From: Dariusz Michaluk Date: Fri, 29 Sep 2023 10:09:27 +0000 (+0200) Subject: Adjust yaca tests after migration to openssl3 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=295260779379eaa1cc3cd593e44b4941eff7817b;p=platform%2Fcore%2Ftest%2Fsecurity-tests.git Adjust yaca tests after migration to openssl3 Change-Id: Ia5225f980980cdf567073dcce38a7ccd763326e8 --- diff --git a/src/yaca/test-vectors/key.txt b/src/yaca/test-vectors/key.txt index 81b05283..f9fa62cd 100644 --- a/src/yaca/test-vectors/key.txt +++ b/src/yaca/test-vectors/key.txt @@ -136,7 +136,7 @@ password=123456qwerty ########################### DSA DEFAULT ########################### key_type=DSA_PRIV -key_len_bits=512 +key_len_bits=1088 key_format=DEFAULT key_file_format=PEM password= @@ -148,7 +148,7 @@ key_file_format=PEM password= key_type=DSA_PRIV -key_len_bits=512 +key_len_bits=1088 key_format=DEFAULT key_file_format=PEM password=123456qwerty @@ -160,7 +160,7 @@ key_file_format=PEM password=123456qwerty key_type=DSA_PRIV -key_len_bits=512 +key_len_bits=1088 key_format=DEFAULT key_file_format=DER password= @@ -173,7 +173,7 @@ password= ########################### DSA PKCS8 ########################### key_type=DSA_PRIV -key_len_bits=512 +key_len_bits=1088 key_format=PKCS8 key_file_format=PEM password=123456qwerty @@ -185,7 +185,7 @@ key_file_format=PEM password=123456qwerty key_type=DSA_PRIV -key_len_bits=512 +key_len_bits=1088 key_format=PKCS8 key_file_format=DER password=123456qwerty @@ -198,11 +198,11 @@ password=123456qwerty ### DH key_len_bits explained: # YACA_KEY_LENGTH_DH_RFC_2048_256 - 570427392 -# YACA_KEY_LENGTH_DH_GENERATOR_2 | 333 - 268435789 +# YACA_KEY_LENGTH_DH_GENERATOR_2 | 512 - 268435968 ########################### DH DEFAULT ########################### key_type=DH_PRIV -key_len_bits=268435789 +key_len_bits=268435968 key_format=DEFAULT key_file_format=PEM password= @@ -214,7 +214,7 @@ key_file_format=PEM password= key_type=DH_PRIV -key_len_bits=268435789 +key_len_bits=268435968 key_format=DEFAULT key_file_format=PEM password=123456qwerty @@ -226,7 +226,7 @@ key_file_format=PEM password=123456qwerty key_type=DH_PRIV -key_len_bits=268435789 +key_len_bits=268435968 key_format=DEFAULT key_file_format=DER password= @@ -239,7 +239,7 @@ password= ########################### DH PKCS8 ########################### key_type=DH_PRIV -key_len_bits=268435789 +key_len_bits=268435968 key_format=PKCS8 key_file_format=PEM password=123456qwerty @@ -251,7 +251,7 @@ key_file_format=PEM password=123456qwerty key_type=DH_PRIV -key_len_bits=268435789 +key_len_bits=268435968 key_format=PKCS8 key_file_format=DER password=123456qwerty diff --git a/src/yaca/test-vectors/key_derive_kdf.txt b/src/yaca/test-vectors/key_derive_kdf.txt index 8ff86cac..4082a93d 100644 --- a/src/yaca/test-vectors/key_derive_kdf.txt +++ b/src/yaca/test-vectors/key_derive_kdf.txt @@ -23,13 +23,7 @@ info=d65a4812733f8cdbcdfb4b2f4c191d87 key_material=c0bd9e38a8f9de14c2acd35b2f3410c6988cf02400543631e0d6a4c1d030365acbf398115e51aaddebdc9590664210f9aa9fed770d4c57edeafa0b8c14f93300865251218c262d63dadc47dfa0e0284826793985137e0a544ec80abf2fdf5ab90bdaea66204012efe34971dc431d625cd9a329b8217cc8fd0d9f02b13f2f6b0b kdf=X942 -algo=SHA224 -secret=16343907ebcdcee93c918e3b364dd9534071f20e92397e4e19d2a7fc26314ffd8dabe72fa0d9182438c5dc9004a0aae26bb6badee78df51c8e2e909e2556785b8a5d7c0e92e1b4ae67683ed533ef98fdd2f65896e3ec1c34a0e9964f0ff7705575879b016570b560af1362aec74a8ecf4c09033d587207d596cc144f80eaf320af3e53cdfa193c3e131b9e0ccfd0de5deb80c8949a83af7061ed7f365a6bb8dc47be52ebd29944de0a047898a2a412102368bfddabd20d4a0c0aa80c6b7f8f32f130f2543bb845bcf80a12fe70439e41b8652cf50124f20970f18801fcaa1f07067ac465a568fe201f9bc757e96135b13496b5b1835bbc1870bc88e06e41e23e -info= -key_material=f825b2790307c673c228dcfcf949e28fc741355ba6d90fa5 - -kdf=X942 -algo=SHA384 -secret=1987755a21b47cb209d2c5b3084204766099142569ae6545f507527ccbdcbda5736c4bcbc5ccf54fab8f88684c2db5f7fda94716a34ab323f89c06fc6615eb4258df2c7ba8c1903fdd1d27f336f7533e12533902d5b94dfd708fdd57cd32563324f4610e0208d000e94e98a2b7a8e37fe0cbf6f8d138cf34916ade7b91a3874763204ffba66beffe36b9d32edfd27bb30836f0c5b6afda6b9627eb09106049564f78def2ef084c18e7de104771c0b1a95ecb20d02a1ba9d98cb71aceef6bea2f92cfba7a9418e0f1f070d7682aa43cf214be1bf150c615817be2beb28a64f1662c200374a0f6f1a0c6a104b49a85c5d40f0bb4f473f65c9983ec73d4ad36de22 -info= -key_material=43f07538d7c41ac095dd0a3ec8702c1681722c57dd12a643 +algo=SHA1 +secret=000102030405060708090a0b0c0d0e0f10111213 +info=0123456789abcdeffedcba98765432010123456789abcdeffedcba98765432010123456789abcdeffedcba98765432010123456789abcdeffedcba9876543201 +key_material=8890585C4E281A5C1167CAA530BED59B3230D893CBA8F922BD1B56A0 diff --git a/src/yaca/test-vectors/sign_param_comb.txt b/src/yaca/test-vectors/sign_param_comb.txt index 3dda1bb5..085d248a 100644 --- a/src/yaca/test-vectors/sign_param_comb.txt +++ b/src/yaca/test-vectors/sign_param_comb.txt @@ -130,27 +130,27 @@ padding= algo=SHA512 key_type=DSA_PRIV -key_len_bits=512 +key_len_bits=1088 padding= algo=SHA1 key_type=DSA_PRIV -key_len_bits=512 +key_len_bits=1088 padding= algo=SHA224 key_type=DSA_PRIV -key_len_bits=512 +key_len_bits=1088 padding= algo=SHA256 key_type=DSA_PRIV -key_len_bits=512 +key_len_bits=1088 padding= algo=SHA384 key_type=DSA_PRIV -key_len_bits=512 +key_len_bits=1088 padding= algo=SHA512 diff --git a/src/yaca/yaca-test-key.cpp b/src/yaca/yaca-test-key.cpp index efb10179..496cd872 100644 --- a/src/yaca/yaca-test-key.cpp +++ b/src/yaca/yaca-test-key.cpp @@ -304,7 +304,7 @@ RUNNER_TEST(T4050_yaca_key_rsa_invalid_param, YacaTest) RUNNER_TEST(T4060_yaca_key_dsa_invalid_param, YacaTest) { yaca_key_h out = YACA_KEY_NULL; - KeyPtr priv = generate_key(YACA_KEY_TYPE_DSA_PRIV, YACA_KEY_LENGTH_512BIT); + KeyPtr priv = generate_key(YACA_KEY_TYPE_DSA_PRIV, YACA_KEY_LENGTH_1024BIT); KeyPtr pub = extract_public_key(priv); KeyPtr params = extract_parameters(priv); @@ -323,6 +323,8 @@ RUNNER_TEST(T4060_yaca_key_dsa_invalid_param, YacaTest) key_gen_invalid_param(YACA_KEY_TYPE_DSA_PARAMS, YACA_KEY_LENGTH_EC_PRIME256V1, &out); key_gen_invalid_param(YACA_KEY_TYPE_DSA_PRIV, YACA_KEY_LENGTH_DH_RFC_2048_256, &out); key_gen_invalid_param(YACA_KEY_TYPE_DSA_PARAMS, YACA_KEY_LENGTH_DH_RFC_2048_256, &out); + key_gen_invalid_param(YACA_KEY_TYPE_DSA_PRIV, YACA_KEY_LENGTH_512BIT, &out); + key_gen_invalid_param(YACA_KEY_TYPE_DSA_PARAMS, YACA_KEY_LENGTH_512BIT, &out); key_gen_from_params_invalid_param(params.get(), nullptr); key_gen_from_params_invalid_param(priv.get(), &out); @@ -349,6 +351,8 @@ RUNNER_TEST(T4065_yaca_key_dh_invalid_param, YacaTest) key_gen_invalid_param(YACA_KEY_TYPE_DH_PARAMS, YACA_KEY_LENGTH_512BIT, &out); key_gen_invalid_param(YACA_KEY_TYPE_DH_PRIV, YACA_KEY_LENGTH_EC_PRIME256V1, &out); key_gen_invalid_param(YACA_KEY_TYPE_DH_PARAMS, YACA_KEY_LENGTH_EC_PRIME256V1, &out); + key_gen_invalid_param(YACA_KEY_TYPE_DH_PRIV, YACA_KEY_LENGTH_DH_GENERATOR_2 | 192, &out); + key_gen_invalid_param(YACA_KEY_TYPE_DH_PARAMS, YACA_KEY_LENGTH_DH_GENERATOR_5 | 256, &out); key_gen_from_params_invalid_param(params.get(), nullptr); key_gen_from_params_invalid_param(priv.get(), &out); @@ -426,7 +430,6 @@ RUNNER_TEST(T4110_yaca_key_generate_rsa, YacaTest) RUNNER_TEST(T4120_yaca_key_generate_dsa, YacaTest) { - key_gen_test(YACA_KEY_TYPE_DSA_PRIV, YACA_KEY_LENGTH_512BIT); key_gen_test(YACA_KEY_TYPE_DSA_PRIV, YACA_KEY_LENGTH_1024BIT); key_gen_test(YACA_KEY_TYPE_DSA_PRIV, YACA_KEY_LENGTH_2048BIT); key_gen_test(YACA_KEY_TYPE_DSA_PRIV, 1088); @@ -434,7 +437,7 @@ RUNNER_TEST(T4120_yaca_key_generate_dsa, YacaTest) RUNNER_TEST(T4130_yaca_key_generate_dh, YacaTest) { - key_gen_test(YACA_KEY_TYPE_DH_PRIV, YACA_KEY_LENGTH_DH_GENERATOR_2 | 333); + key_gen_test(YACA_KEY_TYPE_DH_PRIV, YACA_KEY_LENGTH_DH_GENERATOR_2 | 512); key_gen_test(YACA_KEY_TYPE_DH_PRIV, YACA_KEY_LENGTH_DH_GENERATOR_5 | 512); key_gen_test(YACA_KEY_TYPE_DH_PRIV, YACA_KEY_LENGTH_DH_RFC_1024_160); key_gen_test(YACA_KEY_TYPE_DH_PRIV, YACA_KEY_LENGTH_DH_RFC_2048_224); diff --git a/src/yaca/yaca-test-rsa.cpp b/src/yaca/yaca-test-rsa.cpp index 93c41c91..e9af5154 100644 --- a/src/yaca/yaca-test-rsa.cpp +++ b/src/yaca/yaca-test-rsa.cpp @@ -123,7 +123,7 @@ const std::vector PADDINGS = { { YACA_PADDING_PKCS1, ET_PUB | ET_PRV, 11, false }, { YACA_PADDING_PKCS1_PSS, ET_NONE, 0, false }, { YACA_PADDING_PKCS1_OAEP, ET_PUB, 42, false }, - { YACA_PADDING_PKCS1_SSLV23, ET_PUB, 11, false }, + { YACA_PADDING_PKCS1_SSLV23, ET_PUB | ET_PRV, 11, false }, { YACA_PADDING_PKCS7, ET_NONE, 0, false } }; @@ -182,12 +182,12 @@ void test_rsa_padding(const KeyPair& kp, const PaddingInfo& pi, EncryptionType e /* decrypt with incorrect paddings */ for (auto& p : PADDINGS) { - /* don't decrypt with the same padding except for SSLV23 */ - if (p.padding == padding && p.padding != YACA_PADDING_PKCS1_SSLV23) + /* don't decrypt with the same padding */ + if (p.padding == padding) continue; /* - * - YACA_PADDING_PKCS1 & YACA_PADDING_PKCS1_SSLV23 are compatible + * - YACA_PADDING_PKCS1 & YACA_PADDING_PKCS1_SSLV23 are equal * - YACA_PADDING_NONE checks only the input length */ expected = YACA_ERROR_INVALID_PARAMETER; @@ -206,10 +206,6 @@ void test_rsa_padding(const KeyPair& kp, const PaddingInfo& pi, EncryptionType e } } - /* decryption with SSLV23 will fail if it was used during encryption */ - if (padding == YACA_PADDING_PKCS1_SSLV23) - padding = YACA_PADDING_PKCS1; - /* * Shortened ciphertext. During encryption without padding OpenSSL allows * input of length equal to the key length but during decryption it allows diff --git a/src/yaca/yaca-test-sign.cpp b/src/yaca/yaca-test-sign.cpp index 49a2d045..453ee5f6 100644 --- a/src/yaca/yaca-test-sign.cpp +++ b/src/yaca/yaca-test-sign.cpp @@ -210,7 +210,7 @@ RUNNER_TEST(T6100_yaca_sign_set_property_invalid_param) { KeyPtr key = generate_key(YACA_KEY_TYPE_RSA_PRIV, YACA_KEY_LENGTH_512BIT); KeyPtr key_pub = extract_public_key(key); - KeyPtr key_dsa = generate_key(YACA_KEY_TYPE_DSA_PRIV, YACA_KEY_LENGTH_512BIT); + KeyPtr key_dsa = generate_key(YACA_KEY_TYPE_DSA_PRIV, YACA_KEY_LENGTH_1024BIT); KeyPtr key_sym = generate_key(YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_LENGTH_192BIT); CtxPtr ctx_sgn = sign_init(YACA_DIGEST_SHA1, key); CtxPtr ctx_vrf = verify_init(YACA_DIGEST_SHA1, key_pub);