[Cryptech-Commits] [sw/pkcs11] 04/07: A few RSA unit tests inspired by hsmbully.
git at cryptech.is
git at cryptech.is
Mon Jun 13 19:47:59 UTC 2016
This is an automated email from the git hooks/post-receive script.
sra at hactrn.net pushed a commit to branch master
in repository sw/pkcs11.
commit 43d3149674743b9d31a13c934361a286fb5539d7
Author: Rob Austein <sra at hactrn.net>
AuthorDate: Sun Jun 12 18:11:34 2016 -0400
A few RSA unit tests inspired by hsmbully.
---
unit_tests.py | 70 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 69 insertions(+), 1 deletion(-)
diff --git a/unit_tests.py b/unit_tests.py
index e218b42..ef7b980 100644
--- a/unit_tests.py
+++ b/unit_tests.py
@@ -307,7 +307,7 @@ class TestKeys(unittest.TestCase):
p11.C_Verify(self.session, hamster, sig)
def test_gen_sign_verify_rsa_2048(self):
- if not args.all_tests: self.skipTest("RSA key generation is still painfully slow")
+ #if not args.all_tests: self.skipTest("RSA key generation is still painfully slow")
public_key, private_key = p11.C_GenerateKeyPair(
self.session, CKM_RSA_PKCS_KEY_PAIR_GEN, CKA_MODULUS_BITS = 2048,
CKA_ID = "RSA-2048", CKA_SIGN = True, CKA_VERIFY = True, CKA_TOKEN = True)
@@ -394,5 +394,73 @@ class TestKeys(unittest.TestCase):
p11.C_VerifyInit(self.session, CKM_ECDSA_SHA256, o)
p11.C_Verify(self.session, hamster, sig)
+ def extract_rsa_public_key(self, handle):
+ from Crypto.PublicKey import RSA
+ a = p11.C_GetAttributeValue(self.session, handle, CKA_MODULUS, CKA_PUBLIC_EXPONENT)
+ return RSA.construct((a[CKA_MODULUS], a[CKA_PUBLIC_EXPONENT]))
+
+ def assertRawRSASignatureMatches(self, handle, plain, sig):
+ pubkey = self.extract_rsa_public_key(handle)
+ result = pubkey.encrypt(sig, 0)[0]
+ prefix = "\x00\x01" if False else "\x01" # XXX
+ expect = prefix + "\xff" * (len(result) - len(plain) - len(prefix) - 1) + "\x00" + plain
+ self.assertEqual(result, expect)
+
+ def test_gen_sign_verify_tralala_rsa_1024(self):
+ tralala = "tralala-en-hopsasa"
+ public_key, private_key = p11.C_GenerateKeyPair(
+ self.session, CKM_RSA_PKCS_KEY_PAIR_GEN, CKA_MODULUS_BITS = 1024,
+ CKA_ID = "RSA-1024", CKA_SIGN = True, CKA_VERIFY = True, CKA_TOKEN = True)
+ self.assertIsKeypair(public_key, private_key)
+ p11.C_SignInit(self.session, CKM_RSA_PKCS, private_key)
+ sig = p11.C_Sign(self.session, tralala)
+ self.assertIsInstance(sig, str)
+ self.assertRawRSASignatureMatches(public_key, tralala, sig)
+ p11.C_VerifyInit(self.session, CKM_RSA_PKCS, public_key)
+ p11.C_Verify(self.session, tralala, sig)
+
+ def test_gen_sign_verify_tralala_rsa_3416(self):
+ tralala = "tralala-en-hopsasa"
+ public_key, private_key = p11.C_GenerateKeyPair(
+ self.session, CKM_RSA_PKCS_KEY_PAIR_GEN, CKA_MODULUS_BITS = 3416,
+ CKA_ID = "RSA-3416", CKA_SIGN = True, CKA_VERIFY = True, CKA_TOKEN = True)
+ self.assertIsKeypair(public_key, private_key)
+ p11.C_SignInit(self.session, CKM_RSA_PKCS, private_key)
+ sig = p11.C_Sign(self.session, tralala)
+ self.assertIsInstance(sig, str)
+ self.assertRawRSASignatureMatches(public_key, tralala, sig)
+ p11.C_VerifyInit(self.session, CKM_RSA_PKCS, public_key)
+ p11.C_Verify(self.session, tralala, sig)
+
+ def test_gen_sign_verify_rsa_3416(self):
+ public_key, private_key = p11.C_GenerateKeyPair(
+ self.session, CKM_RSA_PKCS_KEY_PAIR_GEN, CKA_MODULUS_BITS = 3416,
+ CKA_ID = "RSA-3416", CKA_SIGN = True, CKA_VERIFY = True, CKA_TOKEN = True)
+ self.assertIsKeypair(public_key, private_key)
+ hamster = "Your mother was a hamster"
+ p11.C_SignInit(self.session, CKM_SHA512_RSA_PKCS, private_key)
+ sig = p11.C_Sign(self.session, hamster)
+ self.assertIsInstance(sig, str)
+ p11.C_VerifyInit(self.session, CKM_SHA512_RSA_PKCS, public_key)
+ p11.C_Verify(self.session, hamster, sig)
+
+ def test_gen_rsa_1028(self):
+ with self.assertRaises(CKR_ATTRIBUTE_VALUE_INVALID):
+ p11.C_GenerateKeyPair(
+ self.session, CKM_RSA_PKCS_KEY_PAIR_GEN, CKA_MODULUS_BITS = 1028,
+ CKA_ID = "RSA-1028", CKA_SIGN = True, CKA_VERIFY = True, CKA_TOKEN = True)
+
+ def test_gen_sign_verify_rsa_1032(self):
+ public_key, private_key = p11.C_GenerateKeyPair(
+ self.session, CKM_RSA_PKCS_KEY_PAIR_GEN, CKA_MODULUS_BITS = 1032,
+ CKA_ID = "RSA-1032", CKA_SIGN = True, CKA_VERIFY = True, CKA_TOKEN = True)
+ self.assertIsKeypair(public_key, private_key)
+ hamster = "Your mother was a hamster"
+ p11.C_SignInit(self.session, CKM_SHA512_RSA_PKCS, private_key)
+ sig = p11.C_Sign(self.session, hamster)
+ self.assertIsInstance(sig, str)
+ p11.C_VerifyInit(self.session, CKM_SHA512_RSA_PKCS, public_key)
+ p11.C_Verify(self.session, hamster, sig)
+
if __name__ == "__main__":
main()
More information about the Commits
mailing list