@@ -30,15 +30,18 @@ using namespace mozilla::pkix::test;
3030
3131namespace mozilla { namespace pkix {
3232
33- extern Result CheckSignatureAlgorithm (Input signatureAlgorithmValue,
34- Input signatureValue);
33+ extern Result CheckSignatureAlgorithm (
34+ TrustDomain& trustDomain, EndEntityOrCA endEntityOrCA,
35+ const der::SignedDataWithSignature& signedData,
36+ Input signatureValue);
3537
3638} } // namespace mozilla::pkix
3739
3840struct CheckSignatureAlgorithmTestParams
3941{
4042 ByteString signatureAlgorithmValue;
4143 ByteString signatureValue;
44+ unsigned int signatureLengthInBytes;
4245 Result expectedResult;
4346};
4447
@@ -76,86 +79,110 @@ static const CheckSignatureAlgorithmTestParams
7679 { // Both algorithm IDs are empty
7780 ByteString (),
7881 ByteString (),
82+ 2048 / 8 ,
7983 Result::ERROR_BAD_DER ,
8084 },
8185 { // signatureAlgorithm is empty, signature is supported.
8286 ByteString (),
8387 BS (tlv_sha256WithRSAEncryption),
88+ 2048 / 8 ,
8489 Result::ERROR_BAD_DER ,
8590 },
8691 { // signatureAlgorithm is supported, signature is empty.
8792 BS (tlv_sha256WithRSAEncryption),
8893 ByteString (),
94+ 2048 / 8 ,
8995 Result::ERROR_BAD_DER ,
9096 },
9197 { // Algorithms match, both are supported.
9298 BS (tlv_sha256WithRSAEncryption),
9399 BS (tlv_sha256WithRSAEncryption),
100+ 2048 / 8 ,
94101 Success
95102 },
96103 { // Algorithms do not match because signatureAlgorithm is truncated.
97104 BS (tlv_sha256WithRSAEncryption_truncated),
98105 BS (tlv_sha256WithRSAEncryption),
106+ 2048 / 8 ,
99107 Result::ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED
100108 },
101109 { // Algorithms do not match because signature is truncated.
102110 BS (tlv_sha256WithRSAEncryption),
103111 BS (tlv_sha256WithRSAEncryption_truncated),
112+ 2048 / 8 ,
104113 Result::ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED
105114 },
106115 { // Algorithms do not match, both are supported.
107116 BS (tlv_sha_1WithRSAEncryption),
108117 BS (tlv_sha256WithRSAEncryption),
118+ 2048 / 8 ,
109119 Result::ERROR_SIGNATURE_ALGORITHM_MISMATCH ,
110120 },
111121 { // Algorithms do not match, both are supported.
112122 BS (tlv_sha256WithRSAEncryption),
113123 BS (tlv_sha_1WithRSAEncryption),
124+ 2048 / 8 ,
114125 Result::ERROR_SIGNATURE_ALGORITHM_MISMATCH ,
115126 },
116127 { // Algorithms match, both are unsupported.
117128 BS (tlv_md5WithRSAEncryption),
118129 BS (tlv_md5WithRSAEncryption),
130+ 2048 / 8 ,
119131 Result::ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED
120132 },
121133 { // signatureAlgorithm is unsupported, signature is supported.
122134 BS (tlv_md5WithRSAEncryption),
123135 BS (tlv_sha256WithRSAEncryption),
136+ 2048 / 8 ,
124137 Result::ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED
125138 },
126139 { // signatureAlgorithm is supported, signature is unsupported.
127140 BS (tlv_sha256WithRSAEncryption),
128141 BS (tlv_md5WithRSAEncryption),
142+ 2048 / 8 ,
129143 Result::ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED
130144 },
131145 { // Both have the optional NULL parameter.
132146 BS (tlv_sha256WithRSAEncryption) + TLV (der::NULLTag, ByteString ()),
133147 BS (tlv_sha256WithRSAEncryption) + TLV (der::NULLTag, ByteString ()),
148+ 2048 / 8 ,
134149 Success
135150 },
136151 { // signatureAlgorithm has the optional NULL parameter, signature doesn't.
137152 BS (tlv_sha256WithRSAEncryption) + TLV (der::NULLTag, ByteString ()),
138153 BS (tlv_sha256WithRSAEncryption),
154+ 2048 / 8 ,
139155 Success
140156 },
141157 { // signatureAlgorithm does not have the optional NULL parameter, signature
142158 // does.
143159 BS (tlv_sha256WithRSAEncryption),
144160 BS (tlv_sha256WithRSAEncryption) + TLV (der::NULLTag, ByteString ()),
161+ 2048 / 8 ,
145162 Success
146163 },
147164 { // The different OIDs for RSA-with-SHA1 we support are semantically
148165 // equivalent.
149166 BS (tlv_sha1WithRSASignature),
150167 BS (tlv_sha_1WithRSAEncryption),
168+ 2048 / 8 ,
151169 Success,
152170 },
153171 { // The different OIDs for RSA-with-SHA1 we support are semantically
154172 // equivalent (opposite order).
155173 BS (tlv_sha_1WithRSAEncryption),
156174 BS (tlv_sha1WithRSASignature),
175+ 2048 / 8 ,
157176 Success,
158177 },
178+ { // Algorithms match, both are supported, key size is not a multile of 128
179+ // bits. This test verifies that we're not wrongly rounding up the
180+ // signature size like we did in the original patch for bug 1131767.
