int ECDSA_verify(int type, const uint8_t *digest, size_t digest_len,
const uint8_t *sig, size_t sig_len, const EC_KEY *eckey) {
ECDSA_SIG *s;
int ret = 0;
uint8_t *der = NULL;
/* Decode the ECDSA signature. */
s = ECDSA_SIG_from_bytes(sig, sig_len);
if (s == NULL) {
goto err;
}
/* Defend against potential laxness in the DER parser. */
size_t der_len;
if (!ECDSA_SIG_to_bytes(&der, &der_len, s) ||
der_len != sig_len || OPENSSL_memcmp(sig, der, sig_len) != 0) {
/* This should never happen. crypto/bytestring is strictly DER. */
OPENSSL_PUT_ERROR(ECDSA, ERR_R_INTERNAL_ERROR);
goto err;
}
ret = ECDSA_do_verify(digest, digest_len, s, eckey);
err:
OPENSSL_free(der);
ECDSA_SIG_free(s);
return ret;
}
int ECDSA_verify_signed_digest(int hash_nid, const uint8_t *digest,
size_t digest_len, const uint8_t *sig,
size_t sig_len, EC_GROUP_new_fn ec_group_new,
const uint8_t *ec_key, const size_t ec_key_len) {
EC_GROUP *group = ec_group_new();
if (!group) {
return 0;
}
int ret = 0;
ECDSA_SIG *s = NULL;
EC_POINT *point = EC_POINT_new(group);
if (!point ||
!EC_POINT_oct2point(group, point, ec_key, ec_key_len, NULL)) {
goto err;
}
s = ECDSA_SIG_from_bytes(sig, sig_len);
if (s == NULL) {
goto err;
}
ret = ECDSA_do_verify_point(digest, digest_len, s, group, point);
err:
ECDSA_SIG_free(s);
EC_POINT_free(point);
EC_GROUP_free(group);
return ret;
}