use a CPRG when signing with RSA.
This commit is contained in:
parent
bd2883683b
commit
68e45d829f
2 changed files with 6 additions and 4 deletions
|
@ -118,6 +118,6 @@ kxVerify (PubRSA pk) (hashF, hashASN1) msg sign =
|
|||
|
||||
-- Sign the given message using the private key.
|
||||
--
|
||||
kxSign :: PrivateKey -> (ByteString -> ByteString, ByteString) -> ByteString -> Either KxError ByteString
|
||||
kxSign (PrivRSA pk) (hashF, hashASN1) msg =
|
||||
generalizeRSAError $ RSA.sign hashF hashASN1 pk msg
|
||||
kxSign :: CPRG g => g -> PrivateKey -> (ByteString -> ByteString, ByteString) -> ByteString -> (Either KxError ByteString, g)
|
||||
kxSign g (PrivRSA pk) (hashF, hashASN1) msg =
|
||||
(generalizeRSAError $ RSA.sign hashF hashASN1 pk msg, g)
|
||||
|
|
|
@ -94,7 +94,9 @@ signRSA :: (ByteString -> ByteString, ByteString) -> ByteString -> TLSSt ByteStr
|
|||
signRSA hsh content = do
|
||||
st <- get
|
||||
let rsakey = fromJust "rsa client private key" $ hstRSAClientPrivateKey $ fromJust "handshake" $ stHandshake st
|
||||
case kxSign rsakey hsh content of
|
||||
let (r, rng') = withTLSRNG (stRandomGen st) (\g -> kxSign g rsakey hsh content)
|
||||
put (st { stRandomGen = rng' })
|
||||
case r of
|
||||
Left err -> fail ("rsa sign failed: " ++ show err)
|
||||
Right econtent -> return econtent
|
||||
|
||||
|
|
Loading…
Reference in a new issue