Add single call public key sign and verify functions.
This commit is contained in:
Dr. Stephen Henson
@@ -442,4 +442,33 @@ err:
|
||||
return(ret);
|
||||
}
|
||||
|
||||
int FIPS_rsa_sign(RSA *rsa, const unsigned char *msg, int msglen,
|
||||
const EVP_MD *mhash, int rsa_pad_mode, int saltlen,
|
||||
const EVP_MD *mgf1Hash,
|
||||
unsigned char *sigret, unsigned int *siglen)
|
||||
{
|
||||
unsigned int md_len, rv;
|
||||
unsigned char md[EVP_MAX_MD_SIZE];
|
||||
FIPS_digest(msg, msglen, md, &md_len, mhash);
|
||||
rv = FIPS_rsa_sign_digest(rsa, md, md_len, mhash, rsa_pad_mode,
|
||||
saltlen, mgf1Hash, sigret, siglen);
|
||||
OPENSSL_cleanse(md, md_len);
|
||||
return rv;
|
||||
}
|
||||
|
||||
|
||||
int FIPS_rsa_verify(RSA *rsa, const unsigned char *msg, int msglen,
|
||||
const EVP_MD *mhash, int rsa_pad_mode, int saltlen,
|
||||
const EVP_MD *mgf1Hash,
|
||||
const unsigned char *sigbuf, unsigned int siglen)
|
||||
{
|
||||
unsigned int md_len, rv;
|
||||
unsigned char md[EVP_MAX_MD_SIZE];
|
||||
FIPS_digest(msg, msglen, md, &md_len, mhash);
|
||||
rv = FIPS_rsa_verify_digest(rsa, md, md_len, mhash, rsa_pad_mode,
|
||||
saltlen, mgf1Hash, sigbuf, siglen);
|
||||
OPENSSL_cleanse(md, md_len);
|
||||
return rv;
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
@@ -325,15 +325,12 @@ static int rsa_printsig(FILE *out, RSA *rsa, const EVP_MD *dgst,
|
||||
unsigned char *sigbuf = NULL;
|
||||
int i, siglen, pad_mode;
|
||||
/* EVP_PKEY structure */
|
||||
EVP_MD_CTX ctx;
|
||||
|
||||
siglen = RSA_size(rsa);
|
||||
sigbuf = OPENSSL_malloc(siglen);
|
||||
if (!sigbuf)
|
||||
goto error;
|
||||
|
||||
FIPS_md_ctx_init(&ctx);
|
||||
|
||||
if (Saltlen >= 0)
|
||||
pad_mode = RSA_PKCS1_PSS_PADDING;
|
||||
else if (Saltlen == -2)
|
||||
@@ -341,16 +338,10 @@ static int rsa_printsig(FILE *out, RSA *rsa, const EVP_MD *dgst,
|
||||
else
|
||||
pad_mode = RSA_PKCS1_PADDING;
|
||||
|
||||
if (!FIPS_digestinit(&ctx, dgst))
|
||||
goto error;
|
||||
if (!FIPS_digestupdate(&ctx, Msg, Msglen))
|
||||
goto error;
|
||||
if (!FIPS_rsa_sign_ctx(rsa, &ctx, pad_mode, Saltlen, NULL,
|
||||
if (!FIPS_rsa_sign(rsa, Msg, Msglen, dgst, pad_mode, Saltlen, NULL,
|
||||
sigbuf, (unsigned int *)&siglen))
|
||||
goto error;
|
||||
|
||||
FIPS_md_ctx_cleanup(&ctx);
|
||||
|
||||
fputs("S = ", out);
|
||||
|
||||
for (i = 0; i < siglen; i++)
|
||||
|
||||
@@ -323,7 +323,6 @@ static int rsa_printver(FILE *out,
|
||||
int ret = 0, r, pad_mode;
|
||||
/* Setup RSA and EVP_PKEY structures */
|
||||
RSA *rsa_pubkey = NULL;
|
||||
EVP_MD_CTX ctx;
|
||||
unsigned char *buf = NULL;
|
||||
rsa_pubkey = FIPS_rsa_new();
|
||||
if (!rsa_pubkey)
|
||||
@@ -333,8 +332,6 @@ static int rsa_printver(FILE *out,
|
||||
if (!rsa_pubkey->n || !rsa_pubkey->e)
|
||||
goto error;
|
||||
|
||||
FIPS_md_ctx_init(&ctx);
|
||||
|
||||
if (Saltlen >= 0)
|
||||
pad_mode = RSA_PKCS1_PSS_PADDING;
|
||||
else if (Saltlen == -2)
|
||||
@@ -342,19 +339,11 @@ static int rsa_printver(FILE *out,
|
||||
else
|
||||
pad_mode = RSA_PKCS1_PADDING;
|
||||
|
||||
if (!FIPS_digestinit(&ctx, dgst))
|
||||
goto error;
|
||||
if (!FIPS_digestupdate(&ctx, Msg, Msglen))
|
||||
goto error;
|
||||
|
||||
no_err = 1;
|
||||
r = FIPS_rsa_verify_ctx(rsa_pubkey, &ctx,
|
||||
r = FIPS_rsa_verify(rsa_pubkey, Msg, Msglen, dgst,
|
||||
pad_mode, Saltlen, NULL, S, Slen);
|
||||
no_err = 0;
|
||||
|
||||
|
||||
FIPS_md_ctx_cleanup(&ctx);
|
||||
|
||||
if (r < 0)
|
||||
goto error;
|
||||
|
||||
|
||||
Reference in New Issue
Block a user