hu_RSAPSSNoHashVerify()

Verifies a PKCS#1 v2.1 signature on the given message digest.

Synopsis:

#include "hursapss.h"

int hu_RSAPSSNoHashVerify(sb_Params rsaParams, sb_PublicKey publicKey, int hashAlgId, size_t digestLen, const unsigned char *digest, size_t saltLen, size_t signatureLen, const unsigned char *signature, int *result, sb_GlobalCtx sbCtx)

Since:

BlackBerry 10.0.0

Arguments:

rsaParams: An RSA parameters object.

publicKey: An RSA public key object.

hashAlgId: The message digest algorithm identifier. The acceptable values are one of the SB_RSA_PSS_* macros.

digestLen: The length in bytes of the message digest.

digest: The message digest.

saltLen: The length of the salt that was used to generate the signature. The recommended value of saltLen is digestLen. The value of saltLen must match the value of saltLen that was used to generate the signature.

signatureLen: The length in bytes of the signature. This must be equal to the modulus length.

signature: The signature value.

result: Verification result. This is non-zero if the signature is valid; zero, if the signature is invalid.

sbCtx: A global context.

Library:

libhuapi (For the qcc command, use the -l huapi option to link against this library)

Description:

This function implements the operation known as RSASSA-PSS-Verify in PKCS#1 v2.1.

This function assumes that the input is a message digest produced by the specified digest algorithm; no digest operation will be performed on the input.

If the signature is valid for the given digest, this function will return SB_SUCCESS and set result to a non-zero value.

If the signature is not valid for the given digest, this function may return SB_SUCCESS but result will be set to zero.

The modulus being used must be large enough for the data being signed. Thus, the minimum size of the modulus depends on both the saltLen and digestLen. This minimum is roughly equal to the sum of saltLen and digestLen. The exact relation that must be preserved is: ((# of bits in the modulus) - 1) >= 8*digestLen + 8*saltLen + 9

The value of saltLen specifies the length of the salt that is expected by the verification operation. The value of saltLen must match the value of saltLen that was used to generate the signature. It is recommended in PKCS#1 v2.1 that this value be the same as digestLen.

Returns:

SB_ERR_NULL_PARAMS: The rsaParams object is NULL.

SB_ERR_BAD_PARAMS: The rsaParams object is invalid.

SB_ERR_NULL_PUBLIC_KEY: The public key object is NULL.

SB_ERR_BAD_PUBLIC_KEY: The public key object is invalid.

SB_ERR_BAD_HASH_TYPE: The message digest algorithm identifier is invalid.

SB_ERR_NULL_INPUT_BUF: The message digest buffer is NULL.

SB_ERR_BAD_INPUT_BUF_LEN: The length of the message digest is invalid.

SB_ERR_NULL_SIGNATURE: The signature buffer is NULL.

SB_ERR_BAD_SIGNATURE_LEN: The length of the signature buffer is invalid.

SB_ERR_BAD_HASH_TYPE: The message digest algorithm identifier is invalid.

SB_ERR_NULL_OUTPUT: The verification result pointer is NULL.

SB_FAIL_ALLOC: Memory allocation failure.

SB_SUCCESS: Success.