From cde51572df987e4cd945fe6a8659eac647a17ea2 Mon Sep 17 00:00:00 2001 From: Paul Bakker Date: Sun, 17 May 2009 10:11:56 +0000 Subject: [PATCH] - Fixed missing support for SHA2 in rsa_pkcs1_sign() --- library/rsa.c | 35 ++++++++++++++++++++++++++--------- 1 file changed, 26 insertions(+), 9 deletions(-) diff --git a/library/rsa.c b/library/rsa.c index ed703425a..525908afe 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -333,7 +333,7 @@ int rsa_pkcs1_decrypt( rsa_context *ctx, { int ret, ilen; unsigned char *p; - unsigned char buf[512]; + unsigned char buf[1024]; ilen = ctx->len; @@ -414,6 +414,23 @@ int rsa_pkcs1_sign( rsa_context *ctx, nb_pad = olen - 3 - 35; break; + case SIG_RSA_SHA224: + nb_pad = olen - 3 - 47; + break; + + case SIG_RSA_SHA256: + nb_pad = olen - 3 - 51; + break; + + case SIG_RSA_SHA384: + nb_pad = olen - 3 - 67; + break; + + case SIG_RSA_SHA512: + nb_pad = olen - 3 - 83; + break; + + default: return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); } @@ -500,7 +517,7 @@ int rsa_pkcs1_verify( rsa_context *ctx, { int ret, len, siglen; unsigned char *p, c; - unsigned char buf[512]; + unsigned char buf[1024]; siglen = ctx->len; @@ -572,15 +589,15 @@ int rsa_pkcs1_verify( rsa_context *ctx, ( len == 19 + 64 && p[14] == 3 && hash_id == SIG_RSA_SHA512 ) ) { c = p[1] - 17; - p[1] = 17; - p[14] = 0; + p[1] = 17; + p[14] = 0; if( p[18] == c && - memcmp( p, ASN1_HASH_SHA2X, 18 ) == 0 && - memcmp( p + 19, hash, c ) == 0 ) - return( 0 ); - else - return( POLARSSL_ERR_RSA_VERIFY_FAILED ); + memcmp( p, ASN1_HASH_SHA2X, 18 ) == 0 && + memcmp( p + 19, hash, c ) == 0 ) + return( 0 ); + else + return( POLARSSL_ERR_RSA_VERIFY_FAILED ); } if( len == hashlen && hash_id == RSA_RAW )