Untitled

//
// Created by Jack Wang on 2019-07-11.
//
#include <stdio.h>
#include <string.h>
#include <openssl/evp.h>
#include <openssl/rsa.h>
#include <openssl/objects.h>
#include <openssl/x509.h>
#include <openssl/err.h>
#include <openssl/pem.h>
#include <openssl/ssl.h>

#define MAX_LEN  4096
#define MAX_NAME_LEN 20

int main(int argc, char **argv)
{
    int err;
    unsigned int sig_len;
    unsigned char sig_buff[MAX_LEN];
    static char pubic_key[] = "public_key.pem";
    static char private_key[] = "private_key.pem";
    static char raw_data[] = "raw_data.txt";
    char *hash_name, *key, *file_format, *input_file, *output_file;
    EVP_MD_CTX md_ctx;
    const EVP_MD  *md;
    EVP_PKEY *pkey;
    FILE *fp;

    ERR_load_crypto_strings();

    if (argc != 11)
    {
        fprintf(stderr, "参数个数有误\n");
        printf("usage: ./RSA_Sig -d SHA256 -k signer.pem -i input.txt -f BASE64 -out sig.txt\n"
               "支持命令行参数:\n"
               "-d/--digest 摘要算法（包括 SHA1 | SHA256 | SHA512， default SHA256）\n"
               "-k/--key 私钥文件（能自动适应 PEM 和 DER 格式）\n"
               "-i/--input 输入文件\n"
               "-o/--output 输出文件\n"
               "-f/--format 输出/输入格式，包括 binary | hex | base64，default binary\n"
               "-h/--help 显示使用帮助\n");
    }

    hash_name = argv[2];
    key = argv[4];
    file_format = argv[6];
    input_file = argv[8];
    output_file = argv[argc - 1];

    printf("hash name:   %s\n"
           "key:         %s\n"
           "file format: %s\n"
           "input file:  %s\n"
           "output file: %s\n",
           hash_name, key, file_format, input_file, output_file);

//    read private key
    fp = fopen(private_key, "r");
    if (fp == NULL)
        exit(EXIT_FAILURE);
    pkey = PEM_read_PrivateKey(fp, NULL, NULL, NULL);
    fclose(fp);

    if (pkey == NULL)
    {
        ERR_print_errors_fp(stderr);
        exit(EXIT_FAILURE);
    }

 /* select a digest algorithm ,include SHA1 | SHA256 | SHA512，
  default SHA256, get digest algorithm  md
    */
    if (strncmp(hash_name, "SHA1", MAX_NAME_LEN) == 0)
        md = EVP_sha1();
    else if ( (strncmp(hash_name, "SHA512", MAX_NAME_LEN) == 0))
        md = EVP_sha512();
    else
        md = EVP_sha256();

//    do the signature
    EVP_SignInit(&md_ctx, md);
    EVP_SignUpdate(&md_ctx, raw_data, strlen(raw_data));
    sig_len = sizeof(sig_buff);
    err = EVP_SignFinal(&md_ctx, sig_buff, &sig_len, pkey);
    EVP_PKEY_free(pkey);

    printf("Signature succeed.\n");
    printf("Signature: %s\n", sig_buff);

//    read public key
    fp = fopen(pubic_key, "r");
    if (fp == NULL)
        exit(EXIT_FAILURE);
    pkey = PEM_read_PUBKEY(fp, NULL, NULL, NULL);
    fclose(fp);
    if (pkey == NULL)
    {
        ERR_print_errors_fp(stderr);
        exit(EXIT_FAILURE);
    }

//    Verify the signature
    EVP_VerifyInit(&md_ctx, md);
    EVP_VerifyUpdate(&md_ctx, raw_data, strlen(raw_data));
    err = EVP_VerifyFinal(&md_ctx, sig_buff, sig_len, pkey);
    EVP_PKEY_free(pkey);

    if (err != 1)
    {
        ERR_print_errors_fp(stderr);
        exit(EXIT_FAILURE);
    }
    printf("Signature Verified Success.\n");

    return EXIT_SUCCESS;
}