TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 23986e5d5d501ae93bed161752708ba18fb9e016 / . / programs / pkey / rsa_verify_pss.c
blob: cde83c254bf056e2c22add9dd4d79c3284f7caad [file] [log] [blame]
Paul Bakker2291f6c2011-03-25 14:07:53 +0000[diff] [blame]1/*
2 * RSASSA-PSS/SHA-1 signature verification program
3 *
4 * Copyright (C) 2006-2010, Brainspark B.V.
5 *
6 * This file is part of PolarSSL (http://www.polarssl.org)
7 * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
8 *
9 * All rights reserved.
10 *
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2 of the License, or
14 * (at your option) any later version.
15 *
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
20 *
21 * You should have received a copy of the GNU General Public License along
22 * with this program; if not, write to the Free Software Foundation, Inc.,
23 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
24 */
25
26#ifndef _CRT_SECURE_NO_DEPRECATE
27#define _CRT_SECURE_NO_DEPRECATE 1
28#endif
29
30#include <string.h>
31#include <stdio.h>
32
33#include "polarssl/md.h"
34#include "polarssl/pem.h"
35#include "polarssl/rsa.h"
36#include "polarssl/sha1.h"
37#include "polarssl/x509.h"
38
Paul Bakkeraf5c85f2011-04-18 03:47:52 +0000[diff] [blame]39#if defined _MSC_VER && !defined snprintf
40#define snprintf _snprintf
41#endif
42
Paul Bakker2291f6c2011-03-25 14:07:53 +0000[diff] [blame]43int main( int argc, char *argv[] )
44{
45 FILE *f;
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame^]46 int ret;
47 size_t i;
Paul Bakker2291f6c2011-03-25 14:07:53 +0000[diff] [blame]48 rsa_context rsa;
49 unsigned char hash[20];
50 unsigned char buf[512];
51 char filename[512];
52
53 ret = 1;
54 if( argc != 3 )
55 {
56 printf( "usage: rsa_verify_pss <key_file> <filename>\n" );
57
58#ifdef WIN32
59 printf( "\n" );
60#endif
61
62 goto exit;
63 }
64
65 printf( "\n . Reading public key from '%s'", argv[1] );
66 fflush( stdout );
67
68 rsa_init( &rsa, RSA_PKCS_V21, POLARSSL_MD_SHA1 );
69
70 if( ( ret = x509parse_public_keyfile( &rsa, argv[1] ) ) != 0 )
71 {
72 printf( " failed\n ! x509parse_public_key returned %d\n\n", ret );
73 goto exit;
74 }
75
76 /*
77 * Extract the RSA signature from the text file
78 */
79 ret = 1;
80 snprintf( filename, 512, "%s.sig", argv[2] );
81
82 if( ( f = fopen( filename, "rb" ) ) == NULL )
83 {
84 printf( "\n ! Could not open %s\n\n", filename );
85 goto exit;
86 }
87
88 i = fread( buf, 1, rsa.len, f );
89
90 fclose( f );
91
92 if( i != rsa.len )
93 {
94 printf( "\n ! Invalid RSA signature format\n\n" );
95 goto exit;
96 }
97
98 /*
99 * Compute the SHA-1 hash of the input file and compare
100 * it with the hash decrypted from the RSA signature.
101 */
102 printf( "\n . Verifying the RSA/SHA-1 signature" );
103 fflush( stdout );
104
105 if( ( ret = sha1_file( argv[2], hash ) ) != 0 )
106 {
107 printf( " failed\n ! Could not open or read %s\n\n", argv[2] );
108 goto exit;
109 }
110
111 if( ( ret = rsa_pkcs1_verify( &rsa, RSA_PUBLIC, SIG_RSA_SHA1,
112 20, hash, buf ) ) != 0 )
113 {
114 printf( " failed\n ! rsa_pkcs1_verify returned %d\n\n", ret );
115 goto exit;
116 }
117
118 printf( "\n . OK (the decrypted SHA-1 hash matches)\n\n" );
119
120 ret = 0;
121
122exit:
123
124#ifdef WIN32
125 printf( " + Press Enter to exit this program.\n" );
126 fflush( stdout ); getchar();
127#endif
128
129 return( ret );
130}