[openssl] master update
tomas at openssl.org
tomas at openssl.org
Thu Apr 15 16:09:54 UTC 2021
The branch master has been updated
via a56fcf20da9e2bbc73aa3cf503204bdb44cb023f (commit)
from ddf0d149e2fd0d894eec08f7237f5a686fc85575 (commit)
- Log -----------------------------------------------------------------
commit a56fcf20da9e2bbc73aa3cf503204bdb44cb023f
Author: Tomas Mraz <tomas at openssl.org>
Date: Wed Apr 14 16:35:28 2021 +0200
Add OID for mdc2WithRSASignature and remove related TODO 3.0
Fixes #14366
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14874)
-----------------------------------------------------------------------
Summary of changes:
providers/common/der/RSA.asn1 | 6 +++-
providers/common/der/der_rsa_sig.c | 11 ++++--
providers/implementations/signature/rsa.c | 59 ++++++++++++++++++-------------
3 files changed, 48 insertions(+), 28 deletions(-)
diff --git a/providers/common/der/RSA.asn1 b/providers/common/der/RSA.asn1
index 6ba99daa7c..e3cd714d1c 100644
--- a/providers/common/der/RSA.asn1
+++ b/providers/common/der/RSA.asn1
@@ -69,10 +69,14 @@ id-rsassa-pkcs1-v1_5-with-sha3-512 OBJECT IDENTIFIER ::= { sigAlgs 16 }
-- -------------------------------------------------------------------
-- These OID's exist in the codebase but may need to be deprecated at some point.
--- mdc2 and md5_sha1 have been omitted as they do not look like valid entries.
+-- md5_sha1 has been omitted as it does not look like valid entry.
md4WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 3 }
ripemd160WithRSAEncryption OBJECT IDENTIFIER ::= {
iso(1) identified-organization(3) teletrust(36) algorithm(3) signatureAlgorithm(3) rsaSignature(1) 2
}
+
+mdc2WithRSASignature OBJECT IDENTIFIER ::= {
+ iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) mdc2WithRSASignature(14)
+}
diff --git a/providers/common/der/der_rsa_sig.c b/providers/common/der/der_rsa_sig.c
index aa49968a5b..08d00641e9 100644
--- a/providers/common/der/der_rsa_sig.c
+++ b/providers/common/der/der_rsa_sig.c
@@ -21,6 +21,8 @@
ossl_der_oid_id_rsassa_pkcs1_v1_5_with_sha3_384
#define ossl_der_oid_sha3_512WithRSAEncryption \
ossl_der_oid_id_rsassa_pkcs1_v1_5_with_sha3_512
+#define ossl_der_oid_mdc2WithRSAEncryption \
+ ossl_der_oid_mdc2WithRSASignature
#define MD_with_RSA_CASE(name, var) \
case NID_##name: \
@@ -40,7 +42,7 @@ int ossl_DER_w_algorithmIdentifier_MDWithRSAEncryption(WPACKET *pkt, int tag,
MD_with_RSA_CASE(md5, precompiled);
MD_with_RSA_CASE(md4, precompiled);
MD_with_RSA_CASE(ripemd160, precompiled);
-/* TODO(3.0) Decide what to do about mdc2 and md5_sha1 */
+ MD_with_RSA_CASE(mdc2, precompiled);
#endif
MD_with_RSA_CASE(sha1, precompiled);
MD_with_RSA_CASE(sha224, precompiled);
@@ -54,7 +56,12 @@ int ossl_DER_w_algorithmIdentifier_MDWithRSAEncryption(WPACKET *pkt, int tag,
MD_with_RSA_CASE(sha3_384, precompiled);
MD_with_RSA_CASE(sha3_512, precompiled);
default:
- return 0;
+ /*
+ * Hash algorithms for which we do not have a valid OID
+ * such as md5sha1 will just fail to provide the der encoding.
+ * That does not prevent producing signatures if OID is not needed.
+ */
+ return -1;
}
return ossl_DER_w_begin_sequence(pkt, tag)
diff --git a/providers/implementations/signature/rsa.c b/providers/implementations/signature/rsa.c
index bfaa7b4e80..96366a9a6b 100644
--- a/providers/implementations/signature/rsa.c
+++ b/providers/implementations/signature/rsa.c
@@ -222,6 +222,7 @@ static unsigned char *rsa_generate_signature_aid(PROV_RSA_CTX *ctx,
unsigned char *aid = NULL;
int saltlen;
RSA_PSS_PARAMS_30 pss_params;
+ int ret;
if (!WPACKET_init_der(&pkt, aid_buf, buf_len)) {
ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
@@ -229,33 +230,41 @@ static unsigned char *rsa_generate_signature_aid(PROV_RSA_CTX *ctx,
}
switch(ctx->pad_mode) {
- case RSA_PKCS1_PADDING:
- if (!ossl_DER_w_algorithmIdentifier_MDWithRSAEncryption(&pkt, -1,
- ctx->mdnid)) {
- ERR_raise(ERR_LIB_PROV, ERR_R_INTERNAL_ERROR);
- goto cleanup;
- }
- break;
- case RSA_PKCS1_PSS_PADDING:
- saltlen = rsa_pss_compute_saltlen(ctx);
- if (saltlen < 0)
- goto cleanup;
- if (!ossl_rsa_pss_params_30_set_defaults(&pss_params)
- || !ossl_rsa_pss_params_30_set_hashalg(&pss_params, ctx->mdnid)
- || !ossl_rsa_pss_params_30_set_maskgenhashalg(&pss_params,
- ctx->mgf1_mdnid)
- || !ossl_rsa_pss_params_30_set_saltlen(&pss_params, saltlen)
- || !ossl_DER_w_algorithmIdentifier_RSA_PSS(&pkt, -1,
- RSA_FLAG_TYPE_RSASSAPSS,
- &pss_params)) {
- ERR_raise(ERR_LIB_PROV, ERR_R_INTERNAL_ERROR);
- goto cleanup;
- }
+ case RSA_PKCS1_PADDING:
+ ret = ossl_DER_w_algorithmIdentifier_MDWithRSAEncryption(&pkt, -1,
+ ctx->mdnid);
+
+ if (ret > 0) {
break;
- default:
- ERR_raise_data(ERR_LIB_PROV, ERR_R_UNSUPPORTED,
- "Algorithm ID generation");
+ } else if (ret == 0) {
+ ERR_raise(ERR_LIB_PROV, ERR_R_INTERNAL_ERROR);
+ goto cleanup;
+ }
+ ERR_raise_data(ERR_LIB_PROV, ERR_R_UNSUPPORTED,
+ "Algorithm ID generation - md NID: %d",
+ ctx->mdnid);
+ goto cleanup;
+ case RSA_PKCS1_PSS_PADDING:
+ saltlen = rsa_pss_compute_saltlen(ctx);
+ if (saltlen < 0)
+ goto cleanup;
+ if (!ossl_rsa_pss_params_30_set_defaults(&pss_params)
+ || !ossl_rsa_pss_params_30_set_hashalg(&pss_params, ctx->mdnid)
+ || !ossl_rsa_pss_params_30_set_maskgenhashalg(&pss_params,
+ ctx->mgf1_mdnid)
+ || !ossl_rsa_pss_params_30_set_saltlen(&pss_params, saltlen)
+ || !ossl_DER_w_algorithmIdentifier_RSA_PSS(&pkt, -1,
+ RSA_FLAG_TYPE_RSASSAPSS,
+ &pss_params)) {
+ ERR_raise(ERR_LIB_PROV, ERR_R_INTERNAL_ERROR);
goto cleanup;
+ }
+ break;
+ default:
+ ERR_raise_data(ERR_LIB_PROV, ERR_R_UNSUPPORTED,
+ "Algorithm ID generation - pad mode: %d",
+ ctx->pad_mode);
+ goto cleanup;
}
if (WPACKET_finish(&pkt)) {
WPACKET_get_total_written(&pkt, aid_len);
More information about the openssl-commits
mailing list