Change a generate_key test to exercise with PSS

This required tweaking exercise_signature_key to use a payload size for the signature based on the algorithm, since our implementation of PSS requires that the input size matches the hash size. This would also be the case for PKCS#1 v1.5 with a specified hash.
2018-06-30 00:20:25 +02:00 · 2018-06-30 00:20:25 +02:00 · f969b3ac74
commit f969b3ac74
parent 54622aec80
2 changed files with 13 additions and 7 deletions
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@ -870,13 +870,13 @@ PSA generate key: invalid key size: AES, 64 bits
 depends_on:MBEDTLS_AES_C
 generate_key:PSA_KEY_TYPE_AES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT

-PSA generate key: RSA, 512 bits, good, sign
-depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME
+PSA generate key: RSA, 512 bits, good, sign (PKCS#1 v1.5)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15
 generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS

-PSA generate key: RSA, 1024 bits, good, sign
-depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME
-generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS
+PSA generate key: RSA, 1024 bits, good, sign (PSS SHA-256)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_SUCCESS

 PSA generate key: RSA, 512 bits, good, encrypt
 depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@ -285,13 +285,19 @@ static int exercise_signature_key( psa_key_slot_t key,
                                   psa_key_usage_t usage,
                                   psa_algorithm_t alg )
 {
-    unsigned char payload[16] = {1};
-    size_t payload_length = sizeof( payload );
+    unsigned char payload[PSA_HASH_MAX_SIZE] = {1};
+    size_t payload_length = 16;
    unsigned char signature[PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE] = {0};
    size_t signature_length = sizeof( signature );

    if( usage & PSA_KEY_USAGE_SIGN )
    {
+        /* Some algorithms require the payload to have the size of
+         * the hash encoded in the algorithm. Use this input size
+         * even for algorithms that allow other input sizes. */
+        psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg );
+        if( hash_alg != 0 )
+            payload_length = PSA_HASH_SIZE( hash_alg );
        TEST_ASSERT( psa_asymmetric_sign( key, alg,
                                          payload, payload_length,
                                          signature, sizeof( signature ),