Commit cde51572 authored by Paul Bakker's avatar Paul Bakker
Browse files

- Fixed missing support for SHA2 in rsa_pkcs1_sign()

parent 860d36b9
......@@ -333,7 +333,7 @@ int rsa_pkcs1_decrypt( rsa_context *ctx,
{
int ret, ilen;
unsigned char *p;
unsigned char buf[512];
unsigned char buf[1024];
ilen = ctx->len;
......@@ -414,6 +414,23 @@ int rsa_pkcs1_sign( rsa_context *ctx,
nb_pad = olen - 3 - 35;
break;
case SIG_RSA_SHA224:
nb_pad = olen - 3 - 47;
break;
case SIG_RSA_SHA256:
nb_pad = olen - 3 - 51;
break;
case SIG_RSA_SHA384:
nb_pad = olen - 3 - 67;
break;
case SIG_RSA_SHA512:
nb_pad = olen - 3 - 83;
break;
default:
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
}
......@@ -500,7 +517,7 @@ int rsa_pkcs1_verify( rsa_context *ctx,
{
int ret, len, siglen;
unsigned char *p, c;
unsigned char buf[512];
unsigned char buf[1024];
siglen = ctx->len;
......@@ -572,15 +589,15 @@ int rsa_pkcs1_verify( rsa_context *ctx,
( len == 19 + 64 && p[14] == 3 && hash_id == SIG_RSA_SHA512 ) )
{
c = p[1] - 17;
p[1] = 17;
p[14] = 0;
p[1] = 17;
p[14] = 0;
if( p[18] == c &&
memcmp( p, ASN1_HASH_SHA2X, 18 ) == 0 &&
memcmp( p + 19, hash, c ) == 0 )
return( 0 );
else
return( POLARSSL_ERR_RSA_VERIFY_FAILED );
memcmp( p, ASN1_HASH_SHA2X, 18 ) == 0 &&
memcmp( p + 19, hash, c ) == 0 )
return( 0 );
else
return( POLARSSL_ERR_RSA_VERIFY_FAILED );
}
if( len == hashlen && hash_id == RSA_RAW )
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment