From 2c44e9f8b2e7a1ebc65caeb03f9f106d31e30822 Mon Sep 17 00:00:00 2001

From: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>

Date: Wed, 3 Apr 2019 13:40:04 +0200

Subject: [PATCH 1/7] crypto-selftests-pk.c: Move hardcoded values to the top

The objective of moving these values to the top is to allow them to be

used by other functions, in particular test_sig().

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>

---

 lib/crypto-selftests-pk.c | 224 +++++++++++++++++++-------------------

 1 file changed, 112 insertions(+), 112 deletions(-)

diff --git a/lib/crypto-selftests-pk.c b/lib/crypto-selftests-pk.c

index 1aa53ea29..4fadd4161 100644

--- a/lib/crypto-selftests-pk.c

+++ b/lib/crypto-selftests-pk.c

@@ -107,6 +107,118 @@ static const char gost12_512_key[] =

  "KjL7CLBERDm7Yvlv\n"

  "-----END PRIVATE KEY-----\n";

+/* A precomputed RSA-SHA256 signature using the rsa_key2048 */

+static const char rsa_sig[] =

+    "\x7a\xb3\xf8\xb0\xf9\xf0\x52\x88\x37\x17\x97\x9f\xbe\x61\xb4\xd2\x43\x78\x9f\x79\x92\xd0\xad\x08\xdb\xbd\x3c\x72\x7a\xb5\x51\x59\x63\xd6\x7d\xf1\x9c\x1e\x10\x7b\x27\xab\xf8\xd4\x9d\xcd\xc5\xf9\xae\xf7\x09\x6b\x40\x93\xc5\xe9\x1c\x0f\xb4\x82\xa1\x47\x86\x54\x63\xd2\x4d\x40\x9a\x80\xb9\x38\x45\x69\xa2\xd6\x92\xb6\x69\x7f\x3f\xf3\x5b\xa5\x1d\xac\x06\xad\xdf\x4e\xbb\xe6\xda\x68\x0d\xe5\xab\xef\xd2\xf0\xc5\xd8\xc0\xed\x80\xe2\xd4\x76\x98\xec\x44\xa2\xfc\x3f\xce\x2e\x8b\xc4\x4b\xab\xb0\x70\x24\x52\x85\x2a\x36\xcd\x9a\xb5\x05\x00\xea\x98\x7c\x72\x06\x68\xb1\x38\x44\x16\x80\x6a\x3b\x64\x72\xbb\xfd\x4b\xc9\xdd\xda\x2a\x68\xde\x7f\x6e\x48\x28\xc1\x63\x57\x2b\xde\x83\xa3\x27\x34\xd7\xa6\x87\x18\x35\x10\xff\x31\xd9\x47\xc9\x84\x35\xe1\xaa\xe2\xf7\x98\xfa\x19\xd3\xf1\x94\x25\x2a\x96\xe4\xa8\xa7\x05\x10\x93\x87\xde\x96\x85\xe5\x68\xb8\xe5\x4e\xbf\x66\x85\x91\xbd\x52\x5b\x3d\x9f\x1b\x79\xea\xe3\x8b\xef\x62\x18\x39\x7a\x50\x01\x46\x1b\xde\x8d\x37\xbc\x90\x6c\x07\xc0\x07\xed\x60\xce\x2e\x31\xd6\x8f\xe8\x75\xdb\x45\x21\xc6\xcb";

+

+/* ECDSA key and signature */

+static const char ecdsa_secp256r1_privkey[] =

+    "-----BEGIN EC PRIVATE KEY-----\n"

+    "MHcCAQEEIPAKWV7+pZe9c5EubMNfAEKWRQtP/MvlO9HehwHmJssNoAoGCCqGSM49\n"

+    "AwEHoUQDQgAE2CNONRio3ciuXtoomJKs3MdbzLbd44VPhtzJN30VLFm5gvnfiCj2\n"

+    "zzz7pl9Cv0ECHl6yedNI8QEKdcwCDgEmkQ==\n"

+    "-----END EC PRIVATE KEY-----\n";

+

+static const char ecdsa_secp256r1_sig[] =

+    "\x30\x45\x02\x21\x00\x9b\x8f\x60\xed\x9e\x40\x8d\x74\x82\x73\xab\x20\x1a\x69\xfc\xf9\xee\x3c\x41\x80\xc0\x39\xdd\x21\x1a\x64\xfd\xbf\x7e\xaa\x43\x70\x02\x20\x44\x28\x05\xdd\x30\x47\x58\x96\x18\x39\x94\x18\xba\xe7\x7a\xf6\x1e\x2d\xba\xb1\xe0\x7d\x73\x9e\x2f\x58\xee\x0c\x2a\x89\xe8\x35";

+

+#ifdef ENABLE_NON_SUITEB_CURVES

+/* sha256 */

+static const char ecdsa_secp192r1_privkey[] =

+    "-----BEGIN EC PRIVATE KEY-----"

+    "MF8CAQEEGLjezFcbgDMeApVrdtZHvu/k1a8/tVZ41KAKBggqhkjOPQMBAaE0AzIA"

+    "BO1lciKdgxeRH8k64vxcaV1OYIK9akVrW02Dw21MXhRLP0l0wzCw6LGSr5rS6AaL"

+    "Fg==" "-----END EC PRIVATE KEY-----";

+

+static const char ecdsa_secp192r1_sig[] =

+    "\x30\x34\x02\x18\x5f\xb3\x10\x4b\x4d\x44\x48\x29\x4b\xfd\xa7\x8e\xce\x57\xac\x36\x38\x54\xab\x73\xdb\xed\xb8\x5f\x02\x18\x0b\x8b\xf3\xae\x49\x50\x0e\x47\xca\x89\x1a\x00\xca\x23\xf5\x8d\xd6\xe3\xce\x9a\xff\x2e\x4f\x5c";

+

+static const char ecdsa_secp224r1_privkey[] =

+    "-----BEGIN EC PRIVATE KEY-----"

+    "MGgCAQEEHOKWJFdWdrR/CgVrUeTeawOrJ9GozE9KKx2a8PmgBwYFK4EEACGhPAM6"

+    "AAQKQj3YpenWT7lFR41SnBvmj/+Bj+kgzQnaF65qWAtPRJsZXFlLTu3/IUNqSRu9"

+    "DqPsk8xBHAB7pA==" "-----END EC PRIVATE KEY-----";

+

+static const char ecdsa_secp224r1_sig[] =

+    "\x30\x3d\x02\x1c\x76\x03\x8d\x74\xf4\xd3\x09\x2a\xb5\xdf\x6b\x5b\xf4\x4b\x86\xb8\x62\x81\x5d\x7b\x7a\xbb\x37\xfc\xf1\x46\x1c\x2b\x02\x1d\x00\xa0\x98\x5d\x80\x43\x89\xe5\xee\x1a\xec\x46\x08\x04\x55\xbc\x50\xfa\x2a\xd5\xa6\x18\x92\x19\xdb\x68\xa0\x2a\xda";

+#endif

+

+static const char ecdsa_secp384r1_privkey[] =

+    "-----BEGIN EC PRIVATE KEY-----"

+    "MIGkAgEBBDDevshD6gb+4rZpC9vwFcIwNs4KmGzdqCxyyN40a8uOWRbyf7aHdiSS"

+    "03oAyKtc4JCgBwYFK4EEACKhZANiAARO1KkPMno2tnNXx1S9EZkp8SOpDCZ4aobH"

+    "IYv8RHnSmKf8I3OKD6TaoeR+1MwJmNJUH90Bj45WXla68/vsPiFcfVKboxsZYe/n"

+    "pv8e4ugXagVQVBXNZJ859iYPdJR24vo=" "-----END EC PRIVATE KEY-----";

+

+static const char ecdsa_secp384r1_sig[] =

+    "\x30\x66\x02\x31\x00\xbb\x4d\x25\x30\x13\x1b\x3b\x75\x60\x07\xed\x53\x8b\x52\xee\xd8\x6e\xf1\x9d\xa8\x36\x0e\x2e\x20\x31\x51\x11\x48\x78\xdd\xaf\x24\x38\x64\x81\x71\x6b\xa6\xb7\x29\x58\x28\x82\x32\xba\x29\x29\xd9\x02\x31\x00\xeb\x70\x09\x87\xac\x7b\x78\x0d\x4c\x4f\x08\x2b\x86\x27\xe2\x60\x1f\xc9\x11\x9f\x1d\xf5\x82\x4c\xc7\x3d\xb0\x27\xc8\x93\x29\xc7\xd0\x0e\x88\x02\x09\x93\xc2\x72\xce\xa5\x74\x8c\x3d\xe0\x8c\xad";

+

+static const char ecdsa_secp521r1_privkey[] =

+    "-----BEGIN EC PRIVATE KEY-----"

+    "MIHbAgEBBEGO2n7NN363qSCvJVdlQtCvudtaW4o0fEufXRjE1AsCrle+VXX0Zh0w"

+    "Y1slSeDHMndpakoiF+XkQ+bhcB867UV6aKAHBgUrgQQAI6GBiQOBhgAEAQb6jDpo"

+    "byy1tF8Zucg0TMGUzIN2DK+RZJ3QQRdWdirO25OIC3FoFi1Yird6rpoB6HlNyJ7R"

+    "0bNG9Uv34bSHMn8yAFoiqxUCdJZQbEenMoZsi6COaePe3e0QqvDMr0hEWT23Sr3t"

+    "LpEV7eZGFfFIJw5wSUp2KOcs+O9WjmoukTWtDKNV"

+    "-----END EC PRIVATE KEY-----";

+

+static const char ecdsa_secp521r1_sig[] =

+    "\x30\x81\x87\x02\x42\x01\xb8\xcb\x52\x9e\x10\xa8\x49\x3f\xe1\x9e\x14\x0a\xcf\x96\xed\x7e\xab\x7d\x0c\xe1\x9b\xa4\x97\xdf\x01\xf5\x35\x42\x5f\x5b\x28\x15\x24\x33\x6e\x59\x6c\xaf\x10\x8b\x98\x8e\xe9\x4c\x23\x0d\x76\x92\x03\xdd\x6d\x8d\x08\x47\x15\x5b\xf8\x66\x75\x75\x40\xe8\xf4\xa0\x52\x02\x41\x15\x27\x7c\x5f\xa6\x33\xa6\x29\x68\x3f\x55\x8d\x7f\x1d\x4f\x88\xc6\x61\x6e\xac\x21\xdf\x2b\x7b\xde\x76\x9a\xdc\xe6\x3b\x94\x3f\x03\x9c\xa2\xa6\xa3\x63\x39\x48\xbd\x79\x70\x21\xf2\x6b\xff\x58\x66\xf1\x58\xc2\x58\xad\x4f\x84\x14\x5d\x05\x12\x83\xd0\x87\xbd\xf3";

+

+/* DSA key and signature */

+static const char dsa_privkey[] =

+ "-----BEGIN DSA PRIVATE KEY-----\n"

+ "MIIDTQIBAAKCAQEAh60B6yPMRIT7udq2kKuwnQDohvT1U0w+RJcSr23C05cM/Ovn\n"

+ "UP/8Rrj6T8K+uYhMbKgLaZiJJW9q04jaPQk0cfUphbLvRjzVHwE/0Bkb+Y1Rv7ni\n"

+ "Jot2IFMq5iuNraf889PC0WREvFCcIkSFY2Ac4WT7mCcBtfx/raGFXDUjcUrJ0HwZ\n"

+ "IOhjQDfcXUsztuyYsYA75ociEY8kyDZq/ixyr5++R1VjNf30Re8AbQlXOEGxEN5t\n"

+ "t+Tvpq8K5L3prQs2KNSzyOUmedjb/ojH4T4qe/RL9EVjjeuIGHDNUT6F197yZ91y\n"

+ "qLLTf1WjnUyZcKij5rryX0LJBBWawEZjNSHZawIdAMQlyycia4NigCdiDR+QptUn\n"

+ "2xrj9o14fXkIrXcCggEAXRZm1rbPhsjSTo6cpCVrmDzO1grv83EHiBH4MvRQQnP8\n"

+ "FpAREsBA5cYju97XvLaLhioZeMjLn08kU7TUbHRUB+ULTuVvE2dQbBpGuKiLRRt9\n"

+ "6U2T0eD3xGLoM+o8EY/kpqaWGEpZv7hzM9xuo4vy55+viAZgFWULqmltwfG/7w7V\n"

+ "NXUHNv5H4Ipw//fSDLTPqzUlNqSSswDLz6pCjWEs0rWAqNAMaOiLTz4id9pL48Oe\n"

+ "oAfpcQR9tgTEnwyXfZBnrJVclHhkHKGeXvU05IgCzpKO76Z5R+By50T0i/JV7vzM\n"

+ "l2yS9aAl/cprT6U7yI3oU/blldCVNpMcFAFb+fO8DAKCAQBVMo8xptyvQOJeSvbO\n"

+ "SSYdJ3IiI/0GdkcGWXblWg9z7mrPaWEnT7OquEm/+vYtWd3GHDtyNM+jzsN4Xgjc\n"

+ "TL3AEd2hLiozJQ1BFKw25VU08UHAYTzUxZhO4Vwtmp46Kwj8YLDQ3NHRWCBxpDQR\n"

+ "fbiFvyXP+qXap6plMfrydnUD1mae/JSOWOYgdB7tFIehstLxVXx/cAnjwgFU03Df\n"

+ "grjsad92zA1Hc9wIjbsgAQdTR5DWnFRkRt3UtayBwoyqm6QceZHsv1NAGvkQ4ion\n"

+ "bEjkHkjF9YCkR9/rspR8cLghRIXMjOpypuSbaRPeeWq0gP2UOxFL/d3iWH0ETr/L\n"

+ "kTlCAhxYGpVgtfB96qmJukyl9GOGvfkwFTgEyIDoV84M\n"

+ "-----END DSA PRIVATE KEY-----\n";

+

+static const char dsa_sig[] =

+    "\x30\x3d\x02\x1c\x2e\x40\x14\xb3\x7a\x3f\xc0\x4f\x06\x74\x4f\xa6\x5f\xc2\x0a\x46\x35\x38\x88\xb4\x1a\xcf\x94\x02\x40\x42\x7c\x7f\x02\x1d\x00\x98\xfc\xf1\x08\x66\xf1\x86\x28\xc9\x73\x9e\x2b\x5d\xce\x57\xe8\xb5\xeb\xcf\xa3\xf6\x60\xf6\x63\x16\x0e\xc0\x42";

+

+static const char gost01_privkey[] =

+ "-----BEGIN PRIVATE KEY-----\n"

+ "MEUCAQAwHAYGKoUDAgITMBIGByqFAwICIwEGByqFAwICHgEEIgQgdNfuHGmmTdPm\n"

+ "p5dAa3ea9UYxpdYQPP9lbDwzQwG2bJM=\n"

+ "-----END PRIVATE KEY-----\n";

+

+static const char gost01_sig[] =

+    "\xc5\xc8\xf8\xdc\x22\x51\xb0\x72\xe9\xa2\xbb\x84\x6c\xe2\x24\xd5\x72\x39\x2a\x5a\x0e\x7a\x43\xfc\x9c\xc3\x5d\x32\x92\xbb\xab\xc0\x4b\x99\xbd\xc8\x47\x24\x70\x06\x7e\xa1\xc6\xe3\xa0\xdc\x42\xed\xa0\x66\xf0\xcc\x50\x97\xe9\x5a\x7d\x3f\x65\x2d\x7b\x1b\x03\xcb";

+

+static const char gost12_256_privkey[] =

+ "-----BEGIN PRIVATE KEY-----\n"

+ "MEgCAQAwHwYIKoUDBwEBAQEwEwYHKoUDAgIjAQYIKoUDBwEBAgIEIgQgKOF96tom\n"

+ "D61rhSnzKjyrmO3fv0gdlHei+6ovrc8SnBk=\n"

+ "-----END PRIVATE KEY-----\n";

+

+static const char gost12_256_sig[] =

+    "\xb2\x51\x5a\x1a\xbd\x95\x4e\x71\x55\xad\x74\x74\x81\xa6\xca\x6c\x14\x01\xe0\x18\xda\xe4\x0d\x02\x4f\x14\xd2\x39\xd6\x3c\xb5\x85\xa8\x37\xfd\x7f\x2b\xfa\xe4\xf5\xbc\xbc\x15\x20\x8b\x83\x4b\x84\x0d\x5d\x02\x21\x8c\x0d\xb9\xc4\x2b\xc0\x3e\xfd\x42\x55\x1d\xb0";

+

+static const char gost12_512_privkey[] =

+ "-----BEGIN PRIVATE KEY-----\n"

+ "MGoCAQAwIQYIKoUDBwEBAQIwFQYJKoUDBwECAQIBBggqhQMHAQECAwRCBECjFpvp\n"

+ "B0vdc7u59b99TCNXhHiB69JJtUjvieNkGYJpoaaIvoKZTNCjpSZASsZcQZCHOTof\n"

+ "hsQ3JCCy4xnd5jWT\n"

+ "-----END PRIVATE KEY-----\n";

+

+static const char gost12_512_sig[] =

+    "\x52\x4f\xa2\x77\x51\xd2\xc5\xef\xd3\xa3\x99\x4e\xec\xff\xc6\xe9\xfc\x2f\xc0\x28\x42\x03\x95\x6c\x9a\x38\xee\xea\x89\x79\xae\x1a\xc3\x68\x5e\xe4\x15\x15\x4b\xec\x0f\xf1\x7e\x0f\xba\x01\xc7\x84\x16\xc7\xb5\xac\x9d\x0c\x22\xdd\x31\xf7\xb0\x9b\x59\x4b\xf0\x02\xa8\x7d\xfd\x6d\x02\x43\xc7\x4f\x65\xbd\x84\x5c\x54\x91\xba\x75\x9f\x5a\x61\x19\x5c\x9a\x10\x78\x34\xa0\xa6\xf6\xdc\xb6\xb0\x50\x22\x38\x5f\xb0\x16\x66\xf1\xd5\x46\x00\xd5\xe2\xa8\xe5\xd2\x11\x5f\xd1\xbe\x6e\xac\xb2\x9c\x14\x34\x96\xe7\x58\x94\xb8\xf4\x5f";

+

 static int test_rsa_enc(gnutls_pk_algorithm_t pk,

 			unsigned bits, gnutls_digest_algorithm_t ign)

 {

@@ -302,118 +414,6 @@ static int test_sig(gnutls_pk_algorithm_t pk,

 	return ret;

 }

-/* A precomputed RSA-SHA1 signature using the rsa_key2048 */

-static const char rsa_sig[] =

-    "\x7a\xb3\xf8\xb0\xf9\xf0\x52\x88\x37\x17\x97\x9f\xbe\x61\xb4\xd2\x43\x78\x9f\x79\x92\xd0\xad\x08\xdb\xbd\x3c\x72\x7a\xb5\x51\x59\x63\xd6\x7d\xf1\x9c\x1e\x10\x7b\x27\xab\xf8\xd4\x9d\xcd\xc5\xf9\xae\xf7\x09\x6b\x40\x93\xc5\xe9\x1c\x0f\xb4\x82\xa1\x47\x86\x54\x63\xd2\x4d\x40\x9a\x80\xb9\x38\x45\x69\xa2\xd6\x92\xb6\x69\x7f\x3f\xf3\x5b\xa5\x1d\xac\x06\xad\xdf\x4e\xbb\xe6\xda\x68\x0d\xe5\xab\xef\xd2\xf0\xc5\xd8\xc0\xed\x80\xe2\xd4\x76\x98\xec\x44\xa2\xfc\x3f\xce\x2e\x8b\xc4\x4b\xab\xb0\x70\x24\x52\x85\x2a\x36\xcd\x9a\xb5\x05\x00\xea\x98\x7c\x72\x06\x68\xb1\x38\x44\x16\x80\x6a\x3b\x64\x72\xbb\xfd\x4b\xc9\xdd\xda\x2a\x68\xde\x7f\x6e\x48\x28\xc1\x63\x57\x2b\xde\x83\xa3\x27\x34\xd7\xa6\x87\x18\x35\x10\xff\x31\xd9\x47\xc9\x84\x35\xe1\xaa\xe2\xf7\x98\xfa\x19\xd3\xf1\x94\x25\x2a\x96\xe4\xa8\xa7\x05\x10\x93\x87\xde\x96\x85\xe5\x68\xb8\xe5\x4e\xbf\x66\x85\x91\xbd\x52\x5b\x3d\x9f\x1b\x79\xea\xe3\x8b\xef\x62\x18\x39\x7a\x50\x01\x46\x1b\xde\x8d\x37\xbc\x90\x6c\x07\xc0\x07\xed\x60\xce\x2e\x31\xd6\x8f\xe8\x75\xdb\x45\x21\xc6\xcb";

-

-/* ECDSA key and signature */

-static const char ecdsa_secp256r1_privkey[] =

-    "-----BEGIN EC PRIVATE KEY-----\n"

-    "MHcCAQEEIPAKWV7+pZe9c5EubMNfAEKWRQtP/MvlO9HehwHmJssNoAoGCCqGSM49\n"

-    "AwEHoUQDQgAE2CNONRio3ciuXtoomJKs3MdbzLbd44VPhtzJN30VLFm5gvnfiCj2\n"

-    "zzz7pl9Cv0ECHl6yedNI8QEKdcwCDgEmkQ==\n"

-    "-----END EC PRIVATE KEY-----\n";

-

-static const char ecdsa_secp256r1_sig[] =

-    "\x30\x45\x02\x21\x00\x9b\x8f\x60\xed\x9e\x40\x8d\x74\x82\x73\xab\x20\x1a\x69\xfc\xf9\xee\x3c\x41\x80\xc0\x39\xdd\x21\x1a\x64\xfd\xbf\x7e\xaa\x43\x70\x02\x20\x44\x28\x05\xdd\x30\x47\x58\x96\x18\x39\x94\x18\xba\xe7\x7a\xf6\x1e\x2d\xba\xb1\xe0\x7d\x73\x9e\x2f\x58\xee\x0c\x2a\x89\xe8\x35";

-

-#ifdef ENABLE_NON_SUITEB_CURVES

-/* sha256 */

-static const char ecdsa_secp192r1_privkey[] =

-    "-----BEGIN EC PRIVATE KEY-----"

-    "MF8CAQEEGLjezFcbgDMeApVrdtZHvu/k1a8/tVZ41KAKBggqhkjOPQMBAaE0AzIA"

-    "BO1lciKdgxeRH8k64vxcaV1OYIK9akVrW02Dw21MXhRLP0l0wzCw6LGSr5rS6AaL"

-    "Fg==" "-----END EC PRIVATE KEY-----";

-

-static const char ecdsa_secp192r1_sig[] =

-    "\x30\x34\x02\x18\x5f\xb3\x10\x4b\x4d\x44\x48\x29\x4b\xfd\xa7\x8e\xce\x57\xac\x36\x38\x54\xab\x73\xdb\xed\xb8\x5f\x02\x18\x0b\x8b\xf3\xae\x49\x50\x0e\x47\xca\x89\x1a\x00\xca\x23\xf5\x8d\xd6\xe3\xce\x9a\xff\x2e\x4f\x5c";

-

-static const char ecdsa_secp224r1_privkey[] =

-    "-----BEGIN EC PRIVATE KEY-----"

-    "MGgCAQEEHOKWJFdWdrR/CgVrUeTeawOrJ9GozE9KKx2a8PmgBwYFK4EEACGhPAM6"

-    "AAQKQj3YpenWT7lFR41SnBvmj/+Bj+kgzQnaF65qWAtPRJsZXFlLTu3/IUNqSRu9"

-    "DqPsk8xBHAB7pA==" "-----END EC PRIVATE KEY-----";

-

-static const char ecdsa_secp224r1_sig[] =

-    "\x30\x3d\x02\x1c\x76\x03\x8d\x74\xf4\xd3\x09\x2a\xb5\xdf\x6b\x5b\xf4\x4b\x86\xb8\x62\x81\x5d\x7b\x7a\xbb\x37\xfc\xf1\x46\x1c\x2b\x02\x1d\x00\xa0\x98\x5d\x80\x43\x89\xe5\xee\x1a\xec\x46\x08\x04\x55\xbc\x50\xfa\x2a\xd5\xa6\x18\x92\x19\xdb\x68\xa0\x2a\xda";

-#endif

-

-static const char ecdsa_secp384r1_privkey[] =

-    "-----BEGIN EC PRIVATE KEY-----"

-    "MIGkAgEBBDDevshD6gb+4rZpC9vwFcIwNs4KmGzdqCxyyN40a8uOWRbyf7aHdiSS"

-    "03oAyKtc4JCgBwYFK4EEACKhZANiAARO1KkPMno2tnNXx1S9EZkp8SOpDCZ4aobH"

-    "IYv8RHnSmKf8I3OKD6TaoeR+1MwJmNJUH90Bj45WXla68/vsPiFcfVKboxsZYe/n"

-    "pv8e4ugXagVQVBXNZJ859iYPdJR24vo=" "-----END EC PRIVATE KEY-----";

-

-static const char ecdsa_secp384r1_sig[] =

-    "\x30\x66\x02\x31\x00\xbb\x4d\x25\x30\x13\x1b\x3b\x75\x60\x07\xed\x53\x8b\x52\xee\xd8\x6e\xf1\x9d\xa8\x36\x0e\x2e\x20\x31\x51\x11\x48\x78\xdd\xaf\x24\x38\x64\x81\x71\x6b\xa6\xb7\x29\x58\x28\x82\x32\xba\x29\x29\xd9\x02\x31\x00\xeb\x70\x09\x87\xac\x7b\x78\x0d\x4c\x4f\x08\x2b\x86\x27\xe2\x60\x1f\xc9\x11\x9f\x1d\xf5\x82\x4c\xc7\x3d\xb0\x27\xc8\x93\x29\xc7\xd0\x0e\x88\x02\x09\x93\xc2\x72\xce\xa5\x74\x8c\x3d\xe0\x8c\xad";

-

-static const char ecdsa_secp521r1_privkey[] =

-    "-----BEGIN EC PRIVATE KEY-----"

-    "MIHbAgEBBEGO2n7NN363qSCvJVdlQtCvudtaW4o0fEufXRjE1AsCrle+VXX0Zh0w"

-    "Y1slSeDHMndpakoiF+XkQ+bhcB867UV6aKAHBgUrgQQAI6GBiQOBhgAEAQb6jDpo"

-    "byy1tF8Zucg0TMGUzIN2DK+RZJ3QQRdWdirO25OIC3FoFi1Yird6rpoB6HlNyJ7R"

-    "0bNG9Uv34bSHMn8yAFoiqxUCdJZQbEenMoZsi6COaePe3e0QqvDMr0hEWT23Sr3t"

-    "LpEV7eZGFfFIJw5wSUp2KOcs+O9WjmoukTWtDKNV"

-    "-----END EC PRIVATE KEY-----";

-

-static const char ecdsa_secp521r1_sig[] =

-    "\x30\x81\x87\x02\x42\x01\xb8\xcb\x52\x9e\x10\xa8\x49\x3f\xe1\x9e\x14\x0a\xcf\x96\xed\x7e\xab\x7d\x0c\xe1\x9b\xa4\x97\xdf\x01\xf5\x35\x42\x5f\x5b\x28\x15\x24\x33\x6e\x59\x6c\xaf\x10\x8b\x98\x8e\xe9\x4c\x23\x0d\x76\x92\x03\xdd\x6d\x8d\x08\x47\x15\x5b\xf8\x66\x75\x75\x40\xe8\xf4\xa0\x52\x02\x41\x15\x27\x7c\x5f\xa6\x33\xa6\x29\x68\x3f\x55\x8d\x7f\x1d\x4f\x88\xc6\x61\x6e\xac\x21\xdf\x2b\x7b\xde\x76\x9a\xdc\xe6\x3b\x94\x3f\x03\x9c\xa2\xa6\xa3\x63\x39\x48\xbd\x79\x70\x21\xf2\x6b\xff\x58\x66\xf1\x58\xc2\x58\xad\x4f\x84\x14\x5d\x05\x12\x83\xd0\x87\xbd\xf3";

-

-/* DSA key and signature */

-static const char dsa_privkey[] =

- "-----BEGIN DSA PRIVATE KEY-----\n"

- "MIIDTQIBAAKCAQEAh60B6yPMRIT7udq2kKuwnQDohvT1U0w+RJcSr23C05cM/Ovn\n"

- "UP/8Rrj6T8K+uYhMbKgLaZiJJW9q04jaPQk0cfUphbLvRjzVHwE/0Bkb+Y1Rv7ni\n"

- "Jot2IFMq5iuNraf889PC0WREvFCcIkSFY2Ac4WT7mCcBtfx/raGFXDUjcUrJ0HwZ\n"

- "IOhjQDfcXUsztuyYsYA75ociEY8kyDZq/ixyr5++R1VjNf30Re8AbQlXOEGxEN5t\n"

- "t+Tvpq8K5L3prQs2KNSzyOUmedjb/ojH4T4qe/RL9EVjjeuIGHDNUT6F197yZ91y\n"

- "qLLTf1WjnUyZcKij5rryX0LJBBWawEZjNSHZawIdAMQlyycia4NigCdiDR+QptUn\n"

- "2xrj9o14fXkIrXcCggEAXRZm1rbPhsjSTo6cpCVrmDzO1grv83EHiBH4MvRQQnP8\n"

- "FpAREsBA5cYju97XvLaLhioZeMjLn08kU7TUbHRUB+ULTuVvE2dQbBpGuKiLRRt9\n"

- "6U2T0eD3xGLoM+o8EY/kpqaWGEpZv7hzM9xuo4vy55+viAZgFWULqmltwfG/7w7V\n"

- "NXUHNv5H4Ipw//fSDLTPqzUlNqSSswDLz6pCjWEs0rWAqNAMaOiLTz4id9pL48Oe\n"

- "oAfpcQR9tgTEnwyXfZBnrJVclHhkHKGeXvU05IgCzpKO76Z5R+By50T0i/JV7vzM\n"

- "l2yS9aAl/cprT6U7yI3oU/blldCVNpMcFAFb+fO8DAKCAQBVMo8xptyvQOJeSvbO\n"

- "SSYdJ3IiI/0GdkcGWXblWg9z7mrPaWEnT7OquEm/+vYtWd3GHDtyNM+jzsN4Xgjc\n"

- "TL3AEd2hLiozJQ1BFKw25VU08UHAYTzUxZhO4Vwtmp46Kwj8YLDQ3NHRWCBxpDQR\n"

- "fbiFvyXP+qXap6plMfrydnUD1mae/JSOWOYgdB7tFIehstLxVXx/cAnjwgFU03Df\n"

- "grjsad92zA1Hc9wIjbsgAQdTR5DWnFRkRt3UtayBwoyqm6QceZHsv1NAGvkQ4ion\n"

- "bEjkHkjF9YCkR9/rspR8cLghRIXMjOpypuSbaRPeeWq0gP2UOxFL/d3iWH0ETr/L\n"

- "kTlCAhxYGpVgtfB96qmJukyl9GOGvfkwFTgEyIDoV84M\n"

- "-----END DSA PRIVATE KEY-----\n";

-

-static const char dsa_sig[] =

-    "\x30\x3d\x02\x1c\x2e\x40\x14\xb3\x7a\x3f\xc0\x4f\x06\x74\x4f\xa6\x5f\xc2\x0a\x46\x35\x38\x88\xb4\x1a\xcf\x94\x02\x40\x42\x7c\x7f\x02\x1d\x00\x98\xfc\xf1\x08\x66\xf1\x86\x28\xc9\x73\x9e\x2b\x5d\xce\x57\xe8\xb5\xeb\xcf\xa3\xf6\x60\xf6\x63\x16\x0e\xc0\x42";

-

-static const char gost01_privkey[] =

- "-----BEGIN PRIVATE KEY-----\n"

- "MEUCAQAwHAYGKoUDAgITMBIGByqFAwICIwEGByqFAwICHgEEIgQgdNfuHGmmTdPm\n"

- "p5dAa3ea9UYxpdYQPP9lbDwzQwG2bJM=\n"

- "-----END PRIVATE KEY-----\n";

-

-static const char gost01_sig[] =

-    "\xc5\xc8\xf8\xdc\x22\x51\xb0\x72\xe9\xa2\xbb\x84\x6c\xe2\x24\xd5\x72\x39\x2a\x5a\x0e\x7a\x43\xfc\x9c\xc3\x5d\x32\x92\xbb\xab\xc0\x4b\x99\xbd\xc8\x47\x24\x70\x06\x7e\xa1\xc6\xe3\xa0\xdc\x42\xed\xa0\x66\xf0\xcc\x50\x97\xe9\x5a\x7d\x3f\x65\x2d\x7b\x1b\x03\xcb";

-

-static const char gost12_256_privkey[] =

- "-----BEGIN PRIVATE KEY-----\n"

- "MEgCAQAwHwYIKoUDBwEBAQEwEwYHKoUDAgIjAQYIKoUDBwEBAgIEIgQgKOF96tom\n"

- "D61rhSnzKjyrmO3fv0gdlHei+6ovrc8SnBk=\n"

- "-----END PRIVATE KEY-----\n";

-

-static const char gost12_256_sig[] =

-    "\xb2\x51\x5a\x1a\xbd\x95\x4e\x71\x55\xad\x74\x74\x81\xa6\xca\x6c\x14\x01\xe0\x18\xda\xe4\x0d\x02\x4f\x14\xd2\x39\xd6\x3c\xb5\x85\xa8\x37\xfd\x7f\x2b\xfa\xe4\xf5\xbc\xbc\x15\x20\x8b\x83\x4b\x84\x0d\x5d\x02\x21\x8c\x0d\xb9\xc4\x2b\xc0\x3e\xfd\x42\x55\x1d\xb0";

-

-static const char gost12_512_privkey[] =

- "-----BEGIN PRIVATE KEY-----\n"

- "MGoCAQAwIQYIKoUDBwEBAQIwFQYJKoUDBwECAQIBBggqhQMHAQECAwRCBECjFpvp\n"

- "B0vdc7u59b99TCNXhHiB69JJtUjvieNkGYJpoaaIvoKZTNCjpSZASsZcQZCHOTof\n"

- "hsQ3JCCy4xnd5jWT\n"

- "-----END PRIVATE KEY-----\n";

