aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSree Harsha Totakura <sreeharsha@totakura.in>2015-01-22 16:22:32 +0100
committerSree Harsha Totakura <sreeharsha@totakura.in>2015-01-22 16:22:32 +0100
commitb119131873822fa50fbe94d1a09132fa31d3bc3a (patch)
tree4fc859f152b6baec9978dd7a2202044b81323a23
parentce9da7f183f5f00b99e460b171291d6a028c53f2 (diff)
downloadexchange-b119131873822fa50fbe94d1a09132fa31d3bc3a.tar.gz
exchange-b119131873822fa50fbe94d1a09132fa31d3bc3a.zip
Remove TALER_RSA_hash_sign() and TALER_RSA_hash_verify().
-rw-r--r--src/include/taler_rsa.h20
-rw-r--r--src/util/rsa.c62
-rw-r--r--src/util/test_rsa.c12
3 files changed, 34 insertions, 60 deletions
diff --git a/src/include/taler_rsa.h b/src/include/taler_rsa.h
index 1d263ae09..98be63372 100644
--- a/src/include/taler_rsa.h
+++ b/src/include/taler_rsa.h
@@ -229,7 +229,8 @@ TALER_RSA_public_key_from_string (const char *enc,
229 229
230 230
231/** 231/**
232 * Sign a given block.h 232 * Sign a given data block. The size of the message should be less than
233 * TALER_RSA_DATA_ENCODING_LENGTH (256) bytes.
233 * 234 *
234 * @param key private key to use for the signing 235 * @param key private key to use for the signing
235 * @param msg the message 236 * @param msg the message
@@ -245,21 +246,8 @@ TALER_RSA_sign (const struct TALER_RSA_PrivateKey *key,
245 246
246 247
247/** 248/**
248 * Verify signature with the given hash. 249 * Verify signature on the given message. The size of the message should be
249 * 250 * less than TALER_RSA_DATA_ENCODING_LENGTH (256) bytes.
250 * @param hash the hash code to verify against the signature
251 * @param sig signature that is being validated
252 * @param publicKey public key of the signer
253 * @returns GNUNET_OK if ok, GNUNET_SYSERR if invalid
254 */
255int
256TALER_RSA_hash_verify (const struct GNUNET_HashCode *hash,
257 const struct TALER_RSA_Signature *sig,
258 const struct TALER_RSA_PublicKeyBinaryEncoded *publicKey);
259
260
261/**
262 * Verify signature on the given message
263 * 251 *
264 * @param msg the message 252 * @param msg the message
265 * @param size the size of the message 253 * @param size the size of the message
diff --git a/src/util/rsa.c b/src/util/rsa.c
index c34ab1661..0b533615c 100644
--- a/src/util/rsa.c
+++ b/src/util/rsa.c
@@ -578,18 +578,19 @@ data_to_sexp (const void *ptr, size_t size)
578 578
579 579
580/** 580/**
581 * Sign the given hash block. 581 * Sign the given message. The size of the message should be less than
582 * TALER_RSA_DATA_ENCODING_LENGTH (256) bytes.
582 * 583 *
583 * @param key private key to use for the signing 584 * @param key private key to use for the signing
584 * @param hash the block containing the hash of the message to sign 585 * @param msg the message
585 * @param hash_size the size of the hash block 586 * @param size the size of the message
586 * @param sig where to write the signature 587 * @param sig where to write the signature
587 * @return GNUNET_SYSERR on error, GNUNET_OK on success 588 * @return GNUNET_SYSERR on error, GNUNET_OK on success
588 */ 589 */
589int 590int
590TALER_RSA_sign (const struct TALER_RSA_PrivateKey *key, 591TALER_RSA_sign (const struct TALER_RSA_PrivateKey *key,
591 const void *hash, 592 const void *msg,
592 size_t hash_size, 593 size_t size,
593 struct TALER_RSA_Signature *sig) 594 struct TALER_RSA_Signature *sig)
594{ 595{
595 gcry_sexp_t result; 596 gcry_sexp_t result;
@@ -597,7 +598,10 @@ TALER_RSA_sign (const struct TALER_RSA_PrivateKey *key,
597 size_t ssize; 598 size_t ssize;
598 gcry_mpi_t rval; 599 gcry_mpi_t rval;
599 600
600 data = data_to_sexp (hash, hash_size); 601 GNUNET_assert (size <= TALER_RSA_DATA_ENCODING_LENGTH);
602 if (size > TALER_RSA_DATA_ENCODING_LENGTH)
603 return GNUNET_SYSERR;
604 data = data_to_sexp (msg, size);
601 GNUNET_assert (0 == gcry_pk_sign (&result, data, key->sexp)); 605 GNUNET_assert (0 == gcry_pk_sign (&result, data, key->sexp));
602 gcry_sexp_release (data); 606 gcry_sexp_release (data);
603 GNUNET_assert (0 == key_from_sexp (&rval, result, "rsa", "s")); 607 GNUNET_assert (0 == key_from_sexp (&rval, result, "rsa", "s"));
@@ -666,35 +670,42 @@ decode_public_key (const struct TALER_RSA_PublicKeyBinaryEncoded *publicKey)
666 670
667 671
668/** 672/**
669 * Verify signature with the given hash. 673 * Verify signature on the given message. The size of the message should be less than
674 * TALER_RSA_DATA_ENCODING_LENGTH (256) bytes.
