[svn] gcry - r1328 - trunk/cipher

svn author wk cvs at cvs.gnupg.org
Fri Sep 12 21:00:03 CEST 2008 

Author: wk
Date: 2008-09-12 21:00:03 +0200 (Fri, 12 Sep 2008)
New Revision: 1328

Modified:
   trunk/cipher/ChangeLog
   trunk/cipher/dsa.c
   trunk/cipher/rsa.c
Log:
Add a bad-case test for the key generation.


Modified: trunk/cipher/ChangeLog
===================================================================
--- trunk/cipher/ChangeLog	2008-09-12 14:47:28 UTC (rev 1327)
+++ trunk/cipher/ChangeLog	2008-09-12 19:00:03 UTC (rev 1328)
@@ -1,5 +1,8 @@
 2008-09-12  Werner Koch  <wk at g10code.com>
 
+	* rsa.c (test_keys): Do a bad case signature check.
+	* dsa.c (test_keys): Do a bad case check.
+
 	* cipher.c (_gcry_cipher_selftest): Add arg EXTENDED and pass it
 	to the called tests.
 	* md.c (_gcry_md_selftest): Ditto.
@@ -34,6 +37,7 @@
 	called test.
 	(selftest_fips): Add dummy arg EXTENDED.
 	* rsa.c (run_selftests): Add dummy arg EXTENDED.
+
 	* dsa.c (run_selftests): Add dummy arg EXTENDED.
 
 	* rsa.c (extract_a_from_sexp): New.

Modified: trunk/cipher/dsa.c
===================================================================
--- trunk/cipher/dsa.c	2008-09-12 14:47:28 UTC (rev 1327)
+++ trunk/cipher/dsa.c	2008-09-12 19:00:03 UTC (rev 1328)
@@ -209,6 +209,11 @@
   if ( !verify (sig_a, sig_b, data, &pk) )
     goto leave; /* Signature does not match.  */
 
+  /* Modify the data and check that the signing fails.  */
+  gcry_mpi_add_ui (data, data, 1);
+  if ( verify (sig_a, sig_b, data, &pk) )
+    goto leave; /* Signature matches but should not.  */
+
   result = 0; /* The test succeeded.  */
 
  leave:

Modified: trunk/cipher/rsa.c
===================================================================
--- trunk/cipher/rsa.c	2008-09-12 14:47:28 UTC (rev 1327)
+++ trunk/cipher/rsa.c	2008-09-12 19:00:03 UTC (rev 1328)
@@ -136,6 +136,12 @@
   if (gcry_mpi_cmp (decr_plaintext, plaintext))
     goto leave; /* Signature does not match.  */
 
+  /* Modify the signature and check that the signing fails.  */
+  gcry_mpi_add_ui (signature, signature, 1);
+  public (decr_plaintext, signature, &pk);
+  if (!gcry_mpi_cmp (decr_plaintext, plaintext))
+    goto leave; /* Signature matches but should not.  */
+
   result = 0; /* All tests succeeded.  */
 
  leave:

More information about the Gnupg-commits mailing list