|
|
|
@ -121,14 +121,35 @@ class CryptokiEngine: public QObject, public openssl::Engine { |
|
|
|
|
virtual std::string rsaSign(const std::string& in, unsigned int type) { |
|
|
|
|
TRC; LOG<<"log; type="<<type<<"; size="<<in.size(); |
|
|
|
|
LOG<<crypto::readable(in).c_str(); |
|
|
|
|
std::string data; |
|
|
|
|
switch( type ) { |
|
|
|
|
case NID_sha1: |
|
|
|
|
data += QString(QByteArray::fromHex("3021300906052b0e03021a05000414")).toStdString(); |
|
|
|
|
break; |
|
|
|
|
case NID_sha224: |
|
|
|
|
data += QString(QByteArray::fromHex("302d300d06096086480165030402040500041c")).toStdString(); |
|
|
|
|
break; |
|
|
|
|
case NID_sha256: |
|
|
|
|
data += QString(QByteArray::fromHex("3031300d060960864801650304020105000420")).toStdString(); |
|
|
|
|
break; |
|
|
|
|
case NID_sha384: |
|
|
|
|
data += QString(QByteArray::fromHex("3041300d060960864801650304020205000430")).toStdString(); |
|
|
|
|
break; |
|
|
|
|
case NID_sha512: |
|
|
|
|
data += QString(QByteArray::fromHex("3051300d060960864801650304020305000440")).toStdString(); |
|
|
|
|
break; |
|
|
|
|
default: break; |
|
|
|
|
} |
|
|
|
|
// see ticket #169
|
|
|
|
|
// if (type != NID_md5_sha1) throw std::runtime_error("wrong sign type");
|
|
|
|
|
// if (in.size() != 36) throw std::runtime_error("wrong msg size to sign");
|
|
|
|
|
LOG<<"ready to sign"; |
|
|
|
|
try { |
|
|
|
|
return _privateKey->sign(in, CKM_RSA_PKCS); |
|
|
|
|
return _privateKey->sign(data+in, CKM_RSA_PKCS); |
|
|
|
|
} catch (const std::exception& x) { |
|
|
|
|
LOG<<"signature failed"; |
|
|
|
|
certRequired(); // get new certificate
|
|
|
|
|
return _privateKey->sign(in, CKM_RSA_PKCS); // try again
|
|
|
|
|
return _privateKey->sign(data+in, CKM_RSA_PKCS); // try again
|
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|