From 46fcf474ffd6ae7c373c17ad1c3c3853521fdf6c Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Mon, 19 May 2014 23:22:49 +0300 Subject: [PATCH] tests: Add CAVP test vectors for RSA/PKCS #1 v1.5 signature validation This allow the PKCS #1 and RSA implementation to be validated against the test vectors from http://csrc.nist.gov/groups/STM/cavp/documents/dss/186-2rsatestvectors.zip and http://csrc.nist.gov/groups/STM/cavp/documents/dss/SigVer15EMTest.txt. Signed-off-by: Jouni Malinen --- tests/Makefile | 5 ++ tests/test-rsa-sig-ver.c | 189 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 194 insertions(+) create mode 100644 tests/test-rsa-sig-ver.c diff --git a/tests/Makefile b/tests/Makefile index c395b7720..33fec20d1 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -1,6 +1,7 @@ TESTS=test-base64 test-md4 test-md5 test-milenage test-ms_funcs \ test-bitfield \ test-printf \ + test-rsa-sig-ver \ test-sha1 \ test-sha256 test-aes test-asn1 test-x509 test-x509v3 test-list test-rc4 @@ -78,6 +79,9 @@ test-printf: test-printf.o $(LIBS) test-rc4: test-rc4.o $(LIBS) $(LDO) $(LDFLAGS) -o $@ $^ $(LLIBS) +test-rsa-sig-ver: test-rsa-sig-ver.o $(LIBS) + $(LDO) $(LDFLAGS) -o $@ $< $(LLIBS) + test-sha1: test-sha1.o $(LIBS) $(LDO) $(LDFLAGS) -o $@ $^ $(LLIBS) @@ -99,6 +103,7 @@ run-tests: $(TESTS) ./test-md5 ./test-milenage ./test-printf + ./test-rsa-sig-ver ./test-sha1 ./test-sha256 @echo diff --git a/tests/test-rsa-sig-ver.c b/tests/test-rsa-sig-ver.c new file mode 100644 index 000000000..13a8d48b6 --- /dev/null +++ b/tests/test-rsa-sig-ver.c @@ -0,0 +1,189 @@ +/* + * Testing tool for RSA PKCS #1 v1.5 signature verification + * Copyright (c) 2014, Jouni Malinen + * + * This software may be distributed under the terms of the BSD license. + * See README for more details. + */ + +#include "utils/includes.h" + +#include "utils/common.h" +#include "crypto/crypto.h" +#include "tls/rsa.h" +#include "tls/asn1.h" +#include "tls/pkcs1.h" + + +static int cavp_rsa_sig_ver(const char *fname) +{ + FILE *f; + int ret = 0; + char buf[15000], *pos, *pos2; + u8 msg[200], n[512], s[512], em[512], e[512]; + size_t msg_len = 0, n_len = 0, s_len = 0, em_len, e_len = 0; + size_t tmp_len; + char sha_alg[20]; + int ok = 0; + + printf("CAVP RSA SigVer test vectors from %s\n", fname); + + f = fopen(fname, "r"); + if (f == NULL) { + printf("%s does not exist - cannot validate CAVP RSA SigVer test vectors\n", + fname); + return 0; + } + + while (fgets(buf, sizeof(buf), f)) { + pos = os_strchr(buf, '='); + if (pos == NULL) + continue; + pos2 = pos - 1; + while (pos2 >= buf && *pos2 == ' ') + *pos2-- = '\0'; + *pos++ = '\0'; + while (*pos == ' ') + *pos++ = '\0'; + pos2 = os_strchr(pos, '\r'); + if (!pos2) + pos2 = os_strchr(pos, '\n'); + if (pos2) + *pos2 = '\0'; + else + pos2 = pos + os_strlen(pos); + + if (os_strcmp(buf, "SHAAlg") == 0) { + os_strlcpy(sha_alg, pos, sizeof(sha_alg)); + } else if (os_strcmp(buf, "Msg") == 0) { + tmp_len = os_strlen(pos); + if (tmp_len > sizeof(msg) * 2) { + printf("Too long Msg\n"); + return -1; + } + msg_len = tmp_len / 2; + if (hexstr2bin(pos, msg, msg_len) < 0) { + printf("Invalid hex string '%s'\n", pos); + ret++; + break; + } + } else if (os_strcmp(buf, "n") == 0) { + tmp_len = os_strlen(pos); + if (tmp_len > sizeof(n) * 2) { + printf("Too long n\n"); + return -1; + } + n_len = tmp_len / 2; + if (hexstr2bin(pos, n, n_len) < 0) { + printf("Invalid hex string '%s'\n", pos); + ret++; + break; + } + } else if (os_strcmp(buf, "e") == 0) { + tmp_len = os_strlen(pos); + if (tmp_len > sizeof(e) * 2) { + printf("Too long e\n"); + return -1; + } + e_len = tmp_len / 2; + if (hexstr2bin(pos, e, e_len) < 0) { + printf("Invalid hex string '%s'\n", pos); + ret++; + break; + } + } else if (os_strcmp(buf, "S") == 0) { + tmp_len = os_strlen(pos); + if (tmp_len > sizeof(s) * 2) { + printf("Too long S\n"); + return -1; + } + s_len = tmp_len / 2; + if (hexstr2bin(pos, s, s_len) < 0) { + printf("Invalid hex string '%s'\n", pos); + ret++; + break; + } + } else if (os_strncmp(buf, "EM", 2) == 0) { + tmp_len = os_strlen(pos); + if (tmp_len > sizeof(em) * 2) + return -1; + em_len = tmp_len / 2; + if (hexstr2bin(pos, em, em_len) < 0) { + printf("Invalid hex string '%s'\n", pos); + ret++; + break; + } + } else if (os_strcmp(buf, "Result") == 0) { + const u8 *addr[1]; + size_t len[1]; + struct crypto_public_key *pk; + int res; + u8 hash[32]; + size_t hash_len; + const struct asn1_oid *alg; + + addr[0] = msg; + len[0] = msg_len; + if (os_strcmp(sha_alg, "SHA1") == 0) { + if (sha1_vector(1, addr, len, hash) < 0) + return -1; + hash_len = 20; + alg = &asn1_sha1_oid; + } else if (os_strcmp(sha_alg, "SHA256") == 0) { + if (sha256_vector(1, addr, len, hash) < 0) + return -1; + hash_len = 32; + alg = &asn1_sha256_oid; + } else { + continue; + } + + printf("\nExpected result: %s\n", pos); + wpa_hexdump(MSG_INFO, "Hash(Msg)", hash, hash_len); + + pk = crypto_public_key_import_parts(n, n_len, + e, e_len); + if (pk == NULL) { + printf("Failed to import public key\n"); + ret++; + continue; + } + + res = pkcs1_v15_sig_ver(pk, s, s_len, alg, + hash, hash_len); + crypto_public_key_free(pk); + if ((*pos == 'F' && !res) || (*pos != 'F' && res)) { + printf("FAIL\n"); + ret++; + continue; + } + + printf("PASS\n"); + ok++; + } + } + + fclose(f); + + if (ret) + printf("Test case failed\n"); + else + printf("%d test vectors OK\n", ok); + + return ret; +} + + +int main(int argc, char *argv[]) +{ + int ret = 0; + + wpa_debug_level = 0; + + if (cavp_rsa_sig_ver("CAVP/SigVer15_186-3.rsp")) + ret++; + if (cavp_rsa_sig_ver("CAVP/SigVer15EMTest.txt")) + ret++; + + return ret; +}