Home | History | Annotate | Download | only in crypto
      1 /*
      2  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
      3  * Use is subject to license terms.
      4  */
      5 
      6 
      7 /*
      8  * Copyright (C) 1998 by the FundsXpress, INC.
      9  *
     10  * All rights reserved.
     11  *
     12  * Export of this software from the United States of America may require
     13  * a specific license from the United States Government.  It is the
     14  * responsibility of any person or organization contemplating export to
     15  * obtain such a license before exporting.
     16  *
     17  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
     18  * distribute this software and its documentation for any purpose and
     19  * without fee is hereby granted, provided that the above copyright
     20  * notice appear in all copies and that both that copyright notice and
     21  * this permission notice appear in supporting documentation, and that
     22  * the name of FundsXpress. not be used in advertising or publicity pertaining
     23  * to distribution of the software without specific, written prior
     24  * permission.  FundsXpress makes no representations about the suitability of
     25  * this software for any purpose.  It is provided "as is" without express
     26  * or implied warranty.
     27  *
     28  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
     29  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
     30  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
     31  */
     32 
     33 #include "k5-int.h"
     34 #include "cksumtypes.h"
     35 
     36 krb5_error_code KRB5_CALLCONV
     37 krb5_c_verify_checksum(krb5_context context, const krb5_keyblock *key,
     38 		       krb5_keyusage usage, const krb5_data *data,
     39 		       const krb5_checksum *cksum, krb5_boolean *valid)
     40 {
     41     int i;
     42     size_t hashsize;
     43     krb5_error_code ret;
     44     krb5_data indata;
     45     krb5_checksum computed;
     46 
     47     for (i=0; i<krb5_cksumtypes_length; i++) {
     48 	if (krb5_cksumtypes_list[i].ctype == cksum->checksum_type)
     49 	    break;
     50     }
     51 
     52     if (i == krb5_cksumtypes_length)
     53 	return(KRB5_BAD_ENCTYPE);
     54 
     55     /* if there's actually a verify function, call it */
     56 
     57     indata.length = cksum->length;
     58     indata.data = (char *) cksum->contents;
     59     *valid = 0;
     60 
     61     if (krb5_cksumtypes_list[i].keyhash &&
     62 	krb5_cksumtypes_list[i].keyhash->verify)
     63 	return((*(krb5_cksumtypes_list[i].keyhash->verify))(
     64 		context, key, usage, 0, data, &indata, valid));
     65 
     66     /* otherwise, make the checksum again, and compare */
     67 
     68     if ((ret = krb5_c_checksum_length(context, cksum->checksum_type, &hashsize)))
     69 	return(ret);
     70 
     71     if (cksum->length != hashsize)
     72 	return(KRB5_BAD_MSIZE);
     73 
     74     computed.length = hashsize;
     75 
     76     if ((ret = krb5_c_make_checksum(context, cksum->checksum_type, key, usage,
     77 				   data, &computed))) {
     78 	FREE(computed.contents, computed.length);
     79 	return(ret);
     80     }
     81 
     82     *valid = (memcmp(computed.contents, cksum->contents, hashsize) == 0);
     83 
     84     FREE(computed.contents, computed.length);
     85 
     86     return(0);
     87 }
     88