155714Skris/* demos/sign/sign.c */ 255714Skris/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 355714Skris * All rights reserved. 455714Skris * 555714Skris * This package is an SSL implementation written 655714Skris * by Eric Young (eay@cryptsoft.com). 755714Skris * The implementation was written so as to conform with Netscapes SSL. 8296465Sdelphij * 955714Skris * This library is free for commercial and non-commercial use as long as 1055714Skris * the following conditions are aheared to. The following conditions 1155714Skris * apply to all code found in this distribution, be it the RC4, RSA, 1255714Skris * lhash, DES, etc., code; not just the SSL code. The SSL documentation 1355714Skris * included with this distribution is covered by the same copyright terms 1455714Skris * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15296465Sdelphij * 1655714Skris * Copyright remains Eric Young's, and as such any Copyright notices in 1755714Skris * the code are not to be removed. 1855714Skris * If this package is used in a product, Eric Young should be given attribution 1955714Skris * as the author of the parts of the library used. 2055714Skris * This can be in the form of a textual message at program startup or 2155714Skris * in documentation (online or textual) provided with the package. 22296465Sdelphij * 2355714Skris * Redistribution and use in source and binary forms, with or without 2455714Skris * modification, are permitted provided that the following conditions 2555714Skris * are met: 2655714Skris * 1. Redistributions of source code must retain the copyright 2755714Skris * notice, this list of conditions and the following disclaimer. 2855714Skris * 2. Redistributions in binary form must reproduce the above copyright 2955714Skris * notice, this list of conditions and the following disclaimer in the 3055714Skris * documentation and/or other materials provided with the distribution. 3155714Skris * 3. All advertising materials mentioning features or use of this software 3255714Skris * must display the following acknowledgement: 3355714Skris * "This product includes cryptographic software written by 3455714Skris * Eric Young (eay@cryptsoft.com)" 3555714Skris * The word 'cryptographic' can be left out if the rouines from the library 3655714Skris * being used are not cryptographic related :-). 37296465Sdelphij * 4. If you include any Windows specific code (or a derivative thereof) from 3855714Skris * the apps directory (application code) you must include an acknowledgement: 3955714Skris * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40296465Sdelphij * 4155714Skris * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 4255714Skris * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 4355714Skris * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 4455714Skris * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 4555714Skris * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 4655714Skris * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 4755714Skris * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 4855714Skris * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 4955714Skris * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 5055714Skris * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 5155714Skris * SUCH DAMAGE. 52296465Sdelphij * 5355714Skris * The licence and distribution terms for any publically available version or 5455714Skris * derivative of this code cannot be changed. i.e. this code cannot simply be 5555714Skris * copied and put under another distribution licence 5655714Skris * [including the GNU Public Licence.] 5755714Skris */ 5855714Skris 59296465Sdelphij/* 60296465Sdelphij * sign-it.cpp - Simple test app using SSLeay envelopes to sign data 61296465Sdelphij * 29.9.1996, Sampo Kellomaki <sampo@iki.fi> 62296465Sdelphij */ 6355714Skris 6455714Skris/* converted to C - eay :-) */ 6555714Skris 66296465Sdelphij/* 67296465Sdelphij * reformated a bit and converted to use the more common functions: this was 6855714Skris * initially written at the dawn of time :-) - Steve. 6955714Skris */ 7055714Skris 7155714Skris#include <stdio.h> 7255714Skris#include <openssl/rsa.h> 7355714Skris#include <openssl/evp.h> 7455714Skris#include <openssl/objects.h> 7555714Skris#include <openssl/x509.h> 7655714Skris#include <openssl/err.h> 7755714Skris#include <openssl/pem.h> 7855714Skris#include <openssl/ssl.h> 7955714Skris 80296465Sdelphijint main() 8155714Skris{ 82296465Sdelphij int err; 83296465Sdelphij int sig_len; 84296465Sdelphij unsigned char sig_buf[4096]; 85296465Sdelphij static char certfile[] = "cert.pem"; 86296465Sdelphij static char keyfile[] = "key.pem"; 87296465Sdelphij static char data[] = "I owe you..."; 88296465Sdelphij EVP_MD_CTX md_ctx; 89296465Sdelphij EVP_PKEY *pkey; 90296465Sdelphij FILE *fp; 91296465Sdelphij X509 *x509; 9255714Skris 93296465Sdelphij /* 94296465Sdelphij * Just load the crypto library error strings, SSL_load_error_strings() 95296465Sdelphij * loads the crypto AND the SSL ones 96296465Sdelphij */ 97296465Sdelphij /* SSL_load_error_strings(); */ 98296465Sdelphij ERR_load_crypto_strings(); 9955714Skris 100296465Sdelphij /* Read private key */ 10155714Skris 102296465Sdelphij fp = fopen(keyfile, "r"); 103296465Sdelphij if (fp == NULL) 104296465Sdelphij exit(1); 105296465Sdelphij pkey = PEM_read_PrivateKey(fp, NULL, NULL, NULL); 106296465Sdelphij fclose(fp); 10755714Skris 108296465Sdelphij if (pkey == NULL) { 109296465Sdelphij ERR_print_errors_fp(stderr); 110296465Sdelphij exit(1); 111296465Sdelphij } 11255714Skris 113296465Sdelphij /* Do the signature */ 11455714Skris 115296465Sdelphij EVP_SignInit(&md_ctx, EVP_sha1()); 116296465Sdelphij EVP_SignUpdate(&md_ctx, data, strlen(data)); 117296465Sdelphij sig_len = sizeof(sig_buf); 118296465Sdelphij err = EVP_SignFinal(&md_ctx, sig_buf, &sig_len, pkey); 11955714Skris 120296465Sdelphij if (err != 1) { 121296465Sdelphij ERR_print_errors_fp(stderr); 122296465Sdelphij exit(1); 123296465Sdelphij } 124296465Sdelphij 125296465Sdelphij EVP_PKEY_free(pkey); 126296465Sdelphij 127296465Sdelphij /* Read public key */ 128296465Sdelphij 129296465Sdelphij fp = fopen(certfile, "r"); 130296465Sdelphij if (fp == NULL) 131296465Sdelphij exit(1); 132296465Sdelphij x509 = PEM_read_X509(fp, NULL, NULL, NULL); 133296465Sdelphij fclose(fp); 134296465Sdelphij 135296465Sdelphij if (x509 == NULL) { 136296465Sdelphij ERR_print_errors_fp(stderr); 137296465Sdelphij exit(1); 138296465Sdelphij } 139296465Sdelphij 140296465Sdelphij /* Get public key - eay */ 141296465Sdelphij pkey = X509_get_pubkey(x509); 142296465Sdelphij if (pkey == NULL) { 143296465Sdelphij ERR_print_errors_fp(stderr); 144296465Sdelphij exit(1); 145296465Sdelphij } 146296465Sdelphij 147296465Sdelphij /* Verify the signature */ 148296465Sdelphij 149296465Sdelphij EVP_VerifyInit(&md_ctx, EVP_sha1()); 150296465Sdelphij EVP_VerifyUpdate(&md_ctx, data, strlen((char *)data)); 151296465Sdelphij err = EVP_VerifyFinal(&md_ctx, sig_buf, sig_len, pkey); 152296465Sdelphij EVP_PKEY_free(pkey); 153296465Sdelphij 154296465Sdelphij if (err != 1) { 155296465Sdelphij ERR_print_errors_fp(stderr); 156296465Sdelphij exit(1); 157296465Sdelphij } 158296465Sdelphij printf("Signature Verified Ok.\n"); 159296465Sdelphij return (0); 16055714Skris} 161