public_key: Add handling of implicit default for RSASSA-PSS keys

lib/public_key/src/public_key.erl

@@ -385,19 +385,32 @@ der_priv_key_decode(#'OneAsymmetricKey'{
     #'ECPrivateKey'{version = 2, parameters = {namedCurve, CurveOId}, privateKey = PrivKey,
                     attributes = Attr,
                     publicKey = PubKey};
-der_priv_key_decode({'PrivateKeyInfo', v1,
-	{'PrivateKeyInfo_privateKeyAlgorithm', ?'rsaEncryption', _}, PrivKey, _}) ->
-	der_decode('RSAPrivateKey', PrivKey);
-der_priv_key_decode({'PrivateKeyInfo', v1,
-                     {'PrivateKeyInfo_privateKeyAlgorithm', ?'id-RSASSA-PSS', 
-                      {asn1_OPENTYPE, Parameters}}, PrivKey, _}) ->
+der_priv_key_decode(#'PrivateKeyInfo'{version = v1,
+                                      privateKeyAlgorithm =
+                                          #'PrivateKeyInfo_privateKeyAlgorithm'{algorithm = ?'rsaEncryption'},
+                                      privateKey = PrivKey}) ->
+    der_decode('RSAPrivateKey', PrivKey);
+der_priv_key_decode(#'PrivateKeyInfo'{version = v1,
+                                      privateKeyAlgorithm =
+                                          #'PrivateKeyInfo_privateKeyAlgorithm'{algorithm = ?'id-RSASSA-PSS',
+                                                                                parameters = {asn1_OPENTYPE, Parameters}},
+                                      privateKey = PrivKey}) ->
     Key = der_decode('RSAPrivateKey', PrivKey),
     Params = der_decode('RSASSA-PSS-params', Parameters),
     {Key, Params};
 der_priv_key_decode(#'PrivateKeyInfo'{version = v1,
-                                      privateKeyAlgorithm = #'PrivateKeyInfo_privateKeyAlgorithm'{algorithm = ?'id-dsa',
-                                                                                                  parameters =
-                                                                                                      {asn1_OPENTYPE, Parameters}},
+                                      privateKeyAlgorithm =
+                                          #'PrivateKeyInfo_privateKeyAlgorithm'{algorithm = ?'id-RSASSA-PSS',
+                                                                                parameters = asn1_NOVALUE},
+                                      privateKey = PrivKey}) ->
+    Key = der_decode('RSAPrivateKey', PrivKey),
+    #'RSASSA-AlgorithmIdentifier'{parameters = Params} = ?'rSASSA-PSS-Default-Identifier',
+    {Key, Params};
+der_priv_key_decode(#'PrivateKeyInfo'{version = v1,
+                                      privateKeyAlgorithm =
+                                          #'PrivateKeyInfo_privateKeyAlgorithm'{algorithm = ?'id-dsa',
+                                                                                parameters =
+                                                                                    {asn1_OPENTYPE, Parameters}},
                                       privateKey = PrivKey}) ->
     {params, #'Dss-Parms'{p=P, q=Q, g=G}} = der_decode('DSAParams', Parameters),
     X = der_decode('Prime-p', PrivKey),
@@ -432,10 +445,15 @@ der_encode('PrivateKeyInfo', #'RSAPrivateKey'{} = PrivKey) ->
                                  privateKeyAlgorithm = Alg,
                                  privateKey = Key});
 der_encode('PrivateKeyInfo', {#'RSAPrivateKey'{} = PrivKey, Parameters}) ->
-    Params = der_encode('RSASSA-PSS-params', Parameters),
+    #'RSASSA-AlgorithmIdentifier'{parameters = DefaultParams} = ?'rSASSA-PSS-Default-Identifier',
+    Params = case Parameters of
+                 DefaultParams ->
+                     asn1_NOVALUE;
+                 _ ->
+                     {asn1_OPENTYPE, der_encode('RSASSA-PSS-params', Parameters)}
+             end,
     Alg = #'PrivateKeyInfo_privateKeyAlgorithm'{algorithm = ?'id-RSASSA-PSS',
-                                                parameters =
-                                                    {asn1_OPENTYPE, Params}},
+                                                parameters = Params},
     Key = der_encode('RSAPrivateKey', PrivKey),
     der_encode('PrivateKeyInfo', #'PrivateKeyInfo'{version = v1,
                                                    privateKeyAlgorithm = Alg,

lib/public_key/test/public_key_SUITE.erl

@@ -47,6 +47,8 @@
          rsa_pem/1,
          rsa_pss_pss_pem/0,
          rsa_pss_pss_pem/1,
+         rsa_pss_default_pem/0,
+         rsa_pss_default_pem/1,
          rsa_priv_pkcs8/0,
          rsa_priv_pkcs8/1,
          ec_pem/0,
@@ -173,7 +175,8 @@ all() ->
     ].
 
 groups() -> 
-    [{pem_decode_encode, [], [dsa_pem, rsa_pem, rsa_pss_pss_pem, ec_pem,
+    [{pem_decode_encode, [], [dsa_pem, rsa_pem, rsa_pss_pss_pem, 
+                              rsa_pss_default_pem, ec_pem,
 			      encrypted_pem_pwdstring, encrypted_pem_pwdfun,
 			      dh_pem, cert_pem, pkcs7_pem, pkcs10_pem, ec_pem2,
 			      rsa_priv_pkcs8, dsa_priv_pkcs8, ec_priv_pkcs8,
@@ -357,6 +360,20 @@ rsa_pss_pss_pem(Config) when is_list(Config) ->
     RSAPemNoEndNewLines = strip_superfluous_newlines(RsaPem),
     RSAPemNoEndNewLines = strip_superfluous_newlines(public_key:pem_encode([PrivEntry0])).
 
