static int test_mdc2(void)
{
int testresult = 0;
unsigned char md[MDC2_DIGEST_LENGTH];
EVP_MD_CTX *c;
static char text[] = "Now is the time for all ";
size_t tlen = strlen(text);
# ifdef CHARSET_EBCDIC
ebcdic2ascii(text, text, tlen);
# endif
c = EVP_MD_CTX_new();
if (!TEST_ptr(c)
|| !TEST_true(EVP_DigestInit_ex(c, EVP_mdc2(), NULL))
|| !TEST_true(EVP_DigestUpdate(c, (unsigned char *)text, tlen))
|| !TEST_true(EVP_DigestFinal_ex(c, &(md[0]), NULL))
|| !TEST_mem_eq(md, MDC2_DIGEST_LENGTH, pad1, MDC2_DIGEST_LENGTH)
|| !TEST_true(EVP_DigestInit_ex(c, EVP_mdc2(), NULL)))
goto end;
/* FIXME: use a ctl function? */
((MDC2_CTX *)EVP_MD_CTX_md_data(c))->pad_type = 2;
if (!TEST_true(EVP_DigestUpdate(c, (unsigned char *)text, tlen))
|| !TEST_true(EVP_DigestFinal_ex(c, &(md[0]), NULL))
|| !TEST_mem_eq(md, MDC2_DIGEST_LENGTH, pad2, MDC2_DIGEST_LENGTH))
goto end;
testresult = 1;
end:
EVP_MD_CTX_free(c);
return testresult;
}
int main(int argc, char *argv[])
{
int ret=0;
unsigned char md[MDC2_DIGEST_LENGTH];
int i;
EVP_MD_CTX c;
static char *text="Now is the time for all ";
#ifdef CHARSET_EBCDIC
ebcdic2ascii(text,text,strlen(text));
#endif
EVP_MD_CTX_init(&c);
EVP_DigestInit_ex(&c,EVP_mdc2(), NULL);
EVP_DigestUpdate(&c,(unsigned char *)text,strlen(text));
EVP_DigestFinal_ex(&c,&(md[0]),NULL);
if (memcmp(md,pad1,MDC2_DIGEST_LENGTH) != 0)
{
for (i=0; i<MDC2_DIGEST_LENGTH; i++)
printf("%02X",md[i]);
printf(" <- generated\n");
for (i=0; i<MDC2_DIGEST_LENGTH; i++)
printf("%02X",pad1[i]);
printf(" <- correct\n");
ret=1;
}
else
printf("pad1 - ok\n");
EVP_DigestInit_ex(&c,EVP_mdc2(), NULL);
/* FIXME: use a ctl function? */
((MDC2_CTX *)c.md_data)->pad_type=2;
EVP_DigestUpdate(&c,(unsigned char *)text,strlen(text));
EVP_DigestFinal_ex(&c,&(md[0]),NULL);
if (memcmp(md,pad2,MDC2_DIGEST_LENGTH) != 0)
{
for (i=0; i<MDC2_DIGEST_LENGTH; i++)
printf("%02X",md[i]);
printf(" <- generated\n");
for (i=0; i<MDC2_DIGEST_LENGTH; i++)
printf("%02X",pad2[i]);
printf(" <- correct\n");
ret=1;
}
else
printf("pad2 - ok\n");
EVP_MD_CTX_cleanup(&c);
#ifdef OPENSSL_SYS_NETWARE
if (ret) printf("ERROR: %d\n", ret);
#endif
EXIT(ret);
return(ret);
}
void openssl_add_all_digests_internal(void)
{
#ifndef OPENSSL_NO_MD4
EVP_add_digest(EVP_md4());
#endif
#ifndef OPENSSL_NO_MD5
EVP_add_digest(EVP_md5());
EVP_add_digest_alias(SN_md5, "ssl3-md5");
EVP_add_digest(EVP_md5_sha1());
#endif
EVP_add_digest(EVP_sha1());
EVP_add_digest_alias(SN_sha1, "ssl3-sha1");
EVP_add_digest_alias(SN_sha1WithRSAEncryption, SN_sha1WithRSA);
#if !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DES)
EVP_add_digest(EVP_mdc2());
#endif
#ifndef OPENSSL_NO_RMD160
EVP_add_digest(EVP_ripemd160());
EVP_add_digest_alias(SN_ripemd160, "ripemd");
EVP_add_digest_alias(SN_ripemd160, "rmd160");
#endif
EVP_add_digest(EVP_sha224());
EVP_add_digest(EVP_sha256());
EVP_add_digest(EVP_sha384());
EVP_add_digest(EVP_sha512());
#ifndef OPENSSL_NO_WHIRLPOOL
EVP_add_digest(EVP_whirlpool());
#endif
}
void
OpenSSL_add_all_digests(void)
{
#ifndef OPENSSL_NO_MD4
EVP_add_digest(EVP_md4());
#endif
#ifndef OPENSSL_NO_MD5
EVP_add_digest(EVP_md5());
EVP_add_digest_alias(SN_md5, "ssl2-md5");
EVP_add_digest_alias(SN_md5, "ssl3-md5");
#endif
#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA0)
EVP_add_digest(EVP_sha());
#ifndef OPENSSL_NO_DSA
EVP_add_digest(EVP_dss());
#endif
#endif
#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
EVP_add_digest(EVP_sha1());
EVP_add_digest_alias(SN_sha1, "ssl3-sha1");
EVP_add_digest_alias(SN_sha1WithRSAEncryption, SN_sha1WithRSA);
#ifndef OPENSSL_NO_DSA
EVP_add_digest(EVP_dss1());
EVP_add_digest_alias(SN_dsaWithSHA1, SN_dsaWithSHA1_2);
EVP_add_digest_alias(SN_dsaWithSHA1, "DSS1");
EVP_add_digest_alias(SN_dsaWithSHA1, "dss1");
#endif
#ifndef OPENSSL_NO_ECDSA
EVP_add_digest(EVP_ecdsa());
#endif
#endif
#ifndef OPENSSL_NO_GOST
EVP_add_digest(EVP_gostr341194());
EVP_add_digest(EVP_gost2814789imit());
EVP_add_digest(EVP_streebog256());
EVP_add_digest(EVP_streebog512());
#endif
#if !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DES)
EVP_add_digest(EVP_mdc2());
#endif
#ifndef OPENSSL_NO_RIPEMD
EVP_add_digest(EVP_ripemd160());
EVP_add_digest_alias(SN_ripemd160, "ripemd");
EVP_add_digest_alias(SN_ripemd160, "rmd160");
#endif
#ifndef OPENSSL_NO_SHA256
EVP_add_digest(EVP_sha224());
EVP_add_digest(EVP_sha256());
#endif
#ifndef OPENSSL_NO_SHA512
EVP_add_digest(EVP_sha384());
EVP_add_digest(EVP_sha512());
#endif
#ifndef OPENSSL_NO_WHIRLPOOL
EVP_add_digest(EVP_whirlpool());
#endif
}
ikptr
ikrt_openssl_evp_mdc2 (ikpcb * pcb)
{
#ifdef HAVE_EVP_MDC2
const EVP_MD * rv;
rv = EVP_mdc2();
return ika_pointer_alloc(pcb, (long)rv);
#else
feature_failure(__func__);
#endif
}
void OpenSSL_add_all_digests(void)
{
#ifndef OPENSSL_NO_MD2
EVP_add_digest(EVP_md2());
#endif
#ifndef OPENSSL_NO_MD4
EVP_add_digest(EVP_md4());
#endif
#ifndef OPENSSL_NO_MD5
EVP_add_digest(EVP_md5());
EVP_add_digest_alias(SN_md5,"ssl2-md5");
EVP_add_digest_alias(SN_md5,"ssl3-md5");
#endif
#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA0)
EVP_add_digest(EVP_sha());
#ifndef OPENSSL_NO_DSA
EVP_add_digest(EVP_dss());
#endif
#endif
#ifndef OPENSSL_NO_SHA
EVP_add_digest(EVP_sha1());
EVP_add_digest_alias(SN_sha1,"ssl3-sha1");
EVP_add_digest_alias(SN_sha1WithRSAEncryption,SN_sha1WithRSA);
#ifndef OPENSSL_NO_DSA
EVP_add_digest(EVP_dss1());
EVP_add_digest_alias(SN_dsaWithSHA1,SN_dsaWithSHA1_2);
EVP_add_digest_alias(SN_dsaWithSHA1,"DSS1");
EVP_add_digest_alias(SN_dsaWithSHA1,"dss1");
#endif
#ifndef OPENSSL_NO_ECDSA
EVP_add_digest(EVP_ecdsa());
#endif
#endif
#if !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DES)
