-
Notifications
You must be signed in to change notification settings - Fork 39
/
rsa_genpkey_decrypt.c
100 lines (75 loc) · 2.83 KB
/
rsa_genpkey_decrypt.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
/* SPDX-License-Identifier: BSD-3-Clause */
#include <string.h>
#include <openssl/provider.h>
#include <openssl/evp.h>
#include <openssl/rsa.h>
#include <openssl/err.h>
int main()
{
OSSL_PROVIDER *defprov = NULL, *tpm2prov = NULL;
EVP_PKEY *privkey = NULL, *pubkey = NULL;
OSSL_PARAM *params = NULL;
EVP_PKEY_CTX *impctx = NULL, *encctx = NULL, *decctx = NULL;
size_t enclen, declen;
unsigned char *encout = NULL, *decout = NULL;
int ret = 1;
const char* message = "Sabai Sabai";
if ((defprov = OSSL_PROVIDER_load(NULL, "default")) == NULL)
goto error;
if ((tpm2prov = OSSL_PROVIDER_load(NULL, "tpm2")) == NULL)
goto error;
/* generate a RSA-2048 key using the TPM2 */
if (!(privkey = EVP_PKEY_Q_keygen(NULL, "provider=tpm2", "RSA", (size_t)2048)))
goto error;
/* export the public key */
if (EVP_PKEY_todata(privkey, EVP_PKEY_PUBLIC_KEY, ¶ms) != 1)
goto error;
/* import the public key to the default provider */
if (!(impctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", "provider=default")))
goto error;
if (EVP_PKEY_fromdata_init(impctx) <= 0
|| EVP_PKEY_fromdata(impctx, &pubkey, EVP_PKEY_PUBLIC_KEY, params) <= 0)
goto error;
/* encode the message using the default provider */
if (!(encctx = EVP_PKEY_CTX_new_from_pkey(NULL, pubkey, NULL)))
goto error;
if (EVP_PKEY_encrypt_init(encctx) != 1)
goto error;
/* determine length */
if (EVP_PKEY_encrypt(encctx, NULL, &enclen, (const unsigned char *)message, strlen(message)) <= 0)
goto error;
if (!(encout = OPENSSL_malloc(enclen)))
goto error;
if (EVP_PKEY_encrypt(encctx, encout, &enclen, (const unsigned char *)message, strlen(message)) <= 0)
goto error;
/* decode the message using the TPM2 library context */
if (!(decctx = EVP_PKEY_CTX_new_from_pkey(NULL, privkey, "provider=tpm2")))
goto error;
if (EVP_PKEY_decrypt_init(decctx) != 1)
goto error;
/* determine length */
if (EVP_PKEY_decrypt(decctx, NULL, &declen, encout, enclen) <= 0)
goto error;
if (!(decout = OPENSSL_malloc(declen)))
goto error;
if (EVP_PKEY_decrypt(decctx, decout, &declen, encout, enclen) <= 0)
goto error;
/* check the message was decoded correctly */
if (declen == strlen(message) && memcmp(decout, message, declen) == 0)
ret = 0; /* success */
else
fprintf(stderr, "Decoding failed");
error:
ERR_print_errors_fp(stderr);
OPENSSL_free(decout);
OPENSSL_free(encout);
EVP_PKEY_CTX_free(decctx);
EVP_PKEY_CTX_free(encctx);
OSSL_PARAM_free(params);
EVP_PKEY_CTX_free(impctx);
EVP_PKEY_free(pubkey);
EVP_PKEY_free(privkey);
OSSL_PROVIDER_unload(tpm2prov);
OSSL_PROVIDER_unload(defprov);
return ret;
}