aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/x509
diff options
context:
space:
mode:
authorJack Lloyd <[email protected]>2019-08-01 09:20:26 -0400
committerJack Lloyd <[email protected]>2019-08-01 09:26:00 -0400
commitcb90f825466b08cf8a64c042e72b40d9191f2033 (patch)
tree14d677e41a51891eafd750c04162a2fdd40a88ac /src/lib/x509
parentfdf9970f921bf6b3e99c2a99ebc251b6e5dd760e (diff)
Updates for GOST 2012 support
GOST uses IEEE style formatting for signatures rather than DER struct. Confirmed using 2012 test certs from CryptoPro GH #1860 #1897
Diffstat (limited to 'src/lib/x509')
-rw-r--r--src/lib/x509/ocsp.cpp2
-rw-r--r--src/lib/x509/x509_obj.cpp5
2 files changed, 3 insertions, 4 deletions
diff --git a/src/lib/x509/ocsp.cpp b/src/lib/x509/ocsp.cpp
index 7907d08e2..249ce7817 100644
--- a/src/lib/x509/ocsp.cpp
+++ b/src/lib/x509/ocsp.cpp
@@ -170,7 +170,7 @@ Certificate_Status_Code Response::verify_signature(const X509_Certificate& issue
return Certificate_Status_Code::OCSP_RESPONSE_INVALID;
std::string padding = sig_info[1];
- Signature_Format format = (pub_key->message_parts() >= 2) ? DER_SEQUENCE : IEEE_1363;
+ const Signature_Format format = pub_key->default_x509_signature_format();
PK_Verifier verifier(*pub_key, padding, format);
diff --git a/src/lib/x509/x509_obj.cpp b/src/lib/x509/x509_obj.cpp
index 74786c224..a48e088ac 100644
--- a/src/lib/x509/x509_obj.cpp
+++ b/src/lib/x509/x509_obj.cpp
@@ -197,8 +197,7 @@ Certificate_Status_Code X509_Object::verify_signature(const Public_Key& pub_key)
else
return Certificate_Status_Code::SIGNATURE_ALGO_BAD_PARAMS;
- const Signature_Format format =
- (pub_key.message_parts() >= 2) ? DER_SEQUENCE : IEEE_1363;
+ const Signature_Format format = pub_key.default_x509_signature_format();
if(padding == "EMSA4")
{
@@ -369,7 +368,7 @@ std::unique_ptr<PK_Signer> X509_Object::choose_sig_format(AlgorithmIdentifier& s
const std::string& hash_fn,
const std::string& padding_algo)
{
- const Signature_Format format = (key.message_parts() > 1) ? DER_SEQUENCE : IEEE_1363;
+ const Signature_Format format = key.default_x509_signature_format();
const std::string emsa = choose_sig_algo(sig_algo, key, hash_fn, padding_algo);