summaryrefslogtreecommitdiff
path: root/src/libstrongswan/credentials
diff options
context:
space:
mode:
authorYves-Alexis Perez <corsac@corsac.net>2017-11-21 10:22:31 +0100
committerYves-Alexis Perez <corsac@corsac.net>2017-11-21 10:22:31 +0100
commite1d78dc2faaa06e7c3f71ef674a71e4de2f0758e (patch)
treeae0c8b5f4cd8289d0797882ea18969f33ea59a1e /src/libstrongswan/credentials
parent11d6b62db969bdd808d0f56706cb18f113927a31 (diff)
downloadvyos-strongswan-e1d78dc2faaa06e7c3f71ef674a71e4de2f0758e.tar.gz
vyos-strongswan-e1d78dc2faaa06e7c3f71ef674a71e4de2f0758e.zip
New upstream version 5.6.1
Diffstat (limited to 'src/libstrongswan/credentials')
-rw-r--r--src/libstrongswan/credentials/auth_cfg.c188
-rw-r--r--src/libstrongswan/credentials/auth_cfg.h4
-rw-r--r--src/libstrongswan/credentials/builder.c1
-rw-r--r--src/libstrongswan/credentials/builder.h4
-rw-r--r--src/libstrongswan/credentials/certificates/certificate.h7
-rw-r--r--src/libstrongswan/credentials/certificates/x509.c9
-rw-r--r--src/libstrongswan/credentials/certificates/x509.h7
-rw-r--r--src/libstrongswan/credentials/containers/pkcs12.c1
-rw-r--r--src/libstrongswan/credentials/cred_encoding.h2
-rw-r--r--src/libstrongswan/credentials/credential_manager.c6
-rw-r--r--src/libstrongswan/credentials/credential_manager.h5
-rw-r--r--src/libstrongswan/credentials/keys/private_key.h6
-rw-r--r--src/libstrongswan/credentials/keys/public_key.c57
-rw-r--r--src/libstrongswan/credentials/keys/public_key.h16
-rw-r--r--src/libstrongswan/credentials/keys/signature_params.c366
-rw-r--r--src/libstrongswan/credentials/keys/signature_params.h129
-rw-r--r--src/libstrongswan/credentials/sets/cert_cache.c28
-rw-r--r--src/libstrongswan/credentials/sets/cert_cache.h5
18 files changed, 742 insertions, 99 deletions
diff --git a/src/libstrongswan/credentials/auth_cfg.c b/src/libstrongswan/credentials/auth_cfg.c
index 07da596e4..d1be7b401 100644
--- a/src/libstrongswan/credentials/auth_cfg.c
+++ b/src/libstrongswan/credentials/auth_cfg.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2008-2016 Tobias Brunner
+ * Copyright (C) 2008-2017 Tobias Brunner
* Copyright (C) 2007-2009 Martin Willi
* Copyright (C) 2016 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
@@ -216,8 +216,6 @@ static void init_entry(entry_t *this, auth_rule_t type, va_list args)
case AUTH_RULE_RSA_STRENGTH:
case AUTH_RULE_ECDSA_STRENGTH:
case AUTH_RULE_BLISS_STRENGTH:
- case AUTH_RULE_SIGNATURE_SCHEME:
- case AUTH_RULE_IKE_SIGNATURE_SCHEME:
case AUTH_RULE_CERT_VALIDATION_SUSPENDED:
/* integer type */
this->value = (void*)(uintptr_t)va_arg(args, u_int);
@@ -232,6 +230,8 @@ static void init_entry(entry_t *this, auth_rule_t type, va_list args)
case AUTH_RULE_IM_CERT:
case AUTH_RULE_SUBJECT_CERT:
case AUTH_RULE_CERT_POLICY:
+ case AUTH_RULE_SIGNATURE_SCHEME:
+ case AUTH_RULE_IKE_SIGNATURE_SCHEME:
case AUTH_HELPER_IM_CERT:
case AUTH_HELPER_SUBJECT_CERT:
case AUTH_HELPER_IM_HASH_URL:
@@ -267,8 +267,6 @@ static bool entry_equals(entry_t *e1, entry_t *e2)
case AUTH_RULE_RSA_STRENGTH:
case AUTH_RULE_ECDSA_STRENGTH:
case AUTH_RULE_BLISS_STRENGTH:
- case AUTH_RULE_SIGNATURE_SCHEME:
- case AUTH_RULE_IKE_SIGNATURE_SCHEME:
case AUTH_RULE_CERT_VALIDATION_SUSPENDED:
{
return e1->value == e2->value;
@@ -301,6 +299,11 @@ static bool entry_equals(entry_t *e1, entry_t *e2)
return id1->equals(id1, id2);
}
+ case AUTH_RULE_SIGNATURE_SCHEME:
+ case AUTH_RULE_IKE_SIGNATURE_SCHEME:
+ {
+ return signature_params_equal(e1->value, e2->value);
+ }
case AUTH_RULE_CERT_POLICY:
case AUTH_RULE_XAUTH_BACKEND:
case AUTH_HELPER_IM_HASH_URL:
@@ -351,6 +354,12 @@ static void destroy_entry_value(entry_t *entry)
free(entry->value);
break;
}
+ case AUTH_RULE_SIGNATURE_SCHEME:
+ case AUTH_RULE_IKE_SIGNATURE_SCHEME:
+ {
+ signature_params_destroy(entry->value);
+ break;
+ }
case AUTH_RULE_IDENTITY_LOOSE:
case AUTH_RULE_AUTH_CLASS:
case AUTH_RULE_EAP_TYPE:
@@ -360,8 +369,6 @@ static void destroy_entry_value(entry_t *entry)
case AUTH_RULE_RSA_STRENGTH:
case AUTH_RULE_ECDSA_STRENGTH:
case AUTH_RULE_BLISS_STRENGTH:
- case AUTH_RULE_SIGNATURE_SCHEME:
- case AUTH_RULE_IKE_SIGNATURE_SCHEME:
case AUTH_RULE_CERT_VALIDATION_SUSPENDED:
case AUTH_RULE_MAX:
break;
@@ -394,8 +401,6 @@ static void replace(private_auth_cfg_t *this, entry_enumerator_t *enumerator,
case AUTH_RULE_RSA_STRENGTH:
case AUTH_RULE_ECDSA_STRENGTH:
case AUTH_RULE_BLISS_STRENGTH:
- case AUTH_RULE_SIGNATURE_SCHEME:
- case AUTH_RULE_IKE_SIGNATURE_SCHEME:
case AUTH_RULE_CERT_VALIDATION_SUSPENDED:
/* integer type */
entry->value = (void*)(uintptr_t)va_arg(args, u_int);
@@ -410,6 +415,8 @@ static void replace(private_auth_cfg_t *this, entry_enumerator_t *enumerator,
case AUTH_RULE_IM_CERT:
case AUTH_RULE_SUBJECT_CERT:
case AUTH_RULE_CERT_POLICY:
+ case AUTH_RULE_SIGNATURE_SCHEME:
+ case AUTH_RULE_IKE_SIGNATURE_SCHEME:
case AUTH_HELPER_IM_CERT:
case AUTH_HELPER_SUBJECT_CERT:
case AUTH_HELPER_IM_HASH_URL:
@@ -472,9 +479,6 @@ METHOD(auth_cfg_t, get, void*,
case AUTH_RULE_ECDSA_STRENGTH:
case AUTH_RULE_BLISS_STRENGTH:
return (void*)0;
- case AUTH_RULE_SIGNATURE_SCHEME:
- case AUTH_RULE_IKE_SIGNATURE_SCHEME:
- return (void*)HASH_UNKNOWN;
case AUTH_RULE_CRL_VALIDATION:
case AUTH_RULE_OCSP_VALIDATION:
return (void*)VALIDATION_FAILED;
@@ -491,6 +495,8 @@ METHOD(auth_cfg_t, get, void*,
case AUTH_RULE_IM_CERT:
case AUTH_RULE_SUBJECT_CERT:
case AUTH_RULE_CERT_POLICY:
+ case AUTH_RULE_SIGNATURE_SCHEME:
+ case AUTH_RULE_IKE_SIGNATURE_SCHEME:
case AUTH_HELPER_IM_CERT:
case AUTH_HELPER_SUBJECT_CERT:
case AUTH_HELPER_IM_HASH_URL:
@@ -526,18 +532,46 @@ static void add(private_auth_cfg_t *this, auth_rule_t type, ...)
