diff options
author | beck <> | 2000-03-19 11:13:58 +0000 |
---|---|---|
committer | beck <> | 2000-03-19 11:13:58 +0000 |
commit | 796d609550df3a33fc11468741c5d2f6d3df4c11 (patch) | |
tree | 6c6d539061caa20372dad0ac4ddb1dfae2fbe7fe /src/lib/libcrypto/rsa/rsa_sign.c | |
parent | 5be3114c1fd7e0dfea1e38d3abb4cbba75244419 (diff) | |
download | openbsd-796d609550df3a33fc11468741c5d2f6d3df4c11.tar.gz openbsd-796d609550df3a33fc11468741c5d2f6d3df4c11.tar.bz2 openbsd-796d609550df3a33fc11468741c5d2f6d3df4c11.zip |
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2
if you are using the ssl26 packages for ssh and other things to work you will
need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
Diffstat (limited to 'src/lib/libcrypto/rsa/rsa_sign.c')
-rw-r--r-- | src/lib/libcrypto/rsa/rsa_sign.c | 153 |
1 files changed, 93 insertions, 60 deletions
diff --git a/src/lib/libcrypto/rsa/rsa_sign.c b/src/lib/libcrypto/rsa/rsa_sign.c index 1740494a4c..05bb7fb74a 100644 --- a/src/lib/libcrypto/rsa/rsa_sign.c +++ b/src/lib/libcrypto/rsa/rsa_sign.c | |||
@@ -63,59 +63,77 @@ | |||
63 | #include <openssl/objects.h> | 63 | #include <openssl/objects.h> |
64 | #include <openssl/x509.h> | 64 | #include <openssl/x509.h> |
65 | 65 | ||
66 | /* Size of an SSL signature: MD5+SHA1 */ | ||
67 | #define SSL_SIG_LENGTH 36 | ||
68 | |||
66 | int RSA_sign(int type, unsigned char *m, unsigned int m_len, | 69 | int RSA_sign(int type, unsigned char *m, unsigned int m_len, |
67 | unsigned char *sigret, unsigned int *siglen, RSA *rsa) | 70 | unsigned char *sigret, unsigned int *siglen, RSA *rsa) |
68 | { | 71 | { |
69 | X509_SIG sig; | 72 | X509_SIG sig; |
70 | ASN1_TYPE parameter; | 73 | ASN1_TYPE parameter; |
71 | int i,j,ret=1; | 74 | int i,j,ret=1; |
72 | unsigned char *p,*s; | 75 | unsigned char *p,*s = NULL; |
73 | X509_ALGOR algor; | 76 | X509_ALGOR algor; |
74 | ASN1_OCTET_STRING digest; | 77 | ASN1_OCTET_STRING digest; |
75 | 78 | if(rsa->flags & RSA_FLAG_SIGN_VER) | |
76 | sig.algor= &algor; | 79 | return rsa->meth->rsa_sign(type, m, m_len, sigret, siglen, rsa); |
77 | sig.algor->algorithm=OBJ_nid2obj(type); | 80 | /* Special case: SSL signature, just check the length */ |
78 | if (sig.algor->algorithm == NULL) | 81 | if(type == NID_md5_sha1) { |
79 | { | 82 | if(m_len != SSL_SIG_LENGTH) { |
80 | RSAerr(RSA_F_RSA_SIGN,RSA_R_UNKNOWN_ALGORITHM_TYPE); | 83 | RSAerr(RSA_F_RSA_SIGN,RSA_R_INVALID_MESSAGE_LENGTH); |
81 | return(0); | 84 | return(0); |
82 | } | ||
83 | if (sig.algor->algorithm->length == 0) | ||
84 | { | ||
85 | RSAerr(RSA_F_RSA_SIGN,RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD); | ||
86 | return(0); | ||
87 | } | 85 | } |
88 | parameter.type=V_ASN1_NULL; | 86 | i = SSL_SIG_LENGTH; |
89 | parameter.value.ptr=NULL; | 87 | s = m; |
90 | sig.algor->parameter= ¶meter; | 88 | } else { |
89 | sig.algor= &algor; | ||
90 | sig.algor->algorithm=OBJ_nid2obj(type); | ||
91 | if (sig.algor->algorithm == NULL) | ||
92 | { | ||
93 | RSAerr(RSA_F_RSA_SIGN,RSA_R_UNKNOWN_ALGORITHM_TYPE); | ||
94 | return(0); | ||
95 | } | ||
96 | if (sig.algor->algorithm->length == 0) | ||
97 | { | ||
98 | RSAerr(RSA_F_RSA_SIGN,RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD); | ||
99 | return(0); | ||
100 | } | ||
101 | parameter.type=V_ASN1_NULL; | ||
102 | parameter.value.ptr=NULL; | ||
103 | sig.algor->parameter= ¶meter; | ||
91 | 104 | ||
92 | sig.digest= &digest; | 105 | sig.digest= &digest; |
93 | sig.digest->data=m; | 106 | sig.digest->data=m; |
94 | sig.digest->length=m_len; | 107 | sig.digest->length=m_len; |
95 | 108 | ||
96 | i=i2d_X509_SIG(&sig,NULL); | 109 | i=i2d_X509_SIG(&sig,NULL); |
110 | } | ||
97 | j=RSA_size(rsa); | 111 | j=RSA_size(rsa); |
98 | if ((i-RSA_PKCS1_PADDING) > j) | 112 | if ((i-RSA_PKCS1_PADDING) > j) |
99 | { | 113 | { |
100 | RSAerr(RSA_F_RSA_SIGN,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY); | 114 | RSAerr(RSA_F_RSA_SIGN,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY); |
101 | return(0); | 115 | return(0); |
102 | } | 116 | } |
103 | s=(unsigned char *)Malloc((unsigned int)j+1); | 117 | if(type != NID_md5_sha1) { |
104 | if (s == NULL) | 118 | s=(unsigned char *)Malloc((unsigned int)j+1); |
105 | { | 119 | if (s == NULL) |
106 | RSAerr(RSA_F_RSA_SIGN,ERR_R_MALLOC_FAILURE); | 120 | { |
107 | return(0); | 121 | RSAerr(RSA_F_RSA_SIGN,ERR_R_MALLOC_FAILURE); |
108 | } | 122 | return(0); |
109 | p=s; | 123 | } |
110 | i2d_X509_SIG(&sig,&p); | 124 | p=s; |
125 | i2d_X509_SIG(&sig,&p); | ||
126 | } | ||
111 | i=RSA_private_encrypt(i,s,sigret,rsa,RSA_PKCS1_PADDING); | 127 | i=RSA_private_encrypt(i,s,sigret,rsa,RSA_PKCS1_PADDING); |
112 | if (i <= 0) | 128 | if (i <= 0) |
113 | ret=0; | 129 | ret=0; |
114 | else | 130 | else |
115 | *siglen=i; | 131 | *siglen=i; |
116 | 132 | ||
117 | memset(s,0,(unsigned int)j+1); | 133 | if(type != NID_md5_sha1) { |
118 | Free(s); | 134 | memset(s,0,(unsigned int)j+1); |
135 | Free(s); | ||
136 | } | ||
119 | return(ret); | 137 | return(ret); |
120 | } | 138 | } |
121 | 139 | ||
@@ -132,53 +150,68 @@ int RSA_verify(int dtype, unsigned char *m, unsigned int m_len, | |||
132 | return(0); | 150 | return(0); |
133 | } | 151 | } |
134 | 152 | ||
153 | if(rsa->flags & RSA_FLAG_SIGN_VER) | ||
154 | return rsa->meth->rsa_verify(dtype, m, m_len, sigbuf, siglen, rsa); | ||
155 | |||
135 | s=(unsigned char *)Malloc((unsigned int)siglen); | 156 | s=(unsigned char *)Malloc((unsigned int)siglen); |
136 | if (s == NULL) | 157 | if (s == NULL) |
137 | { | 158 | { |
138 | RSAerr(RSA_F_RSA_VERIFY,ERR_R_MALLOC_FAILURE); | 159 | RSAerr(RSA_F_RSA_VERIFY,ERR_R_MALLOC_FAILURE); |
139 | goto err; | 160 | goto err; |
140 | } | 161 | } |
162 | if((dtype == NID_md5_sha1) && (m_len != SSL_SIG_LENGTH) ) { | ||
163 | RSAerr(RSA_F_RSA_VERIFY,RSA_R_INVALID_MESSAGE_LENGTH); | ||
164 | return(0); | ||
165 | } | ||
