Added PSS (first stab).

This commit is contained in:
Alessio Di Mauro
2015-08-05 15:40:24 +02:00
parent d312d7a1e1
commit e89de35efc
10 changed files with 219 additions and 48 deletions
+74 -13
View File
@@ -83,6 +83,25 @@ CK_BBOOL is_RSA_mechanism(CK_MECHANISM_TYPE m) {
return CK_FALSE;
}
CK_BBOOL is_PSS_mechanism(CK_MECHANISM_TYPE m) {
switch (m) {
case CKM_RSA_PKCS_PSS:
case CKM_SHA1_RSA_PKCS_PSS:
// case CKM_SHA224_RSA_PKCS_PSS:
case CKM_SHA256_RSA_PKCS_PSS:
case CKM_SHA512_RSA_PKCS_PSS:
case CKM_SHA384_RSA_PKCS_PSS:
return CK_TRUE;
default:
return CK_FALSE;
}
// Not reached
return CK_FALSE;
}
CK_RV apply_sign_mechanism_init(op_info_t *op_info) {
if (op_info->type != YKCS11_SIGN)
@@ -93,31 +112,36 @@ CK_RV apply_sign_mechanism_init(op_info_t *op_info) {
// No hash required for this mechanism
return CKR_OK;
case CKM_RSA_PKCS_PSS: // TODO
return CKR_FUNCTION_FAILED;
case CKM_RSA_PKCS_PSS:
// No hash required for this mechanism
return CKR_OK;
case CKM_RSA_X_509:
// No hash required for this mechanism
return CKR_OK;
case CKM_SHA1_RSA_PKCS:
case CKM_SHA1_RSA_PKCS_PSS:
case CKM_ECDSA_SHA1:
return do_md_init(YKCS11_SHA1, &op_info->op.sign.md_ctx);
case CKM_SHA256_RSA_PKCS:
case CKM_SHA256_RSA_PKCS_PSS:
return do_md_init(YKCS11_SHA256, &op_info->op.sign.md_ctx);
case CKM_SHA384_RSA_PKCS:
case CKM_SHA384_RSA_PKCS_PSS:
return do_md_init(YKCS11_SHA384, &op_info->op.sign.md_ctx);
case CKM_SHA512_RSA_PKCS:
case CKM_SHA512_RSA_PKCS_PSS:
return do_md_init(YKCS11_SHA512, &op_info->op.sign.md_ctx);
case CKM_ECDSA:
return CKR_FUNCTION_FAILED; // TODO: but no hash needed
default:
CKR_FUNCTION_FAILED;
return CKR_FUNCTION_FAILED;
}
// Never reached
@@ -132,9 +156,8 @@ CK_RV apply_sign_mechanism_update(op_info_t *op_info, CK_BYTE_PTR in, CK_ULONG i
switch (op_info->mechanism.mechanism) {
case CKM_RSA_PKCS:
return CKR_OK;
case CKM_RSA_PKCS_PSS:
// Mechanism not suitable for multipart signatures
return CKR_FUNCTION_FAILED;
case CKM_RSA_X_509:
@@ -144,6 +167,10 @@ CK_RV apply_sign_mechanism_update(op_info_t *op_info, CK_BYTE_PTR in, CK_ULONG i
case CKM_SHA256_RSA_PKCS:
case CKM_SHA384_RSA_PKCS:
case CKM_SHA512_RSA_PKCS:
case CKM_SHA1_RSA_PKCS_PSS:
case CKM_SHA256_RSA_PKCS_PSS:
case CKM_SHA384_RSA_PKCS_PSS:
case CKM_SHA512_RSA_PKCS_PSS:
case CKM_ECDSA_SHA1:
rv = do_md_update(op_info->op.sign.md_ctx, in, in_len);
if (rv != CKR_OK)
@@ -160,17 +187,39 @@ CK_RV apply_sign_mechanism_update(op_info_t *op_info, CK_BYTE_PTR in, CK_ULONG i
}
CK_RV apply_sign_mechanism_finalize(op_info_t *op_info) {
CK_RV rv;
CK_RV rv;
int nid = NID_undef;
RSA *rsa;
CK_ULONG len;
if (op_info->type != YKCS11_SIGN)
return CKR_FUNCTION_FAILED;
switch (op_info->mechanism.mechanism) {
case CKM_SHA1_RSA_PKCS_PSS:
case CKM_SHA256_RSA_PKCS_PSS:
case CKM_SHA384_RSA_PKCS_PSS:
case CKM_SHA512_RSA_PKCS_PSS:
// Finalize the hash
rv = do_md_finalize(op_info->op.sign.md_ctx, op_info->buf, &op_info->buf_len, &nid);
if (rv != CKR_OK)
return CKR_FUNCTION_FAILED;
case CKM_RSA_PKCS_PSS:
return CKR_FUNCTION_FAILED;
// Compute padding for all PSS variants
// TODO: digestinfo/paraminfo ?
rv = do_encode_rsa_public_key(op_info->op.sign.key, op_info->op.sign.key_len, &rsa);
if (rv != CKR_OK)
return CKR_FUNCTION_FAILED;
rv = do_pkcs_pss(rsa, op_info->buf, op_info->buf_len, nid, op_info->buf, &op_info->buf_len);
// TODO: does rsa have to be free'd ?
return rv;
case CKM_RSA_X_509:
return CKR_OK;
@@ -179,18 +228,30 @@ CK_RV apply_sign_mechanism_finalize(op_info_t *op_info) {
case CKM_SHA256_RSA_PKCS:
case CKM_SHA384_RSA_PKCS:
case CKM_SHA512_RSA_PKCS:
case CKM_ECDSA_SHA1:
// Finalize the hash if needed and add digest info
rv = do_md_finalize(op_info->op.sign.md_ctx, CK_TRUE, op_info->buf, &op_info->buf_len);
// Finalize the hash add digest info
rv = do_md_finalize(op_info->op.sign.md_ctx, op_info->buf, &op_info->buf_len, &nid);
if (rv != CKR_OK)
return CKR_FUNCTION_FAILED;
fprintf(stderr, "The hashed value is %lu long and looks like\n", op_info->buf_len);
dump_hex(op_info->buf, op_info->buf_len, stderr, CK_TRUE);
case CKM_RSA_PKCS:
// And compute padding for all pkcs1 variants
return do_pkcs_t1(op_info->buf, op_info->buf_len, op_info->buf, sizeof(op_info->buf), op_info->op.sign.key_len);
// Add digest info if needed
if (nid != NID_undef) {
rv = do_pkcs_1_digest_info(op_info->buf, op_info->buf_len, nid, op_info->buf, &op_info->buf_len);
if (rv != CKR_OK)
return CKR_FUNCTION_FAILED;
fprintf(stderr, "After adding digestinfo is %lu long and looks like\n", op_info->buf_len);
dump_hex(op_info->buf, op_info->buf_len, stderr, CK_TRUE);
}
// Compute padding for all PKCS1 variants
len = op_info->buf_len;
op_info->buf_len = sizeof(op_info->buf);
return do_pkcs_1_t1(op_info->buf, len, op_info->buf, &op_info->buf_len, op_info->op.sign.key_len);
case CKM_ECDSA_SHA1: // TODO:
case CKM_ECDSA:
return CKR_FUNCTION_FAILED;