Add PSS algorithm printing. This is an initial step towards full PSS support.
authorDr. Stephen Henson <steve@openssl.org>
Sat, 6 Mar 2010 19:55:25 +0000 (19:55 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Sat, 6 Mar 2010 19:55:25 +0000 (19:55 +0000)
Uses ASN1 module in Martin Kaiser's PSS patch.

CHANGES
crypto/objects/obj_dat.h
crypto/objects/obj_mac.h
crypto/objects/obj_mac.num
crypto/objects/obj_xref.h
crypto/objects/obj_xref.txt
crypto/objects/objects.txt
crypto/rsa/rsa.h
crypto/rsa/rsa_ameth.c
crypto/rsa/rsa_asn1.c

diff --git a/CHANGES b/CHANGES
index 11ccdce..b970097 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -4,12 +4,15 @@
 
  Changes between 1.0.0 and 1.1.0  [xx XXX xxxx]
 
-   *) Add algorithm specific signature printing. An individual ASN1 method
-      can now print out signatures instead of the standard hex dump. 
+   *) Add signature printing for PSS. Add PSS OIDs.
+     [Steve Henson, Martin Kaiser <lists@kaiser.cx>]
 
-      More complex signatures (e.g. PSS) can print out more meaningful
-      information. Include DSA version that prints out the signature
-      parameters r, s.
+  *) Add algorithm specific signature printing. An individual ASN1 method
+     can now print out signatures instead of the standard hex dump. 
+
+     More complex signatures (e.g. PSS) can print out more meaningful
+     information. Include DSA version that prints out the signature
+     parameters r, s.
      [Steve Henson]
 
   *) Add -trusted_first option which attempts to find certificates in the
index 1baa03e..1477c78 100644 (file)
  * [including the GNU Public Licence.]
  */
 
-#define NUM_NID 911
-#define NUM_SN 904
-#define NUM_LN 904
-#define NUM_OBJ 854
+#define NUM_NID 913
+#define NUM_SN 906
+#define NUM_LN 906
+#define NUM_OBJ 856
 
-static const unsigned char lvalues[5953]={
+static const unsigned char lvalues[5971]={
 0x00,                                        /* [  0] OBJ_undef */
 0x2A,0x86,0x48,0x86,0xF7,0x0D,               /* [  1] OBJ_rsadsi */
 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,          /* [  7] OBJ_pkcs */
@@ -922,6 +922,8 @@ static const unsigned char lvalues[5953]={
 0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x03,0x03,/* [5926] OBJ_id_camellia192_wrap */
 0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x03,0x04,/* [5937] OBJ_id_camellia256_wrap */
 0x55,0x1D,0x25,0x00,                         /* [5948] OBJ_anyExtendedKeyUsage */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x08,/* [5952] OBJ_mgf1 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0A,/* [5961] OBJ_rsassaPss */
 };
 
 static const ASN1_OBJECT nid_objs[NUM_NID]={
@@ -2391,6 +2393,8 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={
        11,&(lvalues[5937]),0},
 {"anyExtendedKeyUsage","Any Extended Key Usage",
        NID_anyExtendedKeyUsage,4,&(lvalues[5948]),0},
+{"MGF1","mgf1",NID_mgf1,9,&(lvalues[5952]),0},
+{"RSASSA-PSS","rsassaPss",NID_rsassaPss,9,&(lvalues[5961]),0},
 };
 
 static const unsigned int sn_objs[NUM_SN]={
@@ -2495,6 +2499,7 @@ static const unsigned int sn_objs[NUM_SN]={
  4,    /* "MD5" */
 114,   /* "MD5-SHA1" */
 95,    /* "MDC2" */
+911,   /* "MGF1" */
 388,   /* "Mail" */
 393,   /* "NULL" */
 404,   /* "NULL" */
@@ -2551,6 +2556,7 @@ static const unsigned int sn_objs[NUM_SN]={
 668,   /* "RSA-SHA256" */
 669,   /* "RSA-SHA384" */
 670,   /* "RSA-SHA512" */
+912,   /* "RSASSA-PSS" */
 777,   /* "SEED-CBC" */
 779,   /* "SEED-CFB" */
 776,   /* "SEED-ECB" */
@@ -3882,6 +3888,7 @@ static const unsigned int ln_objs[NUM_LN]={
 602,   /* "merchant initiated auth" */
 514,   /* "message extensions" */
 51,    /* "messageDigest" */
+911,   /* "mgf1" */
 506,   /* "mime-mhs-bodies" */
 505,   /* "mime-mhs-headings" */
 488,   /* "mobileTelephoneNumber" */
@@ -3981,6 +3988,7 @@ static const unsigned int ln_objs[NUM_LN]={
  6,    /* "rsaEncryption" */
 644,   /* "rsaOAEPEncryptionSET" */
 377,   /* "rsaSignature" */
+912,   /* "rsassaPss" */
 124,   /* "run length compression" */
 482,   /* "sOARecord" */
 155,   /* "safeContentsBag" */
@@ -4797,6 +4805,8 @@ static const unsigned int obj_objs[NUM_OBJ]={
  8,    /* OBJ_md5WithRSAEncryption         1 2 840 113549 1 1 4 */
 65,    /* OBJ_sha1WithRSAEncryption        1 2 840 113549 1 1 5 */
 644,   /* OBJ_rsaOAEPEncryptionSET         1 2 840 113549 1 1 6 */
+911,   /* OBJ_mgf1                         1 2 840 113549 1 1 8 */
+912,   /* OBJ_rsassaPss                    1 2 840 113549 1 1 10 */
 668,   /* OBJ_sha256WithRSAEncryption      1 2 840 113549 1 1 11 */
 669,   /* OBJ_sha384WithRSAEncryption      1 2 840 113549 1 1 12 */
 670,   /* OBJ_sha512WithRSAEncryption      1 2 840 113549 1 1 13 */
index 7776abe..9b88cf8 100644 (file)
 #define NID_sha1WithRSAEncryption              65
 #define OBJ_sha1WithRSAEncryption              OBJ_pkcs1,5L
 
+#define SN_mgf1                "MGF1"
+#define LN_mgf1                "mgf1"
+#define NID_mgf1               911
+#define OBJ_mgf1               OBJ_pkcs1,8L
+
+#define SN_rsassaPss           "RSASSA-PSS"
+#define LN_rsassaPss           "rsassaPss"
+#define NID_rsassaPss          912
+#define OBJ_rsassaPss          OBJ_pkcs1,10L
+
 #define SN_sha256WithRSAEncryption             "RSA-SHA256"
 #define LN_sha256WithRSAEncryption             "sha256WithRSAEncryption"
 #define NID_sha256WithRSAEncryption            668
index bc8bc89..5ff1f49 100644 (file)
@@ -908,3 +908,5 @@ id_camellia128_wrap         907
 id_camellia192_wrap            908
 id_camellia256_wrap            909
 anyExtendedKeyUsage            910
+mgf1           911
+rsassaPss              912
index d5b9b8e..e23938c 100644 (file)
@@ -38,10 +38,12 @@ static const nid_triple sigoid_srt[] =
        {NID_id_GostR3411_94_with_GostR3410_94, NID_id_GostR3411_94, NID_id_GostR3410_94},
        {NID_id_GostR3411_94_with_GostR3410_94_cc, NID_id_GostR3411_94, NID_id_GostR3410_94_cc},
        {NID_id_GostR3411_94_with_GostR3410_2001_cc, NID_id_GostR3411_94, NID_id_GostR3410_2001_cc},
+       {NID_rsassaPss, NID_undef, NID_rsaEncryption},
        };
 
 static const nid_triple * const sigoid_srt_xref[] =
        {
+       &sigoid_srt[29],
        &sigoid_srt[17],
        &sigoid_srt[18],
        &sigoid_srt[0],
index e45b3d3..cb91718 100644 (file)
@@ -13,6 +13,10 @@ sha512WithRSAEncryption      sha512  rsaEncryption
 sha224WithRSAEncryption        sha224  rsaEncryption
 mdc2WithRSA            mdc2    rsaEncryption
 ripemd160WithRSA       ripemd160 rsaEncryption
+# For PSS the digest algorithm can vary and depends on the included
+# AlgorithmIdentifier. The digest "undef" indicates the public key
+# method should handle this explicitly.
+rsassaPss              undef   rsaEncryption
 
