EVP_MD_CTX *ctx = EVP_MD_CTX_new();
unsigned char H_[EVP_MAX_MD_SIZE];
-
if (ctx == NULL)
goto err;
* -2 salt length is autorecovered from signature
* -N reserved
*/
- if (sLen == -1)
+ if (sLen == RSA_PSS_SALTLEN_DIGEST)
sLen = hLen;
- else if (sLen == -2)
- sLen = -2;
- else if (sLen < -2) {
+ else if (sLen < RSA_PSS_SALTLEN_MAX) {
RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_SLEN_CHECK_FAILED);
goto err;
}
EM++;
emLen--;
}
- if (emLen < (hLen + sLen + 2)) { /* sLen can be small negative */
+ if (sLen == RSA_PSS_SALTLEN_MAX) {
+ sLen = emLen - hLen - 2;
+ } else if (emLen < (hLen + sLen + 2)) { /* sLen can be small negative */
RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_DATA_TOO_LARGE);
goto err;
}
RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_SLEN_RECOVERY_FAILED);
goto err;
}
- if (sLen >= 0 && (maskedDBLen - i) != sLen) {
+ if (sLen != RSA_PSS_SALTLEN_AUTO && (maskedDBLen - i) != sLen) {
RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_SLEN_CHECK_FAILED);
goto err;
}
* -2 salt length is maximized
* -N reserved
*/
- if (sLen == -1)
+ if (sLen == RSA_PSS_SALTLEN_DIGEST)
sLen = hLen;
- else if (sLen == -2)
- sLen = -2;
- else if (sLen < -2) {
+ else if (sLen == RSA_PSS_SALTLEN_MAX_SIGN)
+ sLen = RSA_PSS_SALTLEN_MAX;
+ else if (sLen < RSA_PSS_SALTLEN_MAX) {
RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1, RSA_R_SLEN_CHECK_FAILED);
goto err;
}
*EM++ = 0;
emLen--;
}
- if (sLen == -2) {
+ if (sLen == RSA_PSS_SALTLEN_MAX) {
sLen = emLen - hLen - 2;
} else if (emLen < (hLen + sLen + 2)) {
RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1,