From: Tobias Brunner Date: Mon, 17 Sep 2018 10:57:25 +0000 (+0200) Subject: botan: Share code to generate RSA EMSA PSS signature identifier strings X-Git-Tag: 5.7.0rc2~21 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=dc09570a12713f773ff883769d142aeba6926454;p=thirdparty%2Fstrongswan.git botan: Share code to generate RSA EMSA PSS signature identifier strings --- diff --git a/src/libstrongswan/plugins/botan/botan_rsa_private_key.c b/src/libstrongswan/plugins/botan/botan_rsa_private_key.c index 558bb70f75..bb723ff952 100644 --- a/src/libstrongswan/plugins/botan/botan_rsa_private_key.c +++ b/src/libstrongswan/plugins/botan/botan_rsa_private_key.c @@ -61,14 +61,11 @@ struct private_botan_rsa_private_key_t { }; /** - * Build an EMSA PSS signature described in PKCS#1 + * Get the Botan string identifier for an EMSA PSS signature */ -static bool build_emsa_pss_signature(private_botan_rsa_private_key_t *this, - rsa_pss_params_t *params, chunk_t data, - chunk_t *sig) +bool botan_emsa_pss_identifier(rsa_pss_params_t *params, char *id, size_t len) { const char *hash; - char hash_and_padding[BUF_LEN]; if (!params) { @@ -90,13 +87,25 @@ static bool build_emsa_pss_signature(private_botan_rsa_private_key_t *this, if (params->salt_len > RSA_PSS_SALT_LEN_DEFAULT) { - snprintf(hash_and_padding, sizeof(hash_and_padding), - "EMSA-PSS(%s,MGF1,%u)", hash, params->salt_len); + return snprintf(id, len, "EMSA-PSS(%s,MGF1,%zd)", hash, + params->salt_len) < len; } - else + return snprintf(id, len, "EMSA-PSS(%s,MGF1)", hash) < len; +} + +/** + * Build an EMSA PSS signature described in PKCS#1 + */ +static bool build_emsa_pss_signature(private_botan_rsa_private_key_t *this, + rsa_pss_params_t *params, chunk_t data, + chunk_t *sig) +{ + char hash_and_padding[BUF_LEN]; + + if (!botan_emsa_pss_identifier(params, hash_and_padding, + sizeof(hash_and_padding))) { - snprintf(hash_and_padding, sizeof(hash_and_padding), - "EMSA-PSS(%s,MGF1)", hash); + return FALSE; } return botan_get_signature(this->key, hash_and_padding, data, sig); } diff --git a/src/libstrongswan/plugins/botan/botan_rsa_public_key.c b/src/libstrongswan/plugins/botan/botan_rsa_public_key.c index 6adb1c4b77..c6e2e88612 100644 --- a/src/libstrongswan/plugins/botan/botan_rsa_public_key.c +++ b/src/libstrongswan/plugins/botan/botan_rsa_public_key.c @@ -63,6 +63,11 @@ struct private_botan_rsa_public_key_t { refcount_t ref; }; +/** + * Defined in botan_rsa_private_key.c + */ +bool botan_emsa_pss_identifier(rsa_pss_params_t *params, char *id, size_t len); + /** * Verify RSA signature */ @@ -97,37 +102,13 @@ static bool verify_emsa_pss_signature(private_botan_rsa_public_key_t *this, rsa_pss_params_t *params, chunk_t data, chunk_t signature) { - const char *hash; char hash_and_padding[BUF_LEN]; - if (!params) - { - return FALSE; - } - - /* botan currently does not support passing the mgf1 hash */ - if (params->hash != params->mgf1_hash) - { - DBG1(DBG_LIB, "passing mgf1 hash not supported via botan"); - return FALSE; - } - - hash = botan_get_hash(params->hash); - if (!hash) + if (!botan_emsa_pss_identifier(params, hash_and_padding, + sizeof(hash_and_padding))) { return FALSE; } - - if (params->salt_len > RSA_PSS_SALT_LEN_DEFAULT) - { - snprintf(hash_and_padding, sizeof(hash_and_padding), - "EMSA-PSS(%s,MGF1,%u)", hash, params->salt_len); - } - else - { - snprintf(hash_and_padding, sizeof(hash_and_padding), - "EMSA-PSS(%s,MGF1)", hash); - } return verify_rsa_signature(this, hash_and_padding, data, signature); }