diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2015-10-28 16:57:51 +0000 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2015-12-09 22:09:19 +0000 |
| commit | a200a817add039d0515e6ecf94237b634819687d (patch) | |
| tree | 8a968313e9398c4dfd7d462293888e586ce2325e /crypto/ec/ecdsa_ossl.c | |
| parent | 7d711cbc335206327d1dbb0389d9ab83b461d4de (diff) | |
Top level ECDSA sign/verify redirection.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'crypto/ec/ecdsa_ossl.c')
| -rw-r--r-- | crypto/ec/ecdsa_ossl.c | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/crypto/ec/ecdsa_ossl.c b/crypto/ec/ecdsa_ossl.c index 08e10f773f..40742bdf06 100644 --- a/crypto/ec/ecdsa_ossl.c +++ b/crypto/ec/ecdsa_ossl.c @@ -56,6 +56,7 @@ * */ +#include <string.h> #include <openssl/err.h> #include <openssl/obj_mac.h> #include <openssl/bn.h> @@ -63,6 +64,22 @@ #include <openssl/ec.h> #include "ec_lcl.h" +int ossl_ecdsa_sign(int type, const unsigned char *dgst, int dlen, + unsigned char *sig, unsigned int *siglen, + const BIGNUM *kinv, const BIGNUM *r, EC_KEY *eckey) +{ + ECDSA_SIG *s; + RAND_seed(dgst, dlen); + s = ECDSA_do_sign_ex(dgst, dlen, kinv, r, eckey); + if (s == NULL) { + *siglen = 0; + return 0; + } + *siglen = i2d_ECDSA_SIG(s, &sig); + ECDSA_SIG_free(s); + return 1; +} + static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp, const unsigned char *dgst, int dlen) @@ -326,6 +343,37 @@ ECDSA_SIG *ossl_ecdsa_sign_sig(const unsigned char *dgst, int dgst_len, return ret; } +/*- + * returns + * 1: correct signature + * 0: incorrect signature + * -1: error + */ +int ossl_ecdsa_verify(int type, const unsigned char *dgst, int dgst_len, + const unsigned char *sigbuf, int sig_len, EC_KEY *eckey) +{ + ECDSA_SIG *s; + const unsigned char *p = sigbuf; + unsigned char *der = NULL; + int derlen = -1; + int ret = -1; + + s = ECDSA_SIG_new(); + if (s == NULL) + return (ret); + if (d2i_ECDSA_SIG(&s, &p, sig_len) == NULL) + goto err; + /* Ensure signature uses DER and doesn't have trailing garbage */ + derlen = i2d_ECDSA_SIG(s, &der); + if (derlen != sig_len || memcmp(sigbuf, der, derlen)) + goto err; + ret = ECDSA_do_verify(dgst, dgst_len, s, eckey); + err: + OPENSSL_clear_free(der, derlen); + ECDSA_SIG_free(s); + return (ret); +} + int ossl_ecdsa_verify_sig(const unsigned char *dgst, int dgst_len, const ECDSA_SIG *sig, EC_KEY *eckey) { |