static void testdigestandsignalg(SecKeyRef privKey, SecKeyRef pubKey, const SecAsn1AlgId *algId) { uint8_t dataToDigest[256] = {0,}; size_t dataToDigestLen = sizeof(dataToDigest); size_t sigLen = SecKeyGetSize(privKey, kSecKeySignatureSize); uint8_t sig[sigLen]; DERItem oid; oid.length = algId->algorithm.Length; oid.data = algId->algorithm.Data; /* Get the oid in decimal for display purposes. */ CFStringRef oidStr = SecDERItemCopyOIDDecimalRepresentation(kCFAllocatorDefault, &oid); char oidBuf[40]; CFStringGetCString(oidStr, oidBuf, sizeof(oidBuf), kCFStringEncodingUTF8); CFRelease(oidStr); SKIP: { OSStatus status; /* Time to sign. */ ok_status(status = SecKeyDigestAndSign(privKey, algId, dataToDigest, dataToDigestLen, sig, &sigLen), "digest and sign %s with %ld bit RSA key", oidBuf, sigLen * 8); skip("SecKeyDigestAndSign failed", 3, status == errSecSuccess); /* Verify the signature we just made. */ ok_status(SecKeyDigestAndVerify(pubKey, algId, dataToDigest, dataToDigestLen, sig, sigLen), "digest and verify"); /* Invalidate the signature. */ sig[0] ^= 0xff; is_status(SecKeyDigestAndVerify(pubKey, algId, dataToDigest, dataToDigestLen, sig, sigLen), errSSLCrypto, "digest and verify bad sig"); sig[0] ^= 0xff; dataToDigest[0] ^= 0xff; is_status(SecKeyDigestAndVerify(pubKey, algId, dataToDigest, dataToDigestLen, sig, sigLen), errSSLCrypto, "digest and verify bad digest"); } }
static bool SecKeyDigestAndVerifyWithError( SecKeyRef key, /* Public key */ const SecAsn1AlgId *algId, /* algorithm oid/params */ const uint8_t *dataToDigest, /* signature over this data */ size_t dataToDigestLen,/* length of dataToDigest */ uint8_t *sig, /* signature to verify */ size_t sigLen, /* length of sig */ CFErrorRef *error) { OSStatus status = SecKeyDigestAndVerify(key, algId, dataToDigest, dataToDigestLen, sig, sigLen); require_noerr(status, fail); return true; fail: SecOTRCreateError(secOTRErrorOSError, status, CFSTR("Error verifying message. OSStatus in error code."), NULL, error); return false; }