-

-static const char gost12_512_sig[] =

-    "\x52\x4f\xa2\x77\x51\xd2\xc5\xef\xd3\xa3\x99\x4e\xec\xff\xc6\xe9\xfc\x2f\xc0\x28\x42\x03\x95\x6c\x9a\x38\xee\xea\x89\x79\xae\x1a\xc3\x68\x5e\xe4\x15\x15\x4b\xec\x0f\xf1\x7e\x0f\xba\x01\xc7\x84\x16\xc7\xb5\xac\x9d\x0c\x22\xdd\x31\xf7\xb0\x9b\x59\x4b\xf0\x02\xa8\x7d\xfd\x6d\x02\x43\xc7\x4f\x65\xbd\x84\x5c\x54\x91\xba\x75\x9f\x5a\x61\x19\x5c\x9a\x10\x78\x34\xa0\xa6\xf6\xdc\xb6\xb0\x50\x22\x38\x5f\xb0\x16\x66\xf1\xd5\x46\x00\xd5\xe2\xa8\xe5\xd2\x11\x5f\xd1\xbe\x6e\xac\xb2\x9c\x14\x34\x96\xe7\x58\x94\xb8\xf4\x5f";

-

 static int test_known_sig(gnutls_pk_algorithm_t pk, unsigned bits,

 			  gnutls_digest_algorithm_t dig,

 			  const void *privkey, size_t privkey_size,

-- 

2.20.1

From 4b04d899849ea566ae33862289276d9b297cd493 Mon Sep 17 00:00:00 2001

From: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>

Date: Wed, 3 Apr 2019 13:44:56 +0200

Subject: [PATCH 2/7] crypto-selftests-pk.c: Add a comparison with a known

 signature

For RSA, compare the generated signature with a stored known value in

test_sig().

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>

---

 lib/crypto-selftests-pk.c | 13 +++++++++++++

 1 file changed, 13 insertions(+)

diff --git a/lib/crypto-selftests-pk.c b/lib/crypto-selftests-pk.c

index 4fadd4161..0233e6b9f 100644

--- a/lib/crypto-selftests-pk.c

+++ b/lib/crypto-selftests-pk.c

@@ -313,6 +313,7 @@ static int test_sig(gnutls_pk_algorithm_t pk,

 {

 	int ret;

 	gnutls_datum_t sig = { NULL, 0 };

+	gnutls_datum_t known_sig = { NULL, 0 };

 	gnutls_datum_t raw_rsa_key = { (void*)rsa_key2048, sizeof(rsa_key2048)-1 };

 	gnutls_datum_t raw_dsa_key = { (void*)dsa_key, sizeof(dsa_key)-1 };

 	gnutls_datum_t raw_ecc_key = { (void*)ecc_key, sizeof(ecc_key)-1 };

@@ -343,6 +344,8 @@ static int test_sig(gnutls_pk_algorithm_t pk,

 	}

 	if (pk == GNUTLS_PK_RSA) {

+		known_sig.data = (void *)rsa_sig;

+		known_sig.size = sizeof(rsa_sig) - 1;

 		ret = gnutls_privkey_import_x509_raw(key, &raw_rsa_key, GNUTLS_X509_FMT_PEM, NULL, 0);

 	} else if (pk == GNUTLS_PK_RSA_PSS) {

 		ret = gnutls_privkey_import_x509_raw(key, &raw_rsa_key, GNUTLS_X509_FMT_PEM, NULL, 0);

@@ -378,6 +381,16 @@ static int test_sig(gnutls_pk_algorithm_t pk,

 		goto cleanup;

 	}

+	/* Compare with a stored known signature */

+	if (known_sig.data != NULL) {

+		if (sig.size != known_sig.size

+			|| memcmp(sig.data, known_sig.data, sig.size) != 0) {

+			ret = GNUTLS_E_SELF_TEST_ERROR;

+			gnutls_assert();

+			goto cleanup;

+		}

+	}

+

 	ret =

 	    gnutls_pubkey_verify_data2(pub, sigalgo, 0,

 				       &signed_data, &sig);

-- 

2.20.1

From 2123049ab9b963ef0ba108ed1cb180016bd672ab Mon Sep 17 00:00:00 2001

From: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>

Date: Wed, 17 Apr 2019 17:22:40 +0200

Subject: [PATCH 3/7] nettle/pk.c: Do not call gnutls_rnd() during self tests

When the library state is LIB_STATE_SELFTEST, use constant data instead

of calling gnutls_rnd().  This prevents the library to block if there is

insufficient entropy during FIPS self tests.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>

---

 lib/nettle/pk.c | 41 ++++++++++++++++++++++++++++++++++-------

 1 file changed, 34 insertions(+), 7 deletions(-)

diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c

index 08117c2d8..64633cc73 100644

--- a/lib/nettle/pk.c

+++ b/lib/nettle/pk.c

@@ -60,6 +60,33 @@

 static inline const struct ecc_curve *get_supported_nist_curve(int curve);

 static inline const struct ecc_curve *get_supported_gost_curve(int curve);

+/* Fill the buffer with data for testing purposes.

+ * This should be called only during self tests.

+ */

+static int _pk_fill_buffer(void *buffer, size_t length)

+{

+	if (_gnutls_get_lib_state() != LIB_STATE_SELFTEST) {

+		return gnutls_assert_val(GNUTLS_E_RANDOM_FAILED);

+	}

+

+	memset(buffer, 0xAA, length);

+

+	return 0;

+}

+

+static int _pk_rnd(gnutls_rnd_level_t level, void *data, size_t len)

+{

+	int ret;

+

+	if (_gnutls_get_lib_state() == LIB_STATE_SELFTEST) {

+		ret = _pk_fill_buffer(data, len);

+	} else {

+		ret = gnutls_rnd(level, data, len);

+	}

+

+	return ret;

+}

+

 /* When these callbacks are used for a nettle operation, the

  * caller must check the macro HAVE_LIB_ERROR() after the operation

  * is complete. If the macro is true, the operation is to be considered

@@ -67,21 +94,21 @@ static inline const struct ecc_curve *get_supported_gost_curve(int curve);

  */

 static void rnd_key_func(void *_ctx, size_t length, uint8_t * data)

 {

-	if (gnutls_rnd(GNUTLS_RND_KEY, data, length) < 0) {

+	if (_pk_rnd(GNUTLS_RND_KEY, data, length) < 0) {

 		_gnutls_switch_lib_state(LIB_STATE_ERROR);

 	}

 }

 static void rnd_tmpkey_func(void *_ctx, size_t length, uint8_t * data)

 {

-	if (gnutls_rnd(GNUTLS_RND_RANDOM, data, length) < 0) {

+	if (_pk_rnd(GNUTLS_RND_RANDOM, data, length) < 0) {

 		_gnutls_switch_lib_state(LIB_STATE_ERROR);

 	}

 }

 static void rnd_nonce_func(void *_ctx, size_t length, uint8_t * data)

 {

-	if (gnutls_rnd(GNUTLS_RND_NONCE, data, length) < 0) {

+	if (_pk_rnd(GNUTLS_RND_NONCE, data, length) < 0) {

 		_gnutls_switch_lib_state(LIB_STATE_ERROR);

 	}

 }

@@ -650,7 +677,7 @@ _rsa_pss_sign_digest_tr(gnutls_digest_algorithm_t dig,

 		if (salt == NULL)

 			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);

-		ret = gnutls_rnd(GNUTLS_RND_NONCE, salt, salt_size);

+		ret = _pk_rnd(GNUTLS_RND_NONCE, salt, salt_size);

 		if (ret < 0) {

 			gnutls_assert();

 			goto cleanup;

@@ -1732,7 +1759,7 @@ gnutls_x509_spki_st spki;

 		_gnutls_dsa_q_to_hash(params, &hash_len);

 		gen_data = gnutls_malloc(hash_len);

-		gnutls_rnd(GNUTLS_RND_NONCE, gen_data, hash_len);

+		_pk_rnd(GNUTLS_RND_NONCE, gen_data, hash_len);

 		ddata.data = (void*)gen_data;

 		ddata.size = hash_len;

@@ -2101,7 +2128,7 @@ wrap_nettle_pk_generate_keys(gnutls_pk_algorithm_t algo,

 				goto fail;

 			}

-			ret = gnutls_rnd(rnd_level, params->raw_priv.data, size);

+			ret = _pk_rnd(rnd_level, params->raw_priv.data, size);

 			if (ret < 0) {

 				ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);

 				goto fail;

@@ -2240,7 +2267,7 @@ wrap_nettle_pk_generate_keys(gnutls_pk_algorithm_t algo,

 				goto fail;

 			}

-			ret = gnutls_rnd(rnd_level, params->raw_priv.data, size);

+			ret = _pk_rnd(rnd_level, params->raw_priv.data, size);

 			if (ret < 0) {

 				ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);

 				goto fail;

-- 

2.20.1

From db2b308fdbe98420b722eaf678c1a911bc51b0a5 Mon Sep 17 00:00:00 2001

From: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>

Date: Thu, 18 Apr 2019 17:22:18 +0200

Subject: [PATCH 4/7] tests: Run rng-no-onload test in FIPS mode

This changes the function used in the test to override gnutls_rnd() to

fill the given buffer with a different value each time it is called.

This allows the test to run when FIPS mode is enabled.

Previously the rng-no-onload test could get stuck if FIPS mode was

enabled.  This happened if gnutls_rnd() function was called during

global_init() in a loop that checks the generated value (e.g. if ECDSA

signature generation is called during self tests).

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>

---

 tests/rng-no-onload.c | 12 +++++++-----

 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/tests/rng-no-onload.c b/tests/rng-no-onload.c

index ac01be214..a485a440d 100644

--- a/tests/rng-no-onload.c

+++ b/tests/rng-no-onload.c

@@ -50,18 +50,20 @@ static int _rnd_called = 0;

 int __attribute__ ((visibility ("protected")))

 gnutls_rnd(gnutls_rnd_level_t level, void *data, size_t len)

 {

+	static unsigned int value = 0;

+

 	_rnd_called = 1;

-	memset(data, 0xff, len);

+	/* Increment 'value' in each call up to 255, then start again from 0 */

+	value = (value + 1) & 0xFF;

+

+	memset(data, value, len);

+

 	return 0;

 }

 void doit(void)

 {

-	if (gnutls_fips140_mode_enabled()) {

-		exit(77);

-	}

-

 	global_init();

 	if (_rnd_called != 0)

-- 

2.20.1

From fc926cd65f1de06f359315c6693c1a9c9899ba8c Mon Sep 17 00:00:00 2001

From: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>

Date: Thu, 4 Apr 2019 15:45:02 +0200

Subject: [PATCH 5/7] crypto-selftests-pk.c: Fix test_known_sig

Previously a new signature was generated only for deterministic

algorithms (i.e. only RSA).  With this, a new signature is always

generated (and compared with a stored signature for deterministic

algorithms).  The signature verification is tested for both generated

and stored signatures.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>

---

 lib/crypto-selftests-pk.c | 31 ++++++++++++++++++++-----------

 1 file changed, 20 insertions(+), 11 deletions(-)

diff --git a/lib/crypto-selftests-pk.c b/lib/crypto-selftests-pk.c

index 0233e6b9f..ba8f5e376 100644

--- a/lib/crypto-selftests-pk.c

+++ b/lib/crypto-selftests-pk.c

@@ -475,19 +475,17 @@ static int test_known_sig(gnutls_pk_algorithm_t pk, unsigned bits,

 		goto cleanup;

 	}

-	/* Test if the signature we generate matches the stored */

+	ret = gnutls_privkey_sign_data(key, dig, 0, &signed_data, &sig);

+	if (ret < 0) {

+		gnutls_assert();

+		goto cleanup;

+	}

+

+	/* Test if the generated signature matches the stored */

 	ssig.data = (void *) stored_sig;

 	ssig.size = stored_sig_size;

 	if (deterministic_sigs != 0) {	/* do not compare against stored signature if not provided */

-		ret =

-		    gnutls_privkey_sign_data(key, dig, 0, &signed_data,

-					     &sig);

-		if (ret < 0) {

-			gnutls_assert();

-			goto cleanup;

-		}

-

 		if (sig.size != ssig.size

 		    || memcmp(sig.data, ssig.data, sig.size) != 0) {

 			ret = GNUTLS_E_SELF_TEST_ERROR;

@@ -507,7 +505,7 @@ static int test_known_sig(gnutls_pk_algorithm_t pk, unsigned bits,

 		}

 	}

-	/* Test if we can verify the signature */

+	/* Test if we can verify the generated signature */

 	ret = gnutls_pubkey_import_privkey(pub, key, 0, 0);

 	if (ret < 0) {

@@ -515,6 +513,17 @@ static int test_known_sig(gnutls_pk_algorithm_t pk, unsigned bits,

 		goto cleanup;

 	}

+	ret =

+	    gnutls_pubkey_verify_data2(pub, gnutls_pk_to_sign(pk, dig), 0,

+				       &signed_data, &sig);

+	if (ret < 0) {

+		ret = GNUTLS_E_SELF_TEST_ERROR;

+		gnutls_assert();

+		goto cleanup;

+	}

+

+	/* Test if we can verify the stored signature */

+

 	ret =

 	    gnutls_pubkey_verify_data2(pub, gnutls_pk_to_sign(pk, dig), 0,

 				       &signed_data, &ssig);

@@ -528,7 +537,7 @@ static int test_known_sig(gnutls_pk_algorithm_t pk, unsigned bits,

 	ret =

 	    gnutls_pubkey_verify_data2(pub, gnutls_pk_to_sign(pk, dig), 0,

-				       &bad_data, &ssig);

+				       &bad_data, &sig);

 	if (ret != GNUTLS_E_PK_SIG_VERIFY_FAILED) {

 		ret = GNUTLS_E_SELF_TEST_ERROR;

-- 

2.20.1

From 7e49999db264556ac73ff498bd8f7edce401cdd1 Mon Sep 17 00:00:00 2001

From: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>

Date: Thu, 4 Apr 2019 17:22:04 +0200

Subject: [PATCH 6/7] crypto-selftests-pk.c: Fix PK_KNOWN_TEST and PK_TEST

Remove the flag check from the end of the macros.  This change allows

more than one test to run in sequence when GNUTLS_SELF_TEST_FLAG_ALL is

not set.  Move the flags checks to run the minimal set of tests required

for FIPS and keep the previous behaviour for GOST (run the first test

for each algorithm).

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>

---

 lib/crypto-selftests-pk.c | 37 ++++++++++++++++++++-----------------

 1 file changed, 20 insertions(+), 17 deletions(-)

diff --git a/lib/crypto-selftests-pk.c b/lib/crypto-selftests-pk.c

index ba8f5e376..fc8ee2525 100644

--- a/lib/crypto-selftests-pk.c

+++ b/lib/crypto-selftests-pk.c

@@ -568,18 +568,14 @@ static int test_known_sig(gnutls_pk_algorithm_t pk, unsigned bits,

 			if (ret < 0) { \

 				gnutls_assert(); \

 				goto cleanup; \

-			} \

-			if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL)) \

-				return 0

+			}

 #define PK_KNOWN_TEST(pk, det, bits, dig, pkey, sig) \

 			ret = test_known_sig(pk, bits, dig, pkey, sizeof(pkey)-1, sig, sizeof(sig)-1, det); \

 			if (ret < 0) { \

 				gnutls_assert(); \

 				goto cleanup; \

-			} \

-			if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL)) \

-				return 0

+			}

 /* This file is also included by the test app in tests/slow/cipher-test, so in that

@@ -812,11 +808,12 @@ int gnutls_pk_self_test(unsigned flags, gnutls_pk_algorithm_t pk)

 		PK_KNOWN_TEST(GNUTLS_PK_RSA, 1, 2048, GNUTLS_DIG_SHA256,

 			      rsa_key2048, rsa_sig);

 		PK_TEST(GNUTLS_PK_RSA, test_rsa_enc, 2048, 0);

-		PK_TEST(GNUTLS_PK_RSA, test_sig, 3072, GNUTLS_SIGN_RSA_SHA256);

 		if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL))

 			return 0;

+		PK_TEST(GNUTLS_PK_RSA, test_sig, 3072, GNUTLS_SIGN_RSA_SHA256);

+

 		FALLTHROUGH;

 	case GNUTLS_PK_RSA_PSS:

 		PK_TEST(GNUTLS_PK_RSA_PSS, test_sig, 2048, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256);

@@ -828,11 +825,12 @@ int gnutls_pk_self_test(unsigned flags, gnutls_pk_algorithm_t pk)

 	case GNUTLS_PK_DSA:

 		PK_KNOWN_TEST(GNUTLS_PK_DSA, 0, 2048, GNUTLS_DIG_SHA256,

 			      dsa_privkey, dsa_sig);

-		PK_TEST(GNUTLS_PK_DSA, test_sig, 3072, GNUTLS_SIGN_DSA_SHA256);

 		if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL))

 			return 0;

+		PK_TEST(GNUTLS_PK_DSA, test_sig, 3072, GNUTLS_SIGN_DSA_SHA256);

+

 		FALLTHROUGH;

 	case GNUTLS_PK_EC:

 		/* Test ECDH and ECDSA */

@@ -850,13 +848,14 @@ int gnutls_pk_self_test(unsigned flags, gnutls_pk_algorithm_t pk)

 			      (GNUTLS_ECC_CURVE_SECP256R1),

 			      GNUTLS_DIG_SHA256, ecdsa_secp256r1_privkey,

 			      ecdsa_secp256r1_sig);

-		PK_TEST(GNUTLS_PK_EC, test_sig,

-			GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP256R1),

-			GNUTLS_SIGN_ECDSA_SHA256);

 		if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL))

 			return 0;

+		PK_TEST(GNUTLS_PK_EC, test_sig,

+			GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP256R1),

+			GNUTLS_SIGN_ECDSA_SHA256);

+

 		PK_KNOWN_TEST(GNUTLS_PK_EC, 0,

 			      GNUTLS_CURVE_TO_BITS

 			      (GNUTLS_ECC_CURVE_SECP384R1),

@@ -900,31 +899,35 @@ int gnutls_pk_self_test(unsigned flags, gnutls_pk_algorithm_t pk)

 	case GNUTLS_PK_GOST_01:

 		PK_KNOWN_TEST(GNUTLS_PK_GOST_01, 0, GNUTLS_ECC_CURVE_GOST256CPA, GNUTLS_DIG_GOSTR_94,

 			      gost01_privkey, gost01_sig);

-		PK_TEST(GNUTLS_PK_GOST_01, test_sig, GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_GOST256CPA),

-			GNUTLS_SIGN_GOST_94);

 		if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL))

 			return 0;

+		PK_TEST(GNUTLS_PK_GOST_01, test_sig, GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_GOST256CPA),

+			GNUTLS_SIGN_GOST_94);

+

 		FALLTHROUGH;

 	case GNUTLS_PK_GOST_12_256:

 		PK_KNOWN_TEST(GNUTLS_PK_GOST_12_256, 0, GNUTLS_ECC_CURVE_GOST256CPA, GNUTLS_DIG_STREEBOG_256,

 			      gost12_256_privkey, gost12_256_sig);

-		PK_TEST(GNUTLS_PK_GOST_12_256, test_sig, GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_GOST256CPA),

-			GNUTLS_SIGN_GOST_256);

 		if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL))

 			return 0;

+		PK_TEST(GNUTLS_PK_GOST_12_256, test_sig, GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_GOST256CPA),

+			GNUTLS_SIGN_GOST_256);

+

 		FALLTHROUGH;

 	case GNUTLS_PK_GOST_12_512:

 		PK_KNOWN_TEST(GNUTLS_PK_GOST_12_512, 0, GNUTLS_ECC_CURVE_GOST512A, GNUTLS_DIG_STREEBOG_512,

 			      gost12_512_privkey, gost12_512_sig);

-		PK_TEST(GNUTLS_PK_GOST_12_512, test_sig, GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_GOST512A),

-			GNUTLS_SIGN_GOST_512);

 		if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL))

 			return 0;

+

+		PK_TEST(GNUTLS_PK_GOST_12_512, test_sig, GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_GOST512A),

+			GNUTLS_SIGN_GOST_512);

+

 #endif

 		break;

-- 

2.20.1

From c2e83d2110b98d93588f1b6187bc932feb958ca4 Mon Sep 17 00:00:00 2001

From: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>

Date: Mon, 8 Apr 2019 14:21:57 +0200

Subject: [PATCH 7/7] crypto-selftests-pk.c: Cleanup self tests

test_sig() always uses the same key for RSA, DSA, and ECDSA regardless

of the value provided in the "bits" parameter.  Therefore, avoid

printing specific information (number of bits or name of the curve).

Changes test_sig() to use 2048 bits key for DSA; deleted hardcoded 512

bits DSA key;

Avoid calling test_sig() multiple times for ECDSA: the same key is

used regardless of the curve provided in the parameters.