Skip to content
GitLab
Menu
Projects
Groups
Snippets
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
BC
public
external
mbedtls
Commits
f73da029
Commit
f73da029
authored
Aug 17, 2013
by
Manuel Pégourié-Gonnard
Browse files
PK: change pk_verify arguments (md_info "optional")
parent
ab466945
Changes
4
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
36 additions
and
27 deletions
+36
-27
include/polarssl/pk.h
include/polarssl/pk.h
+8
-5
library/pk.c
library/pk.c
+6
-4
library/pk_wrap.c
library/pk_wrap.c
+19
-15
library/x509parse.c
library/x509parse.c
+3
-3
No files found.
include/polarssl/pk.h
View file @
f73da029
...
...
@@ -30,6 +30,8 @@
#include "config.h"
#include "md.h"
#if defined(POLARSSL_RSA_C)
#include "rsa.h"
#endif
...
...
@@ -123,8 +125,8 @@ typedef struct
int
(
*
can_do
)(
pk_type_t
type
);
/** Verify signature */
int
(
*
verify_func
)(
void
*
ctx
,
const
unsigned
char
*
hash
,
const
md_info_t
*
md_info
,
int
(
*
verify_func
)(
void
*
ctx
,
md_type_t
md_alg
,
const
unsigned
char
*
hash
,
size_t
hash_len
,
const
unsigned
char
*
sig
,
size_t
sig_len
);
/** Allocate a new context */
...
...
@@ -203,16 +205,17 @@ int pk_can_do( pk_context *ctx, pk_type_t type );
* \brief Verify signature
*
* \param ctx PK context to use
* \param md_alg Hash algorithm used
* \param hash Hash of the message to sign
* \param
md_info Information about the hash function used
* \param
hash_len Hash length
* \param sig Signature to verify
* \param sig_len Signature length
*
* \return 0 on success (signature is valid),
* or a specific error code.
*/
int
pk_verify
(
pk_context
*
ctx
,
const
unsigned
char
*
hash
,
const
md_info_t
*
md_info
,
int
pk_verify
(
pk_context
*
ctx
,
md_type_t
md_alg
,
const
unsigned
char
*
hash
,
size_t
hash_len
,
const
unsigned
char
*
sig
,
size_t
sig_len
);
/**
...
...
library/pk.c
View file @
f73da029
...
...
@@ -110,7 +110,7 @@ int pk_init_ctx( pk_context *ctx, const pk_info_t *info )
*/
int
pk_can_do
(
pk_context
*
ctx
,
pk_type_t
type
)
{
/* null o
f
NONE context can't do anything */
/* null o
r
NONE context can't do anything */
if
(
ctx
==
NULL
||
ctx
->
pk_info
==
NULL
)
return
(
0
);
...
...
@@ -120,14 +120,16 @@ int pk_can_do( pk_context *ctx, pk_type_t type )
/*
* Verify a signature
*/
int
pk_verify
(
pk_context
*
ctx
,
const
unsigned
char
*
hash
,
const
md_info_t
*
md_info
,
int
pk_verify
(
pk_context
*
ctx
,
md_type_t
md_alg
,
const
unsigned
char
*
hash
,
size_t
hash_len
,
const
unsigned
char
*
sig
,
size_t
sig_len
)
{
if
(
ctx
==
NULL
||
ctx
->
pk_info
==
NULL
)
return
(
POLARSSL_ERR_PK_BAD_INPUT_DATA
);
return
(
ctx
->
pk_info
->
verify_func
(
ctx
->
pk_ctx
,
hash
,
md_info
,
sig
,
sig_len
)
);
return
(
ctx
->
pk_info
->
verify_func
(
ctx
->
pk_ctx
,
md_alg
,
hash
,
hash_len
,
sig
,
sig_len
)
);
}
/*
...
...
library/pk_wrap.c
View file @
f73da029
...
...
@@ -58,15 +58,15 @@ static size_t rsa_get_size( const void * ctx )
return
(
8
*
((
rsa_context
*
)
ctx
)
->
len
);
}
static
int
rsa_verify_wrap
(
void
*
ctx
,
const
unsigned
char
*
hash
,
const
md_info_t
*
md_info
,
static
int
rsa_verify_wrap
(
void
*
ctx
,
md_type_t
md_alg
,
const
unsigned
char
*
hash
,
size_t
hash_len
,
const
unsigned
char
*
sig
,
size_t
sig_len
)
{
if
(
sig_len
!=
((
rsa_context
*
)
ctx
)
->
len
)
return
(
POLARSSL_ERR_RSA_VERIFY_FAILED
);
return
(
rsa_pkcs1_verify
(
(
rsa_context
*
)
ctx
,
RSA_PUBLIC
,
md_
info
->
type
,
0
,
hash
,
sig
)
);
RSA_PUBLIC
,
md_
alg
,
hash_len
,
hash
,
sig
)
);
}
static
void
*
rsa_alloc_wrap
(
void
)
...
...
@@ -128,19 +128,20 @@ static size_t eckey_get_size( const void *ctx )
#if defined(POLARSSL_ECDSA_C)
/* Forward declaration */
static
int
ecdsa_verify_wrap
(
void
*
ctx
,
const
unsigned
char
*
hash
,
const
md_info_t
*
md_info
,
static
int
ecdsa_verify_wrap
(
void
*
ctx
,
md_type_t
md_alg
,
const
unsigned
char
*
hash
,
size_t
hash_len
,
const
unsigned
char
*
sig
,
size_t
sig_len
);
#endif
static
int
eckey_verify_wrap
(
void
*
ctx
,
const
unsigned
char
*
hash
,
const
md_info_t
*
md_info
,
static
int
eckey_verify_wrap
(
void
*
ctx
,
md_type_t
md_alg
,
const
unsigned
char
*
hash
,
size_t
hash_len
,
const
unsigned
char
*
sig
,
size_t
sig_len
)
{
#if !defined(POLARSSL_ECDSA_C)
((
void
)
ctx
);
((
void
)
md_alg
);
((
void
)
hash
);
((
void
)
md_info
);
((
void
)
hash_len
);
((
void
)
sig
);
((
void
)
sig_len
);
...
...
@@ -152,7 +153,7 @@ static int eckey_verify_wrap( void *ctx,
ecdsa_init
(
&
ecdsa
);
ret
=
ecdsa_from_keypair
(
&
ecdsa
,
ctx
)
||
ecdsa_verify_wrap
(
&
ecdsa
,
hash
,
md_info
,
sig
,
sig_len
);
ecdsa_verify_wrap
(
&
ecdsa
,
md_alg
,
hash
,
hash_len
,
sig
,
sig_len
);
ecdsa_free
(
&
ecdsa
);
...
...
@@ -203,13 +204,14 @@ static int eckeydh_can_do( pk_type_t type )
type
==
POLARSSL_PK_ECKEY_DH
);
}
static
int
eckeydh_verify_wrap
(
void
*
ctx
,
const
unsigned
char
*
hash
,
const
md_info_t
*
md_info
,
static
int
eckeydh_verify_wrap
(
void
*
ctx
,
md_type_t
md_alg
,
const
unsigned
char
*
hash
,
size_t
hash_len
,
const
unsigned
char
*
sig
,
size_t
sig_len
)
{
((
void
)
ctx
);
((
void
)
md_alg
);
((
void
)
hash
);
((
void
)
md_info
);
((
void
)
hash_len
);
((
void
)
sig
);
((
void
)
sig_len
);
...
...
@@ -234,12 +236,14 @@ static int ecdsa_can_do( pk_type_t type )
return
(
type
==
POLARSSL_PK_ECDSA
);
}
static
int
ecdsa_verify_wrap
(
void
*
ctx
,
const
unsigned
char
*
hash
,
const
md_info_t
*
md_info
,
static
int
ecdsa_verify_wrap
(
void
*
ctx
,
md_type_t
md_alg
,
const
unsigned
char
*
hash
,
size_t
hash_len
,
const
unsigned
char
*
sig
,
size_t
sig_len
)
{
((
void
)
md_alg
);
return
(
ecdsa_read_signature
(
(
ecdsa_context
*
)
ctx
,
hash
,
md_info
->
size
,
sig
,
sig_len
)
);
hash
,
hash_len
,
sig
,
sig_len
)
);
}
static
void
*
ecdsa_alloc_wrap
(
void
)
...
...
library/x509parse.c
View file @
f73da029
...
...
@@ -3429,7 +3429,7 @@ static int x509parse_verifycrl(x509_cert *crt, x509_cert *ca,
md
(
md_info
,
crl_list
->
tbs
.
p
,
crl_list
->
tbs
.
len
,
hash
);
if
(
pk_can_do
(
&
ca
->
pk
,
crl_list
->
sig_pk
)
==
0
||
pk_verify
(
&
ca
->
pk
,
hash
,
md_info
,
pk_verify
(
&
ca
->
pk
,
crl_list
->
sig_md
,
hash
,
md_info
->
size
,
crl_list
->
sig
.
p
,
crl_list
->
sig
.
len
)
!=
0
)
{
flags
|=
BADCRL_NOT_TRUSTED
;
...
...
@@ -3546,7 +3546,7 @@ static int x509parse_verify_top(
md
(
md_info
,
child
->
tbs
.
p
,
child
->
tbs
.
len
,
hash
);
if
(
pk_can_do
(
&
trust_ca
->
pk
,
child
->
sig_pk
)
==
0
||
pk_verify
(
&
trust_ca
->
pk
,
hash
,
md_info
,
pk_verify
(
&
trust_ca
->
pk
,
child
->
sig_md
,
hash
,
md_info
->
size
,
child
->
sig
.
p
,
child
->
sig
.
len
)
!=
0
)
{
trust_ca
=
trust_ca
->
next
;
...
...
@@ -3623,7 +3623,7 @@ static int x509parse_verify_child(
md
(
md_info
,
child
->
tbs
.
p
,
child
->
tbs
.
len
,
hash
);
if
(
pk_can_do
(
&
parent
->
pk
,
child
->
sig_pk
)
==
0
||
pk_verify
(
&
parent
->
pk
,
hash
,
md_info
,
pk_verify
(
&
parent
->
pk
,
child
->
sig_md
,
hash
,
md_info
->
size
,
child
->
sig
.
p
,
child
->
sig
.
len
)
!=
0
)
{
*
flags
|=
BADCERT_NOT_TRUSTED
;
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment