Update padding scheme in mock
Merge from widevine repo of http://go/wvgerrit/14370 In order to run on android, we need the mock to compile with BoringSSL, which uses a different function call for RSA_padding_add_PKCS1_PSS. Change-Id: I9cad4e7d5c1d4a3117fe7c0fc1e27590809a7ac3
This commit is contained in:
Fred Gylys-Colwell
@@ -429,6 +429,7 @@ bool SessionContext::GenerateRSASignature(const uint8_t* message,
|
||||
return false;
|
||||
}
|
||||
|
||||
// This is the standard padding scheme used for license requests.
|
||||
if (padding_scheme == kSign_RSASSA_PSS) {
|
||||
// Hash the message using SHA1.
|
||||
uint8_t hash[SHA_DIGEST_LENGTH];
|
||||
@@ -440,8 +441,9 @@ bool SessionContext::GenerateRSASignature(const uint8_t* message,
|
||||
|
||||
// Add PSS padding.
|
||||
std::vector<uint8_t> padded_digest(*signature_length);
|
||||
int status = RSA_padding_add_PKCS1_PSS(rsa_key_, &padded_digest[0], hash,
|
||||
EVP_sha1(), kPssSaltLength);
|
||||
int status = RSA_padding_add_PKCS1_PSS_mgf1(rsa_key_, &padded_digest[0],
|
||||
hash, EVP_sha1(), NULL,
|
||||
kPssSaltLength);
|
||||
if (status == -1) {
|
||||
LOGE("[GeneratRSASignature(): error padding hash.]");
|
||||
dump_openssl_error();
|
||||
@@ -456,6 +458,7 @@ bool SessionContext::GenerateRSASignature(const uint8_t* message,
|
||||
dump_openssl_error();
|
||||
return false;
|
||||
}
|
||||
// This is the alternate padding scheme used by cast receivers only.
|
||||
} else if (padding_scheme == kSign_PKCS1_Block1) {
|
||||
if (message_length > 83) {
|
||||
LOGE("[GeneratRSASignature(): RSA digest too large.]");
|
||||
|
||||
@@ -265,9 +265,9 @@ class CryptoEngine {
|
||||
ActiveSessions sessions_;
|
||||
WvKeybox keybox_;
|
||||
WvTestKeybox test_keybox_;
|
||||
bool use_test_keybox_;
|
||||
wvcdm::Lock session_table_lock_;
|
||||
UsageTable* usage_table_;
|
||||
bool use_test_keybox_;
|
||||
RSA* rsa_key_; // If no keybox, this is baked in certificate.
|
||||
|
||||
CORE_DISALLOW_COPY_AND_ASSIGN(CryptoEngine);
|
||||
|
||||
Reference in New Issue
Block a user