diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2000-12-28 19:18:48 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2000-12-28 19:18:48 +0000 |
commit | 09ab755c555a96df23b78fb188578b2fba5faae2 (patch) | |
tree | d70caa8c199c4dc22e7c2301a554a80c8158c160 /crypto/asn1/a_verify.c | |
parent | ec558b65480cb186979e0c3bf0cf8e36eb49a125 (diff) |
ASN1_ITEM versions of sign, verify, pack and unpack.
The old function pointer versions will eventually go
away.
Diffstat (limited to 'crypto/asn1/a_verify.c')
-rw-r--r-- | crypto/asn1/a_verify.c | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/crypto/asn1/a_verify.c b/crypto/asn1/a_verify.c index 2a11927e5c..be5a27e58b 100644 --- a/crypto/asn1/a_verify.c +++ b/crypto/asn1/a_verify.c @@ -117,3 +117,51 @@ int ASN1_verify(int (*i2d)(), X509_ALGOR *a, ASN1_BIT_STRING *signature, err: return(ret); } + + +int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signature, + void *asn, EVP_PKEY *pkey) + { + EVP_MD_CTX ctx; + const EVP_MD *type; + unsigned char *buf_in=NULL; + int ret= -1,i,inl; + + i=OBJ_obj2nid(a->algorithm); + type=EVP_get_digestbyname(OBJ_nid2sn(i)); + if (type == NULL) + { + ASN1err(ASN1_F_ASN1_VERIFY,ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM); + goto err; + } + + inl = ASN1_item_i2d(asn, &buf_in, it); + + if (buf_in == NULL) + { + ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_MALLOC_FAILURE); + goto err; + } + + EVP_VerifyInit(&ctx,type); + EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl); + + memset(buf_in,0,(unsigned int)inl); + OPENSSL_free(buf_in); + + if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data, + (unsigned int)signature->length,pkey) <= 0) + { + ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_EVP_LIB); + ret=0; + goto err; + } + /* we don't need to zero the 'ctx' because we just checked + * public information */ + /* memset(&ctx,0,sizeof(ctx)); */ + ret=1; +err: + return(ret); + } + + |