RSA: Use hashlen as the hash input size as documented

Where hashlen was previously ignored when the hash length could be inferred from an md_alg parameter, the two must now match. Adapt the existing tests accordingly. Adapt the sample programs accordingly. This commit does not add any negative testing. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2025-07-30 22:43:08 +03:00 · 2021-06-22 18:39:53 +02:00
parent 9dbbc297a3
commit 6e3187b212
9 changed files with 71 additions and 56 deletions
--- a/programs/pkey/dh_server.c
+++ b/programs/pkey/dh_server.c
@ -229,7 +229,7 @@ int main( void )
    buf[n + 1] = (unsigned char)( rsa.MBEDTLS_PRIVATE(len)      );

    if( ( ret = mbedtls_rsa_pkcs1_sign( &rsa, NULL, NULL, MBEDTLS_MD_SHA256,
-                                0, hash, buf + n + 2 ) ) != 0 )
+                                32, hash, buf + n + 2 ) ) != 0 )
    {
        mbedtls_printf( " failed\n  ! mbedtls_rsa_pkcs1_sign returned %d\n\n", ret );
        goto exit;