aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c8
1 files changed, 3 insertions, 5 deletions
diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c
index 756a033bd..eb051b7ab 100644
--- a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c
+++ b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c
@@ -90,13 +90,11 @@ static bool verify_emsa_pkcs1_signature(private_openssl_rsa_public_key_t *this,
goto error;
}
- /* remove any preceding 0-bytes from signature */
- while (signature.len && *(signature.ptr) == 0x00)
+ /* VerifyFinal expects a signature of exactly RSA size (no leading 0x00) */
+ if (signature.len > RSA_size(this->rsa))
{
- signature.len -= 1;
- signature.ptr++;
+ signature = chunk_skip(signature, signature.len - RSA_size(this->rsa));
}
-
valid = (EVP_VerifyFinal(ctx, signature.ptr, signature.len, key) == 1);
error:
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-19 23:51:15 +0000