fix:clean sensitive information and fix some functions

Cherry-picked from: https://gitcode.com/openHiTLS/openhitls/merge_requests/1402

Signed-off-by: Dongjianwei001 <dongjianwei1@huawei.com>
This commit is contained in:
Tom
2026-05-13 13:45:45 +00:00
committed by Dongjianwei001
parent 7d425ddf96
commit 6cca63e935
16 changed files with 192 additions and 52 deletions
-1
View File
@@ -704,7 +704,6 @@ class CMakeGenerator:
cmake += self._gen_cmd_cmake('set_target_properties', '{} PROPERTIES'.format(tgt_name), properties)
cmake += 'install(TARGETS %s DESTINATION ${CMAKE_INSTALL_PREFIX}/lib)\n' % tgt_name
if (self._approved_provider):
# Use the openssl command to generate an HMAC file.
cmake += 'install(CODE "execute_process(COMMAND openssl dgst -hmac \\\"%s\\\" -%s -out lib%s.so.hmac lib%s.so)")\n' % (self._args.hkey, self._hmac, lib_name, lib_name)
# Install the hmac file to the output directory.
cmake += 'install(CODE "execute_process(COMMAND cp lib%s.so.hmac ${CMAKE_INSTALL_PREFIX}/lib/lib%s.so.hmac)")\n' % (lib_name, lib_name)
+8 -1
View File
@@ -471,7 +471,6 @@ int32_t CRYPT_EAL_ParseRsaPssAlgParam(BSL_ASN1_Buffer *param, CRYPT_RSA_PssPara
BSL_ERR_PUSH_ERROR(CRYPT_DECODE_ERR_RSSPSS);
return CRYPT_DECODE_ERR_RSSPSS;
}
if (asns[CRYPT_RSAPSS_HASH_IDX].tag != 0) {
para->mdId = (CRYPT_MD_AlgId)BSL_OBJ_GetCidFromOidBuff(asns[CRYPT_RSAPSS_HASH_IDX].buff,
asns[CRYPT_RSAPSS_HASH_IDX].len);
@@ -480,6 +479,14 @@ int32_t CRYPT_EAL_ParseRsaPssAlgParam(BSL_ASN1_Buffer *param, CRYPT_RSA_PssPara
return CRYPT_DECODE_ERR_RSSPSS_MD;
}
}
if (asns[CRYPT_RSAPSS_MGF1_IDX].tag != 0) {
int32_t mgfCid = (CRYPT_MD_AlgId)BSL_OBJ_GetCidFromOidBuff(asns[CRYPT_RSAPSS_MGF1_IDX].buff,
asns[CRYPT_RSAPSS_MGF1_IDX].len);
if (mgfCid != BSL_CID_MGF1) {
BSL_ERR_PUSH_ERROR(CRYPT_DECODE_ERR_RSSPSS);
return CRYPT_DECODE_ERR_RSSPSS;
}
}
if (asns[CRYPT_RSAPSS_MGF1PARAM_IDX].tag != 0) {
para->mgfId = (CRYPT_MD_AlgId)BSL_OBJ_GetCidFromOidBuff(asns[CRYPT_RSAPSS_MGF1PARAM_IDX].buff,
asns[CRYPT_RSAPSS_MGF1PARAM_IDX].len);
+18
View File
@@ -1048,6 +1048,20 @@ EXIT:
return ret;
}
static int32_t VerifyCheckSign(const BN_BigNum *q, BN_BigNum *r, BN_BigNum *s)
{
if ((BN_Cmp(r, q) >= 0) || (BN_Cmp(s, q) >= 0)) {
BSL_ERR_PUSH_ERROR(CRYPT_DSA_VERIFY_FAIL);
return CRYPT_DSA_VERIFY_FAIL;
}
if (BN_IsZero(r) || BN_IsZero(s)) {
BSL_ERR_PUSH_ERROR(CRYPT_DSA_VERIFY_FAIL);
return CRYPT_DSA_VERIFY_FAIL;
}
return CRYPT_SUCCESS;
}
int32_t CRYPT_DSA_VerifyData(const CRYPT_DSA_Ctx *ctx, const uint8_t *data, uint32_t dataLen,
const uint8_t *sign, uint32_t signLen)
{
