[ITC][UTC][yaca][Non-ACR] Fix for new OpenSSL handling of PADDING_PKCS1_SSLV23

Newly released OpenSSL 1.0.2t requires RSA API to get the same padding
for decryption like in encryption.

This commit is a combination of commits:

ff1fb8daca60b9e7a3b4ab633113b65beaa5df57
287fdad529e2d8aa053c327feb2160ec6bb22b47

from tizen branch (as OpenSSL 1.0.2 was updatd to "t" release
in Tizen 4.0 and 5.0 just recently).

Change-Id: Ie67ea7463089767d53dd8e304ee02c60e37c7f7e

diff --git a/src/itc/yaca/ITs-yaca-rsa.c b/src/itc/yaca/ITs-yaca-rsa.c
index f2c839add8ece080f81bb55b4397e3807c7a1aef..0b06f3e3e63adb0cec6eca7013fdbd78a8a7df1a 100755 (executable)
--- a/src/itc/yaca/ITs-yaca-rsa.c
+++ b/src/itc/yaca/ITs-yaca-rsa.c
@@ -116,7 +116,7 @@ int ITc_yaca_rsa_public_encrypt_private_decrypt_p(void)
                return 1;
        }
        //Target API
-       nRet = yaca_rsa_private_decrypt(YACA_PADDING_PKCS1_SSLV23, hPrvKey, pCipherText, nCipherTextLen, &plaintext, &plaintext_len);
+       nRet = yaca_rsa_private_decrypt(YACA_PADDING_PKCS1, hPrvKey, pCipherText, nCipherTextLen, &plaintext, &plaintext_len);
        PRINT_RESULT_CLEANUP(YACA_ERROR_NONE, nRet, "yaca_rsa_private_decrypt", YacaGetError(nRet), yaca_key_destroy(hPrvKey);yaca_key_destroy(hPubKey));
                
        yaca_free(plaintext);           

diff --git a/src/utc/yaca/utc-yaca-rsa.c b/src/utc/yaca/utc-yaca-rsa.c
index e7c30c91209142143d528bc3d519dc00ab47d425..2ca6b8cb715aaa8a3f22cb88ce6da9ea091baaf7 100755 (executable)
--- a/src/utc/yaca/utc-yaca-rsa.c
+++ b/src/utc/yaca/utc-yaca-rsa.c
@@ -170,12 +170,7 @@ int utc_yaca_rsa_private_decrypt_p(void)
                                                                  &ciphertext, &ciphertext_len);
        assert_eq(ret, YACA_ERROR_NONE);
 
-       /*
-        * YACA_PADDING_PKCS1_SSLV23 is compatible with YACA_PADDING_PKCS1. It is used to detect if
-        * both the encrypting and decrypting side used YACA_PADDING_PKCS1_SSLV23, that is, both are
-        * SSL3 capable but use the SSL2 (rollback attack detection).
-        */
-       ret = yaca_rsa_private_decrypt(YACA_PADDING_PKCS1_SSLV23, prv_key,
+       ret = yaca_rsa_private_decrypt(YACA_PADDING_PKCS1, prv_key,
                                                                   ciphertext, ciphertext_len,
                                                                   &plaintext, &plaintext_len);
        assert_eq(ret, YACA_ERROR_NONE);
@@ -230,23 +225,23 @@ int utc_yaca_rsa_private_decrypt_n(void)
                                                                   &plaintext, &plaintext_len);
        assert_eq(ret, YACA_ERROR_INVALID_PARAMETER);
 
-       ret = yaca_rsa_private_decrypt(YACA_PADDING_PKCS1_SSLV23, NULL, ciphertext, ciphertext_len,
+       ret = yaca_rsa_private_decrypt(YACA_PADDING_PKCS1, NULL, ciphertext, ciphertext_len,
                                                                   &plaintext, &plaintext_len);
        assert_eq(ret, YACA_ERROR_INVALID_PARAMETER);
 
-       ret = yaca_rsa_private_decrypt(YACA_PADDING_PKCS1_SSLV23, prv_key, NULL, ciphertext_len,
+       ret = yaca_rsa_private_decrypt(YACA_PADDING_PKCS1, prv_key, NULL, ciphertext_len,
                                                                   &plaintext, &plaintext_len);
        assert_eq(ret, YACA_ERROR_INVALID_PARAMETER);
 
-       ret = yaca_rsa_private_decrypt(YACA_PADDING_PKCS1_SSLV23, prv_key, ciphertext, 0,
+       ret = yaca_rsa_private_decrypt(YACA_PADDING_PKCS1, prv_key, ciphertext, 0,
                                                                   &plaintext, &plaintext_len);
        assert_eq(ret, YACA_ERROR_INVALID_PARAMETER);
 
-       ret = yaca_rsa_private_decrypt(YACA_PADDING_PKCS1_SSLV23, prv_key, ciphertext, ciphertext_len,
+       ret = yaca_rsa_private_decrypt(YACA_PADDING_PKCS1, prv_key, ciphertext, ciphertext_len,
                                                                   NULL, &plaintext_len);
        assert_eq(ret, YACA_ERROR_INVALID_PARAMETER);
 
-       ret = yaca_rsa_private_decrypt(YACA_PADDING_PKCS1_SSLV23, prv_key, ciphertext, ciphertext_len,
+       ret = yaca_rsa_private_decrypt(YACA_PADDING_PKCS1, prv_key, ciphertext, ciphertext_len,
                                                                   &plaintext, NULL);
        assert_eq(ret, YACA_ERROR_INVALID_PARAMETER);