• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /* Copyright (c) 2017, Google Inc.
2  *
3  * Permission to use, copy, modify, and/or distribute this software for any
4  * purpose with or without fee is hereby granted, provided that the above
5  * copyright notice and this permission notice appear in all copies.
6  *
7  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
8  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
9  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
10  * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
11  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
12  * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
13  * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
14 
15 // cavp_rsa2_sigver_test processes NIST CAVP RSA2 SigVer test vector request
16 // files and emits the corresponding response.
17 
18 #include <vector>
19 
20 #include <openssl/bn.h>
21 #include <openssl/crypto.h>
22 #include <openssl/digest.h>
23 #include <openssl/err.h>
24 #include <openssl/rsa.h>
25 
26 #include "../crypto/internal.h"
27 #include "../crypto/test/file_test.h"
28 #include "cavp_test_util.h"
29 
30 
31 namespace {
32 
33 struct TestCtx {
34   std::vector<uint8_t> N;
35   bool is_pss;
36 };
37 
38 }
39 
TestRSA2SigVer(FileTest * t,void * arg)40 static bool TestRSA2SigVer(FileTest *t, void *arg) {
41   TestCtx *ctx = reinterpret_cast<TestCtx *>(arg);
42 
43   std::string mod_str;
44   if (!t->GetInstruction(&mod_str, "mod")) {
45     return false;
46   }
47 
48   printf("%s", t->CurrentTestToString().c_str());
49 
50   if (t->HasAttribute("n")) {
51     printf("\r\n");
52     return t->GetBytes(&ctx->N, "n");
53   }
54 
55   std::string hash;
56   std::vector<uint8_t> e_bytes, msg, sig;
57   if (!t->GetAttribute(&hash, "SHAAlg") ||
58       !t->GetBytes(&e_bytes, "e") ||
59       !t->GetBytes(&msg, "Msg") ||
60       !t->GetBytes(&sig, "S")) {
61     return false;
62   }
63 
64   bssl::UniquePtr<RSA> key(RSA_new());
65   key->n = BN_new();
66   key->e = BN_new();
67   if (key == nullptr ||
68       !BN_bin2bn(ctx->N.data(), ctx->N.size(), key->n) ||
69       !BN_bin2bn(e_bytes.data(), e_bytes.size(), key->e)) {
70     return false;
71   }
72 
73   const EVP_MD *md = EVP_get_digestbyname(hash.c_str());
74   uint8_t digest_buf[EVP_MAX_MD_SIZE];
75   unsigned digest_len;
76   if (md == NULL ||
77       !EVP_Digest(msg.data(), msg.size(), digest_buf, &digest_len, md, NULL)) {
78     return false;
79   }
80 
81   int ok;
82   if (ctx->is_pss) {
83     ok = RSA_verify_pss_mgf1(key.get(), digest_buf, digest_len, md, md, -1,
84                              sig.data(), sig.size());
85   } else {
86     ok = RSA_verify(EVP_MD_type(md), digest_buf, digest_len, sig.data(),
87                     sig.size(), key.get());
88   }
89 
90   if (ok) {
91     printf("Result = P\r\n\r\n");
92   } else {
93     char buf[256];
94     ERR_error_string_n(ERR_get_error(), buf, sizeof(buf));
95     printf("Result = F (%s)\r\n\r\n", buf);
96   }
97   ERR_clear_error();
98   return true;
99 }
100 
cavp_rsa2_sigver_test_main(int argc,char ** argv)101 int cavp_rsa2_sigver_test_main(int argc, char **argv) {
102   if (argc != 3) {
103     fprintf(stderr, "usage: %s (pkcs15|pss) <test file>\n",
104             argv[0]);
105     return 1;
106   }
107 
108   TestCtx ctx;
109   if (strcmp(argv[1], "pkcs15") == 0) {
110     ctx = {std::vector<uint8_t>(), false};
111   } else if (strcmp(argv[1], "pss") == 0) {
112     ctx = {std::vector<uint8_t>(), true};
113   } else {
114     fprintf(stderr, "Unknown test type: %s\n", argv[1]);
115     return 1;
116   }
117 
118   FileTest::Options opts;
119   opts.path = argv[2];
120   opts.callback = TestRSA2SigVer;
121   opts.arg = &ctx;
122   opts.silent = true;
123   opts.comment_callback = EchoComment;
124   return FileTestMain(opts);
125 }
126