@@ -1072,6 +1086,10 @@ int32_t CRYPT_DSA_VerifyData(const CRYPT_DSA_Ctx *ctx, const uint8_t *data, uint
if (ret != CRYPT_SUCCESS) {
goto EXIT;
}
ret = VerifyCheckSign(ctx->para->q, r, s);
if (ret != CRYPT_SUCCESS) {
goto EXIT;
}
ret = VerifyCore(ctx, d, r, s);
EXIT:
BN_Destroy(r);
+7 -18
View File
@@ -70,33 +70,22 @@ int32_t CRYPT_ELGAMAL_SetPrvKey(CRYPT_ELGAMAL_Ctx *ctx, const CRYPT_ElGamalPrv *
return CRYPT_ELGAMAL_ERR_INPUT_VALUE;
}
int32_t ret = CRYPT_SUCCESS;
CRYPT_ELGAMAL_Ctx *newCtx = CRYPT_ELGAMAL_NewCtx();
if (newCtx == NULL) {
CRYPT_ELGAMAL_PrvKey *newPrvKey = ElGamal_NewPrvKey(0);
if (newPrvKey == NULL) {
BSL_ERR_PUSH_ERROR(CRYPT_MEM_ALLOC_FAIL);
return CRYPT_MEM_ALLOC_FAIL;
}
newCtx->prvKey = ElGamal_NewPrvKey(prv->pLen * 8); // Bit length is obtained by multiplying byte length by 8.
if (newCtx->prvKey == NULL) {
ret = CRYPT_MEM_ALLOC_FAIL;
BSL_ERR_PUSH_ERROR(ret);
goto ERR;
}
ret = SetPrvPara(newCtx->prvKey, prv);
ret = SetPrvPara(newPrvKey, prv);
if (ret != CRYPT_SUCCESS) {
BSL_ERR_PUSH_ERROR(ret);
goto ERR;
}
ELGAMAL_FREE_PRV_KEY(ctx->prvKey);
ctx->prvKey = newCtx->prvKey;
BSL_SAL_ReferencesFree(&(newCtx->references));
BSL_SAL_FREE(newCtx);
ctx->prvKey = newPrvKey;
return ret;
ERR:
CRYPT_ELGAMAL_FreeCtx(newCtx);
ELGAMAL_FREE_PRV_KEY(newPrvKey);
return ret;
}
@@ -116,7 +105,7 @@ int32_t CRYPT_ELGAMAL_SetPubKey(CRYPT_ELGAMAL_Ctx *ctx, const CRYPT_ElGamalPub *
int32_t ret = CRYPT_SUCCESS;
CRYPT_ELGAMAL_PubKey *newPub = NULL;
/* Bit length is obtained by multiplying byte length by 8. */
newPub = ElGamal_NewPubKey(pub->pLen * 8);
newPub = ElGamal_NewPubKey(0);
if (newPub == NULL) {
return CRYPT_MEM_ALLOC_FAIL;
}
+1 -1
View File
@@ -267,7 +267,7 @@ McelieceParams *McelieceGetParamsById(int32_t algId)
const int32_t base = CRYPT_KEM_TYPE_MCELIECE_6688128;
const int32_t max = CRYPT_KEM_TYPE_MCELIECE_8192128_PCF;
if ((algId - base) > (max - base)) {
if (algId > max || algId < base) {
return NULL;
}
+1
View File
@@ -434,6 +434,7 @@ int32_t CRYPT_PAILLIER_Add(const void *ctx, const BSL_Param *input, uint8_t *out
BN_Optimizer *optimizer = BN_OptimizerCreate();
if (optimizer == NULL) {
BSL_ERR_PUSH_ERROR(CRYPT_MEM_ALLOC_FAIL);
ret = CRYPT_MEM_ALLOC_FAIL;
goto EXIT;
}
+6 -14
View File
@@ -130,31 +130,23 @@ int32_t CRYPT_PAILLIER_SetPrvKey(CRYPT_PAILLIER_Ctx *ctx, const CRYPT_PaillierPr
if (ret != CRYPT_SUCCESS) {
return ret;
}
CRYPT_PAILLIER_Ctx *newCtx = CRYPT_PAILLIER_NewCtx();
if (newCtx == NULL) {
CRYPT_PAILLIER_PrvKey *newPrvKey = Paillier_NewPrvKey(0); // Bit length is obtained by multiplying byte length by 8.