EVP_add_digest(EVP_mdc2());
#endif
#ifndef OPENSSL_NO_RIPEMD
EVP_add_digest(EVP_ripemd160());
EVP_add_digest_alias(SN_ripemd160,"ripemd");
EVP_add_digest_alias(SN_ripemd160,"rmd160");
#endif
#ifndef OPENSSL_NO_SHA256
/* EVP_add_digest(EVP_sha224()); To be added later */
EVP_add_digest(EVP_sha256());
#endif
#ifndef OPENSSL_NO_SHA512
EVP_add_digest(EVP_sha384());
EVP_add_digest(EVP_sha512());
#endif
}
const EVP_MD * hb_EVP_MD_par( int iParam )
{
const EVP_MD * p;
if( HB_ISCHAR( iParam ) )
return EVP_get_digestbyname( hb_parc( iParam ) );
switch( hb_parni( iParam ) )
{
case HB_EVP_MD_MD_NULL: p = EVP_md_null(); break;
#if ! defined( OPENSSL_NO_MD2 ) && OPENSSL_VERSION_NUMBER < 0x10000000L
case HB_EVP_MD_MD2: p = EVP_md2(); break;
#endif
#ifndef OPENSSL_NO_MD4
case HB_EVP_MD_MD4: p = EVP_md4(); break;
#endif
#ifndef OPENSSL_NO_MD5
case HB_EVP_MD_MD5: p = EVP_md5(); break;
#endif
#ifndef OPENSSL_NO_SHA
case HB_EVP_MD_SHA: p = EVP_sha(); break;
case HB_EVP_MD_SHA1: p = EVP_sha1(); break;
case HB_EVP_MD_DSS: p = EVP_dss(); break;
case HB_EVP_MD_DSS1: p = EVP_dss1(); break;
#if ! defined( HB_OPENSSL_OLD_OSX_ )
case HB_EVP_MD_ECDSA: p = EVP_ecdsa(); break;
#endif
#endif
#ifndef OPENSSL_NO_SHA256
case HB_EVP_MD_SHA224: p = EVP_sha224(); break;
case HB_EVP_MD_SHA256: p = EVP_sha256(); break;
#endif
#ifndef OPENSSL_NO_SHA512
case HB_EVP_MD_SHA384: p = EVP_sha384(); break;
case HB_EVP_MD_SHA512: p = EVP_sha512(); break;
#endif
#ifndef OPENSSL_NO_MDC2
case HB_EVP_MD_MDC2: p = EVP_mdc2(); break;
#endif
#ifndef OPENSSL_NO_RIPEMD
case HB_EVP_MD_RIPEMD160: p = EVP_ripemd160(); break;
#endif
default: p = NULL;
}
return p;
}
static int hb_EVP_MD_ptr_to_id( const EVP_MD * p )
{
int n;
if( p == EVP_md_null() ) n = HB_EVP_MD_MD_NULL;
#ifndef OPENSSL_NO_MD2
else if( p == EVP_md2() ) n = HB_EVP_MD_MD2;
#endif
#ifndef OPENSSL_NO_MD4
else if( p == EVP_md4() ) n = HB_EVP_MD_MD4;
#endif
#ifndef OPENSSL_NO_MD5
else if( p == EVP_md5() ) n = HB_EVP_MD_MD5;
#endif
#ifndef OPENSSL_NO_SHA
else if( p == EVP_sha() ) n = HB_EVP_MD_SHA;
else if( p == EVP_sha1() ) n = HB_EVP_MD_SHA1;
else if( p == EVP_dss() ) n = HB_EVP_MD_DSS;
else if( p == EVP_dss1() ) n = HB_EVP_MD_DSS1;
#if ! defined( HB_OPENSSL_OLD_OSX_ )
else if( p == EVP_ecdsa() ) n = HB_EVP_MD_ECDSA;
#endif
#endif
#ifndef OPENSSL_NO_SHA256
else if( p == EVP_sha224() ) n = HB_EVP_MD_SHA224;
else if( p == EVP_sha256() ) n = HB_EVP_MD_SHA256;
#endif
#ifndef OPENSSL_NO_SHA512
else if( p == EVP_sha384() ) n = HB_EVP_MD_SHA384;
else if( p == EVP_sha512() ) n = HB_EVP_MD_SHA512;
#endif
#ifndef OPENSSL_NO_MDC2
else if( p == EVP_mdc2() ) n = HB_EVP_MD_MDC2;
#endif
#ifndef OPENSSL_NO_RIPEMD
else if( p == EVP_ripemd160() ) n = HB_EVP_MD_RIPEMD160;
#endif
else n = HB_EVP_MD_UNSUPPORTED;
return n;
}
