JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_RSA_doVerify
(JNIEnv* jenv, jobject jcl, jobject sig, jlong sigSz, jobject out,
jlong outSz, jobject keyDer, jlong keySz)
{
int ret;
RsaKey myKey;
unsigned int idx;
/* check in and key sz */
if ((sigSz < 0) || (keySz < 0) || (outSz < 0)) {
return -1;
}
/* get pointers to our buffers */
unsigned char* sigBuf = (*jenv)->GetDirectBufferAddress(jenv, sig);
if (sigBuf == NULL) {
printf("problem getting sig buffer address\n");
return -1;
}
unsigned char* outBuf = (*jenv)->GetDirectBufferAddress(jenv, out);
if (outBuf == NULL) {
printf("problem getting out buffer address\n");
return -1;
}
unsigned char* keyBuf = (*jenv)->GetDirectBufferAddress(jenv, keyDer);
if (keyBuf == NULL) {
printf("problem getting key buffer address\n");
return -1;
}
wc_InitRsaKey(&myKey, NULL);
idx = 0;
ret = wc_RsaPublicKeyDecode(keyBuf, &idx, &myKey, (unsigned int)keySz);
if (ret == 0) {
ret = wc_RsaSSL_Verify(sigBuf, (unsigned int)sigSz, outBuf,
(unsigned int)outSz, &myKey);
if (ret < 0) {
printf("wc_RsaSSL_Verify failed, ret = %d\n", ret);
return ret;
}
} else {
printf("wc_RsaPublicKeyDecode failed, ret = %d\n", ret);
}
wc_FreeRsaKey(&myKey);
return ret;
}
int wc_SignatureVerify(
enum wc_HashType hash_type, enum wc_SignatureType sig_type,
const byte* data, word32 data_len,
const byte* sig, word32 sig_len,
const void* key, word32 key_len)
{
int ret, hash_len;
byte *hash_data = NULL;
/* Check arguments */
if (data == NULL || data_len <= 0 || sig == NULL || sig_len <= 0 ||
key == NULL || key_len <= 0) {
return BAD_FUNC_ARG;
}
/* Validate signature len (1 to max is okay) */
if ((int)sig_len > wc_SignatureGetSize(sig_type, key, key_len)) {
WOLFSSL_MSG("wc_SignatureVerify: Invalid sig type/len");
return BAD_FUNC_ARG;
}
/* Validate hash size */
hash_len = wc_HashGetDigestSize(hash_type);
if (hash_len <= 0) {
WOLFSSL_MSG("wc_SignatureVerify: Invalid hash type/len");
return BAD_FUNC_ARG;
}
/* Allocate temporary buffer for hash data */
hash_data = XMALLOC(hash_len, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (hash_data == NULL) {
return MEMORY_E;
}
/* Perform hash of data */
ret = wc_Hash(hash_type, data, data_len, hash_data, hash_len);
if(ret == 0) {
/* Verify signature using hash as data */
switch(sig_type) {
#ifdef HAVE_ECC
case WC_SIGNATURE_TYPE_ECC:
{
int is_valid_sig = 0;
/* Perform verification of signature using provided ECC key */
ret = wc_ecc_verify_hash(sig, sig_len, hash_data, hash_len, &is_valid_sig, (ecc_key*)key);
if (ret != 0 || is_valid_sig != 1) {
ret = SIG_VERIFY_E;
}
break;
}
#endif
#ifndef NO_RSA
case WC_SIGNATURE_TYPE_RSA:
{
byte *plain_data = XMALLOC(hash_len, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (plain_data) {
/* Perform verification of signature using provided RSA key */
ret = wc_RsaSSL_Verify(sig, sig_len, plain_data, hash_len, (RsaKey*)key);
if (ret != hash_len || XMEMCMP(plain_data, hash_data, hash_len) != 0) {
ret = SIG_VERIFY_E;
}
XFREE(plain_data, NULL, DYNAMIC_TYPE_TMP_BUFFER);
}
else {
ret = MEMORY_E;
}
break;
}
#endif
case WC_SIGNATURE_TYPE_NONE:
default:
ret = BAD_FUNC_ARG;
break;
}
}
if (hash_data) {
XFREE(hash_data, NULL, DYNAMIC_TYPE_TMP_BUFFER);
}
return ret;
}
