libfido2/src/rs1.c

ab19a69eSdjm/*
ab19a69eSdjm * Copyright (c) 2021 Yubico AB. All rights reserved.
ab19a69eSdjm * Use of this source code is governed by a BSD-style
ab19a69eSdjm * license that can be found in the LICENSE file.
ab19a69eSdjm */
ab19a69eSdjm
ab19a69eSdjm#include <openssl/rsa.h>
ab19a69eSdjm#include <openssl/obj_mac.h>
ab19a69eSdjm
ab19a69eSdjm#include "fido.h"
ab19a69eSdjm
*7dcdad29Stb#define PRAGMA(s)
ab19a69eSdjm
ab19a69eSdjmstatic EVP_MD *
ab19a69eSdjmrs1_get_EVP_MD(void)
ab19a69eSdjm{
*7dcdad29Stb	PRAGMA("GCC diagnostic push");
*7dcdad29Stb	PRAGMA("GCC diagnostic ignored \"-Wcast-qual\"");
aeab8fe0Stb	return ((EVP_MD *)EVP_sha1());
*7dcdad29Stb	PRAGMA("GCC diagnostic pop");
ab19a69eSdjm}
ab19a69eSdjm
ab19a69eSdjmint
ab19a69eSdjmrs1_verify_sig(const fido_blob_t *dgst, EVP_PKEY *pkey,
ab19a69eSdjm    const fido_blob_t *sig)
ab19a69eSdjm{
ab19a69eSdjm	EVP_PKEY_CTX	*pctx = NULL;
ab19a69eSdjm	EVP_MD		*md = NULL;
ab19a69eSdjm	int		 ok = -1;
ab19a69eSdjm
ab19a69eSdjm	if (EVP_PKEY_base_id(pkey) != EVP_PKEY_RSA) {
ab19a69eSdjm		fido_log_debug("%s: EVP_PKEY_base_id", __func__);
ab19a69eSdjm		goto fail;
ab19a69eSdjm	}
ab19a69eSdjm
ab19a69eSdjm	if ((md = rs1_get_EVP_MD()) == NULL) {
ab19a69eSdjm		fido_log_debug("%s: rs1_get_EVP_MD", __func__);
ab19a69eSdjm		goto fail;
ab19a69eSdjm	}
ab19a69eSdjm
ab19a69eSdjm	if ((pctx = EVP_PKEY_CTX_new(pkey, NULL)) == NULL ||
ab19a69eSdjm	    EVP_PKEY_verify_init(pctx) != 1 ||
ab19a69eSdjm	    EVP_PKEY_CTX_set_rsa_padding(pctx, RSA_PKCS1_PADDING) != 1 ||
ab19a69eSdjm	    EVP_PKEY_CTX_set_signature_md(pctx, md) != 1) {
ab19a69eSdjm		fido_log_debug("%s: EVP_PKEY_CTX", __func__);
ab19a69eSdjm		goto fail;
ab19a69eSdjm	}
ab19a69eSdjm
ab19a69eSdjm	if (EVP_PKEY_verify(pctx, sig->ptr, sig->len, dgst->ptr,
ab19a69eSdjm	    dgst->len) != 1) {
ab19a69eSdjm		fido_log_debug("%s: EVP_PKEY_verify", __func__);
ab19a69eSdjm		goto fail;
ab19a69eSdjm	}
ab19a69eSdjm
ab19a69eSdjm	ok = 0;
ab19a69eSdjmfail:
ab19a69eSdjm	EVP_PKEY_CTX_free(pctx);
ab19a69eSdjm
ab19a69eSdjm	return (ok);
ab19a69eSdjm}