From d139e98815c37ef8b757ff9bfd805aa35efebe5e Mon Sep 17 00:00:00 2001 From: Sebastian Hahn Date: Sun, 13 Jan 2019 08:14:28 +0100 Subject: [PATCH] Add support for Ed25519 certificates This adds support for verification of ed25519 certificates according to RFC 8410. Implements #49. The test certificate was generated using OpenSSL 1.1.1a, using the following commands (CA.pl is distributed with OpenSSL): openssl genpkey -algorithm ed25519 -outform pem -out root_key.pem openssl req -new -x509 -days 9999 -extensions v3_ca -key root_key.pem \ -inform pem -outform pem -out root_ed25519.pem echo root_ed25519.pem | CA.pl -newca openssl genpkey -algorithm ed25519 -outform pem -out client_key.pem openssl req -new -key client_key.pem -inform pem -outform pem \ -out client_ed25519_csr.pem openssl ca -keyfile ./root_key.pem -days 999 -notext -in \ client_ed25519_csr.pem -out client_ed25519.pem I agree to license my contributions to each file under the terms given at the top of each file I changed. --- src/data/alg-ed25519.der | 1 + src/signed_data.rs | 12 ++++++++++++ src/webpki.rs | 1 + tests/ed25519/ca.der | Bin 0 -> 459 bytes tests/ed25519/ee.der | Bin 0 -> 483 bytes tests/integration.rs | 26 +++++++++++++++++++++++++- 6 files changed, 39 insertions(+), 1 deletion(-) create mode 100644 src/data/alg-ed25519.der create mode 100644 tests/ed25519/ca.der create mode 100644 tests/ed25519/ee.der diff --git a/src/data/alg-ed25519.der b/src/data/alg-ed25519.der new file mode 100644 index 0000000..7ca46fd --- /dev/null +++ b/src/data/alg-ed25519.der @@ -0,0 +1 @@ ++ep \ No newline at end of file diff --git a/src/signed_data.rs b/src/signed_data.rs index b75626e..9116fa0 100644 --- a/src/signed_data.rs +++ b/src/signed_data.rs @@ -267,6 +267,14 @@ pub static RSA_PSS_2048_8192_SHA512_LEGACY_KEY: SignatureAlgorithm = verification_alg: &signature::RSA_PSS_2048_8192_SHA512, }; +/// ED25519 signatures according to RFC 8410 +pub static ED25519: SignatureAlgorithm = + SignatureAlgorithm { + public_key_alg_id: ED_25519, + signature_alg_id: ED_25519, + verification_alg: &signature::ED25519, +}; + struct AlgorithmIdentifier { asn1_id_value: &'static [u8], } @@ -327,6 +335,9 @@ const RSA_PSS_SHA512: AlgorithmIdentifier = AlgorithmIdentifier { asn1_id_value: include_bytes!("data/alg-rsa-pss-sha512.der"), }; +const ED_25519: AlgorithmIdentifier = AlgorithmIdentifier { + asn1_id_value: include_bytes!