Use hardcoded RSA-PSS params

To be squashed Signed-off-by: Jakub Jelen <[email protected]>
latchset · Jan 27, 2025 · 542a6ea · 542a6ea
1 parent 73713fd
commit 542a6ea
Show file tree

Hide file tree

Showing 4 changed files with 125 additions and 258 deletions.
diff --git a/src/encoder.c b/src/encoder.c
@@ -251,197 +251,6 @@ static int p11prov_rsa_pubkey_to_der(P11PROV_OBJ *key, unsigned char **der,
     return RET_OSSL_OK;
 }
 
-static X509_ALGOR *p11prov_x509_algor_new_from_nid(int nid, int ptype,
-                                                   void *pval)
-{
-    X509_ALGOR *alg = NULL;
-    ASN1_OBJECT *obj = NULL;
-    int ret;
-
-    alg = X509_ALGOR_new();
-    obj = OBJ_nid2obj(nid);
-    if (alg == NULL || obj == NULL) {
-        ASN1_OBJECT_free(obj);
-        return NULL;
-    }
-
-    ret = X509_ALGOR_set0(alg, obj, ptype, pval);
-    if (ret != 1) {
-        X509_ALGOR_free(alg);
-        ASN1_OBJECT_free(obj);
-        return NULL;
-    }
-    return alg;
-}
-
-static X509_ALGOR *p11prov_x509_algor_new_from_mgf1_nid(int mgf1_nid)
-{
-    X509_ALGOR *tmpalg = NULL;
-    ASN1_STRING *enc = NULL;
-    X509_ALGOR *out = NULL;
-
-    tmpalg = p11prov_x509_algor_new_from_nid(mgf1_nid, V_ASN1_UNDEF, NULL);
-    if (tmpalg == NULL) {
-        return NULL;
-    }
-    enc = ASN1_item_pack(tmpalg, ASN1_ITEM_rptr(X509_ALGOR), NULL);
-    X509_ALGOR_free(tmpalg);
-    if (enc == NULL) {
-        return NULL;
-    }
-    out = p11prov_x509_algor_new_from_nid(NID_mgf1, V_ASN1_SEQUENCE, enc);
-    if (out == NULL) {
-        ASN1_STRING_free(enc);
-    }
-    return out;
-}
-
-RSA_PSS_PARAMS *p11prov_encode_rsa_pss_params(int hash_nid, int mgf1_hash_nid,
-                                              int saltlen)
-{
-    RSA_PSS_PARAMS *pss = NULL;
-    int ret;
-
-    pss = RSA_PSS_PARAMS_new();
-    if (pss == NULL) {
-        return NULL;
-    }
-
-    pss->hashAlgorithm =
-        p11prov_x509_algor_new_from_nid(hash_nid, V_ASN1_UNDEF, NULL);
-    if (pss->hashAlgorithm == NULL) {
-        goto err;
-    }
-
-    pss->maskHash =
-        p11prov_x509_algor_new_from_nid(mgf1_hash_nid, V_ASN1_UNDEF, NULL);
-    if (pss->maskHash == NULL) {
-        goto err;
-    }
-
-    pss->maskGenAlgorithm = p11prov_x509_algor_new_from_mgf1_nid(mgf1_hash_nid);
-    if (pss->maskGenAlgorithm == NULL) {
-        goto err;
-    }
-
-    /* The saltLength has default value so it is optional for restrictions */
-    if (saltlen >= 0) {
-        pss->saltLength = ASN1_INTEGER_new();
-        if (pss->saltLength == NULL) {
-            goto err;
-        }
-
-        ret = ASN1_INTEGER_set(pss->saltLength, saltlen);
-        if (ret != 1) {
-            goto err;
-        }
-    }
-    /* the pss->trailerField has a default value 1 so it is optional and we do
-     * not need to include it in the generated ASN1 for public key restrictions
-     */
-    return pss;
-
-err:
-    RSA_PSS_PARAMS_free(pss);
-    return NULL;
-}
-
-/* RSA-PSS mechanism map, sorted by priority */
-struct rsa_pss_map {
-    CK_MECHANISM_TYPE pkcs11_mechanism;
-    CK_MECHANISM_TYPE hash_type;
-} rsa_pss_map[P11PROV_N_RSAPSS_MECHS] = {
-    { CKM_RSA_PKCS_PSS, CKM_SHA512 },
-    { CKM_SHA512_RSA_PKCS_PSS, CKM_SHA512 },
-    { CKM_SHA384_RSA_PKCS_PSS, CKM_SHA384 },
-    { CKM_SHA256_RSA_PKCS_PSS, CKM_SHA256 },
-    { CKM_SHA224_RSA_PKCS_PSS, CKM_SHA224 },
-    /* Technically OpenSSL will not encode the SHA3 these days so if we will get
-     * these on PKCS#11 level, we will just fall back to non-PSS Key encoding:
-     * https://tools.ietf.org/html/rfc8017#appendix-A.2.1
-     */
-    { CKM_SHA3_512_RSA_PKCS_PSS, CKM_SHA3_512 },
-    { CKM_SHA3_384_RSA_PKCS_PSS, CKM_SHA3_384 },
-    { CKM_SHA3_256_RSA_PKCS_PSS, CKM_SHA3_256 },
-    { CKM_SHA3_224_RSA_PKCS_PSS, CKM_SHA3_224 },
-    { CKM_SHA1_RSA_PKCS_PSS, CKM_SHA_1 },
-};
-
-/* The PKCS#11 defines CKA_ALLOWED_MECHANISMS listing all allowed mechanisms on
- * given key.
- * OTOH X509 define parameters that either allow the key operation with any
- * parameters or only with one particular parameter combination
- * (including hash, mgf, mgf1 hash, salt length and trailer field).
- *
- * In case we have only one hash algorithm, such as CKM_SHA256_RSA_PKCS_PSS, we
- * can derive hash and default parameters.
- *
- * If there are more or there is a generic CKM_RSA_PKCS_PSS or all the PSS
- * mechanisms, we need to generate unrestricted RSA-PSS mechanism
- * (V_ASN1_UNDEF). Note, that this is possible to do only on the key itself and
- * not on the signature!
- */
-static ASN1_STRING *p11prov_encode_rsa_pss(P11PROV_OBJ *obj)
-{
-    CK_ATTRIBUTE *am = p11prov_obj_get_attr(obj, CKA_ALLOWED_MECHANISMS);
-    CK_MECHANISM_TYPE *allowed;
-    int am_nmechs, i, nfound = 0, first = -1;
-    RSA_PSS_PARAMS *pss = NULL;
-    int nid, ret;
-    ASN1_STRING *pstr = NULL;
-
-    if (am == NULL || am->ulValueLen == 0) {
-        /* no limitations or no support for allowed mechs. Should not be
-         * reached.
-         * TODO we can try also certificate restrictions */
-        return NULL;
-    }
-    allowed = (CK_MECHANISM_TYPE *)am->pValue;
-    am_nmechs = am->ulValueLen / sizeof(CK_MECHANISM_TYPE);
-    for (i = 0; i < P11PROV_N_RSAPSS_MECHS; i++) {
-        bool found = false;
-        for (int j = 0; j < am_nmechs; j++) {
-            if (rsa_pss_map[i].pkcs11_mechanism == allowed[j]) {
-                found = true;
-                break;
-            }
-        }
-        if (found) {
-            nfound++;
-            if (first == -1) {
-                first = i;
-            }
-        }
-    }
-    if (i == P11PROV_N_RSAPSS_MECHS) {
-        /* no RSA-PSS mechanism -- should not be reached */
-        return NULL;
-    }
-
-    if (nfound > 1 || rsa_pss_map[first].pkcs11_mechanism == CKM_RSA_PKCS_PSS) {
-        /* no restrictions -- we can not better express limitation on multiple
-         * mechanisms or this generic PSS mechanism */
-        return NULL;
-    }
-
-    ret = p11prov_digest_get_nid(rsa_pss_map[i].hash_type, &nid);
-    if (ret != CKR_OK) {
-        return NULL;
-    }
-
-    pss = p11prov_encode_rsa_pss_params(nid, nid, -1);
-    if (pss == NULL) {
-        return NULL;
-    }
-
-    if (ASN1_item_pack(pss, ASN1_ITEM_rptr(RSA_PSS_PARAMS), &pstr) == NULL) {
-        RSA_PSS_PARAMS_free(pss);
-        return NULL;
-    }
-    RSA_PSS_PARAMS_free(pss);
-    return pstr;
-}
-
 static X509_PUBKEY *p11prov_rsa_pubkey_to_x509(P11PROV_OBJ *key)
 {
     X509_PUBKEY *pubkey;
@@ -463,14 +272,10 @@ static X509_PUBKEY *p11prov_rsa_pubkey_to_x509(P11PROV_OBJ *key)
 
     if (p11prov_obj_is_rsa_pss(key)) {
         nid = NID_rsassaPss;
-        pval = p11prov_encode_rsa_pss(key);
-        if (pval != NULL) {
-            /* This is RSA-PSS key with restrictions */
-            ptype = V_ASN1_SEQUENCE;
-        } else {
-            /* This is RSA-PSS key without additional restrictions */
-            ptype = V_ASN1_UNDEF;
-        }
+        /* This is RSA-PSS key without additional restrictions */
+        pval = NULL;
+        ptype = V_ASN1_UNDEF;
+        /* TODO implement restrictions here based on ALLOWED_MECHANISMS */
     } else {
         /* this is generic RSA key without restrictions */
         nid = NID_rsaEncryption;

diff --git a/src/encoder.h b/src/encoder.h
@@ -42,6 +42,4 @@ extern const OSSL_DISPATCH
     p11prov_ec_edwards_encoder_priv_key_info_pem_functions[];
 extern const OSSL_DISPATCH p11prov_ec_edwards_encoder_text_functions[];
 
-RSA_PSS_PARAMS *p11prov_encode_rsa_pss_params(int hash_nid, int mgf1_hash_nid,
-                                              int saltlen);
 #endif /* _ENCODER_H */