2014-08-21 11:15:04 -04:00
|
|
|
#ifndef SIGNATURE_H__
|
|
|
|
#define SIGNATURE_H__
|
|
|
|
|
|
|
|
#include <inttypes.h>
|
|
|
|
#include <cryptopp/dsa.h>
|
2014-12-10 15:48:07 -05:00
|
|
|
#include <cryptopp/rsa.h>
|
2014-08-21 14:26:15 -04:00
|
|
|
#include <cryptopp/asn.h>
|
|
|
|
#include <cryptopp/oids.h>
|
2014-08-22 16:28:25 -04:00
|
|
|
#include <cryptopp/osrng.h>
|
2014-08-21 14:26:15 -04:00
|
|
|
#include <cryptopp/eccrypto.h>
|
2014-08-21 11:15:04 -04:00
|
|
|
#include "CryptoConst.h"
|
2015-08-27 22:16:12 +02:00
|
|
|
#include "SignatureBase.h"
|
2014-08-21 11:15:04 -04:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
#include "EdDSA25519.h"
|
|
|
|
|
|
|
|
namespace i2p {
|
|
|
|
namespace crypto {
|
2015-07-16 23:29:52 +02:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
const size_t DSA_PUBLIC_KEY_LENGTH = 128;
|
|
|
|
const size_t DSA_SIGNATURE_LENGTH = 40;
|
|
|
|
const size_t DSA_PRIVATE_KEY_LENGTH = DSA_SIGNATURE_LENGTH/2;
|
2015-07-16 23:29:52 +02:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
class DSAVerifier: public Verifier {
|
|
|
|
public:
|
|
|
|
|
|
|
|
DSAVerifier(const uint8_t * signingKey)
|
2015-07-16 23:29:52 +02:00
|
|
|
{
|
2015-08-27 22:16:12 +02:00
|
|
|
m_PublicKey.Initialize(dsap, dsaq, dsag, CryptoPP::Integer(signingKey, DSA_PUBLIC_KEY_LENGTH));
|
|
|
|
}
|
|
|
|
|
|
|
|
bool Verify(const uint8_t * buf, size_t len, const uint8_t * signature) const
|
|
|
|
{
|
|
|
|
CryptoPP::DSA::Verifier verifier(m_PublicKey);
|
|
|
|
return verifier.VerifyMessage(buf, len, signature, DSA_SIGNATURE_LENGTH);
|
|
|
|
}
|
2015-07-16 23:29:52 +02:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
size_t GetPublicKeyLen() const { return DSA_PUBLIC_KEY_LENGTH; };
|
|
|
|
size_t GetSignatureLen() const { return DSA_SIGNATURE_LENGTH; };
|
2015-07-16 23:29:52 +02:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
private:
|
2015-07-16 23:29:52 +02:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
CryptoPP::DSA::PublicKey m_PublicKey;
|
|
|
|
};
|
2015-07-16 23:29:52 +02:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
class DSASigner : public Signer {
|
|
|
|
public:
|
2015-07-16 23:29:52 +02:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
DSASigner(const uint8_t * signingPrivateKey);
|
2015-07-16 23:29:52 +02:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
void Sign(CryptoPP::RandomNumberGenerator& rnd, const uint8_t * buf, int len,
|
|
|
|
uint8_t* signature) const;
|
2015-07-16 23:29:52 +02:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
private:
|
|
|
|
CryptoPP::DSA::PrivateKey m_PrivateKey;
|
|
|
|
};
|
2015-07-16 23:29:52 +02:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
void CreateDSARandomKeys(CryptoPP::RandomNumberGenerator& rnd, uint8_t* signingPrivateKey,
|
|
|
|
uint8_t* signingPublicKey);
|
|
|
|
|
2015-07-16 23:29:52 +02:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
template<typename Hash, size_t keyLen>