670 * 675 *
671 * @param hash the hash code to verify against the signature 676 * @param msg the message
677 * @param size the size of the message
672 * @param sig signature that is being validated 678 * @param sig signature that is being validated
673 * @param publicKey public key of the signer 679 * @param publicKey public key of the signer
674 * @returns GNUNET_OK if ok, GNUNET_SYSERR if invalid 680 * @returns GNUNET_OK if ok, GNUNET_SYSERR if invalid
675 */ 681 */
676int 682int
677TALER_RSA_hash_verify (const struct GNUNET_HashCode *hash, 683TALER_RSA_verify (const void *msg, size_t size,
678 const struct TALER_RSA_Signature *sig, 684 const struct TALER_RSA_Signature *sig,
679 const struct TALER_RSA_PublicKeyBinaryEncoded *publicKey) 685 const struct TALER_RSA_PublicKeyBinaryEncoded *publicKey)
680{ 686{
681 gcry_sexp_t data; 687 gcry_sexp_t data;
682 gcry_sexp_t sigdata; 688 gcry_sexp_t sigdata;
683 size_t size; 689 size_t sig_size;
684 gcry_mpi_t val; 690 gcry_mpi_t val;
685 gcry_sexp_t psexp; 691 gcry_sexp_t psexp;
686 size_t erroff; 692 size_t erroff;
687 int rc; 693 int rc;
688 694
689 size = sizeof (struct TALER_RSA_Signature); 695 GNUNET_assert (size <= TALER_RSA_DATA_ENCODING_LENGTH);
696 if (size > TALER_RSA_DATA_ENCODING_LENGTH)
697 return GNUNET_SYSERR;
690 GNUNET_assert (0 == 698 GNUNET_assert (0 ==
691 gcry_mpi_scan (&val, GCRYMPI_FMT_USG, 699 gcry_mpi_scan (&val, GCRYMPI_FMT_USG,
692 (const unsigned char *) sig, size, &size)); 700 (const unsigned char *) sig,
701 sizeof (struct TALER_RSA_Signature),
702 &sig_size));
703 GNUNET_assert (sizeof (struct TALER_RSA_Signature) == sig_size);
693 GNUNET_assert (0 == 704 GNUNET_assert (0 ==
694 gcry_sexp_build (&sigdata, &erroff, "(sig-val(rsa(s %m)))", 705 gcry_sexp_build (&sigdata, &erroff, "(sig-val(rsa(s %m)))",
695 val)); 706 val));
696 gcry_mpi_release (val); 707 gcry_mpi_release (val);
697 data = data_to_sexp (hash, sizeof (struct GNUNET_HashCode)); 708 data = data_to_sexp (msg, size);
698 if (! (psexp = decode_public_key (publicKey))) 709 if (! (psexp = decode_public_key (publicKey)))
699 { 710 {
700 gcry_sexp_release (data); 711 gcry_sexp_release (data);
@@ -715,27 +726,6 @@ TALER_RSA_hash_verify (const struct GNUNET_HashCode *hash,
715 return GNUNET_OK; 726 return GNUNET_OK;
716} 727}
717 728
718
719/**
720 * Verify signature on the given message
721 *
722 * @param msg the message
723 * @param size the size of the message
724 * @param sig signature that is being validated
725 * @param publicKey public key of the signer
726 * @returns GNUNET_OK if ok, GNUNET_SYSERR if invalid
727 */
728int
729TALER_RSA_verify (const void *msg, size_t size,
730 const struct TALER_RSA_Signature *sig,
731 const struct TALER_RSA_PublicKeyBinaryEncoded *publicKey)
732{
733 struct GNUNET_HashCode hash;
734
735 GNUNET_CRYPTO_hash (msg, size, &hash);
736 return TALER_RSA_hash_verify (&hash, sig, publicKey);
737}
738
739/** 729/**
740 * The blinding key is equal in length to the RSA modulus 730 * The blinding key is equal in length to the RSA modulus
741 */ 731 */
diff --git a/src/util/test_rsa.c b/src/util/test_rsa.c
index 85114843d..1f7adfd6c 100644
--- a/src/util/test_rsa.c
+++ b/src/util/test_rsa.c
@@ -69,11 +69,7 @@ main (int argc, char *argv[])
69 ntohs (priv_enc->len)))); 69 ntohs (priv_enc->len))));
70 GNUNET_free (priv_enc); 70 GNUNET_free (priv_enc);
71 priv_enc = NULL; 71 priv_enc = NULL;
72 EXITIF (GNUNET_OK != TALER_RSA_hash_verify (&hash, 72 EXITIF (GNUNET_OK != TALER_RSA_verify (&hash, sizeof (hash),
73 &sig,
74 &pubkey));
75 EXITIF (GNUNET_OK != TALER_RSA_verify (rnd_blk,
76 RND_BLK_SIZE,
77 &sig, 73 &sig,
78 &pubkey)); 74 &pubkey));
79 75
@@ -93,9 +89,9 @@ main (int argc, char *argv[])
93 EXITIF (GNUNET_OK != TALER_RSA_unblind (&sig, 89 EXITIF (GNUNET_OK != TALER_RSA_unblind (&sig,
94 bkey, 90 bkey,
95 &pubkey)); 91 &pubkey));
96 EXITIF (GNUNET_OK != TALER_RSA_hash_verify (&hash, 92 EXITIF (GNUNET_OK != TALER_RSA_verify (&hash, sizeof (hash),
97 &sig, 93 &sig,
98 &pubkey)); 94 &pubkey));
99 ret = 0; /* all OK */ 95 ret = 0; /* all OK */
100 96
101 EXITIF_exit: 97 EXITIF_exit: