diff options
author | nagendra modadugu <ngm@google.com> | 2016-05-31 17:09:40 -0700 |
---|---|---|
committer | chrome-bot <chrome-bot@chromium.org> | 2016-06-01 15:50:49 -0700 |
commit | 1242805ba54daba82cfe79b732ac82c530e4fd57 (patch) | |
tree | a8e0cd1bd171de31454ce717f16bfdc0ca543183 | |
parent | c3463c7f5d4a80bc8992b6a1f695e49739fbd012 (diff) | |
download | chrome-ec-1242805ba54daba82cfe79b732ac82c530e4fd57.tar.gz |
CR50: add tests for 1024-bit RSA.
Add tests for RSA-1024, and created partner CRBUG/53893
to track issue discovered with 1024-bit modinv.
1024-bit RSA support being added in preparation
for a forthcoming hardware based implementation.
BRANCH=none
BUG=chrome-os-partner:43025,chrome-os-partner:47524,chrome-os-partner:53893
TEST=all tests in test/tpm_test/tpmtest.py pass
Change-Id: I6b5aaeffc9df1cbbe403535fd21cdd377b42c38e
Signed-off-by: nagendra modadugu <ngm@google.com>
Reviewed-on: https://chromium-review.googlesource.com/348490
Commit-Ready: Nagendra Modadugu <ngm@google.com>
Tested-by: Nagendra Modadugu <ngm@google.com>
Reviewed-by: Nagendra Modadugu <ngm@google.com>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>
-rw-r--r-- | board/cr50/tpm2/rsa.c | 87 | ||||
-rw-r--r-- | test/tpm_test/rsa_test.py | 22 |
2 files changed, 96 insertions, 13 deletions
diff --git a/board/cr50/tpm2/rsa.c b/board/cr50/tpm2/rsa.c index d4bb863319..9fe4f850d7 100644 --- a/board/cr50/tpm2/rsa.c +++ b/board/cr50/tpm2/rsa.c @@ -426,6 +426,78 @@ static const TPM2B_PUBLIC_KEY_RSA RSA_768_Q = { } }; +static const TPM2B_PUBLIC_KEY_RSA RSA_1024_N = { + .t = {128, { + 0xdf, 0x4e, 0xaf, 0x73, 0x45, 0x94, 0x98, 0x34, + 0x30, 0x7e, 0x26, 0xad, 0x40, 0x83, 0xf9, 0x17, + 0x21, 0xb0, 0x4e, 0x1b, 0x0d, 0x6a, 0x44, 0xce, + 0x4e, 0x3e, 0x2e, 0x72, 0x4c, 0x97, 0xdf, 0x89, + 0x8a, 0x39, 0x10, 0x25, 0xae, 0x20, 0x4c, 0xf2, + 0x3b, 0x20, 0xb2, 0xa5, 0x10, 0xdd, 0xb2, 0x6b, + 0x62, 0x4e, 0xa6, 0x9f, 0x92, 0x4a, 0xd9, 0x86, + 0x97, 0xcc, 0x70, 0x20, 0x3b, 0x6a, 0x32, 0x63, + 0xca, 0x7f, 0x59, 0xfb, 0x57, 0xb6, 0xa9, 0x99, + 0xe9, 0xd0, 0x2e, 0x0f, 0x1c, 0xd4, 0x7d, 0x8b, + 0xa0, 0xbd, 0x0f, 0xd2, 0xd5, 0x3b, 0x1f, 0x11, + 0xb4, 0x6a, 0x94, 0xcf, 0x4f, 0x0a, 0x2b, 0x44, + 0xe7, 0xfa, 0x6b, 0x24, 0x91, 0xb4, 0x82, 0x1f, + 0xf6, 0x75, 0xb6, 0x91, 0xc5, 0xa0, 0xf6, 0x2f, + 0xd5, 0xff, 0x10, 0x73, 0x9b, 0x34, 0xf6, 0x7a, + 0x88, 0x23, 0xa9, 0x42, 0x3c, 0xa8, 0x24, 0x91 + } + } +}; + +static const TPM2B_PUBLIC_KEY_RSA RSA_1024_D = { + .t = {128, { + 0x9a, 0x6d, 0x85, 0xf4, 0x07, 0xa8, 0x6d, 0x61, + 0x9a, 0x2f, 0x83, 0x7b, 0xc8, 0xe3, 0xfb, 0x7c, + 0xbd, 0xb5, 0x79, 0x2e, 0x48, 0x26, 0xb7, 0x92, + 0x9c, 0x95, 0x6f, 0xf5, 0x67, 0x76, 0x98, 0x06, + 0x3b, 0xea, 0x9e, 0x7a, 0x10, 0x63, 0x12, 0x13, + 0x6a, 0x44, 0x80, 0x86, 0x9a, 0x95, 0x56, 0x6f, + 0xe0, 0xba, 0x57, 0x8c, 0x7e, 0xd4, 0xf8, 0x7d, + 0x95, 0xb8, 0xb1, 0xc9, 0xf8, 0x8c, 0xc6, 0x6e, + 0xe5, 0x7b, 0xa0, 0xaf, 0xa0, 0x4e, 0x4e, 0x84, + 0xd7, 0x97, 0xb9, 0x5a, 0xdd, 0x32, 0xe5, 0x2b, + 0xe5, 0x80, 0xb3, 0xb2, 0xbf, 0x56, 0xff, 0x01, + 0xdc, 0xe6, 0xa6, 0x6c, 0x4a, 0x81, 0x1d, 0x8f, + 0xea, 0x4b, 