Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add EVP_PKEY_RSA_PSS ameth. #86

Merged
merged 2 commits into from
Feb 8, 2021
Merged

Add EVP_PKEY_RSA_PSS ameth. #86

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
b4252fb
Add EVP_PKEY_RSA_PSS ameth.
bryce-shang Jan 22, 2021
2b13160
Add test to verify SubjectPublicKeyInfo decode.
bryce-shang Jan 22, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 3 additions & 1 deletion crypto/evp/evp.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -204,6 +204,8 @@ static const EVP_PKEY_ASN1_METHOD *evp_pkey_asn1_find(int nid) {
switch (nid) {
case EVP_PKEY_RSA:
return &rsa_asn1_meth;
case EVP_PKEY_RSA_PSS:
return &rsa_pss_asn1_meth;
case EVP_PKEY_EC:
return &ec_asn1_meth;
case EVP_PKEY_DSA:
Expand Down Expand Up @@ -238,7 +240,7 @@ int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key) {
}

RSA *EVP_PKEY_get0_RSA(const EVP_PKEY *pkey) {
if (pkey->type != EVP_PKEY_RSA) {
if (pkey->type != EVP_PKEY_RSA && pkey->type != EVP_PKEY_RSA_PSS) {
OPENSSL_PUT_ERROR(EVP, EVP_R_EXPECTING_AN_RSA_KEY);
return NULL;
}
Expand Down
1 change: 1 addition & 0 deletions crypto/evp/evp_asn1.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -71,6 +71,7 @@

static const EVP_PKEY_ASN1_METHOD *const kASN1Methods[] = {
&rsa_asn1_meth,
&rsa_pss_asn1_meth,
&ec_asn1_meth,
&dsa_asn1_meth,
&ed25519_asn1_meth,
Expand Down
112 changes: 112 additions & 0 deletions crypto/evp/evp_extra_test.cc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -238,6 +238,112 @@ static const uint8_t kExampleRSAKeyPKCS8[] = {
0x08, 0xf1, 0x2d, 0x86, 0x9d, 0xa5, 0x20, 0x1b, 0xe5, 0xdf,
};

// kExampleRSAPSSKeyPKCS8 is encoded in a PKCS #8 PrivateKeyInfo.
static const uint8_t kExampleRSAPSSKeyPKCS8[] = {
0x30, 0x82, 0x04, 0xbc, 0x02, 0x01, 0x00, 0x30, 0x0b, 0x06, 0x09, 0x2a,
0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0a, 0x04, 0x82, 0x04, 0xa8,
0x30, 0x82, 0x04, 0xa4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00,
0xad, 0x14, 0x61, 0x84, 0xf0, 0x6b, 0xa7, 0x1d, 0x16, 0xca, 0xef, 0xd1,
0x3f, 0x31, 0xb5, 0x92, 0xb8, 0xab, 0xa5, 0x03, 0xbc, 0x15, 0x27, 0x2b,
0x14, 0xbd, 0xde, 0x7d, 0x9c, 0xdc, 0xd3, 0x03, 0xc9, 0x86, 0x68, 0xb2,
0x9c, 0x71, 0xe8, 0xa0, 0x88, 0x8f, 0x7a, 0x6a, 0xee, 0x9b, 0x12, 0x93,
0x20, 0x51, 0x09, 0x9f, 0xbc, 0x47, 0xfe, 0xe5, 0x4d, 0x60, 0xf9, 0x74,
0x69, 0xed, 0x94, 0xbe, 0xf6, 0x7d, 0xc0, 0x5d, 0x80, 0xbe, 0x7b, 0x26,
0x82, 0x3d, 0xa2, 0xf6, 0xc1, 0x0c, 0x51, 0xff, 0xd3, 0xda, 0x66, 0xda,
0xd6, 0x1c, 0x83, 0x3e, 0xe9, 0x29, 0x1b, 0x24, 0xdd, 0xc3, 0x20, 0x4d,
0x5c, 0x7a, 0x0e, 0xb1, 0x51, 0xb6, 0xf9, 0x6a, 0xe1, 0x31, 0x6d, 0x0d,
0x90, 0x6c, 0x4e, 0x27, 0x07, 0x6f, 0xa8, 0xae, 0xe4, 0xfd, 0xf9, 0x8d,
0x45, 0x6e, 0x78, 0xa7, 0x97, 0x1d, 0x7f, 0xea, 0x17, 0x04, 0x80, 0x9d,
0xdd, 0x97, 0x97, 0x50, 0x6c, 0x0d, 0xfb, 0xf3, 0xbd, 0x3f, 0xc0, 0x14,
0x47, 0xeb, 0x30, 0x3c, 0x5e, 0x7f, 0xc5, 0x04, 0xf4, 0x97, 0xa7, 0x08,
0x2f, 0xca, 0x75, 0x22, 0x2d, 0xc8, 0x3b, 0x04, 0x1b, 0xb1, 0xb2, 0x1c,
0x97, 0x07, 0x20, 0x07, 0xe0, 0x3e, 0x27, 0x13, 0x01, 0x3a, 0xbb, 0x12,
0xda, 0xdd, 0xf0, 0x98, 0xef, 0xed, 0xd3, 0x49, 0xd8, 0x25, 0x04, 0x37,
0xf4, 0x6b, 0xc5, 0x38, 0x6e, 0xc5, 0x2c, 0xcb, 0x7b, 0xef, 0x56, 0xc6,
0xfe, 0x59, 0x17, 0x7c, 0x4f, 0xae, 0x33, 0xd0, 0x4f, 0xa8, 0xe4, 0x64,
0xeb, 0x75, 0xc9, 0x3f, 0x91, 0x98, 0xb4, 0x8d, 0x06, 0xf7, 0x27, 0x3c,
0x2a, 0x32, 0x5f, 0x7e, 0x33, 0x27, 0x10, 0xb7, 0xf2, 0x36, 0xef, 0x72,
0xea, 0x1f, 0xbf, 0x8e, 0x17, 0x94, 0xc6, 0x7a, 0x25, 0xf8, 0xce, 0x19,
0x95, 0x5c, 0x81, 0x35, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01,
0x01, 0x00, 0x8f, 0x37, 0xec, 0x32, 0x2b, 0x17, 0x89, 0xa3, 0x22, 0x77,
0x2e, 0xd6, 0xc1, 0x2a, 0x0b, 0x0b, 0xab, 0xd0, 0x2c, 0xad, 0xd8, 0x76,
0xd0, 0x80, 0x6f, 0x9b, 0x65, 0x7e, 0x1f, 0xcd, 0x02, 0xb7, 0x81, 0x8c,
0xbd, 0x19, 0xff, 0x26, 0xaa, 0xce, 0x1b, 0xf2, 0x4d, 0xe4, 0x2a, 0x29,
0x1b, 0xc7, 0xae, 0xd8, 0x1f, 0xd4, 0x93, 0xe2, 0x27, 0x63, 0xeb, 0x11,
0xb1, 0x99, 0xc9, 0x05, 0x95, 0x2e, 0x27, 0x9d, 0x8b, 0x0e, 0x54, 0x38,
0x4a, 0x83, 0x65, 0x06, 0x47, 0xd1, 0x53, 0x91, 0x34, 0x51, 0x33, 0x26,
