Add test cases for RSA X931

ColtonWilley · ColtonWilley · commit a2332015a128 · 2025-02-05T12:57:15.000-08:00
diff --git a/test/test_pkey.c b/test/test_pkey.c
@@ -96,15 +96,17 @@ int test_pkey_sign(EVP_PKEY *pkey, OSSL_LIB_CTX* libCtx, unsigned char *hash,
     if (err == 0) {
         err = EVP_PKEY_sign_init(ctx) != 1;
     }
+    /* Signature MD MUST be set before padding for ossl x931 */
+    if ((err == 0) && (padMode == RSA_PKCS1_PSS_PADDING ||
+            padMode == RSA_X931_PADDING) && rsaMd != NULL) {
+        err = EVP_PKEY_CTX_set_signature_md(ctx, rsaMd) <= 0;
+    }
     if ((err == 0) && padMode) {
         err = EVP_PKEY_CTX_set_rsa_padding(ctx, padMode) <= 0;
     }
     if ((err == 0) && padMode == RSA_PKCS1_PSS_PADDING) {
         err = EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, -1) < 0;
     }
-    if ((err == 0) && padMode == RSA_PKCS1_PSS_PADDING && rsaMd != NULL) {
-        err = EVP_PKEY_CTX_set_signature_md(ctx, rsaMd) <= 0;
-    }
     if ((err == 0) && padMode == RSA_PKCS1_PSS_PADDING && rsaMgf1Md != NULL) {
         err = EVP_PKEY_CTX_set_rsa_mgf1_md(ctx, rsaMgf1Md) <= 0;
     }
@@ -131,15 +133,17 @@ int test_pkey_verify(EVP_PKEY *pkey, OSSL_LIB_CTX* libCtx, unsigned char *hash,
     if (err == 0) {
         err = EVP_PKEY_verify_init(ctx) != 1;
     }
+    /* Signature MD MUST be set before padding for ossl x931 */
+    if ((err == 0) && (padMode == RSA_PKCS1_PSS_PADDING ||
+        padMode == RSA_X931_PADDING) && rsaMd != NULL) {
+        err = EVP_PKEY_CTX_set_signature_md(ctx, rsaMd) <= 0;
+    }
     if ((err == 0) && padMode) {
         err = EVP_PKEY_CTX_set_rsa_padding(ctx, padMode) <= 0;
     }
     if ((err == 0) && padMode == RSA_PKCS1_PSS_PADDING) {
         err = EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, -1) < 0;
     }
-    if ((err == 0) && padMode == RSA_PKCS1_PSS_PADDING && rsaMd != NULL) {
-        err = EVP_PKEY_CTX_set_signature_md(ctx, rsaMd) <= 0;
-    }
     if ((err == 0) && padMode == RSA_PKCS1_PSS_PADDING && rsaMgf1Md != NULL) {
         err = EVP_PKEY_CTX_set_rsa_mgf1_md(ctx, rsaMgf1Md) <= 0;
     }
diff --git a/test/test_rsa.c b/test/test_rsa.c
@@ -269,6 +269,9 @@ static int test_rsa_sign_verify_pad(int padMode, const EVP_MD *md,
         if (padMode == RSA_NO_PADDING) {
             bufLen = rsaSigLen;
         }
+        else if (padMode == RSA_X931_PADDING) {
+            bufLen = EVP_MD_size(md);
+        }
         buf = (unsigned char *)OPENSSL_malloc(bufLen);
         err = buf == NULL;
     }
@@ -452,6 +455,40 @@ int test_rsa_sign_verify_pss(void *data)
     return err;
 }
 
+int test_rsa_sign_verify_x931(void *data)
+{
+
+    int err = 0;
+
+    (void)data;
+
+    /* Use SHA-1 (default) for MD and MGF1 MD. */
+    err = test_rsa_sign_verify_pad(RSA_X931_PADDING, EVP_sha1(), NULL) == 1;
+#ifdef WP_HAVE_SHA256
+    if (err == 0) {
+        /* Use SHA-256 for MD. */
+        err = test_rsa_sign_verify_pad(RSA_X931_PADDING, EVP_sha256(),
+                                       NULL) == 1;
+    }
+#endif
+#ifdef WP_HAVE_SHA384
+    if (err == 0) {
+        /* Use SHA-384 for MD. */
+        err = test_rsa_sign_verify_pad(RSA_X931_PADDING, EVP_sha384(),
+                                       NULL) == 1;
+    }
+#endif
+#ifdef WP_HAVE_SHA512
+    if (err == 0) {
+        /* Use SHA-512 for MD. */
+        err = test_rsa_sign_verify_pad(RSA_X931_PADDING, EVP_sha512(),
+                                       NULL) == 1;
+    }
+#endif
+
+    return err;
+}
+
 static int test_rsa_enc_dec(const unsigned char *der, size_t derLen,
                             int padMode, const EVP_MD *rsaMd,
                             const EVP_MD *rsaMgf1Md)
diff --git a/test/unit.c b/test/unit.c
@@ -155,6 +155,7 @@ TEST_CASE test_case[] = {
     TEST_DECL(test_rsa_sign_sha1, NULL),
     TEST_DECL(test_rsa_sign_verify_pkcs1, NULL),
     TEST_DECL(test_rsa_sign_verify_pss, NULL),
+    TEST_DECL(test_rsa_sign_verify_x931, NULL),
     TEST_DECL(test_rsa_enc_dec_pkcs1, NULL),
     TEST_DECL(test_rsa_enc_dec_oaep, NULL),
     TEST_DECL(test_rsa_pkey_keygen, NULL),
diff --git a/test/unit.h b/test/unit.h
@@ -231,6 +231,7 @@ int test_pkey_dec_rsa(EVP_PKEY *pkey, unsigned char *msg, size_t msgLen,
 int test_rsa_sign_sha1(void *data);
 int test_rsa_sign_verify_pkcs1(void *data);
 int test_rsa_sign_verify_pss(void *data);
+int test_rsa_sign_verify_x931(void *data);
 int test_rsa_enc_dec_pkcs1(void *data);
 int test_rsa_enc_dec_oaep(void *data);
 int test_rsa_pkey_keygen(void *data);

Original file line number	Diff line number	Diff line change
`@@ -96,15 +96,17 @@ int test_pkey_sign(EVP_PKEY pkey, OSSL_LIB_CTX libCtx, unsigned char *hash,`
`96`	`96`	`if (err == 0) {`
`97`	`97`	`err = EVP_PKEY_sign_init(ctx) != 1;`
`98`	`98`	`}`
	`99`	`+ /* Signature MD MUST be set before padding for ossl x931 */`
	`100`	`+ if ((err == 0) && (padMode == RSA_PKCS1_PSS_PADDING \|\|`
	`101`	`+ padMode == RSA_X931_PADDING) && rsaMd != NULL) {`
	`102`	`+ err = EVP_PKEY_CTX_set_signature_md(ctx, rsaMd) <= 0;`
	`103`	`+ }`
`99`	`104`	`if ((err == 0) && padMode) {`
`100`	`105`	`err = EVP_PKEY_CTX_set_rsa_padding(ctx, padMode) <= 0;`
`101`	`106`	`}`
`102`	`107`	`if ((err == 0) && padMode == RSA_PKCS1_PSS_PADDING) {`
`103`	`108`	`err = EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, -1) < 0;`
`104`	`109`	`}`
`105`		`- if ((err == 0) && padMode == RSA_PKCS1_PSS_PADDING && rsaMd != NULL) {`
`106`		`- err = EVP_PKEY_CTX_set_signature_md(ctx, rsaMd) <= 0;`
`107`		`- }`
`108`	`110`	`if ((err == 0) && padMode == RSA_PKCS1_PSS_PADDING && rsaMgf1Md != NULL) {`
`109`	`111`	`err = EVP_PKEY_CTX_set_rsa_mgf1_md(ctx, rsaMgf1Md) <= 0;`
`110`	`112`	`}`
`@@ -131,15 +133,17 @@ int test_pkey_verify(EVP_PKEY pkey, OSSL_LIB_CTX libCtx, unsigned char *hash,`
`131`	`133`	`if (err == 0) {`
`132`	`134`	`err = EVP_PKEY_verify_init(ctx) != 1;`
`133`	`135`	`}`
	`136`	`+ /* Signature MD MUST be set before padding for ossl x931 */`
	`137`	`+ if ((err == 0) && (padMode == RSA_PKCS1_PSS_PADDING \|\|`
	`138`	`+ padMode == RSA_X931_PADDING) && rsaMd != NULL) {`
	`139`	`+ err = EVP_PKEY_CTX_set_signature_md(ctx, rsaMd) <= 0;`
	`140`	`+ }`
`134`	`141`	`if ((err == 0) && padMode) {`
`135`	`142`	`err = EVP_PKEY_CTX_set_rsa_padding(ctx, padMode) <= 0;`
`136`	`143`	`}`
`137`	`144`	`if ((err == 0) && padMode == RSA_PKCS1_PSS_PADDING) {`
`138`	`145`	`err = EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, -1) < 0;`
`139`	`146`	`}`
`140`		`- if ((err == 0) && padMode == RSA_PKCS1_PSS_PADDING && rsaMd != NULL) {`
`141`		`- err = EVP_PKEY_CTX_set_signature_md(ctx, rsaMd) <= 0;`
`142`		`- }`
`143`	`147`	`if ((err == 0) && padMode == RSA_PKCS1_PSS_PADDING && rsaMgf1Md != NULL) {`
`144`	`148`	`err = EVP_PKEY_CTX_set_rsa_mgf1_md(ctx, rsaMgf1Md) <= 0;`
`145`	`149`	`}`