本文整理汇总了C++中i2d_ECDSA_SIG函数的典型用法代码示例。如果您正苦于以下问题:C++ i2d_ECDSA_SIG函数的具体用法?C++ i2d_ECDSA_SIG怎么用?C++ i2d_ECDSA_SIG使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了i2d_ECDSA_SIG函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的C++代码示例。
示例1: test_builtin
//.........这里部分代码省略.........
/* wrong length */
if (ECDSA_verify(0, digest, 20, signature, sig_len - 1, eckey) == 1) {
BIO_printf(out, " failed\n");
goto builtin_err;
}
BIO_printf(out, ".");
(void)BIO_flush(out);
/*
* Modify a single byte of the signature: to ensure we don't garble
* the ASN1 structure, we read the raw signature and modify a byte in
* one of the bignums directly.
*/
sig_ptr = signature;
if ((ecdsa_sig = d2i_ECDSA_SIG(NULL, &sig_ptr, sig_len)) == NULL) {
BIO_printf(out, " failed\n");
goto builtin_err;
}
/* Store the two BIGNUMs in raw_buf. */
r_len = BN_num_bytes(ecdsa_sig->r);
s_len = BN_num_bytes(ecdsa_sig->s);
bn_len = (degree + 7) / 8;
if ((r_len > bn_len) || (s_len > bn_len)) {
BIO_printf(out, " failed\n");
goto builtin_err;
}
buf_len = 2 * bn_len;
if ((raw_buf = OPENSSL_malloc(buf_len)) == NULL)
goto builtin_err;
/* Pad the bignums with leading zeroes. */
memset(raw_buf, 0, buf_len);
BN_bn2bin(ecdsa_sig->r, raw_buf + bn_len - r_len);
BN_bn2bin(ecdsa_sig->s, raw_buf + buf_len - s_len);
/* Modify a single byte in the buffer. */
offset = raw_buf[10] % buf_len;
dirt = raw_buf[11] ? raw_buf[11] : 1;
raw_buf[offset] ^= dirt;
/* Now read the BIGNUMs back in from raw_buf. */
if ((BN_bin2bn(raw_buf, bn_len, ecdsa_sig->r) == NULL) ||
(BN_bin2bn(raw_buf + bn_len, bn_len, ecdsa_sig->s) == NULL))
goto builtin_err;
sig_ptr2 = signature;
sig_len = i2d_ECDSA_SIG(ecdsa_sig, &sig_ptr2);
if (ECDSA_verify(0, digest, 20, signature, sig_len, eckey) == 1) {
BIO_printf(out, " failed\n");
goto builtin_err;
}
/*
* Sanity check: undo the modification and verify signature.
*/
raw_buf[offset] ^= dirt;
if ((BN_bin2bn(raw_buf, bn_len, ecdsa_sig->r) == NULL) ||
(BN_bin2bn(raw_buf + bn_len, bn_len, ecdsa_sig->s) == NULL))
goto builtin_err;
sig_ptr2 = signature;
sig_len = i2d_ECDSA_SIG(ecdsa_sig, &sig_ptr2);
if (ECDSA_verify(0, digest, 20, signature, sig_len, eckey) != 1) {
BIO_printf(out, " failed\n");
goto builtin_err;
}
BIO_printf(out, ".");
(void)BIO_flush(out);
BIO_printf(out, " ok\n");
/* cleanup */
/* clean bogus errors */
ERR_clear_error();
OPENSSL_free(signature);
signature = NULL;
EC_KEY_free(eckey);
eckey = NULL;
EC_KEY_free(wrong_eckey);
wrong_eckey = NULL;
ECDSA_SIG_free(ecdsa_sig);
ecdsa_sig = NULL;
OPENSSL_free(raw_buf);
raw_buf = NULL;
}
ret = 1;
builtin_err:
if (eckey)
EC_KEY_free(eckey);
if (wrong_eckey)
EC_KEY_free(wrong_eckey);
if (ecdsa_sig)
ECDSA_SIG_free(ecdsa_sig);
if (signature)
OPENSSL_free(signature);
if (raw_buf)
OPENSSL_free(raw_buf);
if (curves)
OPENSSL_free(curves);
return ret;
}
开发者ID:bbidd985,项目名称:IEEE_Taggant_System,代码行数:101,代码来源:ecdsatest.c
示例2: d2i_ECDSA_SIG
bool CKey::ReserealizeSignature(std::vector<unsigned char>& vchSig) {
unsigned char *pos;
if (vchSig.empty())
return false;
pos = &vchSig[0];
ECDSA_SIG *sig = d2i_ECDSA_SIG(NULL, (const unsigned char **)&pos, vchSig.size());
if (sig == NULL)
return false;
bool ret = false;
int nSize = i2d_ECDSA_SIG(sig, NULL);
if (nSize > 0) {
vchSig.resize(nSize); // grow or shrink as needed
pos = &vchSig[0];
i2d_ECDSA_SIG(sig, &pos);
ret = true;
}
ECDSA_SIG_free(sig);
return ret;
}
开发者ID:JohnLZeller,项目名称:Gridcoin-Research,代码行数:25,代码来源:key.cpp
示例3: ECDSA_verify
/* returns
* 1: correct signature
* 0: incorrect signature
* -1: error
*/
int
ECDSA_verify(int type, const unsigned char *dgst, int dgst_len,
const unsigned char *sigbuf, int sig_len, EC_KEY *eckey)
{
ECDSA_SIG *s;
unsigned char *der = NULL;
const unsigned char *p = sigbuf;
int derlen = -1;
int ret = -1;
s = ECDSA_SIG_new();
if (s == NULL)
return (ret);
if (d2i_ECDSA_SIG(&s, &p, sig_len) == NULL)
goto err;
/* Ensure signature uses DER and doesn't have trailing garbage */
derlen = i2d_ECDSA_SIG(s, &der);
if (derlen != sig_len || memcmp(sigbuf, der, derlen))
goto err;
ret = ECDSA_do_verify(dgst, dgst_len, s, eckey);
err:
freezero(der, derlen);
ECDSA_SIG_free(s);
return (ret);
}
开发者ID:MiKTeX,项目名称:miktex,代码行数:31,代码来源:ecs_vrf.c
示例4: ECDSA_do_sign
bool CKey::Sign(uint256 hash, std::vector<unsigned char>& vchSig)
{
vchSig.clear();
ECDSA_SIG *sig = ECDSA_do_sign((unsigned char*)&hash, sizeof(hash), pkey);
if (sig==NULL)
return false;
const EC_GROUP *group = EC_KEY_get0_group(pkey);
CBigNum order, halforder;
EC_GROUP_get_order(group, &order, NULL);
BN_rshift1(&halforder, &order);
// enforce low S values, by negating the value (modulo the order) if above order/2.
