diff options
author | Daniel Neus <[email protected]> | 2017-02-16 14:01:59 +0100 |
---|---|---|
committer | Daniel Neus <[email protected]> | 2017-02-16 14:01:59 +0100 |
commit | f5ce8d27223bfcb5b8982887c3f067eec729962b (patch) | |
tree | 24499dd9c6e4ba92243be3dbadfd14d0563daf60 | |
parent | 863b7ba99f2014b76e0ba2e2b256d0870301199b (diff) |
Fix rsa_blinding tests if emsa_raw is missing and add tests for rsa_blinding while encrypting/decrypting
-rw-r--r-- | src/tests/test_rsa.cpp | 49 |
1 files changed, 46 insertions, 3 deletions
diff --git a/src/tests/test_rsa.cpp b/src/tests/test_rsa.cpp index a375e90a3..e3ac2f608 100644 --- a/src/tests/test_rsa.cpp +++ b/src/tests/test_rsa.cpp @@ -5,6 +5,7 @@ */ #include "tests.h" +#include "test_rng.h" #if defined(BOTAN_HAS_RSA) #include <botan/rsa.h> @@ -138,7 +139,11 @@ class RSA_Blinding_Tests : public Test { Test::Result result("RSA blinding"); -#if defined(BOTAN_HAS_EME_RAW) +#if defined(BOTAN_HAS_EMSA_RAW) || defined(BOTAN_HAS_EME_RAW) + Botan::RSA_PrivateKey rsa(Test::rng(), 1024); +#endif + +#if defined(BOTAN_HAS_EMSA_RAW) /* * The blinder chooses a new starting point BOTAN_BLINDING_REINIT_INTERVAL @@ -148,8 +153,6 @@ class RSA_Blinding_Tests : public Test * are used as an additional test on the blinders. */ - Botan::RSA_PrivateKey rsa(Test::rng(), 1024); - Botan::PK_Signer signer(rsa, Test::rng(), "Raw"); // don't try this at home Botan::PK_Verifier verifier(rsa, "Raw"); @@ -169,6 +172,46 @@ class RSA_Blinding_Tests : public Test } #endif +#if defined(BOTAN_HAS_EME_RAW) + + /* + * The blinder chooses a new starting point BOTAN_BLINDING_REINIT_INTERVAL + * so decrypt several times that with a single key. + * + * Very small values (padding/hashing disabled, only low byte set on input) + * are used as an additional test on the blinders. + */ + + Botan::PK_Encryptor_EME encryptor(rsa, Test::rng(), "Raw"); // don't try this at home + + // test blinding reinit interval + // Seed Fixed_Output_RNG only with enough bytes for the initial blinder initialization + Botan_Tests::Fixed_Output_RNG fixed_rng(Botan::unlock(Test::rng().random_vec(rsa.get_n().bytes()))); + Botan::PK_Decryptor_EME decryptor(rsa, fixed_rng, "Raw"); + + for(size_t i = 1; i <= BOTAN_BLINDING_REINIT_INTERVAL ; ++i) + { + std::vector<uint8_t> input(16); + input[ input.size() - 1 ] = static_cast<uint8_t>(i); + + std::vector<uint8_t> ciphertext = encryptor.encrypt(input, Test::rng()); + + std::vector<uint8_t> plaintext = Botan::unlock(decryptor.decrypt(ciphertext)); + plaintext.insert(plaintext.begin(), input.size() - 1, 0); + + // assert RNG is not called in this situation + result.test_eq("Successfull decryption", plaintext, input); + } + + // one more decryption should trigger a blinder reinitialization + result.test_throws("", [&decryptor,&encryptor]() + { + std::vector<uint8_t> ciphertext = encryptor.encrypt(std::vector<uint8_t>(16), Test::rng()); + decryptor.decrypt(ciphertext); + }); + +#endif + return std::vector<Test::Result>{result}; } }; |