From 3c441c2eb7688837ca2884f2be0c0abd1095abb5 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Mon, 16 Jan 2017 18:07:54 +0000 Subject: [PATCH] additional PSS tests for -1 and invalid salt length Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/2236) --- test/evptests.txt | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/test/evptests.txt b/test/evptests.txt index 095aced25e..566b2f0e8d 100644 --- a/test/evptests.txt +++ b/test/evptests.txt @@ -3024,6 +3024,18 @@ yrPkBkm5hXeGnaDqcYNT8HInVIhpE2SHYNEivmduD8SD3SD/wxvalqMZZsmqLnWt A95H4cRPAgMBAAE= -----END PUBLIC KEY----- +# Key with minimum salt length exceeding maximum permitted value +PublicKey = RSA-PSS-BAD2 +-----BEGIN PUBLIC KEY----- +MIIBKDATBgkqhkiG9w0BAQowBqIEAgIBAAOCAQ8AMIIBCgKCAQEAzQCB6nsq4eoG +1Z98c9n/uUoJYVwuS6fGNs7wjdNTPsMYVSWwFcdpuZp31nJb+cNTKptuX2Yn1fuF +Fgdo092py9NZdFEXF9w9MJ0vxH7kH5fjKtt/ndhkocR2emZuzXG8Gqz151F/SzhZ +T+qbBeQtWtqZEgCAE+RTFqTZu47QhriNKHWLrK+SLUaoaLSF0jnJuusOK2RZJxD0 +Ky0eoKS0gCwL7Ksyj4posAc721Rv7qmAnShJkSs5DBUyvH4px2WPgXX65G80My/4 +e8qz5AZJuYV3hp2g6nGDU/ByJ1SIaRNkh2DRIr5nbg/Eg90g/8Mb2pajGWbJqi51 +rQPeR+HETwIDAQAB +-----END PUBLIC KEY----- + # Verify using default parameters Verify = RSA-PSS-DEFAULT Input="0123456789ABCDEF0123" @@ -3037,6 +3049,14 @@ Ctrl = digest:sha1 Input="0123456789ABCDEF0123" Output = 3EFE09D88509027D837BFA5F8471CF7B69E6DF395DD999BB9CA42021F15722D9AC76670507C6BCFB73F64FB2211B611B8F140E76EBDB064BD762FDBA89D019E304A0D6B274E1C2FE1DF50005598A0306AF805416094E2A5BA60BC72BDE38CE061E853ED40F14967A8B9CA4DC739B462F89558F12FDF2D8D19FBEF16AD66FE2DDDA8BEE983ECBD873064244849D8D94B5B33F45E076871A47ED653E73257A2BE2DB3C0878094B0D2B6B682C8007DFD989425FB39A1FEEC9EED5876414601A49176EC344F5E3EDEE81CA2DDD29B7364F4638112CB3A547E2BC170E28CB66BDABE863754BE8AD5BA230567B575266F4B6B4CF81F28310ABF05351CC9E2DB85D00BF +# Verify using default parameters, explicitly setting parameters -1 salt length +Verify = RSA-PSS-DEFAULT +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_pss_saltlen:-1 +Ctrl = digest:sha1 +Input="0123456789ABCDEF0123" +Output = 3EFE09D88509027D837BFA5F8471CF7B69E6DF395DD999BB9CA42021F15722D9AC76670507C6BCFB73F64FB2211B611B8F140E76EBDB064BD762FDBA89D019E304A0D6B274E1C2FE1DF50005598A0306AF805416094E2A5BA60BC72BDE38CE061E853ED40F14967A8B9CA4DC739B462F89558F12FDF2D8D19FBEF16AD66FE2DDDA8BEE983ECBD873064244849D8D94B5B33F45E076871A47ED653E73257A2BE2DB3C0878094B0D2B6B682C8007DFD989425FB39A1FEEC9EED5876414601A49176EC344F5E3EDEE81CA2DDD29B7364F4638112CB3A547E2BC170E28CB66BDABE863754BE8AD5BA230567B575266F4B6B4CF81F28310ABF05351CC9E2DB85D00BF + # Verify using salt length larger than minimum Verify = RSA-PSS-DEFAULT Ctrl = rsa_pss_saltlen:30 @@ -3070,6 +3090,12 @@ Result = KEYOP_INIT_ERROR Function = rsa_pss_get_param Reason = invalid salt length +# Invalid key: rejected when we try to init +Verify = RSA-PSS-BAD2 +Result = KEYOP_INIT_ERROR +Function = pkey_pss_init +Reason = invalid salt length + # scrypt tests from draft-josefsson-scrypt-kdf-03 PBE = scrypt Password = ""