Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

account for rsa_pss_rsae vs rsa_pss_pss type #8263

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
+69 −6
Open

account for rsa_pss_rsae vs rsa_pss_pss type #8263

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
6cc3546
account for rsa_pss_rsae vs rsa_pss_pss type
JacobBarthelmeh Dec 7, 2024
bf1d60f
account for rsa_pss_pss with TLS 1.2
JacobBarthelmeh Dec 10, 2024
6b7ba19
add test case for RSA PSS certificate interop
JacobBarthelmeh Dec 10, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 20 additions & 0 deletions scripts/openssl.test
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1228,6 +1228,26 @@ do
done
IFS="$OIFS" #restore separator

# Test for RSA-PSS certs
echo -e "Doing interop RSA-PSS test"
generate_port
server_port=$port
openssl s_server -accept $server_port -key ${CERT_DIR}/rsapss/server-rsapss-priv.pem -cert ${CERT_DIR}/rsapss/server-rsapss.pem &
server_pid=$?

servers="$servers wolfSSL_RSA_PSS:$server_pid:$server_port"

cert=""
key=""
caCert="${CERT_DIR}/rsapss/ca-rsapss.pem"
wolfSuite="ALL"
version="4"
port=$openssl_port
do_wolfssl_client

version="3"
do_wolfssl_client

do_cleanup

echo -e "wolfSSL total cases $wolf_cases_total"
Expand Down
12 changes: 11 additions & 1 deletion src/internal.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4910,7 +4910,7 @@ int RsaVerify(WOLFSSL* ssl, byte* in, word32 inSz, byte** out, int sigAlgo,
#endif

#if defined(WC_RSA_PSS)
if (sigAlgo == rsa_pss_sa_algo) {
if (sigAlgo == rsa_pss_sa_algo || sigAlgo == rsa_pss_pss_algo) {
enum wc_HashType hashType = WC_HASH_TYPE_NONE;
int mgf = 0;

Expand Down Expand Up @@ -31892,6 +31892,13 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
}
else
#endif
#ifdef WC_RSA_PSS
if (sigAlgo == rsa_pss_pss_algo &&
ssl->options.peerSigAlgo == rsa_sa_algo) {
ssl->options.peerSigAlgo = sigAlgo;
}
else
#endif
#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
if (sigAlgo == sm2_sa_algo &&
ssl->options.peerSigAlgo == ecc_dsa_sa_algo) {
Expand Down Expand Up @@ -31958,6 +31965,7 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
#ifndef NO_RSA
#ifdef WC_RSA_PSS
case rsa_pss_sa_algo:
case rsa_pss_pss_algo:
#endif
case rsa_sa_algo:
{
Expand Down Expand Up @@ -32058,6 +32066,7 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
#ifndef NO_RSA
#ifdef WC_RSA_PSS
case rsa_pss_sa_algo:
case rsa_pss_pss_algo:
#endif
case rsa_sa_algo:
{
Expand Down Expand Up @@ -32269,6 +32278,7 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
#ifndef NO_RSA
#ifdef WC_RSA_PSS
case rsa_pss_sa_algo:
case rsa_pss_pss_algo:
#ifdef HAVE_SELFTEST
ret = wc_RsaPSS_CheckPadding(
ssl->buffers.digest.buffer,
Expand Down
36 changes: 31 additions & 5 deletions src/tls13.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7932,6 +7932,27 @@ static void EncodeDualSigAlg(byte sigAlg, byte altSigAlg, byte* output)
}
#endif /* WOLFSSL_DUAL_ALG_CERTS */

static enum wc_MACAlgorithm GetNewSAHashAlgo(int typeIn)
{
switch (typeIn) {
case RSA_PSS_RSAE_SHA256_MINOR:
case RSA_PSS_PSS_SHA256_MINOR:
return sha256_mac;

case RSA_PSS_RSAE_SHA384_MINOR:
case RSA_PSS_PSS_SHA384_MINOR:
return sha384_mac;

case RSA_PSS_RSAE_SHA512_MINOR:
case RSA_PSS_PSS_SHA512_MINOR:
case ED25519_SA_MINOR:
case ED448_SA_MINOR:
return sha512_mac;
default:
return no_mac;
}
}

/* Decode the signature algorithm.
*
* input The encoded signature algorithm.
Expand All @@ -7956,25 +7977,30 @@ static WC_INLINE int DecodeTls13SigAlg(byte* input, byte* hashAlgo,
break;
#endif
case NEW_SA_MAJOR:
/* PSS signatures: 0x080[4-6] */
if (input[1] >= sha256_mac && input[1] <= sha512_mac) {
*hashAlgo = GetNewSAHashAlgo(input[1]);

/* PSS encryption: 0x080[4-6] */
if (input[1] >= RSA_PSS_RSAE_SHA256_MINOR &&
input[1] <= RSA_PSS_RSAE_SHA512_MINOR) {
*hsType = input[0];
}
/* PSS signature: 0x080[9-B] */
else if (input[1] >= RSA_PSS_PSS_SHA256_MINOR &&
input[1] <= RSA_PSS_PSS_SHA512_MINOR) {
*hsType = input[0];
*hashAlgo = input[1];
}
#ifdef HAVE_ED25519
/* ED25519: 0x0807 */
else if (input[1] == ED25519_SA_MINOR) {
*hsType = ed25519_sa_algo;
/* Hash performed as part of sign/verify operation. */
*hashAlgo = sha512_mac;
}
#endif
#ifdef HAVE_ED448
/* ED448: 0x0808 */
else if (input[1] == ED448_SA_MINOR) {
*hsType = ed448_sa_algo;
/* Hash performed as part of sign/verify operation. */
*hashAlgo = sha512_mac;
}
#endif
else
Expand Down
7 changes: 7 additions & 0 deletions wolfssl/internal.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1813,6 +1813,13 @@ enum Misc {
MAX_CURVE_NAME_SZ = 18, /* Maximum size of curve name string */

NEW_SA_MAJOR = 8, /* Most significant byte used with new sig algos */
RSA_PSS_RSAE_SHA256_MINOR = 0x04,
RSA_PSS_RSAE_SHA384_MINOR = 0x05,
RSA_PSS_RSAE_SHA512_MINOR = 0x06,
RSA_PSS_PSS_SHA256_MINOR = 0x09,
RSA_PSS_PSS_SHA384_MINOR = 0x0A,
RSA_PSS_PSS_SHA512_MINOR = 0x0B,

ED25519_SA_MAJOR = 8, /* Most significant byte for ED25519 */
ED25519_SA_MINOR = 7, /* Least significant byte for ED25519 */
ED448_SA_MAJOR = 8, /* Most significant byte for ED448 */
Expand Down