diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2017-07-15 20:03:21 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-07-17 17:08:02 +0200 |
| commit | e72027b018778be630f403130e812a2335dceab4 (patch) | |
| tree | c046471187c723953ce1773c6f056c4dedc48c3e | |
| parent | 96d8dd8bfa8daa271ddd022270fe7c077952d496 (diff) | |
| download | gnutls-e72027b018778be630f403130e812a2335dceab4.tar.gz | |
nettle: wrap_nettle_pk_verify_priv_params: verify whether public key matches private
This enables gnutls_privkey_verify_params() for Ed25519 keys.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
| -rw-r--r-- | lib/nettle/pk.c | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c index da209d8bf4..1fda529ed0 100644 --- a/lib/nettle/pk.c +++ b/lib/nettle/pk.c @@ -2143,9 +2143,23 @@ wrap_nettle_pk_verify_priv_params(gnutls_pk_algorithm_t algo, mpz_clear(y2); } break; - case GNUTLS_PK_EDDSA_ED25519: + case GNUTLS_PK_EDDSA_ED25519: { + uint8_t pub[32]; + + if (params->raw_pub.data == NULL) { + return 0; /* nothing to verify */ + } + + if (params->raw_pub.size != 32) + return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER); + + ed25519_sha512_public_key(pub, params->raw_priv.data); + if (memcmp(params->raw_pub.data, pub, 32) != 0) + return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER); + ret = 0; break; + } default: ret = gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); } |