From a3c6f733f3e2932c89ef892aa0d74e4f67bf2d69 Mon Sep 17 00:00:00 2001
From: Rob Austein <sra@hactrn.net>
Date: Thu, 27 Sep 2007 23:59:44 +0000
Subject: PKCS#10 signature verification.  Getting this to work required
 changing the implementation of POW.Asymmetric(), which appears to have been
 using the wrong OpenSSL functions for RSA public keys.  If other things using
 public keys start acting funny, this may be why, and may require further
 examination.

svn path=/pow/POW-0.7/POW.c; revision=1040
---
 pow/POW-0.7/POW.c       | 6 +++---
 pow/POW-0.7/lib/pkix.py | 5 +++--
 2 files changed, 6 insertions(+), 5 deletions(-)

(limited to 'pow')

diff --git a/pow/POW-0.7/POW.c b/pow/POW-0.7/POW.c
index c0d0c208..77f18f3e 100644
--- a/pow/POW-0.7/POW.c
+++ b/pow/POW-0.7/POW.c
@@ -4616,7 +4616,7 @@ asymmetric_object_der_read(int key_type, char *src, int len)
    {
       case RSA_PUBLIC_KEY:
       {
-         if( !(self->cipher = d2i_RSAPublicKey( NULL, (const unsigned char **) &ptr, len ) ) )
+         if( !(self->cipher = d2i_RSA_PUBKEY( NULL, (const unsigned char **) &ptr, len ) ) )
             {  PyErr_SetString( SSLErrorObject, "could not load public key" ); goto error; }
 
          self->key_type = RSA_PUBLIC_KEY;
@@ -4794,11 +4794,11 @@ asymmetric_object_der_write(asymmetric_object *self, PyObject *args)
       }
       case RSA_PUBLIC_KEY:
       {
-         len = i2d_RSAPublicKey(self->cipher, NULL);
+         len = i2d_RSA_PUBKEY(self->cipher, NULL);
          if ( !(buf = malloc(len) ) )
             { PyErr_SetString( SSLErrorObject, "could not allocate memory" ); goto error; }
          p = buf;
-         if (!i2d_RSAPublicKey(self->cipher, &buf) )
+         if (!i2d_RSA_PUBKEY(self->cipher, &buf) )
             { PyErr_SetString( SSLErrorObject, "unable to write key" ); goto error; }
          break;
       }
diff --git a/pow/POW-0.7/lib/pkix.py b/pow/POW-0.7/lib/pkix.py
index 9350aec7..b489a51a 100755
--- a/pow/POW-0.7/lib/pkix.py
+++ b/pow/POW-0.7/lib/pkix.py
@@ -119,8 +119,8 @@ class POWCryptoDriver(CryptoDriver):
    def sign(self, key, oid, plaintext):
       return key.sign(self._digest(oid, plaintext))
 
-   def verify(self, RSAkey, digestOID, plaintext, signature):
-      return key.verify(signature, digest.digest(), self.OID2driver[oid])
+   def verify(self, key, oid, plaintext, signature):
+      return key.verify(signature, self._digest(oid, plaintext), self.OID2driver[oid])
 
    def toPublicDER(self, key):
       return key.derWrite(POW.RSA_PUBLIC_KEY)
@@ -1220,6 +1220,7 @@ class CertificationRequest(Sequence):
    def verify(self):
       driver = getCryptoDriver()
       oid = self.signatureAlgorithm.get()[0]
+      # Should check self.certificationRequestInfo.subjectPublicKeyInfo.algorithmId 
       rsa = driver.fromPublicDER(self.certificationRequestInfo.subjectPublicKeyInfo.toString())
       return driver.verify(rsa, oid, self.certificationRequestInfo.toString(), self.signatureValue.get())
 
-- 
cgit v1.2.3