Moved rsa_sign_pss / rsa_verify_pss to use PK for key reading
diff --git a/programs/pkey/rsa_sign_pss.c b/programs/pkey/rsa_sign_pss.c
index e848f54..2384661 100644
--- a/programs/pkey/rsa_sign_pss.c
+++ b/programs/pkey/rsa_sign_pss.c
@@ -45,7 +45,7 @@
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_ENTROPY_C) || \
!defined(POLARSSL_RSA_C) || !defined(POLARSSL_SHA1_C) || \
- !defined(POLARSSL_X509_PARSE_C) || !defined(POLARSSL_FS_IO) || \
+ !defined(POLARSSL_PK_PARSE_C) || !defined(POLARSSL_FS_IO) || \
!defined(POLARSSL_CTR_DRBG_C)
int main( int argc, char *argv[] )
{
@@ -54,7 +54,7 @@
printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or "
"POLARSSL_RSA_C and/or POLARSSL_SHA1_C and/or "
- "POLARSSL_X509_PARSE_C and/or POLARSSL_FS_IO and/or "
+ "POLARSSL_PK_PARSE_C and/or POLARSSL_FS_IO and/or "
"POLARSSL_CTR_DRBG_C not defined.\n");
return( 0 );
}
@@ -63,13 +63,14 @@
{
FILE *f;
int ret;
- rsa_context rsa;
+ pk_context pk;
entropy_context entropy;
ctr_drbg_context ctr_drbg;
unsigned char hash[20];
unsigned char buf[POLARSSL_MPI_MAX_SIZE];
char filename[512];
const char *pers = "rsa_sign_pss";
+ size_t olen = 0;
ret = 1;
@@ -99,15 +100,22 @@
printf( "\n . Reading private key from '%s'", argv[1] );
fflush( stdout );
- rsa_init( &rsa, RSA_PKCS_V21, POLARSSL_MD_SHA1 );
+ pk_init( &pk );
- if( ( ret = x509parse_keyfile_rsa( &rsa, argv[1], "" ) ) != 0 )
+ if( ( ret = pk_parse_keyfile( &pk, argv[1], "" ) ) != 0 )
{
ret = 1;
printf( " failed\n ! Could not open '%s'\n", argv[1] );
goto exit;
}
+ if( !pk_can_do( &pk, POLARSSL_PK_RSA ) )
+ {
+ ret = 1;
+ printf( " failed\n ! Key is not an RSA key\n" );
+ goto exit;
+ }
+
/*
* Compute the SHA-1 hash of the input file,
* then calculate the RSA signature of the hash.
@@ -121,11 +129,10 @@
goto exit;
}
- if( ( ret = rsa_pkcs1_sign( &rsa, ctr_drbg_random, &ctr_drbg,
- RSA_PRIVATE, POLARSSL_MD_SHA1,
- 20, hash, buf ) ) != 0 )
+ if( ( ret = pk_sign( &pk, POLARSSL_MD_SHA1, hash, 0, buf, &olen,
+ ctr_drbg_random, &ctr_drbg ) ) != 0 )
{
- printf( " failed\n ! rsa_pkcs1_sign returned %d\n\n", ret );
+ printf( " failed\n ! pk_sign returned %d\n\n", ret );
goto exit;
}
@@ -141,7 +148,7 @@
goto exit;
}
- if( fwrite( buf, 1, rsa.len, f ) != (size_t) rsa.len )
+ if( fwrite( buf, 1, olen, f ) != olen )
{
printf( "failed\n ! fwrite failed\n\n" );
goto exit;
@@ -152,6 +159,7 @@
printf( "\n . Done (created \"%s\")\n\n", filename );
exit:
+ pk_free( &pk );
#if defined(_WIN32)
printf( " + Press Enter to exit this program.\n" );
@@ -161,5 +169,5 @@
return( ret );
}
#endif /* POLARSSL_BIGNUM_C && POLARSSL_ENTROPY_C && POLARSSL_RSA_C &&
- POLARSSL_SHA1_C && POLARSSL_X509_PARSE_C && POLARSSL_FS_IO &&
+ POLARSSL_SHA1_C && POLARSSL_PK_PARSE_C && POLARSSL_FS_IO &&
