From 308c5274e1f57cb22cd1ba35d61e71490ee30a1d Mon Sep 17 00:00:00 2001 From: Dariusz Michaluk Date: Wed, 14 Sep 2016 13:11:38 +0200 Subject: [PATCH] Fix minor sign API errors. Fix documentation. OpenSSL errors: - dsa routines:PKEY_DSA_CTRL:invalid digest type - elliptic curve routines:PKEY_EC_CTRL:invalid digest type - rsa routines:RSA_sign:digest too big for rsa key - rsa routines:CHECK_PADDING_MD:invalid x931 digest - rsa routines:PKEY_RSA_SIGN:key size too small Change-Id: I87a51e39168885600a4ab68b754bea650411a903 --- api/yaca/yaca_sign.h | 7 +++++++ api/yaca/yaca_simple.h | 5 +++++ src/debug.c | 3 +++ src/sign.c | 33 +++++++++++++++++++-------------- 4 files changed, 34 insertions(+), 14 deletions(-) diff --git a/api/yaca/yaca_sign.h b/api/yaca/yaca_sign.h index 16bcfd1..c4b0dff 100755 --- a/api/yaca/yaca_sign.h +++ b/api/yaca/yaca_sign.h @@ -47,6 +47,13 @@ extern "C" { * @remarks For RSA operations the default padding used is #YACA_PADDING_PKCS1. It can be * changed using yaca_context_set_property() with #YACA_PROPERTY_PADDING. * + * @remarks For #YACA_DIGEST_SHA384 and #YACA_DIGEST_SHA512 the RSA key size must be bigger than + * #YACA_KEY_LENGTH_512BIT. + * + * @remarks Using of #YACA_DIGEST_MD5 algorithm for DSA and ECDSA operations is prohibited. + * + * @remarks Using of #YACA_DIGEST_MD5 or #YACA_DIGEST_SHA224 with #YACA_PADDING_X931 is prohibited. + * * @remarks The @a ctx should be released using yaca_context_destroy() * * @param[out] ctx Newly created context diff --git a/api/yaca/yaca_simple.h b/api/yaca/yaca_simple.h index 9adb8ca..2944f76 100755 --- a/api/yaca/yaca_simple.h +++ b/api/yaca/yaca_simple.h @@ -165,6 +165,11 @@ int yaca_simple_calculate_digest(yaca_digest_algorithm_e algo, * * @since_tizen 3.0 * + * @remarks For #YACA_DIGEST_SHA384 and #YACA_DIGEST_SHA512 the RSA key size must be bigger than + * #YACA_KEY_LENGTH_512BIT. + * + * @remarks Using of #YACA_DIGEST_MD5 algorithm for DSA and ECDSA operations is prohibited. + * * @remarks The @a signature should be freed using yaca_free() * * @remarks The @a message can be NULL but then @a message_len must be 0 diff --git a/src/debug.c b/src/debug.c index 13a3fd4..80edb1d 100644 --- a/src/debug.c +++ b/src/debug.c @@ -139,6 +139,8 @@ int error_handle(const char *file, int line, const char *function) case ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH): case ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_WRONG_FINAL_BLOCK_LENGTH): case ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_DERIVE_SET_PEER, EVP_R_DIFFERENT_PARAMETERS): + case ERR_PACK(ERR_LIB_EC, EC_F_PKEY_EC_CTRL, EC_R_INVALID_DIGEST_TYPE): + case ERR_PACK(ERR_LIB_DSA, DSA_F_PKEY_DSA_CTRL, DSA_R_INVALID_DIGEST_TYPE): ret = YACA_ERROR_INVALID_PARAMETER; break; case ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_GET_OBJECT, ASN1_R_TOO_LONG): @@ -175,6 +177,7 @@ int error_handle(const char *file, int line, const char *function) /* known rsa padding errors */ if (ret == YACA_ERROR_NONE && ERR_GET_LIB(err) == ERR_LIB_RSA) { switch (ERR_GET_FUNC(err)) { + case RSA_F_CHECK_PADDING_MD: case RSA_F_RSA_PADDING_CHECK_NONE: case RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP: case RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP_MGF1: diff --git a/src/sign.c b/src/sign.c index 15f0ba9..6ef23df 100644 --- a/src/sign.c +++ b/src/sign.c @@ -175,8 +175,7 @@ int set_sign_property(yaca_context_h ctx, ret = EVP_PKEY_CTX_set_rsa_padding(pctx, pad); if (ret <= 0) { - ret = YACA_ERROR_INTERNAL; - ERROR_DUMP(ret); + ret = ERROR_HANDLE(); return ret; } @@ -195,8 +194,16 @@ API int yaca_sign_initialize(yaca_context_h *ctx, if (ctx == NULL || evp_key == NULL) return YACA_ERROR_INVALID_PARAMETER; + ret = digest_get_algorithm(algo, &md); + if (ret != YACA_ERROR_NONE) + return ret; + switch (prv_key->type) { case YACA_KEY_TYPE_RSA_PRIV: + if (EVP_MD_size(md) >= EVP_PKEY_size(evp_key->evp) || + (algo == YACA_DIGEST_SHA384 && (EVP_PKEY_size(evp_key->evp) <= YACA_KEY_LENGTH_512BIT / 8))) + return YACA_ERROR_INVALID_PARAMETER; + break; case YACA_KEY_TYPE_DSA_PRIV: case YACA_KEY_TYPE_EC_PRIV: break; @@ -215,10 +222,6 @@ API int yaca_sign_initialize(yaca_context_h *ctx, nc->ctx.set_property = set_sign_property; nc->ctx.get_property = NULL; - ret = digest_get_algorithm(algo, &md); - if (ret != YACA_ERROR_NONE) - goto exit; - nc->md_ctx = EVP_MD_CTX_create(); if (nc->md_ctx == NULL) { ret = YACA_ERROR_INTERNAL; @@ -228,8 +231,7 @@ API int yaca_sign_initialize(yaca_context_h *ctx, ret = EVP_DigestSignInit(nc->md_ctx, NULL, md, NULL, evp_key->evp); if (ret != 1) { - ret = YACA_ERROR_INTERNAL; - ERROR_DUMP(ret); + ret = ERROR_HANDLE(); goto exit; } @@ -457,8 +459,16 @@ API int yaca_verify_initialize(yaca_context_h *ctx, if (ctx == NULL || evp_key == NULL) return YACA_ERROR_INVALID_PARAMETER; + ret = digest_get_algorithm(algo, &md); + if (ret != YACA_ERROR_NONE) + return ret; + switch (pub_key->type) { case YACA_KEY_TYPE_RSA_PUB: + if (EVP_MD_size(md) >= EVP_PKEY_size(evp_key->evp) || + (algo == YACA_DIGEST_SHA384 && (EVP_PKEY_size(evp_key->evp) <= YACA_KEY_LENGTH_512BIT / 8))) + return YACA_ERROR_INVALID_PARAMETER; + break; case YACA_KEY_TYPE_DSA_PUB: case YACA_KEY_TYPE_EC_PUB: break; @@ -477,10 +487,6 @@ API int yaca_verify_initialize(yaca_context_h *ctx, nc->ctx.set_property = set_sign_property; nc->ctx.get_property = NULL; - ret = digest_get_algorithm(algo, &md); - if (ret != YACA_ERROR_NONE) - goto exit; - nc->md_ctx = EVP_MD_CTX_create(); if (nc->md_ctx == NULL) { ret = YACA_ERROR_INTERNAL; @@ -490,8 +496,7 @@ API int yaca_verify_initialize(yaca_context_h *ctx, ret = EVP_DigestVerifyInit(nc->md_ctx, NULL, md, NULL, evp_key->evp); if (ret != 1) { - ret = YACA_ERROR_INTERNAL; - ERROR_DUMP(ret); + ret = ERROR_HANDLE(); goto exit; } -- 2.7.4