Change a generate_key test to exercise with PSS
This required tweaking exercise_signature_key to use a payload size for the signature based on the algorithm, since our implementation of PSS requires that the input size matches the hash size. This would also be the case for PKCS#1 v1.5 with a specified hash.
This commit is contained in:
parent
54622aec80
commit
f969b3ac74
2 changed files with 13 additions and 7 deletions
|
@ -870,13 +870,13 @@ PSA generate key: invalid key size: AES, 64 bits
|
||||||
depends_on:MBEDTLS_AES_C
|
depends_on:MBEDTLS_AES_C
|
||||||
generate_key:PSA_KEY_TYPE_AES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
|
generate_key:PSA_KEY_TYPE_AES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
|
||||||
|
|
||||||
PSA generate key: RSA, 512 bits, good, sign
|
PSA generate key: RSA, 512 bits, good, sign (PKCS#1 v1.5)
|
||||||
depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME
|
depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15
|
||||||
generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS
|
generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS
|
||||||
|
|
||||||
PSA generate key: RSA, 1024 bits, good, sign
|
PSA generate key: RSA, 1024 bits, good, sign (PSS SHA-256)
|
||||||
depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME
|
depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
|
||||||
generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS
|
generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_SUCCESS
|
||||||
|
|
||||||
PSA generate key: RSA, 512 bits, good, encrypt
|
PSA generate key: RSA, 512 bits, good, encrypt
|
||||||
depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME
|
depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME
|
||||||
|
|
|
@ -285,13 +285,19 @@ static int exercise_signature_key( psa_key_slot_t key,
|
||||||
psa_key_usage_t usage,
|
psa_key_usage_t usage,
|
||||||
psa_algorithm_t alg )
|
psa_algorithm_t alg )
|
||||||
{
|
{
|
||||||
unsigned char payload[16] = {1};
|
unsigned char payload[PSA_HASH_MAX_SIZE] = {1};
|
||||||
size_t payload_length = sizeof( payload );
|
size_t payload_length = 16;
|
||||||
unsigned char signature[PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE] = {0};
|
unsigned char signature[PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE] = {0};
|
||||||
size_t signature_length = sizeof( signature );
|
size_t signature_length = sizeof( signature );
|
||||||
|
|
||||||
if( usage & PSA_KEY_USAGE_SIGN )
|
if( usage & PSA_KEY_USAGE_SIGN )
|
||||||
{
|
{
|
||||||
|
/* Some algorithms require the payload to have the size of
|
||||||
|
* the hash encoded in the algorithm. Use this input size
|
||||||
|
* even for algorithms that allow other input sizes. */
|
||||||
|
psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg );
|
||||||
|
if( hash_alg != 0 )
|
||||||
|
payload_length = PSA_HASH_SIZE( hash_alg );
|
||||||
TEST_ASSERT( psa_asymmetric_sign( key, alg,
|
TEST_ASSERT( psa_asymmetric_sign( key, alg,
|
||||||
payload, payload_length,
|
payload, payload_length,
|
||||||
signature, sizeof( signature ),
|
signature, sizeof( signature ),
|
||||||
|
|
Loading…
Reference in a new issue