wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-02 20:24:39 +02:00
Code Issues Packages Projects Releases Wiki Activity

use wc_RsaPSS_CheckPadding() for selftest build instead of extended

Browse Source
This commit is contained in:
Chris Conlon
2019-11-05 10:48:36 -07:00
parent e2b7bee9c8
commit e429558166
1 changed files with 21 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
src/internal.c
View File

@@ -3860,9 +3860,14 @@ int VerifyRsaSign(WOLFSSL* ssl, byte* verifySig, word32 sigSz,
ret = wc_RsaPSS_VerifyInline(verifySig, sigSz, &out, hashType, mgf, ret = wc_RsaPSS_VerifyInline(verifySig, sigSz, &out, hashType, mgf,
key); key);
if (ret > 0) { if (ret > 0) {
#ifdef HAVE_SELFTEST
ret = wc_RsaPSS_CheckPadding(plain, plainSz, out, ret,
hashType);
#else
ret = wc_RsaPSS_CheckPadding_ex(plain, plainSz, out, ret, ret = wc_RsaPSS_CheckPadding_ex(plain, plainSz, out, ret,
hashType, -1, hashType, -1,
mp_count_bits(&key->n)); mp_count_bits(&key->n));
#endif
if (ret != 0) if (ret != 0)
ret = VERIFY_CERT_ERROR; ret = VERIFY_CERT_ERROR;
} }
@@ -20350,12 +20355,20 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
#ifndef NO_RSA #ifndef NO_RSA
#ifdef WC_RSA_PSS #ifdef WC_RSA_PSS
case rsa_pss_sa_algo: case rsa_pss_sa_algo:
#ifdef HAVE_SELFTEST
ret = wc_RsaPSS_CheckPadding(
ssl->buffers.digest.buffer,
ssl->buffers.digest.length,
args->output, args->sigSz,
HashAlgoToType(args->hashAlgo));
#else
ret = wc_RsaPSS_CheckPadding_ex( ret = wc_RsaPSS_CheckPadding_ex(
ssl->buffers.digest.buffer, ssl->buffers.digest.buffer,
ssl->buffers.digest.length, ssl->buffers.digest.length,
args->output, args->sigSz, args->output, args->sigSz,
HashAlgoToType(args->hashAlgo), HashAlgoToType(args->hashAlgo),
-1, args->bits); -1, args->bits);
#endif
if (ret != 0) if (ret != 0)
return ret; return ret;
break; break;
@@ -25741,12 +25754,20 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
if (args->sigAlgo == rsa_pss_sa_algo) { if (args->sigAlgo == rsa_pss_sa_algo) {
SetDigest(ssl, args->hashAlgo); SetDigest(ssl, args->hashAlgo);
#ifdef HAVE_SELFTEST
ret = wc_RsaPSS_CheckPadding(
ssl->buffers.digest.buffer,
ssl->buffers.digest.length,
args->output, args->sigSz,
HashAlgoToType(args->hashAlgo));
#else
ret = wc_RsaPSS_CheckPadding_ex( ret = wc_RsaPSS_CheckPadding_ex(
ssl->buffers.digest.buffer, ssl->buffers.digest.buffer,
ssl->buffers.digest.length, ssl->buffers.digest.length,
args->output, args->sigSz, args->output, args->sigSz,
HashAlgoToType(args->hashAlgo), -1, HashAlgoToType(args->hashAlgo), -1,
mp_count_bits(&ssl->peerRsaKey->n)); mp_count_bits(&ssl->peerRsaKey->n));
#endif
if (ret != 0) { if (ret != 0) {
ret = SIG_VERIFY_E; ret = SIG_VERIFY_E;
goto exit_dcv; goto exit_dcv;