Unify PSA & non-PSA Verify ext RSA #5 test, and handle different return in pk_rsa_verify_ext_test_vec()

Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-04-15 12:00:16 +02:00 · 2022-04-15 12:00:16 +02:00 · 655725a624
commit 655725a624
parent eed1c6255d
2 changed files with 19 additions and 8 deletions
--- a/tests/suites/test_suite_pk.data
+++ b/tests/suites/test_suite_pk.data
@ -185,12 +185,8 @@ Verify ext RSA #4 (PKCS1 v2.1, salt_len = max, OK)
 depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
 pk_rsa_verify_ext_test_vec:"54657374206d657373616765":MBEDTLS_MD_SHA256:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256:94:128:0

-Verify ext RSA #5 using PSA (PKCS1 v2.1, wrong salt_len)
-depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C:MBEDTLS_USE_PSA_CRYPTO
-pk_rsa_verify_ext_test_vec:"54657374206d657373616765":MBEDTLS_MD_SHA256:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256:32:128:MBEDTLS_ERR_RSA_VERIFY_FAILED
-
 Verify ext RSA #5 (PKCS1 v2.1, wrong salt_len)
-depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C:!MBEDTLS_USE_PSA_CRYPTO
+depends_on:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
 pk_rsa_verify_ext_test_vec:"54657374206d657373616765":MBEDTLS_MD_SHA256:1024:16:"00dd118a9f99bab068ca2aea3b6a6d5997ed4ec954e40deecea07da01eaae80ec2bb1340db8a128e891324a5c5f5fad8f590d7c8cacbc5fe931dafda1223735279461abaa0572b761631b3a8afe7389b088b63993a0a25ee45d21858bab9931aedd4589a631b37fcf714089f856549f359326dd1e0e86dde52ed66b4a90bda4095":16:"010001":"0d2bdb0456a3d651d5bd48a4204493898f72cf1aaddd71387cc058bc3f4c235ea6be4010fd61b28e1fbb275462b53775c04be9022d38b6a2e0387dddba86a3f8554d2858044a59fddbd594753fc056fe33c8daddb85dc70d164690b1182209ff84824e0be10e35c379f2f378bf176a9f7cb94d95e44d90276a298c8810f741c9":MBEDTLS_PK_RSASSA_PSS:MBEDTLS_MD_SHA256:32:128:MBEDTLS_ERR_RSA_INVALID_PADDING

 Verify ext RSA #6 (PKCS1 v2.1, MGF1 alg != MSG hash alg)
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@ -487,6 +487,7 @@ void pk_rsa_verify_ext_test_vec( data_t * message_str, int digest,
    mbedtls_pk_rsassa_pss_options pss_opts;
    void *options;
    size_t hash_len;
+    int ret;

    USE_PSA_INIT( );
    mbedtls_pk_init( &pk );
@ -526,9 +527,23 @@ void pk_rsa_verify_ext_test_vec( data_t * message_str, int digest,
        pss_opts.expected_salt_len = salt_len;
    }

-    TEST_ASSERT( mbedtls_pk_verify_ext( pk_type, options, &pk,
-                                digest, hash_result, hash_len,
-                                result_str->x, sig_len ) == result );
+    ret = mbedtls_pk_verify_ext( pk_type, options, &pk,
+                                 digest, hash_result, hash_len,
+                                 result_str->x, sig_len );
+
+    /* Mbed TLS distinguishes "invalid padding" from "valid padding but
+     * the rest of the signature is invalid". This has little use in
+     * practice and PSA doesn't report this distinction.
+     * In this case, PSA returns PSA_ERROR_INVALID_SIGNATURE translated
+     * to MBEDTLS_ERR_RSA_VERIFY_FAILED
+     */
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if( result == MBEDTLS_ERR_RSA_INVALID_PADDING &&
+        ret == MBEDTLS_ERR_RSA_VERIFY_FAILED )
+        TEST_EQUAL( ret, MBEDTLS_ERR_RSA_VERIFY_FAILED);
+    else
+#endif
+    TEST_EQUAL( ret, result );

 exit:
    mbedtls_pk_free( &pk );