Adjust tests to openssl v3.5

Since openssl v3.2, the RSA_private_decrypt() method used with PKCS#1 padding
doesn't return an error when it detects an error in padding,
instead it returns a pseudo-randomly generated message.
This is a fix for Bleichenbacher attack.

Change-Id: I2256b96c31b1a3d548f0763b04f205474f1119f1

diff --git a/tests/test_key.cpp b/tests/test_key.cpp
index 4746aadd186e44c7b3c42601ea01b68edcbf574c..3255e4b8626c3ae2a76cda39019bfbeeced19bcc 100644 (file)
--- a/tests/test_key.cpp
+++ b/tests/test_key.cpp
@@ -628,7 +628,7 @@ BOOST_FIXTURE_TEST_CASE(T208__negative__key_import_export_symmetric, InitDebugFi
        yaca_key_destroy(key_import);
 
        /* should be treated as raw */
-       data[0] = 10;
+       data[0] = ~data[0];
        ret = yaca_key_import(YACA_KEY_TYPE_SYMMETRIC, "", data, data_len, &key_import);
        BOOST_REQUIRE(ret == YACA_ERROR_NONE);
 

diff --git a/tests/test_rsa.cpp b/tests/test_rsa.cpp
index 105c77c3b77065b9ec35b08e93a0be873549ca2a..e70c0a33804ffaf79e8ef337876b87860ada939a 100644 (file)
--- a/tests/test_rsa.cpp
+++ b/tests/test_rsa.cpp
@@ -514,11 +514,6 @@ BOOST_FIXTURE_TEST_CASE(T404__negative__public_encrypt, InitDebugFixture)
                                                                   &decrypted, &decrypted_len);
        BOOST_REQUIRE(ret == YACA_ERROR_INVALID_PARAMETER);
 
-       ret = yaca_rsa_private_decrypt(YACA_PADDING_PKCS1, key_prv,
-                                                                  encrypted, encrypted_len,
-                                                                  &decrypted, &decrypted_len);
-       BOOST_REQUIRE(ret == YACA_ERROR_INVALID_PARAMETER);
-
        ret = yaca_rsa_private_decrypt(YACA_PADDING_NONE, YACA_KEY_NULL,
                                                                   encrypted, encrypted_len,
                                                                   &decrypted, &decrypted_len);
@@ -564,21 +559,6 @@ BOOST_FIXTURE_TEST_CASE(T404__negative__public_encrypt, InitDebugFixture)
                                                                   &decrypted, &decrypted_len);
        BOOST_REQUIRE(ret == YACA_ERROR_INVALID_PARAMETER);
 
-       ret = yaca_rsa_private_decrypt(YACA_PADDING_PKCS1, key_prv,
-                                                                  encrypted_pkcs1, encrypted_pkcs1_len - 1,
-                                                                  &decrypted, &decrypted_len);
-       BOOST_REQUIRE(ret == YACA_ERROR_INVALID_PARAMETER);
-
-       ret = yaca_rsa_private_decrypt(YACA_PADDING_PKCS1, key_prv,
-                                                                  encrypted_pkcs1_oaep, encrypted_pkcs1_oaep_len,
-                                                                  &decrypted, &decrypted_len);
-       BOOST_REQUIRE(ret == YACA_ERROR_INVALID_PARAMETER);
-
-       ret = yaca_rsa_private_decrypt(YACA_PADDING_PKCS1_SSLV23, key_prv,
-                                                                  encrypted_pkcs1_oaep, encrypted_pkcs1_oaep_len,
-                                                                  &decrypted, &decrypted_len);
-       BOOST_REQUIRE(ret == YACA_ERROR_INVALID_PARAMETER);
-
        ret = yaca_rsa_private_decrypt(YACA_PADDING_PKCS1_OAEP, key_prv,
                                                                   encrypted_pkcs1_oaep, encrypted_pkcs1_oaep_len - 1,
                                                                   &decrypted, &decrypted_len);
@@ -589,11 +569,6 @@ BOOST_FIXTURE_TEST_CASE(T404__negative__public_encrypt, InitDebugFixture)
                                                                   &decrypted, &decrypted_len);
        BOOST_REQUIRE(ret == YACA_ERROR_INVALID_PARAMETER);
 
-       ret = yaca_rsa_private_decrypt(YACA_PADDING_PKCS1_SSLV23, key_prv,
-                                                                  encrypted_pkcs1_sslv23, encrypted_pkcs1_sslv23_len - 1,
-                                                                  &decrypted, &decrypted_len);
-       BOOST_REQUIRE(ret == YACA_ERROR_INVALID_PARAMETER);
-
        yaca_key_destroy(key_prv);
        yaca_key_destroy(key_pub);
        yaca_key_destroy(key_prv2);