Added rsa_pss test

aws · Nov 25, 2020 · 508aa96 · 508aa96
1 parent 867b01a
commit 508aa96
Show file tree

Hide file tree

Showing 5 changed files with 60 additions and 33 deletions.
diff --git a/docs/USAGE-GUIDE.md b/docs/USAGE-GUIDE.md
@@ -568,8 +568,8 @@ The following chart maps the security policy version to the signature scheme sup
 |   "20190802"   |      X       |     X    |      X        |    X     |
 |   "20200207"   |      X       |     X    |      X        |    X     |
 
-Note that currently the default_tls13 security policy supports SHA-1 legacy algorithms in Certificate Verify messages, 
-but it will not support SHA-1 Legacy algorithms in certificate signatures. 
+Note that currently the default_tls13 security policy supports SHA-1 legacy algorithms in Certificate Verify messages,
+but it will not support SHA-1 Legacy algorithms in certificate signatures.
 
 The following chart maps the security policy version to the supported curves/groups: 
 

diff --git a/tests/unit/s2n_certificate_signatures_test.c b/tests/unit/s2n_certificate_signatures_test.c
@@ -53,26 +53,24 @@ int main(int argc, char **argv)
         .signature_schemes = test_sig_scheme_list,
     };
 
-    /* s2n_is_certificate_sig_scheme_supported() */
-    {
-        struct s2n_config *config = s2n_config_new();
-        struct s2n_connection *conn = s2n_connection_new(S2N_CLIENT);
-        s2n_connection_set_config(conn, config);
-
-        const struct s2n_security_policy *security_policy = NULL;
-        EXPECT_SUCCESS(s2n_connection_get_security_policy(conn, &security_policy));
-        EXPECT_NOT_NULL(security_policy);
+    const struct s2n_signature_scheme* const pss_sig_scheme_list[] = {
+        &s2n_rsa_pss_pss_sha256,
+        &s2n_rsa_pss_pss_sha384,
+        &s2n_rsa_pss_pss_sha512,
+        &s2n_rsa_pss_rsae_sha256,
+        &s2n_rsa_pss_rsae_sha384,
+        &s2n_rsa_pss_rsae_sha512,
+    };
 
-        struct s2n_security_policy test_security_policy = {
-            .minimum_protocol_version = security_policy->minimum_protocol_version,
-            .cipher_preferences = security_policy->cipher_preferences,
-            .kem_preferences = security_policy->kem_preferences,
-            .signature_preferences = security_policy->signature_preferences,
-            .certificate_signature_preferences = &test_certificate_signature_preferences,
-            .ecc_preferences = security_policy->ecc_preferences,
-        };
+    const struct s2n_signature_preferences pss_certificate_signature_preferences = {
+        .count = s2n_array_len(pss_sig_scheme_list),
+        .signature_schemes = pss_sig_scheme_list,
+    };
 
-        config->security_policy = &test_security_policy;
+    /* s2n_is_certificate_sig_scheme_supported() */
+    {
+        struct s2n_connection *conn;
+        EXPECT_NOT_NULL(conn = s2n_connection_new(S2N_CLIENT));
 
         /* Certificate signature algorithm is in test certificate signature preferences list */
         {
@@ -85,7 +83,7 @@ int main(int argc, char **argv)
             cert = PEM_read_bio_X509(certBio, NULL, NULL, NULL);
             S2N_ERROR_IF(cert == NULL, S2N_ERR_DECODE_CERTIFICATE);
 
-            EXPECT_OK(s2n_is_certificate_sig_scheme_supported(conn, cert, &out));
+            EXPECT_OK(s2n_is_certificate_sig_scheme_supported(conn, cert, &test_certificate_signature_preferences, &out));
             EXPECT_TRUE(out);
 
             BIO_free(certBio);
@@ -103,7 +101,7 @@ int main(int argc, char **argv)
             cert = PEM_read_bio_X509(certBio, NULL, NULL, NULL);
             S2N_ERROR_IF(cert == NULL, S2N_ERR_DECODE_CERTIFICATE);
 
