1 /*
2  *  Public key-based signature creation program
3  *
4  *  Copyright The Mbed TLS Contributors
5  *  SPDX-License-Identifier: Apache-2.0
6  *
7  *  Licensed under the Apache License, Version 2.0 (the "License"); you may
8  *  not use this file except in compliance with the License.
9  *  You may obtain a copy of the License at
10  *
11  *  http://www.apache.org/licenses/LICENSE-2.0
12  *
13  *  Unless required by applicable law or agreed to in writing, software
14  *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
15  *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16  *  See the License for the specific language governing permissions and
17  *  limitations under the License.
18  */
19 
20 #include "mbedtls/build_info.h"
21 
22 #if defined(MBEDTLS_PLATFORM_C)
23 #include "mbedtls/platform.h"
24 #else
25 #include <stdio.h>
26 #include <stdlib.h>
27 #define mbedtls_snprintf        snprintf
28 #define mbedtls_printf          printf
29 #define mbedtls_exit            exit
30 #define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
31 #define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
32 #endif /* MBEDTLS_PLATFORM_C */
33 
34 #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_ENTROPY_C) ||  \
35     !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_MD_C) || \
36     !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_FS_IO) ||    \
37     !defined(MBEDTLS_CTR_DRBG_C)
main(void)38 int main( void )
39 {
40     mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_ENTROPY_C and/or "
41            "MBEDTLS_SHA256_C and/or MBEDTLS_MD_C and/or "
42            "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO and/or "
43            "MBEDTLS_CTR_DRBG_C not defined.\n");
44     mbedtls_exit( 0 );
45 }
46 #else
47 
48 #include "mbedtls/error.h"
49 #include "mbedtls/entropy.h"
50 #include "mbedtls/ctr_drbg.h"
51 #include "mbedtls/md.h"
52 #include "mbedtls/pk.h"
53 
54 #include <stdio.h>
55 #include <string.h>
56 
main(int argc,char * argv[])57 int main( int argc, char *argv[] )
58 {
59     FILE *f;
60     int ret = 1;
61     int exit_code = MBEDTLS_EXIT_FAILURE;
62     mbedtls_pk_context pk;
63     mbedtls_entropy_context entropy;
64     mbedtls_ctr_drbg_context ctr_drbg;
65     unsigned char hash[32];
66     unsigned char buf[MBEDTLS_PK_SIGNATURE_MAX_SIZE];
67     char filename[512];
68     const char *pers = "mbedtls_pk_sign";
69     size_t olen = 0;
70 
71     mbedtls_entropy_init( &entropy );
72     mbedtls_ctr_drbg_init( &ctr_drbg );
73     mbedtls_pk_init( &pk );
74 
75     if( argc != 3 )
76     {
77         mbedtls_printf( "usage: mbedtls_pk_sign <key_file> <filename>\n" );
78 
79 #if defined(_WIN32)
80         mbedtls_printf( "\n" );
81 #endif
82 
83         goto exit;
84     }
85 
86     mbedtls_printf( "\n  . Seeding the random number generator..." );
87     fflush( stdout );
88 
89     if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
90                                (const unsigned char *) pers,
91                                strlen( pers ) ) ) != 0 )
92     {
93         mbedtls_printf( " failed\n  ! mbedtls_ctr_drbg_seed returned -0x%04x\n", (unsigned int) -ret );
94         goto exit;
95     }
96 
97     mbedtls_printf( "\n  . Reading private key from '%s'", argv[1] );
98     fflush( stdout );
99 
100     if( ( ret = mbedtls_pk_parse_keyfile( &pk, argv[1], "",
101                     mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
102     {
103         mbedtls_printf( " failed\n  ! Could not parse '%s'\n", argv[1] );
104         goto exit;
105     }
106 
107     /*
108      * Compute the SHA-256 hash of the input file,
109      * then calculate the signature of the hash.
110      */
111     mbedtls_printf( "\n  . Generating the SHA-256 signature" );
112     fflush( stdout );
113 
114     if( ( ret = mbedtls_md_file(
115                     mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ),
116                     argv[2], hash ) ) != 0 )
117     {
118         mbedtls_printf( " failed\n  ! Could not open or read %s\n\n", argv[2] );
119         goto exit;
120     }
121 
122     if( ( ret = mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, hash, 0,
123                                  buf, sizeof( buf ), &olen,
124                                  mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
125     {
126         mbedtls_printf( " failed\n  ! mbedtls_pk_sign returned -0x%04x\n", (unsigned int) -ret );
127         goto exit;
128     }
129 
130     /*
131      * Write the signature into <filename>.sig
132      */
133     mbedtls_snprintf( filename, sizeof(filename), "%s.sig", argv[2] );
134 
135     if( ( f = fopen( filename, "wb+" ) ) == NULL )
136     {
137         mbedtls_printf( " failed\n  ! Could not create %s\n\n", filename );
138         goto exit;
139     }
140 
141     if( fwrite( buf, 1, olen, f ) != olen )
142     {
143         mbedtls_printf( "failed\n  ! fwrite failed\n\n" );
144         fclose( f );
145         goto exit;
146     }
147 
148     fclose( f );
149 
150     mbedtls_printf( "\n  . Done (created \"%s\")\n\n", filename );
151 
152     exit_code = MBEDTLS_EXIT_SUCCESS;
153 
154 exit:
155     mbedtls_pk_free( &pk );
156     mbedtls_ctr_drbg_free( &ctr_drbg );
157     mbedtls_entropy_free( &entropy );
158 
159 #if defined(MBEDTLS_ERROR_C)
160     if( exit_code != MBEDTLS_EXIT_SUCCESS )
161     {
162         mbedtls_strerror( ret, (char *) buf, sizeof(buf) );
163         mbedtls_printf( "  !  Last error was: %s\n", buf );
164     }
165 #endif
166 
167 #if defined(_WIN32)
168     mbedtls_printf( "  + Press Enter to exit this program.\n" );
169     fflush( stdout ); getchar();
170 #endif
171 
172     mbedtls_exit( exit_code );
173 }
174 #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ENTROPY_C &&
175           MBEDTLS_SHA256_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO &&
176           MBEDTLS_CTR_DRBG_C */
177