Mercurial > dropbear

comparison libtomcrypt/src/pk/dsa/dsa_verify_hash.c @ 511:582cb38e4eb5 insecure-nocrypto

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
propagate from branch 'au.asn.ucc.matt.dropbear' (head cdcc3c729e29544e8b98a408e2dc60e4483dfd2a) to branch 'au.asn.ucc.matt.dropbear.insecure-nocrypto' (head 0ca38a1cf349f7426ac9de34ebe4c3e3735effab)
author Matt Johnston <matt@ucc.asn.au>
date Thu, 06 Nov 2008 13:16:55 +0000
parents 0cbe8f6dbf9e
children f849a5ca2efc
comparison
equal deleted inserted replaced
361:461c4b1fb35f 511:582cb38e4eb5
4 * algorithms in a highly modular and flexible manner. 4 * algorithms in a highly modular and flexible manner.
5 * 5 *
6 * The library is free for all purposes without any express 6 * The library is free for all purposes without any express
7 * guarantee it works. 7 * guarantee it works.
8 * 8 *
9 * Tom St Denis, [email protected], http://libtomcrypt.org 9 * Tom St Denis, [email protected], http://libtomcrypt.com
10 */ 10 */
11 #include "tomcrypt.h" 11 #include "tomcrypt.h"
12 12
13 /** 13 /**
14 @file dsa_verify_hash.c 14 @file dsa_verify_hash.c
26 @param hashlen The length of the hash that was signed 26 @param hashlen The length of the hash that was signed
27 @param stat [out] The result of the signature verification, 1==valid, 0==invalid 27 @param stat [out] The result of the signature verification, 1==valid, 0==invalid
28 @param key The corresponding public DH key 28 @param key The corresponding public DH key
29 @return CRYPT_OK if successful (even if the signature is invalid) 29 @return CRYPT_OK if successful (even if the signature is invalid)
30 */ 30 */
31 int dsa_verify_hash_raw( mp_int *r, mp_int *s, 31 int dsa_verify_hash_raw( void *r, void *s,
32 const unsigned char *hash, unsigned long hashlen, 32 const unsigned char *hash, unsigned long hashlen,
33 int *stat, dsa_key *key) 33 int *stat, dsa_key *key)
34 { 34 {
35 mp_int w, v, u1, u2; 35 void *w, *v, *u1, *u2;
36 int err; 36 int err;
37 37
38 LTC_ARGCHK(r != NULL); 38 LTC_ARGCHK(r != NULL);
39 LTC_ARGCHK(s != NULL); 39 LTC_ARGCHK(s != NULL);
40 LTC_ARGCHK(stat != NULL); 40 LTC_ARGCHK(stat != NULL);
42 42
43 /* default to invalid signature */ 43 /* default to invalid signature */
44 *stat = 0; 44 *stat = 0;
45 45
46 /* init our variables */ 46 /* init our variables */
47 if ((err = mp_init_multi(&w, &v, &u1, &u2, NULL)) != MP_OKAY) { 47 if ((err = mp_init_multi(&w, &v, &u1, &u2, NULL)) != CRYPT_OK) {
48 return mpi_to_ltc_error(err); 48 return err;
49 } 49 }
50 50
51 /* neither r or s can be null or >q*/ 51 /* neither r or s can be null or >q*/
52 if (mp_iszero(r) == MP_YES || mp_iszero(s) == MP_YES || mp_cmp(r, &key->q) != MP_LT || mp_cmp(s, &key->q) != MP_LT) { 52 if (mp_iszero(r) == LTC_MP_YES || mp_iszero(s) == LTC_MP_YES || mp_cmp(r, key->q) != LTC_MP_LT || mp_cmp(s, key->q) != LTC_MP_LT) {
53 err = CRYPT_INVALID_PACKET; 53 err = CRYPT_INVALID_PACKET;
54 goto done; 54 goto error;
55 } 55 }
56 56
57 /* w = 1/s mod q */ 57 /* w = 1/s mod q */
58 if ((err = mp_invmod(s, &key->q, &w)) != MP_OKAY) { goto error; } 58 if ((err = mp_invmod(s, key->q, w)) != CRYPT_OK) { goto error; }
59 59
60 /* u1 = m * w mod q */ 60 /* u1 = m * w mod q */
61 if ((err = mp_read_unsigned_bin(&u1, (unsigned char *)hash, hashlen)) != MP_OKAY) { goto error; } 61 if ((err = mp_read_unsigned_bin(u1, (unsigned char *)hash, hashlen)) != CRYPT_OK) { goto error; }
62 if ((err = mp_mulmod(&u1, &w, &key->q, &u1)) != MP_OKAY) { goto error; } 62 if ((err = mp_mulmod(u1, w, key->q, u1)) != CRYPT_OK) { goto error; }
63 63
64 /* u2 = r*w mod q */ 64 /* u2 = r*w mod q */
65 if ((err = mp_mulmod(r, &w, &key->q, &u2)) != MP_OKAY) { goto error; } 65 if ((err = mp_mulmod(r, w, key->q, u2)) != CRYPT_OK) { goto error; }
66 66
67 /* v = g^u1 * y^u2 mod p mod q */ 67 /* v = g^u1 * y^u2 mod p mod q */
68 if ((err = mp_exptmod(&key->g, &u1, &key->p, &u1)) != MP_OKAY) { goto error; } 68 if ((err = mp_exptmod(key->g, u1, key->p, u1)) != CRYPT_OK) { goto error; }
69 if ((err = mp_exptmod(&key->y, &u2, &key->p, &u2)) != MP_OKAY) { goto error; } 69 if ((err = mp_exptmod(key->y, u2, key->p, u2)) != CRYPT_OK) { goto error; }
70 if ((err = mp_mulmod(&u1, &u2, &key->p, &v)) != MP_OKAY) { goto error; } 70 if ((err = mp_mulmod(u1, u2, key->p, v)) != CRYPT_OK) { goto error; }
71 if ((err = mp_mod(&v, &key->q, &v)) != MP_OKAY) { goto error; } 71 if ((err = mp_mod(v, key->q, v)) != CRYPT_OK) { goto error; }
72 72
73 /* if r = v then we're set */ 73 /* if r = v then we're set */
74 if (mp_cmp(r, &v) == MP_EQ) { 74 if (mp_cmp(r, v) == LTC_MP_EQ) {
75 *stat = 1; 75 *stat = 1;
76 } 76 }
77 77
78 err = CRYPT_OK; 78 err = CRYPT_OK;
79 goto done; 79 error:
80 80 mp_clear_multi(w, v, u1, u2, NULL);
81 error : err = mpi_to_ltc_error(err);
82 done : mp_clear_multi(&w, &v, &u1, &u2, NULL);
83 return err; 81 return err;
84 } 82 }
85 83
86 /** 84 /**
87 Verify a DSA signature 85 Verify a DSA signature
96 int dsa_verify_hash(const unsigned char *sig, unsigned long siglen, 94 int dsa_verify_hash(const unsigned char *sig, unsigned long siglen,
97 const unsigned char *hash, unsigned long hashlen, 95 const unsigned char *hash, unsigned long hashlen,
98 int *stat, dsa_key *key) 96 int *stat, dsa_key *key)
99 { 97 {
100 int err; 98 int err;
101 mp_int r, s; 99 void *r, *s;
102 100
103 if ((err = mp_init_multi(&r, &s, NULL)) != CRYPT_OK) { 101 if ((err = mp_init_multi(&r, &s, NULL)) != CRYPT_OK) {
104 return CRYPT_MEM; 102 return CRYPT_MEM;
105 } 103 }
106 104
107 /* decode the sequence */ 105 /* decode the sequence */
108 if ((err = der_decode_sequence_multi(sig, siglen, 106 if ((err = der_decode_sequence_multi(sig, siglen,
109 LTC_ASN1_INTEGER, 1UL, &r, 107 LTC_ASN1_INTEGER, 1UL, r,
110 LTC_ASN1_INTEGER, 1UL, &s, 108 LTC_ASN1_INTEGER, 1UL, s,
111 LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { 109 LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) {
112 goto LBL_ERR; 110 goto LBL_ERR;
113 } 111 }
114 112
115 /* do the op */ 113 /* do the op */
116 err = dsa_verify_hash_raw(&r, &s, hash, hashlen, stat, key); 114 err = dsa_verify_hash_raw(r, s, hash, hashlen, stat, key);
117 115
118 LBL_ERR: 116 LBL_ERR:
119 mp_clear_multi(&r, &s, NULL); 117 mp_clear_multi(r, s, NULL);
120 return err; 118 return err;
121 } 119 }
122 120
123 #endif 121 #endif
124 122
125 123
126 /* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_verify_hash.c,v $ */ 124 /* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_verify_hash.c,v $ */
127 /* $Revision: 1.8 $ */ 125 /* $Revision: 1.13 $ */
128 /* $Date: 2005/05/15 21:48:59 $ */ 126 /* $Date: 2006/12/04 03:18:43 $ */