Suyu/mbedtls
1
0
Fork 0
mirror of https://git.suyu.dev/suyu/mbedtls.git synced 2025-12-23 15:55:10 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Finish parsing RSASSA-PSS parameters

Browse source
This commit is contained in:
Manuel Pégourié-Gonnard 2014-01-23 19:15:29 +01:00
parent d9fd87be33
commit 3c1e8b539c
10 changed files with 199 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

86
library/x509.c
View file

@ -132,6 +132,62 @@ int x509_get_alg( unsigned char **p, const unsigned char *end,
return( 0 );
}
/*
* HashAlgorithm ::= AlgorithmIdentifier
*
* AlgorithmIdentifier ::= SEQUENCE {
* algorithm OBJECT IDENTIFIER,
* parameters ANY DEFINED BY algorithm OPTIONAL }
*
* For HashAlgorithm, parameters MUST be NULL or absent.
*/
static int x509_get_hash_alg( const x509_buf *alg, md_type_t *md_alg )
{
int ret;
unsigned char *p;
const unsigned char *end;
x509_buf md_oid;
size_t len;
/* Make sure we got a SEQUENCE and setup bounds */
if( alg->tag != ( ASN1_CONSTRUCTED | ASN1_SEQUENCE ) )
return( POLARSSL_ERR_X509_INVALID_ALG +
POLARSSL_ERR_ASN1_UNEXPECTED_TAG );
p = (unsigned char *) alg->p;
end = p + alg->len;
if( p >= end )
return( POLARSSL_ERR_X509_INVALID_ALG +
POLARSSL_ERR_ASN1_OUT_OF_DATA );
/* Parse md_oid */
md_oid.tag = *p;
if( ( ret = asn1_get_tag( &p, end, &md_oid.len, ASN1_OID ) ) != 0 )
return( POLARSSL_ERR_X509_INVALID_ALG + ret );
md_oid.p = p;
p += md_oid.len;
/* Get md_alg from md_oid */
if( ( ret = oid_get_md_alg( &md_oid, md_alg ) ) != 0 )
return( POLARSSL_ERR_X509_INVALID_ALG + ret );
/* Make sure params is absent of NULL */
if( p == end )
return( 0 );
if( ( ret = asn1_get_tag( &p, end, &len, ASN1_NULL ) ) != 0 )
return( POLARSSL_ERR_X509_INVALID_ALG + ret );
if( p != end )
return( POLARSSL_ERR_X509_INVALID_ALG +
POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
return( 0 );
}
/*
* RSASSA-PSS-params ::= SEQUENCE {
* hashAlgorithm [0] HashAlgorithm DEFAULT sha1Identifier,
@ -141,18 +197,18 @@ int x509_get_alg( unsigned char **p, const unsigned char *end,
* -- Note that the tags in this Sequence are explicit.
*/
int x509_get_rsassa_pss_params( const x509_buf *params,
md_type_t *md_alg,
int *salt_len,
int *trailer_field )
md_type_t *md_alg, md_type_t *mgf_md,
int *salt_len, int *trailer_field )
{
int ret;
unsigned char *p;
const unsigned char *end;
size_t len;
x509_buf alg_id;
x509_buf alg_id, alg_params;
/* First set everything to defaults */
*md_alg = POLARSSL_MD_SHA1;
*mgf_md = POLARSSL_MD_SHA1;
*salt_len = 20;
*trailer_field = 1;
@ -170,8 +226,12 @@ int x509_get_rsassa_pss_params( const x509_buf *params,
if( ( ret = asn1_get_tag( &p, end, &len,
ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 0 ) ) == 0 )
{
/* HashAlgorithm ::= AlgorithmIdentifier (without parameters) */
// TODO: WIP
/* HashAlgorithm ::= AlgorithmIdentifier (without parameters) */
if( ( ret = x509_get_alg_null( &p, p + len, &alg_id ) ) != 0 )
return( ret );
if( ( ret = oid_get_md_alg( &alg_id, md_alg ) ) != 0 )
return( POLARSSL_ERR_X509_INVALID_ALG + ret );
}
else if( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
return( POLARSSL_ERR_X509_INVALID_ALG + ret );
@ -179,8 +239,18 @@ int x509_get_rsassa_pss_params( const x509_buf *params,
if( ( ret = asn1_get_tag( &p, end, &len,
ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 1 ) ) == 0 )
{
/* MaskGenAlgorithm ::= AlgorithmIdentifier */
// TODO: WIP
/* MaskGenAlgorithm ::= AlgorithmIdentifier (params = HashAlgorithm) */
if( ( ret = x509_get_alg( &p, p + len, &alg_id, &alg_params ) ) != 0 )
return( ret );
/* Only MFG1 is recognised for now */
if( ! OID_CMP( OID_MGF1, &alg_id ) )
return( POLARSSL_ERR_X509_FEATURE_UNAVAILABLE +
POLARSSL_ERR_OID_NOT_FOUND );
/* Parse HashAlgorithm */
if( ( ret = x509_get_hash_alg( &alg_params, mgf_md ) ) != 0 )
return( ret );
}
else if( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
return( POLARSSL_ERR_X509_INVALID_ALG + ret );