Add pk_rsa_set_padding() and rsa_set_padding()

2024-11-24 15:18:06 +00:00 · 2014-01-20 11:22:25 +01:00 · 2014-01-20 11:22:25 +01:00 · b4fae579e8
commit b4fae579e8
parent 7c59363a85
6 changed files with 106 additions and 13 deletions
--- a/include/polarssl/pk.h
+++ b/include/polarssl/pk.h
@ -222,11 +222,31 @@ void pk_free( pk_context *ctx );
 *                  POLARSSL_ERR_PK_BAD_INPUT_DATA on invalid input,
 *                  POLARSSL_ERR_PK_MALLOC_FAILED on allocation failure.
 *
- * \note            For contexts holding an RSA-alt key, use
+ * \note            For RSA contexts, padding defaults to PKCS_V15.
+ *                  Use pk_rsa_set_padding() to change it.
+ *
+ * \note            To create a context holding an RSA-alt key, use
 *                  \c pk_init_ctx_rsa_alt() instead.
 */
 int pk_init_ctx( pk_context *ctx, const pk_info_t *info );

+#if defined(POLARSSL_RSA_C)
+/**
+ * \brief          Set the padding method for an RSA key
+ *
+ *                 Note: Set padding to RSA_PKCS_V21 for the RSAES-OAEP
+ *                 encryption scheme and the RSASSA-PSS signature scheme.
+ *
+ * \param ctx      PK context to be set
+ * \param padding  RSA_PKCS_V15 or RSA_PKCS_V21
+ * \param hash_id  RSA_PKCS_V21 hash identifier
+ *
+ * \note           The hash_id parameter is actually ignored
+ *                 when using RSA_PKCS_V15 padding.
+ */
+int pk_rsa_set_padding( pk_context *ctx, int padding, int hash_id );
+#endif /* POLARSSL_RSA_C */
+
 /**
 * \brief           Initialize an RSA-alt context
 *
--- a/include/polarssl/rsa.h
+++ b/include/polarssl/rsa.h
@ -127,6 +127,23 @@ void rsa_init( rsa_context *ctx,
               int padding,
               int hash_id );

+/**
+ * \brief          Set the padding method on an initilized RSA context.
+ *
+ *                 Note: Set padding to RSA_PKCS_V21 for the RSAES-OAEP
+ *                 encryption scheme and the RSASSA-PSS signature scheme.
+ *
+ * \param ctx      RSA context to be set
+ * \param padding  RSA_PKCS_V15 or RSA_PKCS_V21
+ * \param hash_id  RSA_PKCS_V21 hash identifier
+ *
+ * \note           The hash_id parameter is actually ignored
+ *                 when using RSA_PKCS_V15 padding.
+ */
+void rsa_set_padding( rsa_context *ctx,
+                      int padding,
+                      int hash_id );
+
 /**
 * \brief          Generate an RSA keypair
 *
--- a/library/pk.c
+++ b/library/pk.c
@ -108,6 +108,20 @@ int pk_init_ctx( pk_context *ctx, const pk_info_t *info )
    return( 0 );
 }

+/*
+ * Set RSA padding
+ */
+int pk_rsa_set_padding( pk_context *ctx, int padding, int hash_id )
+{
+    if( ctx == NULL || ctx->pk_info == NULL ||
+        ctx->pk_info->type != POLARSSL_PK_RSA )
+        return( POLARSSL_ERR_PK_BAD_INPUT_DATA );
+
+    rsa_set_padding( pk_rsa( *ctx ), padding, hash_id );
+
+    return( 0 );
+}
+
 /*
 * Initialize an RSA-alt context
 */
--- a/library/rsa.c
+++ b/library/rsa.c
@ -60,6 +60,17 @@ void rsa_init( rsa_context *ctx,
 #endif
 }

