wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-01 19:54:40 +02:00
Code Issues Packages Projects Releases Wiki Activity

Pass the length of the RSA key in bits to PSS padding check in TLS

Browse Source
This commit is contained in:
Sean Parkinson
2019-10-29 10:55:48 +10:00
parent b80b10b980
commit eb03e5de1e
1 changed files with 28 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
src/internal.c
View File

@@ -3843,20 +3843,28 @@ int VerifyRsaSign(WOLFSSL* ssl, byte* verifySig, word32 sigSz,
ret = ssl->ctx->RsaPssSignCheckCb(ssl, verifySig, sigSz, &out, ret = ssl->ctx->RsaPssSignCheckCb(ssl, verifySig, sigSz, &out,
TypeHash(hashAlgo), mgf, TypeHash(hashAlgo), mgf,
keyBuf, keySz, ctx); keyBuf, keySz, ctx);
if (ret > 0) {
ret = wc_RsaPSS_CheckPadding(plain, plainSz, out, ret,
hashType);
if (ret != 0)
ret = VERIFY_CERT_ERROR;
}
} }
else else
#endif /* HAVE_PK_CALLBACKS */ #endif /* HAVE_PK_CALLBACKS */
{ {
ret = wc_RsaPSS_VerifyInline(verifySig, sigSz, &out, hashType, mgf, ret = wc_RsaPSS_VerifyInline(verifySig, sigSz, &out, hashType, mgf,
key); key);
}
if (ret > 0) { if (ret > 0) {
ret = wc_RsaPSS_CheckPadding(plain, plainSz, out, ret, hashType); ret = wc_RsaPSS_CheckPadding_ex(plain, plainSz, out, ret,
hashType, -1,
mp_count_bits(&key->n));
if (ret != 0) if (ret != 0)
ret = VERIFY_CERT_ERROR; ret = VERIFY_CERT_ERROR;
} }
} }
}
else else
#endif /* WC_RSA_PSS */ #endif /* WC_RSA_PSS */
{ {
@@ -19426,6 +19434,9 @@ typedef struct DskeArgs {
word16 sigSz; word16 sigSz;
byte sigAlgo; byte sigAlgo;
byte hashAlgo; byte hashAlgo;
#if !defined(NO_RSA) && defined(WC_RSA_PSS)
int bits;
#endif
} DskeArgs; } DskeArgs;
static void FreeDskeArgs(WOLFSSL* ssl, void* pArgs) static void FreeDskeArgs(WOLFSSL* ssl, void* pArgs)
@@ -20180,6 +20191,9 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
if (ret >= 0) { if (ret >= 0) {
args->sigSz = (word16)ret; args->sigSz = (word16)ret;
#ifdef WC_RSA_PSS
args->bits = mp_count_bits(&ssl->peerRsaKey->n);
#endif
ret = 0; ret = 0;
} }
#ifdef WOLFSSL_ASYNC_CRYPT #ifdef WOLFSSL_ASYNC_CRYPT
@@ -20299,11 +20313,12 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
#ifndef NO_RSA #ifndef NO_RSA
#ifdef WC_RSA_PSS #ifdef WC_RSA_PSS
case rsa_pss_sa_algo: case rsa_pss_sa_algo:
ret = wc_RsaPSS_CheckPadding( ret = wc_RsaPSS_CheckPadding_ex(
ssl->buffers.digest.buffer, ssl->buffers.digest.buffer,
ssl->buffers.digest.length, ssl->buffers.digest.length,
args->output, args->sigSz, args->output, args->sigSz,
HashAlgoToType(args->hashAlgo)); HashAlgoToType(args->hashAlgo),
-1, args->bits);
if (ret != 0) if (ret != 0)
return ret; return ret;
break; break;
@@ -25689,11 +25704,12 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
if (args->sigAlgo == rsa_pss_sa_algo) { if (args->sigAlgo == rsa_pss_sa_algo) {
SetDigest(ssl, args->hashAlgo); SetDigest(ssl, args->hashAlgo);
ret = wc_RsaPSS_CheckPadding( ret = wc_RsaPSS_CheckPadding_ex(
ssl->buffers.digest.buffer, ssl->buffers.digest.buffer,
ssl->buffers.digest.length, ssl->buffers.digest.length,
args->output, args->sigSz, args->output, args->sigSz,
HashAlgoToType(args->hashAlgo)); HashAlgoToType(args->hashAlgo), -1,
mp_count_bits(&ssl->peerRsaKey->n));
if (ret != 0) { if (ret != 0) {
ret = SIG_VERIFY_E; ret = SIG_VERIFY_E;
goto exit_dcv; goto exit_dcv;