if (newPrvKey == NULL) {
BSL_ERR_PUSH_ERROR(CRYPT_MEM_ALLOC_FAIL);
return CRYPT_MEM_ALLOC_FAIL;
}
newCtx->prvKey = Paillier_NewPrvKey(prv->lambdaLen * 8); // Bit length is obtained by multiplying byte length by 8.
if (newCtx->prvKey == NULL) {
ret = CRYPT_MEM_ALLOC_FAIL;
BSL_ERR_PUSH_ERROR(ret);
goto ERR;
}
ret = SetPrvPara(newCtx->prvKey, prv);
ret = SetPrvPara(newPrvKey, prv);
if (ret != CRYPT_SUCCESS) {
BSL_ERR_PUSH_ERROR(ret);
goto ERR;
}
PAILLIER_FREE_PRV_KEY(ctx->prvKey);
ctx->prvKey = newCtx->prvKey;
BSL_SAL_ReferencesFree(&(newCtx->references));
BSL_SAL_FREE(newCtx);
ctx->prvKey = newPrvKey;
return ret;
ERR:
CRYPT_PAILLIER_FreeCtx(newCtx);
PAILLIER_FREE_PRV_KEY(newPrvKey);
return ret;
}
@@ -62,7 +62,7 @@
static int32_t ParaCheckAndLog(const CRYPT_Iso_Pkey_Ctx *ctx, const CRYPT_EAL_PkeyPara *para)
{
CRYPT_EAL_PkeyC2Data data = {para, NULL, NULL, CRYPT_MD_MAX, CRYPT_PKEY_PARAID_MAX, CRYPT_EVENT_MAX,
CRYPT_EAL_PkeyC2Data data = {para, NULL, NULL, CRYPT_MD_MAX, (int32_t)para->id, CRYPT_EVENT_MAX,
NULL, NULL, NULL};
if (!CMVP_Iso19790PkeyC2(ctx->algId, &data)) {
(void)CRYPT_Iso_Log(ctx->provCtx, CRYPT_EVENT_PARAM_CHECK, CRYPT_ALGO_PKEY, ctx->algId);
@@ -144,6 +144,23 @@ static int32_t CheckDhPara(const CRYPT_Iso_Pkey_Ctx *ctx, const BSL_Param *param
return ParaCheckAndLog(ctx, &para);
}
static int32_t CheckEcdsaPara(const CRYPT_Iso_Pkey_Ctx *ctx, const BSL_Param *params)
{
CRYPT_EAL_PkeyPara para = {0};
uint8_t *curveId = NULL;
uint32_t len = 0;
int32_t ret = GetParamValue(params, CRYPT_PARAM_EC_CURVE_ID, &curveId, &len);
if (ret != CRYPT_SUCCESS) {
return ret;
}
if (len != sizeof(int32_t)) {
BSL_ERR_PUSH_ERROR(CRYPT_INVALID_ARG);
return CRYPT_INVALID_ARG;
}
para.id = *(int32_t *)curveId;
return ParaCheckAndLog(ctx, &para);
}
static int32_t CheckPkeyParam(const CRYPT_Iso_Pkey_Ctx *ctx, const BSL_Param *params)
{
switch (ctx->algId) {
@@ -153,6 +170,8 @@ static int32_t CheckPkeyParam(const CRYPT_Iso_Pkey_Ctx *ctx, const BSL_Param *pa
return CheckDsaPara(ctx, params);
case CRYPT_PKEY_RSA:
return CheckRsaPara(ctx, params);
case CRYPT_PKEY_ECDSA:
return CheckEcdsaPara(ctx, params);
default:
return CRYPT_SUCCESS;
}
@@ -536,7 +555,11 @@ static int32_t CRYPT_ASMCAP_PkeyCheck(int32_t algId)
BSL_ERR_PUSH_ERROR(CRYPT_NULL_INPUT); \
return CRYPT_NULL_INPUT; \
} \
int32_t ret = CRYPT_Iso_Log(ctx->provCtx, CRYPT_EVENT_SETSSP, CRYPT_ALGO_PKEY, ctx->algId); \
int32_t ret = CheckPkeyParam(ctx, params); \
if (ret != CRYPT_SUCCESS) { \
return ret; \
} \
ret = CRYPT_Iso_Log(ctx->provCtx, CRYPT_EVENT_SETSSP, CRYPT_ALGO_PKEY, ctx->algId); \
if (ret != CRYPT_SUCCESS) { \
return ret; \
} \
-1
View File
@@ -916,7 +916,6 @@ int32_t HITLS_SetCurrentCert(HITLS_Ctx *ctx, long option);
/**
* @ingroup hitls_cert
* @brief Process the certificate callback.
* @attention This callback function is compatible with OpenSSL and has the same logic as OpenSSL.
*
* @param ctx [IN] TLS link object
* @param arg [IN] Related parameters arg
@@ -525,6 +525,9 @@ void SDV_CRYPTO_DSA_SIGN_VERIFY_DATA_FUNC_TC001(
BN_BigNum *bnS = NULL;
CRYPT_EAL_PkeyCtx *pkey = NULL;
Hex mdOut = {0};
BN_BigNum *q = NULL;
uint8_t *sigAddQ = NULL;
uint32_t sigAddQLen = 0;
ASSERT_EQ(memcpy_s(g_kRandBuf, sizeof(g_kRandBuf), K->x, K->len), 0);
g_kRandBufLen = K->len;
@@ -571,6 +574,14 @@ void SDV_CRYPTO_DSA_SIGN_VERIFY_DATA_FUNC_TC001(
/* Verify the signature of the hash data. */
ASSERT_EQ(CRYPT_EAL_PkeyVerifyData(pkey, mdOut.x, mdOut.len, hitlsSign, hitlsSignOutLen), CRYPT_SUCCESS);
ASSERT_TRUE(TestIsErrStackEmpty());
q = BN_Create(Q->len * 8);
ASSERT_NE(q, NULL);
ASSERT_EQ(BN_Bin2Bn(q, Q->x, Q->len), CRYPT_SUCCESS);
ASSERT_EQ(BN_Add(bnS, q, bnS), CRYPT_SUCCESS); // s' = s + q
sigAddQLen = signLen * 2;
sigAddQ = (uint8_t *)malloc(sigAddQLen);
ASSERT_EQ(CRYPT_EAL_EncodeSign(bnR, bnS, sigAddQ, &sigAddQLen), CRYPT_SUCCESS);
ASSERT_EQ(CRYPT_EAL_PkeyVerifyData(pkey, mdOut.x, mdOut.len, sigAddQ, sigAddQLen), CRYPT_DSA_VERIFY_FAIL);
EXIT:
CRYPT_RandRegist(NULL);
CRYPT_RandRegistEx(NULL);
@@ -583,6 +594,8 @@ EXIT:
BN_Destroy(bnS);
BSL_ERR_RemoveErrorStack(true);
CRYPT_EAL_PkeyFreeCtx(pkey);
free(sigAddQ);
BN_Destroy(q);
}
/* END_CASE */
@@ -1679,13 +1679,10 @@ EXIT:
@test SDV_PKCS8_ENCODE_DHKEY_DSAKEY_TC001
@title DH, DSA key encoding
@step
1.openHiTLS calls CRYPT_EAL_EncodeBuffKey interface to encode the key in pem format,
comparing if the encoding between openssl and openHiTLS is consistent
2.openHiTLS calls CRYPT_EAL_EncodeBuffKey interface to encode the key in asn1 format,
comparing if the encoding between openssl and openHiTLS is consistent
1.openHiTLS calls CRYPT_EAL_EncodeBuffKey interface to encode the key in pem format
2.openHiTLS calls CRYPT_EAL_EncodeBuffKey interface to encode the key in asn1 format
