"2139aa8c314f8aeb3c87203abb88741844332f28" (history) in projects: optee_os

Searched hist:"2139 aa8c314f8aeb3c87203abb88741844332f28" (Results 1 – 1 of 1) sorted by relevance

/optee_os/core/crypto/
H A D	signed_hdr.c	2139aa8c314f8aeb3c87203abb88741844332f28 Mon Nov 25 15:04:42 UTC 2019 Jens Wiklander <jens.wiklander@linaro.org> core: shdr_verify_signature() supply hash length for salt length In order to support the TEE_ALG_RSASSA_PKCS1_PSS_MGF1_* group of algorithms supply the size of the hash as the size of the salt to crypto_acipher_rsassa_verify(). A salt is something introduced by PCKS1_PSS, PKCS1_V1.5 does not have a salt and the parameter will be ignored by crypto_acipher_rsassa_verify() for the latter. With the PCKS1_PSS algorithm it is common practice to use a salt with the same size as the hash, but it is not a requirement. The implementation here depends on using a salt with the same size as the hash. This is a compromise to avoid extending the signed header with a salt length field. Reviewed-by: Jerome Forissier <jerome@forissier.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>