• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  *  Public key-based signature verification program
3  *
4  *  Copyright The Mbed TLS Contributors
5  *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
6  *
7  *  This file is provided under the Apache License 2.0, or the
8  *  GNU General Public License v2.0 or later.
9  *
10  *  **********
11  *  Apache License 2.0:
12  *
13  *  Licensed under the Apache License, Version 2.0 (the "License"); you may
14  *  not use this file except in compliance with the License.
15  *  You may obtain a copy of the License at
16  *
17  *  http://www.apache.org/licenses/LICENSE-2.0
18  *
19  *  Unless required by applicable law or agreed to in writing, software
20  *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
21  *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
22  *  See the License for the specific language governing permissions and
23  *  limitations under the License.
24  *
25  *  **********
26  *
27  *  **********
28  *  GNU General Public License v2.0 or later:
29  *
30  *  This program is free software; you can redistribute it and/or modify
31  *  it under the terms of the GNU General Public License as published by
32  *  the Free Software Foundation; either version 2 of the License, or
33  *  (at your option) any later version.
34  *
35  *  This program is distributed in the hope that it will be useful,
36  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
37  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
38  *  GNU General Public License for more details.
39  *
40  *  You should have received a copy of the GNU General Public License along
41  *  with this program; if not, write to the Free Software Foundation, Inc.,
42  *  51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
43  *
44  *  **********
45  */
46 
47 #if !defined(MBEDTLS_CONFIG_FILE)
48 #include "mbedtls/config.h"
49 #else
50 #include MBEDTLS_CONFIG_FILE
51 #endif
52 
53 #if defined(MBEDTLS_PLATFORM_C)
54 #include "mbedtls/platform.h"
55 #else
56 #include <stdio.h>
57 #include <stdlib.h>
58 #define mbedtls_snprintf        snprintf
59 #define mbedtls_printf          printf
60 #define mbedtls_exit            exit
61 #define MBEDTLS_EXIT_SUCCESS    EXIT_SUCCESS
62 #define MBEDTLS_EXIT_FAILURE    EXIT_FAILURE
63 #endif /* MBEDTLS_PLATFORM_C */
64 
65 #if !defined(MBEDTLS_BIGNUM_C) || !defined(MBEDTLS_MD_C) || \
66     !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_PK_PARSE_C) ||   \
67     !defined(MBEDTLS_FS_IO)
main(void)68 int main( void )
69 {
70     mbedtls_printf("MBEDTLS_BIGNUM_C and/or MBEDTLS_MD_C and/or "
71            "MBEDTLS_SHA256_C and/or MBEDTLS_PK_PARSE_C and/or "
72            "MBEDTLS_FS_IO not defined.\n");
73     mbedtls_exit( 0 );
74 }
75 #else
76 
77 #include "mbedtls/error.h"
78 #include "mbedtls/md.h"
79 #include "mbedtls/pk.h"
80 
81 #include <stdio.h>
82 #include <string.h>
83 
84 
main(int argc,char * argv[])85 int main( int argc, char *argv[] )
86 {
87     FILE *f;
88     int ret = 1;
89     int exit_code = MBEDTLS_EXIT_FAILURE;
90     size_t i;
91     mbedtls_pk_context pk;
92     unsigned char hash[32];
93     unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
94     char filename[512];
95 
96     mbedtls_pk_init( &pk );
97 
98     if( argc != 3 )
99     {
100         mbedtls_printf( "usage: mbedtls_pk_verify <key_file> <filename>\n" );
101 
102 #if defined(_WIN32)
103         mbedtls_printf( "\n" );
104 #endif
105 
106         goto exit;
107     }
108 
109     mbedtls_printf( "\n  . Reading public key from '%s'", argv[1] );
110     fflush( stdout );
111 
112     if( ( ret = mbedtls_pk_parse_public_keyfile( &pk, argv[1] ) ) != 0 )
113     {
114         mbedtls_printf( " failed\n  ! mbedtls_pk_parse_public_keyfile returned -0x%04x\n", -ret );
115         goto exit;
116     }
117 
118     /*
119      * Extract the signature from the file
120      */
121     mbedtls_snprintf( filename, sizeof(filename), "%s.sig", argv[2] );
122 
123     if( ( f = fopen( filename, "rb" ) ) == NULL )
124     {
125         mbedtls_printf( "\n  ! Could not open %s\n\n", filename );
126         goto exit;
127     }
128 
129     i = fread( buf, 1, sizeof(buf), f );
130 
131     fclose( f );
132 
133     /*
134      * Compute the SHA-256 hash of the input file and
135      * verify the signature
136      */
137     mbedtls_printf( "\n  . Verifying the SHA-256 signature" );
138     fflush( stdout );
139 
140     if( ( ret = mbedtls_md_file(
141                     mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ),
142                     argv[2], hash ) ) != 0 )
143     {
144         mbedtls_printf( " failed\n  ! Could not open or read %s\n\n", argv[2] );
145         goto exit;
146     }
147 
148     if( ( ret = mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256, hash, 0,
149                            buf, i ) ) != 0 )
150     {
151         mbedtls_printf( " failed\n  ! mbedtls_pk_verify returned -0x%04x\n", -ret );
152         goto exit;
153     }
154 
155     mbedtls_printf( "\n  . OK (the signature is valid)\n\n" );
156 
157     exit_code = MBEDTLS_EXIT_SUCCESS;
158 
159 exit:
160     mbedtls_pk_free( &pk );
161 
162 #if defined(MBEDTLS_ERROR_C)
163     if( exit_code != MBEDTLS_EXIT_SUCCESS )
164     {
165         mbedtls_strerror( ret, (char *) buf, sizeof(buf) );
166         mbedtls_printf( "  !  Last error was: %s\n", buf );
167     }
168 #endif
169 
170 #if defined(_WIN32)
171     mbedtls_printf( "  + Press Enter to exit this program.\n" );
172     fflush( stdout ); getchar();
173 #endif
174 
175     mbedtls_exit( exit_code );
176 }
177 #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_SHA256_C &&
178           MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO */
179