@expect
1.Encoding succeeds, consistent with openssl
2.Encoding succeeds, consistent with openssl
Both success
*/
/* BEGIN_CASE */
void SDV_PKCS8_ENCODE_DHKEY_DSAKEY_TC001(char *path, int fileType, Hex *asn1)
@@ -1728,8 +1725,7 @@ EXIT:
2.openHiTLS calls CRYPT_EAL_DecodeBuffKey interface to decode the key in asn1 format,
comparing if the decrypted key is consistent with the original key
@expect
1.Encoding succeeds, consistent with openssl
2.Encoding succeeds, consistent with openssl
Both success
*/
/* BEGIN_CASE */
void SDV_PKCS8_DECODE_DHKEY_DSAKEY_TC001(char *path, int fileType, Hex *asn1)
@@ -2044,3 +2040,61 @@ EXIT:
#endif
}
/* END_CASE */
/*
@test SDV_CRYPT_DECODE_RSAPSS_MGF1_VALIDATE_TC001
@title Test CRYPT_EAL_ParseRsaPssAlgParam rejects non-MGF1 mask generation algorithm
@precon None
@step
1. Call CRYPT_EAL_ParseRsaPssAlgParam with valid RSA-PSS params (MGF1 OID), expect success
2. Call CRYPT_EAL_ParseRsaPssAlgParam with invalid RSA-PSS params (non-MGF1 OID), expect CRYPT_DECODE_ERR_RSSPSS
@expect
1. Valid params parse successfully with correct mdId, mgfId, and saltLen
2. Invalid params return CRYPT_DECODE_ERR_RSSPSS
*/
/* BEGIN_CASE */
void SDV_CRYPT_DECODE_RSAPSS_MGF1_VALIDATE_TC001(void)
{
#if defined(HITLS_CRYPTO_RSA) && defined(HITLS_CRYPTO_KEY_DECODE)
/* RSA-PSS params: SHA-256 hash, MGF1(SHA-256), salt length 32
* Content of the SEQUENCE (without outer SEQUENCE TLV):
* [0] { SEQUENCE { OID sha256 } }
* [1] { SEQUENCE { OID mgf1, SEQUENCE { OID sha256 } } }
* [2] { INTEGER 32 }
*/
uint8_t validPssParams[] = {
0xa0, 0x0d, 0x30, 0x0b, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01,
0xa1, 0x1a, 0x30, 0x18, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x08,
0x30, 0x0b, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01,
0xa2, 0x03, 0x02, 0x01, 0x20
};
/* Invalid: replace MGF1 OID (2a864886f70d010108) with RSASSA-PSS OID (2a864886f70d01010a) */
uint8_t invalidPssParams[] = {
0xa0, 0x0d, 0x30, 0x0b, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01,
0xa1, 0x1a, 0x30, 0x18, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0a,
0x30, 0x0b, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01,
0xa2, 0x03, 0x02, 0x01, 0x20
};
BSL_ASN1_Buffer validParam = {BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE,
sizeof(validPssParams), validPssParams};
