diff options
author | Martin Thomson <mt@lowentropy.net> | 2023-01-12 23:00:30 +0000 |
---|---|---|
committer | Martin Thomson <mt@lowentropy.net> | 2023-01-12 23:00:30 +0000 |
commit | 1273a14ef826e250ba8ae75f76fd5eeceac6e64e (patch) | |
tree | 2d5202cb29fbdd5b1361ec249951fec9e7aa62ac /gtests/pk11_gtest | |
parent | 7a3b0e83291c7ac797f77a358b1fb79bd0c9d131 (diff) | |
download | nss-hg-1273a14ef826e250ba8ae75f76fd5eeceac6e64e.tar.gz |
Bug 1747957 - RSA OAEP Wycheproof JSON, r=jschanck
Depends on D134922
Differential Revision: https://phabricator.services.mozilla.com/D134923
Diffstat (limited to 'gtests/pk11_gtest')
-rw-r--r-- | gtests/pk11_gtest/pk11_ecdsa_unittest.cc | 15 | ||||
-rw-r--r-- | gtests/pk11_gtest/pk11_rsaoaep_unittest.cc | 192 |
2 files changed, 138 insertions, 69 deletions
diff --git a/gtests/pk11_gtest/pk11_ecdsa_unittest.cc b/gtests/pk11_gtest/pk11_ecdsa_unittest.cc index 814c8a1a5..cf35958d9 100644 --- a/gtests/pk11_gtest/pk11_ecdsa_unittest.cc +++ b/gtests/pk11_gtest/pk11_ecdsa_unittest.cc @@ -227,20 +227,7 @@ class Pkcs11EcdsaWycheproofTest : public ::testing::Test { } else if (n == "keyDer") { public_key = r.ReadHex(); } else if (n == "sha") { - std::string s = r.ReadString(); - if (s == "SHA-1") { - hash_oid = SEC_OID_SHA1; - } else if (s == "SHA-224") { - hash_oid = SEC_OID_SHA224; - } else if (s == "SHA-256") { - hash_oid = SEC_OID_SHA256; - } else if (s == "SHA-384") { - hash_oid = SEC_OID_SHA384; - } else if (s == "SHA-512") { - hash_oid = SEC_OID_SHA512; - } else { - FAIL() << "unsupported hash"; - } + hash_oid = r.ReadHash(); } else if (n == "type") { ASSERT_EQ("EcdsaVerify", r.ReadString()); } else if (n == "tests") { diff --git a/gtests/pk11_gtest/pk11_rsaoaep_unittest.cc b/gtests/pk11_gtest/pk11_rsaoaep_unittest.cc index 82f3f9fb8..f00fc3d36 100644 --- a/gtests/pk11_gtest/pk11_rsaoaep_unittest.cc +++ b/gtests/pk11_gtest/pk11_rsaoaep_unittest.cc @@ -8,56 +8,50 @@ #include "cpputil.h" #include "cryptohi.h" +#include "json_reader.h" #include "gtest/gtest.h" #include "limits.h" #include "nss.h" #include "nss_scoped_ptrs.h" #include "pk11pub.h" - -#include "testvectors/rsa_oaep_2048_sha1_mgf1sha1-vectors.h" -#include "testvectors/rsa_oaep_2048_sha256_mgf1sha1-vectors.h" -#include "testvectors/rsa_oaep_2048_sha256_mgf1sha256-vectors.h" -#include "testvectors/rsa_oaep_2048_sha384_mgf1sha1-vectors.h" -#include "testvectors/rsa_oaep_2048_sha384_mgf1sha384-vectors.h" -#include "testvectors/rsa_oaep_2048_sha512_mgf1sha1-vectors.h" -#include "testvectors/rsa_oaep_2048_sha512_mgf1sha512-vectors.h" +#include "testvectors_base/test-structs.h" namespace nss_test { -class RsaOaepWycheproofTest - : public ::testing::TestWithParam<RsaOaepTestVectorStr> { - protected: - void TestDecrypt(const RsaOaepTestVectorStr vec) { - SECItem pkcs8_item = {siBuffer, toUcharPtr(vec.priv_key.data()), - static_cast<unsigned int>(vec.priv_key.size())}; - - ScopedPK11SlotInfo slot(PK11_GetInternalKeySlot()); - EXPECT_NE(nullptr, slot); +struct RsaOaepTestVector { + uint32_t id; + std::vector<uint8_t> msg; + std::vector<uint8_t> ct; + std::vector<uint8_t> label; + bool valid; +}; - SECKEYPrivateKey* key = nullptr; - SECStatus rv = PK11_ImportDERPrivateKeyInfoAndReturnKey( - slot.get(), &pkcs8_item, nullptr, nullptr, false, false, KU_ALL, &key, - nullptr); - ASSERT_EQ(SECSuccess, rv); - ASSERT_NE(nullptr, key); - ScopedSECKEYPrivateKey priv_key(key); +class RsaOaepWycheproofTest : public ::testing::Test { + protected: + void Run(const std::string& file) { + WycheproofHeader(file, "RSAES-OAEP", "rsaes_oaep_decrypt_schema.json", + [this](JsonReader& r) { RunGroup(r); }); + } + void TestDecrypt(ScopedSECKEYPrivateKey& priv_key, SECOidTag hash_oid, + CK_RSA_PKCS_MGF_TYPE mgf_hash, + const RsaOaepTestVector& vec) { // Set up the OAEP parameters. CK_RSA_PKCS_OAEP_PARAMS oaepParams; oaepParams.source = CKZ_DATA_SPECIFIED; oaepParams.pSourceData = const_cast<unsigned char*>(vec.label.data()); oaepParams.ulSourceDataLen = vec.label.size(); - oaepParams.mgf = vec.mgf_hash; - oaepParams.hashAlg = HashOidToHashMech(vec.hash_oid); + oaepParams.mgf = mgf_hash; + oaepParams.hashAlg = HashOidToHashMech(hash_oid); SECItem params_item = {siBuffer, toUcharPtr(reinterpret_cast<uint8_t*>(&oaepParams)), static_cast<unsigned int>(sizeof(oaepParams))}; // Decrypt. std::vector<uint8_t> decrypted(PR_MAX(1, vec.ct.size())); unsigned int decrypted_len = 0; - rv = PK11_PrivDecrypt(priv_key.get(), CKM_RSA_PKCS_OAEP, ¶ms_item, - decrypted.data(), &decrypted_len, decrypted.size(), - vec.ct.data(), vec.ct.size()); + SECStatus rv = PK11_PrivDecrypt( + priv_key.get(), CKM_RSA_PKCS_OAEP, ¶ms_item, decrypted.data(), + &decrypted_len, decrypted.size(), vec.ct.data(), vec.ct.size()); if (vec.valid) { EXPECT_EQ(SECSuccess, rv); @@ -69,6 +63,74 @@ class RsaOaepWycheproofTest }; private: + void RunGroup(JsonReader& r) { + std::vector<RsaOaepTestVector> tests; + ScopedSECKEYPrivateKey private_key; + CK_MECHANISM_TYPE mgf_hash = CKM_INVALID_MECHANISM; + SECOidTag hash_oid = SEC_OID_UNKNOWN; + + while (r.NextItem()) { + std::string n = r.ReadLabel(); + if (n == "") { + break; + } + + if (n == "d" || n == "e" || n == "keysize" || n == "n" || + n == "privateKeyJwk" || n == "privateKeyPem") { + r.SkipValue(); + } else if (n == "privateKeyPkcs8") { + std::vector<uint8_t> priv_key = r.ReadHex(); + private_key = LoadPrivateKey(priv_key); + } else if (n == "mgf") { + ASSERT_EQ("MGF1", r.ReadString()); + } else if (n == "mgfSha") { + mgf_hash = HashOidToHashMech(r.ReadHash()); + } else if (n == "sha") { + hash_oid = r.ReadHash(); + } else if (n == "type") { + ASSERT_EQ("RsaesOaepDecrypt", r.ReadString()); + } else if (n == "tests") { + WycheproofReadTests(r, &tests, ReadTestAttr); + } else { + FAIL() << "unknown label in group: " << n; + } + } + + for (auto& t : tests) { + TestDecrypt(private_key, hash_oid, mgf_hash, t); + } + } + + ScopedSECKEYPrivateKey LoadPrivateKey(const std::vector<uint8_t>& priv_key) { + SECItem pkcs8_item = {siBuffer, toUcharPtr(priv_key.data()), + static_cast<unsigned int>(priv_key.size())}; + + ScopedPK11SlotInfo slot(PK11_GetInternalKeySlot()); + EXPECT_NE(nullptr, slot); + + SECKEYPrivateKey* key = nullptr; + SECStatus rv = PK11_ImportDERPrivateKeyInfoAndReturnKey( + slot.get(), &pkcs8_item, nullptr, nullptr, false, false, KU_ALL, &key, + nullptr); + EXPECT_EQ(SECSuccess, rv); + EXPECT_NE(nullptr, key); + + return ScopedSECKEYPrivateKey(key); + } + + static void