POLARSSL_CTR_DRBG_C */
diff --git a/programs/pkey/rsa_verify_pss.c b/programs/pkey/rsa_verify_pss.c
index b243772..21be848 100644
--- a/programs/pkey/rsa_verify_pss.c
+++ b/programs/pkey/rsa_verify_pss.c
@@ -34,7 +34,7 @@
#include "polarssl/md.h"
#include "polarssl/pem.h"
-#include "polarssl/rsa.h"
+#include "polarssl/pk.h"
#include "polarssl/sha1.h"
#include "polarssl/x509.h"
@@ -43,7 +43,7 @@
#endif
#if !defined(POLARSSL_BIGNUM_C) || !defined(POLARSSL_RSA_C) || \
- !defined(POLARSSL_SHA1_C) || !defined(POLARSSL_X509_PARSE_C) || \
+ !defined(POLARSSL_SHA1_C) || !defined(POLARSSL_PK_PARSE_C) || \
!defined(POLARSSL_FS_IO)
int main( int argc, char *argv[] )
{
@@ -51,7 +51,7 @@
((void) argv);
printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or "
- "POLARSSL_SHA1_C and/or POLARSSL_X509_PARSE_C and/or "
+ "POLARSSL_SHA1_C and/or POLARSSL_PK_PARSE_C and/or "
"POLARSSL_FS_IO not defined.\n");
return( 0 );
}
@@ -61,7 +61,7 @@
FILE *f;
int ret;
size_t i;
- rsa_context rsa;
+ pk_context pk;
unsigned char hash[20];
unsigned char buf[POLARSSL_MPI_MAX_SIZE];
char filename[512];
@@ -81,11 +81,18 @@
printf( "\n . Reading public key from '%s'", argv[1] );
fflush( stdout );
- rsa_init( &rsa, RSA_PKCS_V21, POLARSSL_MD_SHA1 );
+ pk_init( &pk );
- if( ( ret = x509parse_public_keyfile_rsa( &rsa, argv[1] ) ) != 0 )
+ if( ( ret = pk_parse_public_keyfile( &pk, argv[1] ) ) != 0 )
{
- printf( " failed\n ! x509parse_public_key_rsa returned %d\n\n", ret );
+ printf( " failed\n ! pk_parse_public_keyfile returned %d\n\n", ret );
+ goto exit;
+ }
+
+ if( !pk_can_do( &pk, POLARSSL_PK_RSA ) )
+ {
+ ret = 1;
+ printf( " failed\n ! Key is not an RSA key\n" );
goto exit;
}
@@ -101,16 +108,11 @@
goto exit;
}
- i = fread( buf, 1, rsa.len, f );
+
+ i = fread( buf, 1, POLARSSL_MPI_MAX_SIZE, f );
fclose( f );
- if( i != rsa.len )
- {
- printf( "\n ! Invalid RSA signature format\n\n" );
- goto exit;
- }
-
/*
* Compute the SHA-1 hash of the input file and compare
* it with the hash decrypted from the RSA signature.
@@ -124,10 +126,10 @@
goto exit;
}
- if( ( ret = rsa_pkcs1_verify( &rsa, NULL, NULL, RSA_PUBLIC,
- POLARSSL_MD_SHA1, 20, hash, buf ) ) != 0 )
+ if( ( ret = pk_verify( &pk, POLARSSL_MD_SHA1, hash, 0,
+ buf, i ) ) != 0 )
{
- printf( " failed\n ! rsa_pkcs1_verify returned %d\n\n", ret );
+ printf( " failed\n ! pk_verify returned %d\n\n", ret );
goto exit;
}
@@ -136,6 +138,7 @@
ret = 0;
exit:
+ pk_free( &pk );
#if defined(_WIN32)
printf( " + Press Enter to exit this program.\n" );
@@ -145,4 +148,4 @@
return( ret );
}
#endif /* POLARSSL_BIGNUM_C && POLARSSL_RSA_C && POLARSSL_SHA1_C &&
- POLARSSL_X509_PARSE_C && POLARSSL_FS_IO */
+ POLARSSL_PK_PARSE_C && POLARSSL_FS_IO */