diff options
author | Jack Lloyd <[email protected]> | 2019-08-01 09:20:26 -0400 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2019-08-01 09:26:00 -0400 |
commit | cb90f825466b08cf8a64c042e72b40d9191f2033 (patch) | |
tree | 14d677e41a51891eafd750c04162a2fdd40a88ac /src/lib/x509 | |
parent | fdf9970f921bf6b3e99c2a99ebc251b6e5dd760e (diff) |
Updates for GOST 2012 support
GOST uses IEEE style formatting for signatures rather than DER struct.
Confirmed using 2012 test certs from CryptoPro
GH #1860 #1897
Diffstat (limited to 'src/lib/x509')
-rw-r--r-- | src/lib/x509/ocsp.cpp | 2 | ||||
-rw-r--r-- | src/lib/x509/x509_obj.cpp | 5 |
2 files changed, 3 insertions, 4 deletions
diff --git a/src/lib/x509/ocsp.cpp b/src/lib/x509/ocsp.cpp index 7907d08e2..249ce7817 100644 --- a/src/lib/x509/ocsp.cpp +++ b/src/lib/x509/ocsp.cpp @@ -170,7 +170,7 @@ Certificate_Status_Code Response::verify_signature(const X509_Certificate& issue return Certificate_Status_Code::OCSP_RESPONSE_INVALID; std::string padding = sig_info[1]; - Signature_Format format = (pub_key->message_parts() >= 2) ? DER_SEQUENCE : IEEE_1363; + const Signature_Format format = pub_key->default_x509_signature_format(); PK_Verifier verifier(*pub_key, padding, format); diff --git a/src/lib/x509/x509_obj.cpp b/src/lib/x509/x509_obj.cpp index 74786c224..a48e088ac 100644 --- a/src/lib/x509/x509_obj.cpp +++ b/src/lib/x509/x509_obj.cpp @@ -197,8 +197,7 @@ Certificate_Status_Code X509_Object::verify_signature(const Public_Key& pub_key) else return Certificate_Status_Code::SIGNATURE_ALGO_BAD_PARAMS; - const Signature_Format format = - (pub_key.message_parts() >= 2) ? DER_SEQUENCE : IEEE_1363; + const Signature_Format format = pub_key.default_x509_signature_format(); if(padding == "EMSA4") { @@ -369,7 +368,7 @@ std::unique_ptr<PK_Signer> X509_Object::choose_sig_format(AlgorithmIdentifier& s const std::string& hash_fn, const std::string& padding_algo) { - const Signature_Format format = (key.message_parts() > 1) ? DER_SEQUENCE : IEEE_1363; + const Signature_Format format = key.default_x509_signature_format(); const std::string emsa = choose_sig_algo(sig_algo, key, hash_fn, padding_algo); |