+rsa_pss_default_pem() ->
+    [{doc, "RSA PKCS8 RSASSA-PSS private key with default params decode/encode"}].
+rsa_pss_default_pem(Config) when is_list(Config) ->
+    Datadir = proplists:get_value(data_dir, Config),
+    {ok, RsaPem} = file:read_file(filename:join(Datadir, "pss_default.pem")),
+    [{'PrivateKeyInfo', DerRSAKey, not_encrypted} = Entry0 ] = public_key:pem_decode(RsaPem),
+    #'RSASSA-AlgorithmIdentifier'{parameters = Params} = ?'rSASSA-PSS-Default-Identifier',
+    {RSAKey, Params} = public_key:der_decode('PrivateKeyInfo', DerRSAKey),
+    {RSAKey, Parms} = public_key:pem_entry_decode(Entry0),
+    true = check_entry_type(RSAKey, 'RSAPrivateKey'),
+    PrivEntry0 = public_key:pem_entry_encode('PrivateKeyInfo', {RSAKey, Parms}),
+    RSAPemNoEndNewLines = strip_superfluous_newlines(RsaPem),
+    RSAPemNoEndNewLines = strip_superfluous_newlines(public_key:pem_encode([PrivEntry0])).
+
 rsa_priv_pkcs8() ->
     [{doc, "RSA PKCS8 private key decode/encode"}].
 rsa_priv_pkcs8(Config) when is_list(Config) ->

lib/public_key/test/public_key_SUITE_data/pss_default.pem

@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEuwIBADALBgkqhkiG9w0BAQoEggSnMIIEowIBAAKCAQEAjPwd860nEH6sgfYE
+RXoAjMY3Rdl3ynuJd5/ZWqTBNGn/Wet8idPQix9nwUvZ6Nw7uGX00HeBITZeIZMo
+wXpK6b4m0JF0OUAyQMW5PeuRVc3Ox+D5rI+yktXD8FT6TQqW8fAjkYkQZ9lpugdH
++fpdEARTf1GY6WZ/bY/IBmHAOeOmexoaJ+4HZk17GUFs28fd4FICqeMBU0u4RAiu
+OLObdw2cFnOQrw3dst7SDUyFDHvx9SM4FqI2S7TSefsQB5hl/0WVzdpiOn5d1mti
+/VlGGunQlne822Ata9kYvtKBnmdFGj3GJLYoLF4PVGWpDMIiz2jcZ0+bPTnjf6E0
+E53ZFwIDAQABAoIBAD5RWMnzsS9E1urRPH0bWu/e0+K/qAgsCA0E7rX22mHZMqJk
+CVYA9w7v0FRsO0OHSayOAKM/F6h/GCeeHSc8b62XPB/4E1gVDMF9xI5euIylXrAS
+PTpuACCQdb4fSc5RDnydyZMUc1h8DRRKEKIp7QXd66x8/Gq6wDvFEMTlY2sSkfKm
+eXlyr8+07XA0E4s71MKgMCFecWEXH/q2RxsWSa0n6yeHP1noIMegZdtjbTXTpBPz
+ABizBh6O/a7JXoXnjfey1vD6M30PxlCTfOdAvgi6c3LRfeRkbrmyHjUnUIegrcYR
+PWXH5vYibQ30wIkW41+d89rtfu6Gb4BF3tnf3xECgYEAunS/e90S3C3GDJCg/f1s
+YE9IV0d4AajNPBZYB3G55O2XFr8nqXtCWW/0AAM54ooAXIJjONHe9n8aM0Ea7+6j
+Oi08LcDyyuqr3Phyix5RHqQ+mo+nNFxjnMBuLbmhUjNskBorPfY1kPNfoU18SBQu
+t16u2Q2upo5pp/TfpoTkfkcCgYEAwZGsQnK+6f+4s8R407mB5sBkbNNUfPobthOl
+A7b2oYXLcYdL6by7VYhTzm5mGwZKah5k2ZpOOpNi/D6NjEjIqxG7goT3I/Cl2+i5
+ZroC9/bEsifgAVdV7z1WsMontcvwZ1vohlNeTyMr4vhzh9RaWFWUj7QOeezjEHxD
+o7/8JrECgYEAkv+AB1Mfj163CSjtA9FMJBHdYpIB1q0SQREMjbHncMivmUtTJZb7
+lC9jGq9wb12FM2nId/9d3NAQA+CMMCTfovoOu7OmtruUiz2EcJGSOqoagRhIJkvA
+bNB5DKuQt5G7QVCgTtVRHdoBxtWj6d+fhQmsp4rV6pHUUooH2Oxkh/kCgYBcS+p4
+MKBpkP5v8SGvysdu0JPR9B5YDSXDdrB7CfWlZNdxxZJj3BLzILLdPnS/NAutd9qc
+i1/7vCU5o1X46weL0kO3Y1E4ONnM9rXYjp81vtthG3RLD2qxTW0VlP7ER37UudUw
+n3XbhCi7672iqZV+gyf4MWGpr1NBnA7geH1xsQKBgEvWCsVkWy+3HOgZzmHUbN7A
+ZDBm/R9F7Oe33vk8SGj8YFHry5P6R++1tAq9fEJaY+cG66qR+A5hBAkfQZv+qQgo
+4pOw4+QYTh8fmloeaSxl7SqTbn799/EqzdE7vwnNCTJMEyKuk2qbuxon0UT5vMi5
+d3/y0Y6zw4ZBp+9LS8ST
+-----END PRIVATE KEY-----