From 2c44e9f8b2e7a1ebc65caeb03f9f106d31e30822 Mon Sep 17 00:00:00 2001 From: Anderson Toshiyuki Sasaki Date: Wed, 3 Apr 2019 13:40:04 +0200 Subject: [PATCH 1/7] crypto-selftests-pk.c: Move hardcoded values to the top The objective of moving these values to the top is to allow them to be used by other functions, in particular test_sig(). Signed-off-by: Anderson Toshiyuki Sasaki --- lib/crypto-selftests-pk.c | 224 +++++++++++++++++++------------------- 1 file changed, 112 insertions(+), 112 deletions(-) diff --git a/lib/crypto-selftests-pk.c b/lib/crypto-selftests-pk.c index 1aa53ea29..4fadd4161 100644 --- a/lib/crypto-selftests-pk.c +++ b/lib/crypto-selftests-pk.c @@ -107,6 +107,118 @@ static const char gost12_512_key[] = "KjL7CLBERDm7Yvlv\n" "-----END PRIVATE KEY-----\n"; +/* A precomputed RSA-SHA256 signature using the rsa_key2048 */ +static const char rsa_sig[] = + "\x7a\xb3\xf8\xb0\xf9\xf0\x52\x88\x37\x17\x97\x9f\xbe\x61\xb4\xd2\x43\x78\x9f\x79\x92\xd0\xad\x08\xdb\xbd\x3c\x72\x7a\xb5\x51\x59\x63\xd6\x7d\xf1\x9c\x1e\x10\x7b\x27\xab\xf8\xd4\x9d\xcd\xc5\xf9\xae\xf7\x09\x6b\x40\x93\xc5\xe9\x1c\x0f\xb4\x82\xa1\x47\x86\x54\x63\xd2\x4d\x40\x9a\x80\xb9\x38\x45\x69\xa2\xd6\x92\xb6\x69\x7f\x3f\xf3\x5b\xa5\x1d\xac\x06\xad\xdf\x4e\xbb\xe6\xda\x68\x0d\xe5\xab\xef\xd2\xf0\xc5\xd8\xc0\xed\x80\xe2\xd4\x76\x98\xec\x44\xa2\xfc\x3f\xce\x2e\x8b\xc4\x4b\xab\xb0\x70\x24\x52\x85\x2a\x36\xcd\x9a\xb5\x05\x00\xea\x98\x7c\x72\x06\x68\xb1\x38\x44\x16\x80\x6a\x3b\x64\x72\xbb\xfd\x4b\xc9\xdd\xda\x2a\x68\xde\x7f\x6e\x48\x28\xc1\x63\x57\x2b\xde\x83\xa3\x27\x34\xd7\xa6\x87\x18\x35\x10\xff\x31\xd9\x47\xc9\x84\x35\xe1\xaa\xe2\xf7\x98\xfa\x19\xd3\xf1\x94\x25\x2a\x96\xe4\xa8\xa7\x05\x10\x93\x87\xde\x96\x85\xe5\x68\xb8\xe5\x4e\xbf\x66\x85\x91\xbd\x52\x5b\x3d\x9f\x1b\x79\xea\xe3\x8b\xef\x62\x18\x39\x7a\x50\x01\x46\x1b\xde\x8d\x37\xbc\x90\x6c\x07\xc0\x07\xed\x60\xce\x2e\x31\xd6\x8f\xe8\x75\xdb\x45\x21\xc6\xcb"; + +/* ECDSA key and signature */ +static const char ecdsa_secp256r1_privkey[] = + "-----BEGIN EC PRIVATE KEY-----\n" + "MHcCAQEEIPAKWV7+pZe9c5EubMNfAEKWRQtP/MvlO9HehwHmJssNoAoGCCqGSM49\n" + "AwEHoUQDQgAE2CNONRio3ciuXtoomJKs3MdbzLbd44VPhtzJN30VLFm5gvnfiCj2\n" + "zzz7pl9Cv0ECHl6yedNI8QEKdcwCDgEmkQ==\n" + "-----END EC PRIVATE KEY-----\n"; + +static const char ecdsa_secp256r1_sig[] = + "\x30\x45\x02\x21\x00\x9b\x8f\x60\xed\x9e\x40\x8d\x74\x82\x73\xab\x20\x1a\x69\xfc\xf9\xee\x3c\x41\x80\xc0\x39\xdd\x21\x1a\x64\xfd\xbf\x7e\xaa\x43\x70\x02\x20\x44\x28\x05\xdd\x30\x47\x58\x96\x18\x39\x94\x18\xba\xe7\x7a\xf6\x1e\x2d\xba\xb1\xe0\x7d\x73\x9e\x2f\x58\xee\x0c\x2a\x89\xe8\x35"; + +#ifdef ENABLE_NON_SUITEB_CURVES +/* sha256 */ +static const char ecdsa_secp192r1_privkey[] = + "-----BEGIN EC PRIVATE KEY-----" + "MF8CAQEEGLjezFcbgDMeApVrdtZHvu/k1a8/tVZ41KAKBggqhkjOPQMBAaE0AzIA" + "BO1lciKdgxeRH8k64vxcaV1OYIK9akVrW02Dw21MXhRLP0l0wzCw6LGSr5rS6AaL" + "Fg==" "-----END EC PRIVATE KEY-----"; + +static const char ecdsa_secp192r1_sig[] = + "\x30\x34\x02\x18\x5f\xb3\x10\x4b\x4d\x44\x48\x29\x4b\xfd\xa7\x8e\xce\x57\xac\x36\x38\x54\xab\x73\xdb\xed\xb8\x5f\x02\x18\x0b\x8b\xf3\xae\x49\x50\x0e\x47\xca\x89\x1a\x00\xca\x23\xf5\x8d\xd6\xe3\xce\x9a\xff\x2e\x4f\x5c"; + +static const char ecdsa_secp224r1_privkey[] = + "-----BEGIN EC PRIVATE KEY-----" + "MGgCAQEEHOKWJFdWdrR/CgVrUeTeawOrJ9GozE9KKx2a8PmgBwYFK4EEACGhPAM6" + "AAQKQj3YpenWT7lFR41SnBvmj/+Bj+kgzQnaF65qWAtPRJsZXFlLTu3/IUNqSRu9" + "DqPsk8xBHAB7pA==" "-----END EC PRIVATE KEY-----"; + +static const char ecdsa_secp224r1_sig[] = + "\x30\x3d\x02\x1c\x76\x03\x8d\x74\xf4\xd3\x09\x2a\xb5\xdf\x6b\x5b\xf4\x4b\x86\xb8\x62\x81\x5d\x7b\x7a\xbb\x37\xfc\xf1\x46\x1c\x2b\x02\x1d\x00\xa0\x98\x5d\x80\x43\x89\xe5\xee\x1a\xec\x46\x08\x04\x55\xbc\x50\xfa\x2a\xd5\xa6\x18\x92\x19\xdb\x68\xa0\x2a\xda"; +#endif + +static const char ecdsa_secp384r1_privkey[] = + "-----BEGIN EC PRIVATE KEY-----" + "MIGkAgEBBDDevshD6gb+4rZpC9vwFcIwNs4KmGzdqCxyyN40a8uOWRbyf7aHdiSS" + "03oAyKtc4JCgBwYFK4EEACKhZANiAARO1KkPMno2tnNXx1S9EZkp8SOpDCZ4aobH" + "IYv8RHnSmKf8I3OKD6TaoeR+1MwJmNJUH90Bj45WXla68/vsPiFcfVKboxsZYe/n" + "pv8e4ugXagVQVBXNZJ859iYPdJR24vo=" "-----END EC PRIVATE KEY-----"; + +static const char ecdsa_secp384r1_sig[] = + "\x30\x66\x02\x31\x00\xbb\x4d\x25\x30\x13\x1b\x3b\x75\x60\x07\xed\x53\x8b\x52\xee\xd8\x6e\xf1\x9d\xa8\x36\x0e\x2e\x20\x31\x51\x11\x48\x78\xdd\xaf\x24\x38\x64\x81\x71\x6b\xa6\xb7\x29\x58\x28\x82\x32\xba\x29\x29\xd9\x02\x31\x00\xeb\x70\x09\x87\xac\x7b\x78\x0d\x4c\x4f\x08\x2b\x86\x27\xe2\x60\x1f\xc9\x11\x9f\x1d\xf5\x82\x4c\xc7\x3d\xb0\x27\xc8\x93\x29\xc7\xd0\x0e\x88\x02\x09\x93\xc2\x72\xce\xa5\x74\x8c\x3d\xe0\x8c\xad"; + +static const char ecdsa_secp521r1_privkey[] = + "-----BEGIN EC PRIVATE KEY-----" + "MIHbAgEBBEGO2n7NN363qSCvJVdlQtCvudtaW4o0fEufXRjE1AsCrle+VXX0Zh0w" + "Y1slSeDHMndpakoiF+XkQ+bhcB867UV6aKAHBgUrgQQAI6GBiQOBhgAEAQb6jDpo" + "byy1tF8Zucg0TMGUzIN2DK+RZJ3QQRdWdirO25OIC3FoFi1Yird6rpoB6HlNyJ7R" + "0bNG9Uv34bSHMn8yAFoiqxUCdJZQbEenMoZsi6COaePe3e0QqvDMr0hEWT23Sr3t" + "LpEV7eZGFfFIJw5wSUp2KOcs+O9WjmoukTWtDKNV" + "-----END EC PRIVATE KEY-----"; + +static const char ecdsa_secp521r1_sig[] = + "\x30\x81\x87\x02\x42\x01\xb8\xcb\x52\x9e\x10\xa8\x49\x3f\xe1\x9e\x14\x0a\xcf\x96\xed\x7e\xab\x7d\x0c\xe1\x9b\xa4\x97\xdf\x01\xf5\x35\x42\x5f\x5b\x28\x15\x24\x33\x6e\x59\x6c\xaf\x10\x8b\x98\x8e\xe9\x4c\x23\x0d\x76\x92\x03\xdd\x6d\x8d\x08\x47\x15\x5b\xf8\x66\x75\x75\x40\xe8\xf4\xa0\x52\x02\x41\x15\x27\x7c\x5f\xa6\x33\xa6\x29\x68\x3f\x55\x8d\x7f\x1d\x4f\x88\xc6\x61\x6e\xac\x21\xdf\x2b\x7b\xde\x76\x9a\xdc\xe6\x3b\x94\x3f\x03\x9c\xa2\xa6\xa3\x63\x39\x48\xbd\x79\x70\x21\xf2\x6b\xff\x58\x66\xf1\x58\xc2\x58\xad\x4f\x84\x14\x5d\x05\x12\x83\xd0\x87\xbd\xf3"; + +/* DSA key and signature */ +static const char dsa_privkey[] = + "-----BEGIN DSA PRIVATE KEY-----\n" + "MIIDTQIBAAKCAQEAh60B6yPMRIT7udq2kKuwnQDohvT1U0w+RJcSr23C05cM/Ovn\n" + "UP/8Rrj6T8K+uYhMbKgLaZiJJW9q04jaPQk0cfUphbLvRjzVHwE/0Bkb+Y1Rv7ni\n" + "Jot2IFMq5iuNraf889PC0WREvFCcIkSFY2Ac4WT7mCcBtfx/raGFXDUjcUrJ0HwZ\n" + "IOhjQDfcXUsztuyYsYA75ociEY8kyDZq/ixyr5++R1VjNf30Re8AbQlXOEGxEN5t\n" + "t+Tvpq8K5L3prQs2KNSzyOUmedjb/ojH4T4qe/RL9EVjjeuIGHDNUT6F197yZ91y\n" + "qLLTf1WjnUyZcKij5rryX0LJBBWawEZjNSHZawIdAMQlyycia4NigCdiDR+QptUn\n" + "2xrj9o14fXkIrXcCggEAXRZm1rbPhsjSTo6cpCVrmDzO1grv83EHiBH4MvRQQnP8\n" + "FpAREsBA5cYju97XvLaLhioZeMjLn08kU7TUbHRUB+ULTuVvE2dQbBpGuKiLRRt9\n" + "6U2T0eD3xGLoM+o8EY/kpqaWGEpZv7hzM9xuo4vy55+viAZgFWULqmltwfG/7w7V\n" + "NXUHNv5H4Ipw//fSDLTPqzUlNqSSswDLz6pCjWEs0rWAqNAMaOiLTz4id9pL48Oe\n" + "oAfpcQR9tgTEnwyXfZBnrJVclHhkHKGeXvU05IgCzpKO76Z5R+By50T0i/JV7vzM\n" + "l2yS9aAl/cprT6U7yI3oU/blldCVNpMcFAFb+fO8DAKCAQBVMo8xptyvQOJeSvbO\n" + "SSYdJ3IiI/0GdkcGWXblWg9z7mrPaWEnT7OquEm/+vYtWd3GHDtyNM+jzsN4Xgjc\n" + "TL3AEd2hLiozJQ1BFKw25VU08UHAYTzUxZhO4Vwtmp46Kwj8YLDQ3NHRWCBxpDQR\n" + "fbiFvyXP+qXap6plMfrydnUD1mae/JSOWOYgdB7tFIehstLxVXx/cAnjwgFU03Df\n" + "grjsad92zA1Hc9wIjbsgAQdTR5DWnFRkRt3UtayBwoyqm6QceZHsv1NAGvkQ4ion\n" + "bEjkHkjF9YCkR9/rspR8cLghRIXMjOpypuSbaRPeeWq0gP2UOxFL/d3iWH0ETr/L\n" + "kTlCAhxYGpVgtfB96qmJukyl9GOGvfkwFTgEyIDoV84M\n" + "-----END DSA PRIVATE KEY-----\n"; + +static const char dsa_sig[] = + "\x30\x3d\x02\x1c\x2e\x40\x14\xb3\x7a\x3f\xc0\x4f\x06\x74\x4f\xa6\x5f\xc2\x0a\x46\x35\x38\x88\xb4\x1a\xcf\x94\x02\x40\x42\x7c\x7f\x02\x1d\x00\x98\xfc\xf1\x08\x66\xf1\x86\x28\xc9\x73\x9e\x2b\x5d\xce\x57\xe8\xb5\xeb\xcf\xa3\xf6\x60\xf6\x63\x16\x0e\xc0\x42"; + +static const char gost01_privkey[] = + "-----BEGIN PRIVATE KEY-----\n" + "MEUCAQAwHAYGKoUDAgITMBIGByqFAwICIwEGByqFAwICHgEEIgQgdNfuHGmmTdPm\n" + "p5dAa3ea9UYxpdYQPP9lbDwzQwG2bJM=\n" + "-----END PRIVATE KEY-----\n"; + +static const char gost01_sig[] = + "\xc5\xc8\xf8\xdc\x22\x51\xb0\x72\xe9\xa2\xbb\x84\x6c\xe2\x24\xd5\x72\x39\x2a\x5a\x0e\x7a\x43\xfc\x9c\xc3\x5d\x32\x92\xbb\xab\xc0\x4b\x99\xbd\xc8\x47\x24\x70\x06\x7e\xa1\xc6\xe3\xa0\xdc\x42\xed\xa0\x66\xf0\xcc\x50\x97\xe9\x5a\x7d\x3f\x65\x2d\x7b\x1b\x03\xcb"; + +static const char gost12_256_privkey[] = + "-----BEGIN PRIVATE KEY-----\n" + "MEgCAQAwHwYIKoUDBwEBAQEwEwYHKoUDAgIjAQYIKoUDBwEBAgIEIgQgKOF96tom\n" + "D61rhSnzKjyrmO3fv0gdlHei+6ovrc8SnBk=\n" + "-----END PRIVATE KEY-----\n"; + +static const char gost12_256_sig[] = + "\xb2\x51\x5a\x1a\xbd\x95\x4e\x71\x55\xad\x74\x74\x81\xa6\xca\x6c\x14\x01\xe0\x18\xda\xe4\x0d\x02\x4f\x14\xd2\x39\xd6\x3c\xb5\x85\xa8\x37\xfd\x7f\x2b\xfa\xe4\xf5\xbc\xbc\x15\x20\x8b\x83\x4b\x84\x0d\x5d\x02\x21\x8c\x0d\xb9\xc4\x2b\xc0\x3e\xfd\x42\x55\x1d\xb0"; + +static const char gost12_512_privkey[] = + "-----BEGIN PRIVATE KEY-----\n" + "MGoCAQAwIQYIKoUDBwEBAQIwFQYJKoUDBwECAQIBBggqhQMHAQECAwRCBECjFpvp\n" + "B0vdc7u59b99TCNXhHiB69JJtUjvieNkGYJpoaaIvoKZTNCjpSZASsZcQZCHOTof\n" + "hsQ3JCCy4xnd5jWT\n" + "-----END PRIVATE KEY-----\n"; + +static const char gost12_512_sig[] = + "\x52\x4f\xa2\x77\x51\xd2\xc5\xef\xd3\xa3\x99\x4e\xec\xff\xc6\xe9\xfc\x2f\xc0\x28\x42\x03\x95\x6c\x9a\x38\xee\xea\x89\x79\xae\x1a\xc3\x68\x5e\xe4\x15\x15\x4b\xec\x0f\xf1\x7e\x0f\xba\x01\xc7\x84\x16\xc7\xb5\xac\x9d\x0c\x22\xdd\x31\xf7\xb0\x9b\x59\x4b\xf0\x02\xa8\x7d\xfd\x6d\x02\x43\xc7\x4f\x65\xbd\x84\x5c\x54\x91\xba\x75\x9f\x5a\x61\x19\x5c\x9a\x10\x78\x34\xa0\xa6\xf6\xdc\xb6\xb0\x50\x22\x38\x5f\xb0\x16\x66\xf1\xd5\x46\x00\xd5\xe2\xa8\xe5\xd2\x11\x5f\xd1\xbe\x6e\xac\xb2\x9c\x14\x34\x96\xe7\x58\x94\xb8\xf4\x5f"; + static int test_rsa_enc(gnutls_pk_algorithm_t pk, unsigned bits, gnutls_digest_algorithm_t ign) { @@ -302,118 +414,6 @@ static int test_sig(gnutls_pk_algorithm_t pk, return ret; } -/* A precomputed RSA-SHA1 signature using the rsa_key2048 */ -static const char rsa_sig[] = - "\x7a\xb3\xf8\xb0\xf9\xf0\x52\x88\x37\x17\x97\x9f\xbe\x61\xb4\xd2\x43\x78\x9f\x79\x92\xd0\xad\x08\xdb\xbd\x3c\x72\x7a\xb5\x51\x59\x63\xd6\x7d\xf1\x9c\x1e\x10\x7b\x27\xab\xf8\xd4\x9d\xcd\xc5\xf9\xae\xf7\x09\x6b\x40\x93\xc5\xe9\x1c\x0f\xb4\x82\xa1\x47\x86\x54\x63\xd2\x4d\x40\x9a\x80\xb9\x38\x45\x69\xa2\xd6\x92\xb6\x69\x7f\x3f\xf3\x5b\xa5\x1d\xac\x06\xad\xdf\x4e\xbb\xe6\xda\x68\x0d\xe5\xab\xef\xd2\xf0\xc5\xd8\xc0\xed\x80\xe2\xd4\x76\x98\xec\x44\xa2\xfc\x3f\xce\x2e\x8b\xc4\x4b\xab\xb0\x70\x24\x52\x85\x2a\x36\xcd\x9a\xb5\x05\x00\xea\x98\x7c\x72\x06\x68\xb1\x38\x44\x16\x80\x6a\x3b\x64\x72\xbb\xfd\x4b\xc9\xdd\xda\x2a\x68\xde\x7f\x6e\x48\x28\xc1\x63\x57\x2b\xde\x83\xa3\x27\x34\xd7\xa6\x87\x18\x35\x10\xff\x31\xd9\x47\xc9\x84\x35\xe1\xaa\xe2\xf7\x98\xfa\x19\xd3\xf1\x94\x25\x2a\x96\xe4\xa8\xa7\x05\x10\x93\x87\xde\x96\x85\xe5\x68\xb8\xe5\x4e\xbf\x66\x85\x91\xbd\x52\x5b\x3d\x9f\x1b\x79\xea\xe3\x8b\xef\x62\x18\x39\x7a\x50\x01\x46\x1b\xde\x8d\x37\xbc\x90\x6c\x07\xc0\x07\xed\x60\xce\x2e\x31\xd6\x8f\xe8\x75\xdb\x45\x21\xc6\xcb"; - -/* ECDSA key and signature */ -static const char ecdsa_secp256r1_privkey[] = - "-----BEGIN EC PRIVATE KEY-----\n" - "MHcCAQEEIPAKWV7+pZe9c5EubMNfAEKWRQtP/MvlO9HehwHmJssNoAoGCCqGSM49\n" - "AwEHoUQDQgAE2CNONRio3ciuXtoomJKs3MdbzLbd44VPhtzJN30VLFm5gvnfiCj2\n" - "zzz7pl9Cv0ECHl6yedNI8QEKdcwCDgEmkQ==\n" - "-----END EC PRIVATE KEY-----\n"; - -static const char ecdsa_secp256r1_sig[] = - "\x30\x45\x02\x21\x00\x9b\x8f\x60\xed\x9e\x40\x8d\x74\x82\x73\xab\x20\x1a\x69\xfc\xf9\xee\x3c\x41\x80\xc0\x39\xdd\x21\x1a\x64\xfd\xbf\x7e\xaa\x43\x70\x02\x20\x44\x28\x05\xdd\x30\x47\x58\x96\x18\x39\x94\x18\xba\xe7\x7a\xf6\x1e\x2d\xba\xb1\xe0\x7d\x73\x9e\x2f\x58\xee\x0c\x2a\x89\xe8\x35"; - -#ifdef ENABLE_NON_SUITEB_CURVES -/* sha256 */ -static const char ecdsa_secp192r1_privkey[] = - "-----BEGIN EC PRIVATE KEY-----" - "MF8CAQEEGLjezFcbgDMeApVrdtZHvu/k1a8/tVZ41KAKBggqhkjOPQMBAaE0AzIA" - "BO1lciKdgxeRH8k64vxcaV1OYIK9akVrW02Dw21MXhRLP0l0wzCw6LGSr5rS6AaL" - "Fg==" "-----END EC PRIVATE KEY-----"; - -static const char ecdsa_secp192r1_sig[] = - "\x30\x34\x02\x18\x5f\xb3\x10\x4b\x4d\x44\x48\x29\x4b\xfd\xa7\x8e\xce\x57\xac\x36\x38\x54\xab\x73\xdb\xed\xb8\x5f\x02\x18\x0b\x8b\xf3\xae\x49\x50\x0e\x47\xca\x89\x1a\x00\xca\x23\xf5\x8d\xd6\xe3\xce\x9a\xff\x2e\x4f\x5c"; - -static const char ecdsa_secp224r1_privkey[] = - "-----BEGIN EC PRIVATE KEY-----" - "MGgCAQEEHOKWJFdWdrR/CgVrUeTeawOrJ9GozE9KKx2a8PmgBwYFK4EEACGhPAM6" - "AAQKQj3YpenWT7lFR41SnBvmj/+Bj+kgzQnaF65qWAtPRJsZXFlLTu3/IUNqSRu9" - "DqPsk8xBHAB7pA==" "-----END EC PRIVATE KEY-----"; - -static const char ecdsa_secp224r1_sig[] = - "\x30\x3d\x02\x1c\x76\x03\x8d\x74\xf4\xd3\x09\x2a\xb5\xdf\x6b\x5b\xf4\x4b\x86\xb8\x62\x81\x5d\x7b\x7a\xbb\x37\xfc\xf1\x46\x1c\x2b\x02\x1d\x00\xa0\x98\x5d\x80\x43\x89\xe5\xee\x1a\xec\x46\x08\x04\x55\xbc\x50\xfa\x2a\xd5\xa6\x18\x92\x19\xdb\x68\xa0\x2a\xda"; -#endif - -static const char ecdsa_secp384r1_privkey[] = - "-----BEGIN EC PRIVATE KEY-----" - "MIGkAgEBBDDevshD6gb+4rZpC9vwFcIwNs4KmGzdqCxyyN40a8uOWRbyf7aHdiSS" - "03oAyKtc4JCgBwYFK4EEACKhZANiAARO1KkPMno2tnNXx1S9EZkp8SOpDCZ4aobH" - "IYv8RHnSmKf8I3OKD6TaoeR+1MwJmNJUH90Bj45WXla68/vsPiFcfVKboxsZYe/n" - "pv8e4ugXagVQVBXNZJ859iYPdJR24vo=" "-----END EC PRIVATE KEY-----"; - -static const char ecdsa_secp384r1_sig[] = - "\x30\x66\x02\x31\x00\xbb\x4d\x25\x30\x13\x1b\x3b\x75\x60\x07\xed\x53\x8b\x52\xee\xd8\x6e\xf1\x9d\xa8\x36\x0e\x2e\x20\x31\x51\x11\x48\x78\xdd\xaf\x24\x38\x64\x81\x71\x6b\xa6\xb7\x29\x58\x28\x82\x32\xba\x29\x29\xd9\x02\x31\x00\xeb\x70\x09\x87\xac\x7b\x78\x0d\x4c\x4f\x08\x2b\x86\x27\xe2\x60\x1f\xc9\x11\x9f\x1d\xf5\x82\x4c\xc7\x3d\xb0\x27\xc8\x93\x29\xc7\xd0\x0e\x88\x02\x09\x93\xc2\x72\xce\xa5\x74\x8c\x3d\xe0\x8c\xad"; - -static const char ecdsa_secp521r1_privkey[] = - "-----BEGIN EC PRIVATE KEY-----" - "MIHbAgEBBEGO2n7NN363qSCvJVdlQtCvudtaW4o0fEufXRjE1AsCrle+VXX0Zh0w" - "Y1slSeDHMndpakoiF+XkQ+bhcB867UV6aKAHBgUrgQQAI6GBiQOBhgAEAQb6jDpo" - "byy1tF8Zucg0TMGUzIN2DK+RZJ3QQRdWdirO25OIC3FoFi1Yird6rpoB6HlNyJ7R" - "0bNG9Uv34bSHMn8yAFoiqxUCdJZQbEenMoZsi6COaePe3e0QqvDMr0hEWT23Sr3t" - "LpEV7eZGFfFIJw5wSUp2KOcs+O9WjmoukTWtDKNV" - "-----END EC PRIVATE KEY-----"; - -static const char ecdsa_secp521r1_sig[] = - "\x30\x81\x87\x02\x42\x01\xb8\xcb\x52\x9e\x10\xa8\x49\x3f\xe1\x9e\x14\x0a\xcf\x96\xed\x7e\xab\x7d\x0c\xe1\x9b\xa4\x97\xdf\x01\xf5\x35\x42\x5f\x5b\x28\x15\x24\x33\x6e\x59\x6c\xaf\x10\x8b\x98\x8e\xe9\x4c\x23\x0d\x76\x92\x03\xdd\x6d\x8d\x08\x47\x15\x5b\xf8\x66\x75\x75\x40\xe8\xf4\xa0\x52\x02\x41\x15\x27\x7c\x5f\xa6\x33\xa6\x29\x68\x3f\x55\x8d\x7f\x1d\x4f\x88\xc6\x61\x6e\xac\x21\xdf\x2b\x7b\xde\x76\x9a\xdc\xe6\x3b\x94\x3f\x03\x9c\xa2\xa6\xa3\x63\x39\x48\xbd\x79\x70\x21\xf2\x6b\xff\x58\x66\xf1\x58\xc2\x58\xad\x4f\x84\x14\x5d\x05\x12\x83\xd0\x87\xbd\xf3"; - -/* DSA