nstool/lib/libfnd/source/rsa_wrapper.cpp
2018-09-09 19:54:46 +08:00

214 lines
5.3 KiB
C++

#include <fnd/rsa.h>
#include <polarssl/rsa.h>
#include <polarssl/md.h>
#include <polarssl/entropy.h>
#include <polarssl/ctr_drbg.h>
using namespace fnd::rsa;
using namespace fnd::sha;
int getWrappedHashType(HashType type)
{
switch (type)
{
case HASH_SHA1:
return SIG_RSA_SHA1;
break;
case HASH_SHA256:
return SIG_RSA_SHA256;
break;
default:
return SIG_RSA_RAW;
break;
}
return 0;
}
int getMdWrappedHashType(HashType type)
{
switch (type)
{
case HASH_SHA1:
return POLARSSL_MD_SHA1;
break;
case HASH_SHA256:
return POLARSSL_MD_SHA256;
break;
default:
return POLARSSL_MD_NONE;
break;
}
return 0;
}
uint32_t getWrappedHashSize(HashType type)
{
uint32_t size = 0;
switch (type)
{
case HASH_SHA1:
size = kSha1HashLen;
break;
case HASH_SHA256:
size = kSha256HashLen;
break;
default:
break;
}
return size;
}
int fnd::rsa::pkcs::rsaSign(const sRsa1024Key & key, HashType hash_type, const uint8_t * hash, uint8_t signature[kRsa1024Size])
{
int ret;
rsa_context ctx;
rsa_init(&ctx, RSA_PKCS_V15, 0);
ctx.len = kRsa1024Size;
mpi_read_binary(&ctx.D, key.priv_exponent, ctx.len);
mpi_read_binary(&ctx.N, key.modulus, ctx.len);
ret = rsa_rsassa_pkcs1_v15_sign(&ctx, RSA_PRIVATE, getWrappedHashType(hash_type), getWrappedHashSize(hash_type), hash, signature);
rsa_free(&ctx);
return ret;
}
int fnd::rsa::pkcs::rsaVerify(const sRsa1024Key & key, HashType hash_type, const uint8_t * hash, const uint8_t signature[kRsa1024Size])
{
static const uint8_t public_exponent[3] = { 0x01, 0x00, 0x01 };
int ret;
rsa_context ctx;
rsa_init(&ctx, RSA_PKCS_V15, 0);
ctx.len = kRsa1024Size;
mpi_read_binary(&ctx.E, public_exponent, sizeof(public_exponent));
mpi_read_binary(&ctx.N, key.modulus, ctx.len);
ret = rsa_rsassa_pkcs1_v15_verify(&ctx, RSA_PUBLIC, getWrappedHashType(hash_type), getWrappedHashSize(hash_type), hash, signature);
rsa_free(&ctx);
return ret;
}
int fnd::rsa::pkcs::rsaSign(const sRsa2048Key & key, HashType hash_type, const uint8_t * hash, uint8_t signature[kRsa2048Size])
{
int ret;
rsa_context ctx;
rsa_init(&ctx, RSA_PKCS_V15, 0);
ctx.len = kRsa2048Size;
mpi_read_binary(&ctx.D, key.priv_exponent, ctx.len);
mpi_read_binary(&ctx.N, key.modulus, ctx.len);
ret = rsa_rsassa_pkcs1_v15_sign(&ctx, RSA_PRIVATE, getWrappedHashType(hash_type), getWrappedHashSize(hash_type), hash, signature);
rsa_free(&ctx);
return ret;
}
int fnd::rsa::pkcs::rsaVerify(const sRsa2048Key & key, HashType hash_type, const uint8_t * hash, const uint8_t signature[kRsa2048Size])
{
static const uint8_t public_exponent[3] = { 0x01, 0x00, 0x01 };
int ret;
rsa_context ctx;
rsa_init(&ctx, RSA_PKCS_V15, 0);
ctx.len = kRsa2048Size;
mpi_read_binary(&ctx.E, public_exponent, sizeof(public_exponent));
mpi_read_binary(&ctx.N, key.modulus, ctx.len);
ret = rsa_rsassa_pkcs1_v15_verify(&ctx, RSA_PUBLIC, getWrappedHashType(hash_type), getWrappedHashSize(hash_type), hash, signature);
rsa_free(&ctx);
return ret;
}
int fnd::rsa::pkcs::rsaSign(const sRsa4096Key & key, HashType hash_type, const uint8_t * hash, uint8_t signature[kRsa4096Size])
{
int ret;
rsa_context ctx;
rsa_init(&ctx, RSA_PKCS_V15, 0);
ctx.len = kRsa4096Size;
mpi_read_binary(&ctx.D, key.priv_exponent, ctx.len);
mpi_read_binary(&ctx.N, key.modulus, ctx.len);
ret = rsa_rsassa_pkcs1_v15_sign(&ctx, RSA_PRIVATE, getWrappedHashType(hash_type), getWrappedHashSize(hash_type), hash, signature);
rsa_free(&ctx);
return ret;
}
int fnd::rsa::pkcs::rsaVerify(const sRsa4096Key & key, HashType hash_type, const uint8_t * hash, const uint8_t signature[kRsa4096Size])
{
static const uint8_t public_exponent[3] = { 0x01, 0x00, 0x01 };
int ret;
rsa_context ctx;
rsa_init(&ctx, RSA_PKCS_V15, 0);
ctx.len = kRsa4096Size;
mpi_read_binary(&ctx.E, public_exponent, sizeof(public_exponent));
mpi_read_binary(&ctx.N, key.modulus, ctx.len);
ret = rsa_rsassa_pkcs1_v15_verify(&ctx, RSA_PUBLIC, getWrappedHashType(hash_type), getWrappedHashSize(hash_type), hash, signature);
rsa_free(&ctx);
return ret;
}
int fnd::rsa::pss::rsaSign(const sRsa2048Key & key, HashType hash_type, const uint8_t * hash, uint8_t signature[kRsa2048Size])
{
int ret;
const char* pers = "fnd::rsa::pss::rsaSign";
// rsa
rsa_context rsa;
rsa_init(&rsa, RSA_PKCS_V21, getMdWrappedHashType(hash_type));
rsa.len = kRsa2048Size;
mpi_read_binary(&rsa.D, key.priv_exponent, rsa.len);
mpi_read_binary(&rsa.N, key.modulus, rsa.len);
entropy_context entropy;
entropy_init(&entropy);
ctr_drbg_context ctr_drbg;
ctr_drbg_init(&ctr_drbg, entropy_func, &entropy, (const uint8_t*)pers, strlen(pers));
ret = rsa_rsassa_pss_sign(&rsa, ctr_drbg_random, &ctr_drbg, RSA_PRIVATE, getWrappedHashType(hash_type), getWrappedHashSize(hash_type), hash, signature);
rsa_free(&rsa);
return ret;
}
int fnd::rsa::pss::rsaVerify(const sRsa2048Key & key, HashType hash_type, const uint8_t * hash, const uint8_t signature[kRsa2048Size])
{
static const uint8_t public_exponent[3] = { 0x01, 0x00, 0x01 };
int ret;
rsa_context ctx;
rsa_init(&ctx, RSA_PKCS_V21, getMdWrappedHashType(hash_type));
ctx.len = kRsa2048Size;
mpi_read_binary(&ctx.E, public_exponent, sizeof(public_exponent));
mpi_read_binary(&ctx.N, key.modulus, ctx.len);
ret = rsa_rsassa_pss_verify(&ctx, RSA_PUBLIC, getWrappedHashType(hash_type), getWrappedHashSize(hash_type), hash, signature);
rsa_free(&ctx);
return ret;
}