Home | History | Annotate | Download | only in ServiceRegistration

Lines Matching refs:signature

17  * DNS SIG(0) signature verification for DNSSD SRP using MacOS Security Framework.
20  * validating a signature using a context generated with that public key.  Currently only ECDSASHA256 is
43 create_data_to_verify(dns_wire_t *const message, const dns_rr_t *const signature);
47 srp_sig0_verify(dns_wire_t *message, dns_rr_t *key, dns_rr_t *signature)
57     require_action_quiet(key->data.key.algorithm == signature->data.sig.algorithm, exit,
60                                key->data.key.algorithm, signature->data.sig.algorithm));
63     require_action_quiet(signature->data.sig.algorithm == dnssec_keytype_ecdsa, exit,
64                          ERROR("Unsupported KEY algorithm - KEY algorithm: %u", signature->data.sig.algorithm));
70     // The signature size should always be ECDSA_SHA256_SIG_SIZE, since only ECDSA Curve P-256 with SHA-256 is used now.
71     require_action_quiet(signature->data.sig.len == ECDSA_SHA256_SIG_SIZE, exit,
72                          ERROR("Invalid SIG(0) length - SIG(0) length: %d", signature->data.sig.len));
78     // Create signature to check.
79     sig_to_match_cfdata = CFDataCreate(kCFAllocatorDefault, signature->data.sig.signature, signature->data.sig.len);
84     data_to_verify_cfdata = create_data_to_verify(message, signature);
99     // Validate the signature.
126     (void)signature;
181 create_data_to_verify(dns_wire_t *const message, const dns_rr_t *const signature)
189     require_action_quiet(signature->data.sig.algorithm == dnssec_keytype_ecdsa, exit, encounter_error = true;
190         FAULT("Unsupported SIG(0) algorithm - SIG(0) algorithm: %u", signature->data.sig.algorithm));
195     // data to be hashed = (SIG(0) RDATA without signature field) + (request - SIG(0)).
197     // (SIG(0) RDATA without signature field) = SIG(0) fields without signer name + canonical signer name.
199     CC_SHA256_Update(&cc_digest_context, &message->data[signature->data.sig.start + SIG_HEADERLEN], SIG_STATIC_RDLEN);
202     size_t canonical_signer_name_length = dns_name_wire_length(signature->data.sig.signer);
214                                                     signature->data.sig.signer);
224     CC_SHA256_Update(&cc_digest_context, (uint8_t *)message, offsetof(dns_wire_t, data) + signature->data.sig.start);