| |
@@ -1,23 +1,23 @@
|
| |
- From 56511d480823bedafce604374fa3b15d3b3ffd6b Mon Sep 17 00:00:00 2001
|
| |
+ From 012e319b3d5b936a9208b1c75c13d9c4a2d0cc04 Mon Sep 17 00:00:00 2001
|
| |
From: rpm-build <rpm-build>
|
| |
- Date: Mon, 31 Jul 2023 09:41:28 +0200
|
| |
- Subject: [PATCH 26/48] 0058-FIPS-limit-rsa-encrypt.patch
|
| |
+ Date: Wed, 6 Mar 2024 19:17:15 +0100
|
| |
+ Subject: [PATCH 24/49] 0058-FIPS-limit-rsa-encrypt.patch
|
| |
|
| |
Patch-name: 0058-FIPS-limit-rsa-encrypt.patch
|
| |
Patch-id: 58
|
| |
Patch-status: |
|
| |
- # https://bugzilla.redhat.com/show_bug.cgi?id=2053289
|
| |
- From-dist-git-commit: 9409bc7044cf4b5773639cce20f51399888c45fd
|
| |
+ # # https://bugzilla.redhat.com/show_bug.cgi?id=2053289
|
| |
+ From-dist-git-commit: 4334bc837fbc64d14890fdc51679a80770d498ce
|
| |
---
|
| |
- providers/common/securitycheck.c | 1 +
|
| |
- .../implementations/asymciphers/rsa_enc.c | 35 +++++++++++
|
| |
- .../30-test_evp_data/evppkey_rsa_common.txt | 58 ++++++++++++++++++-
|
| |
- test/recipes/80-test_cms.t | 5 +-
|
| |
- test/recipes/80-test_ssl_old.t | 27 +++++++--
|
| |
- 5 files changed, 118 insertions(+), 8 deletions(-)
|
| |
+ providers/common/securitycheck.c | 1 +
|
| |
+ .../implementations/asymciphers/rsa_enc.c | 35 +++++
|
| |
+ .../30-test_evp_data/evppkey_rsa_common.txt | 140 +++++++++++++-----
|
| |
+ test/recipes/80-test_cms.t | 5 +-
|
| |
+ test/recipes/80-test_ssl_old.t | 27 +++-
|
| |
+ 5 files changed, 168 insertions(+), 40 deletions(-)
|
| |
|
| |
diff --git a/providers/common/securitycheck.c b/providers/common/securitycheck.c
|
| |
- index e534ad0a5f..c017c658e5 100644
|
| |
+ index fe694c4e96..f635b5aec8 100644
|
| |
--- a/providers/common/securitycheck.c
|
| |
+++ b/providers/common/securitycheck.c
|
| |
@@ -27,6 +27,7 @@
|
| |
@@ -29,10 +29,10 @@
|
| |
{
|
| |
int protect = 0;
|
| |
diff --git a/providers/implementations/asymciphers/rsa_enc.c b/providers/implementations/asymciphers/rsa_enc.c
|
| |
- index d865968058..872967bcb3 100644
|
| |
+ index 71bfa344d4..d548560f1f 100644
|
| |
--- a/providers/implementations/asymciphers/rsa_enc.c
|
| |
+++ b/providers/implementations/asymciphers/rsa_enc.c
|
| |
- @@ -132,6 +132,17 @@ static int rsa_decrypt_init(void *vprsactx, void *vrsa,
|
| |
+ @@ -135,6 +135,17 @@ static int rsa_decrypt_init(void *vprsactx, void *vrsa,
|
| |
return rsa_init(vprsactx, vrsa, params, EVP_PKEY_OP_DECRYPT);
|
| |
}
|
| |
|
| |
@@ -50,7 +50,7 @@
|
| |
static int rsa_encrypt(void *vprsactx, unsigned char *out, size_t *outlen,
|
| |
size_t outsize, const unsigned char *in, size_t inlen)
|
| |
{
|
| |
- @@ -141,6 +152,18 @@ static int rsa_encrypt(void *vprsactx, unsigned char *out, size_t *outlen,
|
| |
+ @@ -144,6 +155,18 @@ static int rsa_encrypt(void *vprsactx, unsigned char *out, size_t *outlen,
|
| |
if (!ossl_prov_is_running())
|
| |
return 0;
|
| |
|
| |
@@ -69,7 +69,7 @@
|
| |
if (out == NULL) {
|
| |
size_t len = RSA_size(prsactx->rsa);
|
| |
|
| |
- @@ -204,6 +227,18 @@ static int rsa_decrypt(void *vprsactx, unsigned char *out, size_t *outlen,
|
| |
+ @@ -206,6 +229,18 @@ static int rsa_decrypt(void *vprsactx, unsigned char *out, size_t *outlen,
|
| |
if (!ossl_prov_is_running())
|
| |
return 0;
|
| |
|
| |
@@ -89,877 +89,861 @@
|
| |
if (out == NULL) {
|
| |
*outlen = SSL_MAX_MASTER_KEY_LENGTH;
|
| |
diff --git a/test/recipes/30-test_evp_data/evppkey_rsa_common.txt b/test/recipes/30-test_evp_data/evppkey_rsa_common.txt
|
| |
- index 8680797b90..95d5d51102 100644
|
| |
+ index 76ddc1ec60..62d55308b0 100644
|
| |
--- a/test/recipes/30-test_evp_data/evppkey_rsa_common.txt
|
| |
+++ b/test/recipes/30-test_evp_data/evppkey_rsa_common.txt
|
| |
- @@ -619,36 +619,42 @@ vcDtKrdWo6btTWc1Kml9QhbpMhKxJ6Y9VBHOb6mNXb79cyY+NygUJ0OBgWbtfdY2
|
| |
- h90qjKHS9PvY4Q==
|
| |
- -----END PRIVATE KEY-----
|
| |
+ @@ -248,13 +248,13 @@ Input = 64b0e9f9892371110c40ba5739dc0974002aa6e6160b481447c6819947c2d3b537a6e377
|
| |
+ Output = 0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef
|
| |
|
| |
+ # RSA decrypt
|
| |
+ -
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-1
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=354fe67b4a126d5d35fe36c777791a3f7ba13def484e2d3908aff722fad468fb21696de95d0be911c2d3174f8afcc201035f7b6d8e69402de5451618c21a535fa9d7bfc5b8dd9fc243f8cf927db31322d6e881eaa91a996170e657a05a266426d98c88003f8477c1227094a0d9fa1e8c4024309ce1ecccb5210035d47ac72e8a
|
| |
- Output=6628194e12073db03ba94cda9ef9532397d50dba79b987004afefe34
|
| |
+ Decrypt = RSA-2048
|
| |
+ Input = 550AF55A2904E7B9762352F8FB7FA235A9CB053AACB2D5FCB8CA48453CB2EE3619746C701ABF2D4CC67003471A187900B05AA812BD25ED05C675DFC8C97A24A7BF49BD6214992CAD766D05A9A2B57B74F26A737E0237B8B76C45F1F226A836D7CFBC75BA999BDBE48DBC09227AA46C88F21DCCBA7840141AD5A5D71FD122E6BD6AC3E564780DFE623FC1CA9B995A6037BF0BBD43B205A84AC5444F34202C05CE9113087176432476576DE6FFFF9A52EA57C08BE3EC2F49676CB8E12F762AC71FA3C321E00AC988910C85FF52F93825666CE0D40FFAA0592078919D4493F46D95CCF76364C6D57760DD0B64805F9AFC76A2365A5575CA301D5103F0EA76CB9A78
|
| |
+ Output = "Hello World"
|
| |
|
| |
+ # The old FIPS provider doesn't include the workaround (#13817)
|
| |
+ -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-1
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=640db1acc58e0568fe5407e5f9b701dff8c3c91e716c536fc7fcec6cb5b71c1165988d4a279e1577d730fc7a29932e3f00c81515236d8d8e31017a7a09df4352d904cdeb79aa583adcc31ea698a4c05283daba9089be5491f67c1a4ee48dc74bbbe6643aef846679b4cb395a352d5ed115912df696ffe0702932946d71492b44
|
| |
- Output=750c4047f547e8e41411856523298ac9bae245efaf1397fbe56f9dd5
|
| |
+ # Note: disable the Bleichenbacher workaround to see if it passes
|
| |
+ Decrypt = RSA-2048
|
| |
+ Ctrl = rsa_pkcs1_implicit_rejection:0
|
| |
+ @@ -262,7 +262,7 @@ Input = 550AF55A2904E7B9762352F8FB7FA235A9CB053AACB2D5FCB8CA48453CB2EE3619746C70
|
| |
+ Output = "Hello World"
|
| |
|
| |
+ # The old FIPS provider doesn't include the workaround (#13817)
|
| |
+ -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-1
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=423736ed035f6026af276c35c0b3741b365e5f76ca091b4e8c29e2f0befee603595aa8322d602d2e625e95eb81b2f1c9724e822eca76db8618cf09c5343503a4360835b5903bc637e3879fb05e0ef32685d5aec5067cd7cc96fe4b2670b6eac3066b1fcf5686b68589aafb7d629b02d8f8625ca3833624d4800fb081b1cf94eb
|
| |
- Output=d94ae0832e6445ce42331cb06d531a82b1db4baad30f746dc916df24d4e3c2451fff59a6423eb0e1d02d4fe646cf699dfd818c6e97b051
|
| |
+ # Corrupted ciphertext
|
| |
+ # Note: output is generated synthethically by the Bleichenbacher workaround
|
| |
+ Decrypt = RSA-2048
|
| |
+ @@ -270,7 +270,7 @@ Input = 550AF55A2904E7B9762352F8FB7FA235A9CB053AACB2D5FCB8CA48453CB2EE3619746C70
|
| |
+ Output = 4cbb988d6a46228379132b0b5f8c249b3860043848c93632fb982c807c7c82fffc7a9ef83f4908f890373ac181ffea6381e103bcaa27e65638b6ecebef38b59ed4226a9d12af675cfcb634d8c40e7a7aff
|
| |
|
| |
+ # The old FIPS provider doesn't include the workaround (#13817)
|
| |
+ -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-1
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=45ead4ca551e662c9800f1aca8283b0525e6abae30be4b4aba762fa40fd3d38e22abefc69794f6ebbbc05ddbb11216247d2f412fd0fba87c6e3acd888813646fd0e48e785204f9c3f73d6d8239562722dddd8771fec48b83a31ee6f592c4cfd4bc88174f3b13a112aae3b9f7b80e0fc6f7255ba880dc7d8021e22ad6a85f0755
|
| |
- Output=52e650d98e7f2a048b4f86852153b97e01dd316f346a19f67a85
|
| |
+ # Corrupted ciphertext
|
| |
+ # Note: disable the Bleichenbacher workaround to see if it fails
|
| |
+ Decrypt = RSA-2048
|
| |
+ @@ -345,82 +345,90 @@ PrivPubKeyPair = RSA-2048-2:RSA-2048-2-PUBLIC
|
| |
+ # RSA decrypt
|
| |
|
| |
+ # a random positive test case
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-1
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=36f6e34d94a8d34daacba33a2139d00ad85a9345a86051e73071620056b920e219005855a213a0f23897cdcd731b45257c777fe908202befdd0b58386b1244ea0cf539a05d5d10329da44e13030fd760dcd644cfef2094d1910d3f433e1c7c6dd18bc1f2df7f643d662fb9dd37ead9059190f4fa66ca39e869c4eb449cbdc439
|
| |
- Output=8da89fd9e5f974a29feffb462b49180f6cf9e802
|
| |
+ Decrypt = RSA-2048-2
|
| |
+ Input = 8bfe264e85d3bdeaa6b8851b8e3b956ee3d226fd3f69063a86880173a273d9f283b2eebdd1ed35f7e02d91c571981b6737d5320bd8396b0f3ad5b019daec1b0aab3cbbc026395f4fd14f13673f2dfc81f9b660ec26ac381e6db3299b4e460b43fab9955df2b3cfaa20e900e19c856238fd371899c2bf2ce8c868b76754e5db3b036533fd603746be13c10d4e3e6022ebc905d20c2a7f32b215a4cd53b3f44ca1c327d2c2b651145821c08396c89071f665349c25e44d2733cd9305985ceef6430c3cf57af5fa224089221218fa34737c79c446d28a94c41c96e4e92ac53fbcf384dea8419ea089f8784445a492c812eb0d409467f75afd7d4d1078886205a066
|
| |
+ Output = "lorem ipsum dolor sit amet"
|
| |
|
| |
+ # The old FIPS provider doesn't include the workaround (#13817)
|
| |
+ -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-1
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- @@ -673,36 +679,42 @@ SwGNdhGLJDiac1Dsg2sAY6IXISNv2O222JtR5+64e2EbcTLLfqc1bCMVHB53UVB8
|
| |
- eG2e4XlBcKjI6A==
|
| |
- -----END PRIVATE KEY-----
|
| |
+ # a random negative test case decrypting to empty
|
| |
+ Decrypt = RSA-2048-2
|
| |
+ Input = 20aaa8adbbc593a924ba1c5c7990b5c2242ae4b99d0fe636a19a4cf754edbcee774e472fe028160ed42634f8864900cb514006da642cae6ae8c7d087caebcfa6dad1551301e130344989a1d462d4164505f6393933450c67bc6d39d8f5160907cabc251b737925a1cf21e5c6aa5781b7769f6a2a583d97cce008c0f8b6add5f0b2bd80bee60237aa39bb20719fe75749f4bc4e42466ef5a861ae3a92395c7d858d430bfe38040f445ea93fa2958b503539800ffa5ce5f8cf51fa8171a91f36cb4f4575e8de6b4d3f096ee140b938fd2f50ee13f0d050222e2a72b0a3069ff3a6738e82c87090caa5aed4fcbe882c49646aa250b98f12f83c8d528113614a29e7
|
| |
+ Output =
|
| |
|
| |
+ # The old FIPS provider doesn't include the workaround (#13817)
|
| |
+ -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-2
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=0181af8922b9fcb4d79d92ebe19815992fc0c1439d8bcd491398a0f4ad3a329a5bd9385560db532683c8b7da04e4b12aed6aacdf471c34c9cda891addcc2df3456653aa6382e9ae59b54455257eb099d562bbe10453f2b6d13c59c02e10f1f8abb5da0d0570932dacf2d0901db729d0fefcc054e70968ea540c81b04bcaefe720e
|
| |
- Output=8ff00caa605c702830634d9a6c3d42c652b58cf1d92fec570beee7
|
| |
+ # invalid decrypting to max length message
|
| |
+ Decrypt = RSA-2048-2
|
| |
+ Input = 48cceab10f39a4db32f60074feea473cbcdb7accf92e150417f76b44756b190e843e79ec12aa85083a21f5437e7bad0a60482e601198f9d86923239c8786ee728285afd0937f7dde12717f28389843d7375912b07b991f4fdb0190fced8ba665314367e8c5f9d2981d0f5128feeb46cb50fc237e64438a86df198dd0209364ae3a842d77532b66b7ef263b83b1541ed671b120dfd660462e2107a4ee7b964e734a7bd68d90dda61770658a3c242948532da32648687e0318286473f675b412d6468f013f14d760a358dfcad3cda2afeec5e268a37d250c37f722f468a70dfd92d7294c3c1ee1e7f8843b7d16f9f37ef35748c3ae93aa155cdcdfeb4e78567303
|
| |
+ Output = 22d850137b9eebe092b24f602dc5bb7918c16bd89ddbf20467b119d205f9c2e4bd7d2592cf1e532106e0f33557565923c73a02d4f09c0c22bea89148183e60317f7028b3aa1f261f91c979393101d7e15f4067e63979b32751658ef769610fe97cf9cef3278b3117d384051c3b1d82c251c2305418c8f6840530e631aad63e70e20e025bcd8efb54c92ec6d3b106a2f8e64eeff7d38495b0fc50c97138af4b1c0a67a1c4e27b077b8439332edfa8608dfeae653cd6a628ac550395f7e74390e42c11682234870925eeaa1fa71b76cf1f2ee3bda69f6717033ff8b7c95c9799e7a3bea5e7e4a1c359772fb6b1c6e6c516661dfe30c3
