aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRenĂ© Korthaus <[email protected]>2016-06-16 13:03:23 +0200
committerDaniel Neus <[email protected]>2016-06-17 14:36:16 +0200
commit960adccc86396f5d2ef9ec1a7374bcc9de70b85a (patch)
treed8891721e294437b3a2b510a41861925a95d7d13
parent6816c9e71e01432792a997ad9a5d561b9cd94a48 (diff)
fix test failures and seg faults when Botan is configured with --module-policy bsi
-rw-r--r--src/lib/pubkey/dsa/dsa.cpp2
-rw-r--r--src/lib/pubkey/dsa/info.txt2
-rw-r--r--src/lib/pubkey/ecdsa/ecdsa.cpp2
-rw-r--r--src/lib/pubkey/ecdsa/info.txt2
-rw-r--r--src/lib/pubkey/ecgdsa/ecgdsa.cpp2
-rw-r--r--src/lib/pubkey/ecgdsa/info.txt2
-rw-r--r--src/lib/pubkey/rsa/info.txt2
-rw-r--r--src/lib/pubkey/rsa/rsa.cpp2
-rw-r--r--src/tests/test_rfc6979.cpp11
-rw-r--r--src/tests/test_rng.cpp31
-rw-r--r--src/tests/unit_ecdh.cpp30
-rw-r--r--src/tests/unit_ecdsa.cpp26
12 files changed, 85 insertions, 29 deletions
diff --git a/src/lib/pubkey/dsa/dsa.cpp b/src/lib/pubkey/dsa/dsa.cpp
index c7d44c73a..c2d4b3454 100644
--- a/src/lib/pubkey/dsa/dsa.cpp
+++ b/src/lib/pubkey/dsa/dsa.cpp
@@ -69,7 +69,7 @@ bool DSA_PrivateKey::check_key(RandomNumberGenerator& rng, bool strong) const
if(!strong)
return true;
- return KeyPair::signature_consistency_check(rng, *this, "EMSA1(SHA-1)");
+ return KeyPair::signature_consistency_check(rng, *this, "EMSA1(SHA-256)");
}
namespace {
diff --git a/src/lib/pubkey/dsa/info.txt b/src/lib/pubkey/dsa/info.txt
index 94802ed59..855363789 100644
--- a/src/lib/pubkey/dsa/info.txt
+++ b/src/lib/pubkey/dsa/info.txt
@@ -5,4 +5,6 @@ dl_algo
dl_group
keypair
numbertheory
+emsa1
+sha2_32
</requires>
diff --git a/src/lib/pubkey/ecdsa/ecdsa.cpp b/src/lib/pubkey/ecdsa/ecdsa.cpp
index 53b5982e0..35a119420 100644
--- a/src/lib/pubkey/ecdsa/ecdsa.cpp
+++ b/src/lib/pubkey/ecdsa/ecdsa.cpp
@@ -26,7 +26,7 @@ bool ECDSA_PrivateKey::check_key(RandomNumberGenerator& rng,
if(!strong)
return true;
- return KeyPair::signature_consistency_check(rng, *this, "EMSA1(SHA-1)");
+ return KeyPair::signature_consistency_check(rng, *this, "EMSA1(SHA-256)");
}
namespace {
diff --git a/src/lib/pubkey/ecdsa/info.txt b/src/lib/pubkey/ecdsa/info.txt
index e98913897..3b12bff0d 100644
--- a/src/lib/pubkey/ecdsa/info.txt
+++ b/src/lib/pubkey/ecdsa/info.txt
@@ -7,4 +7,6 @@ ecc_key
keypair
numbertheory
rng
+emsa1
+sha2_32
</requires>
diff --git a/src/lib/pubkey/ecgdsa/ecgdsa.cpp b/src/lib/pubkey/ecgdsa/ecgdsa.cpp
index b28e3fe96..3e14aa8f4 100644
--- a/src/lib/pubkey/ecgdsa/ecgdsa.cpp
+++ b/src/lib/pubkey/ecgdsa/ecgdsa.cpp
@@ -20,7 +20,7 @@ bool ECGDSA_PrivateKey::check_key(RandomNumberGenerator& rng,
if(!strong)
return true;
- return KeyPair::signature_consistency_check(rng, *this, "EMSA1(SHA-1)");
