reverted 4541, does not fix the problem
authorMartin Willi <martin@strongswan.org>
Mon, 3 Nov 2008 09:44:20 +0000 (09:44 -0000)
committerMartin Willi <martin@strongswan.org>
Mon, 3 Nov 2008 09:44:20 +0000 (09:44 -0000)
src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c

index 107404f..b4af3dc 100644 (file)
@@ -90,7 +90,15 @@ static bool verify_emsa_pkcs1_signature(private_openssl_rsa_public_key_t *this,
                goto error;
        }
        
+       /* remove any preceding 0-bytes from signature */
+       while (signature.len && *(signature.ptr) == 0x00)
+       {
+               signature.len -= 1;
+               signature.ptr++;
+       }
+       
        valid = (EVP_VerifyFinal(ctx, signature.ptr, signature.len, key) == 1);
+       DBG1("%s sig: %B", valid ? "good" : "bad", &signature);
        
 error:
        if (key)