rsa_verify function

ChangeLog

@@ -1,5 +1,7 @@
 2012-05-29  Niibe Yutaka  <gniibe@fsij.org>
 
+	* src/call-rsa.c (rsa_verify): New function.
+
 	* polarssl-0.14.0/include/polarssl/rsa.h (rsa_pkcs1_verify)
 	* polarssl-0.14.0/library/rsa.c (rsa_pkcs1_verify): Fix API.
 

src/call-rsa.c

@@ -183,3 +183,33 @@ rsa_decrypt (const uint8_t *input, uint8_t *output, int msg_len,
       return 0;
     }
 }
+
+int
+rsa_verify (const uint8_t *pubkey, const uint8_t *hash, int hashlen,
+	    const uint8_t *signature)
+{
+  int r;
+
+  rsa_init (&rsa_ctx, RSA_PKCS_V15, 0);
+  rsa_ctx.len = KEY_CONTENT_LEN;
+  mpi_read_string (&rsa_ctx.E, 16, "10001");
+  mpi_read_binary (&rsa_ctx.N, pubkey, KEY_CONTENT_LEN);
+
+  DEBUG_INFO ("RSA verify...");
+
+  r = rsa_pkcs1_verify (&rsa_ctx, RSA_PUBLIC, SIG_RSA_RAW, hashlen,
+			hash, signature);
+
+  rsa_free (&rsa_ctx);
+  if (r < 0)
+    {
+      DEBUG_INFO ("fail:");
+      DEBUG_SHORT (r);
+      return r;
+    }
+  else
+    {
+      DEBUG_INFO ("verified.\r\n");
+      return 0;
+    }
+}

src/gnuk.h

@@ -225,6 +225,8 @@ extern int rsa_sign (const uint8_t *, uint8_t *, int, struct key_data *);
 extern const uint8_t *modulus_calc (const uint8_t *, int);
 extern void modulus_free (const uint8_t *);
 extern int rsa_decrypt (const uint8_t *, uint8_t *, int, struct key_data *);
+extern int rsa_verify (const uint8_t *pubkey, const uint8_t *hash, int hashlen,
+		       const uint8_t *signature);
 
 extern const uint8_t *gpg_do_read_simple (uint8_t);
 extern void gpg_do_write_simple (uint8_t, const uint8_t *, int);