static int rsa_verify_cb(int fd, void *ud) { struct rsa_verify_cbdata *cbdata = ud; char *sha256; char errbuf[1024]; RSA *rsa = NULL; int ret; sha256 = pkg_checksum_fd(fd, PKG_HASH_TYPE_SHA256_HEX); if (sha256 == NULL) return (EPKG_FATAL); rsa = _load_rsa_public_key_buf(cbdata->key, cbdata->keylen); if (rsa == NULL) { free(sha256); return(EPKG_FATAL); } ret = RSA_verify(NID_sha1, sha256, pkg_checksum_type_size(PKG_HASH_TYPE_SHA256_HEX), cbdata->sig, cbdata->siglen, rsa); free(sha256); if (ret == 0) { pkg_emit_error("%s: %s", cbdata->key, ERR_error_string(ERR_get_error(), errbuf)); RSA_free(rsa); return (EPKG_FATAL); } RSA_free(rsa); return (EPKG_OK); }
static int rsa_verify_cb(int fd, void *ud) { struct rsa_verify_cbdata *cbdata = ud; char sha256[SHA256_DIGEST_LENGTH *2 +1]; char errbuf[1024]; RSA *rsa = NULL; int ret; if (sha256_fd(fd, sha256) != EPKG_OK) return (EPKG_FATAL); rsa = _load_rsa_public_key_buf(cbdata->key, cbdata->keylen); if (rsa == NULL) return(EPKG_FATAL); ret = RSA_verify(NID_sha1, sha256, sizeof(sha256), cbdata->sig, cbdata->siglen, rsa); if (ret == 0) { pkg_emit_error("%s: %s", cbdata->key, ERR_error_string(ERR_get_error(), errbuf)); RSA_free(rsa); return (EPKG_FATAL); } RSA_free(rsa); return (EPKG_OK); }