bool EAC_Signed_Object::check_signature(Public_Key& pub_key,
const MemoryRegion<byte>& sig) const
{
try
{
std::vector<std::string> sig_info =
split_on(OIDS::lookup(sig_algo.oid), '/');
if(sig_info.size() != 2 || sig_info[0] != pub_key.algo_name())
{
return false;
}
std::string padding = sig_info[1];
Signature_Format format =
(pub_key.message_parts() >= 2) ? DER_SEQUENCE : IEEE_1363;
SecureVector<byte> to_sign = tbs_data();
PK_Verifier verifier(pub_key, padding, format);
return verifier.verify_message(to_sign, sig);
}
catch(...)
{
return false;
}
}
/*
* Check the signature on an object
*/
bool X509_Object::check_signature(const Public_Key& pub_key) const
{
try {
std::vector<std::string> sig_info =
split_on(OIDS::lookup(m_sig_algo.oid), '/');
if(sig_info.size() != 2 || sig_info[0] != pub_key.algo_name())
return false;
std::string padding = sig_info[1];
Signature_Format format =
(pub_key.message_parts() >= 2) ? DER_SEQUENCE : IEEE_1363;
PK_Verifier verifier(pub_key, padding, format);
return verifier.verify_message(tbs_data(), signature());
}
catch(std::exception&)
{
return false;
}
}
Certificate_Status_Code X509_Object::verify_signature(const Public_Key& pub_key) const
{
const std::vector<std::string> sig_info =
split_on(OIDS::lookup(m_sig_algo.get_oid()), '/');
if(sig_info.size() < 1 || sig_info.size() > 2 || sig_info[0] != pub_key.algo_name())
return Certificate_Status_Code::SIGNATURE_ALGO_BAD_PARAMS;
std::string padding;
if(sig_info.size() == 2)
padding = sig_info[1];
else if(sig_info[0] == "Ed25519")
padding = "Pure";
else
return Certificate_Status_Code::SIGNATURE_ALGO_BAD_PARAMS;
const Signature_Format format =
(pub_key.message_parts() >= 2) ? DER_SEQUENCE : IEEE_1363;
if(padding == "EMSA4")
{
// "MUST contain RSASSA-PSS-params"
if(signature_algorithm().parameters.empty())
{
return Certificate_Status_Code::SIGNATURE_ALGO_BAD_PARAMS;
}
Pss_params pss_parameter = decode_pss_params(signature_algorithm().parameters);
// hash_algo must be SHA1, SHA2-224, SHA2-256, SHA2-384 or SHA2-512
const std::string hash_algo = OIDS::lookup(pss_parameter.hash_algo.oid);
if(hash_algo != "SHA-160" &&
hash_algo != "SHA-224" &&
hash_algo != "SHA-256" &&
hash_algo != "SHA-384" &&
hash_algo != "SHA-512")
{
return Certificate_Status_Code::UNTRUSTED_HASH;
}
const std::string mgf_algo = OIDS::lookup(pss_parameter.mask_gen_algo.oid);
if(mgf_algo != "MGF1")
{
return Certificate_Status_Code::SIGNATURE_ALGO_BAD_PARAMS;
}
// For MGF1, it is strongly RECOMMENDED that the underlying hash function be the same as the one identified by hashAlgorithm
// Must be SHA1, SHA2-224, SHA2-256, SHA2-384 or SHA2-512
if(pss_parameter.mask_gen_hash.oid != pss_parameter.hash_algo.oid)
{
return Certificate_Status_Code::SIGNATURE_ALGO_BAD_PARAMS;
}
if(pss_parameter.trailer_field != 1)
{
return Certificate_Status_Code::SIGNATURE_ALGO_BAD_PARAMS;
}
// salt_len is actually not used for verification. Length is inferred from the signature
padding += "(" + hash_algo + "," + mgf_algo + "," + std::to_string(pss_parameter.salt_len) + ")";
}
try
{
PK_Verifier verifier(pub_key, padding, format);
const bool valid = verifier.verify_message(tbs_data(), signature());
if(valid)
return Certificate_Status_Code::VERIFIED;
else
return Certificate_Status_Code::SIGNATURE_ERROR;
}
catch(Algorithm_Not_Found&)
{
return Certificate_Status_Code::SIGNATURE_ALGO_UNKNOWN;
}
catch(...)
{
// This shouldn't happen, fallback to generic signature error
return Certificate_Status_Code::SIGNATURE_ERROR;
}
}
