RT 3493: fix RSA test
- Pass in the right ciphertext length to ensure we're indeed testing
ciphertext corruption (and not truncation).
- Only test one mutation per byte to not make the test too slow.
- Add a separate test for truncated ciphertexts.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit 25d6b3401c
)
This commit is contained in:
parent
5425917406
commit
5f623eb616
1 changed files with 20 additions and 12 deletions
|
@ -297,22 +297,30 @@ int main(int argc, char *argv[])
|
|||
} else
|
||||
printf("OAEP encryption/decryption ok\n");
|
||||
|
||||
/* Try decrypting corrupted ciphertexts */
|
||||
/* Try decrypting corrupted ciphertexts. */
|
||||
for (n = 0; n < clen; ++n) {
|
||||
int b;
|
||||
unsigned char saved = ctext[n];
|
||||
for (b = 0; b < 256; ++b) {
|
||||
if (b == saved)
|
||||
continue;
|
||||
ctext[n] = b;
|
||||
num = RSA_private_decrypt(num, ctext, ptext, key,
|
||||
ctext[n] ^= 1;
|
||||
num = RSA_private_decrypt(clen, ctext, ptext, key,
|
||||
RSA_PKCS1_OAEP_PADDING);
|
||||
if (num > 0) {
|
||||
printf("Corrupt data decrypted!\n");
|
||||
err = 1;
|
||||
}
|
||||
if (num > 0) {
|
||||
printf("Corrupt data decrypted!\n");
|
||||
err = 1;
|
||||
break;
|
||||
}
|
||||
ctext[n] ^= 1;
|
||||
}
|
||||
|
||||
/* Test truncated ciphertexts, as well as negative length. */
|
||||
for (n = -1; n < clen; ++n) {
|
||||
num = RSA_private_decrypt(n, ctext, ptext, key,
|
||||
RSA_PKCS1_OAEP_PADDING);
|
||||
if (num > 0) {
|
||||
printf("Truncated data decrypted!\n");
|
||||
err = 1;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
next:
|
||||
RSA_free(key);
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue