sysadmin/ipxe
1
0
Fork 0
mirror of https://github.com/ipxe/ipxe synced 2026-01-21 18:30:56 +03:00
Code Issues Packages Projects Releases Wiki Activity

[crypto] Pass signatures for verification as ASN.1 cursors

Browse Source 
Signed-off-by: Michael Brown <mcb30@ipxe.org>
This commit is contained in:
Michael Brown
2025-12-01 14:47:51 +00:00
parent c9c0282594
commit 8cd963ab96
9 changed files with 35 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
src/tests/pubkey_test.c
View File

@@ -99,10 +99,11 @@ void pubkey_sign_okx ( struct pubkey_sign_test *test, const char *file,
struct pubkey_algorithm *pubkey = test->pubkey;
struct digest_algorithm *digest = test->digest;
size_t max_len = pubkey_max_len ( pubkey, &test->private );
uint8_t bad[test->signature_len];
uint8_t bad[test->signature.len];
uint8_t digestctx[digest->ctxsize ];
uint8_t digestout[digest->digestsize];
uint8_t signature[max_len];
struct asn1_cursor cursor;
int signature_len;
/* Construct digest over plaintext */
@@ -114,18 +115,19 @@ void pubkey_sign_okx ( struct pubkey_sign_test *test, const char *file,
/* Test signing using private key */
signature_len = pubkey_sign ( pubkey, &test->private, digest,
digestout, signature );
okx ( signature_len == ( ( int ) test->signature_len ), file, line );
okx ( memcmp ( signature, test->signature, test->signature_len ) == 0,
file, line );
okx ( signature_len == ( ( int ) test->signature.len ), file, line );
okx ( memcmp ( signature, test->signature.data,
test->signature.len ) == 0, file, line );
/* Test verification using public key */
okx ( pubkey_verify ( pubkey, &test->public, digest, digestout,
test->signature, test->signature_len ) == 0,
file, line );
&test->signature ) == 0, file, line );
/* Test verification failure of modified signature */
memcpy ( bad, test->signature, test->signature_len );
bad[ test->signature_len / 2 ] ^= 0x40;
memcpy ( bad, test->signature.data, test->signature.len );
bad[ test->signature.len / 2 ] ^= 0x40;
cursor.data = bad;
cursor.len = test->signature.len;
okx ( pubkey_verify ( pubkey, &test->public, digest, digestout,
bad, sizeof ( bad ) ) != 0, file, line );
&cursor ) != 0, file, line );
}

10
src/tests/pubkey_test.h
View File

@@ -45,9 +45,7 @@ struct pubkey_sign_test {
/** Signature algorithm */
struct digest_algorithm *digest;
/** Signature */
const void *signature;
/** Signature length */
size_t signature_len;
const struct asn1_cursor signature;
};
/** Define inline private key data */
@@ -129,8 +127,10 @@ struct pubkey_sign_test {
.plaintext = name ## _plaintext, \
.plaintext_len = sizeof ( name ## _plaintext ), \
.digest = DIGEST, \
.signature = name ## _signature, \
.signature_len = sizeof ( name ## _signature ), \
.signature = { \
.data = name ## _signature, \
.len = sizeof ( name ## _signature ), \
}, \
}
extern void pubkey_okx ( struct pubkey_test *test,