Merge "Separate and Clarify Cast Reciever Tests" into mnc-dev
This commit is contained in:
Fred Gylys-Colwell
committed by
Android (Google) Code Review
Android (Google) Code Review
commit
1d934be5d1
@@ -1146,13 +1146,7 @@ class Session {
|
||||
void MakeRSACertificate(struct RSAPrivateKeyMessage* encrypted,
|
||||
std::vector<uint8_t>* signature,
|
||||
uint32_t allowed_schemes,
|
||||
const uint8_t* rsa_key = NULL,
|
||||
size_t rsa_key_length = 0) {
|
||||
if (rsa_key == NULL) {
|
||||
rsa_key = kTestRSAPKCS8PrivateKeyInfo2_2048;
|
||||
rsa_key_length = sizeof(kTestRSAPKCS8PrivateKeyInfo2_2048);
|
||||
}
|
||||
|
||||
const vector<uint8_t>& rsa_key) {
|
||||
// Dummy context for testing signature generation.
|
||||
vector<uint8_t> context = wvcdm::a2b_hex(
|
||||
"0a4c08001248000000020000101907d9ffde13aa95c122678053362136bdf840"
|
||||
@@ -1187,11 +1181,11 @@ class Session {
|
||||
uint32_t algorithm_n = htonl(allowed_schemes);
|
||||
memcpy(message.rsa_key, "SIGN", 4);
|
||||
memcpy(message.rsa_key + 4, &algorithm_n, 4);
|
||||
memcpy(message.rsa_key + 8, rsa_key, rsa_key_length);
|
||||
message.rsa_key_length = 8 + rsa_key_length;
|
||||
memcpy(message.rsa_key + 8, rsa_key.data(), rsa_key.size());
|
||||
message.rsa_key_length = 8 + rsa_key.size();
|
||||
} else {
|
||||
memcpy(message.rsa_key, rsa_key, rsa_key_length);
|
||||
message.rsa_key_length = rsa_key_length;
|
||||
memcpy(message.rsa_key, rsa_key.data(), rsa_key.size());
|
||||
message.rsa_key_length = rsa_key.size();
|
||||
}
|
||||
OEMCrypto_GetRandom(message.rsa_key_iv, wvcdm::KEY_IV_SIZE);
|
||||
message.nonce = nonce_;
|
||||
@@ -2744,19 +2738,24 @@ TEST_F(OEMCryptoSessionTests, KeyDuration) {
|
||||
//
|
||||
class OEMCryptoLoadsCertificate : public OEMCryptoSessionTestKeyboxTest {
|
||||
protected:
|
||||
OEMCryptoLoadsCertificate() :
|
||||
encoded_rsa_key_(kTestRSAPKCS8PrivateKeyInfo2_2048,
|
||||
kTestRSAPKCS8PrivateKeyInfo2_2048 +
|
||||
sizeof(kTestRSAPKCS8PrivateKeyInfo2_2048)) {}
|
||||
|
||||
void CreateWrappedRSAKey(vector<uint8_t>* wrapped_key,
|
||||
uint32_t allowed_schemes, bool force,
|
||||
const uint8_t* rsa_key = NULL,
|
||||
size_t rsa_key_length = 0) {
|
||||
uint32_t allowed_schemes, bool force) {
|
||||
Session s;
|
||||
s.open();
|
||||
s.GenerateDerivedKeysFromKeybox();
|
||||
struct RSAPrivateKeyMessage encrypted;
|
||||
std::vector<uint8_t> signature;
|
||||
s.MakeRSACertificate(&encrypted, &signature, allowed_schemes, rsa_key,
|
||||
rsa_key_length);
|
||||
s.MakeRSACertificate(&encrypted, &signature, allowed_schemes,
|
||||
encoded_rsa_key_);
|
||||
s.RewrapRSAKey(encrypted, signature, wrapped_key, force);
|
||||
}
|
||||
|
||||
std::vector<uint8_t> encoded_rsa_key_;
|
||||
};
|
||||
|
||||
TEST_F(OEMCryptoLoadsCertificate, LoadRSASessionKey) {
|
||||
@@ -2768,19 +2767,11 @@ TEST_F(OEMCryptoLoadsCertificate, LoadRSASessionKey) {
|
||||
}
|
||||
|
||||
TEST_F(OEMCryptoLoadsCertificate, CertificateProvision) {
|
||||
Session s;
|
||||
s.open();
|
||||
s.GenerateDerivedKeysFromKeybox();
|
||||
struct RSAPrivateKeyMessage encrypted;
|
||||
std::vector<uint8_t> signature;
|
||||
s.MakeRSACertificate(&encrypted, &signature, kSign_RSASSA_PSS);
|
||||
vector<uint8_t> wrapped_key;
|
||||
s.RewrapRSAKey(encrypted, signature, &wrapped_key, true);
|
||||
|
||||
vector<uint8_t> clear_key(kTestRSAPKCS8PrivateKeyInfo2_2048,
|
||||
kTestRSAPKCS8PrivateKeyInfo2_2048 +
|
||||
sizeof(kTestRSAPKCS8PrivateKeyInfo2_2048));
|
||||
ASSERT_EQ(NULL, find(wrapped_key, clear_key));
|
||||
std::vector<uint8_t> wrapped_rsa_key;
|
||||
CreateWrappedRSAKey(&wrapped_rsa_key, kSign_RSASSA_PSS, true);
|
||||
// We should not be able to find the rsa key in the wrapped key. It should
|
||||
// be encrypted.
|
||||
ASSERT_EQ(NULL, find(wrapped_rsa_key, encoded_rsa_key_));
|
||||
}
|
||||
|
||||
TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadRange1) {
|
||||
@@ -2789,7 +2780,8 @@ TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadRange1) {
|
||||
s.GenerateDerivedKeysFromKeybox();
|
||||
struct RSAPrivateKeyMessage encrypted;
|
||||
std::vector<uint8_t> signature;
|
||||
s.MakeRSACertificate(&encrypted, &signature, kSign_RSASSA_PSS);
|
||||
s.MakeRSACertificate(&encrypted, &signature, kSign_RSASSA_PSS,
|
||||
encoded_rsa_key_);
|
||||
vector<uint8_t> wrapped_key;
|
||||
const uint8_t* message_ptr = reinterpret_cast<const uint8_t*>(&encrypted);
|
||||
size_t wrapped_key_length = 0;
|
||||
@@ -2816,7 +2808,8 @@ TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadRange2) {
|
||||
s.GenerateDerivedKeysFromKeybox();
|
||||
struct RSAPrivateKeyMessage encrypted;
|
||||
std::vector<uint8_t> signature;
|
||||
s.MakeRSACertificate(&encrypted, &signature, kSign_RSASSA_PSS);
|
||||
s.MakeRSACertificate(&encrypted, &signature, kSign_RSASSA_PSS,
|
||||
encoded_rsa_key_);
|
||||
vector<uint8_t> wrapped_key;
|
||||
const uint8_t* message_ptr = reinterpret_cast<const uint8_t*>(&encrypted);
|
||||
size_t wrapped_key_length = 0;
|
||||
@@ -2845,7 +2838,8 @@ TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadRange3) {
|
||||
s.GenerateDerivedKeysFromKeybox();
|
||||
struct RSAPrivateKeyMessage encrypted;
|
||||
std::vector<uint8_t> signature;
|
||||
s.MakeRSACertificate(&encrypted, &signature, kSign_RSASSA_PSS);
|
||||
s.MakeRSACertificate(&encrypted, &signature, kSign_RSASSA_PSS,
|
||||
encoded_rsa_key_);
|
||||
const uint8_t* message_ptr = reinterpret_cast<const uint8_t*>(&encrypted);
|
||||
vector<uint8_t> wrapped_key;
|
||||
|
||||
@@ -2875,7 +2869,8 @@ TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadSignature) {
|
||||
s.GenerateDerivedKeysFromKeybox();
|
||||
struct RSAPrivateKeyMessage encrypted;
|
||||
std::vector<uint8_t> signature;
|
||||
s.MakeRSACertificate(&encrypted, &signature, kSign_RSASSA_PSS);
|
||||
s.MakeRSACertificate(&encrypted, &signature, kSign_RSASSA_PSS,
|
||||
encoded_rsa_key_);
|
||||
vector<uint8_t> wrapped_key;
|
||||
const uint8_t* message_ptr = reinterpret_cast<const uint8_t*>(&encrypted);
|
||||
|
||||
@@ -2903,7 +2898,8 @@ TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadNonce) {
|
||||
s.GenerateDerivedKeysFromKeybox();
|
||||
struct RSAPrivateKeyMessage encrypted;
|
||||
std::vector<uint8_t> signature;
|
||||
s.MakeRSACertificate(&encrypted, &signature, kSign_RSASSA_PSS);
|
||||
s.MakeRSACertificate(&encrypted, &signature, kSign_RSASSA_PSS,
|
||||
encoded_rsa_key_);
|
||||
vector<uint8_t> wrapped_key;
|
||||
const uint8_t* message_ptr = reinterpret_cast<const uint8_t*>(&encrypted);
|
||||
|
||||
@@ -2931,7 +2927,8 @@ TEST_F(OEMCryptoLoadsCertificate, CertificateProvisionBadRSAKey) {
|
||||
s.GenerateDerivedKeysFromKeybox();
|
||||
struct RSAPrivateKeyMessage encrypted;
|
||||
std::vector<uint8_t> signature;
|
||||
s.MakeRSACertificate(&encrypted, &signature, kSign_RSASSA_PSS);
|
||||
s.MakeRSACertificate(&encrypted, &signature, kSign_RSASSA_PSS,
|
||||
encoded_rsa_key_);
|
||||
vector<uint8_t> wrapped_key;
|
||||
const uint8_t* message_ptr = reinterpret_cast<const uint8_t*>(&encrypted);
|
||||
|
||||
@@ -3110,45 +3107,69 @@ class OEMCryptoLoadsCertificateAlternates : public OEMCryptoLoadsCertificate {
|
||||
void LoadWithAllowedSchemes(uint32_t schemes, bool force) {
|
||||
CreateWrappedRSAKey(&wrapped_rsa_key_, schemes, force);
|
||||
key_loaded_ = (wrapped_rsa_key_.size() > 0);
|
||||
if (force) ASSERT_TRUE(key_loaded_);
|
||||
}
|
||||
|
||||
std::vector<uint8_t> wrapped_rsa_key_;
|
||||
bool key_loaded_;
|
||||
};
|
||||
|
||||
// The alternate padding is only required for cast receivers, but all devices
|
||||
// should forbid the alternate padding for regular certificates.
|
||||
TEST_F(OEMCryptoLoadsCertificateAlternates, DisallowForbiddenPadding) {
|
||||
LoadWithAllowedSchemes(kSign_RSASSA_PSS, true); // Use default padding scheme
|
||||
DisallowForbiddenPadding(kSign_PKCS1_Block1, 50);
|
||||
}
|
||||
|
||||
// TODO(fredgc): Clean this up a bit. Still need to test signature algorithms
|
||||
// if uses_certificate but not loads_certificate.
|
||||
// The alternate padding is only required for cast receivers, but if a device
|
||||
// does load an alternate certificate, it should NOT use it for generating
|
||||
// a license request signature.
|
||||
TEST_F(OEMCryptoLoadsCertificateAlternates, TestSignaturePKCS1) {
|
||||
// Try to load an RSA key with alternative padding schemes. This signing
|
||||
// scheme is used by cast receivers.
|
||||
LoadWithAllowedSchemes(kSign_PKCS1_Block1, false);
|
||||
// If the device is a cast receiver, then this scheme is required.
|
||||
if (global_features.cast_receiver) ASSERT_TRUE(key_loaded_);
|
||||
// If the key loaded with no error, then we will verify that it is not used
|
||||
// for forbidden padding schemes.
|
||||
if (key_loaded_) {
|
||||
// The other padding scheme should fail.
|
||||
DisallowForbiddenPadding(kSign_RSASSA_PSS, 83);
|
||||
DisallowDeriveKeys();
|
||||
if (global_features.cast_receiver) {
|
||||
// A signature with a valid size should succeed.
|
||||
TestSignature(kSign_PKCS1_Block1, 83);
|
||||
TestSignature(kSign_PKCS1_Block1, 50);
|
||||
}
|
||||
// A signature with padding that is too big should fail.
|
||||
DisallowForbiddenPadding(kSign_PKCS1_Block1, 84); // too big.
|
||||
}
|
||||
}
|
||||
|
||||
TEST_F(OEMCryptoLoadsCertificateAlternates, TestSignatureBoth) {
|
||||
// Try to load an RSA key with alternative padding schemes. This key
|
||||
// is allowed to sign with either padding scheme. Devices are not required
|
||||
// to support both padding schemes.
|
||||
LoadWithAllowedSchemes(kSign_RSASSA_PSS | kSign_PKCS1_Block1, false);
|
||||
if (global_features.cast_receiver) ASSERT_TRUE(key_loaded_);
|
||||
// If the device loads this key, it should process it correctly.
|
||||
if (key_loaded_) {
|
||||
DisallowDeriveKeys();
|
||||
// A signature with padding that is too big should fail.
|
||||
DisallowForbiddenPadding(kSign_PKCS1_Block1, 84);
|
||||
if (global_features.cast_receiver) {
|
||||
TestSignature(kSign_RSASSA_PSS, 200);
|
||||
// A signature with a valid size should succeed.
|
||||
TestSignature(kSign_PKCS1_Block1, 83);
|
||||
TestSignature(kSign_PKCS1_Block1, 50);
|
||||
DisallowForbiddenPadding(kSign_PKCS1_Block1, 84);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// This tests attempts to use alternate algorithms for main device certs.
|
||||
class OEMCryptoCastReceiverTest : public OEMCryptoLoadsCertificate {
|
||||
// This test verifies RSA signing with the alternate padding scheme used by
|
||||
// Android cast receivers, PKCS1 Block 1. These tests are not required for
|
||||
// other devices, and should be filtered out by DeviceFeatures::Initialize for
|
||||
// those devices.
|
||||
class OEMCryptoCastReceiverTest : public OEMCryptoLoadsCertificateAlternates {
|
||||
protected:
|
||||
vector<uint8_t> encode(uint8_t type, const vector<uint8_t>& substring) {
|
||||
vector<uint8_t> result;
|
||||
@@ -3175,6 +3196,7 @@ class OEMCryptoCastReceiverTest : public OEMCryptoLoadsCertificate {
|
||||
return result;
|
||||
}
|
||||
|
||||
// This encodes the RSA key used in the PKCS#1 signing tests below.
|
||||
void BuildRSAKey() {
|
||||
vector<uint8_t> field_n =
|
||||
encode(0x02, wvcdm::a2b_hex(
|
||||
@@ -3272,7 +3294,7 @@ class OEMCryptoCastReceiverTest : public OEMCryptoLoadsCertificate {
|
||||
"36995aac7e527490ac952a02268a4f18"));
|
||||
|
||||
// Header of rsa key is constant.
|
||||
encoded_key_ = wvcdm::a2b_hex(
|
||||
encoded_rsa_key_ = wvcdm::a2b_hex(
|
||||
// 0x02 0x01 0x00 == integer, size 1 byte, value = 0 (field=version)
|
||||
"020100"
|
||||
// 0x30, sequence, size = d = 13 (field=pkeyalg) AlgorithmIdentifier
|
||||
@@ -3304,40 +3326,8 @@ class OEMCryptoCastReceiverTest : public OEMCryptoLoadsCertificate {
|
||||
pkey = encode(0x30, pkey);
|
||||
pkey = encode(0x04, pkey);
|
||||
|
||||
encoded_key_ = concat(encoded_key_, pkey);
|
||||
encoded_key_ = encode(0x30, encoded_key_); // 0x30=sequence
|
||||
}
|
||||
|
||||
void DisallowForbiddenPadding(RSA_Padding_Scheme scheme, size_t size) {
|
||||
OEMCryptoResult sts;
|
||||
Session s;
|
||||
s.open();
|
||||
sts = OEMCrypto_LoadDeviceRSAKey(s.session_id(), &wrapped_rsa_key_[0],
|
||||
wrapped_rsa_key_.size());
|
||||
ASSERT_EQ(OEMCrypto_SUCCESS, sts);
|
||||
|
||||
// Sign a Message
|
||||
vector<uint8_t> licenseRequest(size);
|
||||
OEMCrypto_GetRandom(&licenseRequest[0], licenseRequest.size());
|
||||
size_t signature_length = 256;
|
||||
vector<uint8_t> signature(signature_length);
|
||||
sts = OEMCrypto_GenerateRSASignature(s.session_id(), &licenseRequest[0],
|
||||
licenseRequest.size(), &signature[0],
|
||||
&signature_length, scheme);
|
||||
// Allow OEMCrypto to request a full buffer.
|
||||
if (sts == OEMCrypto_ERROR_SHORT_BUFFER) {
|
||||
ASSERT_NE(static_cast<size_t>(0), signature_length);
|
||||
signature.assign(signature_length, 0);
|
||||
sts = OEMCrypto_GenerateRSASignature(s.session_id(), &licenseRequest[0],
|
||||
licenseRequest.size(), &signature[0],
|
||||
&signature_length, scheme);
|
||||
}
|
||||
|
||||
ASSERT_NE(OEMCrypto_SUCCESS, sts)
|
||||
<< "Signed with forbidden padding scheme=" << (int)scheme
|
||||
<< ", size=" << (int)size;
|
||||
vector<uint8_t> zero(signature_length, 0);
|
||||
ASSERT_EQ(zero, signature); // signature should not be computed.
|
||||
encoded_rsa_key_ = concat(encoded_rsa_key_, pkey);
|
||||
encoded_rsa_key_ = encode(0x30, encoded_rsa_key_); // 0x30=sequence
|
||||
}
|
||||
|
||||
// This is used to test a signature from the file pkcs1v15sign-vectors.txt.
|
||||
@@ -3379,7 +3369,7 @@ class OEMCryptoCastReceiverTest : public OEMCryptoLoadsCertificate {
|
||||
ASSERT_EQ(OEMCrypto_SUCCESS, sts)
|
||||
<< "Failed to sign with padding scheme=" << (int)scheme
|
||||
<< ", size=" << (int)message.size();
|
||||
s.PreparePublicKey(&encoded_key_[0], encoded_key_.size());
|
||||
s.PreparePublicKey(&encoded_rsa_key_[0], encoded_rsa_key_.size());
|
||||
|
||||
// Verify that the signature matches the official test vector.
|
||||
ASSERT_EQ(correct_signature.size(), signature_length);
|
||||
@@ -3392,24 +3382,12 @@ class OEMCryptoCastReceiverTest : public OEMCryptoLoadsCertificate {
|
||||
s.VerifyRSASignature(digest, &correct_signature[0],
|
||||
correct_signature.size(), scheme);
|
||||
}
|
||||
|
||||
void LoadWithAllowedSchemes(uint32_t schemes, bool force) {
|
||||
BuildRSAKey();
|
||||
CreateWrappedRSAKey(&wrapped_rsa_key_, schemes, force, &encoded_key_[0],
|
||||
encoded_key_.size());
|
||||
key_loaded_ = (wrapped_rsa_key_.size() > 0);
|
||||
ASSERT_TRUE(key_loaded_);
|
||||
}
|
||||
|
||||
std::vector<uint8_t> encoded_key_;
|
||||
std::vector<uint8_t> wrapped_rsa_key_;
|
||||
bool key_loaded_;
|
||||
};
|
||||
|
||||
// # PKCS#1 v1.5 Signature Example 15.1
|
||||
TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_1) {
|
||||
LoadWithAllowedSchemes(kSign_PKCS1_Block1, false);
|
||||
if (key_loaded_) {
|
||||
BuildRSAKey();
|
||||
LoadWithAllowedSchemes(kSign_PKCS1_Block1, true);
|
||||
vector<uint8_t> message = wvcdm::a2b_hex(
|
||||
"f45d55f35551e975d6a8dc7ea9f48859"
|
||||
"3940cc75694a278f27e578a163d839b3"
|
||||
@@ -3444,12 +3422,11 @@ TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_1) {
|
||||
"dac7bd4586bc9382191f6d2880f6227e"
|
||||
"5df3eed21e7792d249480487f3655261");
|
||||
TestSignature(kSign_PKCS1_Block1, message, signature);
|
||||
}
|
||||
}
|
||||
// # PKCS#1 v1.5 Signature Example 15.2
|
||||
TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_2) {
|
||||
LoadWithAllowedSchemes(kSign_PKCS1_Block1, false);
|
||||
if (key_loaded_) {
|
||||
BuildRSAKey();
|
||||
LoadWithAllowedSchemes(kSign_PKCS1_Block1, true);
|
||||
vector<uint8_t> message = wvcdm::a2b_hex(
|
||||
"c14b4c6075b2f9aad661def4ecfd3cb9"
|
||||
"33c623f4e63bf53410d2f016d1ab98e2"
|
||||
@@ -3479,13 +3456,12 @@ TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_2) {
|
||||
"8c4aa3121588fb6cf68396d8ac054659"
|
||||
"9500c9708500a5972bd54f72cf8db0c8");
|
||||
TestSignature(kSign_PKCS1_Block1, message, signature);
|
||||
}
|
||||
}
|
||||
|
||||
// # PKCS#1 v1.5 Signature Example 15.3
|
||||
TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_3) {
|
||||
LoadWithAllowedSchemes(kSign_PKCS1_Block1, false);
|
||||
if (key_loaded_) {
|
||||
BuildRSAKey();
|
||||
LoadWithAllowedSchemes(kSign_PKCS1_Block1, true);
|
||||
vector<uint8_t> message = wvcdm::a2b_hex(
|
||||
"d02371ad7ee48bbfdb2763de7a843b94"
|
||||
"08ce5eb5abf847ca3d735986df84e906"
|
||||
@@ -3521,13 +3497,12 @@ TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_3) {
|
||||
"b6c0b4140ef11970c4630d44344e76ea"
|
||||
"ed74dcbee811dbf6575941f08a6523b8");
|
||||
TestSignature(kSign_PKCS1_Block1, message, signature);
|
||||
}
|
||||
};
|
||||
|
||||
// # PKCS#1 v1.5 Signature Example 15.4
|
||||
TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_4) {
|
||||
LoadWithAllowedSchemes(kSign_PKCS1_Block1, false);
|
||||
if (key_loaded_) {
|
||||
BuildRSAKey();
|
||||
LoadWithAllowedSchemes(kSign_PKCS1_Block1, true);
|
||||
vector<uint8_t> message = wvcdm::a2b_hex(
|
||||
"29035584ab7e0226a9ec4b02e8dcf127"
|
||||
"2dc9a41d73e2820007b0f6e21feccd5b"
|
||||
@@ -3551,13 +3526,12 @@ TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_4) {
|
||||
"5dcbc2613bc120421f9e3653c5a87672"
|
||||
"97643c7e0740de016355453d6c95ae72");
|
||||
TestSignature(kSign_PKCS1_Block1, message, signature);
|
||||
}
|
||||
}
|
||||
|
||||
// # PKCS#1 v1.5 Signature Example 15.5
|
||||
TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_5) {
|
||||
LoadWithAllowedSchemes(kSign_PKCS1_Block1, false);
|
||||
if (key_loaded_) {
|
||||
BuildRSAKey();
|
||||
LoadWithAllowedSchemes(kSign_PKCS1_Block1, true);
|
||||
vector<uint8_t> message = wvcdm::a2b_hex("bda3a1c79059eae598308d3df609");
|
||||
vector<uint8_t> signature = wvcdm::a2b_hex(
|
||||
"a156176cb96777c7fb96105dbd913bc4"
|
||||
@@ -3577,13 +3551,12 @@ TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_5) {
|
||||
"c5182d8f151bf41dfeccaed7cde690b2"
|
||||
"1647106b490c729d54a8fe2802a6d126");
|
||||
TestSignature(kSign_PKCS1_Block1, message, signature);
|
||||
}
|
||||
}
|
||||
|
||||
// # PKCS#1 v1.5 Signature Example 15.6
|
||||
TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_6) {
|
||||
LoadWithAllowedSchemes(kSign_PKCS1_Block1, false);
|
||||
if (key_loaded_) {
|
||||
BuildRSAKey();
|
||||
LoadWithAllowedSchemes(kSign_PKCS1_Block1, true);
|
||||
vector<uint8_t> message = wvcdm::a2b_hex(
|
||||
"c187915e4e87da81c08ed4356a0cceac"
|
||||
"1c4fb5c046b45281b387ec28f1abfd56"
|
||||
@@ -3610,13 +3583,12 @@ TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_6) {
|
||||
"89dd195a38b42de4edc49d346478b9f1"
|
||||
"1f0557205f5b0bd7ffe9c850f396d7c4");
|
||||
TestSignature(kSign_PKCS1_Block1, message, signature);
|
||||
}
|
||||
}
|
||||
|
||||
// # PKCS#1 v1.5 Signature Example 15.7
|
||||
TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_7) {
|
||||
LoadWithAllowedSchemes(kSign_PKCS1_Block1, false);
|
||||
if (key_loaded_) {
|
||||
BuildRSAKey();
|
||||
LoadWithAllowedSchemes(kSign_PKCS1_Block1, true);
|
||||
vector<uint8_t> message = wvcdm::a2b_hex(
|
||||
"abfa2ecb7d29bd5bcb9931ce2bad2f74"
|
||||
"383e95683cee11022f08e8e7d0b8fa05"
|
||||
@@ -3644,13 +3616,12 @@ TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_7) {
|
||||
"52c8d12ea33bf053a300f4afc4f098df"
|
||||
"4e6d886779d64594d369158fdbc1f694");
|
||||
TestSignature(kSign_PKCS1_Block1, message, signature);
|
||||
}
|
||||
}
|
||||
|
||||
// # PKCS#1 v1.5 Signature Example 15.8
|
||||
TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_8) {
|
||||
LoadWithAllowedSchemes(kSign_PKCS1_Block1, false);
|
||||
if (key_loaded_) {
|
||||
BuildRSAKey();
|
||||
LoadWithAllowedSchemes(kSign_PKCS1_Block1, true);
|
||||
vector<uint8_t> message = wvcdm::a2b_hex(
|
||||
"df4044a89a83e9fcbf1262540ae3038b"
|
||||
"bc90f2b2628bf2a4467ac67722d8546b"
|
||||
@@ -3684,13 +3655,12 @@ TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_8) {
|
||||
"dd64ad16bd0125d0348e383085f08894"
|
||||
"861ca18987227d37b42b584a8357cb04");
|
||||
TestSignature(kSign_PKCS1_Block1, message, signature);
|
||||
}
|
||||
}
|
||||
|
||||
// # PKCS#1 v1.5 Signature Example 15.9
|
||||
TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_9) {
|
||||
LoadWithAllowedSchemes(kSign_PKCS1_Block1, false);
|
||||
if (key_loaded_) {
|
||||
BuildRSAKey();
|
||||
LoadWithAllowedSchemes(kSign_PKCS1_Block1, true);
|
||||
vector<uint8_t> message = wvcdm::a2b_hex(
|
||||
"ea941ff06f86c226927fcf0e3b11b087"
|
||||
"2676170c1bfc33bda8e265c77771f9d0"
|
||||
@@ -3722,13 +3692,12 @@ TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_9) {
|
||||
"0af0e7157dc298c6cd2dee2262f8cddc"
|
||||
"10f11e01741471bbfd6518a175734575");
|
||||
TestSignature(kSign_PKCS1_Block1, message, signature);
|
||||
}
|
||||
}
|
||||
|
||||
// # PKCS#1 v1.5 Signature Example 15.10
|
||||
TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_10) {
|
||||
LoadWithAllowedSchemes(kSign_PKCS1_Block1, false);
|
||||
if (key_loaded_) {
|
||||
BuildRSAKey();
|
||||
LoadWithAllowedSchemes(kSign_PKCS1_Block1, true);
|
||||
vector<uint8_t> message = wvcdm::a2b_hex(
|
||||
"d8b81645c13cd7ecf5d00ed2c91b9acd"
|
||||
"46c15568e5303c4a9775ede76b48403d"
|
||||
@@ -3753,13 +3722,12 @@ TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_10) {
|
||||
"0aab07153d01f48d086df0bfbec05e7b"
|
||||
"443b97e71718970e2f4bf62023e95b67");
|
||||
TestSignature(kSign_PKCS1_Block1, message, signature);
|
||||
}
|
||||
}
|
||||
|
||||
// # PKCS#1 v1.5 Signature Example 15.11
|
||||
TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_11) {
|
||||
LoadWithAllowedSchemes(kSign_PKCS1_Block1, false);
|
||||
if (key_loaded_) {
|
||||
BuildRSAKey();
|
||||
LoadWithAllowedSchemes(kSign_PKCS1_Block1, true);
|
||||
vector<uint8_t> message = wvcdm::a2b_hex(
|
||||
"e5739b6c14c92d510d95b826933337ff"
|
||||
"0d24ef721ac4ef64c2bad264be8b44ef"
|
||||
@@ -3788,13 +3756,12 @@ TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_11) {
|
||||
"f3125edd48521ae3b9b03217f4496d0d"
|
||||
"8ede57acbc5bd4deae74a56f86671de2");
|
||||
TestSignature(kSign_PKCS1_Block1, message, signature);
|
||||
}
|
||||
}
|
||||
|
||||
// # PKCS#1 v1.5 Signature Example 15.12
|
||||
TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_12) {
|
||||
LoadWithAllowedSchemes(kSign_PKCS1_Block1, false);
|
||||
if (key_loaded_) {
|
||||
BuildRSAKey();
|
||||
LoadWithAllowedSchemes(kSign_PKCS1_Block1, true);
|
||||
vector<uint8_t> message = wvcdm::a2b_hex(
|
||||
"7af42835917a88d6b3c6716ba2f5b0d5"
|
||||
"b20bd4e2e6e574e06af1eef7c81131be"
|
||||
@@ -3830,13 +3797,12 @@ TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_12) {
|
||||
"07cf0359683d2298e35948ed806c063c"
|
||||
"606ea178150b1efc15856934c7255cfe");
|
||||
TestSignature(kSign_PKCS1_Block1, message, signature);
|
||||
}
|
||||
}
|
||||
|
||||
// # PKCS#1 v1.5 Signature Example 15.13
|
||||
TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_13) {
|
||||
LoadWithAllowedSchemes(kSign_PKCS1_Block1, false);
|
||||
if (key_loaded_) {
|
||||
BuildRSAKey();
|
||||
LoadWithAllowedSchemes(kSign_PKCS1_Block1, true);
|
||||
vector<uint8_t> message = wvcdm::a2b_hex(
|
||||
"ebaef3f9f23bdfe5fa6b8af4c208c189"
|
||||
"f2251bf32f5f137b9de4406378686b3f"
|
||||
@@ -3860,13 +3826,12 @@ TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_13) {
|
||||
"459f57d5013638483de2d91cb3c490da"
|
||||
"81c46de6cd76ea8a0c8f6fe331712d24");
|
||||
TestSignature(kSign_PKCS1_Block1, message, signature);
|
||||
}
|
||||
}
|
||||
|
||||
// # PKCS#1 v1.5 Signature Example 15.14
|
||||
TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_14) {
|
||||
LoadWithAllowedSchemes(kSign_PKCS1_Block1, false);
|
||||
if (key_loaded_) {
|
||||
BuildRSAKey();
|
||||
LoadWithAllowedSchemes(kSign_PKCS1_Block1, true);
|
||||
vector<uint8_t> message = wvcdm::a2b_hex(
|
||||
"c5a2711278761dfcdd4f0c99e6f5619d"
|
||||
"6c48b5d4c1a80982faa6b4cf1cf7a60f"
|
||||
@@ -3897,13 +3862,12 @@ TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_14) {
|
||||
"99fe98ae4eb49f3ff41c5040a50cefc9"
|
||||
"bdf2394b749cf164480df1ab6880273b");
|
||||
TestSignature(kSign_PKCS1_Block1, message, signature);
|
||||
}
|
||||
}
|
||||
|
||||
// # PKCS#1 v1.5 Signature Example 15.15
|
||||
TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_15) {
|
||||
LoadWithAllowedSchemes(kSign_PKCS1_Block1, false);
|
||||
if (key_loaded_) {
|
||||
BuildRSAKey();
|
||||
LoadWithAllowedSchemes(kSign_PKCS1_Block1, true);
|
||||
vector<uint8_t> message = wvcdm::a2b_hex(
|
||||
"9bf8aa253b872ea77a7e23476be26b23"
|
||||
"29578cf6ac9ea2805b357f6fc3ad130d"
|
||||
@@ -3937,13 +3901,12 @@ TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_15) {
|
||||
"ec49a378ac8a3c74439f7cc555ba13f8"
|
||||
"59070890ee18ff658fa4d741969d70a5");
|
||||
TestSignature(kSign_PKCS1_Block1, message, signature);
|
||||
}
|
||||
}
|
||||
|
||||
// # PKCS#1 v1.5 Signature Example 15.16
|
||||
TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_16) {
|
||||
LoadWithAllowedSchemes(kSign_PKCS1_Block1, false);
|
||||
if (key_loaded_) {
|
||||
BuildRSAKey();
|
||||
LoadWithAllowedSchemes(kSign_PKCS1_Block1, true);
