Respect algorithm support announced by management client

Support for padding algorithms in management-client is indicated
in the optional argument to --management-external-key as "pkcs1",
"pss" etc. We currently use it only for an early exit based on heuristics
that a required algorithm may not be handled by the client. When
signature is requested we do not check whether the padding is indeed
supported by the client. This leads to situations like the client
announcing "nopadding" support but we request "pss" signature.

Here we add a check while requesting signature as well. If the padding
treat it as an error instead of submitting the request to the
management-interface regardless.

This change is made only when xkey provider is in use, though such a check
would be appropriate always.

Signed-off-by: Selva Nair <selva.nair@gmail.com>
Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <20211214165928.30676-11-selva.nair@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23441.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>

diff --git a/src/openvpn/xkey_helper.c b/src/openvpn/xkey_helper.c
index 9994ad043de39a792364f04747515d35928c00b5..8a42c249551b8e10e97abae8dfd9fe770276b2a4 100644 (file)
--- a/src/openvpn/xkey_helper.c
+++ b/src/openvpn/xkey_helper.c
@@ -146,6 +146,8 @@ xkey_management_sign(void *unused, unsigned char *sig, size_t *siglen,
     unsigned char enc[EVP_MAX_MD_SIZE + 32]; /* 32 bytes enough for digest inf structure */
     size_t enc_len = sizeof(enc);
 
+    unsigned int flags = management->settings.flags;
+
     if (!strcmp(alg.op, "DigestSign"))
     {
         dmsg(D_LOW, "xkey_management_sign: computing digest");
@@ -166,7 +168,7 @@ xkey_management_sign(void *unused, unsigned char *sig, size_t *siglen,
         strncpynt(alg_str, "ECDSA", sizeof(alg_str));
     }
     /* else assume RSA key */
-    else if (!strcmp(alg.padmode, "pkcs1"))
+    else if (!strcmp(alg.padmode, "pkcs1") && (flags & MF_EXTERNAL_KEY_PKCS1PAD))
     {
         /* management interface expects a pkcs1 encoded digest -- add it */
         if (!encode_pkcs1(enc, &enc_len, alg.mdname, tbs, tbslen))
@@ -178,17 +180,17 @@ xkey_management_sign(void *unused, unsigned char *sig, size_t *siglen,
 
         strncpynt(alg_str, "RSA_PKCS1_PADDING", sizeof(alg_str));
     }
-    else if (!strcmp(alg.padmode, "none"))
+    else if (!strcmp(alg.padmode, "none") && (flags & MF_EXTERNAL_KEY_NOPADDING))
     {
         strncpynt(alg_str, "RSA_NO_PADDING", sizeof(alg_str));
     }
-    else if (!strcmp(alg.padmode, "pss"))
+    else if (!strcmp(alg.padmode, "pss") && (flags & MF_EXTERNAL_KEY_PSSPAD))
     {
         openvpn_snprintf(alg_str, sizeof(alg_str), "%s,hashalg=%s,saltlen=%s",
                        "RSA_PKCS1_PSS_PADDING", alg.mdname,alg.saltlen);
     }
     else {
-        msg(M_NONFATAL, "Unsupported RSA padding mode in signature request<%s>",
+        msg(M_NONFATAL, "RSA padding mode unknown or not supported by management-client <%s>",
             alg.padmode);
         return 0;
     }