From b119131873822fa50fbe94d1a09132fa31d3bc3a Mon Sep 17 00:00:00 2001 From: Sree Harsha Totakura Date: Thu, 22 Jan 2015 16:22:32 +0100 Subject: Remove TALER_RSA_hash_sign() and TALER_RSA_hash_verify(). --- src/util/rsa.c | 62 ++++++++++++++++++++++------------------------------- src/util/test_rsa.c | 12 ++++------- 2 files changed, 30 insertions(+), 44 deletions(-) (limited to 'src/util') diff --git a/src/util/rsa.c b/src/util/rsa.c index c34ab1661..0b533615c 100644 --- a/src/util/rsa.c +++ b/src/util/rsa.c @@ -578,18 +578,19 @@ data_to_sexp (const void *ptr, size_t size) /** - * Sign the given hash block. + * Sign the given message. The size of the message should be less than + * TALER_RSA_DATA_ENCODING_LENGTH (256) bytes. * * @param key private key to use for the signing - * @param hash the block containing the hash of the message to sign - * @param hash_size the size of the hash block + * @param msg the message + * @param size the size of the message * @param sig where to write the signature * @return GNUNET_SYSERR on error, GNUNET_OK on success */ int TALER_RSA_sign (const struct TALER_RSA_PrivateKey *key, - const void *hash, - size_t hash_size, + const void *msg, + size_t size, struct TALER_RSA_Signature *sig) { gcry_sexp_t result; @@ -597,7 +598,10 @@ TALER_RSA_sign (const struct TALER_RSA_PrivateKey *key, size_t ssize; gcry_mpi_t rval; - data = data_to_sexp (hash, hash_size); + GNUNET_assert (size <= TALER_RSA_DATA_ENCODING_LENGTH); + if (size > TALER_RSA_DATA_ENCODING_LENGTH) + return GNUNET_SYSERR; + data = data_to_sexp (msg, size); GNUNET_assert (0 == gcry_pk_sign (&result, data, key->sexp)); gcry_sexp_release (data); GNUNET_assert (0 == key_from_sexp (&rval, result, "rsa", "s")); @@ -666,35 +670,42 @@ decode_public_key (const struct TALER_RSA_PublicKeyBinaryEncoded *publicKey) /** - * Verify signature with the given hash. + * Verify signature on the given message. The size of the message should be less than + * TALER_RSA_DATA_ENCODING_LENGTH (256) bytes. * - * @param hash the hash code to verify against the signature + * @param msg the message + * @param size the size of the message * @param sig signature that is being validated * @param publicKey public key of the signer * @returns GNUNET_OK if ok, GNUNET_SYSERR if invalid */ int -TALER_RSA_hash_verify (const struct GNUNET_HashCode *hash, - const struct TALER_RSA_Signature *sig, - const struct TALER_RSA_PublicKeyBinaryEncoded *publicKey) +TALER_RSA_verify (const void *msg, size_t size, + const struct TALER_RSA_Signature *sig, + const struct TALER_RSA_PublicKeyBinaryEncoded *publicKey) { gcry_sexp_t data; gcry_sexp_t sigdata; - size_t size; + size_t sig_size; gcry_mpi_t val; gcry_sexp_t psexp; size_t erroff; int rc; - size = sizeof (struct TALER_RSA_Signature); + GNUNET_assert (size <= TALER_RSA_DATA_ENCODING_LENGTH); + if (size > TALER_RSA_DATA_ENCODING_LENGTH) + return GNUNET_SYSERR; GNUNET_assert (0 == gcry_mpi_scan (&val, GCRYMPI_FMT_USG, - (const unsigned char *) sig, size, &size)); + (const unsigned char *) sig, + sizeof (struct TALER_RSA_Signature), + &sig_size)); + GNUNET_assert (sizeof (struct TALER_RSA_Signature) == sig_size); GNUNET_assert (0 == gcry_sexp_build (&sigdata, &erroff, "(sig-val(rsa(s %m)))", val)); gcry_mpi_release (val); - data = data_to_sexp (hash, sizeof (struct GNUNET_HashCode)); + data = data_to_sexp (msg, size); if (! (psexp = decode_public_key (publicKey))) { gcry_sexp_release (data); @@ -715,27 +726,6 @@ TALER_RSA_hash_verify (const struct GNUNET_HashCode *hash, return GNUNET_OK; } - -/** - * Verify signature on the given message - * - * @param msg the message - * @param size the size of the message - * @param sig signature that is being validated - * @param publicKey public key of the signer - * @returns GNUNET_OK if ok, GNUNET_SYSERR if invalid - */ -int -TALER_RSA_verify (const void *msg, size_t size, - const struct TALER_RSA_Signature *sig, - const struct TALER_RSA_PublicKeyBinaryEncoded *publicKey) -{ - struct GNUNET_HashCode hash; - - GNUNET_CRYPTO_hash (msg, size, &hash); - return TALER_RSA_hash_verify (&hash, sig, publicKey); -} - /** * The blinding key is equal in length to the RSA modulus */ diff --git a/src/util/test_rsa.c b/src/util/test_rsa.c index 85114843d..1f7adfd6c 100644 --- a/src/util/test_rsa.c +++ b/src/util/test_rsa.c @@ -69,11 +69,7 @@ main (int argc, char *argv[]) ntohs (priv_enc->len)))); GNUNET_free (priv_enc); priv_enc = NULL; - EXITIF (GNUNET_OK != TALER_RSA_hash_verify (&hash, - &sig, - &pubkey)); - EXITIF (GNUNET_OK != TALER_RSA_verify (rnd_blk, - RND_BLK_SIZE, + EXITIF (GNUNET_OK != TALER_RSA_verify (&hash, sizeof (hash), &sig, &pubkey)); @@ -93,9 +89,9 @@ main (int argc, char *argv[]) EXITIF (GNUNET_OK != TALER_RSA_unblind (&sig, bkey, &pubkey)); - EXITIF (GNUNET_OK != TALER_RSA_hash_verify (&hash, - &sig, - &pubkey)); + EXITIF (GNUNET_OK != TALER_RSA_verify (&hash, sizeof (hash), + &sig, + &pubkey)); ret = 0; /* all OK */ EXITIF_exit: -- cgit v1.2.3 From acee974c0628f62e2305d072d31038ab8c21a131 Mon Sep 17 00:00:00 2001 From: Sree Harsha Totakura Date: Thu, 22 Jan 2015 16:23:25 +0100 Subject: Add checks to verify incorrect signatures. --- src/util/rsa.c | 6 +++--- src/util/test_rsa.c | 14 +++++++++++++- 2 files changed, 16 insertions(+), 4 deletions(-) (limited to 'src/util') diff --git a/src/util/rsa.c b/src/util/rsa.c index 0b533615c..d85f3cc86 100644 --- a/src/util/rsa.c +++ b/src/util/rsa.c @@ -670,8 +670,8 @@ decode_public_key (const struct TALER_RSA_PublicKeyBinaryEncoded *publicKey) /** - * Verify signature on the given message. The size of the message should be less than - * TALER_RSA_DATA_ENCODING_LENGTH (256) bytes. + * Verify signature on the given message. The size of the message should be + * less than TALER_RSA_DATA_ENCODING_LENGTH (256) bytes. * * @param msg the message * @param size the size of the message @@ -690,7 +690,7 @@ TALER_RSA_verify (const void *msg, size_t size, gcry_mpi_t val; gcry_sexp_t psexp; size_t erroff; - int rc; + gcry_error_t rc; GNUNET_assert (size <= TALER_RSA_DATA_ENCODING_LENGTH); if (size > TALER_RSA_DATA_ENCODING_LENGTH) diff --git a/src/util/test_rsa.c b/src/util/test_rsa.c index 1f7adfd6c..fdacf5212 100644 --- a/src/util/test_rsa.c +++ b/src/util/test_rsa.c @@ -38,7 +38,7 @@ int main (int argc, char *argv[]) { -#define RND_BLK_SIZE 4096 +#define RND_BLK_SIZE 16524 unsigned char rnd_blk[RND_BLK_SIZE]; struct TALER_RSA_PrivateKey *priv; struct TALER_RSA_PrivateKeyBinaryEncoded *priv_enc; @@ -72,6 +72,12 @@ main (int argc, char *argv[]) EXITIF (GNUNET_OK != TALER_RSA_verify (&hash, sizeof (hash), &sig, &pubkey)); + /* corrupt our hash and see if the signature is still valid */ + GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, &hash, + sizeof (struct GNUNET_HashCode)); + EXITIF (GNUNET_OK == TALER_RSA_verify (&hash, sizeof (hash), + &sig, + &pubkey)); /* test blind signing */ GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, rnd_blk, @@ -92,6 +98,12 @@ main (int argc, char *argv[]) EXITIF (GNUNET_OK != TALER_RSA_verify (&hash, sizeof (hash), &sig, &pubkey)); + /* corrupt our hash and see if the signature is still valid */ + GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, &hash, + sizeof (struct GNUNET_HashCode)); + EXITIF (GNUNET_OK == TALER_RSA_verify (&hash, sizeof (hash), + &sig, + &pubkey)); ret = 0; /* all OK */ EXITIF_exit: -- cgit v1.2.3 From 734fd0aa2ef46a718dcddf73fa45b898535b9756 Mon Sep 17 00:00:00 2001 From: Sree Harsha Totakura Date: Thu, 22 Jan 2015 16:26:53 +0100 Subject: -remove unused and misleading hash operation --- src/util/rsa.c | 2 -- 1 file changed, 2 deletions(-) (limited to 'src/util') diff --git a/src/util/rsa.c b/src/util/rsa.c index d85f3cc86..866aeb044 100644 --- a/src/util/rsa.c +++ b/src/util/rsa.c @@ -765,7 +765,6 @@ TALER_RSA_message_blind (const void *msg, size_t size, struct TALER_RSA_PublicKeyBinaryEncoded *pkey) { struct TALER_RSA_BlindedSignaturePurpose *bsp; - struct GNUNET_HashCode hash; gcry_sexp_t psexp; gcry_mpi_t data; gcry_mpi_t skey[2]; @@ -792,7 +791,6 @@ TALER_RSA_message_blind (const void *msg, size_t size, gcry_sexp_release (psexp); psexp = NULL; GNUNET_assert (0 == ret); - GNUNET_CRYPTO_hash (msg, size, &hash); if (0 != (rc=gcry_mpi_scan (&data, GCRYMPI_FMT_USG, (const unsigned char *) msg, size, &rsize))) { -- cgit v1.2.3