From cc2d84ed16c42b8d833a3be22dc5f5057119c02e Mon Sep 17 00:00:00 2001 From: Dave Airlie Date: Tue, 4 Nov 2014 13:05:32 +1000 Subject: move cert verification code into its own fn --- dl3.c | 81 +++++++++++++++++++++++++++++++++++++------------------------------ 1 file changed, 45 insertions(+), 36 deletions(-) diff --git a/dl3.c b/dl3.c index d5298cb..2467932 100644 --- a/dl3.c +++ b/dl3.c @@ -245,23 +245,14 @@ static int calculate_l(struct hdcp_session_info *info) return 0; } -static void decode_cert(struct hdcp_session_info *info, const uint8_t *buf, int len) +static int verify_cert(const uint8_t *start) { - const uint8_t *start = buf + 2; + RSA *rsa = RSA_new(); BIGNUM *e, *m; - int i, ret; EVP_PKEY *pRsaKey = EVP_PKEY_new(); EVP_PKEY_CTX *ctx; EVP_MD_CTX *mdctx = NULL; - - RSA *rsa = RSA_new(); - - info->is_repeater = buf[1] & 0x1; - - printf("recv id: %02x %02x %02x %02x %02x\n", - start[0], start[1], start[2], start[3], start[4]); - - printf("rect pub key:\n"); + int ret; m = BN_bin2bn(ddccert_m, 384, NULL); @@ -272,6 +263,47 @@ static void decode_cert(struct hdcp_session_info *info, const uint8_t *buf, int EVP_PKEY_assign_RSA(pRsaKey, rsa); + ctx = EVP_PKEY_CTX_new(pRsaKey, NULL); + if (EVP_PKEY_verify_init(ctx) <= 0) { + printf("fail 1\n"); + return; + } +#if 1 + mdctx = EVP_MD_CTX_create(); + EVP_DigestVerifyInit(mdctx, NULL, EVP_sha256(), NULL, pRsaKey); + + EVP_DigestVerifyUpdate(mdctx, start, 138); + ret = EVP_DigestVerifyFinal(mdctx, start + 138, 384); + printf("ret is %d\n", ret); +#else + if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0) { + printf("fail passing\n"); + return; + } +#if 1 + if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) <= 0) { + printf("fail sig\n"); + return; + } +#endif + ret = EVP_PKEY_verify(ctx, start + 138, 384, start, 138); +#endif + printf("ret is %d\n", ret); + return ret; +} + +static void decode_cert(struct hdcp_session_info *info, const uint8_t *buf, int len) +{ + const uint8_t *start = buf + 2; + + int i, ret; + + info->is_repeater = buf[1] & 0x1; + + printf("recv id: %02x %02x %02x %02x %02x\n", + start[0], start[1], start[2], start[3], start[4]); + + printf("rect pub key:\n"); for (i = 5; i < 5 + 128; i++) { printf("%02x", start[i]); } @@ -300,30 +332,7 @@ static void decode_cert(struct hdcp_session_info *info, const uint8_t *buf, int } } - ctx = EVP_PKEY_CTX_new(pRsaKey, NULL); - if (EVP_PKEY_verify_init(ctx) <= 0) { - printf("fail 1\n"); - return; - } - - mdctx = EVP_MD_CTX_create(); - EVP_DigestVerifyInit(mdctx, NULL, EVP_sha256(), NULL, pRsaKey); - - EVP_DigestVerifyUpdate(mdctx, start, 138); - ret = EVP_DigestVerifyFinal(mdctx, start + 138, 384); -#if 0 - if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0) { - printf("fail passing\n"); - return; - } -#if 1 - if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) <= 0) { - printf("fail sig\n"); - return; - } -#endif - ret = EVP_PKEY_verify(ctx, start + 138, 384, start, 138); -#endif + ret = verify_cert(start); printf("ret is %d\n", ret); } -- cgit v1.2.3