RSA/DSA/ECDSA/EdDSA signature verification. More...

#include "ike/ike.h"
#include "ike/ike_sign_verify.h"
#include "encoding/oid.h"
#include "pkix/x509_key_parse.h"
#include "pkix/x509_sign_parse.h"
#include "debug.h"

Macros
#define	TRACE_LEVEL IKE_TRACE_LEVEL

Functions
error_t	ikeVerifySignature (IkeSaEntry sa, const uint8_t id, size_t idLen, uint8_t authMethod, const X509SubjectPublicKeyInfo publicKeyInfo, const uint8_t signature, size_t signatureLen)
	Signature verification. More...

error_t	ikeVerifyDigitalSignature (IkeSaEntry sa, const uint8_t id, size_t idLen, const X509SubjectPublicKeyInfo publicKeyInfo, const IkeAuthData authData, size_t authDataLen)
	Digital signature verification. More...

error_t	ikeVerifyRsaSignature (IkeSaEntry sa, const uint8_t id, size_t idLen, const X509SubjectPublicKeyInfo publicKeyInfo, const HashAlgo hashAlgo, const uint8_t *signature, size_t signatureLen)
	RSA signature verification. More...

error_t	ikeVerifyRsaPssSignature (IkeSaEntry sa, const uint8_t id, size_t idLen, const X509SubjectPublicKeyInfo publicKeyInfo, const HashAlgo hashAlgo, size_t saltLen, const uint8_t *signature, size_t signatureLen)
	RSA-PSS signature verification. More...

error_t	ikeVerifyDsaSignature (IkeSaEntry sa, const uint8_t id, size_t idLen, const X509SubjectPublicKeyInfo publicKeyInfo, const HashAlgo hashAlgo, const uint8_t *signature, size_t signatureLen, IkeSignFormat format)
	DSA signature verification. More...

error_t	ikeVerifyEcdsaSignature (IkeSaEntry sa, const uint8_t id, size_t idLen, const X509SubjectPublicKeyInfo publicKeyInfo, const EcCurveInfo group, const HashAlgo hashAlgo, const uint8_t signature, size_t signatureLen, IkeSignFormat format)
	ECDSA signature verification. More...

error_t	ikeVerifyEd25519Signature (IkeSaEntry sa, const uint8_t id, size_t idLen, const X509SubjectPublicKeyInfo publicKeyInfo, const uint8_t signature, size_t signatureLen)
	Ed25519 signature verification. More...

error_t	ikeVerifyEd448Signature (IkeSaEntry sa, const uint8_t id, size_t idLen, const X509SubjectPublicKeyInfo publicKeyInfo, const uint8_t signature, size_t signatureLen)
	Ed448 signature verification. More...

Detailed Description

RSA/DSA/ECDSA/EdDSA signature verification.

License

SPDX-License-Identifier: GPL-2.0-or-later

This file is part of CycloneIPSEC Open.

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.

Author: Oryx Embedded SARL (www.oryx-embedded.com)

Version: 2.4.4

Definition in file ike_sign_verify.c.

Macro Definition Documentation

◆ TRACE_LEVEL

#define TRACE_LEVEL IKE_TRACE_LEVEL

Definition at line 32 of file ike_sign_verify.c.

Function Documentation

◆ ikeVerifyDigitalSignature()

error_t ikeVerifyDigitalSignature	(	IkeSaEntry *	sa,
		const uint8_t *	id,
		size_t	idLen,
		const X509SubjectPublicKeyInfo *	publicKeyInfo,
		const IkeAuthData *	authData,
		size_t	authDataLen
	)

Digital signature verification.

Parameters

[in]	sa	Pointer to the IKE SA
[in]	id	Pointer to the identification data
[in]	idLen	Length of the identification data, in bytes
[in]	publicKeyInfo	Pointer to the subject's public key
[in]	authData	Pointer to the authentication data
[in]	authDataLen	Length of the authentication data, in bytes

Returns: Error code

Definition at line 154 of file ike_sign_verify.c.

◆ ikeVerifyDsaSignature()

error_t ikeVerifyDsaSignature	(	IkeSaEntry *	sa,
		const uint8_t *	id,
		size_t	idLen,
		const X509SubjectPublicKeyInfo *	publicKeyInfo,
		const HashAlgo *	hashAlgo,
		const uint8_t *	signature,
		size_t	signatureLen,
		IkeSignFormat	format
	)

DSA signature verification.

Parameters

[in]	sa	Pointer to the IKE SA
[in]	id	Pointer to the identification data
[in]	idLen	Length of the identification data, in bytes
[in]	publicKeyInfo	Pointer to the subject's public key
[in]	hashAlgo	Hash algorithm
[in]	signature	Signature to be verified
[in]	signatureLen	Length of the signature, in bytes
[in]	format	Signature format (raw or ASN.1)

Returns: Error code

Definition at line 461 of file ike_sign_verify.c.

◆ ikeVerifyEcdsaSignature()

error_t ikeVerifyEcdsaSignature	(	IkeSaEntry *	sa,
		const uint8_t *	id,
		size_t	idLen,
		const X509SubjectPublicKeyInfo *	publicKeyInfo,
		const EcCurveInfo *	group,
		const HashAlgo *	hashAlgo,
		const uint8_t *	signature,
		size_t	signatureLen,
		IkeSignFormat	format
	)

ECDSA signature verification.

