int
rsa_sha256_verify_digest(const struct rsa_public_key *key,
const uint8_t *digest,
const mpz_t s)
{
int res;
mpz_t m;
mpz_init(m);
res = (pkcs1_rsa_sha256_encode_digest(m, key->size, digest)
&& _rsa_verify(key, m, s));
mpz_clear(m);
return res;
}
int
rsa_sha256_verify(const struct rsa_public_key *key,
struct sha256_ctx *hash,
const mpz_t s)
{
int res;
mpz_t m;
mpz_init(m);
res = (pkcs1_rsa_sha256_encode(m, key->size, hash)
&&_rsa_verify(key, m, s));
mpz_clear(m);
return res;
}
static int rsa_verify(struct akcipher_request *req)
{
struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
const struct rsa_key *pkey = rsa_get_key(tfm);
MPI s, m = mpi_alloc(0);
int ret = 0;
int sign;
if (!m)
return -ENOMEM;
if (unlikely(!pkey->n || !pkey->e)) {
ret = -EINVAL;
goto err_free_m;
}
if (req->dst_len < mpi_get_size(pkey->n)) {
req->dst_len = mpi_get_size(pkey->n);
ret = -EOVERFLOW;
goto err_free_m;
}
ret = -ENOMEM;
s = mpi_read_raw_from_sgl(req->src, req->src_len);
if (!s) {
ret = -ENOMEM;
goto err_free_m;
}
ret = _rsa_verify(pkey, m, s);
if (ret)
goto err_free_s;
ret = mpi_write_to_sgl(m, req->dst, &req->dst_len, &sign);
if (ret)
goto err_free_s;
if (sign < 0)
ret = -EBADMSG;
err_free_s:
mpi_free(s);
err_free_m:
mpi_free(m);
return ret;
}
int
rsa_sha1_verify_digest(const struct rsa_public_key *key,
const uint8_t *digest,
const mpz_t s)
{
int res;
mpz_t m;
assert(key->size >= RSA_MINIMUM_N_OCTETS);
mpz_init(m);
pkcs1_rsa_sha1_encode_digest(m, key->size - 1, digest);
res = _rsa_verify(key, m, s);
mpz_clear(m);
return res;
}
int
rsa_sha1_verify(const struct rsa_public_key *key,
struct sha1_ctx *hash,
const mpz_t s)
{
int res;
mpz_t m;
assert(key->size >= RSA_MINIMUM_N_OCTETS);
mpz_init(m);
pkcs1_rsa_sha1_encode(m, key->size - 1, hash);
res = _rsa_verify(key, m, s);
mpz_clear(m);
return res;
}