From 7d122e2a47145ef535163744daa55cec54e12b16 Mon Sep 17 00:00:00 2001 From: Gaurav Shah Date: Wed, 24 Feb 2010 16:41:32 -0800 Subject: Add a test for RSA PKCS #1 v1.5 signature verification. This test checks that signatures with improper padding do not get accepted by the RSA signature verification implementation. Review URL: http://codereview.chromium.org/661038 --- tests/rsa_padding_test.h | 51 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) create mode 100644 tests/rsa_padding_test.h (limited to 'tests/rsa_padding_test.h') diff --git a/tests/rsa_padding_test.h b/tests/rsa_padding_test.h new file mode 100644 index 00000000..22577845 --- /dev/null +++ b/tests/rsa_padding_test.h @@ -0,0 +1,51 @@ +/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. + * Use of this source code is governed by a BSD-style license that can be + * found in the LICENSE file. + * + * Signature tests vectors for checking RSA PKCS #1 v1.5 padding + * implementations. These check an RSA signature verification implementation + * against Daniel Bleichhenbacher's RSA signature padding attack. + * + * Test vectors are due to Daniel Bleichenbacher (bleichen@google.com). + */ + +#ifndef VBOOT_REFERENCE_RSA_PADDING_TEST_H_ +#define VBOOT_REFERENCE_RSA_PADDING_TEST_H_ + +#include + +#include "rsa.h" + +/* The modulus of the public key (RSA-1024). */ +static const uint8_t pubkey_n[] = { +210, 136, 105, 162, 117, 171, 114, 146, 81, 242, 21, 222, 87, 60, 122, 176, 245, +57, 213, 159, 196, 165, 40, 75, 146, 35, 114, 118, 25, 196, 150, 38, 40, 195, +56, 109, 145, 47, 171, 117, 57, 220, 176, 186, 70, 175, 222, 65, 60, 65, 31, 88, +93, 220, 27, 74, 73, 43, 112, 6, 242, 78, 38, 229, 58, 206, 200, 4, 196, 67, 8, +141, 21, 141, 79, 214, 221, 179, 184, 64, 92, 8, 222, 68, 16, 97, 101, 68, 210, +155, 217, 238, 78, 207, 202, 43, 16, 241, 194, 78, 28, 172, 124, 44, 111, 181, +187, 71, 57, 190, 50, 109, 254, 170, 103, 126, 124, 156, 169, 36, 164, 186, 136, +108, 66, 44, 147, 137}; + +/* The exponent of the public key (65535) */ +static const uint8_t pubkey_e[] = {1, 0, 1}; + +/* The message for the test. */ +static const uint8_t test_message[] = {0, 0, 0, 0}; + +/* The SHA1 digest of the message. i.e. + * '9069ca78e7450a285173431b3e52c5c25299e473'. */ +static const uint8_t test_message_sha1_hash[] = { +144, 105, 202, 120, 231, 69, 10, 40, 81, 115, 67, 27, 62, 82, 197, 194, 82, 153, +228, 115}; + +/* The test signatures (RSA-1024/SHA-1). signature[0] is correct, + * all other signatures are incorrect. + * + * TODO(gauravsh): Add similar test vectors for other string + */ +static const uint8_t signatures[][RSA1024NUMBYTES] = { +#include "testcases/padding_test_vectors.inc" +}; + +#endif /* VBOOT_REFERENCE_RSA_PADDING_TEST_H_ */ -- cgit v1.2.1