pki: Enable PSS padding if enabled in strongswan.conf

author: Tobias Brunner <tobias@strongswan.org> 2017-10-30 17:54:44 +0100
committer: Tobias Brunner <tobias@strongswan.org> 2017-11-08 16:48:10 +0100
commit: 27a79326c750b6f2548d1993298746f10a1b1b2b (patch)
tree: fd6e0724870a444c011ae0979e191ec6ff584559 /src
parent: d57af8dde09960ae4ae10e7b487d58638da21c93 (diff)
download: strongswan-27a79326c750b6f2548d1993298746f10a1b1b2b.tar.bz2
strongswan-27a79326c750b6f2548d1993298746f10a1b1b2b.tar.xz
5 files changed, 11 insertions, 5 deletions
diff --git a/src/pki/commands/acert.c b/src/pki/commands/acert.c
index 992237e2d..d1ea5c65e 100644
--- a/src/pki/commands/acert.c
+++ b/src/pki/commands/acert.c
@@ -45,7 +45,8 @@ static int acert()
 	char *datenb = NULL, *datena = NULL, *dateform = NULL;
 	rng_t *rng;
 	char *arg;
-	bool pss = FALSE;
+	bool pss = lib->settings->get_bool(lib->settings, "%s.rsa_pss", FALSE,
+									   lib->ns);
 
 	groups = linked_list_create();
 
diff --git a/src/pki/commands/issue.c b/src/pki/commands/issue.c
index ab6e97b83..1ccbca89f 100644
--- a/src/pki/commands/issue.c
+++ b/src/pki/commands/issue.c
@@ -67,7 +67,7 @@ static int issue()
 	public_key_t *public = NULL;
 	credential_type_t type = CRED_PUBLIC_KEY;
 	key_type_t subtype = KEY_ANY;
-	bool pkcs10 = FALSE, pss = FALSE;
+	bool pkcs10 = FALSE;
 	char *file = NULL, *dn = NULL, *hex = NULL, *cacert = NULL, *cakey = NULL;
 	char *error = NULL, *keyid = NULL;
 	identification_t *id = NULL;
@@ -85,6 +85,8 @@ static int issue()
 	x509_cert_policy_t *policy = NULL;
 	traffic_selector_t *ts;
 	char *arg;
+	bool pss = lib->settings->get_bool(lib->settings, "%s.rsa_pss", FALSE,
+									   lib->ns);
 
 	san = linked_list_create();
 	cdps = linked_list_create();
diff --git a/src/pki/commands/req.c b/src/pki/commands/req.c
index 4a63091c8..cfddbc455 100644
--- a/src/pki/commands/req.c
+++ b/src/pki/commands/req.c
@@ -39,7 +39,8 @@ static int req()
 	chunk_t encoding = chunk_empty;
 	chunk_t challenge_password = chunk_empty;
 	char *arg;
-	bool pss = FALSE;
+	bool pss = lib->settings->get_bool(lib->settings, "%s.rsa_pss", FALSE,
+									   lib->ns);
 
 	san = linked_list_create();
 
diff --git a/src/pki/commands/self.c b/src/pki/commands/self.c
index 763f0473e..6f7adef0f 100644
--- a/src/pki/commands/self.c
+++ b/src/pki/commands/self.c
@@ -71,7 +71,8 @@ static int self()
 	x509_cert_policy_t *policy = NULL;
 	traffic_selector_t *ts;
 	char *arg;
-	bool pss = FALSE;
+	bool pss = lib->settings->get_bool(lib->settings, "%s.rsa_pss", FALSE,
+									   lib->ns);
 
 	san = linked_list_create();
 	ocsp = linked_list_create();
diff --git a/src/pki/commands/signcrl.c b/src/pki/commands/signcrl.c
index e0a9a1deb..50f939687 100644
--- a/src/pki/commands/signcrl.c
+++ b/src/pki/commands/signcrl.c
@@ -134,7 +134,8 @@ static int sign_crl()
 	x509_cdp_t *cdp;
 	chunk_t crl_serial = chunk_empty, baseCrlNumber = chunk_empty;
 	chunk_t encoding = chunk_empty;
-	bool pss = FALSE;
+	bool pss = lib->settings->get_bool(lib->settings, "%s.rsa_pss", FALSE,
+									   lib->ns);
 
 	list = linked_list_create();
 	cdps = linked_list_create();
author	Tobias Brunner <tobias@strongswan.org>	2017-10-30 17:54:44 +0100
committer	Tobias Brunner <tobias@strongswan.org>	2017-11-08 16:48:10 +0100
commit	27a79326c750b6f2548d1993298746f10a1b1b2b (patch)
tree	fd6e0724870a444c011ae0979e191ec6ff584559 /src
parent	d57af8dde09960ae4ae10e7b487d58638da21c93 (diff)
download	strongswan-27a79326c750b6f2548d1993298746f10a1b1b2b.tar.bz2 strongswan-27a79326c750b6f2548d1993298746f10a1b1b2b.tar.xz