OLD | NEW |
1 /* crypto/dsa/dsa_vrf.c */ | 1 /* crypto/dsa/dsa_vrf.c */ |
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
3 * All rights reserved. | 3 * All rights reserved. |
4 * | 4 * |
5 * This package is an SSL implementation written | 5 * This package is an SSL implementation written |
6 * by Eric Young (eay@cryptsoft.com). | 6 * by Eric Young (eay@cryptsoft.com). |
7 * The implementation was written so as to conform with Netscapes SSL. | 7 * The implementation was written so as to conform with Netscapes SSL. |
8 * | 8 * |
9 * This library is free for commercial and non-commercial use as long as | 9 * This library is free for commercial and non-commercial use as long as |
10 * the following conditions are aheared to. The following conditions | 10 * the following conditions are aheared to. The following conditions |
(...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
51 * SUCH DAMAGE. | 51 * SUCH DAMAGE. |
52 * | 52 * |
53 * The licence and distribution terms for any publically available version or | 53 * The licence and distribution terms for any publically available version or |
54 * derivative of this code cannot be changed. i.e. this code cannot simply be | 54 * derivative of this code cannot be changed. i.e. this code cannot simply be |
55 * copied and put under another distribution licence | 55 * copied and put under another distribution licence |
56 * [including the GNU Public Licence.] | 56 * [including the GNU Public Licence.] |
57 */ | 57 */ |
58 | 58 |
59 /* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */ | 59 /* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */ |
60 | 60 |
61 #include <stdio.h> | |
62 #include "cryptlib.h" | 61 #include "cryptlib.h" |
63 #include <openssl/bn.h> | |
64 #include <openssl/dsa.h> | 62 #include <openssl/dsa.h> |
65 #include <openssl/rand.h> | |
66 #include <openssl/asn1.h> | |
67 #ifdef OPENSSL_FIPS | |
68 #include <openssl/fips.h> | |
69 #endif | |
70 | |
71 #include <openssl/asn1_mac.h> | |
72 | 63 |
73 int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, | 64 int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, |
74 DSA *dsa) | 65 DSA *dsa) |
75 { | 66 { |
76 #ifdef OPENSSL_FIPS | |
77 if(FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) | |
78 { | |
79 DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_
MODE); | |
80 return 0; | |
81 } | |
82 #endif | |
83 return dsa->meth->dsa_do_verify(dgst, dgst_len, sig, dsa); | 67 return dsa->meth->dsa_do_verify(dgst, dgst_len, sig, dsa); |
84 } | 68 } |
| 69 |
| 70 /* data has already been hashed (probably with SHA or SHA-1). */ |
| 71 /* returns |
| 72 * 1: correct signature |
| 73 * 0: incorrect signature |
| 74 * -1: error |
| 75 */ |
| 76 int DSA_verify(int type, const unsigned char *dgst, int dgst_len, |
| 77 const unsigned char *sigbuf, int siglen, DSA *dsa) |
| 78 { |
| 79 DSA_SIG *s; |
| 80 int ret=-1; |
| 81 |
| 82 s = DSA_SIG_new(); |
| 83 if (s == NULL) return(ret); |
| 84 if (d2i_DSA_SIG(&s,&sigbuf,siglen) == NULL) goto err; |
| 85 ret=DSA_do_verify(dgst,dgst_len,s,dsa); |
| 86 err: |
| 87 DSA_SIG_free(s); |
| 88 return(ret); |
| 89 } |
OLD | NEW |