static const EVP_MD *gtkhash_hash_lib_crypto_get_md(const enum hash_func_e id)
{
switch (id) {
case HASH_FUNC_MD4:
return EVP_md4();
case HASH_FUNC_MD5:
return EVP_md5();
case HASH_FUNC_SHA0:
return EVP_sha();
case HASH_FUNC_SHA1:
return EVP_sha1();
case HASH_FUNC_RIPEMD160:
return EVP_ripemd160();
case HASH_FUNC_MDC2:
return EVP_mdc2();
default:
return NULL;
}
g_assert_not_reached();
}
int
main(int argc, char **argv, char **envp)
{
#if 0
const char *algorithm = NULL;
#else
const char *algorithm = "md5";
#endif
const char *key = NULL;
const char *msg = NULL;
const char *signature = NULL;
#if 0
const char *type = NULL;
#else
const char *type = "rsa";
#endif
xxxflag = false;
if(!(prog = basename(argv[0]))) {
fprintf(stderr, "err: basename: %s -- %s\n",
strerror(errno), argv[0]);
return(-1);
/* NOTREACHED */
}
{
int ch = 0;
#if 0
while((ch = getopt(argc, argv, "a:k:m:s:t:@")) != -1) {
#else
while((ch = getopt(argc, argv, "k:m:s:@")) != -1) {
#endif
switch (ch) {
#if 0
case 'a':
algorithm = optarg;
break;
#endif
case 'k':
key = optarg;
break;
case 'm':
msg = optarg;
break;
case 's':
signature = optarg;
break;
#if 0
case 't':
type = optarg;
break;
#endif
case '@':
xxxflag = true;
break;
default:
usage();
/* NOTREACHED */
break;
}
}
argc -= optind;
argv += optind;
}
if(argc || !algorithm || !key || !msg || !type) {
usage();
/* NOTREACHED */
}
return(sigcomp_main(algorithm, key, msg, signature, type)? 0: -1);
/* NOTREACHED */
}
static bool
sigcomp_main(const char *const algorithm, const char *const key,
const char *const msg, const char *const signature,
const char *const type)
{
const EVP_MD *evp_md = NULL;
BIGNUM *bn_key = NULL;
BIGNUM *bn_msg = NULL;
BIGNUM *bn_signature = NULL;
ERR_load_crypto_strings();
if(!(evp_md = evp_md_with_algorithm(type, algorithm))) {
fprintf(stderr, "err: algorithm: %s -- "
"unknown algorithm for %s\n", algorithm, type);
return(sigcomp_return(false, bn_key, bn_msg, bn_signature));
}
/* key -> bn_key */
if(!(bn_key = BN_new())) {
openssl_strerror("BN_new");
return(sigcomp_return(false, bn_key, bn_msg, bn_signature));
}
if(!BN_hex2bn(&bn_key, (const char *)key)) {
openssl_strerror("BN_hex2bn");
return(sigcomp_return(false, bn_key, bn_msg, bn_signature));
}
/* msg -> bn_msg */
if(!(bn_msg = BN_new())) {
openssl_strerror("BN_new");
return(sigcomp_return(false, bn_key, bn_msg, bn_signature));
}
if(!BN_hex2bn(&bn_msg, (const char *)msg)) {
openssl_strerror("BN_hex2bn");
return(sigcomp_return(false, bn_key, bn_msg, bn_signature));
}
if(signature) {
/* signature -> bn_signature */
if(!(bn_signature = BN_new())) {
openssl_strerror("BN_new");
return(sigcomp_return(false,
bn_key, bn_msg, bn_signature));
}
if(!BN_hex2bn(&bn_signature, (const char *)signature)) {
openssl_strerror("BN_hex2bn");
return(sigcomp_return(false,
