JNIEXPORT jint JNICALL Java_com_wolfssl_wolfcrypt_RSA_doVerify (JNIEnv* jenv, jobject jcl, jobject sig, jlong sigSz, jobject out, jlong outSz, jobject keyDer, jlong keySz) { int ret; RsaKey myKey; unsigned int idx; /* check in and key sz */ if ((sigSz < 0) || (keySz < 0) || (outSz < 0)) { return -1; } /* get pointers to our buffers */ unsigned char* sigBuf = (*jenv)->GetDirectBufferAddress(jenv, sig); if (sigBuf == NULL) { printf("problem getting sig buffer address\n"); return -1; } unsigned char* outBuf = (*jenv)->GetDirectBufferAddress(jenv, out); if (outBuf == NULL) { printf("problem getting out buffer address\n"); return -1; } unsigned char* keyBuf = (*jenv)->GetDirectBufferAddress(jenv, keyDer); if (keyBuf == NULL) { printf("problem getting key buffer address\n"); return -1; } wc_InitRsaKey(&myKey, NULL); idx = 0; ret = wc_RsaPublicKeyDecode(keyBuf, &idx, &myKey, (unsigned int)keySz); if (ret == 0) { ret = wc_RsaSSL_Verify(sigBuf, (unsigned int)sigSz, outBuf, (unsigned int)outSz, &myKey); if (ret < 0) { printf("wc_RsaSSL_Verify failed, ret = %d\n", ret); return ret; } } else { printf("wc_RsaPublicKeyDecode failed, ret = %d\n", ret); } wc_FreeRsaKey(&myKey); return ret; }
int wc_SignatureVerify( enum wc_HashType hash_type, enum wc_SignatureType sig_type, const byte* data, word32 data_len, const byte* sig, word32 sig_len, const void* key, word32 key_len) { int ret, hash_len; byte *hash_data = NULL; /* Check arguments */ if (data == NULL || data_len <= 0 || sig == NULL || sig_len <= 0 || key == NULL || key_len <= 0) { return BAD_FUNC_ARG; } /* Validate signature len (1 to max is okay) */ if ((int)sig_len > wc_SignatureGetSize(sig_type, key, key_len)) { WOLFSSL_MSG("wc_SignatureVerify: Invalid sig type/len"); return BAD_FUNC_ARG; } /* Validate hash size */ hash_len = wc_HashGetDigestSize(hash_type); if (hash_len <= 0) { WOLFSSL_MSG("wc_SignatureVerify: Invalid hash type/len"); return BAD_FUNC_ARG; } /* Allocate temporary buffer for hash data */ hash_data = XMALLOC(hash_len, NULL, DYNAMIC_TYPE_TMP_BUFFER); if (hash_data == NULL) { return MEMORY_E; } /* Perform hash of data */ ret = wc_Hash(hash_type, data, data_len, hash_data, hash_len); if(ret == 0) { /* Verify signature using hash as data */ switch(sig_type) { #ifdef HAVE_ECC case WC_SIGNATURE_TYPE_ECC: { int is_valid_sig = 0; /* Perform verification of signature using provided ECC key */ ret = wc_ecc_verify_hash(sig, sig_len, hash_data, hash_len, &is_valid_sig, (ecc_key*)key); if (ret != 0 || is_valid_sig != 1) { ret = SIG_VERIFY_E; } break; } #endif #ifndef NO_RSA case WC_SIGNATURE_TYPE_RSA: { byte *plain_data = XMALLOC(hash_len, NULL, DYNAMIC_TYPE_TMP_BUFFER); if (plain_data) { /* Perform verification of signature using provided RSA key */ ret = wc_RsaSSL_Verify(sig, sig_len, plain_data, hash_len, (RsaKey*)key); if (ret != hash_len || XMEMCMP(plain_data, hash_data, hash_len) != 0) { ret = SIG_VERIFY_E; } XFREE(plain_data, NULL, DYNAMIC_TYPE_TMP_BUFFER); } else { ret = MEMORY_E; } break; } #endif case WC_SIGNATURE_TYPE_NONE: default: ret = BAD_FUNC_ARG; break; } } if (hash_data) { XFREE(hash_data, NULL, DYNAMIC_TYPE_TMP_BUFFER); } return ret; }