RSASSA PKCS1 v1.5

RSASSA-PKCS1-v1_5 as defined by PKCS #1 V2.1: RSA Cryptography Standard.

SHA-256 is the underlying hash function

reference

• https://www.bmt-online.org/geekisms/RSA_verify
• https://www.openssl.org/docs/manmaster/man3/RSA_sign.html
• https://www.openssl.org/docs/man1.1.0/crypto/RSA_size.html
• https://www.openssl.org/docs/man1.0.2/crypto/BIO_s_mem.html
• https://www.openssl.org/docs/man1.1.0/crypto/PEM_read_bio_RSAPrivateKey.html

#include <string.h>

#include <glib.h>

#include <openssl/err.h> //for ERR_error_string()

#include <openssl/sha.h> //for SHA256_DIGEST_LENGTH

#include <openssl/bio.h>

#include <openssl/pem.h>

static void sign (guint8 **signature, gint *signature_len, const gchar *message)

{

    gint i;

    gint ret;

    gint siglen;

    guint8 *sigret;

    guint8 message_hash[SHA256_DIGEST_LENGTH];

    BIO *bio;

    RSA *rsa_private_key;

    /* see http://phpseclib.sourceforge.net/rsa/examples.html for the sample key */

    gchar base64_private_key[] = "-----BEGIN RSA PRIVATE KEY-----\n"

       "MIICXAIBAAKBgQCqGKukO1De7zhZj6+H0qtjTkVxwTCpvKe4eCZ0FPqri0cb2JZfXJ/DgYSF6vUp"

       "wmJG8wVQZKjeGcjDOL5UlsuusFncCzWBQ7RKNUSesmQRMSGkVb1/3j+skZ6UtW+5u09lHNsj6tQ5"

       "1s1SPrCBkedbNf0Tp0GbMJDyR4e9T04ZZwIDAQABAoGAFijko56+qGyN8M0RVyaRAXz++xTqHBLh"

       "3tx4VgMtrQ+WEgCjhoTwo23KMBAuJGSYnRmoBZM3lMfTKevIkAidPExvYCdm5dYq3XToLkkLv5L2"

       "pIIVOFMDG+KESnAFV7l2c+cnzRMW0+b6f8mR1CJzZuxVLL6Q02fvLi55/mbSYxECQQDeAw6fiIQX"

       "GukBI4eMZZt4nscy2o12KyYner3VpoeE+Np2q+Z3pvAMd/aNzQ/W9WaI+NRfcxUJrmfPwIGm63il"

       "AkEAxCL5HQb2bQr4ByorcMWm/hEP2MZzROV73yF41hPsRC9m66KrheO9HPTJuo3/9s5p+sqGxOlF"

       "L0NDt4SkosjgGwJAFklyR1uZ/wPJjj611cdBcztlPdqoxssQGnh85BzCj/u3WqBpE2vjvyyvyI5k"

       "X6zk7S0ljKtt2jny2+00VsBerQJBAJGC1Mg5Oydo5NwD6BiROrPxGo2bpTbu/fhrT8ebHkTz2epl"

       "U9VQQSQzY1oZMVX8i1m5WUTLPz2yLJIBQVdXqhMCQBGoiuSoSjafUhV7i1cEGpb88h5NBYZzWXGZ"

       "37sJ5QsW+sJyoNde3xH8vdXhzU7eT82D6X/scw9RZz+/6rCJ4p0=\n"

       "-----END RSA PRIVATE KEY-----\n";

    bio = BIO_new_mem_buf (base64_private_key, -1);

    rsa_private_key = PEM_read_bio_RSAPrivateKey (bio, NULL, NULL, NULL);

    BIO_free (bio);

    if (rsa_private_key == NULL) {

         g_error ("fail PEM_read_bio_RSAPrivateKey: %s",

                  ERR_error_string (ERR_peek_last_error (), NULL));

         return;

    }

    SHA256 (message, strlen (message), message_hash);

    sigret = g_malloc (RSA_size (rsa_private_key));

    ret = RSA_sign (NID_sha256, message_hash, SHA256_DIGEST_LENGTH,

                    sigret, &siglen, rsa_private_key);

    if (ret != 1) {

         g_error ("fail RSA_sign: %s",

                  ERR_error_string (ERR_peek_last_error (), NULL));

         return;

    }

    g_print ("RSA_sign: ");

    for (i = 0; i < siglen; i++) {

        g_print ("%.2X ", sigret[i]);

    }

    g_print ("\n");

    *signature = sigret;

    *signature_len = siglen;

}

static void verify (const guint8 *signature, const gint signature_len, const gchar *message)

{

    gint ret;

    gint siglen;

    guint8 *sigret;

    guint8 message_hash[SHA256_DIGEST_LENGTH];

    BIO *bio;

    RSA *rsa_public_key;

    /* see http://phpseclib.sourceforge.net/rsa/examples.html for the sample key */

    gchar base64_public_key[] = "-----BEGIN PUBLIC KEY-----\n"

       "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqGKukO1De7zhZj6+H0qtjTkVxwTCpvKe4eCZ0"

       "FPqri0cb2JZfXJ/DgYSF6vUpwmJG8wVQZKjeGcjDOL5UlsuusFncCzWBQ7RKNUSesmQRMSGkVb1/"

       "3j+skZ6UtW+5u09lHNsj6tQ51s1SPrCBkedbNf0Tp0GbMJDyR4e9T04ZZwIDAQAB\n"

       "-----END PUBLIC KEY-----\n";

    /*

     * If you know the mod and exp, you can make the rsa key like below.

     *   rsa_public_key = RSA_new ();

     *   rsa_public_key->n = BN_bin2bn (PUB_MOD_N, PUB_MOD_N_SIZE, NULL);

     *   rsa_public_key->e = BN_bin2bn (PUB_EXP_E, PUB_EXP_E_SIZE, NULL);

     */

    bio = BIO_new_mem_buf (base64_public_key, -1);

    rsa_public_key = PEM_read_bio_RSA_PUBKEY (bio, NULL, NULL, NULL);

    BIO_free (bio);

    if (rsa_public_key == NULL) {

         g_error ("fail PEM_read_bio_RSA_PUBKEY: %s",

                  ERR_error_string (ERR_peek_last_error (), NULL));

         return;

    }

    SHA256 (message, strlen (message), message_hash);

    sigret = g_malloc (RSA_size (rsa_public_key));

    ret = RSA_verify (NID_sha256, message_hash, SHA256_DIGEST_LENGTH,

                      signature, signature_len, rsa_public_key);

    if (ret != 1) {

         g_error ("fail RSA_verify: %s",

                  ERR_error_string (ERR_peek_last_error (), NULL));

         return;

    }

    g_print ("RSA_verify success\n");

}

void main (void)

{

    guint8 *signature = NULL;

    gint signature_len;

    sign (&signature, &signature_len, "aaa");

    verify (signature, signature_len, "aaa");

    g_free (signature);

}