cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-09-30 08:56:50 -04:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #8699 from minosgalanakis/update/rsa_context_in_programs_5014

Browse Source 
[MBEDTLS_PRIVATE] Update rsa context in programs 5014
This commit is contained in:
Paul Elliott 2024-01-26 11:03:43 +00:00 committed by GitHub
commit 12abdde951
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
6 changed files with 60 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
programs/pkey/dh_client.c
View File

@ -13,14 +13,13 @@
#if defined(MBEDTLS_AES_C) && defined(MBEDTLS_DHM_C) && \
defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_NET_C) && \
defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA256) && \
defined(MBEDTLS_FS_IO) && defined(MBEDTLS_CTR_DRBG_C) && \
defined(MBEDTLS_MD_CAN_SHA1)
defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA256_C) && \
defined(MBEDTLS_FS_IO) && defined(MBEDTLS_CTR_DRBG_C)
#include "mbedtls/net_sockets.h"
#include "mbedtls/aes.h"
#include "mbedtls/dhm.h"
#include "mbedtls/rsa.h"
#include "mbedtls/sha1.h"
#include "mbedtls/sha256.h"
#include "mbedtls/entropy.h"
#include "mbedtls/ctr_drbg.h"
@ -33,9 +32,8 @@
#if !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_DHM_C) || \
!defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_NET_C) || \
!defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_MD_CAN_SHA256) || \
!defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C) || \
!defined(MBEDTLS_SHA1_C)
!defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) || \
!defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C)
int main(void)
{
mbedtls_printf("MBEDTLS_AES_C and/or MBEDTLS_DHM_C and/or MBEDTLS_ENTROPY_C "
@ -60,12 +58,14 @@ int main(void)
int ret = 1;
int exit_code = MBEDTLS_EXIT_FAILURE;
unsigned int mdlen;
size_t n, buflen;
mbedtls_net_context server_fd;
unsigned char *p, *end;
unsigned char buf[2048];
unsigned char hash[32];
unsigned char hash[MBEDTLS_MD_MAX_SIZE];
mbedtls_mpi N, E;
const char *pers = "dh_client";
mbedtls_entropy_context entropy;
@ -78,6 +78,8 @@ int main(void)
mbedtls_dhm_init(&dhm);
mbedtls_aes_init(&aes);
mbedtls_ctr_drbg_init(&ctr_drbg);
mbedtls_mpi_init(&N);
mbedtls_mpi_init(&E);
/*
* 1. Setup the RNG
@ -106,16 +108,13 @@ int main(void)
}
mbedtls_rsa_init(&rsa);
if ((ret = mbedtls_mpi_read_file(&rsa.MBEDTLS_PRIVATE(N), 16, f)) != 0 ||
(ret = mbedtls_mpi_read_file(&rsa.MBEDTLS_PRIVATE(E), 16, f)) != 0) {
if ((ret = mbedtls_mpi_read_file(&N, 16, f)) != 0 ||
(ret = mbedtls_mpi_read_file(&E, 16, f)) != 0 ||
(ret = mbedtls_rsa_import(&rsa, &N, NULL, NULL, NULL, &E) != 0)) {
mbedtls_printf(" failed\n ! mbedtls_mpi_read_file returned %d\n\n", ret);
fclose(f);
goto exit;
}
rsa.MBEDTLS_PRIVATE(len) = (mbedtls_mpi_bitlen(&rsa.MBEDTLS_PRIVATE(N)) + 7) >> 3;
fclose(f);
/*
@ -182,18 +181,24 @@ int main(void)
p += 2;
if ((n = (size_t) (end - p)) != rsa.MBEDTLS_PRIVATE(len)) {
if ((n = (size_t) (end - p)) != mbedtls_rsa_get_len(&rsa)) {
mbedtls_printf(" failed\n ! Invalid RSA signature size\n\n");
goto exit;
}
if ((ret = mbedtls_sha1(buf, (int) (p - 2 - buf), hash)) != 0) {
mbedtls_printf(" failed\n ! mbedtls_sha1 returned %d\n\n", ret);
mdlen = (unsigned int) mbedtls_md_get_size(mbedtls_md_info_from_type(MBEDTLS_MD_SHA256));
if (mdlen == 0) {
mbedtls_printf(" failed\n ! Invalid digest type\n\n");
goto exit;
}
if ((ret = mbedtls_sha256(buf, (int) (p - 2 - buf), hash, 0)) != 0) {
mbedtls_printf(" failed\n ! mbedtls_sha256 returned %d\n\n", ret);
goto exit;
}
if ((ret = mbedtls_rsa_pkcs1_verify(&rsa, MBEDTLS_MD_SHA256,
32, hash, p)) != 0) {
mdlen, hash, p)) != 0) {
mbedtls_printf(" failed\n ! mbedtls_rsa_pkcs1_verify returned %d\n\n", ret);
goto exit;
}
@ -273,6 +278,8 @@ exit:
mbedtls_dhm_free(&dhm);
mbedtls_ctr_drbg_free(&ctr_drbg);
mbedtls_entropy_free(&entropy);
mbedtls_mpi_free(&N);
mbedtls_mpi_free(&E);
mbedtls_exit(exit_code);
}

