aboutsummaryrefslogtreecommitdiff
path: root/GNUmakefile
diff options
context:
space:
mode:
authorRob Austein <sra@hactrn.net>2016-08-10 12:38:36 -0400
committerRob Austein <sra@hactrn.net>2016-08-10 12:38:36 -0400
commit133bb3907f478e3ccc1dc8f8fb15e924f37a0d97 (patch)
treef9437453bd8b7ba33c20982e227a4ba59eaa5d8d /GNUmakefile
parent9cfb3fbc22f3e79ec16a037e2c3140cd9c7c634c (diff)
Add regression test for borked or missing PKCS #1.5 DigestInfo.
Oleg found a cute bug where C_SignUpdate() and C_SignFinal() would generate an incorrect signature which C_VerifyUpdate() and C_VerifyFinal() would think was fine because the verification code had essentially the same bug as the signature code. None of this applied to the (much) more commonly used C_Sign() and C_Verify() functions, which is why nobody noticed until now. Bug fixed in sw/libhal commit 36dfaf0adbddbb9f1f7852911228b3ab24ba01aa but we need a regression test to make sure we don't reintroduce the bug. So we add a test which computes the signature both ways, then verifies it with PyCrypto as well as both ways with our own code. We should probably be doing more comparisons of RSA results with PyCrypto. For ECDSA with non-deterministic signatures it's a bit harder, but more checking against the Python ecdsa library would still be a good idea.
Diffstat (limited to 'GNUmakefile')
0 files changed, 0 insertions, 0 deletions