Mercurial > dropbear
comparison libtomcrypt/src/pk/pkcs1/pkcs_1_pss_decode.c @ 382:0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
to branch 'au.asn.ucc.matt.dropbear' (head 02c413252c90e9de8e03d91e9939dde3029f5c0a)
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Thu, 11 Jan 2007 02:41:05 +0000 |
parents | 1b9e69c058d2 |
children | f849a5ca2efc |
comparison
equal
deleted
inserted
replaced
379:b66a00272a90 | 382:0cbe8f6dbf9e |
---|---|
4 * algorithms in a highly modular and flexible manner. | 4 * algorithms in a highly modular and flexible manner. |
5 * | 5 * |
6 * The library is free for all purposes without any express | 6 * The library is free for all purposes without any express |
7 * guarantee it works. | 7 * guarantee it works. |
8 * | 8 * |
9 * Tom St Denis, [email protected], http://libtomcrypt.org | 9 * Tom St Denis, [email protected], http://libtomcrypt.com |
10 */ | 10 */ |
11 #include "tomcrypt.h" | 11 #include "tomcrypt.h" |
12 | 12 |
13 /** | 13 /** |
14 @file pkcs_1_pss_decode.c | 14 @file pkcs_1_pss_decode.c |
80 return CRYPT_MEM; | 80 return CRYPT_MEM; |
81 } | 81 } |
82 | 82 |
83 /* ensure the 0xBC byte */ | 83 /* ensure the 0xBC byte */ |
84 if (sig[siglen-1] != 0xBC) { | 84 if (sig[siglen-1] != 0xBC) { |
85 err = CRYPT_OK; | 85 err = CRYPT_INVALID_PACKET; |
86 goto LBL_ERR; | 86 goto LBL_ERR; |
87 } | 87 } |
88 | 88 |
89 /* copy out the DB */ | 89 /* copy out the DB */ |
90 x = 0; | 90 x = 0; |
95 XMEMCPY(hash, sig + x, hLen); | 95 XMEMCPY(hash, sig + x, hLen); |
96 x += hLen; | 96 x += hLen; |
97 | 97 |
98 /* check the MSB */ | 98 /* check the MSB */ |
99 if ((sig[0] & ~(0xFF >> ((modulus_len<<3) - (modulus_bitlen-1)))) != 0) { | 99 if ((sig[0] & ~(0xFF >> ((modulus_len<<3) - (modulus_bitlen-1)))) != 0) { |
100 err = CRYPT_OK; | 100 err = CRYPT_INVALID_PACKET; |
101 goto LBL_ERR; | 101 goto LBL_ERR; |
102 } | 102 } |
103 | 103 |
104 /* generate mask of length modulus_len - hLen - 1 from hash */ | 104 /* generate mask of length modulus_len - hLen - 1 from hash */ |
105 if ((err = pkcs_1_mgf1(hash, hLen, hash_idx, mask, modulus_len - hLen - 1)) != CRYPT_OK) { | 105 if ((err = pkcs_1_mgf1(hash_idx, hash, hLen, mask, modulus_len - hLen - 1)) != CRYPT_OK) { |
106 goto LBL_ERR; | 106 goto LBL_ERR; |
107 } | 107 } |
108 | 108 |
109 /* xor against DB */ | 109 /* xor against DB */ |
110 for (y = 0; y < (modulus_len - hLen - 1); y++) { | 110 for (y = 0; y < (modulus_len - hLen - 1); y++) { |
117 /* DB = PS || 0x01 || salt, PS == modulus_len - saltlen - hLen - 2 zero bytes */ | 117 /* DB = PS || 0x01 || salt, PS == modulus_len - saltlen - hLen - 2 zero bytes */ |
118 | 118 |
119 /* check for zeroes and 0x01 */ | 119 /* check for zeroes and 0x01 */ |
120 for (x = 0; x < modulus_len - saltlen - hLen - 2; x++) { | 120 for (x = 0; x < modulus_len - saltlen - hLen - 2; x++) { |
121 if (DB[x] != 0x00) { | 121 if (DB[x] != 0x00) { |
122 err = CRYPT_OK; | 122 err = CRYPT_INVALID_PACKET; |
123 goto LBL_ERR; | 123 goto LBL_ERR; |
124 } | 124 } |
125 } | 125 } |
126 | 126 |
127 /* check for the 0x01 */ | 127 /* check for the 0x01 */ |
128 if (DB[x++] != 0x01) { | 128 if (DB[x++] != 0x01) { |
129 err = CRYPT_OK; | 129 err = CRYPT_INVALID_PACKET; |
130 goto LBL_ERR; | 130 goto LBL_ERR; |
131 } | 131 } |
132 | 132 |
133 /* M = (eight) 0x00 || msghash || salt, mask = H(M) */ | 133 /* M = (eight) 0x00 || msghash || salt, mask = H(M) */ |
134 if ((err = hash_descriptor[hash_idx].init(&md)) != CRYPT_OK) { | 134 if ((err = hash_descriptor[hash_idx].init(&md)) != CRYPT_OK) { |
147 if ((err = hash_descriptor[hash_idx].done(&md, mask)) != CRYPT_OK) { | 147 if ((err = hash_descriptor[hash_idx].done(&md, mask)) != CRYPT_OK) { |
148 goto LBL_ERR; | 148 goto LBL_ERR; |
149 } | 149 } |
150 | 150 |
151 /* mask == hash means valid signature */ | 151 /* mask == hash means valid signature */ |
152 if (memcmp(mask, hash, hLen) == 0) { | 152 if (XMEMCMP(mask, hash, hLen) == 0) { |
153 *res = 1; | 153 *res = 1; |
154 } | 154 } |
155 | 155 |
156 err = CRYPT_OK; | 156 err = CRYPT_OK; |
157 LBL_ERR: | 157 LBL_ERR: |
171 } | 171 } |
172 | 172 |
173 #endif /* PKCS_1 */ | 173 #endif /* PKCS_1 */ |
174 | 174 |
175 /* $Source: /cvs/libtom/libtomcrypt/src/pk/pkcs1/pkcs_1_pss_decode.c,v $ */ | 175 /* $Source: /cvs/libtom/libtomcrypt/src/pk/pkcs1/pkcs_1_pss_decode.c,v $ */ |
176 /* $Revision: 1.4 $ */ | 176 /* $Revision: 1.9 $ */ |
177 /* $Date: 2005/05/05 14:35:59 $ */ | 177 /* $Date: 2006/11/30 02:37:21 $ */ |