kris
/
boringssl
1
0
Fork 0
Code Issues 0 Pull-Requests 0 Releases 0 Wiki Aktivität
Quellcode durchsuchen

Drop support for engines-provided signature verification. 

We do not need to support engine-provided verification methods.

Change-Id: Iaad8369d403082b728c831167cc386fdcabfb067
Reviewed-on: https://boringssl-review.googlesource.com/7311
Reviewed-by: David Benjamin <davidben@google.com>
kris/onging/CECPQ3_patch15
Brian Smith vor 8 Jahren
committed by David Benjamin
Ursprung
9b611e28e4
Commit
c0b196d4eb
6 geänderte Dateien mit 15 neuen und 30 gelöschten Zeilen
Geteilte Ansicht
Diff-Optionen
Statistiken anzeigen Patch-Datei herunterladen Vergleichs-Datei herunterladen
  1. +0
    -9
      crypto/ecdsa/ecdsa.c
  2. +0
    -3
      crypto/rsa/internal.h
  3. +5
    -14
      crypto/rsa/rsa.c
  4. +7
    -3
      crypto/rsa/rsa_impl.c
  5. +1
    -1
      include/openssl/ec_key.h
  6. +2
    -0
      include/openssl/rsa.h

+ 0
- 9
crypto/ecdsa/ecdsa.c Datei anzeigen

@@ -79,10 +79,6 @@ int ECDSA_verify(int type, const uint8_t *digest, size_t digest_len,
int ret = 0;
uint8_t *der = NULL;

if (eckey->ecdsa_meth && eckey->ecdsa_meth->verify) {
return eckey->ecdsa_meth->verify(digest, digest_len, sig, sig_len, eckey);
}

/* Decode the ECDSA signature. */
s = ECDSA_SIG_from_bytes(sig, sig_len);
if (s == NULL) {
@@ -148,11 +144,6 @@ int ECDSA_do_verify(const uint8_t *digest, size_t digest_len,
const EC_GROUP *group;
const EC_POINT *pub_key;

if (eckey->ecdsa_meth && eckey->ecdsa_meth->verify) {
OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_NOT_IMPLEMENTED);
return 0;
}

/* check input values */
if ((group = EC_KEY_get0_group(eckey)) == NULL ||
(pub_key = EC_KEY_get0_public_key(eckey)) == NULL ||


+ 0
- 3
crypto/rsa/internal.h Datei anzeigen

@@ -77,9 +77,6 @@ int rsa_default_sign_raw(RSA *rsa, size_t *out_len, uint8_t *out,
int padding);
int rsa_default_decrypt(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out,
const uint8_t *in, size_t in_len, int padding);
int rsa_default_verify_raw(RSA *rsa, size_t *out_len, uint8_t *out,
size_t max_out, const uint8_t *in, size_t in_len,
int padding);
int rsa_default_private_transform(RSA *rsa, uint8_t *out, const uint8_t *in,
size_t len);
int rsa_default_multi_prime_keygen(RSA *rsa, int bits, int num_primes,


+ 5
- 14
crypto/rsa/rsa.c Datei anzeigen

@@ -258,16 +258,6 @@ int RSA_private_decrypt(size_t flen, const uint8_t *from, uint8_t *to, RSA *rsa,
return out_len;
}

int RSA_verify_raw(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out,
const uint8_t *in, size_t in_len, int padding) {
if (rsa->meth->verify_raw) {
return rsa->meth->verify_raw(rsa, out_len, out, max_out, in, in_len, padding);
}

return rsa_default_verify_raw(rsa, out_len, out, max_out, in, in_len,
padding);
}

int RSA_public_decrypt(size_t flen, const uint8_t *from, uint8_t *to, RSA *rsa,
int padding) {
size_t out_len;
@@ -473,6 +463,11 @@ finish:

int RSA_verify(int hash_nid, const uint8_t *msg, size_t msg_len,
const uint8_t *sig, size_t sig_len, RSA *rsa) {
if (rsa->n == NULL || rsa->e == NULL) {
OPENSSL_PUT_ERROR(RSA, RSA_R_VALUE_MISSING);
return 0;
}

const size_t rsa_size = RSA_size(rsa);
uint8_t *buf = NULL;
int ret = 0;
@@ -480,10 +475,6 @@ int RSA_verify(int hash_nid, const uint8_t *msg, size_t msg_len,
size_t signed_msg_len, len;
int signed_msg_is_alloced = 0;

if (rsa->meth->verify) {
return rsa->meth->verify(hash_nid, msg, msg_len, sig, sig_len, rsa);
}

if (sig_len != rsa_size) {
OPENSSL_PUT_ERROR(RSA, RSA_R_WRONG_SIGNATURE_LENGTH);
return 0;


+ 7
- 3
crypto/rsa/rsa_impl.c Datei anzeigen

@@ -426,9 +426,13 @@ err:

static int mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx);

int rsa_default_verify_raw(RSA *rsa, size_t *out_len, uint8_t *out,
size_t max_out, const uint8_t *in, size_t in_len,
int padding) {
int RSA_verify_raw(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out,
const uint8_t *in, size_t in_len, int padding) {
if (rsa->n == NULL || rsa->e == NULL) {
OPENSSL_PUT_ERROR(RSA, RSA_R_VALUE_MISSING);
return 0;
}

const unsigned rsa_size = RSA_size(rsa);
BIGNUM *f, *result;
int ret = 0;


+ 1
- 1
include/openssl/ec_key.h Datei anzeigen

@@ -248,7 +248,7 @@ struct ecdsa_method_st {
int (*sign)(const uint8_t *digest, size_t digest_len, uint8_t *sig,
unsigned int *sig_len, EC_KEY *eckey);

/* verify matches the arguments and behaviour of |ECDSA_verify|. */
/* Ignored. Set this to NULL. */
int (*verify)(const uint8_t *digest, size_t digest_len, const uint8_t *sig,
size_t sig_len, EC_KEY *eckey);



+ 2
- 0
include/openssl/rsa.h Datei anzeigen

@@ -509,6 +509,7 @@ struct rsa_meth_st {
int (*sign)(int type, const uint8_t *m, unsigned int m_length,
uint8_t *sigret, unsigned int *siglen, const RSA *rsa);

/* Ignored. Set this to NULL. */
int (*verify)(int dtype, const uint8_t *m, unsigned int m_length,
const uint8_t *sigbuf, unsigned int siglen, const RSA *rsa);

@@ -521,6 +522,7 @@ struct rsa_meth_st {

int (*decrypt)(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out,
const uint8_t *in, size_t in_len, int padding);
/* Ignored. Set this to NULL. */
int (*verify_raw)(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out,
const uint8_t *in, size_t in_len, int padding);



Verfassen Vorschau
Laden…
Abbrechen
Speichern