saymrwulf/cryptography
1
0
Fork 0
mirror of https://github.com/saymrwulf/cryptography.git synced 2026-05-14 20:37:55 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
cryptography/tests
History
Alex Gaynor aaa2dd06ed
Fix ASN.1 issues in PKCS#7 and S/MIME signing (#10373) (#10442) 
* Fix ASN.1 for S/MIME capabilities.

The current implementation defines the SMIMECapabilities attribute
so that its value is a SEQUENCE of all the algorithm OIDs that are
supported.
However, the S/MIME v3 spec (RFC 2633) specifies that each algorithm
should be specified in its own SEQUENCE:

SMIMECapabilities ::= SEQUENCE OF SMIMECapability

SMIMECapability ::= SEQUENCE {
   capabilityID OBJECT IDENTIFIER,
   parameters ANY DEFINED BY capabilityID OPTIONAL }

(RFC 2633, Appendix A)

This commit changes the implementation so that each algorithm
is inside its own SEQUENCE. This also matches the OpenSSL
implementation.

* Fix the RSA OID used for signing PKCS#7/SMIME

The current implementation computes the algorithm identifier used
in the `digest_encryption_algorithm` PKCS#7 field
(or `SignatureAlgorithmIdentifier` in S/MIME) based on both the
algorithm used to sign (e.g. RSA) and the digest algorithm (e.g. SHA512).

This is correct for ECDSA signatures, where the OIDs used include the
digest algorithm (e.g: ecdsa-with-SHA512). However, due to historical
reasons, when signing with RSA the OID specified should be the one
corresponding to just RSA ("1.2.840.113549.1.1.1" rsaEncryption),
rather than OIDs which also include the digest algorithm (such as
"1.2.840.113549.1.1.13", sha512WithRSAEncryption).

This means that the logic to compute the algorithm identifier is the
same except when signing with RSA, in which case the OID will always
be `rsaEncryption`. This is consistent with the OpenSSL implementation,
and the RFCs that define PKCS#7 and S/MIME.

See RFC 3851 (section 2.2), and RFC 3370 (section 3.2) for more details.

* Add tests for the changes in PKCS7 signing

* PKCS7 fixes from code review

* Update CHANGELOG

Co-authored-by: Facundo Tuesca <facundo.tuesca@trailofbits.com>
2024-02-20 19:53:59 -06:00
..
bench fix a typo in a benchmark name (#10122) 2024-01-04 00:55:02 +00:00
hazmat Fix ASN.1 issues in PKCS#7 and S/MIME signing (#10373) (#10442) 2024-02-20 19:53:59 -06:00
wycheproof Split wycheproof tests up by file (#10025) 2023-12-21 12:16:49 -06:00
x509 verification: add test_verify_tz_aware (#10229) 2024-01-22 22:14:50 +00:00
__init__.py Remove __future__ import from our code (#5610) 2020-12-09 00:35:11 -06:00
conftest.py tests, ci: plumb x509-limbo-root (#9871) 2023-11-13 19:48:28 +00:00
deprecated_module.py refactor utils.deprecated to be more mypy friendly (#6923) 2022-03-03 03:46:30 +08:00
doubles.py type a test double (#6723) 2021-12-21 21:10:54 -05:00
test_cryptography_utils.py Update CI for py3.11 release (#7743) 2022-10-26 14:44:03 +09:00
test_fernet.py Remove unused monkeypatches (#9865) 2023-11-12 08:40:47 -06:00
test_meta.py add some more mypy flags (#6751) 2021-12-23 07:55:23 -05:00
test_utils.py Switch from flake8 to ruff (#7920) 2022-12-21 09:44:47 +07:00
test_warnings.py refactor utils.deprecated to be more mypy friendly (#6923) 2022-03-03 03:46:30 +08:00
utils.py Added wycheproof vectors for pbkdf2 (#10024) 2023-12-21 08:30:36 -06:00