Mixed mode needs to support PKCS #1.5 DigestInfo for RSA.

author: Rob Austein <sra@hactrn.net> 2016-10-29 19:29:31 -0400
committer: Rob Austein <sra@hactrn.net> 2016-10-29 19:29:31 -0400
commit: 82b698a7823d5293a457b52a7d4774e6e513e70a (patch)
tree: a8a75558e14822dc393b349bcebad7c42bc0a15b /libhal.py
parent: 3d3f71cae431ec4e0c5df627c525bacc475e47d7 (diff)
1 files changed, 11 insertions, 3 deletions
diff --git a/libhal.py b/libhal.py
index e02f1fa..41fb799 100644
--- a/libhal.py
+++ b/libhal.py
@@ -327,6 +327,14 @@ class LocalDigest(object):
     def finalize(self, length = None):
         return self._context.digest()
 
+    def finalize_padded(self, pkey):
+        if pkey.key_type not in (HAL_KEY_TYPE_RSA_PRIVATE, HAL_KEY_TYPE_RSA_PUBLIC):
+            return self.finalize()
+        # PKCS #1.5 requires the digest to be wrapped up in an ASN.1 DigestInfo object.
+        from Crypto.Util.asn1 import DerSequence, DerNull, DerOctetString
+        return DerSequence([DerSequence([self._context.oid, DerNull().encode()]).encode(),
+                            DerOctetString(self.finalize()).encode()]).encode()
+
 
 class PKey(Handle):
 
@@ -557,7 +565,7 @@ class HSM(object):
         with self.rpc(RPC_FUNC_PKEY_FIND, session, uuid, flags, client = client) as r:
             return PKey(self, r.unpack_uint(), uuid)
 
-    def pkey_generate_rsa(self, keylen, exponent, flags = 0, client = 0, session = 0):
+    def pkey_generate_rsa(self, keylen, exponent = "\x01\x00\x01", flags = 0, client = 0, session = 0):
         with self.rpc(RPC_FUNC_PKEY_GENERATE_RSA, session, keylen, exponent, flags, client = client) as r:
             return PKey(self, r.unpack_uint(), UUID(bytes = r.unpack_bytes()))
 
@@ -594,14 +602,14 @@ class HSM(object):
     def pkey_sign(self, pkey, hash = 0, data = "", length = 1024):
         assert not hash or not data
         if isinstance(hash, LocalDigest):
-            hash, data = 0, hash.finalize()
+            hash, data = 0, hash.finalize_padded(pkey)
         with self.rpc(RPC_FUNC_PKEY_SIGN, pkey, hash, data, length) as r:
             return r.unpack_bytes()
 
     def pkey_verify(self, pkey, hash = 0, data = "", signature = None):
         assert not hash or not data
         if isinstance(hash, LocalDigest):
-            hash, data = 0, hash.finalize()
+            hash, data = 0, hash.finalize_padded(pkey)
         with self.rpc(RPC_FUNC_PKEY_VERIFY, pkey, hash, data, signature):
             return
author	Rob Austein <sra@hactrn.net>	2016-10-29 19:29:31 -0400
committer	Rob Austein <sra@hactrn.net>	2016-10-29 19:29:31 -0400
commit	82b698a7823d5293a457b52a7d4774e6e513e70a (patch)
tree	a8a75558e14822dc393b349bcebad7c42bc0a15b /libhal.py
parent	3d3f71cae431ec4e0c5df627c525bacc475e47d7 (diff)