Add a simple (raw) PKCS#1 padding mode

* src/cipher.h (PUBKEY_ENC_PKCS1_RAW): New.
* cipher/pubkey-util.c (_gcry_pk_util_parse_flaglist): Handle pkcs1-raw
  flag.
* cipher/pubkey-util.c (_gcry_pk_util_data_to_mpi):
  Handle s-exp like (data (flags pkcs1-raw) (value xxxxx))
* cipher/rsa-common.c (_gcry_rsa_pkcs1_encode_raw_for_sig):
  PKCS#1-encode data with embedded hash OID for signature verification.
* tests/basic.c (check_pubkey_sign): Add tests for s-exps with pkcs1-raw
  flag.

--
Allow user to specify (flags pkcs1-raw) to enable pkcs1 padding of raw
value (no hash algorithm is specified). It is up to the user to verify
that the passed value is properly formatted and includes DER-encoded
ASN OID of the used hash function.

Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

1 files changed, 8 insertions, 0 deletions

diff --git a/tests/basic.c b/tests/basic.c
index 4474a9de..e21e0552 100644
--- a/tests/basic.c
+++ b/tests/basic.c
@@ -5155,6 +5155,10 @@ check_pubkey_sign (int n, gcry_sexp_t skey, gcry_sexp_t pkey, int algo)
 	" (hash sha1 #11223344556677889900AABBCCDDEEFF10203040#))\n",
 	GCRY_PK_RSA,
 	0 },
+      { "(data\n (flags pkcs1-raw)\n"
+	" (hash sha1 #11223344556677889900AABBCCDDEEFF10203040#))\n",
+	GCRY_PK_RSA,
+	GPG_ERR_CONFLICT },
       { "(data\n (flags oaep)\n"
 	" (hash sha1 #11223344556677889900AABBCCDDEEFF10203040#))\n",
 	0,
@@ -5187,6 +5191,10 @@ check_pubkey_sign (int n, gcry_sexp_t skey, gcry_sexp_t pkey, int algo)
 	" (value #11223344556677889900AA#))\n",
 	GCRY_PK_RSA,
 	GPG_ERR_CONFLICT },
+      { "(data\n (flags pkcs1-raw)\n"
+	" (value #11223344556677889900AA#))\n",
+	GCRY_PK_RSA,
+	0 },
       { "(data\n (flags raw foo)\n"
 	" (value #11223344556677889900AA#))\n",
 	0,