+/*
+ * Set padding method after initialisation
+ */
+void rsa_set_padding( rsa_context *ctx,
+                      int padding,
+                      int hash_id)
+{
+    ctx->padding = padding;
+    ctx->hash_id = hash_id;
+}
+
 #if defined(POLARSSL_GENPRIME)

 /*
--- a/tests/suites/test_suite_pk.data
+++ b/tests/suites/test_suite_pk.data
@ -14,13 +14,21 @@ PK utils: ECDSA
 depends_on:POLARSSL_ECDSA_C:POLARSSL_ECP_DP_SECP192R1_ENABLED
 pk_utils:POLARSSL_PK_ECDSA:192:24:"ECDSA"

-RSA verify test vector #1 (good)
-depends_on:POLARSSL_SHA1_C:POLARSSL_PKCS1_V15
-pk_rsa_verify_test_vec:"206ef4bf396c6087f8229ef196fd35f37ccb8de5efcdb238f20d556668f114257a11fbe038464a67830378e62ae9791453953dac1dbd7921837ba98e84e856eb80ed9487e656d0b20c28c8ba5e35db1abbed83ed1c7720a97701f709e3547a4bfcabca9c89c57ad15c3996577a0ae36d7c7b699035242f37954646c1cd5c08ac":POLARSSL_MD_SHA1:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"5abc01f5de25b70867ff0c24e222c61f53c88daf42586fddcd56f3c4588f074be3c328056c063388688b6385a8167957c6e5355a510e005b8a851d69c96b36ec6036644078210e5d7d326f96365ee0648882921492bc7b753eb9c26cdbab37555f210df2ca6fec1b25b463d38b81c0dcea202022b04af5da58aa03d77be949b7":0
+PK RSA padding: RSA (ok)
+depends_on:POLARSSL_RSA_C
+pk_set_rsa_padding:POLARSSL_PK_RSA:RSA_PKCS_V21:POLARSSL_MD_SHA512:0

-RSA verify test vector #2 (bad)
+PK RSA padding: ECKEY (error)
+depends_on:POLARSSL_ECP_C
+pk_set_rsa_padding:POLARSSL_PK_ECKEY:RSA_PKCS_V21:POLARSSL_MD_SHA512:POLARSSL_ERR_PK_BAD_INPUT_DATA
+
+RSA verify test vector #1 (v1.5, good)
 depends_on:POLARSSL_SHA1_C:POLARSSL_PKCS1_V15
-pk_rsa_verify_test_vec:"d6248c3e96b1a7e5fea978870fcc4c9786b4e5156e16b7faef4557d667f730b8bc4c784ef00c624df5309513c3a5de8ca94c2152e0459618666d3148092562ebc256ffca45b27fd2d63c68bd5e0a0aefbe496e9e63838a361b1db6fc272464f191490bf9c029643c49d2d9cd08833b8a70b4b3431f56fb1eb55ccd39e77a9c92":POLARSSL_MD_SHA1:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"3203b7647fb7e345aa457681e5131777f1adc371f2fba8534928c4e52ef6206a856425d6269352ecbf64db2f6ad82397768cafdd8cd272e512d617ad67992226da6bc291c31404c17fd4b7e2beb20eff284a44f4d7af47fd6629e2c95809fa7f2241a04f70ac70d3271bb13258af1ed5c5988c95df7fa26603515791075feccd":POLARSSL_ERR_RSA_VERIFY_FAILED
+pk_rsa_verify_test_vec:"206ef4bf396c6087f8229ef196fd35f37ccb8de5efcdb238f20d556668f114257a11fbe038464a67830378e62ae9791453953dac1dbd7921837ba98e84e856eb80ed9487e656d0b20c28c8ba5e35db1abbed83ed1c7720a97701f709e3547a4bfcabca9c89c57ad15c3996577a0ae36d7c7b699035242f37954646c1cd5c08ac":POLARSSL_MD_SHA1:RSA_PKCS_V15:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"5abc01f5de25b70867ff0c24e222c61f53c88daf42586fddcd56f3c4588f074be3c328056c063388688b6385a8167957c6e5355a510e005b8a851d69c96b36ec6036644078210e5d7d326f96365ee0648882921492bc7b753eb9c26cdbab37555f210df2ca6fec1b25b463d38b81c0dcea202022b04af5da58aa03d77be949b7":0
+
+RSA verify test vector #2 (v1.5 bad)
+depends_on:POLARSSL_SHA1_C:POLARSSL_PKCS1_V15
+pk_rsa_verify_test_vec:"d6248c3e96b1a7e5fea978870fcc4c9786b4e5156e16b7faef4557d667f730b8bc4c784ef00c624df5309513c3a5de8ca94c2152e0459618666d3148092562ebc256ffca45b27fd2d63c68bd5e0a0aefbe496e9e63838a361b1db6fc272464f191490bf9c029643c49d2d9cd08833b8a70b4b3431f56fb1eb55ccd39e77a9c92":POLARSSL_MD_SHA1:RSA_PKCS_V15:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"3203b7647fb7e345aa457681e5131777f1adc371f2fba8534928c4e52ef6206a856425d6269352ecbf64db2f6ad82397768cafdd8cd272e512d617ad67992226da6bc291c31404c17fd4b7e2beb20eff284a44f4d7af47fd6629e2c95809fa7f2241a04f70ac70d3271bb13258af1ed5c5988c95df7fa26603515791075feccd":POLARSSL_ERR_RSA_VERIFY_FAILED

 ECDSA verify test vector #1 (good)
 depends_on:POLARSSL_ECP_DP_SECP192R1_ENABLED
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@ -54,15 +54,33 @@ void pk_utils( int type, int size, int len, char *name )
 }
 /* END_CASE */

+/* BEGIN_CASE */
+void pk_set_rsa_padding( int type, int padding, int hash_id, int ret )
+{
+    pk_context pk;
+    unsigned char hash[50], sig[5000];
+    size_t sig_len;
+
+    pk_init( &pk );
+
+    memset( hash, 0x2a, sizeof hash );
+    memset( sig, 0, sizeof sig );
+
+    TEST_ASSERT( pk_init_ctx( &pk, pk_info_from_type( type ) ) == 0 );
+    TEST_ASSERT( pk_rsa_set_padding( &pk, padding, hash_id ) == ret );
+
+    pk_free( &pk );
+}
+/* END_CASE */
+
 /* BEGIN_CASE depends_on:POLARSSL_RSA_C */
-void pk_rsa_verify_test_vec( char *message_hex_string, int digest,
+void pk_rsa_verify_test_vec( char *message_hex_string, int digest, int scheme,
                       int mod, int radix_N, char *input_N, int radix_E,
                       char *input_E, char *result_hex_str, int result )
 {
    unsigned char message_str[1000];
    unsigned char hash_result[1000];
    unsigned char result_str[1000];
-    rsa_context *rsa;
    pk_context pk;
    int msg_len;

@ -73,11 +91,16 @@ void pk_rsa_verify_test_vec( char *message_hex_string, int digest,
    memset( result_str, 0x00, 1000 );

    TEST_ASSERT( pk_init_ctx( &pk, pk_info_from_type( POLARSSL_PK_RSA ) ) == 0 );
-    rsa = pk_rsa( pk );
+    TEST_ASSERT( pk_rsa_set_padding( &pk, scheme, digest ) == 0 );
+
+    /* Set RSA key manually */
+    {
+        rsa_context *rsa = pk_rsa( pk );

        rsa->len = mod / 8;
        TEST_ASSERT( mpi_read_string( &rsa->N, radix_N, input_N ) == 0 );
        TEST_ASSERT( mpi_read_string( &rsa->E, radix_E, input_E ) == 0 );
+    }

    msg_len = unhexify( message_str, message_hex_string );
    unhexify( result_str, result_hex_str );