OLD | NEW |
1 /* crypto/evp/p_verify.c */ | 1 /* crypto/evp/p_verify.c */ |
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
3 * All rights reserved. | 3 * All rights reserved. |
4 * | 4 * |
5 * This package is an SSL implementation written | 5 * This package is an SSL implementation written |
6 * by Eric Young (eay@cryptsoft.com). | 6 * by Eric Young (eay@cryptsoft.com). |
7 * The implementation was written so as to conform with Netscapes SSL. | 7 * The implementation was written so as to conform with Netscapes SSL. |
8 * | 8 * |
9 * This library is free for commercial and non-commercial use as long as | 9 * This library is free for commercial and non-commercial use as long as |
10 * the following conditions are aheared to. The following conditions | 10 * the following conditions are aheared to. The following conditions |
(...skipping 50 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
61 #include <openssl/evp.h> | 61 #include <openssl/evp.h> |
62 #include <openssl/objects.h> | 62 #include <openssl/objects.h> |
63 #include <openssl/x509.h> | 63 #include <openssl/x509.h> |
64 | 64 |
65 int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf, | 65 int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf, |
66 unsigned int siglen, EVP_PKEY *pkey) | 66 unsigned int siglen, EVP_PKEY *pkey) |
67 { | 67 { |
68 unsigned char m[EVP_MAX_MD_SIZE]; | 68 unsigned char m[EVP_MAX_MD_SIZE]; |
69 unsigned int m_len; | 69 unsigned int m_len; |
70 int i,ok=0,v; | 70 int i,ok=0,v; |
71 » MS_STATIC EVP_MD_CTX tmp_ctx; | 71 » EVP_MD_CTX tmp_ctx; |
| 72 |
| 73 » EVP_MD_CTX_init(&tmp_ctx); |
| 74 » EVP_MD_CTX_copy_ex(&tmp_ctx,ctx); |
| 75 » EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len); |
| 76 » EVP_MD_CTX_cleanup(&tmp_ctx); |
| 77 |
| 78 » if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) |
| 79 » » { |
| 80 » » EVP_PKEY_CTX *pkctx = NULL; |
| 81 » » i = -1; |
| 82 » » pkctx = EVP_PKEY_CTX_new(pkey, NULL); |
| 83 » » if (!pkctx) |
| 84 » » » goto err; |
| 85 » » if (EVP_PKEY_verify_init(pkctx) <= 0) |
| 86 » » » goto err; |
| 87 » » if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0) |
| 88 » » » goto err; |
| 89 » » i = EVP_PKEY_verify(pkctx, sigbuf, siglen, m, m_len); |
| 90 » » err: |
| 91 » » EVP_PKEY_CTX_free(pkctx); |
| 92 » » return i; |
| 93 » » } |
72 | 94 |
73 for (i=0; i<4; i++) | 95 for (i=0; i<4; i++) |
74 { | 96 { |
75 v=ctx->digest->required_pkey_type[i]; | 97 v=ctx->digest->required_pkey_type[i]; |
76 if (v == 0) break; | 98 if (v == 0) break; |
77 if (pkey->type == v) | 99 if (pkey->type == v) |
78 { | 100 { |
79 ok=1; | 101 ok=1; |
80 break; | 102 break; |
81 } | 103 } |
82 } | 104 } |
83 if (!ok) | 105 if (!ok) |
84 { | 106 { |
85 EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_WRONG_PUBLIC_KEY_TYPE); | 107 EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_WRONG_PUBLIC_KEY_TYPE); |
86 return(-1); | 108 return(-1); |
87 } | 109 } |
88 » if (ctx->digest->verify == NULL) | 110 if (ctx->digest->verify == NULL) |
89 { | 111 { |
90 EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_NO_VERIFY_FUNCTION_CONFIGURED
); | 112 EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_NO_VERIFY_FUNCTION_CONFIGURED
); |
91 return(0); | 113 return(0); |
92 } | 114 } |
93 | 115 |
94 » EVP_MD_CTX_init(&tmp_ctx); | 116 » return(ctx->digest->verify(ctx->digest->type,m,m_len, |
95 » EVP_MD_CTX_copy_ex(&tmp_ctx,ctx); | 117 » » sigbuf,siglen,pkey->pkey.ptr)); |
96 » if (ctx->digest->flags & EVP_MD_FLAG_SVCTX) | |
97 » » { | |
98 » » EVP_MD_SVCTX sctmp; | |
99 » » sctmp.mctx = &tmp_ctx; | |
100 » » sctmp.key = pkey->pkey.ptr; | |
101 » » i = ctx->digest->verify(ctx->digest->type, | |
102 » » » NULL, -1, sigbuf, siglen, &sctmp); | |
103 » » } | |
104 » else | |
105 » » { | |
106 » » EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len); | |
107 » » i = ctx->digest->verify(ctx->digest->type,m,m_len, | |
108 » » » » » sigbuf,siglen,pkey->pkey.ptr); | |
109 » » } | |
110 » EVP_MD_CTX_cleanup(&tmp_ctx); | |
111 » return i; | |
112 } | 118 } |
113 | 119 |
OLD | NEW |