aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2004-04-01 22:10:33 +0000
committerNick Mathewson <nickm@torproject.org>2004-04-01 22:10:33 +0000
commitcbbd13f789d49182e3302fd401d9393e3fc276a4 (patch)
treeeb31be788ac968e740afb78259b7995bec91bdde
parentcc8dc4e34c4035a8e26d84204ac19973ab06c76d (diff)
downloadtor-cbbd13f789d49182e3302fd401d9393e3fc276a4.tar.gz
tor-cbbd13f789d49182e3302fd401d9393e3fc276a4.zip
Add new functions to wrap digest and sign/checksig.
svn:r1436
-rw-r--r--src/common/crypto.c38
-rw-r--r--src/common/crypto.h2
-rw-r--r--src/or/test.c5
3 files changed, 45 insertions, 0 deletions
diff --git a/src/common/crypto.c b/src/common/crypto.c
index 7a548a2d14..04859ed4ba 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -656,6 +656,44 @@ int crypto_pk_private_sign(crypto_pk_env_t *env, unsigned char *from, int fromle
}
}
+/* Return 0 if sig is a correct signature for SHA1(data). Else return -1.
+ */
+int crypto_pk_public_checksig_digest(crypto_pk_env_t *env, unsigned char *data, int datalen, unsigned char *sig, int siglen)
+{
+ char digest[CRYPTO_SHA1_DIGEST_LEN];
+ char buf[1024];
+ int r;
+
+ assert(env && data && sig);
+
+ if (crypto_SHA_digest(data,datalen,digest)<0) {
+ log_fn(LOG_WARN, "couldn't compute digest");
+ return -1;
+ }
+ r = crypto_pk_public_checksig(env,sig,siglen,buf);
+ if (r != CRYPTO_SHA1_DIGEST_LEN) {
+ log_fn(LOG_WARN, "Invalid signature");
+ return -1;
+ }
+ if (memcmp(buf, digest, CRYPTO_SHA1_DIGEST_LEN)) {
+ log_fn(LOG_WARN, "Signature mismatched with digest.");
+ return -1;
+ }
+
+ return 0;
+}
+
+/* Fill 'to' with a signature of SHA1(from).
+ */
+int crypto_pk_private_sign_digest(crypto_pk_env_t *env, unsigned char *from, int fromlen, unsigned char *to)
+{
+ char digest[CRYPTO_SHA1_DIGEST_LEN];
+ if (crypto_SHA_digest(from,fromlen,digest)<0)
+ return 0;
+ return crypto_pk_private_sign(env,digest,CRYPTO_SHA1_DIGEST_LEN,to);
+}
+
+
/* Perform a hybrid (public/secret) encryption on 'fromlen' bytes of data
* from 'from', with padding type 'padding', storing the results on 'to'.
*
diff --git a/src/common/crypto.h b/src/common/crypto.h
index a09a4deda1..1ecd5a3ded 100644
--- a/src/common/crypto.h
+++ b/src/common/crypto.h
@@ -58,7 +58,9 @@ int crypto_pk_keysize(crypto_pk_env_t *env);
int crypto_pk_public_encrypt(crypto_pk_env_t *env, unsigned char *from, int fromlen, unsigned char *to, int padding);
int crypto_pk_private_decrypt(crypto_pk_env_t *env, unsigned char *from, int fromlen, unsigned char *to, int padding);
int crypto_pk_private_sign(crypto_pk_env_t *env, unsigned char *from, int fromlen, unsigned char *to);
+int crypto_pk_private_sign_digest(crypto_pk_env_t *env, unsigned char *from, int fromlen, unsigned char *to);
int crypto_pk_public_checksig(crypto_pk_env_t *env, unsigned char *from, int fromlen, unsigned char *to);
+int crypto_pk_public_checksig_digest(crypto_pk_env_t *env, unsigned char *data, int datalen, unsigned char *sig, int siglen);
int crypto_pk_public_hybrid_encrypt(crypto_pk_env_t *env, unsigned char *from,
int fromlen, unsigned char *to,
int padding);
diff --git a/src/or/test.c b/src/or/test.c
index 18b7541f28..d09f7bd129 100644
--- a/src/or/test.c
+++ b/src/or/test.c
@@ -406,6 +406,11 @@ test_crypto()
test_eq(128, crypto_pk_private_sign(pk1, data1, 10, data2));
test_eq(10, crypto_pk_public_checksig(pk1, data2, 128, data3));
test_streq(data3, "Ossifrage");
+ /* Try signing digests. */
+ test_eq(128, crypto_pk_private_sign_digest(pk1, data1, 10, data2));
+ test_eq(20, crypto_pk_public_checksig(pk1, data2, 128, data3));
+ test_eq(0, crypto_pk_public_checksig_digest(pk1, data1, 10, data2, 128));
+ test_eq(-1, crypto_pk_public_checksig_digest(pk1, data1, 11, data2, 128));
/*XXXX test failed signing*/
/* Try encoding */