AuroraMiddleware/mbedtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
25794d8946
mbedtls/tests/suites
History
Gilles Peskine 25794d8946 Test PSS verification with different salt lengths 
Test the following combinations:
* 1024-bit key, SHA-256, salt=0
* 1024-bit key, SHA-256, salt=31 (1 byte shorter than standard)
* 1024-bit key, SHA-256, salt=32 (standard length)
* 1024-bit key, SHA-256, salt=94 (maximum possible length)
* 1024-bit key, SHA-512, salt=61 (1 byte shorter than standard)
* 1024-bit key, SHA-512, salt=62 (standard = maximum possible length)
* 528-bit key, SHA-512, salt=0 (only possible length)

Test psa_verify_hash() for both PSA_ALG_RSA_PSS and PSA_ALG_RSA_PSS_ANY_SALT
with all of these combinations. For psa_verify_message(), just test once
with the standard length and once with a different length.

Note that as of this commit, both PSA_ALG_RSA_PSS and
PSA_ALG_RSA_PSS_ANY_SALT accept any salt length during verification, hence
all the new test cases are positive.

The verify test cases were generated using the Python script below.

```
from Cryptodome import Hash
from Cryptodome.Hash import SHA512
from Cryptodome import PublicKey
from Cryptodome.PublicKey import RSA
from Cryptodome.Signature import pss

key = {
    528: RSA.import_key(bytes.fromhex("30820145020100024300e31c246d46485984261fd174cab3d4357344602ecd793c47dbe54252d37bb350bc634359b19515542080e4724a4b672291be57c7648f51629eaef234e847d99cc65f0203010001024300b166322e09504a5c274b83592f5cf8ce2793a96de5a265abdbe060c641dbc65db0d11c782fe133a7e60aea686d21058d928cad3ef58924c4bb26b9206a03001d0241022200f85d72e463b406ffa282c34b5f0c2d6c2aacf210246af53d5bc7a0b7fa036e1cdb022200ea176c3d9a7fb355fb9fb7707e679b4acfb7bcb645b907e27cdf1764bc340971cd02212e13380342b3dd3083777abf7acc8988ad8a1406069b890f6efd63c57dae31394d022200c3602d3cf537e3cbbda93e072bd8f92965586aae8e5eb20ffc3c8e5fcb1c7b4d7902220098a04f18e48c689ad2f5b9bd404333def54cb2506cd0075c967a2968261e8b8f10")),
    1024: RSA.import_key(bytes.fromhex("3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24")),
}
hash_module = {
    256: Hash.SHA256,
    512: Hash.SHA512,
}

def print_test_case(remark, pub, kbits, hbits, input, output):
    key_hex = pub.hex()
    input_hex = input.hex()
    output_hex = output.hex()
    print(f"""\
PSA verify hash: RSA-{kbits} PSS SHA-{hbits}, {remark}
depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_{hbits}:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"{key_hex}":PSA_ALG_RSA_PSS(PSA_ALG_SHA_{hbits}):"{input_hex}":"{output_hex}"

PSA verify hash: RSA-{kbits} PSS-any-salt SHA-{hbits}, {remark}
depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_{hbits}:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"{key_hex}":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_{hbits}):"{input_hex}":"{output_hex}"
""")

def rand(n):
    return bytes(x & 0xff for x in range(n))

def test_case(kbits, hbits, slen):
    priv = key[kbits]
    pub_spki = priv.publickey().export_key('DER')
    pub_raw = PublicKey._expand_subject_public_key_info(pub_spki)[1]
    hash_op = hash_module[hbits].new(b'abc')
    digest = hash_op.copy().digest()
    output = pss.new(priv, salt_bytes=slen, rand_func=rand).sign(hash_op)
    print_test_case(f"slen={slen}", pub_raw, kbits, hbits, digest, output)

test_case(1024, 256, 0)
test_case(1024, 256, 31)
test_case(1024, 256, 32)
test_case(1024, 256, 94)
test_case(1024, 512, 61)
test_case(1024, 512, 62)
test_case(528, 512, 0)
```

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-05 14:26:25 +02:00
..
