OLD | NEW |
1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. | 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
2 * Use of this source code is governed by a BSD-style license that can be | 2 * Use of this source code is governed by a BSD-style license that can be |
3 * found in the LICENSE file. | 3 * found in the LICENSE file. |
4 */ | 4 */ |
5 | 5 |
6 /* Implementation of RSA signature verification which uses a pre-processed | 6 /* Implementation of RSA signature verification which uses a pre-processed |
7 * key for computation. The code extends Android's RSA verification code to | 7 * key for computation. The code extends Android's RSA verification code to |
8 * support multiple RSA key lengths and hash digest algorithms. | 8 * support multiple RSA key lengths and hash digest algorithms. |
9 */ | 9 */ |
10 | 10 |
(...skipping 117 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
128 const uint8_t *sig, | 128 const uint8_t *sig, |
129 const uint32_t sig_len, | 129 const uint32_t sig_len, |
130 const uint8_t sig_type, | 130 const uint8_t sig_type, |
131 const uint8_t *hash) { | 131 const uint8_t *hash) { |
132 int i; | 132 int i; |
133 uint8_t* buf; | 133 uint8_t* buf; |
134 const uint8_t* padding; | 134 const uint8_t* padding; |
135 int success = 1; | 135 int success = 1; |
136 | 136 |
137 if (sig_len != (key->len * sizeof(uint32_t))) { | 137 if (sig_len != (key->len * sizeof(uint32_t))) { |
138 debug("Signature is of incorrect length!\n"); | 138 VBDEBUG(("Signature is of incorrect length!\n")); |
139 return 0; | 139 return 0; |
140 } | 140 } |
141 | 141 |
142 if (sig_type >= kNumAlgorithms) { | 142 if (sig_type >= kNumAlgorithms) { |
143 debug("Invalid signature type!\n"); | 143 VBDEBUG(("Invalid signature type!\n")); |
144 return 0; | 144 return 0; |
145 } | 145 } |
146 | 146 |
147 if (key->len != siglen_map[sig_type] / sizeof(uint32_t)) { | 147 if (key->len != siglen_map[sig_type] / sizeof(uint32_t)) { |
148 debug("Wrong key passed in!\n"); | 148 VBDEBUG(("Wrong key passed in!\n")); |
149 return 0; | 149 return 0; |
150 } | 150 } |
151 | 151 |
152 buf = (uint8_t*) Malloc(sig_len); | 152 buf = (uint8_t*) Malloc(sig_len); |
153 Memcpy(buf, sig, sig_len); | 153 Memcpy(buf, sig, sig_len); |
154 | 154 |
155 modpowF4(key, buf); | 155 modpowF4(key, buf); |
156 | 156 |
157 /* Determine padding to use depending on the signature type. */ | 157 /* Determine padding to use depending on the signature type. */ |
158 padding = padding_map[sig_type]; | 158 padding = padding_map[sig_type]; |
159 | 159 |
160 /* Check pkcs1.5 padding bytes. */ | 160 /* Check pkcs1.5 padding bytes. */ |
161 for (i = 0; i < padding_size_map[sig_type]; ++i) { | 161 for (i = 0; i < padding_size_map[sig_type]; ++i) { |
162 if (buf[i] != padding[i]) { | 162 if (buf[i] != padding[i]) { |
163 #ifndef NDEBUG | 163 #ifndef NDEBUG |
164 /* TODO(gauravsh): Replace with a macro call for logging. */ | 164 /* TODO(gauravsh): Replace with a macro call for logging. */ |
165 debug("Padding: Expecting = %02x Got = %02x\n", padding[i], | 165 VBDEBUG(("Padding: Expecting = %02x Got = %02x\n", padding[i], buf[i])); |
166 buf[i]); | |
167 #endif | 166 #endif |
168 success = 0; | 167 success = 0; |
169 } | 168 } |
170 } | 169 } |
171 | 170 |
172 /* Check if digest matches. */ | 171 /* Check if digest matches. */ |
173 for (; i < (int)sig_len; ++i) { | 172 for (; i < (int)sig_len; ++i) { |
174 if (buf[i] != *hash++) { | 173 if (buf[i] != *hash++) { |
175 #ifndef NDEBUG | 174 #ifndef NDEBUG |
176 /* TODO(gauravsh): Replace with a macro call for logging. */ | 175 /* TODO(gauravsh): Replace with a macro call for logging. */ |
177 debug("Digest: Expecting = %02x Got = %02x\n", padding[i], | 176 VBDEBUG(("Digest: Expecting = %02x Got = %02x\n", padding[i], buf[i])); |
178 buf[i]); | |
179 #endif | 177 #endif |
180 success = 0; | 178 success = 0; |
181 } | 179 } |
182 } | 180 } |
183 | 181 |
184 Free(buf); | 182 Free(buf); |
185 | 183 |
186 return success; | 184 return success; |
187 } | 185 } |
OLD | NEW |