Djam/arm-trusted-firmware
1
0
Fork 0
mirror of https://github.com/ARM-software/arm-trusted-firmware.git synced 2025-04-18 18:44:22 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix(cert-create): use a salt length equal to digest length for RSA-PSS

Browse source 
Currently when RSA-PSS signing is invoked, a salt length of 32 bytes
is assumed. This works well when SHA-256 is the digest algorithm, but
the standard industry practice is that the salt length should follow
the digest length (e.g. 48/64 bytes for SHA-384/SHA-512).

Various cloud services' key management services (KMS) offering have
such restrictions in place, so if someone wants to integrate cert_create
against these services for signing key/content certs, they will have
problem with integration.

Furthermore, JWS (RFC7518) defined these specific combinations as valid
specs and other combinations are not supported:

  - PS256: RSASSA-PSS using SHA-256 and MGF1 with SHA-256
  - PS384: RSASSA-PSS using SHA-384 and MGF1 with SHA-384
  - PS512: RSASSA-PSS using SHA-512 and MGF1 with SHA-512

Change-Id: Iafc7c60ccb36f4681053dbeb4147bac01b9d724d
Signed-off-by: Donald Chan <donachan@tesla.com>
This commit is contained in:
Donald Chan 2024-04-08 15:23:43 -07:00
parent 0cf4fda900
commit e639ad23c8
1 changed files with 1 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
tools/cert_create/src/cert.c
View file

@ -22,7 +22,6 @@
#include "sha.h" #include "sha.h"
#define SERIAL_RAND_BITS 64 #define SERIAL_RAND_BITS 64
#define RSA_SALT_LEN 32
cert_t *certs; cert_t *certs;
unsigned int num_certs; unsigned int num_certs;
@ -152,7 +151,7 @@ int cert_new(
goto END; goto END;
} }
if (!EVP_PKEY_CTX_set_rsa_pss_saltlen(pKeyCtx, RSA_SALT_LEN)) { if (!EVP_PKEY_CTX_set_rsa_pss_saltlen(pKeyCtx, EVP_MD_size(get_digest(md_alg)))) {
ERR_print_errors_fp(stdout); ERR_print_errors_fp(stdout);
goto END; goto END;
} }