+ return KeyPair::signature_consistency_check(rng, *this, "EMSA1(SHA-256)");
}
namespace {
diff --git a/src/lib/pubkey/ecgdsa/info.txt b/src/lib/pubkey/ecgdsa/info.txt
index 6c18a1440..79dec3199 100644
--- a/src/lib/pubkey/ecgdsa/info.txt
+++ b/src/lib/pubkey/ecgdsa/info.txt
@@ -8,4 +8,6 @@ ecc_key
keypair
numbertheory
rng
+emsa1
+sha2_32
</requires>
diff --git a/src/lib/pubkey/rsa/info.txt b/src/lib/pubkey/rsa/info.txt
index 264ff7c62..91eec565a 100644
--- a/src/lib/pubkey/rsa/info.txt
+++ b/src/lib/pubkey/rsa/info.txt
@@ -4,4 +4,6 @@ define RSA 20131128
if_algo
keypair
numbertheory
+emsa_pssr
+sha2_32
</requires>
diff --git a/src/lib/pubkey/rsa/rsa.cpp b/src/lib/pubkey/rsa/rsa.cpp
index e12586014..6a645ec88 100644
--- a/src/lib/pubkey/rsa/rsa.cpp
+++ b/src/lib/pubkey/rsa/rsa.cpp
@@ -58,7 +58,7 @@ bool RSA_PrivateKey::check_key(RandomNumberGenerator& rng, bool strong) const
if((m_e * m_d) % lcm(m_p - 1, m_q - 1) != 1)
return false;
- return KeyPair::signature_consistency_check(rng, *this, "EMSA4(SHA-1)");
+ return KeyPair::signature_consistency_check(rng, *this, "EMSA4(SHA-256)");
}
namespace {
diff --git a/src/tests/test_rfc6979.cpp b/src/tests/test_rfc6979.cpp
index 30846c9e3..1b8e91377 100644
--- a/src/tests/test_rfc6979.cpp
+++ b/src/tests/test_rfc6979.cpp
@@ -11,6 +11,8 @@
#include <botan/hex.h>
#endif
+#include <botan/hash.h>
+
namespace Botan_Tests {
namespace {
@@ -31,6 +33,15 @@ class RFC6979_KAT_Tests : public Text_Based_Test
const BigInt K = get_req_bn(vars, "K");
Test::Result result("RFC 6979 nonce generation");
+
+ auto hash_func = Botan::HashFunction::create(hash);
+
+ if(!hash_func)
+ {
+ result.test_note("Skipping due to missing: " + hash);
+ return result;
+ }
+
result.test_eq("vector matches", Botan::generate_rfc6979_nonce(X, Q, H, hash), K);
Botan::RFC6979_Nonce_Generator gen(hash, Q, X);
diff --git a/src/tests/test_rng.cpp b/src/tests/test_rng.cpp
index 6a9580345..7f1c1f123 100644
--- a/src/tests/test_rng.cpp
+++ b/src/tests/test_rng.cpp
@@ -40,15 +40,31 @@ Botan::RandomNumberGenerator* get_rng(const std::string& algo_str, const std::ve
#if defined(BOTAN_HAS_HMAC_DRBG)
if(rng_name == "HMAC_DRBG")
- return new Botan::HMAC_DRBG(
- Botan::MessageAuthenticationCode::create("HMAC(" + algo_name[1] + ")").release(),
- new AllOnce_RNG(ikm));
+ {
+ auto mac = Botan::MessageAuthenticationCode::create("HMAC(" + algo_name[1] + ")");
+
+ if(!mac)
+ {
+ return nullptr;
+ }
+
+ return new Botan::HMAC_DRBG(mac.release(), new AllOnce_RNG(ikm));
+ }
+
#endif
#if defined(BOTAN_HAS_X931_RNG)
if(rng_name == "X9.31-RNG")
- return new Botan::ANSI_X931_RNG(Botan::BlockCipher::create(algo_name[1]).release(),
- new Fixed_Output_RNG(ikm));
+ {
