certtool: allow specifying RSA-PSS parameters for key generation

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

diff --git a/src/certtool-args.def b/src/certtool-args.def
index 2d045d11234292f6e88591df4866f82c5ae05c3c..fcb895e829d5858bfffaf2ad91be29a05f980d09 100644 (file)
--- a/src/certtool-args.def
+++ b/src/certtool-args.def
@@ -181,7 +181,9 @@ flag = {
     name      = generate-privkey;
     value     = p;
     descrip   = "Generate a private key";
-    doc = "";
+    doc = "When generating RSA-PSS private keys, the --hash option will
+restrict the allowed hash for the key; in the same keys the --salt-size
+option is also acceptable.";
 };
 
 flag = {
@@ -563,6 +565,13 @@ flag = {
     doc = "Available hash functions are SHA1, RMD160, SHA256, SHA384, SHA512, SHA3-224, SHA3-256, SHA3-384, SHA3-512.";
 };
 
+flag = {
+    name      = salt-size;
+    arg-type  = number;
+    descrip   = "Specify the RSA-PSS key default salt size";
+    doc = "Typical keys shouldn't set or restrict this option.";
+};
+
 flag = {
     name      = inder;
     descrip   = "Use DER format for input certificates, private keys, and DH parameters ";

diff --git a/src/certtool.c b/src/certtool.c
index c92095a4973d3fc2263d175cae79ba50566c91de..e4421c2dd1792ebff95b071c2bf09fbddde6b1a9 100644 (file)
--- a/src/certtool.c
+++ b/src/certtool.c
@@ -135,6 +135,8 @@ generate_private_key_int(common_info_st * cinfo)
        int ret, key_type, bits;
        unsigned provable = cinfo->provable;
        unsigned flags = 0;
+       gnutls_keygen_data_st kdata[8];
+       unsigned kdata_size = 0;
 
        key_type = req_key_type;
 
@@ -188,12 +190,15 @@ generate_private_key_int(common_info_st * cinfo)
                }
        }
 
-       if (cinfo->seed_size > 0) {
-               gnutls_keygen_data_st data;
+       if (HAVE_OPT(SALT_SIZE)) {
+               kdata[kdata_size].type = GNUTLS_KEYGEN_RSA_PSS_SALT_SIZE;
+               kdata[kdata_size++].size = OPT_VALUE_SALT_SIZE;
+       }
 
-               data.type = GNUTLS_KEYGEN_SEED;
-               data.data = (void*)cinfo->seed;
-               data.size = cinfo->seed_size;
+       if (cinfo->seed_size > 0) {
+               kdata[kdata_size].type = GNUTLS_KEYGEN_SEED;
+               kdata[kdata_size].data = (void*)cinfo->seed;
+               kdata[kdata_size++].size = cinfo->seed_size;
 
                if (GNUTLS_PK_IS_RSA(key_type)) {
                        if ((bits == 3072 && cinfo->seed_size != 32) || (bits == 2048 && cinfo->seed_size != 28)) {
@@ -205,17 +210,19 @@ generate_private_key_int(common_info_st * cinfo)
                        }
                }
 
-               ret = gnutls_x509_privkey_generate2(key, key_type, bits, GNUTLS_PRIVKEY_FLAG_PROVABLE, &data, 1);
-       } else {
-               gnutls_keygen_data_st data;
+               flags |= GNUTLS_PRIVKEY_FLAG_PROVABLE;
+       }
 
-               data.type = GNUTLS_KEYGEN_DIGEST;
-               data.size = default_dig;
+       if (default_dig) {
+               kdata[kdata_size].type = GNUTLS_KEYGEN_RSA_PSS_DIGEST;
+               kdata[kdata_size++].size = default_dig;
 
-               if (provable)
-                       flags |= GNUTLS_PRIVKEY_FLAG_PROVABLE;
-               ret = gnutls_x509_privkey_generate2(key, key_type, bits, flags, &data, 1);
        }
+
+       if (provable)
+               flags |= GNUTLS_PRIVKEY_FLAG_PROVABLE;
+
+       ret = gnutls_x509_privkey_generate2(key, key_type, bits, flags, kdata, kdata_size);
        if (ret < 0) {
                fprintf(stderr, "privkey_generate: %s\n",
                        gnutls_strerror(ret));