library: x509: simplify RSA-PSS management
- Do not store RSA-PSS signature options in CRL/CRT/CSR structures;
- During the parsing phase, just ensure that MGF1 hash alg is the same
as the one used for the message.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
diff --git a/include/mbedtls/x509_crl.h b/include/mbedtls/x509_crl.h
index e08767e..e59d165 100644
--- a/include/mbedtls/x509_crl.h
+++ b/include/mbedtls/x509_crl.h
@@ -83,7 +83,6 @@
mbedtls_x509_buf MBEDTLS_PRIVATE(sig);
mbedtls_md_type_t MBEDTLS_PRIVATE(sig_md); /**< Internal representation of the MD algorithm of the signature algorithm, e.g. MBEDTLS_MD_SHA256 */
mbedtls_pk_type_t MBEDTLS_PRIVATE(sig_pk); /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */
- void *MBEDTLS_PRIVATE(sig_opts); /**< Signature options to be passed to mbedtls_pk_verify_ext(), e.g. for RSASSA-PSS */
/** Next element in the linked list of CRL.
* \p NULL indicates the end of the list.
diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h
index 9817d35..8a220cd 100644
--- a/include/mbedtls/x509_crt.h
+++ b/include/mbedtls/x509_crt.h
@@ -82,7 +82,6 @@
mbedtls_x509_buf MBEDTLS_PRIVATE(sig); /**< Signature: hash of the tbs part signed with the private key. */
mbedtls_md_type_t MBEDTLS_PRIVATE(sig_md); /**< Internal representation of the MD algorithm of the signature algorithm, e.g. MBEDTLS_MD_SHA256 */
mbedtls_pk_type_t MBEDTLS_PRIVATE(sig_pk); /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */
- void *MBEDTLS_PRIVATE(sig_opts); /**< Signature options to be passed to mbedtls_pk_verify_ext(), e.g. for RSASSA-PSS */
/** Next certificate in the linked list that constitutes the CA chain.
* \p NULL indicates the end of the list.
diff --git a/include/mbedtls/x509_csr.h b/include/mbedtls/x509_csr.h
index f9eb04d..bed1c95 100644
--- a/include/mbedtls/x509_csr.h
+++ b/include/mbedtls/x509_csr.h
@@ -56,7 +56,6 @@
mbedtls_x509_buf MBEDTLS_PRIVATE(sig);
mbedtls_md_type_t MBEDTLS_PRIVATE(sig_md); /**< Internal representation of the MD algorithm of the signature algorithm, e.g. MBEDTLS_MD_SHA256 */
mbedtls_pk_type_t MBEDTLS_PRIVATE(sig_pk); /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */
- void *MBEDTLS_PRIVATE(sig_opts); /**< Signature options to be passed to mbedtls_pk_verify_ext(), e.g. for RSASSA-PSS */
}
mbedtls_x509_csr;
diff --git a/library/x509.c b/library/x509.c
index 0571687..8ca7dde 100644
--- a/library/x509.c
+++ b/library/x509.c
@@ -715,38 +715,30 @@
* Get signature algorithm from alg OID and optional parameters
*/
int mbedtls_x509_get_sig_alg(const mbedtls_x509_buf *sig_oid, const mbedtls_x509_buf *sig_params,
- mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg,
- void **sig_opts)
+ mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg)
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- if (*sig_opts != NULL) {
- return MBEDTLS_ERR_X509_BAD_INPUT_DATA;
- }
-
if ((ret = mbedtls_oid_get_sig_alg(sig_oid, md_alg, pk_alg)) != 0) {
return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG, ret);
}
#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
if (*pk_alg == MBEDTLS_PK_RSASSA_PSS) {
- mbedtls_pk_rsassa_pss_options *pss_opts;
-
- pss_opts = mbedtls_calloc(1, sizeof(mbedtls_pk_rsassa_pss_options));
- if (pss_opts == NULL) {
- return MBEDTLS_ERR_X509_ALLOC_FAILED;
- }
+ mbedtls_md_type_t mgf1_hash_id;
+ int expected_salt_len;
ret = mbedtls_x509_get_rsassa_pss_params(sig_params,
md_alg,
- &pss_opts->mgf1_hash_id,
- &pss_opts->expected_salt_len);
+ &mgf1_hash_id,
+ &expected_salt_len);
if (ret != 0) {
- mbedtls_free(pss_opts);
return ret;
}
-
- *sig_opts = (void *) pss_opts;
+ /* Ensure MGF1 hash alg is the same as the one used to hash the message. */
+ if (mgf1_hash_id != *md_alg) {
+ return MBEDTLS_ERR_X509_INVALID_ALG;
+ }
} else
#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */
{
diff --git a/library/x509_crl.c b/library/x509_crl.c
index bc4fdbb..81af93b 100644
--- a/library/x509_crl.c
+++ b/library/x509_crl.c
@@ -389,8 +389,7 @@
crl->version++;
if ((ret = mbedtls_x509_get_sig_alg(&crl->sig_oid, &sig_params1,
- &crl->sig_md, &crl->sig_pk,
- &crl->sig_opts)) != 0) {
+ &crl->sig_md, &crl->sig_pk)) != 0) {
mbedtls_x509_crl_free(crl);
return MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG;
}
@@ -676,10 +675,6 @@
mbedtls_x509_crl_entry *entry_prv;
while (crl_cur != NULL) {
-#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
- mbedtls_free(crl_cur->sig_opts);
-#endif
-
mbedtls_asn1_free_named_data_list_shallow(crl_cur->issuer.next);
entry_cur = crl_cur->entry.next;
diff --git a/library/x509_crt.c b/library/x509_crt.c
index 5d26ebb..47907f2 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -1163,8 +1163,7 @@
crt->version++;
if ((ret = mbedtls_x509_get_sig_alg(&crt->sig_oid, &sig_params1,
- &crt->sig_md, &crt->sig_pk,
- &crt->sig_opts)) != 0) {
+ &crt->sig_md, &crt->sig_pk)) != 0) {
mbedtls_x509_crt_free(crt);
return ret;
}
@@ -3203,10 +3202,6 @@
while (cert_cur != NULL) {
mbedtls_pk_free(&cert_cur->pk);
-#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
- mbedtls_free(cert_cur->sig_opts);
-#endif
-
mbedtls_asn1_free_named_data_list_shallow(cert_cur->issuer.next);
mbedtls_asn1_free_named_data_list_shallow(cert_cur->subject.next);
mbedtls_asn1_sequence_free(cert_cur->ext_key_usage.next);
diff --git a/library/x509_csr.c b/library/x509_csr.c
index 8e5fdb6..c4a1284 100644
--- a/library/x509_csr.c
+++ b/library/x509_csr.c
@@ -407,8 +407,7 @@
}
if ((ret = mbedtls_x509_get_sig_alg(&csr->sig_oid, &sig_params,
- &csr->sig_md, &csr->sig_pk,
- &csr->sig_opts)) != 0) {
+ &csr->sig_md, &csr->sig_pk)) != 0) {
mbedtls_x509_csr_free(csr);
return MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG;
}
@@ -621,10 +620,6 @@
mbedtls_pk_free(&csr->pk);
-#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
- mbedtls_free(csr->sig_opts);
-#endif
-
mbedtls_asn1_free_named_data_list_shallow(csr->subject.next);
mbedtls_asn1_sequence_free(csr->subject_alt_names.next);
diff --git a/library/x509_internal.h b/library/x509_internal.h
index 36cbc65..dc56bf6 100644
--- a/library/x509_internal.h
+++ b/library/x509_internal.h
@@ -35,8 +35,7 @@
#endif
int mbedtls_x509_get_sig(unsigned char **p, const unsigned char *end, mbedtls_x509_buf *sig);
int mbedtls_x509_get_sig_alg(const mbedtls_x509_buf *sig_oid, const mbedtls_x509_buf *sig_params,
- mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg,
- void **sig_opts);
+ mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg);
int mbedtls_x509_get_time(unsigned char **p, const unsigned char *end,
mbedtls_x509_time *t);
int mbedtls_x509_get_serial(unsigned char **p, const unsigned char *end,