From 4210716c22a28c88f0d0a280d9ef5c3a2cd76b7d Mon Sep 17 00:00:00 2001 From: toddouska Date: Thu, 21 Mar 2013 10:28:55 -0700 Subject: [PATCH] add mcapi rsa with test --- mcapi/crypto.c | 73 +++++++++++++++++++++++++++++++++++ mcapi/crypto.h | 33 +++++++++++++++- mcapi/test.c | 103 +++++++++++++++++++++++++++++++++++++++++++++++-- 3 files changed, 203 insertions(+), 6 deletions(-) diff --git a/mcapi/crypto.c b/mcapi/crypto.c index 28e969916..dcb5a3445 100644 --- a/mcapi/crypto.c +++ b/mcapi/crypto.c @@ -35,6 +35,7 @@ #include #include #include +#include /* Initialize MD5 */ @@ -388,5 +389,77 @@ int CRYPT_AES_DIRECT_Decrypt(CRYPT_AES_CTX* aes, unsigned char* out, } +/* RSA Initialize */ +int CRYPT_RSA_Initialize(CRYPT_RSA_CTX* rsa) +{ + rsa->holder = (RsaKey*)XMALLOC(sizeof(RsaKey), NULL, DYNAMIC_TYPE_RSA); + if (rsa->holder == NULL) + return -1; + + InitRsaKey((RsaKey*)rsa->holder, NULL); + + return 0; +} + + +/* RSA Free resources */ +int CRYPT_RSA_Free(CRYPT_RSA_CTX* rsa) +{ + FreeRsaKey((RsaKey*)rsa->holder); + XFREE(rsa->holder, NULL, DYNAMIC_TYPE_RSA); + rsa->holder = NULL; + + return 0; +} + + +/* RSA Public key decode ASN.1 */ +int CRYPT_RSA_PublicKeyDecode(CRYPT_RSA_CTX* rsa, const unsigned char* in, + unsigned int inSz) +{ + unsigned int idx = 0; + (void)idx; + + return RsaPublicKeyDecode(in, &idx, (RsaKey*)rsa->holder, inSz); +} + + +/* RSA Private key decode ASN.1 */ +int CRYPT_RSA_PrivateKeyDecode(CRYPT_RSA_CTX* rsa, const unsigned char* in, + unsigned int inSz) +{ + unsigned int idx = 0; + (void)idx; + + return RsaPrivateKeyDecode(in, &idx, (RsaKey*)rsa->holder, inSz); +} + + +/* RSA Public Encrypt */ +int CRYPT_RSA_PublicEncrypt(CRYPT_RSA_CTX* rsa, unsigned char* out, + unsigned int outSz, const unsigned char* in, + unsigned int inSz, CRYPT_RNG_CTX* rng) +{ + return RsaPublicEncrypt(in, inSz, out, outSz, (RsaKey*)rsa->holder, + (RNG*)rng); +} + + +/* RSA Private Decrypt */ +int CRYPT_RSA_PrivateDecrypt(CRYPT_RSA_CTX* rsa, unsigned char* out, + unsigned int outSz, const unsigned char* in, + unsigned int inSz) +{ + return RsaPrivateDecrypt(in, inSz, out, outSz, (RsaKey*)rsa->holder); +} + + +/* RSA Get Encrypt size helper */ +int CRYPT_RSA_EncryptSizeGet(CRYPT_RSA_CTX* rsa) +{ + return RsaEncryptSize((RsaKey*)rsa->holder); +} + + diff --git a/mcapi/crypto.h b/mcapi/crypto.h index e54d1d10c..e8d14c86a 100644 --- a/mcapi/crypto.h +++ b/mcapi/crypto.h @@ -163,7 +163,7 @@ enum { /* AES */ typedef struct CRYPT_AES_CTX { - int holder[100]; /* big enough to hold internal, but check on init */ + int holder[69]; /* big enough to hold internal, but check on init */ } CRYPT_AES_CTX; /* key */ @@ -187,7 +187,6 @@ int CRYPT_AES_DIRECT_Encrypt(CRYPT_AES_CTX*, unsigned char*, int CRYPT_AES_DIRECT_Decrypt(CRYPT_AES_CTX*, unsigned char*, const unsigned char*); - /* key direction flags for setup, ctr always uses ENCRYPT flag */ enum { CRYPT_AES_ENCRYPTION = 0, @@ -196,6 +195,36 @@ enum { }; + +/* RSA */ +typedef struct CRYPT_RSA_CTX { + void* holder; +} CRYPT_RSA_CTX; + +/* init/free */ +int CRYPT_RSA_Initialize(CRYPT_RSA_CTX*); +int CRYPT_RSA_Free(CRYPT_RSA_CTX*); + +/* key decode */ +int CRYPT_RSA_PublicKeyDecode(CRYPT_RSA_CTX*, const unsigned char*, + unsigned int); +int CRYPT_RSA_PrivateKeyDecode(CRYPT_RSA_CTX*, const unsigned char*, + unsigned int); + +/* encrypt/decrypt */ +int CRYPT_RSA_PublicEncrypt(CRYPT_RSA_CTX*, unsigned char*, + unsigned int, const unsigned char*, unsigned int, + CRYPT_RNG_CTX*); +int CRYPT_RSA_PrivateDecrypt(CRYPT_RSA_CTX*, unsigned char*, + unsigned int, const unsigned char*, unsigned int); + +/* helpers */ +int CRYPT_RSA_EncryptSizeGet(CRYPT_RSA_CTX*); + + + + + #ifdef __cplusplus } /* extern "C" */ #endif diff --git a/mcapi/test.c b/mcapi/test.c index b7db00c8a..f940aedd7 100644 --- a/mcapi/test.c +++ b/mcapi/test.c @@ -37,6 +37,9 @@ #include #include #include +#include +#define USE_CERT_BUFFERS_1024 +#include /* c stdlib headers */ #include @@ -51,6 +54,8 @@ static byte ourData[OUR_DATA_SIZE]; static byte* key = NULL; static byte* iv = NULL; +static CRYPT_RNG_CTX mcRng; +static RNG defRng; static int check_md5(void); static int check_sha(void); @@ -64,6 +69,7 @@ static int check_des3(void); static int check_aescbc(void); static int check_aesctr(void); static int check_aesdirect(void); +static int check_rsa(void); int main(int argc, char** argv) @@ -166,6 +172,12 @@ int main(int argc, char** argv) return -1; } + ret = check_rsa(); + if (ret != 0) { + printf("mcapi check_rsa failed\n"); + return -1; + } + XFREE(iv, NULL, DYNAMIC_TYPE_KEY); @@ -493,7 +505,6 @@ static int check_compress(void) /* check mcapi rng */ static int check_rng(void) { - CRYPT_RNG_CTX rng; int ret; int i; byte in[RANDOM_BYTE_SZ]; @@ -505,19 +516,25 @@ static int check_rng(void) for (i = 0; i < RANDOM_BYTE_SZ; i++) out[i] = (byte)i; - ret = CRYPT_RNG_Initialize(&rng); + ret = InitRng(&defRng); + if (ret != 0) { + printf("default rng init failed\n"); + return -1; + } + + ret = CRYPT_RNG_Initialize(&mcRng); if (ret != 0) { printf("mcapi rng init failed\n"); return -1; } - ret = CRYPT_RNG_Get(&rng, &out[0]); + ret = CRYPT_RNG_Get(&mcRng, &out[0]); if (ret != 0) { printf("mcapi rng get failed\n"); return -1; } - ret = CRYPT_RNG_BlockGenerate(&rng, out, RANDOM_BYTE_SZ); + ret = CRYPT_RNG_BlockGenerate(&mcRng, out, RANDOM_BYTE_SZ); if (ret != 0) { printf("mcapi rng block gen failed\n"); return -1; @@ -1114,5 +1131,83 @@ static int check_aesdirect(void) } +#define RSA_TEST_SIZE 64 + +/* check mcapi rsa */ +static int check_rsa(void) +{ + CRYPT_RSA_CTX mcRsa; + RsaKey defRsa; + int ret; + int ret2; + unsigned int keySz = (unsigned int)sizeof(client_key_der_1024); + unsigned int idx = 0; + byte out1[256]; + byte out2[256]; + + InitRsaKey(&defRsa, NULL); + ret = CRYPT_RSA_Initialize(&mcRsa); + if (ret != 0) { + printf("mcapi rsa init failed\n"); + return -1; + } + + ret = CRYPT_RSA_PrivateKeyDecode(&mcRsa, client_key_der_1024, keySz); + if (ret != 0) { + printf("mcapi rsa private key decode failed\n"); + return -1; + } + + ret = RsaPrivateKeyDecode(client_key_der_1024, &idx, &defRsa, keySz); + if (ret != 0) { + printf("default rsa private key decode failed\n"); + return -1; + } + + ret = CRYPT_RSA_PublicEncrypt(&mcRsa, out1, sizeof(out1), ourData, + RSA_TEST_SIZE, &mcRng); + if (ret < 0) { + printf("mcapi rsa public encrypt failed\n"); + return -1; + } + + ret2 = RsaPublicEncrypt(ourData, RSA_TEST_SIZE, out2, sizeof(out2), + &defRsa, &defRng); + if (ret2 < 0) { + printf("default rsa public encrypt failed\n"); + return -1; + } + + if (ret != ret2) { + printf("default rsa public encrypt sz != mcapi sz\n"); + return -1; + } + + if (ret != CRYPT_RSA_EncryptSizeGet(&mcRsa)) { + printf("mcapi encrypt sz get != mcapi sz\n"); + return -1; + } + + ret = CRYPT_RSA_PrivateDecrypt(&mcRsa, out2, sizeof(out2), out1, ret); + if (ret < 0) { + printf("mcapi rsa private derypt failed\n"); + return -1; + } + + if (ret != RSA_TEST_SIZE) { + printf("mcapi rsa private derypt plain size wrong\n"); + return -1; + } + + if (memcmp(out2, ourData, ret) != 0) { + printf("mcapi rsa private derypt plain text bad\n"); + return -1; + } + + printf("rsa mcapi test passed\n"); + + return 0; +} +