diff options
Diffstat (limited to 'src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c')
-rw-r--r-- | src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c | 60 |
1 files changed, 0 insertions, 60 deletions
diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c index 00f131423..a24bae5d6 100644 --- a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c +++ b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c @@ -116,64 +116,6 @@ error: return valid; } -/** - * Verification of an EMPSA PKCS1 signature described in PKCS#1 - */ -static bool verify_signature(private_openssl_rsa_public_key_t *this, - int type, chunk_t data, chunk_t signature) -{ - bool valid = FALSE; - int rsa_size = RSA_size(this->rsa); - - /* OpenSSL expects a signature of exactly RSA size (no leading 0x00) */ - if (signature.len > rsa_size) - { - signature = chunk_skip(signature, signature.len - rsa_size); - } - - if (type == NID_undef) - { - chunk_t hash = chunk_alloc(rsa_size); - - hash.len = RSA_public_decrypt(signature.len, signature.ptr, hash.ptr, - this->rsa, RSA_PKCS1_PADDING); - valid = chunk_equals(data, hash); - free(hash.ptr); - } - else - { - EVP_PKEY *key; - RSA *rsa = NULL; - - key = EVP_PKEY_new(); - if (!EVP_PKEY_set1_RSA(key, this->rsa)) - { - goto error; - } - rsa = EVP_PKEY_get1_RSA(key); - if (!rsa) - { - goto error; - } - - valid = (RSA_verify(type, data.ptr, data.len, - signature.ptr, signature.len, rsa) == 1); - -error: - if (key) - { - EVP_PKEY_free(key); - } - if (rsa) - { - RSA_free(rsa); - } - } - - return valid; -} - - METHOD(public_key_t, get_type, key_type_t, private_openssl_rsa_public_key_t *this) { @@ -186,8 +128,6 @@ METHOD(public_key_t, verify, bool, { switch (scheme) { - case SIGN_RSA_SHA1: - return verify_signature(this, NID_sha1, data, signature); case SIGN_RSA_EMSA_PKCS1_NULL: return verify_emsa_pkcs1_signature(this, NID_undef, data, signature); case SIGN_RSA_EMSA_PKCS1_SHA1: |