155714Skris/* demos/sign/sign.c */
255714Skris/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
355714Skris * All rights reserved.
455714Skris *
555714Skris * This package is an SSL implementation written
655714Skris * by Eric Young (eay@cryptsoft.com).
755714Skris * The implementation was written so as to conform with Netscapes SSL.
8296465Sdelphij *
955714Skris * This library is free for commercial and non-commercial use as long as
1055714Skris * the following conditions are aheared to.  The following conditions
1155714Skris * apply to all code found in this distribution, be it the RC4, RSA,
1255714Skris * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
1355714Skris * included with this distribution is covered by the same copyright terms
1455714Skris * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15296465Sdelphij *
1655714Skris * Copyright remains Eric Young's, and as such any Copyright notices in
1755714Skris * the code are not to be removed.
1855714Skris * If this package is used in a product, Eric Young should be given attribution
1955714Skris * as the author of the parts of the library used.
2055714Skris * This can be in the form of a textual message at program startup or
2155714Skris * in documentation (online or textual) provided with the package.
22296465Sdelphij *
2355714Skris * Redistribution and use in source and binary forms, with or without
2455714Skris * modification, are permitted provided that the following conditions
2555714Skris * are met:
2655714Skris * 1. Redistributions of source code must retain the copyright
2755714Skris *    notice, this list of conditions and the following disclaimer.
2855714Skris * 2. Redistributions in binary form must reproduce the above copyright
2955714Skris *    notice, this list of conditions and the following disclaimer in the
3055714Skris *    documentation and/or other materials provided with the distribution.
3155714Skris * 3. All advertising materials mentioning features or use of this software
3255714Skris *    must display the following acknowledgement:
3355714Skris *    "This product includes cryptographic software written by
3455714Skris *     Eric Young (eay@cryptsoft.com)"
3555714Skris *    The word 'cryptographic' can be left out if the rouines from the library
3655714Skris *    being used are not cryptographic related :-).
37296465Sdelphij * 4. If you include any Windows specific code (or a derivative thereof) from
3855714Skris *    the apps directory (application code) you must include an acknowledgement:
3955714Skris *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40296465Sdelphij *
4155714Skris * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
4255714Skris * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
4355714Skris * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
4455714Skris * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
4555714Skris * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
4655714Skris * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
4755714Skris * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
4855714Skris * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
4955714Skris * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
5055714Skris * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
5155714Skris * SUCH DAMAGE.
52296465Sdelphij *
5355714Skris * The licence and distribution terms for any publically available version or
5455714Skris * derivative of this code cannot be changed.  i.e. this code cannot simply be
5555714Skris * copied and put under another distribution licence
5655714Skris * [including the GNU Public Licence.]
5755714Skris */
5855714Skris
59296465Sdelphij/*
60296465Sdelphij * sign-it.cpp - Simple test app using SSLeay envelopes to sign data
61296465Sdelphij * 29.9.1996, Sampo Kellomaki <sampo@iki.fi>
62296465Sdelphij */
6355714Skris
6455714Skris/* converted to C - eay :-) */
6555714Skris
66296465Sdelphij/*
67296465Sdelphij * reformated a bit and converted to use the more common functions: this was
6855714Skris * initially written at the dawn of time :-) - Steve.
6955714Skris */
7055714Skris
7155714Skris#include <stdio.h>
7255714Skris#include <openssl/rsa.h>
7355714Skris#include <openssl/evp.h>
7455714Skris#include <openssl/objects.h>
7555714Skris#include <openssl/x509.h>
7655714Skris#include <openssl/err.h>
7755714Skris#include <openssl/pem.h>
7855714Skris#include <openssl/ssl.h>
7955714Skris
80296465Sdelphijint main()
8155714Skris{
82296465Sdelphij    int err;
83296465Sdelphij    int sig_len;
84296465Sdelphij    unsigned char sig_buf[4096];
85296465Sdelphij    static char certfile[] = "cert.pem";
86296465Sdelphij    static char keyfile[] = "key.pem";
87296465Sdelphij    static char data[] = "I owe you...";
88296465Sdelphij    EVP_MD_CTX md_ctx;
89296465Sdelphij    EVP_PKEY *pkey;
90296465Sdelphij    FILE *fp;
91296465Sdelphij    X509 *x509;
9255714Skris
93296465Sdelphij    /*
94296465Sdelphij     * Just load the crypto library error strings, SSL_load_error_strings()
95296465Sdelphij     * loads the crypto AND the SSL ones
96296465Sdelphij     */
97296465Sdelphij    /* SSL_load_error_strings(); */
98296465Sdelphij    ERR_load_crypto_strings();
9955714Skris
100296465Sdelphij    /* Read private key */
10155714Skris
102296465Sdelphij    fp = fopen(keyfile, "r");
103296465Sdelphij    if (fp == NULL)
104296465Sdelphij        exit(1);
105296465Sdelphij    pkey = PEM_read_PrivateKey(fp, NULL, NULL, NULL);
106296465Sdelphij    fclose(fp);
10755714Skris
108296465Sdelphij    if (pkey == NULL) {
109296465Sdelphij        ERR_print_errors_fp(stderr);
110296465Sdelphij        exit(1);
111296465Sdelphij    }
11255714Skris
113296465Sdelphij    /* Do the signature */
11455714Skris
115296465Sdelphij    EVP_SignInit(&md_ctx, EVP_sha1());
116296465Sdelphij    EVP_SignUpdate(&md_ctx, data, strlen(data));
117296465Sdelphij    sig_len = sizeof(sig_buf);
118296465Sdelphij    err = EVP_SignFinal(&md_ctx, sig_buf, &sig_len, pkey);
11955714Skris
120296465Sdelphij    if (err != 1) {
121296465Sdelphij        ERR_print_errors_fp(stderr);
122296465Sdelphij        exit(1);
123296465Sdelphij    }
124296465Sdelphij
125296465Sdelphij    EVP_PKEY_free(pkey);
126296465Sdelphij
127296465Sdelphij    /* Read public key */
128296465Sdelphij
129296465Sdelphij    fp = fopen(certfile, "r");
130296465Sdelphij    if (fp == NULL)
131296465Sdelphij        exit(1);
132296465Sdelphij    x509 = PEM_read_X509(fp, NULL, NULL, NULL);
133296465Sdelphij    fclose(fp);
134296465Sdelphij
135296465Sdelphij    if (x509 == NULL) {
136296465Sdelphij        ERR_print_errors_fp(stderr);
137296465Sdelphij        exit(1);
138296465Sdelphij    }
139296465Sdelphij
140296465Sdelphij    /* Get public key - eay */
141296465Sdelphij    pkey = X509_get_pubkey(x509);
142296465Sdelphij    if (pkey == NULL) {
143296465Sdelphij        ERR_print_errors_fp(stderr);
144296465Sdelphij        exit(1);
145296465Sdelphij    }
146296465Sdelphij
147296465Sdelphij    /* Verify the signature */
148296465Sdelphij
149296465Sdelphij    EVP_VerifyInit(&md_ctx, EVP_sha1());
150296465Sdelphij    EVP_VerifyUpdate(&md_ctx, data, strlen((char *)data));
151296465Sdelphij    err = EVP_VerifyFinal(&md_ctx, sig_buf, sig_len, pkey);
152296465Sdelphij    EVP_PKEY_free(pkey);
153296465Sdelphij
154296465Sdelphij    if (err != 1) {
155296465Sdelphij        ERR_print_errors_fp(stderr);
156296465Sdelphij        exit(1);
157296465Sdelphij    }
158296465Sdelphij    printf("Signature Verified Ok.\n");
159296465Sdelphij    return (0);
16055714Skris}
161