ReadTestAttr(RsaOaepTestVector& t, const std::string& n, + JsonReader& r) { + if (n == "msg") { + t.msg = r.ReadHex(); + } else if (n == "ct") { + t.ct = r.ReadHex(); + } else if (n == "label") { + t.label = r.ReadHex(); + } else { + FAIL() << "unsupported test case field: " << n; + } + } + inline CK_MECHANISM_TYPE HashOidToHashMech(SECOidTag hash_oid) { switch (hash_oid) { case SEC_OID_SHA1: @@ -88,35 +150,55 @@ class RsaOaepWycheproofTest } }; -TEST_P(RsaOaepWycheproofTest, OaepDecrypt) { TestDecrypt(GetParam()); } - -INSTANTIATE_TEST_SUITE_P( - WycheproofRsa2048Sha1OaepTest, RsaOaepWycheproofTest, - ::testing::ValuesIn(kRsaOaep2048Sha1WycheproofVectors)); - -INSTANTIATE_TEST_SUITE_P( - WycheproofOaep2048Sha256Sha1Test, RsaOaepWycheproofTest, - ::testing::ValuesIn(kRsaOaep2048Sha256Mgf1Sha1WycheproofVectors)); - -INSTANTIATE_TEST_SUITE_P( - WycheproofOaep2048Sha256Sha256Test, RsaOaepWycheproofTest, - ::testing::ValuesIn(kRsaOaep2048Sha256Mgf1Sha256WycheproofVectors)); - -INSTANTIATE_TEST_SUITE_P( - WycheproofOaep2048Sha384Sha1Test, RsaOaepWycheproofTest, - ::testing::ValuesIn(kRsaOaep2048Sha384Mgf1Sha1WycheproofVectors)); +TEST_F(RsaOaepWycheproofTest, RsaOaep2048Sha1) { + Run("rsa_oaep_2048_sha1_mgf1sha1"); +} +TEST_F(RsaOaepWycheproofTest, RsaOaep2048Sha256MgfSha1) { + Run("rsa_oaep_2048_sha256_mgf1sha1"); +} +TEST_F(RsaOaepWycheproofTest, RsaOaep2048Sha256) { + Run("rsa_oaep_2048_sha256_mgf1sha256"); +} +TEST_F(RsaOaepWycheproofTest, RsaOaep2048Sha384MgfSha1) { + Run("rsa_oaep_2048_sha384_mgf1sha1"); +} +TEST_F(RsaOaepWycheproofTest, RsaOaep2048Sha384) { + Run("rsa_oaep_2048_sha384_mgf1sha384"); +} +TEST_F(RsaOaepWycheproofTest, RsaOaep2048Sha512MgfSha1) { + Run("rsa_oaep_2048_sha512_mgf1sha1"); +} +TEST_F(RsaOaepWycheproofTest, RsaOaep2048Sha512) { + Run("rsa_oaep_2048_sha512_mgf1sha512"); +} -INSTANTIATE_TEST_SUITE_P( - WycheproofOaep2048Sha384Sha384Test, RsaOaepWycheproofTest, - ::testing::ValuesIn(kRsaOaep2048Sha384Mgf1Sha384WycheproofVectors)); +TEST_F(RsaOaepWycheproofTest, RsaOaep3072Sha256MgfSha1) { + Run("rsa_oaep_3072_sha256_mgf1sha1"); +} +TEST_F(RsaOaepWycheproofTest, RsaOaep3072Sha256) { + Run("rsa_oaep_3072_sha256_mgf1sha256"); +} +TEST_F(RsaOaepWycheproofTest, RsaOaep3072Sha512MgfSha1) { + Run("rsa_oaep_3072_sha512_mgf1sha1"); +} +TEST_F(RsaOaepWycheproofTest, RsaOaep3072Sha512) { + Run("rsa_oaep_3072_sha512_mgf1sha512"); +} -INSTANTIATE_TEST_SUITE_P( - WycheproofOaep2048Sha512Sha1Test, RsaOaepWycheproofTest, - ::testing::ValuesIn(kRsaOaep2048Sha512Mgf1Sha1WycheproofVectors)); +TEST_F(RsaOaepWycheproofTest, RsaOaep4096Sha256MgfSha1) { + Run("rsa_oaep_4096_sha256_mgf1sha1"); +} +TEST_F(RsaOaepWycheproofTest, RsaOaep4096Sha256) { + Run("rsa_oaep_4096_sha256_mgf1sha256"); +} +TEST_F(RsaOaepWycheproofTest, RsaOaep4096Sha512MgfSha1) { + Run("rsa_oaep_4096_sha512_mgf1sha1"); +} +TEST_F(RsaOaepWycheproofTest, RsaOaep4096Sha512) { + Run("rsa_oaep_4096_sha512_mgf1sha512"); +} -INSTANTIATE_TEST_SUITE_P( - WycheproofOaep2048Sha512Sha512Test, RsaOaepWycheproofTest, - ::testing::ValuesIn(kRsaOaep2048Sha512Mgf1Sha512WycheproofVectors)); +TEST_F(RsaOaepWycheproofTest, RsaOaepMisc) { Run("rsa_oaep_misc"); } TEST(Pkcs11RsaOaepTest, TestOaepWrapUnwrap) { const size_t kRsaKeyBits = 2048; |