add mcapi rsa with test

2013-03-21 10:28:55 -07:00 · 2013-03-21 10:28:55 -07:00 · 4210716c22
commit 4210716c22
parent 965b70c32f
3 changed files with 203 additions and 6 deletions
--- a/mcapi/crypto.c
+++ b/mcapi/crypto.c
@ -35,6 +35,7 @@
 #include <cyassl/ctaocrypt/random.h>
 #include <cyassl/ctaocrypt/des3.h>
 #include <cyassl/ctaocrypt/aes.h>
+#include <cyassl/ctaocrypt/rsa.h>


 /* Initialize MD5 */
@ -388,5 +389,77 @@ int CRYPT_AES_DIRECT_Decrypt(CRYPT_AES_CTX* aes, unsigned char* out,
 }


+/* RSA Initialize */
+int CRYPT_RSA_Initialize(CRYPT_RSA_CTX* rsa)
+{
+    rsa->holder = (RsaKey*)XMALLOC(sizeof(RsaKey), NULL, DYNAMIC_TYPE_RSA);
+    if (rsa->holder == NULL)
+        return -1;
+
+    InitRsaKey((RsaKey*)rsa->holder, NULL);
+
+    return 0;
+}
+
+
+/* RSA Free resources */
+int CRYPT_RSA_Free(CRYPT_RSA_CTX* rsa)
+{
+    FreeRsaKey((RsaKey*)rsa->holder);
+    XFREE(rsa->holder, NULL, DYNAMIC_TYPE_RSA);
+    rsa->holder = NULL;
+
+    return 0;
+}
+
+
+/* RSA Public key decode ASN.1 */
+int CRYPT_RSA_PublicKeyDecode(CRYPT_RSA_CTX* rsa, const unsigned char* in,
+                              unsigned int inSz)
+{
+    unsigned int idx = 0;
+    (void)idx;
+
+    return RsaPublicKeyDecode(in, &idx, (RsaKey*)rsa->holder, inSz);
+}
+
+
+/* RSA Private key decode ASN.1 */
+int CRYPT_RSA_PrivateKeyDecode(CRYPT_RSA_CTX* rsa, const unsigned char* in,
+                               unsigned int inSz)
+{
+    unsigned int idx = 0;
+    (void)idx;
+
+    return RsaPrivateKeyDecode(in, &idx, (RsaKey*)rsa->holder, inSz);
+}
+
+
+/* RSA Public Encrypt */
+int CRYPT_RSA_PublicEncrypt(CRYPT_RSA_CTX* rsa, unsigned char* out,
+                            unsigned int outSz, const unsigned char* in,
+                            unsigned int inSz, CRYPT_RNG_CTX* rng)
+{
+    return RsaPublicEncrypt(in, inSz, out, outSz, (RsaKey*)rsa->holder,
+                            (RNG*)rng);
+}
+
+
+/* RSA Private Decrypt */
+int CRYPT_RSA_PrivateDecrypt(CRYPT_RSA_CTX* rsa, unsigned char* out,
+                             unsigned int outSz, const unsigned char* in,
+                             unsigned int inSz)
+{
+    return RsaPrivateDecrypt(in, inSz, out, outSz, (RsaKey*)rsa->holder);
+}
+
+
+/* RSA Get Encrypt size helper */
+int CRYPT_RSA_EncryptSizeGet(CRYPT_RSA_CTX* rsa) 
+{
+    return RsaEncryptSize((RsaKey*)rsa->holder);
+}    
+
+


--- a/mcapi/crypto.h
+++ b/mcapi/crypto.h
@ -163,7 +163,7 @@ enum {

 /* AES */
 typedef struct CRYPT_AES_CTX {
-    int holder[100];   /* big enough to hold internal, but check on init */
+    int holder[69];   /* big enough to hold internal, but check on init */
 } CRYPT_AES_CTX;

 /* key */
@ -187,7 +187,6 @@ int CRYPT_AES_DIRECT_Encrypt(CRYPT_AES_CTX*, unsigned char*,
 int CRYPT_AES_DIRECT_Decrypt(CRYPT_AES_CTX*, unsigned char*,
                           const unsigned char*);

-
 /* key direction flags for setup, ctr always uses ENCRYPT flag */
 enum {
    CRYPT_AES_ENCRYPTION = 0,
@ -196,6 +195,36 @@ enum {
 };


+
+/* RSA */
+typedef struct CRYPT_RSA_CTX {
+    void* holder;
+} CRYPT_RSA_CTX;
+
+/* init/free */
+int CRYPT_RSA_Initialize(CRYPT_RSA_CTX*);
+int CRYPT_RSA_Free(CRYPT_RSA_CTX*);
+
+/* key decode */
+int CRYPT_RSA_PublicKeyDecode(CRYPT_RSA_CTX*, const unsigned char*,
+                              unsigned int);
+int CRYPT_RSA_PrivateKeyDecode(CRYPT_RSA_CTX*, const unsigned char*,
+                               unsigned int);
+
+/* encrypt/decrypt */
+int CRYPT_RSA_PublicEncrypt(CRYPT_RSA_CTX*, unsigned char*,
+                            unsigned int, const unsigned char*, unsigned int,
+                            CRYPT_RNG_CTX*);
+int CRYPT_RSA_PrivateDecrypt(CRYPT_RSA_CTX*, unsigned char*,
+                             unsigned int, const unsigned char*, unsigned int);
+
+/* helpers */
+int CRYPT_RSA_EncryptSizeGet(CRYPT_RSA_CTX*);                             
+
+
+
+
+
 #ifdef __cplusplus
    }  /* extern "C" */ 
 #endif
--- a/mcapi/test.c
+++ b/mcapi/test.c
@ -37,6 +37,9 @@
 #include <cyassl/ctaocrypt/random.h>
 #include <cyassl/ctaocrypt/des3.h>
 #include <cyassl/ctaocrypt/aes.h>
+#include <cyassl/ctaocrypt/rsa.h>
+#define USE_CERT_BUFFERS_1024
+#include <cyassl/certs_test.h>

 /* c stdlib headers */
 #include <stdio.h>
@ -51,6 +54,8 @@
 static byte ourData[OUR_DATA_SIZE];
 static byte* key = NULL;
 static byte* iv  = NULL;
+static CRYPT_RNG_CTX mcRng;
+static RNG           defRng;

 static int check_md5(void);
 static int check_sha(void);
@ -64,6 +69,7 @@ static int check_des3(void);
 static int check_aescbc(void);
 static int check_aesctr(void);
 static int check_aesdirect(void);
+static int check_rsa(void);


 int main(int argc, char** argv)
@ -166,6 +172,12 @@ int main(int argc, char** argv)
        return -1;
    }

+    ret = check_rsa();
+    if (ret != 0) {
+        printf("mcapi check_rsa failed\n");
+        return -1;
+    }
+


    XFREE(iv,  NULL, DYNAMIC_TYPE_KEY);
@ -493,7 +505,6 @@ static int check_compress(void)
 /* check mcapi rng */
 static int check_rng(void)
 {
-    CRYPT_RNG_CTX rng;
    int           ret;
    int           i; 
    byte          in[RANDOM_BYTE_SZ];
@ -505,19 +516,25 @@ static int check_rng(void)
    for (i = 0; i < RANDOM_BYTE_SZ; i++)
        out[i] = (byte)i;

-    ret = CRYPT_RNG_Initialize(&rng);
+    ret = InitRng(&defRng);
+    if (ret != 0) {
+        printf("default rng init failed\n");
+        return -1;
+    }
+
+    ret = CRYPT_RNG_Initialize(&mcRng);
    if (ret != 0) {
        printf("mcapi rng init failed\n");
        return -1;
    }

-    ret = CRYPT_RNG_Get(&rng, &out[0]);
+    ret = CRYPT_RNG_Get(&mcRng, &out[0]);
    if (ret != 0) {
        printf("mcapi rng get failed\n");
        return -1;
    }

-    ret = CRYPT_RNG_BlockGenerate(&rng, out, RANDOM_BYTE_SZ);
+    ret = CRYPT_RNG_BlockGenerate(&mcRng, out, RANDOM_BYTE_SZ);
    if (ret != 0) {
        printf("mcapi rng block gen failed\n");
        return -1;
@ -1114,5 +1131,83 @@ static int check_aesdirect(void)
 }


+#define RSA_TEST_SIZE 64
+
+/* check mcapi rsa */
+static int check_rsa(void)
+{
+    CRYPT_RSA_CTX mcRsa;
+    RsaKey        defRsa;
+    int           ret;
+    int           ret2;
+    unsigned int  keySz = (unsigned int)sizeof(client_key_der_1024);
+    unsigned int  idx   = 0;
+    byte          out1[256];
+    byte          out2[256];
+
+    InitRsaKey(&defRsa, NULL);
+    ret = CRYPT_RSA_Initialize(&mcRsa);
+    if (ret != 0) {
+        printf("mcapi rsa init failed\n");
+        return -1;
+    }
+
+    ret = CRYPT_RSA_PrivateKeyDecode(&mcRsa, client_key_der_1024, keySz);
+    if (ret != 0) {
+        printf("mcapi rsa private key decode failed\n");
+        return -1;
+    }
+
+    ret = RsaPrivateKeyDecode(client_key_der_1024, &idx, &defRsa, keySz);
+    if (ret != 0) {
+        printf("default rsa private key decode failed\n");
+        return -1;
+    }
+
+    ret = CRYPT_RSA_PublicEncrypt(&mcRsa, out1, sizeof(out1), ourData,
+                                  RSA_TEST_SIZE, &mcRng);
+    if (ret < 0) {
+        printf("mcapi rsa public encrypt failed\n");
+        return -1;
+    }
+
+    ret2 = RsaPublicEncrypt(ourData, RSA_TEST_SIZE, out2, sizeof(out2),
+                            &defRsa, &defRng);
+    if (ret2 < 0) {
+        printf("default rsa public encrypt failed\n");
+        return -1;
+    }
+
+    if (ret != ret2) {
+        printf("default rsa public encrypt sz != mcapi sz\n");
+        return -1;
+    }
+
+    if (ret != CRYPT_RSA_EncryptSizeGet(&mcRsa)) {
+        printf("mcapi encrypt sz get != mcapi sz\n");
+        return -1;
+    }
+
+    ret = CRYPT_RSA_PrivateDecrypt(&mcRsa, out2, sizeof(out2), out1, ret); 
+    if (ret < 0) {
+        printf("mcapi rsa private derypt failed\n");
+        return -1;
+    }
+
+    if (ret != RSA_TEST_SIZE) {
+        printf("mcapi rsa private derypt plain size wrong\n");
+        return -1;
+    }
+
+    if (memcmp(out2, ourData, ret) != 0) {
+        printf("mcapi rsa private derypt plain text bad\n");
+        return -1;
+    }
+
+    printf("rsa         mcapi test passed\n");
+
+    return 0;
+}
+