diff options
| author | Gilles Peskine <Gilles.Peskine@arm.com> | 2024-04-24 16:23:06 +0200 |
|---|---|---|
| committer | Gilles Peskine <Gilles.Peskine@arm.com> | 2024-04-24 16:28:00 +0200 |
| commit | cbb4507b44fe5da30658c9694567b91bd3e305b1 (patch) | |
| tree | fafee84b6ddc147fa88b0daa09c056c87dbeaaf6 /tests/suites | |
| parent | 9c3ebe30b85cfa4558d769e7ff36e716334bb127 (diff) | |
| download | mbedtls-cbb4507b44fe5da30658c9694567b91bd3e305b1.zip mbedtls-cbb4507b44fe5da30658c9694567b91bd3e305b1.tar.gz mbedtls-cbb4507b44fe5da30658c9694567b91bd3e305b1.tar.bz2 | |
Use large enough keys when testing parsing of non-word-aligned RSA sizes
When PSA is available, we exercise the parsed RSA key with PKCS#1v1.5
signature, which requires the modulus size in bytes to be at least
tLen + 11 (per RFC 8017 ยง9.2) where tLen = hLen + oidLen + 6 and
hLen = 32, oidLen = 9 for SHA-512 or SHA3-512. 10 is the DER overhead
(3 ASN.1 type-length headers with lengths <128). Replace 512-bit test
cases (good enough for SHA-256 but not SHA-384 and up) by 768-bit and
up (good enough for SHA-512).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Diffstat (limited to 'tests/suites')
| -rw-r--r-- | tests/suites/test_suite_pkparse.data | 26 |
1 files changed, 14 insertions, 12 deletions
diff --git a/tests/suites/test_suite_pkparse.data b/tests/suites/test_suite_pkparse.data index bec6f4b..d170e1e 100644 --- a/tests/suites/test_suite_pkparse.data +++ b/tests/suites/test_suite_pkparse.data @@ -914,21 +914,23 @@ Parse RSA Key #99.8 (PKCS#8 encrypted v2 PBKDF2 AES-256-CBC hmacWithSHA384 DER, depends_on:MBEDTLS_AES_C:MBEDTLS_MD_CAN_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_aes256cbc_sha384.der":"PolarSSLTest":0 -Parse RSA Key #100.1 (512-bit) -depends_on:MBEDTLS_PEM_PARSE_C -pk_parse_keyfile_rsa:"data_files/rsa512.key":"":0 +# Test keys with non-word-aligned sizes. +# We use sizes that are large enough to exercise PKCS#1 v1.5 signature with +# the largest supported hashes (SHA-512 and SHA3-512.) +Parse RSA Key #100 (768-bit) +pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_768_clear.der":"":0 -Parse RSA Key #100.1 (521-bit) -depends_on:MBEDTLS_PEM_PARSE_C -pk_parse_keyfile_rsa:"data_files/rsa521.key":"":0 +Parse RSA Key #100 (769-bit) +pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_769_clear.der":"":0 -Parse RSA Key #100.1 (522-bit) -depends_on:MBEDTLS_PEM_PARSE_C -pk_parse_keyfile_rsa:"data_files/rsa522.key":"":0 +Parse RSA Key #100 (770-bit) +pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_770_clear.der":"":0 -Parse RSA Key #100.1 (528-bit) -depends_on:MBEDTLS_PEM_PARSE_C -pk_parse_keyfile_rsa:"data_files/rsa528.key":"":0 +Parse RSA Key #100 (776-bit) +pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_776_clear.der":"":0 + +Parse RSA Key #100 (784-bit) +pk_parse_keyfile_rsa:"data_files/rsa_pkcs1_784_clear.der":"":0 Parse Public RSA Key #1 (PKCS#8 wrapped) depends_on:MBEDTLS_PEM_PARSE_C |