mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
sm,dirmngr: Support rsaPSS signature verification.
* sm/certcheck.c (hash_algo_from_buffer): New. (uint_from_buffer): New. (gpgsm_check_cert_sig): Handle PSS. * dirmngr/crlcache.c (hash_algo_from_buffer): New. (uint_from_buffer): New. (start_sig_check): Detect PSS and extract hash algo. New arg to return a PSS flag. (finish_sig_check): New arg use_pss. Extract PSS args and use them. (crl_parse_insert): Pass use_pss flag along. -- GnuPG-bug-id: 4538 Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
parent
5d5b70ae0f
commit
b45ab0ca08
@ -1531,16 +1531,103 @@ crl_cache_cert_isvalid (ctrl_t ctrl, ksba_cert_t cert,
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/* Return the hash algorithm's algo id from its name given in the
|
||||||
|
* non-null termnated string in (buffer,buflen). Returns 0 on failure
|
||||||
|
* or if the algo is not known. */
|
||||||
|
static int
|
||||||
|
hash_algo_from_buffer (const void *buffer, size_t buflen)
|
||||||
|
{
|
||||||
|
char *string;
|
||||||
|
int algo;
|
||||||
|
|
||||||
|
string = xtrymalloc (buflen + 1);
|
||||||
|
if (!string)
|
||||||
|
{
|
||||||
|
log_error (_("out of core\n"));
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
memcpy (string, buffer, buflen);
|
||||||
|
string[buflen] = 0;
|
||||||
|
algo = gcry_md_map_name (string);
|
||||||
|
if (!algo)
|
||||||
|
log_error ("unknown digest algorithm '%s' used in certificate\n", string);
|
||||||
|
xfree (string);
|
||||||
|
return algo;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/* Return an unsigned integer from the non-null termnated string
|
||||||
|
* (buffer,buflen). Returns 0 on failure. */
|
||||||
|
static unsigned int
|
||||||
|
uint_from_buffer (const void *buffer, size_t buflen)
|
||||||
|
{
|
||||||
|
char *string;
|
||||||
|
unsigned int val;
|
||||||
|
|
||||||
|
string = xtrymalloc (buflen + 1);
|
||||||
|
if (!string)
|
||||||
|
{
|
||||||
|
log_error (_("out of core\n"));
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
memcpy (string, buffer, buflen);
|
||||||
|
string[buflen] = 0;
|
||||||
|
val = strtoul (string, NULL, 10);
|
||||||
|
xfree (string);
|
||||||
|
return val;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
/* Prepare a hash context for the signature verification. Input is
|
/* Prepare a hash context for the signature verification. Input is
|
||||||
the CRL and the output is the hash context MD as well as the uses
|
the CRL and the output is the hash context MD as well as the uses
|
||||||
algorithm identifier ALGO. */
|
algorithm identifier ALGO. */
|
||||||
static gpg_error_t
|
static gpg_error_t
|
||||||
start_sig_check (ksba_crl_t crl, gcry_md_hd_t *md, int *algo)
|
start_sig_check (ksba_crl_t crl, gcry_md_hd_t *md, int *algo, int *use_pss)
|
||||||
{
|
{
|
||||||
gpg_error_t err;
|
gpg_error_t err;
|
||||||
const char *algoid;
|
const char *algoid;
|
||||||
|
|
||||||
|
*use_pss = 0;
|
||||||
algoid = ksba_crl_get_digest_algo (crl);
|
algoid = ksba_crl_get_digest_algo (crl);
|
||||||
|
if (algoid && !strcmp (algoid, "1.2.840.113549.1.1.10"))
|
||||||
|
{
|
||||||
|
/* Parse rsaPSS parameter. */
|
||||||
|
gcry_buffer_t ioarray[1] = { {0} };
|
||||||
|
ksba_sexp_t pssparam;
|
||||||
|
size_t n;
|
||||||
|
gcry_sexp_t psssexp;
|
||||||
|
|
||||||
|
pssparam = ksba_crl_get_sig_val (crl);
|
||||||
|
n = gcry_sexp_canon_len (pssparam, 0, NULL, NULL);
|
||||||
|
if (!n)
|
||||||
|
{
|
||||||
|
ksba_free (pssparam);
|
||||||
|
log_error (_("got an invalid S-expression from libksba\n"));
|
||||||
|
return gpg_error (GPG_ERR_INV_SEXP);
|
||||||
|
}
|
||||||
|
err = gcry_sexp_sscan (&psssexp, NULL, pssparam, n);
|
||||||
|
ksba_free (pssparam);
|
||||||
|
if (err)
|
||||||
|
{
|
||||||
|
log_error (_("converting S-expression failed: %s\n"),
|
||||||
|
gcry_strerror (err));
|
||||||
|
return err;
|
||||||
|
}
|
||||||
|
|
||||||
|
err = gcry_sexp_extract_param (psssexp, "sig-val",
|
||||||
|
"&'hash-algo'", ioarray, NULL);
|
||||||
|
gcry_sexp_release (psssexp);
|
||||||
|
if (err)
|
||||||
|
{
|
||||||
|
log_error ("extracting params from PSS failed: %s\n",
|
||||||
|
gpg_strerror (err));
|
||||||
|
return err;
|
||||||
|
}
|
||||||
|
*algo = hash_algo_from_buffer (ioarray[0].data, ioarray[0].len);
|
||||||
|
xfree (ioarray[0].data);
|
||||||
|
*use_pss = 1;
|
||||||
|
}
|
||||||
|
else
|
||||||
*algo = gcry_md_map_name (algoid);
|
*algo = gcry_md_map_name (algoid);
|
||||||
if (!*algo)
|
if (!*algo)
|
||||||
{
|
{
|
||||||
@ -1570,15 +1657,13 @@ start_sig_check (ksba_crl_t crl, gcry_md_hd_t *md, int *algo)
|
|||||||
certificate of the CRL issuer. This function takes ownership of MD. */
|
certificate of the CRL issuer. This function takes ownership of MD. */
|
||||||
static gpg_error_t
|
static gpg_error_t
|
||||||
finish_sig_check (ksba_crl_t crl, gcry_md_hd_t md, int algo,
|
finish_sig_check (ksba_crl_t crl, gcry_md_hd_t md, int algo,
|
||||||
ksba_cert_t issuer_cert)
|
ksba_cert_t issuer_cert, int use_pss)
|
||||||
{
|
{
|
||||||
gpg_error_t err;
|
gpg_error_t err;
|
||||||
ksba_sexp_t sigval = NULL, pubkey = NULL;
|
ksba_sexp_t sigval = NULL, pubkey = NULL;
|
||||||
const char *s;
|
|
||||||
char algoname[50];
|
|
||||||
size_t n;
|
size_t n;
|
||||||
gcry_sexp_t s_sig = NULL, s_hash = NULL, s_pkey = NULL;
|
gcry_sexp_t s_sig = NULL, s_hash = NULL, s_pkey = NULL;
|
||||||
unsigned int i;
|
unsigned int saltlen = 0; /* (used only with use_pss) */
|
||||||
|
|
||||||
/* This also stops debugging on the MD. */
|
/* This also stops debugging on the MD. */
|
||||||
gcry_md_final (md);
|
gcry_md_final (md);
|
||||||
@ -1600,6 +1685,55 @@ finish_sig_check (ksba_crl_t crl, gcry_md_hd_t md, int algo,
|
|||||||
goto leave;
|
goto leave;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (use_pss)
|
||||||
|
{
|
||||||
|
/* Parse rsaPSS parameter which we should find in S_SIG. */
|
||||||
|
gcry_buffer_t ioarray[2] = { {0}, {0} };
|
||||||
|
ksba_sexp_t pssparam;
|
||||||
|
gcry_sexp_t psssexp;
|
||||||
|
int hashalgo;
|
||||||
|
|
||||||
|
pssparam = ksba_crl_get_sig_val (crl);
|
||||||
|
n = gcry_sexp_canon_len (pssparam, 0, NULL, NULL);
|
||||||
|
if (!n)
|
||||||
|
{
|
||||||
|
ksba_free (pssparam);
|
||||||
|
log_error (_("got an invalid S-expression from libksba\n"));
|
||||||
|
err = gpg_error (GPG_ERR_INV_SEXP);
|
||||||
|
goto leave;
|
||||||
|
}
|
||||||
|
err = gcry_sexp_sscan (&psssexp, NULL, pssparam, n);
|
||||||
|
ksba_free (pssparam);
|
||||||
|
if (err)
|
||||||
|
{
|
||||||
|
log_error (_("converting S-expression failed: %s\n"),
|
||||||
|
gcry_strerror (err));
|
||||||
|
goto leave;
|
||||||
|
}
|
||||||
|
|
||||||
|
err = gcry_sexp_extract_param (psssexp, "sig-val",
|
||||||
|
"&'hash-algo''salt-length'",
|
||||||
|
ioarray+0, ioarray+1, NULL);
|
||||||
|
gcry_sexp_release (psssexp);
|
||||||
|
if (err)
|
||||||
|
{
|
||||||
|
log_error ("extracting params from PSS failed: %s\n",
|
||||||
|
gpg_strerror (err));
|
||||||
|
goto leave;
|
||||||
|
}
|
||||||
|
hashalgo = hash_algo_from_buffer (ioarray[0].data, ioarray[0].len);
|
||||||
|
saltlen = uint_from_buffer (ioarray[1].data, ioarray[1].len);
|
||||||
|
xfree (ioarray[0].data);
|
||||||
|
xfree (ioarray[1].data);
|
||||||
|
if (hashalgo != algo)
|
||||||
|
{
|
||||||
|
log_error ("hash algo mismatch: %d announced but %d used\n",
|
||||||
|
algo, hashalgo);
|
||||||
|
return gpg_error (GPG_ERR_INV_CRL);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
/* Get and convert the public key for the issuer certificate. */
|
/* Get and convert the public key for the issuer certificate. */
|
||||||
if (DBG_X509)
|
if (DBG_X509)
|
||||||
dump_cert ("crl_issuer_cert", issuer_cert);
|
dump_cert ("crl_issuer_cert", issuer_cert);
|
||||||
@ -1620,13 +1754,25 @@ finish_sig_check (ksba_crl_t crl, gcry_md_hd_t md, int algo,
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* Create an S-expression with the actual hash value. */
|
/* Create an S-expression with the actual hash value. */
|
||||||
s = gcry_md_algo_name (algo);
|
if (use_pss)
|
||||||
for (i = 0; *s && i < sizeof(algoname) - 1; s++, i++)
|
{
|
||||||
algoname[i] = ascii_tolower (*s);
|
err = gcry_sexp_build (&s_hash, NULL,
|
||||||
algoname[i] = 0;
|
"(data (flags pss)"
|
||||||
err = gcry_sexp_build (&s_hash, NULL, "(data(flags pkcs1)(hash %s %b))",
|
"(hash %s %b)"
|
||||||
algoname,
|
"(salt-length %u))",
|
||||||
gcry_md_get_algo_dlen (algo), gcry_md_read (md, algo));
|
hash_algo_to_string (algo),
|
||||||
|
(int)gcry_md_get_algo_dlen (algo),
|
||||||
|
gcry_md_read (md, algo),
|
||||||
|
saltlen);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
err = gcry_sexp_build (&s_hash, NULL,
|
||||||
|
"(data(flags pkcs1)(hash %s %b))",
|
||||||
|
hash_algo_to_string (algo),
|
||||||
|
(int)gcry_md_get_algo_dlen (algo),
|
||||||
|
gcry_md_read (md, algo));
|
||||||
|
}
|
||||||
if (err)
|
if (err)
|
||||||
{
|
{
|
||||||
log_error (_("creating S-expression failed: %s\n"), gcry_strerror (err));
|
log_error (_("creating S-expression failed: %s\n"), gcry_strerror (err));
|
||||||
@ -1688,6 +1834,7 @@ crl_parse_insert (ctrl_t ctrl, ksba_crl_t crl,
|
|||||||
ksba_cert_t crlissuer_cert = NULL;
|
ksba_cert_t crlissuer_cert = NULL;
|
||||||
gcry_md_hd_t md = NULL;
|
gcry_md_hd_t md = NULL;
|
||||||
int algo = 0;
|
int algo = 0;
|
||||||
|
int use_pss = 0;
|
||||||
size_t n;
|
size_t n;
|
||||||
|
|
||||||
(void)fname;
|
(void)fname;
|
||||||
@ -1710,7 +1857,7 @@ crl_parse_insert (ctrl_t ctrl, ksba_crl_t crl,
|
|||||||
{
|
{
|
||||||
case KSBA_SR_BEGIN_ITEMS:
|
case KSBA_SR_BEGIN_ITEMS:
|
||||||
{
|
{
|
||||||
err = start_sig_check (crl, &md, &algo);
|
err = start_sig_check (crl, &md, &algo, &use_pss);
|
||||||
if (err)
|
if (err)
|
||||||
goto failure;
|
goto failure;
|
||||||
|
|
||||||
@ -1847,7 +1994,7 @@ crl_parse_insert (ctrl_t ctrl, ksba_crl_t crl,
|
|||||||
goto failure;
|
goto failure;
|
||||||
}
|
}
|
||||||
|
|
||||||
err = finish_sig_check (crl, md, algo, crlissuer_cert);
|
err = finish_sig_check (crl, md, algo, crlissuer_cert, use_pss);
|
||||||
md = NULL; /* Closed. */
|
md = NULL; /* Closed. */
|
||||||
if (err)
|
if (err)
|
||||||
{
|
{
|
||||||
|
174
sm/certcheck.c
174
sm/certcheck.c
@ -1,5 +1,7 @@
|
|||||||
/* certcheck.c - check one certificate
|
/* certcheck.c - check one certificate
|
||||||
* Copyright (C) 2001, 2003, 2004 Free Software Foundation, Inc.
|
* Copyright (C) 2001, 2003, 2004 Free Software Foundation, Inc.
|
||||||
|
* Copyright (C) 2001-2019 Werner Koch
|
||||||
|
* Copyright (C) 2015-2020 g10 Code GmbH
|
||||||
*
|
*
|
||||||
* This file is part of GnuPG.
|
* This file is part of GnuPG.
|
||||||
*
|
*
|
||||||
@ -15,6 +17,7 @@
|
|||||||
*
|
*
|
||||||
* You should have received a copy of the GNU General Public License
|
* You should have received a copy of the GNU General Public License
|
||||||
* along with this program; if not, see <https://www.gnu.org/licenses/>.
|
* along with this program; if not, see <https://www.gnu.org/licenses/>.
|
||||||
|
* SPDX-License-Identifier: GPL-3.0-or-later
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
@ -220,6 +223,53 @@ pk_algo_from_sexp (gcry_sexp_t pkey)
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/* Return the hash algorithm's algo id from its name given in the
|
||||||
|
* non-null termnated string in (buffer,buflen). Returns 0 on failure
|
||||||
|
* or if the algo is not known. */
|
||||||
|
static int
|
||||||
|
hash_algo_from_buffer (const void *buffer, size_t buflen)
|
||||||
|
{
|
||||||
|
char *string;
|
||||||
|
int algo;
|
||||||
|
|
||||||
|
string = xtrymalloc (buflen + 1);
|
||||||
|
if (!string)
|
||||||
|
{
|
||||||
|
log_error (_("out of core\n"));
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
memcpy (string, buffer, buflen);
|
||||||
|
string[buflen] = 0;
|
||||||
|
algo = gcry_md_map_name (string);
|
||||||
|
if (!algo)
|
||||||
|
log_error ("unknown digest algorithm '%s' used in certificate\n", string);
|
||||||
|
xfree (string);
|
||||||
|
return algo;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/* Return an unsigned integer from the non-null termnated string
|
||||||
|
* (buffer,buflen). Returns 0 on failure. */
|
||||||
|
static unsigned int
|
||||||
|
uint_from_buffer (const void *buffer, size_t buflen)
|
||||||
|
{
|
||||||
|
char *string;
|
||||||
|
unsigned int val;
|
||||||
|
|
||||||
|
string = xtrymalloc (buflen + 1);
|
||||||
|
if (!string)
|
||||||
|
{
|
||||||
|
log_error (_("out of core\n"));
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
memcpy (string, buffer, buflen);
|
||||||
|
string[buflen] = 0;
|
||||||
|
val = strtoul (string, NULL, 10);
|
||||||
|
xfree (string);
|
||||||
|
return val;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
/* Check the signature on CERT using the ISSUER-CERT. This function
|
/* Check the signature on CERT using the ISSUER-CERT. This function
|
||||||
does only test the cryptographic signature and nothing else. It is
|
does only test the cryptographic signature and nothing else. It is
|
||||||
assumed that the ISSUER_CERT is valid. */
|
assumed that the ISSUER_CERT is valid. */
|
||||||
@ -229,21 +279,76 @@ gpgsm_check_cert_sig (ksba_cert_t issuer_cert, ksba_cert_t cert)
|
|||||||
const char *algoid;
|
const char *algoid;
|
||||||
gcry_md_hd_t md;
|
gcry_md_hd_t md;
|
||||||
int rc, algo;
|
int rc, algo;
|
||||||
gcry_mpi_t frame;
|
|
||||||
ksba_sexp_t p;
|
ksba_sexp_t p;
|
||||||
size_t n;
|
size_t n;
|
||||||
gcry_sexp_t s_sig, s_hash, s_pkey;
|
gcry_sexp_t s_sig, s_data, s_pkey;
|
||||||
|
int use_pss = 0;
|
||||||
|
unsigned int saltlen;
|
||||||
|
|
||||||
algo = gcry_md_map_name ( (algoid=ksba_cert_get_digest_algo (cert)));
|
algo = gcry_md_map_name ( (algoid=ksba_cert_get_digest_algo (cert)));
|
||||||
if (!algo)
|
if (!algo && algoid && !strcmp (algoid, "1.2.840.113549.1.1.10"))
|
||||||
|
use_pss = 1;
|
||||||
|
else if (!algo)
|
||||||
{
|
{
|
||||||
log_error ("unknown hash algorithm '%s'\n", algoid? algoid:"?");
|
log_error ("unknown digest algorithm '%s' used certificate\n",
|
||||||
|
algoid? algoid:"?");
|
||||||
if (algoid
|
if (algoid
|
||||||
&& ( !strcmp (algoid, "1.2.840.113549.1.1.2")
|
&& ( !strcmp (algoid, "1.2.840.113549.1.1.2")
|
||||||
||!strcmp (algoid, "1.2.840.113549.2.2")))
|
||!strcmp (algoid, "1.2.840.113549.2.2")))
|
||||||
log_info (_("(this is the MD2 algorithm)\n"));
|
log_info (_("(this is the MD2 algorithm)\n"));
|
||||||
return gpg_error (GPG_ERR_GENERAL);
|
return gpg_error (GPG_ERR_GENERAL);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* The the signature from the certificate. */
|
||||||
|
p = ksba_cert_get_sig_val (cert);
|
||||||
|
n = gcry_sexp_canon_len (p, 0, NULL, NULL);
|
||||||
|
if (!n)
|
||||||
|
{
|
||||||
|
log_error ("libksba did not return a proper S-Exp\n");
|
||||||
|
ksba_free (p);
|
||||||
|
return gpg_error (GPG_ERR_BUG);
|
||||||
|
}
|
||||||
|
rc = gcry_sexp_sscan ( &s_sig, NULL, (char*)p, n);
|
||||||
|
ksba_free (p);
|
||||||
|
if (rc)
|
||||||
|
{
|
||||||
|
log_error ("gcry_sexp_scan failed: %s\n", gpg_strerror (rc));
|
||||||
|
return rc;
|
||||||
|
}
|
||||||
|
if (DBG_CRYPTO)
|
||||||
|
gcry_log_debugsxp ("sigval", s_sig);
|
||||||
|
|
||||||
|
if (use_pss)
|
||||||
|
{
|
||||||
|
/* Extract the hash algorithm and the salt length from the sigval. */
|
||||||
|
gcry_buffer_t ioarray[2] = { {0}, {0} };
|
||||||
|
|
||||||
|
rc = gcry_sexp_extract_param (s_sig, "sig-val",
|
||||||
|
"&'hash-algo''salt-length'",
|
||||||
|
ioarray+0, ioarray+1, NULL);
|
||||||
|
if (rc)
|
||||||
|
{
|
||||||
|
gcry_sexp_release (s_sig);
|
||||||
|
log_error ("extracting params from PSS failed: %s\n",
|
||||||
|
gpg_strerror (rc));
|
||||||
|
return rc;
|
||||||
|
}
|
||||||
|
algo = hash_algo_from_buffer (ioarray[0].data, ioarray[0].len);
|
||||||
|
saltlen = uint_from_buffer (ioarray[1].data, ioarray[1].len);
|
||||||
|
xfree (ioarray[0].data);
|
||||||
|
xfree (ioarray[1].data);
|
||||||
|
if (saltlen < 20)
|
||||||
|
{
|
||||||
|
log_error ("length of PSS salt too short\n");
|
||||||
|
return gpg_error (GPG_ERR_DIGEST_ALGO);
|
||||||
|
}
|
||||||
|
if (!algo)
|
||||||
|
return gpg_error (GPG_ERR_DIGEST_ALGO);
|
||||||
|
/* log_debug ("PSS hash=%d saltlen=%u\n", algo, saltlen); */
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/* Hash the to-be-signed parts of the certificate. */
|
||||||
rc = gcry_md_open (&md, algo, 0);
|
rc = gcry_md_open (&md, algo, 0);
|
||||||
if (rc)
|
if (rc)
|
||||||
{
|
{
|
||||||
@ -262,33 +367,7 @@ gpgsm_check_cert_sig (ksba_cert_t issuer_cert, ksba_cert_t cert)
|
|||||||
}
|
}
|
||||||
gcry_md_final (md);
|
gcry_md_final (md);
|
||||||
|
|
||||||
p = ksba_cert_get_sig_val (cert);
|
/* Get the public key from the certificate. */
|
||||||
n = gcry_sexp_canon_len (p, 0, NULL, NULL);
|
|
||||||
if (!n)
|
|
||||||
{
|
|
||||||
log_error ("libksba did not return a proper S-Exp\n");
|
|
||||||
gcry_md_close (md);
|
|
||||||
ksba_free (p);
|
|
||||||
return gpg_error (GPG_ERR_BUG);
