From: Tobias Brunner <tobias@strongswan.org>
Date: Tue, 26 Sep 2017 14:44:02 +0000 (+0200)
Subject: gmp: Add support for static salts when signing with RSA-PSS
X-Git-Tag: 5.6.1rc1~6^2~24
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=f241a981aa77bf0e7b66d773b166b2486f305bbd;p=thirdparty%2Fstrongswan.git

gmp: Add support for static salts when signing with RSA-PSS
---

diff --git a/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c b/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c
index e24fda8c26..aca232c865 100644
--- a/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c
+++ b/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c
@@ -380,7 +380,11 @@ static bool build_emsa_pss_signature(private_gmp_rsa_private_key_t *this,
 	}
 
 	salt.len = hash.len;
-	if (params->salt_len > RSA_PSS_SALT_LEN_DEFAULT)
+	if (params->salt.len)
+	{
+		salt = params->salt;
+	}
+	else if (params->salt_len > RSA_PSS_SALT_LEN_DEFAULT)
 	{
 		salt.len = params->salt_len;
 	}
@@ -388,7 +392,7 @@ static bool build_emsa_pss_signature(private_gmp_rsa_private_key_t *this,
 	{	/* too long */
 		goto error;
 	}
-	if (salt.len)
+	if (salt.len && !params->salt.len)
 	{
 		salt = chunk_alloca(salt.len);
 		rng = lib->crypto->create_rng(lib->crypto, RNG_STRONG);