CertStore::CertInfo CertStore::_preprocessCert(uint32_t length, uint32_t offset, const void *raw) { CertStore::CertInfo ci; // Clear the CertInfo memset(&ci, 0, sizeof(ci)); // Process it using SHA256, same as the hashed_dn br_x509_decoder_context *ctx = new br_x509_decoder_context; br_sha256_context *sha256 = new br_sha256_context; if (!ctx || !sha256) { DEBUG_BSSL("CertStore::_preprocessCert: OOM\n"); return ci; } br_sha256_init(sha256); br_x509_decoder_init(ctx, dn_append, sha256, nullptr, nullptr); br_x509_decoder_push(ctx, (const void*)raw, length); // Copy result to structure br_sha256_out(sha256, &ci.sha256); ci.length = length; ci.offset = offset; // Clean up allocated memory delete sha256; delete ctx; // Return result return ci; }
static unsigned char * verify_ec(br_x509_pkey *pk, const char *file, const char *sigfile) { char hexbuf[br_sha512_SIZE * 2 + 2]; unsigned char rhbuf[br_sha512_SIZE]; char *hex; br_sha256_context ctx; unsigned char *fcp, *scp; size_t flen, slen, plen; pem_object *po; const br_ec_impl *ec; br_ecdsa_vrfy vrfy; if ((fcp = read_file(file, &flen)) == NULL) return (NULL); if ((scp = read_file(sigfile, &slen)) == NULL) { free(fcp); return (NULL); } if ((po = decode_pem(scp, slen, &plen)) == NULL) { free(fcp); free(scp); return (NULL); } br_sha256_init(&ctx); br_sha256_update(&ctx, fcp, flen); br_sha256_out(&ctx, rhbuf); hex = hexdigest(hexbuf, sizeof(hexbuf), rhbuf, br_sha256_SIZE); /* now hash that */ if (hex) { br_sha256_init(&ctx); br_sha256_update(&ctx, hex, strlen(hex)); br_sha256_out(&ctx, rhbuf); } ec = br_ec_get_default(); vrfy = br_ecdsa_vrfy_asn1_get_default(); if (!vrfy(ec, rhbuf, br_sha256_SIZE, &pk->key.ec, po->data, po->data_len)) { free(fcp); fcp = NULL; } free(scp); return (fcp); }