key and signature */ -static const char dsa_privkey[] = - "-----BEGIN DSA PRIVATE KEY-----\n" - "MIIDTQIBAAKCAQEAh60B6yPMRIT7udq2kKuwnQDohvT1U0w+RJcSr23C05cM/Ovn\n" - "UP/8Rrj6T8K+uYhMbKgLaZiJJW9q04jaPQk0cfUphbLvRjzVHwE/0Bkb+Y1Rv7ni\n" - "Jot2IFMq5iuNraf889PC0WREvFCcIkSFY2Ac4WT7mCcBtfx/raGFXDUjcUrJ0HwZ\n" - "IOhjQDfcXUsztuyYsYA75ociEY8kyDZq/ixyr5++R1VjNf30Re8AbQlXOEGxEN5t\n" - "t+Tvpq8K5L3prQs2KNSzyOUmedjb/ojH4T4qe/RL9EVjjeuIGHDNUT6F197yZ91y\n" - "qLLTf1WjnUyZcKij5rryX0LJBBWawEZjNSHZawIdAMQlyycia4NigCdiDR+QptUn\n" - "2xrj9o14fXkIrXcCggEAXRZm1rbPhsjSTo6cpCVrmDzO1grv83EHiBH4MvRQQnP8\n" - "FpAREsBA5cYju97XvLaLhioZeMjLn08kU7TUbHRUB+ULTuVvE2dQbBpGuKiLRRt9\n" - "6U2T0eD3xGLoM+o8EY/kpqaWGEpZv7hzM9xuo4vy55+viAZgFWULqmltwfG/7w7V\n" - "NXUHNv5H4Ipw//fSDLTPqzUlNqSSswDLz6pCjWEs0rWAqNAMaOiLTz4id9pL48Oe\n" - "oAfpcQR9tgTEnwyXfZBnrJVclHhkHKGeXvU05IgCzpKO76Z5R+By50T0i/JV7vzM\n" - "l2yS9aAl/cprT6U7yI3oU/blldCVNpMcFAFb+fO8DAKCAQBVMo8xptyvQOJeSvbO\n" - "SSYdJ3IiI/0GdkcGWXblWg9z7mrPaWEnT7OquEm/+vYtWd3GHDtyNM+jzsN4Xgjc\n" - "TL3AEd2hLiozJQ1BFKw25VU08UHAYTzUxZhO4Vwtmp46Kwj8YLDQ3NHRWCBxpDQR\n" - "fbiFvyXP+qXap6plMfrydnUD1mae/JSOWOYgdB7tFIehstLxVXx/cAnjwgFU03Df\n" - "grjsad92zA1Hc9wIjbsgAQdTR5DWnFRkRt3UtayBwoyqm6QceZHsv1NAGvkQ4ion\n" - "bEjkHkjF9YCkR9/rspR8cLghRIXMjOpypuSbaRPeeWq0gP2UOxFL/d3iWH0ETr/L\n" - "kTlCAhxYGpVgtfB96qmJukyl9GOGvfkwFTgEyIDoV84M\n" - "-----END DSA PRIVATE KEY-----\n"; - -static const char dsa_sig[] = - "\x30\x3d\x02\x1c\x2e\x40\x14\xb3\x7a\x3f\xc0\x4f\x06\x74\x4f\xa6\x5f\xc2\x0a\x46\x35\x38\x88\xb4\x1a\xcf\x94\x02\x40\x42\x7c\x7f\x02\x1d\x00\x98\xfc\xf1\x08\x66\xf1\x86\x28\xc9\x73\x9e\x2b\x5d\xce\x57\xe8\xb5\xeb\xcf\xa3\xf6\x60\xf6\x63\x16\x0e\xc0\x42"; - -static const char gost01_privkey[] = - "-----BEGIN PRIVATE KEY-----\n" - "MEUCAQAwHAYGKoUDAgITMBIGByqFAwICIwEGByqFAwICHgEEIgQgdNfuHGmmTdPm\n" - "p5dAa3ea9UYxpdYQPP9lbDwzQwG2bJM=\n" - "-----END PRIVATE KEY-----\n"; - -static const char gost01_sig[] = - "\xc5\xc8\xf8\xdc\x22\x51\xb0\x72\xe9\xa2\xbb\x84\x6c\xe2\x24\xd5\x72\x39\x2a\x5a\x0e\x7a\x43\xfc\x9c\xc3\x5d\x32\x92\xbb\xab\xc0\x4b\x99\xbd\xc8\x47\x24\x70\x06\x7e\xa1\xc6\xe3\xa0\xdc\x42\xed\xa0\x66\xf0\xcc\x50\x97\xe9\x5a\x7d\x3f\x65\x2d\x7b\x1b\x03\xcb"; - -static const char gost12_256_privkey[] = - "-----BEGIN PRIVATE KEY-----\n" - "MEgCAQAwHwYIKoUDBwEBAQEwEwYHKoUDAgIjAQYIKoUDBwEBAgIEIgQgKOF96tom\n" - "D61rhSnzKjyrmO3fv0gdlHei+6ovrc8SnBk=\n" - "-----END PRIVATE KEY-----\n"; - -static const char gost12_256_sig[] = - "\xb2\x51\x5a\x1a\xbd\x95\x4e\x71\x55\xad\x74\x74\x81\xa6\xca\x6c\x14\x01\xe0\x18\xda\xe4\x0d\x02\x4f\x14\xd2\x39\xd6\x3c\xb5\x85\xa8\x37\xfd\x7f\x2b\xfa\xe4\xf5\xbc\xbc\x15\x20\x8b\x83\x4b\x84\x0d\x5d\x02\x21\x8c\x0d\xb9\xc4\x2b\xc0\x3e\xfd\x42\x55\x1d\xb0"; - -static const char gost12_512_privkey[] = - "-----BEGIN PRIVATE KEY-----\n" - "MGoCAQAwIQYIKoUDBwEBAQIwFQYJKoUDBwECAQIBBggqhQMHAQECAwRCBECjFpvp\n" - "B0vdc7u59b99TCNXhHiB69JJtUjvieNkGYJpoaaIvoKZTNCjpSZASsZcQZCHOTof\n" - "hsQ3JCCy4xnd5jWT\n" - "-----END PRIVATE KEY-----\n"; - -static const char gost12_512_sig[] = - "\x52\x4f\xa2\x77\x51\xd2\xc5\xef\xd3\xa3\x99\x4e\xec\xff\xc6\xe9\xfc\x2f\xc0\x28\x42\x03\x95\x6c\x9a\x38\xee\xea\x89\x79\xae\x1a\xc3\x68\x5e\xe4\x15\x15\x4b\xec\x0f\xf1\x7e\x0f\xba\x01\xc7\x84\x16\xc7\xb5\xac\x9d\x0c\x22\xdd\x31\xf7\xb0\x9b\x59\x4b\xf0\x02\xa8\x7d\xfd\x6d\x02\x43\xc7\x4f\x65\xbd\x84\x5c\x54\x91\xba\x75\x9f\x5a\x61\x19\x5c\x9a\x10\x78\x34\xa0\xa6\xf6\xdc\xb6\xb0\x50\x22\x38\x5f\xb0\x16\x66\xf1\xd5\x46\x00\xd5\xe2\xa8\xe5\xd2\x11\x5f\xd1\xbe\x6e\xac\xb2\x9c\x14\x34\x96\xe7\x58\x94\xb8\xf4\x5f"; - static int test_known_sig(gnutls_pk_algorithm_t pk, unsigned bits, gnutls_digest_algorithm_t dig, const void *privkey, size_t privkey_size, -- 2.20.1 From 4b04d899849ea566ae33862289276d9b297cd493 Mon Sep 17 00:00:00 2001 From: Anderson Toshiyuki Sasaki Date: Wed, 3 Apr 2019 13:44:56 +0200 Subject: [PATCH 2/7] crypto-selftests-pk.c: Add a comparison with a known signature For RSA, compare the generated signature with a stored known value in test_sig(). Signed-off-by: Anderson Toshiyuki Sasaki --- lib/crypto-selftests-pk.