0xe8, 0x31, 0x71, 0x37, 0x0a, 0xcb, 0x85, 0xf8, 0x43, 0xc3, 0xcf, 0xd5,
0x64, 0xe7, 0x5e, 0xfc, 0x89, 0x27, 0xe5, 0x6c, 0x39, 0x1b, 0x5d, 0xd8,
0x9e, 0x5a, 0xb9, 0x05, 0x45, 0xee, 0x39, 0xd3, 0x05, 0x8c, 0x23, 0x64,
0x9d, 0x99, 0x6e, 0xb8, 0xa9, 0x12, 0x54, 0x93, 0x4e, 0x82, 0x32, 0x86,
0xab, 0xe1, 0xd0, 0x59, 0xe7, 0x90, 0x61, 0x72, 0x74, 0xf6, 0x0b, 0x5f,
0xde, 0x64, 0xae, 0x23, 0x0d, 0x03, 0x8a, 0xf1, 0x83, 0xe6, 0x2a, 0x0c,
0x69, 0xee, 0x15, 0x6a, 0x23, 0xdc, 0x6c, 0xb4, 0x87, 0x30, 0xde, 0x6c,
0xca, 0x7a, 0xb1, 0x02, 0x83, 0x8b, 0x71, 0x96, 0x3f, 0x53, 0x57, 0xc7,
0xfe, 0x73, 0xd8, 0x2b, 0xd7, 0x82, 0x18, 0xd2, 0xe4, 0xe7, 0xb6, 0x75,
0x9f, 0xef, 0x41, 0xbb, 0xab, 0xad, 0x6e, 0x30, 0x5b, 0xbe, 0x39, 0x49,
0x3f, 0x6f, 0xe6, 0xdf, 0xfc, 0xf0, 0x6b, 0xac, 0x54, 0x63, 0x77, 0x28,
0x00, 0x03, 0xe4, 0x44, 0x7a, 0xc3, 0xdd, 0xab, 0x63, 0xe6, 0xcf, 0x30,
0xdf, 0xa5, 0xe0, 0xb2, 0xe7, 0x5f, 0x35, 0x51, 0x5d, 0xc9, 0x99, 0xb9,
0x6a, 0xab, 0xbc, 0x89, 0xaf, 0x3b, 0xbc, 0x02, 0x7a, 0xe1, 0x0c, 0xe7,
0x06, 0xf4, 0x2d, 0xb5, 0x12, 0x01, 0x02, 0x81, 0x81, 0x00, 0xe5, 0x29,
0x07, 0x4d, 0xbb, 0x17, 0x61, 0x50, 0xb9, 0xf1, 0x15, 0x23, 0x57, 0x93,
0x6b, 0xaf, 0x9c, 0xb5, 0xac, 0x70, 0x0a, 0x12, 0x01, 0x97, 0x2b, 0xb4,
0xd5, 0xc7, 0x18, 0xac, 0x01, 0x98, 0xf6, 0xbd, 0xbf, 0xd7, 0xb9, 0x88,
0x12, 0x81, 0x5a, 0x32, 0xb1, 0x9b, 0xde, 0x15, 0xe5, 0xea, 0x6e, 0x37,
0x08, 0x50, 0x26, 0xa0, 0x3e, 0x9a, 0x56, 0xe5, 0x50, 0xa0, 0x8a, 0x81,
0xfe, 0x87, 0xfe, 0x7d, 0x93, 0x60, 0x92, 0x25, 0xed, 0xee, 0x70, 0x4e,
0x49, 0xaa, 0xe1, 0xb0, 0xf9, 0x6e, 0x64, 0x76, 0x2e, 0x5b, 0x85, 0x29,
0x33, 0xfe, 0x61, 0x90, 0xa9, 0x24, 0x16, 0x7c, 0x4b, 0x23, 0x45, 0xbc,
0x1c, 0xa4, 0x28, 0xc3, 0x01, 0x47, 0x91, 0x34, 0x2b, 0x82, 0xdf, 0x94,
0x1d, 0xbb, 0xc6, 0x1b, 0xe9, 0x2a, 0x95, 0x12, 0xd3, 0x0e, 0x86, 0xe0,
0xa8, 0x3b, 0xb4, 0x58, 0x90, 0x75, 0x02, 0x81, 0x81, 0x00, 0xc1, 0x59,
0xdf, 0x24, 0xee, 0x30, 0x26, 0x3d, 0x6f, 0xd7, 0x36, 0xb4, 0x25, 0xb5,
0x7f, 0x8b, 0xf3, 0x8f, 0x0a, 0x7c, 0x08, 0x31, 0xe9, 0x45, 0x5d, 0xec,
0x53, 0x29, 0xec, 0xad, 0xec, 0x9b, 0xb0, 0x5b, 0x53, 0xc4, 0xb3, 0x85,
0x05, 0x26, 0x51, 0xc1, 0x62, 0xbb, 0xdb, 0x7a, 0x52, 0xbb, 0x0a, 0x77,
0xf0, 0x26, 0x01, 0x1f, 0x6b, 0x2d, 0x04, 0xd9, 0x0c, 0xe8, 0x2f, 0x63,
0xde, 0x22, 0x3a, 0xdb, 0x55, 0x75, 0xbd, 0x44, 0xc2, 0xc1, 0x57, 0x02,
0xbc, 0x92, 0x03, 0x55, 0xf3, 0x6f, 0x3e, 0xf8, 0x02, 0x5c, 0x46, 0x30,
0xfd, 0x95, 0x5b, 0x48, 0x1f, 0x26, 0xf3, 0x32, 0xaf, 0x8d, 0x25, 0x1c,
0x7e, 0xb2, 0xee, 0x33, 0x10, 0xf9, 0x4e, 0xed, 0xd4, 0x60, 0xdf, 0x86,
