Mercurial > dropbear

comparison libtomcrypt/src/pk/rsa/rsa_verify_hash.c @ 1437:871b18fd7065 fuzz

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
merge from main (libtommath/libtomcrypt/curve25510-donna updates)
author Matt Johnston <matt@ucc.asn.au>
date Sat, 24 Jun 2017 22:51:45 +0800
parents f849a5ca2efc
children 6dba84798cd5
comparison
equal deleted inserted replaced
1432:41dca1e5ea34 1437:871b18fd7065
4 * algorithms in a highly modular and flexible manner. 4 * algorithms in a highly modular and flexible manner.
5 * 5 *
6 * The library is free for all purposes without any express 6 * The library is free for all purposes without any express
7 * guarantee it works. 7 * guarantee it works.
8 * 8 *
9 * Tom St Denis, [email protected], http://libtomcrypt.com 9 * Tom St Denis, [email protected], http://libtom.org
10 */ 10 */
11 #include "tomcrypt.h" 11 #include "tomcrypt.h"
12 12
13 /** 13 /**
14 @file rsa_verify_hash.c 14 @file rsa_verify_hash.c
15 RSA PKCS #1 v1.5 or v2 PSS signature verification, Tom St Denis and Andreas Lange 15 RSA LTC_PKCS #1 v1.5 or v2 PSS signature verification, Tom St Denis and Andreas Lange
16 */ 16 */
17 17
18 #ifdef MRSA 18 #ifdef LTC_MRSA
19 19
20 /** 20 /**
21 PKCS #1 de-sign then v1.5 or PSS depad 21 LTC_PKCS #1 de-sign then v1.5 or PSS depad
22 @param sig The signature data 22 @param sig The signature data
23 @param siglen The length of the signature data (octets) 23 @param siglen The length of the signature data (octets)
24 @param hash The hash of the message that was signed 24 @param hash The hash of the message that was signed
25 @param hashlen The length of the hash of the message that was signed (octets) 25 @param hashlen The length of the hash of the message that was signed (octets)
26 @param padding Type of padding (LTC_PKCS_1_PSS or LTC_PKCS_1_V1_5) 26 @param padding Type of padding (LTC_LTC_PKCS_1_PSS or LTC_LTC_PKCS_1_V1_5)
27 @param hash_idx The index of the desired hash 27 @param hash_idx The index of the desired hash
28 @param saltlen The length of the salt used during signature 28 @param saltlen The length of the salt used during signature
29 @param stat [out] The result of the signature comparison, 1==valid, 0==invalid 29 @param stat [out] The result of the signature comparison, 1==valid, 0==invalid
30 @param key The public RSA key corresponding to the key that performed the signature 30 @param key The public RSA key corresponding to the key that performed the signature
31 @return CRYPT_OK on success (even if the signature is invalid) 31 @return CRYPT_OK on success (even if the signature is invalid)
48 /* default to invalid */ 48 /* default to invalid */
49 *stat = 0; 49 *stat = 0;
50 50
51 /* valid padding? */ 51 /* valid padding? */
52 52
53 if ((padding != LTC_PKCS_1_V1_5) && 53 if ((padding != LTC_LTC_PKCS_1_V1_5) &&
54 (padding != LTC_PKCS_1_PSS)) { 54 (padding != LTC_LTC_PKCS_1_PSS)) {
55 return CRYPT_PK_INVALID_PADDING; 55 return CRYPT_PK_INVALID_PADDING;
56 } 56 }
57 57
58 if (padding == LTC_PKCS_1_PSS) { 58 if (padding == LTC_LTC_PKCS_1_PSS) {
59 /* valid hash ? */ 59 /* valid hash ? */
60 if ((err = hash_is_valid(hash_idx)) != CRYPT_OK) { 60 if ((err = hash_is_valid(hash_idx)) != CRYPT_OK) {
61 return err; 61 return err;
62 } 62 }
63 } 63 }
88 if (x != siglen) { 88 if (x != siglen) {
89 XFREE(tmpbuf); 89 XFREE(tmpbuf);
90 return CRYPT_INVALID_PACKET; 90 return CRYPT_INVALID_PACKET;
91 } 91 }
92 92
93 if (padding == LTC_PKCS_1_PSS) { 93 if (padding == LTC_LTC_PKCS_1_PSS) {
94 /* PSS decode and verify it */ 94 /* PSS decode and verify it */
95 err = pkcs_1_pss_decode(hash, hashlen, tmpbuf, x, saltlen, hash_idx, modulus_bitlen, stat); 95 err = pkcs_1_pss_decode(hash, hashlen, tmpbuf, x, saltlen, hash_idx, modulus_bitlen, stat);
96 } else { 96 } else {
97 /* PKCS #1 v1.5 decode it */ 97 /* LTC_PKCS #1 v1.5 decode it */
98 unsigned char *out; 98 unsigned char *out;
99 unsigned long outlen, loid[16]; 99 unsigned long outlen, loid[16];
100 int decoded; 100 int decoded;
101 ltc_asn1_list digestinfo[2], siginfo[2]; 101 ltc_asn1_list digestinfo[2], siginfo[2];
102 102
112 if (out == NULL) { 112 if (out == NULL) {
113 err = CRYPT_MEM; 113 err = CRYPT_MEM;
114 goto bail_2; 114 goto bail_2;
115 } 115 }
116 116
117 if ((err = pkcs_1_v1_5_decode(tmpbuf, x, LTC_PKCS_1_EMSA, modulus_bitlen, out, &outlen, &decoded)) != CRYPT_OK) { 117 if ((err = pkcs_1_v1_5_decode(tmpbuf, x, LTC_LTC_PKCS_1_EMSA, modulus_bitlen, out, &outlen, &decoded)) != CRYPT_OK) {
118 XFREE(out); 118 XFREE(out);
119 goto bail_2; 119 goto bail_2;
120 } 120 }
121 121
122 /* now we must decode out[0...outlen-1] using ASN.1, test the OID and then test the hash */ 122 /* now we must decode out[0...outlen-1] using ASN.1, test the OID and then test the hash */
158 #endif 158 #endif
159 XFREE(tmpbuf); 159 XFREE(tmpbuf);
160 return err; 160 return err;
161 } 161 }
162 162
163 #endif /* MRSA */ 163 #endif /* LTC_MRSA */
164 164
165 /* $Source: /cvs/libtom/libtomcrypt/src/pk/rsa/rsa_verify_hash.c,v $ */ 165 /* $Source$ */
166 /* $Revision: 1.11 $ */ 166 /* $Revision$ */
167 /* $Date: 2006/12/04 03:09:28 $ */ 167 /* $Date$ */