 # Alternative deprecated OIDs. By using the older "rsa" OID this
 # type will be recognized by not normally used.
index 87c97c6..7d53d9a 100644 (file)
@@ -166,6 +166,9 @@ pkcs1 3                     : RSA-MD4               : md4WithRSAEncryption
 pkcs1 4                        : RSA-MD5               : md5WithRSAEncryption
 pkcs1 5                        : RSA-SHA1              : sha1WithRSAEncryption
 # According to PKCS #1 version 2.1
+pkcs1 8                        : MGF1                  : mgf1
+pkcs1 10               : RSASSA-PSS            : rsassaPss
+
 pkcs1 11               : RSA-SHA256            : sha256WithRSAEncryption
 pkcs1 12               : RSA-SHA384            : sha384WithRSAEncryption
 pkcs1 13               : RSA-SHA512            : sha512WithRSAEncryption
index cf74343..e356515 100644 (file)
@@ -300,6 +300,16 @@ const RSA_METHOD *RSA_null_method(void);
 DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPublicKey)
 DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPrivateKey)
 
+typedef struct rsassaPssParams_st
+       {
+       X509_ALGOR *hashAlgorithm;
+       X509_ALGOR *maskGenAlgorithm;
+       ASN1_INTEGER *saltLength;
+       ASN1_INTEGER *trailerField;
+       } RSASSA_PSS_PARAMS;
+
+DECLARE_ASN1_FUNCTIONS(RSASSA_PSS_PARAMS)
+
 #ifndef OPENSSL_NO_FP_API
 int    RSA_print_fp(FILE *fp, const RSA *r,int offset);
 #endif
index a3d85b1..649291e 100644 (file)
@@ -265,6 +265,114 @@ static int rsa_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent,
        return do_rsa_print(bp, pkey->pkey.rsa, indent, 1);
        }
 