BSL_ASN1_Buffer invalidParam = {BSL_ASN1_TAG_CONSTRUCTED | BSL_ASN1_TAG_SEQUENCE,
sizeof(invalidPssParams), invalidPssParams};
CRYPT_RSA_PssPara para = {0};
ASSERT_EQ(CRYPT_EAL_ParseRsaPssAlgParam(&validParam, &para), CRYPT_SUCCESS);
ASSERT_EQ(para.mdId, CRYPT_MD_SHA256);
ASSERT_EQ(para.mgfId, CRYPT_MD_SHA256);
ASSERT_EQ(para.saltLen, 32);
memset(&para, 0, sizeof(para));
ASSERT_EQ(CRYPT_EAL_ParseRsaPssAlgParam(&invalidParam, &para), CRYPT_DECODE_ERR_RSSPSS);
EXIT:
return;
#else
SKIP_TEST();
#endif
}
/* END_CASE */
@@ -798,3 +798,6 @@ SDV_PKCS8_ERROR_ENCDEC_TC002:"../testdata/cert/asn1/dh_key/err_dh_public.pem":CR
SDV_PKCS8_ERROR_ENCDEC_TC003
SDV_PKCS8_ERROR_ENCDEC_TC003:"../testdata/cert/asn1/dsa_key/empty_dsa_private.pem":CRYPT_PRIKEY_PKCS8_UNENCRYPT:""
SDV_CRYPT_DECODE_RSAPSS_MGF1_VALIDATE_TC001
SDV_CRYPT_DECODE_RSAPSS_MGF1_VALIDATE_TC001:
@@ -45,6 +45,7 @@
#include "crypt_eal_entropy.h"
#include "crypt_util_rand.h"
#include "crypt_params_key.h"
#include "crypt_eal_codecs.h"
#include <stdio.h>
#include <time.h>
#include <string.h>
@@ -1418,3 +1419,32 @@ EXIT:
#endif
}
/* END_CASE */
/* BEGIN_CASE */
void SDV_ISO19790_PROVIDER_DECODE_KEY_PARAM_CHECK_TC001(char *path, char *format, char *type, int expectRet)
{
#ifndef HITLS_CRYPTO_CMVP_ISO19790
(void)path;
(void)format;
(void)type;
(void)expectRet;
SKIP_TEST();
#else
Iso19790_ProviderLoadCtx ctx = {0};
CRYPT_EAL_PkeyCtx *pkeyCtx = NULL;
ASSERT_EQ(Iso19790_ProviderLoad(&ctx), CRYPT_SUCCESS);
// Register default provider to supply decoder implementations
ASSERT_EQ(CRYPT_EAL_ProviderRegister(ctx.libCtx, "default", CRYPT_EAL_DefaultProvInit, NULL, NULL), CRYPT_SUCCESS);
int32_t ret = CRYPT_EAL_ProviderDecodeFileKey(ctx.libCtx, "provider=iso", BSL_CID_UNKNOWN,
format, type, path, NULL, &pkeyCtx);
ASSERT_EQ(ret, expectRet);
if (expectRet == CRYPT_SUCCESS) {
ASSERT_TRUE(pkeyCtx != NULL);
}
EXIT:
CRYPT_EAL_PkeyFreeCtx(pkeyCtx);
Iso19790_ProviderUnload(&ctx);
#endif
}
/* END_CASE */
@@ -293,3 +293,21 @@ SDV_ISO19790_PROVIDER_MD_USE_DEFAULT_LIBCTX_TEST_TC001:CRYPT_MD_SHAKE256
SDV_ISO19790_PROVIDER_MD_USE_DEFAULT_LIBCTX_TEST_TC001 CRYPT_MD_SM3
SDV_ISO19790_PROVIDER_MD_USE_DEFAULT_LIBCTX_TEST_TC001:CRYPT_MD_SM3
#SDV_ISO19790_PROVIDER_DECODE_KEY_PARAM_CHECK_TC001 ECDSA P192 PKCS8 rejected
