Type Definition bearssl::br_rsa_pkcs1_vrfy [] [src]

type br_rsa_pkcs1_vrfy = Option<unsafe extern "C" fn(_: *const c_uchar, _: usize, _: *const c_uchar, _: usize, _: *const br_rsa_public_key, _: *mut c_uchar) -> u32>;

\brief Type for a RSA signature verification engine (PKCS#1 v1.5).

Parameters are:

  • The signature itself. The provided array is NOT modified.

  • The encoded OID for the hash function. The provided array must begin with a single byte that contains the length of the OID value (in bytes), followed by exactly that many bytes. This parameter may also be NULL, in which case the raw hash value should be used with the PKCS#1 v1.5 "type 1" padding (as used in SSL/TLS up to TLS-1.1, with a 36-byte hash value).

  • The hash output length, in bytes.

  • The public key.

  • An output buffer for the hash value. The caller must still compare it with the hash of the data over which the signature is computed.

Constraints:

  • Hash length MUST be no more than 64 bytes.

  • OID value length MUST be no more than 32 bytes (i.e. hash_oid[0] must have a value in the 0..32 range, inclusive).

This function verifies that the signature length (xlen) matches the modulus length (this function returns 0 on mismatch). If the modulus size exceeds the maximum supported RSA size, then the function also returns 0.

Returned value is 1 on success, 0 on error.

Implementations of this type need not be constant-time.

\param x signature buffer. \param xlen signature length (in bytes). \param hash_oid encoded hash algorithm OID (or NULL). \param hash_len expected hash value length (in bytes). \param pk RSA public key. \param hash_out output buffer for the hash value. \return 1 on success, 0 on error.