Use variants of the PKCS#1 PSS functions that specify the MGF1 hash

BoringSSL removes the variants that had been used, in which the hash is given a default value. This change makes the code more compatible with BoringSSL. Change-Id: I665084c2e71593db1afd6baf182224fe0d23c944
2015-06-09 18:34:32 -07:00 · 2015-06-09 18:34:32 -07:00 · b87d27a23b
parent 4cb5326355
commit b87d27a23b
1 changed files with 4 additions and 2 deletions
--- a/packager/media/base/rsa_key.cc
+++ b/packager/media/base/rsa_key.cc
@ -140,11 +140,12 @@ bool RsaPrivateKey::GenerateSignature(const std::string& message,
  // Add PSS padding.
  size_t rsa_size = RSA_size(rsa_key_);
  std::vector<uint8_t> padded_digest(rsa_size);
-  if (!RSA_padding_add_PKCS1_PSS(
+  if (!RSA_padding_add_PKCS1_PSS_mgf1(
          rsa_key_,
          &padded_digest[0],
          reinterpret_cast<uint8_t*>(string_as_array(&message_digest)),
          EVP_sha1(),
+          EVP_sha1(),
          kPssSaltLength)) {
    LOG(ERROR) << "RSA padding failure: " << ERR_error_string(ERR_get_error(),
                                                              NULL);
@ -238,10 +239,11 @@ bool RsaPublicKey::VerifySignature(const std::string& message,
  std::string message_digest = base::SHA1HashString(message);

  // Verify PSS padding.
-  return RSA_verify_PKCS1_PSS(
+  return RSA_verify_PKCS1_PSS_mgf1(
             rsa_key_,
             reinterpret_cast<const uint8_t*>(message_digest.data()),
             EVP_sha1(),
+             EVP_sha1(),
             &padded_digest[0],
             kPssSaltLength) != 0;
 }