7 * GDSS The Generic Digital Signature Service
9 * rgdss.c: Raw signature signing and verification routines.
19 int gdss_rsign(signature, hash, name, instance, realm, key)
20 unsigned char *signature;
27 unsigned char *cp, *ip;
34 for (loopcnt = 0; loopcnt < 10; loopcnt++) {
36 for (i = 0; i < 16; i++)
38 *cp++ = 0x44; /* Version Number */
39 ip = (unsigned char *) name;
40 while (*cp++ = *ip++);
41 ip = (unsigned char *) instance;
42 while (*cp++ = *ip++);
43 ip = (unsigned char *) realm;
44 while (*cp++ = *ip++);
46 *cp++ = ((the_time) >> 24) & 0xff;
47 *cp++ = ((the_time) >> 16) & 0xff;
48 *cp++ = ((the_time) >> 8) & 0xff;
49 *cp++ = the_time & 0xff;
50 if(!RSASign(signature, cp - signature, key, &signature[cp - signature],
51 &siglen)) return (-1);
52 status = gdss_rpadout(&signature[16], cp - signature + siglen - 16);
53 if ((status == GDSS_SUCCESS) || (status != GDSS_E_PADTOOMANY)) {
56 while (*cp++ = *ip++); /* shuffle over hash */
59 sleep(1); /* Allow time to change */
61 return (GDSS_E_PADTOOMANY);
64 /* gdss_rpadout: Remove null bytes from signature by replacing them with
65 the sequence GDSS_ESCAPE, GDSS_NULL. Keep track of how much bigger
66 the signature block is getting and abort if too many bytes (more than
67 GDSS_PAD) would be required.
70 int gdss_rpadout(signature, siglen)
71 unsigned char *signature;
74 register unsigned char *cp;
75 register unsigned char *bp;
79 buf = (unsigned char *)malloc(siglen + GDSS_PAD + 1); /* 1 for the null! */
80 if (buf == NULL) return (GDSS_E_ALLOC);
81 memset(buf, 0, siglen + GDSS_PAD + 1); /* Just to be safe */
85 for (i = 0; i < siglen; i++) {
86 if ((*cp != '\0') && (*cp != GDSS_ESCAPE)) {
91 free(buf); /* Don't have to zeroize, nothing
93 return (GDSS_E_PADTOOMANY);
96 *bp++ = (*cp == '\0') ? GDSS_NULL : GDSS_ESCAPE;
99 *bp++ = '\0'; /* Null Terminate */
100 memcpy(signature, buf, bp - buf);
102 return (GDSS_SUCCESS);
105 int gdss_rpadin(signature, outlen)
106 unsigned char *signature;
110 register unsigned char *cp;
111 register unsigned char *bp;
112 buf = (unsigned char *) malloc(strlen(signature));
113 if (buf == NULL) return (GDSS_E_ALLOC);
117 if (*cp != GDSS_ESCAPE) {
121 if (*(++cp) == GDSS_NULL) {
123 } else *bp++ = GDSS_ESCAPE;
127 memcpy(signature, buf, *outlen);
129 return (GDSS_SUCCESS);
132 int gdss_rverify(isignature, hash, name, instance,
133 realm, key, the_time, rawsig)
134 unsigned char *isignature;
140 unsigned int *the_time;
141 unsigned char *rawsig;
148 unsigned char *signature;
150 if (*isignature != 0x44) return (GDSS_E_BVERSION); /* Bad Version */
152 signature = (unsigned char *) malloc (strlen(isignature) + 17);
153 /* Length of input signature + null byte + 16 bytes of hash */
154 strcpy(&signature[16], isignature);
156 status = gdss_rpadin(&signature[16], &siglen);
157 if (status) return (status);
159 siglen += 16; /* Account for the hash */
161 for (i = 0; i < 16; i++)
163 if (*cp++ != 0x44) return (GDSS_E_BVERSION); /* Bad Version */
165 while ((*ip++ = *cp++) && (ip < name + ANAME_SZ));
167 while ((*ip++ = *cp++) && (ip < instance + INST_SZ));
169 while ((*ip++ = *cp++) && (ip < realm + REALM_SZ));
171 *the_time |= *cp++ << 24;
172 *the_time |= *cp++ << 16;
173 *the_time |= *cp++ << 8;
175 if(!RSAVerify(signature, cp - signature, key, &signature[cp - signature],
176 siglen - (cp - signature))) {
178 return (GDSS_E_BADSIG);
180 if (rawsig == NULL) {
182 return (GDSS_SUCCESS);
184 memcpy(rawsig, &signature[cp - signature], siglen - (cp - signature));
185 status = gdss_rpadout(rawsig, siglen - (cp - signature));
190 gdss_recompose(aSigInfo, signature)
192 unsigned char *signature;
194 register unsigned char *ip;
195 register unsigned char *cp;
196 unsigned char *isignature;
200 isignature = (unsigned char *) malloc(strlen(aSigInfo->rawsig) + 1);
201 if (isignature == NULL) return (GDSS_E_ALLOC);
202 strcpy(isignature, aSigInfo->rawsig);
203 status = gdss_rpadin(isignature, &siglen);
210 *cp++ = 0x44; /* Version */
211 ip = (unsigned char *) aSigInfo->pname;
212 while (*cp++ = *ip++);
213 ip = (unsigned char *) aSigInfo->pinst;
214 while (*cp++ = *ip++);
215 ip = (unsigned char *) aSigInfo->prealm;
216 while (*cp++ = *ip++);
217 *cp++ = ((aSigInfo->timestamp) >> 24) & 0xff;
218 *cp++ = ((aSigInfo->timestamp) >> 16) & 0xff;
219 *cp++ = ((aSigInfo->timestamp) >> 8) & 0xff;
220 *cp++ = aSigInfo->timestamp & 0xff;
221 memcpy(cp, isignature, siglen);
223 return(gdss_rpadout(signature, cp - signature + siglen));