From 42099c31552736713aba21103fc8bb9b84ea9a83 Mon Sep 17 00:00:00 2001 From: Paul Bakker Date: Mon, 27 Jan 2014 11:45:49 +0100 Subject: [PATCH] Revert "Add pk_rsa_set_padding() and rsa_set_padding()" This reverts commit b4fae579e8fd72b5e57864d28b5b2c07bad5ce27. Conflicts: library/pk.c tests/suites/test_suite_pk.data tests/suites/test_suite_pk.function --- ChangeLog | 2 -- include/polarssl/pk.h | 22 +------------------ include/polarssl/rsa.h | 19 +--------------- library/pk.c | 16 -------------- library/rsa.c | 11 ---------- tests/suites/test_suite_pk.data | 15 ++++--------- tests/suites/test_suite_pk.function | 34 +++++------------------------ 7 files changed, 12 insertions(+), 107 deletions(-) diff --git a/ChangeLog b/ChangeLog index 96b93cc86..60fd78e54 100644 --- a/ChangeLog +++ b/ChangeLog @@ -5,8 +5,6 @@ Features * Support for the Koblitz curves: secp192k1, secp224k1, secp256k1 * Support for RIPEMD-160 * Support for AES CFB8 mode - * Allow for use of PKCS#1 v2.1 via the PK layer (pk_rsa_set_padding() and - rsa_set_padding()) Bugfix * Potential memory leak in bignum_selftest() diff --git a/include/polarssl/pk.h b/include/polarssl/pk.h index 8b844714e..013d9736a 100644 --- a/include/polarssl/pk.h +++ b/include/polarssl/pk.h @@ -222,31 +222,11 @@ void pk_free( pk_context *ctx ); * POLARSSL_ERR_PK_BAD_INPUT_DATA on invalid input, * POLARSSL_ERR_PK_MALLOC_FAILED on allocation failure. * - * \note For RSA contexts, padding defaults to PKCS_V15. - * Use pk_rsa_set_padding() to change it. - * - * \note To create a context holding an RSA-alt key, use + * \note For contexts holding an RSA-alt key, use * \c pk_init_ctx_rsa_alt() instead. */ int pk_init_ctx( pk_context *ctx, const pk_info_t *info ); -#if defined(POLARSSL_RSA_C) -/** - * \brief Set the padding method for an RSA key - * - * Note: Set padding to RSA_PKCS_V21 for the RSAES-OAEP - * encryption scheme and the RSASSA-PSS signature scheme. - * - * \param ctx PK context to be set - * \param padding RSA_PKCS_V15 or RSA_PKCS_V21 - * \param hash_id RSA_PKCS_V21 hash identifier - * - * \note The hash_id parameter is actually ignored - * when using RSA_PKCS_V15 padding. - */ -int pk_rsa_set_padding( pk_context *ctx, int padding, int hash_id ); -#endif /* POLARSSL_RSA_C */ - /** * \brief Initialize an RSA-alt context * diff --git a/include/polarssl/rsa.h b/include/polarssl/rsa.h index 47315a32a..504dde24d 100644 --- a/include/polarssl/rsa.h +++ b/include/polarssl/rsa.h @@ -125,24 +125,7 @@ rsa_context; */ void rsa_init( rsa_context *ctx, int padding, - int hash_id ); - -/** - * \brief Set the padding method on an initilized RSA context. - * - * Note: Set padding to RSA_PKCS_V21 for the RSAES-OAEP - * encryption scheme and the RSASSA-PSS signature scheme. - * - * \param ctx RSA context to be set - * \param padding RSA_PKCS_V15 or RSA_PKCS_V21 - * \param hash_id RSA_PKCS_V21 hash identifier - * - * \note The hash_id parameter is actually ignored - * when using RSA_PKCS_V15 padding. - */ -void rsa_set_padding( rsa_context *ctx, - int padding, - int hash_id ); + int hash_id); /** * \brief Generate an RSA keypair diff --git a/library/pk.c b/library/pk.c