Skip to content

Commit

Permalink
changing the condition on pss salt and mgf1, and raising an error if …
Browse files Browse the repository at this point in the history 
…the right pss is not found

Signed-off-by: feventura <[email protected]>
  • Loading branch information
@feventura
feventura committed Jul 25, 2024
1 parent 8cd3e10 commit 3f32c92
Showing 1 changed file with 25 additions and 8 deletions.
33 changes: 25 additions & 8 deletions oqsprov/oqs_sig.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -517,12 +517,21 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen,
if (!strncmp(name, "pss", 3)) {
int salt;
const EVP_MD *pss_mgf1;
if (name[3] == '3') { // pss3072
if (!strncmp(name, "pss3072", 7)) {
salt = 64;
pss_mgf1 = EVP_sha512();
} else { // pss2048
salt = 32;
pss_mgf1 = EVP_sha256();
} else {
if (!strncmp(name, "pss2048", 7)) {
salt = 32;
pss_mgf1 = EVP_sha256();
} else {
ERR_raise(ERR_LIB_USER, ERR_R_FATAL);
CompositeSignature_free(compsig);
OPENSSL_free(final_tbs);
OPENSSL_free(name);
OPENSSL_free(buf);
goto endsign;
}
}
if ((EVP_PKEY_CTX_set_rsa_padding(classical_ctx_sign,
RSA_PKCS1_PSS_PADDING)
Expand Down Expand Up @@ -871,12 +880,20 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig,
if (!strncmp(name, "pss", 3)) {
int salt;
const EVP_MD *pss_mgf1;
if (name[3] == '3') { // pss3072
if (!strncmp(name, "pss3072", 7)) {
salt = 64;
pss_mgf1 = EVP_sha512();
} else { // pss2048
salt = 32;
pss_mgf1 = EVP_sha256();
} else {
if (!strncmp(name, "pss2048", 7)) {
salt = 32;
pss_mgf1 = EVP_sha256();
} else {
ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR);
OPENSSL_free(name);
CompositeSignature_free(compsig);
OPENSSL_free(final_tbs);
goto endverify;
}
}
if ((EVP_PKEY_CTX_set_rsa_padding(ctx_verify,
RSA_PKCS1_PSS_PADDING)
Expand Down

0 comments on commit 3f32c92

Please sign in to comment.