add rsa_pss_rsae_* support in tls12
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
This commit is contained in:
Jerry Yu
parent
257319a33e
commit
693a47ab1d
2 changed files with 55 additions and 90 deletions
|
|
@ -4355,18 +4355,6 @@ static uint16_t ssl_preset_default_sig_algs[] = {
|
|||
#endif /* MBEDTLS_ECDSA_C && MBEDTLS_SHA384_C &&
|
||||
MBEDTLS_ECP_DP_SECP521R1_ENABLED */
|
||||
|
||||
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA512_C)
|
||||
MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA512,
|
||||
#endif /* MBEDTLS_RSA_C && MBEDTLS_SHA512_C */
|
||||
|
||||
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA384_C)
|
||||
MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA384,
|
||||
#endif /* MBEDTLS_RSA_C && MBEDTLS_SHA384_C */
|
||||
|
||||
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA256_C)
|
||||
MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA256,
|
||||
#endif /* MBEDTLS_RSA_C && MBEDTLS_SHA256_C */
|
||||
|
||||
#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) && defined(MBEDTLS_SHA512_C)
|
||||
MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA512,
|
||||
#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT && MBEDTLS_SHA512_C */
|
||||
|
|
@ -4379,6 +4367,18 @@ static uint16_t ssl_preset_default_sig_algs[] = {
|
|||
MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA256,
|
||||
#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT && MBEDTLS_SHA256_C */
|
||||
|
||||
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA512_C)
|
||||
MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA512,
|
||||
#endif /* MBEDTLS_RSA_C && MBEDTLS_SHA512_C */
|
||||
|
||||
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA384_C)
|
||||
MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA384,
|
||||
#endif /* MBEDTLS_RSA_C && MBEDTLS_SHA384_C */
|
||||
|
||||
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_SHA256_C)
|
||||
MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA256,
|
||||
#endif /* MBEDTLS_RSA_C && MBEDTLS_SHA256_C */
|
||||
|
||||
MBEDTLS_TLS_SIG_NONE
|
||||
};
|
||||
|
||||
|
|
|
|||
|
|
@ -2041,66 +2041,6 @@ static int ssl_write_encrypted_pms( mbedtls_ssl_context *ssl,
|
|||
#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED ||
|
||||
MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
|
||||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
|
||||
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
|
||||
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_parse_signature_algorithm( mbedtls_ssl_context *ssl,
|
||||
unsigned char **p,
|
||||
unsigned char *end,
|
||||
mbedtls_md_type_t *md_alg,
|
||||
mbedtls_pk_type_t *pk_alg )
|
||||
{
|
||||
*md_alg = MBEDTLS_MD_NONE;
|
||||
*pk_alg = MBEDTLS_PK_NONE;
|
||||
|
||||
if( (*p) + 2 > end )
|
||||
return( MBEDTLS_ERR_SSL_DECODE_ERROR );
|
||||
|
||||
/*
|
||||
* Get hash algorithm
|
||||
*/
|
||||
if( ( *md_alg = mbedtls_ssl_md_alg_from_hash( (*p)[0] ) )
|
||||
== MBEDTLS_MD_NONE )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1,
|
||||
( "Server used unsupported HashAlgorithm %d", *(p)[0] ) );
|
||||
return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE );
|
||||
}
|
||||
|
||||
/*
|
||||
* Get signature algorithm
|
||||
*/
|
||||
if( ( *pk_alg = mbedtls_ssl_pk_alg_from_sig( (*p)[1] ) )
|
||||
== MBEDTLS_PK_NONE )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1,
|
||||
( "server used unsupported SignatureAlgorithm %d", (*p)[1] ) );
|
||||
return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE );
|
||||
}
|
||||
|
||||
/*
|
||||
* Check if the signature algorithm is acceptable
|
||||
*/
|
||||
if( !mbedtls_ssl_sig_alg_is_offered( ssl, MBEDTLS_GET_UINT16_BE( *p, 0 ) ) )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1,
|
||||
( "server used HashAlgorithm %d that was not offered", *(p)[0] ) );
|
||||
return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE );
|
||||
}
|
||||
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "Server used SignatureAlgorithm %d",
|
||||
(*p)[1] ) );
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "Server used HashAlgorithm %d",
|
||||
(*p)[0] ) );
|
||||
*p += 2;
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED ||
|
||||
MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
|
||||
MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
|
||||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
|
||||
defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
|
|
@ -2398,14 +2338,31 @@ start_processing:
|
|||
unsigned char *params = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl );
|
||||
size_t params_len = p - params;
|
||||
void *rs_ctx = NULL;
|
||||
uint16_t sig_alg;
|
||||
|
||||
mbedtls_pk_context * peer_pk;
|
||||
|
||||
#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
|
||||
peer_pk = &ssl->handshake->peer_pubkey;
|
||||
#else /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||
if( ssl->session_negotiate->peer_cert == NULL )
|
||||
{
|
||||
/* Should never happen */
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
||||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
||||
}
|
||||
peer_pk = &ssl->session_negotiate->peer_cert->pk;
|
||||
#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||
|
||||
/*
|
||||
* Handle the digitally-signed structure
|
||||
*/
|
||||
if( ssl_parse_signature_algorithm( ssl, &p, end,
|
||||
&md_alg, &pk_alg ) != 0 )
|
||||
MBEDTLS_SSL_CHK_BUF_READ_PTR( p, end, 2 );
|
||||
sig_alg = MBEDTLS_GET_UINT16_BE( p, 0 );
|
||||
if( mbedtls_ssl_tls13_get_pk_type_and_md_alg_from_sig_alg(
|
||||
sig_alg, &pk_alg, &md_alg ) != 0 &&
|
||||
! mbedtls_ssl_sig_alg_is_offered( ssl, sig_alg ) &&
|
||||
! mbedtls_ssl_sig_alg_is_supported( ssl, sig_alg ) )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1,
|
||||
( "bad server key exchange message" ) );
|
||||
|
|
@ -2415,9 +2372,9 @@ start_processing:
|
|||
MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER );
|
||||
return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER );
|
||||
}
|
||||
p += 2;
|
||||
|
||||
if( pk_alg !=
|
||||
mbedtls_ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info ) )
|
||||
if( !mbedtls_pk_can_do( peer_pk, pk_alg ) )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1,
|
||||
( "bad server key exchange message" ) );
|
||||
|
|
@ -2475,18 +2432,6 @@ start_processing:
|
|||
|
||||
MBEDTLS_SSL_DEBUG_BUF( 3, "parameters hash", hash, hashlen );
|
||||
|
||||
#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
|
||||
peer_pk = &ssl->handshake->peer_pubkey;
|
||||
#else /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||
if( ssl->session_negotiate->peer_cert == NULL )
|
||||
{
|
||||
/* Should never happen */
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
||||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
||||
}
|
||||
peer_pk = &ssl->session_negotiate->peer_cert->pk;
|
||||
#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||
|
||||
/*
|
||||
* Verify signature
|
||||
*/
|
||||
|
|
@ -2505,8 +2450,28 @@ start_processing:
|
|||
rs_ctx = &ssl->handshake->ecrs_ctx.pk;
|
||||
#endif
|
||||
|
||||
if( ( ret = mbedtls_pk_verify_restartable( peer_pk,
|
||||
md_alg, hash, hashlen, p, sig_len, rs_ctx ) ) != 0 )
|
||||
#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
|
||||
if( pk_alg == MBEDTLS_PK_RSASSA_PSS )
|
||||
{
|
||||
const mbedtls_md_info_t* md_info;
|
||||
mbedtls_pk_rsassa_pss_options rsassa_pss_options;
|
||||
rsassa_pss_options.mgf1_hash_id = md_alg;
|
||||
if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == NULL )
|
||||
{
|
||||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
||||
}
|
||||
rsassa_pss_options.expected_salt_len = mbedtls_md_get_size( md_info );
|
||||
ret = mbedtls_pk_verify_ext( pk_alg, &rsassa_pss_options,
|
||||
peer_pk,
|
||||
md_alg, hash, hashlen,
|
||||
p, sig_len );
|
||||
}
|
||||
else
|
||||
#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */
|
||||
ret = mbedtls_pk_verify_restartable( peer_pk,
|
||||
md_alg, hash, hashlen, p, sig_len, rs_ctx );
|
||||
|
||||
if( ret != 0 )
|
||||
{
|
||||
#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
|
||||
if( ret != MBEDTLS_ERR_ECP_IN_PROGRESS )
|
||||
|
|
|
|||
Loading…
Reference in a new issue