Open realvarx opened 3 months ago
- What I did
- How I did it
- How to verify it If we intentionally modify the signature value to make it incorrect, we can see what it happens:
value[0] = 'A'; res = verify_envelope_signature(requesting_atsign_publickey, (const unsigned char *)payloadstr, (unsigned char *)value, hashing_algo_str, signing_algo_str); if (res != 0) { // Notify noports client that this session is NOT connected memset(value, 0, valuelen); snprintf(value, valuelen, "Signature verification failed: %d\n", res); atclient_atkey error_res_atkey; atclient_atkey_init(&error_res_atkey); create_response_atkey(&error_res_atkey, atsign, requesting_atsign, identifier, keyname, &keynamelen); notify(atclient, atclient_lock, &error_res_atkey, value); atclient_atkey_free(&error_res_atkey); atlogger_log(LOGGER_TAG, ATLOGGER_LOGGING_LEVEL_ERROR, "Failed to verify envelope signature\n"); free(envelope); atchops_rsakey_publickey_free(&requesting_atsign_publickey); return; }
- Description for the changelog
Closes #1117
- What I did
- How I did it
- How to verify it If we intentionally modify the signature value to make it incorrect, we can see what it happens:
- Description for the changelog
Closes #1117