From 51d21634c9329463a8d7def24550ef268bc9b88c Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Tue, 6 Mar 2018 15:09:50 +0100 Subject: signatures: distinguish RSA-PSS signatures with RSA PKCS#1 1.5 certificates from "pure" This change enhances signature algorithms to have a private key algorithm parameter. That is, to allow signature algorithms operating with a private key of type X while the public key is of type Y. That is useful for the RSA-PSS signatures which are of two types; one which is seen from servers having PKCS#1 1.5 certificates, the other with RSA-PSS certificates, while both utilize RSA-PSS private keys. This is a draft-ietf-tls-tls13-23 change. Resolves #400 Signed-off-by: Nikos Mavrogiannopoulos --- lib/tls-sig.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'lib/tls-sig.c') diff --git a/lib/tls-sig.c b/lib/tls-sig.c index 26b36e6115..87016172e2 100644 --- a/lib/tls-sig.c +++ b/lib/tls-sig.c @@ -87,6 +87,9 @@ _gnutls_handshake_sign_data12(gnutls_session_t session, ("HSK[%p]: signing TLS 1.2 handshake data: using %s\n", session, gnutls_sign_algorithm_get_name(sign_algo)); + if (unlikely(gnutls_sign_supports_pk_algorithm(sign_algo, pkey->pk_algorithm) == 0)) + return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER); + dconcat.size = GNUTLS_RANDOM_SIZE*2 + params->size; dconcat.data = gnutls_malloc(dconcat.size); if (dconcat.data == NULL) @@ -121,7 +124,8 @@ _gnutls_handshake_sign_data10(gnutls_session_t session, const mac_entry_st *me; gnutls_pk_algorithm_t pk_algo; - if (gnutls_privkey_get_pk_algorithm(pkey, NULL) == GNUTLS_PK_RSA) + pk_algo = gnutls_privkey_get_pk_algorithm(pkey, NULL); + if (pk_algo == GNUTLS_PK_RSA) me = hash_to_entry(GNUTLS_DIG_MD5_SHA1); else me = hash_to_entry( @@ -129,6 +133,9 @@ _gnutls_handshake_sign_data10(gnutls_session_t session, if (me == NULL) return gnutls_assert_val(GNUTLS_E_UNKNOWN_HASH_ALGORITHM); + if (unlikely(gnutls_sign_supports_pk_algorithm(sign_algo, pk_algo) == 0)) + return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER); + pk_algo = gnutls_sign_get_pk_algorithm(sign_algo); if (pk_algo == GNUTLS_PK_UNKNOWN) return gnutls_assert_val(GNUTLS_E_UNKNOWN_PK_ALGORITHM); -- cgit v1.2.1