• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  *  RSA/SHA-256 signature creation program
3  *
4  *  Copyright The Mbed TLS Contributors
5  *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
6  *
7  *  This file is provided under the Apache License 2.0, or the
8  *  GNU General Public License v2.0 or later.
9  *
10  *  **********
11  *  Apache License 2.0:
12  *
13  *  Licensed under the Apache License, Version 2.0 (the "License"); you may
14  *  not use this file except in compliance with the License.
15  *  You may obtain a copy of the License at
16  *
17  *  http://www.apache.org/licenses/LICENSE-2.0
18  *
19  *  Unless required by applicable law or agreed to in writing, software
20  *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
21  *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
22  *  See the License for the specific language governing permissions and
23  *  limitations under the License.
24  *
25  *  **********
26  *
27  *  **********
28  *  GNU General Public License v2.0 or later:
29  *
30  *  This program is free software; you can redistribute it and/or modify
31  *  it under the terms of the GNU General Public License as published by
32  *  the Free Software Foundation; either version 2 of the License, or
33  *  (at your option) any later version.
34  *
35  *  This program is distributed in the hope that it will be useful,
36  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
37  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
38  *  GNU General Public License for more details.
39  *
40  *  You should have received a copy of the GNU General Public License along
41  *  with this program; if not, write to the Free Software Foundation, Inc.,
42  *  51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
43  *
44  *  **********
45  */
46 
47 #if !defined(MBEDTLS_CONFIG_FILE)
48 #include "mbedtls/config.h"
49 #else
50 #include MBEDTLS_CONFIG_FILE
51 #endif
52 
53 #if defined(MBEDTLS_PLATFORM_C)
54 #include "mbedtls/platform.h"
55 #else
56 #include <stdio.h>
57 #include <stdlib.h>
58 #define mbedtls_fprintf         fprintf
59 #define mbedtls_printf          printf
60 #define mbedtls_snprintf        snprintf
61 #define mbedtls_exit            exit
62 #define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
63 #define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
64 #endif /* MBEDTLS_PLATFORM_C */
65 
66 #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) ||  \
67     !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_MD_C) || \
68     !defined(MBEDTLS_FS_IO)
main(void)69 int main( void )
70 {
71     mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or "
72             "MBEDTLS_MD_C and/or "
73             "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO not defined.\n");
74     mbedtls_exit( 0 );
75 }
76 #else
77 
78 #include "mbedtls/rsa.h"
79 #include "mbedtls/md.h"
80 
81 #include <stdio.h>
82 #include <string.h>
83 
84 
main(int argc,char * argv[])85 int main( int argc, char *argv[] )
86 {
87     FILE *f;
88     int ret = 1;
89     int exit_code = MBEDTLS_EXIT_FAILURE;
90     size_t i;
91     mbedtls_rsa_context rsa;
92     unsigned char hash[32];
93     unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
94     char filename[512];
95     mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
96 
97     mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 );
98 
99     mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
100     mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &DP );
101     mbedtls_mpi_init( &DQ ); mbedtls_mpi_init( &QP );
102 
103     if( argc != 2 )
104     {
105         mbedtls_printf( "usage: rsa_sign <filename>\n" );
106 
107 #if defined(_WIN32)
108         mbedtls_printf( "\n" );
109 #endif
110 
111         goto exit;
112     }
113 
114     mbedtls_printf( "\n  . Reading private key from rsa_priv.txt" );
115     fflush( stdout );
116 
117     if( ( f = fopen( "rsa_priv.txt", "rb" ) ) == NULL )
118     {
119         mbedtls_printf( " failed\n  ! Could not open rsa_priv.txt\n" \
120                 "  ! Please run rsa_genkey first\n\n" );
121         goto exit;
122     }
123 
124     if( ( ret = mbedtls_mpi_read_file( &N , 16, f ) ) != 0 ||
125         ( ret = mbedtls_mpi_read_file( &E , 16, f ) ) != 0 ||
126         ( ret = mbedtls_mpi_read_file( &D , 16, f ) ) != 0 ||
127         ( ret = mbedtls_mpi_read_file( &P , 16, f ) ) != 0 ||
128         ( ret = mbedtls_mpi_read_file( &Q , 16, f ) ) != 0 ||
129         ( ret = mbedtls_mpi_read_file( &DP , 16, f ) ) != 0 ||
130         ( ret = mbedtls_mpi_read_file( &DQ , 16, f ) ) != 0 ||
131         ( ret = mbedtls_mpi_read_file( &QP , 16, f ) ) != 0 )
132     {
133         mbedtls_printf( " failed\n  ! mbedtls_mpi_read_file returned %d\n\n", ret );
134         fclose( f );
135         goto exit;
136     }
137     fclose( f );
138 
139     if( ( ret = mbedtls_rsa_import( &rsa, &N, &P, &Q, &D, &E ) ) != 0 )
140     {
141         mbedtls_printf( " failed\n  ! mbedtls_rsa_import returned %d\n\n",
142                         ret );
143         goto exit;
144     }
145 
146     if( ( ret = mbedtls_rsa_complete( &rsa ) ) != 0 )
147     {
148         mbedtls_printf( " failed\n  ! mbedtls_rsa_complete returned %d\n\n",
149                         ret );
150         goto exit;
151     }
152 
153     mbedtls_printf( "\n  . Checking the private key" );
154     fflush( stdout );
155     if( ( ret = mbedtls_rsa_check_privkey( &rsa ) ) != 0 )
156     {
157         mbedtls_printf( " failed\n  ! mbedtls_rsa_check_privkey failed with -0x%0x\n", -ret );
158         goto exit;
159     }
160 
161     /*
162      * Compute the SHA-256 hash of the input file,
163      * then calculate the RSA signature of the hash.
164      */
165     mbedtls_printf( "\n  . Generating the RSA/SHA-256 signature" );
166     fflush( stdout );
167 
168     if( ( ret = mbedtls_md_file(
169                     mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ),
170                     argv[1], hash ) ) != 0 )
171     {
172         mbedtls_printf( " failed\n  ! Could not open or read %s\n\n", argv[1] );
173         goto exit;
174     }
175 
176     if( ( ret = mbedtls_rsa_pkcs1_sign( &rsa, NULL, NULL, MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA256,
177                                 20, hash, buf ) ) != 0 )
178     {
179         mbedtls_printf( " failed\n  ! mbedtls_rsa_pkcs1_sign returned -0x%0x\n\n", -ret );
180         goto exit;
181     }
182 
183     /*
184      * Write the signature into <filename>.sig
185      */
186     mbedtls_snprintf( filename, sizeof(filename), "%s.sig", argv[1] );
187 
188     if( ( f = fopen( filename, "wb+" ) ) == NULL )
189     {
190         mbedtls_printf( " failed\n  ! Could not create %s\n\n", argv[1] );
191         goto exit;
192     }
193 
194     for( i = 0; i < rsa.len; i++ )
195         mbedtls_fprintf( f, "%02X%s", buf[i],
196                  ( i + 1 ) % 16 == 0 ? "\r\n" : " " );
197 
198     fclose( f );
199 
200     mbedtls_printf( "\n  . Done (created \"%s\")\n\n", filename );
201 
202     exit_code = MBEDTLS_EXIT_SUCCESS;
203 
204 exit:
205 
206     mbedtls_rsa_free( &rsa );
207     mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
208     mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &DP );
209     mbedtls_mpi_free( &DQ ); mbedtls_mpi_free( &QP );
210 
211 #if defined(_WIN32)
212     mbedtls_printf( "  + Press Enter to exit this program.\n" );
213     fflush( stdout ); getchar();
214 #endif
215 
216     mbedtls_exit( exit_code );
217 }
218 #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C &&
219           MBEDTLS_FS_IO */
220