Merge pull request #220 from bdewater/tpm-rsa-pss-support

feat: RSA PSS support for TPM attestation
cedarcode · Jun 17, 2019 · 508576b · 508576b
2 parents 0191fb4 + 5a6ee16
commit 508576b
Show file tree

Hide file tree

Showing 5 changed files with 23 additions and 4 deletions.
diff --git a/lib/tpm/constants.rb b/lib/tpm/constants.rb
@@ -13,6 +13,7 @@ module TPM
  ALG_SHA256 = 0x000B
  ALG_NULL = 0x0010
  ALG_RSASSA = 0x0014
+ ALG_RSAPSS = 0x0016
  ALG_ECDSA = 0x0018
  ALG_ECC = 0x0023
 

diff --git a/lib/webauthn/attestation_statement/tpm.rb b/lib/webauthn/attestation_statement/tpm.rb
@@ -40,7 +40,7 @@ def valid?(authenticator_data, client_data_hash)
  def valid_signature?
  WebAuthn::SignatureVerifier
  .new(algorithm, attestation_certificate.public_key)
- .verify(signature, verification_data)
+ .verify(signature, verification_data, rsa_pss_salt_length: :auto)
  end
 
  def valid_attestation_certificate?

diff --git a/lib/webauthn/attestation_statement/tpm/pub_area.rb b/lib/webauthn/attestation_statement/tpm/pub_area.rb
@@ -17,7 +17,8 @@ class PubArea
  }.freeze
 
  COSE_RSA_TO_TPM_ALG = {
- COSE::Algorithm.by_name("RS256").id => ::TPM::ALG_RSASSA
+ COSE::Algorithm.by_name("RS256").id => ::TPM::ALG_RSASSA,
+ COSE::Algorithm.by_name("PS256").id => ::TPM::ALG_RSAPSS,
  }.freeze
 
  COSE_TO_TPM_CURVE = {

diff --git a/lib/webauthn/signature_verifier.rb b/lib/webauthn/signature_verifier.rb
@@ -22,10 +22,10 @@ def initialize(algorithm, public_key)
  validate
  end
 
- def verify(signature, verification_data)
+ def verify(signature, verification_data, rsa_pss_salt_length: :digest)
  if rsa_pss?
  public_key.verify_pss(cose_algorithm.hash, signature, verification_data,
- salt_length: :digest, mgf1_hash: cose_algorithm.hash)
+ salt_length: rsa_pss_salt_length, mgf1_hash: cose_algorithm.hash)
  else
  public_key.verify(cose_algorithm.hash, signature, verification_data)
  end

diff --git a/spec/webauthn/attestation_statement/tpm_spec.rb b/spec/webauthn/attestation_statement/tpm_spec.rb
@@ -205,6 +205,23 @@
  end
  end
 
+ context "when RSA PSS algorithm" do
+ before do
+ unless OpenSSL::PKey::RSA.instance_methods.include?(:verify_pss)
+ skip "Ruby OpenSSL gem #{OpenSSL::VERSION} do not support RSASSA-PSS"
+ end
+ end
+
+ let(:algorithm) { -37 }
+ let(:signature) do
+ aik.sign_pss("SHA256", to_be_signed, salt_length: :max, mgf1_hash: "SHA256")
+ end
+
+ it "works if everything's fine" do
+ expect(statement.valid?(authenticator_data, client_data_hash)).to be_truthy
+ end
+ end
+
  context "when TPM version is not 2.0" do
  let(:tpm_version) { "1.2" }