Add comment about ensuring no other data follows the hash value in PKCS #1

Change-Id: I92419b7d2d8ded8f4868588ad3c24b70ac7f7b1b
Reviewed-on: https://boringssl-review.googlesource.com/14864
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
This commit is contained in:
Steven Valdez 2017-04-10 15:52:19 -04:00 committed by CQ bot account: commit-bot@chromium.org
parent bbba9394c8
commit c196680120

View File

@ -525,6 +525,8 @@ int RSA_verify(int hash_nid, const uint8_t *msg, size_t msg_len,
goto out; goto out;
} }
/* Check that no other information follows the hash value (FIPS 186-4 Section
* 5.5) and it matches the expected hash. */
if (len != signed_msg_len || OPENSSL_memcmp(buf, signed_msg, len) != 0) { if (len != signed_msg_len || OPENSSL_memcmp(buf, signed_msg, len) != 0) {
OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_SIGNATURE); OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_SIGNATURE);
goto out; goto out;