jint Java_org_keysupport_provider_ECDSASignature_jniVerifyFinal(JNIEnv *env,
jobject obj, jbyteArray jmsg, jint jmdid, jbyteArray jsig) {
// LOGD("entering ECDSASignature_jniVerifyFinal");
EC_Ctx *ec;
EVP_MD_CTX *ctx = 0;
const EVP_MD *md;
jsize msgLen = 0;
jsize sigLen = 0;
const unsigned char *sig_ptr = NULL;
if (!(ec = get_ptr(env, obj))) {
LOGE("Failed to obtain key pointer");
return 0;
}
if (!(ctx = (EVP_MD_CTX *) malloc(sizeof(EVP_MD_CTX)))) {
throw_exception(env, "java/lang/RuntimeException",
"allocating EVP_MD_CTX");
destroy_ec_ctx(ec);
FIPS_md_ctx_destroy(ctx);
return 0;
}
md = FIPS_get_digestbynid(jmdid);
ctx = EVP_MD_CTX_create();
msgLen = (*env)->GetArrayLength(env, jmsg);
sigLen = (*env)->GetArrayLength(env, jsig);
jbyte msg[msgLen];
jbyte sig[sigLen];
(*env)->GetByteArrayRegion(env, jmsg, 0, msgLen, msg);
(*env)->GetByteArrayRegion(env, jsig, 0, sigLen, sig);
sig_ptr = sig;
ECDSA_SIG *esig = d2i_ECDSA_SIG(NULL, &sig_ptr, sigLen);
FIPS_digestinit(ctx, md);
int ok = FIPS_ecdsa_verify(ec->ec, msg, msgLen, md, esig);
/*
* This is handled a bit differently than the way OpenSSL
* handles RSA Signatures, so our error handling below is a bit different.
*
* returns
* 1: correct signature
* 0: incorrect signature
* -1: error
*/
// LOGD("FIPS_ecdsa_verify Returned: %d\n", ok);
FIPS_md_ctx_destroy(ctx);
FIPS_ecdsa_sig_free(esig);
if (ok == 0) {
throw_exception(env, "java/security/SignatureException",
"Bad Signature");
return 0;
} else if (ok == -1) {
/*
* TODO: Print any pending errors
* ERR_print_errors_fp(ANDROID_LOG_ERROR);
*/
ERR_load_crypto_strings();
LOGE("%s", ERR_error_string(ERR_peek_error(), NULL));
throw_exception(env, "java/security/SignatureException",
"jniVerifyFinal fail");
ERR_free_strings();
return 0;
}
// LOGD("leaving ECDSASignature_jniVerifyFinal");
return ok;
}
static int SigVer(FILE *in, FILE *out)
{
char buf[2048], lbuf[2048];
char *keyword, *value;
unsigned char *msg = NULL;
int curve_nid = NID_undef;
long mlen;
BIGNUM *Qx = NULL, *Qy = NULL;
EC_KEY *key = NULL;
ECDSA_SIG sg, *sig = &sg;
const EVP_MD *digest = NULL;
sig->r = NULL;
sig->s = NULL;
while (fgets(buf, sizeof buf, in) != NULL) {
fputs(buf, out);
if (*buf == '[') {
curve_nid = elookup_curve(buf, lbuf, &digest);
if (curve_nid == NID_undef)
return 0;
}
if (!parse_line(&keyword, &value, lbuf, buf))
continue;
if (!strcmp(keyword, "Msg")) {
msg = hex2bin_m(value, &mlen);
if (!msg) {
fprintf(stderr, "Invalid Message\n");
return 0;
}
}
if (!strcmp(keyword, "Qx")) {
if (!do_hex2bn(&Qx, value)) {
fprintf(stderr, "Invalid Qx value\n");
return 0;
}
}
if (!strcmp(keyword, "Qy")) {
if (!do_hex2bn(&Qy, value)) {
fprintf(stderr, "Invalid Qy value\n");
return 0;
}
}
if (!strcmp(keyword, "R")) {
if (!do_hex2bn(&sig->r, value)) {
fprintf(stderr, "Invalid R value\n");
return 0;
}
}
if (!strcmp(keyword, "S")) {
int rv;
if (!do_hex2bn(&sig->s, value)) {
fprintf(stderr, "Invalid S value\n");
return 0;
}
key = EC_KEY_new_by_curve_name(curve_nid);
rv = EC_KEY_set_public_key_affine_coordinates(key, Qx, Qy);
if (rv != 1) {
fprintf(stderr, "Error setting public key\n");
return 0;
}
no_err = 1;
rv = FIPS_ecdsa_verify(key, msg, mlen, digest, sig);
EC_KEY_free(key);
if (msg)
OPENSSL_free(msg);
no_err = 0;
fprintf(out, "Result = %s" RESP_EOL, rv ? "P" : "F");
}
}
if (sig->r)
BN_free(sig->r);
if (sig->s)
BN_free(sig->s);
if (Qx)
BN_free(Qx);
if (Qy)
BN_free(Qy);
return 1;
}