|
| |
|
| |
+ # The old FIPS provider doesn't include the workaround (#13817)
|
| |
+ -FIPSversion = >=3.2.0
|
| |
+ # invalid decrypting to message with length specified by second to last value from PRF
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-2
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=018759ff1df63b2792410562314416a8aeaf2ac634b46f940ab82d64dbf165eee33011da749d4bab6e2fcd18129c9e49277d8453112b429a222a8471b070993998e758861c4d3f6d749d91c4290d332c7a4ab3f7ea35ff3a07d497c955ff0ffc95006b62c6d296810d9bfab024196c7934012c2df978ef299aba239940cba10245
|
| |
- Output=2d
|
| |
+ Decrypt = RSA-2048-2
|
| |
+ Input = 1439e08c3f84c1a7fec74ce07614b20e01f6fa4e8c2a6cffdc3520d8889e5d9a950c6425798f85d4be38d300ea5695f13ecd4cb389d1ff5b82484b494d6280ab7fa78e645933981cb934cce8bfcd114cc0e6811eefa47aae20af638a1cd163d2d3366186d0a07df0c81f6c9f3171cf3561472e98a6006bf75ddb457bed036dcce199369de7d94ef2c68e8467ee0604eea2b3009479162a7891ba5c40cab17f49e1c438cb6eaea4f76ce23cce0e483ff0e96fa790ea15be67671814342d0a23f4a20262b6182e72f3a67cd289711503c85516a9ed225422f98b116f1ab080a80abd6f0216df88d8cfd67c139243be8dd78502a7aaf6bc99d7da71bcdf627e7354
|
| |
+ Output = 0f9b
|
| |
|
| |
+ # The old FIPS provider doesn't include the workaround (#13817)
|
| |
+ -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-2
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=018802bab04c60325e81c4962311f2be7c2adce93041a00719c88f957575f2c79f1b7bc8ced115c706b311c08a2d986ca3b6a9336b147c29c6f229409ddec651bd1fdd5a0b7f610c9937fdb4a3a762364b8b3206b4ea485fd098d08f63d4aa8bb2697d027b750c32d7f74eaf5180d2e9b66b17cb2fa55523bc280da10d14be2053
|
| |
- Output=74fc88c51bc90f77af9d5e9a4a70133d4b4e0b34da3c37c7ef8e
|
| |
+ # invalid decrypting to message with length specified by third to last value from PRF
|
| |
+ Decrypt = RSA-2048-2
|
| |
+ Input = 1690ebcceece2ce024f382e467cf8510e74514120937978576caf684d4a02ad569e8d76cbe365a060e00779de2f0865ccf0d923de3b4783a4e2c74f422e2f326086c390b658ba47f31ab013aa80f468c71256e5fa5679b24e83cd82c3d1e05e398208155de2212993cd2b8bab6987cf4cc1293f19909219439d74127545e9ed8a706961b8ee2119f6bfacafbef91b75a789ba65b8b833bc6149cf49b5c4d2c6359f62808659ba6541e1cd24bf7f7410486b5103f6c0ea29334ea6f4975b17387474fe920710ea61568d7b7c0a7916acf21665ad5a31c4eabcde44f8fb6120d8457afa1f3c85d517cda364af620113ae5a3c52a048821731922737307f77a1081
|
| |
+ Output = 4f02
|
| |
|
| |
+ # positive test with 11 byte long value
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-2
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=00a4578cbc176318a638fba7d01df15746af44d4f6cd96d7e7c495cbf425b09c649d32bf886da48fbaf989a2117187cafb1fb580317690e3ccd446920b7af82b31db5804d87d01514acbfa9156e782f867f6bed9449e0e9a2c09bcecc6aa087636965e34b3ec766f2fe2e43018a2fddeb140616a0e9d82e5331024ee0652fc7641
|
| |
- Output=a7eb2a5036931d27d4e891326d99692ffadda9bf7efd3e34e622c4adc085f721dfe885072c78a203b151739be540fa8c153a10f00a
|
| |
+ Decrypt = RSA-2048-2
|
| |
+ Input = 6213634593332c485cef783ea2846e3d6e8b0e005cd8293eaebbaa5079712fd681579bdfbbda138ae4d9d952917a03c92398ec0cb2bb0c6b5a8d55061fed0d0d8d72473563152648cfe640b335dc95331c21cb133a91790fa93ae44497c128708970d2beeb77e8721b061b1c44034143734a77be8220877415a6dba073c3871605380542a9f25252a4babe8331cdd53cf828423f3cc70b560624d0581fb126b2ed4f4ed358f0eb8065cf176399ac1a846a31055f9ae8c9c24a1ba050bc20842125bc1753158f8065f3adb9cc16bfdf83816bdf38b624f12022c5a6fbfe29bc91542be8c0208a770bcd677dc597f5557dc2ce28a11bf3e3857f158717a33f6592
|
| |
+ Output = "lorem ipsum"
|
| |
|
| |
+ # positive test with 11 byte long value and zero padded ciphertext
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-2
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=00ebc5f5fda77cfdad3c83641a9025e77d72d8a6fb33a810f5950f8d74c73e8d931e8634d86ab1246256ae07b6005b71b7f2fb98351218331ce69b8ffbdc9da08bbc9c704f876deb9df9fc2ec065cad87f9090b07acc17aa7f997b27aca48806e897f771d95141fe4526d8a5301b678627efab707fd40fbebd6e792a25613e7aec
|
| |
- Output=2ef2b066f854c33f3bdcbb5994a435e73d6c6c
|
| |
+ Decrypt = RSA-2048-2
|
| |
+ Input = 00a2e8f114ea8d05d12dc843e3cc3b2edc8229ff2a028bda29ba9d55e3cd02911902fef1f42a075bf05e8016e8567213d6f260fa49e360779dd81aeea3e04c2cb567e0d72b98bf754014561b7511e083d20e0bfb9cd23f8a0d3c88900c49d2fcd5843ff0765607b2026f28202a87aa94678aed22a0c20724541394cd8f44e373eba1d2bae98f516c1e2ba3d86852d064f856b1daf24795e767a2b90396e50743e3150664afab131fe40ea405dcf572dd1079af1d3f0392ccadcca0a12740dbb213b925ca2a06b1bc1383e83a658c82ba2e7427342379084d5f66b544579f07664cb26edd4f10fd913fdbc0de05ef887d4d1ec1ac95652397ea7fd4e4759fda8b
|
| |
+ Output = "lorem ipsum"
|
| |
|
| |
+ # positive test with 11 byte long value and zero truncated ciphertext
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-2
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- @@ -727,36 +739,42 @@ iUGx07dw5a0x7jc7KKzaaf+bb0D+V4ufGvuFg2+WJ9N6z/c8J3nmNLsmARwsj38z
|
| |
- Ya4qnqZe1onjY5o=
|
| |
- -----END PRIVATE KEY-----
|
| |
+ Decrypt = RSA-2048-2
|
| |
+ Input = a2e8f114ea8d05d12dc843e3cc3b2edc8229ff2a028bda29ba9d55e3cd02911902fef1f42a075bf05e8016e8567213d6f260fa49e360779dd81aeea3e04c2cb567e0d72b98bf754014561b7511e083d20e0bfb9cd23f8a0d3c88900c49d2fcd5843ff0765607b2026f28202a87aa94678aed22a0c20724541394cd8f44e373eba1d2bae98f516c1e2ba3d86852d064f856b1daf24795e767a2b90396e50743e3150664afab131fe40ea405dcf572dd1079af1d3f0392ccadcca0a12740dbb213b925ca2a06b1bc1383e83a658c82ba2e7427342379084d5f66b544579f07664cb26edd4f10fd913fdbc0de05ef887d4d1ec1ac95652397ea7fd4e4759fda8b
|
| |
+ Output = "lorem ipsum"
