mirrors/ipxe
0
0
Fork 0
mirror of https://git.ipxe.org/ipxe.git synced 2024-11-23 10:04:11 +08:00
Code Issues Packages Projects Releases Wiki Activity

[test] Generalise public-key algorithm tests and use okx()

Browse Source 
Generalise the existing support for performing RSA public-key
encryption, decryption, signature, and verification tests, and update
the code to use okx() for neater reporting of test results.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
This commit is contained in:
Michael Brown 2024-08-18 20:01:08 +01:00
parent 53f089b723
commit 633f4f362d
3 changed files with 336 additions and 309 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

187
src/tests/pubkey_test.c Normal file
View File

@ -0,0 +1,187 @@
/*
* Copyright (C) 2024 Michael Brown <mbrown@fensystems.co.uk>.
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License as
* published by the Free Software Foundation; either version 2 of the
* License, or any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
* 02110-1301, USA.
*
* You can also choose to distribute this program under the terms of
* the Unmodified Binary Distribution Licence (as given in the file
* COPYING.UBDL), provided that you have satisfied its requirements.
*/
FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
/** @file
*
* Public key self-tests
*
*/
/* Forcibly enable assertions */
#undef NDEBUG
#include <stdint.h>
#include <stdlib.h>
#include <string.h>
#include <assert.h>
#include <ipxe/crypto.h>
#include <ipxe/test.h>
#include "pubkey_test.h"
/**
* Report public key encryption and decryption test result
*
* @v test Public key encryption and decryption test
* @v file Test code file
* @v line Test code line
*/
void pubkey_okx ( struct pubkey_test *test, const char *file,
unsigned int line ) {
struct pubkey_algorithm *pubkey = test->pubkey;
uint8_t private_ctx[pubkey->ctxsize];
uint8_t public_ctx[pubkey->ctxsize];
size_t max_len;
/* Initialize contexts */
okx ( pubkey_init ( pubkey, private_ctx, &test->private ) == 0,
file, line );
okx ( pubkey_init ( pubkey, public_ctx, &test->public ) == 0,
file, line );
max_len = pubkey_max_len ( pubkey, private_ctx );
/* Test decrypting with private key to obtain known plaintext */
{
uint8_t decrypted[max_len];
int decrypted_len;
decrypted_len = pubkey_decrypt ( pubkey, private_ctx,
test->ciphertext,
test->ciphertext_len,
decrypted );
okx ( decrypted_len == ( ( int ) test->plaintext_len ),
file, line );
okx ( memcmp ( decrypted, test->plaintext,
test->plaintext_len ) == 0, file, line );
}
/* Test encrypting with private key and decrypting with public key */
{
uint8_t encrypted[max_len];
uint8_t decrypted[max_len];
int encrypted_len;
int decrypted_len;
encrypted_len = pubkey_encrypt ( pubkey, private_ctx,
test->plaintext,
test->plaintext_len,
encrypted );
okx ( encrypted_len >= 0, file, line );
decrypted_len = pubkey_decrypt ( pubkey, public_ctx,
encrypted, encrypted_len,
decrypted );
okx ( decrypted_len == ( ( int ) test->plaintext_len ),
file, line );
okx ( memcmp ( decrypted, test->plaintext,
test->plaintext_len ) == 0, file, line );
}
/* Test encrypting with public key and decrypting with private key */
{
uint8_t encrypted[max_len];
uint8_t decrypted[max_len];
int encrypted_len;
int decrypted_len;
encrypted_len = pubkey_encrypt ( pubkey, public_ctx,
test->plaintext,
test->plaintext_len,
encrypted );
okx ( encrypted_len >= 0, file, line );
decrypted_len = pubkey_decrypt ( pubkey, private_ctx,
encrypted, encrypted_len,
decrypted );
okx ( decrypted_len == ( ( int ) test->plaintext_len ),
file, line );
okx ( memcmp ( decrypted, test->plaintext,
test->plaintext_len ) == 0, file, line );
}
/* Free contexts */
pubkey_final ( pubkey, public_ctx );
pubkey_final ( pubkey, private_ctx );
}
/**
* Report public key signature test result
*
* @v test Public key signature test
* @v file Test code file
* @v line Test code line
*/
void pubkey_sign_okx ( struct pubkey_sign_test *test, const char *file,
unsigned int line ) {
struct pubkey_algorithm *pubkey = test->pubkey;
struct digest_algorithm *digest = test->digest;
uint8_t private_ctx[pubkey->ctxsize];
uint8_t public_ctx[pubkey->ctxsize];
uint8_t digestctx[digest->ctxsize ];
uint8_t digestout[digest->digestsize];
size_t max_len;
/* Initialize contexts */
okx ( pubkey_init ( pubkey, private_ctx, &test->private ) == 0,
file, line );
okx ( pubkey_init ( pubkey, public_ctx, &test->public ) == 0,
file, line );
max_len = pubkey_max_len ( pubkey, private_ctx );
/* Construct digest over plaintext */
digest_init ( digest, digestctx );
digest_update ( digest, digestctx, test->plaintext,
test->plaintext_len );
digest_final ( digest, digestctx, digestout );
/* Test signing using private key */
{
uint8_t signature[max_len];
int signature_len;
signature_len = pubkey_sign ( pubkey, private_ctx, digest,
digestout, signature );
okx ( signature_len == ( ( int ) test->signature_len ),
file, line );
okx ( memcmp ( signature, test->signature,
test->signature_len ) == 0, file, line );
}
/* Test verification using public key */
okx ( pubkey_verify ( pubkey, public_ctx, digest, digestout,
test->signature, test->signature_len ) == 0,
file, line );
/* Test verification failure of modified signature */
{
uint8_t bad[test->signature_len];
memcpy ( bad, test->signature, test->signature_len );
bad[ test->signature_len / 2 ] ^= 0x40;
okx ( pubkey_verify ( pubkey, public_ctx, digest, digestout,
bad, sizeof ( bad ) ) != 0, file, line );
}
/* Free contexts */
pubkey_final ( pubkey, public_ctx );
pubkey_final ( pubkey, private_ctx );
}

269
src/tests/pubkey_test.h
View File

@ -7,160 +7,151 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
#include <ipxe/crypto.h>
#include <ipxe/test.h>
/**
* Report public key decryption test result
*
* @v pubkey Public key algorithm
* @v key Key
* @v ciphertext Ciphertext
* @v ciphertext_len Ciphertext length
* @v expected Expected plaintext
* @v expected_len Expected plaintext length
*/
#define pubkey_decrypt_ok( pubkey, key, ciphertext, ciphertext_len, \
expected, expected_len ) do { \
uint8_t ctx[ (pubkey)->ctxsize ]; \
\
ok ( pubkey_init ( (pubkey), ctx, (key) ) == 0 ); \
{ \
size_t max_len = pubkey_max_len ( (pubkey), ctx ); \
uint8_t decrypted[ max_len ]; \
int decrypted_len; \
\
decrypted_len = pubkey_decrypt ( (pubkey), ctx, \
(ciphertext), \
(ciphertext_len), \
decrypted ); \
ok ( decrypted_len == ( ( int ) (expected_len) ) ); \
ok ( memcmp ( decrypted, (expected), \
(expected_len) ) == 0 ); \
} \
pubkey_final ( (pubkey), ctx ); \
} while ( 0 )
/** A public-key encryption and decryption test */
struct pubkey_test {
/** Public-key algorithm */
struct pubkey_algorithm *pubkey;
/** Private key */
const struct asn1_cursor private;
/** Public key */
const struct asn1_cursor public;
/** Plaintext */
const void *plaintext;
/** Length of plaintext */
size_t plaintext_len;
/** Ciphertext
*
* Note that the encryption process may include some random
* padding, so a given plaintext will encrypt to multiple
* different ciphertexts.
*/
const void *ciphertext;
/** Length of ciphertext */
size_t ciphertext_len;
};
/** A public-key signature test */
struct pubkey_sign_test {
/** Public-key algorithm */
struct pubkey_algorithm *pubkey;
/** Private key */
const struct asn1_cursor private;
/** Public key */
const struct asn1_cursor public;
/** Plaintext */
const void *plaintext;
/** Plaintext length */
size_t plaintext_len;
/** Signature algorithm */
struct digest_algorithm *digest;
/** Signature */
const void *signature;
/** Signature length */
size_t signature_len;
};
/** Define inline private key data */
#define PRIVATE(...) { __VA_ARGS__ }
/** Define inline public key data */
#define PUBLIC(...) { __VA_ARGS__ }
/** Define inline plaintext data */
#define PLAINTEXT(...) { __VA_ARGS__ }
/** Define inline ciphertext data */
#define CIPHERTEXT(...) { __VA_ARGS__ }
/** Define inline signature data */
#define SIGNATURE(...) { __VA_ARGS__ }
/**
* Report public key encryption and decryption test result
* Define a public-key encryption and decryption test
*
* @v pubkey Public key algorithm
* @v encrypt_key Encryption key
* @v decrypt_key Decryption key
* @v plaintext Plaintext
* @v plaintext_len Plaintext length
* @v name Test name
* @v PUBKEY Public-key algorithm
* @v PRIVATE Private key
* @v PUBLIC Public key
* @v PLAINTEXT Plaintext
* @v CIPHERTEXT Ciphertext
* @ret test Encryption and decryption test
*/
#define pubkey_encrypt_ok( pubkey, encrypt_key, decrypt_key, plaintext, \
plaintext_len ) do { \
uint8_t ctx[ (pubkey)->ctxsize ]; \
\
ok ( pubkey_init ( (pubkey), ctx, (encrypt_key) ) == 0 ); \
{ \
size_t max_len = pubkey_max_len ( (pubkey), ctx ); \
uint8_t encrypted[ max_len ]; \
int encrypted_len; \
\
encrypted_len = pubkey_encrypt ( (pubkey), ctx, \
(plaintext), \
(plaintext_len), \
encrypted ); \
ok ( encrypted_len >= 0 ); \
pubkey_decrypt_ok ( (pubkey), (decrypt_key), \
encrypted, encrypted_len, \
(plaintext), (plaintext_len) ); \
} \
pubkey_final ( (pubkey), ctx ); \
} while ( 0 )
#define PUBKEY_TEST( name, PUBKEY, PRIVATE, PUBLIC, PLAINTEXT, \
CIPHERTEXT ) \
static const uint8_t name ## _private[] = PRIVATE; \
static const uint8_t name ## _public[] = PUBLIC; \
static const uint8_t name ## _plaintext[] = PLAINTEXT; \
static const uint8_t name ## _ciphertext[] = CIPHERTEXT; \
static struct pubkey_test name = { \
.pubkey = PUBKEY, \
.private = { \
.data = name ## _private, \
.len = sizeof ( name ## _private ), \
}, \
.public = { \
.data = name ## _public, \
.len = sizeof ( name ## _public ), \
}, \
.plaintext = name ## _plaintext, \
.plaintext_len = sizeof ( name ## _plaintext ), \
.ciphertext = name ## _ciphertext, \
.ciphertext_len = sizeof ( name ## _ciphertext ), \
}
/**
* Report public key signature test result
* Define a public-key signature test
*
* @v pubkey Public key algorithm
* @v key Key
* @v digest Digest algorithm
* @v plaintext Plaintext
* @v plaintext_len Plaintext length
* @v expected Expected signature
* @v expected_len Expected signature length
* @v name Test name
* @v PUBKEY Public-key algorithm
* @v PRIVATE Private key
* @v PUBLIC Public key
* @v PLAINTEXT Plaintext
* @v DIGEST Digest algorithm
* @v SIGNATURE Signature
* @ret test Signature test
*/
#define pubkey_sign_ok( pubkey, key, digest, plaintext, plaintext_len, \
expected, expected_len ) do { \
uint8_t ctx[ (pubkey)->ctxsize ]; \
uint8_t digestctx[ (digest)->ctxsize ]; \
uint8_t digestout[ (digest)->digestsize ]; \
\
digest_init ( (digest), digestctx ); \
digest_update ( (digest), digestctx, (plaintext), \
(plaintext_len) ); \
digest_final ( (digest), digestctx, digestout ); \
\
ok ( pubkey_init ( (pubkey), ctx, (key) ) == 0 ); \
{ \
size_t max_len = pubkey_max_len ( (pubkey), ctx ); \
uint8_t signature[ max_len ]; \
int signature_len; \
\
signature_len = pubkey_sign ( (pubkey), ctx, (digest), \
digestout, signature ); \
ok ( signature_len == ( ( int ) (expected_len) ) ); \
ok ( memcmp ( signature, (expected), \
(expected_len) ) == 0 ); \
} \
pubkey_final ( (pubkey), ctx ); \
