diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2014-07-08 10:59:27 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2014-07-08 11:00:09 +0200 |
| commit | 64295ccfc3bd3b9ca0354720851984056961a042 (patch) | |
| tree | cf91db8f63040a7e22f487fd5b369240e0e3f7ac | |
| parent | c6871b68e657982c188c8377b6218820f1acd5cd (diff) | |
| download | gnutls-64295ccfc3bd3b9ca0354720851984056961a042.tar.gz | |
FIPS140-2 tests: check with RSA-2048 and RSA-3072 bit keys
| -rw-r--r-- | lib/crypto-selftests-pk.c | 60 |
1 files changed, 34 insertions, 26 deletions
diff --git a/lib/crypto-selftests-pk.c b/lib/crypto-selftests-pk.c index 0be1b913f2..e9f7d6f160 100644 --- a/lib/crypto-selftests-pk.c +++ b/lib/crypto-selftests-pk.c @@ -42,15 +42,33 @@ static const gnutls_datum_t bad_data = { .size = sizeof(DATASTR) - 2 }; -static const char rsa_key[] = +static const char rsa_key2048[] = "-----BEGIN RSA PRIVATE KEY-----\n" - "MIIBOgIBAAJBAKM6KQdDzLVKeKrAWHjY69wh2j2ouvVq1V1NktkbfpDAqXWFxGlV\n" - "deFp8yWWH6zYNxXhtplVuYDQkPTupD3kd2ECAwEAAQJAWgIZW8s0WAgf8DCu2Lzt\n" - "mu8D9JpVtj1aOOAtCRGTQmhJcx/HTTDe0m1mppM81rpd+Gs4JoWT0kCsCgaenbCU\n" - "rQIhAMCycveYvrVZg1yubw0e/UZaCltb9Stqv2iObR029KlHAiEA2NlWCT1PKAsy\n" - "V0dJ1/4wI43dxS+xejtLt5nLeGPNrhcCIG5v12P/rozQ2HBtqEek0xNW10i00zYm\n" - "37xUpERyEpZRAiEAnH8VMWvWsZ6LASQIreHbWf1rXICUBBPBDEro5gSZDpcCICEk\n" - "Y8EN+ycYePTcrVTEQjlnLqOZZEnC7cf/WV8UTWV5\n" + "MIIEogIBAAKCAQEA6yCv+BLrRP/dMPBXJWK21c0aqxIX6JkODL4K+zlyEURt8/Wp\n" + "nw37CJwHD3VrimSnk2SJvBfTNhzYhCsLShDOPvi4qBrLZ1WozjoVJ8tRE4VCcjQJ\n" + "snpJ7ldiV+Eos1Z3FkbV/uQcw5CYCb/TciSukaWlI+G/xas9EOOFt4aELbc1yDe0\n" + "hyfPDtoaKfek4GhT9qT1I8pTC40P9OrA9Jt8lblqxHWwqmdunLTjPjB5zJT6QgI+\n" + "j1xuq7ZOQhveNA/AOyzh574GIpgsuvPPLBQwsCQkscr7cFnCsyOPgYJrQW3De2+l\n" + "wjp2D7gZeeQcFQKazXcFoiqNpJWoBWmU0qqsgwIDAQABAoIBAAghNzRioxPdrO42\n" + "QS0fvqah0tw7Yew+7oduQr7w+4qxTQP0aIsBVr6zdmMIclF0rX6hKUoBoOHsGWho\n" + "fJlw/1CaFPhrBMFr6sxGodigZQtBvkxolDVBmTDOgK39MQUSZke0501K4du5MiiU\n" + "I2F89zQ9//m/onvZMeFVnJf95LAX5qHr/FLARQFtOpgWzcGVxdvJdJlYb1zMUril\n" + "PqyAZXo1j0vgHWwSd54k8mBLus7l8KT57VFce8+9nBPrOrqW4rDVXzs/go3S+kiI\n" + "OyzYeUs9czg1N1e3VhEaC+EdYUawc0ASuEkbsJ53L8pwDvS+2ly2ykYziJp95Fjv\n" + "bzyd1dECgYEA8FzGCxu7A6/ei9Dn0Fmi8Ns/QvEgbdlGw4v4MlXHjrGJYdOB0BwG\n" + "2D2k0ODNYKlUX2J4hi5x8aCH33y/v0EcOHyuqM33vOWBVbdcumCqcOmp341UebAO\n" + "uCPgDJNhjxXaeDVPnizqnOBA1B9sTxwmCOmFIiFRLbR+XluvDh3t8L0CgYEA+my6\n" + "124Rw7kcFx+9JoB/Z+bUJDYpefUT91gBUhhEdEMx5fujhMzAbLpIRjFQq+75Qb7v\n" + "0NyIS09B4oKOqQYzVEJwqKY7H71BTl7QuzJ8Qtuh/DMZsVIt6xpvdeuAKpEOqz44\n" + "ZD3fW1B59A3ja7kqZadCqq2b02UTk+gdeOrYBj8CgYACX3gZDfoHrEnPKY3QUcI5\n" + "DIEQYR8H1phLP+uAW7ZvozMPAy6J5mzu35Tr9vwwExvhITC9amH3l7UfsLSX58Wm\n" + "jRyQUBA9Dir7tKa2tFOab8Qcj+GgnetXSAtjNGVHK1kPzL7vedQLHm+laHYCRe3e\n" + "Mqf80UVi5SBGQDN3OTZrJQKBgEkj2oozDqMwfGDQl0kYfJ2XEFynKQQCrVsva+tT\n" + "RSMDwR4fmcmel5Dp81P08U/WExy9rIM+9duxAVgrs4jwU6uHYCoRqvEBMIK4NJSI\n" + "ETzhsvTa4+UjUF/7L5SsPJmyFiuzl3rHi2W7InNCXyrGQPjBmjoJTJq4SbiIMZtw\n" + "U7m3AoGACG2rE/Ud71kyOJcKwxzEt8kd+2CMuaZeE/xk+3zLSSjXJzKPficogM3I\n" + "K37/N7N0FjhdQ5hRuD3GH1fcjv9AKdGHsH7RuaG+jHTRUjS1glr17SSQzh6xXnWj\n" + "jG0M4UZm5P9STL09nZuWH0wfpr/eg+9+A6yOVfnADI13v+Ygk7k=\n" "-----END RSA PRIVATE KEY-----\n"; static const char ecc_key[] = @@ -77,7 +95,7 @@ static int test_rsa_enc(gnutls_pk_algorithm_t pk, int ret; gnutls_datum_t enc = { NULL, 0 }; gnutls_datum_t dec = { NULL, 0 }; - gnutls_datum_t raw_rsa_key = { (void*)rsa_key, sizeof(rsa_key)-1 }; + gnutls_datum_t raw_rsa_key = { (void*)rsa_key2048, sizeof(rsa_key2048)-1 }; gnutls_privkey_t key; gnutls_pubkey_t pub = NULL; @@ -152,7 +170,7 @@ static int test_sig(gnutls_pk_algorithm_t pk, { int ret; gnutls_datum_t sig = { NULL, 0 }; - gnutls_datum_t raw_rsa_key = { (void*)rsa_key, sizeof(rsa_key)-1 }; + gnutls_datum_t raw_rsa_key = { (void*)rsa_key2048, sizeof(rsa_key2048)-1 }; gnutls_datum_t raw_dsa_key = { (void*)dsa_key, sizeof(dsa_key)-1 }; gnutls_datum_t raw_ecc_key = { (void*)ecc_key, sizeof(ecc_key)-1 }; gnutls_privkey_t key; @@ -241,19 +259,9 @@ static int test_sig(gnutls_pk_algorithm_t pk, return ret; } -static const char rsa_privkey[] = "-----BEGIN RSA PRIVATE KEY-----\n" - "MIIBOwIBAAJBAOY5i7i6V/xreyZAXihowgsU7iZ1xXdJFLvMMCOTmXDCfgcLOuRn\n" - "jSokU7Lpaef7VGuE3mOqVeTdUGe15JSTcdsCAwEAAQJBAKvYDFjIjuBVAckdhqq2\n" - "9w/6gYCnq8tL+3PqB4ymoYOt3nG7wyj3/dS5wBqoVXDOTrxvqRuyPICzqFFInnxH\n" - "6zECIQD6598eMoBdHNKwxNfvISVZwmIp2a7/O7OhZPlf7JYgzQIhAOrmLmDuwnzs\n" - "t8up1byAFWtBXmCJy/yvlqJvfSUPnb1HAiBsAyfdAxaZfxAAgy0GR7mhk3nY1Fpu\n" - "jA//ec2VCu9yPQIgY4FSkDlUJftY+GtfYVSYvjCYvChjQw1WsESuLK7q0S0CIQD6\n" - "ReydpDFBsMxPewC/5By9yMNDbif/1j6j/8I+eqmzMA==\n" - "-----END