|
| |
|
| |
+ # positive test with 11 byte long value and double zero padded ciphertext
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-3
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=026a0485d96aebd96b4382085099b962e6a2bdec3d90c8db625e14372de85e2d5b7baab65c8faf91bb5504fb495afce5c988b3f6a52e20e1d6cbd3566c5cd1f2b8318bb542cc0ea25c4aab9932afa20760eaddec784396a07ea0ef24d4e6f4d37e5052a7a31e146aa480a111bbe926401307e00f410033842b6d82fe5ce4dfae80
|
| |
- Output=087820b569e8fa8d
|
| |
+ Decrypt = RSA-2048-2
|
| |
+ Input = 00001f71879b426127f7dead621f7380a7098cf7d22173aa27991b143c46d53383c209bd0c9c00d84078037e715f6b98c65005a77120070522ede51d472c87ef94b94ead4c5428ee108a345561658301911ec5a8f7dd43ed4a3957fd29fb02a3529bf63f8040d3953490939bd8f78b2a3404b6fb5ff70a4bfdaac5c541d6bcce49c9778cc390be24cbef1d1eca7e870457241d3ff72ca44f9f56bdf31a890fa5eb3a9107b603ccc9d06a5dd911a664c82b6abd4fe036f8db8d5a070c2d86386ae18d97adc1847640c211d91ff5c3387574a26f8ef27ca7f48d2dd1f0c7f14b81cc9d33ee6853031d3ecf10a914ffd90947909c8011fd30249219348ebff76bfc
|
| |
+ Output = "lorem ipsum"
|
| |
|
| |
+ # positive test with 11 byte long value and double zero truncated ciphertext
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-3
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=024db89c7802989be0783847863084941bf209d761987e38f97cb5f6f1bc88da72a50b73ebaf11c879c4f95df37b850b8f65d7622e25b1b889e80fe80baca2069d6e0e1d829953fc459069de98ea9798b451e557e99abf8fe3d9ccf9096ebbf3e5255d3b4e1c6d2ecadf067a359eea86405acd47d5e165517ccafd47d6dbee4bf5
|
| |
- Output=4653acaf171960b01f52a7be63a3ab21dc368ec43b50d82ec3781e04
|
| |
+ Decrypt = RSA-2048-2
|
| |
+ Input = 1f71879b426127f7dead621f7380a7098cf7d22173aa27991b143c46d53383c209bd0c9c00d84078037e715f6b98c65005a77120070522ede51d472c87ef94b94ead4c5428ee108a345561658301911ec5a8f7dd43ed4a3957fd29fb02a3529bf63f8040d3953490939bd8f78b2a3404b6fb5ff70a4bfdaac5c541d6bcce49c9778cc390be24cbef1d1eca7e870457241d3ff72ca44f9f56bdf31a890fa5eb3a9107b603ccc9d06a5dd911a664c82b6abd4fe036f8db8d5a070c2d86386ae18d97adc1847640c211d91ff5c3387574a26f8ef27ca7f48d2dd1f0c7f14b81cc9d33ee6853031d3ecf10a914ffd90947909c8011fd30249219348ebff76bfc
|
| |
+ Output = "lorem ipsum"
|
| |
|
| |
+ # positive that generates a 0 byte long synthetic message internally
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-3
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=0239bce681032441528877d6d1c8bb28aa3bc97f1df584563618995797683844ca86664732f4bed7a0aab083aaabfb7238f582e30958c2024e44e57043b97950fd543da977c90cdde5337d618442f99e60d7783ab59ce6dd9d69c47ad1e962bec22d05895cff8d3f64ed5261d92b2678510393484990ba3f7f06818ae6ffce8a3a
|
| |
- Output=d94cd0e08fa404ed89
|
| |
+ Decrypt = RSA-2048-2
|
| |
+ Input = b5e49308f6e9590014ffaffc5b8560755739dd501f1d4e9227a7d291408cf4b753f292322ff8bead613bf2caa181b221bc38caf6392deafb28eb21ad60930841ed02fd6225cc9c463409adbe7d8f32440212fbe3881c51375bb09565efb22e62b071472fb38676e5b4e23a0617db5d14d93519ac0007a30a9c822eb31c38b57fcb1be29608fcf1ca2abdcaf5d5752bbc2b5ac7dba5afcff4a5641da360dd01f7112539b1ed46cdb550a3b1006559b9fe1891030ec80f0727c42401ddd6cbb5e3c80f312df6ec89394c5a7118f573105e7ab00fe57833c126141b50a935224842addfb479f75160659ba28877b512bb9a93084ad8bec540f92640f63a11a010e0
|
| |
+ Output = "lorem ipsum"
|
| |
|
| |
+ # positive that generates a 245 byte long synthetic message internally
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-3
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=02994c62afd76f498ba1fd2cf642857fca81f4373cb08f1cbaee6f025c3b512b42c3e8779113476648039dbe0493f9246292fac28950600e7c0f32edf9c81b9dec45c3bde0cc8d8847590169907b7dc5991ceb29bb0714d613d96df0f12ec5d8d3507c8ee7ae78dd83f216fa61de100363aca48a7e914ae9f42ddfbe943b09d9a0
|
| |
- Output=6cc641b6b61e6f963974dad23a9013284ef1
|
| |
+ Decrypt = RSA-2048-2
|
| |
+ Input = 1ea0b50ca65203d0a09280d39704b24fe6e47800189db5033f202761a78bafb270c5e25abd1f7ecc6e7abc4f26d1b0cd9b8c648d529416ee64ccbdd7aa72a771d0353262b543f0e436076f40a1095f5c7dfd10dcf0059ccb30e92dfa5e0156618215f1c3ff3aa997a9d999e506924f5289e3ac72e5e2086cc7b499d71583ed561028671155db4005bee01800a7cdbdae781dd32199b8914b5d4011dd6ff11cd26d46aad54934d293b0bc403dd211bf13b5a5c6836a5e769930f437ffd8634fb7371776f4bc88fa6c271d8aa6013df89ae6470154497c4ac861be2a1c65ebffec139bf7aaba3a81c7c5cdd84da9af5d3edfb957848074686b5837ecbcb6a41c50
|
| |
+ Output = "lorem ipsum"
|
| |
|
| |
+ # The old FIPS provider doesn't include the workaround (#13817)
|
| |
+ -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-3
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=0162042ff6969592a6167031811a239834ce638abf54fec8b99478122afe2ee67f8c5b18b0339805bfdbc5a4e6720b37c59cfba942464c597ff532a119821545fd2e59b114e61daf71820529f5029cf524954327c34ec5e6f5ba7efcc4de943ab8ad4ed787b1454329f70db798a3a8f4d92f8274e2b2948ade627ce8ee33e43c60
|
| |
- Output=df5151832b61f4f25891fb4172f328d2eddf8371ffcfdbe997939295f30eca6918017cfda1153bf7a6af87593223
|
| |
+ # a random negative test that generates an 11 byte long message
|
| |
+ Decrypt = RSA-2048-2
|
| |
+ Input = 5f02f4b1f46935c742ebe62b6f05aa0a3286aab91a49b34780adde6410ab46f7386e05748331864ac98e1da63686e4babe3a19ed40a7f5ceefb89179596aab07ab1015e03b8f825084dab028b6731288f2e511a4b314b6ea3997d2e8fe2825cef8897cbbdfb6c939d441d6e04948414bb69e682927ef8576c9a7090d4aad0e74c520d6d5ce63a154720f00b76de8cc550b1aa14f016d63a7b6d6eaa1f7dbe9e50200d3159b3d099c900116bf4eba3b94204f18b1317b07529751abf64a26b0a0bf1c8ce757333b3d673211b67cc0653f2fe2620d57c8b6ee574a0323a167eab1106d9bc7fd90d415be5f1e9891a0e6c709f4fc0404e8226f8477b4e939b36eb2
|
| |
+ Output = af9ac70191c92413cb9f2d
|
| |
|
| |