+ auto bc = Botan::BlockCipher::create(algo_name[1]);
+
+ if(!bc)
+ {
+ return nullptr;
+ }
+
+ return new Botan::ANSI_X931_RNG(bc.release(), new Fixed_Output_RNG(ikm));
+ }
#endif
return nullptr;
@@ -72,6 +88,11 @@ class X931_RNG_Tests : public Text_Based_Test
result.test_eq("length", L, expected.size());
std::unique_ptr<Botan::RandomNumberGenerator> rng(get_rng(algo, ikm));
+ if(!rng)
+ {
+ result.note_missing("RNG " + algo);
+ return result;
+ }
result.test_eq("rng", rng->random_vec(L), expected);
diff --git a/src/tests/unit_ecdh.cpp b/src/tests/unit_ecdh.cpp
index 0368a53d1..40a10203a 100644
--- a/src/tests/unit_ecdh.cpp
+++ b/src/tests/unit_ecdh.cpp
@@ -41,24 +41,30 @@ class ECDH_Unit_Tests : public Test
std::vector<std::string> oids = { "1.2.840.10045.3.1.7",
"1.3.132.0.8",
"1.2.840.10045.3.1.1" };
-
- for(auto&& oid : oids)
+ try
{
- Botan::EC_Group dom_pars(Botan::OIDS::lookup(oid));
- Botan::ECDH_PrivateKey private_a(Test::rng(), dom_pars);
- Botan::ECDH_PrivateKey private_b(Test::rng(), dom_pars);
+ for(auto&& oid : oids)
+ {
+ Botan::EC_Group dom_pars(Botan::OIDS::lookup(oid));
+ Botan::ECDH_PrivateKey private_a(Test::rng(), dom_pars);
+ Botan::ECDH_PrivateKey private_b(Test::rng(), dom_pars);
- Botan::PK_Key_Agreement ka(private_a, "KDF2(SHA-1)");
- Botan::PK_Key_Agreement kb(private_b, "KDF2(SHA-1)");
+ Botan::PK_Key_Agreement ka(private_a, "KDF2(SHA-512)");
+ Botan::PK_Key_Agreement kb(private_b, "KDF2(SHA-512)");
- Botan::SymmetricKey alice_key = ka.derive_key(32, private_b.public_value());
- Botan::SymmetricKey bob_key = kb.derive_key(32, private_a.public_value());
+ Botan::SymmetricKey alice_key = ka.derive_key(32, private_b.public_value());
+ Botan::SymmetricKey bob_key = kb.derive_key(32, private_a.public_value());
- if(!result.test_eq("same derived key", alice_key.bits_of(), bob_key.bits_of()))
- {
- result.test_note("Keys where " + alice_key.as_string() + " and " + bob_key.as_string());
+ if(!result.test_eq("same derived key", alice_key.bits_of(), bob_key.bits_of()))
+ {
+ result.test_note("Keys where " + alice_key.as_string() + " and " + bob_key.as_string());
+ }
}
}
+ catch(Botan::Lookup_Error&)
+ {
+ result.test_note("Skipping due to missing KFD2 or SHA-512");
+ }
return result;
}
diff --git a/src/tests/unit_ecdsa.cpp b/src/tests/unit_ecdsa.cpp
index ecafb3c7f..2ad341e5e 100644
--- a/src/tests/unit_ecdsa.cpp
+++ b/src/tests/unit_ecdsa.cpp
@@ -17,6 +17,7 @@
#include <botan/ec_group.h>
#include <botan/oids.h>
#include <botan/pkcs8.h>
+ #include <botan/hash.h>
#endif
#if defined(BOTAN_HAS_X509_CERTIFICATES)
@@ -49,6 +50,15 @@ Test::Result test_hash_larger_than_n()
for(size_t i = 0; i != message.size(); ++i)
message[i] = i;
+ auto sha1 = Botan::HashFunction::create("SHA-1");
