From 80e9ea9cb0365232e8ae65502d7dd2710bafa17f Mon Sep 17 00:00:00 2001 From: Fred Gylys-Colwell Date: Fri, 14 Mar 2014 16:40:17 -0700 Subject: [PATCH] Add alternate RSA signing From the Widevine CDM repository: https://widevine-internal-review.googlesource.com/#/c/9183/ This adds unit tests for RSA signing with PKCS1 block type 1. It also adds a reference implementation. This is part of OEMCrypto v9. Change-Id: I2a40dbff65f6e09d75f16ae048499512f60c168d --- .../mock/src/oemcrypto_engine_mock.cpp | 78 +- .../mock/src/oemcrypto_engine_mock.h | 7 +- .../oemcrypto/mock/src/oemcrypto_mock.cpp | 13 +- .../oemcrypto/test/oemcrypto_test.cpp | 1393 ++++++++++++++++- 4 files changed, 1376 insertions(+), 115 deletions(-) diff --git a/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_mock.cpp b/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_mock.cpp index d7b0c429..76d4ca49 100644 --- a/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_mock.cpp +++ b/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_mock.cpp @@ -8,6 +8,7 @@ #include "oemcrypto_engine_mock.h" +#include #include #include #include @@ -253,7 +254,8 @@ size_t SessionContext::RSASignatureSize() { bool SessionContext::GenerateRSASignature(const uint8_t* message, size_t message_length, uint8_t* signature, - size_t* signature_length) { + size_t* signature_length, + RSA_Padding_Scheme padding_scheme) { if (message == NULL || message_length == 0 || signature == NULL || signature_length == 0) { LOGE("[GenerateRSASignature(): OEMCrypto_ERROR_INVALID_CONTEXT]"); @@ -267,33 +269,55 @@ bool SessionContext::GenerateRSASignature(const uint8_t* message, *signature_length = RSA_size(rsa_key_); return false; } - - // Hash the message using SHA1. - uint8_t hash[SHA_DIGEST_LENGTH]; - if (!SHA1(message, message_length, hash)) { - LOGE("[GeneratRSASignature(): error creating signature hash.]"); - dump_openssl_error(); + if ((padding_scheme & allowed_schemes_) != padding_scheme) { + LOGE("[GenerateRSASignature(): padding_scheme not allowed]"); return false; } - // Add PSS padding. - std::vector padded_digest(*signature_length); - int status = RSA_padding_add_PKCS1_PSS(rsa_key_, &padded_digest[0], hash, - EVP_sha1(), kPssSaltLength); - if (status == -1) { - LOGE("[GeneratRSASignature(): error padding hash.]"); - dump_openssl_error(); + if (padding_scheme == kSign_RSASSA_PSS) { + // Hash the message using SHA1. + uint8_t hash[SHA_DIGEST_LENGTH]; + if (!SHA1(message, message_length, hash)) { + LOGE("[GeneratRSASignature(): error creating signature hash.]"); + dump_openssl_error(); + return false; + } + + // Add PSS padding. + std::vector padded_digest(*signature_length); + int status = RSA_padding_add_PKCS1_PSS(rsa_key_, &padded_digest[0], hash, + EVP_sha1(), kPssSaltLength); + if (status == -1) { + LOGE("[GeneratRSASignature(): error padding hash.]"); + dump_openssl_error(); + return false; + } + + // Encrypt PSS padded digest. + status = RSA_private_encrypt(*signature_length, &padded_digest[0], signature, + rsa_key_, RSA_NO_PADDING); + if (status == -1) { + LOGE("[GeneratRSASignature(): error in private encrypt.]"); + dump_openssl_error(); + return false; + } + } else if (padding_scheme == kSign_PKCS1_Block1) { + if (message_length > 83) { + LOGE("[GeneratRSASignature(): RSA digest too large.]"); + return false; + } + // Pad the message with PKCS1 padding, and then encrypt. + int status = RSA_private_encrypt(message_length, message, signature, + rsa_key_, RSA_PKCS1_PADDING); + if (status != *signature_length) { + LOGE("[GeneratRSASignature(): error in RSA private encrypt. status=%d]", status); + dump_openssl_error(); + return false; + } + } else { // Bad RSA_Padding_Scheme return false; } - // Encrypt PSS padded digest. - status = RSA_private_encrypt(*signature_length, &padded_digest[0], signature, - rsa_key_, RSA_NO_PADDING); - if (status == -1) { - LOGE("[GeneratRSASignature(): error in private encrypt.]"); - dump_openssl_error(); - return false; - } return true; } @@ -486,6 +510,16 @@ bool SessionContext::LoadRSAKey(uint8_t* pkcs8_rsa_key, RSA_free(rsa_key_); rsa_key_ = NULL; } + if (rsa_key_length < 8) { + LOGE("[LoadRSAKey(): Very Short Buffer]"); + return false; + } + if( (memcmp(pkcs8_rsa_key, "SIGN", 4) == 0) ) { + uint32_t *schemes_n = (uint32_t *)(pkcs8_rsa_key + 4); + allowed_schemes_ = htonl(*schemes_n); + pkcs8_rsa_key += 8; + rsa_key_length -= 8; + } BIO *bio = BIO_new_mem_buf(pkcs8_rsa_key, rsa_key_length); if( bio == NULL ) { LOGE("[LoadRSAKey(): Could not allocate bio buffer]"); diff --git a/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_mock.h b/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_mock.h index 46d2fb3f..07d37d74 100644 --- a/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_mock.h +++ b/libwvdrmengine/oemcrypto/mock/src/oemcrypto_engine_mock.h @@ -88,7 +88,7 @@ class SessionContext { public: explicit SessionContext(CryptoEngine* ce, SessionId sid) : valid_(true), ce_(ce), id_(sid), current_content_key_(NULL), - rsa_key_(NULL) {} + rsa_key_(NULL), allowed_schemes_(kSign_RSASSA_PSS) {} ~SessionContext() {} void Open(); @@ -110,7 +110,8 @@ class SessionContext { bool GenerateRSASignature(const uint8_t* message, size_t message_length, uint8_t* signature, - size_t* signature_length); + size_t* signature_length, + RSA_Padding_Scheme padding_scheme); bool ValidateMessage(const uint8_t* message, size_t message_length, const uint8_t* signature, @@ -177,6 +178,7 @@ class SessionContext { encryption_key_ = enc_key; } const std::vector& encryption_key() { return encryption_key_; } + const uint32_t allowed_schemes() { return allowed_schemes_; } void AddNonce(uint32_t nonce); bool CheckNonce(uint32_t nonce); @@ -198,6 +200,7 @@ class SessionContext { SessionKeyTable session_keys_; NonceTable nonce_table_; RSA* rsa_key_; + uint32_t allowed_schemes_; // for RSA signatures. time_t timer_start_; CORE_DISALLOW_COPY_AND_ASSIGN(SessionContext); diff --git a/libwvdrmengine/oemcrypto/mock/src/oemcrypto_mock.cpp b/libwvdrmengine/oemcrypto/mock/src/oemcrypto_mock.cpp index 1e233514..54e2d3c2 100644 --- a/libwvdrmengine/oemcrypto/mock/src/oemcrypto_mock.cpp +++ b/libwvdrmengine/oemcrypto/mock/src/oemcrypto_mock.cpp @@ -928,15 +928,11 @@ OEMCryptoResult OEMCrypto_GenerateRSASignature(OEMCrypto_SESSION session, return OEMCrypto_ERROR_INVALID_CONTEXT; } - if (padding_scheme != kSign_RSASSA_PSS) { - LOGE("[OEMCrypto_GenerateRSASignature(): OEMCrypto_ERROR_NOT_IMPLEMENTED]"); - return OEMCrypto_ERROR_NOT_IMPLEMENTED; - } - if (session_ctx->GenerateRSASignature(message, message_length, signature, - signature_length)) { + signature_length, + padding_scheme)) { if (trace_all_calls) { dump_hex("signature", signature, *signature_length); } @@ -971,6 +967,11 @@ OEMCryptoResult OEMCrypto_DeriveKeysFromSessionKey( return OEMCrypto_ERROR_INVALID_SESSION; } + if (session_ctx->allowed_schemes() != kSign_RSASSA_PSS) { + LOGE("[OEMCrypto_GenerateDerivedKeys(): x509 key used to derive keys]"); + return OEMCrypto_ERROR_INVALID_RSA_KEY; + } + const std::vector ssn_key_str(enc_session_key, enc_session_key + enc_session_key_length); const std::vector mac_ctx_str(mac_key_context, diff --git a/libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp b/libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp index 135bf7f0..7f507d71 100644 --- a/libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp +++ b/libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp @@ -14,6 +14,7 @@ #include #include #include +#include #include #include #include @@ -1196,7 +1197,16 @@ class Session { } void MakeRSACertificate(struct RSAPrivateKeyMessage* encrypted, - std::vector* signature) { + std::vector* signature, + uint32_t allowed_schemes, + const uint8_t *rsa_key = NULL, + size_t rsa_key_length = 0) { + + if (rsa_key == NULL) { + rsa_key = kTestRSAPKCS8PrivateKeyInfo2_2048; + rsa_key_length = sizeof(kTestRSAPKCS8PrivateKeyInfo2_2048); + } + vector context = wvcdm::a2b_hex( "0a4c08001248000000020000101907d9ffde13aa95c122678053362136bdf840" "8f8276e4c2d87ec52b61aa1b9f646e58734930acebe899b3e464189a14a87202" @@ -1230,10 +1240,17 @@ class Session { // contact the certificate provisioning server to get this response. struct RSAPrivateKeyMessage message; - memcpy(message.rsa_key, kTestRSAPKCS8PrivateKeyInfo2_2048, - sizeof(kTestRSAPKCS8PrivateKeyInfo2_2048)); + if (allowed_schemes != kSign_RSASSA_PSS) { + uint32_t algorithm_n = htonl(allowed_schemes); + memcpy(message.rsa_key, "SIGN", 4); + memcpy(message.rsa_key + 4, &algorithm_n, 4); + memcpy(message.rsa_key + 8, rsa_key, rsa_key_length); + message.rsa_key_length = 8 + rsa_key_length; + } else { + memcpy(message.rsa_key, rsa_key, rsa_key_length); + message.rsa_key_length = rsa_key_length; + } OEMCrypto_GetRandom(message.rsa_key_iv, wvcdm::KEY_IV_SIZE); - message.rsa_key_length = sizeof(kTestRSAPKCS8PrivateKeyInfo2_2048); message.nonce = nonce_; EncryptMessage(&message, encrypted); @@ -1242,7 +1259,7 @@ class Session { void RewrapRSAKey(const struct RSAPrivateKeyMessage& encrypted, const std::vector& signature, - vector* wrapped_key) { + vector* wrapped_key, bool force) { size_t wrapped_key_length = 0; const uint8_t* message_ptr = reinterpret_cast(&encrypted); ASSERT_EQ(OEMCrypto_ERROR_SHORT_BUFFER, @@ -1255,68 +1272,106 @@ class Session { &wrapped_key_length)); wrapped_key->clear(); wrapped_key->resize(wrapped_key_length); - ASSERT_EQ(OEMCrypto_SUCCESS, - OEMCrypto_RewrapDeviceRSAKey(session_id(), message_ptr, - sizeof(encrypted), &signature[0], - signature.size(), &encrypted.nonce, - encrypted.rsa_key, - encrypted.rsa_key_length, - encrypted.rsa_key_iv, - &(wrapped_key->front()), - &wrapped_key_length)); + OEMCryptoResult sts = + OEMCrypto_RewrapDeviceRSAKey(session_id(), message_ptr, + sizeof(encrypted), &signature[0], + signature.size(), &encrypted.nonce, + encrypted.rsa_key, + encrypted.rsa_key_length, + encrypted.rsa_key_iv, + &(wrapped_key->front()), + &wrapped_key_length); + if (force) { + ASSERT_EQ(OEMCrypto_SUCCESS, sts); + } + if (OEMCrypto_SUCCESS != sts) { + wrapped_key->clear(); + } } - bool PreparePublicKey(const uint8_t key[], size_t length) { - uint8_t const* p = key; - public_rsa_ = d2i_RSAPublicKey(0, &p , length); + void PreparePublicKey(const uint8_t *rsa_key = NULL, + size_t rsa_key_length = 0) { + if (rsa_key == NULL) { + rsa_key = kTestRSAPKCS8PrivateKeyInfo2_2048; + rsa_key_length = sizeof(kTestRSAPKCS8PrivateKeyInfo2_2048); + } + uint8_t *p = const_cast(rsa_key); + BIO *bio = BIO_new_mem_buf(p, rsa_key_length); + ASSERT_TRUE(NULL != bio); + PKCS8_PRIV_KEY_INFO *pkcs8_pki = d2i_PKCS8_PRIV_KEY_INFO_bio(bio, NULL); + ASSERT_TRUE(NULL != pkcs8_pki); + EVP_PKEY *evp = NULL; + evp = EVP_PKCS82PKEY(pkcs8_pki); + ASSERT_TRUE(NULL != evp); + public_rsa_ = EVP_PKEY_get1_RSA(evp); + EVP_PKEY_free(evp); + PKCS8_PRIV_KEY_INFO_free(pkcs8_pki); + BIO_free(bio); if (!public_rsa_) { cout << "d2i_RSAPrivateKey failed. "; dump_openssl_error(); - return false; + ASSERT_TRUE(false); + } + switch (RSA_check_key(public_rsa_)) { + case 1: // valid. + ASSERT_TRUE(true); + return; + case 0: // not valid. + cout << "[rsa key not valid] "; + dump_openssl_error(); + ASSERT_TRUE(false); + default: // -1 == check failed. + cout << "[error checking rsa key] "; + dump_openssl_error(); + ASSERT_TRUE(false); } - return true; } - bool VerifyRSASignature(const uint8_t* message, + void VerifyRSASignature(const uint8_t* message, size_t message_length, - uint8_t* signature, - size_t* signature_length) { - if (!public_rsa_) { - cout << "No public RSA key loaded in test code.\n"; - return false; - } - if (*signature_length != static_cast(RSA_size(public_rsa_))) { - cout << "Signature size is wrong. " << *signature_length - << ", should be " << RSA_size(public_rsa_) << "\n"; - return false; - } + const uint8_t* signature, + size_t signature_length, + RSA_Padding_Scheme padding_scheme) { + EXPECT_TRUE(NULL !=public_rsa_) + << "No public RSA key loaded in test code.\n"; + EXPECT_EQ(static_cast(RSA_size(public_rsa_)), signature_length) + << "Signature size is wrong. " << signature_length + << ", should be " << RSA_size(public_rsa_) << "\n"; - // Hash the message using SHA1. - uint8_t hash[SHA_DIGEST_LENGTH]; - if (!SHA1(message, message_length, hash)) { - cout << "Error computing SHA1. "; - dump_openssl_error(); - return false; - } + if (padding_scheme == kSign_RSASSA_PSS) { + // Hash the message using SHA1. + uint8_t hash[SHA_DIGEST_LENGTH]; + if (!SHA1(message, message_length, hash)) { + dump_openssl_error(); + EXPECT_TRUE(false) << "Error computing SHA1. "; + } - // Decrypt signature to padded digest. - uint8_t padded_digest[*signature_length]; - int status; - status = RSA_public_decrypt(*signature_length, signature, padded_digest, - public_rsa_, RSA_NO_PADDING); - if (status == -1) { - cout << "VerifyRSASignature. in RSA_Public_digest "; - dump_openssl_error(); - return false; + // Decrypt signature to padded digest. + uint8_t padded_digest[signature_length]; + int status; + status = RSA_public_decrypt(signature_length, signature, padded_digest, + public_rsa_, RSA_NO_PADDING); + if (status == -1) { + dump_openssl_error(); + EXPECT_TRUE(false) << "VerifyRSASignature. in RSA_Public_digest "; + } + status = RSA_verify_PKCS1_PSS(public_rsa_, hash, EVP_sha1(), + padded_digest, SHA_DIGEST_LENGTH); + if (status != 1) { + dump_openssl_error(); + EXPECT_TRUE(false) << "VerifyRSASignature. in RSA_verify_PKCS1_PSS "; + } + } else if (padding_scheme == kSign_PKCS1_Block1) { + uint8_t padded_digest[signature_length]; + int status; + // RSA_public_decrypt decrypts the signature, and then verifies that + // it was padded with RSA PKCS1 padding. + status = RSA_public_decrypt(signature_length, signature, padded_digest, + public_rsa_, RSA_PKCS1_PADDING); + EXPECT_EQ(0, memcmp(message, padded_digest, message_length)); + } else { + EXPECT_TRUE(false) << "Padding scheme not supported."; } - status = RSA_verify_PKCS1_PSS(public_rsa_, hash, EVP_sha1(), - padded_digest, SHA_DIGEST_LENGTH); - if (status != 1) { - cout << "VerifyRSASignature. in RSA_verify_PKCS1_PSS "; - dump_openssl_error(); - return false; - } - return true; } bool GenerateRSASessionKey(vector* enc_session_key) { @@ -1345,8 +1400,7 @@ class Session { wrapped_rsa_key.size())); GenerateNonce(&nonce_); vector enc_session_key; - ASSERT_TRUE(PreparePublicKey(kTestRSAPublicKey2_2048, - sizeof(kTestRSAPublicKey2_2048))); + PreparePublicKey(); ASSERT_TRUE(GenerateRSASessionKey(&enc_session_key)); vector mac_context; vector enc_context; @@ -1364,6 +1418,21 @@ class Session { enc_key_ = wvcdm::a2b_hex("CB477D09014D72C9B8DCE76C33EA43B3"); } + void DisallowDeriveKeys() { + GenerateNonce(&nonce_); + vector enc_session_key; + PreparePublicKey(); + ASSERT_TRUE(GenerateRSASessionKey(&enc_session_key)); + vector mac_context; + vector enc_context; + FillDefaultContext(&mac_context, &enc_context); + ASSERT_EQ(OEMCrypto_ERROR_INVALID_RSA_KEY, + OEMCrypto_DeriveKeysFromSessionKey( + session_id(), &enc_session_key[0], enc_session_key.size(), + &mac_context[0], mac_context.size(), + &enc_context[0], enc_context.size())); + } + private: bool valid_; bool open_; @@ -1408,14 +1477,18 @@ class OEMCryptoClientTest : public ::testing::Test { init(); } - void CreateWrappedRSAKey(vector* wrapped_key) { + void CreateWrappedRSAKey(vector* wrapped_key, + uint32_t allowed_schemes, bool force, + const uint8_t *rsa_key = NULL, + size_t rsa_key_length = 0) { Session& s = createSession("RSA_Session"); s.open(); s.GenerateDerivedKeys(); struct RSAPrivateKeyMessage encrypted; std::vector signature; - s.MakeRSACertificate(&encrypted, &signature); - s.RewrapRSAKey(encrypted, signature, wrapped_key); + s.MakeRSACertificate(&encrypted, &signature, allowed_schemes, rsa_key, + rsa_key_length); + s.RewrapRSAKey(encrypted, signature, wrapped_key, force); s.close(); } @@ -1490,7 +1563,8 @@ TEST_F(OEMCryptoClientTest, VersionNumber) { cout << " OEMCrypto Security Level is "<< level << endl; uint32_t version = OEMCrypto_APIVersion(); cout << " OEMCrypto API version is " << version << endl; - ASSERT_EQ(9, version); + ASSERT_LE(8, version); + ASSERT_GE(9, version); testTearDown(); } @@ -2935,9 +3009,9 @@ TEST_F(DISABLED_TestKeybox, CertificateProvision) { s.GenerateDerivedKeys(); struct RSAPrivateKeyMessage encrypted; std::vector signature; - s.MakeRSACertificate(&encrypted, &signature); + s.MakeRSACertificate(&encrypted, &signature, kSign_RSASSA_PSS); vector wrapped_key; - s.RewrapRSAKey(encrypted, signature, &wrapped_key); + s.RewrapRSAKey(encrypted, signature, &wrapped_key, true); vector clear_key(kTestRSAPKCS8PrivateKeyInfo2_2048, kTestRSAPKCS8PrivateKeyInfo2_2048 @@ -2956,7 +3030,7 @@ TEST_F(DISABLED_TestKeybox, CertificateProvisionBadRange1) { s.GenerateDerivedKeys(); struct RSAPrivateKeyMessage encrypted; std::vector signature; - s.MakeRSACertificate(&encrypted, &signature); + s.MakeRSACertificate(&encrypted, &signature, kSign_RSASSA_PSS); vector wrapped_key; size_t wrapped_key_length = 0; @@ -2993,7 +3067,7 @@ TEST_F(DISABLED_TestKeybox, CertificateProvisionBadRange2) { s.GenerateDerivedKeys(); struct RSAPrivateKeyMessage encrypted; std::vector signature; - s.MakeRSACertificate(&encrypted, &signature); + s.MakeRSACertificate(&encrypted, &signature, kSign_RSASSA_PSS); vector wrapped_key; size_t wrapped_key_length = 0; @@ -3032,7 +3106,7 @@ TEST_F(DISABLED_TestKeybox, CertificateProvisionBadRange3) { s.GenerateDerivedKeys(); struct RSAPrivateKeyMessage encrypted; std::vector signature; - s.MakeRSACertificate(&encrypted, &signature); + s.MakeRSACertificate(&encrypted, &signature, kSign_RSASSA_PSS); vector wrapped_key; size_t wrapped_key_length = 0; @@ -3071,7 +3145,7 @@ TEST_F(DISABLED_TestKeybox, CertificateProvisionBadSignature) { s.GenerateDerivedKeys(); struct RSAPrivateKeyMessage encrypted; std::vector signature; - s.MakeRSACertificate(&encrypted, &signature); + s.MakeRSACertificate(&encrypted, &signature, kSign_RSASSA_PSS); vector wrapped_key; size_t wrapped_key_length = 0; @@ -3108,7 +3182,7 @@ TEST_F(DISABLED_TestKeybox, CertificateProvisionBadNonce) { s.GenerateDerivedKeys(); struct RSAPrivateKeyMessage encrypted; std::vector signature; - s.MakeRSACertificate(&encrypted, &signature); + s.MakeRSACertificate(&encrypted, &signature, kSign_RSASSA_PSS); vector wrapped_key; size_t wrapped_key_length = 0; @@ -3145,7 +3219,7 @@ TEST_F(DISABLED_TestKeybox, CertificateProvisionBadRSAKey) { s.GenerateDerivedKeys(); struct RSAPrivateKeyMessage encrypted; std::vector signature; - s.MakeRSACertificate(&encrypted, &signature); + s.MakeRSACertificate(&encrypted, &signature, kSign_RSASSA_PSS); vector wrapped_key; size_t wrapped_key_length = 0; @@ -3179,7 +3253,7 @@ TEST_F(DISABLED_TestKeybox, LoadWrappedRSAKey) { testSetUp(); InstallKeybox(kDefaultKeybox, true); std::vector wrapped_rsa_key; - CreateWrappedRSAKey(&wrapped_rsa_key); + CreateWrappedRSAKey(&wrapped_rsa_key, kSign_RSASSA_PSS, true); Session& s = createSession("ONE"); s.open(); @@ -3195,7 +3269,7 @@ TEST_F(DISABLED_TestKeybox, RSASignature) { testSetUp(); InstallKeybox(kDefaultKeybox, true); std::vector wrapped_rsa_key; - CreateWrappedRSAKey(&wrapped_rsa_key); + CreateWrappedRSAKey(&wrapped_rsa_key, kSign_RSASSA_PSS, true); Session& s = createSession("ONE"); s.open(); @@ -3204,13 +3278,8 @@ TEST_F(DISABLED_TestKeybox, RSASignature) { ASSERT_EQ(OEMCrypto_SUCCESS, sts); // Sign a Message - vector licenseRequest = wvcdm::a2b_hex( - "ba711a51e0c4c995440c28057f7f5e2f2e9c3a1edeb7549aca21e6050b059ac8" - "6ad64ec1a528eef17b4f5ce781af488d50fb0e60d04b48c78d55847a4e14243c" - "0023c553b46a2f53995870f351295e3aa2237f153f1415e817ad23e662e547b1" - "4708b303473813f93ee192353ff22bee54dd0f558bbe4b61b75b387bc310e9d6" - "8ff2cb3482689c0688570809b756dba4c2697be3132a2da782aa877ed64d8c7d" - "506525a382bad14d7e797c256c3617c22fa4165482b9742e9b54ffb6c52eda1d"); + vector licenseRequest(500); + OEMCrypto_GetRandom(&licenseRequest[0], licenseRequest.size()); size_t signature_length = 0; sts = OEMCrypto_GenerateRSASignature(s.session_id(), &licenseRequest[0], @@ -3229,10 +3298,10 @@ TEST_F(DISABLED_TestKeybox, RSASignature) { ASSERT_EQ(OEMCrypto_SUCCESS, sts); // In the real world, the signature above would just have been used to contact // the license server to get this response. - ASSERT_TRUE(s.PreparePublicKey(kTestRSAPublicKey2_2048, - sizeof(kTestRSAPublicKey2_2048))); - ASSERT_TRUE(s.VerifyRSASignature(&licenseRequest[0], licenseRequest.size(), - signature, &signature_length)); + s.PreparePublicKey(); + s.VerifyRSASignature(&licenseRequest[0], licenseRequest.size(), + signature, signature_length, + kSign_RSASSA_PSS); s.close(); testTearDown(); @@ -3244,7 +3313,7 @@ TEST_F(DISABLED_TestKeybox, LoadRSASessionKey) { InstallKeybox(kDefaultKeybox, true); std::vector wrapped_rsa_key; - CreateWrappedRSAKey(&wrapped_rsa_key); + CreateWrappedRSAKey(&wrapped_rsa_key, kSign_RSASSA_PSS, true); Session& s = createSession("ONE"); s.open(); s.InstallRSASessionTestKey(wrapped_rsa_key); @@ -3257,7 +3326,7 @@ TEST_F(DISABLED_TestKeybox, CertificateDecrypt) { testSetUp(); InstallKeybox(kDefaultKeybox, true); std::vector wrapped_rsa_key; - CreateWrappedRSAKey(&wrapped_rsa_key); + CreateWrappedRSAKey(&wrapped_rsa_key, kSign_RSASSA_PSS, true); Session& s = createSession("ONE"); s.open(); @@ -3311,6 +3380,1161 @@ TEST_F(DISABLED_TestKeybox, CertificateDecrypt) { testTearDown(); } +// This test attempts to use alternate algorithms for main device certs. +class DISABLED_AlternateRSAAlgorithms : public DISABLED_TestKeybox { + + protected: + void DisallowForbiddenPadding(RSA_Padding_Scheme scheme, size_t size) { + OEMCryptoResult sts; + Session& s = createSession("ONE"); + s.open(); + sts = OEMCrypto_LoadDeviceRSAKey(s.session_id(), &wrapped_rsa_key_[0], + wrapped_rsa_key_.size()); + ASSERT_EQ(OEMCrypto_SUCCESS, sts); + + // Sign a Message + vector licenseRequest(size); + OEMCrypto_GetRandom(&licenseRequest[0], licenseRequest.size()); + size_t signature_length = 256; + uint8_t* signature = new uint8_t[signature_length]; + memset(signature, 0, signature_length); + sts = OEMCrypto_GenerateRSASignature(s.session_id(), &licenseRequest[0], + licenseRequest.size(), signature, + &signature_length, scheme); + // Allow OEMCrypto to request a full buffer. + if (sts == OEMCrypto_ERROR_SHORT_BUFFER) { + printf("XXX It was a short buffer.\n"); + ASSERT_NE(static_cast(0), signature_length); + delete [] signature; + signature = new uint8_t[signature_length]; + memset(signature, 0, signature_length); + sts = OEMCrypto_GenerateRSASignature(s.session_id(), &licenseRequest[0], + licenseRequest.size(), signature, + &signature_length, scheme); + } + + ASSERT_NE(OEMCrypto_SUCCESS, sts) << "Signed with forbidden padding scheme=" + << scheme << ", size=" << size; + ASSERT_EQ( signature[0], 0); // signature should not be computed. + ASSERT_EQ( memcmp(signature, signature+1, signature_length-1), 0); + s.close(); + delete[] signature; + } + + void TestSignature(RSA_Padding_Scheme scheme, size_t size) { + OEMCryptoResult sts; + Session& s = createSession("ONE"); + s.open(); + sts = OEMCrypto_LoadDeviceRSAKey(s.session_id(), &wrapped_rsa_key_[0], + wrapped_rsa_key_.size()); + ASSERT_EQ(OEMCrypto_SUCCESS, sts); + + vector licenseRequest(size); + OEMCrypto_GetRandom(&licenseRequest[0], licenseRequest.size()); + size_t signature_length = 0; + sts = OEMCrypto_GenerateRSASignature(s.session_id(), &licenseRequest[0], + licenseRequest.size(), NULL, + &signature_length, scheme); + ASSERT_EQ(OEMCrypto_ERROR_SHORT_BUFFER, sts); + ASSERT_NE(static_cast(0), signature_length); + + uint8_t* signature = new uint8_t[signature_length]; + sts = OEMCrypto_GenerateRSASignature(s.session_id(), &licenseRequest[0], + licenseRequest.size(), signature, + &signature_length, scheme); + + ASSERT_EQ(OEMCrypto_SUCCESS, sts) << "Failed to sign with padding scheme=" + << scheme << ", size=" << size; + s.PreparePublicKey(); + s.VerifyRSASignature(&licenseRequest[0], licenseRequest.size(), + signature, signature_length, scheme); + s.close(); + delete[] signature; + } + + void DisallowDeriveKeys() { + OEMCryptoResult sts; + Session& s = createSession("ONE"); + s.open(); + sts = OEMCrypto_LoadDeviceRSAKey(s.session_id(), &wrapped_rsa_key_[0], + wrapped_rsa_key_.size()); + ASSERT_EQ(OEMCrypto_SUCCESS, sts); + s.DisallowDeriveKeys(); + s.close(); + } + + + void LoadWithAllowedSchemes(uint32_t schemes, bool force) { + InstallKeybox(kDefaultKeybox, true); + CreateWrappedRSAKey(&wrapped_rsa_key_, schemes, force); + key_loaded_ = (wrapped_rsa_key_.size() > 0); + } + + std::vector wrapped_rsa_key_; + bool key_loaded_; +}; + +TEST_F(DISABLED_AlternateRSAAlgorithms, DisallowForbiddenPadding) { + testSetUp(); + LoadWithAllowedSchemes(kSign_RSASSA_PSS, true); // Use default padding scheme + DisallowForbiddenPadding(kSign_PKCS1_Block1, 50); + testTearDown(); +} + +TEST_F(DISABLED_AlternateRSAAlgorithms, TestSignaturePKCS1) { + testSetUp(); + LoadWithAllowedSchemes(kSign_PKCS1_Block1, false); + if (key_loaded_) { + cout << "===============================================================\n" + << "== This device does load x509 Certs, I'll test them. ===\n" + << "===============================================================\n"; + DisallowForbiddenPadding(kSign_RSASSA_PSS, 83); + DisallowDeriveKeys(); + TestSignature(kSign_PKCS1_Block1, 83); + TestSignature(kSign_PKCS1_Block1, 50); + DisallowForbiddenPadding(kSign_PKCS1_Block1, 84); // too big. + } else { + cout << "===============================================================\n" + << "== This device does not load x509 Certs! ===\n" + << "===============================================================\n"; + } + testTearDown(); +} + +TEST_F(DISABLED_AlternateRSAAlgorithms, TestSignatureBoth) { + testSetUp(); + LoadWithAllowedSchemes(kSign_RSASSA_PSS | kSign_PKCS1_Block1, false); + if (key_loaded_) { + DisallowDeriveKeys(); + TestSignature(kSign_RSASSA_PSS, 200); + TestSignature(kSign_PKCS1_Block1, 83); + TestSignature(kSign_PKCS1_Block1, 50); + DisallowForbiddenPadding(kSign_PKCS1_Block1, 84); + } + testTearDown(); +} + +// This tests attempts to use alternate algorithms for main device certs. +class DISABLED_AlternateRSAKey : public DISABLED_TestKeybox { + + protected: + + vector encode(uint8_t type, const vector &substring) { + vector result; + result.push_back(type); + if (substring.size() < 0x80) { + uint8_t length = substring.size(); + result.push_back(length); + } else if (substring.size() < 0x100) { + result.push_back(0x81); + uint8_t length = substring.size(); + result.push_back(length); + } else { + result.push_back(0x82); + uint16_t length = substring.size(); + result.push_back(length >> 8); + result.push_back(length & 0xFF); + } + result.insert(result.end(), substring.begin(), substring.end()); + return result; + } + vector concat(const vector &a, const vector &b) { + vector result = a; + result.insert(result.end(), b.begin(), b.end()); + return result; + } + + void BuildRSAKey() { + vector field_n = + encode(0x02, + wvcdm::a2b_hex( + "df271fd25f8644496b0c81be4bd50297" + "ef099b002a6fd67727eb449cea566ed6" + "a3981a71312a141cabc9815c1209e320" + "a25b32464e9999f18ca13a9fd3892558" + "f9e0adefdd3650dd23a3f036d60fe398" + "843706a40b0b8462c8bee3bce12f1f28" + "60c2444cdc6a44476a75ff4aa24273cc" + "be3bf80248465f8ff8c3a7f3367dfc0d" + "f5b6509a4f82811cedd81cdaaa73c491" + "da412170d544d4ba96b97f0afc806549" + "8d3a49fd910992a1f0725be24f465cfe" + "7e0eabf678996c50bc5e7524abf73f15" + "e5bef7d518394e3138ce4944506aaaaf" + "3f9b236dcab8fc00f87af596fdc3d9d6" + "c75cd508362fae2cbeddcc4c7450b17b" + "776c079ecca1f256351a43b97dbe2153")); + vector field_e = + encode(0x02, wvcdm::a2b_hex( "010001")); + vector field_d = + encode(0x02, wvcdm::a2b_hex( + "5bd910257830dce17520b03441a51a8c" + "ab94020ac6ecc252c808f3743c95b7c8" + "3b8c8af1a5014346ebc4242cdfb5d718" + "e30a733e71f291e4d473b61bfba6daca" + "ed0a77bd1f0950ae3c91a8f901118825" + "89e1d62765ee671e7baeea309f64d447" + "bbcfa9ea12dce05e9ea8939bc5fe6108" + "581279c982b308794b3448e7f7b95229" + "2df88c80cb40142c4b5cf5f8ddaa0891" + "678d610e582fcb880f0d707caf47d09a" + "84e14ca65841e5a3abc5e9dba94075a9" + "084341f0edad9b68e3b8e082b80b6e6e" + "8a0547b44fb5061b6a9131603a5537dd" + "abd01d8e863d8922e9aa3e4bfaea0b39" + "d79283ad2cbc8a59cce7a6ecf4e4c81e" + "d4c6591c807defd71ab06866bb5e7745")); + vector field_p = + encode(0x02, wvcdm::a2b_hex( + "f44f5e4246391f482b2f5296e3602eb3" + "4aa136427710f7c0416d403fd69d4b29" + "130cfebef34e885abdb1a8a0a5f0e9b5" + "c33e1fc3bfc285b1ae17e40cc67a1913" + "dd563719815ebaf8514c2a7aa0018e63" + "b6c631dc315a46235716423d11ff5803" + "4e610645703606919f5c7ce2660cd148" + "bd9efc123d9c54b6705590d006cfcf3f")); + vector field_q = + encode(0x02, wvcdm::a2b_hex( + "e9d49841e0e0a6ad0d517857133e36dc" + "72c1bdd90f9174b52e26570f373640f1" + "c185e7ea8e2ed7f1e4ebb951f70a5802" + "3633b0097aec67c6dcb800fc1a67f9bb" + "0563610f08ebc8746ad129772136eb1d" + "daf46436450d318332a84982fe5d28db" + "e5b3e912407c3e0e03100d87d436ee40" + "9eec1cf85e80aba079b2e6106b97bced")); + vector field_exp1 = + encode(0x02, wvcdm::a2b_hex( + "ed102acdb26871534d1c414ecad9a4d7" + "32fe95b10eea370da62f05de2c393b1a" + "633303ea741b6b3269c97f704b352702" + "c9ae79922f7be8d10db67f026a8145de" + "41b30c0a42bf923bac5f7504c248604b" + "9faa57ed6b3246c6ba158e36c644f8b9" + "548fcf4f07e054a56f768674054440bc" + "0dcbbc9b528f64a01706e05b0b91106f")); + vector field_exp2 = + encode(0x02, wvcdm::a2b_hex( + "6827924a85e88b55ba00f8219128bd37" + "24c6b7d1dfe5629ef197925fecaff5ed" + "b9cdf3a7befd8ea2e8dd3707138b3ff8" + "7c3c39c57f439e562e2aa805a39d7cd7" + "9966d2ece7845f1dbc16bee99999e4d0" + "bf9eeca45fcda8a8500035fe6b5f03bc" + "2f6d1bfc4d4d0a3723961af0cdce4a01" + "eec82d7f5458ec19e71b90eeef7dff61")); + vector field_invq = + encode(0x02, wvcdm::a2b_hex( + "57b73888d183a99a6307422277551a3d" + "9e18adf06a91e8b55ceffef9077c8496" + "948ecb3b16b78155cb2a3a57c119d379" + "951c010aa635edcf62d84c5a122a8d67" + "ab5fa9e5a4a8772a1e943bafc70ae3a4" + "c1f0f3a4ddffaefd1892c8cb33bb0d0b" + "9590e963a69110fb34db7b906fc4ba28" + "36995aac7e527490ac952a02268a4f18")); + + // Header of rsa key is constant. + encoded_key_ = + wvcdm::a2b_hex( + // 0x02 0x01 0x00 == integer, size 1 byte, value = 0 (field=version) + "020100" + // 0x30, sequence, size = d = 13 (field=pkeyalg) AlgorithmIdentifier + "300d" + // 0x06 = object identifier. length = 9 + // (this should be 1.2.840.113549.1.1.1) (field=algorithm) + "0609" + "2a" // 1*0x40 + 2 = 42 = 0x2a. + "8648" // 840 = 0x348, 0x03 *2 + 0x80 + (0x48>>15) = 0x86. + // 0x48 -> 0x48 + "86f70d" // 113549 = 0x1668d -> (110 , 1110111, 0001101) + // -> (0x80+0x06, 0x80+0x77, 0x0d) + "01" // 1 + "01" // 1 + "01" // 1 + "05" // null object. (field=parameter?) + "00" // size of null object + ); + + vector pkey = wvcdm::a2b_hex("020100"); // integer, version = 0. + pkey = concat(pkey, field_n); + pkey = concat(pkey, field_e); + pkey = concat(pkey, field_d); + pkey = concat(pkey, field_p); + pkey = concat(pkey, field_q); + pkey = concat(pkey, field_exp1); + pkey = concat(pkey, field_exp2); + pkey = concat(pkey, field_invq); + pkey = encode(0x30, pkey); + pkey = encode(0x04, pkey); + + encoded_key_ = concat(encoded_key_, pkey); + encoded_key_ = encode(0x30, encoded_key_); // 0x30=sequence + } + + void DisallowForbiddenPadding(RSA_Padding_Scheme scheme, size_t size) { + OEMCryptoResult sts; + Session& s = createSession("ONE"); + s.open(); + sts = OEMCrypto_LoadDeviceRSAKey(s.session_id(), &wrapped_rsa_key_[0], + wrapped_rsa_key_.size()); + ASSERT_EQ(OEMCrypto_SUCCESS, sts); + + // Sign a Message + vector licenseRequest(size); + OEMCrypto_GetRandom(&licenseRequest[0], licenseRequest.size()); + size_t signature_length = 256; + uint8_t* signature = new uint8_t[signature_length]; + memset(signature, 0, signature_length); + sts = OEMCrypto_GenerateRSASignature(s.session_id(), &licenseRequest[0], + licenseRequest.size(), signature, + &signature_length, scheme); + // Allow OEMCrypto to request a full buffer. + if (sts == OEMCrypto_ERROR_SHORT_BUFFER) { + printf("XXX It was a short buffer.\n"); + ASSERT_NE(static_cast(0), signature_length); + delete [] signature; + signature = new uint8_t[signature_length]; + memset(signature, 0, signature_length); + sts = OEMCrypto_GenerateRSASignature(s.session_id(), &licenseRequest[0], + licenseRequest.size(), signature, + &signature_length, scheme); + } + + ASSERT_NE(OEMCrypto_SUCCESS, sts) << "Signed with forbidden padding scheme=" + << scheme << ", size=" << size; + ASSERT_EQ( signature[0], 0); // signature should not be computed. + ASSERT_EQ( memcmp(signature, signature+1, signature_length-1), 0); + s.close(); + delete[] signature; + } + + // This is used to test a signature from the file pkcs1v15sign-vectors.txt. + void TestSignature(RSA_Padding_Scheme scheme, + const vector &message, + const vector &correct_signature ) { + OEMCryptoResult sts; + Session& s = createSession("ONE"); + s.open(); + sts = OEMCrypto_LoadDeviceRSAKey(s.session_id(), &wrapped_rsa_key_[0], + wrapped_rsa_key_.size()); + ASSERT_EQ(OEMCrypto_SUCCESS, sts); + + // The application will compute the SHA-1 Hash of the message, so this + // test must do that also. + uint8_t hash[SHA_DIGEST_LENGTH]; + if (!SHA1(&message[0], message.size(), hash)) { + printf("error creating signature hash.]"); + dump_openssl_error(); + ASSERT_TRUE(false); + } + + // The application will prepend the digest info to the hash. + // SHA-1 digest info prefix = 0x30 0x21 0x30 ... + vector digest = wvcdm::a2b_hex("3021300906052b0e03021a05000414"); + digest.insert(digest.end(), hash, hash+SHA_DIGEST_LENGTH); + + // OEMCrypto will apply the padding, and encrypt to generate the signature. + size_t signature_length = 0; + sts = OEMCrypto_GenerateRSASignature(s.session_id(), &digest[0], + digest.size(), NULL, + &signature_length, scheme); + ASSERT_EQ(OEMCrypto_ERROR_SHORT_BUFFER, sts); + ASSERT_NE(static_cast(0), signature_length); + + uint8_t* signature = new uint8_t[signature_length]; + sts = OEMCrypto_GenerateRSASignature(s.session_id(), &digest[0], + digest.size(), signature, + &signature_length, scheme); + + ASSERT_EQ(OEMCrypto_SUCCESS, sts) << "Failed to sign with padding scheme=" + << scheme << ", size=" << message.size(); + s.PreparePublicKey(&encoded_key_[0], encoded_key_.size()); + + // Verify that the signature matches the official test vector. + ASSERT_EQ(correct_signature.size(), signature_length); + ASSERT_EQ(0, memcmp(&correct_signature[0], signature, signature_length)); + + // Also verify that our verification algorithm agrees. This is not needed + // to test OEMCrypto, but it does verify that this test is valid. + s.VerifyRSASignature(&digest[0], digest.size(), + signature, signature_length, scheme); + s.VerifyRSASignature(&digest[0], digest.size(), + &correct_signature[0], + correct_signature.size(), scheme); + s.close(); + delete[] signature; + } + + void LoadWithAllowedSchemes(uint32_t schemes, bool force) { + BuildRSAKey(); + InstallKeybox(kDefaultKeybox, true); + CreateWrappedRSAKey(&wrapped_rsa_key_, schemes, force, + &encoded_key_[0], encoded_key_.size()); + key_loaded_ = (wrapped_rsa_key_.size() > 0); + } + + std::vector encoded_key_; + std::vector wrapped_rsa_key_; + bool key_loaded_; +}; + +// # PKCS#1 v1.5 Signature Example 15.1 +TEST_F(DISABLED_AlternateRSAKey, TestSignaturePKCS1_15_1) { + testSetUp(); + LoadWithAllowedSchemes(kSign_PKCS1_Block1, false); + if (key_loaded_) { + vector message = wvcdm::a2b_hex( + "f45d55f35551e975d6a8dc7ea9f48859" + "3940cc75694a278f27e578a163d839b3" + "4040841808cf9c58c9b8728bf5f9ce8e" + "e811ea91714f47bab92d0f6d5a26fcfe" + "ea6cd93b910c0a2c963e64eb1823f102" + "753d41f0335910ad3a977104f1aaf6c3" + "742716a9755d11b8eed690477f445c5d" + "27208b2e284330fa3d301423fa7f2d08" + "6e0ad0b892b9db544e456d3f0dab85d9" + "53c12d340aa873eda727c8a649db7fa6" + "3740e25e9af1533b307e61329993110e" + "95194e039399c3824d24c51f22b26bde" + "1024cd395958a2dfeb4816a6e8adedb5" + "0b1f6b56d0b3060ff0f1c4cb0d0e001d" + "d59d73be12"); + vector signature = wvcdm::a2b_hex( + "b75a5466b65d0f300ef53833f2175c8a" + "347a3804fc63451dc902f0b71f908345" + "9ed37a5179a3b723a53f1051642d7737" + "4c4c6c8dbb1ca20525f5c9f32db77695" + "3556da31290e22197482ceb69906c46a" + "758fb0e7409ba801077d2a0a20eae7d1" + "d6d392ab4957e86b76f0652d68b83988" + "a78f26e11172ea609bf849fbbd78ad7e" + "dce21de662a081368c040607cee29db0" + "627227f44963ad171d2293b633a392e3" + "31dca54fe3082752f43f63c161b447a4" + "c65a6875670d5f6600fcc860a1caeb0a" + "88f8fdec4e564398a5c46c87f68ce070" + "01f6213abe0ab5625f87d19025f08d81" + "dac7bd4586bc9382191f6d2880f6227e" + "5df3eed21e7792d249480487f3655261"); + TestSignature(kSign_PKCS1_Block1, message, signature); + } + testTearDown(); +} +// # PKCS#1 v1.5 Signature Example 15.2 +TEST_F(DISABLED_AlternateRSAKey, TestSignaturePKCS1_15_2) { + testSetUp(); + LoadWithAllowedSchemes(kSign_PKCS1_Block1, false); + if (key_loaded_) { + vector message = wvcdm::a2b_hex( + "c14b4c6075b2f9aad661def4ecfd3cb9" + "33c623f4e63bf53410d2f016d1ab98e2" + "729eccf8006cd8e08050737d95fdbf29" + "6b66f5b9792a902936c4f7ac69f51453" + "ce4369452dc22d96f037748114662000" + "dd9cd3a5e179f4e0f81fa6a0311ca1ae" + "e6519a0f63cec78d27bb726393fb7f1f" + "88cde7c97f8a66cd66301281dac3f3a4" + "33248c75d6c2dcd708b6a97b0a3f325e" + "0b2964f8a5819e479b"); + vector signature = wvcdm::a2b_hex( + "afa7343462bea122cc149fca70abdae7" + "9446677db5373666af7dc313015f4de7" + "86e6e394946fad3cc0e2b02bedba5047" + "fe9e2d7d099705e4a39f28683279cf0a" + "c85c1530412242c0e918953be000e939" + "cf3bf182525e199370fa7907eba69d5d" + "b4631017c0e36df70379b5db8d4c695a" + "979a8e6173224065d7dc15132ef28cd8" + "22795163063b54c651141be86d36e367" + "35bc61f31fca574e5309f3a3bbdf91ef" + "f12b99e9cc1744f1ee9a1bd22c5bad96" + "ad481929251f0343fd36bcf0acde7f11" + "e5ad60977721202796fe061f9ada1fc4" + "c8e00d6022a8357585ffe9fdd59331a2" + "8c4aa3121588fb6cf68396d8ac054659" + "9500c9708500a5972bd54f72cf8db0c8"); + TestSignature(kSign_PKCS1_Block1, message, signature); + } + testTearDown(); +} + +// # PKCS#1 v1.5 Signature Example 15.3 +TEST_F(DISABLED_AlternateRSAKey, TestSignaturePKCS1_15_3) { + testSetUp(); + LoadWithAllowedSchemes(kSign_PKCS1_Block1, false); + if (key_loaded_) { + vector message = wvcdm::a2b_hex( + "d02371ad7ee48bbfdb2763de7a843b94" + "08ce5eb5abf847ca3d735986df84e906" + "0bdbcdd3a55ba55dde20d4761e1a21d2" + "25c1a186f4ac4b3019d3adf78fe63346" + "67f56f70c901a0a2700c6f0d56add719" + "592dc88f6d2306c7009f6e7a635b4cb3" + "a502dfe68ddc58d03be10a1170004fe7" + "4dd3e46b82591ff75414f0c4a03e605e" + "20524f2416f12eca589f111b75d639c6" + "1baa80cafd05cf3500244a219ed9ced9" + "f0b10297182b653b526f400f2953ba21" + "4d5bcd47884132872ae90d4d6b1f4215" + "39f9f34662a56dc0e7b4b923b6231e30" + "d2676797817f7c337b5ac824ba93143b" + "3381fa3dce0e6aebd38e67735187b1eb" + "d95c02"); + vector signature = wvcdm::a2b_hex( + "3bac63f86e3b70271203106b9c79aabd" + "9f477c56e4ee58a4fce5baf2cab4960f" + "88391c9c23698be75c99aedf9e1abf17" + "05be1dac33140adb48eb31f450bb9efe" + "83b7b90db7f1576d33f40c1cba4b8d6b" + "1d3323564b0f1774114fa7c08e6d1e20" + "dd8fbba9b6ac7ad41e26b4568f4a8aac" + "bfd178a8f8d2c9d5f5b88112935a8bc9" + "ae32cda40b8d20375510735096536818" + "ce2b2db71a9772c9b0dda09ae10152fa" + "11466218d091b53d92543061b7294a55" + "be82ff35d5c32fa233f05aaac7585030" + "7ecf81383c111674397b1a1b9d3bf761" + "2ccbe5bacd2b38f0a98397b24c83658f" + "b6c0b4140ef11970c4630d44344e76ea" + "ed74dcbee811dbf6575941f08a6523b8"); + TestSignature(kSign_PKCS1_Block1, message, signature); + } + testTearDown(); +}; + +// # PKCS#1 v1.5 Signature Example 15.4 +TEST_F(DISABLED_AlternateRSAKey, TestSignaturePKCS1_15_4) { + testSetUp(); + LoadWithAllowedSchemes(kSign_PKCS1_Block1, false); + if (key_loaded_) { + vector message = wvcdm::a2b_hex( + "29035584ab7e0226a9ec4b02e8dcf127" + "2dc9a41d73e2820007b0f6e21feccd5b" + "d9dbb9ef88cd6758769ee1f956da7ad1" + "8441de6fab8386dbc693"); + vector signature = wvcdm::a2b_hex( + "28d8e3fcd5dddb21ffbd8df1630d7377" + "aa2651e14cad1c0e43ccc52f907f946d" + "66de7254e27a6c190eb022ee89ecf622" + "4b097b71068cd60728a1aed64b80e545" + "7bd3106dd91706c937c9795f2b36367f" + "f153dc2519a8db9bdf2c807430c451de" + "17bbcd0ce782b3e8f1024d90624dea7f" + "1eedc7420b7e7caa6577cef43141a726" + "4206580e44a167df5e41eea0e69a8054" + "54c40eefc13f48e423d7a32d02ed42c0" + "ab03d0a7cf70c5860ac92e03ee005b60" + "ff3503424b98cc894568c7c56a023355" + "1cebe588cf8b0167b7df13adcad82867" + "6810499c704da7ae23414d69e3c0d2db" + "5dcbc2613bc120421f9e3653c5a87672" + "97643c7e0740de016355453d6c95ae72"); + TestSignature(kSign_PKCS1_Block1, message, signature); + } + testTearDown(); +} + +// # PKCS#1 v1.5 Signature Example 15.5 +TEST_F(DISABLED_AlternateRSAKey, TestSignaturePKCS1_15_5) { + testSetUp(); + LoadWithAllowedSchemes(kSign_PKCS1_Block1, false); + if (key_loaded_) { + vector message = wvcdm::a2b_hex( + "bda3a1c79059eae598308d3df609"); + vector signature = wvcdm::a2b_hex( + "a156176cb96777c7fb96105dbd913bc4" + "f74054f6807c6008a1a956ea92c1f81c" + "b897dc4b92ef9f4e40668dc7c556901a" + "cb6cf269fe615b0fb72b30a513386923" + "14b0e5878a88c2c7774bd16939b5abd8" + "2b4429d67bd7ac8e5ea7fe924e20a6ec" + "662291f2548d734f6634868b039aa5f9" + "d4d906b2d0cb8585bf428547afc91c6e" + "2052ddcd001c3ef8c8eefc3b6b2a82b6" + "f9c88c56f2e2c3cb0be4b80da95eba37" + "1d8b5f60f92538743ddbb5da2972c71f" + "e7b9f1b790268a0e770fc5eb4d5dd852" + "47d48ae2ec3f26255a3985520206a1f2" + "68e483e9dbb1d5cab190917606de31e7" + "c5182d8f151bf41dfeccaed7cde690b2" + "1647106b490c729d54a8fe2802a6d126"); + TestSignature(kSign_PKCS1_Block1, message, signature); + } + testTearDown(); +} + +// # PKCS#1 v1.5 Signature Example 15.6 +TEST_F(DISABLED_AlternateRSAKey, TestSignaturePKCS1_15_6) { + testSetUp(); + LoadWithAllowedSchemes(kSign_PKCS1_Block1, false); + if (key_loaded_) { + vector message = wvcdm::a2b_hex( + "c187915e4e87da81c08ed4356a0cceac" + "1c4fb5c046b45281b387ec28f1abfd56" + "7e546b236b37d01ae71d3b2834365d3d" + "f380b75061b736b0130b070be58ae8a4" + "6d12166361b613dbc47dfaeb4ca74645" + "6c2e888385525cca9dd1c3c7a9ada76d" + "6c"); + vector signature = wvcdm::a2b_hex( + "9cab74163608669f7555a333cf196fe3" + "a0e9e5eb1a32d34bb5c85ff689aaab0e" + "3e65668ed3b1153f94eb3d8be379b8ee" + "f007c4a02c7071ce30d8bb341e58c620" + "f73d37b4ecbf48be294f6c9e0ecb5e63" + "fec41f120e5553dfa0ebebbb72640a95" + "37badcb451330229d9f710f62e3ed8ec" + "784e50ee1d9262b42671340011d7d098" + "c6f2557b2131fa9bd0254636597e88ec" + "b35a240ef0fd85957124df8080fee1e1" + "49af939989e86b26c85a5881fae8673d" + "9fd40800dd134eb9bdb6410f420b0aa9" + "7b20efcf2eb0c807faeb83a3ccd9b51d" + "4553e41dfc0df6ca80a1e81dc234bb83" + "89dd195a38b42de4edc49d346478b9f1" + "1f0557205f5b0bd7ffe9c850f396d7c4"); + TestSignature(kSign_PKCS1_Block1, message, signature); + } + testTearDown(); +} + +// # PKCS#1 v1.5 Signature Example 15.7 +TEST_F(DISABLED_AlternateRSAKey, TestSignaturePKCS1_15_7) { + testSetUp(); + LoadWithAllowedSchemes(kSign_PKCS1_Block1, false); + if (key_loaded_) { + vector message = wvcdm::a2b_hex( + "abfa2ecb7d29bd5bcb9931ce2bad2f74" + "383e95683cee11022f08e8e7d0b8fa05" + "8bf9eb7eb5f98868b5bb1fb5c31ceda3" + "a64f1a12cdf20fcd0e5a246d7a1773d8" + "dba0e3b277545babe58f2b96e3f4edc1" + "8eabf5cd2a560fca75fe96e07d859def" + "b2564f3a34f16f11e91b3a717b41af53" + "f6605323001aa406c6"); + vector signature = wvcdm::a2b_hex( + "c4b437bcf703f352e1faf74eb9622039" + "426b5672caf2a7b381c6c4f0191e7e4a" + "98f0eebcd6f41784c2537ff0f99e7498" + "2c87201bfbc65eae832db71d16dacadb" + "0977e5c504679e40be0f9db06ffd848d" + "d2e5c38a7ec021e7f68c47dfd38cc354" + "493d5339b4595a5bf31e3f8f13816807" + "373df6ad0dc7e731e51ad19eb4754b13" + "4485842fe709d378444d8e36b1724a4f" + "da21cafee653ab80747f7952ee804dea" + "b1039d84139945bbf4be82008753f3c5" + "4c7821a1d241f42179c794ef7042bbf9" + "955656222e45c34369a384697b6ae742" + "e18fa5ca7abad27d9fe71052e3310d0f" + "52c8d12ea33bf053a300f4afc4f098df" + "4e6d886779d64594d369158fdbc1f694"); + TestSignature(kSign_PKCS1_Block1, message, signature); + } + testTearDown(); +} + +// # PKCS#1 v1.5 Signature Example 15.8 +TEST_F(DISABLED_AlternateRSAKey, TestSignaturePKCS1_15_8) { + testSetUp(); + LoadWithAllowedSchemes(kSign_PKCS1_Block1, false); + if (key_loaded_) { + vector message = wvcdm::a2b_hex( + "df4044a89a83e9fcbf1262540ae3038b" + "bc90f2b2628bf2a4467ac67722d8546b" + "3a71cb0ea41669d5b4d61859c1b4e47c" + "ecc5933f757ec86db0644e311812d00f" + "b802f03400639c0e364dae5aebc5791b" + "c655762361bc43c53d3c7886768f7968" + "c1c544c6f79f7be820c7e2bd2f9d73e6" + "2ded6d2e937e6a6daef90ee37a1a52a5" + "4f00e31addd64894cf4c02e16099e29f" + "9eb7f1a7bb7f84c47a2b594813be02a1" + "7b7fc43b34c22c91925264126c89f86b" + "b4d87f3ef131296c53a308e0331dac8b" + "af3b63422266ecef2b90781535dbda41" + "cbd0cf22a8cbfb532ec68fc6afb2ac06"); + vector signature = wvcdm::a2b_hex( + "1414b38567ae6d973ede4a06842dcc0e" + "0559b19e65a4889bdbabd0fd02806829" + "13bacd5dc2f01b30bb19eb810b7d9ded" + "32b284f147bbe771c930c6052aa73413" + "90a849f81da9cd11e5eccf246dbae95f" + "a95828e9ae0ca3550325326deef9f495" + "30ba441bed4ac29c029c9a2736b1a419" + "0b85084ad150426b46d7f85bd702f48d" + "ac5f71330bc423a766c65cc1dcab20d3" + "d3bba72b63b3ef8244d42f157cb7e3a8" + "ba5c05272c64cc1ad21a13493c3911f6" + "0b4e9f4ecc9900eb056ee59d6fe4b8ff" + "6e8048ccc0f38f2836fd3dfe91bf4a38" + "6e1ecc2c32839f0ca4d1b27a568fa940" + "dd64ad16bd0125d0348e383085f08894" + "861ca18987227d37b42b584a8357cb04"); + TestSignature(kSign_PKCS1_Block1, message, signature); + } + testTearDown(); +} + +// # PKCS#1 v1.5 Signature Example 15.9 +TEST_F(DISABLED_AlternateRSAKey, TestSignaturePKCS1_15_9) { + testSetUp(); + LoadWithAllowedSchemes(kSign_PKCS1_Block1, false); + if (key_loaded_) { + vector message = wvcdm::a2b_hex( + "ea941ff06f86c226927fcf0e3b11b087" + "2676170c1bfc33bda8e265c77771f9d0" + "850164a5eecbcc5ce827fbfa07c85214" + "796d8127e8caa81894ea61ceb1449e72" + "fea0a4c943b2da6d9b105fe053b9039a" + "9cc53d420b7539fab2239c6b51d17e69" + "4c957d4b0f0984461879a0759c4401be" + "ecd4c606a0afbd7a076f50a2dfc2807f" + "24f1919baa7746d3a64e268ed3f5f8e6" + "da83a2a5c9152f837cb07812bd5ba7d3" + "a07985de88113c1796e9b466ec299c5a" + "c1059e27f09415"); + vector signature = wvcdm::a2b_hex( + "ceeb84ccb4e9099265650721eea0e8ec" + "89ca25bd354d4f64564967be9d4b08b3" + "f1c018539c9d371cf8961f2291fbe0dc" + "2f2f95fea47b639f1e12f4bc381cef0c" + "2b7a7b95c3adf27605b7f63998c3cbad" + "542808c3822e064d4ad14093679e6e01" + "418a6d5c059684cd56e34ed65ab605b8" + "de4fcfa640474a54a8251bbb7326a42d" + "08585cfcfc956769b15b6d7fdf7da84f" + "81976eaa41d692380ff10eaecfe0a579" + "682909b5521fade854d797b8a0345b9a" + "864e0588f6caddbf65f177998e180d1f" + "102443e6dca53a94823caa9c3b35f322" + "583c703af67476159ec7ec93d1769b30" + "0af0e7157dc298c6cd2dee2262f8cddc" + "10f11e01741471bbfd6518a175734575"); + TestSignature(kSign_PKCS1_Block1, message, signature); + } + testTearDown(); +} + +// # PKCS#1 v1.5 Signature Example 15.10 +TEST_F(DISABLED_AlternateRSAKey, TestSignaturePKCS1_15_10) { + testSetUp(); + LoadWithAllowedSchemes(kSign_PKCS1_Block1, false); + if (key_loaded_) { + vector message = wvcdm::a2b_hex( + "d8b81645c13cd7ecf5d00ed2c91b9acd" + "46c15568e5303c4a9775ede76b48403d" + "6be56c05b6b1cf77c6e75de096c5cb35" + "51cb6fa964f3c879cf589d28e1da2f9d" + "ec"); + vector signature = wvcdm::a2b_hex( + "2745074ca97175d992e2b44791c323c5" + "7167165cdd8da579cdef4686b9bb404b" + "d36a56504eb1fd770f60bfa188a7b24b" + "0c91e881c24e35b04dc4dd4ce38566bc" + "c9ce54f49a175fc9d0b22522d9579047" + "f9ed42eca83f764a10163997947e7d2b" + "52ff08980e7e7c2257937b23f3d279d4" + "cd17d6f495546373d983d536efd7d1b6" + "7181ca2cb50ac616c5c7abfbb9260b91" + "b1a38e47242001ff452f8de10ca6eaea" + "dcaf9edc28956f28a711291fc9a80878" + "b8ba4cfe25b8281cb80bc9cd6d2bd182" + "5246eebe252d9957ef93707352084e6d" + "36d423551bf266a85340fb4a6af37088" + "0aab07153d01f48d086df0bfbec05e7b" + "443b97e71718970e2f4bf62023e95b67"); + TestSignature(kSign_PKCS1_Block1, message, signature); + } + testTearDown(); +} + +// # PKCS#1 v1.5 Signature Example 15.11 +TEST_F(DISABLED_AlternateRSAKey, TestSignaturePKCS1_15_11) { + testSetUp(); + LoadWithAllowedSchemes(kSign_PKCS1_Block1, false); + if (key_loaded_) { + vector message = wvcdm::a2b_hex( + "e5739b6c14c92d510d95b826933337ff" + "0d24ef721ac4ef64c2bad264be8b44ef" + "a1516e08a27eb6b611d3301df0062dae" + "fc73a8c0d92e2c521facbc7b26473876" + "7ea6fc97d588a0baf6ce50adf79e600b" + "d29e345fcb1dba71ac5c0289023fe4a8" + "2b46a5407719197d2e958e3531fd54ae" + "f903aabb4355f88318994ed3c3dd62f4" + "20a7"); + vector signature = wvcdm::a2b_hex( + "be40a5fb94f113e1b3eff6b6a33986f2" + "02e363f07483b792e68dfa5554df0466" + "cc32150950783b4d968b639a04fd2fb9" + "7f6eb967021f5adccb9fca95acc8f2cd" + "885a380b0a4e82bc760764dbab88c1e6" + "c0255caa94f232199d6f597cc9145b00" + "e3d4ba346b559a8833ad1516ad5163f0" + "16af6a59831c82ea13c8224d84d0765a" + "9d12384da460a8531b4c407e04f4f350" + "709eb9f08f5b220ffb45abf6b75d1579" + "fd3f1eb55fc75b00af8ba3b087827fe9" + "ae9fb4f6c5fa63031fe582852fe2834f" + "9c89bff53e2552216bc7c1d4a3d5dc2b" + "a6955cd9b17d1363e7fee8ed7629753f" + "f3125edd48521ae3b9b03217f4496d0d" + "8ede57acbc5bd4deae74a56f86671de2"); + TestSignature(kSign_PKCS1_Block1, message, signature); + } + testTearDown(); +} + +// # PKCS#1 v1.5 Signature Example 15.12 +TEST_F(DISABLED_AlternateRSAKey, TestSignaturePKCS1_15_12) { + testSetUp(); + LoadWithAllowedSchemes(kSign_PKCS1_Block1, false); + if (key_loaded_) { + vector message = wvcdm::a2b_hex( + "7af42835917a88d6b3c6716ba2f5b0d5" + "b20bd4e2e6e574e06af1eef7c81131be" + "22bf8128b9cbc6ec00275ba80294a5d1" + "172d0824a79e8fdd830183e4c00b9678" + "2867b1227fea249aad32ffc5fe007bc5" + "1f21792f728deda8b5708aa99cabab20" + "a4aa783ed86f0f27b5d563f42e07158c" + "ea72d097aa6887ec411dd012912a5e03" + "2bbfa678507144bcc95f39b58be7bfd1" + "759adb9a91fa1d6d8226a8343a8b849d" + "ae76f7b98224d59e28f781f13ece605f" + "84f6c90bae5f8cf378816f4020a7dda1" + "bed90c92a23634d203fac3fcd86d68d3" + "182a7d9ccabe7b0795f5c655e9acc4e3" + "ec185140d10cef053464ab175c83bd83" + "935e3dabaf3462eebe63d15f573d269a"); + vector signature = wvcdm::a2b_hex( + "4e78c5902b807914d12fa537ae6871c8" + "6db8021e55d1adb8eb0ccf1b8f36ab7d" + "ad1f682e947a627072f03e627371781d" + "33221d174abe460dbd88560c22f69011" + "6e2fbbe6e964363a3e5283bb5d946ef1" + "c0047eba038c756c40be7923055809b0" + "e9f34a03a58815ebdde767931f018f6f" + "1878f2ef4f47dd374051dd48685ded6e" + "fb3ea8021f44be1d7d149398f98ea9c0" + "8d62888ebb56192d17747b6b8e170954" + "31f125a8a8e9962aa31c285264e08fb2" + "1aac336ce6c38aa375e42bc92ab0ab91" + "038431e1f92c39d2af5ded7e43bc151e" + "6ebea4c3e2583af3437e82c43c5e3b5b" + "07cf0359683d2298e35948ed806c063c" + "606ea178150b1efc15856934c7255cfe"); + TestSignature(kSign_PKCS1_Block1, message, signature); + } + testTearDown(); +} + +// # PKCS#1 v1.5 Signature Example 15.13 +TEST_F(DISABLED_AlternateRSAKey, TestSignaturePKCS1_15_13) { + testSetUp(); + LoadWithAllowedSchemes(kSign_PKCS1_Block1, false); + if (key_loaded_) { + vector message = wvcdm::a2b_hex( + "ebaef3f9f23bdfe5fa6b8af4c208c189" + "f2251bf32f5f137b9de4406378686b3f" + "0721f62d24cb8688d6fc41a27cbae21d" + "30e429feacc7111941c277"); + vector signature = wvcdm::a2b_hex( + "c48dbef507114f03c95fafbeb4df1bfa" + "88e0184a33cc4f8a9a1035ff7f822a5e" + "38cda18723915ff078244429e0f6081c" + "14fd83331fa65c6ba7bb9a12dbf66223" + "74cd0ca57de3774e2bd7ae823677d061" + "d53ae9c4040d2da7ef7014f3bbdc95a3" + "61a43855c8ce9b97ecabce174d926285" + "142b534a3087f9f4ef74511ec742b0d5" + "685603faf403b5072b985df46adf2d25" + "29a02d40711e2190917052371b79b749" + "b83abf0ae29486c3f2f62477b2bd362b" + "039c013c0c5076ef520dbb405f42cee9" + "5425c373a975e1cdd032c49622c85079" + "b09e88dab2b13969ef7a723973781040" + "459f57d5013638483de2d91cb3c490da" + "81c46de6cd76ea8a0c8f6fe331712d24"); + TestSignature(kSign_PKCS1_Block1, message, signature); + } + testTearDown(); +} + +// # PKCS#1 v1.5 Signature Example 15.14 +TEST_F(DISABLED_AlternateRSAKey, TestSignaturePKCS1_15_14) { + testSetUp(); + LoadWithAllowedSchemes(kSign_PKCS1_Block1, false); + if (key_loaded_) { + vector message = wvcdm::a2b_hex( + "c5a2711278761dfcdd4f0c99e6f5619d" + "6c48b5d4c1a80982faa6b4cf1cf7a60f" + "f327abef93c801429efde08640858146" + "1056acc33f3d04f5ada21216cacd5fd1" + "f9ed83203e0e2fe6138e3eae8424e591" + "5a083f3f7ab76052c8be55ae882d6ec1" + "482b1e45c5dae9f41015405327022ec3" + "2f0ea2429763b255043b1958ee3cf6d6" + "3983596eb385844f8528cc9a9865835d" + "c5113c02b80d0fca68aa25e72bcaaeb3" + "cf9d79d84f984fd417"); + vector signature = wvcdm::a2b_hex( + "6bd5257aa06611fb4660087cb4bc4a9e" + "449159d31652bd980844daf3b1c7b353" + "f8e56142f7ea9857433b18573b4deede" + "818a93b0290297783f1a2f23cbc72797" + "a672537f01f62484cd4162c3214b9ac6" + "28224c5de01f32bb9b76b27354f2b151" + "d0e8c4213e4615ad0bc71f515e300d6a" + "64c6743411fffde8e5ff190e54923043" + "126ecfc4c4539022668fb675f25c07e2" + "0099ee315b98d6afec4b1a9a93dc3349" + "6a15bd6fde1663a7d49b9f1e639d3866" + "4b37a010b1f35e658682d9cd63e57de0" + "f15e8bdd096558f07ec0caa218a8c06f" + "4788453940287c9d34b6d40a3f09bf77" + "99fe98ae4eb49f3ff41c5040a50cefc9" + "bdf2394b749cf164480df1ab6880273b"); + TestSignature(kSign_PKCS1_Block1, message, signature); + } + testTearDown(); +} + +// # PKCS#1 v1.5 Signature Example 15.15 +TEST_F(DISABLED_AlternateRSAKey, TestSignaturePKCS1_15_15) { + testSetUp(); + LoadWithAllowedSchemes(kSign_PKCS1_Block1, false); + if (key_loaded_) { + vector message = wvcdm::a2b_hex( + "9bf8aa253b872ea77a7e23476be26b23" + "29578cf6ac9ea2805b357f6fc3ad130d" + "baeb3d869a13cce7a808bbbbc969857e" + "03945c7bb61df1b5c2589b8e046c2a5d" + "7e4057b1a74f24c711216364288529ec" + "9570f25197213be1f5c2e596f8bf8b2c" + "f3cb38aa56ffe5e31df7395820e94ecf" + "3b1189a965dcf9a9cb4298d3c88b2923" + "c19fc6bc34aacecad4e0931a7c4e5d73" + "dc86dfa798a8476d82463eefaa90a8a9" + "192ab08b23088dd58e1280f7d72e4548" + "396baac112252dd5c5346adb2004a2f7" + "101ccc899cc7fafae8bbe295738896a5" + "b2012285014ef6"); + vector signature = wvcdm::a2b_hex( + "27f7f4da9bd610106ef57d32383a448a" + "8a6245c83dc1309c6d770d357ba89e73" + "f2ad0832062eb0fe0ac915575bcd6b8b" + "cadb4e2ba6fa9da73a59175152b2d4fe" + "72b070c9b7379e50000e55e6c269f665" + "8c937972797d3add69f130e34b85bdec" + "9f3a9b392202d6f3e430d09caca82277" + "59ab825f7012d2ff4b5b62c8504dbad8" + "55c05edd5cab5a4cccdc67f01dd6517c" + "7d41c43e2a4957aff19db6f18b17859a" + "f0bc84ab67146ec1a4a60a17d7e05f8b" + "4f9ced6ad10908d8d78f7fc88b76adc8" + "290f87daf2a7be10ae408521395d54ed" + "2556fb7661854a730ce3d82c71a8d493" + "ec49a378ac8a3c74439f7cc555ba13f8" + "59070890ee18ff658fa4d741969d70a5"); + TestSignature(kSign_PKCS1_Block1, message, signature); + } + testTearDown(); +} + +// # PKCS#1 v1.5 Signature Example 15.16 +TEST_F(DISABLED_AlternateRSAKey, TestSignaturePKCS1_15_16) { + testSetUp(); + LoadWithAllowedSchemes(kSign_PKCS1_Block1, false); + if (key_loaded_) { + vector message = wvcdm::a2b_hex( + "32474830e2203754c8bf0681dc4f842a" + "fe360930378616c108e833656e5640c8" + "6856885bb05d1eb9438efede679263de" + "07cb39553f6a25e006b0a52311a063ca" + "088266d2564ff6490c46b5609818548f" + "88764dad34a25e3a85d575023f0b9e66" + "5048a03c350579a9d32446c7bb96cc92" + "e065ab94d3c8952e8df68ef0d9fa456b" + "3a06bb80e3bbc4b28e6a94b6d0ff7696" + "a64efe05e735fea025d7bdbc4139f3a3" + "b546075cba7efa947374d3f0ac80a68d" + "765f5df6210bca069a2d88647af7ea04" + "2dac690cb57378ec0777614fb8b65ff4" + "53ca6b7dce6098451a2f8c0da9bfecf1" + "fdf391bbaa4e2a91ca18a1121a7523a2" + "abd42514f489e8"); + vector signature = wvcdm::a2b_hex( + "6917437257c22ccb5403290c3dee82d9" + "cf7550b31bd31c51bd57bfd35d452ab4" + "db7c4be6b2e25ac9a59a1d2a7feb627f" + "0afd4976b3003cc9cffd8896505ec382" + "f265104d4cf8c932fa9fe86e00870795" + "9912389da4b2d6b369b36a5e72e29d24" + "c9a98c9d31a3ab44e643e6941266a47a" + "45e3446ce8776abe241a8f5fc6423b24" + "b1ff250dc2c3a8172353561077e850a7" + "69b25f0325dac88965a3b9b472c494e9" + "5f719b4eac332caa7a65c7dfe46d9aa7" + "e6e00f525f303dd63ab7919218901868" + "f9337f8cd26aafe6f33b7fb2c98810af" + "19f7fcb282ba1577912c1d368975fd5d" + "440b86e10c199715fa0b6f4250b53373" + "2d0befe1545150fc47b876de09b00a94"); + TestSignature(kSign_PKCS1_Block1, message, signature); + } + testTearDown(); +} + +// # PKCS#1 v1.5 Signature Example 15.17 +TEST_F(DISABLED_AlternateRSAKey, TestSignaturePKCS1_15_17) { + testSetUp(); + LoadWithAllowedSchemes(kSign_PKCS1_Block1, false); + if (key_loaded_) { + vector message = wvcdm::a2b_hex( + "008e59505eafb550aae5e845584cebb0" + "0b6de1733e9f95d42c882a5bbeb5ce1c" + "57e119e7c0d4daca9f1ff7870217f7cf" + "d8a6b373977cac9cab8e71e420"); + vector signature = wvcdm::a2b_hex( + "922503b673ee5f3e691e1ca85e9ff417" + "3cf72b05ac2c131da5603593e3bc259c" + "94c1f7d3a06a5b9891bf113fa39e59ff" + "7c1ed6465e908049cb89e4e125cd37d2" + "ffd9227a41b4a0a19c0a44fbbf3de55b" + "ab802087a3bb8d4ff668ee6bbb8ad89e" + "6857a79a9c72781990dfcf92cd519404" + "c950f13d1143c3184f1d250c90e17ac6" + "ce36163b9895627ad6ffec1422441f55" + "e4499dba9be89546ae8bc63cca01dd08" + "463ae7f1fce3d893996938778c1812e6" + "74ad9c309c5acca3fde44e7dd8695993" + "e9c1fa87acda99ece5c8499e468957ad" + "66359bf12a51adbe78d3a213b449bf0b" + "5f8d4d496acf03d3033b7ccd196bc22f" + "68fb7bef4f697c5ea2b35062f48a36dd"); + TestSignature(kSign_PKCS1_Block1, message, signature); + } + testTearDown(); +} + +// # PKCS#1 v1.5 Signature Example 15.18 +TEST_F(DISABLED_AlternateRSAKey, TestSignaturePKCS1_15_18) { + testSetUp(); + LoadWithAllowedSchemes(kSign_PKCS1_Block1, false); + if (key_loaded_) { + vector message = wvcdm::a2b_hex( + "6abc54cf8d1dff1f53b17d8160368878" + "a8788cc6d22fa5c2258c88e660b09a89" + "33f9f2c0504ddadc21f6e75e0b833beb" + "555229dee656b9047b92f62e76b8ffcc" + "60dab06b80"); + vector signature = wvcdm::a2b_hex( + "0b6daf42f7a862147e417493c2c401ef" + "ae32636ab4cbd44192bbf5f195b50ae0" + "96a475a1614f0a9fa8f7a026cb46c650" + "6e518e33d83e56477a875aca8c7e714c" + "e1bdbd61ef5d535239b33f2bfdd61771" + "bab62776d78171a1423cea8731f82e60" + "766d6454265620b15f5c5a584f55f95b" + "802fe78c574ed5dacfc831f3cf2b0502" + "c0b298f25ccf11f973b31f85e4744219" + "85f3cff702df3946ef0a6605682111b2" + "f55b1f8ab0d2ea3a683c69985ead93ed" + "449ea48f0358ddf70802cb41de2fd83f" + "3c808082d84936948e0c84a131b49278" + "27460527bb5cd24bfab7b48e071b2417" + "1930f99763272f9797bcb76f1d248157" + "5558fcf260b1f0e554ebb3df3cfcb958"); + TestSignature(kSign_PKCS1_Block1, message, signature); + } + testTearDown(); +} + +// # PKCS#1 v1.5 Signature Example 15.19 +TEST_F(DISABLED_AlternateRSAKey, TestSignaturePKCS1_15_19) { + testSetUp(); + LoadWithAllowedSchemes(kSign_PKCS1_Block1, false); + if (key_loaded_) { + vector message = wvcdm::a2b_hex( + "af2d78152cf10efe01d274f217b177f6" + "b01b5e749f1567715da324859cd3dd88" + "db848ec79f48dbba7b6f1d33111ef31b" + "64899e7391c2bffd69f49025cf201fc5" + "85dbd1542c1c778a2ce7a7ee108a309f" + "eca26d133a5ffedc4e869dcd7656596a" + "c8427ea3ef6e3fd78fe99d8ddc71d839" + "f6786e0da6e786bd62b3a4f19b891a56" + "157a554ec2a2b39e25a1d7c7d37321c7" + "a1d946cf4fbe758d9276f08563449d67" + "414a2c030f4251cfe2213d04a5410637" + "87"); + vector signature = wvcdm::a2b_hex( + "209c61157857387b71e24bf3dd564145" + "50503bec180ff53bdd9bac062a2d4995" + "09bf991281b79527df9136615b7a6d9d" + "b3a103b535e0202a2caca197a7b74e53" + "56f3dd595b49acfd9d30049a98ca88f6" + "25bca1d5f22a392d8a749efb6eed9b78" + "21d3110ac0d244199ecb4aa3d735a83a" + "2e8893c6bf8581383ccaee834635b7fa" + "1faffa45b13d15c1da33af71e89303d6" + "8090ff62ee615fdf5a84d120711da53c" + "2889198ab38317a9734ab27d67924cea" + "74156ff99bef9876bb5c339e93745283" + "e1b34e072226b88045e017e9f05b2a8c" + "416740258e223b2690027491732273f3" + "229d9ef2b1b3807e321018920ad3e53d" + "ae47e6d9395c184b93a374c671faa2ce"); + TestSignature(kSign_PKCS1_Block1, message, signature); + } + testTearDown(); +} + +// # PKCS#1 v1.5 Signature Example 15.20 +TEST_F(DISABLED_AlternateRSAKey, TestSignaturePKCS1_15_20) { + testSetUp(); + LoadWithAllowedSchemes(kSign_PKCS1_Block1, false); + if (key_loaded_) { + vector message = wvcdm::a2b_hex( + "40ee992458d6f61486d25676a96dd2cb" + "93a37f04b178482f2b186cf88215270d" + "ba29d786d774b0c5e78c7f6e56a956e7" + "f73950a2b0c0c10a08dbcd67e5b210bb" + "21c58e2767d44f7dd4014e3966143bf7" + "e3d66ff0c09be4c55f93b39994b8518d" + "9c1d76d5b47374dea08f157d57d70634" + "978f3856e0e5b481afbbdb5a3ac48d48" + "4be92c93de229178354c2de526e9c65a" + "31ede1ef68cb6398d7911684fec0babc" + "3a781a66660783506974d0e14825101c" + "3bfaea"); + vector signature = wvcdm::a2b_hex( + "927502b824afc42513ca6570de338b8a" + "64c3a85eb828d3193624f27e8b1029c5" + "5c119c9733b18f5849b3500918bcc005" + "51d9a8fdf53a97749fa8dc480d6fe974" + "2a5871f973926528972a1af49e3925b0" + "adf14a842719b4a5a2d89fa9c0b6605d" + "212bed1e6723b93406ad30e86829a5c7" + "19b890b389306dc5506486ee2f36a8df" + "e0a96af678c9cbd6aff397ca200e3edc" + "1e36bd2f08b31d540c0cb282a9559e4a" + "dd4fc9e6492eed0ccbd3a6982e5faa2d" + "dd17be47417c80b4e5452d31f72401a0" + "42325109544d954c01939079d409a5c3" + "78d7512dfc2d2a71efcc3432a765d1c6" + "a52cfce899cd79b15b4fc3723641ef6b" + "d00acc10407e5df58dd1c3c5c559a506"); + TestSignature(kSign_PKCS1_Block1, message, signature); + } + testTearDown(); +} + + class DISABLED_GenericDRMTest : public DISABLED_TestKeybox { protected: MessageData message_data_; @@ -3320,7 +4544,6 @@ class DISABLED_GenericDRMTest : public DISABLED_TestKeybox { uint8_t encrypted_buffer_[kBufferSize]; uint8_t iv_[wvcdm::KEY_IV_SIZE]; - void MakeFourKeys(Session* s) { s->FillSimpleMessage(&message_data_, kDuration, 0, 0); message_data_.keys[0].control.control_bits = htonl(wvoec_mock::kControlAllowEncrypt);