181+ BS (tlv_sha256WithRSAEncryption),
182+ BS (tlv_sha256WithRSAEncryption),
183+ (2048 / 8 ) - 1 ,
184+ Success
185+ },
159186};
160187
161188class pkixcheck_CheckSignatureAlgorithm
@@ -164,6 +191,39 @@ class pkixcheck_CheckSignatureAlgorithm
164191{
165192};
166193
194+ class pkixcheck_CheckSignatureAlgorithm_TrustDomain final
195+ : public EverythingFailsByDefaultTrustDomain
196+ {
197+ public:
198+ explicit pkixcheck_CheckSignatureAlgorithm_TrustDomain (
199+ unsigned int publicKeySizeInBits)
200+ : publicKeySizeInBits(publicKeySizeInBits)
201+ , checkedDigestAlgorithm(false )
202+ , checkedModulusSizeInBits(false )
203+ {
204+ }
205+
206+ Result CheckSignatureDigestAlgorithm (DigestAlgorithm) override
207+ {
208+ checkedDigestAlgorithm = true ;
209+ return Success;
210+ }
211+
212+ Result CheckRSAPublicKeyModulusSizeInBits (EndEntityOrCA endEntityOrCA,
213+ unsigned int modulusSizeInBits)
214+ override
215+ {
216+ EXPECT_EQ (EndEntityOrCA::MustBeEndEntity, endEntityOrCA);
217+ EXPECT_EQ (publicKeySizeInBits, modulusSizeInBits);
218+ checkedModulusSizeInBits = true ;
219+ return Success;
220+ }
221+
222+ const unsigned int publicKeySizeInBits;
223+ bool checkedDigestAlgorithm;
224+ bool checkedModulusSizeInBits;
225+ };
226+
167227TEST_P (pkixcheck_CheckSignatureAlgorithm, CheckSignatureAlgorithm)
168228{
169229 const CheckSignatureAlgorithmTestParams& params (GetParam ());
@@ -173,26 +233,37 @@ TEST_P(pkixcheck_CheckSignatureAlgorithm, CheckSignatureAlgorithm)
173233 signatureValueInput.Init (params.signatureValue .data (),
174234 params.signatureValue .length ()));
175235
176- Input signatureAlgorithmValueInput;
236+ pkixcheck_CheckSignatureAlgorithm_TrustDomain
237+ trustDomain (params.signatureLengthInBytes * 8 );
238+
239+ der::SignedDataWithSignature signedData;
240+ ASSERT_EQ (Success,
241+ signedData.algorithm .Init (params.signatureAlgorithmValue .data (),
242+ params.signatureAlgorithmValue .length ()));
243+
244+ ByteString dummySignature (params.signatureLengthInBytes , 0xDE );
177245 ASSERT_EQ (Success,
178- signatureAlgorithmValueInput.Init (
179- params.signatureAlgorithmValue .data (),
180- params.signatureAlgorithmValue .length ()));
246+ signedData.signature .Init (dummySignature.data (),
247+ dummySignature.length ()));
181248
182249 ASSERT_EQ (params.expectedResult ,
183- CheckSignatureAlgorithm (signatureAlgorithmValueInput,
184- signatureValueInput));
250+ CheckSignatureAlgorithm (trustDomain, EndEntityOrCA::MustBeEndEntity,
251+ signedData, signatureValueInput));
252+ ASSERT_EQ (params.expectedResult == Success,
253+ trustDomain.checkedDigestAlgorithm );
254+ ASSERT_EQ (params.expectedResult == Success,
255+ trustDomain.checkedModulusSizeInBits );
185256}
186257
187258INSTANTIATE_TEST_CASE_P (
188259 pkixcheck_CheckSignatureAlgorithm, pkixcheck_CheckSignatureAlgorithm,
189260 testing::ValuesIn (CHECKSIGNATUREALGORITHM_TEST_PARAMS ));
190261
191- class pkixcheck_CheckSignatureAlgorithmTrustDomain
262+ class pkixcheck_CheckSignatureAlgorithm_BuildCertChain_TrustDomain
192263 : public DefaultCryptoTrustDomain
193264{
194265public:
195- explicit pkixcheck_CheckSignatureAlgorithmTrustDomain (
266+ explicit pkixcheck_CheckSignatureAlgorithm_BuildCertChain_TrustDomain (
196267 const ByteString& issuer)
197268 : issuer(issuer)
198269 {
@@ -275,7 +346,8 @@ TEST_F(pkixcheck_CheckSignatureAlgorithm, BuildCertChain)
275346
276347 Input subjectInput;
277348 ASSERT_EQ (Success, subjectInput.Init (subject.data (), subject.length ()));
278- pkixcheck_CheckSignatureAlgorithmTrustDomain trustDomain (issuer);
349+ pkixcheck_CheckSignatureAlgorithm_BuildCertChain_TrustDomain
350+ trustDomain (issuer);
279351 Result rv = BuildCertChain (trustDomain, subjectInput, Now (),
280352 EndEntityOrCA::MustBeEndEntity,
281353 KeyUsage::noParticularKeyUsageRequired,
0 commit comments