Fixed PSS (still untested).

This commit is contained in:
Alessio Di Mauro
2015-08-20 14:58:14 +02:00
parent 2764846bb6
commit 8618469619
+8 -1
View File
@@ -425,17 +425,24 @@ CK_RV do_pkcs_pss(RSA *key, CK_BYTE_PTR in, CK_ULONG in_len, int nid,
CK_BYTE_PTR out, CK_ULONG_PTR out_len) {
unsigned char em[512]; // Max for this is ceil((|key_len_bits| - 1) / 8)
OpenSSL_add_all_digests();
// TODO: rand must be seeded first (should be automatic)
if (*out_len < RSA_size(key))
CKR_BUFFER_TOO_SMALL;
DBG(("Apply PSS padding to %lu bytes and get %d\n", in_len, RSA_size(key)));
if (RSA_padding_add_PKCS1_PSS(key, em, in, EVP_get_digestbynid(nid), -2) == 0)
// In case of raw PSS (no hash) this function will fail because OpenSSL requires an MD
if (RSA_padding_add_PKCS1_PSS(key, em, in, EVP_get_digestbynid(nid), -2) == 0) {
EVP_cleanup();
return CKR_FUNCTION_FAILED;
}
*out_len = RSA_size(key);
EVP_cleanup();
return CKR_OK;
}