[prev in list] [next in list] [prev in thread] [next in thread]
List: openssl-dev
Subject: Re: [openssl.org #1951] [patch] verification of X.509 certificates that contain an RSASSA-PSS signat
From: "Martin Kaiser via RT" <rt () openssl ! org>
Date: 2009-08-25 20:57:36
Message-ID: rt-3.4.5-91703-1251233855-1304.1951-6-0 () openssl ! org
[Download RAW message or body]
Steve, all,
I recently found some more time to look into this. In order to make sure
that the next attempt is in line with the rest of the code, I need some
more discussion.
> > The decision table in obj_xref.txt seems to be the problem. This
> > doesn't work for PSS, you can't determine the digest without parsing
> > the PSS parameters.
> Yes, probably will need a special value for the digest type NID_undef
> for example which means "the public key algorithm method will work out
> the digest type".
> > We'll need a way to set these parameters in the EVP_PKEY_CTX or
> > RSA_PKEY_CTX respectively. I've (ab)used the md_ctrl function for this.
> > Could we just add a similar function pointer directly to the
> > EVP_PKEY_CTX structure?
> That's what I'm considering. We pass (say) a NULL for the digest type in
> EVP_DigestVerifyInit() and call a ctrl in the associated public key
> method to let it decide which digest and parameters to use. The
> functionality isn't in EVP_DigestVerifyInit() yet it just uses a
> "default" digest if NULL is passed in.
The ctrl would require a X509_ALGOR * an input so that all PSS
parameters can be determined. This struct is available only in
ASN1_item_verify(). The ctrl however could be part of EVP_PKEY_METHOD
and will be called from EVP_DigestVerifyInit(). Any idea how to pass on
the struct?
Alternatively, I thought of adding the "work out the paramters" function
to EVP_PKEY_ASN1_METHOD's ctrl. It fits there as it involves some ASN1
parsing. But the resulting PSS parameters have to be stored in
RSA_PKEY_CTX. According to your last mails, this is the best place to
put the params. But it's not accessible from EVP_PKEY_ASN1_METHOD.
A third approach would be to run EVP_DigestVerifyInit() with a NULL
EVP_MD parameter (just modify it to not use a default md). When the
functions returns, we use the resulting EVP_PKEY_CTX in ASN1_item_verify
and call its pctx->pmeth->ctrl directly from ASN1_item_verify(),
supplying the X509_ALGOR * parameter.
Any thoughts what would be the best appoach?
Best regards,
Martin
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majordomo@openssl.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic