Hi, Just recently, the templates for decoding the RSA-PSS ASN1 parameters got added to cvs head (in cryptohi/seckey.c).
Currently I'm working on implementing the creation of PSS signatures, so I
need them also to encode. My naive thought was that SEC_ASN1EncodeItem is used
pretty much the same as QuickDERDecodeItem, just the other way round.
For testing, I tested with a stripped-down version of the template containing
only the first entry. Though what I get is:
Assertion failure: theTemplate->sub != NULL, at secasn1u.c:93
From the error, I assume it has something to do with the subtemplate. If that
helps, by some try and error I found out that when removing SEC_ASN1_EXPLICIT,
no assertion appears (thouhg it'll obviously produce a wrong DER struct).
Is there something special I need to care about when doing encoding vs.
decoding ASN1?
The code looks like this:
SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
const SEC_ASN1Template MY_RSAPSSParamsTemplate[] =
{
{ SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECKEYRSAPSSParams) },
{ SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_EXPLICIT |
SEC_ASN1_XTRN | SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | 0,
offsetof(SECKEYRSAPSSParams, hashAlg),
SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
{ 0 }
};
SECStatus
PSSU_EncodeDER(SECItem *dest, CK_RSA_PKCS_PSS_PARAMS *in)
{
SECKEYRSAPSSParams *pss_params;
PRArenaPool *arena;
SECItem *ret;
unsigned int i;
arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
pss_params = PORT_ZAlloc(sizeof(pss_params));
pss_params->hashAlg = PORT_ZAlloc(sizeof(SECAlgorithmID));
SECOID_SetAlgorithmID(arena, pss_params->hashAlg, SEC_OID_SHA256, NULL);
ret = SEC_ASN1EncodeItem(arena, NULL, pss_params,
MY_RSAPSSParamsTemplate);
PORT_FreeArena(arena, PR_FALSE);
return SECSuccess;
}
--
Hanno Böck Blog: http://www.hboeck.de/
GPG: 3DBD3B20 Jabber/Mail: [email protected]
http://schokokeks.org - professional webhosting
signature.asc
Description: This is a digitally signed message part.
-- dev-tech-crypto mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-crypto
