197b2ed56SKris Kennaway /* crypto/rsa/rsa_sign.c */ 297b2ed56SKris Kennaway /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 397b2ed56SKris Kennaway * All rights reserved. 497b2ed56SKris Kennaway * 597b2ed56SKris Kennaway * This package is an SSL implementation written 697b2ed56SKris Kennaway * by Eric Young (eay@cryptsoft.com). 797b2ed56SKris Kennaway * The implementation was written so as to conform with Netscapes SSL. 897b2ed56SKris Kennaway * 997b2ed56SKris Kennaway * This library is free for commercial and non-commercial use as long as 1097b2ed56SKris Kennaway * the following conditions are aheared to. The following conditions 1197b2ed56SKris Kennaway * apply to all code found in this distribution, be it the RC4, RSA, 1297b2ed56SKris Kennaway * lhash, DES, etc., code; not just the SSL code. The SSL documentation 1397b2ed56SKris Kennaway * included with this distribution is covered by the same copyright terms 1497b2ed56SKris Kennaway * except that the holder is Tim Hudson (tjh@cryptsoft.com). 1597b2ed56SKris Kennaway * 1697b2ed56SKris Kennaway * Copyright remains Eric Young's, and as such any Copyright notices in 1797b2ed56SKris Kennaway * the code are not to be removed. 1897b2ed56SKris Kennaway * If this package is used in a product, Eric Young should be given attribution 1997b2ed56SKris Kennaway * as the author of the parts of the library used. 2097b2ed56SKris Kennaway * This can be in the form of a textual message at program startup or 2197b2ed56SKris Kennaway * in documentation (online or textual) provided with the package. 2297b2ed56SKris Kennaway * 2397b2ed56SKris Kennaway * Redistribution and use in source and binary forms, with or without 2497b2ed56SKris Kennaway * modification, are permitted provided that the following conditions 2597b2ed56SKris Kennaway * are met: 2697b2ed56SKris Kennaway * 1. Redistributions of source code must retain the copyright 2797b2ed56SKris Kennaway * notice, this list of conditions and the following disclaimer. 2897b2ed56SKris Kennaway * 2. Redistributions in binary form must reproduce the above copyright 2997b2ed56SKris Kennaway * notice, this list of conditions and the following disclaimer in the 3097b2ed56SKris Kennaway * documentation and/or other materials provided with the distribution. 3197b2ed56SKris Kennaway * 3. All advertising materials mentioning features or use of this software 3297b2ed56SKris Kennaway * must display the following acknowledgement: 3397b2ed56SKris Kennaway * "This product includes cryptographic software written by 3497b2ed56SKris Kennaway * Eric Young (eay@cryptsoft.com)" 3597b2ed56SKris Kennaway * The word 'cryptographic' can be left out if the rouines from the library 3697b2ed56SKris Kennaway * being used are not cryptographic related :-). 3797b2ed56SKris Kennaway * 4. If you include any Windows specific code (or a derivative thereof) from 3897b2ed56SKris Kennaway * the apps directory (application code) you must include an acknowledgement: 3997b2ed56SKris Kennaway * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 4097b2ed56SKris Kennaway * 4197b2ed56SKris Kennaway * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 4297b2ed56SKris Kennaway * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 4397b2ed56SKris Kennaway * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 4497b2ed56SKris Kennaway * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 4597b2ed56SKris Kennaway * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 4697b2ed56SKris Kennaway * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 4797b2ed56SKris Kennaway * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 4897b2ed56SKris Kennaway * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 4997b2ed56SKris Kennaway * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 5097b2ed56SKris Kennaway * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 5197b2ed56SKris Kennaway * SUCH DAMAGE. 5297b2ed56SKris Kennaway * 5397b2ed56SKris Kennaway * The licence and distribution terms for any publically available version or 5497b2ed56SKris Kennaway * derivative of this code cannot be changed. i.e. this code cannot simply be 5597b2ed56SKris Kennaway * copied and put under another distribution licence 5697b2ed56SKris Kennaway * [including the GNU Public Licence.] 5797b2ed56SKris Kennaway */ 5897b2ed56SKris Kennaway 5997b2ed56SKris Kennaway #include <stdio.h> 6097b2ed56SKris Kennaway #include "cryptlib.h" 6197b2ed56SKris Kennaway #include <openssl/bn.h> 6297b2ed56SKris Kennaway #include <openssl/rsa.h> 6397b2ed56SKris Kennaway #include <openssl/objects.h> 6497b2ed56SKris Kennaway #include <openssl/x509.h> 651f13597dSJung-uk Kim #include "rsa_locl.h" 6697b2ed56SKris Kennaway 67f579bf8eSKris Kennaway /* Size of an SSL signature: MD5+SHA1 */ 68f579bf8eSKris Kennaway #define SSL_SIG_LENGTH 36 69f579bf8eSKris Kennaway 705c87c606SMark Murray int RSA_sign(int type, const unsigned char *m, unsigned int m_len, 7197b2ed56SKris Kennaway unsigned char *sigret, unsigned int *siglen, RSA *rsa) 7297b2ed56SKris Kennaway { 7397b2ed56SKris Kennaway X509_SIG sig; 7497b2ed56SKris Kennaway ASN1_TYPE parameter; 7597b2ed56SKris Kennaway int i,j,ret=1; 765c87c606SMark Murray unsigned char *p, *tmps = NULL; 775c87c606SMark Murray const unsigned char *s = NULL; 7897b2ed56SKris Kennaway X509_ALGOR algor; 7997b2ed56SKris Kennaway ASN1_OCTET_STRING digest; 801f13597dSJung-uk Kim #ifdef OPENSSL_FIPS 811f13597dSJung-uk Kim if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD) 821f13597dSJung-uk Kim && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) 831f13597dSJung-uk Kim { 841f13597dSJung-uk Kim RSAerr(RSA_F_RSA_SIGN, RSA_R_NON_FIPS_RSA_METHOD); 851f13597dSJung-uk Kim return 0; 861f13597dSJung-uk Kim } 871f13597dSJung-uk Kim #endif 8850ef0093SJacques Vidrine if((rsa->flags & RSA_FLAG_SIGN_VER) && rsa->meth->rsa_sign) 8950ef0093SJacques Vidrine { 9050ef0093SJacques Vidrine return rsa->meth->rsa_sign(type, m, m_len, 9150ef0093SJacques Vidrine sigret, siglen, rsa); 9250ef0093SJacques Vidrine } 93f579bf8eSKris Kennaway /* Special case: SSL signature, just check the length */ 94f579bf8eSKris Kennaway if(type == NID_md5_sha1) { 95f579bf8eSKris Kennaway if(m_len != SSL_SIG_LENGTH) { 96f579bf8eSKris Kennaway RSAerr(RSA_F_RSA_SIGN,RSA_R_INVALID_MESSAGE_LENGTH); 97f579bf8eSKris Kennaway return(0); 98f579bf8eSKris Kennaway } 99f579bf8eSKris Kennaway i = SSL_SIG_LENGTH; 100f579bf8eSKris Kennaway s = m; 101f579bf8eSKris Kennaway } else { 10297b2ed56SKris Kennaway sig.algor= &algor; 10397b2ed56SKris Kennaway sig.algor->algorithm=OBJ_nid2obj(type); 10497b2ed56SKris Kennaway if (sig.algor->algorithm == NULL) 10597b2ed56SKris Kennaway { 10697b2ed56SKris Kennaway RSAerr(RSA_F_RSA_SIGN,RSA_R_UNKNOWN_ALGORITHM_TYPE); 10797b2ed56SKris Kennaway return(0); 10897b2ed56SKris Kennaway } 10997b2ed56SKris Kennaway if (sig.algor->algorithm->length == 0) 11097b2ed56SKris Kennaway { 11197b2ed56SKris Kennaway RSAerr(RSA_F_RSA_SIGN,RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD); 11297b2ed56SKris Kennaway return(0); 11397b2ed56SKris Kennaway } 11497b2ed56SKris Kennaway parameter.type=V_ASN1_NULL; 11597b2ed56SKris Kennaway parameter.value.ptr=NULL; 11697b2ed56SKris Kennaway sig.algor->parameter= ¶meter; 11797b2ed56SKris Kennaway 11897b2ed56SKris Kennaway sig.digest= &digest; 1195c87c606SMark Murray sig.digest->data=(unsigned char *)m; /* TMP UGLY CAST */ 12097b2ed56SKris Kennaway sig.digest->length=m_len; 12197b2ed56SKris Kennaway 12297b2ed56SKris Kennaway i=i2d_X509_SIG(&sig,NULL); 123f579bf8eSKris Kennaway } 12497b2ed56SKris Kennaway j=RSA_size(rsa); 1255c87c606SMark Murray if (i > (j-RSA_PKCS1_PADDING_SIZE)) 12697b2ed56SKris Kennaway { 12797b2ed56SKris Kennaway RSAerr(RSA_F_RSA_SIGN,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY); 12897b2ed56SKris Kennaway return(0); 12997b2ed56SKris Kennaway } 130f579bf8eSKris Kennaway if(type != NID_md5_sha1) { 1315c87c606SMark Murray tmps=(unsigned char *)OPENSSL_malloc((unsigned int)j+1); 1325c87c606SMark Murray if (tmps == NULL) 13397b2ed56SKris Kennaway { 13497b2ed56SKris Kennaway RSAerr(RSA_F_RSA_SIGN,ERR_R_MALLOC_FAILURE); 13597b2ed56SKris Kennaway return(0); 13697b2ed56SKris Kennaway } 1375c87c606SMark Murray p=tmps; 13897b2ed56SKris Kennaway i2d_X509_SIG(&sig,&p); 1395c87c606SMark Murray s=tmps; 140f579bf8eSKris Kennaway } 14197b2ed56SKris Kennaway i=RSA_private_encrypt(i,s,sigret,rsa,RSA_PKCS1_PADDING); 14297b2ed56SKris Kennaway if (i <= 0) 14397b2ed56SKris Kennaway ret=0; 14497b2ed56SKris Kennaway else 14597b2ed56SKris Kennaway *siglen=i; 14697b2ed56SKris Kennaway 147f579bf8eSKris Kennaway if(type != NID_md5_sha1) { 1485c87c606SMark Murray OPENSSL_cleanse(tmps,(unsigned int)j+1); 1495c87c606SMark Murray OPENSSL_free(tmps); 150f579bf8eSKris Kennaway } 15197b2ed56SKris Kennaway return(ret); 15297b2ed56SKris Kennaway } 15397b2ed56SKris Kennaway 154*fa5fddf1SJung-uk Kim /* 155*fa5fddf1SJung-uk Kim * Check DigestInfo structure does not contain extraneous data by reencoding 156*fa5fddf1SJung-uk Kim * using DER and checking encoding against original. 