Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for RSASSA-PSS private key loading #7035

Closed
kislyuk opened this issue Apr 4, 2022 · 2 comments · Fixed by #7112
Closed

Support for RSASSA-PSS private key loading #7035

kislyuk opened this issue Apr 4, 2022 · 2 comments · Fixed by #7112
Labels
primitives

Comments

@kislyuk
Copy link

kislyuk commented Apr 4, 2022

I am working on an implementation of this IETF draft, which lists RSASSA-PSS as a signature scheme and provides a RSASSA-PSS key pair in PEM format (https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-message-signatures#appendix-B.1.2) (it also references https://datatracker.ietf.org/doc/html/rfc8017#section-8.1 for a specification of the configuration details).

While loading the public key for verifying works fine, loading the private key for signing yields this error:

  File "/lib/python3.8/site-packages/cryptography/hazmat/primitives/serialization/base.py", line 22, in load_pem_private_key
    return ossl.load_pem_private_key(data, password)
  File "/lib/python3.8/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 823, in load_pem_private_key
    return self._load_key(
  File "/lib/python3.8/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1088, in _load_key
    return convert_func(evp_pkey)
  File "/lib/python3.8/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 626, in _evp_pkey_to_private_key
    raise UnsupportedAlgorithm("Unsupported key type.")
cryptography.exceptions.UnsupportedAlgorithm: Unsupported key type.

I realize this issue has already been covered in #2850 and issues that reference it, but those all seem to all be in the context of X.509 certificates, which are not involved in this application. I'm not sure if the implementation burden of RSASSA-PSS private key operations without the related X509 infrastructure is significantly lower, but just wanted to mention this application as a standalone future use for this functionality.
@reaperhulk
Copy link
Member

Thanks for the context -- I think it's appropriate to think of this as separate from the larger X.509 questions, although there's a heavy degree of overlap. I'm not sure when this will rise to the top (I'd much rather people just stopped using RSA instead of creating variant keys, sigh), but we'd be happy to review PRs if someone wants to tackle it. It's non-trivial work though!

@alex alex added this to the Thirty Seventh Release milestone Apr 4, 2022
@Tarnum-tst Tarnum-tst mentioned this issue Apr 17, 2022
Merged
@reaperhulk reaperhulk removed this from the Thirty Seventh Release milestone Apr 18, 2022
@reaperhulk
Copy link
Member

We have implemented RSA-PSS key loading in 1.1.1e+, but we strip the constraints from the key when loading and treat it as a normal RSA key (see #7112). More support can be added in the future as use cases appear.

@alex alex linked a pull request Apr 26, 2022 that will close this issue
Load RSA PSS keys as regular RSA keys #7112
Merged
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jul 26, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
primitives
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Load RSA PSS keys as regular RSA keys reaperhulk/cryptography
3 participants
@alex @reaperhulk @kislyuk