Mercurial > dropbear
comparison libtomcrypt/src/pk/rsa/rsa_verify_hash.c @ 1435:f849a5ca2efc
update to libtomcrypt 1.17 (with Dropbear changes)
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Sat, 24 Jun 2017 17:50:50 +0800 |
| parents | 0cbe8f6dbf9e |
| children | 6dba84798cd5 |
comparison
equal
deleted
inserted
replaced
| 1434:27b9ddb06b09 | 1435:f849a5ca2efc |
|---|---|
| 4 * algorithms in a highly modular and flexible manner. | 4 * algorithms in a highly modular and flexible manner. |
| 5 * | 5 * |
| 6 * The library is free for all purposes without any express | 6 * The library is free for all purposes without any express |
| 7 * guarantee it works. | 7 * guarantee it works. |
| 8 * | 8 * |
| 9 * Tom St Denis, [email protected], http://libtomcrypt.com | 9 * Tom St Denis, [email protected], http://libtom.org |
| 10 */ | 10 */ |
| 11 #include "tomcrypt.h" | 11 #include "tomcrypt.h" |
| 12 | 12 |
| 13 /** | 13 /** |
| 14 @file rsa_verify_hash.c | 14 @file rsa_verify_hash.c |
| 15 RSA PKCS #1 v1.5 or v2 PSS signature verification, Tom St Denis and Andreas Lange | 15 RSA LTC_PKCS #1 v1.5 or v2 PSS signature verification, Tom St Denis and Andreas Lange |
| 16 */ | 16 */ |
| 17 | 17 |
| 18 #ifdef MRSA | 18 #ifdef LTC_MRSA |
| 19 | 19 |
| 20 /** | 20 /** |
| 21 PKCS #1 de-sign then v1.5 or PSS depad | 21 LTC_PKCS #1 de-sign then v1.5 or PSS depad |
| 22 @param sig The signature data | 22 @param sig The signature data |
| 23 @param siglen The length of the signature data (octets) | 23 @param siglen The length of the signature data (octets) |
| 24 @param hash The hash of the message that was signed | 24 @param hash The hash of the message that was signed |
| 25 @param hashlen The length of the hash of the message that was signed (octets) | 25 @param hashlen The length of the hash of the message that was signed (octets) |
| 26 @param padding Type of padding (LTC_PKCS_1_PSS or LTC_PKCS_1_V1_5) | 26 @param padding Type of padding (LTC_LTC_PKCS_1_PSS or LTC_LTC_PKCS_1_V1_5) |
| 27 @param hash_idx The index of the desired hash | 27 @param hash_idx The index of the desired hash |
| 28 @param saltlen The length of the salt used during signature | 28 @param saltlen The length of the salt used during signature |
| 29 @param stat [out] The result of the signature comparison, 1==valid, 0==invalid | 29 @param stat [out] The result of the signature comparison, 1==valid, 0==invalid |
| 30 @param key The public RSA key corresponding to the key that performed the signature | 30 @param key The public RSA key corresponding to the key that performed the signature |
| 31 @return CRYPT_OK on success (even if the signature is invalid) | 31 @return CRYPT_OK on success (even if the signature is invalid) |
| 48 /* default to invalid */ | 48 /* default to invalid */ |
| 49 *stat = 0; | 49 *stat = 0; |
| 50 | 50 |
| 51 /* valid padding? */ | 51 /* valid padding? */ |
| 52 | 52 |
| 53 if ((padding != LTC_PKCS_1_V1_5) && | 53 if ((padding != LTC_LTC_PKCS_1_V1_5) && |
| 54 (padding != LTC_PKCS_1_PSS)) { | 54 (padding != LTC_LTC_PKCS_1_PSS)) { |
| 55 return CRYPT_PK_INVALID_PADDING; | 55 return CRYPT_PK_INVALID_PADDING; |
| 56 } | 56 } |
| 57 | 57 |
| 58 if (padding == LTC_PKCS_1_PSS) { | 58 if (padding == LTC_LTC_PKCS_1_PSS) { |
| 59 /* valid hash ? */ | 59 /* valid hash ? */ |
| 60 if ((err = hash_is_valid(hash_idx)) != CRYPT_OK) { | 60 if ((err = hash_is_valid(hash_idx)) != CRYPT_OK) { |
| 61 return err; | 61 return err; |
| 62 } | 62 } |
| 63 } | 63 } |
| 88 if (x != siglen) { | 88 if (x != siglen) { |
| 89 XFREE(tmpbuf); | 89 XFREE(tmpbuf); |
| 90 return CRYPT_INVALID_PACKET; | 90 return CRYPT_INVALID_PACKET; |
| 91 } | 91 } |
| 92 | 92 |
| 93 if (padding == LTC_PKCS_1_PSS) { | 93 if (padding == LTC_LTC_PKCS_1_PSS) { |
| 94 /* PSS decode and verify it */ | 94 /* PSS decode and verify it */ |
| 95 err = pkcs_1_pss_decode(hash, hashlen, tmpbuf, x, saltlen, hash_idx, modulus_bitlen, stat); | 95 err = pkcs_1_pss_decode(hash, hashlen, tmpbuf, x, saltlen, hash_idx, modulus_bitlen, stat); |
| 96 } else { | 96 } else { |
| 97 /* PKCS #1 v1.5 decode it */ | 97 /* LTC_PKCS #1 v1.5 decode it */ |
| 98 unsigned char *out; | 98 unsigned char *out; |
| 99 unsigned long outlen, loid[16]; | 99 unsigned long outlen, loid[16]; |
| 100 int decoded; | 100 int decoded; |
| 101 ltc_asn1_list digestinfo[2], siginfo[2]; | 101 ltc_asn1_list digestinfo[2], siginfo[2]; |
| 102 | 102 |
| 112 if (out == NULL) { | 112 if (out == NULL) { |
| 113 err = CRYPT_MEM; | 113 err = CRYPT_MEM; |
| 114 goto bail_2; | 114 goto bail_2; |
| 115 } | 115 } |
| 116 | 116 |
| 117 if ((err = pkcs_1_v1_5_decode(tmpbuf, x, LTC_PKCS_1_EMSA, modulus_bitlen, out, &outlen, &decoded)) != CRYPT_OK) { | 117 if ((err = pkcs_1_v1_5_decode(tmpbuf, x, LTC_LTC_PKCS_1_EMSA, modulus_bitlen, out, &outlen, &decoded)) != CRYPT_OK) { |
| 118 XFREE(out); | 118 XFREE(out); |
| 119 goto bail_2; | 119 goto bail_2; |
| 120 } | 120 } |
| 121 | 121 |
| 122 /* now we must decode out[0...outlen-1] using ASN.1, test the OID and then test the hash */ | 122 /* now we must decode out[0...outlen-1] using ASN.1, test the OID and then test the hash */ |
| 158 #endif | 158 #endif |
| 159 XFREE(tmpbuf); | 159 XFREE(tmpbuf); |
| 160 return err; | 160 return err; |
| 161 } | 161 } |
| 162 | 162 |
| 163 #endif /* MRSA */ | 163 #endif /* LTC_MRSA */ |
| 164 | 164 |
| 165 /* $Source: /cvs/libtom/libtomcrypt/src/pk/rsa/rsa_verify_hash.c,v $ */ | 165 /* $Source$ */ |
| 166 /* $Revision: 1.11 $ */ | 166 /* $Revision$ */ |
| 167 /* $Date: 2006/12/04 03:09:28 $ */ | 167 /* $Date$ */ |