helpers.function Merge remote-tracking branch 'mbedtls/development' into mbedtls_private_with_python 2021-06-14 16:17:32 +02:00
host_test.function Fix build error when int32_t is not int 2021-05-18 16:43:43 +02:00
main_test.function Changing the places of the mbedtls_test_hook_test_fail callback declaration 2021-07-20 13:36:16 +02:00
target_test.function Add documentation and minor style changes 2021-02-03 12:07:01 +00:00
test_suite_aes.cbc.data Remove unused cryptography test files 2019-08-15 15:44:50 +01:00
test_suite_aes.cfb.data Remove unused cryptography test files 2019-08-15 15:44:50 +01:00
test_suite_aes.ecb.data Remove unused cryptography test files 2019-08-15 15:44:50 +01:00
test_suite_aes.function Fix improper spacing 2021-06-21 09:10:55 +01:00
test_suite_aes.ofb.data Remove unused cryptography test files 2019-08-15 15:44:50 +01:00
test_suite_aes.rest.data Refactor optional parameter check tests 2021-05-27 17:27:14 +02:00
test_suite_aes.xts.data Remove unused cryptography test files 2019-08-15 15:44:50 +01:00
test_suite_aria.data Removal of the TEST_VALID_PARAM macro and its usages 2021-05-27 17:35:04 +02:00
test_suite_aria.function Addition of ommited part of code review follow-up 2021-05-28 12:56:57 +02:00
test_suite_asn1parse.data Merge pull request #350 from gilles-peskine-arm/asn1-tests-parse_prefixes-trailing_garbage 2020-02-05 15:40:22 +00:00
test_suite_asn1parse.function Use mbedtls_test_read_mpi in test suites 2021-06-22 12:44:05 +02:00
test_suite_asn1write.data Add test cases for ASN.1 ENUMERATED tag 2019-10-31 19:17:36 +02:00
test_suite_asn1write.function Merge remote-tracking branch 'origin/development' into development_new 2021-04-07 16:31:09 +01:00
test_suite_base64.data Fix misnamed base64 test 2021-03-04 14:23:03 +00:00
test_suite_base64.function Prevent false positive CF Test Failures 2021-03-02 22:48:40 +00:00
test_suite_camellia.data Removal of the TEST_VALID_PARAM macro and its usages 2021-05-27 17:35:04 +02:00
test_suite_camellia.function Removal of the TEST_VALID_PARAM macro and its usages 2021-05-27 17:35:04 +02:00
test_suite_ccm.data Add CCM tests for passing unexpected input. 2021-09-06 12:09:34 +02:00
test_suite_ccm.function tests: Improve incomplete then overflow tests 2021-09-17 09:38:07 +02:00
test_suite_chacha20.data Refactor optional parameter check tests 2021-05-27 17:27:14 +02:00
test_suite_chacha20.function Refactor optional parameter check tests 2021-05-27 17:27:14 +02:00
test_suite_chachapoly.data Refactor optional parameter check tests 2021-05-27 17:27:14 +02:00
test_suite_chachapoly.function Refactor optional parameter check tests 2021-05-27 17:27:14 +02:00
test_suite_cipher.aes.data Address review comments 2021-09-29 19:50:07 +02:00
test_suite_cipher.aria.data Add negative tests for empty buffer decoding for certain ciphers 2019-07-29 17:46:29 +02:00
test_suite_cipher.camellia.data Increase test coverage by adding AES and CAMELLIA empty buffer tests 2020-03-24 13:18:58 -04:00
test_suite_cipher.ccm.data Remove unused cryptography test files 2019-08-15 15:44:50 +01:00
test_suite_cipher.chacha20.data Remove unused cryptography test files 2019-08-15 15:44:50 +01:00
test_suite_cipher.chachapoly.data Remove unused cryptography test files 2019-08-15 15:44:50 +01:00
test_suite_cipher.des.data Uniquify test case descriptions 2019-09-20 15:59:31 +02:00
test_suite_cipher.function Address review comments 2021-09-29 19:50:07 +02:00
test_suite_cipher.gcm.data Fix dependency in AES GCM test case 2020-06-26 22:40:58 +02:00
test_suite_cipher.misc.data Remove unused cryptography test files 2019-08-15 15:44:50 +01:00
test_suite_cipher.nist_kw.data Test data: replace "::" by ":" 2019-09-20 16:01:59 +02:00
test_suite_cipher.null.data Uniquify test case descriptions 2019-09-20 15:59:31 +02:00
test_suite_cipher.padding.data Remove MD2, MD4, RC4, Blowfish and XTEA 2021-06-16 10:34:25 +02:00
test_suite_cmac.data Remove unused cryptography test files 2019-08-15 15:44:50 +01:00
test_suite_cmac.function Remove unused cryptography test files 2019-08-15 15:44:50 +01:00
test_suite_ctr_drbg.data Remove selftest dependency in the test suite 2019-11-21 13:49:20 +01:00
test_suite_ctr_drbg.function Rename the _ret() functions 2021-06-08 16:45:41 +02:00
test_suite_debug.data Add mbedtls_debug_print_mpi test case for 0 2021-06-17 21:46:29 +02:00
test_suite_debug.function fix test_suite_debug test fail 2021-08-10 13:34:32 +08:00
test_suite_des.data Remove unused cryptography test files 2019-08-15 15:44:50 +01:00
test_suite_des.function tests: suites: Remove hex in name of variables of type data_t 2020-07-01 17:10:15 +02:00
test_suite_dhm.data Unify G=1 and G=-1 test cases 2021-06-22 12:47:21 +02:00
test_suite_dhm.function Use mbedtls_test_read_mpi in test suites 2021-06-22 12:44:05 +02:00
test_suite_ecdh.data Merge branch 'development' into Remove__CHECK_PARAMS_option 2021-06-07 15:41:49 +02:00
test_suite_ecdh.function Use mbedtls_test_read_mpi in test suites 2021-06-22 12:44:05 +02:00
test_suite_ecdsa.data Refactor optional parameter check tests 2021-05-27 17:27:14 +02:00
test_suite_ecdsa.function Add output size parameter to signature functions 2021-06-25 00:46:22 +02:00
test_suite_ecjpake.data ecjpake_zkp_read() now returns ...BAD_INPUT_DATA when r len == 0 and test follows that 2021-03-17 11:36:31 +01:00
test_suite_ecjpake.function Changes after code review 2021-05-27 17:34:14 +02:00
test_suite_ecp.data Add requested montgomery curve tests 2021-07-12 20:47:11 +05:30
test_suite_ecp.function Use mbedtls_test_read_mpi in test suites 2021-06-22 12:44:05 +02:00
test_suite_entropy.data Remove MBEDTLS_TEST_NULL_ENTROPY config option. 2021-05-11 13:15:19 +02:00
test_suite_entropy.function Merge remote-tracking branch 'origin/development' into development_new 2021-04-07 16:31:09 +01:00
test_suite_error.data
test_suite_error.function
test_suite_gcm.aes128_de.data Add GCM tests for empty ciphertext/plaintext and empty AD. 2021-06-23 14:30:15 +02:00
test_suite_gcm.aes128_en.data Add GCM tests for empty ciphertext/plaintext and empty AD. 2021-06-23 14:30:15 +02:00
test_suite_gcm.aes192_de.data Uniquify test case descriptions 2019-09-20 15:59:31 +02:00
test_suite_gcm.aes192_en.data Uniquify test case descriptions 2019-09-20 15:59:31 +02:00
test_suite_gcm.aes256_de.data Uniquify test case descriptions 2019-09-20 15:59:31 +02:00
test_suite_gcm.aes256_en.data Uniquify test case descriptions 2019-09-20 15:59:31 +02:00
test_suite_gcm.camellia.data Remove unused cryptography test files 2019-08-15 15:44:50 +01:00
test_suite_gcm.function Add output_length parameter to mbedtls_gcm_finish 2021-06-23 21:51:32 +02:00
test_suite_gcm.misc.data Removal of the TEST_VALID_PARAM macro and its usages 2021-05-27 17:35:04 +02:00
test_suite_hkdf.data Code review follow-up corrections 2021-06-16 10:34:45 +02:00
test_suite_hkdf.function Rename <pk/md/cipher>_internal.h to *_wrap.h 2021-03-10 12:52:37 +00:00
test_suite_hmac_drbg.function Support set *_drbg reseed interval before seed 2020-11-25 14:25:56 -08:00
test_suite_hmac_drbg.misc.data Fix SHA definitions and their dependencies in library and test suites. 2021-05-10 13:51:53 +02:00
test_suite_hmac_drbg.no_reseed.data Fix SHA definitions and their dependencies in library and test suites. 2021-05-10 13:51:53 +02:00
test_suite_hmac_drbg.nopr.data Separate SHA224 from SHA256 config options. 2021-04-28 14:38:37 +02:00
test_suite_hmac_drbg.pr.data Separate SHA224 from SHA256 config options. 2021-04-28 14:38:37 +02:00
test_suite_md.data Remove MD2, MD4, RC4, Blowfish and XTEA 2021-06-16 10:34:25 +02:00
test_suite_md.function tests: suites: Remove hex in name of variables of type data_t 2020-07-01 17:10:15 +02:00
test_suite_mdx.data Remove MD2, MD4, RC4, Blowfish and XTEA 2021-06-16 10:34:25 +02:00
test_suite_mdx.function Remove MD2, MD4, RC4, Blowfish and XTEA 2021-06-16 10:34:25 +02:00
test_suite_memory_buffer_alloc.data More accurate test case description 2019-10-31 15:07:35 +01:00
test_suite_memory_buffer_alloc.function Enable more test cases without MBEDTLS_MEMORY_DEBUG 2019-10-31 15:07:45 +01:00
test_suite_mpi.data Fix copypasta in test data 2021-06-22 12:47:21 +02:00
test_suite_mpi.function Fix copypasta in test function argument name 2021-06-22 12:47:21 +02:00
test_suite_mps.data Add unit test for integer overflow in mbedtls_mps_reader_reclaim() 2021-03-29 14:20:18 +01:00
test_suite_mps.function Update tests/suites/test_suite_mps.function 2021-03-29 14:20:18 +01:00
test_suite_net.data Add test for mbedtls_net_poll beyond FD_SETSIZE 2021-02-25 15:56:48 +01:00
test_suite_net.function Fix test code to can be built on alpine 2021-09-24 09:21:29 +09:00
test_suite_nist_kw.data Removal of RC4 certs and fixes to docs and tests 2021-06-21 13:27:29 +02:00
test_suite_nist_kw.function tests: Get rid of mbedtls_test_unhexify() in unit test code 2020-06-26 10:45:16 +02:00
test_suite_oid.data Fix SHA definitions and their dependencies in library and test suites. 2021-05-10 13:51:53 +02:00
test_suite_oid.function Rename MBEDTLS_X509_INFO to !MBEDTLS_X509_REMOVE_INFO 2021-04-27 17:18:52 +01:00
test_suite_pem.data Remove unused cryptography test files 2019-08-15 15:44:50 +01:00
test_suite_pem.function Remove unused cryptography test files 2019-08-15 15:44:50 +01:00
test_suite_pk.data Refactor optional parameter check tests 2021-05-27 17:27:14 +02:00
test_suite_pk.function Add output size parameter to signature functions 2021-06-25 00:46:22 +02:00
test_suite_pkcs1_v15.data Preparatory commit to remove tests 2021-05-12 15:18:20 +01:00
test_suite_pkcs1_v15.function Merge pull request #4707 from gilles-peskine-arm/require-matching-hashlen-rsa-implementation 2021-06-24 10:28:20 +02:00
test_suite_pkcs1_v21.data Separate SHA224 from SHA256 config options. 2021-04-28 14:38:37 +02:00
test_suite_pkcs1_v21.function RSA: Use hashlen as the hash input size as documented 2021-06-22 18:39:53 +02:00
test_suite_pkcs5.data Separate SHA224 from SHA256 config options. 2021-04-28 14:38:37 +02:00
test_suite_pkcs5.function tests: Reformating due to hexcmp() renaming 2020-06-12 14:33:08 +02:00
test_suite_pkparse.data Code review fixes 2021-06-18 12:59:38 +02:00
test_suite_pkparse.function Add RNG params to private key parsing 2021-06-17 09:38:38 +02:00
test_suite_pkwrite.data pk_write test cases with short/long private key 2019-11-05 15:32:53 +01:00
test_suite_pkwrite.function Add RNG params to private key parsing 2021-06-17 09:38:38 +02:00
test_suite_poly1305.data Refactor optional parameter check tests 2021-05-27 17:27:14 +02:00
test_suite_poly1305.function Refactor optional parameter check tests 2021-05-27 17:27:14 +02:00
test_suite_psa_crypto_attributes.data Update PSA crypto test dependencies 2021-03-24 09:26:44 +01:00
test_suite_psa_crypto_attributes.function tests: psa: Test PSA client-only code 2021-02-01 13:17:23 +01:00
test_suite_psa_crypto_driver_wrappers.data Unify multipart cipher operation tester functions 2021-06-29 19:55:24 +02:00
test_suite_psa_crypto_driver_wrappers.function Merge remote-tracking branch 'upstream/development' into psa-m-aead-merge 2021-09-24 11:18:13 +01:00
test_suite_psa_crypto_entropy.data tests: psa: Change Elliptic curve defines to PSA names 2021-03-10 13:19:45 -07:00
test_suite_psa_crypto_entropy.function Merge pull request #4344 from TRodziewicz/remove_deprecated_things_in_crypto_compat_h 2021-04-19 10:55:21 +02:00
test_suite_psa_crypto_hash.data Remove MD2, MD4, RC4, Blowfish and XTEA 2021-06-16 10:34:25 +02:00
test_suite_psa_crypto_hash.function Include psa_crypto_helpers.h in helpers.function 2021-01-06 18:21:18 +01:00
