34,7 @@ #include "polarssl/md.h" #include "polarssl/pem.h" -#include "polarssl/rsa.h" +#include "polarssl/pk.h" #include "polarssl/sha1.h" #include "polarssl/x509.h" @@ -43,7 +43,7 @@ #endif #if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \ - !defined(POLARSSL_SHA1_C) || !defined(POLARSSL_X509_PARSE_C) || \ + !defined(POLARSSL_SHA1_C) || !defined(POLARSSL_PK_PARSE_C) || \ !defined(POLARSSL_FS_IO) int main( int argc, char *argv[] ) { @@ -51,7 +51,7 @@ int main( int argc, char *argv[] ) ((void) argv); printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or " - "POLARSSL_SHA1_C and/or POLARSSL_X509_PARSE_C and/or " + "POLARSSL_SHA1_C and/or POLARSSL_PK_PARSE_C and/or " "POLARSSL_FS_IO not defined.\n"); return( 0 ); } @@ -61,7 +61,7 @@ int main( int argc, char *argv[] ) FILE *f; int ret; size_t i; - rsa_context rsa; + pk_context pk; unsigned char hash[20]; unsigned char buf[POLARSSL_MPI_MAX_SIZE]; char filename[512]; @@ -81,11 +81,18 @@ int main( int argc, char *argv[] ) printf( "\n . Reading public key from '%s'", argv[1] ); fflush( stdout ); - rsa_init( &rsa, RSA_PKCS_V21, POLARSSL_MD_SHA1 ); + pk_init( &pk ); - if( ( ret = x509parse_public_keyfile_rsa( &rsa, argv[1] ) ) != 0 ) + if( ( ret = pk_parse_public_keyfile( &pk, argv[1] ) ) != 0 ) { - printf( " failed\n ! x509parse_public_key_rsa returned %d\n\n", ret ); + printf( " failed\n ! pk_parse_public_keyfile returned %d\n\n", ret ); + goto exit; + } + + if( !pk_can_do( &pk, POLARSSL_PK_RSA ) ) + { + ret = 1; + printf( " failed\n ! Key is not an RSA key\n" ); goto exit; } @@ -101,16 +108,11 @@ int main( int argc, char *argv[] ) goto exit; } - i = fread( buf, 1, rsa.len, f ); + + i = fread( buf, 1, POLARSSL_MPI_MAX_SIZE, f ); fclose( f ); - if( i != rsa.len ) - { - printf( "\n ! Invalid RSA signature format\n\n" ); - goto exit; - } - /* * Compute the SHA-1 hash of the input file and compare * it with the hash decrypted from the RSA signature. @@ -124,10 +126,10 @@ int main( int argc, char *argv[] ) goto exit; } - if( ( ret = rsa_pkcs1_verify( &rsa, NULL, NULL, RSA_PUBLIC, - POLARSSL_MD_SHA1, 20, hash, buf ) ) != 0 ) + if( ( ret = pk_verify( &pk, POLARSSL_MD_SHA1, hash, 0, + buf, i ) ) != 0 ) { - printf( " failed\n ! rsa_pkcs1_verify returned %d\n\n", ret ); + printf( " failed\n ! pk_verify returned %d\n\n", ret ); goto exit; } @@ -136,6 +138,7 @@ int main( int argc, char *argv[] ) ret = 0; exit: + pk_free( &pk ); #if defined(_WIN32) printf( " + Press Enter to exit this program.\n" ); @@ -145,4 +148,4 @@ exit: return( ret ); } #endif /* POLARSSL_BIGNUM_C && POLARSSL_RSA_C && POLARSSL_SHA1_C && - POLARSSL_X509_PARSE_C && POLARSSL_FS_IO */ + POLARSSL_PK_PARSE_C && POLARSSL_FS_IO */