}
}
+/**
+ * Create a constraint for RSA/PSS signatures
+ */
+static signature_params_t *create_rsa_pss_constraint(char *token)
+{
+ signature_params_t *params = NULL;
+ hash_algorithm_t hash;
+
+ if (enum_from_name(hash_algorithm_short_names, token, &hash))
+ {
+ rsa_pss_params_t pss = {
+ .hash = hash,
+ .mgf1_hash = hash,
+ .salt_len = RSA_PSS_SALT_LEN_DEFAULT,
+ };
+ signature_params_t pss_params = {
+ .scheme = SIGN_RSA_EMSA_PSS,
+ .params = &pss,
+ };
+ params = signature_params_clone(&pss_params);
+ }
+ return params;
+}
+
METHOD(auth_cfg_t, add_pubkey_constraints, void,
private_auth_cfg_t *this, char* constraints, bool ike)
{
enumerator_t *enumerator;
- bool is_ike = FALSE, ike_added = FALSE;
+ bool ike_added = FALSE, rsa_pss;
key_type_t expected_type = -1;
auth_rule_t expected_strength = AUTH_RULE_MAX;
+ signature_params_t *params;
int strength;
- char *token;
+ char *token, *key_token = NULL;
auth_rule_t type;
void *value;
+ rsa_pss = lib->settings->get_bool(lib->settings, "%s.rsa_pss", FALSE,
+ lib->ns);
+
enumerator = enumerator_create_token(constraints, "-", "");
while (enumerator->enumerate(enumerator, &token))
{
@@ -583,67 +617,117 @@ METHOD(auth_cfg_t, add_pubkey_constraints, void,
}
if (streq(token, "rsa") || streq(token, "ike:rsa"))
{
+ key_token = token;
+ expected_type = KEY_RSA;
+ expected_strength = AUTH_RULE_RSA_STRENGTH;
+ continue;
+ }
+ if (streq(token, "rsa/pss") || streq(token, "ike:rsa/pss"))
+ {
+ key_token = token;
expected_type = KEY_RSA;
expected_strength = AUTH_RULE_RSA_STRENGTH;
- is_ike = strpfx(token, "ike:");
continue;
}
if (streq(token, "ecdsa") || streq(token, "ike:ecdsa"))
{
+ key_token = token;
expected_type = KEY_ECDSA;
expected_strength = AUTH_RULE_ECDSA_STRENGTH;
- is_ike = strpfx(token, "ike:");
continue;
}
if (streq(token, "ed25519") || streq(token, "ike:ed25519"))
{
+ key_token = token;
expected_type = KEY_ED25519;
- is_ike = strpfx(token, "ike:");
continue;
}
if (streq(token, "ed448") || streq(token, "ike:ed448"))
{
+ key_token = token;
expected_type = KEY_ED448;
- is_ike = strpfx(token, "ike:");
continue;
}
if (streq(token, "bliss") || streq(token, "ike:bliss"))
{
+ key_token = token;
expected_type = KEY_BLISS;
expected_strength = AUTH_RULE_BLISS_STRENGTH;
- is_ike = strpfx(token, "ike:");
continue;
}
if (streq(token, "pubkey") || streq(token, "ike:pubkey"))
{
+ key_token = token;
expected_type = KEY_ANY;
- is_ike = strpfx(token, "ike:");
continue;
}
- if (is_ike && !ike)
+ if (key_token && strpfx(key_token, "ike:") && !ike)
{
continue;
}
- for (i = 0; i < countof(schemes); i++)
+ if (key_token && streq(key_token + strlen(key_token) - 3, "pss"))
+ {
+ params = create_rsa_pss_constraint(token);
+ if (params)
+ {
+ if (strpfx(key_token, "ike:"))
+ {
+ add(this, AUTH_RULE_IKE_SIGNATURE_SCHEME, params);
+ ike_added = TRUE;
+ }
+ else
+ {
+ add(this, AUTH_RULE_SIGNATURE_SCHEME, params);
+ }
+ found = TRUE;
+ }
+ }
+ else
{
- if (streq(schemes[i].name, token))
+ if (rsa_pss)
{
- if (expected_type == KEY_ANY || expected_type == schemes[i].key)
+ if (expected_type == KEY_ANY ||
+ expected_type == KEY_RSA)
{
- if (is_ike)
+ params = create_rsa_pss_constraint(token);
+ if (params)
{
- add(this, AUTH_RULE_IKE_SIGNATURE_SCHEME,
- (uintptr_t)schemes[i].scheme);
- ike_added = TRUE;
+ if (strpfx(key_token, "ike:"))
+ {
+ add(this, AUTH_RULE_IKE_SIGNATURE_SCHEME, params);
+ ike_added = TRUE;
+ }
+ else
+ {
+ add(this, AUTH_RULE_SIGNATURE_SCHEME, params);
+ }
+ found = TRUE;
}
- else
+ }
+ }
+ for (i = 0; i < countof(schemes); i++)
+ {
+ if (streq(schemes[i].name, token))
+ {
+ if (expected_type == KEY_ANY ||
+ expected_type == schemes[i].key)
{
- add(this, AUTH_RULE_SIGNATURE_SCHEME,
- (uintptr_t)schemes[i].scheme);
+ INIT(params,
+ .scheme = schemes[i].scheme,
+ );
+ if (strpfx(key_token, "ike:"))
+ {
+ add(this, AUTH_RULE_IKE_SIGNATURE_SCHEME, params);
+ ike_added = TRUE;
+ }
+ else
+ {
+ add(this, AUTH_RULE_SIGNATURE_SCHEME, params);
+ }
}
+ found = TRUE;
}
- found = TRUE;
}
}
if (!found)
@@ -666,7 +750,7 @@ METHOD(auth_cfg_t, add_pubkey_constraints, void,
if (type == AUTH_RULE_SIGNATURE_SCHEME)
{
add(this, AUTH_RULE_IKE_SIGNATURE_SCHEME,
- (uintptr_t)value);
+ signature_params_clone(value));
}
}
enumerator->destroy(enumerator);
@@ -681,20 +765,20 @@ static bool complies_scheme(private_auth_cfg_t *this, auth_cfg_t *constraints,
{
enumerator_t *e1, *e2;
auth_rule_t t1, t2;
- signature_scheme_t scheme;
- void *value;
+ signature_params_t *params, *constraint;
bool success = TRUE;
e2 = create_enumerator(this);
- while (e2->enumerate(e2, &t2, &scheme))
+ while (e2->enumerate(e2, &t2, &params))
{
if (t2 == type)
{
success = FALSE;
e1 = constraints->create_enumerator(constraints);
- while (e1->enumerate(e1, &t1, &value))
+ while (e1->enumerate(e1, &t1, &constraint))
{
- if (t1 == type && (uintptr_t)value == scheme)
+ if (t1 == type &&
+ signature_params_comply(constraint, params))
{
success = TRUE;
break;
@@ -707,7 +791,7 @@ static bool complies_scheme(private_auth_cfg_t *this, auth_cfg_t *constraints,
{
DBG1(DBG_CFG, "%s signature scheme %N not acceptable",
AUTH_RULE_SIGNATURE_SCHEME == type ? "X.509" : "IKE",
- signature_scheme_names, (int)scheme);
+ signature_scheme_names, params->scheme);
}
break;
}