38
programs/pkey/dh_server.c
View File

@ -13,14 +13,13 @@
#if defined(MBEDTLS_AES_C) && defined(MBEDTLS_DHM_C) && \
defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_NET_C) && \
defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA256) && \
defined(MBEDTLS_FS_IO) && defined(MBEDTLS_CTR_DRBG_C) && \
defined(MBEDTLS_MD_CAN_SHA1)
defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA256_C) && \
defined(MBEDTLS_FS_IO) && defined(MBEDTLS_CTR_DRBG_C)
#include "mbedtls/net_sockets.h"
#include "mbedtls/aes.h"
#include "mbedtls/dhm.h"
#include "mbedtls/rsa.h"
#include "mbedtls/sha1.h"
#include "mbedtls/sha256.h"
#include "mbedtls/entropy.h"
#include "mbedtls/ctr_drbg.h"
@ -33,9 +32,8 @@
#if !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_DHM_C) || \
!defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_NET_C) || \
!defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_MD_CAN_SHA256) || \
!defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C) || \
!defined(MBEDTLS_SHA1_C)
!defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_SHA256_C) || \
!defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_CTR_DRBG_C)
int main(void)
{
mbedtls_printf("MBEDTLS_AES_C and/or MBEDTLS_DHM_C and/or MBEDTLS_ENTROPY_C "
@ -53,11 +51,12 @@ int main(void)
int ret = 1;
int exit_code = MBEDTLS_EXIT_FAILURE;
unsigned int mdlen;
size_t n, buflen;
mbedtls_net_context listen_fd, client_fd;
unsigned char buf[2048];
unsigned char hash[32];
unsigned char hash[MBEDTLS_MD_MAX_SIZE];
unsigned char buf2[2];
const char *pers = "dh_server";
@ -186,21 +185,30 @@ int main(void)
/*
* 5. Sign the parameters and send them
*/
if ((ret = mbedtls_sha1(buf, n, hash)) != 0) {
mbedtls_printf(" failed\n ! mbedtls_sha1 returned %d\n\n", ret);
mdlen = (unsigned int) mbedtls_md_get_size(mbedtls_md_info_from_type(MBEDTLS_MD_SHA256));
if (mdlen == 0) {
mbedtls_printf(" failed\n ! Invalid digest type\n\n");
goto exit;
}
buf[n] = (unsigned char) (rsa.MBEDTLS_PRIVATE(len) >> 8);
buf[n + 1] = (unsigned char) (rsa.MBEDTLS_PRIVATE(len));
if ((ret = mbedtls_sha256(buf, n, hash, 0)) != 0) {
mbedtls_printf(" failed\n ! mbedtls_sha256 returned %d\n\n", ret);
goto exit;
}
if ((ret = mbedtls_rsa_pkcs1_sign(&rsa, NULL, NULL, MBEDTLS_MD_SHA256,
32, hash, buf + n + 2)) != 0) {
const size_t rsa_key_len = mbedtls_rsa_get_len(&rsa);
buf[n] = (unsigned char) (rsa_key_len >> 8);
buf[n + 1] = (unsigned char) (rsa_key_len);
if ((ret = mbedtls_rsa_pkcs1_sign(&rsa, mbedtls_ctr_drbg_random, &ctr_drbg,
MBEDTLS_MD_SHA256, mdlen,
hash, buf + n + 2)) != 0) {
mbedtls_printf(" failed\n ! mbedtls_rsa_pkcs1_sign returned %d\n\n", ret);
goto exit;
}
buflen = n + 2 + rsa.MBEDTLS_PRIVATE(len);
buflen = n + 2 + rsa_key_len;
buf2[0] = (unsigned char) (buflen >> 8);
buf2[1] = (unsigned char) (buflen);

