00001 /* 00002 * RSA/SHA-1 signature verification program 00003 * 00004 * Copyright (C) 2006-2007 Christophe Devine 00005 * 00006 * This program is free software; you can redistribute it and/or modify 00007 * it under the terms of the GNU General Public License as published by 00008 * the Free Software Foundation; either version 2 of the License, or 00009 * (at your option) any later version. 00010 * 00011 * This program is distributed in the hope that it will be useful, 00012 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00013 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00014 * GNU General Public License for more details. 00015 * 00016 * You should have received a copy of the GNU General Public License along 00017 * with this program; if not, write to the Free Software Foundation, Inc., 00018 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. 00019 */ 00020 00021 #ifndef _CRT_SECURE_NO_DEPRECATE 00022 #define _CRT_SECURE_NO_DEPRECATE 1 00023 #endif 00024 00025 #include <string.h> 00026 #include <stdio.h> 00027 00028 #include "xyssl/rsa.h" 00029 #include "xyssl/sha1.h" 00030 00031 int main( int argc, char *argv[] ) 00032 { 00033 FILE *f; 00034 int ret, i, c; 00035 rsa_context rsa; 00036 unsigned char hash[20]; 00037 unsigned char buf[512]; 00038 00039 ret = 1; 00040 if( argc != 2 ) 00041 { 00042 printf( "usage: rsa_verify <filename>\n" ); 00043 00044 #ifdef WIN32 00045 printf( "\n" ); 00046 #endif 00047 00048 goto exit; 00049 } 00050 00051 printf( "\n . Reading public key from rsa_pub.txt" ); 00052 fflush( stdout ); 00053 00054 if( ( f = fopen( "rsa_pub.txt", "rb" ) ) == NULL ) 00055 { 00056 printf( " failed\n ! Could not open rsa_pub.txt\n" \ 00057 " ! Please run rsa_genkey first\n\n" ); 00058 goto exit; 00059 } 00060 00061 rsa_init( &rsa, RSA_PKCS_V15, 0, NULL, NULL ); 00062 00063 if( ( ret = mpi_read_file( &rsa.N, 16, f ) ) != 0 || 00064 ( ret = mpi_read_file( &rsa.E, 16, f ) ) != 0 ) 00065 { 00066 printf( " failed\n ! mpi_read_file returned %d\n\n", ret ); 00067 goto exit; 00068 } 00069 00070 rsa.len = ( mpi_msb( &rsa.N ) + 7 ) >> 3; 00071 00072 fclose( f ); 00073 00074 /* 00075 * Extract the RSA signature from the text file 00076 */ 00077 ret = 1; 00078 i = strlen( argv[1] ); 00079 memcpy( argv[1] + i, ".sig", 5 ); 00080 00081 if( ( f = fopen( argv[1], "rb" ) ) == NULL ) 00082 { 00083 printf( "\n ! Could not open %s\n\n", argv[1] ); 00084 goto exit; 00085 } 00086 00087 argv[1][i] = '0円', i = 0; 00088 00089 while( fscanf( f, "%02X", &c ) > 0 && 00090 i < (int) sizeof( buf ) ) 00091 buf[i++] = (unsigned char) c; 00092 00093 fclose( f ); 00094 00095 if( i != rsa.len ) 00096 { 00097 printf( "\n ! Invalid RSA signature format\n\n" ); 00098 goto exit; 00099 } 00100 00101 /* 00102 * Compute the SHA-1 hash of the input file and compare 00103 * it with the hash decrypted from the RSA signature. 00104 */ 00105 printf( "\n . Verifying the RSA/SHA-1 signature" ); 00106 fflush( stdout ); 00107 00108 if( ( ret = sha1_file( argv[1], hash ) ) != 0 ) 00109 { 00110 printf( " failed\n ! Could not open or read %s\n\n", argv[1] ); 00111 goto exit; 00112 } 00113 00114 if( ( ret = rsa_pkcs1_verify( &rsa, RSA_PUBLIC, RSA_SHA1, 00115 20, hash, buf ) ) != 0 ) 00116 { 00117 printf( " failed\n ! rsa_pkcs1_verify returned %d\n\n", ret ); 00118 goto exit; 00119 } 00120 00121 printf( "\n . OK (the decrypted SHA-1 hash matches)\n\n" ); 00122 00123 ret = 0; 00124 00125 exit: 00126 00127 #ifdef WIN32 00128 printf( " + Press Enter to exit this program.\n" ); 00129 fflush( stdout ); getchar(); 00130 #endif 00131 00132 return( ret ); 00133 }