Beispiel #1
0
CertStore::CertInfo CertStore::_preprocessCert(uint32_t length, uint32_t offset, const void *raw) {
  CertStore::CertInfo ci;

  // Clear the CertInfo
  memset(&ci, 0, sizeof(ci));

  // Process it using SHA256, same as the hashed_dn
  br_x509_decoder_context *ctx = new br_x509_decoder_context;
  br_sha256_context *sha256 = new br_sha256_context;
  if (!ctx || !sha256) {
    DEBUG_BSSL("CertStore::_preprocessCert: OOM\n");
    return ci;
  }

  br_sha256_init(sha256);
  br_x509_decoder_init(ctx, dn_append, sha256, nullptr, nullptr);
  br_x509_decoder_push(ctx, (const void*)raw, length);

  // Copy result to structure
  br_sha256_out(sha256, &ci.sha256);
  ci.length = length;
  ci.offset = offset;

  // Clean up allocated memory
  delete sha256;
  delete ctx;

  // Return result
  return ci;
}
Beispiel #2
0
static unsigned char *
verify_ec(br_x509_pkey *pk, const char *file, const char *sigfile)
{
	char hexbuf[br_sha512_SIZE * 2 + 2];
	unsigned char rhbuf[br_sha512_SIZE];
	char *hex;
	br_sha256_context ctx;
	unsigned char *fcp, *scp;
	size_t flen, slen, plen;
	pem_object *po;
	const br_ec_impl *ec;
	br_ecdsa_vrfy vrfy;

	if ((fcp = read_file(file, &flen)) == NULL)
		return (NULL);
	if ((scp = read_file(sigfile, &slen)) == NULL) {
		free(fcp);
		return (NULL);
	}
	if ((po = decode_pem(scp, slen, &plen)) == NULL) {
		free(fcp);
		free(scp);
		return (NULL);
	}
	br_sha256_init(&ctx);
	br_sha256_update(&ctx, fcp, flen);
	br_sha256_out(&ctx, rhbuf);
	hex = hexdigest(hexbuf, sizeof(hexbuf), rhbuf, br_sha256_SIZE);
	/* now hash that */
	if (hex) {
		br_sha256_init(&ctx);
		br_sha256_update(&ctx, hex, strlen(hex));
		br_sha256_out(&ctx, rhbuf);
	}
	ec = br_ec_get_default();
	vrfy = br_ecdsa_vrfy_asn1_get_default();
	if (!vrfy(ec, rhbuf, br_sha256_SIZE, &pk->key.ec, po->data,
		po->data_len)) {
		free(fcp);
		fcp = NULL;
	}
	free(scp);
	return (fcp);
}