Commit 5f184de4 authored by Daiki Ueno's avatar Daiki Ueno Committed by Niels Möller

Test case for pss signature problem.

* rsa-pss-sign-tr-test.c (test_main): Add test case
contributed by Daiki Ueno. Problem originally found by oss-fuzz,
That problem report is currently embargoed, but will hopefully be
public in a month or two.
parent b1252fed
......@@ -321,6 +321,35 @@ test_main(void)
salt->length, salt->data, msg->length, msg->data,
/* The public key n for this test is of size k = 1017 bits, and the
pss "em" value is limited to k - 1 = 1016 bits or 127 octets. The
alleged signature below results in a 1017 bit number during the
signature verification, which is too large, and used to result in
an assertion failure when attempting to convert the number to a
127 octet string.
"6ce1bea625970269c77004a3cb03f9c382c5f79", 16);
mpz_set_str(pub.e, "10001", 16);
ASSERT (rsa_public_key_prepare(&pub));
msg = SHEX("7f85e4909ff7bb29536e540a53031ef03ddcb129e553a43273fa1f"
/* Alleged signature, resulting in a too large m. */
"0000000000000000000000000000000000000000", 16);
ASSERT(!rsa_pss_sha384_verify_digest(&pub, 48, msg->data, expected));
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment