- Added alternative for SHA1 signature structure to check for (without NULL)

commit: 56a7684023cc9cd1da93beb2a46e5bf4704387e0 [log] [tgz]
author: Paul Bakker <p.j.bakker@polarssl.org> Thu Mar 22 15:31:27 2012 +0000
committer: Paul Bakker <p.j.bakker@polarssl.org> Thu Mar 22 15:31:27 2012 +0000
tree: 2b71777bdae0170837b1f071d0e4c33696fc2071
parent: 7beceb2e2b6ef76d840d0787dfbceed36b8c2af6 [diff] [blame]
diff --git a/library/rsa.c b/library/rsa.c
index ed1f45b..72806e1 100644
--- a/library/rsa.c
+++ b/library/rsa.c

@@ -860,6 +860,14 @@
 
             len = siglen - ( p - buf );
 
+            if( len == 33 && hash_id == SIG_RSA_SHA1 )
+            {
+                if( memcmp( p, ASN1_HASH_SHA1_ALT, 13 ) == 0 &&
+                        memcmp( p + 13, hash, 20 ) == 0 )
+                    return( 0 );
+                else
+                    return( POLARSSL_ERR_RSA_VERIFY_FAILED );
+            }
             if( len == 34 )
             {
                 c = p[13];
commit	56a7684023cc9cd1da93beb2a46e5bf4704387e0	[log] [tgz]
author	Paul Bakker <p.j.bakker@polarssl.org>	Thu Mar 22 15:31:27 2012 +0000
committer	Paul Bakker <p.j.bakker@polarssl.org>	Thu Mar 22 15:31:27 2012 +0000
tree	2b71777bdae0170837b1f071d0e4c33696fc2071
parent	7beceb2e2b6ef76d840d0787dfbceed36b8c2af6 [diff] [blame]