| OLD | NEW |
|---|
| (Empty) | |
| 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
| 2 * Use of this source code is governed by a BSD-style license that can be |
| 3 * found in the LICENSE file. |
| 4 */ |
| 5 |
| 6 /* C port of DumpPublicKey.java from the Android Open source project with |
| 7 * support for additional RSA key sizes. (platform/system/core,git/libmincrypt |
| 8 * /tools/DumpPublicKey.java). Uses the OpenSSL X509 and BIGNUM library. |
| 9 */ |
| 10 |
| 11 #include <inttypes.h> |
| 12 #include <openssl/bn.h> |
| 13 #include <openssl/evp.h> |
| 14 #include <openssl/pem.h> |
| 15 #include <openssl/x509.h> |
| 16 #include <string.h> |
| 17 #include <unistd.h> |
| 18 |
| 19 /* Command line tool to extract RSA public keys from X.509 certificates |
| 20 * and output a pre-processed version of keys for use by RSA verification |
| 21 * routines. |
| 22 */ |
| 23 |
| 24 int check(RSA* key) { |
| 25 int public_exponent = BN_get_word(key->e); |
| 26 int modulus = BN_num_bits(key->n); |
| 27 |
| 28 if (public_exponent != 65537) { |
| 29 fprintf(stderr, "WARNING: Public exponent should be 65537 (but is %d).\n", |
| 30 public_exponent); |
| 31 } |
| 32 |
| 33 if (modulus != 1024 && modulus != 2048 && modulus != 4096 |
| 34 && modulus != 8192) { |
| 35 fprintf(stderr, "ERROR: Unknown modulus length = %d.\n", modulus); |
| 36 return 0; |
| 37 } |
| 38 return 1; |
| 39 } |
| 40 |
| 41 /* Pre-processes and outputs RSA public key to standard out. |
| 42 */ |
| 43 void output(RSA* key) { |
| 44 int i, nwords; |
| 45 BIGNUM *N = key->n; |
| 46 BIGNUM *Big1, *Big2, *Big32, *BigMinus1; |
| 47 BIGNUM *B; |
| 48 BIGNUM *N0inv, *R, *RR, *RRTemp, *NnumBits; |
| 49 BIGNUM *n, *rr; |
| 50 BN_CTX *bn_ctx = BN_CTX_new(); |
| 51 uint32_t n0invout; |
| 52 |
| 53 N = key->n; |
| 54 /* Output size of RSA key in 32-bit words */ |
| 55 nwords = BN_num_bits(N) / 32; |
| 56 write(1, &nwords, sizeof(nwords)); |
| 57 |
| 58 /* Initialize BIGNUMs */ |
| 59 Big1 = BN_new(); |
| 60 Big2 = BN_new(); |
| 61 Big32 = BN_new(); |
| 62 BigMinus1 = BN_new(); |
| 63 N0inv= BN_new(); |
| 64 R = BN_new(); |
| 65 RR = BN_new(); |
| 66 RRTemp = BN_new(); |
| 67 NnumBits = BN_new(); |
| 68 n = BN_new(); |
| 69 rr = BN_new(); |
| 70 |
| 71 |
| 72 BN_set_word(Big1, 1L); |
| 73 BN_set_word(Big2, 2L); |
| 74 BN_set_word(Big32, 32L); |
| 75 BN_sub(BigMinus1, Big1, Big2); |
| 76 |
| 77 B = BN_new(); |
| 78 BN_exp(B, Big2, Big32, bn_ctx); /* B = 2^32 */ |
| 79 |
| 80 /* Calculate and output N0inv = -1 / N[0] mod 2^32 */ |
| 81 BN_mod_inverse(N0inv, N, B, bn_ctx); |
| 82 BN_sub(N0inv, B, N0inv); |
| 83 n0invout = BN_get_word(N0inv); |
| 84 write(1, &n0invout, sizeof(n0invout)); |
| 85 |
| 86 /* Calculate R = 2^(# of key bits) */ |
| 87 BN_set_word(NnumBits, BN_num_bits(N)); |
| 88 BN_exp(R, Big2, NnumBits, bn_ctx); |
| 89 |
| 90 /* Calculate RR = R^2 mod N */ |
| 91 BN_copy(RR, R); |
| 92 BN_mul(RRTemp, RR, R, bn_ctx); |
| 93 BN_mod(RR, RRTemp, N, bn_ctx); |
| 94 |
| 95 |
| 96 /* Write out modulus as little endian array of integers. */ |
| 97 for (i = 0; i < nwords; ++i) { |
| 98 uint32_t nout; |
| 99 |
| 100 BN_mod(n, N, B, bn_ctx); /* n = N mod B */ |
| 101 nout = BN_get_word(n); |
| 102 write(1, &nout, sizeof(nout)); |
| 103 |
| 104 BN_rshift(N, N, 32); /* N = N/B */ |
| 105 } |
| 106 |
| 107 /* Write R^2 as little endian array of integers. */ |
| 108 for (i = 0; i < nwords; ++i) { |
| 109 uint32_t rrout; |
| 110 |
| 111 BN_mod(rr, RR, B, bn_ctx); /* rr = RR mod B */ |
| 112 rrout = BN_get_word(rr); |
| 113 write(1, &rrout, sizeof(rrout)); |
| 114 |
| 115 BN_rshift(RR, RR, 32); /* RR = RR/B */ |
| 116 } |
| 117 |
| 118 /* Free BIGNUMs. */ |
| 119 BN_free(Big1); |
| 120 BN_free(Big2); |
| 121 BN_free(Big32); |
| 122 BN_free(BigMinus1); |
| 123 BN_free(N0inv); |
| 124 BN_free(R); |
| 125 BN_free(RRTemp); |
| 126 BN_free(NnumBits); |
| 127 BN_free(n); |
| 128 BN_free(rr); |
| 129 |
| 130 } |
| 131 |
| 132 int main(int argc, char* argv[]) { |
| 133 FILE* fp; |
| 134 X509* cert = NULL; |
| 135 RSA* pubkey = NULL; |
| 136 EVP_PKEY* key; |
| 137 |
| 138 if (argc != 2) { |
| 139 fprintf(stderr, "Usage: %s <certfile>\n", argv[0]); |
| 140 return -1; |
| 141 } |
| 142 |
| 143 fp = fopen(argv[1], "r"); |
| 144 |
| 145 if (!fp) { |
| 146 fprintf(stderr, "Couldn't open certificate file!\n"); |
| 147 return -1; |
| 148 } |
| 149 |
| 150 /* Read the certificate */ |
| 151 if (!PEM_read_X509(fp, &cert, NULL, NULL)) { |
| 152 fprintf(stderr, "Couldn't read certificate.\n"); |
| 153 goto fail; |
| 154 } |
| 155 |
| 156 /* Get the public key from the certificate. */ |
| 157 key = X509_get_pubkey(cert); |
| 158 |
| 159 /* Convert to a RSA_style key. */ |
| 160 if (!(pubkey = EVP_PKEY_get1_RSA(key))) { |
| 161 fprintf(stderr, "Couldn't convert to a RSA style key.\n"); |
| 162 goto fail; |
| 163 } |
| 164 |
| 165 if (check(pubkey)) { |
| 166 output (pubkey); |
| 167 } |
| 168 |
| 169 fail: |
| 170 X509_free(cert); |
| 171 RSA_free(pubkey); |
| 172 fclose(fp); |
| 173 |
| 174 return 0; |
| 175 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 553023:
RSA signature verification and SHA-1/256/512 reference implementation for verified boot. (Closed)