157*fa5fddf1SJung-uk Kim */ 158*fa5fddf1SJung-uk Kim static int rsa_check_digestinfo(X509_SIG *sig, const unsigned char *dinfo, int dinfolen) 159*fa5fddf1SJung-uk Kim { 160*fa5fddf1SJung-uk Kim unsigned char *der = NULL; 161*fa5fddf1SJung-uk Kim int derlen; 162*fa5fddf1SJung-uk Kim int ret = 0; 163*fa5fddf1SJung-uk Kim derlen = i2d_X509_SIG(sig, &der); 164*fa5fddf1SJung-uk Kim if (derlen <= 0) 165*fa5fddf1SJung-uk Kim return 0; 166*fa5fddf1SJung-uk Kim if (derlen == dinfolen && !memcmp(dinfo, der, derlen)) 167*fa5fddf1SJung-uk Kim ret = 1; 168*fa5fddf1SJung-uk Kim OPENSSL_cleanse(der, derlen); 169*fa5fddf1SJung-uk Kim OPENSSL_free(der); 170*fa5fddf1SJung-uk Kim return ret; 171*fa5fddf1SJung-uk Kim } 172*fa5fddf1SJung-uk Kim 1731f13597dSJung-uk Kim int int_rsa_verify(int dtype, const unsigned char *m, 1741f13597dSJung-uk Kim unsigned int m_len, 1751f13597dSJung-uk Kim unsigned char *rm, size_t *prm_len, 1761f13597dSJung-uk Kim const unsigned char *sigbuf, size_t siglen, 1771f13597dSJung-uk Kim RSA *rsa) 17897b2ed56SKris Kennaway { 17997b2ed56SKris Kennaway int i,ret=0,sigtype; 1803b4e3dcbSSimon L. B. Nielsen unsigned char *s; 18197b2ed56SKris Kennaway X509_SIG *sig=NULL; 18297b2ed56SKris Kennaway 1831f13597dSJung-uk Kim #ifdef OPENSSL_FIPS 1841f13597dSJung-uk Kim if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD) 1851f13597dSJung-uk Kim && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) 1861f13597dSJung-uk Kim { 1871f13597dSJung-uk Kim RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_NON_FIPS_RSA_METHOD); 1881f13597dSJung-uk Kim return 0; 1891f13597dSJung-uk Kim } 1901f13597dSJung-uk Kim #endif 1911f13597dSJung-uk Kim 19297b2ed56SKris Kennaway if (siglen != (unsigned int)RSA_size(rsa)) 19397b2ed56SKris Kennaway { 1941f13597dSJung-uk Kim RSAerr(RSA_F_INT_RSA_VERIFY,RSA_R_WRONG_SIGNATURE_LENGTH); 19597b2ed56SKris Kennaway return(0); 19697b2ed56SKris Kennaway } 19797b2ed56SKris Kennaway 1981f13597dSJung-uk Kim if((dtype == NID_md5_sha1) && rm) 19950ef0093SJacques Vidrine { 2001f13597dSJung-uk Kim i = RSA_public_decrypt((int)siglen, 2011f13597dSJung-uk Kim sigbuf,rm,rsa,RSA_PKCS1_PADDING); 2021f13597dSJung-uk Kim if (i <= 0) 2031f13597dSJung-uk Kim return 0; 2041f13597dSJung-uk Kim *prm_len = i; 2051f13597dSJung-uk Kim return 1; 20650ef0093SJacques Vidrine } 207f579bf8eSKris Kennaway 208ddd58736SKris Kennaway s=(unsigned char *)OPENSSL_malloc((unsigned int)siglen); 20997b2ed56SKris Kennaway if (s == NULL) 21097b2ed56SKris Kennaway { 2111f13597dSJung-uk Kim RSAerr(RSA_F_INT_RSA_VERIFY,ERR_R_MALLOC_FAILURE); 21297b2ed56SKris Kennaway goto err; 21397b2ed56SKris Kennaway } 2141f13597dSJung-uk Kim if((dtype == NID_md5_sha1) && (m_len != SSL_SIG_LENGTH) ) { 2151f13597dSJung-uk Kim RSAerr(RSA_F_INT_RSA_VERIFY,RSA_R_INVALID_MESSAGE_LENGTH); 2163b4e3dcbSSimon L. B. Nielsen goto err; 217f579bf8eSKris Kennaway } 21897b2ed56SKris Kennaway i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING); 21997b2ed56SKris Kennaway 22097b2ed56SKris Kennaway if (i <= 0) goto err; 2211f13597dSJung-uk Kim /* Oddball MDC2 case: signature can be OCTET STRING. 2221f13597dSJung-uk Kim * check for correct tag and length octets. 2231f13597dSJung-uk Kim */ 2241f13597dSJung-uk Kim if (dtype == NID_mdc2 && i == 18 && s[0] == 0x04 && s[1] == 0x10) 2251f13597dSJung-uk Kim { 2261f13597dSJung-uk Kim if (rm) 2271f13597dSJung-uk Kim { 2281f13597dSJung-uk Kim memcpy(rm, s + 2, 16); 2291f13597dSJung-uk Kim *prm_len = 16; 2301f13597dSJung-uk Kim ret = 1; 2311f13597dSJung-uk Kim } 2321f13597dSJung-uk Kim else if(memcmp(m, s + 2, 16)) 2331f13597dSJung-uk Kim RSAerr(RSA_F_INT_RSA_VERIFY,RSA_R_BAD_SIGNATURE); 2341f13597dSJung-uk Kim else 2351f13597dSJung-uk Kim ret = 1; 2361f13597dSJung-uk Kim } 23797b2ed56SKris Kennaway 238f579bf8eSKris Kennaway /* Special case: SSL signature */ 239f579bf8eSKris Kennaway if(dtype == NID_md5_sha1) { 240f579bf8eSKris Kennaway if((i != SSL_SIG_LENGTH) || memcmp(s, m, SSL_SIG_LENGTH)) 2411f13597dSJung-uk Kim RSAerr(RSA_F_INT_RSA_VERIFY,RSA_R_BAD_SIGNATURE); 242f579bf8eSKris Kennaway else ret = 1; 243f579bf8eSKris Kennaway } else { 2443b4e3dcbSSimon L. B. Nielsen const unsigned char *p=s; 24597b2ed56SKris Kennaway sig=d2i_X509_SIG(NULL,&p,(long)i); 24697b2ed56SKris Kennaway 24797b2ed56SKris Kennaway if (sig == NULL) goto err; 248c800238eSSimon L. B. Nielsen 249c800238eSSimon L. B. Nielsen /* Excess data can be used to create forgeries */ 250*fa5fddf1SJung-uk Kim if(p != s+i || !rsa_check_digestinfo(sig, s, i)) 251c800238eSSimon L. B. Nielsen { 2521f13597dSJung-uk Kim RSAerr(RSA_F_INT_RSA_VERIFY,RSA_R_BAD_SIGNATURE); 253c800238eSSimon L. B. Nielsen goto err; 254c800238eSSimon L. B. Nielsen } 255c800238eSSimon L. B. Nielsen 256c800238eSSimon L. B. Nielsen /* Parameters to the signature algorithm can also be used to 257c800238eSSimon L. B. Nielsen create forgeries */ 258c800238eSSimon L. B. Nielsen if(sig->algor->parameter 25974608424SSimon L. B. Nielsen && ASN1_TYPE_get(sig->algor->parameter) != V_ASN1_NULL) 260c800238eSSimon L. B. Nielsen { 2611f13597dSJung-uk Kim RSAerr(RSA_F_INT_RSA_VERIFY,RSA_R_BAD_SIGNATURE); 262c800238eSSimon L. B. Nielsen goto err; 263c800238eSSimon L. B. Nielsen } 264c800238eSSimon L. B. Nielsen 26597b2ed56SKris Kennaway sigtype=OBJ_obj2nid(sig->algor->algorithm); 26697b2ed56SKris Kennaway 26797b2ed56SKris Kennaway 26897b2ed56SKris Kennaway #ifdef RSA_DEBUG 269f579bf8eSKris Kennaway /* put a backward compatibility flag in EAY */ 27097b2ed56SKris Kennaway fprintf(stderr,"in(%s) expect(%s)\n",OBJ_nid2ln(sigtype), 27197b2ed56SKris Kennaway OBJ_nid2ln(dtype)); 27297b2ed56SKris Kennaway #endif 27397b2ed56SKris Kennaway