diff options
author | Shawn Willden <swillden@google.com> | 2015-07-28 18:54:18 +0000 |
---|---|---|
committer | Android (Google) Code Review <android-gerrit@google.com> | 2015-07-28 18:54:18 +0000 |
commit | 3ac35814df71dce203c9b3cc1a937b178f7dc9c7 (patch) | |
tree | 420fc62dec64a31b6c1c9065c5a3c0d8820f7add | |
parent | 0e0cea3bc8aea903a50c1ee18e9f3309e9f67515 (diff) | |
parent | 53488c665d57bf64ed7cf45b72599cff29c517c3 (diff) | |
download | keymaster-3ac35814df71dce203c9b3cc1a937b178f7dc9c7.tar.gz |
Merge "Use minimum 20 bytes salt for RSA PSS." into mnc-dev
-rw-r--r-- | android_keymaster_test.cpp | 2 | ||||
-rw-r--r-- | rsa_operation.cpp | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/android_keymaster_test.cpp b/android_keymaster_test.cpp index 96fc8b2..13ff796 100644 --- a/android_keymaster_test.cpp +++ b/android_keymaster_test.cpp @@ -1374,7 +1374,7 @@ TEST_P(VerificationOperationsTest, RsaAllDigestAndPadCombinations) { key_bits = digest_bits + 8 * (11 + 19); break; case KM_PAD_RSA_PSS: - key_bits = digest_bits + 8 * 10; + key_bits = digest_bits + 22 * 8; break; default: FAIL() << "Missing padding"; diff --git a/rsa_operation.cpp b/rsa_operation.cpp index d9217fd..20ef45f 100644 --- a/rsa_operation.cpp +++ b/rsa_operation.cpp @@ -31,7 +31,7 @@ namespace keymaster { const size_t kPssOverhead = 2; -const size_t kMinPssSaltSize = 8; +const size_t kMinPssSaltSize = 20; // Overhead for PKCS#1 v1.5 signature padding of undigested messages. Digested messages have // additional overhead, for the digest algorithmIdentifier required by PKCS#1. |