Mirrors/i2pd
2
0
Fork 0
mirror of https://github.com/PurpleI2P/i2pd.git synced 2025-01-22 21:37:17 +01:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity

RSA raw verifier

Browse source
This commit is contained in:
orignal 2014-12-15 12:32:06 -05:00
parent ef73353a0a
commit 1ffe7955a3
2 changed files with 58 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
Reseed.cpp
View file

@ -223,7 +223,6 @@ namespace data
// TODO: implement all signature types // TODO: implement all signature types
if (signatureType == SIGNING_KEY_TYPE_RSA_SHA512_4096) if (signatureType == SIGNING_KEY_TYPE_RSA_SHA512_4096)
{ {
i2p::crypto::RSASHA5124096Verifier verifier(it->second);
size_t pos = s.tellg (); size_t pos = s.tellg ();
size_t tbsLen = pos + contentLength; size_t tbsLen = pos + contentLength;
uint8_t * tbs = new uint8_t[tbsLen]; uint8_t * tbs = new uint8_t[tbsLen];
@ -232,13 +231,9 @@ namespace data
uint8_t * signature = new uint8_t[signatureLength]; uint8_t * signature = new uint8_t[signatureLength];
s.read ((char *)signature, signatureLength); s.read ((char *)signature, signatureLength);
// RSA-raw // RSA-raw
CryptoPP::Integer enSig (a_exp_b_mod_c (CryptoPP::Integer (signature, 512), i2p::crypto::RSASHA5124096RawVerifier verifier(it->second);
CryptoPP::Integer (i2p::crypto::rsae), CryptoPP::Integer (it->second, 512))); verifier.Update (tbs, tbsLen);
uint8_t enSigBuf[512]; if (!verifier.Verify (signature))
enSig.Encode (enSigBuf, 512);
uint8_t hash[64];
CryptoPP::SHA512().CalculateDigest (hash, tbs, tbsLen); // TODO: implement in one pass
if (memcmp (enSigBuf + (512-64), hash, 64)) // TODO: use PKCS#1 v1.5 padding
LogPrint (eLogWarning, "SU3 signature verification failed"); LogPrint (eLogWarning, "SU3 signature verification failed");
delete[] signature; delete[] signature;
delete[] tbs; delete[] tbs;

56
Signature.h
View file

@ -355,7 +355,61 @@ namespace crypto
{ {
} }
}; };
// Raw verifiers
class RawVerifier
{
public:
virtual ~RawVerifier () {};
virtual void Update (const uint8_t * buf, size_t len) = 0;
virtual bool Verify (const uint8_t * signature) = 0;
};
template<typename Hash, size_t keyLen>
class RSARawVerifier: public RawVerifier
{
public:
RSARawVerifier (const uint8_t * signingKey):
n (signingKey, keyLen)
{
}
void Update (const uint8_t * buf, size_t len)
{
m_Hash.Update (buf, len);
}
bool Verify (const uint8_t * signature)
{
// RSA encryption first
CryptoPP::Integer enSig (a_exp_b_mod_c (CryptoPP::Integer (signature, keyLen),
CryptoPP::Integer (i2p::crypto::rsae), n)); // s^e mod n
uint8_t enSigBuf[keyLen];
enSig.Encode (enSigBuf, keyLen);
uint8_t digest[Hash::DIGESTSIZE];
m_Hash.Final (digest);
if (keyLen < Hash::DIGESTSIZE) return false; // can't verify digest longer than key
// we assume digest is right aligned, at least for PKCS#1 v1.5 padding
return !memcmp (enSigBuf + (keyLen - Hash::DIGESTSIZE), digest, Hash::DIGESTSIZE);
}
private:
CryptoPP::Integer n; // RSA modulus
Hash m_Hash;
};
class RSASHA5124096RawVerifier: public RSARawVerifier<CryptoPP::SHA512, RSASHA5124096_KEY_LENGTH>
{
public:
RSASHA5124096RawVerifier (const uint8_t * signingKey): RSARawVerifier (signingKey)
{
}
};
} }
} }