mirror of
https://github.com/openharmony/third_party_openhitls.git
synced 2026-07-01 10:05:26 -04:00
fix:fix bugs and clean sensitive data
Cherry-picked from: https://gitcode.com/openHiTLS/openhitls/merge_requests/1486 Signed-off-by: Dongjianwei001 <dongjianwei1@huawei.com>
This commit is contained in:
@@ -299,6 +299,7 @@ static int32_t EncodeKeyParamAsn1BuffInner(CRYPT_EAL_PkeyCtx *pctx, int32_t opt,
|
||||
static int32_t SetDsaDhKeyPair(CRYPT_EAL_PkeyCtx *pkey, CRYPT_PKEY_AlgId algId, bool isPriv,
|
||||
uint8_t *buff, uint32_t buffLen)
|
||||
{
|
||||
int32_t ret;
|
||||
int32_t pubKeyTag;
|
||||
int32_t prvKeyTag;
|
||||
if (algId == CRYPT_PKEY_DSA) {
|
||||
@@ -312,20 +313,19 @@ static int32_t SetDsaDhKeyPair(CRYPT_EAL_PkeyCtx *pkey, CRYPT_PKEY_AlgId algId,
|
||||
{pubKeyTag, BSL_PARAM_TYPE_OCTETS, buff, buffLen, 0},
|
||||
BSL_PARAM_END
|
||||
};
|
||||
int32_t ret = CRYPT_EAL_PkeySetPubEx(pkey, rawKey);
|
||||
if (ret != CRYPT_SUCCESS) {
|
||||
BSL_ERR_PUSH_ERROR(ret);
|
||||
return ret;
|
||||
}
|
||||
if (isPriv != 0) {
|
||||
rawKey[0].key = prvKeyTag;
|
||||
ret = CRYPT_EAL_PkeySetPrvEx(pkey, rawKey);
|
||||
if (ret != CRYPT_SUCCESS) {
|
||||
BSL_ERR_PUSH_ERROR(ret);
|
||||
return ret;
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
return CRYPT_SUCCESS;
|
||||
ret = CRYPT_EAL_PkeySetPubEx(pkey, rawKey);
|
||||
if (ret != CRYPT_SUCCESS) {
|
||||
BSL_ERR_PUSH_ERROR(ret);
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
#endif
|
||||
|
||||
|
||||
@@ -1599,6 +1599,10 @@ int32_t CryptDsaFips1864GenParams(CRYPT_DSA_Ctx *ctx, void *val)
|
||||
// Set flag == 1, enable generate private key SP800-56Ar3 5_6_1_1_4.
|
||||
static int32_t CRYPT_SetFipsFlag(CRYPT_DSA_Ctx *ctx, void *val, uint32_t len)
|
||||
{
|
||||
if (val == NULL) {
|
||||
BSL_ERR_PUSH_ERROR(CRYPT_NULL_INPUT);
|
||||
return CRYPT_NULL_INPUT;
|
||||
}
|
||||
if (len != sizeof(uint32_t)) {
|
||||
BSL_ERR_PUSH_ERROR(CRYPT_DSA_PARA_ERROR);
|
||||
return CRYPT_DSA_PARA_ERROR;
|
||||
|
||||
@@ -754,7 +754,7 @@ int32_t PkeyProviderSetPub(CRYPT_EAL_PkeyCtx *pkey, const CRYPT_EAL_PkeyPub *key
|
||||
BSL_Param paParam[5] = {
|
||||
{CRYPT_PARAM_ELGAMAL_P, BSL_PARAM_TYPE_OCTETS, key->key.elgamalPub.p, key->key.elgamalPub.pLen, 0},
|
||||
{CRYPT_PARAM_ELGAMAL_G, BSL_PARAM_TYPE_OCTETS, key->key.elgamalPub.g, key->key.elgamalPub.gLen, 0},
|
||||
{CRYPT_PARAM_ELGAMAL_Y, BSL_PARAM_TYPE_OCTETS, key->key.elgamalPub.y, key->key.elgamalPub.pLen, 0},
|
||||
{CRYPT_PARAM_ELGAMAL_Y, BSL_PARAM_TYPE_OCTETS, key->key.elgamalPub.y, key->key.elgamalPub.yLen, 0},
|
||||
{CRYPT_PARAM_ELGAMAL_Q, BSL_PARAM_TYPE_OCTETS, key->key.elgamalPub.q, key->key.elgamalPub.qLen, 0},
|
||||
BSL_PARAM_END};
|
||||
return pkey->method.setPub(pkey->key, &paParam);
|
||||
|
||||
@@ -142,7 +142,7 @@ static int32_t BerlekampMassey(const GFElement *syndrome, GFPolynomial *sigma, c
|
||||
BmInitState(polyC, polyB, &lenLFSR, &b);
|
||||
for (int32_t lenN = 0; lenN < 2 * params->t; lenN++) {
|
||||
GFElement d = BmComputeDiscrepancy(syndrome, polyC, lenN, params->t);
|
||||
uint16_t dMask = ((d - 1) >> 15 ) - 1;
|
||||
uint16_t dMask = ((uint16_t)(d - 1) >> 15 ) - 1;
|
||||
uint16_t nMask = ((uint16_t)(lenN - (lenLFSR << 1)) >> 15) - 1;
|
||||
nMask &= dMask;
|
||||
for (int32_t i = 0; i <= params->t; i++) {
|
||||
|
||||
@@ -347,7 +347,7 @@ int32_t SeededKeyGenInternal(const uint8_t *delta, CMPublicKey *pk, CMPrivateKey
|
||||
int32_t ret = McEliecePrg(sk->delta, rndE, prgOutputByteLen);
|
||||
if (ret != CRYPT_SUCCESS) {
|
||||
BSL_ERR_PUSH_ERROR(ret);
|
||||
BSL_SAL_FREE(rndE);
|
||||
BSL_SAL_ClearFree(rndE, prgOutputByteLen);
|
||||
return ret;
|
||||
}
|
||||
(void)memcpy_s(deltaPrime, deltaPrimeByteLen, rndE + prgOutputByteLen - deltaPrimeByteLen, deltaPrimeByteLen);
|
||||
@@ -363,7 +363,7 @@ int32_t SeededKeyGenInternal(const uint8_t *delta, CMPublicKey *pk, CMPrivateKey
|
||||
}
|
||||
(void)memcpy_s(sk->delta, MCELIECE_L_BYTES, deltaPrime, MCELIECE_L_BYTES);
|
||||
}
|
||||
BSL_SAL_FREE(rndE);
|
||||
BSL_SAL_ClearFree(rndE, prgOutputByteLen);
|
||||
return CRYPT_MCELIECE_KEYGEN_FAIL;
|
||||
}
|
||||
#endif
|
||||
|
||||
@@ -391,7 +391,7 @@ int32_t CRYPT_ML_KEM_SetDecapsKey(CRYPT_ML_KEM_Ctx *ctx, const CRYPT_KemDecapsKe
|
||||
uint8_t *ekData = BSL_SAL_Dump(dk->data + MLKEM_CIPHER_LEN * ctx->info->k, ctx->info->encapsKeyLen);
|
||||
if (dkData == NULL || ekData == NULL) {
|
||||
MLKEM_KeyReset(ctx);
|
||||
BSL_SAL_FREE(dkData);
|
||||
BSL_SAL_ClearFree(dkData, dk->len);
|
||||
BSL_SAL_FREE(ekData);
|
||||
BSL_ERR_PUSH_ERROR(CRYPT_MEM_ALLOC_FAIL);
|
||||
return CRYPT_MEM_ALLOC_FAIL;
|
||||
|
||||
@@ -790,7 +790,10 @@ static int32_t RsaGetSignVerifyData(CRYPT_RSA_Ctx *ctx, const uint8_t *hash, uin
|
||||
uint32_t emLen = BN_BITS_TO_BYTES(bits);
|
||||
|
||||
uint32_t hLen = (uint32_t)ctx->pad.para.iso9796_2.mdMeth.mdSize;
|
||||
|
||||
if (hLen != hashLen) {
|
||||
BSL_ERR_PUSH_ERROR(CRYPT_RSA_ERR_INPUT_VALUE);
|
||||
return CRYPT_RSA_ERR_INPUT_VALUE;
|
||||
}
|
||||
// Verify whether the signature algorithm and hash algorithm match reasonably.
|
||||
if (emLen < hLen + 2) {
|
||||
BSL_ERR_PUSH_ERROR(CRYPT_RSA_ERR_INPUT_VALUE);
|
||||
|
||||
@@ -1307,6 +1307,10 @@ static bool IsExistRsaParam(const BSL_Param *params)
|
||||
int32_t CRYPT_RSA_Import(CRYPT_RSA_Ctx *ctx, const BSL_Param *params)
|
||||
{
|
||||
int32_t ret = CRYPT_SUCCESS;
|
||||
if (ctx == NULL || params == NULL) {
|
||||
BSL_ERR_PUSH_ERROR(CRYPT_NULL_INPUT);
|
||||
return CRYPT_NULL_INPUT;
|
||||
}
|
||||
if (IsExistRsaParam(params)) {
|
||||
ret = CRYPT_RSA_SetParaEx(ctx, params);
|
||||
if (ret != CRYPT_SUCCESS) {
|
||||
|
||||
@@ -1751,6 +1751,21 @@ static int32_t InitMdCtxForAlgs(CMS_SignedData *signedData, const BSL_Param *par
|
||||
return HITLS_PKI_SUCCESS;
|
||||
}
|
||||
|
||||
static int32_t CheckSignAlgMatchesPubKey(const HITLS_X509_Asn1AlgId *alg, const CRYPT_EAL_PkeyCtx *pubKey)
|
||||
{
|
||||
CRYPT_PKEY_AlgId keyAlg = CRYPT_EAL_PkeyGetId(pubKey);
|
||||
// Currently, we only check this consistency for mldsa
|
||||
if (keyAlg == CRYPT_PKEY_ML_DSA) {
|
||||
if (alg->algId == BSL_CID_ML_DSA_44 || alg->algId == BSL_CID_ML_DSA_65
|
||||
|| alg->algId == BSL_CID_ML_DSA_87) {
|
||||
return HITLS_PKI_SUCCESS;
|
||||
}
|
||||
BSL_ERR_PUSH_ERROR(HITLS_CMS_ERR_INVALID_ALGO);
|
||||
return HITLS_CMS_ERR_INVALID_ALGO;
|
||||
}
|
||||
return HITLS_PKI_SUCCESS;
|
||||
}
|
||||
|
||||
static int32_t CheckSignature(HITLS_X509_Asn1AlgId *alg, CRYPT_EAL_PkeyCtx *pubKey, int32_t hashId, uint8_t *msg,
|
||||
uint32_t msgLen, uint8_t *signature, uint32_t signatureLen, bool verifyByHash)
|
||||
{
|
||||
@@ -1760,6 +1775,11 @@ static int32_t CheckSignature(HITLS_X509_Asn1AlgId *alg, CRYPT_EAL_PkeyCtx *pubK
|
||||
BSL_ERR_PUSH_ERROR(HITLS_X509_ERR_VFY_DUP_PUBKEY);
|
||||
return HITLS_X509_ERR_VFY_DUP_PUBKEY;
|
||||
}
|
||||
ret = CheckSignAlgMatchesPubKey(alg, verifyPubKey);
|
||||
if (ret != HITLS_PKI_SUCCESS) {
|
||||
CRYPT_EAL_PkeyFreeCtx(verifyPubKey);
|
||||
return ret;
|
||||
}
|
||||
ret = HITLS_X509_CtrlAlgInfo(verifyPubKey, hashId, alg);
|
||||
if (ret != HITLS_PKI_SUCCESS) {
|
||||
CRYPT_EAL_PkeyFreeCtx(verifyPubKey);
|
||||
|
||||
@@ -1565,6 +1565,58 @@ EXIT:
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
#if defined(HITLS_CRYPTO_PROVIDER) && (defined(HITLS_CRYPTO_DSA) || defined(HITLS_CRYPTO_DH))
|
||||
static int32_t CompareDsaDhPrvKey(CRYPT_EAL_PkeyCtx *pkey1, CRYPT_EAL_PkeyCtx *pkey2, uint32_t keyLen)
|
||||
{
|
||||
uint8_t *prv1 = NULL;
|
||||
uint8_t *prv2 = NULL;
|
||||
CRYPT_EAL_PkeyPrv prvKey1 = {0};
|
||||
CRYPT_EAL_PkeyPrv prvKey2 = {0};
|
||||
int32_t pkeyId;
|
||||
int32_t ret = CRYPT_INVALID_KEY;
|
||||
|
||||
prv1 = BSL_SAL_Malloc(keyLen);
|
||||
prv2 = BSL_SAL_Malloc(keyLen);
|
||||
ASSERT_TRUE(prv1 != NULL);
|
||||
ASSERT_TRUE(prv2 != NULL);
|
||||
ASSERT_EQ(CRYPT_EAL_PkeyGetId(pkey1), CRYPT_EAL_PkeyGetId(pkey2));
|
||||
pkeyId = CRYPT_EAL_PkeyGetId(pkey1);
|
||||
if (pkeyId == CRYPT_PKEY_DSA) {
|
||||
prvKey1.id = CRYPT_PKEY_DSA;
|
||||
prvKey1.key.dsaPrv.data = prv1;
|
||||
prvKey1.key.dsaPrv.len = keyLen;
|
||||
prvKey2.id = CRYPT_PKEY_DSA;
|
||||
prvKey2.key.dsaPrv.data = prv2;
|
||||
prvKey2.key.dsaPrv.len = keyLen;
|
||||
ASSERT_EQ(CRYPT_EAL_PkeyGetPrv(pkey1, &prvKey1), CRYPT_SUCCESS);
|
||||
ASSERT_EQ(CRYPT_EAL_PkeyGetPrv(pkey2, &prvKey2), CRYPT_SUCCESS);
|
||||
ASSERT_EQ(prvKey1.key.dsaPrv.len, prvKey2.key.dsaPrv.len);
|
||||
ASSERT_COMPARE("dsa private key compare.", prvKey1.key.dsaPrv.data, prvKey1.key.dsaPrv.len,
|
||||
prvKey2.key.dsaPrv.data, prvKey2.key.dsaPrv.len);
|
||||
} else if (pkeyId == CRYPT_PKEY_DH) {
|
||||
prvKey1.id = CRYPT_PKEY_DH;
|
||||
prvKey1.key.dhPrv.data = prv1;
|
||||
prvKey1.key.dhPrv.len = keyLen;
|
||||
prvKey2.id = CRYPT_PKEY_DH;
|
||||
prvKey2.key.dhPrv.data = prv2;
|
||||
prvKey2.key.dhPrv.len = keyLen;
|
||||
ASSERT_EQ(CRYPT_EAL_PkeyGetPrv(pkey1, &prvKey1), CRYPT_SUCCESS);
|
||||
ASSERT_EQ(CRYPT_EAL_PkeyGetPrv(pkey2, &prvKey2), CRYPT_SUCCESS);
|
||||
ASSERT_EQ(prvKey1.key.dhPrv.len, prvKey2.key.dhPrv.len);
|
||||
ASSERT_COMPARE("dh private key compare.", prvKey1.key.dhPrv.data, prvKey1.key.dhPrv.len,
|
||||
prvKey2.key.dhPrv.data, prvKey2.key.dhPrv.len);
|
||||
} else {
|
||||
ASSERT_TRUE(false);
|
||||
}
|
||||
ret = CRYPT_SUCCESS;
|
||||
|
||||
EXIT:
|
||||
BSL_SAL_FREE(prv1);
|
||||
BSL_SAL_FREE(prv2);
|
||||
return ret;
|
||||
}
|
||||
#endif
|
||||
|
||||
/* BEGIN_CASE */
|
||||
void SDV_BSL_ASN1_DECODE_DSAKEY_BUFF_CMP(char *path, int fileType, Hex *asn1)
|
||||
{
|
||||
@@ -1577,7 +1629,11 @@ void SDV_BSL_ASN1_DECODE_DSAKEY_BUFF_CMP(char *path, int fileType, Hex *asn1)
|
||||
BSL_Buffer encodeAsn1 = {asn1->x, asn1->len};
|
||||
ASSERT_EQ(CRYPT_EAL_DecodeFileKey(BSL_FORMAT_UNKNOWN, fileType, path, NULL, 0, &pkeyCtx), CRYPT_SUCCESS);
|
||||
ASSERT_EQ(CRYPT_EAL_DecodeBuffKey(BSL_FORMAT_ASN1, fileType, &encodeAsn1, NULL, 0, &pkeyAsn1Ctx), CRYPT_SUCCESS);
|
||||
ASSERT_EQ(CRYPT_EAL_PkeyCmp(pkeyCtx, pkeyAsn1Ctx), CRYPT_SUCCESS);
|
||||
if (fileType != CRYPT_PRIKEY_PKCS8_UNENCRYPT) {
|
||||
ASSERT_EQ(CRYPT_EAL_PkeyCmp(pkeyCtx, pkeyAsn1Ctx), CRYPT_SUCCESS);
|
||||
} else {
|
||||
ASSERT_EQ(CompareDsaDhPrvKey(pkeyCtx, pkeyAsn1Ctx, asn1->len), CRYPT_SUCCESS);
|
||||
}
|
||||
EXIT:
|
||||
CRYPT_EAL_PkeyFreeCtx(pkeyCtx);
|
||||
CRYPT_EAL_PkeyFreeCtx(pkeyAsn1Ctx);
|
||||
@@ -1602,7 +1658,11 @@ void SDV_BSL_ASN1_DECODE_DHKEY_BUFF_CMP(char *path, int fileType, Hex *asn1)
|
||||
BSL_Buffer encodeAsn1 = {asn1->x, asn1->len};
|
||||
ASSERT_EQ(CRYPT_EAL_DecodeFileKey(BSL_FORMAT_UNKNOWN, fileType, path, NULL, 0, &pkeyCtx), CRYPT_SUCCESS);
|
||||
ASSERT_EQ(CRYPT_EAL_DecodeBuffKey(BSL_FORMAT_ASN1, fileType, &encodeAsn1, NULL, 0, &pkeyAsn1Ctx), CRYPT_SUCCESS);
|
||||
ASSERT_EQ(CRYPT_EAL_PkeyCmp(pkeyCtx, pkeyAsn1Ctx), CRYPT_SUCCESS);
|
||||
if (fileType != CRYPT_PRIKEY_PKCS8_UNENCRYPT) {
|
||||
ASSERT_EQ(CRYPT_EAL_PkeyCmp(pkeyCtx, pkeyAsn1Ctx), CRYPT_SUCCESS);
|
||||
} else {
|
||||
ASSERT_EQ(CompareDsaDhPrvKey(pkeyCtx, pkeyAsn1Ctx, asn1->len), CRYPT_SUCCESS);
|
||||
}
|
||||
EXIT:
|
||||
CRYPT_EAL_PkeyFreeCtx(pkeyCtx);
|
||||
CRYPT_EAL_PkeyFreeCtx(pkeyAsn1Ctx);
|
||||
@@ -1742,8 +1802,12 @@ void SDV_PKCS8_DECODE_DHKEY_DSAKEY_TC001(char *path, int fileType, Hex *asn1)
|
||||
memcpy_s(decodeAsn1.data, asn1->len, asn1->x, asn1->len);
|
||||
ASSERT_EQ(CRYPT_EAL_DecodeFileKey(BSL_FORMAT_UNKNOWN, fileType, path, NULL, 0, &pkeyBypem), CRYPT_SUCCESS);
|
||||
ASSERT_EQ(CRYPT_EAL_DecodeBuffKey(BSL_FORMAT_ASN1, fileType, &decodeAsn1, NULL, 0, &pkeyByAsn1), CRYPT_SUCCESS);
|
||||
if (fileType != CRYPT_PRIKEY_PKCS8_UNENCRYPT) {
|
||||
ASSERT_EQ(CRYPT_EAL_PkeyCmp(pkeyBypem, pkeyByAsn1), 0);
