Implement pk_check_pair() for RSA-alt
diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index 0d2a368..a75ab32 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -117,10 +117,11 @@
unsigned char *output, size_t *olen, size_t osize,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{
- ((void) osize);
-
*olen = ((rsa_context *) ctx)->len;
+ if( *olen > osize )
+ return( POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE );
+
return( rsa_pkcs1_encrypt( (rsa_context *) ctx,
f_rng, p_rng, RSA_PUBLIC, ilen, input, output ) );
}
@@ -435,6 +436,34 @@
RSA_PRIVATE, olen, input, output, osize ) );
}
+static int rsa_alt_check_pair( const void *pub, const void *prv )
+{
+ unsigned char sig[POLARSSL_MPI_MAX_SIZE];
+ unsigned char hash[32];
+ size_t sig_len = 0;
+ int ret;
+
+ if( rsa_alt_get_size( prv ) != rsa_get_size( pub ) )
+ return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED );
+
+ memset( hash, 0x2a, sizeof( hash ) );
+
+ if( ( ret = rsa_alt_sign_wrap( (void *) prv, POLARSSL_MD_NONE,
+ hash, sizeof( hash ),
+ sig, &sig_len, NULL, NULL ) ) != 0 )
+ {
+ return( ret );
+ }
+
+ if( rsa_verify_wrap( (void *) pub, POLARSSL_MD_NONE,
+ hash, sizeof( hash ), sig, sig_len ) != 0 )
+ {
+ return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED );
+ }
+
+ return( 0 );
+}
+
static void *rsa_alt_alloc_wrap( void )
{
void *ctx = polarssl_malloc( sizeof( rsa_alt_context ) );
@@ -460,7 +489,7 @@
rsa_alt_sign_wrap,
rsa_alt_decrypt_wrap,
NULL,
- NULL, /* No public key */
+ rsa_alt_check_pair,
rsa_alt_alloc_wrap,
rsa_alt_free_wrap,
NULL,