TASSL
TASSL copied to clipboard
jntass
Certificate verify报文的生成和校验的疑问
RFC和国密标准说是要对client hello 到 certificate verify(不包含)之间的所有交互报文做签名,现在看代码,是对一块固定大小的摘要数据做签名
客户端侧: ` if (EC_GROUP_get_curve_name(EC_KEY_get0_group(pkey->pkey.ec)) == NID_sm2) { size_t _j_j = EVP_PKEY_size(pkey);
tass_md = EVP_sm3();
if (EVP_DigestSignInit(&mctx, NULL, tass_md, NULL, pkey) <= 0
|| EVP_DigestSignUpdate(&mctx, &(data[MD5_DIGEST_LENGTH]), tass_md->md_size) <= 0
|| EVP_DigestSignFinal(&mctx, &(p[2]), (size_t *)&_j_j) <= 0)
{
SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_ECDSA_LIB);
goto err;
}`
服务器侧: ` if (EC_GROUP_get_curve_name(EC_KEY_get0_group(pkey->pkey.ec)) == NID_sm2) { int offset; md = EVP_sm3();
EVP_MD_CTX_init(&mctx);
if (ssl_get_algorithm2(s) & SSL_HANDSHAKE_MAC_SM3)
offset = 0;
else
offset = MD5_DIGEST_LENGTH;
if (EVP_DigestVerifyInit(&mctx, NULL, md, NULL, pkey) <= 0
|| EVP_DigestVerifyUpdate(&mctx, &s->s3->tmp.cert_verify_md[offset], md->md_size) <= 0
|| EVP_DigestVerifyFinal(&mctx, p, (size_t)i) <= 0)
{
/* bad signature */
al = SSL_AD_DECRYPT_ERROR;
SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_BAD_ECDSA_SIGNATURE);
goto f_err;
}`
