From 28a82237d93c9a3dab39292f59d5fa7ae0b82d90 Mon Sep 17 00:00:00 2001
From: JacobBarthelmeh <jacob@wolfssl.com>
Date: Wed, 7 Sep 2022 13:12:43 -0700
Subject: [PATCH] RSA-PSS signed OCSP responses

---
 certs/ocsp/include.am               |   1 +
 certs/ocsp/renewcerts.sh            |  10 ++++++++++
 certs/ocsp/test-response-rsapss.der | Bin 0 -> 1913 bytes
 tests/api.c                         |  20 +++++++++++++++++++-
 wolfcrypt/src/asn.c                 |  28 +++++++++++++++++++++++++---
 5 files changed, 55 insertions(+), 4 deletions(-)
 create mode 100644 certs/ocsp/test-response-rsapss.der

diff --git a/certs/ocsp/include.am b/certs/ocsp/include.am
index 3afd680b1..92a72b81e 100644
--- a/certs/ocsp/include.am
+++ b/certs/ocsp/include.am
@@ -34,4 +34,5 @@ EXTRA_DIST += \
         certs/ocsp/root-ca-key.pem \
         certs/ocsp/root-ca-cert.pem \
         certs/ocsp/test-response.der \
+        certs/ocsp/test-response-rsapss.der \
         certs/ocsp/test-response-nointern.der
diff --git a/certs/ocsp/renewcerts.sh b/certs/ocsp/renewcerts.sh
index 556da9432..2b24dbabc 100755
--- a/certs/ocsp/renewcerts.sh
+++ b/certs/ocsp/renewcerts.sh
@@ -68,6 +68,7 @@ update_cert() {
     cat "$3"-cert.pem >> "$1"-cert.pem
 }
 
+SIGOPT=""
 update_cert intermediate1-ca "wolfSSL intermediate CA 1"       root-ca          v3_ca   01
 update_cert intermediate2-ca "wolfSSL intermediate CA 2"       root-ca          v3_ca   02
 update_cert intermediate3-ca "wolfSSL REVOKED intermediate CA" root-ca          v3_ca   03 # REVOKED
@@ -87,6 +88,15 @@ PID=$!
 
 openssl ocsp -issuer ./root-ca-cert.pem -cert ./intermediate1-ca-cert.pem -url http://localhost:22221/ -respout test-response.der
 openssl ocsp -issuer ./root-ca-cert.pem -cert ./intermediate1-ca-cert.pem -url http://localhost:22221/ -respout test-response-nointern.der -no_intern
+kill $PID
+wait $PID
+
+
+# now start up a responder that signs using rsa-pss
+openssl ocsp -port 22221 -ndays 1000 -index index-ca-and-intermediate-cas.txt -rsigner ocsp-responder-cert.pem -rkey ocsp-responder-key.pem -CA root-ca-cert.pem -rsigopt rsa_padding_mode:pss &
+PID=$!
+
+openssl ocsp -issuer ./root-ca-cert.pem -cert ./intermediate4-ca-rsapss-cert.pem -url http://localhost:22221/ -rsigopt rsa_mode:pss -rsigopt rsa_padding_mode:pss -rsigopt rsa_pss_saltlen:-1 -respout test-response-rsapss.der
 # can verify with the following command
 # openssl ocsp -respin test-response-nointern.der -CAfile root-ca-cert.pem -issuer intermediate1-ca-cert.pem
 
diff --git a/certs/ocsp/test-response-rsapss.der b/certs/ocsp/test-response-rsapss.der
new file mode 100644
index 0000000000000000000000000000000000000000..ca99d28b73b8e006ae40b1967c694638677e8771
GIT binary patch
literal 1913
zcmXqLVlU-lWLVI|o@da+p2fzg&Bn;e%5K2O$kN0fZP3IXZqUT&u&{BVLE}6_ZUas>
z=1>+kVW!YvLtz6!5Ql?@D?G6{BQr0(BtOqkz<>`V$j-waoSIltl9LJ(;o@O0&(BE<
z4)!q=F%SZ&;pX9X%}dYBOHD1x%u6?vH;@I1GV_Q*)hYNp2L~twr4|?D=cS|;ffaCS
zwRyCC=Vjz%6cfnIOUrivsVy$f(M!(HmEborFfuZ*G%z=`G&M1{j50_uNHVZ8;ACUf
z=3{1(Vr5_vaanQu;-2YT&DPO|vwU`33Njb%>R=Hm-XOC?zv=XO_oWusH?TBW)fI^<
zGBI*BF<=<EKoBfsYG7ty47FvUvVo$3JR;nfScF&vo=)-%d}?^xmgkam*CoyWZU#<l
zFsCze8JI5MH{fOCOlb39Ol4+aVq|4lC}SXnP{DyFyNHE}iQyh|6C)!-L}P)eyi$AF
zr4?3<;o%JLnX2!7&nSA*|4?*N$TLaNr>EbB%4>u_wT;lK3puXMda>6lS0&U_<A-Cw
z!>f{kM!P+~cgCn+=G_x;_WmW6zx#t_JDOWr?kFW~HQD5tqskfFIdkR=6UHz1g-dt+
zyZQ69Vw1w*LkpC?9l2tr5IFtAqBnD88>H5JeX6*}Z{0kr$1<1216n!$?)37y|Hfv)
zBl~^*(`Hy!O;{n-ZRGY$+r+BKDYCp%K4QwO6HjVyx1CpG<?);s(jIm$>hPD_OPyQO
zelosZv3Tvq(kiht+Ad8VfivrGy}u+@%5^QHaLTQ7Zw`9wHsYI|XTacVJSFt^-ZO0f
zqZc%>95ZNQIb_hpvd^H2dD#MHCPpSEMix+rLDL2!H!Fid<8+!PRtW<!NMhv&CBWcd
zABCd){1OFcM}n!;Ku(+&no2DUOpGj|#CeS%$qB+8^x4dyiBSnTv>90$n41{+84Q{j
zxtKsnbjL2`E#D4TiyU6^RW@<qSGnY!t;!|=xj$+ab+L3`EsfFrp4@Sfz3LUWtEu*D
z`Hf0jrZ`$Wnp<+M+dxSm@aXMR_HNq$o<`X_mZX<XT{-3I;df3ydS6eP`tWAzcIP7!
z_rw||oKrDXJQBJlD)51x?q;qif3IT0fOlSEdo8=yvU;>{ocTy#Ia^WsshEq?_n!Dz
z_Tz!qn>~}ir1@wRUc8aUyk&yHZt)HOrhk=taXfZ*x1gku&FZGYivR2EjW%%<Zj$a%
zUn98VhO_7S4FwxN^sKw3(k^a&gC#YGp)BCND980J#TjZM?NblO=OylFZ~4_A#nnCI
z^W*=1E;6YlHH9ImPc50485tNCH!*S<G%>P)3rtyI7A6A*aQP<7$0EieVwC=HW96mB
zKl7D&3LFBqx`pj9Ff(X8!p0mbtIX24$Dna%1J*)mVdLB-jk5-C;%;J0HV_8+LY0Nb
zfQyX-QkO7uBBvK_aC%{62=3=~ip$H$b(iL@3x2uk*vl{1)^zfUF5ro&-7GRCCOeL~
zYR)n@S8nlIhqW4NpMQSaxIR_&@!1b^G8kI79=-Se#1g(&U8<akt0uqrX<w(#6DLua
zEA(G%Zf0?@GLz<-6*F6W*K!J|f88C+d3uKXwws|+9iqAgbGdxk1N~OC)rT(0<ZVfR
zd%ddb%TD#kr>ZAbteol|m%ZRe*o&mi4+O5f%=o)GyHVoTll9@7BA7ot|7~^b@7mIh
z1$Gl=tN1-KpIUG#^Qmy$gDdNn?HB*}R8~3n|2ZaqcfAM4wH0Q(E9IE_)M!`NqtcI-
fmue)_S2o@Gqag4}YDQxji^`7e_jwvJwqyVR-8YYp

literal 0
HcmV?d00001

diff --git a/tests/api.c b/tests/api.c
index 3eeee2359..235335858 100644
--- a/tests/api.c
+++ b/tests/api.c
@@ -1403,12 +1403,15 @@ static int test_wolfSSL_CertManagerCheckOCSPResponse(void)
     return 0;
 }
 
-static void test_wolfSSL_CheckOCSPResponse(void)
+static int test_wolfSSL_CheckOCSPResponse(void)
 {
 #if defined(HAVE_OCSP) && !defined(NO_RSA) && defined(OPENSSL_ALL)
     const char* responseFile = "./certs/ocsp/test-response.der";
     const char* responseNoInternFile = "./certs/ocsp/test-response-nointern.der";
     const char* caFile = "./certs/ocsp/root-ca-cert.pem";
+#if defined(WC_RSA_PSS)
+    const char* responsePssFile = "./certs/ocsp/test-response-rsapss.der";
+#endif
     OcspResponse* res = NULL;
     byte data[4096];
     const unsigned char* pt;
@@ -1455,8 +1458,23 @@ static void test_wolfSSL_CheckOCSPResponse(void)
     AssertNotNull(res);
     wolfSSL_OCSP_RESPONSE_free(res);
 
+#if defined(WC_RSA_PSS)
+    /* check loading a response with RSA-PSS signature */
+    f = XFOPEN(responsePssFile, "rb");
+    AssertTrue(f != XBADFILE);
+    dataSz = (word32)XFREAD(data, 1, sizeof(data), f);
+    AssertIntGT(dataSz, 0);
+    XFCLOSE(f);
+
+    pt = data;
+    res = wolfSSL_d2i_OCSP_RESPONSE(NULL, &pt, dataSz);
+    AssertNotNull(res);
+    wolfSSL_OCSP_RESPONSE_free(res);
+#endif
+
     printf(resultFmt, passed);
 #endif /* HAVE_OCSP */
+    return 0;
 }
 
 static int test_wolfSSL_CertManagerLoadCABuffer(void)
diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c
index 837a8354e..8f41089f2 100644
--- a/wolfcrypt/src/asn.c
+++ b/wolfcrypt/src/asn.c
@@ -33446,6 +33446,8 @@ static int DecodeBasicOcspResponse(byte* source, word32* ioIndex,
     #endif
     int    ret;
     int    sigLength;
+    const byte*   sigParams = NULL;
+    word32        sigParamsSz = 0;
 
     WOLFSSL_ENTER("DecodeBasicOcspResponse");
     (void)heap;
@@ -33463,8 +33465,26 @@ static int DecodeBasicOcspResponse(byte* source, word32* ioIndex,
         return ret; /* ASN_PARSE_E, ASN_BEFORE_DATE_E, ASN_AFTER_DATE_E */
 
     /* Get the signature algorithm */
-    if (GetAlgoId(source, &idx, &resp->sigOID, oidSigType, size) < 0)
+    if (GetAlgoId(source, &idx, &resp->sigOID, oidSigType, size) < 0) {
         return ASN_PARSE_E;
+    }
+#ifdef WC_RSA_PSS
+    else if (resp->sigOID == CTC_RSASSAPSS) {
+        word32 sz;
+        int len;
+        const byte* params;
+
+        sz = idx;
+        params = source + idx;
+        if (GetSequence(source, &idx, &len, size) < 0)
+            ret = ASN_PARSE_E;
+        if (ret == 0) {
+            idx += len;
+            sigParams = params;
+            sigParamsSz = idx - sz;
+        }
+    }
+#endif
 
     ret = CheckBitString(source, &idx, &sigLength, size, 1, NULL);
     if (ret != 0)
@@ -33532,7 +33552,8 @@ static int DecodeBasicOcspResponse(byte* source, word32* ioIndex,
                 &cert->sigCtx,
                 resp->response, resp->responseSz,
                 cert->publicKey, cert->pubKeySize, cert->keyOID,
-                resp->sig, resp->sigSz, resp->sigOID, NULL, 0, NULL);
+                resp->sig, resp->sigSz, resp->sigOID, sigParams, sigParamsSz,
+                NULL);
 
             if (ret != 0) {
                 WOLFSSL_MSG("\tOCSP Confirm signature failed");
@@ -33569,7 +33590,8 @@ static int DecodeBasicOcspResponse(byte* source, word32* ioIndex,
             /* ConfirmSignature is blocking here */
             sigValid = ConfirmSignature(&sigCtx, resp->response,
                 resp->responseSz, ca->publicKey, ca->pubKeySize, ca->keyOID,
-                resp->sig, resp->sigSz, resp->sigOID, NULL, 0, NULL);
+                resp->sig, resp->sigSz, resp->sigOID, sigParams, sigParamsSz,
+                NULL);
         }
         if (ca == NULL || sigValid != 0) {
             WOLFSSL_MSG("\tOCSP Confirm signature failed");