Hello,
I'm working on CMS rsassa-pss signature validation. I'm using the source
code from the trunk repository of openssl to do so. I've found that there
is a problem when the signature algorithm identifier is
sha1withRSAEncryption instead of RSAEncryption (a bouncy castle signature
for exemple).
this comes from the function
rsa_ameth.c - l701:
static int rsa_cms_verify(CMS_SignerInfo *si)
{
int nid;
X509_ALGOR *alg;
EVP_PKEY_CTX *pkctx = CMS_SignerInfo_get0_pkey_ctx(si);
CMS_SignerInfo_get0_algs(si, NULL, NULL, NULL, &alg);
nid = OBJ_obj2nid(alg->algorithm);
if (nid == NID_rsaEncryption)
return 1;
if (nid == NID_rsassaPss)
return rsa_pss_to_ctx(NULL, pkctx, alg, NULL);
return 0;
}
i think it should be:
static int rsa_cms_verify(CMS_SignerInfo *si)
{
int nid;
X509_ALGOR *alg;
EVP_PKEY_CTX *pkctx = CMS_SignerInfo_get0_pkey_ctx(si);
CMS_SignerInfo_get0_algs(si, NULL, NULL, NULL, &alg);
nid = OBJ_obj2nid(alg->algorithm);
if (nid == NID_rsassaPss)
return rsa_pss_to_ctx(NULL, pkctx, alg, NULL);
return 1;
}
I'm at your disposal if you need sample of such signature.
Kind regards,
Franck Levionnois.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org
