1656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* crypto/asn1/a_verify.c */ 2656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * All rights reserved. 4656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 5656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * This package is an SSL implementation written 6656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * by Eric Young (eay@cryptsoft.com). 7656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * The implementation was written so as to conform with Netscapes SSL. 8656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 9656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * This library is free for commercial and non-commercial use as long as 10656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * the following conditions are aheared to. The following conditions 11656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * apply to all code found in this distribution, be it the RC4, RSA, 12656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * included with this distribution is covered by the same copyright terms 14656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 16656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Copyright remains Eric Young's, and as such any Copyright notices in 17656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * the code are not to be removed. 18656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * If this package is used in a product, Eric Young should be given attribution 19656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * as the author of the parts of the library used. 20656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * This can be in the form of a textual message at program startup or 21656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * in documentation (online or textual) provided with the package. 22656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 23656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Redistribution and use in source and binary forms, with or without 24656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * modification, are permitted provided that the following conditions 25656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * are met: 26656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 1. Redistributions of source code must retain the copyright 27656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * notice, this list of conditions and the following disclaimer. 28656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 2. Redistributions in binary form must reproduce the above copyright 29656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * notice, this list of conditions and the following disclaimer in the 30656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * documentation and/or other materials provided with the distribution. 31656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 3. All advertising materials mentioning features or use of this software 32656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * must display the following acknowledgement: 33656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * "This product includes cryptographic software written by 34656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Eric Young (eay@cryptsoft.com)" 35656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * The word 'cryptographic' can be left out if the rouines from the library 36656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * being used are not cryptographic related :-). 37656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 4. If you include any Windows specific code (or a derivative thereof) from 38656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * the apps directory (application code) you must include an acknowledgement: 39656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 41656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * SUCH DAMAGE. 52656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 53656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * The licence and distribution terms for any publically available version or 54656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * derivative of this code cannot be changed. i.e. this code cannot simply be 55656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * copied and put under another distribution licence 56656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * [including the GNU Public Licence.] 57656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 58656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 59656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <stdio.h> 60656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <time.h> 61656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 62656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include "cryptlib.h" 63221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom#include "asn1_locl.h" 64656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 65656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef NO_SYS_TYPES_H 66656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project# include <sys/types.h> 67656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 68656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 69656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/bn.h> 70656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/x509.h> 71656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/objects.h> 72656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/buffer.h> 73656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/evp.h> 74656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 75656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef NO_ASN1_OLD 76656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 77656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint ASN1_verify(i2d_of_void *i2d, X509_ALGOR *a, ASN1_BIT_STRING *signature, 78656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *data, EVP_PKEY *pkey) 79656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 80656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_MD_CTX ctx; 81656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project const EVP_MD *type; 82656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project unsigned char *p,*buf_in=NULL; 83656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int ret= -1,i,inl; 84656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 85656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_MD_CTX_init(&ctx); 86656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i=OBJ_obj2nid(a->algorithm); 87656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project type=EVP_get_digestbyname(OBJ_nid2sn(i)); 88656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (type == NULL) 89656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 90656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ASN1err(ASN1_F_ASN1_VERIFY,ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM); 91656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 92656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 93656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 94656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project inl=i2d(data,NULL); 95656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project buf_in=OPENSSL_malloc((unsigned int)inl); 96656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (buf_in == NULL) 97656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 98656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_MALLOC_FAILURE); 99656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 100656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 101656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project p=buf_in; 102656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 103656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i2d(data,&p); 104392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (!EVP_VerifyInit_ex(&ctx,type, NULL) 105392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom || !EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl)) 106392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 107392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_EVP_LIB); 108392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom ret=0; 109392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom goto err; 110392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 111656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 112656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OPENSSL_cleanse(buf_in,(unsigned int)inl); 113656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OPENSSL_free(buf_in); 114656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 115656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data, 116656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (unsigned int)signature->length,pkey) <= 0) 117656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 118656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_EVP_LIB); 119656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret=0; 120656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 121656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 122656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* we don't need to zero the 'ctx' because we just checked 123656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * public information */ 124656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* memset(&ctx,0,sizeof(ctx)); */ 125656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret=1; 126656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projecterr: 127656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_MD_CTX_cleanup(&ctx); 128656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(ret); 129656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 130656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 131656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 132656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 133656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 134392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstromint ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, 135392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom ASN1_BIT_STRING *signature, void *asn, EVP_PKEY *pkey) 136656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 137656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_MD_CTX ctx; 138656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project unsigned char *buf_in=NULL; 139221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom int ret= -1,inl; 140221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 141221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom int mdnid, pknid; 142656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 143656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_MD_CTX_init(&ctx); 144221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 145221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom /* Convert signature OID into digest and public key OIDs */ 146221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!OBJ_find_sigid_algs(OBJ_obj2nid(a->algorithm), &mdnid, &pknid)) 147221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 148221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM); 149221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto err; 150221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 151392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (mdnid == NID_undef) 152656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 153392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (!pkey->ameth || !pkey->ameth->item_verify) 154392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 155392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM); 156392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom goto err; 157392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 158392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom ret = pkey->ameth->item_verify(&ctx, it, asn, a, 159392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom signature, pkey); 160392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom /* Return value of 2 means carry on, anything else means we 161392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * exit straight away: either a fatal error of the underlying 162392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom * verification routine handles all verification. 163392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom */ 164392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (ret != 2) 165392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom goto err; 166392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom ret = -1; 167656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 168392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom else 169221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 170392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom const EVP_MD *type; 171392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom type=EVP_get_digestbynid(mdnid); 172392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (type == NULL) 173392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 174392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM); 175392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom goto err; 176392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 177392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 178392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom /* Check public key OID matches public key type */ 179392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (EVP_PKEY_type(pknid) != pkey->ameth->pkey_id) 180392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 181392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_WRONG_PUBLIC_KEY_TYPE); 182392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom goto err; 183392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 184392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom 185392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (!EVP_DigestVerifyInit(&ctx, NULL, type, NULL, pkey)) 186392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 187392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB); 188392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom ret=0; 189392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom goto err; 190392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 191221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 192656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 193656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 194656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project inl = ASN1_item_i2d(asn, &buf_in, it); 195656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 196656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (buf_in == NULL) 197656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 198656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_MALLOC_FAILURE); 199656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 200656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 201656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 202392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (!EVP_DigestVerifyUpdate(&ctx,buf_in,inl)) 203392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom { 204392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB); 205392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom ret=0; 206392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom goto err; 207392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom } 208656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 209656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OPENSSL_cleanse(buf_in,(unsigned int)inl); 210656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OPENSSL_free(buf_in); 211656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 212392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom if (EVP_DigestVerifyFinal(&ctx,signature->data, 213392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom (size_t)signature->length) <= 0) 214656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 215656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB); 216656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret=0; 217656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 218656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 219656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* we don't need to zero the 'ctx' because we just checked 220656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * public information */ 221656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* memset(&ctx,0,sizeof(ctx)); */ 222656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret=1; 223656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projecterr: 224656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_MD_CTX_cleanup(&ctx); 225656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return(ret); 226656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 227656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 228656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 229