Hannes Tschofenig
Example program to test AES-GCM functionality. Used for a workshop
Embed:
(wiki syntax)
Show/hide line numbers
pk_wrap.c
00001 /* 00002 * Public Key abstraction layer: wrapper functions 00003 * 00004 * Copyright (C) 2006-2014, Brainspark B.V. 00005 * 00006 * This file is part of PolarSSL (http://www.polarssl.org) 00007 * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> 00008 * 00009 * All rights reserved. 00010 * 00011 * This program is free software; you can redistribute it and/or modify 00012 * it under the terms of the GNU General Public License as published by 00013 * the Free Software Foundation; either version 2 of the License, or 00014 * (at your option) any later version. 00015 * 00016 * This program is distributed in the hope that it will be useful, 00017 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00018 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00019 * GNU General Public License for more details. 00020 * 00021 * You should have received a copy of the GNU General Public License along 00022 * with this program; if not, write to the Free Software Foundation, Inc., 00023 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. 00024 */ 00025 00026 #if !defined(POLARSSL_CONFIG_FILE) 00027 #include "polarssl/config.h" 00028 #else 00029 #include POLARSSL_CONFIG_FILE 00030 #endif 00031 00032 #if defined(POLARSSL_PK_C) 00033 00034 #include "polarssl/pk_wrap.h" 00035 00036 /* Even if RSA not activated, for the sake of RSA-alt */ 00037 #include "polarssl/rsa.h" 00038 00039 #if defined(POLARSSL_ECP_C) 00040 #include "polarssl/ecp.h" 00041 #endif 00042 00043 #if defined(POLARSSL_ECDSA_C) 00044 #include "polarssl/ecdsa.h" 00045 #endif 00046 00047 #if defined(POLARSSL_PLATFORM_C) 00048 #include "polarssl/platform.h" 00049 #else 00050 #include <stdlib.h> 00051 #define polarssl_malloc malloc 00052 #define polarssl_free free 00053 #endif 00054 00055 /* Used by RSA-alt too */ 00056 static int rsa_can_do( pk_type_t type ) 00057 { 00058 return( type == POLARSSL_PK_RSA ); 00059 } 00060 00061 #if defined(POLARSSL_RSA_C) 00062 static size_t rsa_get_size( const void *ctx ) 00063 { 00064 return( 8 * ((const rsa_context *) ctx)->len ); 00065 } 00066 00067 static int rsa_verify_wrap( void *ctx, md_type_t md_alg, 00068 const unsigned char *hash, size_t hash_len, 00069 const unsigned char *sig, size_t sig_len ) 00070 { 00071 int ret; 00072 00073 if( sig_len < ((rsa_context *) ctx)->len ) 00074 return( POLARSSL_ERR_RSA_VERIFY_FAILED ); 00075 00076 if( ( ret = rsa_pkcs1_verify( (rsa_context *) ctx, NULL, NULL, 00077 RSA_PUBLIC, md_alg, 00078 (unsigned int) hash_len, hash, sig ) ) != 0 ) 00079 return( ret ); 00080 00081 if( sig_len > ((rsa_context *) ctx)->len ) 00082 return( POLARSSL_ERR_PK_SIG_LEN_MISMATCH ); 00083 00084 return( 0 ); 00085 } 00086 00087 static int rsa_sign_wrap( void *ctx, md_type_t md_alg, 00088 const unsigned char *hash, size_t hash_len, 00089 unsigned char *sig, size_t *sig_len, 00090 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) 00091 { 00092 *sig_len = ((rsa_context *) ctx)->len; 00093 00094 return( rsa_pkcs1_sign( (rsa_context *) ctx, f_rng, p_rng, RSA_PRIVATE, 00095 md_alg, (unsigned