generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Additional compatibility fix for MDC2 signature format.

Browse Source 
Update RSA EVP_PKEY_METHOD to use the OCTET STRING form of MDC2 signature:
this will make all versions of MDC2 signature equivalent.
This commit is contained in:
Dr. Stephen Henson 2012-02-15 14:27:25 +00:00
parent 83cb7c4635
commit 5863163732
2 changed files with 18 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CHANGES
View File

@ -274,6 +274,10 @@
the correct format in RSA_verify so both forms transparently work. the correct format in RSA_verify so both forms transparently work.
[Steve Henson] [Steve Henson]
*) Add compatibility with old MDC2 signatures which use an ASN1 OCTET
STRING form instead of a DigestInfo.
[Steve Henson]
*) Some servers which support TLS 1.0 can choke if we initially indicate *) Some servers which support TLS 1.0 can choke if we initially indicate
support for TLS 1.2 and later renegotiate using TLS 1.0 in the RSA support for TLS 1.2 and later renegotiate using TLS 1.0 in the RSA
encrypted premaster secret. As a workaround use the maximum pemitted encrypted premaster secret. As a workaround use the maximum pemitted

15
crypto/rsa/rsa_pmeth.c
View File

@ -169,7 +169,20 @@ static int pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
RSA_R_INVALID_DIGEST_LENGTH); RSA_R_INVALID_DIGEST_LENGTH);
return -1; return -1;
} }
if (rctx->pad_mode == RSA_X931_PADDING)
if (EVP_MD_type(rctx->md) == NID_mdc2)
{
unsigned int sltmp;
if (rctx->pad_mode != RSA_PKCS1_PADDING)
return -1;
ret = RSA_sign_ASN1_OCTET_STRING(NID_mdc2,
tbs, tbslen, sig, &sltmp, rsa);
if (ret <= 0)
return ret;
ret = sltmp;
}
else if (rctx->pad_mode == RSA_X931_PADDING)
{ {
if (!setup_tbuf(rctx, ctx)) if (!setup_tbuf(rctx, ctx))
return -1; return -1;