diff options
| author | Rob Austein <sra@hactrn.net> | 2007-09-27 23:59:44 +0000 |
|---|---|---|
| committer | Rob Austein <sra@hactrn.net> | 2007-09-27 23:59:44 +0000 |
| commit | a3c6f733f3e2932c89ef892aa0d74e4f67bf2d69 (patch) | |
| tree | ea81a97892e7c4f3ab3defdd6d4ffb90d4da9e16 | |
| parent | c58ced06744f024259988cc540fc5a2e370d82ec (diff) | |
PKCS#10 signature verification. Getting this to work required
changing the implementation of POW.Asymmetric(), which appears to have
been using the wrong OpenSSL functions for RSA public keys. If other
things using public keys start acting funny, this may be why, and may
require further examination.
svn path=/pow/POW-0.7/POW.c; revision=1040
| -rw-r--r-- | pow/POW-0.7/POW.c | 6 | ||||
| -rwxr-xr-x | pow/POW-0.7/lib/pkix.py | 5 |
2 files changed, 6 insertions, 5 deletions
diff --git a/pow/POW-0.7/POW.c b/pow/POW-0.7/POW.c index c0d0c208..77f18f3e 100644 --- a/pow/POW-0.7/POW.c +++ b/pow/POW-0.7/POW.c @@ -4616,7 +4616,7 @@ asymmetric_object_der_read(int key_type, char *src, int len) { case RSA_PUBLIC_KEY: { - if( !(self->cipher = d2i_RSAPublicKey( NULL, (const unsigned char **) &ptr, len ) ) ) + if( !(self->cipher = d2i_RSA_PUBKEY( NULL, (const unsigned char **) &ptr, len ) ) ) { PyErr_SetString( SSLErrorObject, "could not load public key" ); goto error; } self->key_type = RSA_PUBLIC_KEY; @@ -4794,11 +4794,11 @@ asymmetric_object_der_write(asymmetric_object *self, PyObject *args) } case RSA_PUBLIC_KEY: { - len = i2d_RSAPublicKey(self->cipher, NULL); + len = i2d_RSA_PUBKEY(self->cipher, NULL); if ( !(buf = malloc(len) ) ) { PyErr_SetString( SSLErrorObject, "could not allocate memory" ); goto error; } p = buf; - if (!i2d_RSAPublicKey(self->cipher, &buf) ) + if (!i2d_RSA_PUBKEY(self->cipher, &buf) ) { PyErr_SetString( SSLErrorObject, "unable to write key" ); goto error; } break; } diff --git a/pow/POW-0.7/lib/pkix.py b/pow/POW-0.7/lib/pkix.py index 9350aec7..b489a51a 100755 --- a/pow/POW-0.7/lib/pkix.py +++ b/pow/POW-0.7/lib/pkix.py @@ -119,8 +119,8 @@ class POWCryptoDriver(CryptoDriver): def sign(self, key, oid, plaintext): return key.sign(self._digest(oid, plaintext)) - def verify(self, RSAkey, digestOID, plaintext, signature): - return key.verify(signature, digest.digest(), self.OID2driver[oid]) + def verify(self, key, oid, plaintext, signature): + return key.verify(signature, self._digest(oid, plaintext), self.OID2driver[oid]) def toPublicDER(self, key): return key.derWrite(POW.RSA_PUBLIC_KEY) @@ -1220,6 +1220,7 @@ class CertificationRequest(Sequence): def verify(self): driver = getCryptoDriver() oid = self.signatureAlgorithm.get()[0] + # Should check self.certificationRequestInfo.subjectPublicKeyInfo.algorithmId rsa = driver.fromPublicDER(self.certificationRequestInfo.subjectPublicKeyInfo.toString()) return driver.verify(rsa, oid, self.certificationRequestInfo.toString(), self.signatureValue.get()) |