add a test-decipher command

test-decipher will for rsa do public encrypt on a random string and let
the key decrypt
for ec it will generate a new ec key and do ecdh and confirm it gets the
same answer back
This commit is contained in:
Klas Lindfors
2015-05-19 14:22:26 +02:00
parent 63345d1b3e
commit 3d0ff7b969
5 changed files with 185 additions and 12 deletions
+36 -11
View File
@@ -498,11 +498,10 @@ ykpiv_rc ykpiv_hex_decode(const char *hex_in, size_t in_len,
return YKPIV_OK;
}
ykpiv_rc ykpiv_sign_data(ykpiv_state *state,
static ykpiv_rc _general_authenticate(ykpiv_state *state,
const unsigned char *raw_in, size_t in_len,
unsigned char *sign_out, size_t *out_len,
unsigned char algorithm, unsigned char key) {
unsigned char *out, size_t *out_len,
unsigned char algorithm, unsigned char key, bool decipher) {
unsigned char indata[1024];
unsigned char *dataptr = indata;
unsigned char data[1024];
@@ -522,14 +521,23 @@ ykpiv_rc ykpiv_sign_data(ykpiv_state *state,
if(pad_len == 0) {
pad_len = 256;
}
if(in_len + RSA_PKCS1_PADDING_SIZE > pad_len) {
return YKPIV_SIZE_ERROR;
if(!decipher) {
if(in_len + RSA_PKCS1_PADDING_SIZE > pad_len) {
return YKPIV_SIZE_ERROR;
}
RSA_padding_add_PKCS1_type_1(sign_in, pad_len, raw_in, in_len);
in_len = pad_len;
} else {
if(in_len != pad_len) {
return YKPIV_SIZE_ERROR;
}
memcpy(sign_in, raw_in, in_len);
}
RSA_padding_add_PKCS1_type_1(sign_in, pad_len, raw_in, in_len);
in_len = pad_len;
break;
case YKPIV_ALGO_ECCP256:
if(in_len > 32) {
if(!decipher && in_len > 32) {
return YKPIV_SIZE_ERROR;
} else if(decipher && in_len != 65) {
return YKPIV_SIZE_ERROR;
}
memcpy(sign_in, raw_in, in_len);
@@ -550,7 +558,7 @@ ykpiv_rc ykpiv_sign_data(ykpiv_state *state,
dataptr += set_length(dataptr, in_len + bytes + 3);
*dataptr++ = 0x82;
*dataptr++ = 0x00;
*dataptr++ = 0x81;
*dataptr++ = algorithm == YKPIV_ALGO_ECCP256 && decipher ? 0x85 : 0x81;
dataptr += set_length(dataptr, in_len);
memcpy(dataptr, sign_in, (size_t)in_len);
dataptr += in_len;
@@ -592,10 +600,27 @@ ykpiv_rc ykpiv_sign_data(ykpiv_state *state,
return YKPIV_SIZE_ERROR;
}
*out_len = len;
memcpy(sign_out, dataptr, len);
memcpy(out, dataptr, len);
return YKPIV_OK;
}
ykpiv_rc ykpiv_sign_data(ykpiv_state *state,
const unsigned char *raw_in, size_t in_len,
unsigned char *sign_out, size_t *out_len,
unsigned char algorithm, unsigned char key) {
return _general_authenticate(state, raw_in, in_len, sign_out, out_len,
algorithm, key, false);
}
ykpiv_rc ykpiv_decipher_data(ykpiv_state *state, const unsigned char *in,
size_t in_len, unsigned char *out, size_t *out_len,
unsigned char algorithm, unsigned char key) {
return _general_authenticate(state, in, in_len, out, out_len,
algorithm, key, true);
}
ykpiv_rc ykpiv_get_version(ykpiv_state *state, char *version, size_t len) {
APDU apdu;
unsigned char data[0xff];