63
unsigned char *cli_decodesig(const char *sig, unsigned int plen, mp_int e, mp_int n)
64
static unsigned char *cli_decodesig(const char *sig, unsigned int plen, mp_int e, mp_int n)
65
66
int i, slen = strlen(sig), dec;
66
67
unsigned char *plain;
145
146
cli_dbgmsg("cli_versig: Digital signature is correct.\n");
146
147
return CL_SUCCESS;
152
#define PAD_LEN (2048 / 8)
153
#define BLK_LEN (PAD_LEN - HASH_LEN - 1)
154
int cli_versig2(const unsigned char *sha256, const char *dsig_str, const char *n_str, const char *e_str)
156
unsigned char *decoded, digest1[HASH_LEN], digest2[HASH_LEN], digest3[HASH_LEN], *salt;
157
unsigned char mask[BLK_LEN], data[BLK_LEN], final[8 + 2 * HASH_LEN], c[4];
158
unsigned int i, rounds;
163
mp_read_radix(&e, e_str, 10);
165
mp_read_radix(&n, n_str, 10);
167
decoded = cli_decodesig(dsig_str, PAD_LEN, e, n);
173
if(decoded[PAD_LEN - 1] != 0xbc) {
178
memcpy(mask, decoded, BLK_LEN);
179
memcpy(digest2, &decoded[BLK_LEN], HASH_LEN);
183
rounds = (BLK_LEN + HASH_LEN - 1) / HASH_LEN;
184
for(i = 0; i < rounds; i++) {
185
c[2] = (unsigned char) (i / 256);
186
c[3] = (unsigned char) i;
188
sha256_update(&ctx, digest2, HASH_LEN);
189
sha256_update(&ctx, c, 4);
190
sha256_final(&ctx, digest3);
192
memcpy(&data[i * 32], digest3, BLK_LEN - i * HASH_LEN);
194
memcpy(&data[i * 32], digest3, HASH_LEN);
197
for(i = 0; i < BLK_LEN; i++)
199
data[0] &= (0xff >> 1);
201
if(!(salt = memchr(data, 0x01, BLK_LEN)))
205
if(data + BLK_LEN - salt != SALT_LEN)
209
memcpy(&final[8], sha256, HASH_LEN);
210
memcpy(&final[8 + HASH_LEN], salt, SALT_LEN);
213
sha256_update(&ctx, final, sizeof(final));
214
sha256_final(&ctx, digest1);
216
return memcmp(digest1, digest2, HASH_LEN) ? CL_EVERIFY : CL_SUCCESS;