From 908ad77af8731c0e8a7645575ea71fbbdd404d41 Mon Sep 17 00:00:00 2001 From: xunchang Date: Tue, 26 Mar 2019 09:54:34 -0700 Subject: Allow RSA 4096 key in package verification The RSA_verify sitll works for 4096 bits keys. And we just need to loose the check on modulus. Sample commands to generate the key & package: 1. openssl genrsa -out keypair.pem 4096 2. openssl pkcs8 -topk8 -inform PEM -outform DER -nocrypt \ -in keypair.pem -out private.pk8 3. openssl req -new -x509 -key keypair.pem -out public.x509.pem \ -days 365 4. java -Djava.library.path=prebuilts/sdk/tools/linux/lib64 -jar \ prebuilts/sdk/tools/lib/signapk.jar -w public.x509.pem private.pk8 \ unsigned.zip signed.zip Bug: 129163830 Test: unit tests pass Change-Id: I5a5ff539c9ff1955c02ec2ce4b17563cb92808a4 --- tests/component/verifier_test.cpp | 11 ++++++++++ tests/testdata/otasigned_4096bits.zip | Bin 0 -> 4055 bytes tests/testdata/testkey_4096bits.x509.pem | 35 +++++++++++++++++++++++++++++++ verifier.cpp | 4 ++-- verifier.h | 3 ++- 5 files changed, 50 insertions(+), 3 deletions(-) create mode 100644 tests/testdata/otasigned_4096bits.zip create mode 100644 tests/testdata/testkey_4096bits.x509.pem diff --git a/tests/component/verifier_test.cpp b/tests/component/verifier_test.cpp index c904cd038..bdb8af231 100644 --- a/tests/component/verifier_test.cpp +++ b/tests/component/verifier_test.cpp @@ -158,6 +158,17 @@ TEST(VerifierTest, LoadCertificateFromBuffer_sha256_ec256bits) { VerifyPackageWithSingleCertificate("otasigned_v5.zip", std::move(cert)); } +TEST(VerifierTest, LoadCertificateFromBuffer_sha256_rsa4096_bits) { + Certificate cert(0, Certificate::KEY_TYPE_RSA, nullptr, nullptr); + LoadKeyFromFile(from_testdata_base("testkey_4096bits.x509.pem"), &cert); + + ASSERT_EQ(SHA256_DIGEST_LENGTH, cert.hash_len); + ASSERT_EQ(Certificate::KEY_TYPE_RSA, cert.key_type); + ASSERT_EQ(nullptr, cert.ec); + + VerifyPackageWithSingleCertificate("otasigned_4096bits.zip", std::move(cert)); +} + TEST(VerifierTest, LoadCertificateFromBuffer_check_rsa_keys) { std::unique_ptr rsa(RSA_new()); std::unique_ptr exponent(BN_new(), BN_free); diff --git a/tests/testdata/otasigned_4096bits.zip b/tests/testdata/otasigned_4096bits.zip new file mode 100644 index 000000000..5016dfc9a Binary files /dev/null and b/tests/testdata/otasigned_4096bits.zip differ diff --git a/tests/testdata/testkey_4096bits.x509.pem b/tests/testdata/testkey_4096bits.x509.pem new file mode 100644 index 000000000..cba30d61b --- /dev/null +++ b/tests/testdata/testkey_4096bits.x509.pem @@ -0,0 +1,35 @@ +-----BEGIN CERTIFICATE----- +MIIGADCCA+igAwIBAgIJAJiRMVvanGUaMA0GCSqGSIb3DQEBCwUAMIGUMQswCQYD +VQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNTW91bnRhaW4g +VmlldzEQMA4GA1UECgwHQW5kcm9pZDEQMA4GA1UECwwHQW5kcm9pZDEQMA4GA1UE +AwwHQW5kcm9pZDEiMCAGCSqGSIb3DQEJARYTYW5kcm9pZEBhbmRyb2lkLmNvbTAe +Fw0xODEwMzAxMjEzNTFaFw00NjAzMTcxMjEzNTFaMIGUMQswCQYDVQQGEwJVUzET +MBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNTW91bnRhaW4gVmlldzEQMA4G +A1UECgwHQW5kcm9pZDEQMA4GA1UECwwHQW5kcm9pZDEQMA4GA1UEAwwHQW5kcm9p +ZDEiMCAGCSqGSIb3DQEJARYTYW5kcm9pZEBhbmRyb2lkLmNvbTCCAiIwDQYJKoZI +hvcNAQEBBQADggIPADCCAgoCggIBAL3ghKA8Gz9qOORY8gMY4wlB2tCJLDUO2tFG +LVK1UphtQMp+YEcz/0VQKVV7de7z6V4EMQ5P1HbxHOsjcKn/zXAl4YgFt7b5kZbC +bpNK4CYHEfho3j6fpYtq5d9q8rIA2kI0uZkkqPy1zXKTl2C2PjOoAnLQRk5xBVQG +M10/wYsf7yX36mSWoJJwKPp/EzVFpA+hX8HpljeIiZ6CFzKwJdqv9zO/xzfp6NsX +Tv5EGdkDxmw3qQqKgyl8dLMTZ/2zNfvVOMeZDusEPDF7A/lbU1byLWrKQdCzVb40 +yc7BCSRGYwM29R/byOcgD+lslwKSGzgzNmQXICt1tXz9bSJR8qh4tlAaiRc3ZKBe +hJWIFGkGtD/cDGtDE5DbNAOz6CdSDdE2XN0Qf0cfN1RHVE6fo2FtFicRRVuFBt8M +2cbQ7bzmEvtHD6W6dsf120FH7gppXKmnhMx1WazpxR2QltbiYDTy2ZZi4paS/jDB +fL9gMCWp3Ohg2y74NGfUw5CQWQsDpcki6I7RvwClBCyOV51LHn5LE/nY4DkVrZxk +Pw0/YrTWz5J5PbdMetTuIunE4ec4lm8nZnh1ET+2MHx2+RoyF5vBs4rp1KHHRaEA +veD2AfQOWxz7kOG9+akFot7n+QoWEGdwY0mJ9jsO/IITCjv3VbD7o0OoJv1R2AW5 +sK2KQ4PDAgMBAAGjUzBRMB0GA1UdDgQWBBT2EbrayXGhY6VCvSlLtRNyjW9ceDAf +BgNVHSMEGDAWgBT2EbrayXGhY6VCvSlLtRNyjW9ceDAPBgNVHRMBAf8EBTADAQH/ +MA0GCSqGSIb3DQEBCwUAA4ICAQC7SsWap9zDKmuR0qMUZ6wlualnag0hUG1jZHQP +t63KO6LmNNMSuXRX60Zcq6WWzgLOyoT4HqHZZ47Jamfb4XQQcnWMMW0tJ3pDtTkz +dZILBInHJO8QPYI8Du6XWsDLSvMajq6ueBtO3NdcgsNL7eiHf3WoOtajLZxFM94Z +MESkUQOIsqHolYeTMHLTsuGkX1CK2Zw3Xn18bUSTYwZCHa6mYH00ItUBfetGCnWh +Y7bth/R15Cc+hocSB7ZsOa/R5kDyDdFDIKrnV5nH5Yd7CryrYC6Ac5UarYrxSJTq +eKPwqUlJB/tJW/lvdLt8YaURbFGzf/ZqU12zZRafYjmMjcQvfpzMoDSnbvHTA9IR +ZGO7dwhwykoSaL4/8LWde49xQUq6F2pQBRmEr+7mTzml1MaM5cWEk5emkCMXgLog +k+c56CAk1EdM1teWik7wR0TIqkkYyYJHTSg61GkXUIXrZJ6iYx2ejDg1+QTPm9rU +Yr7nP52gVkQuUAX1+xB6wKLSDizQJw8SNiUGXl5+2vwV6+0BI3/CXlQ8I/nRPBC1 +oqOIkRSbE+IF7DP9QvYuNG/3bZZQ8LUVeHxqI5Mq8K2VIJZd95AIwPNMH34SaDGz +9xjG28Fq4ZkuDP0pCsHM9d2XEwK5PEVS18WW5fJ/QcJKMno4IPTB70ZBBjVzv6Y+ +MYjOrw== +-----END CERTIFICATE----- diff --git a/verifier.cpp b/verifier.cpp index 68a011e0d..08d852b37 100644 --- a/verifier.cpp +++ b/verifier.cpp @@ -373,8 +373,8 @@ bool CheckRSAKey(const std::unique_ptr& rsa) { const BIGNUM* out_e; RSA_get0_key(rsa.get(), &out_n, &out_e, nullptr /* private exponent */); auto modulus_bits = BN_num_bits(out_n); - if (modulus_bits != 2048) { - LOG(ERROR) << "Modulus should be 2048 bits long, actual: " << modulus_bits; + if (modulus_bits != 2048 && modulus_bits != 4096) { + LOG(ERROR) << "Modulus should be 2048 or 4096 bits long, actual: " << modulus_bits; return false; } diff --git a/verifier.h b/verifier.h index 106b86b85..ef9feaff0 100644 --- a/verifier.h +++ b/verifier.h @@ -88,7 +88,8 @@ class VerifierInterface { // VERIFY_FAILURE (if any error is encountered or no key matches the signature). int verify_file(VerifierInterface* package, const std::vector& keys); -// Checks that the RSA key has a modulus of 2048 bits long, and public exponent is 3 or 65537. +// Checks that the RSA key has a modulus of 2048 or 4096 bits long, and public exponent is 3 or +// 65537. bool CheckRSAKey(const std::unique_ptr& rsa); // Checks that the field size of the curve for the EC key is 256 bits. -- cgit v1.2.3