OpenSSL requires a signature length of exactly RSA_size()

diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c
index 756a033..eb051b7 100644 (file)
--- a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c
+++ b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c
@@ -90,13 +90,11 @@ static bool verify_emsa_pkcs1_signature(private_openssl_rsa_public_key_t *this,
                goto error;
        }
        
-       /* remove any preceding 0-bytes from signature */
-       while (signature.len && *(signature.ptr) == 0x00)
+       /* VerifyFinal expects a signature of exactly RSA size (no leading 0x00) */
+       if (signature.len > RSA_size(this->rsa))
        {
-               signature.len -= 1;
-               signature.ptr++;
+               signature = chunk_skip(signature, signature.len - RSA_size(this->rsa));
        }
-       
        valid = (EVP_VerifyFinal(ctx, signature.ptr, signature.len, key) == 1);
        
 error: