in components/crypto/source/iot_crypto.c [334:393]
BaseType_t CRYPTO_SignatureVerificationFinal( void * pvContext,
char * pcSignerCertificate,
size_t xSignerCertificateLength,
uint8_t * pucSignature,
size_t xSignatureLength )
{
BaseType_t xResult = pdFALSE;
if( pvContext != NULL )
{
SignatureVerificationStatePtr_t pxCtx = ( SignatureVerificationStatePtr_t ) pvContext; /*lint !e9087 Allow casting void* to other types. */
uint8_t ucSHA1or256[ cryptoSHA256_DIGEST_BYTES ]; /* Reserve enough space for the larger of SHA1 or SHA256 results. */
uint8_t * pucHash = NULL;
size_t xHashLength = 0;
if( ( pcSignerCertificate != NULL ) &&
( pucSignature != NULL ) &&
( xSignerCertificateLength > 0UL ) &&
( xSignatureLength > 0UL ) )
{
/*
* Finish the hash
*/
if( cryptoHASH_ALGORITHM_SHA1 == pxCtx->xHashAlgorithm )
{
( void ) mbedtls_sha1_finish_ret( &pxCtx->xSHA1Context, ucSHA1or256 );
pucHash = ucSHA1or256;
xHashLength = cryptoSHA1_DIGEST_BYTES;
}
else
{
( void ) mbedtls_sha256_finish_ret( &pxCtx->xSHA256Context, ucSHA1or256 );
pucHash = ucSHA1or256;
xHashLength = cryptoSHA256_DIGEST_BYTES;
}
/*
* Verify the signature
*/
xResult = prvVerifySignature( pcSignerCertificate,
xSignerCertificateLength,
pxCtx->xHashAlgorithm,
pucHash,
xHashLength,
pucSignature,
xSignatureLength );
}
else
{
/* Allow function to be called with only the context pointer for cleanup after a failure. */
}
/*
* Clean-up
*/
vPortFree( pxCtx );
}
return xResult;
}