mirror of
git://source.winehq.org/git/wine.git
synced 2024-10-01 19:52:48 +00:00
bcrypt: Pass GNUTLS_VERIFY_ALLOW_BROKEN to gnutls_pubkey_verify_hash2().
This commit is contained in:
parent
650fe1fd78
commit
9af055170e
|
@ -1714,6 +1714,11 @@ static NTSTATUS pubkey_set_rsa_pss_params( gnutls_pubkey_t key, gnutls_digest_al
|
|||
|
||||
static NTSTATUS key_asymmetric_verify( void *args )
|
||||
{
|
||||
#ifdef GNUTLS_VERIFY_ALLOW_BROKEN
|
||||
static const unsigned int verify_flags = GNUTLS_VERIFY_ALLOW_BROKEN;
|
||||
#else
|
||||
static const unsigned int verify_flags = 0;
|
||||
#endif
|
||||
const struct key_asymmetric_verify_params *params = args;
|
||||
struct key *key = params->key;
|
||||
unsigned flags = params->flags;
|
||||
|
@ -1806,8 +1811,8 @@ static NTSTATUS key_asymmetric_verify( void *args )
|
|||
|
||||
gnutls_hash.data = params->hash;
|
||||
gnutls_hash.size = params->hash_len;
|
||||
ret = pgnutls_pubkey_verify_hash2( key_data(key)->a.pubkey, sign_alg, 0, &gnutls_hash, &gnutls_signature );
|
||||
|
||||
ret = pgnutls_pubkey_verify_hash2( key_data(key)->a.pubkey, sign_alg, verify_flags, &gnutls_hash, &gnutls_signature );
|
||||
if (gnutls_signature.data != params->signature) free( gnutls_signature.data );
|
||||
return (ret < 0) ? STATUS_INVALID_SIGNATURE : STATUS_SUCCESS;
|
||||
}
|
||||
|
|
|
@ -2583,12 +2583,25 @@ static void test_RSA(void)
|
|||
ret = BCryptSetProperty(key, BCRYPT_KEY_LENGTH, (UCHAR *)&keylen, sizeof(keylen), 0);
|
||||
ok(ret == STATUS_SUCCESS, "got %#lx\n", ret);
|
||||
|
||||
pad.pszAlgId = BCRYPT_MD5_ALGORITHM;
|
||||
memset(sig, 0, sizeof(sig));
|
||||
len = 0;
|
||||
ret = BCryptSignHash(key, &pad, hash, 16, sig, sizeof(sig), &len, BCRYPT_PAD_PKCS1);
|
||||
ok(!ret, "got %#lx\n", ret);
|
||||
ok(len == 256, "got %lu\n", len);
|
||||
pad.pszAlgId = BCRYPT_MD5_ALGORITHM;
|
||||
ret = BCryptVerifySignature(key, &pad, hash, 16, sig, len, BCRYPT_PAD_PKCS1);
|
||||
ok(!ret, "BCryptVerifySignature failed: %#lx\n", ret);
|
||||
|
||||
pad.pszAlgId = BCRYPT_SHA1_ALGORITHM;
|
||||
memset(sig, 0, sizeof(sig));
|
||||
len = 0;
|
||||
ret = BCryptSignHash(key, &pad, hash, sizeof(hash), sig, sizeof(sig), &len, BCRYPT_PAD_PKCS1);
|
||||
ok(!ret, "got %#lx\n", ret);
|
||||
ok(len == 256, "got %lu\n", len);
|
||||
pad.pszAlgId = BCRYPT_SHA1_ALGORITHM;
|
||||
ret = BCryptVerifySignature(key, &pad, hash, sizeof(hash), sig, len, BCRYPT_PAD_PKCS1);
|
||||
ok(!ret, "BCryptVerifySignature failed: %#lx\n", ret);
|
||||
|
||||
pad_pss.pszAlgId = BCRYPT_SHA384_ALGORITHM;
|
||||
pad_pss.cbSalt = 48;
|
||||
|
|
Loading…
Reference in a new issue