|
||||
} else {
|
||||
ASSERT_EQ(CompareDsaDhPrvKey(pkeyBypem, pkeyByAsn1, asn1->len), CRYPT_SUCCESS);
|
||||
}
|
||||
|
||||
ASSERT_EQ(CRYPT_EAL_PkeyCmp(pkeyBypem, pkeyByAsn1), 0);
|
||||
EXIT:
|
||||
BSL_SAL_FREE(decodeAsn1.data);
|
||||
CRYPT_EAL_PkeyFreeCtx(pkeyBypem);
|
||||
@@ -1796,7 +1860,11 @@ void SDV_PKCS8_ENCDEC_DHKEY_DSAKEY_TC001(char *path, int fileType, Hex *asn1)
|
||||
ASSERT_EQ(CRYPT_EAL_DecodeFileKey(BSL_FORMAT_UNKNOWN, fileType, path, NULL, 0, &pkeyBypem), CRYPT_SUCCESS);
|
||||
ASSERT_EQ(CRYPT_EAL_DecodeBuffKey(BSL_FORMAT_ASN1, fileType, &decodeAsn1, NULL, 0, &pkeyByAsn1), CRYPT_SUCCESS);
|
||||
|
||||
ASSERT_EQ(CRYPT_EAL_PkeyCmp(pkeyBypem, pkeyByAsn1), 0);
|
||||
if (fileType != CRYPT_PRIKEY_PKCS8_UNENCRYPT) {
|
||||
ASSERT_EQ(CRYPT_EAL_PkeyCmp(pkeyBypem, pkeyByAsn1), 0);
|
||||
} else {
|
||||
ASSERT_EQ(CompareDsaDhPrvKey(pkeyBypem, pkeyByAsn1, asn1->len), CRYPT_SUCCESS);
|
||||
}
|
||||
|
||||
ASSERT_EQ(CRYPT_EAL_EncodeBuffKey(pkeyBypem, NULL, BSL_FORMAT_ASN1, fileType, &encodeAsn1), CRYPT_SUCCESS);
|
||||
ASSERT_COMPARE("asn1 compare.", encodeAsn1.data, encodeAsn1.dataLen, asn1->x, asn1->len);
|
||||
@@ -1815,9 +1883,15 @@ void SDV_PKCS8_ENCDEC_DHKEY_DSAKEY_TC001(char *path, int fileType, Hex *asn1)
|
||||
ASSERT_EQ(
|
||||
CRYPT_EAL_DecodeBuffKey(BSL_FORMAT_ASN1, fileType, &decodeAsn1_2, NULL, 0, &decpkeyByAsn1), CRYPT_SUCCESS);
|
||||
|
||||
ASSERT_EQ(CRYPT_EAL_PkeyCmp(decpkeyBypem, decpkeyByAsn1), 0);
|
||||
ASSERT_EQ(CRYPT_EAL_PkeyCmp(decpkeyBypem, pkeyBypem), 0);
|
||||
ASSERT_EQ(CRYPT_EAL_PkeyCmp(pkeyByAsn1, decpkeyByAsn1), 0);
|
||||
if (fileType != CRYPT_PRIKEY_PKCS8_UNENCRYPT) {
|
||||
ASSERT_EQ(CRYPT_EAL_PkeyCmp(decpkeyBypem, decpkeyByAsn1), 0);
|
||||
ASSERT_EQ(CRYPT_EAL_PkeyCmp(decpkeyBypem, pkeyBypem), 0);
|
||||
ASSERT_EQ(CRYPT_EAL_PkeyCmp(pkeyByAsn1, decpkeyByAsn1), 0);
|
||||
} else {
|
||||
ASSERT_EQ(CompareDsaDhPrvKey(decpkeyBypem, decpkeyByAsn1, encodeAsn1.dataLen), CRYPT_SUCCESS);
|
||||
ASSERT_EQ(CompareDsaDhPrvKey(decpkeyBypem, pkeyBypem, encodeAsn1.dataLen), CRYPT_SUCCESS);
|
||||
ASSERT_EQ(CompareDsaDhPrvKey(pkeyByAsn1, decpkeyByAsn1, encodeAsn1.dataLen), CRYPT_SUCCESS);
|
