- Added alternative for SHA1 signature structure to check for (without NULL)

2024-11-22 14:25:40 +01:00 · 2012-03-22 15:31:27 +00:00 · 2012-03-22 15:31:27 +00:00 · 56a7684023
commit 56a7684023
parent 7beceb2e2b
2 changed files with 15 additions and 0 deletions
--- a/include/polarssl/rsa.h
+++ b/include/polarssl/rsa.h
@ -114,6 +114,13 @@
        ASN1_STR_NULL "\x00"                    \
      ASN1_STR_OCTET_STRING "\x14"

+#define ASN1_HASH_SHA1_ALT                      \
+    ASN1_STR_CONSTRUCTED_SEQUENCE "\x1F"        \
+      ASN1_STR_CONSTRUCTED_SEQUENCE "\x07"      \
+        ASN1_STR_OID "\x05"                     \
+      OID_HASH_ALG_SHA1                         \
+      ASN1_STR_OCTET_STRING "\x14"
+
 #define ASN1_HASH_SHA2X                         \
    ASN1_STR_CONSTRUCTED_SEQUENCE "\x11"        \
      ASN1_STR_CONSTRUCTED_SEQUENCE "\x0d"      \
--- a/library/rsa.c
+++ b/library/rsa.c
@ -860,6 +860,14 @@ int rsa_pkcs1_verify( rsa_context *ctx,

            len = siglen - ( p - buf );

+            if( len == 33 && hash_id == SIG_RSA_SHA1 )
+            {
+                if( memcmp( p, ASN1_HASH_SHA1_ALT, 13 ) == 0 &&
+                        memcmp( p + 13, hash, 20 ) == 0 )
+                    return( 0 );
+                else
+                    return( POLARSSL_ERR_RSA_VERIFY_FAILED );
+            }
            if( len == 34 )
            {
                c = p[13];