@@ -725,7 +809,7 @@ METHOD(auth_cfg_t, complies, bool,
bool ca_match = FALSE, cert_match = FALSE;
identification_t *require_group = NULL;
certificate_t *require_ca = NULL, *require_cert = NULL;
- signature_scheme_t ike_scheme = SIGN_UNKNOWN, scheme = SIGN_UNKNOWN;
+ signature_params_t *ike_scheme = NULL, *scheme = NULL;
u_int strength = 0;
auth_rule_t t1, t2;
char *key_type;
@@ -928,12 +1012,12 @@ METHOD(auth_cfg_t, complies, bool,
}
case AUTH_RULE_IKE_SIGNATURE_SCHEME:
{
- ike_scheme = (uintptr_t)value;
+ ike_scheme = value;
break;
}
case AUTH_RULE_SIGNATURE_SCHEME:
{
- scheme = (uintptr_t)value;
+ scheme = value;
break;
}
case AUTH_RULE_CERT_POLICY:
@@ -983,12 +1067,12 @@ METHOD(auth_cfg_t, complies, bool,
/* Check if we have a matching constraint (or none at all) for used
* signature schemes. */
- if (success && scheme != SIGN_UNKNOWN)
+ if (success && scheme)
{
success = complies_scheme(this, constraints,
AUTH_RULE_SIGNATURE_SCHEME, log_error);
}
- if (success && ike_scheme != SIGN_UNKNOWN)
+ if (success && ike_scheme)
{
success = complies_scheme(this, constraints,
AUTH_RULE_IKE_SIGNATURE_SCHEME, log_error);
@@ -1114,8 +1198,6 @@ static void merge(private_auth_cfg_t *this, private_auth_cfg_t *other, bool copy
case AUTH_RULE_RSA_STRENGTH:
case AUTH_RULE_ECDSA_STRENGTH:
case AUTH_RULE_BLISS_STRENGTH:
- case AUTH_RULE_SIGNATURE_SCHEME:
- case AUTH_RULE_IKE_SIGNATURE_SCHEME:
case AUTH_RULE_CERT_VALIDATION_SUSPENDED:
{
add(this, type, (uintptr_t)value);
@@ -1132,6 +1214,12 @@ static void merge(private_auth_cfg_t *this, private_auth_cfg_t *other, bool copy
add(this, type, id->clone(id));
break;
}
+ case AUTH_RULE_SIGNATURE_SCHEME:
+ case AUTH_RULE_IKE_SIGNATURE_SCHEME:
+ {
+ add(this, type, signature_params_clone(value));
+ break;
+ }
case AUTH_RULE_XAUTH_BACKEND:
case AUTH_RULE_CERT_POLICY:
case AUTH_HELPER_IM_HASH_URL:
@@ -1286,11 +1374,15 @@ METHOD(auth_cfg_t, clone_, auth_cfg_t*,
case AUTH_RULE_RSA_STRENGTH:
case AUTH_RULE_ECDSA_STRENGTH:
case AUTH_RULE_BLISS_STRENGTH:
- case AUTH_RULE_SIGNATURE_SCHEME:
- case AUTH_RULE_IKE_SIGNATURE_SCHEME:
case AUTH_RULE_CERT_VALIDATION_SUSPENDED:
clone->add(clone, type, (uintptr_t)value);
break;
+ case AUTH_RULE_SIGNATURE_SCHEME:
+ case AUTH_RULE_IKE_SIGNATURE_SCHEME:
+ {
+ clone->add(clone, type, signature_params_clone(value));
+ break;
+ }
case AUTH_RULE_MAX:
break;
}
diff --git a/src/libstrongswan/credentials/auth_cfg.h b/src/libstrongswan/credentials/auth_cfg.h
index 7191dc1bc..2eb448546 100644
--- a/src/libstrongswan/credentials/auth_cfg.h
+++ b/src/libstrongswan/credentials/auth_cfg.h
@@ -106,9 +106,9 @@ enum auth_rule_t {
AUTH_RULE_ECDSA_STRENGTH,
/** required BLISS public key strength, u_int in bits */
AUTH_RULE_BLISS_STRENGTH,
- /** required signature scheme, signature_scheme_t */
+ /** required signature scheme, signature_params_t* */
AUTH_RULE_SIGNATURE_SCHEME,
- /** required signature scheme for IKE authentication, signature_scheme_t */
+ /** required signature scheme for IKE authentication, signature_params_t* */
AUTH_RULE_IKE_SIGNATURE_SCHEME,
/** certificatePolicy constraint, numerical OID as char* */
AUTH_RULE_CERT_POLICY,
diff --git a/src/libstrongswan/credentials/builder.c b/src/libstrongswan/credentials/builder.c
index baa17c47d..0239ee17e 100644
--- a/src/libstrongswan/credentials/builder.c
+++ b/src/libstrongswan/credentials/builder.c
@@ -37,6 +37,7 @@ ENUM(builder_part_names, BUILD_FROM_FILE, BUILD_END,
"BUILD_NOT_BEFORE_TIME",
"BUILD_NOT_AFTER_TIME",
"BUILD_SERIAL",
+ "BUILD_SIGNATURE_SCHEME",
"BUILD_DIGEST_ALG",
"BUILD_ENCRYPTION_ALG",
"BUILD_AC_GROUP_STRINGS",
diff --git a/src/libstrongswan/credentials/builder.h b/src/libstrongswan/credentials/builder.h
index 1c6f5001b..7928ef487 100644
--- a/src/libstrongswan/credentials/builder.h
+++ b/src/libstrongswan/credentials/builder.h
@@ -56,7 +56,7 @@ enum builder_part_t {
BUILD_BLOB_PEM,
/** OpenPGP key blob, chunk_t */
BUILD_BLOB_PGP,
- /** DNS public key blob (RFC 4034, RSA specifc RFC 3110), chunk_t */
+ /** DNS public key blob (RFC 4034, RSA specific RFC 3110), chunk_t */
BUILD_BLOB_DNSKEY,
/** SSH public key blob (RFC 4253), chunk_t */
BUILD_BLOB_SSHKEY,
@@ -84,6 +84,8 @@ enum builder_part_t {
BUILD_NOT_AFTER_TIME,
/** a serial number in binary form, chunk_t */
BUILD_SERIAL,
+ /** signature scheme and parameters for signature, signature_params_t* */
+ BUILD_SIGNATURE_SCHEME,
/** digest algorithm to be used for signature, hash_algorithm_t */
BUILD_DIGEST_ALG,
/** encryption algorithm to use, encryption_algorithm_t */
diff --git a/src/libstrongswan/credentials/certificates/certificate.h b/src/libstrongswan/credentials/certificates/certificate.h
index d59126bd5..6dc5c7694 100644
--- a/src/libstrongswan/credentials/certificates/certificate.h
+++ b/src/libstrongswan/credentials/certificates/certificate.h
@@ -25,9 +25,9 @@ typedef struct certificate_t certificate_t;
typedef enum certificate_type_t certificate_type_t;
typedef enum cert_validation_t cert_validation_t;
-#include <library.h>
#include <utils/identification.h>
#include <credentials/keys/public_key.h>
+#include <credentials/keys/signature_params.h>
#include <credentials/cred_encoding.h>
/**
@@ -139,11 +139,12 @@ struct certificate_t {
* Check if this certificate is issued and signed by a specific issuer.
*
* @param issuer issuer's certificate
- * @param scheme receives signature scheme used during verification
+ * @param scheme receives used signature scheme and parameters, if
+ * given (allocated)
* @return TRUE if certificate issued by issuer and trusted
*/
bool (*issued_by)(certificate_t *this, certificate_t *issuer,
- signature_scheme_t *scheme);
+ signature_params_t **scheme);
/**
* Get the public key associated to this certificate.
diff --git a/src/libstrongswan/credentials/certificates/x509.c b/src/libstrongswan/credentials/certificates/x509.c
index 5eefa0bb4..d39ba1997 100644
--- a/src/libstrongswan/credentials/certificates/x509.c
+++ b/src/libstrongswan/credentials/certificates/x509.c
@@ -25,3 +25,12 @@ ENUM_NEXT(x509_flag_names, X509_ANY, X509_ANY, X509_OCSP_SIGNER,
"ANY");
ENUM_END(x509_flag_names, X509_ANY);
+/*
+ * Described in header
+ */
+void x509_cdp_destroy(x509_cdp_t *this)
+{
+ free(this->uri);
+ DESTROY_IF(this->issuer);
+ free(this);
+}
diff --git a/src/libstrongswan/credentials/certificates/x509.h b/src/libstrongswan/credentials/certificates/x509.h
index 601c034ef..2c640e2da 100644
--- a/src/libstrongswan/credentials/certificates/x509.h
+++ b/src/libstrongswan/credentials/certificates/x509.h
@@ -210,8 +210,11 @@ struct x509_t {
* @return enumerator over x509_policy_mapping
*/
enumerator_t* (*create_policy_mapping_enumerator)(x509_t *this);
-
-
};
+/**
+ * Destroy an x509_cdp_t instance.
+ */
+void x509_cdp_destroy(x509_cdp_t *this);
+
#endif /** X509_H_ @}*/
diff --git a/src/libstrongswan/credentials/containers/pkcs12.c b/src/libstrongswan/credentials/containers/pkcs12.c
index 9e7815d04..8cc6a6c63 100644
--- a/src/libstrongswan/credentials/containers/pkcs12.c
+++ b/src/libstrongswan/credentials/containers/pkcs12.c
@@ -15,6 +15,7 @@
#include "pkcs12.h"
+#include <library.h>
#include <utils/debug.h>
/**
diff --git a/src/libstrongswan/credentials/cred_encoding.h b/src/libstrongswan/credentials/cred_encoding.h
index 0b6536430..1129357ba 100644
--- a/src/libstrongswan/credentials/cred_encoding.h
+++ b/src/libstrongswan/credentials/cred_encoding.h
@@ -25,7 +25,7 @@ typedef struct cred_encoding_t cred_encoding_t;
typedef enum cred_encoding_type_t cred_encoding_type_t;
typedef enum cred_encoding_part_t cred_encoding_part_t;
-#include <library.h>
+#include <utils/chunk.h>
/**
* Credential encoder function implementing encoding/fingerprinting.
diff --git a/src/libstrongswan/credentials/credential_manager.c b/src/libstrongswan/credentials/credential_manager.c
index 9be7407ef..21b23f543 100644
--- a/src/libstrongswan/credentials/credential_manager.c
+++ b/src/libstrongswan/credentials/credential_manager.c
@@ -488,7 +488,7 @@ METHOD(credential_manager_t, remove_local_set, void,
METHOD(credential_manager_t, issued_by, bool,
private_credential_manager_t *this, certificate_t *subject,
- certificate_t *issuer, signature_scheme_t *scheme)
+ certificate_t *issuer, signature_params_t **scheme)
{
if (this->cache)
{
@@ -661,7 +661,7 @@ static certificate_t *get_pretrusted_cert(private_credential_manager_t *this,
*/
static certificate_t *get_issuer_cert(private_credential_manager_t *this,
certificate_t *subject, bool trusted,
- signature_scheme_t *scheme)
+ signature_params_t **scheme)
{
enumerator_t *enumerator;
certificate_t *issuer = NULL, *candidate;
@@ -723,7 +723,7 @@ static bool verify_trust_chain(private_credential_manager_t *this,
{
certificate_t *current, *issuer;
auth_cfg_t *auth;
- signature_scheme_t scheme;
+ signature_params_t *scheme;
int pathlen;
auth = auth_cfg_create();
diff --git a/src/libstrongswan/credentials/credential_manager.h b/src/libstrongswan/credentials/credential_manager.h
index 022ca566c..d99f29b85 100644
--- a/src/libstrongswan/credentials/credential_manager.h
+++ b/src/libstrongswan/credentials/credential_manager.h
@@ -241,12 +241,13 @@ struct credential_manager_t {
*
* @param subject subject certificate to check
* @param issuer issuer certificate that potentially has signed subject
- * @param scheme receives used signature scheme, if given
+ * @param scheme receives used signature scheme and parameters, if
+ * given (allocated)
* @return TRUE if issuer signed subject
*/
bool (*issued_by)(credential_manager_t *this,
certificate_t *subject, certificate_t *issuer,
- signature_scheme_t *scheme);
+ signature_params_t **scheme);
/**
* Register a credential set to the manager.
diff --git a/src/libstrongswan/credentials/keys/private_key.h b/src/libstrongswan/credentials/keys/private_key.h
index b9f7dad55..d7cfdd74d 100644
--- a/src/libstrongswan/credentials/keys/private_key.h
+++ b/src/libstrongswan/credentials/keys/private_key.h
@@ -1,6 +1,7 @@
/*
+ * Copyright (C) 2017 Tobias Brunner
* Copyright (C) 2007 Martin Willi
- * Hochschule fuer Technik Rapperswil
+ * HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
@@ -42,11 +43,12 @@ struct private_key_t {
* Create a signature over a chunk of data.
*
* @param scheme signature scheme to use
+ * @param params optional parameters required by the specified scheme
* @param data chunk of data to sign
* @param signature where to allocate created signature
* @return TRUE if signature created
*/
- bool (*sign)(private_key_t *this, signature_scheme_t scheme,
+ bool (*sign)(private_key_t *this, signature_scheme_t scheme, void *params,
chunk_t data, chunk_t *signature);
/**
* Decrypt a chunk of data.
diff --git a/src/libstrongswan/credentials/keys/public_key.c b/src/libstrongswan/credentials/keys/public_key.c
index 87f7e6664..89fa9b348 100644
--- a/src/libstrongswan/credentials/keys/public_key.c
+++ b/src/libstrongswan/credentials/keys/public_key.c
@@ -1,7 +1,7 @@
/*
- * Copyright (C) 2015 Tobias Brunner
- * Copyright (C) 2007 Martin Willi
+ * Copyright (C) 2015-2017 Tobias Brunner
* Copyright (C) 2014-2016 Andreas Steffen
+ * Copyright (C) 2007 Martin Willi
* HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
@@ -18,6 +18,7 @@
#include <asn1/oid.h>
#include "public_key.h"
+#include "signature_params.h"
ENUM(key_type_names, KEY_ANY, KEY_BLISS,
"ANY",
@@ -42,6 +43,7 @@ ENUM(signature_scheme_names, SIGN_UNKNOWN, SIGN_BLISS_WITH_SHA3_512,
"RSA_EMSA_PKCS1_SHA3_256",
"RSA_EMSA_PKCS1_SHA3_384",
"RSA_EMSA_PKCS1_SHA3_512",
+ "RSA_EMSA_PSS",
"ECDSA_WITH_SHA1_DER",
"ECDSA_WITH_SHA256_DER",
"ECDSA_WITH_SHA384_DER",
@@ -146,6 +148,8 @@ signature_scheme_t signature_scheme_from_oid(int oid)
return SIGN_RSA_EMSA_PKCS1_SHA3_384;
case OID_RSASSA_PKCS1V15_WITH_SHA3_512:
return SIGN_RSA_EMSA_PKCS1_SHA3_512;
+ case OID_RSASSA_PSS:
+ return SIGN_RSA_EMSA_PSS;
case OID_ECDSA_WITH_SHA1:
case OID_EC_PUBLICKEY:
return SIGN_ECDSA_WITH_SHA1_DER;
@@ -210,6 +214,8 @@ int signature_scheme_to_oid(signature_scheme_t scheme)
return OID_RSASSA_PKCS1V15_WITH_SHA3_384;
case SIGN_RSA_EMSA_PKCS1_SHA3_512:
return OID_RSASSA_PKCS1V15_WITH_SHA3_384;
+ case SIGN_RSA_EMSA_PSS:
+ return OID_RSASSA_PSS;
case SIGN_ECDSA_WITH_SHA1_DER:
return OID_ECDSA_WITH_SHA1;
case SIGN_ECDSA_WITH_SHA256_DER:
@@ -239,26 +245,42 @@ int signature_scheme_to_oid(signature_scheme_t scheme)
}
/**
+ * Parameters for RSA/PSS signature schemes
+ */
+#define PSS_PARAMS(bits) static rsa_pss_params_t pss_params_sha##bits = { \
+ .hash = HASH_SHA##bits, \
+ .mgf1_hash = HASH_SHA##bits, \
+ .salt_len = RSA_PSS_SALT_LEN_DEFAULT, \
+}
+
+PSS_PARAMS(256);
+PSS_PARAMS(384);
+PSS_PARAMS(512);
+
+/**
* Map for signature schemes to the key type and maximum key size allowed.
* We only cover schemes with hash algorithms supported by IKEv2 signature
* authentication.
*/
static struct {
- signature_scheme_t scheme;
key_type_t type;
int max_keysize;
+ signature_params_t params;
} scheme_map[] = {
- { SIGN_RSA_EMSA_PKCS1_SHA2_256, KEY_RSA, 3072 },
- { SIGN_RSA_EMSA_PKCS1_SHA2_384, KEY_RSA, 7680 },
- { SIGN_RSA_EMSA_PKCS1_SHA2_512, KEY_RSA, 0 },
- { SIGN_ECDSA_WITH_SHA256_DER, KEY_ECDSA, 256 },
- { SIGN_ECDSA_WITH_SHA384_DER, KEY_ECDSA, 384 },
- { SIGN_ECDSA_WITH_SHA512_DER, KEY_ECDSA, 0 },
- { SIGN_ED25519, KEY_ED25519, 0 },
- { SIGN_ED448, KEY_ED448, 0 },
- { SIGN_BLISS_WITH_SHA2_256, KEY_BLISS, 128 },
- { SIGN_BLISS_WITH_SHA2_384, KEY_BLISS, 192 },
- { SIGN_BLISS_WITH_SHA2_512, KEY_BLISS, 0 }
+ { KEY_RSA, 3072, { .scheme = SIGN_RSA_EMSA_PSS, .params = &pss_params_sha256, }},
+ { KEY_RSA, 7680, { .scheme = SIGN_RSA_EMSA_PSS, .params = &pss_params_sha384, }},
+ { KEY_RSA, 0, { .scheme = SIGN_RSA_EMSA_PSS, .params = &pss_params_sha512, }},
+ { KEY_RSA, 3072, { .scheme = SIGN_RSA_EMSA_PKCS1_SHA2_256 }},
+ { KEY_RSA, 7680, { .scheme = SIGN_RSA_EMSA_PKCS1_SHA2_384 }},
+ { KEY_RSA, 0, { .scheme = SIGN_RSA_EMSA_PKCS1_SHA2_512 }},
+ { KEY_ECDSA, 256, { .scheme = SIGN_ECDSA_WITH_SHA256_DER }},
+ { KEY_ECDSA, 384, { .scheme = SIGN_ECDSA_WITH_SHA384_DER }},
+ { KEY_ECDSA, 0, { .scheme = SIGN_ECDSA_WITH_SHA512_DER }},
+ { KEY_ED25519, 0, { .scheme = SIGN_ED25519 }},
+ { KEY_ED448, 0, { .scheme = SIGN_ED448 }},
+ { KEY_BLISS, 128, { .scheme = SIGN_BLISS_WITH_SHA2_256 }},
+ { KEY_BLISS, 192, { .scheme = SIGN_BLISS_WITH_SHA2_384 }},
+ { KEY_BLISS, 0, { .scheme = SIGN_BLISS_WITH_SHA2_512 }},
};
/**
@@ -274,9 +296,9 @@ typedef struct {
METHOD(enumerator_t, signature_schemes_enumerate, bool,
private_enumerator_t *this, va_list args)
{
- signature_scheme_t *scheme;
+ signature_params_t **params;
- VA_ARGS_VGET(args, scheme);
+ VA_ARGS_VGET(args, params);
while (++this->index < countof(scheme_map))
{
@@ -284,7 +306,7 @@ METHOD(enumerator_t, signature_schemes_enumerate, bool,
(this->size <= scheme_map[this->index].max_keysize ||
!scheme_map[this->index].max_keysize))
{
- *scheme = scheme_map[this->index].scheme;
+ *params = &scheme_map[this->index].params;
return TRUE;
}
}
@@ -332,6 +354,7 @@ key_type_t key_type_from_signature_scheme(signature_scheme_t scheme)
case SIGN_RSA_EMSA_PKCS1_SHA3_256:
case SIGN_RSA_EMSA_PKCS1_SHA3_384:
case SIGN_RSA_EMSA_PKCS1_SHA3_512:
+ case SIGN_RSA_EMSA_PSS:
return KEY_RSA;
case SIGN_ECDSA_WITH_SHA1_DER:
case SIGN_ECDSA_WITH_SHA256_DER:
diff --git a/src/libstrongswan/credentials/keys/public_key.h b/src/libstrongswan/credentials/keys/public_key.h
index 06c1aa488..877ed20a2 100644
--- a/src/libstrongswan/credentials/keys/public_key.h
+++ b/src/libstrongswan/credentials/keys/public_key.h
@@ -1,7 +1,7 @@
/*
- * Copyright (C) 2015 Tobias Brunner
- * Copyright (C) 2007 Martin Willi
+ * Copyright (C) 2015-2017 Tobias Brunner
* Copyright (C) 2014-2017 Andreas Steffen
+ * Copyright (C) 2007 Martin Willi
* HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
@@ -28,7 +28,6 @@ typedef enum key_type_t key_type_t;
typedef enum signature_scheme_t signature_scheme_t;
typedef enum encryption_scheme_t encryption_scheme_t;
-#include <library.h>
#include <utils/identification.h>
#include <credentials/cred_encoding.h>
@@ -89,6 +88,8 @@ enum signature_scheme_t {
SIGN_RSA_EMSA_PKCS1_SHA3_384,
/** EMSA-PKCS1_v1.5 signature as in PKCS#1 using RSA and SHA-3_512 */
SIGN_RSA_EMSA_PKCS1_SHA3_512,
+ /** EMSA-PSS signature as in PKCS#1 using RSA */
+ SIGN_RSA_EMSA_PSS,
/** ECDSA with SHA-1 using DER encoding as in RFC 3279 */
SIGN_ECDSA_WITH_SHA1_DER,
/** ECDSA with SHA-256 using DER encoding as in RFC 3279 */
@@ -168,12 +169,13 @@ struct public_key_t {
/**
* Verifies a signature against a chunk of data.
