/** Verify a DSA signature @param sig The signature @param siglen The length of the signature (octets) @param hash The hash that was signed @param hashlen The length of the hash that was signed @param stat [out] The result of the signature verification, 1==valid, 0==invalid @param key The corresponding public DH key @return CRYPT_OK if successful (even if the signature is invalid) */ int dsa_verify_hash(const unsigned char *sig, unsigned long siglen, const unsigned char *hash, unsigned long hashlen, int *stat, dsa_key *key) { int err; mp_int r, s; if ((err = mp_init_multi(&r, &s, NULL)) != CRYPT_OK) { return CRYPT_MEM; } /* decode the sequence */ if ((err = der_decode_sequence_multi(sig, siglen, LTC_ASN1_INTEGER, 1UL, &r, LTC_ASN1_INTEGER, 1UL, &s, LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { goto LBL_ERR; } /* do the op */ err = dsa_verify_hash_raw(&r, &s, hash, hashlen, stat, key); LBL_ERR: mp_clear_multi(&r, &s, NULL); return err; }
static int rpmltcVerifyDSA(pgpDig dig) /*@*/ { rpmltc ltc = dig->impl; int rc = 0; /* assume failure. */ int xx; if (ltc->digest == NULL || ltc->digestlen == 0) goto exit; if (ltc->r == NULL || ltc->s == NULL) goto exit; #ifdef DYING rpmltcDumpDSA(__FUNCTION__, ltc); #endif xx = rpmltcErr(ltc, "dsa_verify_hash_raw", dsa_verify_hash_raw(ltc->r, ltc->s, ltc->digest, ltc->digestlen, &rc, <c->dsa)); exit: SPEW(!rc, rc, dig); return rc; }