vladislav_larionov

Untitled

Sep 29th, 2022
149
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C++ 2.77 KB | None | 0 0
  1. bool GinCertificateManager::verifyAnswer(const QString& ginCertRaw, const QString& ginIssuerCertRaw, const QString& request, const QString& signature) {
  2.     qDebug() << "in verifyAnswer";
  3.     if (!setCerts(ginCertRaw, ginIssuerCertRaw)) {
  4.         return false;
  5.     }
  6.     X509 *ginCertificate = qStringCertToX509(this->ginCert);
  7.     X509 *issuerCertificate = qStringCertToX509(this->ginIssuerCert);
  8.     X509* rootCertificate = getRootCert(ginCertificate);
  9.     if (rootCertificate == nullptr)
  10.         return false;
  11.     qDebug() << "___";
  12.     qDebug() << QString(request);
  13.    // QJsonDocument::fromRawData(request).toJson(QJsonDocument::Compact)
  14.     qDebug() << "___";
  15.  
  16.     QByteArray sign = signature.split(".")[2].toUtf8();
  17.     QByteArray signDecodedBase = QByteArray::fromBase64(sign, QByteArray::Base64UrlEncoding);
  18.     //sign = QByteArray::fromBase64(sign, QByteArray::Base64UrlEncoding);
  19.  
  20.     QByteArray data = request.toUtf8().toBase64(QByteArray::Base64UrlEncoding | QByteArray::OmitTrailingEquals);
  21.     qDebug() << QString::fromUtf8(data);
  22.     qDebug() << "Sign";
  23.     verifySignature(ginCertificate, data, sign);
  24.     verifySignature(issuerCertificate, data, sign);
  25.     verifySignature(rootCertificate, data, sign);
  26.  
  27.     verifySignature(ginCertificate, data, signDecodedBase);
  28.     verifySignature(issuerCertificate, data, signDecodedBase);
  29.     verifySignature(rootCertificate, data, signDecodedBase);
  30.  
  31.     data = QString(request).replace("#", "").toUtf8().toBase64(QByteArray::Base64UrlEncoding | QByteArray::OmitTrailingEquals);
  32.     verifySignature(ginCertificate, data, sign);
  33.     verifySignature(issuerCertificate, data, sign);
  34.     verifySignature(rootCertificate, data, sign);
  35.  
  36.     verifySignature(ginCertificate, data, signDecodedBase);
  37.     verifySignature(issuerCertificate, data, signDecodedBase);
  38.     verifySignature(rootCertificate, data, signDecodedBase);
  39.     return false;
  40. }
  41.  
  42. bool GinCertificateManager::verifySignature(X509* cert, QByteArray data, QByteArray signature) {
  43.     int digestId;
  44.     const EVP_MD *algorithm = nullptr;
  45.     int res;
  46.     EVP_MD_CTX *ctx;
  47.  
  48.     EVP_PKEY_get_default_digest_nid(X509_get_pubkey(cert), &digestId);
  49.     algorithm = EVP_get_digestbynid(digestId);
  50.     if (algorithm == nullptr)
  51.         qDebug() << "algorithm == nullptr";
  52.     ctx = EVP_MD_CTX_create();
  53.     EVP_MD_CTX_init(ctx);
  54.     if (EVP_VerifyInit_ex(ctx, algorithm, NULL) != 1)
  55.         qDebug() << "EVP_VerifyInit != 1";
  56.     if (EVP_VerifyUpdate(ctx, data.constData(), data.length()) != 1)
  57.        qDebug() << "EVP_VerifyInit != 1";
  58.     res = EVP_VerifyFinal(ctx, reinterpret_cast<const unsigned char*>(signature.constData()),
  59.                           signature.length(), X509_get_pubkey(cert));
  60.     qDebug() << res;
  61.     qDebug() << (res == 1);
  62.     return res == 1;
  63. }
  64.  
Add Comment
Please, Sign In to add comment