[ITC][UTC][yaca][Non-ACR] Fix for new OpenSSL handling of PADDING_PKCS1_SSLV23

Newly released OpenSSL 1.0.2t requires RSA API to get the same padding
for decryption like in encryption.

This commit is a combination of commits:

ff1fb8daca60b9e7a3b4ab633113b65beaa5df57
287fdad529e2d8aa053c327feb2160ec6bb22b47

from tizen branch (as OpenSSL 1.0.2 was updatd to "t" release
in Tizen 4.0 and 5.0 just recently).

Change-Id: Ibbb4deafec349798c34b8edd1149c6d258b1ed6f

diff --git a/src/itc/yaca/ITs-yaca-rsa.c b/src/itc/yaca/ITs-yaca-rsa.c
index f2c839a..0b06f3e 100755 (executable)
--- a/src/itc/yaca/ITs-yaca-rsa.c
+++ b/src/itc/yaca/ITs-yaca-rsa.c
@@ -116,7 +116,7 @@ int ITc_yaca_rsa_public_encrypt_private_decrypt_p(void)
                return 1;
        }
        //Target API
-       nRet = yaca_rsa_private_decrypt(YACA_PADDING_PKCS1_SSLV23, hPrvKey, pCipherText, nCipherTextLen, &plaintext, &plaintext_len);
+       nRet = yaca_rsa_private_decrypt(YACA_PADDING_PKCS1, hPrvKey, pCipherText, nCipherTextLen, &plaintext, &plaintext_len);
        PRINT_RESULT_CLEANUP(YACA_ERROR_NONE, nRet, "yaca_rsa_private_decrypt", YacaGetError(nRet), yaca_key_destroy(hPrvKey);yaca_key_destroy(hPubKey));
                
        yaca_free(plaintext);           

diff --git a/src/utc/yaca/utc-yaca-rsa.c b/src/utc/yaca/utc-yaca-rsa.c
index e7c30c9..2ca6b8c 100755 (executable)
--- a/src/utc/yaca/utc-yaca-rsa.c
+++ b/src/utc/yaca/utc-yaca-rsa.c
@@ -170,12 +170,7 @@ int utc_yaca_rsa_private_decrypt_p(void)
                                                                  &ciphertext, &ciphertext_len);
        assert_eq(ret, YACA_ERROR_NONE);
 
-       /*
-        * YACA_PADDING_PKCS1_SSLV23 is compatible with YACA_PADDING_PKCS1. It is used to detect if
-        * both the encrypting and decrypting side used YACA_PADDING_PKCS1_SSLV23, that is, both are
-        * SSL3 capable but use the SSL2 (rollback attack detection).
-        */
-       ret = yaca_rsa_private_decrypt(YACA_PADDING_PKCS1_SSLV23, prv_key,
+       ret = yaca_rsa_private_decrypt(YACA_PADDING_PKCS1, prv_key,
                                                                   ciphertext, ciphertext_len,
                                                                   &plaintext, &plaintext_len);
        assert_eq(ret, YACA_ERROR_NONE);
@@ -230,23 +225,23 @@ int utc_yaca_rsa_private_decrypt_n(void)
                                                                   &plaintext, &plaintext_len);
        assert_eq(ret, YACA_ERROR_INVALID_PARAMETER);
 
-       ret = yaca_rsa_private_decrypt(YACA_PADDING_PKCS1_SSLV23, NULL, ciphertext, ciphertext_len,
+       ret = yaca_rsa_private_decrypt(YACA_PADDING_PKCS1, NULL, ciphertext, ciphertext_len,
                                                                   &plaintext, &plaintext_len);
        assert_eq(ret, YACA_ERROR_INVALID_PARAMETER);
 
-       ret = yaca_rsa_private_decrypt(YACA_PADDING_PKCS1_SSLV23, prv_key, NULL, ciphertext_len,
+       ret = yaca_rsa_private_decrypt(YACA_PADDING_PKCS1, prv_key, NULL, ciphertext_len,
                                                                   &plaintext, &plaintext_len);
        assert_eq(ret, YACA_ERROR_INVALID_PARAMETER);
 
-       ret = yaca_rsa_private_decrypt(YACA_PADDING_PKCS1_SSLV23, prv_key, ciphertext, 0,
+       ret = yaca_rsa_private_decrypt(YACA_PADDING_PKCS1, prv_key, ciphertext, 0,
                                                                   &plaintext, &plaintext_len);
        assert_eq(ret, YACA_ERROR_INVALID_PARAMETER);
 
-       ret = yaca_rsa_private_decrypt(YACA_PADDING_PKCS1_SSLV23, prv_key, ciphertext, ciphertext_len,
+       ret = yaca_rsa_private_decrypt(YACA_PADDING_PKCS1, prv_key, ciphertext, ciphertext_len,
                                                                   NULL, &plaintext_len);
        assert_eq(ret, YACA_ERROR_INVALID_PARAMETER);
 
-       ret = yaca_rsa_private_decrypt(YACA_PADDING_PKCS1_SSLV23, prv_key, ciphertext, ciphertext_len,
+       ret = yaca_rsa_private_decrypt(YACA_PADDING_PKCS1, prv_key, ciphertext, ciphertext_len,
                                                                   &plaintext, NULL);
        assert_eq(ret, YACA_ERROR_INVALID_PARAMETER);