KHealthCertificate

verify.cpp
1 /*
2  * SPDX-FileCopyrightText: 2021 Volker Krause <[email protected]>
3  * SPDX-License-Identifier: LGPL-2.0-or-later
4  */
5 
6 #include "verify_p.h"
7 #include "logging.h"
8 
9 #include <openssl/err.h>
10 
11 bool Verify::verifyECDSA(
12  const openssl::evp_pkey_ptr &pkey, const EVP_MD *digest,
13  const char *data, std::size_t dataSize,
14  const char *signature, std::size_t signatureSize)
15 {
16  if (!pkey) {
17  qCWarning(Log) << "no key provided";
18  return false;
19  }
20 
21  const openssl::ec_key_ptr ecKey(EVP_PKEY_get1_EC_KEY(pkey.get()), &EC_KEY_free);
22 
23  // compute hash of the signed data
24  uint8_t digestData[EVP_MAX_MD_SIZE];
25  uint32_t digestSize = 0;
26  EVP_Digest(reinterpret_cast<const uint8_t*>(data), dataSize, digestData, &digestSize, digest, nullptr);
27  if (digestSize * 2 != signatureSize || EVP_PKEY_bits(pkey.get()) != 4 * (int)signatureSize) {
28  qCWarning(Log) << "digest size mismatch!?" << digestSize << signatureSize;
29  return false;
30  }
31 
32  // unpack the signature field
33  const auto r = BN_bin2bn(reinterpret_cast<const uint8_t*>(signature), signatureSize / 2, nullptr);
34  const auto s = BN_bin2bn(reinterpret_cast<const uint8_t*>(signature + signatureSize / 2) , signatureSize / 2, nullptr);
35 
36  // verify
37  const openssl::ecdsa_sig_ptr sig(ECDSA_SIG_new(), &ECDSA_SIG_free);
38  ECDSA_SIG_set0(sig.get(), r, s);
39  const auto verifyResult = ECDSA_do_verify(digestData, digestSize, sig.get(), ecKey.get());
40  switch (verifyResult) {
41  case -1: // technical issue
42  qCWarning(Log) << "Failed to verify signature:" << ERR_error_string(ERR_get_error(), nullptr);
43  return false;
44  case 0: // invalid signature
45  return false;
46  case 1: // valid signature;
47  return true;
48  }
49 
50  Q_UNREACHABLE();
51  return false;
52 }
This file is part of the KDE documentation.
Documentation copyright © 1996-2021 The KDE developers.
Generated on Mon Oct 18 2021 23:21:56 by doxygen 1.8.11 written by Dimitri van Heesch, © 1997-2006

KDE's Doxygen guidelines are available online.