1919
2020#define S2N_TEST_CERT_MEM 5000
2121
22- int s2n_ecdsa_sign_digest (const struct s2n_pkey * priv , struct s2n_blob * digest , struct s2n_blob * signature );
23- int s2n_rsa_pkcs1v15_sign_digest (const struct s2n_pkey * priv , s2n_hash_algorithm hash_alg ,
24- struct s2n_blob * digest , struct s2n_blob * signature );
25- int s2n_rsa_pss_sign_digest (const struct s2n_pkey * priv , s2n_hash_algorithm hash_alg ,
26- struct s2n_blob * digest_in , struct s2n_blob * signature_out );
22+ S2N_RESULT s2n_async_pkey_op_copy_hash_state_for_testing (struct s2n_async_pkey_op * op ,
23+ struct s2n_hash_state * copy );
2724
2825struct s2n_async_pkey_op * pkey_op = NULL ;
2926struct s2n_connection * pkey_op_conn = NULL ;
@@ -34,6 +31,36 @@ static int s2n_test_async_pkey_cb(struct s2n_connection *conn, struct s2n_async_
3431 return S2N_SUCCESS ;
3532}
3633
34+ static S2N_RESULT s2n_test_pkey_sign (const struct s2n_pkey * pkey ,
35+ struct s2n_blob * input , struct s2n_blob * output ,
36+ s2n_signature_algorithm sig_alg )
37+ {
38+ /* We're going to cheat a little here.
39+ * Our pkey signing methods operate on hash states, not raw digests.
40+ * So we need to use the hash state from the operation directly.
41+ */
42+
43+ /* First, make sure that the actual input matches the digest
44+ * produced by digesting the hash state.
45+ * This proves the two are equivalent and we can use the hash state.
46+ */
47+ DEFER_CLEANUP (struct s2n_blob digest = { 0 }, s2n_free );
48+ RESULT_GUARD_POSIX (s2n_alloc (& digest , input -> size ));
49+ DEFER_CLEANUP (struct s2n_hash_state digest_copy = { 0 }, s2n_hash_free );
50+ RESULT_GUARD_POSIX (s2n_hash_new (& digest_copy ));
51+ RESULT_GUARD (s2n_async_pkey_op_copy_hash_state_for_testing (pkey_op , & digest_copy ));
52+ RESULT_GUARD_POSIX (s2n_hash_digest (& digest_copy , digest .data , digest .size ));
53+ EXPECT_BYTEARRAY_EQUAL (digest .data , input -> data , input -> size );
54+
55+ /* Use the hash state instead of the input to calculate the signature */
56+ DEFER_CLEANUP (struct s2n_hash_state sign_copy = { 0 }, s2n_hash_free );
57+ RESULT_GUARD_POSIX (s2n_hash_new (& sign_copy ));
58+ RESULT_GUARD (s2n_async_pkey_op_copy_hash_state_for_testing (pkey_op , & sign_copy ));
59+ RESULT_GUARD_POSIX (s2n_pkey_sign (pkey , sig_alg , & sign_copy , output ));
60+
61+ return S2N_RESULT_OK ;
62+ }
63+
3764static S2N_RESULT s2n_async_pkey_sign (struct s2n_cert_chain_and_key * complete_chain )
3865{
3966 RESULT_ENSURE_REF (pkey_op );
@@ -73,14 +100,9 @@ static S2N_RESULT s2n_async_pkey_sign(struct s2n_cert_chain_and_key *complete_ch
73100 if (op_type == S2N_ASYNC_DECRYPT ) {
74101 output .size = S2N_TLS_SECRET_LEN ;
75102 RESULT_GUARD_POSIX (s2n_pkey_decrypt (complete_chain -> private_key , & input , & output ));
76- } else if (sig_alg == S2N_TLS_SIGNATURE_ECDSA ) {
77- RESULT_GUARD_POSIX (s2n_ecdsa_sign_digest (complete_chain -> private_key , & input , & output ));
78- } else if (sig_alg == S2N_TLS_SIGNATURE_RSA ) {
79- RESULT_GUARD_POSIX (s2n_rsa_pkcs1v15_sign_digest (
80- complete_chain -> private_key , sig_scheme -> hash_alg , & input , & output ));
81- } else if (sig_alg == S2N_TLS_SIGNATURE_RSA_PSS_RSAE ) {
82- RESULT_GUARD_POSIX (s2n_rsa_pss_sign_digest (
83- complete_chain -> private_key , sig_scheme -> hash_alg , & input , & output ));
103+ } else if (op_type == S2N_ASYNC_SIGN ) {
104+ RESULT_GUARD (s2n_test_pkey_sign (complete_chain -> private_key , & input , & output ,
105+ sig_scheme -> sig_alg ));
84106 } else {
85107 RESULT_BAIL (S2N_ERR_UNIMPLEMENTED );
86108 }
0 commit comments