rsa_sign.c 6.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220
  1. /*
  2. * RSA/SHA-256 signature creation program
  3. *
  4. * Copyright The Mbed TLS Contributors
  5. * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  6. *
  7. * This file is provided under the Apache License 2.0, or the
  8. * GNU General Public License v2.0 or later.
  9. *
  10. * **********
  11. * Apache License 2.0:
  12. *
  13. * Licensed under the Apache License, Version 2.0 (the "License"); you may
  14. * not use this file except in compliance with the License.
  15. * You may obtain a copy of the License at
  16. *
  17. * http://www.apache.org/licenses/LICENSE-2.0
  18. *
  19. * Unless required by applicable law or agreed to in writing, software
  20. * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
  21. * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  22. * See the License for the specific language governing permissions and
  23. * limitations under the License.
  24. *
  25. * **********
  26. *
  27. * **********
  28. * GNU General Public License v2.0 or later:
  29. *
  30. * This program is free software; you can redistribute it and/or modify
  31. * it under the terms of the GNU General Public License as published by
  32. * the Free Software Foundation; either version 2 of the License, or
  33. * (at your option) any later version.
  34. *
  35. * This program is distributed in the hope that it will be useful,
  36. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  37. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  38. * GNU General Public License for more details.
  39. *
  40. * You should have received a copy of the GNU General Public License along
  41. * with this program; if not, write to the Free Software Foundation, Inc.,
  42. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
  43. *
  44. * **********
  45. */
  46. #if !defined(MBEDTLS_CONFIG_FILE)
  47. #include "mbedtls/config.h"
  48. #else
  49. #include MBEDTLS_CONFIG_FILE
  50. #endif
  51. #if defined(MBEDTLS_PLATFORM_C)
  52. #include "mbedtls/platform.h"
  53. #else
  54. #include <stdio.h>
  55. #include <stdlib.h>
  56. #define mbedtls_fprintf fprintf
  57. #define mbedtls_printf printf
  58. #define mbedtls_snprintf snprintf
  59. #define mbedtls_exit exit
  60. #define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
  61. #define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
  62. #endif /* MBEDTLS_PLATFORM_C */
  63. #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \
  64. !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_MD_C) || \
  65. !defined(MBEDTLS_FS_IO)
  66. int main( void )
  67. {
  68. mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or "
  69. "MBEDTLS_MD_C and/or "
  70. "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO not defined.\n");
  71. mbedtls_exit( 0 );
  72. }
  73. #else
  74. #include "mbedtls/rsa.h"
  75. #include "mbedtls/md.h"
  76. #include <stdio.h>
  77. #include <string.h>
  78. int main( int argc, char *argv[] )
  79. {
  80. FILE *f;
  81. int ret = 1;
  82. int exit_code = MBEDTLS_EXIT_FAILURE;
  83. size_t i;
  84. mbedtls_rsa_context rsa;
  85. unsigned char hash[32];
  86. unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
  87. char filename[512];
  88. mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
  89. mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 );
  90. mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
  91. mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &DP );
  92. mbedtls_mpi_init( &DQ ); mbedtls_mpi_init( &QP );
  93. if( argc != 2 )
  94. {
  95. mbedtls_printf( "usage: rsa_sign <filename>\n" );
  96. #if defined(_WIN32)
  97. mbedtls_printf( "\n" );
  98. #endif
  99. goto exit;
  100. }
  101. mbedtls_printf( "\n . Reading private key from rsa_priv.txt" );
  102. fflush( stdout );
  103. if( ( f = fopen( "rsa_priv.txt", "rb" ) ) == NULL )
  104. {
  105. mbedtls_printf( " failed\n ! Could not open rsa_priv.txt\n" \
  106. " ! Please run rsa_genkey first\n\n" );
  107. goto exit;
  108. }
  109. if( ( ret = mbedtls_mpi_read_file( &N , 16, f ) ) != 0 ||
  110. ( ret = mbedtls_mpi_read_file( &E , 16, f ) ) != 0 ||
  111. ( ret = mbedtls_mpi_read_file( &D , 16, f ) ) != 0 ||
  112. ( ret = mbedtls_mpi_read_file( &P , 16, f ) ) != 0 ||
  113. ( ret = mbedtls_mpi_read_file( &Q , 16, f ) ) != 0 ||
  114. ( ret = mbedtls_mpi_read_file( &DP , 16, f ) ) != 0 ||
  115. ( ret = mbedtls_mpi_read_file( &DQ , 16, f ) ) != 0 ||
  116. ( ret = mbedtls_mpi_read_file( &QP , 16, f ) ) != 0 )
  117. {
  118. mbedtls_printf( " failed\n ! mbedtls_mpi_read_file returned %d\n\n", ret );
  119. fclose( f );
  120. goto exit;
  121. }
  122. fclose( f );
  123. if( ( ret = mbedtls_rsa_import( &rsa, &N, &P, &Q, &D, &E ) ) != 0 )
  124. {
  125. mbedtls_printf( " failed\n ! mbedtls_rsa_import returned %d\n\n",
  126. ret );
  127. goto exit;
  128. }
  129. if( ( ret = mbedtls_rsa_complete( &rsa ) ) != 0 )
  130. {
  131. mbedtls_printf( " failed\n ! mbedtls_rsa_complete returned %d\n\n",
  132. ret );
  133. goto exit;
  134. }
  135. mbedtls_printf( "\n . Checking the private key" );
  136. fflush( stdout );
  137. if( ( ret = mbedtls_rsa_check_privkey( &rsa ) ) != 0 )
  138. {
  139. mbedtls_printf( " failed\n ! mbedtls_rsa_check_privkey failed with -0x%0x\n", -ret );
  140. goto exit;
  141. }
  142. /*
  143. * Compute the SHA-256 hash of the input file,
  144. * then calculate the RSA signature of the hash.
  145. */
  146. mbedtls_printf( "\n . Generating the RSA/SHA-256 signature" );
  147. fflush( stdout );
  148. if( ( ret = mbedtls_md_file(
  149. mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ),
  150. argv[1], hash ) ) != 0 )
  151. {
  152. mbedtls_printf( " failed\n ! Could not open or read %s\n\n", argv[1] );
  153. goto exit;
  154. }
  155. if( ( ret = mbedtls_rsa_pkcs1_sign( &rsa, NULL, NULL, MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA256,
  156. 20, hash, buf ) ) != 0 )
  157. {
  158. mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_sign returned -0x%0x\n\n", -ret );
  159. goto exit;
  160. }
  161. /*
  162. * Write the signature into <filename>.sig
  163. */
  164. mbedtls_snprintf( filename, sizeof(filename), "%s.sig", argv[1] );
  165. if( ( f = fopen( filename, "wb+" ) ) == NULL )
  166. {
  167. mbedtls_printf( " failed\n ! Could not create %s\n\n", argv[1] );
  168. goto exit;
  169. }
  170. for( i = 0; i < rsa.len; i++ )
  171. mbedtls_fprintf( f, "%02X%s", buf[i],
  172. ( i + 1 ) % 16 == 0 ? "\r\n" : " " );
  173. fclose( f );
  174. mbedtls_printf( "\n . Done (created \"%s\")\n\n", filename );
  175. exit_code = MBEDTLS_EXIT_SUCCESS;
  176. exit:
  177. mbedtls_rsa_free( &rsa );
  178. mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
  179. mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &DP );
  180. mbedtls_mpi_free( &DQ ); mbedtls_mpi_free( &QP );
  181. #if defined(_WIN32)
  182. mbedtls_printf( " + Press Enter to exit this program.\n" );
  183. fflush( stdout ); getchar();
  184. #endif
  185. mbedtls_exit( exit_code );
  186. }
  187. #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C &&
  188. MBEDTLS_FS_IO */