rsa_sign_pss.c 5.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178
  1. /*
  2. * RSASSA-PSS/SHA-256 signature creation program
  3. *
  4. * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
  5. * SPDX-License-Identifier: Apache-2.0
  6. *
  7. * Licensed under the Apache License, Version 2.0 (the "License"); you may
  8. * not use this file except in compliance with the License.
  9. * You may obtain a copy of the License at
  10. *
  11. * http://www.apache.org/licenses/LICENSE-2.0
  12. *
  13. * Unless required by applicable law or agreed to in writing, software
  14. * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
  15. * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16. * See the License for the specific language governing permissions and
  17. * limitations under the License.
  18. *
  19. * This file is part of mbed TLS (https://tls.mbed.org)
  20. */
  21. #if !defined(MBEDTLS_CONFIG_FILE)
  22. #include "mbedtls/config.h"
  23. #else
  24. #include MBEDTLS_CONFIG_FILE
  25. #endif
  26. #if defined(MBEDTLS_PLATFORM_C)
  27. #include "mbedtls/platform.h"
  28. #else
  29. #include <stdio.h>
  30. #define mbedtls_snprintf snprintf
  31. #define mbedtls_printf printf
  32. #endif
  33. #if !defined(MBEDTLS_MD_C) || !defined(MBEDTLS_ENTROPY_C) || \
  34. !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) || \
  35. !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_FS_IO) || \
  36. !defined(MBEDTLS_CTR_DRBG_C)
  37. int main( void )
  38. {
  39. mbedtls_printf("MBEDTLS_MD_C and/or MBEDTLS_ENTROPY_C and/or "
  40. "MBEDTLS_RSA_C and/or MBEDTLS_SHA256_C and/or "
  41. "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO and/or "
  42. "MBEDTLS_CTR_DRBG_C not defined.\n");
  43. return( 0 );
  44. }
  45. #else
  46. #include "mbedtls/entropy.h"
  47. #include "mbedtls/ctr_drbg.h"
  48. #include "mbedtls/md.h"
  49. #include "mbedtls/rsa.h"
  50. #include "mbedtls/md.h"
  51. #include "mbedtls/x509.h"
  52. #include <stdio.h>
  53. #include <string.h>
  54. int main( int argc, char *argv[] )
  55. {
  56. FILE *f;
  57. int ret = 1;
  58. mbedtls_pk_context pk;
  59. mbedtls_entropy_context entropy;
  60. mbedtls_ctr_drbg_context ctr_drbg;
  61. unsigned char hash[32];
  62. unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
  63. char filename[512];
  64. const char *pers = "rsa_sign_pss";
  65. size_t olen = 0;
  66. mbedtls_entropy_init( &entropy );
  67. mbedtls_pk_init( &pk );
  68. mbedtls_ctr_drbg_init( &ctr_drbg );
  69. if( argc != 3 )
  70. {
  71. mbedtls_printf( "usage: rsa_sign_pss <key_file> <filename>\n" );
  72. #if defined(_WIN32)
  73. mbedtls_printf( "\n" );
  74. #endif
  75. goto exit;
  76. }
  77. mbedtls_printf( "\n . Seeding the random number generator..." );
  78. fflush( stdout );
  79. if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
  80. (const unsigned char *) pers,
  81. strlen( pers ) ) ) != 0 )
  82. {
  83. mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret );
  84. goto exit;
  85. }
  86. mbedtls_printf( "\n . Reading private key from '%s'", argv[1] );
  87. fflush( stdout );
  88. if( ( ret = mbedtls_pk_parse_keyfile( &pk, argv[1], "" ) ) != 0 )
  89. {
  90. ret = 1;
  91. mbedtls_printf( " failed\n ! Could not read key from '%s'\n", argv[1] );
  92. mbedtls_printf( " ! mbedtls_pk_parse_public_keyfile returned %d\n\n", ret );
  93. goto exit;
  94. }
  95. if( !mbedtls_pk_can_do( &pk, MBEDTLS_PK_RSA ) )
  96. {
  97. ret = 1;
  98. mbedtls_printf( " failed\n ! Key is not an RSA key\n" );
  99. goto exit;
  100. }
  101. mbedtls_rsa_set_padding( mbedtls_pk_rsa( pk ), MBEDTLS_RSA_PKCS_V21, MBEDTLS_MD_SHA256 );
  102. /*
  103. * Compute the SHA-256 hash of the input file,
  104. * then calculate the RSA signature of the hash.
  105. */
  106. mbedtls_printf( "\n . Generating the RSA/SHA-256 signature" );
  107. fflush( stdout );
  108. if( ( ret = mbedtls_md_file(
  109. mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ),
  110. argv[2], hash ) ) != 0 )
  111. {
  112. mbedtls_printf( " failed\n ! Could not open or read %s\n\n", argv[2] );
  113. goto exit;
  114. }
  115. if( ( ret = mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, hash, 0, buf, &olen,
  116. mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
  117. {
  118. mbedtls_printf( " failed\n ! mbedtls_pk_sign returned %d\n\n", ret );
  119. goto exit;
  120. }
  121. /*
  122. * Write the signature into <filename>.sig
  123. */
  124. mbedtls_snprintf( filename, 512, "%s.sig", argv[2] );
  125. if( ( f = fopen( filename, "wb+" ) ) == NULL )
  126. {
  127. ret = 1;
  128. mbedtls_printf( " failed\n ! Could not create %s\n\n", filename );
  129. goto exit;
  130. }
  131. if( fwrite( buf, 1, olen, f ) != olen )
  132. {
  133. mbedtls_printf( "failed\n ! fwrite failed\n\n" );
  134. fclose( f );
  135. goto exit;
  136. }
  137. fclose( f );
  138. mbedtls_printf( "\n . Done (created \"%s\")\n\n", filename );
  139. exit:
  140. mbedtls_pk_free( &pk );
  141. mbedtls_ctr_drbg_free( &ctr_drbg );
  142. mbedtls_entropy_free( &entropy );
  143. #if defined(_WIN32)
  144. mbedtls_printf( " + Press Enter to exit this program.\n" );
  145. fflush( stdout ); getchar();
  146. #endif
  147. return( ret );
  148. }
  149. #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C && MBEDTLS_RSA_C &&
  150. MBEDTLS_SHA256_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO &&
  151. MBEDTLS_CTR_DRBG_C */