feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

add test for manual verify

Browse Source
This commit is contained in:
Jacob Barthelmeh
2019-06-03 11:13:47 +07:00
parent d33a95352a
commit 60fc9b3a1d
3 changed files with 44 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
tests/api.c
View File

@ -17451,7 +17451,27 @@ static void test_PKCS7_signed_enveloped(void)
/* check verify fails */ /* check verify fails */
AssertNotNull(pkcs7 = wc_PKCS7_New(NULL, 0)); AssertNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0); AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0);
AssertIntNE(wc_PKCS7_VerifySignedData(pkcs7, sig, sigSz), 0); AssertIntEQ(wc_PKCS7_VerifySignedData(pkcs7, sig, sigSz),
PKCS7_SIGNEEDS_CHECK);
/* try verifying the signature manually */
{
RsaKey rKey;
word32 idx = 0;
byte digest[MAX_SEQ_SZ + MAX_ALGO_SZ + MAX_OCTET_STR_SZ +
WC_MAX_DIGEST_SIZE];
int digestSz;
AssertIntEQ(wc_InitRsaKey(&rKey, HEAP_HINT), 0);
AssertIntEQ(wc_RsaPrivateKeyDecode(key, &idx, &rKey, keySz), 0);
digestSz = wc_RsaSSL_Verify(pkcs7->signature, pkcs7->signatureSz,
digest, sizeof(digest), &rKey);
AssertIntGT(digestSz, 0);
AssertIntEQ(digestSz, pkcs7->pkcs7DigestSz);
AssertIntEQ(XMEMCMP(digest, pkcs7->pkcs7Digest, digestSz), 0);
/* verify was success */
}
wc_PKCS7_Free(pkcs7); wc_PKCS7_Free(pkcs7);
/* create valid degenerate bundle */ /* create valid degenerate bundle */

22
wolfcrypt/src/pkcs7.c
View File

@ -1170,6 +1170,11 @@ void wc_PKCS7_Free(PKCS7* pkcs7)
pkcs7->plainDigest = NULL; pkcs7->plainDigest = NULL;
pkcs7->plainDigestSz = 0; pkcs7->plainDigestSz = 0;
} }
if (pkcs7->pkcs7Digest) {
XFREE(pkcs7->pkcs7Digest, pkcs7->heap, DYNAMIC_TYPE_DIGEST);
pkcs7->pkcs7Digest = NULL;
pkcs7->pkcs7DigestSz = 0;
}
} }
@ -3323,7 +3328,7 @@ static int wc_PKCS7_SignedDataVerifySignature(PKCS7* pkcs7, byte* sig,
XMEMCPY(pkcs7->signature, sig, sigSz); XMEMCPY(pkcs7->signature, sig, sigSz);
pkcs7->signatureSz = sigSz; pkcs7->signatureSz = sigSz;
/* store digest */ /* store plain digest (CMS and ECC) */
XFREE(pkcs7->plainDigest, pkcs7->heap, DYNAMIC_TYPE_DIGEST); XFREE(pkcs7->plainDigest, pkcs7->heap, DYNAMIC_TYPE_DIGEST);
pkcs7->plainDigest = NULL; pkcs7->plainDigest = NULL;
pkcs7->plainDigestSz = 0; pkcs7->plainDigestSz = 0;
@ -3338,6 +3343,21 @@ static int wc_PKCS7_SignedDataVerifySignature(PKCS7* pkcs7, byte* sig,
XMEMCPY(pkcs7->plainDigest, plainDigest, plainDigestSz); XMEMCPY(pkcs7->plainDigest, plainDigest, plainDigestSz);
pkcs7->plainDigestSz = plainDigestSz; pkcs7->plainDigestSz = plainDigestSz;
/* store pkcs7 digest (default RSA) */
XFREE(pkcs7->pkcs7Digest, pkcs7->heap, DYNAMIC_TYPE_DIGEST);
pkcs7->pkcs7Digest = NULL;
pkcs7->pkcs7DigestSz = 0;
pkcs7->pkcs7Digest = (byte*)XMALLOC(sigSz, pkcs7->heap,
DYNAMIC_TYPE_DIGEST);
if (pkcs7->pkcs7Digest == NULL) {
#ifdef WOLFSSL_SMALL_STACK
XFREE(pkcs7Digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return MEMORY_E;
}
XMEMCPY(pkcs7->pkcs7Digest, pkcs7Digest, pkcs7DigestSz);
pkcs7->pkcs7DigestSz = pkcs7DigestSz;
return PKCS7_SIGNEEDS_CHECK; return PKCS7_SIGNEEDS_CHECK;
} }
} }

2
wolfssl/wolfcrypt/pkcs7.h
View File

@ -311,8 +311,10 @@ struct PKCS7 {
byte* signature; byte* signature;
byte* plainDigest; byte* plainDigest;
byte* pkcs7Digest;
word32 signatureSz; word32 signatureSz;
word32 plainDigestSz; word32 plainDigestSz;
word32 pkcs7DigestSz;
/* !! NEW DATA MEMBERS MUST BE ADDED AT END !! */ /* !! NEW DATA MEMBERS MUST BE ADDED AT END !! */
}; };