feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Fix for using signature wrapper with WOLFSSL_NO_MALLOC. Improve wc_SignatureVerifyHash to use RSA verify inline.

Browse Source
This commit is contained in:
David Garske
2020-05-28 15:09:27 -07:00
parent 7ce7d244f8
commit fd51eecb4f
1 changed files with 19 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
wolfcrypt/src/signature.c
View File

@ -195,14 +195,27 @@ int wc_SignatureVerifyHash(
#else /* WOLFSSL_CRYPTOCELL */
word32 plain_len = hash_len;
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
byte *plain_data;
#else
byte plain_data[MAX_ENCODED_SIG_SZ];
#endif
/* Make sure the plain text output is at least key size */
if (plain_len < sig_len) {
plain_len = sig_len;
}
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
plain_data = (byte*)XMALLOC(plain_len, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (plain_data) {
if (plain_data)
#else
if (plain_len <= sizeof(plain_data))
#endif
{
byte* plain_ptr = NULL;
XMEMSET(plain_data, 0, plain_len);
XMEMCPY(plain_data, sig, sig_len);
/* Perform verification of signature using provided RSA key */
do {
#ifdef WOLFSSL_ASYNC_CRYPT
@ -210,12 +223,11 @@ int wc_SignatureVerifyHash(
WC_ASYNC_FLAG_CALL_AGAIN);
#endif
if (ret >= 0)
ret = wc_RsaSSL_Verify(sig, sig_len, plain_data,
plain_len, (RsaKey*)key);
ret = wc_RsaSSL_VerifyInline(plain_data, sig_len, &plain_ptr, (RsaKey*)key);
} while (ret == WC_PENDING_E);
if (ret >= 0) {
if (ret >= 0 && plain_ptr) {
if ((word32)ret == hash_len &&
XMEMCMP(plain_data, hash_data, hash_len) == 0) {
XMEMCMP(plain_ptr, hash_data, hash_len) == 0) {
ret = 0; /* Success */
}
else {
@ -223,7 +235,9 @@ int wc_SignatureVerifyHash(
ret = SIG_VERIFY_E;
}
}
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
XFREE(plain_data, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
}
else {
ret = MEMORY_E;