Nikos Mavrogiannopoulos n.mavrogiannopoulos@gmail.com writes:
In any case the attached patch set should address all your comments.
Thanks.
From 9a59ad5a3d96bde3be81c9542328403a958a442d Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos nmav@redhat.com Date: Thu, 3 Sep 2015 10:20:37 +0200 Subject: [PATCH 1/3] Enhanced rsa_pkcs1_sign_tr() to protect against HW/software errors
Applied (not yet pushed, though).
From 363c217483f7d92e77d251317642434b5e76e9f0 Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos nmav@redhat.com Date: Thu, 3 Sep 2015 10:43:13 +0200 Subject: [PATCH 2/3] testsuite: Added tests for rsa_pkcs1_sign_tr()
Applied with some tweaks, see below.
testsuite/Makefile.in | 2 +- testsuite/rsa-sign-tr.c | 194 ++++++++++++++++++++++++++++++++++++++++++++++++ testsuite/testutils.h | 7 ++ 3 files changed, 202 insertions(+), 1 deletion(-) create mode 100644 testsuite/rsa-sign-tr.c
diff --git a/testsuite/Makefile.in b/testsuite/Makefile.in index 426fe1a..6711628 100644 --- a/testsuite/Makefile.in +++ b/testsuite/Makefile.in @@ -35,7 +35,7 @@ TS_NETTLE_SOURCES = aes-test.c arcfour-test.c arctwo-test.c \ TS_HOGWEED_SOURCES = sexp-test.c sexp-format-test.c \ rsa2sexp-test.c sexp2rsa-test.c \ bignum-test.c random-prime-test.c \
pkcs1-test.c \
pkcs1-test.c rsa-sign-tr.c \ rsa-test.c rsa-encrypt-test.c rsa-keygen-test.c \ dsa-test.c dsa-keygen-test.c \ curve25519-dh-test.c \
This needs a make test-rules, to also update the included .test-rules.make.
I also renamed the file to rsa-sign-tr-test.c, for consistency with the other tests.
diff --git a/testsuite/rsa-sign-tr.c b/testsuite/rsa-sign-tr.c new file mode 100644 index 0000000..fbe8e5c --- /dev/null +++ b/testsuite/rsa-sign-tr.c @@ -0,0 +1,194 @@ +#include "testutils.h" +#include "knuth-lfib.h" +#include "nettle-internal.h"
+#define MSG1 ((uint8_t*)"None so blind as those who will not see") +#define MSG2 ((uint8_t*)"Fortune knocks once at every man's door")
[...]
- test_rsa_sign_tr(&pub, &key, sizeof(MSG1)-1, MSG1, expected);
sizeof here returns sizeof (uint8_t *), which isn't what you want... I'll fix (not done yet).
--- a/testsuite/testutils.h +++ b/testsuite/testutils.h @@ -190,6 +190,13 @@ test_rsa_set_key_1(struct rsa_public_key *pub, struct rsa_private_key *key);
void +test_rsa_tr(struct rsa_public_key *pub,
struct rsa_private_key *key,unsigned di_length,const uint8_t *di,mpz_t expected);+void
This looks like is a leftover from the previous version of the patch? I dropped this part.
From f932d48c010a0b87260df8757183f6f68b32a726 Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos nmav@redhat.com Date: Thu, 3 Sep 2015 11:55:19 +0200 Subject: [PATCH 3/3] doc: mention rsa_pkcs1_sign_tr() and rsa_pkcs1_verify()
I haven't gotten to the docs yet.
Regards, /Niels