ecdsa.c 7.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280
  1. /*
  2. * Example ECDSA program
  3. *
  4. * Copyright The Mbed TLS Contributors
  5. * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  6. *
  7. * This file is provided under the Apache License 2.0, or the
  8. * GNU General Public License v2.0 or later.
  9. *
  10. * **********
  11. * Apache License 2.0:
  12. *
  13. * Licensed under the Apache License, Version 2.0 (the "License"); you may
  14. * not use this file except in compliance with the License.
  15. * You may obtain a copy of the License at
  16. *
  17. * http://www.apache.org/licenses/LICENSE-2.0
  18. *
  19. * Unless required by applicable law or agreed to in writing, software
  20. * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
  21. * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  22. * See the License for the specific language governing permissions and
  23. * limitations under the License.
  24. *
  25. * **********
  26. *
  27. * **********
  28. * GNU General Public License v2.0 or later:
  29. *
  30. * This program is free software; you can redistribute it and/or modify
  31. * it under the terms of the GNU General Public License as published by
  32. * the Free Software Foundation; either version 2 of the License, or
  33. * (at your option) any later version.
  34. *
  35. * This program is distributed in the hope that it will be useful,
  36. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  37. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  38. * GNU General Public License for more details.
  39. *
  40. * You should have received a copy of the GNU General Public License along
  41. * with this program; if not, write to the Free Software Foundation, Inc.,
  42. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
  43. *
  44. * **********
  45. */
  46. #if !defined(MBEDTLS_CONFIG_FILE)
  47. #include "mbedtls/config.h"
  48. #else
  49. #include MBEDTLS_CONFIG_FILE
  50. #endif
  51. #if defined(MBEDTLS_PLATFORM_C)
  52. #include "mbedtls/platform.h"
  53. #else
  54. #include <stdio.h>
  55. #include <stdlib.h>
  56. #define mbedtls_printf printf
  57. #define mbedtls_exit exit
  58. #define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
  59. #define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
  60. #endif /* MBEDTLS_PLATFORM_C */
  61. #if defined(MBEDTLS_ECDSA_C) && \
  62. defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_CTR_DRBG_C)
  63. #include "mbedtls/entropy.h"
  64. #include "mbedtls/ctr_drbg.h"
  65. #include "mbedtls/ecdsa.h"
  66. #include "mbedtls/sha256.h"
  67. #include <string.h>
  68. #endif
  69. /*
  70. * Uncomment to show key and signature details
  71. */
  72. #define VERBOSE
  73. /*
  74. * Uncomment to force use of a specific curve
  75. */
  76. #define ECPARAMS MBEDTLS_ECP_DP_SECP192R1
  77. #if !defined(ECPARAMS)
  78. #define ECPARAMS mbedtls_ecp_curve_list()->grp_id
  79. #endif
  80. #if !defined(MBEDTLS_ECDSA_C) || !defined(MBEDTLS_SHA256_C) || \
  81. !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C)
  82. int main( void )
  83. {
  84. mbedtls_printf("MBEDTLS_ECDSA_C and/or MBEDTLS_SHA256_C and/or "
  85. "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C not defined\n");
  86. mbedtls_exit( 0 );
  87. }
  88. #else
  89. #if defined(VERBOSE)
  90. static void dump_buf( const char *title, unsigned char *buf, size_t len )
  91. {
  92. size_t i;
  93. mbedtls_printf( "%s", title );
  94. for( i = 0; i < len; i++ )
  95. mbedtls_printf("%c%c", "0123456789ABCDEF" [buf[i] / 16],
  96. "0123456789ABCDEF" [buf[i] % 16] );
  97. mbedtls_printf( "\n" );
  98. }
  99. static void dump_pubkey( const char *title, mbedtls_ecdsa_context *key )
  100. {
  101. unsigned char buf[300];
  102. size_t len;
  103. if( mbedtls_ecp_point_write_binary( &key->grp, &key->Q,
  104. MBEDTLS_ECP_PF_UNCOMPRESSED, &len, buf, sizeof buf ) != 0 )
  105. {
  106. mbedtls_printf("internal error\n");
  107. return;
  108. }
  109. dump_buf( title, buf, len );
  110. }
  111. #else
  112. #define dump_buf( a, b, c )
  113. #define dump_pubkey( a, b )
  114. #endif
  115. int main( int argc, char *argv[] )
  116. {
  117. int ret = 1;
  118. int exit_code = MBEDTLS_EXIT_FAILURE;
  119. mbedtls_ecdsa_context ctx_sign, ctx_verify;
  120. mbedtls_entropy_context entropy;
  121. mbedtls_ctr_drbg_context ctr_drbg;
  122. unsigned char message[100];
  123. unsigned char hash[32];
  124. unsigned char sig[MBEDTLS_ECDSA_MAX_LEN];
  125. size_t sig_len;
  126. const char *pers = "ecdsa";
  127. ((void) argv);
  128. mbedtls_ecdsa_init( &ctx_sign );
  129. mbedtls_ecdsa_init( &ctx_verify );
  130. mbedtls_ctr_drbg_init( &ctr_drbg );
  131. memset( sig, 0, sizeof( sig ) );
  132. memset( message, 0x25, sizeof( message ) );
  133. if( argc != 1 )
  134. {
  135. mbedtls_printf( "usage: ecdsa\n" );
  136. #if defined(_WIN32)
  137. mbedtls_printf( "\n" );
  138. #endif
  139. goto exit;
  140. }
  141. /*
  142. * Generate a key pair for signing
  143. */
  144. mbedtls_printf( "\n . Seeding the random number generator..." );
  145. fflush( stdout );
  146. mbedtls_entropy_init( &entropy );
  147. if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
  148. (const unsigned char *) pers,
  149. strlen( pers ) ) ) != 0 )
  150. {
  151. mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret );
  152. goto exit;
  153. }
  154. mbedtls_printf( " ok\n . Generating key pair..." );
  155. fflush( stdout );
  156. if( ( ret = mbedtls_ecdsa_genkey( &ctx_sign, ECPARAMS,
  157. mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
  158. {
  159. mbedtls_printf( " failed\n ! mbedtls_ecdsa_genkey returned %d\n", ret );
  160. goto exit;
  161. }
  162. mbedtls_printf( " ok (key size: %d bits)\n", (int) ctx_sign.grp.pbits );
  163. dump_pubkey( " + Public key: ", &ctx_sign );
  164. /*
  165. * Compute message hash
  166. */
  167. mbedtls_printf( " . Computing message hash..." );
  168. fflush( stdout );
  169. if( ( ret = mbedtls_sha256_ret( message, sizeof( message ), hash, 0 ) ) != 0 )
  170. {
  171. mbedtls_printf( " failed\n ! mbedtls_sha256_ret returned %d\n", ret );
  172. goto exit;
  173. }
  174. mbedtls_printf( " ok\n" );
  175. dump_buf( " + Hash: ", hash, sizeof( hash ) );
  176. /*
  177. * Sign message hash
  178. */
  179. mbedtls_printf( " . Signing message hash..." );
  180. fflush( stdout );
  181. if( ( ret = mbedtls_ecdsa_write_signature( &ctx_sign, MBEDTLS_MD_SHA256,
  182. hash, sizeof( hash ),
  183. sig, &sig_len,
  184. mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
  185. {
  186. mbedtls_printf( " failed\n ! mbedtls_ecdsa_write_signature returned %d\n", ret );
  187. goto exit;
  188. }
  189. mbedtls_printf( " ok (signature length = %u)\n", (unsigned int) sig_len );
  190. dump_buf( " + Signature: ", sig, sig_len );
  191. /*
  192. * Transfer public information to verifying context
  193. *
  194. * We could use the same context for verification and signatures, but we
  195. * chose to use a new one in order to make it clear that the verifying
  196. * context only needs the public key (Q), and not the private key (d).
  197. */
  198. mbedtls_printf( " . Preparing verification context..." );
  199. fflush( stdout );
  200. if( ( ret = mbedtls_ecp_group_copy( &ctx_verify.grp, &ctx_sign.grp ) ) != 0 )
  201. {
  202. mbedtls_printf( " failed\n ! mbedtls_ecp_group_copy returned %d\n", ret );
  203. goto exit;
  204. }
  205. if( ( ret = mbedtls_ecp_copy( &ctx_verify.Q, &ctx_sign.Q ) ) != 0 )
  206. {
  207. mbedtls_printf( " failed\n ! mbedtls_ecp_copy returned %d\n", ret );
  208. goto exit;
  209. }
  210. /*
  211. * Verify signature
  212. */
  213. mbedtls_printf( " ok\n . Verifying signature..." );
  214. fflush( stdout );
  215. if( ( ret = mbedtls_ecdsa_read_signature( &ctx_verify,
  216. hash, sizeof( hash ),
  217. sig, sig_len ) ) != 0 )
  218. {
  219. mbedtls_printf( " failed\n ! mbedtls_ecdsa_read_signature returned %d\n", ret );
  220. goto exit;
  221. }
  222. mbedtls_printf( " ok\n" );
  223. exit_code = MBEDTLS_EXIT_SUCCESS;
  224. exit:
  225. #if defined(_WIN32)
  226. mbedtls_printf( " + Press Enter to exit this program.\n" );
  227. fflush( stdout ); getchar();
  228. #endif
  229. mbedtls_ecdsa_free( &ctx_verify );
  230. mbedtls_ecdsa_free( &ctx_sign );
  231. mbedtls_ctr_drbg_free( &ctr_drbg );
  232. mbedtls_entropy_free( &entropy );
  233. mbedtls_exit( exit_code );
  234. }
  235. #endif /* MBEDTLS_ECDSA_C && MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C &&
  236. ECPARAMS */