*
- * @param scheme signature scheme to use for verification, may be default
+ * @param scheme signature scheme to use for verification
+ * @param params optional parameters required by the specified scheme
* @param data data to check signature against
* @param signature signature to check
* @return TRUE if signature matches
*/
- bool (*verify)(public_key_t *this, signature_scheme_t scheme,
+ bool (*verify)(public_key_t *this, signature_scheme_t scheme, void *params,
chunk_t data, chunk_t signature);
/**
@@ -279,11 +281,11 @@ int signature_scheme_to_oid(signature_scheme_t scheme);
/**
* Enumerate signature schemes that are appropriate for a key of the given type
- * and size|strength.
+ * and size|strength ordered by increasing strength.
*
* @param type type of the key
* @param size size or strength of the key
- * @return enumerator over signature_scheme_t (increasing strength)
+ * @return enumerator over signature_params_t* (by strength)
*/
enumerator_t *signature_schemes_for_key(key_type_t type, int size);
diff --git a/src/libstrongswan/credentials/keys/signature_params.c b/src/libstrongswan/credentials/keys/signature_params.c
new file mode 100644
index 000000000..6b4d22e7b
--- /dev/null
+++ b/src/libstrongswan/credentials/keys/signature_params.c
@@ -0,0 +1,366 @@
+/*
+ * Copyright (C) 2017 Tobias Brunner
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "signature_params.h"
+
+#include <asn1/oid.h>
+#include <asn1/asn1_parser.h>
+
+/**
+ * Determine the salt length in case it is not configured
+ */
+static ssize_t rsa_pss_salt_length(rsa_pss_params_t *pss)
+{
+ ssize_t salt_len = pss->salt_len;
+
+ if (salt_len <= RSA_PSS_SALT_LEN_DEFAULT)
+ {
+ salt_len = hasher_hash_size(pss->hash);
+ if (!salt_len)
+ {
+ return -1;
+ }
+ }
+ return salt_len;
+}
+
+/**
+ * Compare two signature schemes and their parameters
+ */
+static bool compare_params(signature_params_t *a, signature_params_t *b,
+ bool strict)
+{
+ if (!a && !b)
+ {
+ return TRUE;
+ }
+ if (!a || !b)
+ {
+ return FALSE;
+ }
+ if (a->scheme != b->scheme)
+ {
+ return FALSE;
+ }
+ if (!a->params && !b->params)
+ {
+ return TRUE;
+ }
+ if (a->params && b->params)
+ {
+ switch (a->scheme)
+ {
+ case SIGN_RSA_EMSA_PSS:
+ {
+ rsa_pss_params_t *pss_a = a->params, *pss_b = b->params;
+
+ return pss_a->hash == pss_b->hash &&
+ pss_a->mgf1_hash == pss_b->mgf1_hash &&
+ (!strict ||
+ rsa_pss_salt_length(pss_a) == rsa_pss_salt_length(pss_b));
+ }
+ default:
+ break;
+ }
+ }
+ return FALSE;
+}
+
+/*
+ * Described in header
+ */
+bool signature_params_equal(signature_params_t *a, signature_params_t *b)
+{
+ return compare_params(a, b, TRUE);
+}
+
+/*
+ * Described in header
+ */
+bool signature_params_comply(signature_params_t *c, signature_params_t *s)
+{ /* the salt is variable, so it does not necessarily have to be the same */
+ return compare_params(c, s, FALSE);
+}
+
+/*
+ * Described in header
+ */
+signature_params_t *signature_params_clone(signature_params_t *this)
+{
+ signature_params_t *clone;
+
+ if (!this)
+ {
+ return NULL;
+ }
+
+ INIT(clone,
+ .scheme = this->scheme,
+ );
+ if (this->params)
+ {
+ switch (this->scheme)
+ {
+ case SIGN_RSA_EMSA_PSS:
+ {
+ rsa_pss_params_t *pss, *pss_clone;
+
+ pss = this->params;
+ INIT(pss_clone,
+ .hash = pss->hash,
+ .mgf1_hash = pss->mgf1_hash,
+ .salt_len = pss->salt_len,
+ /* ignore salt as only used for unit tests */
+ );
+ clone->params = pss_clone;
+ break;
+ }
+ default:
+ break;
+ }
+ }
+ return clone;
+}
+
+/*
+ * Described in header
+ */
+void signature_params_destroy(signature_params_t *this)
+{
+ if (this)
+ {
+ free(this->params);
+ free(this);
+ }
+}
+
+/*
+ * Described in header
+ */
+void signature_params_clear(signature_params_t *this)
+{
+ if (this)
+ {
+ free(this->params);
+ this->params = NULL;
+ this->scheme = SIGN_UNKNOWN;
+ }
+}
+
+/*
+ * Described in header
+ */
+bool signature_params_parse(chunk_t asn1, int level0,
+ signature_params_t *params)
+{
+ chunk_t parameters = chunk_empty;
+ int oid;
+
+ oid = asn1_parse_algorithmIdentifier(asn1, level0, &parameters);
+ params->scheme = signature_scheme_from_oid(oid);
+ switch (params->scheme)
+ {
+ case SIGN_UNKNOWN:
+ return FALSE;
+ case SIGN_RSA_EMSA_PSS:
+ {
+ rsa_pss_params_t *pss = malloc_thing(rsa_pss_params_t);
+
+ if (!rsa_pss_params_parse(parameters, level0+1, pss))
+ {
+ DBG1(DBG_IKE, "failed parsing RSASSA-PSS parameters");
+ free(pss);
+ return FALSE;
+ }
+ params->params = pss;
+ break;
+ }
+ default:
+ params->params = NULL;
+ break;
+ }
+ return TRUE;
+}
+
+/*
+ * Described in header
+ */
+bool signature_params_build(signature_params_t *params, chunk_t *asn1)
+{
+ chunk_t parameters = chunk_empty;
+ int oid;
+
+ oid = signature_scheme_to_oid(params->scheme);
+ if (oid == OID_UNKNOWN)
+ {
+ return FALSE;
+ }
+ if (params->scheme == SIGN_RSA_EMSA_PSS &&
+ !rsa_pss_params_build(params->params, &parameters))
+ {
+ return FALSE;
+ }
+ if (parameters.len)
+ {
+ *asn1 = asn1_algorithmIdentifier_params(oid, parameters);
+ }
+ else
+ {
+ *asn1 = asn1_algorithmIdentifier(oid);
+ }
+ return TRUE;
+}
+
+/**
+ * ASN.1 definition of RSASSA-PSS-params
+ */
+static const asn1Object_t RSASSAPSSParamsObjects[] = {
+ { 0, "RSASSA-PSS-params", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
+ { 1, "DEFAULT SHA-1", ASN1_CONTEXT_C_0, ASN1_DEF }, /* 1 */
+ { 2, "hashAlgorithm", ASN1_EOC, ASN1_RAW }, /* 2 */
+ { 1, "DEFAULT MGF1SHA1", ASN1_CONTEXT_C_1, ASN1_DEF }, /* 3 */
+ { 2, "maskGenAlgorithm",ASN1_EOC, ASN1_RAW }, /* 4 */
+ { 1, "DEFAULT 20", ASN1_CONTEXT_C_2, ASN1_DEF }, /* 5 */
+ { 2, "saltLength", ASN1_INTEGER, ASN1_BODY }, /* 6 */
+ { 1, "DEFAULT 1", ASN1_CONTEXT_C_3, ASN1_DEF }, /* 7 */
+ { 2, "trailerField", ASN1_INTEGER, ASN1_BODY }, /* 8 */
+ { 0, "exit", ASN1_EOC, ASN1_EXIT }
+};
+#define RSASSA_PSS_PARAMS_HASH_ALG 2
+#define RSASSA_PSS_PARAMS_MGF_ALG 4
+#define RSASSA_PSS_PARAMS_SALT_LEN 6
+#define RSASSA_PSS_PARAMS_TRAILER 8
+
+/*
+ * Described in header
+ */
+bool rsa_pss_params_parse(chunk_t asn1, int level0, rsa_pss_params_t *params)
+{
+ asn1_parser_t *parser;
+ chunk_t object;
+ int objectID, alg;
+ bool success = FALSE;
+
+ params->hash = HASH_SHA1;
+ params->mgf1_hash = HASH_SHA1;
+ params->salt_len = HASH_SIZE_SHA1;
+
+ parser = asn1_parser_create(RSASSAPSSParamsObjects, asn1);
+ parser->set_top_level(parser, level0);
+
+ while (parser->iterate(parser, &objectID, &object))
+ {
+ u_int level = parser->get_level(parser)+1;
+
+ switch (objectID)
+ {
+ case RSASSA_PSS_PARAMS_HASH_ALG:
+ if (object.len)
+ {
+ alg = asn1_parse_algorithmIdentifier(object, level, NULL);
+ params->hash = hasher_algorithm_from_oid(alg);
+ if (params->hash == HASH_UNKNOWN)
+ {
+ goto end;
+ }
+ }
+ break;
+ case RSASSA_PSS_PARAMS_MGF_ALG:
+ if (object.len)
+ {
+ chunk_t hash;
+
+ alg = asn1_parse_algorithmIdentifier(object, level, &hash);
+ if (alg != OID_MGF1)
+ {
+ goto end;
+ }
+ alg = asn1_parse_algorithmIdentifier(hash, level+1, NULL);
+ params->mgf1_hash = hasher_algorithm_from_oid(alg);
+ if (params->mgf1_hash == HASH_UNKNOWN)
+ {
+ goto end;
+ }
+ }
+ break;
+ case RSASSA_PSS_PARAMS_SALT_LEN:
+ if (object.len)
+ {
+ params->salt_len = (size_t)asn1_parse_integer_uint64(object);
+ }
+ break;
+ case RSASSA_PSS_PARAMS_TRAILER:
+ if (object.len && (object.len != 1 || *object.ptr != 1))
+ {
+ goto end;
+ }
+ break;
+ default:
+ break;
+ }
+ }
+ success = parser->success(parser);
+
+end:
+ parser->destroy(parser);
+ return success;
+}
+
+/*
+ * Described in header
+ */
+bool rsa_pss_params_build(rsa_pss_params_t *params, chunk_t *asn1)
+{
+ chunk_t hash = chunk_empty, mgf = chunk_empty, slen = chunk_empty;
+ ssize_t salt_len;
+ int alg;
+
+ if (params->hash != HASH_SHA1)
+ { /* with SHA-1 we MUST omit the field */
+ alg = hasher_algorithm_to_oid(params->hash);
+ if (alg == OID_UNKNOWN)
+ {
+ return FALSE;
+ }
+ hash = asn1_algorithmIdentifier(alg);
+ }
+ if (params->mgf1_hash != HASH_SHA1)
+ { /* with MGF1-SHA1 we MUST omit the field */
+ alg = hasher_algorithm_to_oid(params->mgf1_hash);
+ if (alg == OID_UNKNOWN)
+ {
+ chunk_free(&hash);
+ return FALSE;
+ }
+ mgf = asn1_algorithmIdentifier_params(OID_MGF1,
+ asn1_algorithmIdentifier(alg));
+ }
+ salt_len = rsa_pss_salt_length(params);
+ if (salt_len < 0)
+ {
+ chunk_free(&hash);
+ chunk_free(&mgf);
+ return FALSE;
+ }
+ else if (salt_len != HASH_SIZE_SHA1)
+ {
+ slen = asn1_integer("m", asn1_integer_from_uint64(salt_len));
+ }
+ *asn1 = asn1_wrap(ASN1_SEQUENCE, "mmm",
+ hash.len ? asn1_wrap(ASN1_CONTEXT_C_0, "m", hash) : chunk_empty,
+ mgf.len ? asn1_wrap(ASN1_CONTEXT_C_1, "m", mgf) : chunk_empty,
+ slen.len ? asn1_wrap(ASN1_CONTEXT_C_2, "m", slen) : chunk_empty);
+ return TRUE;
+}
diff --git a/src/libstrongswan/credentials/keys/signature_params.h b/src/libstrongswan/credentials/keys/signature_params.h
new file mode 100644
index 000000000..6934c5e88
--- /dev/null
+++ b/src/libstrongswan/credentials/keys/signature_params.h
@@ -0,0 +1,129 @@
+/*
+ * Copyright (C) 2017 Tobias Brunner
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup signature_params signature_params
+ * @{ @ingroup keys
+ */
+
+#ifndef SIGNATURE_PARAMS_H_
+#define SIGNATURE_PARAMS_H_
+
+typedef struct signature_params_t signature_params_t;
+typedef struct rsa_pss_params_t rsa_pss_params_t;
+
+#include <crypto/hashers/hasher.h>
+
+/**
+ * Signature scheme with parameters
+ */
+struct signature_params_t {
+ /** Signature scheme */
+ signature_scheme_t scheme;
+ /** Parameters, depending on scheme */
+ void *params;
+};
+
+/**
+ * Compare two signature schemes and their parameters
+ *
+ * @param a first scheme
+ * @param b second scheme
+ * @return TRUE if schemes and parameters are equal
+ */
+bool signature_params_equal(signature_params_t *a, signature_params_t *b);
+
+/**
+ * Compare two signature schemes and their parameters
+ *
+ * @param c constraint
+ * @param s scheme
+ * @return TRUE if scheme complies to constraint
+ */
+bool signature_params_comply(signature_params_t *c, signature_params_t *s);
+
+/**
+ * Clone the given scheme and parameters, if any
+ *
+ * @return cloned object
+ */
+signature_params_t *signature_params_clone(signature_params_t *this);
+
+/**
+ * Destroy the given scheme and parameters, if any
+ */
+void signature_params_destroy(signature_params_t *this);
+
+/**
+ * Clear the given parameters, if any, sets the scheme to SIGN_UNKNOWN
+ */
+void signature_params_clear(signature_params_t *this);
+
+/**
+ * Parse an ASN.1 algorithmIdentifier with parameters denoting a signature
+ * scheme.
