mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
gecko-dev/security/nss/lib/cryptohi/secvfy.c

390 строки
9.5 KiB
C
Исходник Ответственный История

/*
* Verification stuff.
*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1994-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*
* $Id: secvfy.c,v 1.1 2000/03/31 19:46:10 relyea%netscape.com Exp $
*/
#include <stdio.h>
#include "cryptohi.h"
#include "sechash.h"
#include "keyhi.h"
#include "secasn1.h"
#include "secoid.h"
#include "pk11func.h"
#include "secdig.h"
#include "secerr.h"
/*
** Decrypt signature block using public key (in place)
** XXX this is assuming that the signature algorithm has WITH_RSA_ENCRYPTION
*/
static SECStatus
DecryptSigBlock(int *tagp, unsigned char *digest, SECKEYPublicKey *key,
SECItem *sig, char *wincx)
{
SGNDigestInfo *di = NULL;
unsigned char *dsig = NULL;
unsigned char *buf = NULL;
SECStatus rv;
SECOidTag tag;
SECItem it;
if (key == NULL) goto loser;
it.len = SECKEY_PublicKeyStrength(key);
if (!it.len) goto loser;
it.data = buf = (unsigned char *)PORT_Alloc(it.len);
if (!buf) goto loser;
/* Decrypt signature block */
dsig = (unsigned char*) PORT_Alloc(sig->len);
if (dsig == NULL) goto loser;
/* decrypt the block */
rv = PK11_VerifyRecover(key, sig, &it, wincx);
if (rv != SECSuccess) goto loser;
di = SGN_DecodeDigestInfo(&it);
if (di == NULL) goto sigloser;
/*
** Finally we have the digest info; now we can extract the algorithm
** ID and the signature block
*/
tag = SECOID_GetAlgorithmTag(&di->digestAlgorithm);
/* XXX Check that tag is an appropriate algorithm? */
if (di->digest.len > 32) {
PORT_SetError(SEC_ERROR_OUTPUT_LEN);
goto loser;
}
PORT_Memcpy(digest, di->digest.data, di->digest.len);
*tagp = tag;
goto done;
sigloser:
PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
loser:
rv = SECFailure;
done:
if (di != NULL) SGN_DestroyDigestInfo(di);
if (dsig != NULL) PORT_Free(dsig);
if (buf != NULL) PORT_Free(buf);
return rv;
}
typedef enum { VFY_RSA, VFY_DSA} VerifyType;
struct VFYContextStr {
int alg;
VerifyType type;
SECKEYPublicKey *key;
/* digest holds the full dsa signature... 40 bytes */
unsigned char digest[DSA_SIGNATURE_LEN];
void * wincx;
void *hashcx;
SECHashObject *hashobj;
};
VFYContext *
VFY_CreateContext(SECKEYPublicKey *key, SECItem *sig, SECOidTag algid,
void *wincx)
{
VFYContext *cx;
SECStatus rv;
SECItem *dsasig = NULL;
cx = (VFYContext*) PORT_ZAlloc(sizeof(VFYContext));
if (cx) {
cx->wincx = cx;
switch (key->keyType) {
case rsaKey:
cx->type = VFY_RSA;
cx->key = NULL; /* extra safety precautions */
rv = DecryptSigBlock(&cx->alg, &cx->digest[0], key, sig, (char*)wincx);
break;
case fortezzaKey:
case dsaKey:
cx->type = VFY_DSA;
cx->alg = SEC_OID_SHA1;
cx->key = SECKEY_CopyPublicKey(key);
/* if this is a DER encoded signature, decode it first */
if ((algid == SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST) ||
(algid == SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST) ||
(algid == SEC_OID_ANSIX9_DSA_SIGNATURE)) {
dsasig = DSAU_DecodeDerSig(sig);
if ((dsasig == NULL) || (dsasig->len != DSA_SIGNATURE_LEN)) {
goto loser;
}
PORT_Memcpy(&cx->digest[0], dsasig->data, dsasig->len);
} else {
if (sig->len != DSA_SIGNATURE_LEN) {
goto loser;
}
PORT_Memcpy(&cx->digest[0], sig->data, sig->len);
}
rv = SECSuccess;
break;
default:
rv = SECFailure;
break;
}
if (rv) goto loser;
switch (cx->alg) {
case SEC_OID_MD2:
case SEC_OID_MD5:
case SEC_OID_SHA1:
break;
default:
PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
goto loser;
}
}
return cx;
loser:
if (dsasig != NULL)
SECITEM_FreeItem(dsasig, PR_TRUE);
VFY_DestroyContext(cx, PR_TRUE);
return 0;
}
void
VFY_DestroyContext(VFYContext *cx, PRBool freeit)
{
if (cx) {
if (cx->hashcx != NULL) {
(*cx->hashobj->destroy)(cx->hashcx, PR_TRUE);
cx->hashcx = NULL;
}
if (cx->key) {
SECKEY_DestroyPublicKey(cx->key);
}
if (freeit) {
PORT_ZFree(cx, sizeof(VFYContext));
}
}
}
SECStatus
VFY_Begin(VFYContext *cx)
{
if (cx->hashcx != NULL) {
(*cx->hashobj->destroy)(cx->hashcx, PR_TRUE);
cx->hashcx = NULL;
}
switch (cx->alg) {
case SEC_OID_MD2:
cx->hashobj = &SECHashObjects[HASH_AlgMD2];
break;
case SEC_OID_MD5:
cx->hashobj = &SECHashObjects[HASH_AlgMD5];
break;
case SEC_OID_SHA1:
cx->hashobj = &SECHashObjects[HASH_AlgSHA1];
break;
default:
PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
return SECFailure;
}
cx->hashcx = (*cx->hashobj->create)();
if (cx->hashcx == NULL)
return SECFailure;
(*cx->hashobj->begin)(cx->hashcx);
return SECSuccess;
}
SECStatus
VFY_Update(VFYContext *cx, unsigned char *input, unsigned inputLen)
{
if (cx->hashcx == NULL) {
PORT_SetError(SEC_ERROR_INVALID_ARGS);
return SECFailure;
}
(*cx->hashobj->update)(cx->hashcx, input, inputLen);
return SECSuccess;
}
SECStatus
VFY_End(VFYContext *cx)
{
unsigned char final[32];
unsigned part;
SECItem hash,sig;
if (cx->hashcx == NULL) {
PORT_SetError(SEC_ERROR_INVALID_ARGS);
return SECFailure;
}
(*cx->hashobj->end)(cx->hashcx, final, &part, sizeof(final));
switch (cx->type) {
case VFY_DSA:
sig.data = cx->digest;
sig.len = DSA_SIGNATURE_LEN; /* magic size of dsa signature */
hash.data = final;
hash.len = part;
if (PK11_Verify(cx->key,&sig,&hash,cx->wincx) != SECSuccess) {
PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
return SECFailure;
}
break;
case VFY_RSA:
if (PORT_Memcmp(final, cx->digest, part)) {
PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
return SECFailure;
}
break;
default:
PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
return SECFailure; /* shouldn't happen */
}
return SECSuccess;
}
/************************************************************************/
/*
* Verify that a previously-computed digest matches a signature.
* XXX This should take a parameter that specifies the digest algorithm,
* and we should compare that the algorithm found in the DigestInfo
* matches it!
*/
SECStatus
VFY_VerifyDigest(SECItem *digest, SECKEYPublicKey *key, SECItem *sig,
SECOidTag algid, void *wincx)
{
SECStatus rv;
VFYContext *cx;
rv = SECFailure;
cx = VFY_CreateContext(key, sig, algid, wincx);
if (cx != NULL) {
switch (key->keyType) {
case rsaKey:
if (PORT_Memcmp(digest->data, cx->digest, digest->len)) {
PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
} else {
rv = SECSuccess;
}
break;
case fortezzaKey:
case dsaKey:
if (PK11_Verify(cx->key,sig,digest,wincx) != SECSuccess) {
PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
} else {
rv = SECSuccess;
}
break;
default:
break;
}
VFY_DestroyContext(cx, PR_TRUE);
}
return rv;
}
SECStatus
VFY_VerifyData(unsigned char *buf, int len, SECKEYPublicKey *key,
SECItem *sig, SECOidTag algid, void *wincx)
{
SECStatus rv;
VFYContext *cx;
cx = VFY_CreateContext(key, sig, algid, wincx);
if (cx == NULL)
return SECFailure;
rv = VFY_Begin(cx);
if (rv == SECSuccess) {
rv = VFY_Update(cx, buf, len);
if (rv == SECSuccess)
rv = VFY_End(cx);
}
VFY_DestroyContext(cx, PR_TRUE);
return rv;
}
SECStatus
SEC_VerifyFile(FILE *input, SECKEYPublicKey *key, SECItem *sig,
SECOidTag algid, void *wincx)
{
unsigned char buf[1024];
SECStatus rv;
int nb;
VFYContext *cx;
cx = VFY_CreateContext(key, sig, algid, wincx);
if (cx == NULL)
rv = SECFailure;
rv = VFY_Begin(cx);
if (rv == SECSuccess) {
/*
* Now feed the contents of the input file into the digest algorithm,
* one chunk at a time, until we have exhausted the input.
*/
for (;;) {
if (feof(input))
break;
nb = fread(buf, 1, sizeof(buf), input);
if (nb == 0) {
if (ferror(input)) {
PORT_SetError(SEC_ERROR_IO);
VFY_DestroyContext(cx, PR_TRUE);
return SECFailure;
}
break;
}
rv = VFY_Update(cx, buf, nb);
if (rv != SECSuccess)
goto loser;
}
}
/* Verify the digest */
rv = VFY_End(cx);
/* FALL THROUGH */
loser:
VFY_DestroyContext(cx, PR_TRUE);
return rv;
}
Ссылка в новой задаче Показать git blame Копировать постоянную ссылку