4012 const char* szFunc =
"OTCrypto_OpenSSL::VerifyContractDefaultHash";
4014 bool bReturnValue =
false;
4016 std::vector<uint8_t> vOutputHash1(
4019 std::vector<uint8_t> vOutputHash2(
4022 std::vector<uint8_t> vDigest(
4027 std::vector<uint8_t> vDecrypted(
4031 uint32_t uDigest1Len =
4034 uint32_t uDigest2Len =
4038 EVP_MD_CTX mdHash1_ctx, mdHash2_ctx;
4051 RSA* pRsaKey = EVP_PKEY_get1_RSA(const_cast<EVP_PKEY*>(pkey));
4054 otErr << szFunc <<
": EVP_PKEY_get1_RSA failed with error "
4055 << ERR_error_string(ERR_get_error(),
nullptr) <<
"\n";
4062 const EVP_MD* digest1 =
4065 if (
nullptr == digest1) {
4066 otErr << szFunc <<
": Failure to load message digest algorithm.\n";
4073 EVP_MD_CTX_init(&mdHash1_ctx);
4074 EVP_DigestInit(&mdHash1_ctx, digest1);
4075 EVP_DigestUpdate(&mdHash1_ctx, strContractToVerify.Get(),
4076 strContractToVerify.GetLength());
4077 EVP_DigestFinal(&mdHash1_ctx, &vOutputHash1.at(0),
4079 EVP_MD_CTX_cleanup(&mdHash1_ctx);
4082 const EVP_MD* digest2 =
4085 if (
nullptr == digest2) {
4086 otErr << szFunc <<
": Failure to load message digest algorithm.\n";
4093 EVP_MD_CTX_init(&mdHash2_ctx);
4094 EVP_DigestInit(&mdHash2_ctx, digest2);
4095 EVP_DigestUpdate(&mdHash2_ctx, strContractToVerify.Get(),
4096 strContractToVerify.GetLength());
4097 EVP_DigestFinal(&mdHash2_ctx, &vOutputHash2.at(0),
4099 EVP_MD_CTX_cleanup(&mdHash2_ctx);
4102 const uint32_t uDigestMergedLength =
4103 (uDigest1Len > uDigest2Len ? uDigest2Len : uDigest1Len);
4106 for (uint32_t i = 0; i < uDigestMergedLength; i++) {
4107 vDigest.at(i) = ((vOutputHash1.at(i)) ^ (vOutputHash2.at(i)));
4125 OTPayload binSignature;
4130 if ((theSignature.GetLength() < 10) ||
4131 (
false == theSignature.GetData(binSignature))) {
4132 otErr << szFunc <<
": Error decoding base64 data for Signature.\n";
4138 const int32_t nSignatureSize =
static_cast<int32_t
>(
4139 binSignature.GetSize());
4142 if ((binSignature.GetSize() <
static_cast<uint32_t
>(RSA_size(pRsaKey))) ||
4143 (nSignatureSize < RSA_size(pRsaKey)))
4145 otErr << szFunc <<
": Decoded base64-encoded data for signature, but "
4146 "resulting size was < RSA_size(pRsaKey): "
4147 "Signed: " << nSignatureSize
4148 <<
". Unsigned: " << binSignature.GetSize() <<
".\n";
4169 int32_t status = RSA_public_decrypt(
4171 static_cast<const uint8_t*>(
4172 binSignature.GetPayloadPointer()),
4198 otErr << szFunc <<
": RSA_public_decrypt failed with error "
4199 << ERR_error_string(ERR_get_error(),
nullptr) <<
"\n";
4216 status = RSA_verify_PKCS1_PSS(pRsaKey, &vDigest.at(0), digest1,
4221 otLog5 <<
" *Signature verified*\n";
4222 bReturnValue =
true;
4225 otLog5 << szFunc <<
": RSA_verify_PKCS1_PSS failed with error: "
4226 << ERR_error_string(ERR_get_error(),
nullptr) <<
"\n";
4632 if (pRsaKey) RSA_free(pRsaKey);
4635 return bReturnValue;
static EXPORT const OTString HashAlgorithm2
static EXPORT uint32_t SymmetricKeySizeMax()
static EXPORT uint32_t Digest1Size()
static EXPORT uint32_t PublicKeysizeMax()
OTLOG_IMPORT OTLogStream otErr
static EXPORT uint32_t Digest2Size()
static const EVP_MD * GetOpenSSLDigestByName(const OTString &theName)
static EXPORT const OTString HashAlgorithm1
OTLOG_IMPORT OTLogStream otLog5