} while ( 0 )
#define PUBKEY_SIGN_TEST( name, PUBKEY, PRIVATE, PUBLIC, PLAINTEXT, \
DIGEST, SIGNATURE ) \
static const uint8_t name ## _private[] = PRIVATE; \
static const uint8_t name ## _public[] = PUBLIC; \
static const uint8_t name ## _plaintext[] = PLAINTEXT; \
static const uint8_t name ## _signature[] = SIGNATURE; \
static struct pubkey_sign_test name = { \
.pubkey = PUBKEY, \
.private = { \
.data = name ## _private, \
.len = sizeof ( name ## _private ), \
}, \
.public = { \
.data = name ## _public, \
.len = sizeof ( name ## _public ), \
}, \
.plaintext = name ## _plaintext, \
.plaintext_len = sizeof ( name ## _plaintext ), \
.digest = DIGEST, \
.signature = name ## _signature, \
.signature_len = sizeof ( name ## _signature ), \
}
extern void pubkey_okx ( struct pubkey_test *test,
const char *file, unsigned int line );
extern void pubkey_sign_okx ( struct pubkey_sign_test *test,
const char *file, unsigned int line );
/**
* Report public key verification test result
* Report a public key encryption and decryption test result
*
* @v pubkey Public key algorithm
* @v key Key
* @v digest Digest algorithm
* @v plaintext Plaintext
* @v plaintext_len Plaintext length
* @v signature Signature
* @v signature_len Signature length
* @v test Public key encryption and decryption test
*/
#define pubkey_verify_ok( pubkey, key, digest, plaintext, \
plaintext_len, signature, signature_len ) do {\
uint8_t ctx[ (pubkey)->ctxsize ]; \
uint8_t digestctx[ (digest)->ctxsize ]; \
uint8_t digestout[ (digest)->digestsize ]; \
\
digest_init ( (digest), digestctx ); \
digest_update ( (digest), digestctx, (plaintext), \
(plaintext_len) ); \
digest_final ( (digest), digestctx, digestout ); \
\
ok ( pubkey_init ( (pubkey), ctx, (key) ) == 0 ); \
ok ( pubkey_verify ( (pubkey), ctx, (digest), digestout, \
(signature), (signature_len) ) == 0 ); \
pubkey_final ( (pubkey), ctx ); \
} while ( 0 )
#define pubkey_ok( test ) \
pubkey_okx ( test, __FILE__, __LINE__ )
/**
* Report public key verification test result
* Report a public key signature test result
*
* @v pubkey Public key algorithm
* @v key Key
* @v digest Digest algorithm
* @v plaintext Plaintext
* @v plaintext_len Plaintext length
* @v signature Signature
* @v signature_len Signature length
* @v test Public key signature test
*/
#define pubkey_verify_fail_ok( pubkey, key, digest, plaintext, \
plaintext_len, signature, \
signature_len ) do { \
uint8_t ctx[ (pubkey)->ctxsize ]; \
uint8_t digestctx[ (digest)->ctxsize ]; \
uint8_t digestout[ (digest)->digestsize ]; \
\
digest_init ( (digest), digestctx ); \
digest_update ( (digest), digestctx, (plaintext), \
(plaintext_len) ); \
digest_final ( (digest), digestctx, digestout ); \
\
ok ( pubkey_init ( (pubkey), ctx, (key) ) == 0 ); \
ok ( pubkey_verify ( (pubkey), ctx, (digest), digestout, \
(signature), (signature_len) ) != 0 ); \
pubkey_final ( (pubkey), ctx ); \
} while ( 0 )
#define pubkey_sign_ok( test ) \
pubkey_sign_okx ( test, __FILE__, __LINE__ )
#endif /* _PUBKEY_TEST_H */

189
src/tests/rsa_test.c
View File

@ -43,165 +43,8 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
#include <ipxe/test.h>
#include "pubkey_test.h"
/** Define inline private key data */
#define PRIVATE(...) { __VA_ARGS__ }
/** Define inline public key data */
#define PUBLIC(...) { __VA_ARGS__ }
/** Define inline plaintext data */
#define PLAINTEXT(...) { __VA_ARGS__ }
/** Define inline ciphertext data */
#define CIPHERTEXT(...) { __VA_ARGS__ }
/** Define inline signature data */
#define SIGNATURE(...) { __VA_ARGS__ }
/** An RSA encryption and decryption self-test */
struct rsa_encrypt_decrypt_test {
/** Private key */
const struct asn1_cursor private;
/** Public key */
const struct asn1_cursor public;
/** Plaintext */
const void *plaintext;
/** Plaintext length */
size_t plaintext_len;
/** Ciphertext
*
* Note that the encryption process includes some random
* padding, so a given plaintext will encrypt to multiple
* different ciphertexts.
*/
const void *ciphertext;
/** Ciphertext length */
size_t ciphertext_len;
};
/**
* Define an RSA encryption and decryption test
*
* @v name Test name
* @v PRIVATE Private key
* @v PUBLIC Public key
* @v PLAINTEXT Plaintext
* @v CIPHERTEXT Ciphertext
* @ret test Encryption and decryption test
*/
#define RSA_ENCRYPT_DECRYPT_TEST( name, PRIVATE, PUBLIC, PLAINTEXT, \
CIPHERTEXT ) \
static const uint8_t name ## _private[] = PRIVATE; \
static const uint8_t name ## _public[] = PUBLIC; \
static const uint8_t name ## _plaintext[] = PLAINTEXT; \
static const uint8_t name ## _ciphertext[] = CIPHERTEXT; \
static struct rsa_encrypt_decrypt_test name = { \
.private = { \
.data = name ## _private, \
.len = sizeof ( name ## _private ), \
}, \
.public = { \
.data = name ## _public, \
.len = sizeof ( name ## _public ), \
}, \
.plaintext = name ## _plaintext, \
.plaintext_len = sizeof ( name ## _plaintext ), \
.ciphertext = name ## _ciphertext, \
.ciphertext_len = sizeof ( name ## _ciphertext ), \
}
/** An RSA signature self-test */
struct rsa_signature_test {
/** Private key */
const struct asn1_cursor private;
/** Public key */
const struct asn1_cursor public;
/** Plaintext */
const void *plaintext;
/** Plaintext length */
size_t plaintext_len;
/** Signature algorithm */
struct asn1_algorithm *algorithm;
/** Signature */
const void *signature;
/** Signature length */
size_t signature_len;
};
/**
* Define an RSA signature test
*
* @v name Test name
* @v PRIVATE Private key
* @v PUBLIC Public key
* @v PLAINTEXT Plaintext
* @v ALGORITHM Signature algorithm
* @v SIGNATURE Signature
* @ret test Signature test
*/
#define RSA_SIGNATURE_TEST( name, PRIVATE, PUBLIC, PLAINTEXT, \
ALGORITHM, SIGNATURE ) \
static const uint8_t name ## _private[] = PRIVATE; \
static const uint8_t name ## _public[] = PUBLIC; \
static const uint8_t name ## _plaintext[] = PLAINTEXT; \
static const uint8_t name ## _signature[] = SIGNATURE; \
static struct rsa_signature_test name = { \
.private = { \
.data = name ## _private, \
.len = sizeof ( name ## _private ), \
}, \
.public = { \
.data = name ## _public, \
.len = sizeof ( name ## _public ), \
}, \
.plaintext = name ## _plaintext, \
.plaintext_len = sizeof ( name ## _plaintext ), \
.algorithm = ALGORITHM, \
.signature = name ## _signature, \
.signature_len = sizeof ( name ## _signature ), \
}
/**
* Report RSA encryption and decryption test result
*
* @v test RSA encryption and decryption test
*/
#define rsa_encrypt_decrypt_ok( test ) do { \
pubkey_decrypt_ok ( &rsa_algorithm, &(test)->private, \
(test)->ciphertext, (test)->ciphertext_len, \
(test)->plaintext, (test)->plaintext_len );\
pubkey_encrypt_ok ( &rsa_algorithm, &(test)->private, \
&(test)->public, (test)->plaintext, \
(test)->plaintext_len ); \
pubkey_encrypt_ok ( &rsa_algorithm, &(test)->public, \
&(test)->private, (test)->plaintext, \
(test)->plaintext_len ); \
} while ( 0 )
/**
* Report RSA signature test result
*
* @v test RSA signature test
*/
#define rsa_signature_ok( test ) do { \
struct digest_algorithm *digest = (test)->algorithm->digest; \
uint8_t bad_signature[ (test)->signature_len ]; \
pubkey_sign_ok ( &rsa_algorithm, &(test)->private, digest, \
(test)->plaintext, (test)->plaintext_len, \
(test)->signature, (test)->signature_len ); \
pubkey_verify_ok ( &rsa_algorithm, &(test)->public, digest, \
(test)->plaintext, (test)->plaintext_len, \
(test)->signature, (test)->signature_len ); \
memset ( bad_signature, 0, sizeof ( bad_signature ) ); \
pubkey_verify_fail_ok ( &rsa_algorithm, &(test)->public, \
digest, (test)->plaintext, \
(test)->plaintext_len, bad_signature, \
sizeof ( bad_signature ) ); \
} while ( 0 )
/** "Hello world" encryption and decryption test (traditional PKCS#1 key) */
RSA_ENCRYPT_DECRYPT_TEST ( hw_test,
PUBKEY_TEST ( hw_test, &rsa_algorithm,
PRIVATE ( 0x30, 0x82, 0x01, 0x3b, 0x02, 0x01, 0x00, 0x02, 0x41, 0x00,
0xd2, 0xf1, 0x04, 0x67, 0xf6, 0x2c, 0x96, 0x07, 0xa6, 0xbd,
0x85, 0xac, 0xc1, 0x17, 0x5d, 0xe8, 0xf0, 0x93, 0x94, 0x0c,
@ -255,7 +98,7 @@ RSA_ENCRYPT_DECRYPT_TEST ( hw_test,
0x38, 0x43, 0xf9, 0x41 ) );
/** "Hello world" encryption and decryption test (PKCS#8 key) */
RSA_ENCRYPT_DECRYPT_TEST ( hw_test_pkcs8,
PUBKEY_TEST ( hw_test_pkcs8, &rsa_algorithm,
PRIVATE ( 0x30, 0x82, 0x01, 0x55, 0x02, 0x01, 0x00, 0x30, 0x0d, 0x06,
0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01,
0x05, 0x00, 0x04, 0x82, 0x01, 0x3f, 0x30, 0x82, 0x01, 0x3b,
@ -312,7 +155,7 @@ RSA_ENCRYPT_DECRYPT_TEST ( hw_test_pkcs8,
0x38, 0x43, 0xf9, 0x41 ) );
/** Random message MD5 signature test */
RSA_SIGNATURE_TEST ( md5_test,
PUBKEY_SIGN_TEST ( md5_test, &rsa_algorithm,
PRIVATE ( 0x30, 0x82, 0x01, 0x3b, 0x02, 0x01, 0x00, 0x02, 0x41, 0x00,
0xf9, 0x3f, 0x78, 0x44, 0xe2, 0x0e, 0x25, 0xf1, 0x0e, 0x94,
0xcd, 0xca, 0x6f, 0x9e, 0xea, 0x6d, 0xdf, 0xcd, 0xa0, 0x7c,
@ -375,7 +218,7 @@ RSA_SIGNATURE_TEST ( md5_test,
0xf2, 0x8d, 0xfc, 0xfc, 0x37, 0xf7, 0xc7, 0x6d, 0x6c, 0xd8,
0x24, 0x0c, 0x6a, 0xec, 0x82, 0x5c, 0x72, 0xf1, 0xfc, 0x05,
0xed, 0x8e, 0xe8, 0xd9, 0x8b, 0x8b, 0x67, 0x02, 0x95 ),
&md5_with_rsa_encryption_algorithm,
&md5_algorithm,
SIGNATURE ( 0xdb, 0x56, 0x3d, 0xea, 0xae, 0x81, 0x4b, 0x3b, 0x2e, 0x8e,
0xb8, 0xee, 0x13, 0x61, 0xc6, 0xe7, 0xd7, 0x50, 0xcd, 0x0d,
0x34, 0x3a, 0xfe, 0x9a, 0x8d, 0xf8, 0xfb, 0xd6, 0x7e, 0xbd,
@ -385,7 +228,7 @@ RSA_SIGNATURE_TEST ( md5_test,
0xac, 0x45, 0x00, 0xa8 ) );
/** Random message SHA-1 signature test */
RSA_SIGNATURE_TEST ( sha1_test,
PUBKEY_SIGN_TEST ( sha1_test, &rsa_algorithm,
PRIVATE ( 0x30, 0x82, 0x01, 0x3b, 0x02, 0x01, 0x00, 0x02, 0x41, 0x00,
0xe0, 0x3a, 0x8d, 0x35, 0xe1, 0x92, 0x2f, 0xea, 0x0d, 0x82,
0x60, 0x2e, 0xb6, 0x0b, 0x02, 0xd3, 0xf4, 0x39, 0xfb, 0x06,
@ -448,7 +291,7 @@ RSA_SIGNATURE_TEST ( sha1_test,
0x30, 0x91, 0x1c, 0xaa, 0x6c, 0x24, 0x42, 0x1b, 0x1a, 0xba,
0x30, 0x40, 0x49, 0x83, 0xd9, 0xd7, 0x66, 0x7e, 0x5c, 0x1a,
0x4b, 0x7f, 0xa6, 0x8e, 0x8a, 0xd6, 0x0c, 0x65, 0x75 ),
&sha1_with_rsa_encryption_algorithm,
&sha1_algorithm,
SIGNATURE ( 0xa5, 0x5a, 0x8a, 0x67, 0x81, 0x76, 0x7e, 0xad, 0x99, 0x22,
0xf1, 0x47, 0x64, 0xd2, 0xfb, 0x81, 0x45, 0xeb, 0x85, 0x56,
0xf8, 0x7d, 0xb8, 0xec, 0x41, 0x17, 0x84, 0xf7, 0x2b, 0xbb,
@ -458,7 +301,7 @@ RSA_SIGNATURE_TEST ( sha1_test,
0x0e, 0x3d, 0x80, 0x80 ) );
/** Random message SHA-256 signature test */
RSA_SIGNATURE_TEST ( sha256_test,
PUBKEY_SIGN_TEST ( sha256_test, &rsa_algorithm,
PRIVATE ( 0x30, 0x82, 0x01, 0x3a, 0x02, 0x01, 0x00, 0x02, 0x41, 0x00,
0xa5, 0xe9, 0xdb, 0xa9, 0x1a, 0x6e, 0xd6, 0x4c, 0x25, 0x50,
0xfe, 0x61, 0x77, 0x08, 0x7a, 0x80, 0x36, 0xcb, 0x88, 0x49,
@ -521,7 +364,7 @@ RSA_SIGNATURE_TEST ( sha256_test,
0x91, 0x71, 0xd6, 0x2d, 0xa1, 0xae, 0x81, 0x0c, 0xed, 0x54,
0x48, 0x79, 0x8a, 0x78, 0x05, 0x74, 0x4d, 0x4f, 0xf0, 0xe0,
0x3c, 0x41, 0x5c, 0x04, 0x0b, 0x68, 0x57, 0xc5, 0xd6 ),
&sha256_with_rsa_encryption_algorithm,
&sha256_algorithm,
SIGNATURE ( 0x02, 0x2e, 0xc5, 0x2a, 0x2b, 0x7f, 0xb4, 0x80, 0xca, 0x9d,
0x96, 0x5b, 0xaf, 0x1f, 0x72, 0x5b, 0x6e, 0xf1, 0x69, 0x7f,
0x4d, 0x41, 0xd5, 0x9f, 0x00, 0xdc, 0x47, 0xf4, 0x68, 0x8f,
@ -536,11 +379,11 @@ RSA_SIGNATURE_TEST ( sha256_test,
*/
static void rsa_test_exec ( void ) {
rsa_encrypt_decrypt_ok ( &hw_test );
rsa_encrypt_decrypt_ok ( &hw_test_pkcs8 );
rsa_signature_ok ( &md5_test );
rsa_signature_ok ( &sha1_test );
rsa_signature_ok ( &sha256_test );
pubkey_ok ( &hw_test );
pubkey_ok ( &hw_test_pkcs8 );
pubkey_sign_ok ( &md5_test );
pubkey_sign_ok ( &sha1_test );
pubkey_sign_ok ( &sha256_test );
}
/** RSA self-test */
@ -548,3 +391,9 @@ struct self_test rsa_test __self_test = {
.name = "rsa",
.exec = rsa_test_exec,
};
/* Drag in required ASN.1 OID-identified algorithms */
REQUIRING_SYMBOL ( rsa_test );
REQUIRE_OBJECT ( rsa_md5 );
REQUIRE_OBJECT ( rsa_sha1 );
REQUIRE_OBJECT ( rsa_sha256 );