summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/rsa/rsa_sign.c
diff options
context:
space:
mode:
authorbeck <>2000-03-19 11:13:58 +0000
committerbeck <>2000-03-19 11:13:58 +0000
commit796d609550df3a33fc11468741c5d2f6d3df4c11 (patch)
tree6c6d539061caa20372dad0ac4ddb1dfae2fbe7fe /src/lib/libcrypto/rsa/rsa_sign.c
parent5be3114c1fd7e0dfea1e38d3abb4cbba75244419 (diff)
downloadopenbsd-796d609550df3a33fc11468741c5d2f6d3df4c11.tar.gz
openbsd-796d609550df3a33fc11468741c5d2f6d3df4c11.tar.bz2
openbsd-796d609550df3a33fc11468741c5d2f6d3df4c11.zip
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
Diffstat (limited to 'src/lib/libcrypto/rsa/rsa_sign.c')
-rw-r--r--src/lib/libcrypto/rsa/rsa_sign.c153
1 files changed, 93 insertions, 60 deletions
diff --git a/src/lib/libcrypto/rsa/rsa_sign.c b/src/lib/libcrypto/rsa/rsa_sign.c
index 1740494a4c..05bb7fb74a 100644
--- a/src/lib/libcrypto/rsa/rsa_sign.c
+++ b/src/lib/libcrypto/rsa/rsa_sign.c
@@ -63,59 +63,77 @@
63#include <openssl/objects.h> 63#include <openssl/objects.h>
64#include <openssl/x509.h> 64#include <openssl/x509.h>
65 65
66/* Size of an SSL signature: MD5+SHA1 */
67#define SSL_SIG_LENGTH 36
68
66int RSA_sign(int type, unsigned char *m, unsigned int m_len, 69int RSA_sign(int type, unsigned char *m, unsigned int m_len,
67 unsigned char *sigret, unsigned int *siglen, RSA *rsa) 70 unsigned char *sigret, unsigned int *siglen, RSA *rsa)
68 { 71 {
69 X509_SIG sig; 72 X509_SIG sig;
70 ASN1_TYPE parameter; 73 ASN1_TYPE parameter;
71 int i,j,ret=1; 74 int i,j,ret=1;
72 unsigned char *p,*s; 75 unsigned char *p,*s = NULL;
73 X509_ALGOR algor; 76 X509_ALGOR algor;
74 ASN1_OCTET_STRING digest; 77 ASN1_OCTET_STRING digest;
75 78 if(rsa->flags & RSA_FLAG_SIGN_VER)
76 sig.algor= &algor; 79 return rsa->meth->rsa_sign(type, m, m_len, sigret, siglen, rsa);
77 sig.algor->algorithm=OBJ_nid2obj(type); 80 /* Special case: SSL signature, just check the length */
78 if (sig.algor->algorithm == NULL) 81 if(type == NID_md5_sha1) {
79 { 82 if(m_len != SSL_SIG_LENGTH) {
80 RSAerr(RSA_F_RSA_SIGN,RSA_R_UNKNOWN_ALGORITHM_TYPE); 83 RSAerr(RSA_F_RSA_SIGN,RSA_R_INVALID_MESSAGE_LENGTH);
81 return(0); 84 return(0);
82 }
83 if (sig.algor->algorithm->length == 0)
84 {
85 RSAerr(RSA_F_RSA_SIGN,RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD);
86 return(0);
87 } 85 }
88 parameter.type=V_ASN1_NULL; 86 i = SSL_SIG_LENGTH;
89 parameter.value.ptr=NULL; 87 s = m;
90 sig.algor->parameter= &parameter; 88 } else {
89 sig.algor= &algor;
90 sig.algor->algorithm=OBJ_nid2obj(type);
91 if (sig.algor->algorithm == NULL)
92 {
93 RSAerr(RSA_F_RSA_SIGN,RSA_R_UNKNOWN_ALGORITHM_TYPE);
94 return(0);
95 }
96 if (sig.algor->algorithm->length == 0)
97 {
98 RSAerr(RSA_F_RSA_SIGN,RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD);
99 return(0);
100 }
101 parameter.type=V_ASN1_NULL;
102 parameter.value.ptr=NULL;
103 sig.algor->parameter= &parameter;
91 104
92 sig.digest= &digest; 105 sig.digest= &digest;
93 sig.digest->data=m; 106 sig.digest->data=m;
94 sig.digest->length=m_len; 107 sig.digest->length=m_len;
95 108
96 i=i2d_X509_SIG(&sig,NULL); 109 i=i2d_X509_SIG(&sig,NULL);
110 }
97 j=RSA_size(rsa); 111 j=RSA_size(rsa);
98 if ((i-RSA_PKCS1_PADDING) > j) 112 if ((i-RSA_PKCS1_PADDING) > j)
99 { 113 {
100 RSAerr(RSA_F_RSA_SIGN,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY); 114 RSAerr(RSA_F_RSA_SIGN,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY);
101 return(0); 115 return(0);
102 } 116 }
103 s=(unsigned char *)Malloc((unsigned int)j+1); 117 if(type != NID_md5_sha1) {
104 if (s == NULL) 118 s=(unsigned char *)Malloc((unsigned int)j+1);
105 { 119 if (s == NULL)
106 RSAerr(RSA_F_RSA_SIGN,ERR_R_MALLOC_FAILURE); 120 {
107 return(0); 121 RSAerr(RSA_F_RSA_SIGN,ERR_R_MALLOC_FAILURE);
108 } 122 return(0);
109 p=s; 123 }
110 i2d_X509_SIG(&sig,&p); 124 p=s;
125 i2d_X509_SIG(&sig,&p);
126 }
111 i=RSA_private_encrypt(i,s,sigret,rsa,RSA_PKCS1_PADDING); 127 i=RSA_private_encrypt(i,s,sigret,rsa,RSA_PKCS1_PADDING);
112 if (i <= 0) 128 if (i <= 0)
113 ret=0; 129 ret=0;
114 else 130 else
115 *siglen=i; 131 *siglen=i;
116 132
117 memset(s,0,(unsigned int)j+1); 133 if(type != NID_md5_sha1) {
118 Free(s); 134 memset(s,0,(unsigned int)j+1);
135 Free(s);
136 }
119 return(ret); 137 return(ret);
120 } 138 }
121 139
@@ -132,53 +150,68 @@ int RSA_verify(int dtype, unsigned char *m, unsigned int m_len,
132 return(0); 150 return(0);
133 } 151 }
134 152
153 if(rsa->flags & RSA_FLAG_SIGN_VER)
154 return rsa->meth->rsa_verify(dtype, m, m_len, sigbuf, siglen, rsa);
155
135 s=(unsigned char *)Malloc((unsigned int)siglen); 156 s=(unsigned char *)Malloc((unsigned int)siglen);
136 if (s == NULL) 157 if (s == NULL)
137 { 158 {
138 RSAerr(RSA_F_RSA_VERIFY,ERR_R_MALLOC_FAILURE); 159 RSAerr(RSA_F_RSA_VERIFY,ERR_R_MALLOC_FAILURE);
139 goto err; 160 goto err;
140 } 161 }
162 if((dtype == NID_md5_sha1) && (m_len != SSL_SIG_LENGTH) ) {
163 RSAerr(RSA_F_RSA_VERIFY,RSA_R_INVALID_MESSAGE_LENGTH);
164 return(0);
165 }
141 i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING); 166 i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING);
142 167
143 if (i <= 0) goto err; 168 if (i <= 0) goto err;
144 169
145 p=s; 170 /* Special case: SSL signature */
146 sig=d2i_X509_SIG(NULL,&p,(long)i); 171 if(dtype == NID_md5_sha1) {
172 if((i != SSL_SIG_LENGTH) || memcmp(s, m, SSL_SIG_LENGTH))
173 RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
174 else ret = 1;
175 } else {
176 p=s;
177 sig=d2i_X509_SIG(NULL,&p,(long)i);
147 178
148 if (sig == NULL) goto err; 179 if (sig == NULL) goto err;
149 sigtype=OBJ_obj2nid(sig->algor->algorithm); 180 sigtype=OBJ_obj2nid(sig->algor->algorithm);
150 181
151 182
152#ifdef RSA_DEBUG 183 #ifdef RSA_DEBUG
153 /* put a backward compatability flag in EAY */ 184 /* put a backward compatibility flag in EAY */
154 fprintf(stderr,"in(%s) expect(%s)\n",OBJ_nid2ln(sigtype), 185 fprintf(stderr,"in(%s) expect(%s)\n",OBJ_nid2ln(sigtype),
155 OBJ_nid2ln(dtype)); 186 OBJ_nid2ln(dtype));
156#endif 187 #endif
157 if (sigtype != dtype) 188 if (sigtype != dtype)
158 {
159 if (((dtype == NID_md5) &&
160 (sigtype == NID_md5WithRSAEncryption)) ||
161 ((dtype == NID_md2) &&
162 (sigtype == NID_md2WithRSAEncryption)))
163 { 189 {
164 /* ok, we will let it through */ 190 if (((dtype == NID_md5) &&
165#if !defined(NO_STDIO) && !defined(WIN16) 191 (sigtype == NID_md5WithRSAEncryption)) ||
166 fprintf(stderr,"signature has problems, re-make with post SSLeay045\n"); 192 ((dtype == NID_md2) &&
167#endif 193 (sigtype == NID_md2WithRSAEncryption)))
194 {
195 /* ok, we will let it through */
196 #if !defined(NO_STDIO) && !defined(WIN16)
197 fprintf(stderr,"signature has problems, re-make with post SSLeay045\n");
198 #endif
199 }
200 else
201 {
202 RSAerr(RSA_F_RSA_VERIFY,
203 RSA_R_ALGORITHM_MISMATCH);
204 goto err;
205 }
168 } 206 }
169 else 207 if ( ((unsigned int)sig->digest->length != m_len) ||
208 (memcmp(m,sig->digest->data,m_len) != 0))
170 { 209 {
171 RSAerr(RSA_F_RSA_VERIFY,RSA_R_ALGORITHM_MISMATCH); 210 RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
172 goto err;
173 } 211 }
174 } 212 else
175 if ( ((unsigned int)sig->digest->length != m_len) || 213 ret=1;
176 (memcmp(m,sig->digest->data,m_len) != 0)) 214 }
177 {
178 RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
179 }
180 else
181 ret=1;
182err: 215err:
183 if (sig != NULL) X509_SIG_free(sig); 216 if (sig != NULL) X509_SIG_free(sig);
184 memset(s,0,(unsigned int)siglen); 217 memset(s,0,(unsigned int)siglen);