|
|
||||||
}
|
|
||||||
if (DBG_CRYPTO)
|
|
||||||
{
|
|
||||||
int j;
|
|
||||||
log_debug ("signature value:");
|
|
||||||
for (j=0; j < n; j++)
|
|
||||||
log_printf (" %02X", p[j]);
|
|
||||||
log_printf ("\n");
|
|
||||||
}
|
|
||||||
|
|
||||||
rc = gcry_sexp_sscan ( &s_sig, NULL, (char*)p, n);
|
|
||||||
ksba_free (p);
|
|
||||||
if (rc)
|
|
||||||
{
|
|
||||||
log_error ("gcry_sexp_scan failed: %s\n", gpg_strerror (rc));
|
|
||||||
gcry_md_close (md);
|
|
||||||
return rc;
|
|
||||||
}
|
|
||||||
|
|
||||||
p = ksba_cert_get_public_key (issuer_cert);
|
p = ksba_cert_get_public_key (issuer_cert);
|
||||||
n = gcry_sexp_canon_len (p, 0, NULL, NULL);
|
n = gcry_sexp_canon_len (p, 0, NULL, NULL);
|
||||||
if (!n)
|
if (!n)
|
||||||
@ -308,6 +387,26 @@ gpgsm_check_cert_sig (ksba_cert_t issuer_cert, ksba_cert_t cert)
|
|||||||
gcry_sexp_release (s_sig);
|
gcry_sexp_release (s_sig);
|
||||||
return rc;
|
return rc;
|
||||||
}
|
}
|
||||||
|
if (DBG_CRYPTO)
|
||||||
|
gcry_log_debugsxp ("pubkey:", s_pkey);
|
||||||
|
|
||||||
|
if (use_pss)
|
||||||
|
{
|
||||||
|
rc = gcry_sexp_build (&s_data, NULL,
|
||||||
|
"(data (flags pss)"
|
||||||
|
"(hash %s %b)"
|
||||||
|
"(salt-length %u))",
|
||||||
|
hash_algo_to_string (algo),
|
||||||
|
(int)gcry_md_get_algo_dlen (algo),
|
||||||
|
gcry_md_read (md, algo),
|
||||||
|
saltlen);
|
||||||
|
if (rc)
|
||||||
|
BUG ();
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
/* RSA or DAS: Prepare the hash for verification. */
|
||||||
|
gcry_mpi_t frame;
|
||||||
|
|
||||||
rc = do_encode_md (md, algo, pk_algo_from_sexp (s_pkey),
|
rc = do_encode_md (md, algo, pk_algo_from_sexp (s_pkey),
|
||||||
gcry_pk_get_nbits (s_pkey), s_pkey, &frame);
|
gcry_pk_get_nbits (s_pkey), s_pkey, &frame);
|
||||||
@ -318,19 +417,20 @@ gpgsm_check_cert_sig (ksba_cert_t issuer_cert, ksba_cert_t cert)
|
|||||||
gcry_sexp_release (s_pkey);
|
gcry_sexp_release (s_pkey);
|
||||||
return rc;
|
return rc;
|
||||||
}
|
}
|
||||||
|
if ( gcry_sexp_build (&s_data, NULL, "%m", frame) )
|
||||||
/* put hash into the S-Exp s_hash */
|
|
||||||
if ( gcry_sexp_build (&s_hash, NULL, "%m", frame) )
|
|
||||||
BUG ();
|
BUG ();
|
||||||
gcry_mpi_release (frame);
|
gcry_mpi_release (frame);
|
||||||
|
}
|
||||||
|
if (DBG_CRYPTO)
|
||||||
|
gcry_log_debugsxp ("data:", s_data);
|
||||||
|
|
||||||
|
/* Verify. */
|
||||||
rc = gcry_pk_verify (s_sig, s_hash, s_pkey);
|
rc = gcry_pk_verify (s_sig, s_data, s_pkey);
|
||||||
if (DBG_X509)
|
if (DBG_X509)
|
||||||
log_debug ("gcry_pk_verify: %s\n", gpg_strerror (rc));
|
log_debug ("gcry_pk_verify: %s\n", gpg_strerror (rc));
|
||||||
gcry_md_close (md);
|
gcry_md_close (md);
|
||||||
gcry_sexp_release (s_sig);
|
gcry_sexp_release (s_sig);
|
||||||
gcry_sexp_release (s_hash);
|
gcry_sexp_release (s_data);
|
||||||
gcry_sexp_release (s_pkey);
|
gcry_sexp_release (s_pkey);
|
||||||
return rc;
|
return rc;
|
||||||
}
|
}
|
||||||
|
Loading…
x
Reference in New Issue
Block a user