if (sigtype != dtype) 27497b2ed56SKris Kennaway { 27597b2ed56SKris Kennaway if (((dtype == NID_md5) && 27697b2ed56SKris Kennaway (sigtype == NID_md5WithRSAEncryption)) || 27797b2ed56SKris Kennaway ((dtype == NID_md2) && 27897b2ed56SKris Kennaway (sigtype == NID_md2WithRSAEncryption))) 27997b2ed56SKris Kennaway { 28097b2ed56SKris Kennaway /* ok, we will let it through */ 2815c87c606SMark Murray #if !defined(OPENSSL_NO_STDIO) && !defined(OPENSSL_SYS_WIN16) 28297b2ed56SKris Kennaway fprintf(stderr,"signature has problems, re-make with post SSLeay045\n"); 28397b2ed56SKris Kennaway #endif 28497b2ed56SKris Kennaway } 28597b2ed56SKris Kennaway else 28697b2ed56SKris Kennaway { 2871f13597dSJung-uk Kim RSAerr(RSA_F_INT_RSA_VERIFY, 288f579bf8eSKris Kennaway RSA_R_ALGORITHM_MISMATCH); 28997b2ed56SKris Kennaway goto err; 29097b2ed56SKris Kennaway } 29197b2ed56SKris Kennaway } 2921f13597dSJung-uk Kim if (rm) 2931f13597dSJung-uk Kim { 2941f13597dSJung-uk Kim const EVP_MD *md; 2951f13597dSJung-uk Kim md = EVP_get_digestbynid(dtype); 2961f13597dSJung-uk Kim if (md && (EVP_MD_size(md) != sig->digest->length)) 2971f13597dSJung-uk Kim RSAerr(RSA_F_INT_RSA_VERIFY, 2981f13597dSJung-uk Kim RSA_R_INVALID_DIGEST_LENGTH); 2991f13597dSJung-uk Kim else 3001f13597dSJung-uk Kim { 3011f13597dSJung-uk Kim memcpy(rm, sig->digest->data, 3021f13597dSJung-uk Kim sig->digest->length); 3031f13597dSJung-uk Kim *prm_len = sig->digest->length; 3041f13597dSJung-uk Kim ret = 1; 3051f13597dSJung-uk Kim } 3061f13597dSJung-uk Kim } 3071f13597dSJung-uk Kim else if (((unsigned int)sig->digest->length != m_len) || 30897b2ed56SKris Kennaway (memcmp(m,sig->digest->data,m_len) != 0)) 30997b2ed56SKris Kennaway { 3101f13597dSJung-uk Kim RSAerr(RSA_F_INT_RSA_VERIFY,RSA_R_BAD_SIGNATURE); 31197b2ed56SKris Kennaway } 31297b2ed56SKris Kennaway else 31397b2ed56SKris Kennaway ret=1; 314f579bf8eSKris Kennaway } 31597b2ed56SKris Kennaway err: 31697b2ed56SKris Kennaway if (sig != NULL) X509_SIG_free(sig); 3173b4e3dcbSSimon L. B. Nielsen if (s != NULL) 3183b4e3dcbSSimon L. B. Nielsen { 3195c87c606SMark Murray OPENSSL_cleanse(s,(unsigned int)siglen); 320ddd58736SKris Kennaway OPENSSL_free(s); 3213b4e3dcbSSimon L. B. Nielsen } 32297b2ed56SKris Kennaway return(ret); 32397b2ed56SKris Kennaway } 32497b2ed56SKris Kennaway 3251f13597dSJung-uk Kim int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len, 3261f13597dSJung-uk Kim const unsigned char *sigbuf, unsigned int siglen, 3271f13597dSJung-uk Kim RSA *rsa) 3281f13597dSJung-uk Kim { 3291f13597dSJung-uk Kim 3301f13597dSJung-uk Kim if((rsa->flags & RSA_FLAG_SIGN_VER) && rsa->meth->rsa_verify) 3311f13597dSJung-uk Kim { 3321f13597dSJung-uk Kim return rsa->meth->rsa_verify(dtype, m, m_len, 3331f13597dSJung-uk Kim sigbuf, siglen, rsa); 3341f13597dSJung-uk Kim } 3351f13597dSJung-uk Kim 3361f13597dSJung-uk Kim return int_rsa_verify(dtype, m, m_len, NULL, NULL, sigbuf, siglen, rsa); 3371f13597dSJung-uk Kim } 338