-            EXPECT_OK(s2n_is_certificate_sig_scheme_supported(conn, cert, &out));
+            EXPECT_OK(s2n_is_certificate_sig_scheme_supported(conn, cert, &test_certificate_signature_preferences, &out));
             EXPECT_FALSE(out);
 
             BIO_free(certBio);
@@ -124,7 +122,7 @@ int main(int argc, char **argv)
             cert = PEM_read_bio_X509(certBio, NULL, NULL, NULL);
             S2N_ERROR_IF(cert == NULL, S2N_ERR_DECODE_CERTIFICATE);
 
-            EXPECT_OK(s2n_is_certificate_sig_scheme_supported(conn, cert, &out));
+            EXPECT_OK(s2n_is_certificate_sig_scheme_supported(conn, cert, &test_certificate_signature_preferences, &out));
             EXPECT_FALSE(out);
 
             BIO_free(certBio);
@@ -145,15 +143,32 @@ int main(int argc, char **argv)
             cert = PEM_read_bio_X509(certBio, NULL, NULL, NULL);
             S2N_ERROR_IF(cert == NULL, S2N_ERR_DECODE_CERTIFICATE);
 
-            EXPECT_OK(s2n_is_certificate_sig_scheme_supported(conn, cert, &out));
+            EXPECT_OK(s2n_is_certificate_sig_scheme_supported(conn, cert, &test_certificate_signature_preferences, &out));
             EXPECT_TRUE(out);
 
             BIO_free(certBio);
             X509_free(cert);
         }
-        EXPECT_SUCCESS(s2n_connection_free(conn));
-        EXPECT_SUCCESS(s2n_config_free(config));
 
+        /* RSA PSS certificates can be parsed */
+        {
+            EXPECT_SUCCESS(s2n_read_test_pem(S2N_RSA_PSS_2048_SHA256_LEAF_CERT, (char *)cert_file, S2N_MAX_TEST_PEM_SIZE));
+            certLen = strlen((const char*)cert_file);
+
+            /* Read the test certificates into an Openssl X509 struct */
+            certBio = BIO_new(BIO_s_mem());
+            BIO_write(certBio, cert_file, certLen);
+            cert = PEM_read_bio_X509(certBio, NULL, NULL, NULL);
+            S2N_ERROR_IF(cert == NULL, S2N_ERR_DECODE_CERTIFICATE);
+
+            EXPECT_OK(s2n_is_certificate_sig_scheme_supported(conn, cert, &pss_certificate_signature_preferences, &out));
+            EXPECT_TRUE(out);
+
+            BIO_free(certBio);
+            X509_free(cert);
+        }
+
+        EXPECT_SUCCESS(s2n_connection_free(conn));
     }
     END_TEST();
     return S2N_SUCCESS;

diff --git a/tests/unit/s2n_x509_validator_test.c b/tests/unit/s2n_x509_validator_test.c
@@ -1424,6 +1424,13 @@ int main(int argc, char **argv) {
         uint32_t chain_len = s2n_stuffer_data_available(&chain_stuffer);
         EXPECT_TRUE(chain_len > 0);
         uint8_t *chain_data = s2n_stuffer_raw_read(&chain_stuffer, chain_len);
+
+        struct s2n_pkey public_key_out;
+        EXPECT_SUCCESS(s2n_pkey_zero_init(&public_key_out));
+        s2n_pkey_type pkey_type;
+        EXPECT_EQUAL(S2N_CERT_OK,
+                     s2n_x509_validator_validate_cert_chain(&validator, connection, chain_data, chain_len, &pkey_type, &public_key_out));
+        s2n_stuffer_free(&chain_stuffer);
         EXPECT_EQUAL(S2N_PKEY_TYPE_RSA, pkey_type);
         s2n_connection_free(connection);
         s2n_pkey_free(&public_key_out);
@@ -1442,6 +1449,11 @@ int main(int argc, char **argv) {
         uint32_t chain_len = s2n_stuffer_data_available(&chain_stuffer);
         EXPECT_TRUE(chain_len > 0);
         uint8_t *chain_data = s2n_stuffer_raw_read(&chain_stuffer, chain_len);
+
+        struct s2n_pkey public_key_out;
+        EXPECT_SUCCESS(s2n_pkey_zero_init(&public_key_out));
+        s2n_pkey_type pkey_type;
+
         /* Expect to return S2N_CERT_ERR_UNTRUSTED */
         EXPECT_EQUAL(S2N_CERT_ERR_UNTRUSTED,
                      s2n_x509_validator_validate_cert_chain(&validator, connection, chain_data, chain_len, &pkey_type, &public_key_out));

diff --git a/tls/s2n_x509_validator.c b/tls/s2n_x509_validator.c
@@ -580,7 +580,7 @@ S2N_RESULT s2n_x509_validator_validate_certificate_signatures(struct s2n_connect
         bool out = false;
         X509 *cert = sk_X509_value(validated_chain, i);
 
-        GUARD_RESULT(s2n_is_certificate_sig_scheme_supported(conn, cert, &out));
+        GUARD_RESULT(s2n_is_certificate_sig_scheme_supported(conn, cert, conn->config->security_policy->certificate_signature_preferences, &out));
         if(out == false) {
             *validation_code = S2N_CERT_ERR_UNTRUSTED;
             return S2N_RESULT_OK;
@@ -591,10 +591,11 @@ S2N_RESULT s2n_x509_validator_validate_certificate_signatures(struct s2n_connect
     return S2N_RESULT_OK;
 }
 
-S2N_RESULT s2n_is_certificate_sig_scheme_supported(struct s2n_connection *conn, X509 *x509_cert, bool *out)
+S2N_RESULT s2n_is_certificate_sig_scheme_supported(struct s2n_connection *conn, X509 *x509_cert, const struct s2n_signature_preferences *cert_sig_preferences, bool *out)
 {
     ENSURE_REF(conn);
     ENSURE_REF(x509_cert);
+    ENSURE_REF(cert_sig_preferences);
     ENSURE_REF(out);
 
     int nid = 0;
@@ -606,12 +607,11 @@ S2N_RESULT s2n_is_certificate_sig_scheme_supported(struct s2n_connection *conn,
         nid = X509_get_signature_nid(x509_cert);
     #endif
 
-    for (size_t i = 0; i < conn->config->security_policy->certificate_signature_preferences->count; i++) {
+    for (size_t i = 0; i < cert_sig_preferences->count; i++) {
 
-        if (conn->config->security_policy->certificate_signature_preferences->signature_schemes[i]->libcrypto_nid == nid) {
+        if (cert_sig_preferences->signature_schemes[i]->libcrypto_nid == nid) {
             /* SHA-1 algorithms are not supported in certificate signatures in TLS1.3 */
-            if (conn->actual_protocol_version >= S2N_TLS13 &&
-                conn->config->security_policy->certificate_signature_preferences->signature_schemes[i]->hash_alg == S2N_HASH_SHA1) {
+            if (conn->actual_protocol_version >= S2N_TLS13 && cert_sig_preferences->signature_schemes[i]->hash_alg == S2N_HASH_SHA1) {
                 *out = false;
             } else {
                 *out = true;

diff --git a/tls/s2n_x509_validator.h b/tls/s2n_x509_validator.h
@@ -132,4 +132,4 @@ S2N_RESULT s2n_x509_validator_validate_certificate_signatures(struct s2n_connect
                                                                                  s2n_cert_validation_code *validation_code);
 
 /* Checks to see if a certificate has a signature algorithm that's in our certificate_signature_preferences list */
-S2N_RESULT s2n_is_certificate_sig_scheme_supported(struct s2n_connection *conn, X509 *x509_cert, bool *out);
+S2N_RESULT s2n_is_certificate_sig_scheme_supported(struct s2n_connection *conn, X509 *x509_cert, const struct s2n_signature_preferences *cert_sig_preferences, bool *out);