RSA raw verifier

This commit is contained in:
orignal 2014-12-15 12:32:06 -05:00
parent ef73353a0a
commit 1ffe7955a3
2 changed files with 58 additions and 9 deletions

View File

@ -223,7 +223,6 @@ namespace data
// TODO: implement all signature types
if (signatureType == SIGNING_KEY_TYPE_RSA_SHA512_4096)
{
i2p::crypto::RSASHA5124096Verifier verifier(it->second);
size_t pos = s.tellg ();
size_t tbsLen = pos + contentLength;
uint8_t * tbs = new uint8_t[tbsLen];
@ -232,13 +231,9 @@ namespace data
uint8_t * signature = new uint8_t[signatureLength];
s.read ((char *)signature, signatureLength);
// RSA-raw
CryptoPP::Integer enSig (a_exp_b_mod_c (CryptoPP::Integer (signature, 512),
CryptoPP::Integer (i2p::crypto::rsae), CryptoPP::Integer (it->second, 512)));
uint8_t enSigBuf[512];
enSig.Encode (enSigBuf, 512);
uint8_t hash[64];
CryptoPP::SHA512().CalculateDigest (hash, tbs, tbsLen); // TODO: implement in one pass
if (memcmp (enSigBuf + (512-64), hash, 64)) // TODO: use PKCS#1 v1.5 padding
i2p::crypto::RSASHA5124096RawVerifier verifier(it->second);
verifier.Update (tbs, tbsLen);
if (!verifier.Verify (signature))
LogPrint (eLogWarning, "SU3 signature verification failed");
delete[] signature;
delete[] tbs;

View File

@ -356,6 +356,60 @@ namespace crypto
}
};
// Raw verifiers
class RawVerifier
{
public:
virtual ~RawVerifier () {};
virtual void Update (const uint8_t * buf, size_t len) = 0;
virtual bool Verify (const uint8_t * signature) = 0;
};
template<typename Hash, size_t keyLen>
class RSARawVerifier: public RawVerifier
{
public:
RSARawVerifier (const uint8_t * signingKey):
n (signingKey, keyLen)
{
}
void Update (const uint8_t * buf, size_t len)
{
m_Hash.Update (buf, len);
}
bool Verify (const uint8_t * signature)
{
// RSA encryption first
CryptoPP::Integer enSig (a_exp_b_mod_c (CryptoPP::Integer (signature, keyLen),
CryptoPP::Integer (i2p::crypto::rsae), n)); // s^e mod n
uint8_t enSigBuf[keyLen];
enSig.Encode (enSigBuf, keyLen);
uint8_t digest[Hash::DIGESTSIZE];
m_Hash.Final (digest);
if (keyLen < Hash::DIGESTSIZE) return false; // can't verify digest longer than key
// we assume digest is right aligned, at least for PKCS#1 v1.5 padding
return !memcmp (enSigBuf + (keyLen - Hash::DIGESTSIZE), digest, Hash::DIGESTSIZE);
}
private:
CryptoPP::Integer n; // RSA modulus
Hash m_Hash;
};
class RSASHA5124096RawVerifier: public RSARawVerifier<CryptoPP::SHA512, RSASHA5124096_KEY_LENGTH>
{
public:
RSASHA5124096RawVerifier (const uint8_t * signingKey): RSARawVerifier (signingKey)
{
}
};
}
}