Added ability to perform verify against signature file.

signature/signature.c

@@ -52,7 +52,7 @@ void hexdump(const void *buffer, word32 len, byte cols)
 
 #ifdef HAVE_ECC
 int ecc_sign_verify_test(enum wc_HashType hash_type, enum wc_SignatureType sig_type,
-    byte* fileBuf, int fileLen)
+    byte* fileBuf, int fileLen, byte* verifyFileBuf, int verifyFileLen)
 {
     int ret;
     ecc_key eccKey;
@@ -94,6 +94,11 @@ int ecc_sign_verify_test(enum wc_HashType hash_type, enum wc_SignatureType sig_t
     printf("ECC Private Key: Len %d\n", eccPrivKeyLen);
     hexdump(eccPrivKeyBuf, eccPrivKeyLen, 16);
 
+    if (verifyFileBuf) {
+        sigLen = verifyFileLen;
+        sigBuf = verifyFileBuf;
+    }
+    else {
         /* Get signature length and allocate buffer */
         sigLen = wc_SignatureGetSize(sig_type, &eccKey, sizeof(eccKey));
         if(sigLen <= 0) {
@@ -121,6 +126,7 @@ int ecc_sign_verify_test(enum wc_HashType hash_type, enum wc_SignatureType sig_t
             ret = EXIT_FAILURE;
             goto exit;
         }
+    }
 
     printf("Signature Data:\n");
     hexdump(sigBuf, sigLen, 16);
@@ -190,7 +196,7 @@ int rsa_load_der_file(const char* derFile, RsaKey *rsaKey)
 }
 
 int rsa_sign_verify_test(enum wc_HashType hash_type, enum wc_SignatureType sig_type,
-    byte* fileBuf, int fileLen)
+    byte* fileBuf, int fileLen, byte* verifyFileBuf, int verifyFileLen)
 {
     int ret;
     RsaKey rsaKey;
@@ -245,6 +251,11 @@ int rsa_sign_verify_test(enum wc_HashType hash_type, enum wc_SignatureType sig_t
     rsa_load_der_file("../certs/client-key.der", &rsaKey);
 #endif
 
+    if (verifyFileBuf) {
+        sigLen = verifyFileLen;
+        sigBuf = verifyFileBuf;
+    }
+    else {
         /* Get signature length and allocate buffer */
         sigLen = wc_SignatureGetSize(sig_type, &rsaKey, sizeof(rsaKey));
         if(sigLen <= 0) {
@@ -272,6 +283,7 @@ int rsa_sign_verify_test(enum wc_HashType hash_type, enum wc_SignatureType sig_t
             ret = EXIT_FAILURE;
             goto exit;
         }
+    }
 
     printf("RSA Signature Data:\n");
     hexdump(sigBuf, sigLen, 16);
@@ -321,12 +333,58 @@ exit:
 }
 #endif /* !NO_RSA */
 
+static int load_file_to_buffer(const char* filename, byte** fileBuf, int* fileLen)
+{
+    int ret = 0;
+    FILE* file = NULL;
+
+    /* Open file */
+    file = fopen(filename, "rb");
+    if (file == NULL) {
+        printf("File %s does not exist!\n", filename);
+        ret = EXIT_FAILURE;
+        goto exit;
+    }
+
+    /* Determine length of file */
+    fseek(file, 0, SEEK_END);
+    *fileLen = (int) ftell(file);
+    fseek(file, 0, SEEK_SET);
+    printf("File %s is %d bytes\n", filename, *fileLen);
+
+    /* Allocate buffer for image */
+    *fileBuf = malloc(*fileLen);
+    if(!*fileBuf) {
+        printf("File buffer malloc failed!\n");
+        ret = EXIT_FAILURE;
+        goto exit;
+    }
+
+    /* Load file into buffer */
+    ret = (int)fread(*fileBuf, 1, *fileLen, file);
+    if(ret != *fileLen) {
+        printf("Error reading file! %d", ret);
+        ret = EXIT_FAILURE;
+        goto exit;
+    }
+
+exit:
+
+    if(file) {
+        fclose(file);
+    }
+
+    return ret;
+}
+
 int main(int argc, char** argv)
 {
     int ret = 0;
     int fileLen;
     byte* fileBuf = NULL;
-    FILE* file = NULL;
+    int verifyFileLen;
+    byte* verifyFileBuf = NULL;
+    const char* verify_file = NULL;
     enum wc_SignatureType sig_type = WC_SIGNATURE_TYPE_NONE;
     enum wc_HashType hash_type = WC_HASH_TYPE_NONE;
 
@@ -352,9 +410,10 @@ int main(int argc, char** argv)
 
     /* Check arguments */
     if (argc < 2) {
-        printf("Usage: signature <filename> <sig> <hash>\n");
+        printf("Usage: signature <filename> <sig> <hash> <verifyfile> \n");
         printf("  <sig>: 1=ECC, 2=RSA, 3=RSA (w/DER Encoding): default %d\n", sig_type);
         printf("  <hash>: 1=MD2, 2=MD4, 3=MD5, 4=SHA, 5=SHA256, 6=SHA384, 7=SHA512, 8=MD5+SHA: default %d\n", hash_type);
+        printf("  <verifyfile>: optional sig verify binary file\n");
         return 1;
     }
     if(argc >= 3) {
@@ -363,6 +422,9 @@ int main(int argc, char** argv)
     if(argc >= 4) {
         hash_type = atoi(argv[3]);
     }
+    if(argc >= 5) {
+        verify_file = argv[4];
+    }
 
     /* Verify hash type is supported */
     if (wc_HashGetDigestSize(hash_type) <= 0) {
@@ -372,34 +434,18 @@ int main(int argc, char** argv)
 
     printf("Signature Example: Sig=%d, Hash=%d\n", sig_type, hash_type);
 
-    /* Open file */
+    /* Load input file */
-    file = fopen(argv[1], "rb");
+    ret = load_file_to_buffer(argv[1], &fileBuf, &fileLen);
-    if (file == NULL) {
+    if (ret < 0) {
-        printf("File %s does not exist!\n", argv[1]);
-        ret = EXIT_FAILURE;
         goto exit;
     }
 
-    /* Determine length of file */
+    /* Load verify signature file (optional) */
-    fseek(file, 0, SEEK_END);
+    if (verify_file) {
-    fileLen = (int) ftell(file);
+        ret = load_file_to_buffer(verify_file, &verifyFileBuf, &verifyFileLen);
-    fseek(file, 0, SEEK_SET);
+        if (ret < 0) {
-    printf("File %s is %d bytes\n", argv[1], fileLen);
-
-    /* Allocate buffer for image */
-    fileBuf = malloc(fileLen);
-    if(!fileBuf) {
-        printf("File buffer malloc failed!\n");
-        ret = EXIT_FAILURE;
             goto exit;
         }
-
-    /* Load file into buffer */
-    ret = (int)fread(fileBuf, 1, fileLen, file);
-    if(ret != fileLen) {
-        printf("Error reading file! %d", ret);
-        ret = EXIT_FAILURE;
-        goto exit;
     }
 
     /* Perform sign and verify */
@@ -407,7 +453,8 @@ int main(int argc, char** argv)
     {
 #ifdef HAVE_ECC
     case WC_SIGNATURE_TYPE_ECC:
-        ret = ecc_sign_verify_test(hash_type, sig_type, fileBuf, fileLen);
+        ret = ecc_sign_verify_test(hash_type, sig_type, fileBuf, fileLen,
+            verifyFileBuf, verifyFileLen);
         break;
 #endif
 #ifndef NO_RSA
@@ -415,7 +462,8 @@ int main(int argc, char** argv)
         case WC_SIGNATURE_TYPE_RSA_W_ENC:
     #endif
         case WC_SIGNATURE_TYPE_RSA:
-            ret = rsa_sign_verify_test(hash_type, sig_type, fileBuf, fileLen);
+            ret = rsa_sign_verify_test(hash_type, sig_type, fileBuf, fileLen,
+                verifyFileBuf, verifyFileLen);
             break;
 #endif
         default:
@@ -428,9 +476,6 @@ exit:
     if(fileBuf) {
         free(fileBuf);
     }
-    if(file) {
-        fclose(file);
-    }
 
     return ret;
 }