Added tests for mbedtls_rsa_rsassa_pss_sign_ext()

- added some invalid param tests in test_suite_rsa
- added functional tests in test_suite_pkcs1_v21

Signed-off-by: Cédric Meuter <cedric.meuter@gmail.com>
This commit is contained in:
Cédric Meuter 2020-04-25 15:02:34 +02:00
parent f3fab33147
commit a05cbecc90
3 changed files with 42 additions and 1 deletions

View File

@ -1812,6 +1812,8 @@ static int rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx,
hashlen == 0 ) || hashlen == 0 ) ||
hash != NULL ); hash != NULL );
RSA_VALIDATE_RET( sig != NULL ); RSA_VALIDATE_RET( sig != NULL );
RSA_VALIDATE_RET( saltlen == MBEDTLS_RSA_SALT_LEN_ANY ||
saltlen > 0 );
if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21 ) if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21 )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
@ -1854,7 +1856,7 @@ static int rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx,
else else
slen = olen - hlen - 2; slen = olen - hlen - 2;
} }
else if ( (saltlen < 0) || ((size_t) saltlen > olen - hlen - 2) ) else if ( ( (size_t) saltlen ) > olen - hlen - 2 )
{ {
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
} }

View File

@ -159,7 +159,18 @@ void pkcs1_rsassa_pss_sign( int mod, int radix_P, char * input_P, int radix_Q,
hash_result, output ) == result ); hash_result, output ) == result );
if( result == 0 ) if( result == 0 )
{ {
TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
ctx.len, result_str->len ) == 0 );
}
info.buf = rnd_buf->x;
info.length = rnd_buf->len;
TEST_ASSERT( mbedtls_rsa_rsassa_pss_sign_ext( &ctx, &mbedtls_test_rnd_buffer_rand,
&info, digest, 0, hash_result,
MBEDTLS_RSA_SALT_LEN_ANY, output ) == result );
if( result == 0 )
{
TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x, TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x,
ctx.len, result_str->len ) == 0 ); ctx.len, result_str->len ) == 0 );
} }

View File

@ -25,6 +25,7 @@ void rsa_invalid_param( )
const int invalid_padding = 42; const int invalid_padding = 42;
const int valid_mode = MBEDTLS_RSA_PRIVATE; const int valid_mode = MBEDTLS_RSA_PRIVATE;
const int invalid_mode = 42; const int invalid_mode = 42;
const int negative_salt_length = -2;
unsigned char buf[42] = { 0 }; unsigned char buf[42] = { 0 };
size_t olen; size_t olen;
@ -337,6 +338,33 @@ void rsa_invalid_param( )
0, NULL, 0, NULL,
buf ) ); buf ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
0, sizeof( buf ), buf,
negative_salt_length,
buf ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
mbedtls_rsa_rsassa_pss_sign_ext( NULL, NULL, NULL,
0, sizeof( buf ), buf,
MBEDTLS_RSA_SALT_LEN_ANY,
buf ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
0, sizeof( buf ), NULL,
MBEDTLS_RSA_SALT_LEN_ANY,
buf ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
0, sizeof( buf ), buf,
MBEDTLS_RSA_SALT_LEN_ANY,
NULL ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
mbedtls_rsa_rsassa_pss_sign_ext( &ctx, NULL, NULL,
MBEDTLS_MD_SHA1,
0, NULL,
MBEDTLS_RSA_SALT_LEN_ANY,
buf ) );
TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA,
mbedtls_rsa_pkcs1_verify( NULL, NULL, NULL, mbedtls_rsa_pkcs1_verify( NULL, NULL, NULL,
valid_mode, valid_mode,