From: Andreas Steffen Date: Tue, 9 Nov 2021 21:46:14 +0000 (+0100) Subject: botan: RSA OAEP labels are not supported X-Git-Tag: 5.9.5dr2~5^2~4 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=be52ad7c6de70aa1d160ee820c469b03a9ef1732;p=thirdparty%2Fstrongswan.git botan: RSA OAEP labels are not supported --- diff --git a/src/libstrongswan/plugins/botan/botan_rsa_private_key.c b/src/libstrongswan/plugins/botan/botan_rsa_private_key.c index 1aa3df8593..503122c2af 100644 --- a/src/libstrongswan/plugins/botan/botan_rsa_private_key.c +++ b/src/libstrongswan/plugins/botan/botan_rsa_private_key.c @@ -162,6 +162,7 @@ METHOD(private_key_t, decrypt, bool, void *params, chunk_t crypto, chunk_t *plain) { botan_pk_op_decrypt_t decrypt_op; + chunk_t label = chunk_empty; const char *padding; switch (scheme) @@ -190,6 +191,16 @@ METHOD(private_key_t, decrypt, bool, return FALSE; } + if (scheme != ENCRYPT_RSA_PKCS1 && params != NULL) + { + label = *(chunk_t *)params; + if (label.len > 0) + { + DBG1(DBG_LIB, "RSA OAEP decryption with a label not supported"); + return FALSE; + } + } + if (botan_pk_op_decrypt_create(&decrypt_op, this->key, padding, 0)) { return FALSE; diff --git a/src/libstrongswan/plugins/botan/botan_rsa_public_key.c b/src/libstrongswan/plugins/botan/botan_rsa_public_key.c index 684727da70..3f60f15a15 100644 --- a/src/libstrongswan/plugins/botan/botan_rsa_public_key.c +++ b/src/libstrongswan/plugins/botan/botan_rsa_public_key.c @@ -143,6 +143,7 @@ METHOD(public_key_t, encrypt, bool, { botan_pk_op_encrypt_t encrypt_op; botan_rng_t rng; + chunk_t label = chunk_empty; const char* padding; switch (scheme) @@ -171,6 +172,16 @@ METHOD(public_key_t, encrypt, bool, return FALSE; } + if (scheme != ENCRYPT_RSA_PKCS1 && params != NULL) + { + label = *(chunk_t *)params; + if (label.len > 0) + { + DBG1(DBG_LIB, "RSA OAEP encryption with a label not supported"); + return FALSE; + } + } + if (!botan_get_rng(&rng, RNG_STRONG)) { return FALSE;