botan: RSA OAEP labels are not supported

author Andreas Steffen <andreas.steffen@strongswan.org>

Tue, 9 Nov 2021 21:46:14 +0000 (22:46 +0100)

committer Andreas Steffen <andreas.steffen@strongswan.org>

Wed, 10 Nov 2021 19:03:22 +0000 (20:03 +0100)
author Andreas Steffen <andreas.steffen@strongswan.org>
Tue, 9 Nov 2021 21:46:14 +0000 (22:46 +0100)
committer Andreas Steffen <andreas.steffen@strongswan.org>
Wed, 10 Nov 2021 19:03:22 +0000 (20:03 +0100)
diff --git a/src/libstrongswan/plugins/botan/botan_rsa_private_key.c b/src/libstrongswan/plugins/botan/botan_rsa_private_key.c

index 1aa3df8593513cf7052478aa0c8f968d5dd549e6..503122c2afeb7c92b15d64938cacf4cc0564d511 100644 (file)
--- a/src/libstrongswan/plugins/botan/botan_rsa_private_key.c
+++ b/src/libstrongswan/plugins/botan/botan_rsa_private_key.c
@@ -162,6 +162,7 @@ METHOD(private_key_t, decrypt, bool,
         void *params, chunk_t crypto, chunk_t *plain)
  {
         botan_pk_op_decrypt_t decrypt_op;
+       chunk_t label = chunk_empty;
         const char *padding;
  
         switch (scheme)
@@ -190,6 +191,16 @@ METHOD(private_key_t, decrypt, bool,
                         return FALSE;
         }
  
+       if (scheme != ENCRYPT_RSA_PKCS1 && params != NULL)
+       {
+               label = *(chunk_t *)params;
+               if (label.len > 0)
+               {
+                       DBG1(DBG_LIB, "RSA OAEP decryption with a label not supported");
+                       return FALSE;
+               }
+       }
+
         if (botan_pk_op_decrypt_create(&decrypt_op, this->key, padding, 0))
         {
                 return FALSE;
diff --git a/src/libstrongswan/plugins/botan/botan_rsa_public_key.c b/src/libstrongswan/plugins/botan/botan_rsa_public_key.c

index 684727da701bf1cdcd5e6746b5acc69855b09458..3f60f15a15af45d6cf2261299067233e889db7a2 100644 (file)
--- a/src/libstrongswan/plugins/botan/botan_rsa_public_key.c
+++ b/src/libstrongswan/plugins/botan/botan_rsa_public_key.c
@@ -143,6 +143,7 @@ METHOD(public_key_t, encrypt, bool,
  {
         botan_pk_op_encrypt_t encrypt_op;
         botan_rng_t rng;
+       chunk_t label = chunk_empty;
         const char* padding;
  
         switch (scheme)
@@ -171,6 +172,16 @@ METHOD(public_key_t, encrypt, bool,
                         return FALSE;
         }
  
+       if (scheme != ENCRYPT_RSA_PKCS1 && params != NULL)
+       {
+               label = *(chunk_t *)params;
+               if (label.len > 0)
+               {
+                       DBG1(DBG_LIB, "RSA OAEP encryption with a label not supported");
+                       return FALSE;
+               }
+       }
+
         if (!botan_get_rng(&rng, RNG_STRONG))
         {
                 return FALSE;
author	Andreas Steffen <andreas.steffen@strongswan.org>
	Tue, 9 Nov 2021 21:46:14 +0000 (22:46 +0100)
committer	Andreas Steffen <andreas.steffen@strongswan.org>
	Wed, 10 Nov 2021 19:03:22 +0000 (20:03 +0100)
src/libstrongswan/plugins/botan/botan_rsa_private_key.c		patch \| blob \| blame \| history
src/libstrongswan/plugins/botan/botan_rsa_public_key.c		patch \| blob \| blame \| history