|
|
|
|
class ECDSAVerifier: public Verifier {
|
|
|
|
public:
|
2015-07-16 23:29:52 +02:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
template<typename Curve>
|
|
|
|
ECDSAVerifier(Curve curve, const uint8_t * signingKey)
|
2015-07-16 23:29:52 +02:00
|
|
|
{
|
2015-08-27 22:16:12 +02:00
|
|
|
m_PublicKey.Initialize(curve,
|
|
|
|
CryptoPP::ECP::Point(CryptoPP::Integer(signingKey, keyLen/2),
|
|
|
|
CryptoPP::Integer(signingKey + keyLen/2, keyLen/2)));
|
|
|
|
}
|
2015-07-16 23:29:52 +02:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
bool Verify(const uint8_t * buf, size_t len, const uint8_t * signature) const
|
2015-07-16 23:29:52 +02:00
|
|
|
{
|
2015-08-27 22:16:12 +02:00
|
|
|
typename CryptoPP::ECDSA<CryptoPP::ECP, Hash>::Verifier verifier(m_PublicKey);
|
|
|
|
return verifier.VerifyMessage(buf, len, signature, keyLen); // signature length
|
|
|
|
}
|
2015-07-16 23:29:52 +02:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
size_t GetPublicKeyLen() const { return keyLen; };
|
|
|
|
size_t GetSignatureLen() const { return keyLen; }; // signature length = key length
|
|
|
|
|
|
|
|
private:
|
2015-07-16 23:29:52 +02:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
typename CryptoPP::ECDSA<CryptoPP::ECP, Hash>::PublicKey m_PublicKey;
|
|
|
|
};
|
2015-07-16 23:29:52 +02:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
template<typename Hash>
|
|
|
|
class ECDSASigner: public Signer {
|
|
|
|
public:
|
2015-07-16 23:29:52 +02:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
template<typename Curve>
|
|
|
|
ECDSASigner(Curve curve, const uint8_t * signingPrivateKey, size_t keyLen)
|
2015-07-16 23:29:52 +02:00
|
|
|
{
|
2015-08-27 22:16:12 +02:00
|
|
|
m_PrivateKey.Initialize(curve, CryptoPP::Integer(signingPrivateKey, keyLen/2)); // private key length
|
|
|
|
}
|
2014-11-24 20:19:13 -05:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
void Sign(CryptoPP::RandomNumberGenerator& rnd, const uint8_t * buf, int len, uint8_t * signature) const
|
2015-07-16 23:29:52 +02:00
|
|
|
{
|
2015-08-27 22:16:12 +02:00
|
|
|
typename CryptoPP::ECDSA<CryptoPP::ECP, Hash>::Signer signer(m_PrivateKey);
|
|
|
|
signer.SignMessage(rnd, buf, len, signature);
|
|
|
|
}
|
2015-07-16 23:29:52 +02:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
private:
|
2015-07-16 23:29:52 +02:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
typename CryptoPP::ECDSA<CryptoPP::ECP, Hash>::PrivateKey m_PrivateKey;
|
|
|
|
};
|
2015-07-16 23:29:52 +02:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
template<typename Hash, typename Curve>
|
|
|
|
inline void CreateECDSARandomKeys(CryptoPP::RandomNumberGenerator& rnd, Curve curve,
|
|
|
|
size_t keyLen, uint8_t * signingPrivateKey, uint8_t * signingPublicKey)
|
|
|
|
{
|
|
|
|
typename CryptoPP::ECDSA<CryptoPP::ECP, Hash>::PrivateKey privateKey;
|
|
|
|
typename CryptoPP::ECDSA<CryptoPP::ECP, Hash>::PublicKey publicKey;
|