+ # The old FIPS provider doesn't include the workaround (#13817)
|
| |
+ -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-3
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- @@ -781,36 +799,42 @@ s/XkIiO6MDAcQabYfLtw4wy308Z9JUc9sfbL8D4/kSbj6XloJ5qGWywrQmUkz8Uq
|
| |
- aD0x7TDrmEvkEro=
|
| |
- -----END PRIVATE KEY-----
|
| |
+ # an otherwise correct plaintext, but with wrong first byte
|
| |
+ # (0x01 instead of 0x00), generates a random 11 byte long plaintext
|
| |
+ Decrypt = RSA-2048-2
|
| |
+ @@ -428,7 +436,7 @@ Input = 9b2ec9c0c917c98f1ad3d0119aec6be51ae3106e9af1914d48600ab6a2c0c0c8ae02a2dc
|
| |
+ Output = a1f8c9255c35cfba403ccc
|
| |
|
| |
+ # The old FIPS provider doesn't include the workaround (#13817)
|
| |
+ -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-4
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=04cce19614845e094152a3fe18e54e3330c44e5efbc64ae16886cb1869014cc5781b1f8f9e045384d0112a135ca0d12e9c88a8e4063416deaae3844f60d6e96fe155145f4525b9a34431ca3766180f70e15a5e5d8e8b1a516ff870609f13f896935ced188279a58ed13d07114277d75c6568607e0ab092fd803a223e4a8ee0b1a8
|
| |
- Output=4a86609534ee434a6cbca3f7e962e76d455e3264c19f605f6e5ff6137c65c56d7fb344cd52bc93374f3d166c9f0c6f9c506bad19330972d2
|
| |
+ # an otherwise correct plaintext, but with wrong second byte
|
| |
+ # (0x01 instead of 0x02), generates a random 11 byte long plaintext
|
| |
+ Decrypt = RSA-2048-2
|
| |
+ @@ -436,7 +444,7 @@ Input = 782c2b59a21a511243820acedd567c136f6d3090c115232a82a5efb0b178285f55b5ec2d
|
| |
+ Output = e6d700309ca0ed62452254
|
| |
|
| |
+ # The old FIPS provider doesn't include the workaround (#13817)
|
| |
+ -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-4
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=0097b698c6165645b303486fbf5a2a4479c0ee85889b541a6f0b858d6b6597b13b854eb4f839af03399a80d79bda6578c841f90d645715b280d37143992dd186c80b949b775cae97370e4ec97443136c6da484e970ffdb1323a20847821d3b18381de13bb49aaea66530c4a4b8271f3eae172cd366e07e6636f1019d2a28aed15e
|
| |
- Output=b0adc4f3fe11da59ce992773d9059943c03046497ee9d9f9a06df1166db46d98f58d27ec074c02eee6cbe2449c8b9fc5080c5c3f4433092512ec46aa793743c8
|
| |
+ # an invalid ciphertext, with a zero byte in first byte of
|
| |
+ # ciphertext, decrypts to a random 11 byte long synthetic
|
| |
+ # plaintext
|
| |
+ @@ -445,7 +453,7 @@ Input = 0096136621faf36d5290b16bd26295de27f895d1faa51c800dafce73d001d60796cd4e2a
|
| |
+ Output = ba27b1842e7c21c0e7ef6a
|
| |
|
| |
+ # The old FIPS provider doesn't include the workaround (#13817)
|
| |
+ -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-4
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=0301f935e9c47abcb48acbbe09895d9f5971af14839da4ff95417ee453d1fd77319072bb7297e1b55d7561cd9d1bb24c1a9a37c619864308242804879d86ebd001dce5183975e1506989b70e5a83434154d5cbfd6a24787e60eb0c658d2ac193302d1192c6e622d4a12ad4b53923bca246df31c6395e37702c6a78ae081fb9d065
|
| |
- Output=bf6d42e701707b1d0206b0c8b45a1c72641ff12889219a82bdea965b5e79a96b0d0163ed9d578ec9ada20f2fbcf1ea3c4089d83419ba81b0c60f3606da99
|
| |
+ # an invalid ciphertext, with a zero byte removed from first byte of
|
| |
+ # ciphertext, decrypts to a random 11 byte long synthetic
|
| |
+ # plaintext
|
| |
+ @@ -454,7 +462,7 @@ Input = 96136621faf36d5290b16bd26295de27f895d1faa51c800dafce73d001d60796cd4e2ac3
|
| |
+ Output = ba27b1842e7c21c0e7ef6a
|
| |
|
| |
+ # The old FIPS provider doesn't include the workaround (#13817)
|
| |
+ -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-4
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=02d110ad30afb727beb691dd0cf17d0af1a1e7fa0cc040ec1a4ba26a42c59d0a796a2e22c8f357ccc98b6519aceb682e945e62cb734614a529407cd452bee3e44fece8423cc19e55548b8b994b849c7ecde4933e76037e1d0ce44275b08710c68e430130b929730ed77e09b015642c5593f04e4ffb9410798102a8e96ffdfe11e4
|
| |
- Output=fb2ef112f5e766eb94019297934794f7be2f6fc1c58e
|
| |
+ # an invalid ciphertext, with two zero bytes in first bytes of
|
| |
+ # ciphertext, decrypts to a random 11 byte long synthetic
|
| |
+ # plaintext
|
| |
+ @@ -463,7 +471,7 @@ Input = 0000587cccc6b264bdfe0dc2149a988047fa921801f3502ea64624c510c6033d2f427e3f
|
| |
+ Output = d5cf555b1d6151029a429a
|
| |
|
| |
+ # The old FIPS provider doesn't include the workaround (#13817)
|
| |
+ -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-4
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=00dbb8a7439d90efd919a377c54fae8fe11ec58c3b858362e23ad1b8a44310799066b99347aa525691d2adc58d9b06e34f288c170390c5f0e11c0aa3645959f18ee79e8f2be8d7ac5c23d061f18dd74b8c5f2a58fcb5eb0c54f99f01a83247568292536583340948d7a8c97c4acd1e98d1e29dc320e97a260532a8aa7a758a1ec2
|
| |
- Output=28ccd447bb9e85166dabb9e5b7d1adadc4b9d39f204e96d5e440ce9ad928bc1c2284
|
| |
+ # an invalid ciphertext, with two zero bytes removed from first bytes of
|
| |
+ # ciphertext, decrypts to a random 11 byte long synthetic
|
| |
+ # plaintext
|
| |
+ @@ -472,7 +480,7 @@ Input = 587cccc6b264bdfe0dc2149a988047fa921801f3502ea64624c510c6033d2f427e3f136c
|
| |
+ Output = d5cf555b1d6151029a429a
|
| |
|
| |
+ # The old FIPS provider doesn't include the workaround (#13817)
|
| |
+ -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-4
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- @@ -835,36 +859,42 @@ OPlAQGLrhaQpJFILOPW7iGoBlvSLuNzqYP2SzAJ/GOeBWKNKXF1fhgoPbAQHGn0B
|
| |
- MSwGUGLx60i3nRyDyw==
|
| |
- -----END PRIVATE KEY-----
|
| |
+ # and invalid ciphertext, otherwise valid but starting with 000002, decrypts
|
| |
+ # to random 11 byte long synthetic plaintext
|
| |
+ Decrypt = RSA-2048-2
|
| |
+ @@ -480,7 +488,7 @@ Input = 1786550ce8d8433052e01ecba8b76d3019f1355b212ac9d0f5191b023325a7e7714b7802
