diff options
author | Vitezslav Cizek <vcizek@suse.com> | 2015-10-30 17:34:04 +0100 |
---|---|---|
committer | Werner Koch <wk@gnupg.org> | 2016-03-18 16:32:29 +0100 |
commit | 0bd8137e68c201b6c2290710e348aaf57efa2b2e (patch) | |
tree | b69006b04e78bcdd8c942a20af77c3341741a7e7 /cipher/pubkey-util.c | |
parent | 2e139456369a834cf87d983da4f61241fda76efe (diff) | |
download | libgcrypt-0bd8137e68c201b6c2290710e348aaf57efa2b2e.tar.gz |
cipher: Add option to specify salt length for PSS verification.
* cipher/pubkey-util.c (_gcry_pk_util_data_to_mpi): Check for
salt-length token.
--
Add possibility to use a different salt length for RSASSA-PSS
verification instead of the default 20.
Signed-off-by: Vitezslav Cizek <vcizek@suse.com>
Additional changes by wk:
- Detect overlong salt-length
- Release LIST on error.
Signed-off-by: Werner Koch <wk@gnupg.org>
Diffstat (limited to 'cipher/pubkey-util.c')
-rw-r--r-- | cipher/pubkey-util.c | 27 |
1 files changed, 26 insertions, 1 deletions
diff --git a/cipher/pubkey-util.c b/cipher/pubkey-util.c index 76d39232..c40ef977 100644 --- a/cipher/pubkey-util.c +++ b/cipher/pubkey-util.c @@ -665,7 +665,7 @@ _gcry_pk_util_free_encoding_ctx (struct pk_encoding_ctx *ctx) LABEL is specific to OAEP. - SALT-LENGTH is for PSS. + SALT-LENGTH is for PSS it is limited to 16384 bytes. RANDOM-OVERRIDE is used to replace random nonces for regression testing. */ @@ -1068,6 +1068,31 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi, rc = GPG_ERR_DIGEST_ALGO; else { + gcry_sexp_t list; + /* Get SALT-LENGTH. */ + list = sexp_find_token (ldata, "salt-length", 0); + if (list) + { + unsigned long ul; + + s = sexp_nth_data (list, 1, &n); + if (!s) + { + rc = GPG_ERR_NO_OBJ; + sexp_release (list); + goto leave; + } + ul = strtoul (s, NULL, 10); + if (ul > 16384) + { + rc = GPG_ERR_TOO_LARGE; + sexp_release (list); + goto leave; + } + ctx->saltlen = ul; + sexp_release (list); + } + *ret_mpi = sexp_nth_mpi (lhash, 2, GCRYMPI_FMT_USG); if (!*ret_mpi) rc = GPG_ERR_INV_OBJ; |