zephyr/subsys/jwt/jwt_legacy_rsa.c

57 lines
1.2 KiB
C
Raw Normal View History

/*
* Copyright (C) 2024 BayLibre SAS
*
* SPDX-License-Identifier: Apache-2.0
*/
#include <string.h>
#include <zephyr/types.h>
#include <errno.h>
#include <zephyr/data/jwt.h>
#include <zephyr/data/json.h>
#include <mbedtls/pk.h>
#include <mbedtls/rsa.h>
#include <mbedtls/sha256.h>
#include <zephyr/random/random.h>
#include "jwt.h"
static int csprng_wrapper(void *ctx, unsigned char *dest, size_t size)
{
ARG_UNUSED(ctx);
return sys_csrand_get((void *)dest, size);
}
int jwt_sign_impl(struct jwt_builder *builder, const unsigned char *der_key, size_t der_key_len,
unsigned char *sig, size_t sig_size)
{
int res;
mbedtls_pk_context ctx;
size_t sig_len_out;
mbedtls_pk_init(&ctx);
res = mbedtls_pk_parse_key(&ctx, der_key, der_key_len, NULL, 0, csprng_wrapper, NULL);
if (res != 0) {
return res;
}
uint8_t hash[32];
/*
* The '0' indicates to mbedtls to do a SHA256, instead of
* 224.
*/
res = mbedtls_sha256(builder->base, builder->buf - builder->base, hash, 0);
if (res != 0) {
return res;
}
res = mbedtls_pk_sign(&ctx, MBEDTLS_MD_SHA256, hash, sizeof(hash), sig, sig_size,
&sig_len_out, csprng_wrapper, NULL);
return res;
}