From 36dfaf0adbddbb9f1f7852911228b3ab24ba01aa Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Wed, 10 Aug 2016 12:19:10 -0400 Subject: Mixed-mode pkey sign and verify must construct DigestInfo for PKCS #1.5. PKCS #11 expects a DigestInfo rather than a raw digest when passing a pre-computed digest for PKCS #1.5 signature or verification, so the rpc_pkey signature and verification calls do too. This requires special case handling of RSA when the user passes a digest handle in mixed mode. Annoying, but PKCS #1.5 is weird enoug that there's no way to avoid some kind of special case handling, this approach has the advantage of not requiring us to parse and reconstruct the ASN.1, and is probably what PKCS #11 has trained software to expect in any case. --- hal_internal.h | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'hal_internal.h') diff --git a/hal_internal.h b/hal_internal.h index 1c06494..5e08c4e 100644 --- a/hal_internal.h +++ b/hal_internal.h @@ -243,6 +243,18 @@ extern const hal_rpc_pkey_dispatch_t hal_rpc_local_pkey_dispatch, hal_rpc_remote #define HAL_PKEY_HANDLE_PROXIMATE_FLAG (1 << 31) +/* + * Mostly used by the local_pkey code, but the mixed_pkey code needs + * it to pad hashes for RSA PKCS #1.5 signatures. This may indicate + * that we need a slightly more general internal API here, but not + * worth worrying about as long as we can treat RSA as a special case + * and just pass the plain hash for everything else. + */ + +extern hal_error_t hal_rpc_pkey_pkcs1_construct_digestinfo(const hal_hash_handle_t handle, + uint8_t *digest_info, size_t *digest_info_len, + const size_t digest_info_max); + /* * Keystore API. * -- cgit v1.2.3