Finish parsing RSASSA-PSS parameters

library/x509.c

@@ -137,6 +137,62 @@ int x509_get_alg( unsigned char **p, const unsigned char *end,
     return( 0 );
 }
 
+/*
+ * HashAlgorithm ::= AlgorithmIdentifier
+ *
+ * AlgorithmIdentifier  ::=  SEQUENCE  {
+ *      algorithm               OBJECT IDENTIFIER,
+ *      parameters              ANY DEFINED BY algorithm OPTIONAL  }
+ *
+ * For HashAlgorithm, parameters MUST be NULL or absent.
+ */
+static int x509_get_hash_alg( const x509_buf *alg, md_type_t *md_alg )
+{
+    int ret;
+    unsigned char *p;
+    const unsigned char *end;
+    x509_buf md_oid;
+    size_t len;
+
+    /* Make sure we got a SEQUENCE and setup bounds */
+    if( alg->tag != ( ASN1_CONSTRUCTED | ASN1_SEQUENCE ) )
+        return( POLARSSL_ERR_X509_INVALID_ALG +
+                POLARSSL_ERR_ASN1_UNEXPECTED_TAG );
+
+    p = (unsigned char *) alg->p;
+    end = p + alg->len;
+
+    if( p >= end )
+        return( POLARSSL_ERR_X509_INVALID_ALG +
+                POLARSSL_ERR_ASN1_OUT_OF_DATA );
+
+    /* Parse md_oid */
+    md_oid.tag = *p;
+
+    if( ( ret = asn1_get_tag( &p, end, &md_oid.len, ASN1_OID ) ) != 0 )
+        return( POLARSSL_ERR_X509_INVALID_ALG + ret );
+
+    md_oid.p = p;
+    p += md_oid.len;
+
+    /* Get md_alg from md_oid */
+    if( ( ret = oid_get_md_alg( &md_oid, md_alg ) ) != 0 )
+        return( POLARSSL_ERR_X509_INVALID_ALG + ret );
+
+    /* Make sure params is absent of NULL */
+    if( p == end )
+        return( 0 );
+
+    if( ( ret = asn1_get_tag( &p, end, &len, ASN1_NULL ) ) != 0 )
+        return( POLARSSL_ERR_X509_INVALID_ALG + ret );
+
+    if( p != end )
+        return( POLARSSL_ERR_X509_INVALID_ALG +
+                POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
+
+    return( 0 );
+}
+
 /*
  *    RSASSA-PSS-params  ::=  SEQUENCE  {
  *       hashAlgorithm     [0] HashAlgorithm DEFAULT sha1Identifier,
@@ -146,18 +202,18 @@ int x509_get_alg( unsigned char **p, const unsigned char *end,
  *    -- Note that the tags in this Sequence are explicit.
  */
 int x509_get_rsassa_pss_params( const x509_buf *params,
-                                md_type_t *md_alg,
-                                int *salt_len,
-                                int *trailer_field )
+                                md_type_t *md_alg, md_type_t *mgf_md,
+                                int *salt_len, int *trailer_field )
 {
     int ret;
     unsigned char *p;
     const unsigned char *end;
     size_t len;
-    x509_buf alg_id;
+    x509_buf alg_id, alg_params;
 
     /* First set everything to defaults */
     *md_alg = POLARSSL_MD_SHA1;
+    *mgf_md = POLARSSL_MD_SHA1;
     *salt_len = 20;
     *trailer_field = 1;
 
@@ -175,8 +231,12 @@ int x509_get_rsassa_pss_params( const x509_buf *params,
     if( ( ret = asn1_get_tag( &p, end, &len,
                     ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 0 ) ) == 0 )
     {
-        /* HashAlgorithm  ::=  AlgorithmIdentifier (without parameters) */
-        // TODO: WIP
+        /* HashAlgorithm ::= AlgorithmIdentifier (without parameters) */
+        if( ( ret = x509_get_alg_null( &p, p + len, &alg_id ) ) != 0 )
+            return( ret );
+
+        if( ( ret = oid_get_md_alg( &alg_id, md_alg ) ) != 0 )
+            return( POLARSSL_ERR_X509_INVALID_ALG + ret );
     }
     else if( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
         return( POLARSSL_ERR_X509_INVALID_ALG + ret );
@@ -184,8 +244,18 @@ int x509_get_rsassa_pss_params( const x509_buf *params,
     if( ( ret = asn1_get_tag( &p, end, &len,
                     ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 1 ) ) == 0 )
     {
-        /* MaskGenAlgorithm  ::=  AlgorithmIdentifier */
-        // TODO: WIP
+        /* MaskGenAlgorithm ::= AlgorithmIdentifier (params = HashAlgorithm) */
+        if( ( ret = x509_get_alg( &p, p + len, &alg_id, &alg_params ) ) != 0 )
+            return( ret );
+
+        /* Only MFG1 is recognised for now */
+        if( ! OID_CMP( OID_MGF1, &alg_id ) )
+            return( POLARSSL_ERR_X509_FEATURE_UNAVAILABLE +
+                    POLARSSL_ERR_OID_NOT_FOUND );
+
+        /* Parse HashAlgorithm */
+        if( ( ret = x509_get_hash_alg( &alg_params, mgf_md ) ) != 0 )
+            return( ret );
     }
     else if( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
         return( POLARSSL_ERR_X509_INVALID_ALG + ret );

library/x509_crt.c

@@ -625,9 +625,12 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf,
     if( crt->sig_pk == POLARSSL_PK_RSASSA_PSS )
     {
         int salt_len, trailer_field;
+        md_type_t mgf_md;
 
-        if( ( ret = x509_get_rsassa_pss_params( &crt->sig_params,
-                        &crt->sig_md, &salt_len, &trailer_field ) ) != 0 )
+        /* Make sure params are valid */
+        ret = x509_get_rsassa_pss_params( &crt->sig_params,
+                &crt->sig_md, &mgf_md, &salt_len, &trailer_field );
+        if( ret != 0 )
             return( ret );
     }
     else
@@ -1318,15 +1321,20 @@ int x509_crt_info( char *buf, size_t size, const char *prefix,
 
     if( crt->sig_pk == POLARSSL_PK_RSASSA_PSS )
     {
-        md_type_t md_alg;
+        md_type_t md_alg, mgf_md;
+        const md_info_t *md_info, *mgf_md_info;
         int salt_len, trailer_field;
 
         if( ( ret = x509_get_rsassa_pss_params( &crt->sig_params,
-                        &md_alg, &salt_len, &trailer_field ) ) != 0 )
+                        &md_alg, &mgf_md, &salt_len, &trailer_field ) ) != 0 )
             return( ret );
 
-        // TODO: SHA1 harcoded twice (WIP)
-        ret = snprintf( p, n, " (SHA1, MGF1-SHA1, %d, %d)",
+        md_info = md_info_from_type( md_alg );
+        mgf_md_info = md_info_from_type( mgf_md );
+
+        ret = snprintf( p, n, " (%s, MGF1-%s, 0x%02X, %d)",
+                              md_info ? md_info->name : "???",
+                              mgf_md_info ? mgf_md_info->name : "???",
                               salt_len, trailer_field );
         SAFE_SNPRINTF();
     }