0xed, 0x24, 0x08, 0xf4, 0x67, 0xaf, + 0x0d, 0xf2, 0xfd, 0x37, 0x3f, 0x31, 0x25, 0xfa, + 0xee, 0x35, 0xb0, 0xdb, 0x66, 0x11, 0xff, 0x49, + 0xe1, 0xe5, 0xff, 0x1b, 0xcc, 0xc3, 0x0e, 0x09 + } + } +}; + +static const TPM2B_PUBLIC_KEY_RSA RSA_1024_P = { + .t = {64, { + 0xf9, 0x5e, 0x79, 0x65, 0x43, 0x70, 0x40, 0x83, + 0x50, 0x0a, 0xbb, 0x61, 0xb3, 0x87, 0x7b, 0x24, + 0x8f, 0x2a, 0x03, 0x5b, 0xb5, 0x4b, 0x94, 0x94, + 0x67, 0xaa, 0x98, 0xd6, 0x14, 0x40, 0x90, 0x3c, + 0xa4, 0x0d, 0x6d, 0x58, 0x31, 0xc5, 0x42, 0xf1, + 0x2d, 0x15, 0x0e, 0xe7, 0xcd, 0xe6, 0x3e, 0xca, + 0xd8, 0x94, 0x37, 0xaa, 0x4c, 0xd6, 0xf3, 0x21, + 0x2e, 0xa4, 0xfe, 0x1d, 0x79, 0x44, 0xd7, 0xb3 + } + } +}; + +static const TPM2B_PUBLIC_KEY_RSA RSA_1024_Q = { + .t = {64, { + 0xe5, 0x3e, 0xcd, 0x4b, 0x97, 0xc5, 0x96, 0x39, + 0x70, 0x97, 0x3a, 0x10, 0xa9, 0xc3, 0x35, 0x0a, + 0xd6, 0x2b, 0xf5, 0x12, 0x8d, 0xb2, 0xc0, 0x0b, + 0x1c, 0x5f, 0xa0, 0x0b, 0x86, 0x83, 0xa7, 0x90, + 0xe9, 0xf8, 0x16, 0x92, 0x9f, 0xce, 0x13, 0x4c, + 0x14, 0xe8, 0x9e, 0x4c, 0x24, 0xef, 0xff, 0x58, + 0x22, 0x06, 0xf9, 0xcf, 0xfd, 0x19, 0xb7, 0x23, + 0xf9, 0xe3, 0xb3, 0xe3, 0x7a, 0x9b, 0xb0, 0xab + } + } +}; + static const TPM2B_PUBLIC_KEY_RSA RSA_2048_N = { .t = {256, { 0x9c, 0xd7, 0x61, 0x2e, 0x43, 0x8e, 0x15, 0xbe, @@ -547,13 +619,6 @@ static const TPM2B_PUBLIC_KEY_RSA RSA_2048_Q = { }; -static const RSA_KEY RSA_768 = { - 65537, (TPM2B *) &RSA_768_N.b, (TPM2B *) &RSA_768_D.b -}; -static const RSA_KEY RSA_2048 = { - 65537, (TPM2B *) &RSA_2048_N.b, (TPM2B *) &RSA_2048_D.b -}; - #define MAX_MSG_BYTES RSA_MAX_BYTES #define MAX_LABEL_LEN 32 @@ -641,6 +706,14 @@ static void rsa_command_handler(void *cmd_body, rsa_n.b.size = RSA_768_N.b.size; rsa_d.b.size = RSA_768_D.b.size; break; + case 1024: + N = RSA_1024_N; + d = RSA_1024_D; + p = RSA_1024_P; + q = RSA_1024_Q; + rsa_n.b.size = RSA_1024_N.b.size; + rsa_d.b.size = RSA_1024_D.b.size; + break; case 2048: N = RSA_2048_N; d = RSA_2048_D; diff --git a/test/tpm_test/rsa_test.py b/test/tpm_test/rsa_test.py index d746fba47c..8fea03c449 100644 --- a/test/tpm_test/rsa_test.py +++ b/test/tpm_test/rsa_test.py @@ -563,6 +563,7 @@ def _prime_from_seed(seed): _ENCRYPT_INPUTS = ( ('OAEP', 'SHA1', 768), ('OAEP', 'SHA256', 768), + ('OAEP', 'SHA256', 1024), ('PKCS1-ES', 'NONE', 768), ('PKCS1-ES', 'NONE', 2048), ('NULL', 'NONE', 768), @@ -572,27 +573,36 @@ _ENCRYPT_INPUTS = ( _SIGN_INPUTS = ( ('PKCS1-SSA', 'SHA1', 768), ('PKCS1-SSA', 'SHA256', 768), + ('PKCS1-SSA', 'SHA256', 1024), ('PKCS1-PSS', 'SHA1', 768), ('PKCS1-PSS', 'SHA256', 768), + ('PKCS1-PSS', 'SHA256', 2048), ) _KEYTEST_INPUTS = ( (768,), +# TODO(ngm): 1024-bit modinv is broken, see partner CRBUG/53893. +# (1024,), (2048,), ) _KEYGEN_INPUTS = ( - (768, 65537, "rsa_test"), (768, 65537, ''), + (1024, 65537, 'rsa_test'), + (2048, 65537, 'rsa_test'), + (2048, 65537, ''), ) - +# 2048-bit will be done in hardware (i.e. fast), rest are in software. +# Sizes below correspond to RSA key size. _PRIMEGEN_INPUTS = ( 768, - 768, - 768, - 768, - 768 + 1024, + 2048, + 2048, + 2048, + 2048, + 2048 ) def _encrypt_tests(tpm): |