- Added support for RFC4055 SHA2 and SHA4 signature algorithms for
use with PKCS#1 v1.5 signing and verification.
- Added extra certificates to test-ca and test code to further test
functionality of SHA2 and SHA4 signing and verification.
- Updated other program files accordingly
diff --git a/library/rsa.c b/library/rsa.c
index f1445a5..ed70342 100644
--- a/library/rsa.c
+++ b/library/rsa.c
@@ -404,13 +404,13 @@
nb_pad = olen - 3 - hashlen;
break;
- case RSA_MD2:
- case RSA_MD4:
- case RSA_MD5:
+ case SIG_RSA_MD2:
+ case SIG_RSA_MD4:
+ case SIG_RSA_MD5:
nb_pad = olen - 3 - 34;
break;
- case RSA_SHA1:
+ case SIG_RSA_SHA1:
nb_pad = olen - 3 - 35;
break;
@@ -439,26 +439,46 @@
memcpy( p, hash, hashlen );
break;
- case RSA_MD2:
+ case SIG_RSA_MD2:
memcpy( p, ASN1_HASH_MDX, 18 );
memcpy( p + 18, hash, 16 );
p[13] = 2; break;
- case RSA_MD4:
+ case SIG_RSA_MD4:
memcpy( p, ASN1_HASH_MDX, 18 );
memcpy( p + 18, hash, 16 );
p[13] = 4; break;
- case RSA_MD5:
+ case SIG_RSA_MD5:
memcpy( p, ASN1_HASH_MDX, 18 );
memcpy( p + 18, hash, 16 );
p[13] = 5; break;
- case RSA_SHA1:
+ case SIG_RSA_SHA1:
memcpy( p, ASN1_HASH_SHA1, 15 );
memcpy( p + 15, hash, 20 );
break;
+ case SIG_RSA_SHA224:
+ memcpy( p, ASN1_HASH_SHA2X, 19 );
+ memcpy( p + 19, hash, 28 );
+ p[1] += 28; p[14] = 4; p[18] += 28; break;
+
+ case SIG_RSA_SHA256:
+ memcpy( p, ASN1_HASH_SHA2X, 19 );
+ memcpy( p + 19, hash, 32 );
+ p[1] += 32; p[14] = 1; p[18] += 32; break;
+
+ case SIG_RSA_SHA384:
+ memcpy( p, ASN1_HASH_SHA2X, 19 );
+ memcpy( p + 19, hash, 48 );
+ p[1] += 48; p[14] = 2; p[18] += 48; break;
+
+ case SIG_RSA_SHA512:
+ memcpy( p, ASN1_HASH_SHA2X, 19 );
+ memcpy( p + 19, hash, 64 );
+ p[1] += 64; p[14] = 3; p[18] += 64; break;
+
default:
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
}
@@ -527,9 +547,9 @@
if( memcmp( p, ASN1_HASH_MDX, 18 ) != 0 )
return( POLARSSL_ERR_RSA_VERIFY_FAILED );
- if( ( c == 2 && hash_id == RSA_MD2 ) ||
- ( c == 4 && hash_id == RSA_MD4 ) ||
- ( c == 5 && hash_id == RSA_MD5 ) )
+ if( ( c == 2 && hash_id == SIG_RSA_MD2 ) ||
+ ( c == 4 && hash_id == SIG_RSA_MD4 ) ||
+ ( c == 5 && hash_id == SIG_RSA_MD5 ) )
{
if( memcmp( p + 18, hash, 16 ) == 0 )
return( 0 );
@@ -538,7 +558,7 @@
}
}
- if( len == 35 && hash_id == RSA_SHA1 )
+ if( len == 35 && hash_id == SIG_RSA_SHA1 )
{
if( memcmp( p, ASN1_HASH_SHA1, 15 ) == 0 &&
memcmp( p + 15, hash, 20 ) == 0 )
@@ -546,6 +566,22 @@
else
return( POLARSSL_ERR_RSA_VERIFY_FAILED );
}
+ if( ( len == 19 + 28 && p[14] == 4 && hash_id == SIG_RSA_SHA224 ) ||
+ ( len == 19 + 32 && p[14] == 1 && hash_id == SIG_RSA_SHA256 ) ||
+ ( len == 19 + 48 && p[14] == 2 && hash_id == SIG_RSA_SHA384 ) ||
+ ( len == 19 + 64 && p[14] == 3 && hash_id == SIG_RSA_SHA512 ) )
+ {
+ c = p[1] - 17;
+ p[1] = 17;
+ p[14] = 0;
+
+ if( p[18] == c &&
+ memcmp( p, ASN1_HASH_SHA2X, 18 ) == 0 &&
+ memcmp( p + 19, hash, c ) == 0 )
+ return( 0 );
+ else
+ return( POLARSSL_ERR_RSA_VERIFY_FAILED );
+ }
if( len == hashlen && hash_id == RSA_RAW )
{
@@ -703,7 +739,7 @@
sha1( rsa_plaintext, PT_LEN, sha1sum );
- if( rsa_pkcs1_sign( &rsa, RSA_PRIVATE, RSA_SHA1, 20,
+ if( rsa_pkcs1_sign( &rsa, RSA_PRIVATE, SIG_RSA_SHA1, 20,
sha1sum, rsa_ciphertext ) != 0 )
{
if( verbose != 0 )
@@ -715,7 +751,7 @@
if( verbose != 0 )
printf( "passed\n PKCS#1 sig. verify: " );
- if( rsa_pkcs1_verify( &rsa, RSA_PUBLIC, RSA_SHA1, 20,
+ if( rsa_pkcs1_verify( &rsa, RSA_PUBLIC, SIG_RSA_SHA1, 20,
sha1sum, rsa_ciphertext ) != 0 )
{
if( verbose != 0 )
diff --git a/library/x509parse.c b/library/x509parse.c
index 83e5247..dcb8ea9 100644
--- a/library/x509parse.c
+++ b/library/x509parse.c
@@ -795,7 +795,8 @@
}
if( crt->sig_oid1.p[8] < 2 ||
- crt->sig_oid1.p[8] > 5 )
+ ( crt->sig_oid1.p[8] > 5 && crt->sig_oid1.p[8] < 11 ) ||
+ crt->sig_oid1.p[8] > 14 )
{
x509_free( crt );
return( POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG );
@@ -1441,10 +1442,14 @@
switch( crt->sig_oid1.p[8] )
{
- case RSA_MD2 : p += snprintf( p, end - p, "MD2" ); break;
- case RSA_MD4 : p += snprintf( p, end - p, "MD4" ); break;
- case RSA_MD5 : p += snprintf( p, end - p, "MD5" ); break;
- case RSA_SHA1: p += snprintf( p, end - p, "SHA1" ); break;
+ case SIG_RSA_MD2 : p += snprintf( p, end - p, "MD2" ); break;
+ case SIG_RSA_MD4 : p += snprintf( p, end - p, "MD4" ); break;
+ case SIG_RSA_MD5 : p += snprintf( p, end - p, "MD5" ); break;
+ case SIG_RSA_SHA1 : p += snprintf( p, end - p, "SHA1" ); break;
+ case SIG_RSA_SHA224 : p += snprintf( p, end - p, "SHA224" ); break;
+ case SIG_RSA_SHA256 : p += snprintf( p, end - p, "SHA256" ); break;
+ case SIG_RSA_SHA384 : p += snprintf( p, end - p, "SHA384" ); break;
+ case SIG_RSA_SHA512 : p += snprintf( p, end - p, "SHA512" ); break;
default: p += snprintf( p, end - p, "???" ); break;
}
@@ -1486,13 +1491,21 @@
switch( alg )
{
#if defined(POLARSSL_MD2_C)
- case RSA_MD2 : md2( in, len, out ); break;
+ case SIG_RSA_MD2 : md2( in, len, out ); break;
#endif
#if defined(POLARSSL_MD4_C)
- case RSA_MD4 : md4( in, len, out ); break;
+ case SIG_RSA_MD4 : md4( in, len, out ); break;
#endif
- case RSA_MD5 : md5( in, len, out ); break;
- case RSA_SHA1 : sha1( in, len, out ); break;
+ case SIG_RSA_MD5 : md5( in, len, out ); break;
+ case SIG_RSA_SHA1 : sha1( in, len, out ); break;
+#if defined(POLARSSL_SHA2_C)
+ case SIG_RSA_SHA224 : sha2( in, len, out, 1 ); break;
+ case SIG_RSA_SHA256 : sha2( in, len, out, 0 ); break;
+#endif
+#if defined(POLARSSL_SHA2_C)
+ case SIG_RSA_SHA384 : sha4( in, len, out, 1 ); break;
+ case SIG_RSA_SHA512 : sha4( in, len, out, 0 ); break;
+#endif
default:
memset( out, '\xFF', len );
break;
@@ -1511,7 +1524,7 @@
int pathlen;
x509_cert *cur;
x509_name *name;
- unsigned char hash[20];
+ unsigned char hash[64];
*flags = x509parse_expired( crt );
