New commits:
commit b2e5221fa6c2e6c0832b76a5a2dc9308719044b8
Author: Andrew Cagney <[email protected]>
Date: Fri Feb 11 08:52:02 2022 -0500
crypto: split pubkey_signer_rsa three ways
pubkey_signer_raw_rsa:
PK11_Sign()
encrypts just the hash
this is what IKEv1 uses
pubkey_signer_pkcs1_1_5_rsa:
SGN_Digest() (well should)
encrypts <sha1-ans1-blob>+hash
this is what old IKEv2 RSA code uses
pubkey_signer_rsassa_pss:
PK11_SignWithMechanism() but I suspect it should use SGN_Digest()
encrypts something else again + hash
this is what new IKEv2 DIGSIG code uses
See #637 #626
_______________________________________________
Swan-commit mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan-commit
