use openssl rsa_verify function

1 files changed, 60 insertions, 0 deletions

diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c
index a24bae5d6..2c9ad2a55 100644
--- a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c
+++ b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c
@@ -116,6 +116,64 @@ error:
 	return valid;
 }
 
+/**
+ * Verification of an EMPSA PKCS1 signature described in PKCS#1
+ */
+static bool verify_rsa_signature(private_openssl_rsa_public_key_t *this,
+										int type, chunk_t data, chunk_t signature)
+{
+	bool valid = FALSE;
+	int rsa_size = RSA_size(this->rsa);
+
+	/* OpenSSL expects a signature of exactly RSA size (no leading 0x00) */
+	if (signature.len > rsa_size)
+	{
+		signature = chunk_skip(signature, signature.len - rsa_size);
+	}
+
+	if (type == NID_undef)
+	{
+		chunk_t hash = chunk_alloc(rsa_size);
+
+		hash.len = RSA_public_decrypt(signature.len, signature.ptr, hash.ptr,
+									  this->rsa, RSA_PKCS1_PADDING);
+		valid = chunk_equals(data, hash);
+		free(hash.ptr);
+	}
+	else
+	{
+		EVP_PKEY *key;
+		RSA *rsa = NULL;
+
+		key = EVP_PKEY_new();
+		if (!EVP_PKEY_set1_RSA(key, this->rsa))
+		{
+			goto error;
+		}
+		rsa = EVP_PKEY_get1_RSA(key);
+		if (!rsa)
+		{
+			goto error;
+		}
+
+		valid = (RSA_verify(type, data.ptr, data.len,
+							signature.ptr, signature.len, rsa) == 1);
+
+error:
+		if (key)
+		{
+			EVP_PKEY_free(key);
+		}
+		if (rsa)
+		{
+			RSA_free(rsa);
+		}
+	}
+
+	return valid;
+}
+
+
 METHOD(public_key_t, get_type, key_type_t,
 	private_openssl_rsa_public_key_t *this)
 {
@@ -128,6 +186,8 @@ METHOD(public_key_t, verify, bool,
 {
 	switch (scheme)
 	{
+		case SIGN_RSA_SHA1:
+			return verify_rsa_signature(this, NID_sha1, data, signature);
 		case SIGN_RSA_EMSA_PKCS1_NULL:
 			return verify_emsa_pkcs1_signature(this, NID_undef, data, signature);
 		case SIGN_RSA_EMSA_PKCS1_SHA1: