From 59a75d5b9d442a80f9f9c085f768a7b1c0b4ed61 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 22 Jan 2014 10:12:57 +0100 Subject: [PATCH 01/34] Basic parsing of certs signed with RSASSA-PSS --- include/polarssl/config.h | 16 ++++++++++++++++ include/polarssl/oid.h | 3 +++ include/polarssl/pk.h | 1 + include/polarssl/x509.h | 2 ++ include/polarssl/x509_crt.h | 3 +++ library/oid.c | 4 ++++ library/x509.c | 14 ++++++++++++++ library/x509_crt.c | 12 +++++++++--- tests/data_files/server9.crt | 19 +++++++++++++++++++ tests/data_files/server9.key | 15 +++++++++++++++ tests/suites/test_suite_x509parse.data | 4 ++++ 11 files changed, 90 insertions(+), 3 deletions(-) create mode 100644 tests/data_files/server9.crt create mode 100644 tests/data_files/server9.key diff --git a/include/polarssl/config.h b/include/polarssl/config.h index ad088a9b42..58e8cff08e 100644 --- a/include/polarssl/config.h +++ b/include/polarssl/config.h @@ -220,6 +220,22 @@ //#define POLARSSL_SHA256_ALT //#define POLARSSL_SHA512_ALT +/** + * \def POLARSSL_RSASSA_PSS_CERTIFICATES + * + * Enable parsing and verification of X.509 certificates and CRLs signed with + * RSASSA-PSS. + * + * This is disabled by default since it breaks binary compatibility with the + * 1.3.x line. If you choose to enable it, you will need to rebuild your + * application against the new header files, relinking will not be enough. + * + * TODO: actually disable it when done working on this branch ,) + * + * Uncomment this macro to allow using RSASSA-PSS in certificates. + */ +#define POLARSSL_RSASSA_PSS_CERTIFICATES + /** * \def POLARSSL_AES_ROM_TABLES * diff --git a/include/polarssl/oid.h b/include/polarssl/oid.h index 32b0340c73..863cfda727 100644 --- a/include/polarssl/oid.h +++ b/include/polarssl/oid.h @@ -207,6 +207,9 @@ #define OID_PKCS9_EMAIL OID_PKCS9 "\x01" /**< emailAddress AttributeType ::= { pkcs-9 1 } */ +/* RFC 4055 */ +#define OID_RSASSA_PSS OID_PKCS1 "\x0a" /**< id-RSASSA-PSS ::= { pkcs-1 10 } */ + /* * Digest algorithms */ diff --git a/include/polarssl/pk.h b/include/polarssl/pk.h index 7014e420eb..1309f70daa 100644 --- a/include/polarssl/pk.h +++ b/include/polarssl/pk.h @@ -99,6 +99,7 @@ typedef enum { POLARSSL_PK_ECKEY_DH, POLARSSL_PK_ECDSA, POLARSSL_PK_RSA_ALT, + POLARSSL_PK_RSASSA_PSS, } pk_type_t; /** diff --git a/include/polarssl/x509.h b/include/polarssl/x509.h index 759234816a..5a9ed7dce8 100644 --- a/include/polarssl/x509.h +++ b/include/polarssl/x509.h @@ -276,6 +276,8 @@ int x509_get_name( unsigned char **p, const unsigned char *end, x509_name *cur ); int x509_get_alg_null( unsigned char **p, const unsigned char *end, x509_buf *alg ); +int x509_get_alg( unsigned char **p, const unsigned char *end, + x509_buf *alg, x509_buf *params ); int x509_get_sig( unsigned char **p, const unsigned char *end, x509_buf *sig ); int x509_get_sig_alg( const x509_buf *sig_oid, md_type_t *md_alg, pk_type_t *pk_alg ); diff --git a/include/polarssl/x509_crt.h b/include/polarssl/x509_crt.h index 0081d36c43..09cc9829b2 100644 --- a/include/polarssl/x509_crt.h +++ b/include/polarssl/x509_crt.h @@ -93,6 +93,9 @@ typedef struct _x509_crt x509_buf sig; /**< Signature: hash of the tbs part signed with the private key. */ md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. POLARSSL_MD_SHA256 */ pk_type_t sig_pk /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */; +#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) + x509_buf sig_params; /**< Parameters for the signature algorithm */ +#endif struct _x509_crt *next; /**< Next certificate in the CA-chain. */ } diff --git a/library/oid.c b/library/oid.c index a93188727b..9d50cf5de9 100644 --- a/library/oid.c +++ b/library/oid.c @@ -363,6 +363,10 @@ static const oid_sig_alg_t oid_sig_alg[] = { ADD_LEN( OID_ECDSA_SHA512 ), "ecdsa-with-SHA512", "ECDSA with SHA512" }, POLARSSL_MD_SHA512, POLARSSL_PK_ECDSA, }, + { + { ADD_LEN( OID_RSASSA_PSS ), "RSASSA-PSS", "RSASSA-PSS" }, + POLARSSL_MD_NONE, POLARSSL_PK_RSASSA_PSS, + }, { { NULL, 0, NULL, NULL }, 0, 0, diff --git a/library/x509.c b/library/x509.c index 92e52c318e..9915518652 100644 --- a/library/x509.c +++ b/library/x509.c @@ -123,6 +123,20 @@ int x509_get_alg_null( unsigned char **p, const unsigned char *end, return( 0 ); } +/* + * Parse an algorithm identifier with (optional) paramaters + */ +int x509_get_alg( unsigned char **p, const unsigned char *end, + x509_buf *alg, x509_buf *params ) +{ + int ret; + + if( ( ret = asn1_get_alg( p, end, alg, params ) ) != 0 ) + return( POLARSSL_ERR_X509_INVALID_ALG + ret ); + + return( 0 ); +} + /* * AttributeTypeAndValue ::= SEQUENCE { * type AttributeType, diff --git a/library/x509_crt.c b/library/x509_crt.c index 79460682ad..b9f226b076 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -534,6 +534,9 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf, int ret; size_t len; unsigned char *p, *end, *crt_end; + x509_buf sig_params; + + memset( &sig_params, 0, sizeof( x509_buf ) ); /* * Check for valid input @@ -597,7 +600,8 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf, */ if( ( ret = x509_get_version( &p, end, &crt->version ) ) != 0 || ( ret = x509_get_serial( &p, end, &crt->serial ) ) != 0 || - ( ret = x509_get_alg_null( &p, end, &crt->sig_oid1 ) ) != 0 ) + ( ret = x509_get_alg( &p, end, &crt->sig_oid1, + &crt->sig_params ) ) != 0 ) { x509_crt_free( crt ); return( ret ); @@ -738,14 +742,16 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf, * signatureAlgorithm AlgorithmIdentifier, * signatureValue BIT STRING */ - if( ( ret = x509_get_alg_null( &p, end, &crt->sig_oid2 ) ) != 0 ) + if( ( ret = x509_get_alg( &p, end, &crt->sig_oid2, &sig_params ) ) != 0 ) { x509_crt_free( crt ); return( ret ); } if( crt->sig_oid1.len != crt->sig_oid2.len || - memcmp( crt->sig_oid1.p, crt->sig_oid2.p, crt->sig_oid1.len ) != 0 ) + memcmp( crt->sig_oid1.p, crt->sig_oid2.p, crt->sig_oid1.len ) != 0 || + crt->sig_params.len != sig_params.len || + memcmp( crt->sig_params.p, sig_params.p, sig_params.len ) != 0 ) { x509_crt_free( crt ); return( POLARSSL_ERR_X509_SIG_MISMATCH ); diff --git a/tests/data_files/server9.crt b/tests/data_files/server9.crt new file mode 100644 index 0000000000..a6f9fbc76c --- /dev/null +++ b/tests/data_files/server9.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDBTCCAeegAwIBAgIBFjATBgkqhkiG9w0BAQowBqIEAgIA6jA7MQswCQYDVQQG +EwJOTDERMA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3Qg +Q0EwHhcNMTQwMTIwMTMzODE2WhcNMjQwMTE4MTMzODE2WjA0MQswCQYDVQQGEwJO +TDERMA8GA1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCBnzANBgkq +hkiG9w0BAQEFAAOBjQAwgYkCgYEA3RGKn5m6sGjKKuo7am1Zl+1OyVTkDe7OoH2g +HqroDsK7E0DbihKOiRMkpcX1+tj1kNfIysvF/pMdr9oSI3NSeUYauqBXK3YWMbOo +r+c4mwiLY5k6CiXuRdIYWLq5kxrt1FiaYxs3/PcUCJ+FZUnzWTJt0eDobd5S7Wa0 +qQvaQJUCAwEAAaOBkjCBjzAJBgNVHRMEAjAAMB0GA1UdDgQWBBTu88f1HxWlTUeJ +wdMiY7Lfp869UTBjBgNVHSMEXDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0w +OzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xh +clNTTCBUZXN0IENBggEAMBMGCSqGSIb3DQEBCjAGogQCAgDqA4IBAQDAog/jXydR +vDIugTzBXtfVK0CEX8iyQ4cVzQmXWSne8204v943K5D2hktSBkjdQUdcnVvVgLR6 +te50jV89ptN/NofX+fo9fhSRN9vGgQVWzOOFiO0zcThy749pirJu1Kq5OJdthIyW +Pu0UCz5G0k3kTp0JPevGlsNc8S9Ak1tFuB0IPJjrbfODWHS2LDuO+dB6gpkNTdrj +88ogYtBsN4D5gsXBRUfobXokUwejBwLrD6XwyQx+0bMwSCxgHEhxvuUkx1vdlXGw +JG3aF92u8mIxoKSAPaPdqy930mQvmpUWcN5Y1IMbtEGoQCKMYgosFcazJpJcjnX1 +o4Hl/lqjwCEG +-----END CERTIFICATE----- diff --git a/tests/data_files/server9.key b/tests/data_files/server9.key new file mode 100644 index 0000000000..e005864f9c --- /dev/null +++ b/tests/data_files/server9.key @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXQIBAAKBgQDdEYqfmbqwaMoq6jtqbVmX7U7JVOQN7s6gfaAequgOwrsTQNuK +Eo6JEySlxfX62PWQ18jKy8X+kx2v2hIjc1J5Rhq6oFcrdhYxs6iv5zibCItjmToK +Je5F0hhYurmTGu3UWJpjGzf89xQIn4VlSfNZMm3R4Oht3lLtZrSpC9pAlQIDAQAB +AoGAHFCE2tBL0xB45Go/1e/Pi9//OVZAJ3Cw0mmEuqjVNB7I6zxhYhviWbgz92+V +g92KBlU9CIx0/ZhGMyHRNO0uYNEZUJyM8zItoo/nmU31+VaHOGgpei04HZrn1Nmw +QS01FVrn9wzKR/5qeEBmxE7rVMDQo8QLnllC3jXzIVUtX4ECQQD2g9dleWYbqIQe +Q9paXxzvODhCzNtQwD0PnOKc54Nu4zm3JI45REtunmG8et+Ncms9RycTjNlWPGJT +62jgaJexAkEA5ZMNv4u9NNRfZprmlNyvjSOf+w7fdKzhcnkHbGkfLnFdc7vq0XFC +nwORsdjpOvWQUwrV2Cw8Pl4rKa4B4iqUJQJBAMVti6maU3udN8qhXxP3js3LwctG +E/OVMpH5fMha5jl9w/B4V2tn1d3O/MmdwsKeu2JFRPd0W2+kRr+dDs6DFdECQQC1 +3g9QJRWY2n1RPXlZiJKSDxzXuOqQ9bwMAZE98vE+y5Qq8T2O+li6vAsZhysNCChz +gOvzuudmyRcMh8r6Lpz5AkAUKK3gYtJFiVH2arRig3JjZJqixgSTolMT1n+HG4uM +tnBqBiEBVwBxEqaohla/rHR5joZCdcDN8xq0yeTQyLH9 +-----END RSA PRIVATE KEY----- diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index c0f8948324..7531587d1e 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -42,6 +42,10 @@ X509 Certificate information SHA512 Digest depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSA_C x509_cert_info:"data_files/cert_sha512.crt":"cert. version \: 3\nserial number \: 0B\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA512\nissued on \: 2011-02-12 14\:44\:07\nexpires on \: 2021-02-12 14\:44\:07\nsigned using \: RSA with SHA-512\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" +X509 Certificate information RSA-PSS, SHA1 Digest +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSA_C +x509_cert_info:"data_files/server9.crt":"cert. version \: 3\nserial number \: 16\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:38\:16\nexpires on \: 2024-01-18 13\:38\:16\nsigned using \: RSASSA-PSS\nRSA key size \: 1024 bits\n" + X509 Certificate information EC, SHA1 Digest depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_ECP_C:POLARSSL_ECP_DP_SECP256R1_ENABLED x509_cert_info:"data_files/server5-sha1.crt":"cert. version \: 3\nserial number \: 12\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 16\:21\:27\nexpires on \: 2023-09-22 16\:21\:27\nsigned using \: ECDSA with SHA1\nEC key size \: 256 bits\nbasic constraints \: CA=false\n" From f346bab139a5dfe1284df903ceed0bd5e6163bb8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 23 Jan 2014 16:24:44 +0100 Subject: [PATCH 02/34] Start parsing RSASSA-PSS parameters --- include/polarssl/x509.h | 2 + library/x509.c | 86 ++++++++++++++++++++++++++ library/x509_crt.c | 31 ++++++++++ tests/suites/test_suite_x509parse.data | 2 +- 4 files changed, 120 insertions(+), 1 deletion(-) diff --git a/include/polarssl/x509.h b/include/polarssl/x509.h index 5a9ed7dce8..9d3218d58c 100644 --- a/include/polarssl/x509.h +++ b/include/polarssl/x509.h @@ -278,6 +278,8 @@ int x509_get_alg_null( unsigned char **p, const unsigned char *end, x509_buf *alg ); int x509_get_alg( unsigned char **p, const unsigned char *end, x509_buf *alg, x509_buf *params ); +int x509_get_rsassa_pss_params( const x509_buf *params, md_type_t *md_alg, + int *salt_len, int *trailer_field ); int x509_get_sig( unsigned char **p, const unsigned char *end, x509_buf *sig ); int x509_get_sig_alg( const x509_buf *sig_oid, md_type_t *md_alg, pk_type_t *pk_alg ); diff --git a/library/x509.c b/library/x509.c index 9915518652..45dcea0fd6 100644 --- a/library/x509.c +++ b/library/x509.c @@ -137,6 +137,92 @@ int x509_get_alg( unsigned char **p, const unsigned char *end, return( 0 ); } +/* + * RSASSA-PSS-params ::= SEQUENCE { + * hashAlgorithm [0] HashAlgorithm DEFAULT sha1Identifier, + * maskGenAlgorithm [1] MaskGenAlgorithm DEFAULT mgf1SHA1Identifier, + * saltLength [2] INTEGER DEFAULT 20, + * trailerField [3] INTEGER DEFAULT 1 } + * -- Note that the tags in this Sequence are explicit. + */ +int x509_get_rsassa_pss_params( const x509_buf *params, + md_type_t *md_alg, + int *salt_len, + int *trailer_field ) +{ + int ret; + unsigned char *p; + const unsigned char *end; + size_t len; + x509_buf alg_id; + + /* First set everything to defaults */ + *md_alg = POLARSSL_MD_SHA1; + *salt_len = 20; + *trailer_field = 1; + + /* Make sure params is a SEQUENCE and setup bounds */ + if( params->tag != ( ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) + return( POLARSSL_ERR_X509_INVALID_ALG + + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ); + + p = (unsigned char *) params->p; + end = p + params->len; + + if( p == end ) + return( 0 ); + + if( ( ret = asn1_get_tag( &p, end, &len, + ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 0 ) ) == 0 ) + { + /* HashAlgorithm ::= AlgorithmIdentifier (without parameters) */ + // TODO: WIP + } + else if( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) + return( POLARSSL_ERR_X509_INVALID_ALG + ret ); + + if( ( ret = asn1_get_tag( &p, end, &len, + ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 1 ) ) == 0 ) + { + /* MaskGenAlgorithm ::= AlgorithmIdentifier */ + // TODO: WIP + } + else if( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) + return( POLARSSL_ERR_X509_INVALID_ALG + ret ); + + if( p == end ) + return( 0 ); + + if( ( ret = asn1_get_tag( &p, end, &len, + ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 2 ) ) == 0 ) + { + /* salt_len */ + if( ( ret = asn1_get_int( &p, p + len, salt_len ) ) != 0 ) + return( POLARSSL_ERR_X509_INVALID_ALG + ret ); + } + else if( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) + return( POLARSSL_ERR_X509_INVALID_ALG + ret ); + + if( p == end ) + return( 0 ); + + if( ( ret = asn1_get_tag( &p, end, &len, + ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 3 ) ) == 0 ) + { + /* trailer_field */ + if( ( ret = asn1_get_int( &p, p + len, trailer_field ) ) != 0 ) + return( POLARSSL_ERR_X509_INVALID_ALG + ret ); + } + else if( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) + return( POLARSSL_ERR_X509_INVALID_ALG + ret ); + + if( p != end ) + return( POLARSSL_ERR_X509_INVALID_ALG + + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + + return( 0 ); +} + /* * AttributeTypeAndValue ::= SEQUENCE { * type AttributeType, diff --git a/library/x509_crt.c b/library/x509_crt.c index b9f226b076..6d206a3cda 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -622,6 +622,22 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf, return( ret ); } + if( crt->sig_pk == POLARSSL_PK_RSASSA_PSS ) + { + int salt_len, trailer_field; + + if( ( ret = x509_get_rsassa_pss_params( &crt->sig_params, + &crt->sig_md, &salt_len, &trailer_field ) ) != 0 ) + return( ret ); + } + else + { + /* Make sure parameters were absent or NULL */ + if( ( crt->sig_params.tag != ASN1_NULL && crt->sig_params.tag != 0 ) || + crt->sig_params.len != 0 ) + return( POLARSSL_ERR_X509_INVALID_ALG ); + } + /* * issuer Name */ @@ -1300,6 +1316,21 @@ int x509_crt_info( char *buf, size_t size, const char *prefix, ret = snprintf( p, n, "%s", desc ); SAFE_SNPRINTF(); + if( crt->sig_pk == POLARSSL_PK_RSASSA_PSS ) + { + md_type_t md_alg; + int salt_len, trailer_field; + + if( ( ret = x509_get_rsassa_pss_params( &crt->sig_params, + &md_alg, &salt_len, &trailer_field ) ) != 0 ) + return( ret ); + + // TODO: SHA1 harcoded twice (WIP) + ret = snprintf( p, n, " (SHA1, MGF1-SHA1, %d, %d)", + salt_len, trailer_field ); + SAFE_SNPRINTF(); + } + /* Key size */ if( ( ret = x509_key_size_helper( key_size_str, BEFORE_COLON, pk_get_name( &crt->pk ) ) ) != 0 ) diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index 7531587d1e..057c353a4a 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -44,7 +44,7 @@ x509_cert_info:"data_files/cert_sha512.crt":"cert. version \: 3\nserial numb X509 Certificate information RSA-PSS, SHA1 Digest depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSA_C -x509_cert_info:"data_files/server9.crt":"cert. version \: 3\nserial number \: 16\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:38\:16\nexpires on \: 2024-01-18 13\:38\:16\nsigned using \: RSASSA-PSS\nRSA key size \: 1024 bits\n" +x509_cert_info:"data_files/server9.crt":"cert. version \: 3\nserial number \: 16\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:38\:16\nexpires on \: 2024-01-18 13\:38\:16\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 234, 1)\nRSA key size \: 1024 bits\n" X509 Certificate information EC, SHA1 Digest depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_ECP_C:POLARSSL_ECP_DP_SECP256R1_ENABLED From e76b750b691988447a844fe5d589559bd2019102 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 23 Jan 2014 19:15:29 +0100 Subject: [PATCH 03/34] Finish parsing RSASSA-PSS parameters --- include/polarssl/asn1.h | 10 ++- include/polarssl/oid.h | 1 + include/polarssl/x509.h | 3 +- library/x509.c | 86 +++++++++++++++++++++++--- library/x509_crt.c | 20 ++++-- tests/data_files/server9-sha224.crt | 20 ++++++ tests/data_files/server9-sha256.crt | 20 ++++++ tests/data_files/server9-sha384.crt | 20 ++++++ tests/data_files/server9-sha512.crt | 20 ++++++ tests/suites/test_suite_x509parse.data | 18 +++++- 10 files changed, 199 insertions(+), 19 deletions(-) create mode 100644 tests/data_files/server9-sha224.crt create mode 100644 tests/data_files/server9-sha256.crt create mode 100644 tests/data_files/server9-sha384.crt create mode 100644 tests/data_files/server9-sha512.crt diff --git a/include/polarssl/asn1.h b/include/polarssl/asn1.h index 11f256c386..eacdd082bd 100644 --- a/include/polarssl/asn1.h +++ b/include/polarssl/asn1.h @@ -97,9 +97,13 @@ /** Returns the size of the binary string, without the trailing \\0 */ #define OID_SIZE(x) (sizeof(x) - 1) -/** Compares two asn1_buf structures for the same OID. Only works for - * 'defined' oid_str values (OID_HMAC_SHA1), you cannot use a 'unsigned - * char *oid' here! +/** + * Compares an asn1_buf structure to a reference OID. + * + * Only works for 'defined' oid_str values (OID_HMAC_SHA1), you cannot use a + * 'unsigned char *oid' here! + * + * Warning: returns true when the OIDs are equal (unlike memcmp)! */ #define OID_CMP(oid_str, oid_buf) \ ( ( OID_SIZE(oid_str) == (oid_buf)->len ) && \ diff --git a/include/polarssl/oid.h b/include/polarssl/oid.h index 863cfda727..c4d5c3fba1 100644 --- a/include/polarssl/oid.h +++ b/include/polarssl/oid.h @@ -209,6 +209,7 @@ /* RFC 4055 */ #define OID_RSASSA_PSS OID_PKCS1 "\x0a" /**< id-RSASSA-PSS ::= { pkcs-1 10 } */ +#define OID_MGF1 OID_PKCS1 "\x08" /**< id-mgf1 ::= { pkcs-1 8 } */ /* * Digest algorithms diff --git a/include/polarssl/x509.h b/include/polarssl/x509.h index 9d3218d58c..7a52e365e2 100644 --- a/include/polarssl/x509.h +++ b/include/polarssl/x509.h @@ -278,7 +278,8 @@ int x509_get_alg_null( unsigned char **p, const unsigned char *end, x509_buf *alg ); int x509_get_alg( unsigned char **p, const unsigned char *end, x509_buf *alg, x509_buf *params ); -int x509_get_rsassa_pss_params( const x509_buf *params, md_type_t *md_alg, +int x509_get_rsassa_pss_params( const x509_buf *params, + md_type_t *md_alg, md_type_t *mgf_md, int *salt_len, int *trailer_field ); int x509_get_sig( unsigned char **p, const unsigned char *end, x509_buf *sig ); int x509_get_sig_alg( const x509_buf *sig_oid, md_type_t *md_alg, diff --git a/library/x509.c b/library/x509.c index 45dcea0fd6..acdb0bc2b5 100644 --- a/library/x509.c +++ b/library/x509.c @@ -137,6 +137,62 @@ int x509_get_alg( unsigned char **p, const unsigned char *end, return( 0 ); } +/* + * HashAlgorithm ::= AlgorithmIdentifier + * + * AlgorithmIdentifier ::= SEQUENCE { + * algorithm OBJECT IDENTIFIER, + * parameters ANY DEFINED BY algorithm OPTIONAL } + * + * For HashAlgorithm, parameters MUST be NULL or absent. + */ +static int x509_get_hash_alg( const x509_buf *alg, md_type_t *md_alg ) +{ + int ret; + unsigned char *p; + const unsigned char *end; + x509_buf md_oid; + size_t len; + + /* Make sure we got a SEQUENCE and setup bounds */ + if( alg->tag != ( ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) + return( POLARSSL_ERR_X509_INVALID_ALG + + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ); + + p = (unsigned char *) alg->p; + end = p + alg->len; + + if( p >= end ) + return( POLARSSL_ERR_X509_INVALID_ALG + + POLARSSL_ERR_ASN1_OUT_OF_DATA ); + + /* Parse md_oid */ + md_oid.tag = *p; + + if( ( ret = asn1_get_tag( &p, end, &md_oid.len, ASN1_OID ) ) != 0 ) + return( POLARSSL_ERR_X509_INVALID_ALG + ret ); + + md_oid.p = p; + p += md_oid.len; + + /* Get md_alg from md_oid */ + if( ( ret = oid_get_md_alg( &md_oid, md_alg ) ) != 0 ) + return( POLARSSL_ERR_X509_INVALID_ALG + ret ); + + /* Make sure params is absent of NULL */ + if( p == end ) + return( 0 ); + + if( ( ret = asn1_get_tag( &p, end, &len, ASN1_NULL ) ) != 0 ) + return( POLARSSL_ERR_X509_INVALID_ALG + ret ); + + if( p != end ) + return( POLARSSL_ERR_X509_INVALID_ALG + + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + + return( 0 ); +} + /* * RSASSA-PSS-params ::= SEQUENCE { * hashAlgorithm [0] HashAlgorithm DEFAULT sha1Identifier, @@ -146,18 +202,18 @@ int x509_get_alg( unsigned char **p, const unsigned char *end, * -- Note that the tags in this Sequence are explicit. */ int x509_get_rsassa_pss_params( const x509_buf *params, - md_type_t *md_alg, - int *salt_len, - int *trailer_field ) + md_type_t *md_alg, md_type_t *mgf_md, + int *salt_len, int *trailer_field ) { int ret; unsigned char *p; const unsigned char *end; size_t len; - x509_buf alg_id; + x509_buf alg_id, alg_params; /* First set everything to defaults */ *md_alg = POLARSSL_MD_SHA1; + *mgf_md = POLARSSL_MD_SHA1; *salt_len = 20; *trailer_field = 1; @@ -175,8 +231,12 @@ int x509_get_rsassa_pss_params( const x509_buf *params, if( ( ret = asn1_get_tag( &p, end, &len, ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 0 ) ) == 0 ) { - /* HashAlgorithm ::= AlgorithmIdentifier (without parameters) */ - // TODO: WIP + /* HashAlgorithm ::= AlgorithmIdentifier (without parameters) */ + if( ( ret = x509_get_alg_null( &p, p + len, &alg_id ) ) != 0 ) + return( ret ); + + if( ( ret = oid_get_md_alg( &alg_id, md_alg ) ) != 0 ) + return( POLARSSL_ERR_X509_INVALID_ALG + ret ); } else if( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) return( POLARSSL_ERR_X509_INVALID_ALG + ret ); @@ -184,8 +244,18 @@ int x509_get_rsassa_pss_params( const x509_buf *params, if( ( ret = asn1_get_tag( &p, end, &len, ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 1 ) ) == 0 ) { - /* MaskGenAlgorithm ::= AlgorithmIdentifier */ - // TODO: WIP + /* MaskGenAlgorithm ::= AlgorithmIdentifier (params = HashAlgorithm) */ + if( ( ret = x509_get_alg( &p, p + len, &alg_id, &alg_params ) ) != 0 ) + return( ret ); + + /* Only MFG1 is recognised for now */ + if( ! OID_CMP( OID_MGF1, &alg_id ) ) + return( POLARSSL_ERR_X509_FEATURE_UNAVAILABLE + + POLARSSL_ERR_OID_NOT_FOUND ); + + /* Parse HashAlgorithm */ + if( ( ret = x509_get_hash_alg( &alg_params, mgf_md ) ) != 0 ) + return( ret ); } else if( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) return( POLARSSL_ERR_X509_INVALID_ALG + ret ); diff --git a/library/x509_crt.c b/library/x509_crt.c index 6d206a3cda..85e4ef9d1e 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -625,9 +625,12 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf, if( crt->sig_pk == POLARSSL_PK_RSASSA_PSS ) { int salt_len, trailer_field; + md_type_t mgf_md; - if( ( ret = x509_get_rsassa_pss_params( &crt->sig_params, - &crt->sig_md, &salt_len, &trailer_field ) ) != 0 ) + /* Make sure params are valid */ + ret = x509_get_rsassa_pss_params( &crt->sig_params, + &crt->sig_md, &mgf_md, &salt_len, &trailer_field ); + if( ret != 0 ) return( ret ); } else @@ -1318,15 +1321,20 @@ int x509_crt_info( char *buf, size_t size, const char *prefix, if( crt->sig_pk == POLARSSL_PK_RSASSA_PSS ) { - md_type_t md_alg; + md_type_t md_alg, mgf_md; + const md_info_t *md_info, *mgf_md_info; int salt_len, trailer_field; if( ( ret = x509_get_rsassa_pss_params( &crt->sig_params, - &md_alg, &salt_len, &trailer_field ) ) != 0 ) + &md_alg, &mgf_md, &salt_len, &trailer_field ) ) != 0 ) return( ret ); - // TODO: SHA1 harcoded twice (WIP) - ret = snprintf( p, n, " (SHA1, MGF1-SHA1, %d, %d)", + md_info = md_info_from_type( md_alg ); + mgf_md_info = md_info_from_type( mgf_md ); + + ret = snprintf( p, n, " (%s, MGF1-%s, 0x%02X, %d)", + md_info ? md_info->name : "???", + mgf_md_info ? mgf_md_info->name : "???", salt_len, trailer_field ); SAFE_SNPRINTF(); } diff --git a/tests/data_files/server9-sha224.crt b/tests/data_files/server9-sha224.crt new file mode 100644 index 0000000000..1b05f313a4 --- /dev/null +++ b/tests/data_files/server9-sha224.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDWzCCAhKgAwIBAgIBFzA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCBKEa +MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgSiBAICAOIwOzELMAkGA1UEBhMCTkwx +ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X +DTE0MDEyMDEzNTczNloXDTI0MDExODEzNTczNlowNDELMAkGA1UEBhMCTkwxETAP +BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN +AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C +uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI +i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV +AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy +36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ +BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg +VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCBKEaMBgGCSqG +SIb3DQEBCDALBglghkgBZQMEAgSiBAICAOIDggEBADJExjfWWvL28lgj+GGgviqo +PHZLxI0pLQUnFJQ9Kpu6jxfICseBF00Z6BJE/RcYDpIie5GDt/8u/i6xB6Li29Pm +g5nANgd/Y3fFnW7d0ydVjiSnetlPuf/jTlWQl6mQTH2xqYu8J8d3JRxQdRiDYbVm +uywW2d6rksiqm6dPD5l4A5DcemcYo8f/1Ifj5WNDCV8/OHex+AnW2ccDvWAnVgSR +B2VpOXJzVFuBsuf4tGVm/2TUMSB6NcvFc6TeJk1kzbZxii4QjKXtH1SfrVP59iEe +l17NYAEWARjBpQWBiutRG+QM2et0sNiUBuWxTkvd0eSgencNysVAOsZqrqaX3CY= +-----END CERTIFICATE----- diff --git a/tests/data_files/server9-sha256.crt b/tests/data_files/server9-sha256.crt new file mode 100644 index 0000000000..7d0aa39567 --- /dev/null +++ b/tests/data_files/server9-sha256.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDWzCCAhKgAwIBAgIBGDA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEa +MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4wOzELMAkGA1UEBhMCTkwx +ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X +DTE0MDEyMDEzNTc0NVoXDTI0MDExODEzNTc0NVowNDELMAkGA1UEBhMCTkwxETAP +BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN +AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C +uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI +i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV +AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy +36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ +BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg +VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEaMBgGCSqG +SIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4DggEBAH0+knqkcLaxeDkenBQgd4Qg +3ZyAhtpiLU689mw+3cXB/uzFrCIxEL5aGh1eSj+DszB+FtsZ06ux7JVQqVOA2Wm9 +yLxC6wF8OOYj0nBa91BWLhRAHLhmIdWsVk7Hl9KojZd4TwV2N+ZEV/BLxyoRvK4H +V4xCpzgDSiTPe8Etk4r+0akbr6bsOUBayPb7MGLHubZKq8NsFAmmynp+fPmHd3SE +0ooJdiZ1MmKPKLE5Og/hXCI8qeiXQUR6oQ7b2XONsrI2HIj2SA9dA5qmHwE5PbMu +zqxQ3R83boqLXbkFORn+UiYLmffqdoWuNy00BHMCrxRA9DUv+WyN4npLMF8rOJw= +-----END CERTIFICATE----- diff --git a/tests/data_files/server9-sha384.crt b/tests/data_files/server9-sha384.crt new file mode 100644 index 0000000000..aaa63e6ed2 --- /dev/null +++ b/tests/data_files/server9-sha384.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDWzCCAhKgAwIBAgIBGTA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAqEa +MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiBAICAM4wOzELMAkGA1UEBhMCTkwx +ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X +DTE0MDEyMDEzNTc1OFoXDTI0MDExODEzNTc1OFowNDELMAkGA1UEBhMCTkwxETAP +BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN +AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C +uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI +i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV +AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy +36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ +BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg +VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAqEaMBgGCSqG +SIb3DQEBCDALBglghkgBZQMEAgKiBAICAM4DggEBABf8Gyq2VYuN1EBW1nOapDQp +B/KuafNW2GEJ7FmQKNyA7MIj1Yqo2MtJ6/OQojRQ3F5rnO4yjmvIPsXeQaMxJBiI +aaoAlLpH++F+oXMq/0aS0WSZrSLrsh2Fpay9cBDGwek2rDOX9kM+ZcPzGitVwWKX +TnOW22hpcl7u95CpZH+JZTcto5nL3tTyV9pIy+tSKQQfjPB+G0TAZCsOkbCGPLug +qdjvqFQwOf15VxQMj7NRiXjlqJvsx+I7B2AIhrs4DzQMEyiWq9S/PzpQuFU5v/Kg +s2iMLJ5ygv5aN3PYqGlE1ZmvgyRp5h/LaTGI2L6lzRTnecOhtPv30N2tyaDAEfo= +-----END CERTIFICATE----- diff --git a/tests/data_files/server9-sha512.crt b/tests/data_files/server9-sha512.crt new file mode 100644 index 0000000000..a211b921dc --- /dev/null +++ b/tests/data_files/server9-sha512.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDWzCCAhKgAwIBAgIBGjA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCA6Ea +MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgOiBAICAL4wOzELMAkGA1UEBhMCTkwx +ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X +DTE0MDEyMDEzNTgxMloXDTI0MDExODEzNTgxMlowNDELMAkGA1UEBhMCTkwxETAP +BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN +AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C +uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI +i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV +AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy +36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ +BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg +VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCA6EaMBgGCSqG +SIb3DQEBCDALBglghkgBZQMEAgOiBAICAL4DggEBACdVozFq6rUiXo+ib5Y2oPsR +6xxl4Ydn3LpUoYrPpTOrhcXJWW/tOLHGuCF/mSRfUzKaMIfL418cZHYnvumvuttu +6z3tp5E1VsiZCU2MWJnzjKSxFBOss43AmpJHHoapGFZu2pxObBPqegAKHYkKWOLk +tJDj47PurWgEek9j1nL7Pc1tVf59fm/ySp4fWkXLLvQiKid1516VioLyacUvK3zU +6Egz8jMt7D5c9KpaExLRTANVsThqO5/dmR36bOwm3Hpbde7DNdgxru41tiLMqJs/ +5pX3ceaJ1XQ/l0idj5/9ipvqHHUguyk7H22HwQHQdSD9oIha8kEM3P6CjpfE7yY= +-----END CERTIFICATE----- diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index 057c353a4a..c52ae3518c 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -44,7 +44,23 @@ x509_cert_info:"data_files/cert_sha512.crt":"cert. version \: 3\nserial numb X509 Certificate information RSA-PSS, SHA1 Digest depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSA_C -x509_cert_info:"data_files/server9.crt":"cert. version \: 3\nserial number \: 16\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:38\:16\nexpires on \: 2024-01-18 13\:38\:16\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 234, 1)\nRSA key size \: 1024 bits\n" +x509_cert_info:"data_files/server9.crt":"cert. version \: 3\nserial number \: 16\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:38\:16\nexpires on \: 2024-01-18 13\:38\:16\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0xEA, 1)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" + +X509 Certificate information RSA-PSS, SHA224 Digest +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSA_C +x509_cert_info:"data_files/server9-sha224.crt":"cert. version \: 3\nserial number \: 17\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:36\nexpires on \: 2024-01-18 13\:57\:36\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0xE2, 1)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" + +X509 Certificate information RSA-PSS, SHA256 Digest +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSA_C +x509_cert_info:"data_files/server9-sha256.crt":"cert. version \: 3\nserial number \: 18\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:45\nexpires on \: 2024-01-18 13\:57\:45\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0xDE, 1)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" + +X509 Certificate information RSA-PSS, SHA384 Digest +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSA_C +x509_cert_info:"data_files/server9-sha384.crt":"cert. version \: 3\nserial number \: 19\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:58\nexpires on \: 2024-01-18 13\:57\:58\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0xCE, 1)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" + +X509 Certificate information RSA-PSS, SHA512 Digest +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSA_C +x509_cert_info:"data_files/server9-sha512.crt":"cert. version \: 3\nserial number \: 1A\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:58\:12\nexpires on \: 2024-01-18 13\:58\:12\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0xBE, 1)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" X509 Certificate information EC, SHA1 Digest depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_ECP_C:POLARSSL_ECP_DP_SECP256R1_ENABLED From 9c9cf5b51e7257f34ec31522bb0b6d38e730f743 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 24 Jan 2014 14:15:20 +0100 Subject: [PATCH 04/34] More checks for length match in rsassa-pss params --- library/x509.c | 53 ++++++++++++++++++++++++++++++++++++++++++-------- 1 file changed, 45 insertions(+), 8 deletions(-) diff --git a/library/x509.c b/library/x509.c index acdb0bc2b5..3114076bd9 100644 --- a/library/x509.c +++ b/library/x509.c @@ -183,7 +183,7 @@ static int x509_get_hash_alg( const x509_buf *alg, md_type_t *md_alg ) if( p == end ) return( 0 ); - if( ( ret = asn1_get_tag( &p, end, &len, ASN1_NULL ) ) != 0 ) + if( ( ret = asn1_get_tag( &p, end, &len, ASN1_NULL ) ) != 0 || len != 0 ) return( POLARSSL_ERR_X509_INVALID_ALG + ret ); if( p != end ) @@ -207,7 +207,7 @@ int x509_get_rsassa_pss_params( const x509_buf *params, { int ret; unsigned char *p; - const unsigned char *end; + const unsigned char *end, *end2; size_t len; x509_buf alg_id, alg_params; @@ -228,24 +228,41 @@ int x509_get_rsassa_pss_params( const x509_buf *params, if( p == end ) return( 0 ); + /* + * HashAlgorithm + */ if( ( ret = asn1_get_tag( &p, end, &len, ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 0 ) ) == 0 ) { + end2 = p + len; + /* HashAlgorithm ::= AlgorithmIdentifier (without parameters) */ - if( ( ret = x509_get_alg_null( &p, p + len, &alg_id ) ) != 0 ) + if( ( ret = x509_get_alg_null( &p, end2, &alg_id ) ) != 0 ) return( ret ); if( ( ret = oid_get_md_alg( &alg_id, md_alg ) ) != 0 ) return( POLARSSL_ERR_X509_INVALID_ALG + ret ); + + if( p != end2 ) + return( POLARSSL_ERR_X509_INVALID_ALG + + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); } else if( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) return( POLARSSL_ERR_X509_INVALID_ALG + ret ); + if( p == end ) + return( 0 ); + + /* + * MaskGenAlgorithm + */ if( ( ret = asn1_get_tag( &p, end, &len, ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 1 ) ) == 0 ) { + end2 = p + len; + /* MaskGenAlgorithm ::= AlgorithmIdentifier (params = HashAlgorithm) */ - if( ( ret = x509_get_alg( &p, p + len, &alg_id, &alg_params ) ) != 0 ) + if( ( ret = x509_get_alg( &p, end2, &alg_id, &alg_params ) ) != 0 ) return( ret ); /* Only MFG1 is recognised for now */ @@ -256,6 +273,10 @@ int x509_get_rsassa_pss_params( const x509_buf *params, /* Parse HashAlgorithm */ if( ( ret = x509_get_hash_alg( &alg_params, mgf_md ) ) != 0 ) return( ret ); + + if( p != end2 ) + return( POLARSSL_ERR_X509_INVALID_ALG + + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); } else if( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) return( POLARSSL_ERR_X509_INVALID_ALG + ret ); @@ -263,12 +284,20 @@ int x509_get_rsassa_pss_params( const x509_buf *params, if( p == end ) return( 0 ); + /* + * salt_len + */ if( ( ret = asn1_get_tag( &p, end, &len, ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 2 ) ) == 0 ) { - /* salt_len */ - if( ( ret = asn1_get_int( &p, p + len, salt_len ) ) != 0 ) + end2 = p + len; + + if( ( ret = asn1_get_int( &p, end2, salt_len ) ) != 0 ) return( POLARSSL_ERR_X509_INVALID_ALG + ret ); + + if( p != end2 ) + return( POLARSSL_ERR_X509_INVALID_ALG + + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); } else if( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) return( POLARSSL_ERR_X509_INVALID_ALG + ret ); @@ -276,12 +305,20 @@ int x509_get_rsassa_pss_params( const x509_buf *params, if( p == end ) return( 0 ); + /* + * trailer_field + */ if( ( ret = asn1_get_tag( &p, end, &len, ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 3 ) ) == 0 ) { - /* trailer_field */ - if( ( ret = asn1_get_int( &p, p + len, trailer_field ) ) != 0 ) + end2 = p + len; + + if( ( ret = asn1_get_int( &p, end2, trailer_field ) ) != 0 ) return( POLARSSL_ERR_X509_INVALID_ALG + ret ); + + if( p != end2 ) + return( POLARSSL_ERR_X509_INVALID_ALG + + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); } else if( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) return( POLARSSL_ERR_X509_INVALID_ALG + ret ); From 9df5c96214e6a5b7208b9870f00600deb7be2c4c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 24 Jan 2014 14:37:29 +0100 Subject: [PATCH 05/34] Fix dependencies --- include/polarssl/check_config.h | 5 +++++ include/polarssl/x509.h | 2 ++ library/x509.c | 2 ++ library/x509_crt.c | 24 +++++++++++++++++------- tests/suites/test_suite_x509parse.data | 10 +++++----- 5 files changed, 31 insertions(+), 12 deletions(-) diff --git a/include/polarssl/check_config.h b/include/polarssl/check_config.h index c4c570c7f8..4f3e48c52f 100644 --- a/include/polarssl/check_config.h +++ b/include/polarssl/check_config.h @@ -197,6 +197,11 @@ #error "POLARSSL_RSA_C defined, but not all prerequisites" #endif +#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) && \ + ( !defined(POLARSSL_RSA_C) || !defined(POLARSSL_PKCS1_V21) ) +#error "POLARSSL_RSASSA_PSS_CERTIFICATES defined, but not all prerequisites" +#endif + #if defined(POLARSSL_SSL_PROTO_SSL3) && ( !defined(POLARSSL_MD5_C) || \ !defined(POLARSSL_SHA1_C) ) #error "POLARSSL_SSL_PROTO_SSL3 defined, but not all prerequisites" diff --git a/include/polarssl/x509.h b/include/polarssl/x509.h index 7a52e365e2..f72effd39e 100644 --- a/include/polarssl/x509.h +++ b/include/polarssl/x509.h @@ -278,9 +278,11 @@ int x509_get_alg_null( unsigned char **p, const unsigned char *end, x509_buf *alg ); int x509_get_alg( unsigned char **p, const unsigned char *end, x509_buf *alg, x509_buf *params ); +#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) int x509_get_rsassa_pss_params( const x509_buf *params, md_type_t *md_alg, md_type_t *mgf_md, int *salt_len, int *trailer_field ); +#endif int x509_get_sig( unsigned char **p, const unsigned char *end, x509_buf *sig ); int x509_get_sig_alg( const x509_buf *sig_oid, md_type_t *md_alg, pk_type_t *pk_alg ); diff --git a/library/x509.c b/library/x509.c index 3114076bd9..48c11ef716 100644 --- a/library/x509.c +++ b/library/x509.c @@ -137,6 +137,7 @@ int x509_get_alg( unsigned char **p, const unsigned char *end, return( 0 ); } +#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) /* * HashAlgorithm ::= AlgorithmIdentifier * @@ -329,6 +330,7 @@ int x509_get_rsassa_pss_params( const x509_buf *params, return( 0 ); } +#endif /* POLARSSL_RSASSA_PSS_CERTIFICATES */ /* * AttributeTypeAndValue ::= SEQUENCE { diff --git a/library/x509_crt.c b/library/x509_crt.c index 85e4ef9d1e..6b92688782 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -601,7 +601,7 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf, if( ( ret = x509_get_version( &p, end, &crt->version ) ) != 0 || ( ret = x509_get_serial( &p, end, &crt->serial ) ) != 0 || ( ret = x509_get_alg( &p, end, &crt->sig_oid1, - &crt->sig_params ) ) != 0 ) + &sig_params ) ) != 0 ) { x509_crt_free( crt ); return( ret ); @@ -622,22 +622,26 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf, return( ret ); } +#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) if( crt->sig_pk == POLARSSL_PK_RSASSA_PSS ) { int salt_len, trailer_field; md_type_t mgf_md; /* Make sure params are valid */ - ret = x509_get_rsassa_pss_params( &crt->sig_params, + ret = x509_get_rsassa_pss_params( &sig_params, &crt->sig_md, &mgf_md, &salt_len, &trailer_field ); if( ret != 0 ) return( ret ); + + memcpy( &crt->sig_params, &sig_params, sizeof( x509_buf ) ); } else +#endif { - /* Make sure parameters were absent or NULL */ - if( ( crt->sig_params.tag != ASN1_NULL && crt->sig_params.tag != 0 ) || - crt->sig_params.len != 0 ) + /* Make sure parameters are absent or NULL */ + if( ( sig_params.tag != ASN1_NULL && sig_params.tag != 0 ) || + sig_params.len != 0 ) return( POLARSSL_ERR_X509_INVALID_ALG ); } @@ -768,9 +772,13 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf, } if( crt->sig_oid1.len != crt->sig_oid2.len || - memcmp( crt->sig_oid1.p, crt->sig_oid2.p, crt->sig_oid1.len ) != 0 || + memcmp( crt->sig_oid1.p, crt->sig_oid2.p, crt->sig_oid1.len ) != 0 +#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) + || crt->sig_params.len != sig_params.len || - memcmp( crt->sig_params.p, sig_params.p, sig_params.len ) != 0 ) + memcmp( crt->sig_params.p, sig_params.p, sig_params.len ) != 0 +#endif + ) { x509_crt_free( crt ); return( POLARSSL_ERR_X509_SIG_MISMATCH ); @@ -1319,6 +1327,7 @@ int x509_crt_info( char *buf, size_t size, const char *prefix, ret = snprintf( p, n, "%s", desc ); SAFE_SNPRINTF(); +#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) if( crt->sig_pk == POLARSSL_PK_RSASSA_PSS ) { md_type_t md_alg, mgf_md; @@ -1338,6 +1347,7 @@ int x509_crt_info( char *buf, size_t size, const char *prefix, salt_len, trailer_field ); SAFE_SNPRINTF(); } +#endif /* POLARSSL_RSASSA_PSS_CERTIFICATES */ /* Key size */ if( ( ret = x509_key_size_helper( key_size_str, BEFORE_COLON, diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index c52ae3518c..a3fcbbbd15 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -43,23 +43,23 @@ depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSA_C x509_cert_info:"data_files/cert_sha512.crt":"cert. version \: 3\nserial number \: 0B\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA512\nissued on \: 2011-02-12 14\:44\:07\nexpires on \: 2021-02-12 14\:44\:07\nsigned using \: RSA with SHA-512\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" X509 Certificate information RSA-PSS, SHA1 Digest -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSA_C +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA1_C x509_cert_info:"data_files/server9.crt":"cert. version \: 3\nserial number \: 16\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:38\:16\nexpires on \: 2024-01-18 13\:38\:16\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0xEA, 1)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" X509 Certificate information RSA-PSS, SHA224 Digest -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSA_C +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA256_C x509_cert_info:"data_files/server9-sha224.crt":"cert. version \: 3\nserial number \: 17\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:36\nexpires on \: 2024-01-18 13\:57\:36\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0xE2, 1)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" X509 Certificate information RSA-PSS, SHA256 Digest -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSA_C +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA256_C x509_cert_info:"data_files/server9-sha256.crt":"cert. version \: 3\nserial number \: 18\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:45\nexpires on \: 2024-01-18 13\:57\:45\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0xDE, 1)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" X509 Certificate information RSA-PSS, SHA384 Digest -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSA_C +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA512_C x509_cert_info:"data_files/server9-sha384.crt":"cert. version \: 3\nserial number \: 19\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:58\nexpires on \: 2024-01-18 13\:57\:58\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0xCE, 1)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" X509 Certificate information RSA-PSS, SHA512 Digest -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSA_C +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA512_C x509_cert_info:"data_files/server9-sha512.crt":"cert. version \: 3\nserial number \: 1A\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:58\:12\nexpires on \: 2024-01-18 13\:58\:12\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0xBE, 1)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" X509 Certificate information EC, SHA1 Digest From 8e42ff6bde1f74db7808837c236d9c6ef31df7f1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 24 Jan 2014 15:56:20 +0100 Subject: [PATCH 06/34] Parse CRLs signed with RSASSA-PSS --- include/polarssl/x509_crl.h | 3 ++ library/x509_crl.c | 61 +++++++++++++++++++++++-- tests/data_files/crl-rsa-pss-sha1.pem | 14 ++++++ tests/data_files/crl-rsa-pss-sha224.pem | 16 +++++++ tests/data_files/crl-rsa-pss-sha256.pem | 16 +++++++ tests/data_files/crl-rsa-pss-sha384.pem | 16 +++++++ tests/data_files/crl-rsa-pss-sha512.pem | 16 +++++++ tests/suites/test_suite_x509parse.data | 20 ++++++++ 8 files changed, 159 insertions(+), 3 deletions(-) create mode 100644 tests/data_files/crl-rsa-pss-sha1.pem create mode 100644 tests/data_files/crl-rsa-pss-sha224.pem create mode 100644 tests/data_files/crl-rsa-pss-sha256.pem create mode 100644 tests/data_files/crl-rsa-pss-sha384.pem create mode 100644 tests/data_files/crl-rsa-pss-sha512.pem diff --git a/include/polarssl/x509_crl.h b/include/polarssl/x509_crl.h index 0fee59b83f..81d4734a40 100644 --- a/include/polarssl/x509_crl.h +++ b/include/polarssl/x509_crl.h @@ -93,6 +93,9 @@ typedef struct _x509_crl x509_buf sig; md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. POLARSSL_MD_SHA256 */ pk_type_t sig_pk /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */; +#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) + x509_buf sig_params; /**< Parameters for the signature algorithm */ +#endif struct _x509_crl *next; } diff --git a/library/x509_crl.c b/library/x509_crl.c index a63a679753..6c9ec597fa 100644 --- a/library/x509_crl.c +++ b/library/x509_crl.c @@ -256,11 +256,15 @@ int x509_crl_parse( x509_crl *chain, const unsigned char *buf, size_t buflen ) size_t len; unsigned char *p, *end; x509_crl *crl; + x509_buf sig_params; + #if defined(POLARSSL_PEM_PARSE_C) size_t use_len; pem_context pem; #endif + memset( &sig_params, 0, sizeof( x509_buf ) ); + crl = chain; /* @@ -379,7 +383,7 @@ int x509_crl_parse( x509_crl *chain, const unsigned char *buf, size_t buflen ) * signature AlgorithmIdentifier */ if( ( ret = x509_crl_get_version( &p, end, &crl->version ) ) != 0 || - ( ret = x509_get_alg_null( &p, end, &crl->sig_oid1 ) ) != 0 ) + ( ret = x509_get_alg( &p, end, &crl->sig_oid1, &sig_params ) ) != 0 ) { x509_crl_free( crl ); return( ret ); @@ -400,6 +404,29 @@ int x509_crl_parse( x509_crl *chain, const unsigned char *buf, size_t buflen ) return( POLARSSL_ERR_X509_UNKNOWN_SIG_ALG ); } +#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) + if( crl->sig_pk == POLARSSL_PK_RSASSA_PSS ) + { + int salt_len, trailer_field; + md_type_t mgf_md; + + /* Make sure params are valid */ + ret = x509_get_rsassa_pss_params( &sig_params, + &crl->sig_md, &mgf_md, &salt_len, &trailer_field ); + if( ret != 0 ) + return( ret ); + + memcpy( &crl->sig_params, &sig_params, sizeof( x509_buf ) ); + } + else +#endif + { + /* Make sure parameters are absent or NULL */ + if( ( sig_params.tag != ASN1_NULL && sig_params.tag != 0 ) || + sig_params.len != 0 ) + return( POLARSSL_ERR_X509_INVALID_ALG ); + } + /* * issuer Name */ @@ -484,14 +511,20 @@ int x509_crl_parse( x509_crl *chain, const unsigned char *buf, size_t buflen ) * signatureAlgorithm AlgorithmIdentifier, * signatureValue BIT STRING */ - if( ( ret = x509_get_alg_null( &p, end, &crl->sig_oid2 ) ) != 0 ) + if( ( ret = x509_get_alg( &p, end, &crl->sig_oid2, &sig_params ) ) != 0 ) { x509_crl_free( crl ); return( ret ); } if( crl->sig_oid1.len != crl->sig_oid2.len || - memcmp( crl->sig_oid1.p, crl->sig_oid2.p, crl->sig_oid1.len ) != 0 ) + memcmp( crl->sig_oid1.p, crl->sig_oid2.p, crl->sig_oid1.len ) != 0 +#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) + || + crl->sig_params.len != sig_params.len || + memcmp( crl->sig_params.p, sig_params.p, sig_params.len ) != 0 +#endif + ) { x509_crl_free( crl ); return( POLARSSL_ERR_X509_SIG_MISMATCH ); @@ -681,6 +714,28 @@ int x509_crl_info( char *buf, size_t size, const char *prefix, ret = snprintf( p, n, "%s", desc ); SAFE_SNPRINTF(); +#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) + if( crl->sig_pk == POLARSSL_PK_RSASSA_PSS ) + { + md_type_t md_alg, mgf_md; + const md_info_t *md_info, *mgf_md_info; + int salt_len, trailer_field; + + if( ( ret = x509_get_rsassa_pss_params( &crl->sig_params, + &md_alg, &mgf_md, &salt_len, &trailer_field ) ) != 0 ) + return( ret ); + + md_info = md_info_from_type( md_alg ); + mgf_md_info = md_info_from_type( mgf_md ); + + ret = snprintf( p, n, " (%s, MGF1-%s, 0x%02X, %d)", + md_info ? md_info->name : "???", + mgf_md_info ? mgf_md_info->name : "???", + salt_len, trailer_field ); + SAFE_SNPRINTF(); + } +#endif /* POLARSSL_RSASSA_PSS_CERTIFICATES */ + ret = snprintf( p, n, "\n" ); SAFE_SNPRINTF(); diff --git a/tests/data_files/crl-rsa-pss-sha1.pem b/tests/data_files/crl-rsa-pss-sha1.pem new file mode 100644 index 0000000000..59ca4f703e --- /dev/null +++ b/tests/data_files/crl-rsa-pss-sha1.pem @@ -0,0 +1,14 @@ +-----BEGIN X509 CRL----- +MIICJDCCAQYCAQEwEwYJKoZIhvcNAQEKMAaiBAICAOowOzELMAkGA1UEBhMCTkwx +ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBFw0x +NDAxMjAxMzQ2MzVaFw0yNDAxMTgxMzQ2MzVaMCgwEgIBChcNMTMwOTI0MTYyODM4 +WjASAgEWFw0xNDAxMjAxMzQzMDVaoGcwZTBjBgNVHSMEXDBagBS0WuSls97SUva5 +1aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NM +MRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMBMGCSqGSIb3DQEBCjAGogQC +AgDqA4IBAQB8ZBX0BEgRcx0lfk1ctELRu1AYoJ5BnsmQpq23Ca4YIP2yb2kTN1ZS +4fR4SgYcNctgo2JJiNiUkCu1ZnRUOJUy8UlEio0+aeumTNz6CbeJEDhr5NC3oiV0 +MzvLn9rJVLPetOT9UrvvIy8iz5Pn1d8mu5rkt9BKQRq9NQx8riKnSIoTc91NLCMo +mkCCB55DVbazODSWK19e6yQ0JS454RglOsqRtLJ/EDbi6lCsLXotFt3GEGMrob1O +7Qck1Z59boaHxGYFEVnx90+4M3/qikVtwZdcBjLEmfuwYvszFw8J2y6Xwmg/HtUa +y6li0JzWNHtkKUlCv2+SESZbD3NU8GQZ +-----END X509 CRL----- diff --git a/tests/data_files/crl-rsa-pss-sha224.pem b/tests/data_files/crl-rsa-pss-sha224.pem new file mode 100644 index 0000000000..a51d5d9113 --- /dev/null +++ b/tests/data_files/crl-rsa-pss-sha224.pem @@ -0,0 +1,16 @@ +-----BEGIN X509 CRL----- +MIICejCCATECAQEwPgYJKoZIhvcNAQEKMDGgDTALBglghkgBZQMEAgShGjAYBgkq +hkiG9w0BAQgwCwYJYIZIAWUDBAIEogQCAgDiMDsxCzAJBgNVBAYTAk5MMREwDwYD +VQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVzdCBDQRcNMTQwMTIw +MTM1NjA2WhcNMjQwMTE4MTM1NjA2WjAoMBICAQoXDTEzMDkyNDE2MjgzOFowEgIB +FhcNMTQwMTIwMTM0MzA1WqBnMGUwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/r +PrzH/f+hP6Q9MDsxCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcG +A1UEAxMQUG9sYXJTU0wgVGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCG +SAFlAwQCBKEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgSiBAICAOIDggEBAEJI +i9sQOzMvvOTksN48+X+kk/wkLMKRGI222lqU6y6tP1LX3OE/+KN8gPXR+lCC+e0v +TsRTJkpKEcmHZoP/8kOtZnLb9PdITKGMQnZ+dmn5MFEzZI/zyrYWuJTuK1Q83w0e +Mc88cAhu8i4PTk/WnsWDphK1Q2YRupmmwWSUpp1Z2rpR+YSCedC01TVrtSUJUBw9 +NSqKDhyWYJIbS6/bFaERswC8xlMRhyLHUvikjmAK36TbIdhTnEffHOPW75sEOEEB +f0A3VtlZ7y5yt2/a6vOauJCivxKt/PutdHfBqH43QQmoVLWC2FmT9ADTJwcsZB3D +a6JSqCIMRCQY2JOUn0A= +-----END X509 CRL----- diff --git a/tests/data_files/crl-rsa-pss-sha256.pem b/tests/data_files/crl-rsa-pss-sha256.pem new file mode 100644 index 0000000000..f16a49118e --- /dev/null +++ b/tests/data_files/crl-rsa-pss-sha256.pem @@ -0,0 +1,16 @@ +-----BEGIN X509 CRL----- +MIICejCCATECAQEwPgYJKoZIhvcNAQEKMDGgDTALBglghkgBZQMEAgGhGjAYBgkq +hkiG9w0BAQgwCwYJYIZIAWUDBAIBogQCAgDeMDsxCzAJBgNVBAYTAk5MMREwDwYD +VQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVzdCBDQRcNMTQwMTIw +MTM1NjE2WhcNMjQwMTE4MTM1NjE2WjAoMBICAQoXDTEzMDkyNDE2MjgzOFowEgIB +FhcNMTQwMTIwMTM0MzA1WqBnMGUwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/r +PrzH/f+hP6Q9MDsxCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcG +A1UEAxMQUG9sYXJTU0wgVGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCG +SAFlAwQCAaEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4DggEBAEZ4 +oqp9i5eXrN6aCSTaU1j07MVTFW/U1jQAq6GseB6bEvoEXFMUHJsgAObqCK9flfEC +FEqXqWSo33hhPU7AKKttbDLjUYRNnQAPRUnRIl1/a1+UjqgKchWWD9ityeW8ICxo +IdATX9reYmPDLIMqTC7zuflYkvrvdEOuBORQP5mn4j8t84MSQF/p4qzaU0XxLo4X +ckzZCcHpa45AApCDjJMd9onhFVCYsykiYrF9NQFO8TI4lQ5jv79GoufEzvhY1SPB +r1xz4sMpfyaoPaa3SM2/nD65E5jzXell2u2VWNGKv4zAQP0E5yGel+1rklBltadb +XLdJyyak33CLBKu+nJc= +-----END X509 CRL----- diff --git a/tests/data_files/crl-rsa-pss-sha384.pem b/tests/data_files/crl-rsa-pss-sha384.pem new file mode 100644 index 0000000000..50f7e4cd24 --- /dev/null +++ b/tests/data_files/crl-rsa-pss-sha384.pem @@ -0,0 +1,16 @@ +-----BEGIN X509 CRL----- +MIICejCCATECAQEwPgYJKoZIhvcNAQEKMDGgDTALBglghkgBZQMEAgKhGjAYBgkq +hkiG9w0BAQgwCwYJYIZIAWUDBAICogQCAgDOMDsxCzAJBgNVBAYTAk5MMREwDwYD +VQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVzdCBDQRcNMTQwMTIw +MTM1NjI4WhcNMjQwMTE4MTM1NjI4WjAoMBICAQoXDTEzMDkyNDE2MjgzOFowEgIB +FhcNMTQwMTIwMTM0MzA1WqBnMGUwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/r +PrzH/f+hP6Q9MDsxCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcG +A1UEAxMQUG9sYXJTU0wgVGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCG +SAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiBAICAM4DggEBAAco +SntUGDLBOAu0IIZaVea5Nt1NMsMcppC0hWPuH1LKAwyUODBqpT+0+AuALK0eIdYR +a7mAB+cv2fFwmwxnQWJ1Fvx4ft/N2AAfB83VRKpSo3xR8bxloHfTWKmyxJHmH9j1 +EYmLS86rj3Nhjf4m/YlQQ3Im5HwOgSgBOE8glq5D+0Wmsi9LsNEZXEzMw7TMUgbs +y9o/ghYF/shKU4mewK3DeM9gQiTcH5A4ISXR87hBQ08AKJRAG1CLvTyzqWiUUY+k +q8iZDYF17sHrPi2yn8q9c4zdxiaWDGDdL0Lh90wXGTAageoGEq25TMuL5FpX+u1u +KUH/xf1jEnNzbYNGiZw= +-----END X509 CRL----- diff --git a/tests/data_files/crl-rsa-pss-sha512.pem b/tests/data_files/crl-rsa-pss-sha512.pem new file mode 100644 index 0000000000..0f1d6510bc --- /dev/null +++ b/tests/data_files/crl-rsa-pss-sha512.pem @@ -0,0 +1,16 @@ +-----BEGIN X509 CRL----- +MIICejCCATECAQEwPgYJKoZIhvcNAQEKMDGgDTALBglghkgBZQMEAgOhGjAYBgkq +hkiG9w0BAQgwCwYJYIZIAWUDBAIDogQCAgC+MDsxCzAJBgNVBAYTAk5MMREwDwYD +VQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVzdCBDQRcNMTQwMTIw +MTM1NjM4WhcNMjQwMTE4MTM1NjM4WjAoMBICAQoXDTEzMDkyNDE2MjgzOFowEgIB +FhcNMTQwMTIwMTM0MzA1WqBnMGUwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/r +PrzH/f+hP6Q9MDsxCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcG +A1UEAxMQUG9sYXJTU0wgVGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCG +SAFlAwQCA6EaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgOiBAICAL4DggEBAB9F +ywBfxOjetxNbCFhOYoPY2jvFCFVdlowMGuxEhX/LktqiBXqRc2r5naQSzuHqO8Iq +1zACtiDLri0CvgSHlravBNeY4c2wj//ueFE89tY5pK9E6vZp7cV+RfMx2YfGPAA2 +t7tWZ2rJWzELg8cZ8hpjSwFH7JmgJzjE5gi2gADhBYO6Vv5S3SOgqNjiN1OM31AU +p6GHK5Y1jurF5Zwzs+w3wXoXgpOxxwEC4eiS86c9kNSudwTLvDTU0bYEQE1cF+K0 +sB8QWABFJfuO5kjD2w3rWgmAiOKsZoxd1xrda+WD3JhDXnoVq3oVBIVlWVz6YID8 +enMfMvwScA5AImzu9xA= +-----END X509 CRL----- diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index a3fcbbbd15..4baa80f7c4 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -150,6 +150,26 @@ X509 CRL Information SHA512 Digest depends_on:POLARSSL_PEM_PARSE_C x509_crl_info:"data_files/crl_sha512.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-512\n" +X509 CRL information RSA-PSS, SHA1 Digest +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA1_C +x509_crl_info:"data_files/crl-rsa-pss-sha1.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:46\:35\nnext update \: 2024-01-18 13\:46\:35\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0xEA, 1)\n" + +X509 CRL information RSA-PSS, SHA224 Digest +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA256_C +x509_crl_info:"data_files/crl-rsa-pss-sha224.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:06\nnext update \: 2024-01-18 13\:56\:06\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0xE2, 1)\n" + +X509 CRL information RSA-PSS, SHA256 Digest +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA256_C +x509_crl_info:"data_files/crl-rsa-pss-sha256.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:16\nnext update \: 2024-01-18 13\:56\:16\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0xDE, 1)\n" + +X509 CRL information RSA-PSS, SHA384 Digest +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA512_C +x509_crl_info:"data_files/crl-rsa-pss-sha384.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:28\nnext update \: 2024-01-18 13\:56\:28\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0xCE, 1)\n" + +X509 CRL information RSA-PSS, SHA512 Digest +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA512_C +x509_crl_info:"data_files/crl-rsa-pss-sha512.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:38\nnext update \: 2024-01-18 13\:56\:38\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0xBE, 1)\n" + X509 CRL Information EC, SHA1 Digest depends_on:POLARSSL_PEM_PARSE_C x509_crl_info:"data_files/crl-ec-sha1.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA1\n" From 2a8d7fd76eeee43b7bb9694997a6623d6ff846b9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 24 Jan 2014 17:34:26 +0100 Subject: [PATCH 07/34] Add tests for parsing CSRs --- tests/data_files/server5.req.sha1 | 8 ++++ tests/data_files/server5.req.sha224 | 8 ++++ tests/data_files/server5.req.sha256 | 8 ++++ tests/data_files/server5.req.sha384 | 8 ++++ tests/data_files/server5.req.sha512 | 8 ++++ tests/suites/test_suite_x509parse.data | 48 ++++++++++++++++++++++ tests/suites/test_suite_x509parse.function | 23 +++++++++++ 7 files changed, 111 insertions(+) create mode 100644 tests/data_files/server5.req.sha1 create mode 100644 tests/data_files/server5.req.sha224 create mode 100644 tests/data_files/server5.req.sha256 create mode 100644 tests/data_files/server5.req.sha384 create mode 100644 tests/data_files/server5.req.sha512 diff --git a/tests/data_files/server5.req.sha1 b/tests/data_files/server5.req.sha1 new file mode 100644 index 0000000000..1a14a15013 --- /dev/null +++ b/tests/data_files/server5.req.sha1 @@ -0,0 +1,8 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIBGDCBvwIBADA0MQswCQYDVQQGEwJOTDERMA8GA1UEChMIUG9sYXJTU0wxEjAQ +BgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABDfMVtl2 +CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA2CMR/+ov0jRdXRa9iojCa3cN +Vc2KKg76Aci07f+gKTAnBgkqhkiG9w0BCQ4xGjAYMAkGA1UdEwQCMAAwCwYDVR0P +BAQDAgXgMAkGByqGSM49BAEDSQAwRgIhALSf2Mj3er+ocZCN++aEoIp5PQ9JCkPY +b88ghuTyS7DCAiEA+CnVzNN0I2kpnmKUOUcXxLcjoPaLROgxtubDvKv5ckM= +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server5.req.sha224 b/tests/data_files/server5.req.sha224 new file mode 100644 index 0000000000..276683410d --- /dev/null +++ b/tests/data_files/server5.req.sha224 @@ -0,0 +1,8 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIBGDCBvwIBADA0MQswCQYDVQQGEwJOTDERMA8GA1UEChMIUG9sYXJTU0wxEjAQ +BgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABDfMVtl2 +CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA2CMR/+ov0jRdXRa9iojCa3cN +Vc2KKg76Aci07f+gKTAnBgkqhkiG9w0BCQ4xGjAYMAkGA1UdEwQCMAAwCwYDVR0P +BAQDAgXgMAoGCCqGSM49BAMBA0gAMEUCIDYaN1m9MRk5mhX1U8aZKd0alyGKWqcR +oglF2MsIii/2AiEAjFHs8XQ0Q4yDF8oLztCxlq3nAvqmPdQz9T+TkEfh+PA= +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server5.req.sha256 b/tests/data_files/server5.req.sha256 new file mode 100644 index 0000000000..c59e15f996 --- /dev/null +++ b/tests/data_files/server5.req.sha256 @@ -0,0 +1,8 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIBFzCBvwIBADA0MQswCQYDVQQGEwJOTDERMA8GA1UEChMIUG9sYXJTU0wxEjAQ +BgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABDfMVtl2 +CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA2CMR/+ov0jRdXRa9iojCa3cN +Vc2KKg76Aci07f+gKTAnBgkqhkiG9w0BCQ4xGjAYMAkGA1UdEwQCMAAwCwYDVR0P +BAQDAgXgMAoGCCqGSM49BAMCA0cAMEQCIGmRFdjjd53oM2Zpt3E5vfqujnA+DHWk +s9OudcSWBdjmAiA7BAYjGnXyL6ATPqM7qnLVGTf3JMT+1rXl7esBm/0APA== +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server5.req.sha384 b/tests/data_files/server5.req.sha384 new file mode 100644 index 0000000000..87556c6c36 --- /dev/null +++ b/tests/data_files/server5.req.sha384 @@ -0,0 +1,8 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIBFzCBvwIBADA0MQswCQYDVQQGEwJOTDERMA8GA1UEChMIUG9sYXJTU0wxEjAQ +BgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABDfMVtl2 +CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA2CMR/+ov0jRdXRa9iojCa3cN +Vc2KKg76Aci07f+gKTAnBgkqhkiG9w0BCQ4xGjAYMAkGA1UdEwQCMAAwCwYDVR0P +BAQDAgXgMAoGCCqGSM49BAMDA0cAMEQCIDnO+PIPZJGqiky9unvq13uXxahw1bpk +Zb5NRV0c06Q5AiAo5B49tp3kDN/n0BDNt1BBGLUfhcU+Qn2SQenCyfuGLg== +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server5.req.sha512 b/tests/data_files/server5.req.sha512 new file mode 100644 index 0000000000..607741e3e7 --- /dev/null +++ b/tests/data_files/server5.req.sha512 @@ -0,0 +1,8 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIBGDCBvwIBADA0MQswCQYDVQQGEwJOTDERMA8GA1UEChMIUG9sYXJTU0wxEjAQ +BgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABDfMVtl2 +CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA2CMR/+ov0jRdXRa9iojCa3cN +Vc2KKg76Aci07f+gKTAnBgkqhkiG9w0BCQ4xGjAYMAkGA1UdEwQCMAAwCwYDVR0P +BAQDAgXgMAoGCCqGSM49BAMEA0gAMEUCIQD8xdtluTiBJM50d/WvDeUvPbXOUMlL +8xEJXU2WOK+RLAIgS8U6Z8tlJpXLEisz/j4gdABG3Y3h4PBJjlpszFisTNo= +-----END CERTIFICATE REQUEST----- diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index 4baa80f7c4..91089a4b0d 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -190,6 +190,54 @@ X509 CRL Information EC, SHA512 Digest depends_on:POLARSSL_PEM_PARSE_C x509_crl_info:"data_files/crl-ec-sha512.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA512\n" +X509 CSR Information RSA with MD4 +depends_on:POLARSSL_PEM_PARSE_C +x509_csr_info:"data_files/server1.req.md4":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with MD4\nRSA key size \: 2048 bits\n" + +X509 CSR Information RSA with MD5 +depends_on:POLARSSL_PEM_PARSE_C +x509_csr_info:"data_files/server1.req.md5":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with MD5\nRSA key size \: 2048 bits\n" + +X509 CSR Information RSA with SHA1 +depends_on:POLARSSL_PEM_PARSE_C +x509_csr_info:"data_files/server1.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\n" + +X509 CSR Information RSA with SHA224 +depends_on:POLARSSL_PEM_PARSE_C +x509_csr_info:"data_files/server1.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-224\nRSA key size \: 2048 bits\n" + +X509 CSR Information RSA with SHA256 +depends_on:POLARSSL_PEM_PARSE_C +x509_csr_info:"data_files/server1.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\n" + +X509 CSR Information RSA with SHA384 +depends_on:POLARSSL_PEM_PARSE_C +x509_csr_info:"data_files/server1.req.sha384":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-384\nRSA key size \: 2048 bits\n" + +X509 CSR Information RSA with SHA512 +depends_on:POLARSSL_PEM_PARSE_C +x509_csr_info:"data_files/server1.req.sha512":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-512\nRSA key size \: 2048 bits\n" + +X509 CSR Information EC with SHA1 +depends_on:POLARSSL_PEM_PARSE_C +x509_csr_info:"data_files/server5.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA1\nEC key size \: 256 bits\n" + +X509 CSR Information EC with SHA224 +depends_on:POLARSSL_PEM_PARSE_C +x509_csr_info:"data_files/server5.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA224\nEC key size \: 256 bits\n" + +X509 CSR Information EC with SHA256 +depends_on:POLARSSL_PEM_PARSE_C +x509_csr_info:"data_files/server5.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\n" + +X509 CSR Information EC with SHA384 +depends_on:POLARSSL_PEM_PARSE_C +x509_csr_info:"data_files/server5.req.sha384":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA384\nEC key size \: 256 bits\n" + +X509 CSR Information EC with SHA512 +depends_on:POLARSSL_PEM_PARSE_C +x509_csr_info:"data_files/server5.req.sha512":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA512\nEC key size \: 256 bits\n" + X509 Get Distinguished Name #1 depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSA_C x509_dn_gets:"data_files/server1.crt":"subject":"C=NL, O=PolarSSL, CN=PolarSSL Server 1" diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function index f3da1fc0f9..91b53aa0e5 100644 --- a/tests/suites/test_suite_x509parse.function +++ b/tests/suites/test_suite_x509parse.function @@ -1,6 +1,7 @@ /* BEGIN_HEADER */ #include #include +#include #include #include @@ -75,6 +76,28 @@ void x509_crl_info( char *crl_file, char *result_str ) } /* END_CASE */ +/* BEGIN_CASE depends_on:POLARSSL_FS_IO:POLARSSL_X509_CSR_PARSE_C */ +void x509_csr_info( char *csr_file, char *result_str ) +{ + x509_csr csr; + char buf[2000]; + int res; + + x509_csr_init( &csr ); + memset( buf, 0, 2000 ); + + TEST_ASSERT( x509_csr_parse_file( &csr, csr_file ) == 0 ); + res = x509_csr_info( buf, 2000, "", &csr ); + + x509_csr_free( &csr ); + + TEST_ASSERT( res != -1 ); + TEST_ASSERT( res != -2 ); + + TEST_ASSERT( strcmp( buf, result_str ) == 0 ); +} +/* END_CASE */ + /* BEGIN_CASE depends_on:POLARSSL_FS_IO:POLARSSL_X509_CRT_PARSE_C:POLARSSL_X509_CRL_PARSE_C */ void x509_verify( char *crt_file, char *ca_file, char *crl_file, char *cn_name_str, int result, int flags_result, From 39868ee3011bd60d7ecd2ee8f383b3b167680801 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 24 Jan 2014 18:47:17 +0100 Subject: [PATCH 08/34] Parse CSRs signed with RSASSA-PSS --- include/polarssl/x509_csr.h | 3 ++ library/x509_csr.c | 48 +++++++++++++++++++++++++- tests/data_files/server9.req.sha1 | 11 ++++++ tests/data_files/server9.req.sha224 | 12 +++++++ tests/data_files/server9.req.sha256 | 12 +++++++ tests/data_files/server9.req.sha384 | 12 +++++++ tests/data_files/server9.req.sha512 | 12 +++++++ tests/suites/test_suite_x509parse.data | 20 +++++++++++ 8 files changed, 129 insertions(+), 1 deletion(-) create mode 100644 tests/data_files/server9.req.sha1 create mode 100644 tests/data_files/server9.req.sha224 create mode 100644 tests/data_files/server9.req.sha256 create mode 100644 tests/data_files/server9.req.sha384 create mode 100644 tests/data_files/server9.req.sha512 diff --git a/include/polarssl/x509_csr.h b/include/polarssl/x509_csr.h index 8b4892aead..af3f226c86 100644 --- a/include/polarssl/x509_csr.h +++ b/include/polarssl/x509_csr.h @@ -67,6 +67,9 @@ typedef struct _x509_csr x509_buf sig; md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. POLARSSL_MD_SHA256 */ pk_type_t sig_pk /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */; +#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) + x509_buf sig_params; /**< Parameters for the signature algorithm */ +#endif } x509_csr; diff --git a/library/x509_csr.c b/library/x509_csr.c index 16e212b317..3118c0a347 100644 --- a/library/x509_csr.c +++ b/library/x509_csr.c @@ -93,6 +93,7 @@ int x509_csr_parse( x509_csr *csr, const unsigned char *buf, size_t buflen ) int ret; size_t len; unsigned char *p, *end; + x509_buf sig_params; #if defined(POLARSSL_PEM_PARSE_C) size_t use_len; pem_context pem; @@ -247,7 +248,7 @@ int x509_csr_parse( x509_csr *csr, const unsigned char *buf, size_t buflen ) * signatureAlgorithm AlgorithmIdentifier, * signature BIT STRING */ - if( ( ret = x509_get_alg_null( &p, end, &csr->sig_oid ) ) != 0 ) + if( ( ret = x509_get_alg( &p, end, &csr->sig_oid, &sig_params ) ) != 0 ) { x509_csr_free( csr ); return( ret ); @@ -260,6 +261,29 @@ int x509_csr_parse( x509_csr *csr, const unsigned char *buf, size_t buflen ) return( POLARSSL_ERR_X509_UNKNOWN_SIG_ALG ); } +#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) + if( csr->sig_pk == POLARSSL_PK_RSASSA_PSS ) + { + int salt_len, trailer_field; + md_type_t mgf_md; + + /* Make sure params are valid */ + ret = x509_get_rsassa_pss_params( &sig_params, + &csr->sig_md, &mgf_md, &salt_len, &trailer_field ); + if( ret != 0 ) + return( ret ); + + memcpy( &csr->sig_params, &sig_params, sizeof( x509_buf ) ); + } + else +#endif + { + /* Make sure parameters are absent or NULL */ + if( ( sig_params.tag != ASN1_NULL && sig_params.tag != 0 ) || + sig_params.len != 0 ) + return( POLARSSL_ERR_X509_INVALID_ALG ); + } + if( ( ret = x509_get_sig( &p, end, &csr->sig ) ) != 0 ) { x509_csr_free( csr ); @@ -386,6 +410,28 @@ int x509_csr_info( char *buf, size_t size, const char *prefix, ret = snprintf( p, n, "%s", desc ); SAFE_SNPRINTF(); +#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) + if( csr->sig_pk == POLARSSL_PK_RSASSA_PSS ) + { + md_type_t md_alg, mgf_md; + const md_info_t *md_info, *mgf_md_info; + int salt_len, trailer_field; + + if( ( ret = x509_get_rsassa_pss_params( &csr->sig_params, + &md_alg, &mgf_md, &salt_len, &trailer_field ) ) != 0 ) + return( ret ); + + md_info = md_info_from_type( md_alg ); + mgf_md_info = md_info_from_type( mgf_md ); + + ret = snprintf( p, n, " (%s, MGF1-%s, 0x%02X, %d)", + md_info ? md_info->name : "???", + mgf_md_info ? mgf_md_info->name : "???", + salt_len, trailer_field ); + SAFE_SNPRINTF(); + } +#endif /* POLARSSL_RSASSA_PSS_CERTIFICATES */ + if( ( ret = x509_key_size_helper( key_size_str, BEFORE_COLON, pk_get_name( &csr->pk ) ) ) != 0 ) { diff --git a/tests/data_files/server9.req.sha1 b/tests/data_files/server9.req.sha1 new file mode 100644 index 0000000000..b9d005382d --- /dev/null +++ b/tests/data_files/server9.req.sha1 @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIBojCCAQYCAQAwNDELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIw +EAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAN0R +ip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7CuxNA24oSjokTJKXF9frY9ZDX +yMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsIi2OZOgol7kXSGFi6uZMa7dRY +mmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCVAgMBAAGgKTAnBgkqhkiG9w0B +CQ4xGjAYMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgXgMBIGCSqGSIb3DQEBCjAFogMC +AWoDgYEA2n8SOoiJCs+YyH2VXoUVxhutdXGP4+7cECakl2mmVEKhxXDMEG7hEFkB +mkk4b1kRNOQHKqUq3crfi0OkMcPGkPiLlYLKgT51CgsBhuJaMsdCYo/5POgTZD4u +FI5gfyO70Xpq9QmrWEqqTdalRG7+UmGa3VEUVyXTDnQZfU1N2QE= +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server9.req.sha224 b/tests/data_files/server9.req.sha224 new file mode 100644 index 0000000000..fe1c797edf --- /dev/null +++ b/tests/data_files/server9.req.sha224 @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIBzTCCAQYCAQAwNDELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIw +EAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAN0R +ip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7CuxNA24oSjokTJKXF9frY9ZDX +yMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsIi2OZOgol7kXSGFi6uZMa7dRY +mmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCVAgMBAAGgKTAnBgkqhkiG9w0B +CQ4xGjAYMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgXgMD0GCSqGSIb3DQEBCjAwoA0w +CwYJYIZIAWUDBAIEoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCBKIDAgFiA4GB +AMlYYZKqpDqg5UZZq3NB3QUR9qftY/52/0gPfruw5s2gNtFmG1uyEBJX/oc7C/fU +lxo74HDraWJyvP7c3MMhOuwr/RfPNQhA2Hgwz9RuJIBhQrJfiZuHsCfiKVofMuMf +ar/4EKfyoELDdilhg6i+abahGOkqyXsjavFtyDSeCpXH +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server9.req.sha256 b/tests/data_files/server9.req.sha256 new file mode 100644 index 0000000000..0ef9ef0288 --- /dev/null +++ b/tests/data_files/server9.req.sha256 @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIBzTCCAQYCAQAwNDELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIw +EAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAN0R +ip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7CuxNA24oSjokTJKXF9frY9ZDX +yMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsIi2OZOgol7kXSGFi6uZMa7dRY +mmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCVAgMBAAGgKTAnBgkqhkiG9w0B +CQ4xGjAYMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgXgMD0GCSqGSIb3DQEBCjAwoA0w +CwYJYIZIAWUDBAIBoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCAaIDAgFeA4GB +ACUaCTidvzWVJNKmRrriufThGUfw5Xgdsc3Ga8Cx+vRf+bPZmR3NVkc0Zq9uc0+8 +d1WXaLzbmge6IbcvTPWCLNDAWI9UzoQ6WS9myM3eDEGdruClYwb5BVLx3MvhvooK +L/H6snE1dHNPXyCNVFTJIll3bRlVMRsfZpDhmz8/ImJ4 +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server9.req.sha384 b/tests/data_files/server9.req.sha384 new file mode 100644 index 0000000000..0103450270 --- /dev/null +++ b/tests/data_files/server9.req.sha384 @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIBzTCCAQYCAQAwNDELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIw +EAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAN0R +ip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7CuxNA24oSjokTJKXF9frY9ZDX +yMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsIi2OZOgol7kXSGFi6uZMa7dRY +mmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCVAgMBAAGgKTAnBgkqhkiG9w0B +CQ4xGjAYMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgXgMD0GCSqGSIb3DQEBCjAwoA0w +CwYJYIZIAWUDBAICoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCAqIDAgFOA4GB +ANfZGK6nE/CP9PuALFzbA/mvOnYlI60pMowscRfCYpvR25iQJVhAJfYVXADRN3qd +NAiFWNVcjFMIkRlq7qifBN97VHGeYoWIuw9gYEb3OqDGzOsYP0KIgMNt8/A4qCkj +5MzolOYyT+N+QFGV0pdCNpX7QppfNdFyFAmWXa171RzG +-----END CERTIFICATE REQUEST----- diff --git a/tests/data_files/server9.req.sha512 b/tests/data_files/server9.req.sha512 new file mode 100644 index 0000000000..676b5c996b --- /dev/null +++ b/tests/data_files/server9.req.sha512 @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIBzTCCAQYCAQAwNDELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRIw +EAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAN0R +ip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7CuxNA24oSjokTJKXF9frY9ZDX +yMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsIi2OZOgol7kXSGFi6uZMa7dRY +mmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCVAgMBAAGgKTAnBgkqhkiG9w0B +CQ4xGjAYMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgXgMD0GCSqGSIb3DQEBCjAwoA0w +CwYJYIZIAWUDBAIDoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCA6IDAgE+A4GB +ACxWBhPkhyVlBY/mwkrW7OjYsaN2/ZlFSv76w63b61BpigReJsggMut5EPOgfGYJ +rzygKDlF/NtmMN22jWrFup9LsZJAX0gYbLmliiaG9Hch+i/8b42oaQTDWGFZ9LiY +W7F7X0f9lpzNKOtQ8ix0s+nYS2ONyzfu55+Rlzf8/63M +-----END CERTIFICATE REQUEST----- diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index 91089a4b0d..956815749e 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -238,6 +238,26 @@ X509 CSR Information EC with SHA512 depends_on:POLARSSL_PEM_PARSE_C x509_csr_info:"data_files/server5.req.sha512":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA512\nEC key size \: 256 bits\n" +X509 CSR Information RSA-PSS with SHA1 +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA1_C +x509_csr_info:"data_files/server9.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0x6A, 1)\nRSA key size \: 1024 bits\n" + +X509 CSR Information RSA-PSS with SHA224 +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA256_C +x509_csr_info:"data_files/server9.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0x62, 1)\nRSA key size \: 1024 bits\n" + +X509 CSR Information RSA-PSS with SHA256 +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA256_C +x509_csr_info:"data_files/server9.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0x5E, 1)\nRSA key size \: 1024 bits\n" + +X509 CSR Information RSA-PSS with SHA384 +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA512_C +x509_csr_info:"data_files/server9.req.sha384":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0x4E, 1)\nRSA key size \: 1024 bits\n" + +X509 CSR Information RSA-PSS with SHA512 +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA512_C +x509_csr_info:"data_files/server9.req.sha512":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0x3E, 1)\nRSA key size \: 1024 bits\n" + X509 Get Distinguished Name #1 depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSA_C x509_dn_gets:"data_files/server1.crt":"subject":"C=NL, O=PolarSSL, CN=PolarSSL Server 1" From cf975a3857e72ad9a0b38ada9a3d3d497f9cf752 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 24 Jan 2014 19:28:43 +0100 Subject: [PATCH 09/34] Factor out some common code --- ChangeLog | 4 +++- include/polarssl/x509.h | 4 ++-- library/x509.c | 33 +++++++++++++++++++++++++++++---- library/x509_crl.c | 25 +++---------------------- library/x509_crt.c | 25 +++---------------------- library/x509_csr.c | 25 +++---------------------- 6 files changed, 43 insertions(+), 73 deletions(-) diff --git a/ChangeLog b/ChangeLog index 28a28df44e..29b848da17 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,8 @@ PolarSSL ChangeLog (Sorted per branch, date) +TODO: bump SOVERSION +(internal-but-not-static function x509_get_sig_alg() changed prototype) + = PolarSSL 1.3 branch Features * Add CCM module and cipher mode to Cipher Layer @@ -157,7 +160,6 @@ Bugfix * Fix typo in rsa_copy() that impacted PKCS#1 v2 contexts * x509_get_current_time() uses localtime_r() to prevent thread issues -= PolarSSL 1.3.4 released on 2014-01-27 Features * Support for the Koblitz curves: secp192k1, secp224k1, secp256k1 * Support for RIPEMD-160 diff --git a/include/polarssl/x509.h b/include/polarssl/x509.h index f72effd39e..16b1edae24 100644 --- a/include/polarssl/x509.h +++ b/include/polarssl/x509.h @@ -284,8 +284,8 @@ int x509_get_rsassa_pss_params( const x509_buf *params, int *salt_len, int *trailer_field ); #endif int x509_get_sig( unsigned char **p, const unsigned char *end, x509_buf *sig ); -int x509_get_sig_alg( const x509_buf *sig_oid, md_type_t *md_alg, - pk_type_t *pk_alg ); +int x509_get_sig_alg( const x509_buf *sig_oid, const x509_buf *sig_params, + md_type_t *md_alg, pk_type_t *pk_alg ); int x509_get_time( unsigned char **p, const unsigned char *end, x509_time *time ); int x509_get_serial( unsigned char **p, const unsigned char *end, diff --git a/library/x509.c b/library/x509.c index 48c11ef716..3e93c3a2ac 100644 --- a/library/x509.c +++ b/library/x509.c @@ -547,14 +547,39 @@ int x509_get_sig( unsigned char **p, const unsigned char *end, x509_buf *sig ) return( 0 ); } -int x509_get_sig_alg( const x509_buf *sig_oid, md_type_t *md_alg, - pk_type_t *pk_alg ) +/* + * Get signature algorithm from alg OID and optional parameters + */ +int x509_get_sig_alg( const x509_buf *sig_oid, const x509_buf *sig_params, + md_type_t *md_alg, pk_type_t *pk_alg ) { - int ret = oid_get_sig_alg( sig_oid, md_alg, pk_alg ); + int ret; - if( ret != 0 ) + if( ( ret = oid_get_sig_alg( sig_oid, md_alg, pk_alg ) ) != 0 ) return( POLARSSL_ERR_X509_UNKNOWN_SIG_ALG + ret ); +#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) + if( *pk_alg == POLARSSL_PK_RSASSA_PSS ) + { + int salt_len, trailer_field; + md_type_t mgf_md; + + /* Make sure params are valid */ + ret = x509_get_rsassa_pss_params( sig_params, + md_alg, &mgf_md, &salt_len, &trailer_field ); + if( ret != 0 ) + return( ret ); + + } + else +#endif + { + /* Make sure parameters are absent or NULL */ + if( ( sig_params->tag != ASN1_NULL && sig_params->tag != 0 ) || + sig_params->len != 0 ) + return( POLARSSL_ERR_X509_INVALID_ALG ); + } + return( 0 ); } diff --git a/library/x509_crl.c b/library/x509_crl.c index 6c9ec597fa..f2bd0c14b2 100644 --- a/library/x509_crl.c +++ b/library/x509_crl.c @@ -397,35 +397,16 @@ int x509_crl_parse( x509_crl *chain, const unsigned char *buf, size_t buflen ) return( POLARSSL_ERR_X509_UNKNOWN_VERSION ); } - if( ( ret = x509_get_sig_alg( &crl->sig_oid1, &crl->sig_md, - &crl->sig_pk ) ) != 0 ) + if( ( ret = x509_get_sig_alg( &crl->sig_oid1, &sig_params, + &crl->sig_md, &crl->sig_pk ) ) != 0 ) { x509_crl_free( crl ); return( POLARSSL_ERR_X509_UNKNOWN_SIG_ALG ); } #if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) - if( crl->sig_pk == POLARSSL_PK_RSASSA_PSS ) - { - int salt_len, trailer_field; - md_type_t mgf_md; - - /* Make sure params are valid */ - ret = x509_get_rsassa_pss_params( &sig_params, - &crl->sig_md, &mgf_md, &salt_len, &trailer_field ); - if( ret != 0 ) - return( ret ); - - memcpy( &crl->sig_params, &sig_params, sizeof( x509_buf ) ); - } - else + memcpy( &crl->sig_params, &sig_params, sizeof( x509_buf ) ); #endif - { - /* Make sure parameters are absent or NULL */ - if( ( sig_params.tag != ASN1_NULL && sig_params.tag != 0 ) || - sig_params.len != 0 ) - return( POLARSSL_ERR_X509_INVALID_ALG ); - } /* * issuer Name diff --git a/library/x509_crt.c b/library/x509_crt.c index 6b92688782..3fda8641fa 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -615,35 +615,16 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf, return( POLARSSL_ERR_X509_UNKNOWN_VERSION ); } - if( ( ret = x509_get_sig_alg( &crt->sig_oid1, &crt->sig_md, - &crt->sig_pk ) ) != 0 ) + if( ( ret = x509_get_sig_alg( &crt->sig_oid1, &sig_params, + &crt->sig_md, &crt->sig_pk ) ) != 0 ) { x509_crt_free( crt ); return( ret ); } #if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) - if( crt->sig_pk == POLARSSL_PK_RSASSA_PSS ) - { - int salt_len, trailer_field; - md_type_t mgf_md; - - /* Make sure params are valid */ - ret = x509_get_rsassa_pss_params( &sig_params, - &crt->sig_md, &mgf_md, &salt_len, &trailer_field ); - if( ret != 0 ) - return( ret ); - - memcpy( &crt->sig_params, &sig_params, sizeof( x509_buf ) ); - } - else + memcpy( &crt->sig_params, &sig_params, sizeof( x509_buf ) ); #endif - { - /* Make sure parameters are absent or NULL */ - if( ( sig_params.tag != ASN1_NULL && sig_params.tag != 0 ) || - sig_params.len != 0 ) - return( POLARSSL_ERR_X509_INVALID_ALG ); - } /* * issuer Name diff --git a/library/x509_csr.c b/library/x509_csr.c index 3118c0a347..a0d4c363ae 100644 --- a/library/x509_csr.c +++ b/library/x509_csr.c @@ -254,35 +254,16 @@ int x509_csr_parse( x509_csr *csr, const unsigned char *buf, size_t buflen ) return( ret ); } - if( ( ret = x509_get_sig_alg( &csr->sig_oid, &csr->sig_md, - &csr->sig_pk ) ) != 0 ) + if( ( ret = x509_get_sig_alg( &csr->sig_oid, &sig_params, + &csr->sig_md, &csr->sig_pk ) ) != 0 ) { x509_csr_free( csr ); return( POLARSSL_ERR_X509_UNKNOWN_SIG_ALG ); } #if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) - if( csr->sig_pk == POLARSSL_PK_RSASSA_PSS ) - { - int salt_len, trailer_field; - md_type_t mgf_md; - - /* Make sure params are valid */ - ret = x509_get_rsassa_pss_params( &sig_params, - &csr->sig_md, &mgf_md, &salt_len, &trailer_field ); - if( ret != 0 ) - return( ret ); - - memcpy( &csr->sig_params, &sig_params, sizeof( x509_buf ) ); - } - else + memcpy( &csr->sig_params, &sig_params, sizeof( x509_buf ) ); #endif - { - /* Make sure parameters are absent or NULL */ - if( ( sig_params.tag != ASN1_NULL && sig_params.tag != 0 ) || - sig_params.len != 0 ) - return( POLARSSL_ERR_X509_INVALID_ALG ); - } if( ( ret = x509_get_sig( &p, end, &csr->sig ) ) != 0 ) { From cac31eed9e70cb7f8d9727af94c373c877b88896 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Sat, 25 Jan 2014 11:50:59 +0100 Subject: [PATCH 10/34] Factor common code for printing sig_alg --- include/polarssl/x509.h | 2 ++ library/x509.c | 46 +++++++++++++++++++++++++++++++++++++++++ library/x509_crl.c | 34 ++++++------------------------ library/x509_crt.c | 34 ++++++------------------------ library/x509_csr.c | 34 ++++++------------------------ 5 files changed, 66 insertions(+), 84 deletions(-) diff --git a/include/polarssl/x509.h b/include/polarssl/x509.h index 16b1edae24..a21c1f0e00 100644 --- a/include/polarssl/x509.h +++ b/include/polarssl/x509.h @@ -293,6 +293,8 @@ int x509_get_serial( unsigned char **p, const unsigned char *end, int x509_get_ext( unsigned char **p, const unsigned char *end, x509_buf *ext, int tag ); int x509_load_file( const char *path, unsigned char **buf, size_t *n ); +int x509_sig_alg_gets( char *buf, size_t size, const x509_buf *sig_oid, + pk_type_t pk_alg, const x509_buf *sig_params ); int x509_key_size_helper( char *buf, size_t size, const char *name ); int x509_string_to_names( asn1_named_data **head, const char *name ); int x509_set_extension( asn1_named_data **head, const char *oid, size_t oid_len, diff --git a/library/x509.c b/library/x509.c index 3e93c3a2ac..02756f87b2 100644 --- a/library/x509.c +++ b/library/x509.c @@ -815,6 +815,52 @@ int x509_serial_gets( char *buf, size_t size, const x509_buf *serial ) return( (int) ( size - n ) ); } +/* + * Helper for writing signature alrogithms + */ +int x509_sig_alg_gets( char *buf, size_t size, const x509_buf *sig_oid, + pk_type_t pk_alg, const x509_buf *sig_params ) +{ + int ret; + char *p = buf; + size_t n = size; + const char *desc = NULL; + + ret = oid_get_sig_alg_desc( sig_oid, &desc ); + if( ret != 0 ) + ret = snprintf( p, n, "???" ); + else + ret = snprintf( p, n, "%s", desc ); + SAFE_SNPRINTF(); + +#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) + if( pk_alg == POLARSSL_PK_RSASSA_PSS ) + { + md_type_t md_alg, mgf_md; + const md_info_t *md_info, *mgf_md_info; + int salt_len, trailer_field; + + if( ( ret = x509_get_rsassa_pss_params( sig_params, + &md_alg, &mgf_md, &salt_len, &trailer_field ) ) != 0 ) + return( ret ); + + md_info = md_info_from_type( md_alg ); + mgf_md_info = md_info_from_type( mgf_md ); + + ret = snprintf( p, n, " (%s, MGF1-%s, 0x%02X, %d)", + md_info ? md_info->name : "???", + mgf_md_info ? mgf_md_info->name : "???", + salt_len, trailer_field ); + SAFE_SNPRINTF(); + } +#else + ((void) pk_alg); + ((void) sig_params); +#endif /* POLARSSL_RSASSA_PSS_CERTIFICATES */ + + return( (int) size - n ); +} + /* * Helper for writing "RSA key size", "EC key size", etc */ diff --git a/library/x509_crl.c b/library/x509_crl.c index f2bd0c14b2..986fc26d41 100644 --- a/library/x509_crl.c +++ b/library/x509_crl.c @@ -631,8 +631,12 @@ int x509_crl_info( char *buf, size_t size, const char *prefix, int ret; size_t n; char *p; - const char *desc; const x509_crl_entry *entry; +#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) + const x509_buf *sig_params = &crl->sig_params; +#else + const x509_buf *sig_params = NULL; +#endif p = buf; n = size; @@ -688,35 +692,9 @@ int x509_crl_info( char *buf, size_t size, const char *prefix, ret = snprintf( p, n, "\n%ssigned using : ", prefix ); SAFE_SNPRINTF(); - ret = oid_get_sig_alg_desc( &crl->sig_oid1, &desc ); - if( ret != 0 ) - ret = snprintf( p, n, "???" ); - else - ret = snprintf( p, n, "%s", desc ); + ret = x509_sig_alg_gets( p, n, &crl->sig_oid1, crl->sig_pk, sig_params ); SAFE_SNPRINTF(); -#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) - if( crl->sig_pk == POLARSSL_PK_RSASSA_PSS ) - { - md_type_t md_alg, mgf_md; - const md_info_t *md_info, *mgf_md_info; - int salt_len, trailer_field; - - if( ( ret = x509_get_rsassa_pss_params( &crl->sig_params, - &md_alg, &mgf_md, &salt_len, &trailer_field ) ) != 0 ) - return( ret ); - - md_info = md_info_from_type( md_alg ); - mgf_md_info = md_info_from_type( mgf_md ); - - ret = snprintf( p, n, " (%s, MGF1-%s, 0x%02X, %d)", - md_info ? md_info->name : "???", - mgf_md_info ? mgf_md_info->name : "???", - salt_len, trailer_field ); - SAFE_SNPRINTF(); - } -#endif /* POLARSSL_RSASSA_PSS_CERTIFICATES */ - ret = snprintf( p, n, "\n" ); SAFE_SNPRINTF(); diff --git a/library/x509_crt.c b/library/x509_crt.c index 3fda8641fa..de95c0f593 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -1258,8 +1258,12 @@ int x509_crt_info( char *buf, size_t size, const char *prefix, int ret; size_t n; char *p; - const char *desc = NULL; char key_size_str[BEFORE_COLON]; +#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) + const x509_buf *sig_params = &crt->sig_params; +#else + const x509_buf *sig_params = NULL; +#endif p = buf; n = size; @@ -1301,35 +1305,9 @@ int x509_crt_info( char *buf, size_t size, const char *prefix, ret = snprintf( p, n, "\n%ssigned using : ", prefix ); SAFE_SNPRINTF(); - ret = oid_get_sig_alg_desc( &crt->sig_oid1, &desc ); - if( ret != 0 ) - ret = snprintf( p, n, "???" ); - else - ret = snprintf( p, n, "%s", desc ); + ret = x509_sig_alg_gets( p, n, &crt->sig_oid1, crt->sig_pk, sig_params ); SAFE_SNPRINTF(); -#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) - if( crt->sig_pk == POLARSSL_PK_RSASSA_PSS ) - { - md_type_t md_alg, mgf_md; - const md_info_t *md_info, *mgf_md_info; - int salt_len, trailer_field; - - if( ( ret = x509_get_rsassa_pss_params( &crt->sig_params, - &md_alg, &mgf_md, &salt_len, &trailer_field ) ) != 0 ) - return( ret ); - - md_info = md_info_from_type( md_alg ); - mgf_md_info = md_info_from_type( mgf_md ); - - ret = snprintf( p, n, " (%s, MGF1-%s, 0x%02X, %d)", - md_info ? md_info->name : "???", - mgf_md_info ? mgf_md_info->name : "???", - salt_len, trailer_field ); - SAFE_SNPRINTF(); - } -#endif /* POLARSSL_RSASSA_PSS_CERTIFICATES */ - /* Key size */ if( ( ret = x509_key_size_helper( key_size_str, BEFORE_COLON, pk_get_name( &crt->pk ) ) ) != 0 ) diff --git a/library/x509_csr.c b/library/x509_csr.c index a0d4c363ae..082e461913 100644 --- a/library/x509_csr.c +++ b/library/x509_csr.c @@ -366,8 +366,12 @@ int x509_csr_info( char *buf, size_t size, const char *prefix, int ret; size_t n; char *p; - const char *desc; char key_size_str[BEFORE_COLON]; +#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) + const x509_buf *sig_params = &csr->sig_params; +#else + const x509_buf *sig_params = NULL; +#endif p = buf; n = size; @@ -384,35 +388,9 @@ int x509_csr_info( char *buf, size_t size, const char *prefix, ret = snprintf( p, n, "\n%ssigned using : ", prefix ); SAFE_SNPRINTF(); - ret = oid_get_sig_alg_desc( &csr->sig_oid, &desc ); - if( ret != 0 ) - ret = snprintf( p, n, "???" ); - else - ret = snprintf( p, n, "%s", desc ); + ret = x509_sig_alg_gets( p, n, &csr->sig_oid, csr->sig_pk, sig_params ); SAFE_SNPRINTF(); -#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) - if( csr->sig_pk == POLARSSL_PK_RSASSA_PSS ) - { - md_type_t md_alg, mgf_md; - const md_info_t *md_info, *mgf_md_info; - int salt_len, trailer_field; - - if( ( ret = x509_get_rsassa_pss_params( &csr->sig_params, - &md_alg, &mgf_md, &salt_len, &trailer_field ) ) != 0 ) - return( ret ); - - md_info = md_info_from_type( md_alg ); - mgf_md_info = md_info_from_type( mgf_md ); - - ret = snprintf( p, n, " (%s, MGF1-%s, 0x%02X, %d)", - md_info ? md_info->name : "???", - mgf_md_info ? mgf_md_info->name : "???", - salt_len, trailer_field ); - SAFE_SNPRINTF(); - } -#endif /* POLARSSL_RSASSA_PSS_CERTIFICATES */ - if( ( ret = x509_key_size_helper( key_size_str, BEFORE_COLON, pk_get_name( &csr->pk ) ) ) != 0 ) { From 78117d57b0b2725ca62a75c53cfabda578247711 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Sat, 31 May 2014 17:08:16 +0200 Subject: [PATCH 11/34] Consider trailerField a constant --- include/polarssl/x509.h | 2 +- library/x509.c | 28 +++++++++++++++--------- tests/suites/test_suite_x509parse.data | 30 +++++++++++++------------- 3 files changed, 34 insertions(+), 26 deletions(-) diff --git a/include/polarssl/x509.h b/include/polarssl/x509.h index a21c1f0e00..e11bd90e15 100644 --- a/include/polarssl/x509.h +++ b/include/polarssl/x509.h @@ -281,7 +281,7 @@ int x509_get_alg( unsigned char **p, const unsigned char *end, #if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) int x509_get_rsassa_pss_params( const x509_buf *params, md_type_t *md_alg, md_type_t *mgf_md, - int *salt_len, int *trailer_field ); + int *salt_len ); #endif int x509_get_sig( unsigned char **p, const unsigned char *end, x509_buf *sig ); int x509_get_sig_alg( const x509_buf *sig_oid, const x509_buf *sig_params, diff --git a/library/x509.c b/library/x509.c index 02756f87b2..8e53eb798b 100644 --- a/library/x509.c +++ b/library/x509.c @@ -201,10 +201,14 @@ static int x509_get_hash_alg( const x509_buf *alg, md_type_t *md_alg ) * saltLength [2] INTEGER DEFAULT 20, * trailerField [3] INTEGER DEFAULT 1 } * -- Note that the tags in this Sequence are explicit. + * + * RFC 4055 (which defines use of RSASSA-PSS in PKIX) states that the value + * of trailerField MUST be 1, and PKCS#1 v2.2 doesn't even define any other + * option. Enfore this at parsing time. */ int x509_get_rsassa_pss_params( const x509_buf *params, md_type_t *md_alg, md_type_t *mgf_md, - int *salt_len, int *trailer_field ) + int *salt_len ) { int ret; unsigned char *p; @@ -216,7 +220,6 @@ int x509_get_rsassa_pss_params( const x509_buf *params, *md_alg = POLARSSL_MD_SHA1; *mgf_md = POLARSSL_MD_SHA1; *salt_len = 20; - *trailer_field = 1; /* Make sure params is a SEQUENCE and setup bounds */ if( params->tag != ( ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) @@ -307,19 +310,24 @@ int x509_get_rsassa_pss_params( const x509_buf *params, return( 0 ); /* - * trailer_field + * trailer_field (if present, must be 1) */ if( ( ret = asn1_get_tag( &p, end, &len, ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 3 ) ) == 0 ) { + int trailer_field; + end2 = p + len; - if( ( ret = asn1_get_int( &p, end2, trailer_field ) ) != 0 ) + if( ( ret = asn1_get_int( &p, end2, &trailer_field ) ) != 0 ) return( POLARSSL_ERR_X509_INVALID_ALG + ret ); if( p != end2 ) return( POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + + if( trailer_field != 1 ) + return( POLARSSL_ERR_X509_INVALID_ALG ); } else if( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) return( POLARSSL_ERR_X509_INVALID_ALG + ret ); @@ -561,12 +569,12 @@ int x509_get_sig_alg( const x509_buf *sig_oid, const x509_buf *sig_params, #if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) if( *pk_alg == POLARSSL_PK_RSASSA_PSS ) { - int salt_len, trailer_field; + int salt_len; md_type_t mgf_md; /* Make sure params are valid */ ret = x509_get_rsassa_pss_params( sig_params, - md_alg, &mgf_md, &salt_len, &trailer_field ); + md_alg, &mgf_md, &salt_len ); if( ret != 0 ) return( ret ); @@ -838,19 +846,19 @@ int x509_sig_alg_gets( char *buf, size_t size, const x509_buf *sig_oid, { md_type_t md_alg, mgf_md; const md_info_t *md_info, *mgf_md_info; - int salt_len, trailer_field; + int salt_len; if( ( ret = x509_get_rsassa_pss_params( sig_params, - &md_alg, &mgf_md, &salt_len, &trailer_field ) ) != 0 ) + &md_alg, &mgf_md, &salt_len ) ) != 0 ) return( ret ); md_info = md_info_from_type( md_alg ); mgf_md_info = md_info_from_type( mgf_md ); - ret = snprintf( p, n, " (%s, MGF1-%s, 0x%02X, %d)", + ret = snprintf( p, n, " (%s, MGF1-%s, 0x%02X)", md_info ? md_info->name : "???", mgf_md_info ? mgf_md_info->name : "???", - salt_len, trailer_field ); + salt_len ); SAFE_SNPRINTF(); } #else diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index 956815749e..59bd2fb4ab 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -44,23 +44,23 @@ x509_cert_info:"data_files/cert_sha512.crt":"cert. version \: 3\nserial numb X509 Certificate information RSA-PSS, SHA1 Digest depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA1_C -x509_cert_info:"data_files/server9.crt":"cert. version \: 3\nserial number \: 16\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:38\:16\nexpires on \: 2024-01-18 13\:38\:16\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0xEA, 1)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" +x509_cert_info:"data_files/server9.crt":"cert. version \: 3\nserial number \: 16\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:38\:16\nexpires on \: 2024-01-18 13\:38\:16\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0xEA)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" X509 Certificate information RSA-PSS, SHA224 Digest depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA256_C -x509_cert_info:"data_files/server9-sha224.crt":"cert. version \: 3\nserial number \: 17\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:36\nexpires on \: 2024-01-18 13\:57\:36\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0xE2, 1)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" +x509_cert_info:"data_files/server9-sha224.crt":"cert. version \: 3\nserial number \: 17\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:36\nexpires on \: 2024-01-18 13\:57\:36\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0xE2)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" X509 Certificate information RSA-PSS, SHA256 Digest depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA256_C -x509_cert_info:"data_files/server9-sha256.crt":"cert. version \: 3\nserial number \: 18\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:45\nexpires on \: 2024-01-18 13\:57\:45\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0xDE, 1)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" +x509_cert_info:"data_files/server9-sha256.crt":"cert. version \: 3\nserial number \: 18\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:45\nexpires on \: 2024-01-18 13\:57\:45\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0xDE)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" X509 Certificate information RSA-PSS, SHA384 Digest depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA512_C -x509_cert_info:"data_files/server9-sha384.crt":"cert. version \: 3\nserial number \: 19\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:58\nexpires on \: 2024-01-18 13\:57\:58\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0xCE, 1)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" +x509_cert_info:"data_files/server9-sha384.crt":"cert. version \: 3\nserial number \: 19\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:58\nexpires on \: 2024-01-18 13\:57\:58\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0xCE)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" X509 Certificate information RSA-PSS, SHA512 Digest depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA512_C -x509_cert_info:"data_files/server9-sha512.crt":"cert. version \: 3\nserial number \: 1A\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:58\:12\nexpires on \: 2024-01-18 13\:58\:12\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0xBE, 1)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" +x509_cert_info:"data_files/server9-sha512.crt":"cert. version \: 3\nserial number \: 1A\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:58\:12\nexpires on \: 2024-01-18 13\:58\:12\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0xBE)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" X509 Certificate information EC, SHA1 Digest depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_ECP_C:POLARSSL_ECP_DP_SECP256R1_ENABLED @@ -152,23 +152,23 @@ x509_crl_info:"data_files/crl_sha512.pem":"CRL version \: 1\nissuer name \: X509 CRL information RSA-PSS, SHA1 Digest depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA1_C -x509_crl_info:"data_files/crl-rsa-pss-sha1.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:46\:35\nnext update \: 2024-01-18 13\:46\:35\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0xEA, 1)\n" +x509_crl_info:"data_files/crl-rsa-pss-sha1.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:46\:35\nnext update \: 2024-01-18 13\:46\:35\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0xEA)\n" X509 CRL information RSA-PSS, SHA224 Digest depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA256_C -x509_crl_info:"data_files/crl-rsa-pss-sha224.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:06\nnext update \: 2024-01-18 13\:56\:06\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0xE2, 1)\n" +x509_crl_info:"data_files/crl-rsa-pss-sha224.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:06\nnext update \: 2024-01-18 13\:56\:06\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0xE2)\n" X509 CRL information RSA-PSS, SHA256 Digest depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA256_C -x509_crl_info:"data_files/crl-rsa-pss-sha256.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:16\nnext update \: 2024-01-18 13\:56\:16\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0xDE, 1)\n" +x509_crl_info:"data_files/crl-rsa-pss-sha256.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:16\nnext update \: 2024-01-18 13\:56\:16\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0xDE)\n" X509 CRL information RSA-PSS, SHA384 Digest depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA512_C -x509_crl_info:"data_files/crl-rsa-pss-sha384.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:28\nnext update \: 2024-01-18 13\:56\:28\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0xCE, 1)\n" +x509_crl_info:"data_files/crl-rsa-pss-sha384.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:28\nnext update \: 2024-01-18 13\:56\:28\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0xCE)\n" X509 CRL information RSA-PSS, SHA512 Digest depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA512_C -x509_crl_info:"data_files/crl-rsa-pss-sha512.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:38\nnext update \: 2024-01-18 13\:56\:38\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0xBE, 1)\n" +x509_crl_info:"data_files/crl-rsa-pss-sha512.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:38\nnext update \: 2024-01-18 13\:56\:38\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0xBE)\n" X509 CRL Information EC, SHA1 Digest depends_on:POLARSSL_PEM_PARSE_C @@ -240,23 +240,23 @@ x509_csr_info:"data_files/server5.req.sha512":"CSR version \: 1\nsubject name X509 CSR Information RSA-PSS with SHA1 depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA1_C -x509_csr_info:"data_files/server9.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0x6A, 1)\nRSA key size \: 1024 bits\n" +x509_csr_info:"data_files/server9.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0x6A)\nRSA key size \: 1024 bits\n" X509 CSR Information RSA-PSS with SHA224 depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA256_C -x509_csr_info:"data_files/server9.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0x62, 1)\nRSA key size \: 1024 bits\n" +x509_csr_info:"data_files/server9.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0x62)\nRSA key size \: 1024 bits\n" X509 CSR Information RSA-PSS with SHA256 depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA256_C -x509_csr_info:"data_files/server9.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0x5E, 1)\nRSA key size \: 1024 bits\n" +x509_csr_info:"data_files/server9.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0x5E)\nRSA key size \: 1024 bits\n" X509 CSR Information RSA-PSS with SHA384 depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA512_C -x509_csr_info:"data_files/server9.req.sha384":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0x4E, 1)\nRSA key size \: 1024 bits\n" +x509_csr_info:"data_files/server9.req.sha384":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0x4E)\nRSA key size \: 1024 bits\n" X509 CSR Information RSA-PSS with SHA512 depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA512_C -x509_csr_info:"data_files/server9.req.sha512":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0x3E, 1)\nRSA key size \: 1024 bits\n" +x509_csr_info:"data_files/server9.req.sha512":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0x3E)\nRSA key size \: 1024 bits\n" X509 Get Distinguished Name #1 depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSA_C From e6d1d82b66d4c63fb1a616b4174dc427ffc562dd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 2 Jun 2014 16:47:02 +0200 Subject: [PATCH 12/34] Relax checks on RSA mode for public key operations --- include/polarssl/rsa.h | 45 +++++++++++++++++++++--------------------- library/rsa.c | 30 ++++++++++++++++++---------- 2 files changed, 42 insertions(+), 33 deletions(-) diff --git a/include/polarssl/rsa.h b/include/polarssl/rsa.h index 1c697fbc33..c57ff979eb 100644 --- a/include/polarssl/rsa.h +++ b/include/polarssl/rsa.h @@ -126,6 +126,17 @@ rsa_context; * * \note The hash_id parameter is actually ignored * when using RSA_PKCS_V15 padding. + * + * \note Choice of padding mode is strictly enforced for private key + * operations, since there might be security concerns in + * mixing padding modes. For public key operations it's merely + * a default value, which can be overriden by calling specific + * rsa_rsaes_xxx or rsa_rsassa_xxx functions. + * + * \note The chosen hash is always used for OEAP encryption. + * For PSS signatures, it's always used for making signatures, + * but can be overriden (and always is, if set to + * POLARSSL_MD_NONE) for verifying them. */ void rsa_init( rsa_context *ctx, int padding, @@ -133,16 +144,11 @@ void rsa_init( rsa_context *ctx, /** * \brief Set padding for an already initialized RSA context - * - * Note: Set padding to RSA_PKCS_V21 for the RSAES-OAEP - * encryption scheme and the RSASSA-PSS signature scheme. + * See \c rsa_init() for details. * * \param ctx RSA context to be set * \param padding RSA_PKCS_V15 or RSA_PKCS_V21 * \param hash_id RSA_PKCS_V21 hash identifier - * - * \note The hash_id parameter is actually ignored - * when using RSA_PKCS_V15 padding. */ void rsa_set_padding( rsa_context *ctx, int padding, int hash_id); @@ -405,11 +411,8 @@ int rsa_rsaes_oaep_decrypt( rsa_context *ctx, * \note The "sig" buffer must be as large as the size * of ctx->N (eg. 128 bytes if RSA-1024 is used). * - * \note In case of PKCS#1 v2.1 encoding keep in mind that - * the hash_id in the RSA context is the one used for the - * encoding. hash_id in the function call is the type of hash - * that is encoded. According to RFC 3447 it is advised to - * keep both hashes the same. + * \note In case of PKCS#1 v2.1 encoding, see comments on + * \note \c rsa_rsassa_pss_sign() for details on md_alg and hash_id. */ int rsa_pkcs1_sign( rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), @@ -466,9 +469,8 @@ int rsa_rsassa_pkcs1_v15_sign( rsa_context *ctx, * \note The "sig" buffer must be as large as the size * of ctx->N (eg. 128 bytes if RSA-1024 is used). * - * \note In case of PKCS#1 v2.1 encoding keep in mind that - * the hash_id in the RSA context is the one used for the - * encoding. hash_id in the function call is the type of hash + * \note The hash_id in the RSA context is the one used for the + * encoding. md_alg in the function call is the type of hash * that is encoded. According to RFC 3447 it is advised to * keep both hashes the same. */ @@ -501,11 +503,8 @@ int rsa_rsassa_pss_sign( rsa_context *ctx, * \note The "sig" buffer must be as large as the size * of ctx->N (eg. 128 bytes if RSA-1024 is used). * - * \note In case of PKCS#1 v2.1 encoding keep in mind that - * the hash_id in the RSA context is the one used for the - * verification. hash_id in the function call is the type of - * hash that is verified. According to RFC 3447 it is advised to - * keep both hashes the same. + * \note In case of PKCS#1 v2.1 encoding, see comments on + * \c rsa_rsassa_pss_verify() about md_alg and hash_id. */ int rsa_pkcs1_verify( rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), @@ -561,11 +560,11 @@ int rsa_rsassa_pkcs1_v15_verify( rsa_context *ctx, * \note The "sig" buffer must be as large as the size * of ctx->N (eg. 128 bytes if RSA-1024 is used). * - * \note In case of PKCS#1 v2.1 encoding keep in mind that - * the hash_id in the RSA context is the one used for the - * verification. hash_id in the function call is the type of + * \note The hash_id in the RSA context is the one used for the + * verification. md_alg in the function call is the type of * hash that is verified. According to RFC 3447 it is advised to - * keep both hashes the same. + * keep both hashes the same. If hash_id in the RSA context is + * unset, the md_alg from the function call is used. */ int rsa_rsassa_pss_verify( rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), diff --git a/library/rsa.c b/library/rsa.c index e3cac12f4b..1e84d9ffe5 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -505,7 +505,10 @@ int rsa_rsaes_oaep_encrypt( rsa_context *ctx, const md_info_t *md_info; md_context_t md_ctx; - if( ctx->padding != RSA_PKCS_V21 || f_rng == NULL ) + if( mode == RSA_PRIVATE && ctx->padding != RSA_PKCS_V21 ) + return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + + if( f_rng == NULL ) return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); md_info = md_info_from_type( ctx->hash_id ); @@ -515,7 +518,7 @@ int rsa_rsaes_oaep_encrypt( rsa_context *ctx, olen = ctx->len; hlen = md_get_size( md_info ); - if( olen < ilen + 2 * hlen + 2 || f_rng == NULL ) + if( olen < ilen + 2 * hlen + 2 ) return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); memset( output, 0, olen ); @@ -572,7 +575,10 @@ int rsa_rsaes_pkcs1_v15_encrypt( rsa_context *ctx, int ret; unsigned char *p = output; - if( ctx->padding != RSA_PKCS_V15 || f_rng == NULL ) + if( mode == RSA_PRIVATE && ctx->padding != RSA_PKCS_V15 ) + return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + + if( f_rng == NULL ) return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); olen = ctx->len; @@ -675,7 +681,7 @@ int rsa_rsaes_oaep_decrypt( rsa_context *ctx, /* * Parameters sanity checks */ - if( ctx->padding != RSA_PKCS_V21 ) + if( mode == RSA_PRIVATE && ctx->padding != RSA_PKCS_V21 ) return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); ilen = ctx->len; @@ -780,7 +786,7 @@ int rsa_rsaes_pkcs1_v15_decrypt( rsa_context *ctx, unsigned char *p, bad, pad_done = 0; unsigned char buf[POLARSSL_MPI_MAX_SIZE]; - if( ctx->padding != RSA_PKCS_V15 ) + if( mode == RSA_PRIVATE && ctx->padding != RSA_PKCS_V15 ) return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); ilen = ctx->len; @@ -901,7 +907,10 @@ int rsa_rsassa_pss_sign( rsa_context *ctx, const md_info_t *md_info; md_context_t md_ctx; - if( ctx->padding != RSA_PKCS_V21 || f_rng == NULL ) + if( mode == RSA_PRIVATE && ctx->padding != RSA_PKCS_V21 ) + return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + + if( f_rng == NULL ) return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); olen = ctx->len; @@ -995,7 +1004,7 @@ int rsa_rsassa_pkcs1_v15_sign( rsa_context *ctx, unsigned char *p = sig; const char *oid; - if( ctx->padding != RSA_PKCS_V15 ) + if( mode == RSA_PRIVATE && ctx->padding != RSA_PKCS_V15 ) return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); olen = ctx->len; @@ -1117,7 +1126,7 @@ int rsa_rsassa_pss_verify( rsa_context *ctx, const md_info_t *md_info; md_context_t md_ctx; - if( ctx->padding != RSA_PKCS_V21 ) + if( mode == RSA_PRIVATE && ctx->padding != RSA_PKCS_V21 ) return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); siglen = ctx->len; @@ -1148,7 +1157,8 @@ int rsa_rsassa_pss_verify( rsa_context *ctx, hashlen = md_get_size( md_info ); } - md_info = md_info_from_type( ctx->hash_id ); + md_info = md_info_from_type( ctx->hash_id != POLARSSL_MD_NONE ? + ctx->hash_id : md_alg ); if( md_info == NULL ) return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); @@ -1227,7 +1237,7 @@ int rsa_rsassa_pkcs1_v15_verify( rsa_context *ctx, const md_info_t *md_info; asn1_buf oid; - if( ctx->padding != RSA_PKCS_V15 ) + if( mode == RSA_PRIVATE && ctx->padding != RSA_PKCS_V15 ) return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); siglen = ctx->len; From 920e1cd5e21aa29aaaca4c823deb5be84f3c871b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 2 Jun 2014 18:11:07 +0200 Subject: [PATCH 13/34] Add basic PSS cert verification Still todo: - handle MGF-hash != sign-hash - check effective salt len == announced salt len - add support in the PK layer so that we don't have to bypass it here --- library/x509_crt.c | 30 ++++++++ tests/data_files/server9-badsign.crt | 19 +++++ tests/data_files/server9-with-ca.crt | 99 ++++++++++++++++++++++++++ tests/suites/test_suite_x509parse.data | 32 +++++++++ 4 files changed, 180 insertions(+) create mode 100644 tests/data_files/server9-badsign.crt create mode 100644 tests/data_files/server9-with-ca.crt diff --git a/library/x509_crt.c b/library/x509_crt.c index de95c0f593..fbc3989c75 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -1669,6 +1669,21 @@ static int x509_crt_verify_top( continue; } +#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) + if( child->sig_pk == POLARSSL_PK_RSASSA_PSS ) + { + if( pk_can_do( &trust_ca->pk, POLARSSL_PK_RSA ) == 0 || + rsa_rsassa_pss_verify( pk_rsa( trust_ca->pk ), + NULL, NULL, RSA_PUBLIC, + child->sig_md, + md_info->size, hash, + child->sig.p ) != 0 ) + { + continue; + } + } + else +#endif if( pk_can_do( &trust_ca->pk, child->sig_pk ) == 0 || pk_verify( &trust_ca->pk, child->sig_md, hash, md_info->size, child->sig.p, child->sig.len ) != 0 ) @@ -1758,6 +1773,21 @@ static int x509_crt_verify_child( { md( md_info, child->tbs.p, child->tbs.len, hash ); +#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) + if( child->sig_pk == POLARSSL_PK_RSASSA_PSS ) + { + if( pk_can_do( &parent->pk, POLARSSL_PK_RSA ) == 0 || + rsa_rsassa_pss_verify( pk_rsa( parent->pk ), + NULL, NULL, RSA_PUBLIC, + child->sig_md, + md_info->size, hash, + child->sig.p ) != 0 ) + { + *flags |= BADCERT_NOT_TRUSTED; + } + } + else +#endif if( pk_can_do( &parent->pk, child->sig_pk ) == 0 || pk_verify( &parent->pk, child->sig_md, hash, md_info->size, child->sig.p, child->sig.len ) != 0 ) diff --git a/tests/data_files/server9-badsign.crt b/tests/data_files/server9-badsign.crt new file mode 100644 index 0000000000..9e565419ee --- /dev/null +++ b/tests/data_files/server9-badsign.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDBTCCAeegAwIBAgIBFjATBgkqhkiG9w0BAQowBqIEAgIA6jA7MQswCQYDVQQG +EwJOTDERMA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3Qg +Q0EwHhcNMTQwMTIwMTMzODE2WhcNMjQwMTE4MTMzODE2WjA0MQswCQYDVQQGEwJO +TDERMA8GA1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCBnzANBgkq +hkiG9w0BAQEFAAOBjQAwgYkCgYEA3RGKn5m6sGjKKuo7am1Zl+1OyVTkDe7OoH2g +HqroDsK7E0DbihKOiRMkpcX1+tj1kNfIysvF/pMdr9oSI3NSeUYauqBXK3YWMbOo +r+c4mwiLY5k6CiXuRdIYWLq5kxrt1FiaYxs3/PcUCJ+FZUnzWTJt0eDobd5S7Wa0 +qQvaQJUCAwEAAaOBkjCBjzAJBgNVHRMEAjAAMB0GA1UdDgQWBBTu88f1HxWlTUeJ +wdMiY7Lfp869UTBjBgNVHSMEXDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0w +OzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xh +clNTTCBUZXN0IENBggEAMBMGCSqGSIb3DQEBCjAGogQCAgDqA4IBAQDAog/jXydR +vDIugTzBXtfVK0CEX8iyQ4cVzQmXWSne8204v943K5D2hktSBkjdQUdcnVvVgLR6 +te50jV89ptN/NofX+fo9fhSRN9vGgQVWzOOFiO0zcThy749pirJu1Kq5OJdthIyW +Pu0UCz5G0k3kTp0JPevGlsNc8S9Ak1tFuB0IPJjrbfODWHS2LDuO+dB6gpkNTdrj +88ogYtBsN4D5gsXBRUfobXokUwejBwLrD6XwyQx+0bMwSCxgHEhxvuUkx1vdlXGw +JG3aF92u8mIxoKSAPaPdqy930mQvmpUWcN5Y1IMbtEGoQCKMYgosFcazJpJcjnX1 +o4Hl/lqjwCFG +-----END CERTIFICATE----- diff --git a/tests/data_files/server9-with-ca.crt b/tests/data_files/server9-with-ca.crt new file mode 100644 index 0000000000..0478cff85d --- /dev/null +++ b/tests/data_files/server9-with-ca.crt @@ -0,0 +1,99 @@ +-----BEGIN CERTIFICATE----- +MIIDBTCCAeegAwIBAgIBFjATBgkqhkiG9w0BAQowBqIEAgIA6jA7MQswCQYDVQQG +EwJOTDERMA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3Qg +Q0EwHhcNMTQwMTIwMTMzODE2WhcNMjQwMTE4MTMzODE2WjA0MQswCQYDVQQGEwJO +TDERMA8GA1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCBnzANBgkq +hkiG9w0BAQEFAAOBjQAwgYkCgYEA3RGKn5m6sGjKKuo7am1Zl+1OyVTkDe7OoH2g +HqroDsK7E0DbihKOiRMkpcX1+tj1kNfIysvF/pMdr9oSI3NSeUYauqBXK3YWMbOo +r+c4mwiLY5k6CiXuRdIYWLq5kxrt1FiaYxs3/PcUCJ+FZUnzWTJt0eDobd5S7Wa0 +qQvaQJUCAwEAAaOBkjCBjzAJBgNVHRMEAjAAMB0GA1UdDgQWBBTu88f1HxWlTUeJ +wdMiY7Lfp869UTBjBgNVHSMEXDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0w +OzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xh +clNTTCBUZXN0IENBggEAMBMGCSqGSIb3DQEBCjAGogQCAgDqA4IBAQDAog/jXydR +vDIugTzBXtfVK0CEX8iyQ4cVzQmXWSne8204v943K5D2hktSBkjdQUdcnVvVgLR6 +te50jV89ptN/NofX+fo9fhSRN9vGgQVWzOOFiO0zcThy749pirJu1Kq5OJdthIyW +Pu0UCz5G0k3kTp0JPevGlsNc8S9Ak1tFuB0IPJjrbfODWHS2LDuO+dB6gpkNTdrj +88ogYtBsN4D5gsXBRUfobXokUwejBwLrD6XwyQx+0bMwSCxgHEhxvuUkx1vdlXGw +JG3aF92u8mIxoKSAPaPdqy930mQvmpUWcN5Y1IMbtEGoQCKMYgosFcazJpJcjnX1 +o4Hl/lqjwCEG +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 0 (0x0) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA + Validity + Not Before: Feb 12 14:44:00 2011 GMT + Not After : Feb 12 14:44:00 2021 GMT + Subject: C=NL, O=PolarSSL, CN=PolarSSL Test CA + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public Key: (2048 bit) + Modulus (2048 bit): + 00:c0:df:37:fc:17:bb:e0:96:9d:3f:86:de:96:32: + 7d:44:a5:16:a0:cd:21:f1:99:d4:ec:ea:cb:7c:18: + 58:08:94:a5:ec:9b:c5:8b:df:1a:1e:99:38:99:87: + 1e:7b:c0:8d:39:df:38:5d:70:78:07:d3:9e:d9:93: + e8:b9:72:51:c5:ce:a3:30:52:a9:f2:e7:40:70:14: + cb:44:a2:72:0b:c2:e5:40:f9:3e:e5:a6:0e:b3:f9: + ec:4a:63:c0:b8:29:00:74:9c:57:3b:a8:a5:04:90: + 71:f1:bd:83:d9:3f:d6:a5:e2:3c:2a:8f:ef:27:60: + c3:c6:9f:cb:ba:ec:60:7d:b7:e6:84:32:be:4f:fb: + 58:26:22:03:5b:d4:b4:d5:fb:f5:e3:96:2e:70:c0: + e4:2e:bd:fc:2e:ee:e2:41:55:c0:34:2e:7d:24:72: + 69:cb:47:b1:14:40:83:7d:67:f4:86:f6:31:ab:f1: + 79:a4:b2:b5:2e:12:f9:84:17:f0:62:6f:27:3e:13: + 58:b1:54:0d:21:9a:73:37:a1:30:cf:6f:92:dc:f6: + e9:fc:ac:db:2e:28:d1:7e:02:4b:23:a0:15:f2:38: + 65:64:09:ea:0c:6e:8e:1b:17:a0:71:c8:b3:9b:c9: + ab:e9:c3:f2:cf:87:96:8f:80:02:32:9e:99:58:6f: + a2:d5 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:TRUE + X509v3 Subject Key Identifier: + B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF + X509v3 Authority Key Identifier: + keyid:B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF + DirName:/C=NL/O=PolarSSL/CN=PolarSSL Test CA + serial:00 + + Signature Algorithm: sha1WithRSAEncryption + b8:fd:54:d8:00:54:90:8b:25:b0:27:dd:95:cd:a2:f7:84:07: + 1d:87:89:4a:c4:78:11:d8:07:b5:d7:22:50:8e:48:eb:62:7a: + 32:89:be:63:47:53:ff:b6:be:f1:2e:8c:54:c0:99:3f:a0:b9: + 37:23:72:5f:0d:46:59:8f:d8:47:cd:97:4c:9f:07:0c:12:62: + 09:3a:24:e4:36:d9:e9:2c:da:38:d0:73:75:61:d7:c1:6c:26: + 8b:9b:e0:d5:dc:67:ed:8c:6b:33:d7:74:22:3c:4c:db:b5:8d: + 2a:ce:2c:0d:08:59:05:09:05:a6:39:9f:b3:67:1b:e2:83:e5: + e1:8f:53:f6:67:93:c7:f9:6f:76:44:58:12:e8:3a:d4:97:e7: + e9:c0:3e:a8:7a:72:3d:87:53:1f:e5:2c:84:84:e7:9a:9e:7f: + 66:d9:1f:9b:f5:13:48:b0:4d:14:d1:de:b2:24:d9:78:7d:f5: + 35:cc:58:19:d1:d2:99:ef:4d:73:f8:1f:89:d4:5a:d0:52:ce: + 09:f5:b1:46:51:6a:00:8e:3b:cc:6f:63:01:00:99:ed:9d:a6: + 08:60:cd:32:18:d0:73:e0:58:71:d9:e5:d2:53:d7:8d:d0:ca: + e9:5d:2a:0a:0d:5d:55:ec:21:50:17:16:e6:06:4a:cd:5e:de: + f7:e0:e9:54 +-----BEGIN CERTIFICATE----- +MIIDhzCCAm+gAwIBAgIBADANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTEwMjEyMTQ0NDAwWhcNMjEwMjEyMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx +mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny +50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n +YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL +R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu +KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj +gZUwgZIwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUtFrkpbPe0lL2udWmlQ/rPrzH +/f8wYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNV +BAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVz +dCBDQYIBADANBgkqhkiG9w0BAQUFAAOCAQEAuP1U2ABUkIslsCfdlc2i94QHHYeJ +SsR4EdgHtdciUI5I62J6Mom+Y0dT/7a+8S6MVMCZP6C5NyNyXw1GWY/YR82XTJ8H +DBJiCTok5DbZ6SzaONBzdWHXwWwmi5vg1dxn7YxrM9d0IjxM27WNKs4sDQhZBQkF +pjmfs2cb4oPl4Y9T9meTx/lvdkRYEug61Jfn6cA+qHpyPYdTH+UshITnmp5/Ztkf +m/UTSLBNFNHesiTZeH31NcxYGdHSme9Nc/gfidRa0FLOCfWxRlFqAI47zG9jAQCZ +7Z2mCGDNMhjQc+BYcdnl0lPXjdDK6V0qCg1dVewhUBcW5gZKzV7e9+DpVA== +-----END CERTIFICATE----- diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index 59bd2fb4ab..3dff51eabf 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -570,6 +570,38 @@ X509 Certificate verification #56 (CA keyUsage plain wrong) depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_ECDSA_C:POLARSSL_SHA256_C:POLARSSL_X509_CHECK_KEY_USAGE:POLARSSL_ECP_DP_SECP256R1_ENABLED:POLARSSL_ECP_DP_SECP384R1_ENABLED x509_verify:"data_files/server5.crt":"data_files/test-ca2.ku-ds.crt":"data_files/crl-ec-sha256.pem":"NULL":POLARSSL_ERR_X509_CERT_VERIFY_FAILED:BADCERT_NOT_TRUSTED:"NULL" +X509 Certificate verification #57 (Valid, RSASSA-PSS, SHA-1) +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA1_C +x509_verify:"data_files/server9.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"NULL" + +X509 Certificate verification #58 (Valid, RSASSA-PSS, SHA-224) +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA256_C +x509_verify:"data_files/server9-sha224.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"NULL" + +X509 Certificate verification #59 (Valid, RSASSA-PSS, SHA-256) +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA256_C +x509_verify:"data_files/server9-sha256.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"NULL" + +X509 Certificate verification #60 (Valid, RSASSA-PSS, SHA-384) +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA512_C +x509_verify:"data_files/server9-sha384.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"NULL" + +X509 Certificate verification #61 (Valid, RSASSA-PSS, SHA-512) +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA512_C +x509_verify:"data_files/server9-sha512.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"NULL" + +X509 Certificate verification #57 (Valid, RSASSA-PSS, SHA-1, not top) +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA1_C +x509_verify:"data_files/server9-with-ca.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"NULL" + +X509 Certificate verification #62 (RSASSA-PSS, SHA1, bad signature) +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA1_C +x509_verify:"data_files/server9-badsign.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":POLARSSL_ERR_X509_CERT_VERIFY_FAILED:BADCERT_NOT_TRUSTED:"NULL" + +X509 Certificate verification #63 (RSASSA-PSS, SHA1, no RSA CA) +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA1_C +x509_verify:"data_files/server9.crt":"data_files/test-ca2.crt":"data_files/crl.pem":"NULL":POLARSSL_ERR_X509_CERT_VERIFY_FAILED:BADCERT_NOT_TRUSTED:"NULL" + X509 Parse Selftest depends_on:POLARSSL_SHA1_C:POLARSSL_PEM_PARSE_C:POLARSSL_CERTS_C x509_selftest: From 5ec628a2b95d3ccc667fec9710c2dc6b4039a157 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 3 Jun 2014 11:44:06 +0200 Subject: [PATCH 14/34] Add rsa_rsassa_pss_verify_ext() --- include/polarssl/rsa.h | 38 +++++++++++++++ library/rsa.c | 53 +++++++++++++++----- tests/suites/test_suite_pkcs1_v21.data | 48 +++++++++++++++++++ tests/suites/test_suite_pkcs1_v21.function | 56 ++++++++++++++++++++++ 4 files changed, 184 insertions(+), 11 deletions(-) diff --git a/include/polarssl/rsa.h b/include/polarssl/rsa.h index c57ff979eb..c06c7d5050 100644 --- a/include/polarssl/rsa.h +++ b/include/polarssl/rsa.h @@ -65,6 +65,8 @@ #define RSA_SIGN 1 #define RSA_CRYPT 2 +#define RSA_SALT_LEN_ANY -1 + /* * The above constants may be used even if the RSA module is compile out, * eg for alternative (PKCS#11) RSA implemenations in the PK layers. @@ -544,6 +546,7 @@ int rsa_rsassa_pkcs1_v15_verify( rsa_context *ctx, /** * \brief Perform a PKCS#1 v2.1 PSS verification (RSASSA-PSS-VERIFY) + * (This is the "simple" version.) * * \param ctx points to an RSA public key * \param f_rng RNG function (Only needed for RSA_PRIVATE) @@ -575,6 +578,41 @@ int rsa_rsassa_pss_verify( rsa_context *ctx, const unsigned char *hash, const unsigned char *sig ); +/** + * \brief Perform a PKCS#1 v2.1 PSS verification (RSASSA-PSS-VERIFY) + * (This is the version with "full" options.) + * + * \param ctx points to an RSA public key + * \param f_rng RNG function (Only needed for RSA_PRIVATE) + * \param p_rng RNG parameter + * \param mode RSA_PUBLIC or RSA_PRIVATE + * \param md_alg a POLARSSL_MD_* (use POLARSSL_MD_NONE for signing raw data) + * \param hashlen message digest length (for POLARSSL_MD_NONE only) + * \param hash buffer holding the message digest + * \param mgf1_hash_id message digest used for mask generation + * \param expected_salt_len Length of the salt used in padding, use + * RSA_SALT_LEN_ANY to accept any salt length + * \param sig buffer holding the ciphertext + * + * \return 0 if the verify operation was successful, + * or an POLARSSL_ERR_RSA_XXX error code + * + * \note The "sig" buffer must be as large as the size + * of ctx->N (eg. 128 bytes if RSA-1024 is used). + * + * \note The hash_id in the RSA context is ignored. + */ +int rsa_rsassa_pss_verify_ext( rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + md_type_t mgf1_hash_id, + int expected_salt_len, + const unsigned char *sig ); + /** * \brief Copy the components of an RSA context * diff --git a/library/rsa.c b/library/rsa.c index 1e84d9ffe5..32d829c4a0 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -1106,14 +1106,16 @@ int rsa_pkcs1_sign( rsa_context *ctx, /* * Implementation of the PKCS#1 v2.1 RSASSA-PSS-VERIFY function */ -int rsa_rsassa_pss_verify( rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, - md_type_t md_alg, - unsigned int hashlen, - const unsigned char *hash, - const unsigned char *sig ) +int rsa_rsassa_pss_verify_ext( rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + md_type_t mgf1_hash_id, + int expected_salt_len, + const unsigned char *sig ) { int ret; size_t siglen; @@ -1157,13 +1159,12 @@ int rsa_rsassa_pss_verify( rsa_context *ctx, hashlen = md_get_size( md_info ); } - md_info = md_info_from_type( ctx->hash_id != POLARSSL_MD_NONE ? - ctx->hash_id : md_alg ); + md_info = md_info_from_type( mgf1_hash_id ); if( md_info == NULL ) return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); hlen = md_get_size( md_info ); - slen = siglen - hlen - 1; + slen = siglen - hlen - 1; /* Currently length of salt + padding */ memset( zeros, 0, 8 ); @@ -1197,8 +1198,15 @@ int rsa_rsassa_pss_verify( rsa_context *ctx, return( POLARSSL_ERR_RSA_INVALID_PADDING ); } + /* Actual salt len */ slen -= p - buf; + if( expected_salt_len != RSA_SALT_LEN_ANY && + slen != (size_t) expected_salt_len ) + { + return( POLARSSL_ERR_RSA_INVALID_PADDING ); + } + // Generate H = Hash( M' ) // md_starts( &md_ctx ); @@ -1214,6 +1222,29 @@ int rsa_rsassa_pss_verify( rsa_context *ctx, else return( POLARSSL_ERR_RSA_VERIFY_FAILED ); } + +/* + * Simplified PKCS#1 v2.1 RSASSA-PSS-VERIFY function + */ +int rsa_rsassa_pss_verify( rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + md_type_t md_alg, + unsigned int hashlen, + const unsigned char *hash, + const unsigned char *sig ) +{ + md_type_t mgf1_hash_id = ( ctx->hash_id != POLARSSL_MD_NONE ) + ? ctx->hash_id + : md_alg; + + return( rsa_rsassa_pss_verify_ext( ctx, f_rng, p_rng, mode, + md_alg, hashlen, hash, + mgf1_hash_id, RSA_SALT_LEN_ANY, + sig ) ); + +} #endif /* POLARSSL_PKCS1_V21 */ #if defined(POLARSSL_PKCS1_V15) diff --git a/tests/suites/test_suite_pkcs1_v21.data b/tests/suites/test_suite_pkcs1_v21.data index 4eae43814f..a5b382f05b 100644 --- a/tests/suites/test_suite_pkcs1_v21.data +++ b/tests/suites/test_suite_pkcs1_v21.data @@ -739,3 +739,51 @@ pkcs1_rsassa_pss_sign:2048:16:"cfd50283feeeb97f6f08d73cbc7b3836f82bbcd499479f5e6 RSASSA-PSS Signature Example 10_6 (verify) pkcs1_rsassa_pss_verify:2048:16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":POLARSSL_MD_SHA1:POLARSSL_MD_SHA1:"25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7":"ad8b1523703646224b660b550885917ca2d1df28":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":0 +RSASSA-PSS Signature verify options #1 (OK) +pkcs1_rsassa_pss_verify_ext:2048:16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":POLARSSL_MD_SHA1:POLARSSL_MD_SHA1:POLARSSL_MD_SHA1:20:"25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":0:0 + +RSASSA-PSS Signature verify options #2 (ctx_hash none) +pkcs1_rsassa_pss_verify_ext:2048:16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":POLARSSL_MD_SHA1:POLARSSL_MD_NONE:POLARSSL_MD_SHA1:20:"25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":0:0 + +RSASSA-PSS Signature verify options #3 (ctx_hash diverging) +depends_on:POLARSSL_SHA256_C +pkcs1_rsassa_pss_verify_ext:2048:16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":POLARSSL_MD_SHA1:POLARSSL_MD_SHA256:POLARSSL_MD_SHA1:20:"25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":POLARSSL_ERR_RSA_INVALID_PADDING:0 + +RSASSA-PSS Signature verify options #4 (mgf1_hash diverging) +depends_on:POLARSSL_SHA256_C +pkcs1_rsassa_pss_verify_ext:2048:16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":POLARSSL_MD_SHA1:POLARSSL_MD_SHA1:POLARSSL_MD_SHA256:20:"25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":0:POLARSSL_ERR_RSA_INVALID_PADDING + +RSASSA-PSS Signature verify options #5 (wrong msg_hash) +depends_on:POLARSSL_SHA256_C +pkcs1_rsassa_pss_verify_ext:2048:16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":POLARSSL_MD_SHA256:POLARSSL_MD_SHA1:POLARSSL_MD_SHA1:20:"25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":POLARSSL_ERR_RSA_VERIFY_FAILED:POLARSSL_ERR_RSA_VERIFY_FAILED + +RSASSA-PSS Signature verify options #6 (wrong expected_salt_len) +pkcs1_rsassa_pss_verify_ext:2048:16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":POLARSSL_MD_SHA1:POLARSSL_MD_SHA1:POLARSSL_MD_SHA1:21:"25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":0:POLARSSL_ERR_RSA_INVALID_PADDING + +RSASSA-PSS Signature verify options #7 (wrong expected_salt_len) +pkcs1_rsassa_pss_verify_ext:2048:16:"a5dd867ac4cb02f90b9457d48c14a770ef991c56c39c0ec65fd11afa8937cea57b9be7ac73b45c0017615b82d622e318753b6027c0fd157be12f8090fee2a7adcd0eef759f88ba4997c7a42d58c9aa12cb99ae001fe521c13bb5431445a8d5ae4f5e4c7e948ac227d3604071f20e577e905fbeb15dfaf06d1de5ae6253d63a6a2120b31a5da5dabc9550600e20f27d3739e2627925fea3cc509f21dff04e6eea4549c540d6809ff9307eede91fff58733d8385a237d6d3705a33e391900992070df7adf1357cf7e3700ce3667de83f17b8df1778db381dce09cb4ad058a511001a738198ee27cf55a13b754539906582ec8b174bd58d5d1f3d767c613721ae05":16:"010001":POLARSSL_MD_SHA1:POLARSSL_MD_SHA1:POLARSSL_MD_SHA1:19:"25f10895a87716c137450bb9519dfaa1f207faa942ea88abf71e9c17980085b555aebab76264ae2a3ab93c2d12981191ddac6fb5949eb36aee3c5da940f00752c916d94608fa7d97ba6a2915b688f20323d4e9d96801d89a72ab5892dc2117c07434fcf972e058cf8c41ca4b4ff554f7d5068ad3155fced0f3125bc04f9193378a8f5c4c3b8cb4dd6d1cc69d30ecca6eaa51e36a05730e9e342e855baf099defb8afd7":"6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f":0:POLARSSL_ERR_RSA_INVALID_PADDING + +RSASSA-PSS Signature verify options #8 (non-default salt_len: max) +depends_on:POLARSSL_SHA256_C +pkcs1_rsassa_pss_verify_ext:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":POLARSSL_MD_SHA256:POLARSSL_MD_SHA256:POLARSSL_MD_SHA256:94:"54657374206d657373616765":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":0:0 + +RSASSA-PSS Signature verify options #9 (non-default salt_len: 0) +depends_on:POLARSSL_SHA256_C +pkcs1_rsassa_pss_verify_ext:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":POLARSSL_MD_SHA256:POLARSSL_MD_SHA256:POLARSSL_MD_SHA256:0:"54657374206d657373616765":"7fc506d26ca3b22922a1ce39faaedd273161b82d9443c56f1a034f131ae4a18cae1474271cb4b66a17d9707ca58b0bdbd3c406b7e65bbcc9bbbce94dc45de807b4989b23b3e4db74ca29298137837eb90cc83d3219249bc7d480fceaf075203a86e54c4ecfa4e312e39f8f69d76534089a36ed9049ca9cfd5ab1db1fa75fe5c8":0:0 + +RSASSA-PSS Signature verify options #10 (non-default salt_len: 0, ANY) +depends_on:POLARSSL_SHA256_C +pkcs1_rsassa_pss_verify_ext:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":POLARSSL_MD_SHA256:POLARSSL_MD_SHA256:POLARSSL_MD_SHA256:RSA_SALT_LEN_ANY:"54657374206d657373616765":"7fc506d26ca3b22922a1ce39faaedd273161b82d9443c56f1a034f131ae4a18cae1474271cb4b66a17d9707ca58b0bdbd3c406b7e65bbcc9bbbce94dc45de807b4989b23b3e4db74ca29298137837eb90cc83d3219249bc7d480fceaf075203a86e54c4ecfa4e312e39f8f69d76534089a36ed9049ca9cfd5ab1db1fa75fe5c8":0:0 + +RSASSA-PSS Signature verify options #11 (MGF1 alg != MSG hash alg) +depends_on:POLARSSL_SHA256_C +pkcs1_rsassa_pss_verify_ext:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":POLARSSL_MD_NONE:POLARSSL_MD_SHA256:POLARSSL_MD_SHA256:RSA_SALT_LEN_ANY:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":"7fc506d26ca3b22922a1ce39faaedd273161b82d9443c56f1a034f131ae4a18cae1474271cb4b66a17d9707ca58b0bdbd3c406b7e65bbcc9bbbce94dc45de807b4989b23b3e4db74ca29298137837eb90cc83d3219249bc7d480fceaf075203a86e54c4ecfa4e312e39f8f69d76534089a36ed9049ca9cfd5ab1db1fa75fe5c8":0:0 + +RSASSA-PSS Signature verify options #12 (MGF1 alg != MSG hash alg, ctx wrong) +depends_on:POLARSSL_SHA256_C +pkcs1_rsassa_pss_verify_ext:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":POLARSSL_MD_NONE:POLARSSL_MD_SHA1:POLARSSL_MD_SHA256:RSA_SALT_LEN_ANY:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":"7fc506d26ca3b22922a1ce39faaedd273161b82d9443c56f1a034f131ae4a18cae1474271cb4b66a17d9707ca58b0bdbd3c406b7e65bbcc9bbbce94dc45de807b4989b23b3e4db74ca29298137837eb90cc83d3219249bc7d480fceaf075203a86e54c4ecfa4e312e39f8f69d76534089a36ed9049ca9cfd5ab1db1fa75fe5c8":POLARSSL_ERR_RSA_INVALID_PADDING:0 + +RSASSA-PSS Signature verify options #13 (MGF1 alg != MSG hash alg, arg wrong) +depends_on:POLARSSL_SHA256_C +pkcs1_rsassa_pss_verify_ext:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":POLARSSL_MD_NONE:POLARSSL_MD_SHA256:POLARSSL_MD_SHA1:RSA_SALT_LEN_ANY:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":"7fc506d26ca3b22922a1ce39faaedd273161b82d9443c56f1a034f131ae4a18cae1474271cb4b66a17d9707ca58b0bdbd3c406b7e65bbcc9bbbce94dc45de807b4989b23b3e4db74ca29298137837eb90cc83d3219249bc7d480fceaf075203a86e54c4ecfa4e312e39f8f69d76534089a36ed9049ca9cfd5ab1db1fa75fe5c8":0:POLARSSL_ERR_RSA_INVALID_PADDING + diff --git a/tests/suites/test_suite_pkcs1_v21.function b/tests/suites/test_suite_pkcs1_v21.function index c4c7b35ff2..7012814ceb 100644 --- a/tests/suites/test_suite_pkcs1_v21.function +++ b/tests/suites/test_suite_pkcs1_v21.function @@ -210,3 +210,59 @@ void pkcs1_rsassa_pss_verify( int mod, int radix_N, char *input_N, int radix_E, rsa_free( &ctx ); } /* END_CASE */ + +/* BEGIN_CASE */ +void pkcs1_rsassa_pss_verify_ext( int mod, + int radix_N, char *input_N, + int radix_E, char *input_E, + int msg_digest_id, int ctx_hash, + int mgf_hash, int salt_len, + char *message_hex_string, + char *result_hex_str, + int result_simple, + int result_full ) +{ + unsigned char message_str[1000]; + unsigned char hash_result[1000]; + unsigned char result_str[1000]; + rsa_context ctx; + size_t msg_len, hash_len; + + rsa_init( &ctx, RSA_PKCS_V21, ctx_hash ); + memset( message_str, 0x00, 1000 ); + memset( hash_result, 0x00, 1000 ); + memset( result_str, 0x00, 1000 ); + + ctx.len = mod / 8 + ( ( mod % 8 ) ? 1 : 0 ); + TEST_ASSERT( mpi_read_string( &ctx.N, radix_N, input_N ) == 0 ); + TEST_ASSERT( mpi_read_string( &ctx.E, radix_E, input_E ) == 0 ); + + TEST_ASSERT( rsa_check_pubkey( &ctx ) == 0 ); + + msg_len = unhexify( message_str, message_hex_string ); + unhexify( result_str, result_hex_str ); + + if( msg_digest_id != POLARSSL_MD_NONE ) + { + TEST_ASSERT( md( md_info_from_type( msg_digest_id ), + message_str, msg_len, hash_result ) == 0 ); + hash_len = 0; + } + else + { + memcpy( hash_result, message_str, msg_len ); + hash_len = msg_len; + } + + TEST_ASSERT( rsa_pkcs1_verify( &ctx, NULL, NULL, RSA_PUBLIC, + msg_digest_id, hash_len, hash_result, + result_str ) == result_simple ); + + TEST_ASSERT( rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL, RSA_PUBLIC, + msg_digest_id, hash_len, hash_result, + mgf_hash, salt_len, + result_str ) == result_full ); + + rsa_free( &ctx ); +} +/* END_CASE */ From 3a6a95d67c025946dc664a15bbb8d370bf673c56 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 4 Jun 2014 13:07:55 +0200 Subject: [PATCH 15/34] Cleanup depends in PKCS#1 v2.1 test suite --- tests/suites/test_suite_pkcs1_v21.function | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/tests/suites/test_suite_pkcs1_v21.function b/tests/suites/test_suite_pkcs1_v21.function index 7012814ceb..e1dfc528cb 100644 --- a/tests/suites/test_suite_pkcs1_v21.function +++ b/tests/suites/test_suite_pkcs1_v21.function @@ -1,16 +1,10 @@ /* BEGIN_HEADER */ #include #include -#include -#include -#include -#include -#include -#include /* END_HEADER */ /* BEGIN_DEPENDENCIES - * depends_on:POLARSSL_PKCS1_V21:POLARSSL_RSA_C:POLARSSL_BIGNUM_C:POLARSSL_SHA1_C:POLARSSL_GENPRIME + * depends_on:POLARSSL_PKCS1_V21:POLARSSL_RSA_C:POLARSSL_SHA1_C * END_DEPENDENCIES */ From 20422e9a3a104a940d6768cef4f5e8d605cdff90 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 5 Jun 2014 13:41:44 +0200 Subject: [PATCH 16/34] Add pk_verify_ext() --- include/polarssl/pk.h | 44 +++++++++++++++++++ library/pk.c | 53 +++++++++++++++++++++++ library/pk_wrap.c | 13 ++++-- tests/suites/test_suite_pk.data | 47 +++++++++++++++++++++ tests/suites/test_suite_pk.function | 65 +++++++++++++++++++++++++++++ 5 files changed, 218 insertions(+), 4 deletions(-) diff --git a/include/polarssl/pk.h b/include/polarssl/pk.h index 1309f70daa..232e175b11 100644 --- a/include/polarssl/pk.h +++ b/include/polarssl/pk.h @@ -102,6 +102,17 @@ typedef enum { POLARSSL_PK_RSASSA_PSS, } pk_type_t; +/** + * \brief Options for RSASSA-PSS signature verification. + * See \c rsa_rsassa_pss_verify_ext() + */ +typedef struct +{ + md_type_t mgf1_hash_id; + int expected_salt_len; + +} pk_rsassa_pss_options; + /** * \brief Types for interfacing with the debug module */ @@ -307,6 +318,39 @@ int pk_verify( pk_context *ctx, md_type_t md_alg, const unsigned char *hash, size_t hash_len, const unsigned char *sig, size_t sig_len ); +/** + * \brief Verify signature, with options + * + * \param type Signature type to verify + * \param options Pointer to type-specific options, or NULL + * \param ctx PK context to use + * \param md_alg Hash algorithm used (see notes) + * \param hash Hash of the message to sign + * \param hash_len Hash length or 0 (see notes) + * \param sig Signature to verify + * \param sig_len Signature length + * + * \return 0 on success (signature is valid), + * POLARSSL_ERR_PK_TYPE_MISMATCH if the PK context can't be + * used for this type of signatures, + * POLARSSL_ERR_PK_SIG_LEN_MISMATCH if the signature is + * valid but its actual length is less than sig_len, + * or a specific error code. + * + * \note If hash_len is 0, then the length associated with md_alg + * is used instead, or an error returned if it is invalid. + * + * \note md_alg may be POLARSSL_MD_NONE, only if hash_len != 0 + * + * \note If type is POLARSSL_PK_RSASSA_PSS, then options must point + * to a pk_rsassa_pss_options structure, + * otherwise it must be NULL. + */ +int pk_verify_ext( pk_type_t type, const void *options, + pk_context *ctx, md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len ); + /** * \brief Make signature * diff --git a/library/pk.c b/library/pk.c index ce171073c6..8000c10f43 100644 --- a/library/pk.c +++ b/library/pk.c @@ -188,6 +188,59 @@ int pk_verify( pk_context *ctx, md_type_t md_alg, sig, sig_len ) ); } +/* + * Verify a signature with options + */ +int pk_verify_ext( pk_type_t type, const void *options, + pk_context *ctx, md_type_t md_alg, + const unsigned char *hash, size_t hash_len, + const unsigned char *sig, size_t sig_len ) +{ + if( ctx == NULL || ctx->pk_info == NULL ) + return( POLARSSL_ERR_PK_BAD_INPUT_DATA ); + + if( ! pk_can_do( ctx, type ) ) + return( POLARSSL_ERR_PK_TYPE_MISMATCH ); + + if( type == POLARSSL_PK_RSASSA_PSS ) + { +#if defined(POLARSSL_RSA_C) && defined(POLARSSL_PKCS1_V21) + int ret; + const pk_rsassa_pss_options *pss_opts; + + if( options == NULL ) + return( POLARSSL_ERR_PK_BAD_INPUT_DATA ); + + pss_opts = (const pk_rsassa_pss_options *) options; + + if( sig_len < pk_get_len( ctx ) ) + return( POLARSSL_ERR_RSA_VERIFY_FAILED ); + + ret = rsa_rsassa_pss_verify_ext( pk_rsa( *ctx ), + NULL, NULL, RSA_PUBLIC, + md_alg, hash_len, hash, + pss_opts->mgf1_hash_id, + pss_opts->expected_salt_len, + sig ); + if( ret != 0 ) + return( ret ); + + if( sig_len > pk_get_len( ctx ) ) + return( POLARSSL_ERR_PK_SIG_LEN_MISMATCH ); + + return( 0 ); +#else + return( POLARSSL_ERR_PK_FEATURE_UNAVAILABLE ); +#endif + } + + /* General case: no options */ + if( options != NULL ) + return( POLARSSL_ERR_PK_BAD_INPUT_DATA ); + + return( pk_verify( ctx, md_alg, hash, hash_len, sig, sig_len ) ); +} + /* * Make a signature */ diff --git a/library/pk_wrap.c b/library/pk_wrap.c index c0ad10d01d..6bfc4d2fe5 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -52,13 +52,13 @@ #define polarssl_free free #endif -/* Used by RSA-alt too */ +#if defined(POLARSSL_RSA_C) static int rsa_can_do( pk_type_t type ) { - return( type == POLARSSL_PK_RSA ); + return( type == POLARSSL_PK_RSA || + type == POLARSSL_PK_RSASSA_PSS ); } -#if defined(POLARSSL_RSA_C) static size_t rsa_get_size( const void *ctx ) { return( 8 * ((const rsa_context *) ctx)->len ); @@ -372,6 +372,11 @@ const pk_info_t ecdsa_info = { * Support for alternative RSA-private implementations */ +static int rsa_alt_can_do( pk_type_t type ) +{ + return( type == POLARSSL_PK_RSA ); +} + static size_t rsa_alt_get_size( const void *ctx ) { const rsa_alt_context *rsa_alt = (const rsa_alt_context *) ctx; @@ -428,7 +433,7 @@ const pk_info_t rsa_alt_info = { POLARSSL_PK_RSA_ALT, "RSA-alt", rsa_alt_get_size, - rsa_can_do, + rsa_alt_can_do, NULL, rsa_alt_sign_wrap, rsa_alt_decrypt_wrap, diff --git a/tests/suites/test_suite_pk.data b/tests/suites/test_suite_pk.data index 974748c6bf..c4393d684e 100644 --- a/tests/suites/test_suite_pk.data +++ b/tests/suites/test_suite_pk.data @@ -81,3 +81,50 @@ pk_ec_nocrypt:POLARSSL_PK_ECDSA RSA_ALT consistency depends_on:POLARSSL_RSA_C:POLARSSL_PKCS1_V15:POLARSSL_GENPRIME pk_rsa_alt: + +Verify ext RSA #1 (PKCS1 v2.1, salt_len = ANY, OK) +depends_on:POLARSSL_PKCS1_V21:POLARSSL_SHA256_C +pk_rsa_verify_ext_test_vec:"54657374206d657373616765":POLARSSL_MD_SHA256:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":POLARSSL_PK_RSASSA_PSS:POLARSSL_MD_SHA256:RSA_SALT_LEN_ANY:0 + +Verify ext RSA #2 (PKCS1 v2.1, salt_len = ANY, wrong message) +depends_on:POLARSSL_PKCS1_V21:POLARSSL_SHA256_C +pk_rsa_verify_ext_test_vec:"54657374206d657373616766":POLARSSL_MD_SHA256:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":POLARSSL_PK_RSASSA_PSS:POLARSSL_MD_SHA256:RSA_SALT_LEN_ANY:POLARSSL_ERR_RSA_VERIFY_FAILED + +Verify ext RSA #3 (PKCS1 v2.1, salt_len = 0, OK) +depends_on:POLARSSL_PKCS1_V21:POLARSSL_SHA256_C +pk_rsa_verify_ext_test_vec:"54657374206d657373616765":POLARSSL_MD_SHA256:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":"7fc506d26ca3b22922a1ce39faaedd273161b82d9443c56f1a034f131ae4a18cae1474271cb4b66a17d9707ca58b0bdbd3c406b7e65bbcc9bbbce94dc45de807b4989b23b3e4db74ca29298137837eb90cc83d3219249bc7d480fceaf075203a86e54c4ecfa4e312e39f8f69d76534089a36ed9049ca9cfd5ab1db1fa75fe5c8":POLARSSL_PK_RSASSA_PSS:POLARSSL_MD_SHA256:0:0 + +Verify ext RSA #4 (PKCS1 v2.1, salt_len = max, OK) +pk_rsa_verify_ext_test_vec:"54657374206d657373616765":POLARSSL_MD_SHA256:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":POLARSSL_PK_RSASSA_PSS:POLARSSL_MD_SHA256:94:0 + +Verify ext RSA #5 (PKCS1 v2.1, wrong salt_len) +depends_on:POLARSSL_PKCS1_V21:POLARSSL_SHA256_C +pk_rsa_verify_ext_test_vec:"54657374206d657373616765":POLARSSL_MD_SHA256:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":POLARSSL_PK_RSASSA_PSS:POLARSSL_MD_SHA256:32:POLARSSL_ERR_RSA_INVALID_PADDING + +Verify ext RSA #6 (PKCS1 v2.1, MGF1 alg != MSG hash alg) +depends_on:POLARSSL_PKCS1_V21:POLARSSL_SHA256_C +pk_rsa_verify_ext_test_vec:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":POLARSSL_MD_NONE:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":POLARSSL_PK_RSASSA_PSS:POLARSSL_MD_SHA256:RSA_SALT_LEN_ANY:0 + +Verify ext RSA #7 (PKCS1 v2.1, wrong MGF1 alg != MSG hash alg) +depends_on:POLARSSL_PKCS1_V21:POLARSSL_SHA256_C:POLARSSL_SHA1_C +pk_rsa_verify_ext_test_vec:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":POLARSSL_MD_NONE:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":POLARSSL_PK_RSASSA_PSS:POLARSSL_MD_SHA1:RSA_SALT_LEN_ANY:POLARSSL_ERR_RSA_INVALID_PADDING + +Verify ext RSA #8 (PKCS1 v2.1, RSASSA-PSS without options) +pk_rsa_verify_ext_test_vec:"54657374206d657373616765":POLARSSL_MD_SHA256:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":POLARSSL_PK_RSASSA_PSS:-1:RSA_SALT_LEN_ANY:POLARSSL_ERR_PK_BAD_INPUT_DATA + +Verify ext RSA #9 (PKCS1 v2.1, RSA with options) +depends_on:POLARSSL_PKCS1_V15:POLARSSL_SHA256_C +pk_rsa_verify_ext_test_vec:"54657374206d657373616765":POLARSSL_MD_SHA256:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":POLARSSL_PK_RSA:POLARSSL_MD_SHA256:RSA_SALT_LEN_ANY:POLARSSL_ERR_PK_BAD_INPUT_DATA + +Verify ext RSA #10 (PKCS1 v2.1, RSA without options) +depends_on:POLARSSL_PKCS1_V15:POLARSSL_SHA256_C +pk_rsa_verify_ext_test_vec:"54657374206d657373616765":POLARSSL_MD_SHA256:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":POLARSSL_PK_RSA:-1:RSA_SALT_LEN_ANY:POLARSSL_ERR_RSA_INVALID_PADDING + +Verify ext RSA #11 (PKCS1 v2.1, asking for ECDSA) +depends_on:POLARSSL_ECDSA_C:POLARSSL_SHA256_C +pk_rsa_verify_ext_test_vec:"54657374206d657373616765":POLARSSL_MD_SHA256:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":POLARSSL_PK_ECDSA:-1:RSA_SALT_LEN_ANY:POLARSSL_ERR_PK_TYPE_MISMATCH + +Verify ext RSA #12 (PKCS1 v1.5, good) +depends_on:POLARSSL_SHA1_C:POLARSSL_PKCS1_V15 +pk_rsa_verify_ext_test_vec:"206ef4bf396c6087f8229ef196fd35f37ccb8de5efcdb238f20d556668f114257a11fbe038464a67830378e62ae9791453953dac1dbd7921837ba98e84e856eb80ed9487e656d0b20c28c8ba5e35db1abbed83ed1c7720a97701f709e3547a4bfcabca9c89c57ad15c3996577a0ae36d7c7b699035242f37954646c1cd5c08ac":POLARSSL_MD_SHA1:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"5abc01f5de25b70867ff0c24e222c61f53c88daf42586fddcd56f3c4588f074be3c328056c063388688b6385a8167957c6e5355a510e005b8a851d69c96b36ec6036644078210e5d7d326f96365ee0648882921492bc7b753eb9c26cdbab37555f210df2ca6fec1b25b463d38b81c0dcea202022b04af5da58aa03d77be949b7":POLARSSL_PK_RSA:-1:RSA_SALT_LEN_ANY:0 + diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index f82ed6748f..3da1feb495 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -117,6 +117,71 @@ void pk_rsa_verify_test_vec( char *message_hex_string, int digest, } /* END_CASE */ +/* BEGIN_CASE depends_on:POLARSSL_RSA_C */ +void pk_rsa_verify_ext_test_vec( char *message_hex_string, int digest, + int mod, int radix_N, char *input_N, int radix_E, + char *input_E, char *result_hex_str, + int pk_type, int mgf1_hash_id, int salt_len, + int result ) +{ + unsigned char message_str[1000]; + unsigned char hash_result[1000]; + unsigned char result_str[1000]; + rsa_context *rsa; + pk_context pk; + pk_rsassa_pss_options pss_opts; + void *options; + int msg_len; + size_t hash_len; + + pk_init( &pk ); + + memset( message_str, 0x00, 1000 ); + memset( hash_result, 0x00, 1000 ); + memset( result_str, 0x00, 1000 ); + + TEST_ASSERT( pk_init_ctx( &pk, pk_info_from_type( POLARSSL_PK_RSA ) ) == 0 ); + rsa = pk_rsa( pk ); + + rsa->len = mod / 8; + TEST_ASSERT( mpi_read_string( &rsa->N, radix_N, input_N ) == 0 ); + TEST_ASSERT( mpi_read_string( &rsa->E, radix_E, input_E ) == 0 ); + + msg_len = unhexify( message_str, message_hex_string ); + unhexify( result_str, result_hex_str ); + + if( digest != POLARSSL_MD_NONE ) + { + TEST_ASSERT( md( md_info_from_type( digest ), + message_str, msg_len, hash_result ) == 0 ); + hash_len = 0; + } + else + { + memcpy( hash_result, message_str, msg_len ); + hash_len = msg_len; + } + + if( mgf1_hash_id < 0 ) + { + options = NULL; + } + else + { + options = &pss_opts; + + pss_opts.mgf1_hash_id = mgf1_hash_id; + pss_opts.expected_salt_len = salt_len; + } + + TEST_ASSERT( pk_verify_ext( pk_type, options, &pk, + digest, hash_result, hash_len, + result_str, pk_get_len( &pk ) ) == result ); + + pk_free( &pk ); +} +/* END_CASE */ + /* BEGIN_CASE depends_on:POLARSSL_ECDSA_C */ void pk_ec_test_vec( int type, int id, char *key_str, char *hash_str, char * sig_str, int ret ) From f75f2f7c46fcc63cc9de9ed03a247a40875c58ab Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 5 Jun 2014 15:14:28 +0200 Subject: [PATCH 17/34] Add sig_opts member to X509 structures --- include/polarssl/x509.h | 3 ++- include/polarssl/x509_crl.h | 3 ++- include/polarssl/x509_crt.h | 3 ++- include/polarssl/x509_csr.h | 3 ++- library/x509.c | 22 +++++++++++++++++----- library/x509_crl.c | 7 ++++++- library/x509_crt.c | 7 ++++++- library/x509_csr.c | 7 ++++++- 8 files changed, 43 insertions(+), 12 deletions(-) diff --git a/include/polarssl/x509.h b/include/polarssl/x509.h index e11bd90e15..452ea31f6c 100644 --- a/include/polarssl/x509.h +++ b/include/polarssl/x509.h @@ -285,7 +285,8 @@ int x509_get_rsassa_pss_params( const x509_buf *params, #endif int x509_get_sig( unsigned char **p, const unsigned char *end, x509_buf *sig ); int x509_get_sig_alg( const x509_buf *sig_oid, const x509_buf *sig_params, - md_type_t *md_alg, pk_type_t *pk_alg ); + md_type_t *md_alg, pk_type_t *pk_alg, + void **sig_opts ); int x509_get_time( unsigned char **p, const unsigned char *end, x509_time *time ); int x509_get_serial( unsigned char **p, const unsigned char *end, diff --git a/include/polarssl/x509_crl.h b/include/polarssl/x509_crl.h index 81d4734a40..5c4564a450 100644 --- a/include/polarssl/x509_crl.h +++ b/include/polarssl/x509_crl.h @@ -92,8 +92,9 @@ typedef struct _x509_crl x509_buf sig_oid2; x509_buf sig; md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. POLARSSL_MD_SHA256 */ - pk_type_t sig_pk /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */; + pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */ #if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) + void *sig_opts; /**< Signature options to be passed to pk_verify_ext(), eg for RSASSA-PSS */ x509_buf sig_params; /**< Parameters for the signature algorithm */ #endif diff --git a/include/polarssl/x509_crt.h b/include/polarssl/x509_crt.h index 09cc9829b2..86686316cd 100644 --- a/include/polarssl/x509_crt.h +++ b/include/polarssl/x509_crt.h @@ -92,8 +92,9 @@ typedef struct _x509_crt x509_buf sig_oid2; /**< Signature algorithm. Must match sig_oid1. */ x509_buf sig; /**< Signature: hash of the tbs part signed with the private key. */ md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. POLARSSL_MD_SHA256 */ - pk_type_t sig_pk /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */; + pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */ #if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) + void *sig_opts; /**< Signature options to be passed to pk_verify_ext(), eg for RSASSA-PSS */ x509_buf sig_params; /**< Parameters for the signature algorithm */ #endif diff --git a/include/polarssl/x509_csr.h b/include/polarssl/x509_csr.h index af3f226c86..28ddedaae6 100644 --- a/include/polarssl/x509_csr.h +++ b/include/polarssl/x509_csr.h @@ -66,8 +66,9 @@ typedef struct _x509_csr x509_buf sig_oid; x509_buf sig; md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. POLARSSL_MD_SHA256 */ - pk_type_t sig_pk /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */; + pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */ #if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) + void *sig_opts; /**< Signature options to be passed to pk_verify_ext(), eg for RSASSA-PSS */ x509_buf sig_params; /**< Parameters for the signature algorithm */ #endif } diff --git a/library/x509.c b/library/x509.c index 8e53eb798b..ffa7980520 100644 --- a/library/x509.c +++ b/library/x509.c @@ -559,25 +559,37 @@ int x509_get_sig( unsigned char **p, const unsigned char *end, x509_buf *sig ) * Get signature algorithm from alg OID and optional parameters */ int x509_get_sig_alg( const x509_buf *sig_oid, const x509_buf *sig_params, - md_type_t *md_alg, pk_type_t *pk_alg ) + md_type_t *md_alg, pk_type_t *pk_alg, + void **sig_opts ) { int ret; + if( *sig_opts != NULL ) + return( POLARSSL_ERR_X509_BAD_INPUT_DATA ); + if( ( ret = oid_get_sig_alg( sig_oid, md_alg, pk_alg ) ) != 0 ) return( POLARSSL_ERR_X509_UNKNOWN_SIG_ALG + ret ); #if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) if( *pk_alg == POLARSSL_PK_RSASSA_PSS ) { - int salt_len; - md_type_t mgf_md; + pk_rsassa_pss_options *pss_opts; + + pss_opts = polarssl_malloc( sizeof( pk_rsassa_pss_options ) ); + if( pss_opts == NULL ) + return( POLARSSL_ERR_X509_MALLOC_FAILED ); - /* Make sure params are valid */ ret = x509_get_rsassa_pss_params( sig_params, - md_alg, &mgf_md, &salt_len ); + md_alg, + &pss_opts->mgf1_hash_id, + &pss_opts->expected_salt_len ); if( ret != 0 ) + { + polarssl_free( pss_opts ); return( ret ); + } + *sig_opts = (void *) pss_opts; } else #endif diff --git a/library/x509_crl.c b/library/x509_crl.c index 986fc26d41..2d6b50d1dc 100644 --- a/library/x509_crl.c +++ b/library/x509_crl.c @@ -398,7 +398,8 @@ int x509_crl_parse( x509_crl *chain, const unsigned char *buf, size_t buflen ) } if( ( ret = x509_get_sig_alg( &crl->sig_oid1, &sig_params, - &crl->sig_md, &crl->sig_pk ) ) != 0 ) + &crl->sig_md, &crl->sig_pk, + &crl->sig_opts ) ) != 0 ) { x509_crl_free( crl ); return( POLARSSL_ERR_X509_UNKNOWN_SIG_ALG ); @@ -726,6 +727,10 @@ void x509_crl_free( x509_crl *crl ) do { +#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) + polarssl_free( crl_cur->sig_opts ); +#endif + name_cur = crl_cur->issuer.next; while( name_cur != NULL ) { diff --git a/library/x509_crt.c b/library/x509_crt.c index fbc3989c75..7e5de1d672 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -616,7 +616,8 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf, } if( ( ret = x509_get_sig_alg( &crt->sig_oid1, &sig_params, - &crt->sig_md, &crt->sig_pk ) ) != 0 ) + &crt->sig_md, &crt->sig_pk, + &crt->sig_opts ) ) != 0 ) { x509_crt_free( crt ); return( ret ); @@ -1961,6 +1962,10 @@ void x509_crt_free( x509_crt *crt ) { pk_free( &cert_cur->pk ); +#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) + polarssl_free( cert_cur->sig_opts ); +#endif + name_cur = cert_cur->issuer.next; while( name_cur != NULL ) { diff --git a/library/x509_csr.c b/library/x509_csr.c index 082e461913..4dd623a6ac 100644 --- a/library/x509_csr.c +++ b/library/x509_csr.c @@ -255,7 +255,8 @@ int x509_csr_parse( x509_csr *csr, const unsigned char *buf, size_t buflen ) } if( ( ret = x509_get_sig_alg( &csr->sig_oid, &sig_params, - &csr->sig_md, &csr->sig_pk ) ) != 0 ) + &csr->sig_md, &csr->sig_pk, + &csr->sig_opts ) ) != 0 ) { x509_csr_free( csr ); return( POLARSSL_ERR_X509_UNKNOWN_SIG_ALG ); @@ -425,6 +426,10 @@ void x509_csr_free( x509_csr *csr ) pk_free( &csr->pk ); +#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) + polarssl_free( csr->sig_opts ); +#endif + name_cur = csr->subject.next; while( name_cur != NULL ) { From 9113603b6bfe72a2aa41d6c15772381dd3f92bb6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 5 Jun 2014 15:41:39 +0200 Subject: [PATCH 18/34] Use sig_opts in x509_sig_alg_gets() --- include/polarssl/x509.h | 3 ++- library/x509.c | 19 +++++++++---------- library/x509_crl.c | 7 ++++--- library/x509_crt.c | 7 ++++--- library/x509_csr.c | 7 ++++--- 5 files changed, 23 insertions(+), 20 deletions(-) diff --git a/include/polarssl/x509.h b/include/polarssl/x509.h index 452ea31f6c..bd34617c56 100644 --- a/include/polarssl/x509.h +++ b/include/polarssl/x509.h @@ -295,7 +295,8 @@ int x509_get_ext( unsigned char **p, const unsigned char *end, x509_buf *ext, int tag ); int x509_load_file( const char *path, unsigned char **buf, size_t *n ); int x509_sig_alg_gets( char *buf, size_t size, const x509_buf *sig_oid, - pk_type_t pk_alg, const x509_buf *sig_params ); + pk_type_t pk_alg, md_type_t md_alg, + const void *sig_opts ); int x509_key_size_helper( char *buf, size_t size, const char *name ); int x509_string_to_names( asn1_named_data **head, const char *name ); int x509_set_extension( asn1_named_data **head, const char *oid, size_t oid_len, diff --git a/library/x509.c b/library/x509.c index ffa7980520..57dfd64fd4 100644 --- a/library/x509.c +++ b/library/x509.c @@ -836,10 +836,11 @@ int x509_serial_gets( char *buf, size_t size, const x509_buf *serial ) } /* - * Helper for writing signature alrogithms + * Helper for writing signature algorithms */ int x509_sig_alg_gets( char *buf, size_t size, const x509_buf *sig_oid, - pk_type_t pk_alg, const x509_buf *sig_params ) + pk_type_t pk_alg, md_type_t md_alg, + const void *sig_opts ) { int ret; char *p = buf; @@ -856,26 +857,24 @@ int x509_sig_alg_gets( char *buf, size_t size, const x509_buf *sig_oid, #if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) if( pk_alg == POLARSSL_PK_RSASSA_PSS ) { - md_type_t md_alg, mgf_md; + const pk_rsassa_pss_options *pss_opts; const md_info_t *md_info, *mgf_md_info; - int salt_len; - if( ( ret = x509_get_rsassa_pss_params( sig_params, - &md_alg, &mgf_md, &salt_len ) ) != 0 ) - return( ret ); + pss_opts = (const pk_rsassa_pss_options *) sig_opts; md_info = md_info_from_type( md_alg ); - mgf_md_info = md_info_from_type( mgf_md ); + mgf_md_info = md_info_from_type( pss_opts->mgf1_hash_id ); ret = snprintf( p, n, " (%s, MGF1-%s, 0x%02X)", md_info ? md_info->name : "???", mgf_md_info ? mgf_md_info->name : "???", - salt_len ); + pss_opts->expected_salt_len ); SAFE_SNPRINTF(); } #else ((void) pk_alg); - ((void) sig_params); + ((void) md_alg); + ((void) sig_opts); #endif /* POLARSSL_RSASSA_PSS_CERTIFICATES */ return( (int) size - n ); diff --git a/library/x509_crl.c b/library/x509_crl.c index 2d6b50d1dc..f532c0cbeb 100644 --- a/library/x509_crl.c +++ b/library/x509_crl.c @@ -634,9 +634,9 @@ int x509_crl_info( char *buf, size_t size, const char *prefix, char *p; const x509_crl_entry *entry; #if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) - const x509_buf *sig_params = &crl->sig_params; + const void *sig_opts = crl->sig_opts; #else - const x509_buf *sig_params = NULL; + const void *sig_opts = NULL; #endif p = buf; @@ -693,7 +693,8 @@ int x509_crl_info( char *buf, size_t size, const char *prefix, ret = snprintf( p, n, "\n%ssigned using : ", prefix ); SAFE_SNPRINTF(); - ret = x509_sig_alg_gets( p, n, &crl->sig_oid1, crl->sig_pk, sig_params ); + ret = x509_sig_alg_gets( p, n, &crl->sig_oid1, crl->sig_pk, crl->sig_md, + sig_opts ); SAFE_SNPRINTF(); ret = snprintf( p, n, "\n" ); diff --git a/library/x509_crt.c b/library/x509_crt.c index 7e5de1d672..617b733af5 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -1261,9 +1261,9 @@ int x509_crt_info( char *buf, size_t size, const char *prefix, char *p; char key_size_str[BEFORE_COLON]; #if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) - const x509_buf *sig_params = &crt->sig_params; + const void *sig_opts = crt->sig_opts; #else - const x509_buf *sig_params = NULL; + const void *sig_opts = NULL; #endif p = buf; @@ -1306,7 +1306,8 @@ int x509_crt_info( char *buf, size_t size, const char *prefix, ret = snprintf( p, n, "\n%ssigned using : ", prefix ); SAFE_SNPRINTF(); - ret = x509_sig_alg_gets( p, n, &crt->sig_oid1, crt->sig_pk, sig_params ); + ret = x509_sig_alg_gets( p, n, &crt->sig_oid1, crt->sig_pk, + crt->sig_md, sig_opts ); SAFE_SNPRINTF(); /* Key size */ diff --git a/library/x509_csr.c b/library/x509_csr.c index 4dd623a6ac..b71bc0b9d4 100644 --- a/library/x509_csr.c +++ b/library/x509_csr.c @@ -369,9 +369,9 @@ int x509_csr_info( char *buf, size_t size, const char *prefix, char *p; char key_size_str[BEFORE_COLON]; #if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) - const x509_buf *sig_params = &csr->sig_params; + const void *sig_opts = csr->sig_opts; #else - const x509_buf *sig_params = NULL; + const void *sig_opts = NULL; #endif p = buf; @@ -389,7 +389,8 @@ int x509_csr_info( char *buf, size_t size, const char *prefix, ret = snprintf( p, n, "\n%ssigned using : ", prefix ); SAFE_SNPRINTF(); - ret = x509_sig_alg_gets( p, n, &csr->sig_oid, csr->sig_pk, sig_params ); + ret = x509_sig_alg_gets( p, n, &csr->sig_oid, csr->sig_pk, csr->sig_md, + sig_opts ); SAFE_SNPRINTF(); if( ( ret = x509_key_size_helper( key_size_str, BEFORE_COLON, From dddbb1d1eb03871de34c284083813ab116a66f77 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 5 Jun 2014 17:02:24 +0200 Subject: [PATCH 19/34] Rm sig_params from various X509 structures --- include/polarssl/x509_crl.h | 1 - include/polarssl/x509_crt.h | 1 - include/polarssl/x509_csr.h | 1 - library/x509_crl.c | 25 +++++++++---------------- library/x509_crt.c | 25 +++++++++---------------- library/x509_csr.c | 6 ++---- 6 files changed, 20 insertions(+), 39 deletions(-) diff --git a/include/polarssl/x509_crl.h b/include/polarssl/x509_crl.h index 5c4564a450..886a536fdf 100644 --- a/include/polarssl/x509_crl.h +++ b/include/polarssl/x509_crl.h @@ -95,7 +95,6 @@ typedef struct _x509_crl pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */ #if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) void *sig_opts; /**< Signature options to be passed to pk_verify_ext(), eg for RSASSA-PSS */ - x509_buf sig_params; /**< Parameters for the signature algorithm */ #endif struct _x509_crl *next; diff --git a/include/polarssl/x509_crt.h b/include/polarssl/x509_crt.h index 86686316cd..8877e694a8 100644 --- a/include/polarssl/x509_crt.h +++ b/include/polarssl/x509_crt.h @@ -95,7 +95,6 @@ typedef struct _x509_crt pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */ #if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) void *sig_opts; /**< Signature options to be passed to pk_verify_ext(), eg for RSASSA-PSS */ - x509_buf sig_params; /**< Parameters for the signature algorithm */ #endif struct _x509_crt *next; /**< Next certificate in the CA-chain. */ diff --git a/include/polarssl/x509_csr.h b/include/polarssl/x509_csr.h index 28ddedaae6..531fa09120 100644 --- a/include/polarssl/x509_csr.h +++ b/include/polarssl/x509_csr.h @@ -69,7 +69,6 @@ typedef struct _x509_csr pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */ #if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) void *sig_opts; /**< Signature options to be passed to pk_verify_ext(), eg for RSASSA-PSS */ - x509_buf sig_params; /**< Parameters for the signature algorithm */ #endif } x509_csr; diff --git a/library/x509_crl.c b/library/x509_crl.c index f532c0cbeb..26d351ae38 100644 --- a/library/x509_crl.c +++ b/library/x509_crl.c @@ -256,14 +256,15 @@ int x509_crl_parse( x509_crl *chain, const unsigned char *buf, size_t buflen ) size_t len; unsigned char *p, *end; x509_crl *crl; - x509_buf sig_params; + x509_buf sig_params1, sig_params2; #if defined(POLARSSL_PEM_PARSE_C) size_t use_len; pem_context pem; #endif - memset( &sig_params, 0, sizeof( x509_buf ) ); + memset( &sig_params1, 0, sizeof( x509_buf ) ); + memset( &sig_params2, 0, sizeof( x509_buf ) ); crl = chain; @@ -383,7 +384,7 @@ int x509_crl_parse( x509_crl *chain, const unsigned char *buf, size_t buflen ) * signature AlgorithmIdentifier */ if( ( ret = x509_crl_get_version( &p, end, &crl->version ) ) != 0 || - ( ret = x509_get_alg( &p, end, &crl->sig_oid1, &sig_params ) ) != 0 ) + ( ret = x509_get_alg( &p, end, &crl->sig_oid1, &sig_params1 ) ) != 0 ) { x509_crl_free( crl ); return( ret ); @@ -397,7 +398,7 @@ int x509_crl_parse( x509_crl *chain, const unsigned char *buf, size_t buflen ) return( POLARSSL_ERR_X509_UNKNOWN_VERSION ); } - if( ( ret = x509_get_sig_alg( &crl->sig_oid1, &sig_params, + if( ( ret = x509_get_sig_alg( &crl->sig_oid1, &sig_params1, &crl->sig_md, &crl->sig_pk, &crl->sig_opts ) ) != 0 ) { @@ -405,10 +406,6 @@ int x509_crl_parse( x509_crl *chain, const unsigned char *buf, size_t buflen ) return( POLARSSL_ERR_X509_UNKNOWN_SIG_ALG ); } -#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) - memcpy( &crl->sig_params, &sig_params, sizeof( x509_buf ) ); -#endif - /* * issuer Name */ @@ -493,20 +490,16 @@ int x509_crl_parse( x509_crl *chain, const unsigned char *buf, size_t buflen ) * signatureAlgorithm AlgorithmIdentifier, * signatureValue BIT STRING */ - if( ( ret = x509_get_alg( &p, end, &crl->sig_oid2, &sig_params ) ) != 0 ) + if( ( ret = x509_get_alg( &p, end, &crl->sig_oid2, &sig_params2 ) ) != 0 ) { x509_crl_free( crl ); return( ret ); } if( crl->sig_oid1.len != crl->sig_oid2.len || - memcmp( crl->sig_oid1.p, crl->sig_oid2.p, crl->sig_oid1.len ) != 0 -#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) - || - crl->sig_params.len != sig_params.len || - memcmp( crl->sig_params.p, sig_params.p, sig_params.len ) != 0 -#endif - ) + memcmp( crl->sig_oid1.p, crl->sig_oid2.p, crl->sig_oid1.len ) != 0 || + sig_params1.len != sig_params2.len || + memcmp( sig_params1.p, sig_params2.p, sig_params1.len ) != 0) { x509_crl_free( crl ); return( POLARSSL_ERR_X509_SIG_MISMATCH ); diff --git a/library/x509_crt.c b/library/x509_crt.c index 617b733af5..6e01db827d 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -534,9 +534,10 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf, int ret; size_t len; unsigned char *p, *end, *crt_end; - x509_buf sig_params; + x509_buf sig_params1, sig_params2; - memset( &sig_params, 0, sizeof( x509_buf ) ); + memset( &sig_params1, 0, sizeof( x509_buf ) ); + memset( &sig_params2, 0, sizeof( x509_buf ) ); /* * Check for valid input @@ -601,7 +602,7 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf, if( ( ret = x509_get_version( &p, end, &crt->version ) ) != 0 || ( ret = x509_get_serial( &p, end, &crt->serial ) ) != 0 || ( ret = x509_get_alg( &p, end, &crt->sig_oid1, - &sig_params ) ) != 0 ) + &sig_params1 ) ) != 0 ) { x509_crt_free( crt ); return( ret ); @@ -615,7 +616,7 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf, return( POLARSSL_ERR_X509_UNKNOWN_VERSION ); } - if( ( ret = x509_get_sig_alg( &crt->sig_oid1, &sig_params, + if( ( ret = x509_get_sig_alg( &crt->sig_oid1, &sig_params1, &crt->sig_md, &crt->sig_pk, &crt->sig_opts ) ) != 0 ) { @@ -623,10 +624,6 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf, return( ret ); } -#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) - memcpy( &crt->sig_params, &sig_params, sizeof( x509_buf ) ); -#endif - /* * issuer Name */ @@ -747,20 +744,16 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf, * signatureAlgorithm AlgorithmIdentifier, * signatureValue BIT STRING */ - if( ( ret = x509_get_alg( &p, end, &crt->sig_oid2, &sig_params ) ) != 0 ) + if( ( ret = x509_get_alg( &p, end, &crt->sig_oid2, &sig_params2 ) ) != 0 ) { x509_crt_free( crt ); return( ret ); } if( crt->sig_oid1.len != crt->sig_oid2.len || - memcmp( crt->sig_oid1.p, crt->sig_oid2.p, crt->sig_oid1.len ) != 0 -#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) - || - crt->sig_params.len != sig_params.len || - memcmp( crt->sig_params.p, sig_params.p, sig_params.len ) != 0 -#endif - ) + memcmp( crt->sig_oid1.p, crt->sig_oid2.p, crt->sig_oid1.len ) != 0 || + sig_params1.len != sig_params2.len || + memcmp( sig_params1.p, sig_params2.p, sig_params1.len ) != 0) { x509_crt_free( crt ); return( POLARSSL_ERR_X509_SIG_MISMATCH ); diff --git a/library/x509_csr.c b/library/x509_csr.c index b71bc0b9d4..81043469db 100644 --- a/library/x509_csr.c +++ b/library/x509_csr.c @@ -99,6 +99,8 @@ int x509_csr_parse( x509_csr *csr, const unsigned char *buf, size_t buflen ) pem_context pem; #endif + memset( &sig_params, 0, sizeof( x509_buf ) ); + /* * Check for valid input */ @@ -262,10 +264,6 @@ int x509_csr_parse( x509_csr *csr, const unsigned char *buf, size_t buflen ) return( POLARSSL_ERR_X509_UNKNOWN_SIG_ALG ); } -#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) - memcpy( &csr->sig_params, &sig_params, sizeof( x509_buf ) ); -#endif - if( ( ret = x509_get_sig( &p, end, &csr->sig ) ) != 0 ) { x509_csr_free( csr ); From bf696d030b078db77c13d926ef1c16559780a711 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 5 Jun 2014 17:07:30 +0200 Subject: [PATCH 20/34] Make sig_opts non-optional in X509 structures This simplifies the code. --- ChangeLog | 3 ++- include/polarssl/config.h | 12 +++--------- include/polarssl/x509_crl.h | 2 -- include/polarssl/x509_crt.h | 2 -- include/polarssl/x509_csr.h | 2 -- library/x509_crl.c | 7 +------ library/x509_crt.c | 7 +------ library/x509_csr.c | 7 +------ 8 files changed, 8 insertions(+), 34 deletions(-) diff --git a/ChangeLog b/ChangeLog index 29b848da17..bbfc3234c9 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,7 +1,8 @@ PolarSSL ChangeLog (Sorted per branch, date) -TODO: bump SOVERSION +TODO: bump SOVERSION for ABI change (internal-but-not-static function x509_get_sig_alg() changed prototype) +(and various x509 structures got a new member) = PolarSSL 1.3 branch Features diff --git a/include/polarssl/config.h b/include/polarssl/config.h index 58e8cff08e..1d1533810d 100644 --- a/include/polarssl/config.h +++ b/include/polarssl/config.h @@ -223,16 +223,10 @@ /** * \def POLARSSL_RSASSA_PSS_CERTIFICATES * - * Enable parsing and verification of X.509 certificates and CRLs signed with - * RSASSA-PSS. + * Enable parsing and verification of X.509 certificates, CRLs and CSRS + * signed with RSASSA-PSS (aka PKCS#1 v2.1). * - * This is disabled by default since it breaks binary compatibility with the - * 1.3.x line. If you choose to enable it, you will need to rebuild your - * application against the new header files, relinking will not be enough. - * - * TODO: actually disable it when done working on this branch ,) - * - * Uncomment this macro to allow using RSASSA-PSS in certificates. + * Comment this macro to disallow using RSASSA-PSS in certificates. */ #define POLARSSL_RSASSA_PSS_CERTIFICATES diff --git a/include/polarssl/x509_crl.h b/include/polarssl/x509_crl.h index 886a536fdf..067d5e6d59 100644 --- a/include/polarssl/x509_crl.h +++ b/include/polarssl/x509_crl.h @@ -93,9 +93,7 @@ typedef struct _x509_crl x509_buf sig; md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. POLARSSL_MD_SHA256 */ pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */ -#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) void *sig_opts; /**< Signature options to be passed to pk_verify_ext(), eg for RSASSA-PSS */ -#endif struct _x509_crl *next; } diff --git a/include/polarssl/x509_crt.h b/include/polarssl/x509_crt.h index 8877e694a8..57dbed2361 100644 --- a/include/polarssl/x509_crt.h +++ b/include/polarssl/x509_crt.h @@ -93,9 +93,7 @@ typedef struct _x509_crt x509_buf sig; /**< Signature: hash of the tbs part signed with the private key. */ md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. POLARSSL_MD_SHA256 */ pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */ -#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) void *sig_opts; /**< Signature options to be passed to pk_verify_ext(), eg for RSASSA-PSS */ -#endif struct _x509_crt *next; /**< Next certificate in the CA-chain. */ } diff --git a/include/polarssl/x509_csr.h b/include/polarssl/x509_csr.h index 531fa09120..a4bad3f787 100644 --- a/include/polarssl/x509_csr.h +++ b/include/polarssl/x509_csr.h @@ -67,9 +67,7 @@ typedef struct _x509_csr x509_buf sig; md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. POLARSSL_MD_SHA256 */ pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */ -#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) void *sig_opts; /**< Signature options to be passed to pk_verify_ext(), eg for RSASSA-PSS */ -#endif } x509_csr; diff --git a/library/x509_crl.c b/library/x509_crl.c index 26d351ae38..2191b47c8b 100644 --- a/library/x509_crl.c +++ b/library/x509_crl.c @@ -626,11 +626,6 @@ int x509_crl_info( char *buf, size_t size, const char *prefix, size_t n; char *p; const x509_crl_entry *entry; -#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) - const void *sig_opts = crl->sig_opts; -#else - const void *sig_opts = NULL; -#endif p = buf; n = size; @@ -687,7 +682,7 @@ int x509_crl_info( char *buf, size_t size, const char *prefix, SAFE_SNPRINTF(); ret = x509_sig_alg_gets( p, n, &crl->sig_oid1, crl->sig_pk, crl->sig_md, - sig_opts ); + crl->sig_opts ); SAFE_SNPRINTF(); ret = snprintf( p, n, "\n" ); diff --git a/library/x509_crt.c b/library/x509_crt.c index 6e01db827d..d6164a8658 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -1253,11 +1253,6 @@ int x509_crt_info( char *buf, size_t size, const char *prefix, size_t n; char *p; char key_size_str[BEFORE_COLON]; -#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) - const void *sig_opts = crt->sig_opts; -#else - const void *sig_opts = NULL; -#endif p = buf; n = size; @@ -1300,7 +1295,7 @@ int x509_crt_info( char *buf, size_t size, const char *prefix, SAFE_SNPRINTF(); ret = x509_sig_alg_gets( p, n, &crt->sig_oid1, crt->sig_pk, - crt->sig_md, sig_opts ); + crt->sig_md, crt->sig_opts ); SAFE_SNPRINTF(); /* Key size */ diff --git a/library/x509_csr.c b/library/x509_csr.c index 81043469db..1c70a3373b 100644 --- a/library/x509_csr.c +++ b/library/x509_csr.c @@ -366,11 +366,6 @@ int x509_csr_info( char *buf, size_t size, const char *prefix, size_t n; char *p; char key_size_str[BEFORE_COLON]; -#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) - const void *sig_opts = csr->sig_opts; -#else - const void *sig_opts = NULL; -#endif p = buf; n = size; @@ -388,7 +383,7 @@ int x509_csr_info( char *buf, size_t size, const char *prefix, SAFE_SNPRINTF(); ret = x509_sig_alg_gets( p, n, &csr->sig_oid, csr->sig_pk, csr->sig_md, - sig_opts ); + csr->sig_opts ); SAFE_SNPRINTF(); if( ( ret = x509_key_size_helper( key_size_str, BEFORE_COLON, From 46db4b070c518d278e8e419f76ccfbb2883eebeb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 5 Jun 2014 16:34:18 +0200 Subject: [PATCH 21/34] Use pk_verify_ext() in x509_crt.c --- library/x509_crt.c | 42 ++++++------------------------------------ 1 file changed, 6 insertions(+), 36 deletions(-) diff --git a/library/x509_crt.c b/library/x509_crt.c index d6164a8658..fdcc969202 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -1659,24 +1659,9 @@ static int x509_crt_verify_top( continue; } -#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) - if( child->sig_pk == POLARSSL_PK_RSASSA_PSS ) - { - if( pk_can_do( &trust_ca->pk, POLARSSL_PK_RSA ) == 0 || - rsa_rsassa_pss_verify( pk_rsa( trust_ca->pk ), - NULL, NULL, RSA_PUBLIC, - child->sig_md, - md_info->size, hash, - child->sig.p ) != 0 ) - { - continue; - } - } - else -#endif - if( pk_can_do( &trust_ca->pk, child->sig_pk ) == 0 || - pk_verify( &trust_ca->pk, child->sig_md, hash, md_info->size, - child->sig.p, child->sig.len ) != 0 ) + if( pk_verify_ext( child->sig_pk, child->sig_opts, &trust_ca->pk, + child->sig_md, hash, md_info->size, + child->sig.p, child->sig.len ) != 0 ) { continue; } @@ -1763,24 +1748,9 @@ static int x509_crt_verify_child( { md( md_info, child->tbs.p, child->tbs.len, hash ); -#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) - if( child->sig_pk == POLARSSL_PK_RSASSA_PSS ) - { - if( pk_can_do( &parent->pk, POLARSSL_PK_RSA ) == 0 || - rsa_rsassa_pss_verify( pk_rsa( parent->pk ), - NULL, NULL, RSA_PUBLIC, - child->sig_md, - md_info->size, hash, - child->sig.p ) != 0 ) - { - *flags |= BADCERT_NOT_TRUSTED; - } - } - else -#endif - if( pk_can_do( &parent->pk, child->sig_pk ) == 0 || - pk_verify( &parent->pk, child->sig_md, hash, md_info->size, - child->sig.p, child->sig.len ) != 0 ) + if( pk_verify_ext( child->sig_pk, child->sig_opts, &parent->pk, + child->sig_md, hash, md_info->size, + child->sig.p, child->sig.len ) != 0 ) { *flags |= BADCERT_NOT_TRUSTED; } From 53882023e7f783f01c8e98d84782bf3920c1ee92 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 5 Jun 2014 17:53:52 +0200 Subject: [PATCH 22/34] Also verify CRLs signed with RSASSA-PSS --- library/x509_crt.c | 6 ++--- tests/data_files/crl-rsa-pss-sha1-badsign.pem | 14 ++++++++++++ tests/suites/test_suite_x509parse.data | 22 +++++++++++++------ 3 files changed, 32 insertions(+), 10 deletions(-) create mode 100644 tests/data_files/crl-rsa-pss-sha1-badsign.pem diff --git a/library/x509_crt.c b/library/x509_crt.c index fdcc969202..315d98bf88 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -1492,9 +1492,9 @@ static int x509_crt_verifycrl( x509_crt *crt, x509_crt *ca, md( md_info, crl_list->tbs.p, crl_list->tbs.len, hash ); - if( pk_can_do( &ca->pk, crl_list->sig_pk ) == 0 || - pk_verify( &ca->pk, crl_list->sig_md, hash, md_info->size, - crl_list->sig.p, crl_list->sig.len ) != 0 ) + if( pk_verify_ext( crl_list->sig_pk, crl_list->sig_opts, &ca->pk, + crl_list->sig_md, hash, md_info->size, + crl_list->sig.p, crl_list->sig.len ) != 0 ) { flags |= BADCRL_NOT_TRUSTED; break; diff --git a/tests/data_files/crl-rsa-pss-sha1-badsign.pem b/tests/data_files/crl-rsa-pss-sha1-badsign.pem new file mode 100644 index 0000000000..7e2a59677a --- /dev/null +++ b/tests/data_files/crl-rsa-pss-sha1-badsign.pem @@ -0,0 +1,14 @@ +-----BEGIN X509 CRL----- +MIICJDCCAQYCAQEwEwYJKoZIhvcNAQEKMAaiBAICAOowOzELMAkGA1UEBhMCTkwx +ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBFw0x +NDAxMjAxMzQ2MzVaFw0yNDAxMTgxMzQ2MzVaMCgwEgIBChcNMTMwOTI0MTYyODM4 +WjASAgEWFw0xNDAxMjAxMzQzMDVaoGcwZTBjBgNVHSMEXDBagBS0WuSls97SUva5 +1aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NM +MRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMBMGCSqGSIb3DQEBCjAGogQC +AgDqA4IBAQB8ZBX0BEgRcx0lfk1ctELRu1AYoJ5BnsmQpq23Ca4YIP2yb2kTN1ZS +4fR4SgYcNctgo2JJiNiUkCu1ZnRUOJUy8UlEio0+aeumTNz6CbeJEDhr5NC3oiV0 +MzvLn9rJVLPetOT9UrvvIy8iz5Pn1d8mu5rkt9BKQRq9NQx8riKnSIoTc91NLCMo +mkCCB55DVbazODSWK19e6yQ0JS454RglOsqRtLJ/EDbi6lCsLXotFt3GEGMrob1O +7Qck1Z59boaHxGYFEVnx90+4M3/qikVtwZdcBjLEmfuwYvszFw8J2y6Xwmg/HtUa +y6li0JzWNHtkKUlCv2+SESZbD3NU8GQY +-----END X509 CRL----- diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index 3dff51eabf..22e92dc69a 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -576,29 +576,37 @@ x509_verify:"data_files/server9.crt":"data_files/test-ca.crt":"data_files/crl.pe X509 Certificate verification #58 (Valid, RSASSA-PSS, SHA-224) depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA256_C -x509_verify:"data_files/server9-sha224.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"NULL" +x509_verify:"data_files/server9-sha224.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha224.pem":"NULL":0:0:"NULL" X509 Certificate verification #59 (Valid, RSASSA-PSS, SHA-256) depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA256_C -x509_verify:"data_files/server9-sha256.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"NULL" +x509_verify:"data_files/server9-sha256.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha256.pem":"NULL":0:0:"NULL" X509 Certificate verification #60 (Valid, RSASSA-PSS, SHA-384) depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA512_C -x509_verify:"data_files/server9-sha384.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"NULL" +x509_verify:"data_files/server9-sha384.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha384.pem":"NULL":0:0:"NULL" X509 Certificate verification #61 (Valid, RSASSA-PSS, SHA-512) depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA512_C -x509_verify:"data_files/server9-sha512.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"NULL" +x509_verify:"data_files/server9-sha512.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha512.pem":"NULL":0:0:"NULL" -X509 Certificate verification #57 (Valid, RSASSA-PSS, SHA-1, not top) +X509 Certificate verification #62 (Revoked, RSASSA-PSS, SHA-1) +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA1_C +x509_verify:"data_files/server9.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha1.pem":"NULL":POLARSSL_ERR_X509_CERT_VERIFY_FAILED:BADCERT_REVOKED:"NULL" + +X509 Certificate verification #63 (Revoked, RSASSA-PSS, SHA-1, CRL badsign) +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA1_C +x509_verify:"data_files/server9.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha1-badsign.pem":"NULL":POLARSSL_ERR_X509_CERT_VERIFY_FAILED:BADCRL_NOT_TRUSTED:"NULL" + +X509 Certificate verification #64 (Valid, RSASSA-PSS, SHA-1, not top) depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA1_C x509_verify:"data_files/server9-with-ca.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"NULL" -X509 Certificate verification #62 (RSASSA-PSS, SHA1, bad signature) +X509 Certificate verification #65 (RSASSA-PSS, SHA1, bad cert signature) depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA1_C x509_verify:"data_files/server9-badsign.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":POLARSSL_ERR_X509_CERT_VERIFY_FAILED:BADCERT_NOT_TRUSTED:"NULL" -X509 Certificate verification #63 (RSASSA-PSS, SHA1, no RSA CA) +X509 Certificate verification #66 (RSASSA-PSS, SHA1, no RSA CA) depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA1_C x509_verify:"data_files/server9.crt":"data_files/test-ca2.crt":"data_files/crl.pem":"NULL":POLARSSL_ERR_X509_CERT_VERIFY_FAILED:BADCERT_NOT_TRUSTED:"NULL" From eacccb7fb9ce3cf6a94b425d8896f95162568d9f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 5 Jun 2014 18:00:08 +0200 Subject: [PATCH 23/34] Add RSASSA-PSS certificate with all defaults --- tests/data_files/server9-defaults.crt | 19 +++++++++++++++++++ tests/suites/test_suite_x509parse.data | 4 ++++ 2 files changed, 23 insertions(+) create mode 100644 tests/data_files/server9-defaults.crt diff --git a/tests/data_files/server9-defaults.crt b/tests/data_files/server9-defaults.crt new file mode 100644 index 0000000000..4ce5c87326 --- /dev/null +++ b/tests/data_files/server9-defaults.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDBjCCAe6gAwIBAgIBSDANBgkqhkiG9w0BAQowADA7MQswCQYDVQQGEwJOTDER +MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN +MTQwNjA1MTU1NjUzWhcNMjQwNjAyMTU1NjUzWjA0MQswCQYDVQQGEwJOTDERMA8G +A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0B +AQEFAAOBjQAwgYkCgYEA3RGKn5m6sGjKKuo7am1Zl+1OyVTkDe7OoH2gHqroDsK7 +E0DbihKOiRMkpcX1+tj1kNfIysvF/pMdr9oSI3NSeUYauqBXK3YWMbOor+c4mwiL +Y5k6CiXuRdIYWLq5kxrt1FiaYxs3/PcUCJ+FZUnzWTJt0eDobd5S7Wa0qQvaQJUC +AwEAAaOBnzCBnDAJBgNVHRMEAjAAMB0GA1UdDgQWBBTu88f1HxWlTUeJwdMiY7Lf +p869UTBjBgNVHSMEXDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0wOzELMAkG +A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBU +ZXN0IENBggEAMAsGA1UdDwQEAwIFoDANBgkqhkiG9w0BAQowAAOCAQEAGUdim4uy +/rBDFMF8qhjH1qsv0o8ON4HgP3YXbdKdIMfd+p5KtoqHQnrkixWxaIvfORnR4mGm +f8H5BimwIkNLxy7zS88TVDOYel8g7B2yl0nq4biki83NStNBYZJjxKT0ud5O5mGd +jHdy9vTEc7h8q+SHzRdgpNFXyKY5OQYng1LHco8h1UR8/nmPMuDtocHMnmMXu68a +69+TtZxx90/V4gJZOoL1iCi8HEsKoJzm/L8ji54OYt7FxgFfE3VmLsXeMaWYO8GS +BUxh5kqZ25O8hQXK5ywfuVK83Do/SsoClbgx9mboybseGVFIJaxs9e66GFDMoI3B +09JqWv4DoLNnwg== +-----END CERTIFICATE----- diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index 22e92dc69a..a0e5146f2a 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -610,6 +610,10 @@ X509 Certificate verification #66 (RSASSA-PSS, SHA1, no RSA CA) depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA1_C x509_verify:"data_files/server9.crt":"data_files/test-ca2.crt":"data_files/crl.pem":"NULL":POLARSSL_ERR_X509_CERT_VERIFY_FAILED:BADCERT_NOT_TRUSTED:"NULL" +X509 Certificate verification #67 (Valid, RSASSA-PSS, all defaults) +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA1_C +x509_verify:"data_files/server9-defaults.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha1.pem":"NULL":0:0:"NULL" + X509 Parse Selftest depends_on:POLARSSL_SHA1_C:POLARSSL_PEM_PARSE_C:POLARSSL_CERTS_C x509_selftest: From 0eaa8beb36ebe2d61663b5eb6e550afb0641b7d4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 5 Jun 2014 18:07:20 +0200 Subject: [PATCH 24/34] Fix signedness warning --- library/rsa.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/rsa.c b/library/rsa.c index 32d829c4a0..e171afa182 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -1236,7 +1236,7 @@ int rsa_rsassa_pss_verify( rsa_context *ctx, const unsigned char *sig ) { md_type_t mgf1_hash_id = ( ctx->hash_id != POLARSSL_MD_NONE ) - ? ctx->hash_id + ? (md_type_t) ctx->hash_id : md_alg; return( rsa_rsassa_pss_verify_ext( ctx, f_rng, p_rng, mode, From b29a7ba3f2fa62ed0e4daa6609f236083e36817c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 5 Jun 2014 18:39:07 +0200 Subject: [PATCH 25/34] Fix missing depends in test_suite_pk --- tests/suites/test_suite_pk.data | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/suites/test_suite_pk.data b/tests/suites/test_suite_pk.data index c4393d684e..47640a6874 100644 --- a/tests/suites/test_suite_pk.data +++ b/tests/suites/test_suite_pk.data @@ -95,6 +95,7 @@ depends_on:POLARSSL_PKCS1_V21:POLARSSL_SHA256_C pk_rsa_verify_ext_test_vec:"54657374206d657373616765":POLARSSL_MD_SHA256:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":"7fc506d26ca3b22922a1ce39faaedd273161b82d9443c56f1a034f131ae4a18cae1474271cb4b66a17d9707ca58b0bdbd3c406b7e65bbcc9bbbce94dc45de807b4989b23b3e4db74ca29298137837eb90cc83d3219249bc7d480fceaf075203a86e54c4ecfa4e312e39f8f69d76534089a36ed9049ca9cfd5ab1db1fa75fe5c8":POLARSSL_PK_RSASSA_PSS:POLARSSL_MD_SHA256:0:0 Verify ext RSA #4 (PKCS1 v2.1, salt_len = max, OK) +depends_on:POLARSSL_PKCS1_V21:POLARSSL_SHA256_C pk_rsa_verify_ext_test_vec:"54657374206d657373616765":POLARSSL_MD_SHA256:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":POLARSSL_PK_RSASSA_PSS:POLARSSL_MD_SHA256:94:0 Verify ext RSA #5 (PKCS1 v2.1, wrong salt_len) @@ -110,6 +111,7 @@ depends_on:POLARSSL_PKCS1_V21:POLARSSL_SHA256_C:POLARSSL_SHA1_C pk_rsa_verify_ext_test_vec:"c0719e9a8d5d838d861dc6f675c899d2b309a3a65bb9fe6b11e5afcbf9a2c0b1":POLARSSL_MD_NONE:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":POLARSSL_PK_RSASSA_PSS:POLARSSL_MD_SHA1:RSA_SALT_LEN_ANY:POLARSSL_ERR_RSA_INVALID_PADDING Verify ext RSA #8 (PKCS1 v2.1, RSASSA-PSS without options) +depends_on:POLARSSL_PKCS1_V21:POLARSSL_SHA256_C pk_rsa_verify_ext_test_vec:"54657374206d657373616765":POLARSSL_MD_SHA256:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":POLARSSL_PK_RSASSA_PSS:-1:RSA_SALT_LEN_ANY:POLARSSL_ERR_PK_BAD_INPUT_DATA Verify ext RSA #9 (PKCS1 v2.1, RSA with options) From 88aa6e0b58e1038e7dab5248e9f97ed2bb87b03a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 5 Jun 2014 18:53:16 +0200 Subject: [PATCH 26/34] Fix potential memory leak in RSASSA-PSS verify --- library/rsa.c | 1 + 1 file changed, 1 insertion(+) diff --git a/library/rsa.c b/library/rsa.c index e171afa182..6b034c6b8c 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -1204,6 +1204,7 @@ int rsa_rsassa_pss_verify_ext( rsa_context *ctx, if( expected_salt_len != RSA_SALT_LEN_ANY && slen != (size_t) expected_salt_len ) { + md_free_ctx( &md_ctx ); return( POLARSSL_ERR_RSA_INVALID_PADDING ); } From 3d49b9d220f185318ad4dd419ad286e05944123e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 6 Jun 2014 14:48:09 +0200 Subject: [PATCH 27/34] Add test helper function unhexify_alloc() --- tests/suites/helpers.function | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function index f6a35295bb..2be5dcce44 100644 --- a/tests/suites/helpers.function +++ b/tests/suites/helpers.function @@ -2,6 +2,13 @@ #include "polarssl/memory.h" #endif +#if defined(POLARSSL_PLATFORM_C) +#include "polarssl/platform.h" +#else +#define polarssl_malloc malloc +#define polarssl_free free +#endif + #ifdef _MSC_VER #include typedef UINT32 uint32_t; @@ -94,6 +101,27 @@ static void hexify(unsigned char *obuf, const unsigned char *ibuf, int len) } } +/** + * Allocate and fill a buffer from hex data. + * + * The buffer is sized exactly as needed. This allows to detect buffer + * overruns (including overreads) when running the test suite under valgrind. + * + * For convenience, dies if allocation fails. + */ +static unsigned char *unhexify_alloc( const char *ibuf, size_t *olen ) +{ + unsigned char *obuf; + + *olen = strlen(ibuf) / 2; + + assert( ( obuf = polarssl_malloc( *olen ) ) != NULL ); + + (void) unhexify( obuf, ibuf ); + + return( obuf ); +} + /** * This function just returns data from rand(). * Although predictable and often similar on multiple From 854036956db41b468f2f7fb71989ae6745d52ab2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 6 Jun 2014 14:48:38 +0200 Subject: [PATCH 28/34] Add tests for x509 rsassa_pss params parsing --- tests/suites/test_suite_x509parse.data | 105 +++++++++++++++++++++ tests/suites/test_suite_x509parse.function | 31 ++++++ 2 files changed, 136 insertions(+) diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index a0e5146f2a..3df0982675 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -696,6 +696,9 @@ x509parse_crt:"301c301aa0030201028204deadbeef300d06092a864886f70d0101020500":"": X509 Certificate ASN1 (TBSCertificate, correct alg, unknown specific alg_id) x509parse_crt:"301c301aa0030201028204deadbeef300d06092a864886f70d0101010500":"":POLARSSL_ERR_X509_UNKNOWN_SIG_ALG + POLARSSL_ERR_OID_NOT_FOUND +X509 Certificate ASN1 (TBSCertificate, correct alg, bad RSASSA-PSS params) +x509parse_crt:"30193017A003020102020118300D06092A864886F70D01010A3100":"":POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_UNEXPECTED_TAG + X509 Certificate ASN1 (TBSCertificate, issuer no set data) x509parse_crt:"301e301ca0030201028204deadbeef300d06092a864886f70d01010205003000":"":POLARSSL_ERR_X509_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA @@ -1051,3 +1054,105 @@ X509 crt extendedKeyUsage #7 (any, random) depends_on:POLARSSL_ECP_DP_SECP256R1_ENABLED x509_check_extended_key_usage:"data_files/server5.eku-cs_any.crt":"2B060105050703FF":0 +X509 RSASSA-PSS parameters ASN1 (good, all defaults) +x509_parse_rsassa_pss_params:"":ASN1_CONSTRUCTED | ASN1_SEQUENCE:POLARSSL_MD_SHA1:POLARSSL_MD_SHA1:20:0 + +X509 RSASSA-PSS parameters ASN1 (wrong initial tag) +x509_parse_rsassa_pss_params:"":ASN1_SEQUENCE:POLARSSL_MD_SHA1:POLARSSL_MD_SHA1:20:POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_UNEXPECTED_TAG + +X509 RSASSA-PSS parameters ASN1 (unknown tag in top-level sequence) +x509_parse_rsassa_pss_params:"A400":ASN1_CONSTRUCTED | ASN1_SEQUENCE:POLARSSL_MD_SHA1:POLARSSL_MD_SHA1:20:POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_LENGTH_MISMATCH + +X509 RSASSA-PSS parameters ASN1 (good, HashAlg SHA256) +x509_parse_rsassa_pss_params:"A00D300B0609608648016503040201":ASN1_CONSTRUCTED | ASN1_SEQUENCE:POLARSSL_MD_SHA256:POLARSSL_MD_SHA1:20:0 + +X509 RSASSA-PSS parameters ASN1 (good, explicit HashAlg = default) +x509_parse_rsassa_pss_params:"A009300706052B0E03021A":ASN1_CONSTRUCTED | ASN1_SEQUENCE:POLARSSL_MD_SHA1:POLARSSL_MD_SHA1:20:0 + +X509 RSASSA-PSS parameters ASN1 (HashAlg wrong len #1) +x509_parse_rsassa_pss_params:"A00A300706052B0E03021A":ASN1_CONSTRUCTED | ASN1_SEQUENCE:POLARSSL_MD_SHA1:POLARSSL_MD_SHA1:20:POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA + +X509 RSASSA-PSS parameters ASN1 (HashAlg wrong len #2) +x509_parse_rsassa_pss_params:"A00A300706052B0E03021A00":ASN1_CONSTRUCTED | ASN1_SEQUENCE:POLARSSL_MD_SHA1:POLARSSL_MD_SHA1:20:POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_LENGTH_MISMATCH + +X509 RSASSA-PSS parameters ASN1 (HashAlg with parameters) +x509_parse_rsassa_pss_params:"A00F300D06096086480165030402013000":ASN1_CONSTRUCTED | ASN1_SEQUENCE:POLARSSL_MD_SHA256:POLARSSL_MD_SHA1:20:POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_INVALID_DATA + +X509 RSASSA-PSS parameters ASN1 (HashAlg unkown OID) +x509_parse_rsassa_pss_params:"A00D300B06096086480165030402FF":ASN1_CONSTRUCTED | ASN1_SEQUENCE:POLARSSL_MD_SHA256:POLARSSL_MD_SHA1:20:POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_OID_NOT_FOUND + +X509 RSASSA-PSS parameters ASN1 (good, MGAlg = MGF1-SHA256) +x509_parse_rsassa_pss_params:"A11A301806092A864886F70D010108300B0609608648016503040201":ASN1_CONSTRUCTED | ASN1_SEQUENCE:POLARSSL_MD_SHA1:POLARSSL_MD_SHA256:20:0 + +X509 RSASSA-PSS parameters ASN1 (good, explicit MGAlg = default) +x509_parse_rsassa_pss_params:"A116301406092A864886F70D010108300706052B0E03021A":ASN1_CONSTRUCTED | ASN1_SEQUENCE:POLARSSL_MD_SHA1:POLARSSL_MD_SHA1:20:0 + +X509 RSASSA-PSS parameters ASN1 (MGAlg wrong len #1) +x509_parse_rsassa_pss_params:"A11B301806092A864886F70D010108300B0609608648016503040201":ASN1_CONSTRUCTED | ASN1_SEQUENCE:POLARSSL_MD_SHA1:POLARSSL_MD_SHA256:20:POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA + +X509 RSASSA-PSS parameters ASN1 (MGAlg wrong len #2) +x509_parse_rsassa_pss_params:"A11B301806092A864886F70D010108300B060960864801650304020100":ASN1_CONSTRUCTED | ASN1_SEQUENCE:POLARSSL_MD_SHA1:POLARSSL_MD_SHA256:20:POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_LENGTH_MISMATCH + +X509 RSASSA-PSS parameters ASN1 (MGAlg AlgId wrong len #1) +x509_parse_rsassa_pss_params:"A11A301906092A864886F70D010108300B0609608648016503040201":ASN1_CONSTRUCTED | ASN1_SEQUENCE:POLARSSL_MD_SHA1:POLARSSL_MD_SHA256:20:POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA + +X509 RSASSA-PSS parameters ASN1 (MGAlg OID != MGF1) +x509_parse_rsassa_pss_params:"A11A301806092A864886F70D010109300B0609608648016503040201":ASN1_CONSTRUCTED | ASN1_SEQUENCE:POLARSSL_MD_SHA1:POLARSSL_MD_SHA256:20:POLARSSL_ERR_X509_FEATURE_UNAVAILABLE + POLARSSL_ERR_OID_NOT_FOUND + +X509 RSASSA-PSS parameters ASN1 (MGAlg.params wrong tag) +x509_parse_rsassa_pss_params:"A11A301806092A864886F70D010108310B0609608648016503040201":ASN1_CONSTRUCTED | ASN1_SEQUENCE:POLARSSL_MD_SHA1:POLARSSL_MD_SHA256:20:POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_UNEXPECTED_TAG + +X509 RSASSA-PSS parameters ASN1 (MGAlg.params wrong len #1a) +x509_parse_rsassa_pss_params:"A10F300D06092A864886F70D0101083000":ASN1_CONSTRUCTED | ASN1_SEQUENCE:POLARSSL_MD_SHA1:POLARSSL_MD_SHA256:20:POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA + +X509 RSASSA-PSS parameters ASN1 (MGAlg.params wrong len #1b) +x509_parse_rsassa_pss_params:"A11B301906092A864886F70D010108300C0609608648016503040201":ASN1_CONSTRUCTED | ASN1_SEQUENCE:POLARSSL_MD_SHA1:POLARSSL_MD_SHA256:20:POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA + +X509 RSASSA-PSS parameters ASN1 (MGAlg.params.alg not an OID) +x509_parse_rsassa_pss_params:"A11A301806092A864886F70D010108300B0709608648016503040201":ASN1_CONSTRUCTED | ASN1_SEQUENCE:POLARSSL_MD_SHA1:POLARSSL_MD_SHA256:20:POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_UNEXPECTED_TAG + +X509 RSASSA-PSS parameters ASN1 (MGAlg.params.alg unknown OID) +x509_parse_rsassa_pss_params:"A11A301806092A864886F70D010108300B06096086480165030402FF":ASN1_CONSTRUCTED | ASN1_SEQUENCE:POLARSSL_MD_SHA1:POLARSSL_MD_SHA256:20:POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_OID_NOT_FOUND + +X509 RSASSA-PSS parameters ASN1 (MGAlg.params.params NULL) +x509_parse_rsassa_pss_params:"A11C301A06092A864886F70D010108300D06096086480165030402010500":ASN1_CONSTRUCTED | ASN1_SEQUENCE:POLARSSL_MD_SHA1:POLARSSL_MD_SHA256:20:0 + +X509 RSASSA-PSS parameters ASN1 (MGAlg.params.params wrong tag) +x509_parse_rsassa_pss_params:"A11C301A06092A864886F70D010108300D06096086480165030402013000":ASN1_CONSTRUCTED | ASN1_SEQUENCE:POLARSSL_MD_SHA1:POLARSSL_MD_SHA256:20:POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_UNEXPECTED_TAG + +X509 RSASSA-PSS parameters ASN1 (MGAlg.params wrong len #1c) +x509_parse_rsassa_pss_params:"A11D301B06092A864886F70D010108300E06096086480165030402010500":ASN1_CONSTRUCTED | ASN1_SEQUENCE:POLARSSL_MD_SHA1:POLARSSL_MD_SHA256:20:POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA + +X509 RSASSA-PSS parameters ASN1 (MGAlg.params wrong len #2) +x509_parse_rsassa_pss_params:"A11D301B06092A864886F70D010108300E0609608648016503040201050000":ASN1_CONSTRUCTED | ASN1_SEQUENCE:POLARSSL_MD_SHA1:POLARSSL_MD_SHA256:20:POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_LENGTH_MISMATCH + +X509 RSASSA-PSS parameters ASN1 (good, saltLen = 94) +x509_parse_rsassa_pss_params:"A20302015E":ASN1_CONSTRUCTED | ASN1_SEQUENCE:POLARSSL_MD_SHA1:POLARSSL_MD_SHA1:94:0 + +X509 RSASSA-PSS parameters ASN1 (good, explicit saltLen = default) +x509_parse_rsassa_pss_params:"A203020114":ASN1_CONSTRUCTED | ASN1_SEQUENCE:POLARSSL_MD_SHA1:POLARSSL_MD_SHA1:20:0 + +X509 RSASSA-PSS parameters ASN1 (saltLen wrong len #1) +x509_parse_rsassa_pss_params:"A20402015E":ASN1_CONSTRUCTED | ASN1_SEQUENCE:POLARSSL_MD_SHA1:POLARSSL_MD_SHA1:94:POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA + +X509 RSASSA-PSS parameters ASN1 (saltLen wrong len #2) +x509_parse_rsassa_pss_params:"A20402015E00":ASN1_CONSTRUCTED | ASN1_SEQUENCE:POLARSSL_MD_SHA1:POLARSSL_MD_SHA1:94:POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_LENGTH_MISMATCH + +X509 RSASSA-PSS parameters ASN1 (saltLen not an int) +x509_parse_rsassa_pss_params:"A2023000":ASN1_CONSTRUCTED | ASN1_SEQUENCE:POLARSSL_MD_SHA1:POLARSSL_MD_SHA1:94:POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_UNEXPECTED_TAG + +X509 RSASSA-PSS parameters ASN1 (good, explicit trailerField = default) +x509_parse_rsassa_pss_params:"A303020101":ASN1_CONSTRUCTED | ASN1_SEQUENCE:POLARSSL_MD_SHA1:POLARSSL_MD_SHA1:20:0 + +X509 RSASSA-PSS parameters ASN1 (trailerField wrong len #1) +x509_parse_rsassa_pss_params:"A304020101":ASN1_CONSTRUCTED | ASN1_SEQUENCE:POLARSSL_MD_SHA1:POLARSSL_MD_SHA1:20:POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA + +X509 RSASSA-PSS parameters ASN1 (trailerField wrong len #2) +x509_parse_rsassa_pss_params:"A30402010100":ASN1_CONSTRUCTED | ASN1_SEQUENCE:POLARSSL_MD_SHA1:POLARSSL_MD_SHA1:20:POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_LENGTH_MISMATCH + +X509 RSASSA-PSS parameters ASN1 (trailerField not an int) +x509_parse_rsassa_pss_params:"A3023000":ASN1_CONSTRUCTED | ASN1_SEQUENCE:POLARSSL_MD_SHA1:POLARSSL_MD_SHA1:20:POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_UNEXPECTED_TAG + +X509 RSASSA-PSS parameters ASN1 (trailerField not 1) +x509_parse_rsassa_pss_params:"A303020102":ASN1_CONSTRUCTED | ASN1_SEQUENCE:POLARSSL_MD_SHA1:POLARSSL_MD_SHA1:20:POLARSSL_ERR_X509_INVALID_ALG + diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function index 91b53aa0e5..b7a1095123 100644 --- a/tests/suites/test_suite_x509parse.function +++ b/tests/suites/test_suite_x509parse.function @@ -373,6 +373,37 @@ void x509_check_extended_key_usage( char *crt_file, char *usage_hex, int ret ) } /* END_CASE */ +/* BEGIN_CASE depends_on:POLARSSL_X509_CRT_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES */ +void x509_parse_rsassa_pss_params( char *hex_params, int params_tag, + int ref_msg_md, int ref_mgf_md, + int ref_salt_len, int ref_ret ) +{ + int my_ret; + x509_buf params; + md_type_t my_msg_md, my_mgf_md; + int my_salt_len; + + params.p = unhexify_alloc( hex_params, ¶ms.len ); + params.tag = params_tag; + + my_ret = x509_get_rsassa_pss_params( ¶ms, &my_msg_md, &my_mgf_md, + &my_salt_len ); + + if( my_ret != ref_ret ) printf( "\n%04X\n", - my_ret ); + + TEST_ASSERT( my_ret == ref_ret ); + + if( ref_ret == 0 ) + { + TEST_ASSERT( my_msg_md == (md_type_t) ref_msg_md ); + TEST_ASSERT( my_mgf_md == (md_type_t) ref_mgf_md ); + TEST_ASSERT( my_salt_len == ref_salt_len ); + } + + polarssl_free( params.p ); +} +/* END_CASE */ + /* BEGIN_CASE depends_on:POLARSSL_X509_CRT_PARSE_C:POLARSSL_SELF_TEST */ void x509_selftest() { From d1539b1e88903e9895a67e53bc15ccde495e8589 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 6 Jun 2014 16:42:37 +0200 Subject: [PATCH 29/34] Rename RSASSA_PSS_CERTIFICATES to X509_RSASSA_PSS_SUPPORT --- include/polarssl/check_config.h | 4 +- include/polarssl/config.h | 20 ++++----- include/polarssl/x509.h | 2 +- library/x509.c | 10 ++--- library/x509_crl.c | 2 +- library/x509_crt.c | 2 +- library/x509_csr.c | 2 +- tests/suites/test_suite_x509parse.data | 52 +++++++++++----------- tests/suites/test_suite_x509parse.function | 2 +- 9 files changed, 48 insertions(+), 48 deletions(-) diff --git a/include/polarssl/check_config.h b/include/polarssl/check_config.h index 4f3e48c52f..328b881ea3 100644 --- a/include/polarssl/check_config.h +++ b/include/polarssl/check_config.h @@ -197,9 +197,9 @@ #error "POLARSSL_RSA_C defined, but not all prerequisites" #endif -#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) && \ +#if defined(POLARSSL_X509_RSASSA_PSS_SUPPORT) && \ ( !defined(POLARSSL_RSA_C) || !defined(POLARSSL_PKCS1_V21) ) -#error "POLARSSL_RSASSA_PSS_CERTIFICATES defined, but not all prerequisites" +#error "POLARSSL_X509_RSASSA_PSS_SUPPORT defined, but not all prerequisites" #endif #if defined(POLARSSL_SSL_PROTO_SSL3) && ( !defined(POLARSSL_MD5_C) || \ diff --git a/include/polarssl/config.h b/include/polarssl/config.h index 1d1533810d..0dca560e2e 100644 --- a/include/polarssl/config.h +++ b/include/polarssl/config.h @@ -220,16 +220,6 @@ //#define POLARSSL_SHA256_ALT //#define POLARSSL_SHA512_ALT -/** - * \def POLARSSL_RSASSA_PSS_CERTIFICATES - * - * Enable parsing and verification of X.509 certificates, CRLs and CSRS - * signed with RSASSA-PSS (aka PKCS#1 v2.1). - * - * Comment this macro to disallow using RSASSA-PSS in certificates. - */ -#define POLARSSL_RSASSA_PSS_CERTIFICATES - /** * \def POLARSSL_AES_ROM_TABLES * @@ -1025,6 +1015,16 @@ */ #define POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE +/** + * \def POLARSSL_X509_RSASSA_PSS_SUPPORT + * + * Enable parsing and verification of X.509 certificates, CRLs and CSRS + * signed with RSASSA-PSS (aka PKCS#1 v2.1). + * + * Comment this macro to disallow using RSASSA-PSS in certificates. + */ +#define POLARSSL_X509_RSASSA_PSS_SUPPORT + /** * \def POLARSSL_ZLIB_SUPPORT * diff --git a/include/polarssl/x509.h b/include/polarssl/x509.h index bd34617c56..583cb83205 100644 --- a/include/polarssl/x509.h +++ b/include/polarssl/x509.h @@ -278,7 +278,7 @@ int x509_get_alg_null( unsigned char **p, const unsigned char *end, x509_buf *alg ); int x509_get_alg( unsigned char **p, const unsigned char *end, x509_buf *alg, x509_buf *params ); -#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) +#if defined(POLARSSL_X509_RSASSA_PSS_SUPPORT) int x509_get_rsassa_pss_params( const x509_buf *params, md_type_t *md_alg, md_type_t *mgf_md, int *salt_len ); diff --git a/library/x509.c b/library/x509.c index 57dfd64fd4..7b5ec5f619 100644 --- a/library/x509.c +++ b/library/x509.c @@ -137,7 +137,7 @@ int x509_get_alg( unsigned char **p, const unsigned char *end, return( 0 ); } -#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) +#if defined(POLARSSL_X509_RSASSA_PSS_SUPPORT) /* * HashAlgorithm ::= AlgorithmIdentifier * @@ -338,7 +338,7 @@ int x509_get_rsassa_pss_params( const x509_buf *params, return( 0 ); } -#endif /* POLARSSL_RSASSA_PSS_CERTIFICATES */ +#endif /* POLARSSL_X509_RSASSA_PSS_SUPPORT */ /* * AttributeTypeAndValue ::= SEQUENCE { @@ -570,7 +570,7 @@ int x509_get_sig_alg( const x509_buf *sig_oid, const x509_buf *sig_params, if( ( ret = oid_get_sig_alg( sig_oid, md_alg, pk_alg ) ) != 0 ) return( POLARSSL_ERR_X509_UNKNOWN_SIG_ALG + ret ); -#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) +#if defined(POLARSSL_X509_RSASSA_PSS_SUPPORT) if( *pk_alg == POLARSSL_PK_RSASSA_PSS ) { pk_rsassa_pss_options *pss_opts; @@ -854,7 +854,7 @@ int x509_sig_alg_gets( char *buf, size_t size, const x509_buf *sig_oid, ret = snprintf( p, n, "%s", desc ); SAFE_SNPRINTF(); -#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) +#if defined(POLARSSL_X509_RSASSA_PSS_SUPPORT) if( pk_alg == POLARSSL_PK_RSASSA_PSS ) { const pk_rsassa_pss_options *pss_opts; @@ -875,7 +875,7 @@ int x509_sig_alg_gets( char *buf, size_t size, const x509_buf *sig_oid, ((void) pk_alg); ((void) md_alg); ((void) sig_opts); -#endif /* POLARSSL_RSASSA_PSS_CERTIFICATES */ +#endif /* POLARSSL_X509_RSASSA_PSS_SUPPORT */ return( (int) size - n ); } diff --git a/library/x509_crl.c b/library/x509_crl.c index 2191b47c8b..8035ee40e2 100644 --- a/library/x509_crl.c +++ b/library/x509_crl.c @@ -716,7 +716,7 @@ void x509_crl_free( x509_crl *crl ) do { -#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) +#if defined(POLARSSL_X509_RSASSA_PSS_SUPPORT) polarssl_free( crl_cur->sig_opts ); #endif diff --git a/library/x509_crt.c b/library/x509_crt.c index 315d98bf88..fa09596f05 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -1921,7 +1921,7 @@ void x509_crt_free( x509_crt *crt ) { pk_free( &cert_cur->pk ); -#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) +#if defined(POLARSSL_X509_RSASSA_PSS_SUPPORT) polarssl_free( cert_cur->sig_opts ); #endif diff --git a/library/x509_csr.c b/library/x509_csr.c index 1c70a3373b..529e7e4238 100644 --- a/library/x509_csr.c +++ b/library/x509_csr.c @@ -420,7 +420,7 @@ void x509_csr_free( x509_csr *csr ) pk_free( &csr->pk ); -#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) +#if defined(POLARSSL_X509_RSASSA_PSS_SUPPORT) polarssl_free( csr->sig_opts ); #endif diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index 3df0982675..0dbbdacfb9 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -43,23 +43,23 @@ depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSA_C x509_cert_info:"data_files/cert_sha512.crt":"cert. version \: 3\nserial number \: 0B\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA512\nissued on \: 2011-02-12 14\:44\:07\nexpires on \: 2021-02-12 14\:44\:07\nsigned using \: RSA with SHA-512\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" X509 Certificate information RSA-PSS, SHA1 Digest -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA1_C +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_X509_RSASSA_PSS_SUPPORT:POLARSSL_SHA1_C x509_cert_info:"data_files/server9.crt":"cert. version \: 3\nserial number \: 16\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:38\:16\nexpires on \: 2024-01-18 13\:38\:16\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0xEA)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" X509 Certificate information RSA-PSS, SHA224 Digest -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA256_C +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_X509_RSASSA_PSS_SUPPORT:POLARSSL_SHA256_C x509_cert_info:"data_files/server9-sha224.crt":"cert. version \: 3\nserial number \: 17\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:36\nexpires on \: 2024-01-18 13\:57\:36\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0xE2)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" X509 Certificate information RSA-PSS, SHA256 Digest -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA256_C +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_X509_RSASSA_PSS_SUPPORT:POLARSSL_SHA256_C x509_cert_info:"data_files/server9-sha256.crt":"cert. version \: 3\nserial number \: 18\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:45\nexpires on \: 2024-01-18 13\:57\:45\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0xDE)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" X509 Certificate information RSA-PSS, SHA384 Digest -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA512_C +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_X509_RSASSA_PSS_SUPPORT:POLARSSL_SHA512_C x509_cert_info:"data_files/server9-sha384.crt":"cert. version \: 3\nserial number \: 19\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:58\nexpires on \: 2024-01-18 13\:57\:58\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0xCE)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" X509 Certificate information RSA-PSS, SHA512 Digest -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA512_C +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_X509_RSASSA_PSS_SUPPORT:POLARSSL_SHA512_C x509_cert_info:"data_files/server9-sha512.crt":"cert. version \: 3\nserial number \: 1A\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:58\:12\nexpires on \: 2024-01-18 13\:58\:12\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0xBE)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" X509 Certificate information EC, SHA1 Digest @@ -151,23 +151,23 @@ depends_on:POLARSSL_PEM_PARSE_C x509_crl_info:"data_files/crl_sha512.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-512\n" X509 CRL information RSA-PSS, SHA1 Digest -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA1_C +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_X509_RSASSA_PSS_SUPPORT:POLARSSL_SHA1_C x509_crl_info:"data_files/crl-rsa-pss-sha1.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:46\:35\nnext update \: 2024-01-18 13\:46\:35\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0xEA)\n" X509 CRL information RSA-PSS, SHA224 Digest -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA256_C +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_X509_RSASSA_PSS_SUPPORT:POLARSSL_SHA256_C x509_crl_info:"data_files/crl-rsa-pss-sha224.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:06\nnext update \: 2024-01-18 13\:56\:06\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0xE2)\n" X509 CRL information RSA-PSS, SHA256 Digest -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA256_C +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_X509_RSASSA_PSS_SUPPORT:POLARSSL_SHA256_C x509_crl_info:"data_files/crl-rsa-pss-sha256.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:16\nnext update \: 2024-01-18 13\:56\:16\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0xDE)\n" X509 CRL information RSA-PSS, SHA384 Digest -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA512_C +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_X509_RSASSA_PSS_SUPPORT:POLARSSL_SHA512_C x509_crl_info:"data_files/crl-rsa-pss-sha384.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:28\nnext update \: 2024-01-18 13\:56\:28\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0xCE)\n" X509 CRL information RSA-PSS, SHA512 Digest -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA512_C +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_X509_RSASSA_PSS_SUPPORT:POLARSSL_SHA512_C x509_crl_info:"data_files/crl-rsa-pss-sha512.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:38\nnext update \: 2024-01-18 13\:56\:38\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0xBE)\n" X509 CRL Information EC, SHA1 Digest @@ -239,23 +239,23 @@ depends_on:POLARSSL_PEM_PARSE_C x509_csr_info:"data_files/server5.req.sha512":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA512\nEC key size \: 256 bits\n" X509 CSR Information RSA-PSS with SHA1 -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA1_C +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_X509_RSASSA_PSS_SUPPORT:POLARSSL_SHA1_C x509_csr_info:"data_files/server9.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0x6A)\nRSA key size \: 1024 bits\n" X509 CSR Information RSA-PSS with SHA224 -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA256_C +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_X509_RSASSA_PSS_SUPPORT:POLARSSL_SHA256_C x509_csr_info:"data_files/server9.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0x62)\nRSA key size \: 1024 bits\n" X509 CSR Information RSA-PSS with SHA256 -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA256_C +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_X509_RSASSA_PSS_SUPPORT:POLARSSL_SHA256_C x509_csr_info:"data_files/server9.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0x5E)\nRSA key size \: 1024 bits\n" X509 CSR Information RSA-PSS with SHA384 -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA512_C +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_X509_RSASSA_PSS_SUPPORT:POLARSSL_SHA512_C x509_csr_info:"data_files/server9.req.sha384":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0x4E)\nRSA key size \: 1024 bits\n" X509 CSR Information RSA-PSS with SHA512 -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA512_C +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_X509_RSASSA_PSS_SUPPORT:POLARSSL_SHA512_C x509_csr_info:"data_files/server9.req.sha512":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA512, MGF1-SHA512, 0x3E)\nRSA key size \: 1024 bits\n" X509 Get Distinguished Name #1 @@ -571,47 +571,47 @@ depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_ECDSA_C:POLARSSL_SHA256_C:POLARSSL_X509 x509_verify:"data_files/server5.crt":"data_files/test-ca2.ku-ds.crt":"data_files/crl-ec-sha256.pem":"NULL":POLARSSL_ERR_X509_CERT_VERIFY_FAILED:BADCERT_NOT_TRUSTED:"NULL" X509 Certificate verification #57 (Valid, RSASSA-PSS, SHA-1) -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA1_C +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_X509_RSASSA_PSS_SUPPORT:POLARSSL_SHA1_C x509_verify:"data_files/server9.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"NULL" X509 Certificate verification #58 (Valid, RSASSA-PSS, SHA-224) -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA256_C +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_X509_RSASSA_PSS_SUPPORT:POLARSSL_SHA256_C x509_verify:"data_files/server9-sha224.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha224.pem":"NULL":0:0:"NULL" X509 Certificate verification #59 (Valid, RSASSA-PSS, SHA-256) -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA256_C +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_X509_RSASSA_PSS_SUPPORT:POLARSSL_SHA256_C x509_verify:"data_files/server9-sha256.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha256.pem":"NULL":0:0:"NULL" X509 Certificate verification #60 (Valid, RSASSA-PSS, SHA-384) -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA512_C +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_X509_RSASSA_PSS_SUPPORT:POLARSSL_SHA512_C x509_verify:"data_files/server9-sha384.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha384.pem":"NULL":0:0:"NULL" X509 Certificate verification #61 (Valid, RSASSA-PSS, SHA-512) -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA512_C +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_X509_RSASSA_PSS_SUPPORT:POLARSSL_SHA512_C x509_verify:"data_files/server9-sha512.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha512.pem":"NULL":0:0:"NULL" X509 Certificate verification #62 (Revoked, RSASSA-PSS, SHA-1) -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA1_C +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_X509_RSASSA_PSS_SUPPORT:POLARSSL_SHA1_C x509_verify:"data_files/server9.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha1.pem":"NULL":POLARSSL_ERR_X509_CERT_VERIFY_FAILED:BADCERT_REVOKED:"NULL" X509 Certificate verification #63 (Revoked, RSASSA-PSS, SHA-1, CRL badsign) -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA1_C +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_X509_RSASSA_PSS_SUPPORT:POLARSSL_SHA1_C x509_verify:"data_files/server9.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha1-badsign.pem":"NULL":POLARSSL_ERR_X509_CERT_VERIFY_FAILED:BADCRL_NOT_TRUSTED:"NULL" X509 Certificate verification #64 (Valid, RSASSA-PSS, SHA-1, not top) -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA1_C +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_X509_RSASSA_PSS_SUPPORT:POLARSSL_SHA1_C x509_verify:"data_files/server9-with-ca.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"NULL" X509 Certificate verification #65 (RSASSA-PSS, SHA1, bad cert signature) -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA1_C +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_X509_RSASSA_PSS_SUPPORT:POLARSSL_SHA1_C x509_verify:"data_files/server9-badsign.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":POLARSSL_ERR_X509_CERT_VERIFY_FAILED:BADCERT_NOT_TRUSTED:"NULL" X509 Certificate verification #66 (RSASSA-PSS, SHA1, no RSA CA) -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA1_C +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_X509_RSASSA_PSS_SUPPORT:POLARSSL_SHA1_C x509_verify:"data_files/server9.crt":"data_files/test-ca2.crt":"data_files/crl.pem":"NULL":POLARSSL_ERR_X509_CERT_VERIFY_FAILED:BADCERT_NOT_TRUSTED:"NULL" X509 Certificate verification #67 (Valid, RSASSA-PSS, all defaults) -depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES:POLARSSL_SHA1_C +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_X509_RSASSA_PSS_SUPPORT:POLARSSL_SHA1_C x509_verify:"data_files/server9-defaults.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha1.pem":"NULL":0:0:"NULL" X509 Parse Selftest diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function index b7a1095123..5c4c29e597 100644 --- a/tests/suites/test_suite_x509parse.function +++ b/tests/suites/test_suite_x509parse.function @@ -373,7 +373,7 @@ void x509_check_extended_key_usage( char *crt_file, char *usage_hex, int ret ) } /* END_CASE */ -/* BEGIN_CASE depends_on:POLARSSL_X509_CRT_PARSE_C:POLARSSL_RSASSA_PSS_CERTIFICATES */ +/* BEGIN_CASE depends_on:POLARSSL_X509_CRT_PARSE_C:POLARSSL_X509_RSASSA_PSS_SUPPORT */ void x509_parse_rsassa_pss_params( char *hex_params, int params_tag, int ref_msg_md, int ref_mgf_md, int ref_salt_len, int ref_ret ) From 97049c26d81ceeb4a519381a6563d96405c7cc16 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 6 Jun 2014 17:00:03 +0200 Subject: [PATCH 30/34] Add forgotten depends in test --- tests/suites/test_suite_x509parse.data | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index 0dbbdacfb9..2d71c3b64c 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -697,6 +697,7 @@ X509 Certificate ASN1 (TBSCertificate, correct alg, unknown specific alg_id) x509parse_crt:"301c301aa0030201028204deadbeef300d06092a864886f70d0101010500":"":POLARSSL_ERR_X509_UNKNOWN_SIG_ALG + POLARSSL_ERR_OID_NOT_FOUND X509 Certificate ASN1 (TBSCertificate, correct alg, bad RSASSA-PSS params) +depends_on:POLARSSL_X509_RSASSA_PSS_SUPPORT x509parse_crt:"30193017A003020102020118300D06092A864886F70D01010A3100":"":POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_UNEXPECTED_TAG X509 Certificate ASN1 (TBSCertificate, issuer no set data) From 5873b00b7ffce586f706eb03f73c56ba273fbb6e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 6 Jun 2014 18:04:09 +0200 Subject: [PATCH 31/34] Add pathological RSASSA-PSS test certificates Certificates announcing different PSS options than the ones actually used for the signature. Makes sure the options are correctly passed to the verification function. --- tests/data_files/server9-bad-mgfhash.crt | 20 ++++++++++++++++++++ tests/data_files/server9-bad-saltlen.crt | 20 ++++++++++++++++++++ tests/suites/test_suite_x509parse.data | 8 ++++++++ 3 files changed, 48 insertions(+) create mode 100644 tests/data_files/server9-bad-mgfhash.crt create mode 100644 tests/data_files/server9-bad-saltlen.crt diff --git a/tests/data_files/server9-bad-mgfhash.crt b/tests/data_files/server9-bad-mgfhash.crt new file mode 100644 index 0000000000..34ef69e031 --- /dev/null +++ b/tests/data_files/server9-bad-mgfhash.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDWzCCAhKgAwIBAgIBGDA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEa +MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgSiBAICAN4wOzELMAkGA1UEBhMCTkwx +ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X +DTE0MDEyMDEzNTc0NVoXDTI0MDExODEzNTc0NVowNDELMAkGA1UEBhMCTkwxETAP +BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN +AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C +uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI +i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV +AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy +36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ +BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg +VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEaMBgGCSqG +SIb3DQEBCDALBglghkgBZQMEAgSiBAICAN4DggEBAIfliohNjz4CLGbHWgWRBFQ3 +Difn027ZnULTvokT67ii1sJzESzqaIakyyu8GRwfoFRNh/rbGfe4C6e9SkwKbnDg +WE9SWbK6ukIQbMy69C+CVqFlRUHbONw/dmcneAWyZYGx/2Sf4D5kkpIWNDBeKuaV +H69XPZCeN3QAACmdAfo4NYW0I69a1OSaUrTyGT1nBOrzQ8Y0aJBnCJAte49bhQEW +KJv0kMj+8ZG1X0RoSdklf3GqdLUbsfJ2txu14GGAxy4C1gl2JWzoBHN5LMLf0cZ9 +uEYui7N/5bkSv8KXdbGvSzgn6zZ0MiCJMiiGEf0L1FxBiBCVsK4C2idpiZH+e28= +-----END CERTIFICATE----- diff --git a/tests/data_files/server9-bad-saltlen.crt b/tests/data_files/server9-bad-saltlen.crt new file mode 100644 index 0000000000..f4da8832ff --- /dev/null +++ b/tests/data_files/server9-bad-saltlen.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDWzCCAhKgAwIBAgIBGDA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEa +MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4wOzELMAkGA1UEBhMCTkwx +ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X +DTE0MDEyMDEzNTc0NVoXDTI0MDExODEzNTc0NVowNDELMAkGA1UEBhMCTkwxETAP +BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN +AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C +uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI +i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV +AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy +36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ +BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg +VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEaMBgGCSqG +SIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4DggEBAE7T54cyUf0ByNr34JaojFam +hV0T9QSc4wJ17sX67rxYIorXU8MynaneJzFxD9utOD3dq2TON18VswhT2McDgefl +XMwivCC0nWod8Pk638QaHxbaqC7XSq0QRBfOMXwV7knLNxI8smc9UJaco39VEcGD +yCkq4By/VCWTpvJ+1hx4zZ8WoXpFJFM5m5y9oEz4lgNv/6Wu7ILztyOk2yJiSR8r +YooC4zVeUOZuDO6At/NXZuSvmKmr+tfFrFA1AA/7yR5odQbqFVNSJ+u0x1Jv8Ra6 +JXA4cXsnaDaRe+Wm0L0p+2PtQWXE5npXYIbFHAA9EOC3Ab8oaP9M/F6yQMa/2is= +-----END CERTIFICATE----- diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index 2d71c3b64c..ba92716a56 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -614,6 +614,14 @@ X509 Certificate verification #67 (Valid, RSASSA-PSS, all defaults) depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_X509_RSASSA_PSS_SUPPORT:POLARSSL_SHA1_C x509_verify:"data_files/server9-defaults.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha1.pem":"NULL":0:0:"NULL" +X509 Certificate verification #68 (RSASSA-PSS, wrong salt_len) +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_X509_RSASSA_PSS_SUPPORT:POLARSSL_SHA256_C +x509_verify:"data_files/server9-bad-saltlen.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":POLARSSL_ERR_X509_CERT_VERIFY_FAILED:BADCERT_NOT_TRUSTED:"NULL" + +X509 Certificate verification #69 (RSASSA-PSS, wrong mgf_hash) +depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_X509_RSASSA_PSS_SUPPORT:POLARSSL_SHA256_C +x509_verify:"data_files/server9-bad-mgfhash.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":POLARSSL_ERR_X509_CERT_VERIFY_FAILED:BADCERT_NOT_TRUSTED:"NULL" + X509 Parse Selftest depends_on:POLARSSL_SHA1_C:POLARSSL_PEM_PARSE_C:POLARSSL_CERTS_C x509_selftest: From b47987195621ccb204a3a0f75f3de7bfb70f564a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 6 Jun 2014 18:10:44 +0200 Subject: [PATCH 32/34] Update Changelog for RSASSA-PSS in X.509 --- ChangeLog | 2 ++ 1 file changed, 2 insertions(+) diff --git a/ChangeLog b/ChangeLog index bbfc3234c9..e0156ecc0e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -8,6 +8,8 @@ TODO: bump SOVERSION for ABI change Features * Add CCM module and cipher mode to Cipher Layer * Support for CCM and CCM_8 ciphersuites + * Support for parsing and verifying RSASSA-PSS signatures in the X.509 + modules (certificates, CRLs and CSRs). Bugfix * Fix in debug_print_msg() From f51183a2621821bad520d559e0d80d64f376f815 Mon Sep 17 00:00:00 2001 From: Paul Bakker Date: Thu, 12 Jun 2014 21:53:40 +0200 Subject: [PATCH 33/34] Revert deleted PolarSSL 1.3.4 release line in ChangeLog --- ChangeLog | 1 + 1 file changed, 1 insertion(+) diff --git a/ChangeLog b/ChangeLog index e0156ecc0e..5716b16aba 100644 --- a/ChangeLog +++ b/ChangeLog @@ -163,6 +163,7 @@ Bugfix * Fix typo in rsa_copy() that impacted PKCS#1 v2 contexts * x509_get_current_time() uses localtime_r() to prevent thread issues += PolarSSL 1.3.4 released on 2014-01-27 Features * Support for the Koblitz curves: secp192k1, secp224k1, secp256k1 * Support for RIPEMD-160 From 6dade7c0538dd6aeea32561ed7a66106a59c6d61 Mon Sep 17 00:00:00 2001 From: Paul Bakker Date: Thu, 12 Jun 2014 22:02:14 +0200 Subject: [PATCH 34/34] Fix typos and spacing --- include/polarssl/x509_crl.h | 2 +- include/polarssl/x509_crt.h | 2 +- include/polarssl/x509_csr.h | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/include/polarssl/x509_crl.h b/include/polarssl/x509_crl.h index 067d5e6d59..3016b8754b 100644 --- a/include/polarssl/x509_crl.h +++ b/include/polarssl/x509_crl.h @@ -93,7 +93,7 @@ typedef struct _x509_crl x509_buf sig; md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. POLARSSL_MD_SHA256 */ pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */ - void *sig_opts; /**< Signature options to be passed to pk_verify_ext(), eg for RSASSA-PSS */ + void *sig_opts; /**< Signature options to be passed to pk_verify_ext(), e.g. for RSASSA-PSS */ struct _x509_crl *next; } diff --git a/include/polarssl/x509_crt.h b/include/polarssl/x509_crt.h index 57dbed2361..e90e3576bc 100644 --- a/include/polarssl/x509_crt.h +++ b/include/polarssl/x509_crt.h @@ -93,7 +93,7 @@ typedef struct _x509_crt x509_buf sig; /**< Signature: hash of the tbs part signed with the private key. */ md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. POLARSSL_MD_SHA256 */ pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */ - void *sig_opts; /**< Signature options to be passed to pk_verify_ext(), eg for RSASSA-PSS */ + void *sig_opts; /**< Signature options to be passed to pk_verify_ext(), e.g. for RSASSA-PSS */ struct _x509_crt *next; /**< Next certificate in the CA-chain. */ } diff --git a/include/polarssl/x509_csr.h b/include/polarssl/x509_csr.h index a4bad3f787..4328598f36 100644 --- a/include/polarssl/x509_csr.h +++ b/include/polarssl/x509_csr.h @@ -67,7 +67,7 @@ typedef struct _x509_csr x509_buf sig; md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. POLARSSL_MD_SHA256 */ pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */ - void *sig_opts; /**< Signature options to be passed to pk_verify_ext(), eg for RSASSA-PSS */ + void *sig_opts; /**< Signature options to be passed to pk_verify_ext(), e.g. for RSASSA-PSS */ } x509_csr;