Add new public API wc_CheckCertSigPubKey()

2022-04-01 11:40:25 -04:00
parent b45cd921b6
commit edea6428d9
3 changed files with 36 additions and 0 deletions
--- a/doc/dox_comments/header_files/asn_public.h
+++ b/doc/dox_comments/header_files/asn_public.h
@ -2037,3 +2037,25 @@ WOLFSSL_API int wc_SetCustomExtension(Cert *cert, int critical, const char *oid,
 */
 WOLFSSL_ASN_API int wc_SetUnknownExtCallback(DecodedCert* cert,
                                             wc_UnknownExtCallback cb);
+/*!
+    \ingroup ASN
+
+    \brief This function verifies the signature in the der form of an X.509
+    certificate against a public key. The public key is expected to be the full
+    subject public key info in der form.
+
+    \return 0 Returned on success.
+    \return Other negative values on failure.
+
+    \param cert The der encoding of the X.509 certificate.
+    \param certSz The size in bytes of cert.
+    \param heap A pointer to the heap used for dynamic allocation. Can be NULL.
+    \param pubKey The der encoding of the public key.
+    \param pubKeySz The size in bytes of pubKey.
+    \param pubKeyOID OID identifying the algorithm of the public key.
+    (ie: ECDSAk, DSAk or RSAk)
+
+WOLFSSL_ASN_API int wc_CheckCertSigPubKey(const byte* cert, word32 certSz,
+                                          void* heap, const byte* pubKey,
+                                          word32 pubKeySz, int pubKeyOID);
+*/
--- a/wolfcrypt/src/asn.c
+++ b/wolfcrypt/src/asn.c
@ -18400,6 +18400,14 @@ int CheckCertSignaturePubKey(const byte* cert, word32 certSz, void* heap,
    return CheckCertSignature_ex(cert, certSz, heap, NULL,
            pubKey, pubKeySz, pubKeyOID, 0);
 }
+
+int wc_CheckCertSigPubKey(const byte* cert, word32 certSz, void* heap,
+        const byte* pubKey, word32 pubKeySz, int pubKeyOID)
+{
+        return CheckCertSignaturePubKey(cert, certSz, heap, pubKey, pubKeySz,
+                                        pubKeyOID);
+}
+
 #ifdef WOLFSSL_CERT_REQ
 int CheckCSRSignaturePubKey(const byte* cert, word32 certSz, void* heap,
        const byte* pubKey, word32 pubKeySz, int pubKeyOID)
--- a/wolfssl/wolfcrypt/asn.h
+++ b/wolfssl/wolfcrypt/asn.h
@ -1836,6 +1836,12 @@ WOLFSSL_LOCAL int EncodePolicyOID(byte *out, word32 *outSz,
 WOLFSSL_API int CheckCertSignature(const byte*,word32,void*,void* cm);
 WOLFSSL_LOCAL int CheckCertSignaturePubKey(const byte* cert, word32 certSz,
        void* heap, const byte* pubKey, word32 pubKeySz, int pubKeyOID);
+#ifdef OPENSSL_EXTRA
+WOLFSSL_ASN_API int wc_CheckCertSigPubKey(const byte* cert, word32 certSz,
+                                          void* heap, const byte* pubKey,
+                                          word32 pubKeySz, int pubKeyOID);
+#endif
+
 #ifdef WOLFSSL_CERT_REQ
 WOLFSSL_LOCAL int CheckCSRSignaturePubKey(const byte* cert, word32 certSz,
        void* heap, const byte* pubKey, word32 pubKeySz, int pubKeyOID);