141 | i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING); | 166 | i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING); |
142 | 167 | ||
143 | if (i <= 0) goto err; | 168 | if (i <= 0) goto err; |
144 | 169 | ||
145 | p=s; | 170 | /* Special case: SSL signature */ |
146 | sig=d2i_X509_SIG(NULL,&p,(long)i); | 171 | if(dtype == NID_md5_sha1) { |
172 | if((i != SSL_SIG_LENGTH) || memcmp(s, m, SSL_SIG_LENGTH)) | ||
173 | RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE); | ||
174 | else ret = 1; | ||
175 | } else { | ||
176 | p=s; | ||
177 | sig=d2i_X509_SIG(NULL,&p,(long)i); | ||
147 | 178 | ||
148 | if (sig == NULL) goto err; | 179 | if (sig == NULL) goto err; |
149 | sigtype=OBJ_obj2nid(sig->algor->algorithm); | 180 | sigtype=OBJ_obj2nid(sig->algor->algorithm); |
150 | 181 | ||
151 | 182 | ||
152 | #ifdef RSA_DEBUG | 183 | #ifdef RSA_DEBUG |
153 | /* put a backward compatability flag in EAY */ | 184 | /* put a backward compatibility flag in EAY */ |
154 | fprintf(stderr,"in(%s) expect(%s)\n",OBJ_nid2ln(sigtype), | 185 | fprintf(stderr,"in(%s) expect(%s)\n",OBJ_nid2ln(sigtype), |
155 | OBJ_nid2ln(dtype)); | 186 | OBJ_nid2ln(dtype)); |
156 | #endif | 187 | #endif |
157 | if (sigtype != dtype) | 188 | if (sigtype != dtype) |
158 | { | ||
159 | if (((dtype == NID_md5) && | ||
160 | (sigtype == NID_md5WithRSAEncryption)) || | ||
161 | ((dtype == NID_md2) && | ||
162 | (sigtype == NID_md2WithRSAEncryption))) | ||
163 | { | 189 | { |
164 | /* ok, we will let it through */ | 190 | if (((dtype == NID_md5) && |
165 | #if !defined(NO_STDIO) && !defined(WIN16) | 191 | (sigtype == NID_md5WithRSAEncryption)) || |
166 | fprintf(stderr,"signature has problems, re-make with post SSLeay045\n"); | 192 | ((dtype == NID_md2) && |
167 | #endif | 193 | (sigtype == NID_md2WithRSAEncryption))) |
194 | { | ||
195 | /* ok, we will let it through */ | ||
196 | #if !defined(NO_STDIO) && !defined(WIN16) | ||
197 | fprintf(stderr,"signature has problems, re-make with post SSLeay045\n"); | ||
198 | #endif | ||
199 | } | ||
200 | else | ||
201 | { | ||
202 | RSAerr(RSA_F_RSA_VERIFY, | ||
203 | RSA_R_ALGORITHM_MISMATCH); | ||
204 | goto err; | ||
205 | } | ||
168 | } | 206 | } |
169 | else | 207 | if ( ((unsigned int)sig->digest->length != m_len) || |
208 | (memcmp(m,sig->digest->data,m_len) != 0)) | ||
170 | { | 209 | { |
171 | RSAerr(RSA_F_RSA_VERIFY,RSA_R_ALGORITHM_MISMATCH); | 210 | RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE); |
172 | goto err; | ||
173 | } | 211 | } |
174 | } | 212 | else |
175 | if ( ((unsigned int)sig->digest->length != m_len) || | 213 | ret=1; |
176 | (memcmp(m,sig->digest->data,m_len) != 0)) | 214 | } |
177 | { | ||
178 | RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE); | ||
179 | } | ||
180 | else | ||
181 | ret=1; | ||
182 | err: | 215 | err: |
183 | if (sig != NULL) X509_SIG_free(sig); | 216 | if (sig != NULL) X509_SIG_free(sig); |
184 | memset(s,0,(unsigned int)siglen); | 217 | memset(s,0,(unsigned int)siglen); |