("data/alg-ed25519.der"), +}; #[cfg(test)] mod tests { @@ -635,6 +646,7 @@ mod tests { &signed_data::RSA_PSS_2048_8192_SHA256_LEGACY_KEY, &signed_data::RSA_PSS_2048_8192_SHA384_LEGACY_KEY, &signed_data::RSA_PSS_2048_8192_SHA512_LEGACY_KEY, + &signed_data::ED25519, // Algorithms deprecated because they are annoying (P-521) or because // they are nonsensical combinations. diff --git a/src/webpki.rs b/src/webpki.rs index 511dcee..f9f1dcc 100644 --- a/src/webpki.rs +++ b/src/webpki.rs @@ -95,6 +95,7 @@ pub use signed_data::{ RSA_PSS_2048_8192_SHA256_LEGACY_KEY, RSA_PSS_2048_8192_SHA384_LEGACY_KEY, RSA_PSS_2048_8192_SHA512_LEGACY_KEY, + ED25519, }; pub use time::Time; diff --git a/tests/ed25519/ca.der b/tests/ed25519/ca.der new file mode 100644 index 0000000000000000000000000000000000000000..9994daf19130227211ac586e2a0ad8f9cb04583b GIT binary patch literal 459 zcmXqLVmxlp#8|n2nTe5!Nkp^k?gF_7D#CZ)Z4Gay94a|&94b7v(c}>g=OpOho zTv}SK1@#`YB11%2{|C{Tm(sdscs<#^tjO+C`!nAw_Li&@U%lxuOTRKm&6?9RW?#{8gs@}x|Ap33vunzQ;n%CC#~nl>KV W&YG3^KjH#oqh1$7cIk@K=NSMWIf%0W literal 0 HcmV?d00001 diff --git a/tests/ed25519/ee.der b/tests/ed25519/ee.der new file mode 100644 index 0000000000000000000000000000000000000000..5181f7bc2cf9c5118295fa4c855e3c07e8403176 GIT binary patch literal 483 zcmXqLV!UtA#5i#QGZP~d6O#ag0V^A`c4~n^q#?HfCmVAp3!5;LW2m99fgp&(!NV1t zpPQ;1T#{IlYN%)+4-(|!k?_nbNiE7tEl~*1Oi9lyDOLz5sZ{VONih^M5CAD*=HU$T z_YYABaSaYJkQ3)Mv@|d@G&V3dFg7)c66ZBCG&C@fe^%MZf74)S3jub zT2K!%D>D3xk~7N@SC9S}A!o(+EKIX^p0xdC`)O|P_p@Xlw{?$MTy0PZ4g*NKtT3Eh@=O%S;Ax3}k_p%kr^^ zv55H2JsI2ZzbW*Zg{%SNZl{|KhXo#iLrzwiMZ!R=K_o`yZG<1^(pigAw@>?&tUlQ& z^BynEnT`y*muSgFR>`pV&AGmzf~nzF1%Iw$0B>)!J6I b=_j02Ihp4E@T&2q15r+Y+L?Z-uV4TGTLg=l literal 0 HcmV?d00001 diff --git a/tests/integration.rs b/tests/integration.rs index 1e4489f..8dc919b 100644 --- a/tests/integration.rs +++ b/tests/integration.rs @@ -50,7 +50,8 @@ static ALL_SIGALGS: &'static [&'static webpki::SignatureAlgorithm] = &[ &webpki::RSA_PKCS1_2048_8192_SHA256, &webpki::RSA_PKCS1_2048_8192_SHA384, &webpki::RSA_PKCS1_2048_8192_SHA512, - &webpki::RSA_PKCS1_3072_8192_SHA384 + &webpki::RSA_PKCS1_3072_8192_SHA384, + &webpki::ED25519, ]; /* Checks we can verify netflix's cert chain. This is notable @@ -81,6 +82,29 @@ pub fn netflix() .unwrap(); } +#[cfg(feature = "trust_anchor_util")] +#[test] +pub fn ed25519() +{ + let ee = include_bytes!("ed25519/ee.der"); + let ca = include_bytes!("ed25519/ca.der"); + + let ee_input = untrusted::Input::from(ee); + let anchors = vec![ + webpki::trust_anchor_util::cert_der_as_trust_anchor( + untrusted::Input::from(ca) + ).unwrap() + ]; + let anchors = webpki::TLSServerTrustAnchors(&anchors); + + let time = webpki::Time::from_seconds_since_unix_epoch(1547363522); + + let cert = webpki::EndEntityCert::from(ee_input).unwrap(); + let _ = cert.verify_is_valid_tls_server_cert(ALL_SIGALGS, &anchors, + &[], time) + .unwrap(); +} + #[cfg(feature = "trust_anchor_util")] #[test] fn read_root_with_zero_serial() {