+static int rsa_pss_param_print(BIO *bp, RSASSA_PSS_PARAMS *pss, int indent)
+       {
+       int rv = 0;
+       X509_ALGOR *maskHash = NULL;
+       if (!pss)
+               {
+               if (BIO_puts(bp, " (INVALID PSS PARAMETERS)\n") <= 0)
+                       return 0;
+               }
+       if (BIO_puts(bp, "\n") <= 0)
+               goto err;
+       if (!BIO_indent(bp, indent, 128))
+               goto err;
+       if (BIO_puts(bp, "Hash Algorithm: ") <= 0)
+               goto err;
+
+       if (pss->hashAlgorithm)
+               {
+               if (i2a_ASN1_OBJECT(bp, pss->hashAlgorithm->algorithm) <= 0)
+                       goto err;
+               }
+       else if (BIO_puts(bp, "sha1 (default)") <= 0)
+               goto err;
+
+       if (BIO_puts(bp, "\n") <= 0)
+               goto err;
+
+       if (!BIO_indent(bp, indent, 128))
+               goto err;
+
+       if (BIO_puts(bp, "Mask Algorithm: ") <= 0)
+                       goto err;
+       if (pss->maskGenAlgorithm)
+               {
+               ASN1_TYPE *param = pss->maskGenAlgorithm->parameter;
+               if (param->type == V_ASN1_SEQUENCE)
+                       {
+                       const unsigned char *p = param->value.sequence->data;
+                       int plen = param->value.sequence->length;
+                       maskHash = d2i_X509_ALGOR(NULL, &p, plen);
+                       }
+               if (i2a_ASN1_OBJECT(bp, pss->maskGenAlgorithm->algorithm) <= 0)
+                       goto err;
+               if (BIO_puts(bp, " with ") <= 0)
+                       goto err;
+               if (i2a_ASN1_OBJECT(bp, maskHash->algorithm) <= 0)
+                       goto err;
+               }
+       else if (BIO_puts(bp, "mgf1 with sha1 (default)") <= 0)
+               goto err;
+       BIO_puts(bp, "\n");
+
+       if (!BIO_indent(bp, indent, 128))
+               goto err;
+       if (BIO_puts(bp, "Salt Length: ") <= 0)
+                       goto err;
+       if (pss->saltLength)
+               {
+               if (i2a_ASN1_INTEGER(bp, pss->saltLength) <= 0)
+                       goto err;
+               }
+       else if (BIO_puts(bp, "20 (default)") <= 0)
+               goto err;
+       BIO_puts(bp, "\n");
+
+       if (!BIO_indent(bp, indent, 128))
+               goto err;
+       if (BIO_puts(bp, "Trailer Field: ") <= 0)
+                       goto err;
+       if (pss->trailerField)
+               {
+               if (i2a_ASN1_INTEGER(bp, pss->trailerField) <= 0)
+                       goto err;
+               }
+       else if (BIO_puts(bp, "0xbc (default)") <= 0)
+               goto err;
+       BIO_puts(bp, "\n");
+       
+       rv = 1;
+
+       err:
+       if (maskHash)
+               X509_ALGOR_free(maskHash);
+       RSASSA_PSS_PARAMS_free(pss);
+       return rv;
+
+       }
+
+static int rsa_sig_print(BIO *bp, const X509_ALGOR *sigalg,
+                                       const ASN1_STRING *sig,
+                                       int indent, ASN1_PCTX *pctx)
+       {
+       if (OBJ_obj2nid(sigalg->algorithm) == NID_rsassaPss)
+               {
+               RSASSA_PSS_PARAMS *pss = NULL;
+               ASN1_TYPE *param = sigalg->parameter;
+               if (param && param->type == V_ASN1_SEQUENCE)
+                       {
+                       const unsigned char *p = param->value.sequence->data;
+                       int plen = param->value.sequence->length;
+                       pss = d2i_RSASSA_PSS_PARAMS(NULL, &p, plen);
+                       }
+               if (!rsa_pss_param_print(bp, pss, indent))
+                       return 0;
+               }
+
+       return X509_signature_dump(bp, sig, indent);
+       }
 
 static int rsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
        {
@@ -333,8 +441,9 @@ const EVP_PKEY_ASN1_METHOD rsa_asn1_meths[] =
                int_rsa_size,
                rsa_bits,
 
-               0,0,0,0,0,0,0,
+               0,0,0,0,0,0,
 
+               rsa_sig_print,
                int_rsa_free,
                rsa_pkey_ctrl,
                old_rsa_priv_decode,
index 4efca8c..f00ec69 100644 (file)
@@ -60,6 +60,7 @@
 #include "cryptlib.h"
 #include <openssl/bn.h>
 #include <openssl/rsa.h>
+#include <openssl/x509.h>
 #include <openssl/asn1t.h>
 
 /* Override the default free and new methods */
@@ -96,6 +97,15 @@ ASN1_SEQUENCE_cb(RSAPublicKey, rsa_cb) = {
        ASN1_SIMPLE(RSA, e, BIGNUM),
 } ASN1_SEQUENCE_END_cb(RSA, RSAPublicKey)
 
+ASN1_SEQUENCE(RSASSA_PSS_PARAMS) = {
+       ASN1_EXP_OPT(RSASSA_PSS_PARAMS, hashAlgorithm, X509_ALGOR,0),
+       ASN1_EXP_OPT(RSASSA_PSS_PARAMS, maskGenAlgorithm, X509_ALGOR,1),
+       ASN1_EXP_OPT(RSASSA_PSS_PARAMS, saltLength, ASN1_INTEGER,2),
+       ASN1_EXP_OPT(RSASSA_PSS_PARAMS, trailerField, ASN1_INTEGER,3)
+} ASN1_SEQUENCE_END(RSASSA_PSS_PARAMS)
+
+IMPLEMENT_ASN1_FUNCTIONS(RSASSA_PSS_PARAMS)
+
 IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(RSA, RSAPrivateKey, RSAPrivateKey)
 
 IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(RSA, RSAPublicKey, RSAPublicKey)