|
|
|
privateKey.Initialize(rnd, curve);
|
|
|
|
privateKey.MakePublicKey(publicKey);
|
|
|
|
privateKey.GetPrivateExponent().Encode(signingPrivateKey, keyLen/2);
|
|
|
|
auto q = publicKey.GetPublicElement();
|
|
|
|
q.x.Encode(signingPublicKey, keyLen/2);
|
|
|
|
q.y.Encode(signingPublicKey + keyLen/2, keyLen/2);
|
|
|
|
}
|
2015-07-16 23:29:52 +02:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
// ECDSA_SHA256_P256
|
|
|
|
const size_t ECDSAP256_KEY_LENGTH = 64;
|
2014-11-24 20:19:13 -05:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
struct ECDSAP256Verifier: public ECDSAVerifier<CryptoPP::SHA256, ECDSAP256_KEY_LENGTH> {
|
|
|
|
ECDSAP256Verifier(const uint8_t * signingKey)
|
|
|
|
: ECDSAVerifier(CryptoPP::ASN1::secp256r1(), signingKey) { }
|
|
|
|
};
|
|
|
|
|
|
|
|
struct ECDSAP256Signer: public ECDSASigner<CryptoPP::SHA256> {
|
|
|
|
ECDSAP256Signer(const uint8_t * signingPrivateKey)
|
|
|
|
: ECDSASigner(CryptoPP::ASN1::secp256r1(), signingPrivateKey, ECDSAP256_KEY_LENGTH) { }
|
|
|
|
};
|
2015-07-16 23:29:52 +02:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
inline void CreateECDSAP256RandomKeys(CryptoPP::RandomNumberGenerator& rnd, uint8_t * signingPrivateKey, uint8_t * signingPublicKey)
|
|
|
|
{
|
|
|
|
CreateECDSARandomKeys<CryptoPP::SHA256>(rnd, CryptoPP::ASN1::secp256r1(), ECDSAP256_KEY_LENGTH, signingPrivateKey, signingPublicKey);
|
|
|
|
}
|
|
|
|
|
|
|
|
// ECDSA_SHA384_P384
|
|
|
|
const size_t ECDSAP384_KEY_LENGTH = 96;
|
|
|
|
class ECDSAP384Verifier: public ECDSAVerifier<CryptoPP::SHA384, ECDSAP384_KEY_LENGTH> {
|
|
|
|
public:
|
2015-07-16 23:29:52 +02:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
ECDSAP384Verifier(const uint8_t * signingKey):
|
|
|
|
ECDSAVerifier(CryptoPP::ASN1::secp384r1(), signingKey)
|
2015-07-16 23:29:52 +02:00
|
|
|
{
|
2015-08-27 22:16:12 +02:00
|
|
|
}
|
|
|
|
};
|
2015-07-16 23:29:52 +02:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
class ECDSAP384Signer: public ECDSASigner<CryptoPP::SHA384> {
|
|
|
|
public:
|
2015-07-16 23:29:52 +02:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
ECDSAP384Signer(const uint8_t * signingPrivateKey):
|
|
|
|
ECDSASigner(CryptoPP::ASN1::secp384r1(), signingPrivateKey, ECDSAP384_KEY_LENGTH)
|
2015-07-16 23:29:52 +02:00
|
|
|
{
|
2015-08-27 22:16:12 +02:00
|
|
|
}
|
|
|
|
};
|
|
|
|
|
|
|
|
inline void CreateECDSAP384RandomKeys(CryptoPP::RandomNumberGenerator& rnd, uint8_t * signingPrivateKey, uint8_t * signingPublicKey)
|
|
|
|
{
|
|
|
|
CreateECDSARandomKeys<CryptoPP::SHA384>(rnd, CryptoPP::ASN1::secp384r1(), ECDSAP384_KEY_LENGTH, signingPrivateKey, signingPublicKey);
|
|
|
|
}
|
2014-11-24 20:19:13 -05:00
|
|
|
|
|
|
|
// ECDSA_SHA512_P521
|
2015-08-27 22:16:12 +02:00
|
|
|
const size_t ECDSAP521_KEY_LENGTH = 132;
|
|
|
|
class ECDSAP521Verifier: public ECDSAVerifier<CryptoPP::SHA512, ECDSAP521_KEY_LENGTH> {
|
|
|
|
public:
|
|
|
|
|
|
|
|
ECDSAP521Verifier(const uint8_t * signingKey):
