diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-07-27 08:14:37 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-08-04 09:38:27 +0200 |
commit | e069ce8d5b8a6a0f65f41647e8f48dd410540258 (patch) | |
tree | 07d770580d89887c1ac56e8c3f4077261cbe0d8d /lib/pubkey.c | |
parent | d4937660e1ab68264ed020d50ee2131ace5dfc8b (diff) | |
download | gnutls-e069ce8d5b8a6a0f65f41647e8f48dd410540258.tar.gz |
RSA-PSS parameter checking was moved to lower level functions
That way all PKI callers get protected by the checks.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Diffstat (limited to 'lib/pubkey.c')
-rw-r--r-- | lib/pubkey.c | 63 |
1 files changed, 30 insertions, 33 deletions
diff --git a/lib/pubkey.c b/lib/pubkey.c index 6266ca260a..6b57e605b2 100644 --- a/lib/pubkey.c +++ b/lib/pubkey.c @@ -40,13 +40,14 @@ static int pubkey_verify_hashed_data(const gnutls_sign_entry_st *se, + const mac_entry_st *me, const gnutls_datum_t * hash, const gnutls_datum_t * signature, gnutls_pk_params_st * params, gnutls_x509_spki_st * sign_params, unsigned flags); -unsigned pubkey_to_bits(gnutls_pk_params_st * params) +unsigned pubkey_to_bits(const gnutls_pk_params_st * params) { switch (params->algo) { case GNUTLS_PK_RSA: @@ -1499,16 +1500,19 @@ gnutls_pubkey_import_dsa_raw(gnutls_pubkey_t key, #define OLD_PUBKEY_VERIFY_FLAG_TLS1_RSA 1 +/* Updates the gnutls_x509_spki_st parameters based on the signature + * information, and reports any incompatibilities between the existing + * parameters (if any) with the signature algorithm */ static -int set_rsa_pss_params(gnutls_pubkey_t pubkey, const gnutls_sign_entry_st *se, +int fixup_spki_params(const gnutls_pk_params_st *key_params, const gnutls_sign_entry_st *se, const mac_entry_st *me, gnutls_x509_spki_st *params) { unsigned bits; - if (se->pk != pubkey->params.algo) { - if (!gnutls_sign_supports_pk_algorithm(se->pk, pubkey->params.algo)) { + if (se->pk != key_params->algo) { + if (!gnutls_sign_supports_pk_algorithm(se->pk, key_params->algo)) { _gnutls_debug_log("have key: %s/%d, with sign %s/%d\n", - gnutls_pk_get_name(pubkey->params.algo), pubkey->params.algo, + gnutls_pk_get_name(key_params->algo), key_params->algo, se->name, se->id); return gnutls_assert_val(GNUTLS_E_INCOMPATIBLE_SIG_WITH_KEY); } @@ -1516,14 +1520,14 @@ int set_rsa_pss_params(gnutls_pubkey_t pubkey, const gnutls_sign_entry_st *se, if (params->pk == GNUTLS_PK_RSA_PSS) { - if (!GNUTLS_PK_IS_RSA(pubkey->params.algo)) + if (!GNUTLS_PK_IS_RSA(key_params->algo)) return gnutls_assert_val(GNUTLS_E_INCOMPATIBLE_SIG_WITH_KEY); /* The requested sign algorithm is RSA-PSS, while the * pubkey doesn't include parameter information. Fill * it with the same way as gnutls_privkey_sign*. */ - if (pubkey->params.algo == GNUTLS_PK_RSA || params->rsa_pss_dig == 0) { - gnutls_pubkey_get_pk_algorithm(pubkey, &bits); + if (key_params->algo == GNUTLS_PK_RSA || params->rsa_pss_dig == 0) { + bits = pubkey_to_bits(key_params); params->rsa_pss_dig = se->hash; params->salt_size = _gnutls_find_rsa_pss_salt_size(bits, me, 0); } @@ -1584,11 +1588,7 @@ gnutls_pubkey_verify_data2(gnutls_pubkey_t pubkey, if (me == NULL && !_gnutls_pk_is_not_prehashed(se->pk)) return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); - ret = set_rsa_pss_params(pubkey, se, me, ¶ms); - if (ret < 0) - return gnutls_assert_val(ret); - - ret = pubkey_verify_data(se, data, signature, &pubkey->params, + ret = pubkey_verify_data(se, me, data, signature, &pubkey->params, ¶ms, flags); if (ret < 0) { gnutls_assert(); @@ -1659,11 +1659,7 @@ gnutls_pubkey_verify_hash2(gnutls_pubkey_t key, if (me == NULL && !_gnutls_pk_is_not_prehashed(se->pk)) return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); - ret = set_rsa_pss_params(key, se, me, ¶ms); - if (ret < 0) - return gnutls_assert_val(ret); - - ret = pubkey_verify_hashed_data(se, hash, signature, + ret = pubkey_verify_hashed_data(se, me, hash, signature, &key->params, ¶ms, flags); if (ret < 0) { @@ -1915,21 +1911,25 @@ dsa_verify_data(gnutls_pk_algorithm_t pk, */ static int pubkey_verify_hashed_data(const gnutls_sign_entry_st *se, + const mac_entry_st *me, const gnutls_datum_t * hash, const gnutls_datum_t * signature, gnutls_pk_params_st * params, gnutls_x509_spki_st * sign_params, unsigned flags) { - const mac_entry_st *me; + int ret; - me = hash_to_entry(se->hash); + if (unlikely(me==NULL)) + return gnutls_assert_val(GNUTLS_E_UNKNOWN_HASH_ALGORITHM); + + ret = fixup_spki_params(params, se, me, sign_params); + if (ret < 0) + return gnutls_assert_val(ret); switch (se->pk) { case GNUTLS_PK_RSA: case GNUTLS_PK_RSA_PSS: - if (unlikely(me==NULL)) - return gnutls_assert_val(GNUTLS_E_UNKNOWN_HASH_ALGORITHM); if (_pkcs1_rsa_verify_sig (se->pk, me, NULL, hash, signature, params, sign_params) != 0) @@ -1943,9 +1943,6 @@ pubkey_verify_hashed_data(const gnutls_sign_entry_st *se, case GNUTLS_PK_ECDSA: case GNUTLS_PK_DSA: - if (unlikely(me==NULL)) - return gnutls_assert_val(GNUTLS_E_UNKNOWN_HASH_ALGORITHM); - if (dsa_verify_hashed_data (se->pk, me, hash, signature, params, sign_params) != 0) { gnutls_assert(); @@ -1972,22 +1969,25 @@ pubkey_verify_hashed_data(const gnutls_sign_entry_st *se, */ int pubkey_verify_data(const gnutls_sign_entry_st *se, + const mac_entry_st *me, const gnutls_datum_t * data, const gnutls_datum_t * signature, gnutls_pk_params_st * params, gnutls_x509_spki_st * sign_params, unsigned flags) { - const mac_entry_st *me; + int ret; - me = hash_to_entry(se->hash); + if (unlikely(me == NULL)) + return gnutls_assert_val(GNUTLS_E_UNKNOWN_HASH_ALGORITHM); + + ret = fixup_spki_params(params, se, me, sign_params); + if (ret < 0) + return gnutls_assert_val(ret); switch (se->pk) { case GNUTLS_PK_RSA: case GNUTLS_PK_RSA_PSS: - if (unlikely(me==NULL)) - return gnutls_assert_val(GNUTLS_E_UNKNOWN_HASH_ALGORITHM); - if (_pkcs1_rsa_verify_sig (se->pk, me, data, NULL, signature, params, sign_params) != 0) { gnutls_assert(); @@ -2006,9 +2006,6 @@ pubkey_verify_data(const gnutls_sign_entry_st *se, case GNUTLS_PK_EC: case GNUTLS_PK_DSA: - if (unlikely(me==NULL)) - return gnutls_assert_val(GNUTLS_E_UNKNOWN_HASH_ALGORITHM); - if (dsa_verify_data (se->pk, me, data, signature, params, sign_params) != 0) { gnutls_assert(); |