diff options
author | Tomas Mraz <tomas@openssl.org> | 2021-04-14 16:35:28 +0200 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2021-04-15 18:09:37 +0200 |
commit | a56fcf20da9e2bbc73aa3cf503204bdb44cb023f (patch) | |
tree | 9f04ad6944ca3b36cda4200903ad3f3b339d6866 /providers | |
parent | ddf0d149e2fd0d894eec08f7237f5a686fc85575 (diff) |
Add OID for mdc2WithRSASignature and remove related TODO 3.0
Fixes #14366
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14874)
Diffstat (limited to 'providers')
-rw-r--r-- | providers/common/der/RSA.asn1 | 6 | ||||
-rw-r--r-- | providers/common/der/der_rsa_sig.c | 11 | ||||
-rw-r--r-- | providers/implementations/signature/rsa.c | 59 |
3 files changed, 48 insertions, 28 deletions
diff --git a/providers/common/der/RSA.asn1 b/providers/common/der/RSA.asn1 index 6ba99daa7c..e3cd714d1c 100644 --- a/providers/common/der/RSA.asn1 +++ b/providers/common/der/RSA.asn1 @@ -69,10 +69,14 @@ id-rsassa-pkcs1-v1_5-with-sha3-512 OBJECT IDENTIFIER ::= { sigAlgs 16 } -- ------------------------------------------------------------------- -- These OID's exist in the codebase but may need to be deprecated at some point. --- mdc2 and md5_sha1 have been omitted as they do not look like valid entries. +-- md5_sha1 has been omitted as it does not look like valid entry. md4WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 3 } ripemd160WithRSAEncryption OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) teletrust(36) algorithm(3) signatureAlgorithm(3) rsaSignature(1) 2 } + +mdc2WithRSASignature OBJECT IDENTIFIER ::= { + iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) mdc2WithRSASignature(14) +} diff --git a/providers/common/der/der_rsa_sig.c b/providers/common/der/der_rsa_sig.c index aa49968a5b..08d00641e9 100644 --- a/providers/common/der/der_rsa_sig.c +++ b/providers/common/der/der_rsa_sig.c @@ -21,6 +21,8 @@ ossl_der_oid_id_rsassa_pkcs1_v1_5_with_sha3_384 #define ossl_der_oid_sha3_512WithRSAEncryption \ ossl_der_oid_id_rsassa_pkcs1_v1_5_with_sha3_512 +#define ossl_der_oid_mdc2WithRSAEncryption \ + ossl_der_oid_mdc2WithRSASignature #define MD_with_RSA_CASE(name, var) \ case NID_##name: \ @@ -40,7 +42,7 @@ int ossl_DER_w_algorithmIdentifier_MDWithRSAEncryption(WPACKET *pkt, int tag, MD_with_RSA_CASE(md5, precompiled); MD_with_RSA_CASE(md4, precompiled); MD_with_RSA_CASE(ripemd160, precompiled); -/* TODO(3.0) Decide what to do about mdc2 and md5_sha1 */ + MD_with_RSA_CASE(mdc2, precompiled); #endif MD_with_RSA_CASE(sha1, precompiled); MD_with_RSA_CASE(sha224, precompiled); @@ -54,7 +56,12 @@ int ossl_DER_w_algorithmIdentifier_MDWithRSAEncryption(WPACKET *pkt, int tag, MD_with_RSA_CASE(sha3_384, precompiled); MD_with_RSA_CASE(sha3_512, precompiled); default: - return 0; + /* + * Hash algorithms for which we do not have a valid OID + * such as md5sha1 will just fail to provide the der encoding. + * That does not prevent producing signatures if OID is not needed. + */ + return -1; } return ossl_DER_w_begin_sequence(pkt, tag) diff --git a/providers/implementations/signature/rsa.c b/providers/implementations/signature/rsa.c index bfaa7b4e80..96366a9a6b 100644 --- a/providers/implementations/signature/rsa.c +++ b/providers/implementations/signature/rsa.c @@ -222,6 +222,7 @@ static unsigned char *rsa_generate_signature_aid(PROV_RSA_CTX *ctx, unsigned char *aid = NULL; int saltlen; RSA_PSS_PARAMS_30 pss_params; + int ret; if (!WPACKET_init_der(&pkt, aid_buf, buf_len)) { ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); @@ -229,33 +230,41 @@ static unsigned char *rsa_generate_signature_aid(PROV_RSA_CTX *ctx, } switch(ctx->pad_mode) { - case RSA_PKCS1_PADDING: - if (!ossl_DER_w_algorithmIdentifier_MDWithRSAEncryption(&pkt, -1, - ctx->mdnid)) { - ERR_raise(ERR_LIB_PROV, ERR_R_INTERNAL_ERROR); - goto cleanup; - } - break; - case RSA_PKCS1_PSS_PADDING: - saltlen = rsa_pss_compute_saltlen(ctx); - if (saltlen < 0) - goto cleanup; - if (!ossl_rsa_pss_params_30_set_defaults(&pss_params) - || !ossl_rsa_pss_params_30_set_hashalg(&pss_params, ctx->mdnid) - || !ossl_rsa_pss_params_30_set_maskgenhashalg(&pss_params, - ctx->mgf1_mdnid) - || !ossl_rsa_pss_params_30_set_saltlen(&pss_params, saltlen) - || !ossl_DER_w_algorithmIdentifier_RSA_PSS(&pkt, -1, - RSA_FLAG_TYPE_RSASSAPSS, - &pss_params)) { - ERR_raise(ERR_LIB_PROV, ERR_R_INTERNAL_ERROR); - goto cleanup; - } + case RSA_PKCS1_PADDING: + ret = ossl_DER_w_algorithmIdentifier_MDWithRSAEncryption(&pkt, -1, + ctx->mdnid); + + if (ret > 0) { break; - default: - ERR_raise_data(ERR_LIB_PROV, ERR_R_UNSUPPORTED, - "Algorithm ID generation"); + } else if (ret == 0) { + ERR_raise(ERR_LIB_PROV, ERR_R_INTERNAL_ERROR); + goto cleanup; + } + ERR_raise_data(ERR_LIB_PROV, ERR_R_UNSUPPORTED, + "Algorithm ID generation - md NID: %d", + ctx->mdnid); + goto cleanup; + case RSA_PKCS1_PSS_PADDING: + saltlen = rsa_pss_compute_saltlen(ctx); + if (saltlen < 0) + goto cleanup; + if (!ossl_rsa_pss_params_30_set_defaults(&pss_params) + || !ossl_rsa_pss_params_30_set_hashalg(&pss_params, ctx->mdnid) + || !ossl_rsa_pss_params_30_set_maskgenhashalg(&pss_params, + ctx->mgf1_mdnid) + || !ossl_rsa_pss_params_30_set_saltlen(&pss_params, saltlen) + || !ossl_DER_w_algorithmIdentifier_RSA_PSS(&pkt, -1, + RSA_FLAG_TYPE_RSASSAPSS, + &pss_params)) { + ERR_raise(ERR_LIB_PROV, ERR_R_INTERNAL_ERROR); goto cleanup; + } + break; + default: + ERR_raise_data(ERR_LIB_PROV, ERR_R_UNSUPPORTED, + "Algorithm ID generation - pad mode: %d", + ctx->pad_mode); + goto cleanup; } if (WPACKET_finish(&pkt)) { WPACKET_get_total_written(&pkt, aid_len); |