33 #define getMinPadBytes( length ) \
34 ( ( length ) - ( 3 + 19 + CRYPT_MAX_HASHSIZE ) )
57 if( sgetc( stream ) != 0 || sgetc( stream ) != 1 )
62 for( i = 2, ch = 0xFF; ( i < length - 16 ) && ( ch == 0xFF ); i++ )
101 int encodedMdLength, recreatedMdLength =
DUMMY_INIT;
118 status = writeMessageDigest( &mdStream, hashAlgo, hash, hashSize );
120 recreatedMdLength = stell( &mdStream );
121 sMemDisconnect( &mdStream );
126 if( encodedMdLength != recreatedMdLength || \
127 !compareDataConstTime( encodedMD, recreatedMD, encodedMdLength ) )
141 IN_BUFFER( sigDataLen )
const void *sigData,
149 assert(
isReadPtr( sigData, sigDataLen ) );
150 assert(
isReadPtr( signature, sigLen ) );
157 memcpy( recoveredSignature, signature, sigLen );
159 recoveredSignature, sigLen );
170 if( sigDataLen != sigLen || \
171 !compareDataConstTime( sigData, recoveredSignature, sigLen ) )
173 DEBUG_DIAG((
"Signature consistency check failed" ));
212 if( mechanismInfo->signature != NULL )
214 memset( mechanismInfo->signature, 0,
215 mechanismInfo->signatureLength );
219 status = getPkcAlgoParams( mechanismInfo->signContext, NULL,
222 status = getHashAlgoParams( mechanismInfo->hashContext,
228 &sideChannelProtectionLevel,
236 if( mechanismInfo->signature == NULL )
238 mechanismInfo->signatureLength =
length;
250 hashSize = msgData.
length;
259 hashSize2 = msgData.
length;
263 sMemOpen( &stream, mechanismInfo->signature, length );
276 for( i = 0; i < length - ( payloadSize + 3 ); i++ )
277 sputc( &stream, 0xFF );
279 status = writeMessageDigest( &stream, hashAlgo, hash, hashSize );
291 for( i = 0; i < length - ( hashSize + hashSize2 + 3 ); i++ )
292 sputc( &stream, 0xFF );
294 swrite( &stream, hash, hashSize );
295 status = swrite( &stream, hash2, hashSize2 );
302 sMemDisconnect( &stream );
305 zeroise( mechanismInfo->signature, mechanismInfo->signatureLength );
312 if( sideChannelProtectionLevel > 0 )
313 memcpy( preSigData, mechanismInfo->signature, length );
321 zeroise( mechanismInfo->signature, mechanismInfo->signatureLength );
324 mechanismInfo->signatureLength =
length;
328 if( sideChannelProtectionLevel > 0 )
330 status = checkRecoveredSignature( mechanismInfo->signContext,
332 mechanismInfo->signature, length );
336 zeroise( mechanismInfo->signature, length );
337 mechanismInfo->signatureLength = 0;
361 status = getPkcAlgoParams( mechanismInfo->signContext, NULL,
364 status = getHashAlgoParams( mechanismInfo->hashContext,
365 &contextHashAlgo, NULL );
373 hashSize = msgData.
length;
381 mechanismInfo->signature, mechanismInfo->signatureLength,
394 sMemConnect( &stream, decryptedSignature, length );
400 status = decodePKCS1( &stream, length );
403 status = compareHashInfo( &stream, contextHashAlgo, hash,
414 status = decodePKCS1( &stream, length );
417 status = sread( &stream, hash, 16 );
419 status = sread( &stream, hash2, 20 );
444 if(
cryptStatusOK( status ) && sMemDataLeft( &stream ) != 0 )
450 sMemDisconnect( &stream );
477 return( sigcheck( mechanismInfo,
SIGN_PKCS1 ) );
490 return( sign( mechanismInfo,
SIGN_SSL ) );
501 return( sigcheck( mechanismInfo,
SIGN_SSL ) );