bn_key, bn_msg, bn_signature));
}
if(!sigcomp_vrfy(evp_md, bn_key, bn_msg, bn_signature, type)) {
return(sigcomp_return(false,
bn_key, bn_msg, bn_signature));
}
} else {
if(!sigcomp_sign(evp_md, bn_key, bn_msg, type)) {
return(sigcomp_return(false,
bn_key, bn_msg, bn_signature));
}
}
return(sigcomp_return(true, bn_key, bn_msg, bn_signature));
}
static bool
sigcomp_return(const bool code,
BIGNUM *bn_key, BIGNUM *bn_msg, BIGNUM *bn_signature)
{
if(bn_signature) {
BN_free(bn_signature); bn_signature = NULL;
}
if(bn_msg) {
BN_free(bn_msg); bn_msg = NULL;
}
if(bn_key) {
BN_free(bn_key); bn_key = NULL;
}
return(code);
}
static bool
sigcomp_sign(const EVP_MD *const evp_md, const BIGNUM *const bn_key,
const BIGNUM *const bn_msg, const char *const type)
{
EVP_PKEY *pkey = NULL;
unsigned char *key = NULL;
unsigned char *msg = NULL;
unsigned char *signature = NULL;
unsigned char *ptr = NULL;
int keylen = 0;
int msglen = 0;
int signaturelen = 0;
int padding = 0;
/* bn_key -> key */
if(!(keylen = BN_num_bytes(bn_key))) {
openssl_strerror("BN_num_bytes");
return(sigcomp_sign_return(false, key, msg, signature, pkey));
}
if(!(key = (unsigned char *)malloc(keylen))) {
fprintf(stderr, "err: malloc: %s\n", strerror(errno));
return(sigcomp_sign_return(false, key, msg, signature, pkey));
}
if(BN_bn2bin(bn_key, key) != keylen) {
openssl_strerror("BN_bn2bin");
return(sigcomp_sign_return(false, key, msg, signature, pkey));
}
#ifdef DEBUG
dmp(stderr, "key", key, keylen);
#endif // DEBUG
/* bn_msg -> msg */
if(!(msglen = BN_num_bytes(bn_msg))) {
openssl_strerror("BN_num_bytes");
return(sigcomp_sign_return(false, key, msg, signature, pkey));
}
if(!(msg = (unsigned char *)malloc(msglen))) {
fprintf(stderr, "err: malloc: %s\n", strerror(errno));
return(sigcomp_sign_return(false, key, msg, signature, pkey));
}
if(BN_bn2bin(bn_msg, msg) != msglen) {
openssl_strerror("BN_bn2bin");
return(sigcomp_sign_return(false, key, msg, signature, pkey));
}
#ifdef DEBUG
dmp(stderr, "msg", msg, msglen);
#endif // DEBUG
ptr = key;
for( ; ; ) {
if(!strcmp(type, "rsa")) {
#if defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER >= 0x0090800fL)
if(!(pkey = d2i_PrivateKey(EVP_PKEY_RSA,
NULL, (const unsigned char **)&ptr, keylen))) {
#else
if(!(pkey = d2i_PrivateKey(EVP_PKEY_RSA,
NULL, &ptr, keylen))) {
#endif
openssl_strerror("d2i_PrivateKey");
return(sigcomp_sign_return(false,
key, msg, signature, pkey));
}
signaturelen = RSA_size(pkey->pkey.rsa);
padding = RSA_PKCS1_PADDING;
break;
}
if(!strcmp(type, "dsa")) {
#if defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER >= 0x0090800fL)
if(!(pkey = d2i_PrivateKey(EVP_PKEY_DSA,
NULL, (const unsigned char **)&ptr, keylen))) {
#else
if(!(pkey = d2i_PrivateKey(EVP_PKEY_DSA,
NULL, &ptr, keylen))) {
#endif
openssl_strerror("d2i_PrivateKey");