|
| |
+ Output = 3d4a054d9358209e9cbbb9
|
| |
|
| |
+ # The old FIPS provider doesn't include the workaround (#13817)
|
| |
+ -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-5
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=036046a4a47d9ed3ba9a89139c105038eb7492b05a5d68bfd53accff4597f7a68651b47b4a4627d927e485eed7b4566420e8b409879e5d606eae251d22a5df799f7920bfc117b992572a53b1263146bcea03385cc5e853c9a101c8c3e1bda31a519807496c6cb5e5efb408823a352b8fa0661fb664efadd593deb99fff5ed000e5
|
| |
- Output=af71a901e3a61d3132f0fc1fdb474f9ea6579257ffc24d164170145b3dbde8
|
| |
+ # negative test with otherwise valid padding but a zero byte in first byte
|
| |
+ # of padding
|
| |
+ Decrypt = RSA-2048-2
|
| |
+ @@ -488,7 +496,7 @@ Input = 179598823812d2c58a7eb50521150a48bcca8b4eb53414018b6bca19f4801456c5e36a94
|
| |
+ Output = 1f037dd717b07d3e7f7359
|
| |
|
| |
+ # The old FIPS provider doesn't include the workaround (#13817)
|
| |
+ -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-5
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=03d6eb654edce615bc59f455265ed4e5a18223cbb9be4e4069b473804d5de96f54dcaaa603d049c5d94aa1470dfcd2254066b7c7b61ff1f6f6770e3215c51399fd4e34ec5082bc48f089840ad04354ae66dc0f1bd18e461a33cc1258b443a2837a6df26759aa2302334986f87380c9cc9d53be9f99605d2c9a97da7b0915a4a7ad
|
| |
- Output=a3b844a08239a8ac41605af17a6cfda4d350136585903a417a79268760519a4b4ac3303ec73f0f87cfb32399
|
| |
+ # negative test with otherwise valid padding but a zero byte at the eighth
|
| |
+ # byte of padding
|
| |
+ Decrypt = RSA-2048-2
|
| |
+ @@ -496,7 +504,7 @@ Input = a7a340675a82c30e22219a55bc07cdf36d47d01834c1834f917f18b517419ce9de2a9646
|
| |
+ Output = 63cb0bf65fc8255dd29e17
|
| |
|
| |
+ # The old FIPS provider doesn't include the workaround (#13817)
|
| |
+ -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-5
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=0770952181649f9f9f07ff626ff3a22c35c462443d905d456a9fd0bff43cac2ca7a9f554e9478b9acc3ac838b02040ffd3e1847de2e4253929f9dd9ee4044325a9b05cabb808b2ee840d34e15d105a3f1f7b27695a1a07a2d73fe08ecaaa3c9c9d4d5a89ff890d54727d7ae40c0ec1a8dd86165d8ee2c6368141016a48b55b6967
|
| |
- Output=308b0ecbd2c76cb77fc6f70c5edd233fd2f20929d629f026953bb62a8f4a3a314bde195de85b5f816da2aab074d26cb6acddf323ae3b9c678ac3cf12fbdde7
|
| |
+ # negative test with an otherwise valid plaintext but with missing separator
|
| |
+ # byte
|
| |
+ Decrypt = RSA-2048-2
|
| |
+ @@ -551,53 +559,58 @@ PrivPubKeyPair = RSA-2049:RSA-2049-PUBLIC
|
| |
+ # RSA decrypt
|
| |
|
| |
+ # The old FIPS provider doesn't include the workaround (#13817)
|
| |
+ -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-5
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=0812b76768ebcb642d040258e5f4441a018521bd96687e6c5e899fcd6c17588ff59a82cc8ae03a4b45b31299af1788c329f7dcd285f8cf4ced82606b97612671a45bedca133442144d1617d114f802857f0f9d739751c57a3f9ee400912c61e2e6992be031a43dd48fa6ba14eef7c422b5edc4e7afa04fdd38f402d1c8bb719abf
|
| |
- Output=15c5b9ee1185
|
| |
+ # malformed that generates length specified by 3rd last value from PRF
|
| |
+ Decrypt = RSA-2049
|
| |
+ Input = 00b26f6404b82649629f2704494282443776929122e279a9cf30b0c6fe8122a0a9042870d97cc8ef65490fe58f031eb2442352191f5fbc311026b5147d32df914599f38b825ebb824af0d63f2d541a245c5775d1c4b78630e4996cc5fe413d38455a776cf4edcc0aa7fccb31c584d60502ed2b77398f536e137ff7ba6430e9258e21c2db5b82f5380f566876110ac4c759178900fbad7ab70ea07b1daf7a1639cbb4196543a6cbe8271f35dddb8120304f6eef83059e1c5c5678710f904a6d760c4d1d8ad076be17904b9e69910040b47914a0176fb7eea0c06444a6c4b86d674d19a556a1de5490373cb01ce31bbd15a5633362d3d2cd7d4af1b4c5121288b894
|
| |
+ Output = 42
|
| |
|
| |
+ # simple positive test case
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-5
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=07b60e14ec954bfd29e60d0047e789f51d57186c63589903306793ced3f68241c743529aba6a6374f92e19e0163efa33697e196f7661dfaaa47aac6bde5e51deb507c72c589a2ca1693d96b1460381249b2cdb9eac44769f2489c5d3d2f99f0ee3c7ee5bf64a5ac79c42bd433f149be8cb59548361640595513c97af7bc2509723
|
| |
- Output=21026e6800c7fa728fcaaba0d196ae28d7a2ac4ffd8abce794f0985f60c8a6737277365d3fea11db8923a2029a
|
| |
+ Decrypt = RSA-2049
|
| |
+ Input = 013300edbf0bb3571e59889f7ed76970bf6d57e1c89bbb6d1c3991d9df8e65ed54b556d928da7d768facb395bbcc81e9f8573b45cf8195dbd85d83a59281cddf4163aec11b53b4140053e3bd109f787a7c3cec31d535af1f50e0598d85d96d91ea01913d07097d25af99c67464ebf2bb396fb28a9233e56f31f7e105d71a23e9ef3b736d1e80e713d1691713df97334779552fc94b40dd733c7251bc522b673d3ec9354af3dd4ad44fa71c0662213a57ada1d75149697d0eb55c053aaed5ffd0b815832f454179519d3736fb4faf808416071db0d0f801aca8548311ee708c131f4be658b15f6b54256872c2903ac708bd43b017b073b5707bc84c2cd9da70e967
|
| |
+ Output = "lorem ipsum"
|
| |
|
| |
+ # positive test case with null padded ciphertext
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-5
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- @@ -889,36 +919,42 @@ xT1F29tenZbQ/s9Cdd8JdLxKBza0p0wyaQU++2hqziQG4iyeBY3bSuVAYnri/bCC
|
| |
- Yejn5Ly8mU2q+jBcRQ==
|
| |
- -----END PRIVATE KEY-----
|
| |
+ Decrypt = RSA-2049
|
| |
+ Input = 0002aadf846a329fadc6760980303dbd87bfadfa78c2015ce4d6c5782fd9d3f1078bd3c0a2c5bfbdd1c024552e5054d98b5bcdc94e476dd280e64d650089326542ce7c61d4f1ab40004c2e6a88a883613568556a10f3f9edeab67ae8dddc1e6b0831c2793d2715de943f7ce34c5c05d1b09f14431fde566d17e76c9feee90d86a2c158616ec81dda0c642f58c0ba8fa4495843124a7235d46fb4069715a51bf710fd024259131ba94da73597ace494856c94e7a3ec261545793b0990279b15fa91c7fd13dbfb1df2f221dab9fa9f7c1d21e48aa49f6aaecbabf5ee76dc6c2af2317ffb4e303115386a97f8729afc3d0c89419669235f1a3a69570e0836c79fc162
|
| |
+ Output = "lorem ipsum"
|
| |
|
| |
+ # positive test case with null truncated ciphertext
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-6
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=0630eebcd2856c24f798806e41f9e67345eda9ceda386acc9facaea1eeed06ace583709718d9d169fadf414d5c76f92996833ef305b75b1e4b95f662a20faedc3bae0c4827a8bf8a88edbd57ec203a27a841f02e43a615bab1a8cac0701de34debdef62a088089b55ec36ea7522fd3ec8d06b6a073e6df833153bc0aefd93bd1a3
|
| |
- Output=4046ca8baa3347ca27f49e0d81f9cc1d71be9ba517d4
|
| |
+ Decrypt = RSA-2049
|
| |
+ Input = 02aadf846a329fadc6760980303dbd87bfadfa78c2015ce4d6c5782fd9d3f1078bd3c0a2c5bfbdd1c024552e5054d98b5bcdc94e476dd280e64d650089326542ce7c61d4f1ab40004c2e6a88a883613568556a10f3f9edeab67ae8dddc1e6b0831c2793d2715de943f7ce34c5c05d1b09f14431fde566d17e76c9feee90d86a2c158616ec81dda0c642f58c0ba8fa4495843124a7235d46fb4069715a51bf710fd024259131ba94da73597ace494856c94e7a3ec261545793b0990279b15fa91c7fd13dbfb1df2f221dab9fa9f7c1d21e48aa49f6aaecbabf5ee76dc6c2af2317ffb4e303115386a97f8729afc3d0c89419669235f1a3a69570e0836c79fc162
|
| |
+ Output = "lorem ipsum"
|
| |
|
| |
+ # positive test case with double null padded ciphertext
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-6
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=0ebc37376173a4fd2f89cc55c2ca62b26b11d51c3c7ce49e8845f74e7607317c436bc8d23b9667dfeb9d087234b47bc6837175ae5c0559f6b81d7d22416d3e50f4ac533d8f0812f2db9e791fe9c775ac8b6ad0f535ad9ceb23a4a02014c58ab3f8d3161499a260f39348e714ae2a1d3443208fd8b722ccfdfb393e98011f99e63f
|
| |
- Output=5cc72c60231df03b3d40f9b57931bc31109f972527f28b19e7480c7288cb3c92b22512214e4be6c914792ddabdf57faa8aa7
|
| |
+ Decrypt = RSA-2049
|
| |
+ Input = 0000f36da3b72d8ff6ded74e7efd08c01908f3f5f0de7b55eab92b5f875190809c39d4162e1e6649618f854fd84aeab03970d16bb814e999852c06de38d82b95c0f32e2a7b5714021fe303389be9c0eac24c90a6b7210f929d390fabf903d44e04110bb7a7fd6c383c275804721efa6d7c93aa64c0bb2b18d97c5220a846c66a4895ae52adddbe2a9996825e013585adcec4b32ba61d782737bd343e5fabd68e8a95b8b1340318559860792dd70dffbe05a1052b54cbfb48cfa7bb3c19cea52076bddac5c25ee276f153a610f6d06ed696d192d8ae4507ffae4e5bdda10a625d6b67f32f7cffcd48dee2431fe66f6105f9d17e611cdcc674868e81692a360f4052
|
| |
+ Output = "lorem ipsum"
|
| |
|
| |
+ # positive test case with double null truncated ciphertext
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-6
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=0a98bf1093619394436cf68d8f38e2f158fde8ea54f3435f239b8d06b8321844202476aeed96009492480ce3a8d705498c4c8c68f01501dc81db608f60087350c8c3b0bd2e9ef6a81458b7c801b89f2e4fe99d4900ba6a4b5e5a96d865dc676c7755928794130d6280a8160a190f2df3ea7cf9aa0271d88e9e6905ecf1c5152d65
|
| |
- Output=b20e651303092f4bccb43070c0f86d23049362ed96642fc5632c27db4a52e3d831f2ab068b23b149879c002f6bf3feee97591112562c
|
| |
+ Decrypt = RSA-2049
|
| |
+ Input = f36da3b72d8ff6ded74e7efd08c01908f3f5f0de7b55eab92b5f875190809c39d4162e1e6649618f854fd84aeab03970d16bb814e999852c06de38d82b95c0f32e2a7b5714021fe303389be9c0eac24c90a6b7210f929d390fabf903d44e04110bb7a7fd6c383c275804721efa6d7c93aa64c0bb2b18d97c5220a846c66a4895ae52adddbe2a9996825e013585adcec4b32ba61d782737bd343e5fabd68e8a95b8b1340318559860792dd70dffbe05a1052b54cbfb48cfa7bb3c19cea52076bddac5c25ee276f153a610f6d06ed696d192d8ae4507ffae4e5bdda10a625d6b67f32f7cffcd48dee2431fe66f6105f9d17e611cdcc674868e81692a360f4052
|
| |
+ Output = "lorem ipsum"
|
| |
|
| |
+ # The old FIPS provider doesn't include the workaround (#13817)
|
| |
+ -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-6
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=008e7a67cacfb5c4e24bec7dee149117f19598ce8c45808fef88c608ff9cd6e695263b9a3c0ad4b8ba4c95238e96a8422b8535629c8d5382374479ad13fa39974b242f9a759eeaf9c83ad5a8ca18940a0162ba755876df263f4bd50c6525c56090267c1f0e09ce0899a0cf359e88120abd9bf893445b3cae77d3607359ae9a52f8
|
| |
- Output=684e3038c5c041f7
|
| |
+ # a random negative test case that generates an 11 byte long message
|
| |
+ Decrypt = RSA-2049
|
| |
+ Input = 00f910200830fc8fff478e99e145f1474b312e2512d0f90b8cef77f8001d09861688c156d1cbaf8a8957f7ebf35f724466952d0524cad48aad4fba1e45ce8ea27e8f3ba44131b7831b62d60c0762661f4c1d1a88cd06263a259abf1ba9e6b0b172069afb86a7e88387726f8ab3adb30bfd6b3f6be6d85d5dfd044e7ef052395474a9cbb1c3667a92780b43a22693015af6c513041bdaf87d43b24ddd244e791eeaea1066e1f4917117b3a468e22e0f7358852bb981248de4d720add2d15dccba6280355935b67c96f9dcb6c419cc38ab9f6fba2d649ef2066e0c34c9f788ae49babd9025fa85b21113e56ce4f43aa134c512b030dd7ac7ce82e76f0be9ce09ebca
|
| |
+ Output = 1189b6f5498fd6df532b00
|
| |
|
| |
+ # The old FIPS provider doesn't include the workaround (#13817)
|
| |
+ -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-6
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=00003474416c7b68bdf961c385737944d7f1f40cb395343c693cc0b4fe63b31fedf1eaeeac9ccc0678b31dc32e0977489514c4f09085f6298a9653f01aea4045ff582ee887be26ae575b73eef7f3774921e375a3d19adda0ca31aa1849887c1f42cac9677f7a2f4e923f6e5a868b38c084ef187594dc9f7f048fea2e02955384ab
|
| |
- Output=32488cb262d041d6e4dd35f987bf3ca696db1f06ac29a44693
|
| |
+ # otherwise correct plaintext, but with wrong first byte (0x01 instead of 0x00)
|
| |
+ Decrypt = RSA-2049
|
| |
+ Input = 002c9ddc36ba4cf0038692b2d3a1c61a4bb3786a97ce2e46a3ba74d03158aeef456ce0f4db04dda3fe062268a1711250a18c69778a6280d88e133a16254e1f0e30ce8dac9b57d2e39a2f7d7be3ee4e08aec2fdbe8dadad7fdbf442a29a8fb40857407bf6be35596b8eefb5c2b3f58b894452c2dc54a6123a1a38d642e23751746597e08d71ac92704adc17803b19e131b4d1927881f43b0200e6f95658f559f912c889b4cd51862784364896cd6e8618f485a992f82997ad6a0917e32ae5872eaf850092b2d6c782ad35f487b79682333c1750c685d7d32ab3e1538f31dcaa5e7d5d2825875242c83947308dcf63ba4bfff20334c9c140c837dbdbae7a8dee72ff
