pkcs15-crypt: Use correct PKCS#1 v1.5 padding type

OpenSC · Mar 20, 2024 · 03b7969 · 03b7969
1 parent d1d0aed
commit 03b7969
Showing 1 changed file with 6 additions and 4 deletions.
diff --git a/src/tools/pkcs15-crypt.c b/src/tools/pkcs15-crypt.c
@@ -210,7 +210,7 @@ static int sign(struct sc_pkcs15_object *obj)
 {
 	u8 buf[1024], out[1024];
 	struct sc_pkcs15_prkey_info *key = (struct sc_pkcs15_prkey_info *) obj->data;
-	int r;
+	int r, flags;
 	size_t c, len;
 
 	if (opt_input == NULL) {
@@ -233,7 +233,8 @@ static int sign(struct sc_pkcs15_object *obj)
 		return SC_ERROR_NOT_SUPPORTED;
 	}
 
-	r = sc_pkcs15_compute_signature(p15card, obj, opt_crypt_flags, buf, c, out, len, NULL);
+	flags = opt_crypt_flags & ~SC_ALGORITHM_RSA_PAD_PKCS1_TYPE_02;
+	r = sc_pkcs15_compute_signature(p15card, obj, flags, buf, c, out, len, NULL);
 	if (r < 0) {
 		fprintf(stderr, "Compute signature failed: %s\n", sc_strerror(r));
 		return 1;
@@ -265,7 +266,7 @@ static int sign(struct sc_pkcs15_object *obj)
 static int decipher(struct sc_pkcs15_object *obj)
 {
 	u8 buf[1024], out[1024];
-	int r, len;
+	int r, len, flags;
 	size_t c;
 
 	if (opt_input == NULL) {
@@ -281,7 +282,8 @@ static int decipher(struct sc_pkcs15_object *obj)
 		return SC_ERROR_NOT_SUPPORTED;
 	}
 
-	r = sc_pkcs15_decipher(p15card, obj, opt_crypt_flags & SC_ALGORITHM_RSA_PAD_PKCS1_TYPE_02, buf, c, out, len, NULL);
+	flags = opt_crypt_flags & ~SC_ALGORITHM_RSA_PAD_PKCS1_TYPE_01;
+	r = sc_pkcs15_decipher(p15card, obj, flags, buf, c, out, len, NULL);
 	if (r < 0) {
 		fprintf(stderr, "Decrypt failed: %s\n", sc_strerror(r));
 		return 1;