Cryptographic Components for C
|
| RSA BSAFE Crypto-C |
Cryptographic Components for C |
| Search |
/* $Id: rsapss.c,v 1.6 2004/12/03 02:08:38 sparki Exp $ */ /* * Copyright (C) 1998-2004 RSA Security Inc. * * This file shall only be used to demonstrate how to interface to an * RSA Security Inc. licensed development product. * * You have a royalty-free right to use, reproduce and distribute this * demonstration file, provided that you agree that RSA Security Inc. * has no warranty, implied or otherwise, or liability for this * demonstration file (including any modified version). This software * is provided "as is" without warranties or representations of any * kind. RSA Security disclaims all conditions and warranties, statutory * and otherwise, both express and implied, with respect to the software, * its quality and performance, including but not limited to, all * implied warranties of merchantability, fitness for a particular * purpose, title and noninfringement of third party rights. Without * limiting the foregoing, RSA Security does not warrant that the * software is error-free or that errors in the product will be * corrected. You agree that RSA Security shall not be liable for any * direct, indirect, incidental, special, consequential, punitive or * other damages whatsoever resulting from your use of this software * or any modified version. * * */ /* This program will generate a RSA keypair, and create a digital * signature using the probabilistic signature scheme defined in * PKCS #1v2. */ #include "bsafe.h" #include "demoutil.h" /* in samples/common/include */ #include "bsfutil.h" /* in samples/common/include */ #include "rsautil.h" /* in samples/pkalg/rsa */ B_ALGORITHM_METHOD *SIGNVERIFY_SAMPLE_CHOOSER[] = { &AM_SHA, &AM_SHA_RANDOM, &AM_RSA_KEY_GEN, &AM_RSA_CRT_ENCRYPT, &AM_RSA_DECRYPT, (B_ALGORITHM_METHOD *)NULL_PTR /* This will fix a problem that the IA64 compiler finds when * * seeing a short chooser list */ #ifdef IA64_FORCE_LARGE IA64_FORCE_LARGE #endif }; #define RSA_MODULUS_BITS 768 #define BLOCK_SIZE ((RSA_MODULUS_BITS + 7) / 8) #ifdef CRYPTOC_APP #define MAIN rsasignMain #else #define MAIN main #endif int MAIN(int argc, char *argv[]) { B_ALGORITHM_OBJ randomAlgorithm = (B_ALGORITHM_OBJ)NULL_PTR; B_ALGORITHM_OBJ digitalSigner = (B_ALGORITHM_OBJ)NULL_PTR; B_ALGORITHM_OBJ digitalVerifier = (B_ALGORITHM_OBJ)NULL_PTR; B_KEY_OBJ publicKey = (B_KEY_OBJ)NULL_PTR; B_KEY_OBJ privateKey = (B_KEY_OBJ)NULL_PTR; B_PKCS_RSA_PSS_PARAMS pssParams; B_MGF1_PARAMS mgfParams; unsigned char *inputData = (unsigned char *)"Sign this sentence."; unsigned int inputDataLen; unsigned char signature[BLOCK_SIZE]; unsigned int signatureLen; int status; do { /* The RSA_* demo code utilities are described in common/include/demoutil.h. This procedure simply checks the command-line arguments for input or output options. */ if ((status = RSA_SetOptions (argc, argv)) != 0) break; RSA_PrintMessage ("Digital Signature\n"); RSA_PrintMessage ("=================\n"); if ((status = RSA_CreateRandomAlgorithmObject (&randomAlgorithm)) != 0) break; /* The following function is in samples/pkalg/rsa/rsautil.c */ if ((status = RSA_CreateRSAKeypair (&publicKey, &privateKey, RSA_MODULUS_BITS, randomAlgorithm)) != 0) break; RSA_PrintMessage ("\nComputing a Digital Signature\n"); RSA_PrintMessage ("=============================\n"); inputDataLen = T_strlen ((char *)inputData); RSA_PrintBuf ("Data to Sign", inputData, inputDataLen); /* Create an algorithm object */ if ((status = B_CreateAlgorithmObject (&digitalSigner)) != 0) break; /* Currently the only algorithm supported is AI_SHA1 */ mgfParams.underlyingAlgorithm = AI_SHA1; mgfParams.algParams = NULL_PTR; pssParams.digestAlgorithm = AI_SHA1; pssParams.digestParams = NULL_PTR; pssParams.maskGeneratingFunction = AI_MGF1; pssParams.mgfParams = (POINTER)&mgfParams; pssParams.tfOption = 1; /* Set the algorithm object to AI_PKCS_RSA_PSS */ if ((status = B_SetAlgorithmInfo (digitalSigner, AI_PKCS_RSA_PSS, (POINTER)&pssParams)) != 0) break; /* Init */ if ((status = B_SignInit (digitalSigner, privateKey, SIGNVERIFY_SAMPLE_CHOOSER, (A_SURRENDER_CTX *)NULL_PTR)) != 0) break; /* Update -- digest the data to sign */ RSA_PrintMessage ("Digesting the input data...\n"); if ((status = B_SignUpdate (digitalSigner, inputData, inputDataLen, (A_SURRENDER_CTX *)NULL_PTR)) != 0) break; /* Final -- Encrypt the digest and output the result to a signature buffer */ RSA_PrintMessage ("Encrypting the digest...\n\n"); if ((status = B_SignFinal (digitalSigner, signature, &signatureLen, BLOCK_SIZE, randomAlgorithm, (A_SURRENDER_CTX *)NULL_PTR)) != 0) break; RSA_PrintBuf ("Digital Signature", signature, signatureLen); RSA_PrintMessage ("\nVerifying the Digital Signature\n"); RSA_PrintMessage ("===============================\n"); /* Create an algorithm object */ if ((status = B_CreateAlgorithmObject (&digitalVerifier)) != 0) break; /* Set the algorithm object to the same AI */ if ((status = B_SetAlgorithmInfo (digitalVerifier, AI_PKCS_RSA_PSS, (POINTER)&pssParams)) != 0) break; /* Init */ if ((status = B_VerifyInit (digitalVerifier, publicKey, SIGNVERIFY_SAMPLE_CHOOSER, (A_SURRENDER_CTX *)NULL_PTR)) != 0) break; /* Update */ if ((status = B_VerifyUpdate (digitalVerifier, inputData, inputDataLen, (A_SURRENDER_CTX *)NULL_PTR)) != 0) break; /* Final */ if ((status = B_VerifyFinal (digitalVerifier, signature, signatureLen, (B_ALGORITHM_OBJ)NULL_PTR, (A_SURRENDER_CTX *)NULL_PTR)) != 0) break; } while (0); if (status != 0) RSA_PrintError ("rsapss", status); else RSA_PrintMessage ("\nDigital Signature verified!\n"); /* Destroy the key and algorithm objects */ B_DestroyAlgorithmObject (&randomAlgorithm); B_DestroyAlgorithmObject (&digitalSigner); B_DestroyAlgorithmObject (&digitalVerifier); B_DestroyKeyObject (&privateKey); B_DestroyKeyObject (&publicKey); return (status); } /* end main */