if (BN_cmp(sig->s, &halforder) > 0) {
BN_sub(sig->s, &order, sig->s);
}
unsigned int nSize = ECDSA_size(pkey);
vchSig.resize(nSize); // Make sure it is big enough
unsigned char *pos = &vchSig[0];
nSize = i2d_ECDSA_SIG(sig, &pos);
ECDSA_SIG_free(sig);
vchSig.resize(nSize); // Shrink to fit actual size
// Testing our new signature
if (ECDSA_verify(0, (unsigned char*)&hash, sizeof(hash), &vchSig[0], vchSig.size(), pkey) != 1) {
vchSig.clear();
return false;
}
return true;
}
开发者ID:likecoin-script,项目名称:novacoin,代码行数:27,代码来源:key.cpp
示例5: ECDSA_do_sign
bool CKey::Sign(uint256 hash, std::vector<unsigned char>& vchSig)
{
vchSig.clear();
ECDSA_SIG *sig = ECDSA_do_sign((unsigned char*)&hash, sizeof(hash), pkey);
if (sig == NULL)
return false;
BN_CTX *ctx = BN_CTX_new();
BN_CTX_start(ctx);
const EC_GROUP *group = EC_KEY_get0_group(pkey);
BIGNUM *order = BN_CTX_get(ctx);
BIGNUM *halforder = BN_CTX_get(ctx);
EC_GROUP_get_order(group, order, ctx);
BN_rshift1(halforder, order);
if (BN_cmp(sig->s, halforder) > 0) {
// enforce low S values, by negating the value (modulo the order) if above order/2.
BN_sub(sig->s, order, sig->s);
}
BN_CTX_end(ctx);
BN_CTX_free(ctx);
unsigned int nSize = ECDSA_size(pkey);
vchSig.resize(nSize); // Make sure it is big enough
unsigned char *pos = &vchSig[0];
nSize = i2d_ECDSA_SIG(sig, &pos);
ECDSA_SIG_free(sig);
vchSig.resize(nSize); // Shrink to fit actual size
return true;
}
开发者ID:ucisal,项目名称:UCICOIN,代码行数:27,代码来源:key.cpp
示例6: ECDSA_sign_ex
int ECDSA_sign_ex(int type, const unsigned char *dgst, int dlen, unsigned char
*sig, unsigned int *siglen, const BIGNUM *kinv, const BIGNUM *r,
EC_KEY *eckey)
{
// BIO *out;//Added for test
ECDSA_SIG *s;
//Added for test
// out=BIO_new(BIO_s_file());
// if (out == NULL) return 0;
// BIO_set_fp(out,stdout,BIO_NOCLOSE);
s = ECDSA_do_sign_ex(dgst, dlen, kinv, r, eckey);
if (s == NULL)
{
*siglen=0;
return 0;
}
// printf("--------%s(%d),*siglen=%d-------\n",__FUNCTION__,__LINE__,*siglen);//Added for test
// BN_print(out, s->r);//Added for test
// BN_print(out, s->s);//Added for test
*siglen = i2d_ECDSA_SIG(s, &sig);
// printf("\n--------%s(%d),*siglen=%d-------\n",__FUNCTION__,__LINE__,*siglen);//Added for test
ECDSA_SIG_free(s);
return 1;
}
开发者ID:jameshilliard,项目名称:WECB-BH-GPL,代码行数:28,代码来源:ecs_sign.c
示例7: ECDSA_SIG_new
bool CKey::Verify(uint256 hash, const std::vector<unsigned char>& vchSig)
{
if (vchSig.empty())
return false;
// New versions of OpenSSL will reject non-canonical DER signatures. de/re-serialize first.
unsigned char *norm_der = NULL;
ECDSA_SIG *norm_sig = ECDSA_SIG_new();
const unsigned char* sigptr = &vchSig[0];
assert(norm_sig);
if (d2i_ECDSA_SIG(&norm_sig, &sigptr, vchSig.size()) == NULL)
{
/* As of OpenSSL 1.0.0p d2i_ECDSA_SIG frees and nulls the pointer on
* error. But OpenSSL's own use of this function redundantly frees the
* result. As ECDSA_SIG_free(NULL) is a no-op, and in the absence of a
* clear contract for the function behaving the same way is more
* conservative.
*/
ECDSA_SIG_free(norm_sig);
return false;
}
int derlen = i2d_ECDSA_SIG(norm_sig, &norm_der);
ECDSA_SIG_free(norm_sig);
if (derlen <= 0)
return false;
// -1 = error, 0 = bad sig, 1 = good
bool ret = ECDSA_verify(0, (unsigned char*)&hash, sizeof(hash), norm_der, derlen, pkey) == 1;
OPENSSL_free(norm_der);
return ret;
}
开发者ID:AsiaCoin,项目名称:AsiaCoinFix,代码行数:31,代码来源:key.cpp
示例8: vchSig
// Credit: https://github.com/ppcoin/ppcoin/pull/101/files
bool CKey::Verify(uint256 hash, const std::vector<unsigned char>& vchSigParam)
{
// Prevent the problem described here:
// https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2015-July/009697.html
// by removing the extra length bytes
std::vector<unsigned char> vchSig(vchSigParam.begin(), vchSigParam.end());
if (vchSig.size() > 1 && vchSig[1] & 0x80)
{
unsigned char nLengthBytes = vchSig[1] & 0x7f;
if (vchSig.size() < 2 + nLengthBytes)
return false;
if (nLengthBytes > 4)
{
unsigned char nExtraBytes = nLengthBytes - 4;
for (unsigned char i = 0; i < nExtraBytes; i++)
if (vchSig[2 + i])
return false;
vchSig.erase(vchSig.begin() + 2, vchSig.begin() + 2 + nExtraBytes);
vchSig[1] = 0x80 | (nLengthBytes - nExtraBytes);
}
}
if (vchSig.empty())
return false;
// New versions of OpenSSL will reject non-canonical DER signatures. de/re-serialize first.
unsigned char *norm_der = NULL;
ECDSA_SIG *norm_sig = ECDSA_SIG_new();
const unsigned char* sigptr = &vchSig[0];
assert(norm_sig);
if (d2i_ECDSA_SIG(&norm_sig, &sigptr, vchSig.size()) == NULL)
{
/* As of OpenSSL 1.0.0p d2i_ECDSA_SIG frees and nulls the pointer on
* error. But OpenSSL's own use of this function redundantly frees the
* result. As ECDSA_SIG_free(NULL) is a no-op, and in the absence of a
* clear contract for the function behaving the same way is more
* conservative.
*/
ECDSA_SIG_free(norm_sig);
return false;
}
int derlen = i2d_ECDSA_SIG(norm_sig, &norm_der);
ECDSA_SIG_free(norm_sig);
if (derlen <= 0)
return false;
// -1 = error, 0 = bad sig, 1 = good
bool ret = ECDSA_verify(0, (unsigned char*)&hash, sizeof(hash), norm_der, derlen, pkey) == 1;
OPENSSL_free(norm_der);
return ret;
}
开发者ID:StealthSend,项目名称:SonicScrewdriver,代码行数:54,代码来源:key.cpp
示例9: ossl_ecdsa_sign
int ossl_ecdsa_sign(int type, const unsigned char *dgst, int dlen,
unsigned char *sig, unsigned int *siglen,
const BIGNUM *kinv, const BIGNUM *r, EC_KEY *eckey)
{
ECDSA_SIG *s;
RAND_seed(dgst, dlen);
s = ECDSA_do_sign_ex(dgst, dlen, kinv, r, eckey);
if (s == NULL) {
*siglen = 0;
return 0;
}
*siglen = i2d_ECDSA_SIG(s, &sig);
ECDSA_SIG_free(s);
return 1;
}
开发者ID:AndreV84,项目名称:openssl,代码行数:15,代码来源:ecdsa_ossl.c
示例10: ecdsa_sign_verify
/*!
* \brief Verify the DNSSEC signature for supplied data and ECDSA algorithm.
* \see any_sign_verify
*/
static int ecdsa_sign_verify(const knot_dnssec_sign_context_t *context,
const uint8_t *signature, size_t signature_size)
{
assert(context);
assert(signature);
if (signature_size != ecdsa_sign_size(context->key)) {
return KNOT_EINVAL;
}
// see ecdsa_sign_write() for conversion details
size_t parameter_size = signature_size / 2;
const uint8_t *signature_r = signature;
const uint8_t *signature_s = signature + parameter_size;
ECDSA_SIG *decoded = ECDSA_SIG_new();
if (!decoded) {
return KNOT_ENOMEM;
}
decoded->r = BN_bin2bn(signature_r, parameter_size, decoded->r);
decoded->s = BN_bin2bn(signature_s, parameter_size, decoded->s);
size_t max_size = EVP_PKEY_size(context->key->data->private_key);
uint8_t *raw_signature = malloc(max_size);
if (!raw_signature) {
ECDSA_SIG_free(decoded);
return KNOT_ENOMEM;
}
uint8_t *raw_write = raw_signature;
int raw_size = i2d_ECDSA_SIG(decoded, &raw_write);
if (raw_size < 0) {
free(raw_signature);
ECDSA_SIG_free(decoded);
return KNOT_DNSSEC_EDECODE_RAW_SIGNATURE;
}
assert(raw_write == raw_signature + raw_size);
int result = any_sign_verify(context, raw_signature, raw_size);
ECDSA_SIG_free(decoded);
free(raw_signature);
return result;
}
开发者ID:dnstap,项目名称:knot,代码行数:52,代码来源:sign.c
示例11: vchSig
bool CKey::Verify(uint256 hash, const std::vector<unsigned char>& vchSigParam)
{
// Fix invalid signature with crafted length by removing extra length bytes
std::vector<unsigned char> vchSig(vchSigParam.begin(), vchSigParam.end());
if (vchSig.size() > 1 && vchSig[1] & 0x80)
{
unsigned char nLengthBytes = vchSig[1] & 0x7f;
if (vchSig.size() < 2 + nLengthBytes) // Avoid invalid memory access on crafted signature
return false;
if (nLengthBytes > 4)
{
unsigned char nExtraBytes = nLengthBytes - 4;
for (unsigned char i = 0; i < nExtraBytes; i++)
if (vchSig[2 + i])
return false;
vchSig.erase(vchSig.begin() + 2, vchSig.begin() + 2 + nExtraBytes);
vchSig[1] = 0x80 | (nLengthBytes - nExtraBytes);
}
}
if (vchSig.empty())
return false;
// New versions of OpenSSL will reject non-canonical DER signatures. De/re-serialize first.
unsigned char *norm_der = NULL;
ECDSA_SIG *norm_sig = ECDSA_SIG_new();
const unsigned char* sigptr = &vchSig[0];
assert(norm_sig);
if (d2i_ECDSA_SIG(&norm_sig, &sigptr, vchSig.size()) == NULL)
{
/* As of OpenSSL 1.0.0p d2i_ECDSA_SIG frees and nulls the pointer on error.
* But OpenSSL's own use of this function redundantly frees the result.
* As ECDSA_SIG_free(NULL) is a no-op, and in the absence of a clear contract for the function behaving the same way is more conservative. */
ECDSA_SIG_free(norm_sig);
return false;
}
int derlen = i2d_ECDSA_SIG(norm_sig, &norm_der);
ECDSA_SIG_free(norm_sig);
if (derlen <= 0)
return false;
// -1 = error, 0 = bad sig, 1 = good
bool ret = ECDSA_verify(0, (unsigned char*)&hash, sizeof(hash), norm_der, derlen, pkey) == 1;
OPENSSL_free(norm_der);
return ret;
}
开发者ID:EnergyCoinProject,项目名称:energycoin,代码行数:48,代码来源:key.cpp
示例12: ECDSA_SIG_new
bool CKey::Verify(uint256 hash, const std::vector<unsigned char>& vchSig)
{
// New versions of OpenSSL will reject non-canonical DER signatures. de/re-serialize first.
unsigned char *norm_der = NULL;
ECDSA_SIG *norm_sig = ECDSA_SIG_new();
const unsigned char* sigptr = &vchSig[0];
d2i_ECDSA_SIG(&norm_sig, &sigptr, vchSig.size());
int derlen = i2d_ECDSA_SIG(norm_sig, &norm_der);
ECDSA_SIG_free(norm_sig);
if (derlen <= 0)
return false;
// -1 = error, 0 = bad sig, 1 = good
bool ret = ECDSA_verify(0, (unsigned char*)&hash, sizeof(hash), norm_der, derlen, pkey) == 1;
OPENSSL_free(norm_der);
return ret;
}
开发者ID:Tomcatt,项目名称:CryptoBullion-CBX,代码行数:17,代码来源:key.cpp
示例13: main
//.........这里部分代码省略.........
fprintf(stderr, "Error reading payload\n");
goto end;
}
if(type == CKK_RSA) {
for(i = 0; (i < rsa_len) && (pkey == NULL); i++) {
if(strncmp(rsa_keys[i].id, keyid, KEY_ID_SIZE - 1) == 0) {
pkey = rsa_keys[i].key;
}
}
} else if(type == CKK_EC) {
for(i = 0; (i < ec_len) && (pkey == NULL); i++) {
if(strncmp(ec_keys[i].id, keyid, KEY_ID_SIZE - 1) == 0) {
pkey = ec_keys[i].key;
}
}
}
if(pkey == NULL) {
fprintf(stderr, "Key not found\n");
goto end;
} else if(verbose) {
fprintf(stderr, "Key '%s'found\n", keyid);
}
if(type == CKK_RSA && operation == CKA_SIGN) {
if(verbose) {
fprintf(stderr, "RSA signature operation requested\n");
}
l = RSA_private_encrypt(plen, (unsigned char *)buffer, (unsigned char *)sig,
EVP_PKEY_get1_RSA(pkey), RSA_PKCS1_PADDING);
} else if(type == CKK_RSA && operation == CKA_DECRYPT) {
if(verbose) {
fprintf(stderr, "RSA decryption operation requested\n");
}
l = RSA_private_decrypt(plen, (unsigned char *)buffer, (unsigned char *)sig,
EVP_PKEY_get1_RSA(pkey), RSA_PKCS1_PADDING);
} else if (type == CKK_EC && operation == CKA_SIGN) {
unsigned char *ptr = (unsigned char *)sig;
ECDSA_SIG *s = ECDSA_do_sign((unsigned char *)buffer, plen, EVP_PKEY_get1_EC_KEY(pkey));
l = i2d_ECDSA_SIG(s, &ptr);
ECDSA_SIG_free(s);
} else {
if(verbose) {
fprintf(stderr, "Invalid operation requested\n");
}
goto end;
}
slen = l;
if(l <= 0) {
if(verbose) {
fprintf(stderr, "Error unsuccessful\n");
}
goto end;
} else if(verbose) {
fprintf(stderr, "Operation successful\n");
}
BIO_printf(b, "200 Ok\r\n");
BIO_printf(b, "Content-Length: %d\r\n\r\n", slen);
l = BIO_write(b, sig, slen);
BIO_flush(b);
i= 0;
/*
for(i = 0; i < rsa_len; i++) {
BIO_write(b, rsa_keys[i].id, KEY_ID_SIZE);
BIO_write(b, "\n", 1);
PEM_write_bio_RSAPrivateKey(b, EVP_PKEY_get1_RSA(rsa_keys[i].key), NULL, NULL, 0, NULL, NULL);
}
for(i = 0; i < ec_len; i++) {
BIO_write(b, ec_keys[i].id, KEY_ID_SIZE);
BIO_write(b, "\n", 1);
PEM_write_bio_ECPrivateKey(b, EVP_PKEY_get1_EC_KEY(ec_keys[i].key), NULL, NULL, 0, NULL, NULL);
}
*/
end:
close(s);
BIO_free(b);
} while(1);
close(fd);
if(opt_pin) {
funcs->C_CloseAllSessions(opt_slot);
free(opt_pin);
}
rc = funcs->C_Finalize(NULL);
if (rc != CKR_OK) {
show_error(stderr, "C_Finalize", rc);
return rc;
}
return rc;
}
开发者ID:zhulianhai,项目名称:pkcs11,代码行数:101,代码来源:pkcs11d.c
示例14: Yassert
bool CKey::Verify(uint256 hash, const std::vector<unsigned char>& vchSig)
{
if( fNewerOpenSSL )
{
if (vchSig.empty())
return false;
// New versions of OpenSSL will reject non-canonical DER signatures. de/re-serialize first.
unsigned char
*norm_der = NULL;
ECDSA_SIG
*norm_sig = ECDSA_SIG_new();
const unsigned char
* sigptr = &vchSig[0];
Yassert(norm_sig);
if (d2i_ECDSA_SIG(&norm_sig, &sigptr, vchSig.size()) == NULL)
{
/* As of OpenSSL 1.0.0p d2i_ECDSA_SIG frees and nulls the pointer on
* error. But OpenSSL's own use of this function redundantly frees the
* result. As ECDSA_SIG_free(NULL) is a no-op, and in the absence of a
* clear contract for the function behaving the same way is more
* conservative.
*/
ECDSA_SIG_free(norm_sig);
return false;
}
int derlen = i2d_ECDSA_SIG(norm_sig, &norm_der);
ECDSA_SIG_free(norm_sig);
if (derlen <= 0)
return false;
// -1 = error, 0 = bad sig, 1 = good
bool
ret = (
1 == ECDSA_verify(
0,
(unsigned char*)&hash,
sizeof(hash),
norm_der,
derlen,
pkey
)
);
OPENSSL_free(norm_der);
if (false == ret)
return false;
return ret;
}
else // older version of OpenSSL, so do the old code
{
if (vchSig.empty())
{
printf( "\n\aECDSA signature verify called with nul argument?\n\n" );
}
const int
nECDSAgood = 1,
nECDSAbad = 0,
nECDSAerror = -1;
int
nReturn = ECDSA_verify(
0,
(unsigned char*)&hash,
sizeof(hash),
&vchSig[0],
vchSig.size(),
pkey
);
switch( nReturn )
{
case nECDSAgood:
return true;
case nECDSAbad:
//printf( "\n\aECDSA signature verify FAILED?\n\n" );
//(void)MessageBeep( MB_ICONERROR );
return false;
case nECDSAerror:
//printf( "\n\aECDSA signature verify ERRORED?\n\n" );
//(void)MessageBeep( MB_ICONERROR );
return false;
default:
return false;
}
}
}
开发者ID:ya4-old-c-coder,项目名称:yacoin,代码行数:87,代码来源:key.cpp
示例15: signMessageWithPem
int signMessageWithPem(char *message, char *pem, char **signature) {
unsigned int meslen = strlen(message);
unsigned char *messagebytes = calloc(meslen, sizeof(unsigned char));
int derSigLen = 0;
int i = 0;
memcpy(messagebytes, message, meslen);
EC_KEY *key = NULL;
BIO *in = NULL;
unsigned char *buffer = NULL;
char *sha256ofMsg = calloc(SHA256_HEX_STRING, sizeof(char));
unsigned char *outBytesOfsha256ofMsg = calloc(SHA256_STRING, sizeof(unsigned char));
digestOfBytes(messagebytes, &sha256ofMsg, "sha256", meslen);
sha256ofMsg[64] = '\0';
createDataWithHexString(sha256ofMsg, &outBytesOfsha256ofMsg);
in = BIO_new(BIO_s_mem());
BIO_puts(in, pem);
key = PEM_read_bio_ECPrivateKey(in, NULL, NULL, NULL);
if(key == NULL) {
return ERROR;
}
while(derSigLen < 70 && i < 10) {
i++;
ECDSA_SIG *sig = ECDSA_do_sign((const unsigned char*)outBytesOfsha256ofMsg, SHA256_DIGEST_LENGTH, key);
int verify = ECDSA_do_verify((const unsigned char*)outBytesOfsha256ofMsg, SHA256_DIGEST_LENGTH, sig, key);
if(verify != 1) {
return ERROR;
}
int buflen = ECDSA_size(key);
buffer = OPENSSL_malloc(buflen);
derSigLen = i2d_ECDSA_SIG(sig, &buffer);
}
if(i == 10)
return ERROR;
char *hexData = calloc(derSigLen, sizeof(char));
memcpy(hexData, buffer-derSigLen, derSigLen);
char *hexString = calloc(derSigLen*2+1, sizeof(char));
toHexString(hexData, derSigLen, &hexString);
hexString[derSigLen * 2] = '\0';
memcpy(*signature, hexString, (derSigLen*2)+ 1);
EC_KEY_free(key);
BIO_free_all(in);
free(messagebytes);
free(sha256ofMsg);
free(outBytesOfsha256ofMsg);
free(hexData);
free(hexString);
return NOERROR;
}
开发者ID:kleetus,项目名称:bitpay-c-keyutils,代码行数:64,代码来源:key_utils.c
示例16: test_builtin
//.........这里部分代码省略.........
/* Modify a single byte of the signature: to ensure we don't
* garble the ASN1 structure, we read the raw signature and
* modify a byte in one of the bignums directly. */
sig_ptr = signature;
ecdsa_sig = d2i_ECDSA_SIG(NULL, &sig_ptr, sig_len);
if (ecdsa_sig == NULL) {
BIO_printf(out, " failed\n");
goto builtin_err;
}
/* Store the two BIGNUMs in raw_buf. */
r_len = BN_num_bytes(ecdsa_sig->r);
s_len = BN_num_bytes(ecdsa_sig->s);
bn_len = BN_num_bytes(order);
if (r_len > bn_len || s_len > bn_len) {
BIO_printf(out, " failed\n");
goto builtin_err;
}
buf_len = 2 * bn_len;
raw_buf = OPENSSL_malloc(2 * bn_len);
if (raw_buf == NULL) {
goto builtin_err;
}
/* Pad the bignums with leading zeroes. */
if (!BN_bn2bin_padded(raw_buf, bn_len, ecdsa_sig->r) ||
!BN_bn2bin_padded(raw_buf + bn_len, bn_len, ecdsa_sig->s)) {
goto builtin_err;
}
/* Modify a single byte in the buffer. */
offset = raw_buf[10] % buf_len;
dirt = raw_buf[11] ? raw_buf[11] : 1;
raw_buf[offset] ^= dirt;
/* Now read the BIGNUMs back in from raw_buf. */
if (BN_bin2bn(raw_buf, bn_len, ecdsa_sig->r) == NULL ||
BN_bin2bn(raw_buf + bn_len, bn_len, ecdsa_sig->s) == NULL) {
goto builtin_err;
}
sig_ptr2 = signature;
sig_len = i2d_ECDSA_SIG(ecdsa_sig, &sig_ptr2);
if (ECDSA_verify(0, digest, 20, signature, sig_len, eckey) == 1) {
BIO_printf(out, " failed\n");
goto builtin_err;
}
/* Sanity check: undo the modification and verify signature. */
raw_buf[offset] ^= dirt;
if (BN_bin2bn(raw_buf, bn_len, ecdsa_sig->r) == NULL ||
BN_bin2bn(raw_buf + bn_len, bn_len, ecdsa_sig->s) == NULL) {
goto builtin_err;
}
sig_ptr2 = signature;
sig_len = i2d_ECDSA_SIG(ecdsa_sig, &sig_ptr2);
if (ECDSA_verify(0, digest, 20, signature, sig_len, eckey) != 1) {
BIO_printf(out, " failed\n");
goto builtin_err;
}
BIO_printf(out, ".");
(void)BIO_flush(out);
BIO_printf(out, " ok\n");
/* cleanup */
/* clean bogus errors */
ERR_clear_error();
OPENSSL_free(signature);
signature = NULL;
EC_KEY_free(eckey);
eckey = NULL;
EC_KEY_free(wrong_eckey);
wrong_eckey = NULL;
ECDSA_SIG_free(ecdsa_sig);
ecdsa_sig = NULL;
OPENSSL_free(raw_buf);
raw_buf = NULL;
}
ret = 1;
builtin_err:
if (eckey) {
EC_KEY_free(eckey);
}
if (order) {
BN_free(order);
}
if (wrong_eckey) {
EC_KEY_free(wrong_eckey);
}
if (ecdsa_sig) {
ECDSA_SIG_free(ecdsa_sig);
}
if (signature) {
OPENSSL_free(signature);
}
if (raw_buf) {
OPENSSL_free(raw_buf);
}
return ret;
}
开发者ID:ZzeetteEZzOLARINventionZ,项目名称:libwebrtc,代码行数:101,代码来源:ecdsa_test.c
示例17: test_builtin
//.........这里部分代码省略.........
if (!TEST_int_ne(ECDSA_verify(0, wrong_digest, 20, signature,
sig_len, eckey), 1))
goto builtin_err;
/* wrong length */
if (!TEST_int_ne(ECDSA_verify(0, digest, 20, signature,
sig_len - 1, eckey), 1))
goto builtin_err;
/*
* Modify a single byte of the signature: to ensure we don't garble
* the ASN1 structure, we read the raw signature and modify a byte in
* one of the bignums directly.
*/
sig_ptr = signature;
if (!TEST_ptr(ecdsa_sig = d2i_ECDSA_SIG(NULL, &sig_ptr, sig_len)))
goto builtin_err;
ECDSA_SIG_get0(ecdsa_sig, &sig_r, &sig_s);
/* Store the two BIGNUMs in raw_buf. */
r_len = BN_num_bytes(sig_r);
s_len = BN_num_bytes(sig_s);
bn_len = (degree + 7) / 8;
if (!TEST_false(r_len > bn_len)
|| !TEST_false(s_len > bn_len))
goto builtin_err;
buf_len = 2 * bn_len;
if (!TEST_ptr(raw_buf = OPENSSL_zalloc(buf_len)))
goto builtin_err;
BN_bn2bin(sig_r, raw_buf + bn_len - r_len);
BN_bn2bin(sig_s, raw_buf + buf_len - s_len);
/* Modify a single byte in the buffer. */
offset = raw_buf[10] % buf_len;
dirt = raw_buf[11] ? raw_buf[11] : 1;
raw_buf[offset] ^= dirt;
/* Now read the BIGNUMs back in from raw_buf. */
if (!TEST_ptr(modified_sig = ECDSA_SIG_new()))
goto builtin_err;
if (!TEST_ptr(modified_r = BN_bin2bn(raw_buf, bn_len, NULL))
|| !TEST_ptr(modified_s = BN_bin2bn(raw_buf + bn_len,
bn_len, NULL))
|| !TEST_true(ECDSA_SIG_set0(modified_sig,
modified_r, modified_s))) {
BN_free(modified_r);
BN_free(modified_s);
goto builtin_err;
}
sig_ptr2 = signature;
sig_len = i2d_ECDSA_SIG(modified_sig, &sig_ptr2);
if (!TEST_false(ECDSA_verify(0, digest, 20, signature, sig_len, eckey)))
goto builtin_err;
/* Sanity check: undo the modification and verify signature. */
raw_buf[offset] ^= dirt;
if (!TEST_ptr(unmodified_r = BN_bin2bn(raw_buf, bn_len, NULL))
|| !TEST_ptr(unmodified_s = BN_bin2bn(raw_buf + bn_len,
bn_len, NULL))
|| !TEST_true(ECDSA_SIG_set0(modified_sig, unmodified_r,
unmodified_s))) {
BN_free(unmodified_r);
BN_free(unmodified_s);
goto builtin_err;
}
sig_ptr2 = signature;
sig_len = i2d_ECDSA_SIG(modified_sig, &sig_ptr2);
if (!TEST_true(ECDSA_verify(0, digest, 20, signature, sig_len, eckey)))
goto builtin_err;
/* cleanup */
ERR_clear_error();
OPENSSL_free(signature);
signature = NULL;
EC_KEY_free(eckey);
eckey = NULL;
EC_KEY_free(wrong_eckey);
wrong_eckey = NULL;
ECDSA_SIG_free(ecdsa_sig);
ecdsa_sig = NULL;
ECDSA_SIG_free(modified_sig);
modified_sig = NULL;
OPENSSL_free(raw_buf);
raw_buf = NULL;
}
ret = 1;
builtin_err:
EC_KEY_free(eckey);
EC_KEY_free(wrong_eckey);
ECDSA_SIG_free(ecdsa_sig);
ECDSA_SIG_free(modified_sig);
OPENSSL_free(signature);
OPENSSL_free(raw_buf);
OPENSSL_free(curves);
return ret;
}
开发者ID:Vonage,项目名称:openssl,代码行数:101,代码来源:ecdsatest.c
示例18: getPublicKey
bool bdoc::X509Cert::verifySignature(int digestMethod, int digestSize,
std::vector<unsigned char> digest,
std::vector<unsigned char> signature)
{
int result = 0;
EVP_PKEY* key = getPublicKey();
switch (EVP_PKEY_type(key->type)) {
case EVP_PKEY_RSA:
{
if (digest.size() > static_cast<size_t>(digestSize)) {
// The digest already has an ASN.1 DigestInfo header.
break;
}
X509_SIG *sig = X509_SIG_new();
// Prefer set0 to set_md, so we don't have to initialize the
// digest lookup table with OpenSSL_add_all_digests. None of
// our supported digests have parameters anyway.
X509_ALGOR_set0(sig->algor, OBJ_nid2obj(digestMethod), V_ASN1_NULL, NULL);
ASN1_OCTET_STRING_set(sig->digest, &digest[0], digest.size());
unsigned char *asn1 = NULL;
size_t asn1_len = i2d_X509_SIG(sig, &asn1);
digest = std::vector<unsigned char>(asn1, asn1 + asn1_len);
X509_SIG_free(sig);
break;
}
case EVP_PKEY_EC:
{
ECDSA_SIG *sig = ECDSA_SIG_new();
// signature is just r and s concatenated, so split them.
size_t n_len = signature.size() >> 1;
BN_bin2bn(&signature[0], n_len, sig->r);
BN_bin2bn(&signature[n_len], n_len, sig->s);
unsigned char *asn1 = NULL;
size_t asn1_len = i2d_ECDSA_SIG(sig, &asn1);
signature = std::vector<unsigned char>(asn1, asn1 + asn1_len);
ECDSA_SIG_free(sig);
break;
}
default:
THROW_STACK_EXCEPTION("Certificate '%s' has an unsupported "
"public key type, can not verify signature.",
getSubject().c_str());
}
EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new(key, NULL);
if (!ctx) {
EVP_PKEY_free(key);
THROW_STACK_EXCEPTION("Creating signature verification "
"context failed: %s",
ERR_reason_error_string(ERR_get_error()));
}
if (EVP_PKEY_verify_init(ctx) <= 0) {
EVP_PKEY_CTX_free(ctx);
EVP_PKEY_free(key);
THROW_STACK_EXCEPTION("Initializing signature "
"verification context failed: %s",
ERR_reason_error_string(ERR_get_error()));
}
result = EVP_PKEY_verify(ctx, &signature[0], signature.size(),
&digest[0], digest.size());
if (result < 0) {
EVP_PKEY_CTX_free(ctx);
EVP_PKEY_free(key);
THROW_STACK_EXCEPTION("Error during signature verification: %s",
ERR_reason_error_string(ERR_get_error()));
}
EVP_PKEY_CTX_free(ctx);
EVP_PKEY_free(key);
return (result == 1);
}
开发者ID:Augustyn,项目名称:evalimine,代码行数:76,代码来源:X509Cert.cpp
示例19: eccx08_item_sign
/**
*
* \brief Generates a digest then sends the digest to the
* ATECCX08 chip to generate an ECDSA signature using
* private key from TLS_SLOT_AUTH_PRIV slot. The private
* key is always stays in the chip: OpenSSL (nor any
* other software) has no way to read it.
*
* \param[in] ctx - a pointer to the EVP_MD_CTX structure
* \param[in] it - a pointer to the ASN1_ITEM structure
* \param[in] asn - a void pointer to the parameter
* \param[in] algor1 - a pointer to the X509_ALGOR structure
* \param[in] algor2 - a pointer to the X509_ALGOR structure
* \param[out] signature - a pointer to the ASN1_BIT_STRING
* structure to return the signature in the ASN.1 format
* \return 1 for success
*/
int eccx08_item_sign(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
X509_ALGOR *algor1, X509_ALGOR *algor2,
ASN1_BIT_STRING *signature)
{
int rc = 0;
int ret = 0;
const EVP_MD *type;
EVP_PKEY *pkey;
uint8_t *buf_in = NULL, *buf_out = NULL;
uint8_t *sig_in = NULL, *sig_out = NULL;
size_t inl = 0, outl = 0, outll = 0;
int signid, paramtype;
uint8_t slotid = TLS_SLOT_AUTH_PRIV;
ATCA_STATUS status = ATCA_GEN_FAIL;
extern ECDSA_METHOD eccx08_ecdsa;
type = EVP_MD_CTX_md(ctx);
pkey = EVP_PKEY_CTX_get0_pkey(ctx->pctx);
if (!type || !pkey) {
ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ASN1_R_CONTEXT_NOT_INITIALISED);
return 0;
}
if (type->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) {
if (!pkey->ameth ||
!OBJ_find_sigid_by_algs(&signid,
EVP_MD_nid(type),
pkey->ameth->pkey_id)) {
ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX,
ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED);
return 0;
}
} else signid = type->pkey_type;
if (pkey->ameth->pkey_flags & ASN1_PKEY_SIGPARAM_NULL) paramtype = V_ASN1_NULL;
else paramtype = V_ASN1_UNDEF;
if (algor1) X509_ALGOR_set0(algor1, OBJ_nid2obj(signid), paramtype, NULL);
if (algor2) X509_ALGOR_set0(algor2, OBJ_nid2obj(signid), paramtype, NULL);
inl = ASN1_item_i2d(asn, &buf_in, it);
outll = outl = EVP_PKEY_size(pkey);
buf_out = OPENSSL_malloc((unsigned int)outl);
if ((buf_in == NULL) || (buf_out == NULL)) {
outl = 0;
ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ERR_R_MALLOC_FAILURE);
goto done;
}
#ifdef USE_ECCX08
eccx08_debug("eccx08_item_sign() - HW\n");
ret = EVP_DigestUpdate(ctx, buf_in, inl);
if (!ret) goto done;
ret = EVP_DigestFinal(ctx, buf_out, (unsigned int *)&outl);
if (!ret) goto done;
sig_in = OPENSSL_malloc((unsigned int)outll); // source of crash
sig_out = sig_in;
if (sig_in == NULL) {
outl = 0;
ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ERR_R_MALLOC_FAILURE);
goto done;
}
ECDSA_SIG *ecdsasig;
ecdsasig = eccx08_ecdsa.ecdsa_do_sign(buf_out, outl, NULL, NULL, pkey->pkey.ec);
if (ecdsasig == NULL) goto done;
outl = i2d_ECDSA_SIG(ecdsasig, &sig_in);
if (ecdsasig->r) {
BN_free(ecdsasig->r);
ecdsasig->r = NULL;
}
if (ecdsasig->s) {
BN_free(ecdsasig->s);
ecdsasig->s = NULL;
}
ECDSA_SIG_free(ecdsasig);
#else // USE_ECCX08
eccx08_debug("eccx08_item_sign() - SW\n");
if (!EVP_DigestSignUpdate(ctx, buf_in, inl)
|| !EVP_DigestSignFinal(ctx, buf_out, &outl)) {
outl = 0;
//.........这里部分代码省略.........
开发者ID:TacoComfort,项目名称:cryptoauth-openssl-engine,代码行数:101,代码来源:eccx08_ameth.c
示例20: jwt_verify_sha_pem
int jwt_verify_sha_pem(jwt_t *jwt, const char *head, const char *sig_b64)
{
unsigned char *sig = NULL;
EVP_MD_CTX *mdctx = NULL;
ECDSA_SIG *ec_sig = NULL;
BIGNUM *ec_sig_r = NULL;
BIGNUM *ec_sig_s = NULL;
EVP_PKEY *pkey = NULL;
const EVP_MD *alg;
int type;
int pkey_type;
BIO *bufkey = NULL;
int ret = 0;
int slen;
switch (jwt->alg) {
/* RSA */
case JWT_ALG_RS256:
alg = EVP_sha256();
type = EVP_PKEY
|
客服电话
APP下载
官方微信
请发表评论