mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-03-18 19:20:50 +00:00
test_suite_pk: test also RSA keys with PKCS1 v2.1 padding mode in pk_psa_sign()
Previously only only PKCS1 v1.5 was tested. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This commit is contained in:
Valerio Setti
parent
4f3262de2d
commit
aa9cc49879
@ -648,44 +648,48 @@ pk_sign_verify_restart:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75
|
||||
|
||||
PSA wrapped sign: SECP256R1
|
||||
depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256R1
|
||||
pk_psa_sign:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256
|
||||
pk_psa_sign:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:0
|
||||
|
||||
PSA wrapped sign: SECP384R1
|
||||
depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP384R1
|
||||
pk_psa_sign:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384
|
||||
pk_psa_sign:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:0
|
||||
|
||||
PSA wrapped sign: SECP521R1
|
||||
depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP521R1
|
||||
pk_psa_sign:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521
|
||||
pk_psa_sign:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:0
|
||||
|
||||
PSA wrapped sign: SECP192K1
|
||||
depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP192K1
|
||||
pk_psa_sign:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192
|
||||
pk_psa_sign:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:0
|
||||
|
||||
## Currently buggy: https://github.com/ARMmbed/mbed-crypto/issues/336
|
||||
# PSA wrapped sign: SECP224K1
|
||||
# depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP224K1
|
||||
# pk_psa_sign:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224
|
||||
# pk_psa_sign:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:0
|
||||
|
||||
PSA wrapped sign: SECP256K1
|
||||
depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_SECP256K1
|
||||
pk_psa_sign:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256
|
||||
pk_psa_sign:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:0
|
||||
|
||||
PSA wrapped sign: BP256R1
|
||||
depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_BP256R1
|
||||
pk_psa_sign:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256
|
||||
pk_psa_sign:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:0
|
||||
|
||||
PSA wrapped sign: BP384R1
|
||||
depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_BP384R1
|
||||
pk_psa_sign:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384
|
||||
pk_psa_sign:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:0
|
||||
|
||||
PSA wrapped sign: BP512R1
|
||||
depends_on:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_ECP_HAVE_BP512R1
|
||||
pk_psa_sign:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512
|
||||
pk_psa_sign:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:0
|
||||
|
||||
PSA wrapped sign: RSA PKCS1 v1.5
|
||||
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_GENPRIME
|
||||
pk_psa_sign:PSA_KEY_TYPE_RSA_KEY_PAIR:1024
|
||||
pk_psa_sign:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:MBEDTLS_RSA_PKCS_V15
|
||||
|
||||
PSA wrapped sign: RSA PKCS1 v2.1
|
||||
depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_GENPRIME
|
||||
pk_psa_sign:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:MBEDTLS_RSA_PKCS_V21
|
||||
|
||||
PK sign ext: RSA2048, PK_RSA, MD_SHA256
|
||||
depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C:MBEDTLS_RSA_GEN_KEY_MIN_BITS <= 2048
|
||||
|
||||
@ -1817,7 +1817,7 @@ exit:
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_PK_PSA_SIGN */
|
||||
void pk_psa_sign(int psa_type, int bits)
|
||||
void pk_psa_sign(int psa_type, int bits, int rsa_padding)
|
||||
{
|
||||
mbedtls_pk_context pk;
|
||||
unsigned char hash[32];
|
||||
@ -1851,6 +1851,7 @@ void pk_psa_sign(int psa_type, int bits)
|
||||
mbedtls_pk_info_from_type(MBEDTLS_PK_RSA)) == 0);
|
||||
TEST_ASSERT(mbedtls_rsa_gen_key(mbedtls_pk_rsa(pk), mbedtls_test_rnd_std_rand, NULL,
|
||||
bits, 3) == 0);
|
||||
TEST_EQUAL(mbedtls_rsa_set_padding(mbedtls_pk_rsa(pk), rsa_padding, MBEDTLS_MD_NONE), 0);
|
||||
} else
|
||||
#endif /* MBEDTLS_RSA_C && MBEDTLS_GENPRIME */
|
||||
#if defined(MBEDTLS_PK_CAN_ECDSA_SIGN)
|
||||
@ -1861,6 +1862,7 @@ void pk_psa_sign(int psa_type, int bits)
|
||||
} else
|
||||
#endif /* MBEDTLS_PK_CAN_ECDSA_SIGN */
|
||||
{
|
||||
(void) rsa_padding;
|
||||
TEST_ASSUME(!"Opaque PK key not supported in this configuration");
|
||||
}
|
||||
|
||||
@ -1960,6 +1962,11 @@ void pk_psa_sign(int psa_type, int bits)
|
||||
legacy_pub_key_len), 0);
|
||||
}
|
||||
#endif
|
||||
#if defined(MBEDTLS_RSA_C)
|
||||
if (PSA_KEY_TYPE_IS_RSA(psa_type)) {
|
||||
TEST_EQUAL(mbedtls_rsa_set_padding(mbedtls_pk_rsa(pk), rsa_padding, MBEDTLS_MD_NONE), 0);
|
||||
}
|
||||
#endif /* MBEDTLS_RSA_C */
|
||||
TEST_ASSERT(mbedtls_pk_verify(&pk, MBEDTLS_MD_SHA256,
|
||||
hash, sizeof(hash), sig, sig_len) == 0);
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user