#SDV_ISO19790_PROVIDER_DECODE_KEY_PARAM_CHECK_TC001:"../testdata/cert/chain/nistp192_certs/ee_nistp192_key_pkcs8.#der":"ASN1":"PRIKEY_PKCS8_UNENCRYPT":CRYPT_DECODE_ERR_NO_USABLE_DECODER
#SDV_ISO19790_PROVIDER_DECODE_KEY_PARAM_CHECK_TC001 RSA 1024 SPKI pubkey rejected
#SDV_ISO19790_PROVIDER_DECODE_KEY_PARAM_CHECK_TC001:"../testdata/cert/asn1/spki/rsa1024_spki.der":"ASN1":"PUBKEY_SUBKEY":CRYPT_DECODE_ERR_NO_USABLE_DECODER
#SDV_ISO19790_PROVIDER_DECODE_KEY_PARAM_CHECK_TC001 ECDSA P192 pubkey rejected
#SDV_ISO19790_PROVIDER_DECODE_KEY_PARAM_CHECK_TC001:"../testdata/cert/chain/nistp192_certs/ee_nistp192_pubkey.der":"ASN1":"PUBKEY_SUBKEY":CRYPT_DECODE_ERR_NO_USABLE_DECODER
#SDV_ISO19790_PROVIDER_DECODE_KEY_PARAM_CHECK_TC001 RSA 2048 PKCS8 success
#SDV_ISO19790_PROVIDER_DECODE_KEY_PARAM_CHECK_TC001:"../testdata/cert/asn1/rsa2048key_pkcs8.der":"ASN1":"PRIKEY_PKCS8_UNENCRYPT":CRYPT_SUCCESS
#SDV_ISO19790_PROVIDER_DECODE_KEY_PARAM_CHECK_TC001 RSA 1024 PKCS8 rejected
#SDV_ISO19790_PROVIDER_DECODE_KEY_PARAM_CHECK_TC001:"../testdata/cert/asn1/pkcs8_unencrypted/rsa1024_p8_unencrypted.#der":"ASN1":"PRIKEY_PKCS8_UNENCRYPT":CRYPT_DECODE_ERR_NO_USABLE_DECODER
#SDV_ISO19790_PROVIDER_DECODE_KEY_PARAM_CHECK_TC001 ECDSA P256 PKCS8 success
#SDV_ISO19790_PROVIDER_DECODE_KEY_PARAM_CHECK_TC001:"../testdata/cert/asn1/prime256v1_pkcs8.der":"ASN1":"PRIKEY_PKCS8_UNENCRYPT":CRYPT_SUCCESS
-5
View File
@@ -21,11 +21,6 @@ Strategy: construct v1/v2 certificates with extensions by manually building DER:
3. Re-sign the patched TBS with the issuer's private key
4. Assemble the final Certificate SEQUENCE: [patched TBS, signatureAlgorithm, signatureValue]
This produces v1/v2 certificates with extensions AND valid signatures, so both OpenSSL
and openHiTLS can parse them. OpenSSL should reject them with
X509_V_ERR_EXTENSIONS_REQUIRE_VERSION_3; openHiTLS should reject them with
HITLS_X509_ERR_VFY_EXTENSIONS_REQUIRE_V3.
Output files:
a_v3_root.der - v3 root CA (trust anchor for TC1-TC4)
a_v1_ext_leaf.der - TC1: v1 leaf with extensions, valid signature from root
-1
View File
@@ -338,7 +338,6 @@ static int32_t RecConnCbcDecryptByEncryptThenMac(TLS_Ctx *ctx, const RecConnStat
* Encrypt-then-MAC mode: Verify MAC first, then decrypt.
* The MAC is computed over the ciphertext (including explicit IV),
* so timing does not leak plaintext information.
* Reference: OpenSSL tls_common.c:787-811
*/
/* Step 1: Check MAC (over ciphertext) */