@@ -69,19 +69,20 @@ int software_key_determine_akcipher(const char *encoding,
{
int n;
- if (strcmp(encoding, "pkcs1") == 0) {
+ if (strcmp(encoding, "pkcs1") == 0 || strcmp(encoding, "pss") == 0) {
/* The data wangled by the RSA algorithm is typically padded
* and encoded in some manner, such as EMSA-PKCS1-1_5 [RFC3447
- * sec 8.2].
+ * sec 8.2] or EMSA-PSS [RFC8017 sec 9.1].
*/
if (!hash_algo)
n = snprintf(alg_name, CRYPTO_MAX_ALG_NAME,
- "pkcs1pad(%s)",
+ "%spad(%s)",
+ encoding,
pkey->pkey_algo);
else
n = snprintf(alg_name, CRYPTO_MAX_ALG_NAME,
- "pkcs1pad(%s,%s)",
- pkey->pkey_algo, hash_algo);
+ "%spad(%s,%s)",
+ encoding, pkey->pkey_algo, hash_algo);
return n >= CRYPTO_MAX_ALG_NAME ? -EINVAL : 0;
}
@@ -363,6 +364,13 @@ int public_key_verify_signature(const struct public_key *pkey,
goto error_free_key;
}
+ if (strcmp(sig->encoding, "pss") == 0) {
+ ret = crypto_akcipher_set_sig_params(tfm, sig, sizeof(*sig));
+ if (ret) {
+ goto error_free_key;
+ }
+ }
+
sg_init_table(src_sg, 2);
sg_set_buf(&src_sg[0], sig->s, sig->s_size);
sg_set_buf(&src_sg[1], sig->digest, sig->digest_size);