CRYPTO_VerifySignatureWithHash

Syntax


#include <nitro/crypto/sign.h>

int CRYPTO_VerifySignatureWithHash(
const void* hash_ptr,
const void* sign_ptr,
const void* mod_ptr
);
		

Arguments

hash_ptr Pointer to a 20-byte SHA-1 hash value for data requiring digital signature verification.
sign_ptr Pointer to the digital signature (128 bytes).
mod_ptr Pointer to the public-key modulus (128 bytes).

Return Values

Returns one of the following process results.

TRUE Digital signature verification succeeded.
FALSE Verification failed. Failure results because either the signature and the data differ, the public key and the signature do not match, or the signature format is incorrect.

Description

Digital signatures are used to verify whether data is correct.
hash_ptr is assigned a pointer to a 20-byte hash value derived from an application of the SHA-1 algorithm for data requiring verification. sign_ptr is assigned 128 bytes of signature data. The signature data uses PKCS#1 v.1.5 formatting for a 1024-bit RSA key length, hashed with the SHA-1 algorithm.
mod_ptr is a byte sequence of the 128-byte public-key modulus, arranged in order from the upper byte. Note: The public exponent for the public key is fixed as 65537 (0x10001). This function does not support RSA keys with a public exponent other than 65537.

Dynamically allocates memory for calculations during the call. The memory management function specified by CRYPTO_SetMemAllocator() is used. However, among the memory management functions that can be specified for this function, the memory size-changing function (the realloc argument) is not used.
The amount of memory used varies depending on the data to verify. This is usually not a problem if 4KB is provided in advance. This function returns FALSE if memory allocation fails and NULL is passed by the memory management function.

Normally, the CRYPTO_VerifySignature function is useful, which calculates the SHA-1 hash value internally. Use this function when not all of the data is available in memory, for whatever reason.

Due to licensing issues, this API will only work with the TWL. If you need to verify a signature on a NITRO system, link and use the same function in the NITRO-Crypto package.

For detailed information on electronic signatures, see Digital Signature Overview.

See Also

CRYPTO_VerifySignature

Revision History

2008/03/27 Initial version.


CONFIDENTIAL