Change a generate_key test to exercise with PSS

This required tweaking exercise_signature_key to use a payload size
for the signature based on the algorithm, since our implementation of
PSS requires that the input size matches the hash size. This would
also be the case for PKCS#1 v1.5 with a specified hash.
This commit is contained in:
Gilles Peskine 2018-06-30 00:20:25 +02:00 committed by itayzafrir
parent 54622aec80
commit f969b3ac74
2 changed files with 13 additions and 7 deletions

View file

@ -870,13 +870,13 @@ PSA generate key: invalid key size: AES, 64 bits
depends_on:MBEDTLS_AES_C depends_on:MBEDTLS_AES_C
generate_key:PSA_KEY_TYPE_AES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT generate_key:PSA_KEY_TYPE_AES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
PSA generate key: RSA, 512 bits, good, sign PSA generate key: RSA, 512 bits, good, sign (PKCS#1 v1.5)
depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15
generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS
PSA generate key: RSA, 1024 bits, good, sign PSA generate key: RSA, 1024 bits, good, sign (PSS SHA-256)
depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_SUCCESS
PSA generate key: RSA, 512 bits, good, encrypt PSA generate key: RSA, 512 bits, good, encrypt
depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME

View file

@ -285,13 +285,19 @@ static int exercise_signature_key( psa_key_slot_t key,
psa_key_usage_t usage, psa_key_usage_t usage,
psa_algorithm_t alg ) psa_algorithm_t alg )
{ {
unsigned char payload[16] = {1}; unsigned char payload[PSA_HASH_MAX_SIZE] = {1};
size_t payload_length = sizeof( payload ); size_t payload_length = 16;
unsigned char signature[PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE] = {0}; unsigned char signature[PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE] = {0};
size_t signature_length = sizeof( signature ); size_t signature_length = sizeof( signature );
if( usage & PSA_KEY_USAGE_SIGN ) if( usage & PSA_KEY_USAGE_SIGN )
{ {
/* Some algorithms require the payload to have the size of
* the hash encoded in the algorithm. Use this input size
* even for algorithms that allow other input sizes. */
psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg );
if( hash_alg != 0 )
payload_length = PSA_HASH_SIZE( hash_alg );
TEST_ASSERT( psa_asymmetric_sign( key, alg, TEST_ASSERT( psa_asymmetric_sign( key, alg,
payload, payload_length, payload, payload_length,
signature, sizeof( signature ), signature, sizeof( signature ),