summaryrefslogtreecommitdiff
path: root/src/pki/pki.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/pki/pki.c')
-rw-r--r--src/pki/pki.c28
1 files changed, 26 insertions, 2 deletions
diff --git a/src/pki/pki.c b/src/pki/pki.c
index ec60f7d42..d03e96f9b 100644
--- a/src/pki/pki.c
+++ b/src/pki/pki.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2012-2017 Tobias Brunner
+ * Copyright (C) 2012-2018 Tobias Brunner
* Copyright (C) 2009 Martin Willi
* HSR Hochschule fuer Technik Rapperswil
*
@@ -264,7 +264,30 @@ static hash_algorithm_t get_default_digest(private_key_t *private)
signature_params_t *get_signature_scheme(private_key_t *private,
hash_algorithm_t digest, bool pss)
{
- signature_params_t *scheme;
+ signature_params_t *scheme, *selected = NULL;
+ enumerator_t *enumerator;
+
+ if (private->supported_signature_schemes)
+ {
+ enumerator = private->supported_signature_schemes(private);
+ while (enumerator->enumerate(enumerator, &scheme))
+ {
+ if (private->get_type(private) == KEY_RSA &&
+ pss != (scheme->scheme == SIGN_RSA_EMSA_PSS))
+ {
+ continue;
+ }
+ if (digest == HASH_UNKNOWN ||
+ digest == hasher_from_signature_scheme(scheme->scheme,
+ scheme->params))
+ {
+ selected = signature_params_clone(scheme);
+ break;
+ }
+ }
+ enumerator->destroy(enumerator);
+ return selected;
+ }
if (digest == HASH_UNKNOWN)
{
@@ -281,6 +304,7 @@ signature_params_t *get_signature_scheme(private_key_t *private,
.scheme = SIGN_RSA_EMSA_PSS,
.params = &pss_params,
};
+ rsa_pss_params_set_salt_len(&pss_params, 0);
scheme = signature_params_clone(&pss_scheme);
}
else
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-20 11:58:17 +0000