Remove support for PSS-exclusive keys

The hack that was in place before doesn't really work without oscrypto (or an alternative key parser, which is a pain to roll ourselves for private keys)
MatthiasValvekens · Mar 15, 2024 · f2bc3b4 · f2bc3b4
1 parent d283063
commit f2bc3b4
Show file tree

Hide file tree

Showing 3 changed files with 2 additions and 51 deletions.
diff --git a/certomancer/crypto_utils.py b/certomancer/crypto_utils.py
@@ -58,28 +58,14 @@ def load_private_key(
 
         priv_key_info = _load_private_key_from_pemder_data(key_bytes, password)
         assert isinstance(priv_key_info, keys.PrivateKeyInfo)
-        if priv_key_info.algorithm == 'rsassa_pss':
-            # these keys can't be loaded directly in pyca/cryptography,
-            # so we have to give it a nudge
-            priv_key_copy = priv_key_info.copy()
-            priv_key_copy['private_key_algorithm'] = {'algorithm': 'rsa'}
-            key_bytes = priv_key_copy.dump()
-        else:
-            key_bytes = priv_key_info.dump()
+        key_bytes = priv_key_info.dump()
 
         priv_key = serialization.load_der_private_key(key_bytes, password=None)
         pub_key_bytes = priv_key.public_key().public_bytes(
             encoding=serialization.Encoding.DER,
             format=serialization.PublicFormat.SubjectPublicKeyInfo,
         )
         pub_key_info = keys.PublicKeyInfo.load(pub_key_bytes)
-        if priv_key_info.algorithm == 'rsassa_pss':
-            # if the private key was a PSS-exclusive one, copy the parameters
-            # back from the original (since we stripped them going in)
-            # We use .native to get around asn1crypto's type checking
-            pub_key_info['algorithm'] = priv_key_info[
-                'private_key_algorithm'
-            ].native
         return priv_key_info, pub_key_info
 
     def load_public_key(self, key_bytes: bytes) -> keys.PublicKeyInfo:
@@ -103,14 +89,7 @@ def generic_sign(
             rsa,
         )
 
-        if private_key.algorithm == 'rsassa_pss':
-            # as usual, we need to pretend it's a normal RSA key
-            # for pyca_cryptography to be able to load it
-            private_key_copy = private_key.copy()
-            private_key_copy['private_key_algorithm'] = {'algorithm': 'rsa'}
-            priv_key_bytes = private_key_copy.dump()
-        else:
-            priv_key_bytes = private_key.dump()
+        priv_key_bytes = private_key.dump()
 
         priv_key = serialization.load_der_private_key(
             priv_key_bytes, password=None
@@ -124,11 +103,6 @@ def generic_sign(
             return priv_key.sign(tbs_bytes, asym_padding, hash_algo)
         elif sig_algo == 'rsassa_pss':
             parameters = None
-            if private_key.algorithm == 'rsassa_pss':
-                key_params = private_key['private_key_algorithm']['parameters']
-                # if the key is parameterised, we must use those params
-                if key_params.native is not None:
-                    parameters = key_params
             if parameters is None:
                 parameters = sd_algo['parameters']
 
@@ -176,11 +150,6 @@ def optimal_pss_params(
 
         digest_algo = digest_algo.lower()
 
-        if key.algorithm == 'rsassa_pss':
-            # again, pretend that we're working with a normal RSA key
-            key = key.copy()
-            key['algorithm'] = {'algorithm': 'rsa'}
-
         loaded_key = serialization.load_der_public_key(key.dump())
         assert isinstance(loaded_key, rsa.RSAPublicKey)
         md = getattr(hashes, digest_algo.upper())

diff --git a/certomancer/services.py b/certomancer/services.py
@@ -290,9 +290,6 @@ def choose_signed_digest(
 ):
     key_algo = pub_key.algorithm
     if signature_algo is None:
-        # special OID for keys that should only be used with PSS
-        if key_algo == 'rsassa_pss':
-            signature_algo = 'rsassa_pss'
         if key_algo == 'rsa':
             signature_algo = digest_algo + '_rsa'
         elif key_algo == 'dsa':
@@ -309,10 +306,6 @@ def choose_signed_digest(
     )
     if signature_algo == 'rsassa_pss':
         parameters = None
-        if pub_key.algorithm == 'rsassa_pss':
-            key_params = pub_key['algorithm']['parameters']
-            if key_params.native is not None:
-                parameters = key_params
         if parameters is None:
             parameters = optimal_pss_params(pub_key, digest_algo)
         signature_algo_obj['parameters'] = parameters

diff --git a/tests/test_certs.py b/tests/test_certs.py
@@ -690,17 +690,6 @@ def test_pss():
         assert arch.get_cert(CertLabel(c)).public_key.algorithm == 'rsa'
 
 
-def test_pss_exclusive():
-    cfg = CertomancerConfig.from_file(
-        'tests/data/with-external-config.yml', 'tests/data'
-    )
-    arch = cfg.get_pki_arch(ArchLabel('testing-ca-pss-exclusive'))
-    certs = ['root', 'interm', 'signer1', 'signer2']
-    for c in certs:
-        assert arch.get_cert(CertLabel(c)).signature_algo == 'rsassa_pss'
-        assert arch.get_cert(CertLabel(c)).public_key.algorithm == 'rsassa_pss'
-
-
 @pytest.mark.parametrize('pw', [None, b'', b'secret'])
 @pytest.mark.needcrypto
 def test_pkcs12(pw):