Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OpenSSL::PKey::PKey subclass for EVP_PKEY_RSA_PSS #715

Open
Anstuhrm opened this issue Jan 15, 2024 · 4 comments
Open

OpenSSL::PKey::PKey subclass for EVP_PKEY_RSA_PSS #715

Anstuhrm opened this issue Jan 15, 2024 · 4 comments

Comments

@Anstuhrm
Copy link

I had the same problem, see #562, to open a key and got the error OpenSSL::PKey::RSAError: incorrect pkey type: RSASSA-PSS.
So I used the mentioned method and called OpenSSL::PKey.read.
But now I have a problem to sign a JWT with the algorithm RSASSA-PSS:

JWT.encode({}, key, "ps256")
# This returns:
# NoMethodError: undefined method `sign_pss' for #<OpenSSL::PKey::PKey oid=RSASSA-PSS>
@rhenium
Copy link
Member

rhenium commented Jan 17, 2024

You can currently use OpenSSL::PKey::PKey#sign to do RSA-PSS without needing the RSA#sign_pss. The test code may be useful for you today:

openssl/test/openssl/test_pkey_rsa.rb

Lines 96 to 116 in 9569999

def test_sign_verify_options
key = Fixtures.pkey("rsa1024")
data = "Sign me!"
pssopts = {
"rsa_padding_mode" => "pss",
"rsa_pss_saltlen" => 20,
"rsa_mgf1_md" => "SHA1"
}
sig_pss = key.sign("SHA256", data, pssopts)
assert_equal 128, sig_pss.bytesize
assert_equal true, key.verify("SHA256", sig_pss, data, pssopts)
assert_equal true, key.verify_pss("SHA256", sig_pss, data,
salt_length: 20, mgf1_hash: "SHA1")
# Defaults to PKCS #1 v1.5 padding => verification failure
assert_equal false, key.verify("SHA256", sig_pss, data)
# option type check
assert_raise_with_message(TypeError, /expected Hash/) {
key.sign("SHA256", data, ["x"])
}
end

@rhenium
Copy link
Member

rhenium commented Jan 17, 2024

I wonder if we could add a PKey class for EVP_PKEY_RSA_PSS. I think #sign_pss and #verify_pss should just work on the pkey object decoded from PKCS#8.

EVP_PKEY_RSA_PSS seems to be just a variant of EVP_PKEY_RSA that contains default parameters for RSA-PSS and is locked to RSA-PSS operations.

@rhenium rhenium changed the title Problem to sign a JWT with RSASSA-PSS key OpenSSL::PKey::PKey subclass for EVP_PKEY_RSA_PSS Jan 17, 2024
@trkoch
Copy link

trkoch commented Jan 19, 2024
edited

I'm having the same issue. I'm trying to sign a JWT with a RSASSA-PSS1 private key (created with openssl req -newkey rsa-pss).

Not sure I follow the suggestion. Using #sign instead of #sign_pss does not work.

# jwt-2.7.1/lib/jwt/algos/ps.rb:19
key.sign(translated_algorithm, msg, salt_length: :digest, mgf1_hash: translated_algorithm)

Throws:

OpenSSL::PKey::PKeyError: EVP_PKEY_CTX_ctrl_str(ctx, "salt_length", "digest"): command not supported ([action:2, state:4] name=salt_length, value=digest)

@Anstuhrm Did you mange to work around this?

@trkoch
Copy link

trkoch commented Jan 19, 2024

It does seem to work with:

key.sign(translated_algorithm, msg)

I have no idea what I'm doing here, frankly. Can someone elaborate?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@trkoch @rhenium @Anstuhrm