return(sigcomp_sign_return(false,
key, msg, signature, pkey));
}
fprintf(stderr, "err: type: %s -- not implemented\n",
type);
return(sigcomp_sign_return(false,
key, msg, signature, pkey));
break;
}
fprintf(stderr, "err: type: %s -- unknown type\n",
type);
return(sigcomp_sign_return(false, key, msg, signature, pkey));
/* NOTREACHED */
}
if(!(signature = (unsigned char *)malloc(signaturelen))) {
fprintf(stderr, "err: malloc: %s\n", strerror(errno));
return(sigcomp_sign_return(false, key, msg, signature, pkey));
}
RSA_private_encrypt(msglen, msg, signature, pkey->pkey.rsa, padding);
#ifdef DEBUG
dmp(stderr, "signature", signature, signaturelen);
#endif // DEBUG
sigcomp_sign_dump(key, keylen, msg, msglen, signature, signaturelen);
return(sigcomp_sign_return(true, key, msg, signature, pkey));
}
static void
sigcomp_sign_dump(const unsigned char *const key, int keylen,
const unsigned char *const msg, int msglen,
const unsigned char *const signature, int signaturelen)
{
int d = 0;
if(xxxflag) {
#if 0 /* needless */
for(d = 0; d < msglen; d ++) {
printf("%02x", msg[d]);
}
#endif
for(d = 0; d < signaturelen; d ++) {
printf("%02x", signature[d]);
}
printf("\n");
return;
}
printf("log:SigCompSign_Results (length:%d)\n",
keylen + msglen + signaturelen);
printf("log:| PrivateKey (length:%d)\n", keylen);
printf("log:| | data = ");
for(d = 0; d < keylen; d ++) {
printf("%02x", key[d]);
}
printf("\n");
printf("log:| Message (length:%d)\n", msglen);
printf("log:| | data = ");
for(d = 0; d < msglen; d ++) {
printf("%02x", msg[d]);
}
printf("\n");
printf("log:| Signature (length:%d)\n",
signaturelen);
printf("log:| | data = ");
for(d = 0; d < signaturelen; d ++) {
printf("%02x", signature[d]);
}
printf("\n");
return;
}
static bool
sigcomp_sign_return(const bool code,
unsigned char *key, unsigned char *msg, unsigned char *signature,
EVP_PKEY *pkey)
{
if(pkey) {
EVP_PKEY_free(pkey); pkey = NULL;
}
if(signature) {
free(signature); signature = NULL;
}
if(msg) {
free(msg); msg = NULL;
}
if(key) {
free(key); key = NULL;
}
return(code);
}
static bool
sigcomp_vrfy(const EVP_MD *const evp_md, const BIGNUM *const bn_key,
const BIGNUM *const bn_msg,
const BIGNUM *const bn_signature, const char *const type)
{
EVP_PKEY *pkey = NULL;
unsigned char *key = NULL;
unsigned char *msg = NULL;
unsigned char *signature = NULL;
unsigned char *to = NULL;
unsigned char *ptr = NULL;
int keylen = 0;
int msglen = 0;
int signaturelen = 0;
int tolen = 0;
int padding = 0;
bool compare = true;
/* bn_key -> key */
if(!(keylen = BN_num_bytes(bn_key))) {
openssl_strerror("BN_num_bytes");
return(sigcomp_vrfy_return(false,
key, msg, signature, to, pkey));
}
if(!(key = (unsigned char *)malloc(keylen))) {
fprintf(stderr, "err: malloc: %s\n", strerror(errno));
return(sigcomp_vrfy_return(false,
key, msg, signature, to, pkey));
}
if(BN_bn2bin(bn_key, key) != keylen) {
openssl_strerror("BN_bn2bin");
return(sigcomp_vrfy_return(false,
key, msg, signature, to, pkey));
}
#ifdef DEBUG
dmp(stderr, "key", key, keylen);
#endif // DEBUG
/* bn_msg -> msg */
if(!(msglen = BN_num_bytes(bn_msg))) {
openssl_strerror("BN_num_bytes");
return(sigcomp_vrfy_return(false,
key, msg, signature, to, pkey));
}
if(!(msg = (unsigned char *)malloc(msglen))) {
fprintf(stderr, "err: malloc: %s\n", strerror(errno));
return(sigcomp_vrfy_return(false,
key, msg, signature, to, pkey));
}
if(BN_bn2bin(bn_msg, msg) != msglen) {
openssl_strerror("BN_bn2bin");
return(sigcomp_vrfy_return(false,
key, msg, signature, to, pkey));
}
#ifdef DEBUG
dmp(stderr, "msg", msg, msglen);
#endif // DEBUG
/* bn_signature -> signature */
if(!(signaturelen = BN_num_bytes(bn_signature))) {
openssl_strerror("BN_num_bytes");
return(sigcomp_vrfy_return(false,
key, msg, signature, to, pkey));
}
if(!(signature = (unsigned char *)malloc(signaturelen))) {
fprintf(stderr, "err: malloc: %s\n", strerror(errno));
return(sigcomp_vrfy_return(false,
key, msg, signature, to, pkey));
}
if(BN_bn2bin(bn_signature, signature) != signaturelen) {
openssl_strerror("BN_bn2bin");
return(sigcomp_vrfy_return(false,
key, msg, signature, to, pkey));
}
#ifdef DEBUG
dmp(stderr, "signature", signature, signaturelen);
#endif // DEBUG
ptr = key;
for( ; ; ) {
if(!strcmp(type, "rsa")) {
#if defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER >= 0x0090800fL)
if(!(pkey = d2i_PublicKey(EVP_PKEY_RSA,
NULL, (const unsigned char **)&ptr, keylen))) {
#else
if(!(pkey = d2i_PublicKey(EVP_PKEY_RSA,
NULL, &ptr, keylen))) {
#endif
openssl_strerror("d2i_PublicKey");
return(sigcomp_vrfy_return(false,
key, msg, signature, to, pkey));
}
tolen = RSA_size(pkey->pkey.rsa);
padding = RSA_PKCS1_PADDING;
break;
}
if(!strcmp(type, "dsa")) {
#if defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER >= 0x0090800fL)
if(!(pkey = d2i_PublicKey(EVP_PKEY_DSA,
NULL, (const unsigned char **)&ptr, keylen))) {
#else
if(!(pkey = d2i_PublicKey(EVP_PKEY_DSA,
NULL, &ptr, keylen))) {
#endif
openssl_strerror("d2i_PublicKey");
return(sigcomp_vrfy_return(false,
key, msg, signature, to, pkey));
}
fprintf(stderr, "err: type: %s -- not implemented\n",
type);
return(sigcomp_vrfy_return(false,
key, msg, signature, to, pkey));
/* NOTREACHED */
break;
}
fprintf(stderr, "err: type: %s -- unknown type\n",
type);
return(sigcomp_vrfy_return(false,
key, msg, signature, to, pkey));
/* NOTREACHED */
}
if(!(to = (unsigned char *)malloc(tolen))) {
fprintf(stderr, "err: malloc: %s\n", strerror(errno));
return(sigcomp_vrfy_return(false,
key, msg, signature, to, pkey));
}
if(RSA_public_decrypt(signaturelen,
signature, to, pkey->pkey.rsa, padding) < 0) {
openssl_strerror("RSA_public_decrypt");
return(sigcomp_vrfy_return(true,
key, msg, signature, to, pkey));
}
if(memcmp(msg, to, msglen)) {
compare = false;
}
sigcomp_vrfy_dump(compare, key, keylen,
msg, msglen, signature, signaturelen, to, tolen);
return(sigcomp_vrfy_return(true, key, msg, signature, to, pkey));
}
static void
sigcomp_vrfy_dump(const bool code, const unsigned char *const key, int keylen,
const unsigned char *const msg, int msglen,
const unsigned char *const signature, int signaturelen,
const unsigned char *const to, int tolen)
{
int d = 0;
printf("log:SigCompVrfy_Results (length:%d)\n",
keylen + msglen + signaturelen + tolen);
printf("log:| PublicKey (length:%d)\n", keylen);
printf("log:| | data = ");
for(d = 0; d < keylen; d ++) {
printf("%02x", key[d]);
}
printf("\n");
printf("log:| Message (length:%d)\n", msglen);
printf("log:| | data = ");
for(d = 0; d < msglen; d ++) {
printf("%02x", msg[d]);
}
printf("\n");
printf("log:| Signature (length:%d)\n",
signaturelen + tolen);
printf("log:| | status = %s\n",
code? "true": "false");
printf("log:| | Encrypted (length:%d)\n",
signaturelen);
printf("log:| | | data = ");
for(d = 0; d < signaturelen; d ++) {
printf("%02x", signature[d]);
}
printf("\n");
printf("log:| | Decrypted (length:%d)\n", tolen);
printf("log:| | | data = ");
for(d = 0; d < tolen; d ++) {
printf("%02x", to[d]);
}
printf("\n");
return;
}
static bool
sigcomp_vrfy_return(const bool code,
unsigned char *key, unsigned char *msg, unsigned char *signature,
unsigned char *to, EVP_PKEY *pkey)
{
if(pkey) {
EVP_PKEY_free(pkey); pkey = NULL;
}
if(to) {
free(to); to = NULL;
}
if(signature) {
free(signature); signature = NULL;
}
if(msg) {
free(msg); msg = NULL;
}
if(key) {
free(key); key = NULL;
}
return(code);
}
static const EVP_MD *
evp_md_with_algorithm(const char *const type, const char *const algorithm)
{
const EVP_MD *evp_md = NULL;
bool dsa = false;
bool rsa = false;
for( ; ; ) {
if(!strcmp(type, "dsa")) {
dsa = true;
break;
}
if(!strcmp(type, "rsa")) {
rsa = true;
break;
}
break;
}
for( ; ; ) {
if(dsa && !strcmp(algorithm, "dss1")) {
evp_md = EVP_dss1();
break;
}
if(rsa && !strcmp(algorithm, "md2")) {
evp_md = EVP_md2();
break;
}
if(rsa && !strcmp(algorithm, "md4")) {
evp_md = EVP_md4();
break;
}
if(rsa && !strcmp(algorithm, "md5")) {
evp_md = EVP_md5();
break;
}
#if ! defined(__linux__)
if(rsa && !strcmp(algorithm, "mdc2")) {
evp_md = EVP_mdc2();
break;
}
#endif
if(rsa && !strcmp(algorithm, "ripemd160")) {
evp_md = EVP_ripemd160();
break;
}
if(rsa && !strcmp(algorithm, "sha1")) {
evp_md = EVP_sha1();
break;
}
break;
}
return(evp_md);
}
static void
openssl_strerror(const char *const label)
{
unsigned long code = 0;
while((code = ERR_get_error())) {
fprintf(stderr, "err: %s: %s\n",
label, ERR_error_string(code, NULL));
}
return;
}
