From a730df6f86d84077454d048f8a6c7977b298a1c3 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 1 Mar 2023 10:18:19 +0800 Subject: [PATCH 01/12] rsa.c: provide interface to get padding mode of RSA context Signed-off-by: Yanray Wang --- include/mbedtls/rsa.h | 10 ++++++++++ library/rsa.c | 9 ++++++++- 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index d77a53832..da5a47e54 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -181,6 +181,16 @@ void mbedtls_rsa_init(mbedtls_rsa_context *ctx); int mbedtls_rsa_set_padding(mbedtls_rsa_context *ctx, int padding, mbedtls_md_type_t hash_id); +/** + * \brief This function retrieves padding mode of RSA modulus. + * + * \param ctx The initialized RSA context. + * + * \return RSA padding mode. + * + */ +int mbedtls_rsa_get_padding_mode(const mbedtls_rsa_context *ctx); + /** * \brief This function imports a set of core parameters into an * RSA context. diff --git a/library/rsa.c b/library/rsa.c index df7d7975c..ba54d25bc 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -499,10 +499,17 @@ int mbedtls_rsa_set_padding(mbedtls_rsa_context *ctx, int padding, return 0; } +/* + * Get padding mode of RSA modulus + */ +int mbedtls_rsa_get_padding_mode(const mbedtls_rsa_context *ctx) +{ + return ctx->MBEDTLS_PRIVATE(padding); +} + /* * Get length in bytes of RSA modulus */ - size_t mbedtls_rsa_get_len(const mbedtls_rsa_context *ctx) { return ctx->len; From 12cb39661cd8f2daceabc711c2d985c81a53a010 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 1 Mar 2023 10:20:02 +0800 Subject: [PATCH 02/12] rsa.c: provide interface to get hash_id of RSA context Signed-off-by: Yanray Wang --- include/mbedtls/rsa.h | 11 +++++++++++ library/rsa.c | 8 ++++++++ 2 files changed, 19 insertions(+) diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index da5a47e54..ba3a7605d 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -191,6 +191,17 @@ int mbedtls_rsa_set_padding(mbedtls_rsa_context *ctx, int padding, */ int mbedtls_rsa_get_padding_mode(const mbedtls_rsa_context *ctx); +/** + * \brief This function retrieves hash identifier of mbedtls_md_type_t + * type. + * + * \param ctx The initialized RSA context. + * + * \return Hash identifier of mbedtls_md_type_t type. + * + */ +int mbedtls_rsa_get_hash_id(const mbedtls_rsa_context *ctx); + /** * \brief This function imports a set of core parameters into an * RSA context. diff --git a/library/rsa.c b/library/rsa.c index ba54d25bc..fc7f3bc27 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -507,6 +507,14 @@ int mbedtls_rsa_get_padding_mode(const mbedtls_rsa_context *ctx) return ctx->MBEDTLS_PRIVATE(padding); } +/* + * Get hash identifier of mbedtls_md_type_t type + */ +int mbedtls_rsa_get_hash_id(const mbedtls_rsa_context *ctx) +{ + return ctx->MBEDTLS_PRIVATE(hash_id); +} + /* * Get length in bytes of RSA modulus */ From 097147540d7b0fb4526d63334a6c2fd6beee35b9 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 1 Mar 2023 16:31:46 +0800 Subject: [PATCH 03/12] test_suite_rsa.function: add tests Signed-off-by: Yanray Wang --- tests/suites/test_suite_rsa.data | 40 ++++++++++++++++++++++++++++ tests/suites/test_suite_rsa.function | 31 +++++++++++++++++++++ 2 files changed, 71 insertions(+) diff --git a/tests/suites/test_suite_rsa.data b/tests/suites/test_suite_rsa.data index 2be93996d..ef2a60b4e 100644 --- a/tests/suites/test_suite_rsa.data +++ b/tests/suites/test_suite_rsa.data @@ -7,6 +7,46 @@ rsa_init_free:0 RSA init-free-init-free rsa_init_free:1 +RSA retrieves context with PKCS#1 v1.5 and None MD +depends_on:MBEDTLS_PKCS1_V15 +# MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_NONE +rsa_ctx_param_validation:0:0 + +RSA retrieves context with PKCS#1 v1.5 and MD5 +depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA +# MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD5 +rsa_ctx_param_validation:0:1 + +RSA retrieves context with PKCS#1 v1.5 and SHA-256 +depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA +# MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256 +rsa_ctx_param_validation:0:4 + +RSA retrieves context with PKCS#1 v1.5 and RIPEMD-160 +depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_RIPEMD160_VIA_LOWLEVEL_OR_PSA +# MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_RIPEMD160 +rsa_ctx_param_validation:0:7 + +RSA retrieves context with PKCS#1 v2.1 and SHA1 +depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA +# MBEDTLS_RSA_PKCS_V21:MBEDTLS_MD_SHA1 +rsa_ctx_param_validation:1:2 + +RSA retrieves context with PKCS#1 v2.1 and SHA224 +depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA +# MBEDTLS_RSA_PKCS_V21:MBEDTLS_MD_SHA224 +rsa_ctx_param_validation:1:3 + +RSA retrieves context with PKCS#1 v2.1 and SHA384 +depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA +# MBEDTLS_RSA_PKCS_V21:MBEDTLS_MD_SHA384 +rsa_ctx_param_validation:1:5 + +RSA retrieves context with PKCS#1 v2.1 and SHA512 +depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA +# MBEDTLS_RSA_PKCS_V21:MBEDTLS_MD_SHA512 +rsa_ctx_param_validation:1:6 + RSA PKCS1 Verify v1.5 CAVS #1 depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 # Good padding but wrong hash diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index a2fe6c8ac..deb156e71 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -26,11 +26,17 @@ void rsa_invalid_param() MBEDTLS_MD_NONE), MBEDTLS_ERR_RSA_INVALID_PADDING); + TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V15); + TEST_EQUAL(mbedtls_rsa_get_hash_id(&ctx), MBEDTLS_MD_NONE); + TEST_EQUAL(mbedtls_rsa_set_padding(&ctx, MBEDTLS_RSA_PKCS_V21, invalid_hash_id), MBEDTLS_ERR_RSA_INVALID_PADDING); + TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V15); + TEST_EQUAL(mbedtls_rsa_get_hash_id(&ctx), MBEDTLS_MD_NONE); + TEST_EQUAL(mbedtls_rsa_pkcs1_sign(&ctx, NULL, NULL, MBEDTLS_MD_NONE, buf_len, @@ -58,6 +64,9 @@ void rsa_invalid_param() MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_NONE), MBEDTLS_ERR_RSA_INVALID_PADDING); + + TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V15); + TEST_EQUAL(mbedtls_rsa_get_hash_id(&ctx), MBEDTLS_MD_NONE); #endif #if defined(MBEDTLS_PKCS1_V15) @@ -91,6 +100,9 @@ void rsa_invalid_param() MBEDTLS_RSA_PKCS_V21, MBEDTLS_MD_NONE), MBEDTLS_ERR_RSA_INVALID_PADDING); + + TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V15); + TEST_EQUAL(mbedtls_rsa_get_hash_id(&ctx), MBEDTLS_MD_NONE); #endif #if defined(MBEDTLS_PKCS1_V21) @@ -158,6 +170,25 @@ void rsa_init_free(int reinit) } /* END_CASE */ +/* BEGIN_CASE */ +void rsa_ctx_param_validation(int padding_mode, int hash_id) +{ + mbedtls_rsa_context ctx; + + mbedtls_rsa_init(&ctx); + + TEST_ASSERT(mbedtls_rsa_set_padding(&ctx, + padding_mode, + hash_id) == 0); + + TEST_ASSERT(mbedtls_rsa_get_padding_mode(&ctx) == padding_mode); + TEST_ASSERT(mbedtls_rsa_get_hash_id(&ctx) == hash_id); + +exit: + mbedtls_rsa_free(&ctx); +} +/* END_CASE */ + /* BEGIN_CASE */ void mbedtls_rsa_pkcs1_sign(data_t *message_str, int padding_mode, int digest, int mod, char *input_P, From 83548b5c102993d541979aaf5da59f4409b94c6c Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 15 Mar 2023 16:46:34 +0800 Subject: [PATCH 04/12] fix inappropriate description for function in RSA Signed-off-by: Yanray Wang --- include/mbedtls/rsa.h | 3 ++- library/rsa.c | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index ba3a7605d..7b7c3e864 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -182,7 +182,8 @@ int mbedtls_rsa_set_padding(mbedtls_rsa_context *ctx, int padding, mbedtls_md_type_t hash_id); /** - * \brief This function retrieves padding mode of RSA modulus. + * \brief This function retrieves padding mode of initialized + * RSA context. * * \param ctx The initialized RSA context. * diff --git a/library/rsa.c b/library/rsa.c index fc7f3bc27..63102d7a0 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -500,7 +500,7 @@ int mbedtls_rsa_set_padding(mbedtls_rsa_context *ctx, int padding, } /* - * Get padding mode of RSA modulus + * Get padding mode of initialized RSA context */ int mbedtls_rsa_get_padding_mode(const mbedtls_rsa_context *ctx) { From 644b901a4cfb700f36ca83c7a0fa03ec066ebd3d Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 15 Mar 2023 16:50:31 +0800 Subject: [PATCH 05/12] rsa.c: remove MBEDTLS_PRIVATE Signed-off-by: Yanray Wang --- library/rsa.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/rsa.c b/library/rsa.c index 63102d7a0..54585f2c8 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -504,7 +504,7 @@ int mbedtls_rsa_set_padding(mbedtls_rsa_context *ctx, int padding, */ int mbedtls_rsa_get_padding_mode(const mbedtls_rsa_context *ctx) { - return ctx->MBEDTLS_PRIVATE(padding); + return ctx->padding; } /* @@ -512,7 +512,7 @@ int mbedtls_rsa_get_padding_mode(const mbedtls_rsa_context *ctx) */ int mbedtls_rsa_get_hash_id(const mbedtls_rsa_context *ctx) { - return ctx->MBEDTLS_PRIVATE(hash_id); + return ctx->hash_id; } /* From ac361153557b3b1a84c81dfcbe3a6da3664405c8 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 15 Mar 2023 16:55:32 +0800 Subject: [PATCH 06/12] test_suite_rsa.function: remove redundant test cases Signed-off-by: Yanray Wang --- tests/suites/test_suite_rsa.data | 40 ---------------------------- tests/suites/test_suite_rsa.function | 34 +++-------------------- 2 files changed, 3 insertions(+), 71 deletions(-) diff --git a/tests/suites/test_suite_rsa.data b/tests/suites/test_suite_rsa.data index ef2a60b4e..2be93996d 100644 --- a/tests/suites/test_suite_rsa.data +++ b/tests/suites/test_suite_rsa.data @@ -7,46 +7,6 @@ rsa_init_free:0 RSA init-free-init-free rsa_init_free:1 -RSA retrieves context with PKCS#1 v1.5 and None MD -depends_on:MBEDTLS_PKCS1_V15 -# MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_NONE -rsa_ctx_param_validation:0:0 - -RSA retrieves context with PKCS#1 v1.5 and MD5 -depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA -# MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD5 -rsa_ctx_param_validation:0:1 - -RSA retrieves context with PKCS#1 v1.5 and SHA-256 -depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA -# MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256 -rsa_ctx_param_validation:0:4 - -RSA retrieves context with PKCS#1 v1.5 and RIPEMD-160 -depends_on:MBEDTLS_PKCS1_V15:MBEDTLS_HAS_ALG_RIPEMD160_VIA_LOWLEVEL_OR_PSA -# MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_RIPEMD160 -rsa_ctx_param_validation:0:7 - -RSA retrieves context with PKCS#1 v2.1 and SHA1 -depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA -# MBEDTLS_RSA_PKCS_V21:MBEDTLS_MD_SHA1 -rsa_ctx_param_validation:1:2 - -RSA retrieves context with PKCS#1 v2.1 and SHA224 -depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA -# MBEDTLS_RSA_PKCS_V21:MBEDTLS_MD_SHA224 -rsa_ctx_param_validation:1:3 - -RSA retrieves context with PKCS#1 v2.1 and SHA384 -depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA -# MBEDTLS_RSA_PKCS_V21:MBEDTLS_MD_SHA384 -rsa_ctx_param_validation:1:5 - -RSA retrieves context with PKCS#1 v2.1 and SHA512 -depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA -# MBEDTLS_RSA_PKCS_V21:MBEDTLS_MD_SHA512 -rsa_ctx_param_validation:1:6 - RSA PKCS1 Verify v1.5 CAVS #1 depends_on:MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA:MBEDTLS_PKCS1_V15 # Good padding but wrong hash diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index deb156e71..24bba9f26 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -21,22 +21,19 @@ void rsa_invalid_param() mbedtls_rsa_init(&ctx); + TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V15); + TEST_EQUAL(mbedtls_rsa_get_hash_id(&ctx), MBEDTLS_MD_NONE); + TEST_EQUAL(mbedtls_rsa_set_padding(&ctx, invalid_padding, MBEDTLS_MD_NONE), MBEDTLS_ERR_RSA_INVALID_PADDING); - TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V15); - TEST_EQUAL(mbedtls_rsa_get_hash_id(&ctx), MBEDTLS_MD_NONE); - TEST_EQUAL(mbedtls_rsa_set_padding(&ctx, MBEDTLS_RSA_PKCS_V21, invalid_hash_id), MBEDTLS_ERR_RSA_INVALID_PADDING); - TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V15); - TEST_EQUAL(mbedtls_rsa_get_hash_id(&ctx), MBEDTLS_MD_NONE); - TEST_EQUAL(mbedtls_rsa_pkcs1_sign(&ctx, NULL, NULL, MBEDTLS_MD_NONE, buf_len, @@ -64,9 +61,6 @@ void rsa_invalid_param() MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_NONE), MBEDTLS_ERR_RSA_INVALID_PADDING); - - TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V15); - TEST_EQUAL(mbedtls_rsa_get_hash_id(&ctx), MBEDTLS_MD_NONE); #endif #if defined(MBEDTLS_PKCS1_V15) @@ -100,9 +94,6 @@ void rsa_invalid_param() MBEDTLS_RSA_PKCS_V21, MBEDTLS_MD_NONE), MBEDTLS_ERR_RSA_INVALID_PADDING); - - TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V15); - TEST_EQUAL(mbedtls_rsa_get_hash_id(&ctx), MBEDTLS_MD_NONE); #endif #if defined(MBEDTLS_PKCS1_V21) @@ -170,25 +161,6 @@ void rsa_init_free(int reinit) } /* END_CASE */ -/* BEGIN_CASE */ -void rsa_ctx_param_validation(int padding_mode, int hash_id) -{ - mbedtls_rsa_context ctx; - - mbedtls_rsa_init(&ctx); - - TEST_ASSERT(mbedtls_rsa_set_padding(&ctx, - padding_mode, - hash_id) == 0); - - TEST_ASSERT(mbedtls_rsa_get_padding_mode(&ctx) == padding_mode); - TEST_ASSERT(mbedtls_rsa_get_hash_id(&ctx) == hash_id); - -exit: - mbedtls_rsa_free(&ctx); -} -/* END_CASE */ - /* BEGIN_CASE */ void mbedtls_rsa_pkcs1_sign(data_t *message_str, int padding_mode, int digest, int mod, char *input_P, From d41684e8bc7c541b56661a8aa6bcc362242421af Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Fri, 17 Mar 2023 18:54:22 +0800 Subject: [PATCH 07/12] rsa.c: rename getter function of hash_id Signed-off-by: Yanray Wang --- include/mbedtls/rsa.h | 2 +- library/rsa.c | 2 +- tests/suites/test_suite_rsa.function | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index 7b7c3e864..da8639b39 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -201,7 +201,7 @@ int mbedtls_rsa_get_padding_mode(const mbedtls_rsa_context *ctx); * \return Hash identifier of mbedtls_md_type_t type. * */ -int mbedtls_rsa_get_hash_id(const mbedtls_rsa_context *ctx); +int mbedtls_rsa_get_md_alg(const mbedtls_rsa_context *ctx); /** * \brief This function imports a set of core parameters into an diff --git a/library/rsa.c b/library/rsa.c index 54585f2c8..4c678dd1e 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -510,7 +510,7 @@ int mbedtls_rsa_get_padding_mode(const mbedtls_rsa_context *ctx) /* * Get hash identifier of mbedtls_md_type_t type */ -int mbedtls_rsa_get_hash_id(const mbedtls_rsa_context *ctx) +int mbedtls_rsa_get_md_alg(const mbedtls_rsa_context *ctx) { return ctx->hash_id; } diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index 24bba9f26..73eb5b257 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -22,7 +22,7 @@ void rsa_invalid_param() mbedtls_rsa_init(&ctx); TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V15); - TEST_EQUAL(mbedtls_rsa_get_hash_id(&ctx), MBEDTLS_MD_NONE); + TEST_EQUAL(mbedtls_rsa_get_md_alg(&ctx), MBEDTLS_MD_NONE); TEST_EQUAL(mbedtls_rsa_set_padding(&ctx, invalid_padding, From 8a7ed6951df6b3068bc8cd0b162e7d3e691bc750 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 17 Mar 2023 10:30:45 +0000 Subject: [PATCH 08/12] Changelog Signed-off-by: Dave Rodgman Signed-off-by: Yanray Wang --- ChangeLog.d/rsa-padding-accessor.txt | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 ChangeLog.d/rsa-padding-accessor.txt diff --git a/ChangeLog.d/rsa-padding-accessor.txt b/ChangeLog.d/rsa-padding-accessor.txt new file mode 100644 index 000000000..da793f881 --- /dev/null +++ b/ChangeLog.d/rsa-padding-accessor.txt @@ -0,0 +1,4 @@ +Features + * Add functions mbedtls_rsa_get_padding_mode() and mbedtls_rsa_get_md_alg() to read + non-public fields for padding mode and hash id from an mbedtls_rsa_context, as + requested in #6917. From 15d3df7aec7b30f4f0b76049e04ff11003494c47 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Fri, 17 Mar 2023 19:34:01 +0800 Subject: [PATCH 09/12] rsa: add positive test cases for getter functions Signed-off-by: Yanray Wang --- tests/suites/test_suite_pkcs1_v15.function | 12 ++++++++++++ tests/suites/test_suite_pkcs1_v21.function | 15 +++++++++++++++ tests/suites/test_suite_rsa.function | 3 --- 3 files changed, 27 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_pkcs1_v15.function b/tests/suites/test_suite_pkcs1_v15.function index d0ea23cdb..91dcda3ae 100644 --- a/tests/suites/test_suite_pkcs1_v15.function +++ b/tests/suites/test_suite_pkcs1_v15.function @@ -32,6 +32,9 @@ void pkcs1_rsaes_v15_encrypt(int mod, char *input_N, MBEDTLS_RSA_PKCS_V15, hash) == 0); memset(output, 0x00, sizeof(output)); + TEST_ASSERT(mbedtls_rsa_get_padding_mode(&ctx) == MBEDTLS_RSA_PKCS_V15); + TEST_ASSERT(mbedtls_rsa_get_md_alg(&ctx) == hash); + TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0); @@ -77,6 +80,9 @@ void pkcs1_rsaes_v15_decrypt(int mod, char *input_P, char *input_Q, TEST_ASSERT(mbedtls_rsa_set_padding(&ctx, MBEDTLS_RSA_PKCS_V15, hash) == 0); + TEST_ASSERT(mbedtls_rsa_get_padding_mode(&ctx) == MBEDTLS_RSA_PKCS_V15); + TEST_ASSERT(mbedtls_rsa_get_md_alg(&ctx) == hash); + memset(output, 0x00, sizeof(output)); memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info)); @@ -281,6 +287,9 @@ void pkcs1_rsassa_v15_sign(int mod, char *input_P, memset(output, 0x00, sizeof(output)); + TEST_ASSERT(mbedtls_rsa_get_padding_mode(&ctx) == MBEDTLS_RSA_PKCS_V15); + TEST_ASSERT(mbedtls_rsa_get_md_alg(&ctx) == hash); + TEST_ASSERT(mbedtls_test_read_mpi(&P, input_P) == 0); TEST_ASSERT(mbedtls_test_read_mpi(&Q, input_Q) == 0); TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); @@ -322,6 +331,9 @@ void pkcs1_rsassa_v15_verify(int mod, char *input_N, char *input_E, TEST_ASSERT(mbedtls_rsa_set_padding(&ctx, MBEDTLS_RSA_PKCS_V15, hash) == 0); + TEST_ASSERT(mbedtls_rsa_get_padding_mode(&ctx) == MBEDTLS_RSA_PKCS_V15); + TEST_ASSERT(mbedtls_rsa_get_md_alg(&ctx) == hash); + TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0); diff --git a/tests/suites/test_suite_pkcs1_v21.function b/tests/suites/test_suite_pkcs1_v21.function index 376c752f4..b0a26620f 100644 --- a/tests/suites/test_suite_pkcs1_v21.function +++ b/tests/suites/test_suite_pkcs1_v21.function @@ -29,6 +29,9 @@ void pkcs1_rsaes_oaep_encrypt(int mod, data_t *input_N, data_t *input_E, MBEDTLS_RSA_PKCS_V21, hash) == 0); memset(output, 0x00, sizeof(output)); + TEST_ASSERT(mbedtls_rsa_get_padding_mode(&ctx) == MBEDTLS_RSA_PKCS_V21); + TEST_ASSERT(mbedtls_rsa_get_md_alg(&ctx) == hash); + TEST_ASSERT(mbedtls_mpi_read_binary(&N, input_N->x, input_N->len) == 0); TEST_ASSERT(mbedtls_mpi_read_binary(&E, input_E->x, input_E->len) == 0); TEST_ASSERT(mbedtls_rsa_import(&ctx, &N, NULL, NULL, NULL, &E) == 0); @@ -73,6 +76,9 @@ void pkcs1_rsaes_oaep_decrypt(int mod, data_t *input_P, data_t *input_Q, TEST_ASSERT(mbedtls_rsa_set_padding(&ctx, MBEDTLS_RSA_PKCS_V21, hash) == 0); + TEST_ASSERT(mbedtls_rsa_get_padding_mode(&ctx) == MBEDTLS_RSA_PKCS_V21); + TEST_ASSERT(mbedtls_rsa_get_md_alg(&ctx) == hash); + memset(output, 0x00, sizeof(output)); memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info)); @@ -134,6 +140,9 @@ void pkcs1_rsassa_pss_sign(int mod, data_t *input_P, data_t *input_Q, TEST_ASSERT(mbedtls_rsa_set_padding(&ctx, MBEDTLS_RSA_PKCS_V21, hash) == 0); + TEST_ASSERT(mbedtls_rsa_get_padding_mode(&ctx) == MBEDTLS_RSA_PKCS_V21); + TEST_ASSERT(mbedtls_rsa_get_md_alg(&ctx) == hash); + memset(output, 0x00, sizeof(output)); TEST_ASSERT(mbedtls_mpi_read_binary(&P, input_P->x, input_P->len) == 0); @@ -187,6 +196,9 @@ void pkcs1_rsassa_pss_verify(int mod, data_t *input_N, data_t *input_E, TEST_ASSERT(mbedtls_rsa_set_padding(&ctx, MBEDTLS_RSA_PKCS_V21, hash) == 0); + TEST_ASSERT(mbedtls_rsa_get_padding_mode(&ctx) == MBEDTLS_RSA_PKCS_V21); + TEST_ASSERT(mbedtls_rsa_get_md_alg(&ctx) == hash); + TEST_ASSERT(mbedtls_mpi_read_binary(&N, input_N->x, input_N->len) == 0); TEST_ASSERT(mbedtls_mpi_read_binary(&E, input_E->x, input_E->len) == 0); @@ -220,6 +232,9 @@ void pkcs1_rsassa_pss_verify_ext(int mod, data_t *input_N, data_t *input_E, TEST_ASSERT(mbedtls_rsa_set_padding(&ctx, MBEDTLS_RSA_PKCS_V21, ctx_hash) == 0); + TEST_ASSERT(mbedtls_rsa_get_padding_mode(&ctx) == MBEDTLS_RSA_PKCS_V21); + TEST_ASSERT(mbedtls_rsa_get_md_alg(&ctx) == ctx_hash); + TEST_ASSERT(mbedtls_mpi_read_binary(&N, input_N->x, input_N->len) == 0); TEST_ASSERT(mbedtls_mpi_read_binary(&E, input_E->x, input_E->len) == 0); diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index 73eb5b257..a2fe6c8ac 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -21,9 +21,6 @@ void rsa_invalid_param() mbedtls_rsa_init(&ctx); - TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V15); - TEST_EQUAL(mbedtls_rsa_get_md_alg(&ctx), MBEDTLS_MD_NONE); - TEST_EQUAL(mbedtls_rsa_set_padding(&ctx, invalid_padding, MBEDTLS_MD_NONE), From e05a21f0849a40c2997c7712d93e6ae1f152e146 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Fri, 17 Mar 2023 20:09:17 +0800 Subject: [PATCH 10/12] rsa: add a test to check default padding mode and hash_id Signed-off-by: Yanray Wang --- tests/suites/test_suite_pkcs1_v15.function | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/suites/test_suite_pkcs1_v15.function b/tests/suites/test_suite_pkcs1_v15.function index 91dcda3ae..03b31c22d 100644 --- a/tests/suites/test_suite_pkcs1_v15.function +++ b/tests/suites/test_suite_pkcs1_v15.function @@ -28,6 +28,10 @@ void pkcs1_rsaes_v15_encrypt(int mod, char *input_N, mbedtls_mpi_init(&N); mbedtls_mpi_init(&E); mbedtls_rsa_init(&ctx); + + TEST_ASSERT(mbedtls_rsa_get_padding_mode(&ctx) == MBEDTLS_RSA_PKCS_V15); + TEST_ASSERT(mbedtls_rsa_get_md_alg(&ctx) == MBEDTLS_MD_NONE); + TEST_ASSERT(mbedtls_rsa_set_padding(&ctx, MBEDTLS_RSA_PKCS_V15, hash) == 0); memset(output, 0x00, sizeof(output)); From 69bc8403eb9678ade6db404bfa7510707f9f4a60 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Fri, 17 Mar 2023 20:33:03 +0800 Subject: [PATCH 11/12] rsa_tests: use TEST_EQUAL instead of TEST_ASSERT Signed-off-by: Yanray Wang --- tests/suites/test_suite_pkcs1_v15.function | 20 ++++++++++---------- tests/suites/test_suite_pkcs1_v21.function | 20 ++++++++++---------- 2 files changed, 20 insertions(+), 20 deletions(-) diff --git a/tests/suites/test_suite_pkcs1_v15.function b/tests/suites/test_suite_pkcs1_v15.function index 03b31c22d..09daeb635 100644 --- a/tests/suites/test_suite_pkcs1_v15.function +++ b/tests/suites/test_suite_pkcs1_v15.function @@ -29,15 +29,15 @@ void pkcs1_rsaes_v15_encrypt(int mod, char *input_N, mbedtls_mpi_init(&N); mbedtls_mpi_init(&E); mbedtls_rsa_init(&ctx); - TEST_ASSERT(mbedtls_rsa_get_padding_mode(&ctx) == MBEDTLS_RSA_PKCS_V15); - TEST_ASSERT(mbedtls_rsa_get_md_alg(&ctx) == MBEDTLS_MD_NONE); + TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V15); + TEST_EQUAL(mbedtls_rsa_get_md_alg(&ctx), MBEDTLS_MD_NONE); TEST_ASSERT(mbedtls_rsa_set_padding(&ctx, MBEDTLS_RSA_PKCS_V15, hash) == 0); memset(output, 0x00, sizeof(output)); - TEST_ASSERT(mbedtls_rsa_get_padding_mode(&ctx) == MBEDTLS_RSA_PKCS_V15); - TEST_ASSERT(mbedtls_rsa_get_md_alg(&ctx) == hash); + TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V15); + TEST_EQUAL(mbedtls_rsa_get_md_alg(&ctx), hash); TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); @@ -84,8 +84,8 @@ void pkcs1_rsaes_v15_decrypt(int mod, char *input_P, char *input_Q, TEST_ASSERT(mbedtls_rsa_set_padding(&ctx, MBEDTLS_RSA_PKCS_V15, hash) == 0); - TEST_ASSERT(mbedtls_rsa_get_padding_mode(&ctx) == MBEDTLS_RSA_PKCS_V15); - TEST_ASSERT(mbedtls_rsa_get_md_alg(&ctx) == hash); + TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V15); + TEST_EQUAL(mbedtls_rsa_get_md_alg(&ctx), hash); memset(output, 0x00, sizeof(output)); memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info)); @@ -291,8 +291,8 @@ void pkcs1_rsassa_v15_sign(int mod, char *input_P, memset(output, 0x00, sizeof(output)); - TEST_ASSERT(mbedtls_rsa_get_padding_mode(&ctx) == MBEDTLS_RSA_PKCS_V15); - TEST_ASSERT(mbedtls_rsa_get_md_alg(&ctx) == hash); + TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V15); + TEST_EQUAL(mbedtls_rsa_get_md_alg(&ctx), hash); TEST_ASSERT(mbedtls_test_read_mpi(&P, input_P) == 0); TEST_ASSERT(mbedtls_test_read_mpi(&Q, input_Q) == 0); @@ -335,8 +335,8 @@ void pkcs1_rsassa_v15_verify(int mod, char *input_N, char *input_E, TEST_ASSERT(mbedtls_rsa_set_padding(&ctx, MBEDTLS_RSA_PKCS_V15, hash) == 0); - TEST_ASSERT(mbedtls_rsa_get_padding_mode(&ctx) == MBEDTLS_RSA_PKCS_V15); - TEST_ASSERT(mbedtls_rsa_get_md_alg(&ctx) == hash); + TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V15); + TEST_EQUAL(mbedtls_rsa_get_md_alg(&ctx), hash); TEST_ASSERT(mbedtls_test_read_mpi(&N, input_N) == 0); TEST_ASSERT(mbedtls_test_read_mpi(&E, input_E) == 0); diff --git a/tests/suites/test_suite_pkcs1_v21.function b/tests/suites/test_suite_pkcs1_v21.function index b0a26620f..75dbc357c 100644 --- a/tests/suites/test_suite_pkcs1_v21.function +++ b/tests/suites/test_suite_pkcs1_v21.function @@ -29,8 +29,8 @@ void pkcs1_rsaes_oaep_encrypt(int mod, data_t *input_N, data_t *input_E, MBEDTLS_RSA_PKCS_V21, hash) == 0); memset(output, 0x00, sizeof(output)); - TEST_ASSERT(mbedtls_rsa_get_padding_mode(&ctx) == MBEDTLS_RSA_PKCS_V21); - TEST_ASSERT(mbedtls_rsa_get_md_alg(&ctx) == hash); + TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V21); + TEST_EQUAL(mbedtls_rsa_get_md_alg(&ctx), hash); TEST_ASSERT(mbedtls_mpi_read_binary(&N, input_N->x, input_N->len) == 0); TEST_ASSERT(mbedtls_mpi_read_binary(&E, input_E->x, input_E->len) == 0); @@ -76,8 +76,8 @@ void pkcs1_rsaes_oaep_decrypt(int mod, data_t *input_P, data_t *input_Q, TEST_ASSERT(mbedtls_rsa_set_padding(&ctx, MBEDTLS_RSA_PKCS_V21, hash) == 0); - TEST_ASSERT(mbedtls_rsa_get_padding_mode(&ctx) == MBEDTLS_RSA_PKCS_V21); - TEST_ASSERT(mbedtls_rsa_get_md_alg(&ctx) == hash); + TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V21); + TEST_EQUAL(mbedtls_rsa_get_md_alg(&ctx), hash); memset(output, 0x00, sizeof(output)); memset(&rnd_info, 0, sizeof(mbedtls_test_rnd_pseudo_info)); @@ -140,8 +140,8 @@ void pkcs1_rsassa_pss_sign(int mod, data_t *input_P, data_t *input_Q, TEST_ASSERT(mbedtls_rsa_set_padding(&ctx, MBEDTLS_RSA_PKCS_V21, hash) == 0); - TEST_ASSERT(mbedtls_rsa_get_padding_mode(&ctx) == MBEDTLS_RSA_PKCS_V21); - TEST_ASSERT(mbedtls_rsa_get_md_alg(&ctx) == hash); + TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V21); + TEST_EQUAL(mbedtls_rsa_get_md_alg(&ctx), hash); memset(output, 0x00, sizeof(output)); @@ -196,8 +196,8 @@ void pkcs1_rsassa_pss_verify(int mod, data_t *input_N, data_t *input_E, TEST_ASSERT(mbedtls_rsa_set_padding(&ctx, MBEDTLS_RSA_PKCS_V21, hash) == 0); - TEST_ASSERT(mbedtls_rsa_get_padding_mode(&ctx) == MBEDTLS_RSA_PKCS_V21); - TEST_ASSERT(mbedtls_rsa_get_md_alg(&ctx) == hash); + TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V21); + TEST_EQUAL(mbedtls_rsa_get_md_alg(&ctx), hash); TEST_ASSERT(mbedtls_mpi_read_binary(&N, input_N->x, input_N->len) == 0); TEST_ASSERT(mbedtls_mpi_read_binary(&E, input_E->x, input_E->len) == 0); @@ -232,8 +232,8 @@ void pkcs1_rsassa_pss_verify_ext(int mod, data_t *input_N, data_t *input_E, TEST_ASSERT(mbedtls_rsa_set_padding(&ctx, MBEDTLS_RSA_PKCS_V21, ctx_hash) == 0); - TEST_ASSERT(mbedtls_rsa_get_padding_mode(&ctx) == MBEDTLS_RSA_PKCS_V21); - TEST_ASSERT(mbedtls_rsa_get_md_alg(&ctx) == ctx_hash); + TEST_EQUAL(mbedtls_rsa_get_padding_mode(&ctx), MBEDTLS_RSA_PKCS_V21); + TEST_EQUAL(mbedtls_rsa_get_md_alg(&ctx), ctx_hash); TEST_ASSERT(mbedtls_mpi_read_binary(&N, input_N->x, input_N->len) == 0); TEST_ASSERT(mbedtls_mpi_read_binary(&E, input_E->x, input_E->len) == 0); From b46ccf235c2d0977b703e157561a060f817cf92a Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Mon, 20 Mar 2023 12:40:12 +0800 Subject: [PATCH 12/12] fix line length of ChangeLog Signed-off-by: Yanray Wang --- ChangeLog.d/rsa-padding-accessor.txt | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ChangeLog.d/rsa-padding-accessor.txt b/ChangeLog.d/rsa-padding-accessor.txt index da793f881..ad1468674 100644 --- a/ChangeLog.d/rsa-padding-accessor.txt +++ b/ChangeLog.d/rsa-padding-accessor.txt @@ -1,4 +1,4 @@ Features - * Add functions mbedtls_rsa_get_padding_mode() and mbedtls_rsa_get_md_alg() to read - non-public fields for padding mode and hash id from an mbedtls_rsa_context, as - requested in #6917. + * Add functions mbedtls_rsa_get_padding_mode() and mbedtls_rsa_get_md_alg() + to read non-public fields for padding mode and hash id from + an mbedtls_rsa_context, as requested in #6917.