diff options
| author | Sree Harsha Totakura <sreeharsha@totakura.in> | 2015-01-22 16:23:25 +0100 |
|---|---|---|
| committer | Sree Harsha Totakura <sreeharsha@totakura.in> | 2015-01-22 16:23:25 +0100 |
| commit | acee974c0628f62e2305d072d31038ab8c21a131 (patch) | |
| tree | 157419d3e59799368cb748f80449afe4e89618c0 /src | |
| parent | b119131873822fa50fbe94d1a09132fa31d3bc3a (diff) | |
| download | exchange-acee974c0628f62e2305d072d31038ab8c21a131.tar.gz exchange-acee974c0628f62e2305d072d31038ab8c21a131.tar.bz2 exchange-acee974c0628f62e2305d072d31038ab8c21a131.zip | |
Add checks to verify incorrect signatures.
Diffstat (limited to 'src')
| -rw-r--r-- | src/util/rsa.c | 6 | ||||
| -rw-r--r-- | src/util/test_rsa.c | 14 |
2 files changed, 16 insertions, 4 deletions
diff --git a/src/util/rsa.c b/src/util/rsa.c index 0b533615c..d85f3cc86 100644 --- a/src/util/rsa.c +++ b/src/util/rsa.c @@ -670,8 +670,8 @@ decode_public_key (const struct TALER_RSA_PublicKeyBinaryEncoded *publicKey) /** - * Verify signature on the given message. The size of the message should be less than - * TALER_RSA_DATA_ENCODING_LENGTH (256) bytes. + * Verify signature on the given message. The size of the message should be + * less than TALER_RSA_DATA_ENCODING_LENGTH (256) bytes. * * @param msg the message * @param size the size of the message @@ -690,7 +690,7 @@ TALER_RSA_verify (const void *msg, size_t size, gcry_mpi_t val; gcry_sexp_t psexp; size_t erroff; - int rc; + gcry_error_t rc; GNUNET_assert (size <= TALER_RSA_DATA_ENCODING_LENGTH); if (size > TALER_RSA_DATA_ENCODING_LENGTH) diff --git a/src/util/test_rsa.c b/src/util/test_rsa.c index 1f7adfd6c..fdacf5212 100644 --- a/src/util/test_rsa.c +++ b/src/util/test_rsa.c @@ -38,7 +38,7 @@ int main (int argc, char *argv[]) { -#define RND_BLK_SIZE 4096 +#define RND_BLK_SIZE 16524 unsigned char rnd_blk[RND_BLK_SIZE]; struct TALER_RSA_PrivateKey *priv; struct TALER_RSA_PrivateKeyBinaryEncoded *priv_enc; @@ -72,6 +72,12 @@ main (int argc, char *argv[]) EXITIF (GNUNET_OK != TALER_RSA_verify (&hash, sizeof (hash), &sig, &pubkey)); + /* corrupt our hash and see if the signature is still valid */ + GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, &hash, + sizeof (struct GNUNET_HashCode)); + EXITIF (GNUNET_OK == TALER_RSA_verify (&hash, sizeof (hash), + &sig, + &pubkey)); /* test blind signing */ GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, rnd_blk, @@ -92,6 +98,12 @@ main (int argc, char *argv[]) EXITIF (GNUNET_OK != TALER_RSA_verify (&hash, sizeof (hash), &sig, &pubkey)); + /* corrupt our hash and see if the signature is still valid */ + GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, &hash, + sizeof (struct GNUNET_HashCode)); + EXITIF (GNUNET_OK == TALER_RSA_verify (&hash, sizeof (hash), + &sig, + &pubkey)); ret = 0; /* all OK */ EXITIF_exit: |