From b4fae579e8fd72b5e57864d28b5b2c07bad5ce27 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 20 Jan 2014 11:22:25 +0100 Subject: [PATCH] Add pk_rsa_set_padding() and rsa_set_padding() --- include/polarssl/pk.h | 22 +++++++++++++++++- include/polarssl/rsa.h | 19 +++++++++++++++- library/pk.c | 14 ++++++++++++ library/rsa.c | 11 +++++++++ tests/suites/test_suite_pk.data | 18 ++++++++++----- tests/suites/test_suite_pk.function | 35 ++++++++++++++++++++++++----- 6 files changed, 106 insertions(+), 13 deletions(-) diff --git a/include/polarssl/pk.h b/include/polarssl/pk.h index 013d9736a..8b844714e 100644 --- a/include/polarssl/pk.h +++ b/include/polarssl/pk.h @@ -222,11 +222,31 @@ void pk_free( pk_context *ctx ); * POLARSSL_ERR_PK_BAD_INPUT_DATA on invalid input, * POLARSSL_ERR_PK_MALLOC_FAILED on allocation failure. * - * \note For contexts holding an RSA-alt key, use + * \note For RSA contexts, padding defaults to PKCS_V15. + * Use pk_rsa_set_padding() to change it. + * + * \note To create a context holding an RSA-alt key, use * \c pk_init_ctx_rsa_alt() instead. */ int pk_init_ctx( pk_context *ctx, const pk_info_t *info ); +#if defined(POLARSSL_RSA_C) +/** + * \brief Set the padding method for an RSA key + * + * Note: Set padding to RSA_PKCS_V21 for the RSAES-OAEP + * encryption scheme and the RSASSA-PSS signature scheme. + * + * \param ctx PK context to be set + * \param padding RSA_PKCS_V15 or RSA_PKCS_V21 + * \param hash_id RSA_PKCS_V21 hash identifier + * + * \note The hash_id parameter is actually ignored + * when using RSA_PKCS_V15 padding. + */ +int pk_rsa_set_padding( pk_context *ctx, int padding, int hash_id ); +#endif /* POLARSSL_RSA_C */ + /** * \brief Initialize an RSA-alt context * diff --git a/include/polarssl/rsa.h b/include/polarssl/rsa.h index 504dde24d..47315a32a 100644 --- a/include/polarssl/rsa.h +++ b/include/polarssl/rsa.h @@ -125,7 +125,24 @@ rsa_context; */ void rsa_init( rsa_context *ctx, int padding, - int hash_id); + int hash_id ); + +/** + * \brief Set the padding method on an initilized RSA context. + * + * Note: Set padding to RSA_PKCS_V21 for the RSAES-OAEP + * encryption scheme and the RSASSA-PSS signature scheme. + * + * \param ctx RSA context to be set + * \param padding RSA_PKCS_V15 or RSA_PKCS_V21 + * \param hash_id RSA_PKCS_V21 hash identifier + * + * \note The hash_id parameter is actually ignored + * when using RSA_PKCS_V15 padding. + */ +void rsa_set_padding( rsa_context *ctx, + int padding, + int hash_id ); /** * \brief Generate an RSA keypair diff --git a/library/pk.c b/library/pk.c index 80eccc911..d1bd2158b 100644 --- a/library/pk.c +++ b/library/pk.c @@ -108,6 +108,20 @@ int pk_init_ctx( pk_context *ctx, const pk_info_t *info ) return( 0 ); } +/* + * Set RSA padding + */ +int pk_rsa_set_padding( pk_context *ctx, int padding, int hash_id ) +{ + if( ctx == NULL || ctx->pk_info == NULL || + ctx->pk_info->type != POLARSSL_PK_RSA ) + return( POLARSSL_ERR_PK_BAD_INPUT_DATA ); + + rsa_set_padding( pk_rsa( *ctx ), padding, hash_id ); + + return( 0 ); +} + /* * Initialize an RSA-alt context */ diff --git a/library/rsa.c b/library/rsa.c index 8ec7aabb0..75cae7ec9 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -60,6 +60,17 @@ void rsa_init( rsa_context *ctx, #endif } +/* + * Set padding method after initialisation + */ +void rsa_set_padding( rsa_context *ctx, + int padding, + int hash_id) +{ + ctx->padding = padding; + ctx->hash_id = hash_id; +} + #if defined(POLARSSL_GENPRIME) /* diff --git a/tests/suites/test_suite_pk.data b/tests/suites/test_suite_pk.data index e07495a41..e7a52afb5 100644 --- a/tests/suites/test_suite_pk.data +++ b/tests/suites/test_suite_pk.data @@ -14,13 +14,21 @@ PK utils: ECDSA depends_on:POLARSSL_ECDSA_C:POLARSSL_ECP_DP_SECP192R1_ENABLED pk_utils:POLARSSL_PK_ECDSA:192:24:"ECDSA" -RSA verify test vector #1 (good) -depends_on:POLARSSL_SHA1_C:POLARSSL_PKCS1_V15 -pk_rsa_verify_test_vec:"206ef4bf396c6087f8229ef196fd35f37ccb8de5efcdb238f20d556668f114257a11fbe038464a67830378e62ae9791453953dac1dbd7921837ba98e84e856eb80ed9487e656d0b20c28c8ba5e35db1abbed83ed1c7720a97701f709e3547a4bfcabca9c89c57ad15c3996577a0ae36d7c7b699035242f37954646c1cd5c08ac":POLARSSL_MD_SHA1:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"5abc01f5de25b70867ff0c24e222c61f53c88daf42586fddcd56f3c4588f074be3c328056c063388688b6385a8167957c6e5355a510e005b8a851d69c96b36ec6036644078210e5d7d326f96365ee0648882921492bc7b753eb9c26cdbab37555f210df2ca6fec1b25b463d38b81c0dcea202022b04af5da58aa03d77be949b7":0 +PK RSA padding: RSA (ok) +depends_on:POLARSSL_RSA_C +pk_set_rsa_padding:POLARSSL_PK_RSA:RSA_PKCS_V21:POLARSSL_MD_SHA512:0 -RSA verify test vector #2 (bad) +PK RSA padding: ECKEY (error) +depends_on:POLARSSL_ECP_C +pk_set_rsa_padding:POLARSSL_PK_ECKEY:RSA_PKCS_V21:POLARSSL_MD_SHA512:POLARSSL_ERR_PK_BAD_INPUT_DATA + +RSA verify test vector #1 (v1.5, good) depends_on:POLARSSL_SHA1_C:POLARSSL_PKCS1_V15 -pk_rsa_verify_test_vec:"d6248c3e96b1a7e5fea978870fcc4c9786b4e5156e16b7faef4557d667f730b8bc4c784ef00c624df5309513c3a5de8ca94c2152e0459618666d3148092562ebc256ffca45b27fd2d63c68bd5e0a0aefbe496e9e63838a361b1db6fc272464f191490bf9c029643c49d2d9cd08833b8a70b4b3431f56fb1eb55ccd39e77a9c92":POLARSSL_MD_SHA1:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"3203b7647fb7e345aa457681e5131777f1adc371f2fba8534928c4e52ef6206a856425d6269352ecbf64db2f6ad82397768cafdd8cd272e512d617ad67992226da6bc291c31404c17fd4b7e2beb20eff284a44f4d7af47fd6629e2c95809fa7f2241a04f70ac70d3271bb13258af1ed5c5988c95df7fa26603515791075feccd":POLARSSL_ERR_RSA_VERIFY_FAILED +pk_rsa_verify_test_vec:"206ef4bf396c6087f8229ef196fd35f37ccb8de5efcdb238f20d556668f114257a11fbe038464a67830378e62ae9791453953dac1dbd7921837ba98e84e856eb80ed9487e656d0b20c28c8ba5e35db1abbed83ed1c7720a97701f709e3547a4bfcabca9c89c57ad15c3996577a0ae36d7c7b699035242f37954646c1cd5c08ac":POLARSSL_MD_SHA1:RSA_PKCS_V15:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"5abc01f5de25b70867ff0c24e222c61f53c88daf42586fddcd56f3c4588f074be3c328056c063388688b6385a8167957c6e5355a510e005b8a851d69c96b36ec6036644078210e5d7d326f96365ee0648882921492bc7b753eb9c26cdbab37555f210df2ca6fec1b25b463d38b81c0dcea202022b04af5da58aa03d77be949b7":0 + +RSA verify test vector #2 (v1.5 bad) +depends_on:POLARSSL_SHA1_C:POLARSSL_PKCS1_V15 +pk_rsa_verify_test_vec:"d6248c3e96b1a7e5fea978870fcc4c9786b4e5156e16b7faef4557d667f730b8bc4c784ef00c624df5309513c3a5de8ca94c2152e0459618666d3148092562ebc256ffca45b27fd2d63c68bd5e0a0aefbe496e9e63838a361b1db6fc272464f191490bf9c029643c49d2d9cd08833b8a70b4b3431f56fb1eb55ccd39e77a9c92":POLARSSL_MD_SHA1:RSA_PKCS_V15:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"3203b7647fb7e345aa457681e5131777f1adc371f2fba8534928c4e52ef6206a856425d6269352ecbf64db2f6ad82397768cafdd8cd272e512d617ad67992226da6bc291c31404c17fd4b7e2beb20eff284a44f4d7af47fd6629e2c95809fa7f2241a04f70ac70d3271bb13258af1ed5c5988c95df7fa26603515791075feccd":POLARSSL_ERR_RSA_VERIFY_FAILED ECDSA verify test vector #1 (good) depends_on:POLARSSL_ECP_DP_SECP192R1_ENABLED diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 85cdb7498..55a866321 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -54,15 +54,33 @@ void pk_utils( int type, int size, int len, char *name ) } /* END_CASE */ +/* BEGIN_CASE */ +void pk_set_rsa_padding( int type, int padding, int hash_id, int ret ) +{ + pk_context pk; + unsigned char hash[50], sig[5000]; + size_t sig_len; + + pk_init( &pk ); + + memset( hash, 0x2a, sizeof hash ); + memset( sig, 0, sizeof sig ); + + TEST_ASSERT( pk_init_ctx( &pk, pk_info_from_type( type ) ) == 0 ); + TEST_ASSERT( pk_rsa_set_padding( &pk, padding, hash_id ) == ret ); + + pk_free( &pk ); +} +/* END_CASE */ + /* BEGIN_CASE depends_on:POLARSSL_RSA_C */ -void pk_rsa_verify_test_vec( char *message_hex_string, int digest, +void pk_rsa_verify_test_vec( char *message_hex_string, int digest, int scheme, int mod, int radix_N, char *input_N, int radix_E, char *input_E, char *result_hex_str, int result ) { unsigned char message_str[1000]; unsigned char hash_result[1000]; unsigned char result_str[1000]; - rsa_context *rsa; pk_context pk; int msg_len; @@ -73,11 +91,16 @@ void pk_rsa_verify_test_vec( char *message_hex_string, int digest, memset( result_str, 0x00, 1000 ); TEST_ASSERT( pk_init_ctx( &pk, pk_info_from_type( POLARSSL_PK_RSA ) ) == 0 ); - rsa = pk_rsa( pk ); + TEST_ASSERT( pk_rsa_set_padding( &pk, scheme, digest ) == 0 ); - rsa->len = mod / 8; - TEST_ASSERT( mpi_read_string( &rsa->N, radix_N, input_N ) == 0 ); - TEST_ASSERT( mpi_read_string( &rsa->E, radix_E, input_E ) == 0 ); + /* Set RSA key manually */ + { + rsa_context *rsa = pk_rsa( pk ); + + rsa->len = mod / 8; + TEST_ASSERT( mpi_read_string( &rsa->N, radix_N, input_N ) == 0 ); + TEST_ASSERT( mpi_read_string( &rsa->E, radix_E, input_E ) == 0 ); + } msg_len = unhexify( message_str, message_hex_string ); unhexify( result_str, result_hex_str );