Fix RSA::verify
It never returns -1 - all errors are indicated by 0
This commit is contained in:
Steven Fackler
parent
6091c674c9
commit
7515272692
|
|
@ -144,27 +144,26 @@ impl RSA {
|
||||||
|
|
||||||
unsafe {
|
unsafe {
|
||||||
try_ssl!(ffi::RSA_sign(hash.as_nid() as c_int,
|
try_ssl!(ffi::RSA_sign(hash.as_nid() as c_int,
|
||||||
message.as_ptr(),
|
message.as_ptr(),
|
||||||
message.len() as u32,
|
message.len() as u32,
|
||||||
sig.as_mut_ptr(),
|
sig.as_mut_ptr(),
|
||||||
&mut sig_len,
|
&mut sig_len,
|
||||||
self.0));
|
self.0));
|
||||||
assert!(sig_len == k_len);
|
assert!(sig_len == k_len);
|
||||||
Ok(sig)
|
Ok(sig)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn verify(&self, hash: hash::Type, message: &[u8], sig: &[u8]) -> Result<bool, ErrorStack> {
|
pub fn verify(&self, hash: hash::Type, message: &[u8], sig: &[u8]) -> Result<(), ErrorStack> {
|
||||||
unsafe {
|
unsafe {
|
||||||
let result = ffi::RSA_verify(hash.as_nid() as c_int,
|
try_ssl!(ffi::RSA_verify(hash.as_nid() as c_int,
|
||||||
message.as_ptr(),
|
message.as_ptr(),
|
||||||
message.len() as u32,
|
message.len() as u32,
|
||||||
sig.as_ptr(),
|
sig.as_ptr(),
|
||||||
sig.len() as u32,
|
sig.len() as u32,
|
||||||
self.0);
|
self.0));
|
||||||
try_ssl_if!(result == -1);
|
|
||||||
Ok(result == 1)
|
|
||||||
}
|
}
|
||||||
|
Ok(())
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn as_ptr(&self) -> *mut ffi::RSA {
|
pub fn as_ptr(&self) -> *mut ffi::RSA {
|
||||||
|
|
@ -280,9 +279,7 @@ mod test {
|
||||||
sha.write_all(&signing_input_rs256()).unwrap();
|
sha.write_all(&signing_input_rs256()).unwrap();
|
||||||
let digest = sha.finish().unwrap();
|
let digest = sha.finish().unwrap();
|
||||||
|
|
||||||
let result = public_key.verify(Type::SHA256, &digest, &signature_rs256()).unwrap();
|
assert!(public_key.verify(Type::SHA256, &digest, &signature_rs256()).is_ok());
|
||||||
|
|
||||||
assert!(result);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue