Bug 1334474 - Fix 1025-bit RSA-PSS signatures on Linux r=bustage

--HG-- extra : amend_source : 3c54d93b7d05fd065adc6301edfae0efac3527ed
sailfishos-mirror · Jan 30, 2017 · 1bfc089 · 1bfc089
1 parent 4c9e005
commit 1bfc089
Showing 1 changed file with 1 addition and 2 deletions.
diff --git a/lib/freebl/rsapkcs.c b/lib/freebl/rsapkcs.c
@@ -981,8 +981,6 @@ RSA_DecryptBlock(RSAPrivateKey *key,
  * We use mHash instead of M as input.
  * emBits from the RFC is just modBits - 1, see section 8.1.1.
  * We only support MGF1 as the MGF.
- *
- * NOTE: this code assumes modBits is a multiple of 8.
  */
 static SECStatus
 emsa_pss_encode(unsigned char *em,
@@ -1204,6 +1202,7 @@ RSA_SignPSS(RSAPrivateKey *key,
 
     /* len(em) == ceil((modulusBits - 1) / 8). */
     if (modulusBits % 8 == 1) {
+        em[0] = 0;
         emLen--;
         em++;
     }