Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(511)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: openssl/crypto/asn1/a_verify.c

Issue 9254031: Upgrade chrome's OpenSSL to same version Android ships with. (Closed) Base URL: http://src.chromium.org/svn/trunk/deps/third_party/openssl/
Patch Set: '' Created 8 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« openssl.gyp ('K') | « openssl/crypto/asn1/a_utctm.c ('k') | openssl/crypto/asn1/ameth_lib.c » ('j') | patches/x509_hash_name_algorithm_change.patch » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* crypto/asn1/a_verify.c */ 1 /* crypto/asn1/a_verify.c */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
(...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.] 56 * [including the GNU Public Licence.]
57 */ 57 */
58 58
59 #include <stdio.h> 59 #include <stdio.h>
60 #include <time.h> 60 #include <time.h>
61 61
62 #include "cryptlib.h" 62 #include "cryptlib.h"
63 #include "asn1_locl.h"
63 64
64 #ifndef NO_SYS_TYPES_H 65 #ifndef NO_SYS_TYPES_H
65 # include <sys/types.h> 66 # include <sys/types.h>
66 #endif 67 #endif
67 68
68 #include <openssl/bn.h> 69 #include <openssl/bn.h>
69 #include <openssl/x509.h> 70 #include <openssl/x509.h>
70 #include <openssl/objects.h> 71 #include <openssl/objects.h>
71 #include <openssl/buffer.h> 72 #include <openssl/buffer.h>
72 #include <openssl/evp.h> 73 #include <openssl/evp.h>
(...skipping 20 matching lines...) Expand all
93 inl=i2d(data,NULL); 94 inl=i2d(data,NULL);
94 buf_in=OPENSSL_malloc((unsigned int)inl); 95 buf_in=OPENSSL_malloc((unsigned int)inl);
95 if (buf_in == NULL) 96 if (buf_in == NULL)
96 { 97 {
97 ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_MALLOC_FAILURE); 98 ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_MALLOC_FAILURE);
98 goto err; 99 goto err;
99 } 100 }
100 p=buf_in; 101 p=buf_in;
101 102
102 i2d(data,&p); 103 i2d(data,&p);
103 » if (!EVP_VerifyInit_ex(&ctx,type, NULL)) 104 » EVP_VerifyInit_ex(&ctx,type, NULL);
104 » » {
105 » » ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_EVP_LIB);
106 » » ret=0;
107 » » goto err;
108 » » }
109 EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl); 105 EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl);
110 106
111 OPENSSL_cleanse(buf_in,(unsigned int)inl); 107 OPENSSL_cleanse(buf_in,(unsigned int)inl);
112 OPENSSL_free(buf_in); 108 OPENSSL_free(buf_in);
113 109
114 if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data, 110 if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data,
115 (unsigned int)signature->length,pkey) <= 0) 111 (unsigned int)signature->length,pkey) <= 0)
116 { 112 {
117 ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_EVP_LIB); 113 ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_EVP_LIB);
118 ret=0; 114 ret=0;
119 goto err; 115 goto err;
120 } 116 }
121 /* we don't need to zero the 'ctx' because we just checked 117 /* we don't need to zero the 'ctx' because we just checked
122 * public information */ 118 * public information */
123 /* memset(&ctx,0,sizeof(ctx)); */ 119 /* memset(&ctx,0,sizeof(ctx)); */
124 ret=1; 120 ret=1;
125 err: 121 err:
126 EVP_MD_CTX_cleanup(&ctx); 122 EVP_MD_CTX_cleanup(&ctx);
127 return(ret); 123 return(ret);
128 } 124 }
129 125
130 #endif 126 #endif
131 127
132 128
133 int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat ure, 129 int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat ure,
134 void *asn, EVP_PKEY *pkey) 130 void *asn, EVP_PKEY *pkey)
135 { 131 {
136 EVP_MD_CTX ctx; 132 EVP_MD_CTX ctx;
137 » const EVP_MD *type; 133 » const EVP_MD *type = NULL;
138 unsigned char *buf_in=NULL; 134 unsigned char *buf_in=NULL;
139 » int ret= -1,i,inl; 135 » int ret= -1,inl;
136
137 » int mdnid, pknid;
140 138
141 EVP_MD_CTX_init(&ctx); 139 EVP_MD_CTX_init(&ctx);
142 » i=OBJ_obj2nid(a->algorithm); 140
143 » type=EVP_get_digestbyname(OBJ_nid2sn(i)); 141 » /* Convert signature OID into digest and public key OIDs */
142 » if (!OBJ_find_sigid_algs(OBJ_obj2nid(a->algorithm), &mdnid, &pknid))
143 » » {
144 » » ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_SIGNATURE_ALGORIT HM);
145 » » goto err;
146 » » }
147 » type=EVP_get_digestbynid(mdnid);
144 if (type == NULL) 148 if (type == NULL)
145 { 149 {
146 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_MESSAGE_DIGEST_AL GORITHM); 150 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_MESSAGE_DIGEST_AL GORITHM);
147 goto err; 151 goto err;
148 } 152 }
149 153
154 /* Check public key OID matches public key type */
155 if (EVP_PKEY_type(pknid) != pkey->ameth->pkey_id)
156 {
157 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_WRONG_PUBLIC_KEY_TYPE);
158 goto err;
159 }
160
150 if (!EVP_VerifyInit_ex(&ctx,type, NULL)) 161 if (!EVP_VerifyInit_ex(&ctx,type, NULL))
151 { 162 {
152 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB); 163 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB);
153 ret=0; 164 ret=0;
154 goto err; 165 goto err;
155 } 166 }
156 167
157 inl = ASN1_item_i2d(asn, &buf_in, it); 168 inl = ASN1_item_i2d(asn, &buf_in, it);
158 169
159 if (buf_in == NULL) 170 if (buf_in == NULL)
(...skipping 17 matching lines...) Expand all
177 /* we don't need to zero the 'ctx' because we just checked 188 /* we don't need to zero the 'ctx' because we just checked
178 * public information */ 189 * public information */
179 /* memset(&ctx,0,sizeof(ctx)); */ 190 /* memset(&ctx,0,sizeof(ctx)); */
180 ret=1; 191 ret=1;
181 err: 192 err:
182 EVP_MD_CTX_cleanup(&ctx); 193 EVP_MD_CTX_cleanup(&ctx);
183 return(ret); 194 return(ret);
184 } 195 }
185 196
186 197
OLDNEW
« openssl.gyp ('K') | « openssl/crypto/asn1/a_utctm.c ('k') | openssl/crypto/asn1/ameth_lib.c » ('j') | patches/x509_hash_name_algorithm_change.patch » ('J')

Powered by Google App Engine
This is Rietveld 408576698