diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-07-07 19:34:41 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-07-07 19:34:41 +0200 |
commit | ecb853615560da4d386e0008822677591e929b4f (patch) | |
tree | 0e4e9bf75b64bdae8ac5a8a0fd5305c366bfe6aa /examples/pk.c | |
parent | b673efed4a10dc31567b1c29b140b7910daeaf95 (diff) | |
download | cryptodev-linux-ecb853615560da4d386e0008822677591e929b4f.tar.gz cryptodev-linux-ecb853615560da4d386e0008822677591e929b4f.tar.xz cryptodev-linux-ecb853615560da4d386e0008822677591e929b4f.zip |
Added test program for key generation.
Diffstat (limited to 'examples/pk.c')
-rw-r--r-- | examples/pk.c | 345 |
1 files changed, 345 insertions, 0 deletions
diff --git a/examples/pk.c b/examples/pk.c new file mode 100644 index 0000000..926d991 --- /dev/null +++ b/examples/pk.c @@ -0,0 +1,345 @@ +/* + * Demo on how to use /dev/crypto device for HMAC. + * + * Placed under public domain. + * + */ +#include <stdio.h> +#include <string.h> +#include <unistd.h> +#include <fcntl.h> +#include <time.h> +#include <sys/ioctl.h> +#include <sys/types.h> +#include <sys/stat.h> +#include "../ncr.h" +#include <stdlib.h> +#include <gnutls/gnutls.h> +#include <gnutls/x509.h> + +#define DATA_SIZE 4096 + +static void +print_hex_datum (gnutls_datum_t * dat) +{ + unsigned int j; +#define SPACE "\t" + fprintf (stdout, "\n" SPACE); + for (j = 0; j < dat->size; j++) + { + fprintf (stdout, "%.2x:", (unsigned char) dat->data[j]); + if ((j + 1) % 15 == 0) + fprintf (stdout, "\n" SPACE); + } + fprintf (stdout, "\n"); +} + +static void +print_dsa_pkey (gnutls_datum_t * x, gnutls_datum_t * y, gnutls_datum_t * p, + gnutls_datum_t * q, gnutls_datum_t * g) +{ + if (x) + { + fprintf (stdout, "private key:"); + print_hex_datum (x); + } + fprintf (stdout, "public key:"); + print_hex_datum (y); + fprintf (stdout, "p:"); + print_hex_datum (p); + fprintf (stdout, "q:"); + print_hex_datum (q); + fprintf (stdout, "g:"); + print_hex_datum (g); +} + +static void +print_rsa_pkey (gnutls_datum_t * m, gnutls_datum_t * e, gnutls_datum_t * d, + gnutls_datum_t * p, gnutls_datum_t * q, gnutls_datum_t * u, + gnutls_datum_t * exp1, gnutls_datum_t *exp2) +{ + fprintf (stdout, "modulus:"); + print_hex_datum (m); + fprintf (stdout, "public exponent:"); + print_hex_datum (e); + if (d) + { + fprintf (stdout, "private exponent:"); + print_hex_datum (d); + fprintf (stdout, "prime1:"); + print_hex_datum (p); + fprintf (stdout, "prime2:"); + print_hex_datum (q); + fprintf (stdout, "coefficient:"); + print_hex_datum (u); + if (exp1 && exp2) + { + fprintf (stdout, "exp1:"); + print_hex_datum (exp1); + fprintf (stdout, "exp2:"); + print_hex_datum (exp2); + } + } +} + +static const char * +raw_to_string (const unsigned char *raw, size_t raw_size) +{ + static char buf[1024]; + size_t i; + if (raw_size == 0) + return NULL; + + if (raw_size * 3 + 1 >= sizeof (buf)) + return NULL; + + for (i = 0; i < raw_size; i++) { + sprintf (&(buf[i * 3]), "%02X%s", raw[i], + (i == raw_size - 1) ? "" : ":"); + } + buf[sizeof (buf) - 1] = '\0'; + + return buf; +} + +int privkey_info (void* data, int data_size) +{ + gnutls_x509_privkey_t key; + size_t size; + int ret; + gnutls_datum_t pem; + unsigned char buffer[256]; + const char *cprint; + + gnutls_x509_privkey_init (&key); + + pem.data = data; + pem.size = data_size; + + ret = gnutls_x509_privkey_import (key, &pem, GNUTLS_X509_FMT_DER); + + if (ret < 0) + return 1; + + /* Public key algorithm + */ + fprintf (stdout, "Public Key Info:\n"); + ret = gnutls_x509_privkey_get_pk_algorithm (key); + + fprintf (stdout, "\tPublic Key Algorithm: "); + cprint = gnutls_pk_algorithm_get_name (ret); + fprintf (stdout, "%s\n", cprint ? cprint : "Unknown"); + + /* Print the raw public and private keys + */ + if (ret == GNUTLS_PK_RSA) { + gnutls_datum_t m, e, d, p, q, u, exp1, exp2; + + ret = gnutls_x509_privkey_export_rsa_raw2 (key, &m, &e, &d, &p, &q, &u, &exp1, &exp2); + if (ret < 0) + fprintf (stderr, "Error in key RSA data export: %s\n", + gnutls_strerror (ret)); + else { + print_rsa_pkey (&m, &e, &d, &p, &q, &u, &exp1, &exp2); + gnutls_free (m.data); + gnutls_free (e.data); + gnutls_free (d.data); + gnutls_free (p.data); + gnutls_free (q.data); + gnutls_free (u.data); + gnutls_free (exp1.data); + gnutls_free (exp2.data); + } + } else if (ret == GNUTLS_PK_DSA) { + gnutls_datum_t p, q, g, y, x; + + ret = gnutls_x509_privkey_export_dsa_raw (key, &p, &q, &g, &y, &x); + if (ret < 0) + fprintf (stderr, "Error in key DSA data export: %s\n", + gnutls_strerror (ret)); + else { + print_dsa_pkey (&x, &y, &p, &q, &g); + gnutls_free (x.data); + gnutls_free (y.data); + gnutls_free (p.data); + gnutls_free (q.data); + gnutls_free (g.data); + } + } + + fprintf (stdout, "\n"); + + size = sizeof (buffer); + if ((ret = gnutls_x509_privkey_get_key_id (key, 0, buffer, &size)) < 0) { + fprintf (stderr, "Error in key id calculation: %s\n", + gnutls_strerror (ret)); + } else { + fprintf (stdout, "Public Key ID: %s\n", raw_to_string (buffer, size)); + } + + size = sizeof (buffer); + ret = gnutls_x509_privkey_export (key, GNUTLS_X509_FMT_PEM, buffer, &size); + if (ret < 0) { + fprintf(stderr, "Error in privkey_export\n"); + return 1; + } + + fprintf (stdout, "\n%s\n", buffer); + + gnutls_x509_privkey_deinit (key); + + return 0; +} + + + +int pubkey_info(void* data, int data_size) +{ + return 0; +} + +static int +test_ncr_rsa(int cfd) +{ + int ret; + struct ncr_data_init_st dinit; + struct ncr_key_generate_st kgen; + ncr_key_t pubkey, privkey; + struct ncr_key_data_st keydata; + struct ncr_data_st kdata; + uint8_t data[DATA_SIZE]; + + fprintf(stdout, "Tests on RSA key generation:\n"); + + /* convert it to key */ + if (ioctl(cfd, NCRIO_KEY_INIT, &privkey)) { + fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); + perror("ioctl(NCRIO_KEY_INIT)"); + return 1; + } + + if (ioctl(cfd, NCRIO_KEY_INIT, &pubkey)) { + fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); + perror("ioctl(NCRIO_KEY_INIT)"); + return 1; + } + + memset(&kgen, 0, sizeof(kgen)); + kgen.desc = privkey; + kgen.desc2 = pubkey; + kgen.params.algorithm = NCR_ALG_RSA; + kgen.params.keyflags = NCR_KEY_FLAG_EXPORTABLE|NCR_KEY_FLAG_WRAPPABLE; + kgen.params.params.rsa.bits = 1024; + + if (ioctl(cfd, NCRIO_KEY_GENERATE_PAIR, &kgen)) { + fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); + perror("ioctl(NCRIO_KEY_GENERATE_PAIR)"); + return 1; + } + + /* export the private key */ + dinit.max_object_size = DATA_SIZE; + dinit.flags = NCR_DATA_FLAG_EXPORTABLE; + dinit.initial_data = NULL; + dinit.initial_data_size = 0; + + if (ioctl(cfd, NCRIO_DATA_INIT, &dinit)) { + fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); + perror("ioctl(NCRIO_DATA_INIT)"); + return 1; + } + + memset(&keydata, 0, sizeof(keydata)); + keydata.key = privkey; + keydata.data = dinit.desc; + + if (ioctl(cfd, NCRIO_KEY_EXPORT, &keydata)) { + fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); + perror("ioctl(NCRIO_KEY_IMPORT)"); + return 1; + } + + /* now read data */ + memset(data, 0, sizeof(data)); + + kdata.desc = dinit.desc; + kdata.data = data; + kdata.data_size = sizeof(data); + kdata.append_flag = 0; + + if (ioctl(cfd, NCRIO_DATA_GET, &kdata)) { + fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); + perror("ioctl(NCRIO_DATA_GET)"); + return 1; + } + + ret = privkey_info(kdata.data, kdata.data_size); + if (ret < 0) { + fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); + return 1; + } + + + + /* export the public key */ + + memset(&keydata, 0, sizeof(keydata)); + keydata.key = pubkey; + keydata.data = dinit.desc; + + if (ioctl(cfd, NCRIO_KEY_EXPORT, &keydata)) { + fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); + perror("ioctl(NCRIO_KEY_IMPORT)"); + return 1; + } + + /* now read data */ + memset(data, 0, sizeof(data)); + + kdata.desc = dinit.desc; + kdata.data = data; + kdata.data_size = sizeof(data); + kdata.append_flag = 0; + + if (ioctl(cfd, NCRIO_DATA_GET, &kdata)) { + fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); + perror("ioctl(NCRIO_DATA_GET)"); + return 1; + } + + ret = pubkey_info(kdata.data, kdata.data_size); + if (ret < 0) { + fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); + return 1; + } + + return 0; + +} + + +int +main() +{ + int fd = -1; + + /* actually test if the initial close + * will really delete all used lists */ + + fd = open("/dev/crypto", O_RDWR, 0); + if (fd < 0) { + perror("open(/dev/crypto)"); + return 1; + } + + if (test_ncr_rsa(fd)) + return 1; + + /* Close the original descriptor */ + if (close(fd)) { + perror("close(fd)"); + return 1; + } + + return 0; +} |