1/*
2 * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10#include <stdio.h>
11#include "internal/cryptlib.h"
12#include <openssl/evp.h>
13#include <openssl/objects.h>
14#include <openssl/x509.h>
15#include "crypto/evp.h"
16
17int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
18 unsigned int siglen, EVP_PKEY *pkey)
19{
20 unsigned char m[EVP_MAX_MD_SIZE];
21 unsigned int m_len = 0;
22 int i = 0;
23 EVP_PKEY_CTX *pkctx = NULL;
24
25 if (EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_FINALISE)) {
26 if (!EVP_DigestFinal_ex(ctx, m, &m_len))
27 goto err;
28 } else {
29 int rv = 0;
30 EVP_MD_CTX *tmp_ctx = EVP_MD_CTX_new();
31 if (tmp_ctx == NULL) {
32 EVPerr(EVP_F_EVP_VERIFYFINAL, ERR_R_MALLOC_FAILURE);
33 return 0;
34 }
35 rv = EVP_MD_CTX_copy_ex(tmp_ctx, ctx);
36 if (rv)
37 rv = EVP_DigestFinal_ex(tmp_ctx, m, &m_len);
38 EVP_MD_CTX_free(tmp_ctx);
39 if (!rv)
40 return 0;
41 }
42
43 i = -1;
44 pkctx = EVP_PKEY_CTX_new(pkey, NULL);
45 if (pkctx == NULL)
46 goto err;
47 if (EVP_PKEY_verify_init(pkctx) <= 0)
48 goto err;
49 if (EVP_PKEY_CTX_set_signature_md(pkctx, EVP_MD_CTX_md(ctx)) <= 0)
50 goto err;
51 i = EVP_PKEY_verify(pkctx, sigbuf, siglen, m, m_len);
52 err:
53 EVP_PKEY_CTX_free(pkctx);
54 return i;
55}
56