aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSree Harsha Totakura <sreeharsha@totakura.in>2015-01-22 16:23:25 +0100
committerSree Harsha Totakura <sreeharsha@totakura.in>2015-01-22 16:23:25 +0100
commitacee974c0628f62e2305d072d31038ab8c21a131 (patch)
tree157419d3e59799368cb748f80449afe4e89618c0
parentb119131873822fa50fbe94d1a09132fa31d3bc3a (diff)
downloadexchange-acee974c0628f62e2305d072d31038ab8c21a131.tar.gz
exchange-acee974c0628f62e2305d072d31038ab8c21a131.tar.bz2
exchange-acee974c0628f62e2305d072d31038ab8c21a131.zip
Add checks to verify incorrect signatures.
-rw-r--r--src/util/rsa.c6
-rw-r--r--src/util/test_rsa.c14
2 files changed, 16 insertions, 4 deletions
diff --git a/src/util/rsa.c b/src/util/rsa.c
index 0b533615c..d85f3cc86 100644
--- a/src/util/rsa.c
+++ b/src/util/rsa.c
@@ -670,8 +670,8 @@ decode_public_key (const struct TALER_RSA_PublicKeyBinaryEncoded *publicKey)
/**
- * Verify signature on the given message. The size of the message should be less than
- * TALER_RSA_DATA_ENCODING_LENGTH (256) bytes.
+ * Verify signature on the given message. The size of the message should be
+ * less than TALER_RSA_DATA_ENCODING_LENGTH (256) bytes.
*
* @param msg the message
* @param size the size of the message
@@ -690,7 +690,7 @@ TALER_RSA_verify (const void *msg, size_t size,
gcry_mpi_t val;
gcry_sexp_t psexp;
size_t erroff;
- int rc;
+ gcry_error_t rc;
GNUNET_assert (size <= TALER_RSA_DATA_ENCODING_LENGTH);
if (size > TALER_RSA_DATA_ENCODING_LENGTH)
diff --git a/src/util/test_rsa.c b/src/util/test_rsa.c
index 1f7adfd6c..fdacf5212 100644
--- a/src/util/test_rsa.c
+++ b/src/util/test_rsa.c
@@ -38,7 +38,7 @@
int
main (int argc, char *argv[])
{
-#define RND_BLK_SIZE 4096
+#define RND_BLK_SIZE 16524
unsigned char rnd_blk[RND_BLK_SIZE];
struct TALER_RSA_PrivateKey *priv;
struct TALER_RSA_PrivateKeyBinaryEncoded *priv_enc;
@@ -72,6 +72,12 @@ main (int argc, char *argv[])
EXITIF (GNUNET_OK != TALER_RSA_verify (&hash, sizeof (hash),
&sig,
&pubkey));
+ /* corrupt our hash and see if the signature is still valid */
+ GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, &hash,
+ sizeof (struct GNUNET_HashCode));
+ EXITIF (GNUNET_OK == TALER_RSA_verify (&hash, sizeof (hash),
+ &sig,
+ &pubkey));
/* test blind signing */
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, rnd_blk,
@@ -92,6 +98,12 @@ main (int argc, char *argv[])
EXITIF (GNUNET_OK != TALER_RSA_verify (&hash, sizeof (hash),
&sig,
&pubkey));
+ /* corrupt our hash and see if the signature is still valid */
+ GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, &hash,
+ sizeof (struct GNUNET_HashCode));
+ EXITIF (GNUNET_OK == TALER_RSA_verify (&hash, sizeof (hash),
+ &sig,
+ &pubkey));
ret = 0; /* all OK */
EXITIF_exit: