From a9e1d9953e0af59a257773b4b9ee9732f2e26bb3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?=
 <manuel.pegourie-gonnard@arm.com>
Date: Sat, 16 Jul 2022 07:52:42 +0200
Subject: [PATCH] Rm useless use of MD in PKCS#1v1.5 test functions
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

We had a message in the data file, and were computing its hash in the
test function. It is more efficient (and simpler when it comes to
dependencies) to directly have the message hash in the data file.

It was probably this way because some test vectors provide the message
for the sake of all-in-one implementation that hash-and-sign at once.
But our API gets a hash as the input and signs it. In unit tests, this
should be reflected in the signature of the test function, which should
take a hash as input.

The changes to the .data file were done using the following python
script:

import hashlib

suite = 'pkcs1_v15'

functions = {
        'pkcs1_rsassa_v15_sign': (10, 12),
        'pkcs1_rsassa_v15_verify': (6, 8),
}

def hash_ctx(s):
    if s == 'MBEDTLS_MD_MD5':
        return hashlib.md5()
    if s == 'MBEDTLS_MD_SHA1':
        return hashlib.sha1()
    if s == 'MBEDTLS_MD_SHA224':
        return hashlib.sha224()
    if s == 'MBEDTLS_MD_SHA256':
        return hashlib.sha256()
    if s == 'MBEDTLS_MD_SHA384':
        return hashlib.sha384()
    if s == 'MBEDTLS_MD_SHA512':
        return hashlib.sha512()

def fix(l):
    parts = l.rstrip().split(":")

    fun = parts[0]
    if fun not in functions:
        return l

    (alg_idx, msg_idx) = functions[fun]

    alg_str = parts[alg_idx]
    if alg_str == "MBEDTLS_MD_NONE":
        return l
    h = hash_ctx(alg_str)

    msg_str = parts[msg_idx]
    msg_hex = msg_str[1:-1]
    msg = bytes.fromhex(msg_hex)
    h.update(msg)
    msg_hash = h.hexdigest()
    msg_hash_str = '"' + msg_hash + '"'

    parts[msg_idx] = msg_hash_str
    return ":".join(parts) + '\n'

filename = 'tests/suites/test_suite_' + suite + '.data'
with open(filename) as f:
    lines = f.readlines()

lines = [fix(l) for l in lines]

with open(filename, 'w') as f:
    f.writelines(lines)

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
---
 tests/suites/test_suite_pkcs1_v15.data     |  4 ++--
 tests/suites/test_suite_pkcs1_v15.function | 17 ++---------------
 2 files changed, 4 insertions(+), 17 deletions(-)

diff --git a/tests/suites/test_suite_pkcs1_v15.data b/tests/suites/test_suite_pkcs1_v15.data
index d2b2218743..4aca0d385f 100644
--- a/tests/suites/test_suite_pkcs1_v15.data
+++ b/tests/suites/test_suite_pkcs1_v15.data
@@ -46,11 +46,11 @@ pkcs1_rsaes_v15_decrypt:1024:16:"eecfae81b1b9b3c908810b10a1b5600199eb9f44aef4fda
 
 RSASSA-V15 Signing Test Vector Int
 depends_on:MBEDTLS_SHA1_C
-pkcs1_rsassa_v15_sign:1024:16:"d17f655bf27c8b16d35462c905cc04a26f37e2a67fa9c0ce0dced472394a0df743fe7f929e378efdb368eddff453cf007af6d948e0ade757371f8a711e278f6b":16:"c6d92b6fee7414d1358ce1546fb62987530b90bd15e0f14963a5e2635adb69347ec0c01b2ab1763fd8ac1a592fb22757463a982425bb97a3a437c5bf86d03f2f":16:"a2ba40ee07e3b2bd2f02ce227f36a195024486e49c19cb41bbbdfbba98b22b0e577c2eeaffa20d883a76e65e394c69d4b3c05a1e8fadda27edb2a42bc000fe888b9b32c22d15add0cd76b3e7936e19955b220dd17d4ea904b1ec102b2e4de7751222aa99151024c7cb41cc5ea21d00eeb41f7c800834d2c6e06bce3bce7ea9a5":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"859eef2fd78aca00308bdc471193bf55bf9d78db8f8a672b484634f3c9c26e6478ae10260fe0dd8c082e53a5293af2173cd50c6d5d354febf78b26021c25c02712e78cd4694c9f469777e451e7f8e9e04cd3739c6bbfedae487fb55644e9ca74ff77a53cb729802f6ed4a5ffa8ba159890fc":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"2154f928615e5101fcdeb57bc08fc2f35c3d5996403861ae3efb1d0712f8bb05cc21f7f5f11f62e5b6ea9f0f2b62180e5cbe7ba535032d6ac8068fff7f362f73d2c3bf5eca6062a1723d7cfd5abb6dcf7e405f2dc560ffe6fc37d38bee4dc9e24fe2bece3e3b4a3f032701d3f0947b42930083dd4ad241b3309b514595482d42":0
+pkcs1_rsassa_v15_sign:1024:16:"d17f655bf27c8b16d35462c905cc04a26f37e2a67fa9c0ce0dced472394a0df743fe7f929e378efdb368eddff453cf007af6d948e0ade757371f8a711e278f6b":16:"c6d92b6fee7414d1358ce1546fb62987530b90bd15e0f14963a5e2635adb69347ec0c01b2ab1763fd8ac1a592fb22757463a982425bb97a3a437c5bf86d03f2f":16:"a2ba40ee07e3b2bd2f02ce227f36a195024486e49c19cb41bbbdfbba98b22b0e577c2eeaffa20d883a76e65e394c69d4b3c05a1e8fadda27edb2a42bc000fe888b9b32c22d15add0cd76b3e7936e19955b220dd17d4ea904b1ec102b2e4de7751222aa99151024c7cb41cc5ea21d00eeb41f7c800834d2c6e06bce3bce7ea9a5":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"37b66ae0445843353d47ecb0b4fd14c110e62d6a":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"2154f928615e5101fcdeb57bc08fc2f35c3d5996403861ae3efb1d0712f8bb05cc21f7f5f11f62e5b6ea9f0f2b62180e5cbe7ba535032d6ac8068fff7f362f73d2c3bf5eca6062a1723d7cfd5abb6dcf7e405f2dc560ffe6fc37d38bee4dc9e24fe2bece3e3b4a3f032701d3f0947b42930083dd4ad241b3309b514595482d42":0
 
 RSASSA-V15 Verification Test Vector Int
 depends_on:MBEDTLS_SHA1_C
-pkcs1_rsassa_v15_verify:1024:16:"a2ba40ee07e3b2bd2f02ce227f36a195024486e49c19cb41bbbdfbba98b22b0e577c2eeaffa20d883a76e65e394c69d4b3c05a1e8fadda27edb2a42bc000fe888b9b32c22d15add0cd76b3e7936e19955b220dd17d4ea904b1ec102b2e4de7751222aa99151024c7cb41cc5ea21d00eeb41f7c800834d2c6e06bce3bce7ea9a5":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"859eef2fd78aca00308bdc471193bf55bf9d78db8f8a672b484634f3c9c26e6478ae10260fe0dd8c082e53a5293af2173cd50c6d5d354febf78b26021c25c02712e78cd4694c9f469777e451e7f8e9e04cd3739c6bbfedae487fb55644e9ca74ff77a53cb729802f6ed4a5ffa8ba159890fc":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"2154f928615e5101fcdeb57bc08fc2f35c3d5996403861ae3efb1d0712f8bb05cc21f7f5f11f62e5b6ea9f0f2b62180e5cbe7ba535032d6ac8068fff7f362f73d2c3bf5eca6062a1723d7cfd5abb6dcf7e405f2dc560ffe6fc37d38bee4dc9e24fe2bece3e3b4a3f032701d3f0947b42930083dd4ad241b3309b514595482d42":0
+pkcs1_rsassa_v15_verify:1024:16:"a2ba40ee07e3b2bd2f02ce227f36a195024486e49c19cb41bbbdfbba98b22b0e577c2eeaffa20d883a76e65e394c69d4b3c05a1e8fadda27edb2a42bc000fe888b9b32c22d15add0cd76b3e7936e19955b220dd17d4ea904b1ec102b2e4de7751222aa99151024c7cb41cc5ea21d00eeb41f7c800834d2c6e06bce3bce7ea9a5":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"37b66ae0445843353d47ecb0b4fd14c110e62d6a":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"2154f928615e5101fcdeb57bc08fc2f35c3d5996403861ae3efb1d0712f8bb05cc21f7f5f11f62e5b6ea9f0f2b62180e5cbe7ba535032d6ac8068fff7f362f73d2c3bf5eca6062a1723d7cfd5abb6dcf7e405f2dc560ffe6fc37d38bee4dc9e24fe2bece3e3b4a3f032701d3f0947b42930083dd4ad241b3309b514595482d42":0
 
 RSAES-V15 decoding: good, payload=max, tight output buffer
 pkcs1_v15_decode:"0002505152535455565700":117:117:0
diff --git a/tests/suites/test_suite_pkcs1_v15.function b/tests/suites/test_suite_pkcs1_v15.function
index 0bd3f81a0a..82842af133 100644
--- a/tests/suites/test_suite_pkcs1_v15.function
+++ b/tests/suites/test_suite_pkcs1_v15.function
@@ -270,8 +270,6 @@ void pkcs1_rsassa_v15_sign( int mod, int radix_P, char * input_P, int radix_Q,
                             data_t * message_str, data_t * rnd_buf,
                             data_t * result_str, int result )
 {
-    unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
-    const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( digest );
     unsigned char output[128];
     mbedtls_rsa_context ctx;
     mbedtls_mpi N, P, Q, E;
@@ -288,7 +286,6 @@ void pkcs1_rsassa_v15_sign( int mod, int radix_P, char * input_P, int radix_Q,
     TEST_ASSERT( mbedtls_rsa_set_padding( &ctx,
                                           MBEDTLS_RSA_PKCS_V15, hash ) == 0 );
 
-    memset( hash_result, 0x00, sizeof( hash_result ) );
     memset( output, 0x00, sizeof( output ) );
 
     TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
@@ -301,12 +298,9 @@ void pkcs1_rsassa_v15_sign( int mod, int radix_P, char * input_P, int radix_Q,
     TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
     TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
 
-    if( md_info != NULL )
-        TEST_ASSERT( mbedtls_md( md_info, message_str->x, message_str->len, hash_result ) == 0 );
-
     TEST_ASSERT( mbedtls_rsa_pkcs1_sign(
                      &ctx, &mbedtls_test_rnd_buffer_rand, &info,
-                     digest, mbedtls_md_get_size( md_info ), hash_result,
+                     digest, message_str->len, message_str->x,
                      output ) == result );
     if( result == 0 )
     {
@@ -328,8 +322,6 @@ void pkcs1_rsassa_v15_verify( int mod, int radix_N, char * input_N,
                               int hash, data_t * message_str, char * salt,
                               data_t * result_str, int result )
 {
-    unsigned char hash_result[MBEDTLS_MD_MAX_SIZE];
-    const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( digest );
     mbedtls_rsa_context ctx;
     mbedtls_mpi N, E;
     ((void) salt);
@@ -338,7 +330,6 @@ void pkcs1_rsassa_v15_verify( int mod, int radix_N, char * input_N,
     mbedtls_rsa_init( &ctx );
     TEST_ASSERT( mbedtls_rsa_set_padding( &ctx,
                                           MBEDTLS_RSA_PKCS_V15, hash ) == 0 );
-    memset( hash_result, 0x00, sizeof( hash_result ) );
 
     TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
     TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
@@ -346,11 +337,7 @@ void pkcs1_rsassa_v15_verify( int mod, int radix_N, char * input_N,
     TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
     TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
 
-
-    if( md_info != NULL )
-        TEST_ASSERT( mbedtls_md( md_info, message_str->x, message_str->len, hash_result ) == 0 );
-
-    TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, digest, mbedtls_md_get_size( md_info ), hash_result, result_str->x ) == result );
+    TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, digest, message_str->len, message_str->x, result_str->x ) == result );
 
 exit:
     mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E );