1 /*
2 * RSA/SHA-256 signature creation program
3 *
4 * Copyright The Mbed TLS Contributors
5 * SPDX-License-Identifier: Apache-2.0
6 *
7 * Licensed under the Apache License, Version 2.0 (the "License"); you may
8 * not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
10 *
11 * http://www.apache.org/licenses/LICENSE-2.0
12 *
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 */
19
20 #if !defined(MBEDTLS_CONFIG_FILE)
21 #include "mbedtls/config.h"
22 #else
23 #include MBEDTLS_CONFIG_FILE
24 #endif
25
26 #if defined(MBEDTLS_PLATFORM_C)
27 #include "mbedtls/platform.h"
28 #else
29 #include <stdio.h>
30 #include <stdlib.h>
31 #define mbedtls_fprintf fprintf
32 #define mbedtls_printf printf
33 #define mbedtls_snprintf snprintf
34 #define mbedtls_exit exit
35 #define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
36 #define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
37 #endif /* MBEDTLS_PLATFORM_C */
38
39 #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_RSA_C) || \
40 !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_MD_C) || \
41 !defined(MBEDTLS_FS_IO)
main(void)42 int main( void )
43 {
44 mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_RSA_C and/or "
45 "MBEDTLS_MD_C and/or "
46 "MBEDTLS_SHA256_C and/or MBEDTLS_FS_IO not defined.\n");
47 mbedtls_exit( 0 );
48 }
49 #else
50
51 #include "mbedtls/rsa.h"
52 #include "mbedtls/md.h"
53
54 #include <stdio.h>
55 #include <string.h>
56
57
main(int argc,char * argv[])58 int main( int argc, char *argv[] )
59 {
60 FILE *f;
61 int ret = 1;
62 int exit_code = MBEDTLS_EXIT_FAILURE;
63 size_t i;
64 mbedtls_rsa_context rsa;
65 unsigned char hash[32];
66 unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
67 char filename[512];
68 mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
69
70 mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 );
71
72 mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
73 mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &DP );
74 mbedtls_mpi_init( &DQ ); mbedtls_mpi_init( &QP );
75
76 if( argc != 2 )
77 {
78 mbedtls_printf( "usage: rsa_sign <filename>\n" );
79
80 #if defined(_WIN32)
81 mbedtls_printf( "\n" );
82 #endif
83
84 goto exit;
85 }
86
87 mbedtls_printf( "\n . Reading private key from rsa_priv.txt" );
88 fflush( stdout );
89
90 if( ( f = fopen( "rsa_priv.txt", "rb" ) ) == NULL )
91 {
92 mbedtls_printf( " failed\n ! Could not open rsa_priv.txt\n" \
93 " ! Please run rsa_genkey first\n\n" );
94 goto exit;
95 }
96
97 if( ( ret = mbedtls_mpi_read_file( &N , 16, f ) ) != 0 ||
98 ( ret = mbedtls_mpi_read_file( &E , 16, f ) ) != 0 ||
99 ( ret = mbedtls_mpi_read_file( &D , 16, f ) ) != 0 ||
100 ( ret = mbedtls_mpi_read_file( &P , 16, f ) ) != 0 ||
101 ( ret = mbedtls_mpi_read_file( &Q , 16, f ) ) != 0 ||
102 ( ret = mbedtls_mpi_read_file( &DP , 16, f ) ) != 0 ||
103 ( ret = mbedtls_mpi_read_file( &DQ , 16, f ) ) != 0 ||
104 ( ret = mbedtls_mpi_read_file( &QP , 16, f ) ) != 0 )
105 {
106 mbedtls_printf( " failed\n ! mbedtls_mpi_read_file returned %d\n\n", ret );
107 fclose( f );
108 goto exit;
109 }
110 fclose( f );
111
112 if( ( ret = mbedtls_rsa_import( &rsa, &N, &P, &Q, &D, &E ) ) != 0 )
113 {
114 mbedtls_printf( " failed\n ! mbedtls_rsa_import returned %d\n\n",
115 ret );
116 goto exit;
117 }
118
119 if( ( ret = mbedtls_rsa_complete( &rsa ) ) != 0 )
120 {
121 mbedtls_printf( " failed\n ! mbedtls_rsa_complete returned %d\n\n",
122 ret );
123 goto exit;
124 }
125
126 mbedtls_printf( "\n . Checking the private key" );
127 fflush( stdout );
128 if( ( ret = mbedtls_rsa_check_privkey( &rsa ) ) != 0 )
129 {
130 mbedtls_printf( " failed\n ! mbedtls_rsa_check_privkey failed with -0x%0x\n", (unsigned int) -ret );
131 goto exit;
132 }
133
134 /*
135 * Compute the SHA-256 hash of the input file,
136 * then calculate the RSA signature of the hash.
137 */
138 mbedtls_printf( "\n . Generating the RSA/SHA-256 signature" );
139 fflush( stdout );
140
141 if( ( ret = mbedtls_md_file(
142 mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ),
143 argv[1], hash ) ) != 0 )
144 {
145 mbedtls_printf( " failed\n ! Could not open or read %s\n\n", argv[1] );
146 goto exit;
147 }
148
149 if( ( ret = mbedtls_rsa_pkcs1_sign( &rsa, NULL, NULL, MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA256,
150 20, hash, buf ) ) != 0 )
151 {
152 mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_sign returned -0x%0x\n\n", (unsigned int) -ret );
153 goto exit;
154 }
155
156 /*
157 * Write the signature into <filename>.sig
158 */
159 mbedtls_snprintf( filename, sizeof(filename), "%s.sig", argv[1] );
160
161 if( ( f = fopen( filename, "wb+" ) ) == NULL )
162 {
163 mbedtls_printf( " failed\n ! Could not create %s\n\n", argv[1] );
164 goto exit;
165 }
166
167 for( i = 0; i < rsa.len; i++ )
168 mbedtls_fprintf( f, "%02X%s", buf[i],
169 ( i + 1 ) % 16 == 0 ? "\r\n" : " " );
170
171 fclose( f );
172
173 mbedtls_printf( "\n . Done (created \"%s\")\n\n", filename );
174
175 exit_code = MBEDTLS_EXIT_SUCCESS;
176
177 exit:
178
179 mbedtls_rsa_free( &rsa );
180 mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
181 mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &DP );
182 mbedtls_mpi_free( &DQ ); mbedtls_mpi_free( &QP );
183
184 #if defined(_WIN32)
185 mbedtls_printf( " + Press Enter to exit this program.\n" );
186 fflush( stdout ); getchar();
187 #endif
188
189 mbedtls_exit( exit_code );
190 }
191 #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_RSA_C && MBEDTLS_SHA256_C &&
192 MBEDTLS_FS_IO */
193
