aboutsummaryrefslogtreecommitdiffstats
path: root/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c')
-rw-r--r--src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c23
1 files changed, 17 insertions, 6 deletions
diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c
index 5dc0bfd30..c06f43348 100644
--- a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c
+++ b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c
@@ -177,14 +177,25 @@ static bool sign_pkcs1(private_gcrypt_rsa_private_key_t *this,
if (pss)
{
- u_int slen = hasher_hash_size(hash_algorithm);
- if (pss->salt_len > RSA_PSS_SALT_LEN_DEFAULT)
+ if (pss->salt.len)
{
- slen = pss->salt_len;
+ err = gcry_sexp_build(&in, NULL,
+ "(data(flags pss)(salt-length %u)"
+ "(random-override %b)(hash %s %b))",
+ pss->salt.len, pss->salt.len, pss->salt.ptr,
+ hash_name, hash.len, hash.ptr);
+ }
+ else
+ {
+ u_int slen = hasher_hash_size(hash_algorithm);
+ if (pss->salt_len > RSA_PSS_SALT_LEN_DEFAULT)
+ {
+ slen = pss->salt_len;
+ }
+ err = gcry_sexp_build(&in, NULL,
+ "(data(flags pss)(salt-length %u)(hash %s %b))",
+ slen, hash_name, hash.len, hash.ptr);
}
- err = gcry_sexp_build(&in, NULL,
- "(data(flags pss)(salt-length %u)(hash %s %b))",
- slen, hash_name, hash.len, hash.ptr);
}
else
{
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-23 13:48:46 +0000