+ *
+ * @param asn1 ASN.1 encoded RSASSA-PSS-params
+ * @param level0 current level of the ASN.1 parser
+ * @param params parsed parameters
+ * @return TRUE if successfully parsed
+ */
+bool signature_params_parse(chunk_t asn1, int level0,
+ signature_params_t *params);
+
+/**
+ * Build ASN.1 algorithmIdentifier with parameters denoting a signature scheme.
+ *
+ * @param params signature scheme and parameters to encode
+ * @param asn1 ASN.1 encoded algorithmIdentifier (allocated)
+ * @return TRUE if successfully built
+ */
+bool signature_params_build(signature_params_t *params, chunk_t *asn1);
+
+/**
+ * Parameters for SIGN_RSA_EMSA_PSS signature scheme
+ */
+struct rsa_pss_params_t {
+ /** Hash algorithm */
+ hash_algorithm_t hash;
+ /** Hash for the MGF1 function */
+ hash_algorithm_t mgf1_hash;
+ /** Salt length, use RSA_PSS_SALT_LEN_DEFAULT for length equal to hash */
+ ssize_t salt_len;
+ /** Salt value, for unit tests (not all implementations support this) */
+ chunk_t salt;
+#define RSA_PSS_SALT_LEN_DEFAULT -1
+};
+
+/**
+ * Parse the given ASN.1 algorithm identifier params
+ *
+ * @param asn1 ASN.1 encoded RSASSA-PSS-params
+ * @param level0 current level of the ASN.1 parser
+ * @param params parsed parameters
+ * @return TRUE if successfully parsed
+ */
+bool rsa_pss_params_parse(chunk_t asn1, int level0, rsa_pss_params_t *params);
+
+/**
+ * Build ASN.1 algorithm identifier params
+ *
+ * @param params parameters to encode
+ * @param asn1 ASN.1 encoded RSASSA-PSS-params (allocated)
+ * @return TRUE if successfully built
+ */
+bool rsa_pss_params_build(rsa_pss_params_t *params, chunk_t *asn1);
+
+#endif /** SIGNATURE_PARAMS_H_ @}*/
diff --git a/src/libstrongswan/credentials/sets/cert_cache.c b/src/libstrongswan/credentials/sets/cert_cache.c
index 92d5efdc6..0e64f0350 100644
--- a/src/libstrongswan/credentials/sets/cert_cache.c
+++ b/src/libstrongswan/credentials/sets/cert_cache.c
@@ -48,9 +48,9 @@ struct relation_t {
certificate_t *issuer;
/**
- * Signature scheme used to sign this relation
+ * Signature scheme and parameters used to sign this relation
*/
- signature_scheme_t scheme;
+ signature_params_t *scheme;
/**
* Cache hits
@@ -84,7 +84,7 @@ struct private_cert_cache_t {
*/
static void cache(private_cert_cache_t *this,
certificate_t *subject, certificate_t *issuer,
- signature_scheme_t scheme)
+ signature_params_t *scheme)
{
relation_t *rel;
int i, offset, try;
@@ -118,7 +118,8 @@ static void cache(private_cert_cache_t *this,
{
rel->subject->destroy(rel->subject);
rel->subject = subject->get_ref(subject);
- rel->scheme = scheme;
+ signature_params_destroy(rel->scheme);
+ rel->scheme = signature_params_clone(scheme);
return rel->lock->unlock(rel->lock);
}
}
@@ -139,7 +140,7 @@ static void cache(private_cert_cache_t *this,
{
rel->subject = subject->get_ref(subject);
rel->issuer = issuer->get_ref(issuer);
- rel->scheme = scheme;
+ rel->scheme = signature_params_clone(scheme);
return rel->lock->unlock(rel->lock);
}
rel->lock->unlock(rel->lock);
@@ -165,10 +166,11 @@ static void cache(private_cert_cache_t *this,
{
rel->subject->destroy(rel->subject);
rel->issuer->destroy(rel->issuer);
+ signature_params_destroy(rel->scheme);
}
rel->subject = subject->get_ref(subject);
rel->issuer = issuer->get_ref(issuer);
- rel->scheme = scheme;
+ rel->scheme = signature_params_clone(scheme);
rel->hits = 0;
return rel->lock->unlock(rel->lock);
}
@@ -180,11 +182,11 @@ static void cache(private_cert_cache_t *this,
METHOD(cert_cache_t, issued_by, bool,
private_cert_cache_t *this, certificate_t *subject, certificate_t *issuer,
- signature_scheme_t *schemep)
+ signature_params_t **schemep)
{
certificate_t *cached_issuer = NULL;
relation_t *found = NULL, *current;
- signature_scheme_t scheme;
+ signature_params_t *scheme;
int i;
for (i = 0; i < CACHE_SIZE; i++)
@@ -202,7 +204,7 @@ METHOD(cert_cache_t, issued_by, bool,
found = current;
if (schemep)
{
- *schemep = current->scheme;
+ *schemep = signature_params_clone(current->scheme);
}
}
else if (!cached_issuer)
@@ -225,6 +227,10 @@ METHOD(cert_cache_t, issued_by, bool,
{
*schemep = scheme;
}
+ else
+ {
+ signature_params_destroy(scheme);
+ }
DESTROY_IF(cached_issuer);
return TRUE;
}
@@ -383,8 +389,10 @@ METHOD(cert_cache_t, flush, void,
{
rel->subject->destroy(rel->subject);
rel->issuer->destroy(rel->issuer);
+ signature_params_destroy(rel->scheme);
rel->subject = NULL;
rel->issuer = NULL;
+ rel->scheme = NULL;
rel->hits = 0;
}
}
@@ -405,6 +413,7 @@ METHOD(cert_cache_t, destroy, void,
{
rel->subject->destroy(rel->subject);
rel->issuer->destroy(rel->issuer);
+ signature_params_destroy(rel->scheme);
}
rel->lock->destroy(rel->lock);
}
@@ -438,6 +447,7 @@ cert_cache_t *cert_cache_create()
{
this->relations[i].subject = NULL;
this->relations[i].issuer = NULL;
+ this->relations[i].scheme = NULL;
this->relations[i].hits = 0;
this->relations[i].lock = rwlock_create(RWLOCK_TYPE_DEFAULT);
}
diff --git a/src/libstrongswan/credentials/sets/cert_cache.h b/src/libstrongswan/credentials/sets/cert_cache.h
index 2bcdbe464..2235bc30d 100644
--- a/src/libstrongswan/credentials/sets/cert_cache.h
+++ b/src/libstrongswan/credentials/sets/cert_cache.h
@@ -45,12 +45,13 @@ struct cert_cache_t {
*
* @param subject certificate to verify
* @param issuer issuing certificate to verify subject
- * @param scheme receives used signature scheme, if given
+ * @param scheme receives used signature scheme and parameters, if
+ * given (allocated)
* @return TRUE if subject issued by issuer
*/
bool (*issued_by)(cert_cache_t *this,
certificate_t *subject, certificate_t *issuer,
- signature_scheme_t *scheme);
+ signature_params_t **scheme);
/**
* Flush the certificate cache.