int) hash_len, hash, sig ) ); 00096 } 00097 00098 static int rsa_decrypt_wrap( void *ctx, 00099 const unsigned char *input, size_t ilen, 00100 unsigned char *output, size_t *olen, size_t osize, 00101 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) 00102 { 00103 if( ilen != ((rsa_context *) ctx)->len ) 00104 return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); 00105 00106 return( rsa_pkcs1_decrypt( (rsa_context *) ctx, f_rng, p_rng, 00107 RSA_PRIVATE, olen, input, output, osize ) ); 00108 } 00109 00110 static int rsa_encrypt_wrap( void *ctx, 00111 const unsigned char *input, size_t ilen, 00112 unsigned char *output, size_t *olen, size_t osize, 00113 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) 00114 { 00115 ((void) osize); 00116 00117 *olen = ((rsa_context *) ctx)->len; 00118 00119 return( rsa_pkcs1_encrypt( (rsa_context *) ctx, 00120 f_rng, p_rng, RSA_PUBLIC, ilen, input, output ) ); 00121 } 00122 00123 static void *rsa_alloc_wrap( void ) 00124 { 00125 void *ctx = polarssl_malloc( sizeof( rsa_context ) ); 00126 00127 if( ctx != NULL ) 00128 rsa_init( (rsa_context *) ctx, 0, 0 ); 00129 00130 return ctx; 00131 } 00132 00133 static void rsa_free_wrap( void *ctx ) 00134 { 00135 rsa_free( (rsa_context *) ctx ); 00136 polarssl_free( ctx ); 00137 } 00138 00139 static void rsa_debug( const void *ctx, pk_debug_item *items ) 00140 { 00141 items->type = POLARSSL_PK_DEBUG_MPI; 00142 items->name = "rsa.N"; 00143 items->value = &( ((rsa_context *) ctx)->N ); 00144 00145 items++; 00146 00147 items->type = POLARSSL_PK_DEBUG_MPI; 00148 items->name = "rsa.E"; 00149 items->value = &( ((rsa_context *) ctx)->E ); 00150 } 00151 00152 const pk_info_t rsa_info = { 00153 POLARSSL_PK_RSA, 00154 "RSA", 00155 rsa_get_size, 00156 rsa_can_do, 00157 rsa_verify_wrap, 00158 rsa_sign_wrap, 00159 rsa_decrypt_wrap, 00160 rsa_encrypt_wrap, 00161 rsa_alloc_wrap, 00162 rsa_free_wrap, 00163 rsa_debug, 00164 }; 00165 #endif /* POLARSSL_RSA_C */ 00166 00167 #if defined(POLARSSL_ECP_C) 00168 /* 00169 * Generic EC key 00170 */ 00171 static int eckey_can_do( pk_type_t type ) 00172 { 00173 return( type == POLARSSL_PK_ECKEY || 00174 type == POLARSSL_PK_ECKEY_DH || 00175 type == POLARSSL_PK_ECDSA ); 00176 } 00177 00178 static size_t eckey_get_size( const void *ctx ) 00179 { 00180 return( ((ecp_keypair *) ctx)->grp.pbits ); 00181 } 00182 00183 #if defined(POLARSSL_ECDSA_C) 00184 /* Forward declarations */ 00185 static int ecdsa_verify_wrap( void *ctx, md_type_t md_alg, 00186 const unsigned char *hash, size_t hash_len, 00187 const unsigned char *sig, size_t sig_len ); 00188 00189 static int ecdsa_sign_wrap( void *ctx, md_type_t md_alg, 00190 const unsigned char *hash, size_t hash_len, 00191 unsigned char *sig, size_t *sig_len, 00192 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); 00193 00194 static int eckey_verify_wrap( void *ctx, md_type_t md_alg, 00195 const unsigned char *hash, size_t hash_len, 00196 const unsigned char *sig, size_t sig_len ) 00197 { 00198 int ret; 00199 ecdsa_context ecdsa; 00200 00201 ecdsa_init( &ecdsa ); 00202 00203 if( ( ret = ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 ) 00204 ret = ecdsa_verify_wrap( &ecdsa, md_alg, hash, hash_len, sig, sig_len ); 00205 00206 ecdsa_free( &ecdsa ); 00207 00208 return( ret ); 00209 } 00210 00211 static int eckey_sign_wrap( void *ctx, md_type_t md_alg, 00212 const unsigned char *hash, size_t hash_len, 00213 unsigned char *sig, size_t *sig_len, 00214 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) 00215 { 00216 int ret; 00217 ecdsa_context ecdsa; 00218 00219 ecdsa_init( &ecdsa ); 00220 00221 if( ( ret = ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 ) 00222 ret = ecdsa_sign_wrap( &ecdsa, md_alg, hash, hash_len, sig, sig_len, 00223 f_rng, p_rng ); 00224 00225 ecdsa_free( &ecdsa ); 00226 00227 return( ret ); 00228 } 00229 00230 #endif /* POLARSSL_ECDSA_C */ 00231 00232 static void *eckey_alloc_wrap( void ) 00233 { 00234 void *ctx = polarssl_malloc( sizeof( ecp_keypair ) ); 00235 00236 if( ctx != NULL ) 00237 ecp_keypair_init( ctx ); 00238 00239 return( ctx ); 00240 } 00241 00242 static void eckey_free_wrap( void *ctx ) 00243 { 00244 ecp_keypair_free( (ecp_keypair *) ctx ); 00245 polarssl_free( ctx ); 00246 } 00247 00248 static void eckey_debug( const void *ctx, pk_debug_item *items ) 00249 { 00250 items->type = POLARSSL_PK_DEBUG_ECP; 00251 items->name = "eckey.Q"; 00252 items->value = &( ((ecp_keypair *) ctx)->Q ); 00253 } 00254 00255 const pk_info_t eckey_info = { 00256 POLARSSL_PK_ECKEY, 00257 "EC", 00258 eckey_get_size, 00259 eckey_can_do, 00260 #if defined(POLARSSL_ECDSA_C) 00261 eckey_verify_wrap, 00262 eckey_sign_wrap, 00263 #else 00264 NULL, 00265 NULL, 00266 #endif 00267 NULL, 00268 NULL, 00269 eckey_alloc_wrap, 00270 eckey_free_wrap, 00271 eckey_debug, 00272 }; 00273 00274 /* 00275 * EC key restricted to ECDH 00276 */ 00277 static int eckeydh_can_do( pk_type_t type ) 00278 { 00279 return( type == POLARSSL_PK_ECKEY || 00280 type == POLARSSL_PK_ECKEY_DH ); 00281 } 00282 00283 const pk_info_t eckeydh_info = { 00284 POLARSSL_PK_ECKEY_DH, 00285 "EC_DH", 00286 eckey_get_size, /* Same underlying key structure */ 00287 eckeydh_can_do, 00288 NULL, 00289 NULL, 00290 NULL, 00291 NULL, 00292 eckey_alloc_wrap, /* Same underlying key structure */ 00293 eckey_free_wrap, /* Same underlying key structure */ 00294 eckey_debug, /* Same underlying key structure */ 00295 }; 00296 #endif /* POLARSSL_ECP_C */ 00297 00298 #if defined(POLARSSL_ECDSA_C) 00299 static int ecdsa_can_do( pk_type_t type ) 00300 { 00301 return( type == POLARSSL_PK_ECDSA ); 00302 } 00303 00304 static int ecdsa_verify_wrap( void *ctx, md_type_t md_alg, 00305 const unsigned char *hash, size_t hash_len, 00306 const unsigned char *sig, size_t sig_len ) 00307 { 00308 int ret; 00309 ((void) md_alg); 00310 00311 ret = ecdsa_read_signature( (ecdsa_context *) ctx, 00312 hash, hash_len, sig, sig_len ); 00313 00314 if( ret == POLARSSL_ERR_ECP_SIG_LEN_MISMATCH ) 00315 return( POLARSSL_ERR_PK_SIG_LEN_MISMATCH ); 00316 00317 return( ret ); 00318 } 00319 00320 static int ecdsa_sign_wrap( void *ctx, md_type_t md_alg, 00321 const unsigned char *hash, size_t hash_len, 00322 unsigned char *sig, size_t *sig_len, 00323 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) 00324 { 00325 /* Use deterministic ECDSA by default if available */ 00326 #if defined(POLARSSL_ECDSA_DETERMINISTIC) 00327 ((void) f_rng); 00328 ((void) p_rng); 00329 00330 return( ecdsa_write_signature_det( (ecdsa_context *) ctx, 00331 hash, hash_len, sig, sig_len, md_alg ) ); 00332 #else 00333 ((void) md_alg); 00334 00335 return( ecdsa_write_signature( (ecdsa_context *) ctx, 00336 hash, hash_len, sig, sig_len, f_rng, p_rng ) ); 00337 #endif /* POLARSSL_ECDSA_DETERMINISTIC */ 00338 } 00339 00340 static void *ecdsa_alloc_wrap( void ) 00341 { 00342 void *ctx = polarssl_malloc( sizeof( ecdsa_context ) ); 00343 00344 if( ctx != NULL ) 00345 ecdsa_init( (ecdsa_context *) ctx ); 00346 00347 return( ctx ); 00348 } 00349 00350 static void ecdsa_free_wrap( void *ctx ) 00351 { 00352 ecdsa_free( (ecdsa_context *) ctx ); 00353 polarssl_free( ctx ); 00354 } 00355 00356 const pk_info_t ecdsa_info = { 00357 POLARSSL_PK_ECDSA, 00358 "ECDSA", 00359 eckey_get_size, /* Compatible key structures */ 00360 ecdsa_can_do, 00361 ecdsa_verify_wrap, 00362 ecdsa_sign_wrap, 00363 NULL, 00364 NULL, 00365 ecdsa_alloc_wrap, 00366 ecdsa_free_wrap, 00367 eckey_debug, /* Compatible key structures */ 00368 }; 00369 #endif /* POLARSSL_ECDSA_C */ 00370 00371 /* 00372 * Support for alternative RSA-private implementations 00373 */ 00374 00375 static size_t rsa_alt_get_size( const void *ctx ) 00376 { 00377 const rsa_alt_context *rsa_alt = (const rsa_alt_context *) ctx; 00378 00379 return( 8 * rsa_alt->key_len_func( rsa_alt->key ) ); 00380 } 00381 00382 static int rsa_alt_sign_wrap( void *ctx, md_type_t md_alg, 00383 const unsigned char *hash, size_t hash_len, 00384 unsigned char *sig, size_t *sig_len, 00385 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) 00386 { 00387 rsa_alt_context *rsa_alt = (rsa_alt_context *) ctx; 00388 00389 *sig_len = rsa_alt->key_len_func( rsa_alt->key ); 00390 00391 return( rsa_alt->sign_func( rsa_alt->key, f_rng, p_rng, RSA_PRIVATE, 00392 md_alg, (unsigned int) hash_len, hash, sig ) ); 00393 } 00394 00395 static int rsa_alt_decrypt_wrap( void *ctx, 00396 const unsigned char *input, size_t ilen, 00397 unsigned char *output, size_t *olen, size_t osize, 00398 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) 00399 { 00400 rsa_alt_context *rsa_alt = (rsa_alt_context *) ctx; 00401 00402 ((void) f_rng); 00403 ((void) p_rng); 00404 00405 if( ilen != rsa_alt->key_len_func( rsa_alt->key ) ) 00406 return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); 00407 00408 return( rsa_alt->decrypt_func( rsa_alt->key, 00409 RSA_PRIVATE, olen, input, output, osize ) ); 00410 } 00411 00412 static void *rsa_alt_alloc_wrap( void ) 00413 { 00414 void *ctx = polarssl_malloc( sizeof( rsa_alt_context ) ); 00415 00416 if( ctx != NULL ) 00417 memset( ctx, 0, sizeof( rsa_alt_context ) ); 00418 00419 return ctx; 00420 } 00421 00422 static void rsa_alt_free_wrap( void *ctx ) 00423 { 00424 polarssl_free( ctx ); 00425 } 00426 00427 const pk_info_t rsa_alt_info = { 00428 POLARSSL_PK_RSA_ALT, 00429 "RSA-alt", 00430 rsa_alt_get_size, 00431 rsa_can_do, 00432 NULL, 00433 rsa_alt_sign_wrap, 00434 rsa_alt_decrypt_wrap, 00435 NULL, 00436 rsa_alt_alloc_wrap, 00437 rsa_alt_free_wrap, 00438 NULL, 00439 }; 00440 00441 #endif /* POLARSSL_PK_C */ 00442 00443
Generated on Tue Jul 12 2022 19:40:19 by
1.7.2