|
||||
vector<uint8_t> message = wvcdm::a2b_hex(
|
||||
"32474830e2203754c8bf0681dc4f842a"
|
||||
"fe360930378616c108e833656e5640c8"
|
||||
@@ -3979,13 +3942,12 @@ TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_16) {
|
||||
"440b86e10c199715fa0b6f4250b53373"
|
||||
"2d0befe1545150fc47b876de09b00a94");
|
||||
TestSignature(kSign_PKCS1_Block1, message, signature);
|
||||
}
|
||||
}
|
||||
|
||||
// # PKCS#1 v1.5 Signature Example 15.17
|
||||
TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_17) {
|
||||
LoadWithAllowedSchemes(kSign_PKCS1_Block1, false);
|
||||
if (key_loaded_) {
|
||||
BuildRSAKey();
|
||||
LoadWithAllowedSchemes(kSign_PKCS1_Block1, true);
|
||||
vector<uint8_t> message = wvcdm::a2b_hex(
|
||||
"008e59505eafb550aae5e845584cebb0"
|
||||
"0b6de1733e9f95d42c882a5bbeb5ce1c"
|
||||
@@ -4009,13 +3971,12 @@ TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_17) {
|
||||
"5f8d4d496acf03d3033b7ccd196bc22f"
|
||||
"68fb7bef4f697c5ea2b35062f48a36dd");
|
||||
TestSignature(kSign_PKCS1_Block1, message, signature);
|
||||
}
|
||||
}
|
||||
|
||||
// # PKCS#1 v1.5 Signature Example 15.18
|
||||
TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_18) {
|
||||
LoadWithAllowedSchemes(kSign_PKCS1_Block1, false);
|
||||
if (key_loaded_) {
|
||||
BuildRSAKey();
|
||||
LoadWithAllowedSchemes(kSign_PKCS1_Block1, true);
|
||||
vector<uint8_t> message = wvcdm::a2b_hex(
|
||||
"6abc54cf8d1dff1f53b17d8160368878"
|
||||
"a8788cc6d22fa5c2258c88e660b09a89"
|
||||
@@ -4040,13 +4001,12 @@ TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_18) {
|
||||
"1930f99763272f9797bcb76f1d248157"
|
||||
"5558fcf260b1f0e554ebb3df3cfcb958");
|
||||
TestSignature(kSign_PKCS1_Block1, message, signature);
|
||||
}
|
||||
}
|
||||
|
||||
// # PKCS#1 v1.5 Signature Example 15.19
|
||||
TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_19) {
|
||||
LoadWithAllowedSchemes(kSign_PKCS1_Block1, false);
|
||||
if (key_loaded_) {
|
||||
BuildRSAKey();
|
||||
LoadWithAllowedSchemes(kSign_PKCS1_Block1, true);
|
||||
vector<uint8_t> message = wvcdm::a2b_hex(
|
||||
"af2d78152cf10efe01d274f217b177f6"
|
||||
"b01b5e749f1567715da324859cd3dd88"
|
||||
@@ -4078,13 +4038,12 @@ TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_19) {
|
||||
"229d9ef2b1b3807e321018920ad3e53d"
|
||||
"ae47e6d9395c184b93a374c671faa2ce");
|
||||
TestSignature(kSign_PKCS1_Block1, message, signature);
|
||||
}
|
||||
}
|
||||
|
||||
// # PKCS#1 v1.5 Signature Example 15.20
|
||||
TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_20) {
|
||||
LoadWithAllowedSchemes(kSign_PKCS1_Block1, false);
|
||||
if (key_loaded_) {
|
||||
BuildRSAKey();
|
||||
LoadWithAllowedSchemes(kSign_PKCS1_Block1, true);
|
||||
vector<uint8_t> message = wvcdm::a2b_hex(
|
||||
"40ee992458d6f61486d25676a96dd2cb"
|
||||
"93a37f04b178482f2b186cf88215270d"
|
||||
@@ -4116,7 +4075,6 @@ TEST_F(OEMCryptoCastReceiverTest, TestSignaturePKCS1_15_20) {
|
||||
"a52cfce899cd79b15b4fc3723641ef6b"
|
||||
"d00acc10407e5df58dd1c3c5c559a506");
|
||||
TestSignature(kSign_PKCS1_Block1, message, signature);
|
||||
}
|
||||
}
|
||||
|
||||
class GenericCryptoTest : public OEMCryptoSessionTests {
|
||||
@@ -4160,7 +4118,7 @@ class GenericCryptoTest : public OEMCryptoSessionTests {
|
||||
uint8_t iv_buffer[wvcdm::KEY_IV_SIZE];
|
||||
memcpy(iv_buffer, iv_, wvcdm::KEY_IV_SIZE);
|
||||
out_buffer->resize(in_buffer.size());
|
||||
ASSERT_GT(in_buffer.size(), 0);
|
||||
ASSERT_GT(in_buffer.size(), 0u);
|
||||
ASSERT_EQ(0, in_buffer.size() % AES_BLOCK_SIZE);
|
||||
AES_cbc_encrypt(&in_buffer[0], out_buffer->data(), in_buffer.size(),
|
||||
&aes_key, iv_buffer, AES_ENCRYPT);
|
||||
|
||||
Reference in New Issue
Block a user