|
|
|
|
ECDSAVerifier(CryptoPP::ASN1::secp521r1(), signingKey)
|
2015-07-16 23:29:52 +02:00
|
|
|
{
|
2015-08-27 22:16:12 +02:00
|
|
|
}
|
|
|
|
};
|
2015-07-16 23:29:52 +02:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
class ECDSAP521Signer: public ECDSASigner<CryptoPP::SHA512> {
|
|
|
|
public:
|
2015-07-16 23:29:52 +02:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
ECDSAP521Signer(const uint8_t * signingPrivateKey):
|
|
|
|
ECDSASigner(CryptoPP::ASN1::secp521r1(), signingPrivateKey, ECDSAP521_KEY_LENGTH)
|
2015-07-16 23:29:52 +02:00
|
|
|
{
|
2015-08-27 22:16:12 +02:00
|
|
|
}
|
|
|
|
};
|
2015-07-16 23:29:52 +02:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
inline void CreateECDSAP521RandomKeys(CryptoPP::RandomNumberGenerator& rnd, uint8_t * signingPrivateKey, uint8_t * signingPublicKey)
|
|
|
|
{
|
|
|
|
CreateECDSARandomKeys<CryptoPP::SHA512>(rnd, CryptoPP::ASN1::secp521r1(), ECDSAP521_KEY_LENGTH, signingPrivateKey, signingPublicKey);
|
|
|
|
}
|
2015-07-16 23:29:52 +02:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
// RSA
|
|
|
|
template<typename Hash, size_t keyLen>
|
|
|
|
class RSAVerifier: public Verifier {
|
|
|
|
public:
|
|
|
|
|
|
|
|
RSAVerifier(const uint8_t * signingKey)
|
2015-07-16 23:29:52 +02:00
|
|
|
{
|
2015-08-27 22:16:12 +02:00
|
|
|
m_PublicKey.Initialize(CryptoPP::Integer(signingKey, keyLen), CryptoPP::Integer(rsae));
|
2015-07-16 23:29:52 +02:00
|
|
|
}
|
2014-12-10 15:48:07 -05:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
bool Verify(const uint8_t * buf, size_t len, const uint8_t * signature) const
|
2015-07-16 23:29:52 +02:00
|
|
|
{
|
2015-08-27 22:16:12 +02:00
|
|
|
typename CryptoPP::RSASS<CryptoPP::PKCS1v15, Hash>::Verifier verifier(m_PublicKey);
|
|
|
|
return verifier.VerifyMessage(buf, len, signature, keyLen); // signature length
|
|
|
|
}
|
|
|
|
size_t GetPublicKeyLen() const { return keyLen; }
|
|
|
|
size_t GetSignatureLen() const { return keyLen; }
|
|
|
|
size_t GetPrivateKeyLen() const { return GetSignatureLen()*2; };
|
2015-07-16 23:29:52 +02:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
private:
|
2015-07-16 23:29:52 +02:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
CryptoPP::RSA::PublicKey m_PublicKey;
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
template<typename Hash>
|
|
|
|
class RSASigner: public Signer {
|
|
|
|
public:
|
|
|
|
|
|
|
|
RSASigner(const uint8_t * signingPrivateKey, size_t keyLen)
|
2015-07-16 23:29:52 +02:00
|
|
|
{
|
2015-08-27 22:16:12 +02:00
|
|
|
m_PrivateKey.Initialize(CryptoPP::Integer(signingPrivateKey, keyLen/2),
|
|
|
|
rsae,
|
|
|
|
CryptoPP::Integer(signingPrivateKey + keyLen/2, keyLen/2));
|
|
|
|
}
|
|
|
|
|
|
|
|
void Sign(CryptoPP::RandomNumberGenerator& rnd, const uint8_t * buf, int len, uint8_t * signature) const
|
2015-07-16 23:29:52 +02:00
|
|
|
{
|
2015-08-27 22:16:12 +02:00
|
|
|
typename CryptoPP::RSASS<CryptoPP::PKCS1v15, Hash>::Signer signer(m_PrivateKey);
|
|
|
|
signer.SignMessage(rnd, buf, len, signature);
|
|
|
|
}
|
|
|
|
|
|
|
|
private:
|
|
|
|
|
|
|
|
CryptoPP::RSA::PrivateKey m_PrivateKey;
|
|
|
|
};
|
|
|
|
|
|
|
|
inline void CreateRSARandomKeys(CryptoPP::RandomNumberGenerator& rnd,
|
|
|
|
size_t publicKeyLen, uint8_t * signingPrivateKey, uint8_t * signingPublicKey)
|
|
|
|
{
|
|
|
|
CryptoPP::RSA::PrivateKey privateKey;
|
|
|
|
privateKey.Initialize(rnd, publicKeyLen*8, rsae);
|
|
|
|
privateKey.GetModulus().Encode(signingPrivateKey, publicKeyLen);
|
|
|
|
privateKey.GetPrivateExponent().Encode(signingPrivateKey + publicKeyLen, publicKeyLen);
|
|
|
|
privateKey.GetModulus().Encode(signingPublicKey, publicKeyLen);
|
|
|
|
}
|
2015-07-16 23:29:52 +02:00
|
|
|
|
|
|
|
|
2014-12-10 15:48:07 -05:00
|
|
|
// RSA_SHA256_2048
|
2015-08-27 22:16:12 +02:00
|
|
|
const size_t RSASHA2562048_KEY_LENGTH = 256;
|
|
|
|
class RSASHA2562048Verifier: public RSAVerifier<CryptoPP::SHA256, RSASHA2562048_KEY_LENGTH> {
|
|
|
|
public:
|
|
|
|
|
|
|
|
RSASHA2562048Verifier(const uint8_t * signingKey): RSAVerifier(signingKey)
|
2015-07-16 23:29:52 +02:00
|
|
|
{
|
2015-08-27 22:16:12 +02:00
|
|
|
}
|
|
|
|
};
|
2015-07-16 23:29:52 +02:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
class RSASHA2562048Signer: public RSASigner<CryptoPP::SHA256> {
|
|
|
|
public:
|
2015-07-16 23:29:52 +02:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
RSASHA2562048Signer(const uint8_t * signingPrivateKey):
|
|
|
|
RSASigner(signingPrivateKey, RSASHA2562048_KEY_LENGTH*2)
|
2015-07-16 23:29:52 +02:00
|
|
|
{
|
2015-08-27 22:16:12 +02:00
|
|
|
}
|
|
|
|
};
|
2015-07-16 23:29:52 +02:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
// RSA_SHA384_3072
|
|
|
|
const size_t RSASHA3843072_KEY_LENGTH = 384;
|
|
|
|
class RSASHA3843072Verifier: public RSAVerifier<CryptoPP::SHA384, RSASHA3843072_KEY_LENGTH> {
|
|
|
|
public:
|
2014-12-10 21:31:06 -05:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
RSASHA3843072Verifier(const uint8_t * signingKey): RSAVerifier(signingKey)
|
2015-07-16 23:29:52 +02:00
|
|
|
{
|
2015-08-27 22:16:12 +02:00
|
|
|
}
|
|
|
|
};
|
2015-07-16 23:29:52 +02:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
class RSASHA3843072Signer: public RSASigner<CryptoPP::SHA384> {
|
|
|
|
public:
|
2015-07-16 23:29:52 +02:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
RSASHA3843072Signer(const uint8_t * signingPrivateKey):
|
|
|
|
RSASigner(signingPrivateKey, RSASHA3843072_KEY_LENGTH*2)
|
2015-07-16 23:29:52 +02:00
|
|
|
{
|
2015-08-27 22:16:12 +02:00
|
|
|
}
|
|
|
|
};
|
2015-07-16 23:29:52 +02:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
// RSA_SHA512_4096
|
|
|
|
const size_t RSASHA5124096_KEY_LENGTH = 512;
|
|
|
|
class RSASHA5124096Verifier: public RSAVerifier<CryptoPP::SHA512, RSASHA5124096_KEY_LENGTH> {
|
|
|
|
public:
|
2014-12-10 21:31:06 -05:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
