Cryptography Reference
In-Depth Information
load_huge( &m, padded_block, modulus_length );
…
}
int rsa_encrypt( unsigned char *input,
unsigned int len,
unsigned char **output,
rsa_key *public_key )
{
return rsa_process( input, len, output, public_key, 0x02 );
}
int rsa_sign( unsigned char *input,
unsigned int len,
unsigned char **output,
rsa_key *private_key )
{
return rsa_process( input, len, output, private_key, 0x01 );
}
Now you can use this signature routine to generate the certifi cate verify mes-
sage as shown in Listing 8-32.
Listing 8-32:
“tls.c” send_certifi cate_verify
static int send_certificate_verify( int connection,
TLSParameters *parameters )
{
unsigned char *buffer;
int buffer_length;
rsa_key private_key;
digest_ctx tmp_md5_handshake_digest;
digest_ctx tmp_sha1_handshake_digest;
unsigned short handshake_signature_len;
unsigned char *handshake_signature;
unsigned short certificate_verify_message_len;
unsigned char *certificate_verify_message;
unsigned char handshake_hash[ ( MD5_RESULT_SIZE * sizeof( int ) ) +
( SHA1_RESULT_SIZE * sizeof( int ) ) ];
compute_handshake_hash( parameters, handshake_hash );
memcpy( handshake_hash, tmp_md5_handshake_digest.hash, MD5_BYTE_SIZE );
memcpy( handshake_hash + MD5_BYTE_SIZE, tmp_sha1_handshake_digest.hash,
SHA1_BYTE_SIZE );
if ( !( buffer = load_file_into_memory( “key.der”, &buffer_length ) ) )
{
perror( “Unable to load file” );
return 0;
(Continued)
Search WWH ::
Custom Search