Parameters

[in]	sa	Pointer to the IKE SA
[in]	id	Pointer to the identification data
[in]	idLen	Length of the identification data, in bytes
[in]	publicKeyInfo	Pointer to the subject's public key
[in]	group	Elliptic curve group
[in]	hashAlgo	Hash algorithm
[in]	signature	Signature to be verified
[in]	signatureLen	Length of the signature, in bytes
[in]	format	Signature format (raw or ASN.1)

Returns: Error code

Definition at line 556 of file ike_sign_verify.c.

◆ ikeVerifyEd25519Signature()

error_t ikeVerifyEd25519Signature	(	IkeSaEntry *	sa,
		const uint8_t *	id,
		size_t	idLen,
		const X509SubjectPublicKeyInfo *	publicKeyInfo,
		const uint8_t *	signature,
		size_t	signatureLen
	)

Ed25519 signature verification.

Parameters

[in]	sa	Pointer to the IKE SA
[in]	id	Pointer to the identification data
[in]	idLen	Length of the identification data, in bytes
[in]	publicKeyInfo	Pointer to the subject's public key
[in]	signature	Signature to be verified
[in]	signatureLen	Length of the signature, in bytes

Returns: Error code

Definition at line 658 of file ike_sign_verify.c.

◆ ikeVerifyEd448Signature()

error_t ikeVerifyEd448Signature	(	IkeSaEntry *	sa,
		const uint8_t *	id,
		size_t	idLen,
		const X509SubjectPublicKeyInfo *	publicKeyInfo,
		const uint8_t *	signature,
		size_t	signatureLen
	)

Ed448 signature verification.

Parameters

[in]	sa	Pointer to the IKE SA
[in]	id	Pointer to the identification data
[in]	idLen	Length of the identification data, in bytes
[in]	publicKeyInfo	Pointer to the subject's public key
[in]	signature	Signature to be verified
[in]	signatureLen	Length of the signature, in bytes

Returns: Error code

Definition at line 729 of file ike_sign_verify.c.

◆ ikeVerifyRsaPssSignature()

error_t ikeVerifyRsaPssSignature	(	IkeSaEntry *	sa,
		const uint8_t *	id,
		size_t	idLen,
		const X509SubjectPublicKeyInfo *	publicKeyInfo,
		const HashAlgo *	hashAlgo,
		size_t	saltLen,
		const uint8_t *	signature,
		size_t	signatureLen
	)

RSA-PSS signature verification.

Parameters

[in]	sa	Pointer to the IKE SA
[in]	id	Pointer to the identification data
[in]	idLen	Length of the identification data, in bytes
[in]	publicKeyInfo	Pointer to the subject's public key
[in]	hashAlgo	Hash algorithm
[in]	saltLen	Length of the salt, in bytes
[in]	signature	Signature to be verified
[in]	signatureLen	Length of the signature, in bytes

Returns: Error code

Definition at line 373 of file ike_sign_verify.c.

◆ ikeVerifyRsaSignature()

error_t ikeVerifyRsaSignature	(	IkeSaEntry *	sa,
		const uint8_t *	id,
		size_t	idLen,
		const X509SubjectPublicKeyInfo *	publicKeyInfo,
		const HashAlgo *	hashAlgo,
		const uint8_t *	signature,
		size_t	signatureLen
	)

RSA signature verification.

Parameters

[in]	sa	Pointer to the IKE SA
[in]	id	Pointer to the identification data
[in]	idLen	Length of the identification data, in bytes
[in]	publicKeyInfo	Pointer to the subject's public key
[in]	hashAlgo	Hash algorithm
[in]	signature	Signature to be verified
[in]	signatureLen	Length of the signature, in bytes

Returns: Error code

Definition at line 292 of file ike_sign_verify.c.

◆ ikeVerifySignature()

error_t ikeVerifySignature	(	IkeSaEntry *	sa,
		const uint8_t *	id,
		size_t	idLen,
		uint8_t	authMethod,
		const X509SubjectPublicKeyInfo *	publicKeyInfo,
		const uint8_t *	signature,
		size_t	signatureLen
	)

Signature verification.

Parameters

[in]	sa	Pointer to the IKE SA
[in]	id	Pointer to the identification data
[in]	idLen	Length of the identification data, in bytes
[in]	authMethod	Authentication method
[in]	publicKeyInfo	Pointer to the subject's public key
[in]	signature	Signature to be verified
[in]	signatureLen	Length of the signature, in bytes

Returns: Error code

Definition at line 58 of file ike_sign_verify.c.

Macros

Functions

Detailed Description

License

Macro Definition Documentation

◆ TRACE_LEVEL

Function Documentation

◆ ikeVerifyDigitalSignature()

◆ ikeVerifyDsaSignature()

◆ ikeVerifyEcdsaSignature()

◆ ikeVerifyEd25519Signature()

◆ ikeVerifyEd448Signature()

◆ ikeVerifyRsaPssSignature()

◆ ikeVerifyRsaSignature()

◆ ikeVerifySignature()