7 * GDSS The Generic Digital Signature Service
9 * rgdss.c: Raw signature signing and verification routines.
19 int gdss_rsign(signature, hash, name, instance, realm, key)
20 unsigned char *signature;
27 unsigned char *cp, *ip;
34 for (loopcnt = 0; loopcnt < 10; loopcnt++) {
36 for (i = 0; i < 16; i++)
38 *cp++ = 0x44; /* Version Number */
39 ip = (unsigned char *) name;
40 while (*cp++ = *ip++);
41 ip = (unsigned char *) instance;
42 while (*cp++ = *ip++);
43 ip = (unsigned char *) realm;
44 while (*cp++ = *ip++);
46 *cp++ = ((the_time) >> 24) & 0xff;
47 *cp++ = ((the_time) >> 16) & 0xff;
48 *cp++ = ((the_time) >> 8) & 0xff;
49 *cp++ = the_time & 0xff;
50 if(!RSASign(signature, cp - signature, key, &signature[cp - signature],
51 &siglen)) return (-1);
52 status = gdss_rpadout(&signature[16], cp - signature + siglen - 16);
53 if ((status == GDSS_SUCCESS) || (status != GDSS_E_PADTOOMANY)) {
56 while (*cp++ = *ip++); /* shuffle over hash */
59 sleep(1); /* Allow time to change */
61 return (GDSS_E_PADTOOMANY);
64 /* gdss_rpadout: Remove null bytes from signature by replacing them with
65 the sequence GDSS_ESCAPE, GDSS_NULL. Keep track of how much bigger
66 the signature block is getting and abort if too many bytes (more than
67 GDSS_PAD) would be required.
70 int gdss_rpadout(signature, siglen)
71 unsigned char *signature;
74 register unsigned char *cp;
75 register unsigned char *bp;
79 buf = (unsigned char *)malloc(siglen + GDSS_PAD + 1); /* 1 for the null! */
80 if (buf == NULL) return (GDSS_E_ALLOC);
81 memset(buf, 0, siglen + GDSS_PAD + 1); /* Just to be safe */
85 for (i = 0; i < siglen; i++) {
86 if ((*cp != '\0') && (*cp != GDSS_ESCAPE)) {
91 free(buf); /* Don't have to zeroize, nothing
93 return (GDSS_E_PADTOOMANY);
96 *bp++ = (*cp == '\0') ? GDSS_NULL : GDSS_ESCAPE;
99 *bp++ = '\0'; /* Null Terminate */
100 memcpy(signature, buf, bp - buf);
102 return (GDSS_SUCCESS);
105 int gdss_rpadin(signature, outlen)
106 unsigned char *signature;
110 register unsigned char *cp;
111 register unsigned char *bp;
112 buf = (unsigned char *) malloc(strlen(signature));
113 if (buf == NULL) return (GDSS_E_ALLOC);
117 if (*cp != GDSS_ESCAPE) {
121 if (*(++cp) == GDSS_NULL) {
123 } else *bp++ = GDSS_ESCAPE;
127 memcpy(signature, buf, *outlen);
129 return (GDSS_SUCCESS);
132 int gdss_rverify(isignature, hash, name, instance,
133 realm, key, the_time, rawsig)
134 unsigned char *isignature;
140 unsigned int *the_time;
141 unsigned char *rawsig;
143 unsigned char *cp, *ip;
147 unsigned char *signature;
149 if (*isignature != 0x44) return (GDSS_E_BVERSION); /* Bad Version */
151 signature = (unsigned char *) malloc (strlen(isignature) + 17);
152 /* Length of input signature + null byte + 16 bytes of hash */
153 strcpy(&signature[16], isignature);
155 status = gdss_rpadin(&signature[16], &siglen);
156 if (status) return (status);
158 siglen += 16; /* Account for the hash */
160 for (i = 0; i < 16; i++)
162 if (*cp++ != 0x44) return (GDSS_E_BVERSION); /* Bad Version */
163 ip = (unsigned char *) name;
164 while (*ip++ = *cp++);
165 ip = (unsigned char *) instance;
166 while (*ip++ = *cp++);
167 ip = (unsigned char *) realm;
168 while (*ip++ = *cp++);
170 *the_time |= *cp++ << 24;
171 *the_time |= *cp++ << 16;
172 *the_time |= *cp++ << 8;
174 if(!RSAVerify(signature, cp - signature, key, &signature[cp - signature],
175 siglen - (cp - signature))) {
177 return (GDSS_E_BADSIG);
179 if (rawsig == NULL) {
181 return (GDSS_SUCCESS);
183 memcpy(rawsig, &signature[cp - signature], siglen - (cp - signature));
184 status = gdss_rpadout(rawsig, siglen - (cp - signature));
189 gdss_recompose(aSigInfo, signature)
191 unsigned char *signature;
193 register unsigned char *ip;
194 register unsigned char *cp;
195 unsigned char *isignature;
199 isignature = (unsigned char *) malloc(strlen(aSigInfo->rawsig) + 1);
200 if (isignature == NULL) return (GDSS_E_ALLOC);
201 strcpy(isignature, aSigInfo->rawsig);
202 status = gdss_rpadin(isignature, &siglen);
209 *cp++ = 0x44; /* Version */
210 ip = (unsigned char *) aSigInfo->pname;
211 while (*cp++ = *ip++);
212 ip = (unsigned char *) aSigInfo->pinst;
213 while (*cp++ = *ip++);
214 ip = (unsigned char *) aSigInfo->prealm;
215 while (*cp++ = *ip++);
216 *cp++ = ((aSigInfo->timestamp) >> 24) & 0xff;
217 *cp++ = ((aSigInfo->timestamp) >> 16) & 0xff;
218 *cp++ = ((aSigInfo->timestamp) >> 8) & 0xff;
219 *cp++ = aSigInfo->timestamp & 0xff;
220 memcpy(cp, isignature, siglen);
222 return(gdss_rpadout(signature, cp - signature + siglen));