Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support for PKCSv1_5_NoOID signatures #17636

Merged
merged 4 commits into from
Oct 27, 2022

Conversation

cipherboy
Copy link
Contributor

@cipherboy cipherboy commented Oct 21, 2022

This assumes a pre-hashed input has been provided to Vault, but we do not write the hash's OID into the signature stream. This allows us to generate the alternative PKCSv1_5_NoOID signature type rather than the existing PKCSv1_5_DERnull signature type we presently use.

These are specified in RFC 3447 Section 9.2.

Signed-off-by: Alexander Scheel <[email protected]>


I've not figured out how to test this independently with PyCryptography or OpenSSL... I'm not sure its really supported in their PKCS#1v1.5 APIs.

This fails on my system, since OpenSSL can't map none to a valid EVP_md algorithm:

#!/usr/bin/python3

import base64
import cryptography
import cryptography.hazmat
import cryptography.hazmat.primitives
import cryptography.hazmat.primitives.asymmetric
import cryptography.hazmat.primitives.asymmetric.padding
import cryptography.hazmat.primitives.asymmetric.utils
import cryptography.hazmat.primitives.hashes
import cryptography.hazmat.primitives.serialization

data = base64.b64decode("P8m2iUWdc4+MiKOkiqnjNUIBa3pAUuABqqU2/KdIE8s=")
sig = base64.b64decode("ipSuAuEoD6KOErYNApazvBGa+FQ1mXWdQYt7HbtZhWDz3XUayrOP9dGBa4yP1YuHs5svwjPa+rrv0pxUGmCNXBT4A8U7pc4f/OEzFhKTpqLd/PUAxP/attKATVJ8zHf/7B5s4db9hdAkBc3amHA4lgnYQLxb6DbyCwMeH2wPs4xuR3KLaZPGEDQhjb3ahjYwkEzuhlFzGFu2q01M+Ez5aLLXZiTczV6gZ6dkkPGR9NManG5Fi6AD9g21198dICKfeU9FnP4fAK65hYWDfe3Tphp+FPCmb8Tgtij30nFAnk/Ni1HAnyHoaqei7DL19WL1loqD0RvzfIekdhQYmvdcfg==")
pub = b"""-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1wUu+Ks0pYD/lkSJYTb6
n9sXIll058PmnCaugl7gATQ7KbJv6ZTu9GpbM1j0hIU3sCfEjEZh2Xld9B9mLXb5
qUZp4dkyztQZs/w20A3EQgH+EjBVyfFEH/TdAU97z80QCy2Hrq7rSOCIFf5oQoYe
m+qMLz2VTxDN+ve9emiPypXeWCfo7XGapXkZkocRTh5qL3wbuUH1nLgJaYU6J8Vv
6PhTQgV1ZcPf4hqcYMeRBHDQOEMj5VezdzVHzFC6mBaRMZTzTpWZS8ps8pNCCC73
hHmN9v8U2L/Ogli2phB23aP58Oh0RDj84L/KfG1YutMUiGtjAiRFDEdzL8QEbzUq
MQIDAQAB
-----END PUBLIC KEY-----"""

public_key = cryptography.hazmat.primitives.serialization.load_pem_public_key(pub)

class NoHash(cryptography.hazmat.primitives.hashes.HashAlgorithm):
    name = "none"
    digest_size = 32
    block_size = 0

print(len(sig), len(data), NoHash().digest_size, cryptography.hazmat.primitives.asymmetric.utils.Prehashed(NoHash()).digest_size)

ret = public_key.verify(
    sig,
    data,
    cryptography.hazmat.primitives.asymmetric.padding.PKCS1v15(),
    cryptography.hazmat.primitives.asymmetric.utils.Prehashed(NoHash()))

@cipherboy cipherboy added this to the 1.13.0-rc1 milestone Oct 21, 2022
@cipherboy cipherboy requested review from schultz-is, sgmiller, rculpepper and a team October 21, 2022 19:33
@cipherboy cipherboy force-pushed the cipherboy-add-transit-sig-no-oid branch from a290f5e to 49ab358 Compare October 21, 2022 20:05
@cipherboy cipherboy force-pushed the cipherboy-add-transit-sig-no-oid branch from 49ab358 to f69d06d Compare October 26, 2022 13:17
This assumes a pre-hashed input has been provided to Vault, but we do
not write the hash's OID into the signature stream. This allows us to
generate the alternative PKCSv1_5_NoOID signature type rather than the
existing PKCSv1_5_DERnull signature type we presently use.

These are specified in RFC 3447 Section 9.2.

Signed-off-by: Alexander Scheel <[email protected]>
Signed-off-by: Alexander Scheel <[email protected]>
Signed-off-by: Alexander Scheel <[email protected]>
@cipherboy cipherboy force-pushed the cipherboy-add-transit-sig-no-oid branch from f69d06d to 61bc82c Compare October 26, 2022 21:03
@cipherboy
Copy link
Contributor Author

Hearing nothing else, I'm going ahead and merging. Thanks all!

@cipherboy cipherboy merged commit 961e76a into main Oct 27, 2022
@cipherboy cipherboy deleted the cipherboy-add-transit-sig-no-oid branch December 1, 2022 14:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants