diff options
Diffstat (limited to 'test/tpm_test/rsa_test.py')
| -rw-r--r-- | test/tpm_test/rsa_test.py | 458 |
1 files changed, 227 insertions, 231 deletions
diff --git a/test/tpm_test/rsa_test.py b/test/tpm_test/rsa_test.py index e411df57b0..1d377b3ae2 100644 --- a/test/tpm_test/rsa_test.py +++ b/test/tpm_test/rsa_test.py @@ -1,4 +1,4 @@ -#!/usr/bin/env python2 +# -*- coding: utf-8 -*- # Copyright 2015 The Chromium OS Authors. All rights reserved. # Use of this source code is governed by a BSD-style license that can be # found in the LICENSE file. @@ -6,6 +6,9 @@ """Module for testing rsa functions using extended commands.""" import binascii +import os +import struct + import Crypto import Crypto.Hash.SHA import Crypto.Hash.SHA256 @@ -14,10 +17,7 @@ import Crypto.Hash.SHA512 from Crypto.PublicKey import RSA import Crypto.Signature.PKCS1_PSS import Crypto.Signature.PKCS1_v1_5 -import hashlib -import os import rsa -import struct import subcmd import utils @@ -93,91 +93,93 @@ _RSA_CMD_FORMAT = '{o:c}{p:c}{h:c}{kl:s}{ml:s}{msg}{dl:s}{dig}' def _decrypt_cmd(padding, hashing, key_len, msg): - op = _RSA_OPCODES['DECRYPT'] - msg_len = len(msg) - return _RSA_CMD_FORMAT.format(o=op, p=padding, h=hashing, - kl=struct.pack('>H', key_len), - ml=struct.pack('>H', msg_len), msg=msg, - dl='', dig='') + rsa_op = _RSA_OPCODES['DECRYPT'] + msg_len = len(msg) + return _RSA_CMD_FORMAT.format(o=rsa_op, p=padding, h=hashing, + kl=struct.pack('>H', key_len), + ml=struct.pack('>H', msg_len), msg=msg, + dl='', dig='') def _encrypt_cmd(padding, hashing, key_len, msg): - op = _RSA_OPCODES['ENCRYPT'] - msg_len = len(msg) - return _RSA_CMD_FORMAT.format(o=op, p=padding, h=hashing, - kl=struct.pack('>H', key_len), - ml=struct.pack('>H', msg_len), msg=msg, - dl='', dig='') + rsa_op = _RSA_OPCODES['ENCRYPT'] + msg_len = len(msg) + return _RSA_CMD_FORMAT.format(o=rsa_op, p=padding, h=hashing, + kl=struct.pack('>H', key_len), + ml=struct.pack('>H', msg_len), msg=msg, + dl='', dig='') def _sign_cmd(padding, hashing, key_len, digest): - op = _RSA_OPCODES['SIGN'] - digest_len = len(digest) - return _RSA_CMD_FORMAT.format(o=op, p=padding, h=hashing, - kl=struct.pack('>H', key_len), - ml=struct.pack('>H', digest_len), msg=digest, - dl='', dig='') + rsa_op = _RSA_OPCODES['SIGN'] + digest_len = len(digest) + return _RSA_CMD_FORMAT.format(o=rsa_op, p=padding, h=hashing, + kl=struct.pack('>H', key_len), + ml=struct.pack('>H', digest_len), msg=digest, + dl='', dig='') def _verify_cmd(padding, hashing, key_len, sig, digest): - op = _RSA_OPCODES['VERIFY'] - sig_len = len(sig) - digest_len = len(digest) - return _RSA_CMD_FORMAT.format(o=op, p=padding, h=hashing, - kl=struct.pack('>H', key_len), - ml=struct.pack('>H', sig_len), msg=sig, - dl=struct.pack('>H', digest_len), dig=digest) + rsa_op = _RSA_OPCODES['VERIFY'] + sig_len = len(sig) + digest_len = len(digest) + return _RSA_CMD_FORMAT.format(o=rsa_op, p=padding, h=hashing, + kl=struct.pack('>H', key_len), + ml=struct.pack('>H', sig_len), msg=sig, + dl=struct.pack('>H', digest_len), dig=digest) def _keytest_cmd(key_len): - op = _RSA_OPCODES['KEYTEST'] - return _RSA_CMD_FORMAT.format(o=op, p=0, h=_HASH['NONE'], - kl=struct.pack('>H', key_len), - ml=struct.pack('>H', 0), msg='', - dl='', dig='') + rsa_op = _RSA_OPCODES['KEYTEST'] + return _RSA_CMD_FORMAT.format(o=rsa_op, p=0, h=_HASH['NONE'], + kl=struct.pack('>H', key_len), + ml=struct.pack('>H', 0), msg='', + dl='', dig='') -def _keygen_cmd(key_len, e, label): - op = _RSA_OPCODES['KEYGEN'] - padding = _RSA_PADDING['NONE'] - hashing = _HASH['NONE'] - return _RSA_CMD_FORMAT.format(o=op, p=padding, h=hashing, - kl=struct.pack('>H', key_len), - ml=struct.pack('>H', len(label)), msg=label, - dl=struct.pack('>H', 0), dig='') +def _keygen_cmd(key_len, exponent, label): + assert exponent == 65537 + rsa_op = _RSA_OPCODES['KEYGEN'] + padding = _RSA_PADDING['NONE'] + hashing = _HASH['NONE'] + return _RSA_CMD_FORMAT.format(o=rsa_op, p=padding, h=hashing, + kl=struct.pack('>H', key_len), + ml=struct.pack('>H', len(label)), msg=label, + dl=struct.pack('>H', 0), dig='') def _primegen_cmd(seed): - op = _RSA_OPCODES['PRIMEGEN'] - padding = _RSA_PADDING['NONE'] - hashing = _HASH['NONE'] - return _RSA_CMD_FORMAT.format(o=op, p=padding, h=hashing, - kl=struct.pack('>H', len(seed) * 8 * 2), - ml=struct.pack('>H', len(seed)), msg=seed, - dl=struct.pack('>H', 0), dig='') + rsa_op = _RSA_OPCODES['PRIMEGEN'] + padding = _RSA_PADDING['NONE'] + hashing = _HASH['NONE'] + return _RSA_CMD_FORMAT.format(o=rsa_op, p=padding, h=hashing, + kl=struct.pack('>H', len(seed) * 8 * 2), + ml=struct.pack('>H', len(seed)), msg=seed, + dl=struct.pack('>H', 0), dig='') def _x509_verify_cmd(key_len): - op = _RSA_OPCODES['X509_VERIFY'] - padding = _RSA_PADDING['NONE'] - hashing = _HASH['NONE'] - return _RSA_CMD_FORMAT.format(o=op, p=padding, h=hashing, - kl=struct.pack('>H', key_len), - ml=struct.pack('>H', 0), msg='', - dl=struct.pack('>H', 0), dig='') + rsa_op = _RSA_OPCODES['X509_VERIFY'] + padding = _RSA_PADDING['NONE'] + hashing = _HASH['NONE'] + return _RSA_CMD_FORMAT.format(o=rsa_op, p=padding, h=hashing, + kl=struct.pack('>H', key_len), + ml=struct.pack('>H', 0), msg='', + dl=struct.pack('>H', 0), dig='') _PRIMES = [2, 3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37, 41, 43, 47, 53, - 59, 61, 67, 71, 73, 79, 83, 89, 97, 101, 103, 107, 109, 113, 127, 131, - 137, 139, 149, 151, 157, 163, 167, 173, 179, 181, 191, 193, 197, 199, - 211, 223, 227, 229, 233, 239, 241, 251, 257, 263, 269, 271, 277, 281, - 283, 293, 307, 311, 313, 317, 331, 337, 347, 349, 353, 359, 367, 373, - 379, 383, 389, 397, 401, 409, 419, 421, 431, 433, 439, 443, 449, 457, - 461, 463, 467, 479, 487, 491, 499, 503, 509, 521, 523, 541, 547, 557, - 563, 569, 571, 577, 587, 593, 599, 601, 607, 613, 617, 619, 631, 641, - 643, 647, 653, 659, 661, 673, 677, 683, 691, 701, 709, 719, 727, 733, - 739, 743, 751, 757, 761, 769, 773, 787, 797, 809, 811, 821, 823, 827, - 829, 839, 853, 857, 859, 863, 877, 881, 883, 887, 907, 911, 919, 929, - 937, 941, 947, 953, 967, 971, 977, 983, 991, 997, 1009, 1013, 1019, + 59, 61, 67, 71, 73, 79, 83, 89, 97, 101, 103, 107, 109, 113, 127, + 131, 137, 139, 149, 151, 157, 163, 167, 173, 179, 181, 191, 193, + 197, 199, 211, 223, 227, 229, 233, 239, 241, 251, 257, 263, 269, + 271, 277, 281, 283, 293, 307, 311, 313, 317, 331, 337, 347, 349, + 353, 359, 367, 373, 379, 383, 389, 397, 401, 409, 419, 421, 431, + 433, 439, 443, 449, 457, 461, 463, 467, 479, 487, 491, 499, 503, + 509, 521, 523, 541, 547, 557, 563, 569, 571, 577, 587, 593, 599, + 601, 607, 613, 617, 619, 631, 641, 643, 647, 653, 659, 661, 673, + 677, 683, 691, 701, 709, 719, 727, 733, 739, 743, 751, 757, 761, + 769, 773, 787, 797, 809, 811, 821, 823, 827, 829, 839, 853, 857, + 859, 863, 877, 881, 883, 887, 907, 911, 919, 929, 937, 941, 947, + 953, 967, 971, 977, 983, 991, 997, 1009, 1013, 1019, 1021, 1031, 1033, 1039, 1049, 1051, 1061, 1063, 1069, 1087, 1091, 1093, 1097, 1103, 1109, 1117, 1123, 1129, 1151, 1153, 1163, 1171, 1181, 1187, 1193, 1201, 1213, 1217, 1223, 1229, 1231, 1237, 1249, @@ -564,28 +566,28 @@ _PRIMES = [2, 3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37, 41, 43, 47, 53, def _prime_from_seed(seed): - ROUNDS = 7 - - def _window(s, primes): - w = [0] * 4096 - for i in primes: - rem = s % i - if rem != 0: - rem = i - rem - for j in range(rem, len(w), i): - w[j] = 1 - return w - - # Set LSB, and top two bits. - candidate = chr(ord(seed[0]) | 192) + seed[1:-1] + chr(ord(seed[-1]) | 1) - candidate = int(binascii.b2a_hex(candidate), 16) - assert len(bin(candidate)[2:]) == len(seed) * 8 - w = _window(candidate, _PRIMES[:4096]) - for i, bit in enumerate(w): - if not bit: - if rsa.prime.randomized_primality_testing(candidate + i, ROUNDS): - return candidate + i - return None + rounds = 7 + + def _window(candidate, primes): + window = [0] * 4096 + for i in primes: + rem = candidate % i + if rem != 0: + rem = i - rem + for j in range(rem, len(window), i): + window[j] = 1 + return window + + # Set LSB, and top two bits. + candidate = chr(ord(seed[0]) | 192) + seed[1:-1] + chr(ord(seed[-1]) | 1) + candidate = int(binascii.b2a_hex(candidate), 16) + assert len(bin(candidate)[2:]) == len(seed) * 8 + window = _window(candidate, _PRIMES[:4096]) + for i, bit in enumerate(window): + if not bit: + if rsa.prime.randomized_primality_testing(candidate + i, rounds): + return candidate + i + return None # @@ -633,7 +635,8 @@ _KEYTEST_INPUTS = ( _KEYGEN_INPUTS = ( (768, 65537, '', None), (1024, 65537, 'rsa_test', None), - (2048, 65537, 'RSA key by vendor', 20811475686431332186511278472307159547870512766846593830860105577496044159545322178313772755518365593670114793803805067608811418757734989708137784444223785391864604211835387393923163468734914392307047296990698533218399115126417934050463597455237478939601236799120239663591264311485133747167378663829046579164891864068853210530642835833947569643788911200934265596274935082689832626616967124524353322373059893974744194447740045242468136414689225322177212281193879756355471091445748150740871146034049776312457888356154834233819876846764944450478069436248506560967902863015152471662817623176815923756421011384149834497587L), + # pylint: disable=line-too-long + (2048, 65537, 'RSA key by vendor', 20811475686431332186511278472307159547870512766846593830860105577496044159545322178313772755518365593670114793803805067608811418757734989708137784444223785391864604211835387393923163468734914392307047296990698533218399115126417934050463597455237478939601236799120239663591264311485133747167378663829046579164891864068853210530642835833947569643788911200934265596274935082689832626616967124524353322373059893974744194447740045242468136414689225322177212281193879756355471091445748150740871146034049776312457888356154834233819876846764944450478069436248506560967902863015152471662817623176815923756421011384149834497587), (2048, 65537, '', None), ) @@ -650,169 +653,162 @@ _PRIMEGEN_INPUTS = ( ) def _encrypt_tests(tpm): - msg = 'Hello CR50!' - - for data in _ENCRYPT_INPUTS: - padding, hashing, key_len = data - test_name = 'RSA-ENC:%s:%s:%d' % data - cmd = _encrypt_cmd(_RSA_PADDING[padding], _HASH[hashing], key_len, msg) - wrapped_response = tpm.command(tpm.wrap_ext_command(subcmd.RSA, cmd)) - ciphertext = tpm.unwrap_ext_response(subcmd.RSA, wrapped_response) - - cmd = _decrypt_cmd(_RSA_PADDING[padding], _HASH[hashing], - key_len, ciphertext) - wrapped_response = tpm.command(tpm.wrap_ext_command(subcmd.RSA, cmd)) - plaintext = tpm.unwrap_ext_response(subcmd.RSA, wrapped_response) - if padding == 'NULL': - # Check for leading zeros. - if reduce(lambda x, y: x | y, - map(ord, plaintext[:len(plaintext) - len(msg)])): - raise subcmd.TpmTestError('%s error:%s%s' % ( - test_name, utils.hex_dump(msg), utils.hex_dump(plaintext))) - else: - plaintext = plaintext[len(plaintext) - len(msg):] - if msg != plaintext: - raise subcmd.TpmTestError('%s error:%s%s' % ( - test_name, utils.hex_dump(msg), utils.hex_dump(plaintext))) + msg = 'Hello CR50!' + + for data in _ENCRYPT_INPUTS: + padding, hashing, key_len = data + test_name = 'RSA-ENC:%s:%s:%d' % data + cmd = _encrypt_cmd(_RSA_PADDING[padding], _HASH[hashing], key_len, msg) + wrapped_response = tpm.command(tpm.wrap_ext_command(subcmd.RSA, cmd)) + ciphertext = tpm.unwrap_ext_response(subcmd.RSA, wrapped_response) + + cmd = _decrypt_cmd(_RSA_PADDING[padding], _HASH[hashing], + key_len, ciphertext) + wrapped_response = tpm.command(tpm.wrap_ext_command(subcmd.RSA, cmd)) + plaintext = tpm.unwrap_ext_response(subcmd.RSA, wrapped_response) + if padding == 'NULL' and msg != plaintext[-len(msg):]: + raise subcmd.TpmTestError('%s error:%s%s' % + (test_name, utils.hex_dump(msg), + utils.hex_dump(plaintext))) print('%sSUCCESS: %s' % (utils.cursor_back(), test_name)) def _sign_tests(tpm): - for data in _SIGN_INPUTS: - msg = rsa.randnum.read_random_bits(256) - padding, hashing, key_len = data - test_name = 'RSA-SIGN:%s:%s:%d' % data + for data in _SIGN_INPUTS: + msg = rsa.randnum.read_random_bits(256) + padding, hashing, key_len = data + test_name = 'RSA-SIGN:%s:%s:%d' % data - key = _KEYS[key_len] - verifier = _SIGNER[padding].new(key) - h = _HASHER[hashing].new() - h.update(msg) + key = _KEYS[key_len] + verifier = _SIGNER[padding].new(key) + msg_hash = _HASHER[hashing].new() + msg_hash.update(msg) - cmd = _sign_cmd(_RSA_PADDING[padding], _HASH[hashing], key_len, h.digest()) - wrapped_response = tpm.command(tpm.wrap_ext_command(subcmd.RSA, cmd)) - signature = tpm.unwrap_ext_response(subcmd.RSA, wrapped_response) + cmd = _sign_cmd(_RSA_PADDING[padding], _HASH[hashing], + key_len, msg_hash.digest()) + wrapped_response = tpm.command(tpm.wrap_ext_command(subcmd.RSA, cmd)) + signature = tpm.unwrap_ext_response(subcmd.RSA, wrapped_response) - signer = _SIGNER[padding].new(key) - expected_signature = signer.sign(h) - - if not verifier.verify(h, signature): - raise subcmd.TpmTestError('%s error' % ( - test_name,)) - print('%sSUCCESS: %s' % (utils.cursor_back(), test_name)) + if not verifier.verify(msg_hash, signature): + raise subcmd.TpmTestError('%s error' % (test_name,)) + print('%sSUCCESS: %s' % (utils.cursor_back(), test_name)) def _verify_tests(tpm): - for data in _VERIFY_INPUTS: - msg = rsa.randnum.read_random_bits(256) - padding, hashing, key_len = data - test_name = 'RSA-VERIFY:%s:%s:%d' % data - - key = _KEYS[key_len] - signer = _SIGNER[padding].new(key) - h = _HASHER[hashing].new() - h.update(msg) - signature = signer.sign(h) - - cmd = _verify_cmd(_RSA_PADDING[padding], _HASH[hashing], - key_len, signature, h.digest()) - wrapped_response = tpm.command(tpm.wrap_ext_command(subcmd.RSA, cmd)) - verified = tpm.unwrap_ext_response(subcmd.RSA, wrapped_response) - expected = '\x01' - if verified != expected: - raise subcmd.TpmTestError('%s error:%s%s' % ( - test_name, utils.hex_dump(verified), utils.hex_dump(expected))) - print('%sSUCCESS: %s' % (utils.cursor_back(), test_name)) + for data in _VERIFY_INPUTS: + msg = rsa.randnum.read_random_bits(256) + padding, hashing, key_len = data + test_name = 'RSA-VERIFY:%s:%s:%d' % data + + key = _KEYS[key_len] + signer = _SIGNER[padding].new(key) + msg_hash = _HASHER[hashing].new() + msg_hash.update(msg) + signature = signer.sign(msg_hash) + + cmd = _verify_cmd(_RSA_PADDING[padding], _HASH[hashing], + key_len, signature, msg_hash.digest()) + wrapped_response = tpm.command(tpm.wrap_ext_command(subcmd.RSA, cmd)) + verified = tpm.unwrap_ext_response(subcmd.RSA, wrapped_response) + expected = '\x01' + if verified != expected: + raise subcmd.TpmTestError('%s error:%s%s' % ( + test_name, utils.hex_dump(verified), utils.hex_dump(expected))) + print('%sSUCCESS: %s' % (utils.cursor_back(), test_name)) def _keytest_tests(tpm): - for data in _KEYTEST_INPUTS: - key_len, = data - test_name = 'RSA-KEYTEST:%d' % data - cmd = _keytest_cmd(key_len) - wrapped_response = tpm.command(tpm.wrap_ext_command(subcmd.RSA, cmd)) - valid = tpm.unwrap_ext_response(subcmd.RSA, wrapped_response) - expected = '\x01' - if valid != expected: - raise subcmd.TpmTestError('%s error:%s%s' % ( - test_name, utils.hex_dump(valid), utils.hex_dump(expected))) - print('%sSUCCESS: %s' % (utils.cursor_back(), test_name)) + for data in _KEYTEST_INPUTS: + key_len, = data + test_name = 'RSA-KEYTEST:%d' % data + cmd = _keytest_cmd(key_len) + wrapped_response = tpm.command(tpm.wrap_ext_command(subcmd.RSA, cmd)) + valid = tpm.unwrap_ext_response(subcmd.RSA, wrapped_response) + expected = '\x01' + if valid != expected: + raise subcmd.TpmTestError('%s error:%s%s' % ( + test_name, utils.hex_dump(valid), utils.hex_dump(expected))) + print('%sSUCCESS: %s' % (utils.cursor_back(), test_name)) def _keygen_tests(tpm): - for data in _KEYGEN_INPUTS: - key_len, e, label, expected_N = data - test_name = 'RSA-KEYGEN:%d:%d:%s' % data[:-1] - cmd = _keygen_cmd(key_len, e, label) - - wrapped_response = tpm.command(tpm.wrap_ext_command(subcmd.RSA, cmd)) - result = tpm.unwrap_ext_response(subcmd.RSA, wrapped_response) - result_len = len(result) - if result_len != int(key_len / 8 * 1.5): - raise subcmd.TpmTestError('%s error:%s' % ( - test_name, utils.hex_dump(result))) - - N = int(binascii.b2a_hex(result[0:result_len * 2 / 3]), 16) - if expected_N and N != expected_N: - raise subcmd.TpmTestError('%s error:%s' % ( - test_name, utils.hex_dump(result))) - p = int(binascii.b2a_hex(result[result_len * 2 / 3:]), 16) - q = N / p - if not rsa.prime.is_prime(p): - raise subcmd.TpmTestError('%s error:%s' % ( - test_name, utils.hex_dump(result))) - if not rsa.prime.is_prime(q): - raise subcmd.TpmTestError('%s error:%s' % ( - test_name, utils.hex_dump(result))) - if p == q: - raise subcmd.TpmTestError('%s error:%s' % ( - test_name, utils.hex_dump(result))) - print('%sSUCCESS: %s' % (utils.cursor_back(), test_name)) + for data in _KEYGEN_INPUTS: +# N, p, q - are common names for RSA, so allow it's use +# pylint: disable=invalid-name + key_len, exponent, label, expected_N = data + test_name = 'RSA-KEYGEN:%d:%d:%s' % data[:-1] + cmd = _keygen_cmd(key_len, exponent, label) + + wrapped_response = tpm.command(tpm.wrap_ext_command(subcmd.RSA, cmd)) + result = tpm.unwrap_ext_response(subcmd.RSA, wrapped_response) + result_len = len(result) + if result_len != int(key_len / 8 * 1.5): + raise subcmd.TpmTestError('%s error:%s' % ( + test_name, utils.hex_dump(result))) + + N = int(binascii.b2a_hex(result[0:result_len * 2 / 3]), 16) + if expected_N and N != expected_N: + raise subcmd.TpmTestError('%s error:%s' % + (test_name, utils.hex_dump(result))) + p = int(binascii.b2a_hex(result[result_len * 2 / 3:]), 16) + q = N / p + if not rsa.prime.is_prime(p): + raise subcmd.TpmTestError('%s error:%s' % + (test_name, utils.hex_dump(result))) + if not rsa.prime.is_prime(q): + raise subcmd.TpmTestError('%s error:%s' % + (test_name, utils.hex_dump(result))) + if p == q: + raise subcmd.TpmTestError('%s error:%s' % + (test_name, utils.hex_dump(result))) + print('%sSUCCESS: %s' % (utils.cursor_back(), test_name)) def _primegen_tests(tpm): - for data in _PRIMEGEN_INPUTS: - key_len = data - test_name = 'RSA-PRIMEGEN:%d' % data - seed = rsa.randnum.read_random_bits(key_len / 2) - assert len(seed) == key_len / 16 - # dcrypto interface is little-endian. - cmd = _primegen_cmd(seed[::-1]) - - wrapped_response = tpm.command(tpm.wrap_ext_command(subcmd.RSA, cmd)) - result = tpm.unwrap_ext_response(subcmd.RSA, wrapped_response) - result_len = len(result) - if result_len != key_len / 16: - raise subcmd.TpmTestError('%s error:%s' % ( - test_name, utils.hex_dump(result))) - - p = int(binascii.b2a_hex(result[::-1]), 16) - if not rsa.prime.is_prime(p): - raise subcmd.TpmTestError('%s error:%s' % ( - test_name, utils.hex_dump(result))) - calculated = _prime_from_seed(seed) - if p != calculated: - raise subcmd.TpmTestError('%s error:%s' % ( - test_name, utils.hex_dump(result))) - print('%sSUCCESS: %s' % (utils.cursor_back(), test_name)) + for data in _PRIMEGEN_INPUTS: + key_len = data + test_name = 'RSA-PRIMEGEN:%d' % data + seed = rsa.randnum.read_random_bits(key_len / 2) + assert len(seed) == key_len / 16 + # dcrypto interface is little-endian. + cmd = _primegen_cmd(seed[::-1]) + + wrapped_response = tpm.command(tpm.wrap_ext_command(subcmd.RSA, cmd)) + result = tpm.unwrap_ext_response(subcmd.RSA, wrapped_response) + result_len = len(result) + if result_len != key_len / 16: + raise subcmd.TpmTestError('%s error:%s' % ( + test_name, utils.hex_dump(result))) + + prime = int(binascii.b2a_hex(result[::-1]), 16) + if not rsa.prime.is_prime(prime): + raise subcmd.TpmTestError('%s error:%s' % ( + test_name, utils.hex_dump(result))) + calculated = _prime_from_seed(seed) + if prime != calculated: + raise subcmd.TpmTestError('%s error:%s' % ( + test_name, utils.hex_dump(result))) + print('%sSUCCESS: %s' % (utils.cursor_back(), test_name)) def _x509_verify_tests(tpm): - test_name = 'RSA-X509-2048-VERIFY' - cmd = _x509_verify_cmd(2048) - wrapped_response = tpm.command(tpm.wrap_ext_command(subcmd.RSA, cmd)) - valid = tpm.unwrap_ext_response(subcmd.RSA, wrapped_response) - expected = '\x01' - if valid != expected: - raise subcmd.TpmTestError('%s error:%s%s' % ( - test_name, utils.hex_dump(valid), utils.hex_dump(expected))) - print('%sSUCCESS: %s' % (utils.cursor_back(), test_name)) + test_name = 'RSA-X509-2048-VERIFY' + cmd = _x509_verify_cmd(2048) + wrapped_response = tpm.command(tpm.wrap_ext_command(subcmd.RSA, cmd)) + valid = tpm.unwrap_ext_response(subcmd.RSA, wrapped_response) + expected = '\x01' + if valid != expected: + raise subcmd.TpmTestError('%s error:%s%s' % ( + test_name, utils.hex_dump(valid), utils.hex_dump(expected))) + print('%sSUCCESS: %s' % (utils.cursor_back(), test_name)) def rsa_test(tpm): - _encrypt_tests(tpm) - _sign_tests(tpm) - _verify_tests(tpm) - _keytest_tests(tpm) - _keygen_tests(tpm) - _primegen_tests(tpm) - _x509_verify_tests(tpm) + """Run RSA tests""" + _encrypt_tests(tpm) + _sign_tests(tpm) + _verify_tests(tpm) + _keytest_tests(tpm) + _keygen_tests(tpm) + _primegen_tests(tpm) + _x509_verify_tests(tpm) |