2
programs/pkey/rsa_decrypt.c
View File

@ -133,7 +133,7 @@ int main(int argc, char *argv[])
fclose(f);
if (i != rsa.MBEDTLS_PRIVATE(len)) {
if (i != mbedtls_rsa_get_len(&rsa)) {
mbedtls_printf("\n ! Invalid RSA signature format\n\n");
goto exit;
}

2
programs/pkey/rsa_encrypt.c
View File

@ -126,7 +126,7 @@ int main(int argc, char *argv[])
goto exit;
}
for (i = 0; i < rsa.MBEDTLS_PRIVATE(len); i++) {
for (i = 0; i < mbedtls_rsa_get_len(&rsa); i++) {
mbedtls_fprintf(f, "%02X%s", buf[i],
(i + 1) % 16 == 0 ? "\r\n" : " ");
}

2
programs/pkey/rsa_sign.c
View File

@ -131,7 +131,7 @@ int main(int argc, char *argv[])
goto exit;
}
for (i = 0; i < rsa.MBEDTLS_PRIVATE(len); i++) {
for (i = 0; i < mbedtls_rsa_get_len(&rsa); i++) {
mbedtls_fprintf(f, "%02X%s", buf[i],
(i + 1) % 16 == 0 ? "\r\n" : " ");
}

15
programs/pkey/rsa_verify.c
View File

@ -37,11 +37,14 @@ int main(int argc, char *argv[])
int exit_code = MBEDTLS_EXIT_FAILURE;
size_t i;
mbedtls_rsa_context rsa;
mbedtls_mpi N, E;
unsigned char hash[32];
unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
char filename[512];
mbedtls_rsa_init(&rsa);
mbedtls_mpi_init(&N);
mbedtls_mpi_init(&E);
if (argc != 2) {
mbedtls_printf("usage: rsa_verify <filename>\n");
@ -62,15 +65,13 @@ int main(int argc, char *argv[])
goto exit;
}
if ((ret = mbedtls_mpi_read_file(&rsa.MBEDTLS_PRIVATE(N), 16, f)) != 0 ||
(ret = mbedtls_mpi_read_file(&rsa.MBEDTLS_PRIVATE(E), 16, f)) != 0) {
if ((ret = mbedtls_mpi_read_file(&N, 16, f)) != 0 ||
(ret = mbedtls_mpi_read_file(&E, 16, f)) != 0 ||
(ret = mbedtls_rsa_import(&rsa, &N, NULL, NULL, NULL, &E) != 0)) {
mbedtls_printf(" failed\n ! mbedtls_mpi_read_file returned %d\n\n", ret);
fclose(f);
goto exit;
}
rsa.MBEDTLS_PRIVATE(len) = (mbedtls_mpi_bitlen(&rsa.MBEDTLS_PRIVATE(N)) + 7) >> 3;
fclose(f);
/*
@ -91,7 +92,7 @@ int main(int argc, char *argv[])
fclose(f);
if (i != rsa.MBEDTLS_PRIVATE(len)) {
if (i != mbedtls_rsa_get_len(&rsa)) {
mbedtls_printf("\n ! Invalid RSA signature format\n\n");
goto exit;
}
@ -124,6 +125,8 @@ int main(int argc, char *argv[])
exit:
mbedtls_rsa_free(&rsa);
mbedtls_mpi_free(&N);
mbedtls_mpi_free(&E);
mbedtls_exit(exit_code);
}