RSA PRIVATE KEY-----\n"; - -/* A precomputed RSA-SHA1 signature using the key above */ +/* A precomputed RSA-SHA1 signature using the rsa_key2048 */ static const char rsa_sig[] = - "\xb7\x3a\x3e\x07\xd8\x1a\xa7\xa2\x81\xf1\xd5\xa4\x8d\xab\xca\x18\x64\xb5\x57\x35\xea\xee\x70\x37\xf6\x23\x93\x1e\x56\xf4\x72\xd8\x97\xa8\x38\x63\xef\x9a\x9c\x16\x11\x79\x0c\xae\x16\x3f\x7b\x7e\xa0\xf0\x42\x2e\xd1\x07\xde\x42\xbd\x45\xbd\x45\xaa\x87\x57\x5f"; + "\x7a\xb3\xf8\xb0\xf9\xf0\x52\x88\x37\x17\x97\x9f\xbe\x61\xb4\xd2\x43\x78\x9f\x79\x92\xd0\xad\x08\xdb\xbd\x3c\x72\x7a\xb5\x51\x59\x63\xd6\x7d\xf1\x9c\x1e\x10\x7b\x27\xab\xf8\xd4\x9d\xcd\xc5\xf9\xae\xf7\x09\x6b\x40\x93\xc5\xe9\x1c\x0f\xb4\x82\xa1\x47\x86\x54\x63\xd2\x4d\x40\x9a\x80\xb9\x38\x45\x69\xa2\xd6\x92\xb6\x69\x7f\x3f\xf3\x5b\xa5\x1d\xac\x06\xad\xdf\x4e\xbb\xe6\xda\x68\x0d\xe5\xab\xef\xd2\xf0\xc5\xd8\xc0\xed\x80\xe2\xd4\x76\x98\xec\x44\xa2\xfc\x3f\xce\x2e\x8b\xc4\x4b\xab\xb0\x70\x24\x52\x85\x2a\x36\xcd\x9a\xb5\x05\x00\xea\x98\x7c\x72\x06\x68\xb1\x38\x44\x16\x80\x6a\x3b\x64\x72\xbb\xfd\x4b\xc9\xdd\xda\x2a\x68\xde\x7f\x6e\x48\x28\xc1\x63\x57\x2b\xde\x83\xa3\x27\x34\xd7\xa6\x87\x18\x35\x10\xff\x31\xd9\x47\xc9\x84\x35\xe1\xaa\xe2\xf7\x98\xfa\x19\xd3\xf1\x94\x25\x2a\x96\xe4\xa8\xa7\x05\x10\x93\x87\xde\x96\x85\xe5\x68\xb8\xe5\x4e\xbf\x66\x85\x91\xbd\x52\x5b\x3d\x9f\x1b\x79\xea\xe3\x8b\xef\x62\x18\x39\x7a\x50\x01\x46\x1b\xde\x8d\x37\xbc\x90\x6c\x07\xc0\x07\xed\x60\xce\x2e\x31\xd6\x8f\xe8\x75\xdb\x45\x21\xc6\xcb"; /* ECDSA key and signature */ static const char ecdsa_secp256r1_privkey[] = @@ -696,10 +704,10 @@ int gnutls_pk_self_test(unsigned all, gnutls_pk_algorithm_t pk) return 0; #endif case GNUTLS_PK_RSA: - PK_KNOWN_TEST(GNUTLS_PK_RSA, 1, 512, GNUTLS_DIG_SHA256, - rsa_privkey, rsa_sig); - PK_TEST(GNUTLS_PK_RSA, test_rsa_enc, 512, 0); - PK_TEST(GNUTLS_PK_RSA, test_sig, 512, GNUTLS_DIG_SHA256); + PK_KNOWN_TEST(GNUTLS_PK_RSA, 1, 2048, GNUTLS_DIG_SHA256, + rsa_key2048, rsa_sig); + PK_TEST(GNUTLS_PK_RSA, test_rsa_enc, 2048, 0); + PK_TEST(GNUTLS_PK_RSA, test_sig, 3072, GNUTLS_DIG_SHA256); case GNUTLS_PK_DSA: PK_KNOWN_TEST(GNUTLS_PK_DSA, 0, 1024, GNUTLS_DIG_SHA1, dsa_privkey, dsa_sig); |