Merge GH #3421 Fix parsing RSA-PSS cert signed by another algorithm

randombit · Mar 24, 2023 · 319c701 · 319c701
2 parents 41a2783 + cc621da
commit 319c701
Show file tree

Hide file tree

Showing 3 changed files with 36 additions and 44 deletions.
diff --git a/src/lib/x509/x509cert.cpp b/src/lib/x509/x509cert.cpp
@@ -145,50 +145,6 @@ std::unique_ptr<X509_Certificate_Data> parse_x509_cert_body(const X509_Object& o
    data->m_subject_dn_bits = ASN1::put_in_sequence(data->m_subject_dn.get_bits());
    data->m_issuer_dn_bits = ASN1::put_in_sequence(data->m_issuer_dn.get_bits());
 
-   // validate_public_key_params(public_key.value);
-   AlgorithmIdentifier public_key_alg_id;
-   BER_Decoder(public_key).decode(public_key_alg_id).discard_remaining();
-
-   const std::vector<std::string> public_key_info =
-      split_on(public_key_alg_id.oid().human_name_or_empty(), '/');
-
-   if(!public_key_info.empty() && public_key_info[0] == "RSA")
-      {
-      // RFC4055: If PublicKeyAlgo = PSS or OAEP: limit the use of the public key exclusively to either RSASSA - PSS or RSAES - OAEP
-      if(public_key_info.size() >= 2)
-         {
-         if(public_key_info[1] == "EMSA4")
-            {
-            /*
-            When the RSA private key owner wishes to limit the use of the public
-            key exclusively to RSASSA-PSS, then the id-RSASSA-PSS object
-            identifier MUST be used in the algorithm field within the subject
-            public key information, and, if present, the parameters field MUST
-            contain RSASSA-PSS-params.
-
-            All parameters in the signature structure algorithm identifier MUST
-            match the parameters in the key structure algorithm identifier
-            except the saltLength field. The saltLength field in the signature parameters
-            MUST be greater or equal to that in the key parameters field.
-
-            ToDo: Allow salt length to be greater
-            */
-            if(public_key_alg_id != obj.signature_algorithm())
-               {
-               throw Decoding_Error("Algorithm identifier mismatch");
-               }
-            }
-         }
-      else
-         {
-         // oid = rsaEncryption -> parameters field MUST contain NULL
-         if(public_key_alg_id != AlgorithmIdentifier(public_key_alg_id.oid(), AlgorithmIdentifier::USE_NULL_PARAM))
-            {
-            throw Decoding_Error("RSA algorithm parameters field MUST contain NULL");
-            }
-         }
-      }
-
    data->m_subject_public_key_bits.assign(public_key.bits(), public_key.bits() + public_key.length());
 
    data->m_subject_public_key_bits_seq = ASN1::put_in_sequence(data->m_subject_public_key_bits);

diff --git a/src/tests/data/x509/misc/rsa_pss.pem b/src/tests/data/x509/misc/rsa_pss.pem
@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE-----
+MIICejCCAiCgAwIBAgIUV0s7Xb9pXE7I6lWKig4O9ueBIVIwCgYIKoZIzj0EAwIw
+JDEQMA4GA1UECgwHRXhhbXBsZTEQMA4GA1UEAwwHUm9vdCBDQTAeFw0yMjA3MzEw
+OTU4NDFaFw0yODAxMjEwOTU4NDFaMCQxEDAOBgNVBAoMB0V4YW1wbGUxEDAOBgNV
+BAMMB0VudGl0eTEwggEgMAsGCSqGSIb3DQEBCgOCAQ8AMIIBCgKCAQEA8zrekcNd
+SrAKCNCepmHDAO78Dm0CbiZ+lP5hXVgp7vfAiY9lyKZyXRSEARgsQuNoLYb1GQ5y
+1oAyvH9rqYYC9GX3F50ekCztrtGF3p6z2m/JaUAoz7ZQLQ95Lg4ML+28WDYjOs9V
+p/Gu8GiaAcsv/z1hK0u0PfmqLyUTIN3EM03RjaESr7n3M2LBu5AZ07/EbaXjzHWh
+OZmIZA7yODQrTyz2ZlZ1l3WfSIFCT089gy8BsTrtaM6nUr8kgbCtmnskoqxjnGKW
+9ScdXBkS1iN4/O/nGsGvnQJparNRYuhlCIOG7ryRS46adr4+CUZ+LKlPWoPRSuUZ
+qAyQ8h0EopzTQQIDAQABo2cwZTAdBgNVHQ4EFgQU6X2N+z9A1NQk56YfTnwFf70D
+ZpkwDgYDVR0PAQH/BAQDAgPIMBMGA1UdJQQMMAoGCCsGAQUFBwMCMB8GA1UdIwQY
+MBaAFHB3/cqCukn4QdaxBagNY2jfDNG6MAoGCCqGSM49BAMCA0gAMEUCIQCLU/Lc
+3LdhS0tPc6SdkqJlXVW7DMDeACL0TPNNySC5xQIgInZTKRNF+kMEkHKJJ75k6uot
+4wHDgdgqE7Yk62nW0VQ=
+-----END CERTIFICATE-----
diff --git a/src/tests/unit_x509.cpp b/src/tests/unit_x509.cpp
@@ -638,6 +638,25 @@ Test::Result test_x509_authority_info_access_extension()
    return result;
    }
 
+Test::Result test_parse_rsa_pss_cert()
+   {
+   Test::Result result("X509 RSA-PSS certificate");
+
+   // See https://github.com/randombit/botan/issues/3019 for background
+
+   try
+      {
+      Botan::X509_Certificate rsa_pss(Test::data_file("x509/misc/rsa_pss.pem"));
+      result.test_success("Was able to parse RSA-PSS certificate signed with ECDSA");
+      }
+   catch(Botan::Exception& e)
+      {
+      result.test_failure("Parsing failed", e.what());
+      }
+
+   return result;
+   }
+
 Test::Result test_verify_gost2012_cert()
    {
    Test::Result result("X509 GOST-2012 certificates");
@@ -1707,6 +1726,7 @@ class X509_Cert_Unit_Tests final : public Test
          results.push_back(test_rsa_oaep());
          results.push_back(test_x509_authority_info_access_extension());
          results.push_back(test_verify_gost2012_cert());
+         results.push_back(test_parse_rsa_pss_cert());
 #endif
 
          results.push_back(test_x509_extension());