diff options
author | Krzysztof Jackiewicz <k.jackiewicz@samsung.com> | 2019-05-15 17:46:58 +0200 |
---|---|---|
committer | Tomasz Swierczek <t.swierczek@samsung.com> | 2019-05-20 11:08:19 +0200 |
commit | 79141629106d3097f8a4013d3744cef046265a3e (patch) | |
tree | baaed4aa725f45a95ca81c692cc3800f97f2a105 | |
parent | 0be32159737cb86cdc1a319d752cfdaa58b872f3 (diff) | |
download | key-manager-79141629106d3097f8a4013d3744cef046265a3e.tar.gz key-manager-79141629106d3097f8a4013d3744cef046265a3e.tar.bz2 key-manager-79141629106d3097f8a4013d3744cef046265a3e.zip |
Forbid HashAlgorithm::NONE for DSA & ECDSA signatures
Openssl uses SHA1 if no hash algorithm is provided for DSA & ECDSA
signatures. TZ does not support that option at all. It's better to
forbid it.
This commit changes the API behavior and may lead to errors in clients
that used HashAlgorithm::NONE with DSA or ECDSA which is highly
unlikely.
Change-Id: I8522e8f157b5ef2d6599bb672ef790ee8ea48644
-rw-r--r-- | src/include/ckmc/ckmc-manager.h | 4 | ||||
-rw-r--r-- | src/manager/crypto/sw-backend/internals.cpp | 8 | ||||
-rw-r--r-- | src/manager/crypto/tz-backend/internals.cpp | 6 |
3 files changed, 15 insertions, 3 deletions
diff --git a/src/include/ckmc/ckmc-manager.h b/src/include/ckmc/ckmc-manager.h index 22a295ce..251052cb 100644 --- a/src/include/ckmc/ckmc-manager.h +++ b/src/include/ckmc/ckmc-manager.h @@ -607,7 +607,7 @@ int ckmc_create_key_aes(size_t size, const char *key_alias, ckmc_policy_s key_po * @param[in] private_key_alias The name of private key * @param[in] password The password used in decrypting a private key value * @param[in] message The message that is signed with a private key - * @param[in] hash The hash algorithm used in creating signature + * @param[in] hash The hash algorithm used in creating signature. CKMC_HASH_NONE is invalid for DSA & ECDSA * @param[in] padding The RSA padding algorithm used in creating signature \n * It is used only when the signature algorithm is RSA. If * @a padding is CKMC_NONE_PADDING you must use CKMC_HASH_NONE @@ -643,7 +643,7 @@ int ckmc_create_signature(const char *private_key_alias, const char *password, c * @param[in] password The password used in decrypting a public key value * @param[in] message The input on which the signature is created * @param[in] signature The signature that is verified with public key - * @param[in] hash The hash algorithm used in verifying signature + * @param[in] hash The hash algorithm used in verifying signature. CKMC_HASH_NONE is invalid for DSA & ECDSA * @param[in] padding The RSA padding algorithm used in verifying signature \n * It is used only when the signature algorithm is RSA. If * @a padding is CKMC_NONE_PADDING you must use CKMC_HASH_NONE diff --git a/src/manager/crypto/sw-backend/internals.cpp b/src/manager/crypto/sw-backend/internals.cpp index afa3c884..a5f2f9e9 100644 --- a/src/manager/crypto/sw-backend/internals.cpp +++ b/src/manager/crypto/sw-backend/internals.cpp @@ -817,6 +817,9 @@ RawBuffer signMessage(EVP_PKEY *privKey, const RawBuffer &message, const int rsa_padding) { + if (EVP_PKEY_type(privKey->type) != EVP_PKEY_RSA) + ThrowErr(Exc::Crypto::InputParam, "Only RSA supports no hash option"); + EvpPkeyCtxUPtr pctx(EVP_PKEY_CTX_new(privKey, NULL), EVP_PKEY_CTX_free); if (!pctx.get()) @@ -931,6 +934,9 @@ int verifyMessage(EVP_PKEY *pubKey, const RawBuffer &signature, const int rsa_padding) { + if (EVP_PKEY_type(pubKey->type) != EVP_PKEY_RSA) + ThrowErr(Exc::Crypto::InputParam, "Only RSA supports no hash option"); + EvpPkeyCtxUPtr pctx(EVP_PKEY_CTX_new(pubKey, NULL), EVP_PKEY_CTX_free); if (!pctx.get()) @@ -1048,4 +1054,4 @@ bool verifyBinaryData(DataType dataType, const RawBuffer &buffer) } // namespace Internals } // namespace SW } // namespace Crypto -} // namespace CKM
\ No newline at end of file +} // namespace CKM diff --git a/src/manager/crypto/tz-backend/internals.cpp b/src/manager/crypto/tz-backend/internals.cpp index 7b7b9be1..8aee58a8 100644 --- a/src/manager/crypto/tz-backend/internals.cpp +++ b/src/manager/crypto/tz-backend/internals.cpp @@ -533,6 +533,9 @@ RawBuffer sign(const RawBuffer &pkey, { AlgoType algo = unpack<AlgoType>(alg, ParamName::ALGO_TYPE); HashAlgorithm hash = unpack<HashAlgorithm>(alg, ParamName::SV_HASH_ALGO); + if (algo != AlgoType::RSA_SV && hash == HashAlgorithm::NONE) + ThrowErr(Exc::Crypto::InputParam, "Only RSA supports no hash option"); + RawBuffer signature; TrustZoneContext::Instance().executeSign(getAlgType(algo), getHashType(hash), @@ -551,6 +554,9 @@ int verify(const RawBuffer &pkey, { AlgoType algo = unpack<AlgoType>(alg, ParamName::ALGO_TYPE); HashAlgorithm hash = unpack<HashAlgorithm>(alg, ParamName::SV_HASH_ALGO); + if (algo != AlgoType::RSA_SV && hash == HashAlgorithm::NONE) + ThrowErr(Exc::Crypto::InputParam, "Only RSA supports no hash option"); + return TrustZoneContext::Instance().executeVerify(getAlgType(algo), getHashType(hash), pkey, |