diff options
| author | Peter Dettman <peter.dettman@bouncycastle.org> | 2021-02-08 12:48:09 +0700 |
|---|---|---|
| committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2021-02-08 12:48:09 +0700 |
| commit | 419fa28b90aec2d8ea3d022a3e72e9e67acb1ace (patch) | |
| tree | 5b3bf0e6171837320e92f3b72c8790aff60667b0 | |
| parent | Merge branch 'fedelippo-bug-sign-alg' into master (diff) | |
| download | BouncyCastle.NET-ed25519-419fa28b90aec2d8ea3d022a3e72e9e67acb1ace.tar.xz | |
Fix CMS RSASSA-PSS verification when no signed attrs
| -rw-r--r-- | crypto/src/cms/SignerInformation.cs | 40 |
1 files changed, 22 insertions, 18 deletions
diff --git a/crypto/src/cms/SignerInformation.cs b/crypto/src/cms/SignerInformation.cs index e8988902b..f6cfd8602 100644 --- a/crypto/src/cms/SignerInformation.cs +++ b/crypto/src/cms/SignerInformation.cs @@ -1,6 +1,5 @@ using System; using System.Collections; -using System.Diagnostics; using System.IO; using Org.BouncyCastle.Asn1; @@ -350,14 +349,22 @@ namespace Org.BouncyCastle.Cms IDigest pssDigest = DigestUtilities.GetDigest(pss.HashAlgorithm.Algorithm); int saltLength = pss.SaltLength.IntValueExact; - byte trailerField = (byte)pss.TrailerField.IntValueExact; - // RFC 4055 3.1 - // The value MUST be 1, which represents the trailer field with hexadecimal value 0xBC - if (trailerField != 1) + // RFC 4055 3.1 + // The value MUST be 1, which represents the trailer field with hexadecimal value 0xBC + if (!Asn1.Pkcs.RsassaPssParameters.DefaultTrailerField.Equals(pss.TrailerField)) throw new CmsException("RSASSA-PSS signature parameters must have trailerField of 1"); - sig = new PssSigner(new RsaBlindedEngine(), pssDigest, saltLength); + IAsymmetricBlockCipher rsa = new RsaBlindedEngine(); + + if (signedAttributeSet == null && digestCalculator != null) + { + sig = PssSigner.CreateRawSigner(rsa, pssDigest, pssDigest, saltLength, PssSigner.TrailerImplicit); + } + else + { + sig = new PssSigner(rsa, pssDigest, saltLength); + } } catch (Exception e) { @@ -481,8 +488,15 @@ namespace Org.BouncyCastle.Cms { if (digestCalculator != null) { - // need to decrypt signature and check message bytes - return VerifyDigest(resultDigest, key, this.GetSignature()); + if (sig is PssSigner) + { + sig.BlockUpdate(resultDigest, 0, resultDigest.Length); + } + else + { + // need to decrypt signature and check message bytes + return VerifyDigest(resultDigest, key, this.GetSignature()); + } } else if (content != null) { @@ -578,16 +592,6 @@ namespace Org.BouncyCastle.Cms return Arrays.ConstantTimeAreEqual(digest, sigHash); } - else if (algorithm.Equals("RSAandMGF1")) - { - ISigner sig = SignerUtilities.GetSigner("NONEWITHRSAPSS"); - - sig.Init(false, key); - - sig.BlockUpdate(digest, 0, digest.Length); - - return sig.VerifySignature(signature); - } else if (algorithm.Equals("DSA")) { ISigner sig = SignerUtilities.GetSigner("NONEwithDSA"); |