0x8f, 0x43, 0x26, 0x24, 0x5a, 0xb1, 0x23, 0xb4, 0xf2, 0xca, 0x40, 0x98,
0xa7, 0x59, 0x18, 0x06, 0x15, 0xc1, 0x02, 0x81, 0x80, 0x4e, 0xc8, 0x7b,
0x35, 0x53, 0x03, 0xe7, 0xb5, 0xfc, 0x27, 0x10, 0xf0, 0x54, 0x94, 0x5f,
0x2a, 0x41, 0xc3, 0x07, 0xa4, 0x81, 0x21, 0xcd, 0xa0, 0x2e, 0x2b, 0x7e,
0x6f, 0x73, 0x60, 0xf7, 0x2f, 0xa2, 0x6c, 0x7b, 0xbe, 0xeb, 0x8f, 0x07,
0x65, 0xa7, 0x1f, 0xd4, 0x85, 0xd4, 0xa5, 0x4c, 0xa4, 0xfa, 0xfd, 0x3a,
0x83, 0x6b, 0xb4, 0x1d, 0xb1, 0xab, 0xfc, 0x2c, 0x6a, 0xf5, 0x13, 0x59,
0xf1, 0x61, 0x21, 0xc5, 0x00, 0x27, 0x5e, 0x98, 0xdd, 0x27, 0x89, 0x12,
0xb4, 0x87, 0xe0, 0xf2, 0xef, 0xeb, 0xe3, 0xe1, 0x6e, 0x1f, 0x6a, 0x99,
0xf0, 0x73, 0x94, 0x6b, 0x41, 0xf7, 0xe5, 0x05, 0x63, 0xfb, 0xfe, 0x7f,
0x0e, 0x44, 0xe1, 0x3d, 0xd8, 0x5f, 0xe8, 0x42, 0xa9, 0x3c, 0xba, 0x4c,
0x3a, 0x99, 0x12, 0x51, 0x68, 0x0d, 0x56, 0x2a, 0x6f, 0x4d, 0x19, 0x81,
0x5c, 0xfd, 0x54, 0x91, 0x5d, 0x02, 0x81, 0x81, 0x00, 0x85, 0x1e, 0x5c,
0x1c, 0xb0, 0x04, 0xe4, 0x7f, 0x0d, 0xfe, 0x4d, 0x42, 0x70, 0x67, 0xea,
0x5d, 0xaf, 0x9d, 0x7e, 0xe9, 0x70, 0x36, 0xf4, 0xd4, 0xf6, 0x5a, 0x5b,
0xd3, 0x94, 0x89, 0x16, 0x4b, 0x06, 0x7b, 0x8a, 0x4b, 0xf6, 0x11, 0x12,
0x3f, 0x94, 0xb0, 0x21, 0x4b, 0x17, 0x4b, 0xbb, 0xa3, 0xdd, 0x0c, 0x40,
0x81, 0xd9, 0xea, 0x08, 0xbf, 0x21, 0x04, 0x52, 0xf7, 0x94, 0x91, 0x1c,
0x81, 0xd2, 0xa5, 0xe9, 0xcb, 0xbb, 0x38, 0x99, 0x21, 0xc5, 0xc7, 0x33,
0x8f, 0x0f, 0xce, 0xe0, 0x60, 0x6a, 0x29, 0x14, 0x6e, 0xf5, 0x40, 0x8b,
0x86, 0x86, 0x27, 0x3c, 0x93, 0x73, 0x83, 0x25, 0x0c, 0x77, 0x4d, 0x8c,
0x09, 0xa3, 0x27, 0xf3, 0x7a, 0xc2, 0x15, 0xca, 0x4f, 0xbb, 0xf5, 0x87,
0xb3, 0x02, 0x92, 0xab, 0x02, 0x24, 0x84, 0x53, 0x58, 0x5e, 0x6a, 0xfb,
0x64, 0xc2, 0xbe, 0x85, 0xc1, 0x02, 0x81, 0x80, 0x15, 0x7a, 0xc3, 0x94,
0x17, 0x82, 0xfc, 0xf8, 0x36, 0x96, 0xd1, 0x5a, 0x02, 0x6b, 0x85, 0xce,
0xf2, 0x31, 0xf3, 0xdd, 0xd3, 0x04, 0x7e, 0xaf, 0xec, 0xf9, 0x3c, 0xb9,
0x62, 0x3d, 0xfe, 0x84, 0xde, 0x2c, 0xc9, 0xb5, 0xa9, 0xf4, 0xd5, 0x22,
0x3b, 0x8f, 0x85, 0xb2, 0xe7, 0x4a, 0x07, 0x02, 0x83, 0xd4, 0x52, 0x02,
0x79, 0x14, 0x5a, 0xbc, 0x9b, 0x90, 0x04, 0x07, 0x84, 0xf2, 0xb5, 0x2d,
0xee, 0x4e, 0x26, 0xcd, 0x6d, 0xa7, 0x61, 0x59, 0xfa, 0x62, 0xbd, 0x47,
0x1a, 0x17, 0x82, 0x98, 0x22, 0x85, 0x5f, 0x0b, 0x0b, 0x29, 0x05, 0xfd,
0x56, 0x8a, 0xb2, 0x6e, 0xb1, 0x90, 0x82, 0x03, 0x15, 0xf2, 0x83, 0x5d,
0xb1, 0xc1, 0xfb, 0xa3, 0x07, 0xea, 0xd7, 0x6a, 0xba, 0x12, 0xa4, 0xbf,
0x8c, 0xf2, 0xc0, 0x72, 0x37, 0x7d, 0x25, 0xfa, 0xf3, 0x91, 0x7f, 0x22,
0x7c, 0x50, 0x31, 0xec,
};

// kExampleECKeyDER is a sample EC private key encoded as an ECPrivateKey
// structure.
static const uint8_t kExampleECKeyDER[] = {
Expand Down Expand Up @@ -463,6 +569,8 @@ TEST(EVPExtraTest, d2i_AutoPrivateKey) {
EVP_PKEY_RSA);
TestValidPrivateKey(kExampleRSAKeyPKCS8, sizeof(kExampleRSAKeyPKCS8),
EVP_PKEY_RSA);
TestValidPrivateKey(kExampleRSAPSSKeyPKCS8, sizeof(kExampleRSAPSSKeyPKCS8),
EVP_PKEY_RSA_PSS);
TestValidPrivateKey(kExampleECKeyDER, sizeof(kExampleECKeyDER), EVP_PKEY_EC);
TestValidPrivateKey(kExampleECKeyPKCS8, sizeof(kExampleECKeyPKCS8),
EVP_PKEY_EC);
Expand Down Expand Up @@ -521,6 +629,8 @@ TEST(EVPExtraTest, d2i_PrivateKey) {
sizeof(kExampleDSAKeyDER)));
EXPECT_TRUE(ParsePrivateKey(EVP_PKEY_RSA, kExampleRSAKeyPKCS8,
sizeof(kExampleRSAKeyPKCS8)));
EXPECT_TRUE(ParsePrivateKey(EVP_PKEY_RSA_PSS, kExampleRSAPSSKeyPKCS8,
sizeof(kExampleRSAPSSKeyPKCS8)));
EXPECT_TRUE(
ParsePrivateKey(EVP_PKEY_EC, kExampleECKeyDER, sizeof(kExampleECKeyDER)));

