Skip to content

Commit

Permalink
public_key: Add handling of implicit default for RSASSA-PSS keys
Browse files Browse the repository at this point in the history
  • Loading branch information
IngelaAndin committed Aug 8, 2024
1 parent 0418c10 commit b9d1950
Show file tree
Hide file tree
Showing 3 changed files with 76 additions and 13 deletions.
42 changes: 30 additions & 12 deletions lib/public_key/src/public_key.erl
Original file line number Diff line number Diff line change
Expand Up @@ -385,19 +385,32 @@ der_priv_key_decode(#'OneAsymmetricKey'{
#'ECPrivateKey'{version = 2, parameters = {namedCurve, CurveOId}, privateKey = PrivKey,
attributes = Attr,
publicKey = PubKey};
der_priv_key_decode({'PrivateKeyInfo', v1,
{'PrivateKeyInfo_privateKeyAlgorithm', ?'rsaEncryption', _}, PrivKey, _}) ->
der_decode('RSAPrivateKey', PrivKey);
der_priv_key_decode({'PrivateKeyInfo', v1,
{'PrivateKeyInfo_privateKeyAlgorithm', ?'id-RSASSA-PSS',
{asn1_OPENTYPE, Parameters}}, PrivKey, _}) ->
der_priv_key_decode(#'PrivateKeyInfo'{version = v1,
privateKeyAlgorithm =
#'PrivateKeyInfo_privateKeyAlgorithm'{algorithm = ?'rsaEncryption'},
privateKey = PrivKey}) ->
der_decode('RSAPrivateKey', PrivKey);
der_priv_key_decode(#'PrivateKeyInfo'{version = v1,
privateKeyAlgorithm =
#'PrivateKeyInfo_privateKeyAlgorithm'{algorithm = ?'id-RSASSA-PSS',
parameters = {asn1_OPENTYPE, Parameters}},
privateKey = PrivKey}) ->
Key = der_decode('RSAPrivateKey', PrivKey),
Params = der_decode('RSASSA-PSS-params', Parameters),
{Key, Params};
der_priv_key_decode(#'PrivateKeyInfo'{version = v1,
privateKeyAlgorithm = #'PrivateKeyInfo_privateKeyAlgorithm'{algorithm = ?'id-dsa',
parameters =
{asn1_OPENTYPE, Parameters}},
privateKeyAlgorithm =
#'PrivateKeyInfo_privateKeyAlgorithm'{algorithm = ?'id-RSASSA-PSS',
parameters = asn1_NOVALUE},
privateKey = PrivKey}) ->
Key = der_decode('RSAPrivateKey', PrivKey),
#'RSASSA-AlgorithmIdentifier'{parameters = Params} = ?'rSASSA-PSS-Default-Identifier',
{Key, Params};
der_priv_key_decode(#'PrivateKeyInfo'{version = v1,
privateKeyAlgorithm =
#'PrivateKeyInfo_privateKeyAlgorithm'{algorithm = ?'id-dsa',
parameters =
{asn1_OPENTYPE, Parameters}},
privateKey = PrivKey}) ->
{params, #'Dss-Parms'{p=P, q=Q, g=G}} = der_decode('DSAParams', Parameters),
X = der_decode('Prime-p', PrivKey),
Expand Down Expand Up @@ -432,10 +445,15 @@ der_encode('PrivateKeyInfo', #'RSAPrivateKey'{} = PrivKey) ->
privateKeyAlgorithm = Alg,
privateKey = Key});
der_encode('PrivateKeyInfo', {#'RSAPrivateKey'{} = PrivKey, Parameters}) ->
Params = der_encode('RSASSA-PSS-params', Parameters),
#'RSASSA-AlgorithmIdentifier'{parameters = DefaultParams} = ?'rSASSA-PSS-Default-Identifier',
Params = case Parameters of
DefaultParams ->
asn1_NOVALUE;
_ ->
{asn1_OPENTYPE, der_encode('RSASSA-PSS-params', Parameters)}
end,
Alg = #'PrivateKeyInfo_privateKeyAlgorithm'{algorithm = ?'id-RSASSA-PSS',
parameters =
{asn1_OPENTYPE, Params}},
parameters = Params},
Key = der_encode('RSAPrivateKey', PrivKey),
der_encode('PrivateKeyInfo', #'PrivateKeyInfo'{version = v1,
privateKeyAlgorithm = Alg,
Expand Down
19 changes: 18 additions & 1 deletion lib/public_key/test/public_key_SUITE.erl
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,8 @@
rsa_pem/1,
rsa_pss_pss_pem/0,
rsa_pss_pss_pem/1,
rsa_pss_default_pem/0,
rsa_pss_default_pem/1,
rsa_priv_pkcs8/0,
rsa_priv_pkcs8/1,
ec_pem/0,
Expand Down Expand Up @@ -173,7 +175,8 @@ all() ->
].

groups() ->
[{pem_decode_encode, [], [dsa_pem, rsa_pem, rsa_pss_pss_pem, ec_pem,
[{pem_decode_encode, [], [dsa_pem, rsa_pem, rsa_pss_pss_pem,
rsa_pss_default_pem, ec_pem,
encrypted_pem_pwdstring, encrypted_pem_pwdfun,
dh_pem, cert_pem, pkcs7_pem, pkcs10_pem, ec_pem2,
rsa_priv_pkcs8, dsa_priv_pkcs8, ec_priv_pkcs8,
Expand Down Expand Up @@ -357,6 +360,20 @@ rsa_pss_pss_pem(Config) when is_list(Config) ->
RSAPemNoEndNewLines = strip_superfluous_newlines(RsaPem),
RSAPemNoEndNewLines = strip_superfluous_newlines(public_key:pem_encode([PrivEntry0])).

rsa_pss_default_pem() ->
[{doc, "RSA PKCS8 RSASSA-PSS private key with default params decode/encode"}].
rsa_pss_default_pem(Config) when is_list(Config) ->
Datadir = proplists:get_value(data_dir, Config),
{ok, RsaPem} = file:read_file(filename:join(Datadir, "pss_default.pem")),
[{'PrivateKeyInfo', DerRSAKey, not_encrypted} = Entry0 ] = public_key:pem_decode(RsaPem),
#'RSASSA-AlgorithmIdentifier'{parameters = Params} = ?'rSASSA-PSS-Default-Identifier',
{RSAKey, Params} = public_key:der_decode('PrivateKeyInfo', DerRSAKey),
{RSAKey, Parms} = public_key:pem_entry_decode(Entry0),
true = check_entry_type(RSAKey, 'RSAPrivateKey'),
PrivEntry0 = public_key:pem_entry_encode('PrivateKeyInfo', {RSAKey, Parms}),
RSAPemNoEndNewLines = strip_superfluous_newlines(RsaPem),
RSAPemNoEndNewLines = strip_superfluous_newlines(public_key:pem_encode([PrivEntry0])).

rsa_priv_pkcs8() ->
[{doc, "RSA PKCS8 private key decode/encode"}].
rsa_priv_pkcs8(Config) when is_list(Config) ->
Expand Down
28 changes: 28 additions & 0 deletions lib/public_key/test/public_key_SUITE_data/pss_default.pem
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEuwIBADALBgkqhkiG9w0BAQoEggSnMIIEowIBAAKCAQEAjPwd860nEH6sgfYE
RXoAjMY3Rdl3ynuJd5/ZWqTBNGn/Wet8idPQix9nwUvZ6Nw7uGX00HeBITZeIZMo
wXpK6b4m0JF0OUAyQMW5PeuRVc3Ox+D5rI+yktXD8FT6TQqW8fAjkYkQZ9lpugdH
+fpdEARTf1GY6WZ/bY/IBmHAOeOmexoaJ+4HZk17GUFs28fd4FICqeMBU0u4RAiu
OLObdw2cFnOQrw3dst7SDUyFDHvx9SM4FqI2S7TSefsQB5hl/0WVzdpiOn5d1mti
/VlGGunQlne822Ata9kYvtKBnmdFGj3GJLYoLF4PVGWpDMIiz2jcZ0+bPTnjf6E0
E53ZFwIDAQABAoIBAD5RWMnzsS9E1urRPH0bWu/e0+K/qAgsCA0E7rX22mHZMqJk
CVYA9w7v0FRsO0OHSayOAKM/F6h/GCeeHSc8b62XPB/4E1gVDMF9xI5euIylXrAS
PTpuACCQdb4fSc5RDnydyZMUc1h8DRRKEKIp7QXd66x8/Gq6wDvFEMTlY2sSkfKm
eXlyr8+07XA0E4s71MKgMCFecWEXH/q2RxsWSa0n6yeHP1noIMegZdtjbTXTpBPz
ABizBh6O/a7JXoXnjfey1vD6M30PxlCTfOdAvgi6c3LRfeRkbrmyHjUnUIegrcYR
PWXH5vYibQ30wIkW41+d89rtfu6Gb4BF3tnf3xECgYEAunS/e90S3C3GDJCg/f1s
YE9IV0d4AajNPBZYB3G55O2XFr8nqXtCWW/0AAM54ooAXIJjONHe9n8aM0Ea7+6j
Oi08LcDyyuqr3Phyix5RHqQ+mo+nNFxjnMBuLbmhUjNskBorPfY1kPNfoU18SBQu
t16u2Q2upo5pp/TfpoTkfkcCgYEAwZGsQnK+6f+4s8R407mB5sBkbNNUfPobthOl
A7b2oYXLcYdL6by7VYhTzm5mGwZKah5k2ZpOOpNi/D6NjEjIqxG7goT3I/Cl2+i5
ZroC9/bEsifgAVdV7z1WsMontcvwZ1vohlNeTyMr4vhzh9RaWFWUj7QOeezjEHxD
o7/8JrECgYEAkv+AB1Mfj163CSjtA9FMJBHdYpIB1q0SQREMjbHncMivmUtTJZb7
lC9jGq9wb12FM2nId/9d3NAQA+CMMCTfovoOu7OmtruUiz2EcJGSOqoagRhIJkvA
bNB5DKuQt5G7QVCgTtVRHdoBxtWj6d+fhQmsp4rV6pHUUooH2Oxkh/kCgYBcS+p4
MKBpkP5v8SGvysdu0JPR9B5YDSXDdrB7CfWlZNdxxZJj3BLzILLdPnS/NAutd9qc
i1/7vCU5o1X46weL0kO3Y1E4ONnM9rXYjp81vtthG3RLD2qxTW0VlP7ER37UudUw
n3XbhCi7672iqZV+gyf4MWGpr1NBnA7geH1xsQKBgEvWCsVkWy+3HOgZzmHUbN7A
ZDBm/R9F7Oe33vk8SGj8YFHry5P6R++1tAq9fEJaY+cG66qR+A5hBAkfQZv+qQgo
4pOw4+QYTh8fmloeaSxl7SqTbn799/EqzdE7vwnNCTJMEyKuk2qbuxon0UT5vMi5
d3/y0Y6zw4ZBp+9LS8ST
-----END PRIVATE KEY-----

0 comments on commit b9d1950

Please sign in to comment.