RSASHA5124096Verifier(const uint8_t * signingKey): RSAVerifier(signingKey)
|
2015-07-16 23:29:52 +02:00
|
|
|
{
|
2015-08-27 22:16:12 +02:00
|
|
|
}
|
|
|
|
};
|
2015-07-16 23:29:52 +02:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
class RSASHA5124096Signer: public RSASigner<CryptoPP::SHA512> {
|
|
|
|
public:
|
2015-07-16 23:29:52 +02:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
RSASHA5124096Signer(const uint8_t * signingPrivateKey):
|
|
|
|
RSASigner(signingPrivateKey, RSASHA5124096_KEY_LENGTH*2)
|
2015-07-16 23:29:52 +02:00
|
|
|
{
|
2015-08-27 22:16:12 +02:00
|
|
|
}
|
|
|
|
};
|
2015-07-16 23:29:52 +02:00
|
|
|
|
|
|
|
// Raw verifiers
|
2015-08-27 22:16:12 +02:00
|
|
|
class RawVerifier {
|
|
|
|
public:
|
|
|
|
virtual ~RawVerifier() {};
|
|
|
|
virtual void Update(const uint8_t * buf, size_t len) = 0;
|
|
|
|
virtual bool Verify(const uint8_t * signature) = 0;
|
|
|
|
};
|
|
|
|
|
|
|
|
template<typename Hash, size_t keyLen>
|
|
|
|
class RSARawVerifier: public RawVerifier {
|
|
|
|
public:
|
|
|
|
RSARawVerifier(const uint8_t * signingKey):
|
|
|
|
n(signingKey, keyLen)
|
2015-07-16 23:29:52 +02:00
|
|
|
{
|
2015-08-27 22:16:12 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
void Update(const uint8_t * buf, size_t len)
|
2015-07-16 23:29:52 +02:00
|
|
|
{
|
2015-08-27 22:16:12 +02:00
|
|
|
m_Hash.Update(buf, len);
|
|
|
|
}
|
|
|
|
|
|
|
|
bool Verify(const uint8_t * signature)
|
2015-07-16 23:29:52 +02:00
|
|
|
{
|
2015-08-27 22:16:12 +02:00
|
|
|
// RSA encryption first
|
|
|
|
CryptoPP::Integer enSig(a_exp_b_mod_c(CryptoPP::Integer(signature, keyLen),
|
|
|
|
CryptoPP::Integer(i2p::crypto::rsae), n)); // s^e mod n
|
|
|
|
uint8_t enSigBuf[keyLen];
|
|
|
|
enSig.Encode(enSigBuf, keyLen);
|
|
|
|
|
|
|
|
uint8_t digest[Hash::DIGESTSIZE];
|
|
|
|
m_Hash.Final(digest);
|
|
|
|
if((int)keyLen < Hash::DIGESTSIZE) return false; // can't verify digest longer than key
|
|
|
|
// we assume digest is right aligned, at least for PKCS#1 v1.5 padding
|
|
|
|
return !memcmp(enSigBuf +(keyLen - Hash::DIGESTSIZE), digest, Hash::DIGESTSIZE);
|
|
|
|
}
|
2015-07-16 23:29:52 +02:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
private:
|
2015-07-16 23:29:52 +02:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
CryptoPP::Integer n; // RSA modulus
|
|
|
|
Hash m_Hash;
|
|
|
|
};
|
2015-07-16 23:29:52 +02:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
class RSASHA5124096RawVerifier: public RSARawVerifier<CryptoPP::SHA512, RSASHA5124096_KEY_LENGTH> {
|
|
|
|
public:
|
2015-07-16 23:29:52 +02:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
RSASHA5124096RawVerifier(const uint8_t * signingKey): RSARawVerifier(signingKey)
|
2015-07-16 23:29:52 +02:00
|
|
|
{
|
2015-08-27 22:16:12 +02:00
|
|
|
}
|
|
|
|
};
|
2015-07-16 23:29:52 +02:00
|
|
|
|
2015-08-27 22:16:12 +02:00
|
|
|
} // crypto
|
|
|
|
} // i2p
|
2014-08-21 11:15:04 -04:00
|
|
|
|
|
|
|
#endif
|