||||
}
|
||||
EXIT:
|
||||
CRYPT_EAL_PkeyFreeCtx(pkeyBypem);
|
||||
CRYPT_EAL_PkeyFreeCtx(pkeyByAsn1);
|
||||
|
||||
@@ -544,7 +544,7 @@ void SDV_CRYPTO_MLDSA_FUNC_PROVIDER_TC001(int type, Hex *testPubKey, Hex *testPr
|
||||
|
||||
ret = CRYPT_EAL_PkeySign(ctx3, CRYPT_MD_SHA256, msg->x, msg->len, out, &outLen);
|
||||
ASSERT_EQ(ret, CRYPT_SUCCESS);
|
||||
ret = CRYPT_EAL_PkeyVerify(ctx3, CRYPT_MD_SHA256, msg->x, msg->len, out, outLen);
|
||||
ret = CRYPT_EAL_PkeyVerify(ctx, CRYPT_MD_SHA256, msg->x, msg->len, out, outLen);
|
||||
ASSERT_EQ(ret, CRYPT_SUCCESS);
|
||||
ASSERT_TRUE(TestIsErrStackEmpty());
|
||||
EXIT:
|
||||
|
||||
@@ -2797,6 +2797,63 @@ EXIT:
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/**
|
||||
* @test SDV_CMS_MLDSA_SIGNALG_MISMATCH_VERIFY_TC001
|
||||
* @title Test ML-DSA CMS verification with mismatched signatureAlgorithm
|
||||
* @precon nan
|
||||
* @brief
|
||||
* 1. Parse a valid ML-DSA CMS file
|
||||
* 2. Tamper SignerInfo.signatureAlgorithm to a non-PQC OID
|
||||
* 3. Call HITLS_CMS_DataVerify
|
||||
* @expect
|
||||
* 1. Parsing should succeed
|
||||
* 2. Verification should fail with HITLS_CMS_ERR_INVALID_ALGO
|
||||
*/
|
||||
/* BEGIN_CASE */
|
||||
void SDV_CMS_MLDSA_SIGNALG_MISMATCH_VERIFY_TC001(char *p7path, char *msgpath, char *caPath)
|
||||
{
|
||||
#if !defined(HITLS_PKI_CMS_SIGNEDDATA)
|
||||
(void)p7path;
|
||||
(void)msgpath;
|
||||
(void)caPath;
|
||||
SKIP_TEST();
|
||||
#else
|
||||
HITLS_CMS *cms = NULL;
|
||||
BSL_Buffer msgBuff = {NULL, 0};
|
||||
HITLS_X509_Cert *caCert = NULL;
|
||||
HITLS_X509_List *caCertList = NULL;
|
||||
|
||||
ASSERT_EQ(HITLS_CMS_ProviderParseFile(NULL, NULL, NULL, p7path, &cms), HITLS_PKI_SUCCESS);
|
||||
ASSERT_EQ(BSL_SAL_ReadFile(msgpath, &msgBuff.data, &msgBuff.dataLen), BSL_SUCCESS);
|
||||
ASSERT_EQ(HITLS_X509_CertParseFile(BSL_FORMAT_PEM, caPath, &caCert), HITLS_PKI_SUCCESS);
|
||||
ASSERT_NE(caCert, NULL);
|
||||
|
||||
caCertList = BSL_LIST_New(sizeof(HITLS_X509_Cert *));
|
||||
ASSERT_NE(caCertList, NULL);
|
||||
ASSERT_EQ(BSL_LIST_AddElement(caCertList, caCert, BSL_LIST_POS_END), BSL_SUCCESS);
|
||||
BSL_Param params[2] = {
|
||||
