Skip to content

Commit

Permalink
workaround RSA sig parsing issue
Browse files Browse the repository at this point in the history
  • Loading branch information
@JesusMcCloud
JesusMcCloud committed Nov 13, 2024
1 parent 4fa4793 commit c5199e6
Show file tree
Hide file tree
Showing 2 changed files with 41 additions and 13 deletions.
2 changes: 1 addition & 1 deletion indispensable/src/jvmMain/kotlin/at/asitplus/signum/indispensable/JcaExtensions.kt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -187,7 +187,7 @@ fun CryptoSignature.Companion.parseFromJca(
if (algorithm is SignatureAlgorithm.ECDSA)
CryptoSignature.EC.parseFromJca(input)
else
CryptoSignature.RSAorHMAC.parseFromJca(input)
CryptoSignature.RSAorHMAC.parseFromJca(byteArrayOf(0,* input))

fun CryptoSignature.Companion.parseFromJca(
input: ByteArray,
Expand Down
52 changes: 40 additions & 12 deletions supreme/src/jvmTest/kotlin/at/asitplus/signum/supreme/os/JKSProviderTest.kt
View file
Original file line number Diff line number Diff line change
@@ -1,31 +1,57 @@
package at.asitplus.signum.supreme.os

import at.asitplus.signum.indispensable.Digest
import at.asitplus.signum.indispensable.RSAPadding
import at.asitplus.signum.supreme.sign.SigningKeyConfiguration
import at.asitplus.signum.supreme.sign.makeVerifier
import at.asitplus.signum.supreme.sign.verify
import at.asitplus.signum.supreme.signature
import at.asitplus.signum.supreme.succeed
import io.kotest.core.spec.style.FreeSpec
import io.kotest.matchers.should
import io.kotest.matchers.shouldBe
import io.kotest.matchers.shouldNot
import io.kotest.property.azstring
import java.nio.file.Files
import kotlin.random.Random

class JKSProviderTest : FreeSpec({
"Ephemeral" {
val ks = JKSProvider.Ephemeral().getOrThrow()
val alias = "Elfenbeinschloss"
ks.getSignerForKey(alias) shouldNot succeed
val signer = ks.createSigningKey(alias).getOrThrow()
val otherSigner = ks.getSignerForKey(alias).getOrThrow()
"Ephemeral" - {

val data = Random.Default.nextBytes(64)
val signature = signer.sign(data).signature
otherSigner.makeVerifier().getOrThrow().verify(data, signature) should succeed
"EC" {
val ks = JKSProvider.Ephemeral().getOrThrow()
val alias = "Elfenbeinschloss"
ks.getSignerForKey(alias) shouldNot succeed
val signer = ks.createSigningKey(alias).getOrThrow()
val otherSigner = ks.getSignerForKey(alias).getOrThrow()

val data = Random.Default.nextBytes(64)
val signature = signer.sign(data).signature
otherSigner.makeVerifier().getOrThrow().verify(data, signature) should succeed
}

"RSA" {
repeat(500) {
val ks = JKSProvider.Ephemeral().getOrThrow()
val alias = "Elfenbeinschloss"
ks.getSignerForKey(alias) shouldNot succeed
val signer = ks.createSigningKey(alias) {
rsa {
bits = 1024 //faster testing
paddings = setOf(RSAPadding.PKCS1)
digests = setOf(Digest.SHA256)
publicExponent = SigningKeyConfiguration.RSAConfiguration.F4
}
}.getOrThrow()
val otherSigner = ks.getSignerForKey(alias).getOrThrow()

val data = Random.Default.nextBytes(64)
val signature = signer.sign(data).signature
otherSigner.makeVerifier().getOrThrow().verify(data, signature) should succeed
}
}
}
"File-based persistence" {
val tempfile = Files.createTempFile(Random.azstring(16),null).also { Files.delete(it) }
val tempfile = Files.createTempFile(Random.azstring(16), null).also { Files.delete(it) }
try {
val alias = "Elfenbeinturm"
val correctPassword = "Schwertfischfilet".toCharArray()
Expand Down Expand Up @@ -68,6 +94,8 @@ class JKSProviderTest : FreeSpec({

// check that ks1 "sees" the deletion that was made by ks3
ks1.getSignerForKey(alias) shouldNot succeed
} finally { Files.deleteIfExists(tempfile) }
} finally {
Files.deleteIfExists(tempfile)
}
}
})

0 comments on commit c5199e6

Please sign in to comment.