[gnutls-devel] GnuTLS | Improve FIPS signatures self-tests (!1206)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Wed Mar 11 13:31:49 CET 2020

Anderson Sasaki created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1206

Project:Branches: ansasaki/gnutls:improve_fips_selftests to gnutls/gnutls:master
Author:    Anderson Sasaki

This supersedes !1073

The goal of this patch set is to fix some bugs and clarify what are the tests actually executed for signing algorithms during the FIPS power-on self-tests. It addresses few bugs which could misguide the reader:

*  The ``PK_KNOWN_TEST`` and ``PK_TEST`` macros included the check for ``GNUTLS_SELF_TEST_FLAG_ALL``. If more than one test was declared in a sequence, only the first one would be executed when the flag was not set. The macros were changed to not check the  ``GNUTLS_SELF_TEST_FLAG_ALL``, allowing more than one test to be executed in sequence.
*  The ``test_sig()`` function always uses the same key regardless the value provided in the ``bits`` parameter. The value given in the ``bits`` parameter only changes the output message. Thus, calling ``test_sig()`` multiple times for a single key type passing different values in ``bits`` would always use the same key, but print messages as if different keys were tested. The code was changed to not call ``test_sig()`` for algorithms tested with ``test_known_sig()`` and to call ``test_sig()`` only once per key type.
*  Previously, the ``test_known_sig()`` would generate signatures only for deterministic algorithms. For non-deterministic algorithms only the verification operation was exercised. The code was changed to call ``test_known_sig()`` only for deterministic algorithms, which can have known answer tests.

Other than the bugs addressed, the following improvements were made:

*  Use deterministic signatures generation for ECDSA and DSA tests. This allows known answer tests to be executed for these algorithms
*  Use 2048 bits long key for DSA tests instead of 512 bits key


*  The RSA-PSS signature verification fails when deterministic signature is generated (with zero salt). Thus, the test for RSA-PSS was not changed to be a known answer test.

## Checklist
 * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author
 * [x] Code modified for feature
 * [ ] Test suite updated with functionality tests
 * [ ] Test suite updated with negative tests
 * [ ] Documentation updated / NEWS entry present (for non-trivial changes)
 * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout)

## Reviewer's checklist:
 * [ ] Any issues marked for closing are addressed
 * [ ] There is a test suite reasonably covering new functionality or modifications
 * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md`
 * [ ] This feature/change has adequate documentation added
 * [ ] No obvious mistakes in the code

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1206
You're receiving this email because of your account on gitlab.com.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20200311/bab9ccdf/attachment-0001.html>

More information about the Gnutls-devel mailing list