|
|
@@ -11,7 +11,7 @@ import Foundation
|
|
|
|
|
|
extension RSA: Signature {
|
|
|
public func sign(_ bytes: ArraySlice<UInt8>) throws -> Array<UInt8> {
|
|
|
- try self.sign(Array(bytes), variant: .message_pkcs1v15_SHA512_256)
|
|
|
+ try self.sign(Array(bytes), variant: .message_pkcs1v15_SHA256)
|
|
|
}
|
|
|
|
|
|
public func sign(_ bytes: Array<UInt8>, variant: SignatureVariant) throws -> Array<UInt8> {
|
|
|
@@ -30,13 +30,13 @@ extension RSA: Signature {
|
|
|
}
|
|
|
|
|
|
public func verify(signature: ArraySlice<UInt8>, for expectedData: ArraySlice<UInt8>) throws -> Bool {
|
|
|
- try self.verify(signature: Array(signature), for: Array(expectedData), variant: .message_pkcs1v15_SHA512_256)
|
|
|
+ try self.verify(signature: Array(signature), for: Array(expectedData), variant: .message_pkcs1v15_SHA256)
|
|
|
}
|
|
|
|
|
|
/// https://datatracker.ietf.org/doc/html/rfc8017#section-8.2.2
|
|
|
- public func verify(signature: Array<UInt8>, for bytes: Array<UInt8>, variant: SignatureVariant = .message_pkcs1v15_SHA256) throws -> Bool {
|
|
|
+ public func verify(signature: Array<UInt8>, for bytes: Array<UInt8>, variant: SignatureVariant) throws -> Bool {
|
|
|
/// Step 1: Ensure the signature is the same length as the key's modulus
|
|
|
- guard signature.count == (self.keySize / 8) else { throw Error.invalidSignatureLength }
|
|
|
+ guard signature.count == (self.keySize / 8) || (signature.count - 1) == (self.keySize / 8) else { throw Error.invalidSignatureLength }
|
|
|
|
|
|
let expectedData = try Array<UInt8>(RSA.hashedAndEncoded(bytes, variant: variant, keySizeInBytes: self.keySize / 8).dropFirst())
|
|
|
|
Brandon Toms