OpenSSL requires a signature length of exactly RSA_size()

author: Martin Willi <martin@strongswan.org> 2008-11-04 14:05:42 +0000
committer: Martin Willi <martin@strongswan.org> 2008-11-04 14:05:42 +0000
commit: 7854475f422584e161cbbeddd05e86f96a21169e (patch)
tree: aa865eb2130fa35e8c872f975563396cbec10c44 /src/libstrongswan
parent: d4f08fe324ea2d509955eca93af34bc0684beed0 (diff)
download: strongswan-7854475f422584e161cbbeddd05e86f96a21169e.tar.bz2
strongswan-7854475f422584e161cbbeddd05e86f96a21169e.tar.xz
1 files changed, 3 insertions, 5 deletions
diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c
index 756a033bd..eb051b7ab 100644
--- a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c
+++ b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c
@@ -90,13 +90,11 @@ static bool verify_emsa_pkcs1_signature(private_openssl_rsa_public_key_t *this,
 		goto error;
 	}
 	
-	/* remove any preceding 0-bytes from signature */
-	while (signature.len && *(signature.ptr) == 0x00)
+	/* VerifyFinal expects a signature of exactly RSA size (no leading 0x00) */
+	if (signature.len > RSA_size(this->rsa))
 	{
-		signature.len -= 1;
-		signature.ptr++;
+		signature = chunk_skip(signature, signature.len - RSA_size(this->rsa));
 	}
-	
 	valid = (EVP_VerifyFinal(ctx, signature.ptr, signature.len, key) == 1);
 	
 error:
author	Martin Willi <martin@strongswan.org>	2008-11-04 14:05:42 +0000
committer	Martin Willi <martin@strongswan.org>	2008-11-04 14:05:42 +0000
commit	7854475f422584e161cbbeddd05e86f96a21169e (patch)
tree	aa865eb2130fa35e8c872f975563396cbec10c44 /src/libstrongswan
parent	d4f08fe324ea2d509955eca93af34bc0684beed0 (diff)
download	strongswan-7854475f422584e161cbbeddd05e86f96a21169e.tar.bz2 strongswan-7854475f422584e161cbbeddd05e86f96a21169e.tar.xz