test_suite_psa_crypto_init.data CTR_DRBG: define a constant for the default entropy nonce length 2019-10-23 19:47:05 +02:00
test_suite_psa_crypto_init.function Move part of timing module out of the library 2021-06-15 15:47:44 +02:00
test_suite_psa_crypto_metadata.data Update metadata tests with the new IS_ALG_RSA_PSS_xxx_SALT predicates 2021-10-05 14:26:25 +02:00
test_suite_psa_crypto_metadata.function Update metadata tests with the new IS_ALG_RSA_PSS_xxx_SALT predicates 2021-10-05 14:26:25 +02:00
test_suite_psa_crypto_not_supported.function Fix test code under MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER 2021-02-17 14:58:29 +01:00
test_suite_psa_crypto_not_supported.misc.data New test suite for not-supported cases: key creation (import, generate) 2021-02-17 14:50:17 +01:00
test_suite_psa_crypto_persistent_key.data Add negative tests for psa_destroy_key 2021-06-23 13:43:08 +02:00
test_suite_psa_crypto_persistent_key.function Add negative tests for psa_destroy_key 2021-06-23 13:43:08 +02:00
test_suite_psa_crypto_se_driver_hal_mocks.data Update SE support to pass a location when registering a driver 2020-05-11 11:15:26 +02:00
test_suite_psa_crypto_se_driver_hal_mocks.function Include psa_crypto_helpers.h in helpers.function 2021-01-06 18:21:18 +01:00
test_suite_psa_crypto_se_driver_hal.data tests: psa: Fix expected error code 2021-04-01 14:54:50 +02:00
test_suite_psa_crypto_se_driver_hal.function Increment the test step number when invalidating a key 2021-02-23 20:36:07 +01:00
test_suite_psa_crypto_slot_management.data Remove dependency of builtin keys on storage 2021-08-17 02:46:00 +05:30
test_suite_psa_crypto_slot_management.function Rename function to conform to the library 2021-06-29 17:06:33 +02:00
test_suite_psa_crypto_storage_format.function Check that attempting to destroy a read-only key fails 2021-06-23 13:44:35 +02:00
test_suite_psa_crypto_storage_format.misc.data Remove obsolete MBEDTLS_xxx dependencies 2021-07-13 17:12:53 +02:00
test_suite_psa_crypto.data Test PSS verification with different salt lengths 2021-10-05 14:26:25 +02:00
test_suite_psa_crypto.function Remove ability to turn off chunked ad/data tests 2021-09-24 11:20:10 +01:00
test_suite_psa_its.data Update and add tests 2020-11-26 15:54:35 +01:00
test_suite_psa_its.function Fix potential buffer overflow in printf 2021-03-10 17:00:32 +00:00
test_suite_random.data Explain the "external RNG large" test case 2021-02-16 15:46:06 +01:00
test_suite_random.function Remove MBEDTLS_TEST_NULL_ENTROPY config option. 2021-05-11 13:15:19 +02:00
test_suite_rsa.data Add RSA tests with message=0 2021-06-22 12:47:21 +02:00
test_suite_rsa.function Fix potential free of uninitialised pointer 2021-06-25 11:17:12 +01:00
test_suite_shax.data Removal of the TEST_VALID_PARAM macro and its usages 2021-05-27 17:35:04 +02:00
test_suite_shax.function Rename the _ret() functions 2021-06-08 16:45:41 +02:00
test_suite_ssl.data Remove duplicated test from SSL test suite 2021-08-02 04:54:03 +01:00
test_suite_ssl.function Merge pull request #4248 from hanno-arm/tls13_populate_transform 2021-08-11 16:41:51 +01:00
test_suite_timing.data Move part of timing module out of the library 2021-06-15 15:47:44 +02:00
test_suite_timing.function Move part of timing module out of the library 2021-06-15 15:47:44 +02:00
test_suite_version.data Bump library version numbers 2021-06-30 23:09:51 +01:00
test_suite_version.function Fix GCC format-signedness warnings 2020-04-22 16:01:48 +02:00
test_suite_x509parse.data Code review fixes 2021-06-18 12:59:38 +02:00
test_suite_x509parse.function Remove MBEDTLS_X509_CHECK_*_KEY_USAGE options but enable the code 2021-06-07 13:52:23 +02:00
test_suite_x509write.data Remove MD2, MD4, RC4, Blowfish and XTEA 2021-06-16 10:34:25 +02:00
test_suite_x509write.function Use mbedtls_test_read_mpi in test suites 2021-06-22 12:44:05 +02:00