diff options
| author | Jack Lloyd <[email protected]> | 2017-03-29 10:13:33 -0400 |
|---|---|---|
| committer | Jack Lloyd <[email protected]> | 2017-03-29 10:13:33 -0400 |
| commit | dea2ad7dfc9f5f883c5f24a71771d8ac884b5fb9 (patch) | |
| tree | d963c16d5f905e81a22e24fff514a3ad438c2a90 | |
| parent | e77f301e65901e2f3bb0e6414bfd9632f6cdda63 (diff) | |
| parent | f5ce8d27223bfcb5b8982887c3f067eec729962b (diff) | |
Merge GH #879 Fix rsa_blinding tests and add one more test
| -rw-r--r-- | src/tests/test_rsa.cpp | 49 |
1 files changed, 46 insertions, 3 deletions
diff --git a/src/tests/test_rsa.cpp b/src/tests/test_rsa.cpp index a375e90a3..e3ac2f608 100644 --- a/src/tests/test_rsa.cpp +++ b/src/tests/test_rsa.cpp @@ -5,6 +5,7 @@ */ #include "tests.h" +#include "test_rng.h" #if defined(BOTAN_HAS_RSA) #include <botan/rsa.h> @@ -138,7 +139,11 @@ class RSA_Blinding_Tests : public Test { Test::Result result("RSA blinding"); -#if defined(BOTAN_HAS_EME_RAW) +#if defined(BOTAN_HAS_EMSA_RAW) || defined(BOTAN_HAS_EME_RAW) + Botan::RSA_PrivateKey rsa(Test::rng(), 1024); +#endif + +#if defined(BOTAN_HAS_EMSA_RAW) /* * The blinder chooses a new starting point BOTAN_BLINDING_REINIT_INTERVAL @@ -148,8 +153,6 @@ class RSA_Blinding_Tests : public Test * are used as an additional test on the blinders. */ - Botan::RSA_PrivateKey rsa(Test::rng(), 1024); - Botan::PK_Signer signer(rsa, Test::rng(), "Raw"); // don't try this at home Botan::PK_Verifier verifier(rsa, "Raw"); @@ -169,6 +172,46 @@ class RSA_Blinding_Tests : public Test } #endif +#if defined(BOTAN_HAS_EME_RAW) + + /* + * The blinder chooses a new starting point BOTAN_BLINDING_REINIT_INTERVAL + * so decrypt several times that with a single key. + * + * Very small values (padding/hashing disabled, only low byte set on input) + * are used as an additional test on the blinders. + */ + + Botan::PK_Encryptor_EME encryptor(rsa, Test::rng(), "Raw"); // don't try this at home + + // test blinding reinit interval + // Seed Fixed_Output_RNG only with enough bytes for the initial blinder initialization + Botan_Tests::Fixed_Output_RNG fixed_rng(Botan::unlock(Test::rng().random_vec(rsa.get_n().bytes()))); + Botan::PK_Decryptor_EME decryptor(rsa, fixed_rng, "Raw"); + + for(size_t i = 1; i <= BOTAN_BLINDING_REINIT_INTERVAL ; ++i) + { + std::vector<uint8_t> input(16); + input[ input.size() - 1 ] = static_cast<uint8_t>(i); + + std::vector<uint8_t> ciphertext = encryptor.encrypt(input, Test::rng()); + + std::vector<uint8_t> plaintext = Botan::unlock(decryptor.decrypt(ciphertext)); + plaintext.insert(plaintext.begin(), input.size() - 1, 0); + + // assert RNG is not called in this situation + result.test_eq("Successfull decryption", plaintext, input); + } + + // one more decryption should trigger a blinder reinitialization + result.test_throws("", [&decryptor,&encryptor]() + { + std::vector<uint8_t> ciphertext = encryptor.encrypt(std::vector<uint8_t>(16), Test::rng()); + decryptor.decrypt(ciphertext); + }); + +#endif + return std::vector<Test::Result>{result}; } }; |