diff --git a/src/drivers/sw_crypto/crypto.c b/src/drivers/sw_crypto/crypto.c index aeceb7594d48..a856554ede96 100644 --- a/src/drivers/sw_crypto/crypto.c +++ b/src/drivers/sw_crypto/crypto.c @@ -322,8 +322,57 @@ bool crypto_signature_check(crypto_session_handle_t handle, break; + case CRYPTO_RSA_OAEP: { + rsa_key key; + + initialize_tomcrypt(); + + if (public_key && rsa_import(public_key, keylen, &key) == CRYPT_OK) { + // Register hash algorithm. + const struct ltc_hash_descriptor *hash_desc = &sha256_desc; + const int hash_idx = register_hash(hash_desc); + + if (hash_idx < 0) { + return false; + } + + // Hash message. + unsigned char hash[32]; + hash_state md; + + hash_desc->init(&md); + hash_desc->process(&md, (const unsigned char *) message, (unsigned long) message_size); + hash_desc->done(&md, hash); + + // Define padding scheme. + const int padding = LTC_PKCS_1_OAEP; + const unsigned long saltlen = 0; + + // Verify signature. + int stat = 0; + + if (rsa_verify_hash_ex(signature, + 256, + hash, + hash_desc->hashsize, + padding, + hash_idx, + saltlen, + &stat, + &key) + == CRYPT_OK + && stat) { + ret = true; + } + + rsa_free(&key); + } + } + break; + default: ret = false; + break; } return ret; diff --git a/src/lib/crypto/CMakeLists.txt b/src/lib/crypto/CMakeLists.txt index 90936d29b489..69302083d2a6 100644 --- a/src/lib/crypto/CMakeLists.txt +++ b/src/lib/crypto/CMakeLists.txt @@ -71,6 +71,8 @@ libtomcrypt_wrappers.c libtomcrypt/src/misc/crypt/crypt_ltc_mp_descriptor.c libtomcrypt/src/misc/crypt/crypt_hash_is_valid.c libtomcrypt/src/misc/crypt/crypt_prng_is_valid.c + libtomcrypt/src/misc/crypt/crypt_register_hash.c + libtomcrypt/src/misc/mem_neq.c libtomcrypt/src/misc/zeromem.c ) diff --git a/src/lib/secure_udp b/src/lib/secure_udp index 58616ffd8fba..fe5798f1cdf4 160000 --- a/src/lib/secure_udp +++ b/src/lib/secure_udp @@ -1 +1 @@ -Subproject commit 58616ffd8fbaa77ac0a716119cb2af3bdfc70f49 +Subproject commit fe5798f1cdf44b3432bb57f454d08b8047937d14