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/lib/crypto-selftests-pk.c b/lib/crypto-selftests-pk.c index 4fadd4161..0233e6b9f 100644 --- a/lib/crypto-selftests-pk.c +++ b/lib/crypto-selftests-pk.c @@ -313,6 +313,7 @@ static int test_sig(gnutls_pk_algorithm_t pk, { int ret; gnutls_datum_t sig = { NULL, 0 }; + gnutls_datum_t known_sig = { NULL, 0 }; gnutls_datum_t raw_rsa_key = { (void*)rsa_key2048, sizeof(rsa_key2048)-1 }; gnutls_datum_t raw_dsa_key = { (void*)dsa_key, sizeof(dsa_key)-1 }; gnutls_datum_t raw_ecc_key = { (void*)ecc_key, sizeof(ecc_key)-1 }; @@ -343,6 +344,8 @@ static int test_sig(gnutls_pk_algorithm_t pk, } if (pk == GNUTLS_PK_RSA) { + known_sig.data = (void *)rsa_sig; + known_sig.size = sizeof(rsa_sig) - 1; ret = gnutls_privkey_import_x509_raw(key, &raw_rsa_key, GNUTLS_X509_FMT_PEM, NULL, 0); } else if (pk == GNUTLS_PK_RSA_PSS) { ret = gnutls_privkey_import_x509_raw(key, &raw_rsa_key, GNUTLS_X509_FMT_PEM, NULL, 0); @@ -378,6 +381,16 @@ static int test_sig(gnutls_pk_algorithm_t pk, goto cleanup; } + /* Compare with a stored known signature */ + if (known_sig.data != NULL) { + if (sig.size != known_sig.size + || memcmp(sig.data, known_sig.data, sig.size) != 0) { + ret = GNUTLS_E_SELF_TEST_ERROR; + gnutls_assert(); + goto cleanup; + } + } + ret = gnutls_pubkey_verify_data2(pub, sigalgo, 0, &signed_data, &sig); -- 2.20.1 From 2123049ab9b963ef0ba108ed1cb180016bd672ab Mon Sep 17 00:00:00 2001 From: Anderson Toshiyuki Sasaki Date: Wed, 17 Apr 2019 17:22:40 +0200 Subject: [PATCH 3/7] nettle/pk.c: Do not call gnutls_rnd() during self tests When the library state is LIB_STATE_SELFTEST, use constant data instead of calling gnutls_rnd(). This prevents the library to block if there is insufficient entropy during FIPS self tests. Signed-off-by: Anderson Toshiyuki Sasaki --- lib/nettle/pk.c | 41 ++++++++++++++++++++++++++++++++++------- 1 file changed, 34 insertions(+), 7 deletions(-) diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c index 08117c2d8..64633cc73 100644 --- a/lib/nettle/pk.c +++ b/lib/nettle/pk.c @@ -60,6 +60,33 @@ static inline const struct ecc_curve *get_supported_nist_curve(int curve); static inline const struct ecc_curve *get_supported_gost_curve(int curve); +/* Fill the buffer with data for testing purposes. + * This should be called only during self tests. + */ +static int _pk_fill_buffer(void *buffer, size_t length) +{ + if (_gnutls_get_lib_state() != LIB_STATE_SELFTEST) { + return gnutls_assert_val(GNUTLS_E_RANDOM_FAILED); + } + + memset(buffer, 0xAA, length); + + return 0; +} + +static int _pk_rnd(gnutls_rnd_level_t level, void *data, size_t len) +{ + int ret; + + if (_gnutls_get_lib_state() == LIB_STATE_SELFTEST) { + ret = _pk_fill_buffer(data, len); + } else { + ret = gnutls_rnd(level, data, len); + } + + return ret; +} + /* When these callbacks are used for a nettle operation, the * caller must check the macro HAVE_LIB_ERROR() after the operation * is complete. If the macro is true, the operation is to be considered @@ -67,21 +94,21 @@ static inline const struct ecc_curve *get_supported_gost_curve(int curve); */ static void rnd_key_func(void *_ctx, size_t length, uint8_t * data) { - if (gnutls_rnd(GNUTLS_RND_KEY, data, length) < 0) { + if (_pk_rnd(GNUTLS_RND_KEY, data, length) < 0) { _gnutls_switch_lib_state(LIB_STATE_ERROR); } } static void rnd_tmpkey_func(void *_ctx, size_t length, uint8_t * data) { - if (gnutls_rnd(GNUTLS_RND_RANDOM, data, length) < 0) { + if (_pk_rnd(GNUTLS_RND_RANDOM, data, length) < 0) { _gnutls_switch_lib_state(LIB_STATE_ERROR); } } static void rnd_nonce_func(void *_ctx, size_t length, uint8_t * data) { - if (gnutls_rnd(GNUTLS_RND_NONCE, data, length) < 0) { + if (_pk_rnd(GNUTLS_RND_NONCE, data, length) < 0) { _gnutls_switch_lib_state(LIB_STATE_ERROR); } } @@ -650,7 +677,7 @@ _rsa_pss_sign_digest_tr(gnutls_digest_algorithm_t dig, if (salt == NULL) return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR); - ret = gnutls_rnd(GNUTLS_RND_NONCE, salt, salt_size); + ret = _pk_rnd(GNUTLS_RND_NONCE, salt, salt_size); if (ret < 0) { gnutls_assert(); goto cleanup; @@ -1732,7 +1759,7 @@ gnutls_x509_spki_st spki; _gnutls_dsa_q_to_hash(params, &hash_len); gen_data = gnutls_malloc(hash_len); - gnutls_rnd(GNUTLS_RND_NONCE, gen_data, hash_len); + _pk_rnd(GNUTLS_RND_NONCE, gen_data, hash_len); ddata.data = (void*)gen_data; ddata.size = hash_len; @@ -2101,7 +2128,7 @@ wrap_nettle_pk_generate_keys(gnutls_pk_algorithm_t algo, goto fail; } - ret = gnutls_rnd(rnd_level, params->raw_priv.data, size); + ret = _pk_rnd(rnd_level, params->raw_priv.data, size); if (ret < 0) { ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR); goto fail; @@ -2240,7 +2267,7 @@ wrap_nettle_pk_generate_keys(gnutls_pk_algorithm_t algo, goto fail; } - ret = gnutls_rnd(rnd_level, params->raw_priv.data, size); + ret = _pk_rnd(rnd_level, params->raw_priv.data, size); if (ret < 0) { ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR); goto fail; -- 2.20.1 From db2b308fdbe98420b722eaf678c1a911bc51b0a5 Mon Sep 17 00:00:00 2001 From: Anderson Toshiyuki Sasaki Date: Thu, 18 Apr 2019 17:22:18 +0200 Subject: [PATCH 4/7] tests: Run rng-no-onload test in FIPS mode This changes the function used in the test to override gnutls_rnd() to fill the given buffer with a different value each time it is called. This allows the test to run when FIPS mode is enabled. Previously the rng-no-onload test could get stuck if FIPS mode was enabled. This happened if gnutls_rnd() function was called during global_init() in a loop that checks the generated value (e.g. if ECDSA signature generation is called during self tests). Signed-off-by: Anderson Toshiyuki Sasaki --- tests/rng-no-onload.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/tests/rng-no-onload.c b/tests/rng-no-onload.c index ac01be214..a485a440d 100644 --- a/tests/rng-no-onload.c +++ b/tests/rng-no-onload.c @@ -50,18 +50,20 @@ static int _rnd_called = 0; int __attribute__ ((visibility ("protected"))) gnutls_rnd(gnutls_rnd_level_t level, void *data, size_t len) { + static unsigned int value = 0; + _rnd_called = 1; - memset(data, 0xff, len); + /* Increment 'value' in each call up to 255, then start again from 0 */ + value = (value + 1) & 0xFF; + + memset(data, value, len); + return 0; } void doit(void) { - if (gnutls_fips140_mode_enabled()) { - exit(77); - } - global_init(); if (_rnd_called != 0) -- 2.20.1 From fc926cd65f1de06f359315c6693c1a9c9899ba8c Mon Sep 17 00:00:00 2001 From: Anderson Toshiyuki Sasaki Date: Thu, 4 Apr 2019 15:45:02 +0200 Subject: [PATCH 5/7] crypto-selftests-pk.c: Fix test_known_sig Previously a new signature was generated only for deterministic algorithms (i.e. only RSA). With this, a new signature is always generated (and compared with a stored signature for deterministic algorithms). The signature verification is tested for both generated and stored signatures. Signed-off-by: Anderson Toshiyuki Sasaki --- lib/crypto-selftests-pk.c | 31 ++++++++++++++++++++----------- 1 file changed, 20 insertions(+), 11 deletions(-) diff --git a/lib/crypto-selftests-pk.c b/lib/crypto-selftests-pk.c index 0233e6b9f..ba8f5e376 100644 --- a/lib/crypto-selftests-pk.c +++ b/lib/crypto-selftests-pk.c @@ -475,19 +475,17 @@ static int test_known_sig(gnutls_pk_algorithm_t pk, unsigned bits, goto cleanup; } - /* Test if the signature we generate matches the stored */ + ret = gnutls_privkey_sign_data(key, dig, 0, &signed_data, &sig); + if (ret < 0) { + gnutls_assert(); + goto cleanup; + } + + /* Test if the generated signature matches the stored */ ssig.data = (void *) stored_sig; ssig.size = stored_sig_size; if (deterministic_sigs != 0) { /* do not compare against stored signature if not provided */ - ret = - gnutls_privkey_sign_data(key, dig, 0, &signed_data, - &sig); - if (ret < 0) { - gnutls_assert(); - goto cleanup; - } - if (sig.size != ssig.size || memcmp(sig.data, ssig.data, sig.size) != 0) { ret = GNUTLS_E_SELF_TEST_ERROR; @@ -507,7 +505,7 @@ static int test_known_sig(gnutls_pk_algorithm_t pk, unsigned bits, } } - /* Test if we can verify the signature */ + /* Test if we can verify the generated signature */ ret = gnutls_pubkey_import_privkey(pub, key, 0, 0); if (ret < 0) { @@ -515,6 +513,17 @@ static int test_known_sig(gnutls_pk_algorithm_t pk, unsigned bits, goto cleanup; } + ret = + gnutls_pubkey_verify_data2(pub, gnutls_pk_to_sign(pk, dig), 0, + &signed_data, &sig); + if (ret < 0) { + ret = GNUTLS_E_SELF_TEST_ERROR; + gnutls_assert(); + goto cleanup; + } + + /* Test if we can verify the stored signature */ + ret = gnutls_pubkey_verify_data2(pub, gnutls_pk_to_sign(pk, dig), 0, &signed_data, &ssig); @@ -528,7 +537,7 @@ static int test_known_sig(gnutls_pk_algorithm_t pk, unsigned bits, ret = gnutls_pubkey_verify_data2(pub, gnutls_pk_to_sign(pk, dig), 0, - &bad_data, &ssig); + &bad_data, &sig); if (ret != GNUTLS_E_PK_SIG_VERIFY_FAILED) { ret = GNUTLS_E_SELF_TEST_ERROR; -- 2.20.1 From 7e49999db264556ac73ff498bd8f7edce401cdd1 Mon Sep 17 00:00:00 2001 From: Anderson Toshiyuki Sasaki Date: Thu, 4 Apr 2019 17:22:04 +0200 Subject: [PATCH 6/7] crypto-selftests-pk.c: Fix PK_KNOWN_TEST and PK_TEST Remove the flag check from the end of the macros. This change allows more than one test to run in sequence when GNUTLS_SELF_TEST_FLAG_ALL is not set. Move the flags checks to run the minimal set of tests required for FIPS and keep the previous behaviour for GOST (run the first test for each algorithm). Signed-off-by: Anderson Toshiyuki Sasaki --- lib/crypto-selftests-pk.c | 37 ++++++++++++++++++++----------------- 1 file changed, 20 insertions(+), 17 deletions(-) diff --git a/lib/crypto-selftests-pk.c b/lib/crypto-selftests-pk.c index ba8f5e376..fc8ee2525 100644 --- a/lib/crypto-selftests-pk.c +++ b/lib/crypto-selftests-pk.c @@ -568,18 +568,14 @@ static int test_known_sig(gnutls_pk_algorithm_t pk, unsigned bits, if (ret < 0) { \ gnutls_assert(); \ goto cleanup; \ - } \ - if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL)) \ - return 0 + } #define PK_KNOWN_TEST(pk, det, bits, dig, pkey, sig) \ ret = test_known_sig(pk, bits, dig, pkey, sizeof(pkey)-1, sig, sizeof(sig)-1, det); \ if (ret < 0) { \ gnutls_assert(); \ goto cleanup; \ - } \ - if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL)) \ - return 0 + } /* This file is also included by the test app in tests/slow/cipher-test, so in that @@ -812,11 +808,12 @@ int gnutls_pk_self_test(unsigned flags, gnutls_pk_algorithm_t pk) PK_KNOWN_TEST(GNUTLS_PK_RSA, 1, 2048, GNUTLS_DIG_SHA256, rsa_key2048, rsa_sig); PK_TEST(GNUTLS_PK_RSA, test_rsa_enc, 2048, 0); - PK_TEST(GNUTLS_PK_RSA, test_sig, 3072, GNUTLS_SIGN_RSA_SHA256); if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL)) return 0; + PK_TEST(GNUTLS_PK_RSA, test_sig, 3072, GNUTLS_SIGN_RSA_SHA256); + FALLTHROUGH; case GNUTLS_PK_RSA_PSS: PK_TEST(GNUTLS_PK_RSA_PSS, test_sig, 2048, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256); @@ -828,11 +825,12 @@ int gnutls_pk_self_test(unsigned flags, gnutls_pk_algorithm_t pk) case GNUTLS_PK_DSA: PK_KNOWN_TEST(GNUTLS_PK_DSA, 0, 2048, GNUTLS_DIG_SHA256, dsa_privkey, dsa_sig); - PK_TEST(GNUTLS_PK_DSA, test_sig, 3072, GNUTLS_SIGN_DSA_SHA256); if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL)) return 0; + PK_TEST(GNUTLS_PK_DSA, test_sig, 3072, GNUTLS_SIGN_DSA_SHA256); + FALLTHROUGH; case GNUTLS_PK_EC: /* Test ECDH and ECDSA */ @@ -850,13 +848,14 @@ int gnutls_pk_self_test(unsigned flags, gnutls_pk_algorithm_t pk) (GNUTLS_ECC_CURVE_SECP256R1), GNUTLS_DIG_SHA256, ecdsa_secp256r1_privkey, ecdsa_secp256r1_sig); - PK_TEST(GNUTLS_PK_EC, test_sig, - GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP256R1), - GNUTLS_SIGN_ECDSA_SHA256); if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL)) return 0; + PK_TEST(GNUTLS_PK_EC, test_sig, + GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP256R1), + GNUTLS_SIGN_ECDSA_SHA256); + PK_KNOWN_TEST(GNUTLS_PK_EC, 0, GNUTLS_CURVE_TO_BITS (GNUTLS_ECC_CURVE_SECP384R1), @@ -900,31 +899,35 @@ int gnutls_pk_self_test(unsigned flags, gnutls_pk_algorithm_t pk) case GNUTLS_PK_GOST_01: PK_KNOWN_TEST(GNUTLS_PK_GOST_01, 0, GNUTLS_ECC_CURVE_GOST256CPA, GNUTLS_DIG_GOSTR_94, gost01_privkey, gost01_sig); - PK_TEST(GNUTLS_PK_GOST_01, test_sig, GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_GOST256CPA), - GNUTLS_SIGN_GOST_94); if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL)) return 0; + PK_TEST(GNUTLS_PK_GOST_01, test_sig, GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_GOST256CPA), + GNUTLS_SIGN_GOST_94); + FALLTHROUGH; case GNUTLS_PK_GOST_12_256: PK_KNOWN_TEST(GNUTLS_PK_GOST_12_256, 0, GNUTLS_ECC_CURVE_GOST256CPA, GNUTLS_DIG_STREEBOG_256, gost12_256_privkey, gost12_256_sig); - PK_TEST(GNUTLS_PK_GOST_12_256, test_sig, GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_GOST256CPA), - GNUTLS_SIGN_GOST_256); if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL)) return 0; + PK_TEST(GNUTLS_PK_GOST_12_256, test_sig, GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_GOST256CPA), + GNUTLS_SIGN_GOST_256); + FALLTHROUGH; case GNUTLS_PK_GOST_12_512: PK_KNOWN_TEST(GNUTLS_PK_GOST_12_512, 0, GNUTLS_ECC_CURVE_GOST512A, GNUTLS_DIG_STREEBOG_512, gost12_512_privkey, gost12_512_sig); - PK_TEST(GNUTLS_PK_GOST_12_512, test_sig, GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_GOST512A), - GNUTLS_SIGN_GOST_512); if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL)) return 0; + + PK_TEST(GNUTLS_PK_GOST_12_512, test_sig, GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_GOST512A), + GNUTLS_SIGN_GOST_512); + #endif break; -- 2.20.1 From c2e83d2110b98d93588f1b6187bc932feb958ca4 Mon Sep 17 00:00:00 2001 From: Anderson Toshiyuki Sasaki Date: Mon, 8 Apr 2019 14:21:57 +0200 Subject: [PATCH 7/7] crypto-selftests-pk.c: Cleanup self tests test_sig() always uses the same key for RSA, DSA, and ECDSA regardless of the value provided in the "bits" parameter. Therefore, avoid printing specific information (number of bits or name of the curve). Changes test_sig() to use 2048 bits key for DSA; deleted hardcoded 512 bits DSA key; Avoid calling test_sig() multiple times for ECDSA: the same key is used regardless of the curve provided in the parameters. Signed-off-by: Anderson Toshiyuki Sasaki --- lib/crypto-selftests-pk.c | 42 +++++++++------------------------------ 1 file changed, 9 insertions(+), 33 deletions(-) diff --git a/lib/crypto-selftests-pk.c b/lib/crypto-selftests-pk.c index fc8ee2525..3d665b723 100644 --- a/lib/crypto-selftests-pk.c +++ b/lib/crypto-selftests-pk.c @@ -78,16 +78,6 @@ static const char ecc_key[] = "MSHpe5vd0TQz+/GAa1zxle8mB/Cdh0JaTrA=\n" "-----END EC PRIVATE KEY-----\n"; -static const char dsa_key[] = - "-----BEGIN DSA PRIVATE KEY-----\n" - "MIH4AgEAAkEA6KUOSXfFNcInFLPdOlLlKNCe79zJrkxnsQN+lllxuk1ifZrE07r2\n" - "3edTrc4riQNnZ2nZ372tYUAMJg+5jM6IIwIVAOa58exwZ+42Tl+p3b4Kbpyu2Ron\n" - "AkBocj7gkiBYHtv6HMIIzooaxn4vpGR0Ns6wBfroBUGvrnSAgfT3WyiNaHkIF28e\n" - "quWcEeOJjUgFvatcM8gcY288AkEAyKWlgzBurIYST8TM3j4PuQJDTvdHDaGoAUAa\n" - "EfjmOw2UXKwqTmwPiT5BYKgCo2ILS87ttlTpd8vndH37pmnmVQIUQIVuKpZ8y9Bw\n" - "VzO8qcrLCFvTOXY=\n" - "-----END DSA PRIVATE KEY-----\n"; - static const char gost01_key[] = "-----BEGIN PRIVATE KEY-----\n" "MEUCAQAwHAYGKoUDAgITMBIGByqFAwICJAAGByqFAwICHgEEIgQgR1lBLIr4WBpn\n" @@ -315,22 +305,20 @@ static int test_sig(gnutls_pk_algorithm_t pk, gnutls_datum_t sig = { NULL, 0 }; gnutls_datum_t known_sig = { NULL, 0 }; gnutls_datum_t raw_rsa_key = { (void*)rsa_key2048, sizeof(rsa_key2048)-1 }; - gnutls_datum_t raw_dsa_key = { (void*)dsa_key, sizeof(dsa_key)-1 }; + gnutls_datum_t raw_dsa_key = { (void*)dsa_privkey, sizeof(dsa_privkey)-1 }; gnutls_datum_t raw_ecc_key = { (void*)ecc_key, sizeof(ecc_key)-1 }; gnutls_datum_t raw_gost01_key = { (void*)gost01_key, sizeof(gost01_key)-1 }; gnutls_datum_t raw_gost12_256_key = { (void*)gost12_256_key, sizeof(gost12_256_key)-1 }; gnutls_datum_t raw_gost12_512_key = { (void*)gost12_512_key, sizeof(gost12_512_key)-1 }; gnutls_privkey_t key; gnutls_pubkey_t pub = NULL; - char param_name[32]; + char param_name[32] = ""; - if (pk == GNUTLS_PK_EC || pk == GNUTLS_PK_GOST_01 || - pk == GNUTLS_PK_GOST_12_256 || pk == GNUTLS_PK_GOST_12_512) { - snprintf(param_name, sizeof(param_name), "%s", + if (pk == GNUTLS_PK_GOST_01 || pk == GNUTLS_PK_GOST_12_256 || + pk == GNUTLS_PK_GOST_12_512) { + snprintf(param_name, sizeof(param_name), "-%s", gnutls_ecc_curve_get_name(GNUTLS_BITS_TO_CURVE (bits))); - } else { - snprintf(param_name, sizeof(param_name), "%u", bits); } ret = gnutls_privkey_init(&key); @@ -418,10 +406,10 @@ static int test_sig(gnutls_pk_algorithm_t pk, gnutls_free(sig.data); if (ret == 0) - _gnutls_debug_log("%s-%s-sig self test succeeded\n", + _gnutls_debug_log("%s%s-sig self test succeeded\n", gnutls_pk_get_name(pk), param_name); else - _gnutls_debug_log("%s-%s-sig self test failed\n", + _gnutls_debug_log("%s%s-sig self test failed\n", gnutls_pk_get_name(pk), param_name); return ret; @@ -812,7 +800,7 @@ int gnutls_pk_self_test(unsigned flags, gnutls_pk_algorithm_t pk) if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL)) return 0; - PK_TEST(GNUTLS_PK_RSA, test_sig, 3072, GNUTLS_SIGN_RSA_SHA256); + PK_TEST(GNUTLS_PK_RSA, test_sig, 2048, GNUTLS_SIGN_RSA_SHA256); FALLTHROUGH; case GNUTLS_PK_RSA_PSS: @@ -829,7 +817,7 @@ int gnutls_pk_self_test(unsigned flags, gnutls_pk_algorithm_t pk) if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL)) return 0; - PK_TEST(GNUTLS_PK_DSA, test_sig, 3072, GNUTLS_SIGN_DSA_SHA256); + PK_TEST(GNUTLS_PK_DSA, test_sig, 2048, GNUTLS_SIGN_DSA_SHA256); FALLTHROUGH; case GNUTLS_PK_EC: @@ -861,18 +849,12 @@ int gnutls_pk_self_test(unsigned flags, gnutls_pk_algorithm_t pk) (GNUTLS_ECC_CURVE_SECP384R1), GNUTLS_DIG_SHA256, ecdsa_secp384r1_privkey, ecdsa_secp384r1_sig); - PK_TEST(GNUTLS_PK_EC, test_sig, - GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP384R1), - GNUTLS_SIGN_ECDSA_SHA384); PK_KNOWN_TEST(GNUTLS_PK_EC, 0, GNUTLS_CURVE_TO_BITS (GNUTLS_ECC_CURVE_SECP521R1), GNUTLS_DIG_SHA512, ecdsa_secp521r1_privkey, ecdsa_secp521r1_sig); - PK_TEST(GNUTLS_PK_EC, test_sig, - GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP521R1), - GNUTLS_SIGN_ECDSA_SHA512); #ifdef ENABLE_NON_SUITEB_CURVES PK_KNOWN_TEST(GNUTLS_PK_EC, 0, @@ -880,18 +862,12 @@ int gnutls_pk_self_test(unsigned flags, gnutls_pk_algorithm_t pk) (GNUTLS_ECC_CURVE_SECP192R1), GNUTLS_DIG_SHA256, ecdsa_secp192r1_privkey, ecdsa_secp192r1_sig); - PK_TEST(GNUTLS_PK_EC, test_sig, - GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP192R1), - GNUTLS_SIGN_ECDSA_SHA256); PK_KNOWN_TEST(GNUTLS_PK_EC, 0, GNUTLS_CURVE_TO_BITS (GNUTLS_ECC_CURVE_SECP224R1), GNUTLS_DIG_SHA256, ecdsa_secp224r1_privkey, ecdsa_secp224r1_sig); - PK_TEST(GNUTLS_PK_EC, test_sig, - GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP224R1), - GNUTLS_SIGN_ECDSA_SHA256); #endif #if ENABLE_GOST -- 2.20.1