117 lines
3.6 KiB
C
117 lines
3.6 KiB
C
/* rsa_pub_2048.h
|
|
*
|
|
* Copyright (C) 2006-2020 wolfSSL Inc.
|
|
*
|
|
* This file is part of wolfSSL.
|
|
*
|
|
* wolfSSL is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation; either version 2 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* wolfSSL is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with this program; if not, write to the Free Software
|
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
|
|
*/
|
|
|
|
/* This file is an example of verifying an RSA signature.
|
|
* The signature is PKCS#1.5 formatted.
|
|
* Key and data are held in buffers.
|
|
* "signature.h", used by this program, can be generated using "sign.c".
|
|
*/
|
|
|
|
#include <wolfssl/options.h>
|
|
#include <wolfssl/wolfcrypt/rsa.h>
|
|
#include <wolfssl/wolfcrypt/sha256.h>
|
|
#include <wolfssl/wolfcrypt/asn.h>
|
|
#include <wolfssl/wolfcrypt/asn_public.h>
|
|
|
|
#include "rsa_pub_2048.h"
|
|
#include "signature.h"
|
|
|
|
/* Maximum bound on digest algorithm encoding around digest */
|
|
#define MAX_ENC_ALG_SZ 32
|
|
|
|
/* Main entry point.
|
|
* Verifies the signature with the message and RSA public key.
|
|
*
|
|
* argc [in] Count of command line arguments.
|
|
* argv [in] Command line argument vector.
|
|
* Returns 0 on success and 1 otherwise.
|
|
*/
|
|
int main(int argc, char* argv[])
|
|
{
|
|
int ret = 0;
|
|
Sha256 sha256;
|
|
Sha256* pSha256 = NULL;
|
|
RsaKey rsaKey;
|
|
RsaKey* pRsaKey = NULL;
|
|
word32 idx;
|
|
unsigned char digest[WC_SHA256_DIGEST_SIZE];
|
|
unsigned char encSig[WC_SHA256_DIGEST_SIZE + MAX_ENC_ALG_SZ];
|
|
word32 encSigLen = 0;
|
|
unsigned char* decSig = NULL;
|
|
word32 decSigLen = 0;
|
|
|
|
/* Calculate SHA-256 digest of message */
|
|
if (ret == 0)
|
|
ret = wc_InitSha256(&sha256);
|
|
if (ret == 0) {
|
|
pSha256 = &sha256;
|
|
ret = wc_Sha256Update(&sha256, msg, sizeof(msg));
|
|
}
|
|
if (ret == 0)
|
|
ret = wc_Sha256Final(&sha256, digest);
|
|
|
|
/* Encode digest with algorithm information as per PKCS#1.5 */
|
|
if (ret == 0) {
|
|
encSigLen = wc_EncodeSignature(encSig, digest, sizeof(digest), SHA256h);
|
|
if ((int)encSigLen < 0)
|
|
ret = (int)encSigLen;
|
|
}
|
|
|
|
/* Initialize the RSA key and decode the DER encoded public key. */
|
|
if (ret == 0)
|
|
ret = wc_InitRsaKey(&rsaKey, NULL);
|
|
if (ret == 0) {
|
|
pRsaKey = &rsaKey;
|
|
|
|
idx = 0;
|
|
ret = wc_RsaPublicKeyDecode(public_key_2048, &idx, &rsaKey,
|
|
sizeof(public_key_2048));
|
|
}
|
|
|
|
/* Verify the signature by decrypting the value. */
|
|
if (ret == 0) {
|
|
decSigLen = wc_RsaSSL_VerifyInline(rsa_sig_2048, sizeof(rsa_sig_2048),
|
|
&decSig, &rsaKey);
|
|
if ((int)decSigLen < 0)
|
|
ret = (int)decSigLen;
|
|
}
|
|
/* Check the decrypted result matches the encoded digest. */
|
|
if (ret == 0 && encSigLen != decSigLen)
|
|
ret = -1;
|
|
if (ret == 0 && XMEMCMP(encSig, decSig, encSigLen) != 0)
|
|
ret = -1;
|
|
|
|
/* Report on the verification */
|
|
if (ret == 0)
|
|
fprintf(stderr, "Verified\n");
|
|
else
|
|
fprintf(stderr, "Failure\n");
|
|
|
|
/* Free the data structures */
|
|
if (pRsaKey != NULL)
|
|
wc_FreeRsaKey(pRsaKey);
|
|
if (pSha256 != NULL)
|
|
wc_Sha256Free(pSha256);
|
|
|
|
return ret == 0 ? 0 : 1;
|
|
}
|
|
|