{HITLS_CMS_PARAM_CA_CERT_LISTS, BSL_PARAM_TYPE_CTX_PTR, caCertList, 0, 0},
|
||||
BSL_PARAM_END
|
||||
};
|
||||
|
||||
CMS_SignedData *signedData = cms->ctx.signedData;
|
||||
ASSERT_NE(signedData, NULL);
|
||||
CMS_SignerInfo *si = (CMS_SignerInfo *)BSL_LIST_GET_FIRST(signedData->signerInfos);
|
||||
ASSERT_NE(si, NULL);
|
||||
// tamper the algId of signerInfo
|
||||
si->sigAlg.algId = BSL_CID_ECDSAWITHSHA256;
|
||||
|
||||
ASSERT_EQ(HITLS_CMS_DataVerify(cms, &msgBuff, params, NULL), HITLS_CMS_ERR_INVALID_ALGO);
|
||||
|
||||
EXIT:
|
||||
BSL_LIST_FREE(caCertList, (BSL_LIST_PFUNC_FREE)HITLS_X509_CertFree);
|
||||
BSL_SAL_FREE(msgBuff.data);
|
||||
HITLS_CMS_Free(cms);
|
||||
return;
|
||||
#endif
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/**
|
||||
* @test SDV_CMS_GEN_SIGNEDDATA_INVALID_HASH_TC001
|
||||
* @title Generate detached CMS SignedData with multiple signers
|
||||
|
||||
@@ -295,6 +295,9 @@ SDV_CMS_MLDSA_INVALID_HASH_VERIFY_TC001:"../testdata/cert/asn1/cms/signeddata/ml
|
||||
SDV_CMS_MLDSA_INVALID_HASH_VERIFY_TC001 Test MLDSA87 with SHA-256 (invalid - should use SHA-512)
|
||||
SDV_CMS_MLDSA_INVALID_HASH_VERIFY_TC001:"../testdata/cert/asn1/cms/signeddata/mldsa/invalid_hash/mldsa87/mldsa87_sha256_attached.cms":"../testdata/cert/asn1/cms/signeddata/msg.txt":"../testdata/cert/asn1/cms/signeddata/mldsa/invalid_hash/mldsa87/ca_cert.pem"
|
||||
|
||||
SDV_CMS_MLDSA_SIGNALG_MISMATCH_VERIFY_TC001 Test MLDSA65 with non-PQC signatureAlgorithm
|
||||
SDV_CMS_MLDSA_SIGNALG_MISMATCH_VERIFY_TC001:"../testdata/cert/asn1/cms/signeddata/mldsa/mldsa65/mldsa65_attached.cms":"../testdata/cert/asn1/cms/signeddata/msg.txt":"../testdata/cert/asn1/cms/signeddata/mldsa/mldsa65/ca_cert.pem"
|
||||
|
||||
SDV_CMS_GEN_SIGNEDDATA_INVALID_HASH_TC001 mldsa44 - sha1 has signedAttrs
|
||||
SDV_CMS_GEN_SIGNEDDATA_INVALID_HASH_TC001:"../testdata/cert/asn1/cms/signeddata/mldsa/mldsa44/ca_cert.pem":"../testdata/cert/asn1/cms/signeddata/mldsa/mldsa44/entity_cert.pem":"../testdata/cert/asn1/cms/signeddata/mldsa/mldsa44/entity_key.pem":"../testdata/cert/asn1/cms/signeddata/msg.txt":1:1:BSL_CID_SHA1:HITLS_CMS_ERR_MLDSA_INVALID_DIGEST
|
||||
|
||||
|
||||
Reference in New Issue
Block a user