+ auto sha224 = Botan::HashFunction::create("SHA-224");
+
+ if(!sha1 || !sha224)
+ {
+ result.test_note("Skipping due to missing SHA-1 or SHA-224");
+ return result;
+ }
+
Botan::PK_Signer pk_signer_160(priv_key, "EMSA1_BSI(SHA-1)");
Botan::PK_Verifier pk_verifier_160(priv_key, "EMSA1_BSI(SHA-1)");
@@ -130,12 +140,12 @@ Test::Result test_sign_then_ver()
Botan::EC_Group dom_pars(Botan::OID("1.3.132.0.8"));
Botan::ECDSA_PrivateKey ecdsa(Test::rng(), dom_pars);
- Botan::PK_Signer signer(ecdsa, "EMSA1(SHA-1)");
+ Botan::PK_Signer signer(ecdsa, "EMSA1(SHA-256)");
auto msg = Botan::hex_decode("12345678901234567890abcdef12");
std::vector<byte> sig = signer.sign_message(msg, Test::rng());
- Botan::PK_Verifier verifier(ecdsa, "EMSA1(SHA-1)");
+ Botan::PK_Verifier verifier(ecdsa, "EMSA1(SHA-256)");
result.confirm("signature verifies", verifier.verify_message(msg, sig));
@@ -205,7 +215,7 @@ Test::Result test_ecdsa_create_save_load()
Botan::EC_Group dom_pars(Botan::OID("1.3.132.0.8"));
Botan::ECDSA_PrivateKey key(Test::rng(), dom_pars);
- Botan::PK_Signer signer(key, "EMSA1(SHA-1)");
+ Botan::PK_Signer signer(key, "EMSA1(SHA-256)");
msg_signature = signer.sign_message(msg, Test::rng());
ecc_private_key_pem = Botan::PKCS8::PEM_encode(key);
@@ -220,7 +230,7 @@ Test::Result test_ecdsa_create_save_load()
Botan::ECDSA_PrivateKey* loaded_ec_key = dynamic_cast<Botan::ECDSA_PrivateKey*>(loaded_key.get());
result.confirm("the loaded key could be converted into an ECDSA_PrivateKey", loaded_ec_key);
- Botan::PK_Verifier verifier(*loaded_ec_key, "EMSA1(SHA-1)");
+ Botan::PK_Verifier verifier(*loaded_ec_key, "EMSA1(SHA-256)");
result.confirm("generated signature valid", verifier.verify_message(msg, msg_signature));
@@ -268,8 +278,8 @@ Test::Result test_read_pkcs8()
Botan::ECDSA_PrivateKey* ecdsa_nodp = dynamic_cast<Botan::ECDSA_PrivateKey*>(loaded_key_nodp.get());
result.confirm("key loaded", ecdsa_nodp);
- Botan::PK_Signer signer(*ecdsa_nodp, "EMSA1(SHA-1)");
- Botan::PK_Verifier verifier(*ecdsa_nodp, "EMSA1(SHA-1)");
+ Botan::PK_Signer signer(*ecdsa_nodp, "EMSA1(SHA-256)");
+ Botan::PK_Verifier verifier(*ecdsa_nodp, "EMSA1(SHA-256)");
std::vector<byte> signature_nodp = signer.sign_message(msg, Test::rng());
@@ -335,8 +345,8 @@ Test::Result test_curve_registry()
Botan::EC_Group dom_pars(oid);
Botan::ECDSA_PrivateKey ecdsa(Test::rng(), dom_pars);
- Botan::PK_Signer signer(ecdsa, "EMSA1(SHA-1)");
- Botan::PK_Verifier verifier(ecdsa, "EMSA1(SHA-1)");
+ Botan::PK_Signer signer(ecdsa, "EMSA1(SHA-256)");
+ Botan::PK_Verifier verifier(ecdsa, "EMSA1(SHA-256)");
auto msg = Botan::hex_decode("12345678901234567890abcdef12");
std::vector<byte> sig = signer.sign_message(msg, Test::rng());