wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Implementation of pkey_rsa_verify. Some constification.

Browse source
This commit is contained in:
Dr. Stephen Henson 2006-04-10 01:06:17 +00:00
parent 9befdf1d20
commit 4f59b6587f
4 changed files with 62 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
crypto/rsa/rsa.h
View file

@ -117,7 +117,8 @@ struct rsa_meth_st
unsigned char *sigret, unsigned int *siglen, const RSA *rsa);
int (*rsa_verify)(int dtype,
const unsigned char *m, unsigned int m_length,
unsigned char *sigbuf, unsigned int siglen, const RSA *rsa);
const unsigned char *sigbuf, unsigned int siglen,
const RSA *rsa);
/* If this callback is NULL, the builtin software RSA key-gen will be used. This
* is for behavioural compatibility whilst the code gets rewired, but one day
* it would be nice to assume there are no such things as "builtin software"
@ -281,7 +282,7 @@ RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length,
int RSA_sign(int type, const unsigned char *m, unsigned int m_length,
unsigned char *sigret, unsigned int *siglen, RSA *rsa);
int RSA_verify(int type, const unsigned char *m, unsigned int m_length,
unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
const unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
/* The following 2 function sign and verify a ASN1_OCTET_STRING
* object inside PKCS#1 padded RSA encryption */

63
crypto/rsa/rsa_pmeth.c
View file

@ -77,7 +77,7 @@ typedef struct
BIGNUM *pub_exp;
/* RSA padding mode */
int pad_mode;
/* nid for message digest */
/* message digest */
const EVP_MD *md;
/* Temp buffer */
unsigned char *tbuf;
@ -154,6 +154,9 @@ static int pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, int *siglen,
ret = RSA_sign(EVP_MD_type(rctx->md),
tbs, tbslen, sig, &sltmp,
ctx->pkey->pkey.rsa);
if (ret <= 0)
return ret;
ret = sltmp;
}
else
return -1;
@ -169,8 +172,8 @@ static int pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, int *siglen,
static int pkey_rsa_verifyrecover(EVP_PKEY_CTX *ctx,
unsigned char *sig, int *siglen,
const unsigned char *tbs, int tbslen)
unsigned char *rout, int *routlen,
const unsigned char *sig, int siglen)
{
int ret;
RSA_PKEY_CTX *rctx = ctx->data;
@ -181,7 +184,7 @@ static int pkey_rsa_verifyrecover(EVP_PKEY_CTX *ctx,
{
if (!setup_tbuf(rctx, ctx))
return -1;
ret = RSA_public_decrypt(tbslen, tbs,
ret = RSA_public_decrypt(siglen, sig,
rctx->tbuf, ctx->pkey->pkey.rsa,
RSA_X931_PADDING);
if (ret < 1)
@ -200,27 +203,66 @@ static int pkey_rsa_verifyrecover(EVP_PKEY_CTX *ctx,
RSA_R_INVALID_DIGEST_LENGTH);
return 0;
}
memcpy(sig, rctx->tbuf, ret);
if (rout)
memcpy(rout, rctx->tbuf, ret);
}
else if (rctx->pad_mode == RSA_PKCS1_PADDING)
{
unsigned int sltmp;
ret = int_rsa_verify(EVP_MD_type(rctx->md),
NULL, 0, sig, &sltmp,
tbs, tbslen, ctx->pkey->pkey.rsa);
NULL, 0, rout, &sltmp,
sig, siglen, ctx->pkey->pkey.rsa);
}
else
return -1;
}
else
ret = RSA_public_decrypt(tbslen, tbs, sig, ctx->pkey->pkey.rsa,
ret = RSA_public_decrypt(siglen, sig, rout, ctx->pkey->pkey.rsa,
rctx->pad_mode);
if (ret < 0)
return ret;
*siglen = ret;
*routlen = ret;
return 1;
}
static int pkey_rsa_verify(EVP_PKEY_CTX *ctx,
const unsigned char *sig, int siglen,
const unsigned char *tbs, int tbslen)
{
RSA_PKEY_CTX *rctx = ctx->data;
int rslen;
if (rctx->md)
{
if (rctx->pad_mode == RSA_PKCS1_PADDING)
return RSA_verify(EVP_MD_type(rctx->md), tbs, tbslen,
sig, siglen, ctx->pkey->pkey.rsa);
if (rctx->pad_mode == RSA_X931_PADDING)
{
if (pkey_rsa_verifyrecover(ctx, NULL, &rslen,
sig, siglen) <= 0)
return 0;
}
else
return -1;
}
else
{
if (!setup_tbuf(rctx, ctx))
return -1;
rslen = RSA_public_decrypt(siglen, sig, rctx->tbuf,
ctx->pkey->pkey.rsa, rctx->pad_mode);
if (rslen <= 0)
return 0;
}
if ((rslen != tbslen) || memcmp(tbs, rctx->tbuf, rslen))
return 0;
return 1;
}
static int pkey_rsa_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, int *outlen,
const unsigned char *in, int inlen)
{
@ -341,7 +383,8 @@ const EVP_PKEY_METHOD rsa_pkey_meth =
0,
pkey_rsa_sign,
0,0,
0,
pkey_rsa_verify,
0,
pkey_rsa_verifyrecover,

4
crypto/rsa/rsa_sign.c
View file

@ -144,7 +144,7 @@ int RSA_sign(int type, const unsigned char *m, unsigned int m_len,
int int_rsa_verify(int dtype, const unsigned char *m, unsigned int m_len,
unsigned char *rm, unsigned int *prm_len,
unsigned char *sigbuf, unsigned int siglen,
const unsigned char *sigbuf, unsigned int siglen,
RSA *rsa)
{
int i,ret=0,sigtype;
@ -252,7 +252,7 @@ err:
}
int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len,
unsigned char *sigbuf, unsigned int siglen,
const unsigned char *sigbuf, unsigned int siglen,
RSA *rsa)
{

7
engines/e_4758cca.c
View file

@ -92,7 +92,7 @@ static int cca_rsa_priv_dec(int flen, const unsigned char *from,
static int cca_rsa_sign(int type, const unsigned char *m, unsigned int m_len,
unsigned char *sigret, unsigned int *siglen, const RSA *rsa);
static int cca_rsa_verify(int dtype, const unsigned char *m, unsigned int m_len,
unsigned char *sigbuf, unsigned int siglen, const RSA *rsa);
const unsigned char *sigbuf, unsigned int siglen, const RSA *rsa);
/* utility functions */
/*-----------------------*/
@ -618,7 +618,7 @@ static int cca_rsa_priv_dec(int flen, const unsigned char *from,
#define SSL_SIG_LEN 36
static int cca_rsa_verify(int type, const unsigned char *m, unsigned int m_len,
unsigned char *sigbuf, unsigned int siglen, const RSA *rsa)
const unsigned char *sigbuf, unsigned int siglen, const RSA *rsa)
{
long returnCode;
long reasonCode;
@ -727,7 +727,8 @@ static int cca_rsa_verify(int type, const unsigned char *m, unsigned int m_len,
digitalSignatureVerify(&returnCode, &reasonCode, &exitDataLength,
exitData, &ruleArrayLength, ruleArray, &keyTokenLength,
keyToken, &length, hashBuffer, &lsiglen, sigbuf);
keyToken, &length, hashBuffer, &lsiglen,
(unsigned char *)sigbuf);
if (type == NID_sha1 || type == NID_md5)
{