diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-07-12 16:00:16 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-07-12 16:00:16 +0200 |
commit | 111dbe139333a0fa697d7621414f1785b078468b (patch) | |
tree | 94c1ea175a395300287b0969059efaabc9383170 /ncr-pk.c | |
parent | 4f7b10f59b97b45d42577c4d6d33958d9565aef7 (diff) | |
download | cryptodev-linux-111dbe139333a0fa697d7621414f1785b078468b.tar.gz cryptodev-linux-111dbe139333a0fa697d7621414f1785b078468b.tar.xz cryptodev-linux-111dbe139333a0fa697d7621414f1785b078468b.zip |
Added signature generation and verification.
Diffstat (limited to 'ncr-pk.c')
-rw-r--r-- | ncr-pk.c | 103 |
1 files changed, 97 insertions, 6 deletions
@@ -306,7 +306,10 @@ void ncr_pk_queue_deinit(void) void ncr_pk_cipher_deinit(struct ncr_pk_ctx* ctx) { - ctx->key = NULL; + if (ctx->init) { + ctx->init = 0; + ctx->key = NULL; + } } int ncr_pk_cipher_init(ncr_algorithm_t algo, @@ -322,15 +325,19 @@ int ncr_pk_cipher_init(ncr_algorithm_t algo, ctx->algorithm = algo; ctx->key = key; + ctx->sign_hash = params->params.pk.sign_hash; switch(algo) { case NCR_ALG_RSA: - if (params->params.rsa.type == RSA_PKCS1_V1_5) + if (params->params.pk.type == RSA_PKCS1_V1_5) ctx->type = LTC_LTC_PKCS_1_V1_5; - else + else if (params->params.pk.type == RSA_PKCS1_OAEP) ctx->type = LTC_LTC_PKCS_1_OAEP; + else if (params->params.pk.type == RSA_PKCS1_PSS) + ctx->type = LTC_LTC_PKCS_1_PSS; - ctx->hash = params->params.rsa.hash; + ctx->oaep_hash = params->params.pk.oaep_hash; + ctx->salt_len = params->params.pk.pss_salt; break; case NCR_ALG_DSA: break; @@ -339,6 +346,8 @@ int ncr_pk_cipher_init(ncr_algorithm_t algo, return -EINVAL; } + ctx->init = 1; + return 0; } @@ -352,7 +361,7 @@ unsigned long osize = *output_size; switch(ctx->algorithm) { case NCR_ALG_RSA: cret = rsa_encrypt_key_ex( input, input_size, output, &osize, - NULL, 0, ctx->hash, ctx->type, &ctx->key->key.pk.rsa); + NULL, 0, ctx->oaep_hash, ctx->type, &ctx->key->key.pk.rsa); if (cret != CRYPT_OK) { err(); @@ -381,7 +390,7 @@ int stat; switch(ctx->algorithm) { case NCR_ALG_RSA: cret = rsa_decrypt_key_ex( input, input_size, output, &osize, - NULL, 0, ctx->hash, ctx->type, &stat, &ctx->key->key.pk.rsa); + NULL, 0, ctx->oaep_hash, ctx->type, &stat, &ctx->key->key.pk.rsa); if (cret != CRYPT_OK) { err(); @@ -404,3 +413,85 @@ int stat; return 0; } + +int ncr_pk_cipher_sign(const struct ncr_pk_ctx* ctx, + const void* input, size_t input_size, + void* output, size_t *output_size) +{ +int cret; +unsigned long osize = *output_size; + + switch(ctx->algorithm) { + case NCR_ALG_RSA: + cret = rsa_sign_hash_ex( input, input_size, output, &osize, + ctx->type, ctx->sign_hash, ctx->salt_len, &ctx->key->key.pk.rsa); + + if (cret != CRYPT_OK) { + err(); + return tomerr(cret); + } + *output_size = osize; + break; + case NCR_ALG_DSA: + cret = dsa_sign_hash( input, input_size, output, &osize, + &ctx->key->key.pk.dsa); + + if (cret != CRYPT_OK) { + err(); + return tomerr(cret); + } + *output_size = osize; + break; + default: + err(); + return -EINVAL; + } + + return 0; +} + +int ncr_pk_cipher_verify(const struct ncr_pk_ctx* ctx, + const void* signature, size_t signature_size, + const void* hash, size_t hash_size, ncr_error_t* err) +{ +int cret; +int stat; + + switch(ctx->algorithm) { + case NCR_ALG_RSA: + cret = rsa_verify_hash_ex( signature, signature_size, + hash, hash_size, ctx->type, ctx->sign_hash, + ctx->salt_len, &stat, &ctx->key->key.pk.rsa); + + if (cret != CRYPT_OK) { + err(); + return tomerr(cret); + } + + if (stat == 1) + *err = 0; + else + *err = NCR_VERIFICATION_FAILED; + + break; + case NCR_ALG_DSA: + cret = dsa_verify_hash( signature, signature_size, + hash, hash_size, &stat, &ctx->key->key.pk.dsa); + if (cret != CRYPT_OK) { + err(); + return tomerr(cret); + } + + if (stat == 1) + *err = 0; + else + *err = NCR_VERIFICATION_FAILED; + + break; + default: + err(); + return -EINVAL; + } + + return 0; +} |