Expand All @@ -538,6 +648,8 @@ TEST(EVPExtraTest, d2i_PrivateKey) {
// Test that an RSA key may not be imported as an EC key.
EXPECT_FALSE(ParsePrivateKey(EVP_PKEY_EC, kExampleRSAKeyPKCS8,
sizeof(kExampleRSAKeyPKCS8)));
EXPECT_FALSE(ParsePrivateKey(EVP_PKEY_EC, kExampleRSAPSSKeyPKCS8,
sizeof(kExampleRSAPSSKeyPKCS8)));
ERR_clear_error();
}

Expand Down
1 change: 1 addition & 0 deletions crypto/evp/internal.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -253,6 +253,7 @@ typedef struct {
extern const EVP_PKEY_ASN1_METHOD dsa_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD ec_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD rsa_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD rsa_pss_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD ed25519_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD x25519_asn1_meth;

Expand Down
53 changes: 53 additions & 0 deletions crypto/evp/p_rsa_asn1.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -108,6 +108,19 @@ static int rsa_pub_decode(EVP_PKEY *out, CBS *params, CBS *key) {
return 1;
}

static int rsa_pss_pub_decode(EVP_PKEY *out, CBS *params, CBS *key) {
// TODO(shang): add pss paramters decode.
RSA *rsa = RSA_parse_public_key(key);
if (rsa == NULL || CBS_len(key) != 0) {
OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR);
RSA_free(rsa);
return 0;
}

EVP_PKEY_assign(out, EVP_PKEY_RSA_PSS, rsa);
return 1;
}

static int rsa_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b) {
return BN_cmp(b->pkey.rsa->n, a->pkey.rsa->n) == 0 &&
BN_cmp(b->pkey.rsa->e, a->pkey.rsa->e) == 0;
Expand Down Expand Up @@ -152,6 +165,19 @@ static int rsa_priv_decode(EVP_PKEY *out, CBS *params, CBS *key) {
return 1;
}

static int rsa_pss_priv_decode(EVP_PKEY *out, CBS *params, CBS *key) {
// TODO(shang): add pss paramters decode.
RSA *rsa = RSA_parse_private_key(key);
if (rsa == NULL || CBS_len(key) != 0) {
OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR);
RSA_free(rsa);
return 0;
}

EVP_PKEY_assign(out, EVP_PKEY_RSA_PSS, rsa);
return 1;
}

static int rsa_opaque(const EVP_PKEY *pkey) {
return RSA_is_opaque(pkey->pkey.rsa);
}
Expand Down Expand Up @@ -192,3 +218,30 @@ const EVP_PKEY_ASN1_METHOD rsa_asn1_meth = {

int_rsa_free,
};

const EVP_PKEY_ASN1_METHOD rsa_pss_asn1_meth = {
EVP_PKEY_RSA_PSS,
// 1.2.840.113549.1.1.10
{0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0a}, 9,

rsa_pss_pub_decode,
NULL /* pub_encode */,
rsa_pub_cmp,

rsa_pss_priv_decode,
NULL /* priv_encode */,

NULL /* set_priv_raw */,
NULL /* set_pub_raw */,
NULL /* get_priv_raw */,
NULL /* get_pub_raw */,

rsa_opaque,

int_rsa_size,
rsa_bits,

0,0,0,

int_rsa_free,
};
36 changes: 36 additions & 0 deletions crypto/x509/x509_test.cc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -201,6 +201,31 @@ Z0IL+OQFz6+LcTHxD27JJCebrATXZA0wThGTQDm7crL+a+SujBY=
-----END CERTIFICATE-----
)";

// kExampleRsassaPssCert is an example RSA-PSS self-signed certificate,
// signed with sha256. The Public Key Algorithm of 'kExamplePSSCert' is 'rsaEncryption'.
// But the Public Key Algorithm of'kExampleRsassaPssCert' is 'rsassaPss'.
static const char kExampleRsassaPssCert[] = R"(
-----BEGIN CERTIFICATE-----
MIIDDDCCAcMCFHg/A8W4Ltk2dAz6XmuAzRhcy2AzMD4GCSqGSIb3DQEBCjAxoA0w
CwYJYIZIAWUDBAIBoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCAaIEAgIA3jAN
MQswCQYDVQQDDAJDQTAgFw0xOTEyMTgxOTIyMjZaGA8yMTE5MTEyNDE5MjIyNlow
FjEUMBIGA1UEAwwLZXhhbXBsZS5jb20wggEgMAsGCSqGSIb3DQEBCgOCAQ8AMIIB
CgKCAQEArRRhhPBrpx0Wyu/RPzG1krirpQO8FScrFL3efZzc0wPJhmiynHHooIiP
emrumxKTIFEJn7xH/uVNYPl0ae2UvvZ9wF2Avnsmgj2i9sEMUf/T2mba1hyDPukp
GyTdwyBNXHoOsVG2+WrhMW0NkGxOJwdvqK7k/fmNRW54p5cdf+oXBICd3ZeXUGwN
+/O9P8AUR+swPF5/xQT0l6cIL8p1Ii3IOwQbsbIclwcgB+A+JxMBOrsS2t3wmO/t
00nYJQQ39GvFOG7FLMt771bG/lkXfE+uM9BPqORk63XJP5GYtI0G9yc8KjJffjMn
ELfyNu9y6h+/jheUxnol+M4ZlVyBNQIDAQABMD4GCSqGSIb3DQEBCjAxoA0wCwYJ
YIZIAWUDBAIBoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCAaIEAgIA3gOCAQEA
CYrASuTnV7G0Fs4YD4oYTHPtP3hmXnOqLYFwg5mkD1jNUQAoZ1228iswPduZQgO9
7A2vhI/qFW1efyWdElqC9RrTzldtdS9nAMeOJ6m+dXNfHbsPjZl2+g+kreAxCO7/
+tdZ/TBqAS6llEIo7EqMGPeE+HwwHa2Jv5La7HAT/KNA3jCGaucTGVV77CgWVc/c
NJq2EIf9DOe2+zokWnMQxbV84ks26uQy3CfF8UZrxwcr3aKJxzR29u2Io6vvnTs7
dJZFafFLwtdLF6n7/OuycizeY0z/PjBnZN7Xw3pTDruglf9wNco1m/hMdLqJ8XTi
/6wGTUyETfm7J2j9U1yy9g==
-----END CERTIFICATE-----
)";

// kBadPSSCertPEM is a self-signed RSA-PSS certificate with bad parameters.
static const char kBadPSSCertPEM[] = R"(
-----BEGIN CERTIFICATE-----
Expand Down Expand Up @@ -1452,6 +1477,17 @@ TEST(X509Test, TestPSS) {
ASSERT_TRUE(X509_verify(cert.get(), pkey.get()));
}

TEST(X509Test, TestRsaSsaPss) {
bssl::UniquePtr<X509> cert(CertFromPEM(kExampleRsassaPssCert));
ASSERT_TRUE(cert);

bssl::UniquePtr<EVP_PKEY> pkey(X509_get_pubkey(cert.get()));
ASSERT_TRUE(pkey);

// TODO(shang): reenable this verification when EVP_PKEY_RSA_PSS pmeth is implemented.
// ASSERT_TRUE(X509_verify(cert.get(), pkey.get()));
}

TEST(X509Test, TestPSSBadParameters) {
bssl::UniquePtr<X509> cert(CertFromPEM(kBadPSSCertPEM));
ASSERT_TRUE(cert);
Expand Down