sysadmin/ipxe
1
0
Fork 0
mirror of https://github.com/ipxe/ipxe synced 2026-01-21 09:57:23 +03:00
Code Issues Packages Projects Releases Wiki Activity

[test] Test signature verification independently of signing

Browse Source 
Copy and modify the signature defined within the test case for
verification tests, rather than relying on the modifiable signature
constructed by the signing portion of the same test.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
This commit is contained in:
Michael Brown
2025-12-17 20:35:18 +00:00
parent 3d5cd3d79e
commit af99310f55
1 changed files with 18 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
src/tests/pubkey_test.c
View File

@@ -108,9 +108,11 @@ void pubkey_sign_okx ( struct pubkey_sign_test *test, const char *file,
unsigned int line ) { unsigned int line ) {
struct pubkey_algorithm *pubkey = test->pubkey; struct pubkey_algorithm *pubkey = test->pubkey;
struct digest_algorithm *digest = test->digest; struct digest_algorithm *digest = test->digest;
uint8_t digestctx[digest->ctxsize ]; uint8_t digestctx[digest->ctxsize];
uint8_t digestout[digest->digestsize]; uint8_t digestout[digest->digestsize];
struct asn1_builder signature = { NULL, 0 }; uint8_t signature[test->signature.len];
struct asn1_cursor cursor = { signature, sizeof ( signature ) };
struct asn1_builder builder = { NULL, 0 };
uint8_t *bad; uint8_t *bad;
/* Test key matching */ /* Test key matching */
@@ -123,25 +125,27 @@ void pubkey_sign_okx ( struct pubkey_sign_test *test, const char *file,
test->plaintext_len ); test->plaintext_len );
digest_final ( digest, digestctx, digestout ); digest_final ( digest, digestctx, digestout );
/* Test signing using private key */
okx ( pubkey_sign ( pubkey, &test->private, digest, digestout,
&signature ) == 0, file, line );
okx ( signature.len != 0, file, line );
okx ( asn1_compare ( asn1_built ( &signature ),
&test->signature ) == 0, file, line );
/* Test verification using public key */ /* Test verification using public key */
okx ( pubkey_verify ( pubkey, &test->public, digest, digestout, okx ( pubkey_verify ( pubkey, &test->public, digest, digestout,
&test->signature ) == 0, file, line ); &test->signature ) == 0, file, line );
/* Test verification failure of modified signature */ /* Test verification failure of modified signature */
bad = ( signature.data + ( test->signature.len / 2 ) ); memcpy ( signature, test->signature.data, sizeof ( signature ) );
okx ( pubkey_verify ( pubkey, &test->public, digest, digestout, bad = ( signature + ( sizeof ( signature ) / 2 ) );
asn1_built ( &signature ) ) == 0, file, line );
*bad ^= 0x40; *bad ^= 0x40;
okx ( pubkey_verify ( pubkey, &test->public, digest, digestout, okx ( pubkey_verify ( pubkey, &test->public, digest, digestout,
asn1_built ( &signature ) ) != 0, file, line ); &cursor ) != 0, file, line );
*bad ^= 0x40;
okx ( pubkey_verify ( pubkey, &test->public, digest, digestout,
&cursor ) == 0, file, line );
/* Test signing using private key */
okx ( pubkey_sign ( pubkey, &test->private, digest, digestout,
&builder ) == 0, file, line );
okx ( builder.len != 0, file, line );
okx ( asn1_compare ( asn1_built ( &builder ), &test->signature ) == 0,
file, line );
/* Free signature */ /* Free signature */
free ( signature.data ); free ( builder.data );
} }