gmp: Add support for static salts when signing with RSA-PSS

diff --git a/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c b/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c
index e24fda8c26a26dbb8a1a6ebba074fd58e7034ce8..aca232c8654058def83c322769d0f01463896937 100644 (file)
--- a/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c
+++ b/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c
@@ -380,7 +380,11 @@ static bool build_emsa_pss_signature(private_gmp_rsa_private_key_t *this,
        }
 
        salt.len = hash.len;
-       if (params->salt_len > RSA_PSS_SALT_LEN_DEFAULT)
+       if (params->salt.len)
+       {
+               salt = params->salt;
+       }
+       else if (params->salt_len > RSA_PSS_SALT_LEN_DEFAULT)
        {
                salt.len = params->salt_len;
        }
@@ -388,7 +392,7 @@ static bool build_emsa_pss_signature(private_gmp_rsa_private_key_t *this,
        {       /* too long */
                goto error;
        }
-       if (salt.len)
+       if (salt.len && !params->salt.len)
        {
                salt = chunk_alloca(salt.len);
                rng = lib->crypto->create_rng(lib->crypto, RNG_STRONG);