blob: 7f52a09854703919a224d7fcde62fdb1086121c9 [file] [log] [blame]
Paul Bakker5121ce52009-01-03 21:22:43 +00001/*
2 * RSA/SHA-1 signature verification program
3 *
Paul Bakker84f12b72010-07-18 10:13:04 +00004 * Copyright (C) 2006-2010, Brainspark B.V.
Paul Bakkerb96f1542010-07-18 20:36:00 +00005 *
6 * This file is part of PolarSSL (http://www.polarssl.org)
Paul Bakker84f12b72010-07-18 10:13:04 +00007 * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
Paul Bakkerb96f1542010-07-18 20:36:00 +00008 *
Paul Bakker77b385e2009-07-28 17:23:11 +00009 * All rights reserved.
Paul Bakkere0ccd0a2009-01-04 16:27:10 +000010 *
Paul Bakker5121ce52009-01-03 21:22:43 +000011 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2 of the License, or
14 * (at your option) any later version.
15 *
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
20 *
21 * You should have received a copy of the GNU General Public License along
22 * with this program; if not, write to the Free Software Foundation, Inc.,
23 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
24 */
25
26#ifndef _CRT_SECURE_NO_DEPRECATE
27#define _CRT_SECURE_NO_DEPRECATE 1
28#endif
29
30#include <string.h>
31#include <stdio.h>
32
Paul Bakker40e46942009-01-03 21:51:57 +000033#include "polarssl/rsa.h"
34#include "polarssl/sha1.h"
Paul Bakker5121ce52009-01-03 21:22:43 +000035
36int main( int argc, char *argv[] )
37{
38 FILE *f;
Paul Bakker23986e52011-04-24 08:57:21 +000039 int ret, c;
40 size_t i;
Paul Bakker5121ce52009-01-03 21:22:43 +000041 rsa_context rsa;
42 unsigned char hash[20];
43 unsigned char buf[512];
44
45 ret = 1;
46 if( argc != 2 )
47 {
48 printf( "usage: rsa_verify <filename>\n" );
49
50#ifdef WIN32
51 printf( "\n" );
52#endif
53
54 goto exit;
55 }
56
57 printf( "\n . Reading public key from rsa_pub.txt" );
58 fflush( stdout );
59
60 if( ( f = fopen( "rsa_pub.txt", "rb" ) ) == NULL )
61 {
62 printf( " failed\n ! Could not open rsa_pub.txt\n" \
63 " ! Please run rsa_genkey first\n\n" );
64 goto exit;
65 }
66
Paul Bakkera802e1a2010-08-16 11:56:45 +000067 rsa_init( &rsa, RSA_PKCS_V15, 0 );
Paul Bakker5121ce52009-01-03 21:22:43 +000068
69 if( ( ret = mpi_read_file( &rsa.N, 16, f ) ) != 0 ||
70 ( ret = mpi_read_file( &rsa.E, 16, f ) ) != 0 )
71 {
72 printf( " failed\n ! mpi_read_file returned %d\n\n", ret );
73 goto exit;
74 }
75
76 rsa.len = ( mpi_msb( &rsa.N ) + 7 ) >> 3;
77
78 fclose( f );
79
80 /*
81 * Extract the RSA signature from the text file
82 */
83 ret = 1;
84 i = strlen( argv[1] );
85 memcpy( argv[1] + i, ".sig", 5 );
86
87 if( ( f = fopen( argv[1], "rb" ) ) == NULL )
88 {
89 printf( "\n ! Could not open %s\n\n", argv[1] );
90 goto exit;
91 }
92
93 argv[1][i] = '\0', i = 0;
94
95 while( fscanf( f, "%02X", &c ) > 0 &&
96 i < (int) sizeof( buf ) )
97 buf[i++] = (unsigned char) c;
98
99 fclose( f );
100
101 if( i != rsa.len )
102 {
103 printf( "\n ! Invalid RSA signature format\n\n" );
104 goto exit;
105 }
106
107 /*
108 * Compute the SHA-1 hash of the input file and compare
109 * it with the hash decrypted from the RSA signature.
110 */
111 printf( "\n . Verifying the RSA/SHA-1 signature" );
112 fflush( stdout );
113
114 if( ( ret = sha1_file( argv[1], hash ) ) != 0 )
115 {
116 printf( " failed\n ! Could not open or read %s\n\n", argv[1] );
117 goto exit;
118 }
119
Paul Bakker4593aea2009-02-09 22:32:35 +0000120 if( ( ret = rsa_pkcs1_verify( &rsa, RSA_PUBLIC, SIG_RSA_SHA1,
Paul Bakker5121ce52009-01-03 21:22:43 +0000121 20, hash, buf ) ) != 0 )
122 {
123 printf( " failed\n ! rsa_pkcs1_verify returned %d\n\n", ret );
124 goto exit;
125 }
126
127 printf( "\n . OK (the decrypted SHA-1 hash matches)\n\n" );
128
129 ret = 0;
130
131exit:
132
133#ifdef WIN32
134 printf( " + Press Enter to exit this program.\n" );
135 fflush( stdout ); getchar();
136#endif
137
138 return( ret );
139}