WolfSSL
/
wolfssl-examples
mirror of https://github.com/wolfSSL/wolfssl-examples.git
1
0
Fork 0
Code Issues Releases Wiki Activity

adding ed25519 sign/verify, help menu changes

pull/89/head
connerwolfssl 2018-04-17 09:04:39 -06:00
parent b48d9f17d6
commit 1475a12f71
4 changed files with 212 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
wolfCLU/clu_include/sign-verify/clu_verify.h
View File

@ -35,4 +35,4 @@ int wolfCLU_verify_signature(char* , char*, char*, char*, int, int);
int wolfCLU_verify_signature_rsa(byte* , char*, int, char*, int);
int wolfCLU_verify_signature_ecc(byte*, int, byte*, int, char*);
int wolfCLU_verify_signature_ed25519(byte*, int, byte*, int, char*);
int wolfCLU_verify_signature_ed25519(byte*, int, byte*, int, char*, int);

72
wolfCLU/clu_src/sign-verify/clu_sign.c
View File

@ -203,6 +203,74 @@ int wolfCLU_sign_data_ecc(byte* data, char* out, word32 fSz, char* privKey) {
int wolfCLU_sign_data_ed25519 (byte* data, char* out,
word32 fSz, char* privKey) {
printf("ERROR: FEATURE COMING SOON! (not yet implemented)\n");
return FEATURE_COMING_SOON;
#ifdef HAVE_ED25519
int ret;
int privFileSz;
size_t edKeySz;
word32 index = 0;
word32 outLen;
word32 pubLen;
FILE* privKeyFile;
ed25519_key key;
WC_RNG rng;
XMEMSET(&rng, 0, sizeof(rng));
XMEMSET(&key, 0, sizeof(key));
/* init the ED25519 key */
ret = wc_ed25519_init(&key);
if (ret != 0) {
printf("Failed to initialize ed25519 key\nRET: %d\n", ret);
return ret;
}
ret = wc_InitRng(&rng);
if (ret != 0) {
printf("Failed to initialize rng.\nRET: %d\n", ret);
return ret;
}
/* read in and store private key */
privKeyFile = fopen(privKey, "rb");
fseek(privKeyFile, 0, SEEK_END);
privFileSz = ftell(privKeyFile);
byte keyBuf[privFileSz];
fseek(privKeyFile, 0, SEEK_SET);
fread(keyBuf, 1, privFileSz, privKeyFile);
fclose(privKeyFile);
/* retrieving private key and storing in the ED25519 Key */
ret = wc_ed25519_import_private_key(keyBuf,
ED25519_KEY_SIZE,
keyBuf + ED25519_KEY_SIZE,
ED25519_KEY_SIZE, &key);
if (ret != 0 ) {
printf("Failed to import private key.\nRET: %d\n", ret);
return ret;
}
/* setting up output buffer based on key size */
byte outBuf[ED25519_SIG_SIZE];
XMEMSET(&outBuf, 0, sizeof(outBuf));
outLen = sizeof(outBuf);
/* signing input with ED25519 priv key to produce signature */
ret = wc_ed25519_sign_msg(data, fSz, outBuf, &outLen, &key);
if (ret < 0) {
printf("Failed to sign data with ED25519 private key.\nRET: %d\n", ret);
return ret;
}
else {
FILE* s;
s = fopen(out, "wb");
fwrite(outBuf, 1, sizeof(outBuf), s);
fclose(s);
}
return ret;
#else
return NOT_COMPILED_IN;
#endif
}

146
wolfCLU/clu_src/sign-verify/clu_verify.c
View File

@ -26,7 +26,7 @@
#include <wolfssl/ssl.h>
#include "clu_include/clu_header_main.h"
byte* wolfCLU_generate_public_key(char* privKey, byte* outBuf, int* outBufSz) {
byte* wolfCLU_generate_public_key_rsa(char* privKey, byte* outBuf, int* outBufSz) {
#ifndef NO_RSA
int ret;
int privFileSz;
@ -52,7 +52,7 @@ byte* wolfCLU_generate_public_key(char* privKey, byte* outBuf, int* outBufSz) {
privKeyFile = fopen(privKey, "rb");
fseek(privKeyFile, 0, SEEK_END);
privFileSz = ftell(privKeyFile);
keyBuf = malloc(privFileSz*sizeof(keyBuf));
keyBuf = malloc(privFileSz);
fseek(privKeyFile, 0, SEEK_SET);
fread(keyBuf, 1, privFileSz, privKeyFile);
fclose(privKeyFile);
@ -69,7 +69,7 @@ byte* wolfCLU_generate_public_key(char* privKey, byte* outBuf, int* outBufSz) {
*outBufSz = 2*wc_RsaEncryptSize(&key);
/* setting up output buffer based on privateKeyFile size */
outBuf = malloc(*outBufSz*sizeof(outBuf));
outBuf = malloc(*outBufSz);
XMEMSET(outBuf, 0, *outBufSz);
ret = wc_RsaKeyToPublicDer(&key, outBuf, *outBufSz);
@ -85,17 +85,65 @@ byte* wolfCLU_generate_public_key(char* privKey, byte* outBuf, int* outBufSz) {
#endif
}
int wolfCLU_generate_public_key_ed25519(char* privKey, byte* outBuf) {
#ifdef HAVE_ED25519
int ret;
word32 outLen = ED25519_KEY_SIZE;
FILE* privKeyFile;
ed25519_key key;
byte privBuf[ED25519_SIG_SIZE];
XMEMSET(&key, 0, sizeof(key));
XMEMSET(privBuf, 0, ED25519_SIG_SIZE);
ret = wc_ed25519_init(&key);
if (ret != 0) {
printf("Failed to initialize ED25519.\nRet: %d", ret);
return ret;
}
/* read in and store private key */
privKeyFile = fopen(privKey, "rb");
fread(privBuf, 1, ED25519_SIG_SIZE, privKeyFile);
fclose(privKeyFile);
/* retrieving private key and storing in the ED25519 */
ret = wc_ed25519_import_private_key(privBuf,
ED25519_KEY_SIZE,
privBuf + ED25519_KEY_SIZE,
ED25519_KEY_SIZE,
&key);
if (ret < 0 ) {
printf("Failed to decode private key.\nRET: %d\n", ret);
return ret;
}
/* retrive public key from private */
ret = wc_ed25519_export_public(&key, outBuf, &outLen);
if (ret != 0) {
printf("Failed to create ED25519 public key.\nRET: %d\n", ret);
return ret;
}
return ret;
#else
return NOT_COMPILED_IN;
#endif
}
int wolfCLU_verify_signature(char* sig, char* hash,
char* out, char* keyPath, int keyType, int pubIn) {
int hSz;
FILE* h;
byte* h_mssg;
int ret = -1;
int fSz;
int ret = -1;
FILE* h;
FILE* f = fopen(sig,"rb");
byte* h_mssg;
fseek(f, 0, SEEK_END);
fSz = ftell(f);
@ -116,7 +164,7 @@ int wolfCLU_verify_signature(char* sig, char* hash,
fseek(h, 0, SEEK_END);
hSz = ftell(h);
h_mssg = malloc(hSz*sizeof(h_mssg));
h_mssg = malloc(hSz);
fseek(h, 0, SEEK_SET);
fread(h_mssg, 1, hSz, h);
@ -125,7 +173,18 @@ int wolfCLU_verify_signature(char* sig, char* hash,
break;
case ED25519_SIG_VER:
ret = wolfCLU_verify_signature_ed25519(data, fSz, h_mssg, hSz, keyPath);
hSz;
h = fopen(hash,"rb");
fseek(h, 0, SEEK_END);
hSz = ftell(h);
h_mssg = malloc(hSz);
fseek(h, 0, SEEK_SET);
fread(h_mssg, 1, hSz, h);
fclose(h);
ret = wolfCLU_verify_signature_ed25519(data, ED25519_SIG_SIZE, h_mssg, hSz, keyPath, pubIn);
break;
}
return ret;
@ -162,7 +221,7 @@ int wolfCLU_verify_signature_rsa(byte* sig, char* out, int sigSz, char* keyPath,
fread(keyBuf, 1, keyFileSz, keyPathFile);
fclose(keyPathFile);
} else {
keyBuf = wolfCLU_generate_public_key(keyPath, keyBuf, &keyFileSz);
keyBuf = wolfCLU_generate_public_key_rsa(keyPath, keyBuf, &keyFileSz);
if (keyFileSz < 0) {
printf("Failed to derive public key from private key.\n");
return ret;
@ -218,16 +277,16 @@ int wolfCLU_verify_signature_ecc(byte* sig, int sigSz, byte* hash, int hashSz,
printf("Failed to initialize ecc key.\nRet: %d", ret);
return ret;
}
/* read in and store ecc key */
keyPathFile = fopen(keyPath, "rb");
fseek(keyPathFile, 0, SEEK_END);
keyFileSz = ftell(keyPathFile);
keyBuf = malloc(keyFileSz*sizeof(keyBuf));
keyBuf = malloc(keyFileSz);
fseek(keyPathFile, 0, SEEK_SET);
fread(keyBuf, 1, keyFileSz, keyPathFile);
fclose(keyPathFile);
fclose(keyPathFile);
/* retrieving public key and storing in the ecc key */
ret = wc_EccPublicKeyDecode(keyBuf, &index, &key, keyFileSz);
if (ret < 0 ) {
@ -251,9 +310,62 @@ int wolfCLU_verify_signature_ecc(byte* sig, int sigSz, byte* hash, int hashSz,
#endif
}
int wolfCLU_verify_signature_ed25519(byte* data, int fSz,
byte* mssg, int mSz, char* path) {
int wolfCLU_verify_signature_ed25519(byte* sig, int sigSz,
byte* hash, int hashSz, char* keyPath, int pubIn) {
printf("ERROR: FEATURE COMING SOON! (not yet implemented)\n");
return FEATURE_COMING_SOON;
#ifdef HAVE_ED25519
int ret;
int keyFileSz;
int stat = 0;
FILE* keyPathFile;
ed25519_key key;
byte* keyBuf = malloc(ED25519_KEY_SIZE);
XMEMSET(&key, 0, sizeof(key));
XMEMSET(keyBuf, 0, ED25519_KEY_SIZE);
ret = wc_ed25519_init(&key);
if (ret != 0) {
printf("Failed to initialize ED25519 key.\nRet: %d", ret);
return ret;
}
/* retrieving public key and storing in the ED25519 key */
if (pubIn == 1) {
/* read in and store ED25519 key */
keyPathFile = fopen(keyPath, "rb");
fread(keyBuf, 1, ED25519_KEY_SIZE, keyPathFile);
fclose(keyPathFile);
} else {
ret = wolfCLU_generate_public_key_ed25519(keyPath, keyBuf);
if (ret != 0) {
printf("Failed to derive public key from private key.\n");
return ret;
}
}
ret = wc_ed25519_import_public(keyBuf, ED25519_KEY_SIZE, &key);
if (ret != 0 ) {
printf("Failed to decode public key.\nRET: %d\n", ret);
return ret;
}
ret = wc_ed25519_verify_msg(sig, sigSz, hash, hashSz, &stat, &key);
if (ret != 0) {
printf("Failed to verify data with ED25519 public key.\nRET: %d\n", ret);
return ret;
} else if (stat == 1) {
printf("Valid Signature.\n");
} else {
printf("Invalid Signature.\n");
}
return ret;
#else
return NOT_COMPILED_IN;
#endif
}

15
wolfCLU/clu_src/tools/clu_funcs.c
View File

@ -354,7 +354,7 @@ void wolfCLU_genKeyHelp() {
const char* keysother[] = { /* list of acceptable key types */
"KEYS: "
#ifndef NO_RSA
",rsa"
,"rsa"
#endif
#ifdef HAVE_ED25519
,"ed25519"
@ -412,7 +412,8 @@ void wolfCLU_signHelp(int keyType) {
#endif
#ifdef HAVE_ED25519
case ED25519_SIG_VER:
printf("ED25519 Sign Usage: COMING SOON\n\n");
printf("ED25519 Sign Usage: \nwolfssl -ed25519 -sign -inkey "
"<priv_key> -in <filename> -out <filename>\n\n");
printf("***************************************************************\n");
break;
#endif
@ -462,7 +463,15 @@ void wolfCLU_verifyHelp(int keyType) {
#endif
#ifdef HAVE_ED25519
case ED25519_SIG_VER:
printf("ED25519 Verify Usage: COMING SOON\n\n");
printf("ED25519 Verifiy with Private Key\n"
"wolfssl -ed25519 -verify -inkey "
"<priv_key> -signature <filename> -in <original>"
"\n\n");
printf("***************************************************************\n");
printf("ED25519 Verifiy with Public Key\n"
"wolfssl -ed25519 -verify -inkey "
"<pub_key> -signature <filename> -in <original> -pubin"
"\n\n");
printf("***************************************************************\n");
break;
#endif