Cryptography Reference
In-Depth Information
break;
}
update_digest( &digest, tbsCertificate->data, tbsCertificate->length );
finalize_digest( &digest );
parsed_certificate->hash = digest.hash;
parsed_certificate->hash_len = digest.hash_len;
asn1free( &certificate );
...
Notice that, although
tbsCertificate
is a structure type, the data itself is
still made available by the ASN.1 parsing routine (Listing 5-5), which means
that you can easily write code to securely hash the DER-encoded representation
of the
tbsCertificate
.
Validating PKCS #7-Formatted RSA Signatures
Validating a certifi cate involves fi nding the public key of the issuer, using it to run
the digital signature algorithm on the computed hash, and then verifying that it
matches the signature included in the certifi cate itself. When the RSA algorithm
is used for signing a certifi cate, the hash value itself is concatenated onto the
OID representing the signing algorithm and stored in an ASN.1 sequence. This
is then DER encoded, and the whole thing is encrypted with the private key.
This is called PKCS #7, which is offi cially documented by RSA labs at
http://
www.rsa.com/rsalabs/node.asp?id=2129
. The code to unwrap the signed hash
code and compare it to the previously computed one is shown in Listing 5-26.
Listing 5-26:
“x509.c” validate_certifi cate_rsa
/**
* An RSA signature is an ASN.1 DER-encoded PKCS-7 structure including
* the OID of the signature algorithm (again), and the signature value.
*/
static int validate_certificate_rsa( signed_x509_certificate *certificate,
rsa_key *public_key )
{
unsigned char *pkcs7_signature_decrypted;
int pkcs7_signature_len;
struct asn1struct pkcs7_signature;
struct asn1struct *hash_value;
int valid = 0;
pkcs7_signature_len = rsa_decrypt( certificate->signature_value.rep,
certificate->signature_value.size, &pkcs7_signature_decrypted,
public_key );
if ( pkcs7_signature_len == -1 )
Search WWH ::
Custom Search