b65c32ec5a
The signatureValue field of a X.509 certificate is encoded as a BIT STRING.
For RSA signatures this BIT STRING is of so-called primitive subtype, which
contains a u8 prefix indicating a count of unused bits in the encoding.
We have to strip this prefix from signature data, just as we already do for
key data in x509_extract_key_data() function.
This wasn't noticed earlier because this prefix byte is zero for RSA key
sizes divisible by 8. Since BIT STRING is a big-endian encoding adding zero
prefixes has no bearing on its value.
The signature length, however was incorrect, which is a problem for RSA
implementations that need it to be exactly correct (like AMD CCP).
Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
Fixes:
|
||
---|---|---|
.. | ||
asymmetric_keys.h | ||
asymmetric_type.c | ||
Kconfig | ||
Makefile | ||
mscode_parser.c | ||
mscode.asn1 | ||
pkcs7_key_type.c | ||
pkcs7_parser.c | ||
pkcs7_parser.h | ||
pkcs7_trust.c | ||
pkcs7_verify.c | ||
pkcs7.asn1 | ||
public_key.c | ||
restrict.c | ||
signature.c | ||
verify_pefile.c | ||
verify_pefile.h | ||
x509_akid.asn1 | ||
x509_cert_parser.c | ||
x509_parser.h | ||
x509_public_key.c | ||
x509.asn1 |