index a1c7c1d2e..80eccc911 100644 --- a/library/pk.c +++ b/library/pk.c @@ -108,22 +108,6 @@ int pk_init_ctx( pk_context *ctx, const pk_info_t *info ) return( 0 ); } -#if defined(POLARSSL_RSA_C) -/* - * Set RSA padding - */ -int pk_rsa_set_padding( pk_context *ctx, int padding, int hash_id ) -{ - if( ctx == NULL || ctx->pk_info == NULL || - ctx->pk_info->type != POLARSSL_PK_RSA ) - return( POLARSSL_ERR_PK_BAD_INPUT_DATA ); - - rsa_set_padding( pk_rsa( *ctx ), padding, hash_id ); - - return( 0 ); -} -#endif /* POLARSSL_RSA_C */ - /* * Initialize an RSA-alt context */ diff --git a/library/rsa.c b/library/rsa.c index 75cae7ec9..8ec7aabb0 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -60,17 +60,6 @@ void rsa_init( rsa_context *ctx, #endif } -/* - * Set padding method after initialisation - */ -void rsa_set_padding( rsa_context *ctx, - int padding, - int hash_id) -{ - ctx->padding = padding; - ctx->hash_id = hash_id; -} - #if defined(POLARSSL_GENPRIME) /* diff --git a/tests/suites/test_suite_pk.data b/tests/suites/test_suite_pk.data index 3821bae79..e07495a41 100644 --- a/tests/suites/test_suite_pk.data +++ b/tests/suites/test_suite_pk.data @@ -14,20 +14,13 @@ PK utils: ECDSA depends_on:POLARSSL_ECDSA_C:POLARSSL_ECP_DP_SECP192R1_ENABLED pk_utils:POLARSSL_PK_ECDSA:192:24:"ECDSA" -PK RSA padding: RSA (ok) -pk_set_rsa_padding:POLARSSL_PK_RSA:RSA_PKCS_V21:POLARSSL_MD_SHA512:0 - -PK RSA padding: ECKEY (error) -depends_on:POLARSSL_ECP_C -pk_set_rsa_padding:POLARSSL_PK_ECKEY:RSA_PKCS_V21:POLARSSL_MD_SHA512:POLARSSL_ERR_PK_BAD_INPUT_DATA - -RSA verify test vector #1 (v1.5, good) +RSA verify test vector #1 (good) depends_on:POLARSSL_SHA1_C:POLARSSL_PKCS1_V15 -pk_rsa_verify_test_vec:"206ef4bf396c6087f8229ef196fd35f37ccb8de5efcdb238f20d556668f114257a11fbe038464a67830378e62ae9791453953dac1dbd7921837ba98e84e856eb80ed9487e656d0b20c28c8ba5e35db1abbed83ed1c7720a97701f709e3547a4bfcabca9c89c57ad15c3996577a0ae36d7c7b699035242f37954646c1cd5c08ac":POLARSSL_MD_SHA1:RSA_PKCS_V15:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"5abc01f5de25b70867ff0c24e222c61f53c88daf42586fddcd56f3c4588f074be3c328056c063388688b6385a8167957c6e5355a510e005b8a851d69c96b36ec6036644078210e5d7d326f96365ee0648882921492bc7b753eb9c26cdbab37555f210df2ca6fec1b25b463d38b81c0dcea202022b04af5da58aa03d77be949b7":0 +pk_rsa_verify_test_vec:"206ef4bf396c6087f8229ef196fd35f37ccb8de5efcdb238f20d556668f114257a11fbe038464a67830378e62ae9791453953dac1dbd7921837ba98e84e856eb80ed9487e656d0b20c28c8ba5e35db1abbed83ed1c7720a97701f709e3547a4bfcabca9c89c57ad15c3996577a0ae36d7c7b699035242f37954646c1cd5c08ac":POLARSSL_MD_SHA1:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"5abc01f5de25b70867ff0c24e222c61f53c88daf42586fddcd56f3c4588f074be3c328056c063388688b6385a8167957c6e5355a510e005b8a851d69c96b36ec6036644078210e5d7d326f96365ee0648882921492bc7b753eb9c26cdbab37555f210df2ca6fec1b25b463d38b81c0dcea202022b04af5da58aa03d77be949b7":0 -RSA verify test vector #2 (v1.5 bad) +RSA verify test vector #2 (bad) depends_on:POLARSSL_SHA1_C:POLARSSL_PKCS1_V15 -pk_rsa_verify_test_vec:"d6248c3e96b1a7e5fea978870fcc4c9786b4e5156e16b7faef4557d667f730b8bc4c784ef00c624df5309513c3a5de8ca94c2152e0459618666d3148092562ebc256ffca45b27fd2d63c68bd5e0a0aefbe496e9e63838a361b1db6fc272464f191490bf9c029643c49d2d9cd08833b8a70b4b3431f56fb1eb55ccd39e77a9c92":POLARSSL_MD_SHA1:RSA_PKCS_V15:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"3203b7647fb7e345aa457681e5131777f1adc371f2fba8534928c4e52ef6206a856425d6269352ecbf64db2f6ad82397768cafdd8cd272e512d617ad67992226da6bc291c31404c17fd4b7e2beb20eff284a44f4d7af47fd6629e2c95809fa7f2241a04f70ac70d3271bb13258af1ed5c5988c95df7fa26603515791075feccd":POLARSSL_ERR_RSA_VERIFY_FAILED +pk_rsa_verify_test_vec:"d6248c3e96b1a7e5fea978870fcc4c9786b4e5156e16b7faef4557d667f730b8bc4c784ef00c624df5309513c3a5de8ca94c2152e0459618666d3148092562ebc256ffca45b27fd2d63c68bd5e0a0aefbe496e9e63838a361b1db6fc272464f191490bf9c029643c49d2d9cd08833b8a70b4b3431f56fb1eb55ccd39e77a9c92":POLARSSL_MD_SHA1:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"3203b7647fb7e345aa457681e5131777f1adc371f2fba8534928c4e52ef6206a856425d6269352ecbf64db2f6ad82397768cafdd8cd272e512d617ad67992226da6bc291c31404c17fd4b7e2beb20eff284a44f4d7af47fd6629e2c95809fa7f2241a04f70ac70d3271bb13258af1ed5c5988c95df7fa26603515791075feccd":POLARSSL_ERR_RSA_VERIFY_FAILED ECDSA verify test vector #1 (good) depends_on:POLARSSL_ECP_DP_SECP192R1_ENABLED diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 5cdb1c817..85cdb7498 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -55,31 +55,14 @@ void pk_utils( int type, int size, int len, char *name ) /* END_CASE */ /* BEGIN_CASE depends_on:POLARSSL_RSA_C */ -void pk_set_rsa_padding( int type, int padding, int hash_id, int ret ) -{ - pk_context pk; - unsigned char hash[50], sig[5000]; - - pk_init( &pk ); - - memset( hash, 0x2a, sizeof hash ); - memset( sig, 0, sizeof sig ); - - TEST_ASSERT( pk_init_ctx( &pk, pk_info_from_type( type ) ) == 0 ); - TEST_ASSERT( pk_rsa_set_padding( &pk, padding, hash_id ) == ret ); - - pk_free( &pk ); -} -/* END_CASE */ - -/* BEGIN_CASE depends_on:POLARSSL_RSA_C */ -void pk_rsa_verify_test_vec( char *message_hex_string, int digest, int scheme, +void pk_rsa_verify_test_vec( char *message_hex_string, int digest, int mod, int radix_N, char *input_N, int radix_E, char *input_E, char *result_hex_str, int result ) { unsigned char message_str[1000]; unsigned char hash_result[1000]; unsigned char result_str[1000]; + rsa_context *rsa; pk_context pk; int msg_len; @@ -90,16 +73,11 @@ void pk_rsa_verify_test_vec( char *message_hex_string, int digest, int scheme, memset( result_str, 0x00, 1000 ); TEST_ASSERT( pk_init_ctx( &pk, pk_info_from_type( POLARSSL_PK_RSA ) ) == 0 ); - TEST_ASSERT( pk_rsa_set_padding( &pk, scheme, digest ) == 0 ); + rsa = pk_rsa( pk ); - /* Set RSA key manually */ - { - rsa_context *rsa = pk_rsa( pk ); - - rsa->len = mod / 8; - TEST_ASSERT( mpi_read_string( &rsa->N, radix_N, input_N ) == 0 ); - TEST_ASSERT( mpi_read_string( &rsa->E, radix_E, input_E ) == 0 ); - } + rsa->len = mod / 8; + TEST_ASSERT( mpi_read_string( &rsa->N, radix_N, input_N ) == 0 ); + TEST_ASSERT( mpi_read_string( &rsa->E, radix_E, input_E ) == 0 ); msg_len = unhexify( message_str, message_hex_string ); unhexify( result_str, result_hex_str );