|
| |
+ Output = f6d0f5b78082fe61c04674
|
| |
|
| |
+ # The old FIPS provider doesn't include the workaround (#13817)
|
| |
+ -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-6
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- @@ -943,36 +979,42 @@ tu4XIedy0DiaVZw9PN+VUNRXxGsDe3RkGx1SFmr4ohPIOWIGzfukQi8Y1vYdvLXS
|
| |
- FMlxv0gq65dqc3DC
|
| |
- -----END PRIVATE KEY-----
|
| |
+ # otherwise correct plaintext, but with wrong second byte (0x01 instead of 0x02)
|
| |
+ Decrypt = RSA-2049
|
| |
+ Input = 00c5d77826c1ab7a34d6390f9d342d5dbe848942e2618287952ba0350d7de6726112e9cebc391a0fae1839e2bf168229e3e0d71d4161801509f1f28f6e1487ca52df05c466b6b0a6fbbe57a3268a970610ec0beac39ec0fa67babce1ef2a86bf77466dc127d7d0d2962c20e66593126f276863cd38dc6351428f884c1384f67cad0a0ffdbc2af16711fb68dc559b96b37b4f04cd133ffc7d79c43c42ca4948fa895b9daeb853150c8a5169849b730cc77d68b0217d6c0e3dbf38d751a1998186633418367e7576530566c23d6d4e0da9b038d0bb5169ce40133ea076472d055001f0135645940fd08ea44269af2604c8b1ba225053d6db9ab43577689401bdc0f3
|
| |
+ @@ -661,14 +674,14 @@ ooCElYcob01/JWzoXl61Z5sdrMH5CVZJty5foHKusAN5AgMBAAE=
|
| |
+ PrivPubKeyPair = RSA-3072:RSA-3072-PUBLIC
|
| |
|
| |
+ # The old FIPS provider doesn't include the workaround (#13817)
|
| |
+ -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-7
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=1688e4ce7794bba6cb7014169ecd559cede2a30b56a52b68d9fe18cf1973ef97b2a03153951c755f6294aa49adbdb55845ab6875fb3986c93ecf927962840d282f9e54ce8b690f7c0cb8bbd73440d9571d1b16cd9260f9eab4783cc482e5223dc60973871783ec27b0ae0fd47732cbc286a173fc92b00fb4ba6824647cd93c85c1
|
| |
- Output=47aae909
|
| |
+ # a random invalid ciphertext that generates an empty synthetic one
|
| |
+ Decrypt = RSA-3072
|
| |
+ Input = 5e956cd9652f4a2ece902931013e09662b6a9257ad1e987fb75f73a0606df2a4b04789770820c2e02322c4e826f767bd895734a01e20609c3be4517a7a2a589ea1cdc137beb73eb38dac781b52e863de9620f79f9b90fd5b953651fcbfef4a9f1cc07421d511a87dd6942caab6a5a0f4df473e62defb529a7de1509ab99c596e1dff1320402298d8be73a896cc86c38ae3f2f576e9ea70cc28ad575cb0f854f0be43186baa9c18e29c47c6ca77135db79c811231b7c1730955887d321fdc06568382b86643cf089b10e35ab23e827d2e5aa7b4e99ff2e914f302351819eb4d1693243b35f8bf1d42d08f8ec4acafa35f747a4a975a28643ec630d8e4fa5be59d81995660a14bb64c1fea5146d6b11f92da6a3956dd5cb5e0d747cf2ea23f81617769185336263d46ef4c144b754de62a6337342d6c85a95f19f015724546ee3fc4823eca603dbc1dc01c2d5ed50bd72d8e96df2dc048edde0081284068283fc5e73a6139851abf2f29977d0b3d160c883a42a37efba1be05c1a0b1741d7ddf59
|
| |
+ Output =
|
| |
|
| |
+ # The old FIPS provider doesn't include the workaround (#13817)
|
| |
+ -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-7
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=1052ed397b2e01e1d0ee1c50bf24363f95e504f4a03434a08fd822574ed6b9736edbb5f390db10321479a8a139350e2bd4977c3778ef331f3e78ae118b268451f20a2f01d471f5d53c566937171b2dbc2d4bde459a5799f0372d6574239b2323d245d0bb81c286b63c89a361017337e4902f88a467f4c7f244bfd5ab46437ff3b6
|
| |
- Output=1d9b2e2223d9bc13bfb9f162ce735db48ba7c68f6822a0a1a7b6ae165834e7
|
| |
+ # a random invalid that has PRF output with a length one byte too long
|
| |
+ # in the last value
|
| |
+ Decrypt = RSA-3072
|
| |
+ @@ -676,46 +689,51 @@ Input = 7db0390d75fcf9d4c59cf27b264190d856da9abd11e92334d0e5f71005cfed865a711dfa
|
| |
+ Output = 56a3bea054e01338be9b7d7957539c
|
| |
|
| |
+ # The old FIPS provider doesn't include the workaround (#13817)
|
| |
+ -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-7
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=2155cd843ff24a4ee8badb7694260028a490813ba8b369a4cbf106ec148e5298707f5965be7d101c1049ea8584c24cd63455ad9c104d686282d3fb803a4c11c1c2e9b91c7178801d1b6640f003f5728df007b8a4ccc92bce05e41a27278d7c85018c52414313a5077789001d4f01910b72aad05d220aa14a58733a7489bc54556b
|
| |
- Output=d976fc
|
| |
+ # a random invalid that generates a synthetic of maximum size
|
| |
+ Decrypt = RSA-3072
|
| |
+ Input = 1715065322522dff85049800f6a29ab5f98c465020467414b2a44127fe9446da47fa18047900f99afe67c2df6f50160bb8e90bff296610fde632b3859d4d0d2e644f23835028c46cca01b84b88231d7e03154edec6627bcba23de76740d839851fa12d74c8f92e540c73fe837b91b7d699b311997d5f0f7864c486d499c3a79c111faaacbe4799597a25066c6200215c3d158f3817c1aa57f18bdaad0be1658da9da93f5cc6c3c4dd72788af57adbb6a0c26f42d32d95b8a4f95e8c6feb2f8a5d53b19a50a0b7cbc25e055ad03e5ace8f3f7db13e57759f67b65d143f08cca15992c6b2aae643390483de111c2988d4e76b42596266005103c8de6044fb7398eb3c28a864fa672de5fd8774510ff45e05969a11a4c7d3f343e331190d2dcf24fb9154ba904dc94af98afc5774a9617d0418fe6d13f8245c7d7626c176138dd698a23547c25f27c2b98ea4d8a45c7842b81888e4cc14e5b72e9cf91f56956c93dbf2e5f44a8282a7813157fc481ff1371a0f66b31797e81ebdb09a673d4db96d6
|
| |
+ Output = 7b036fcd6243900e4236c894e2462c17738acc87e01a76f4d95cb9a328d9acde81650283b8e8f60a217e3bdee835c7b222ad4c85d0acdb9a309bd2a754609a65dec50f3aa04c6d5891034566b9563d42668ede1f8992b17753a2132e28970584e255efc8b45a41c5dbd7567f014acec5fe6fdb6d484790360a913ebb9defcd74ff377f2a8ba46d2ed85f733c9a3da08eb57ecedfafda806778f03c66b2c5d2874cec1c291b2d49eb194c7b5d0dd2908ae90f4843268a2c45563092ade08acb6ab481a08176102fc803fbb2f8ad11b0e1531bd37df543498daf180b12017f4d4d426ca29b4161075534bfb914968088a9d13785d0adc0e2580d3548494b2a9e91605f2b27e6cc701c796f0de7c6f471f6ab6cb9272a1ed637ca32a60d117505d82af3c1336104afb537d01a8f70b510e1eebf4869cb976c419473795a66c7f5e6e20a8094b1bb603a74330c537c5c0698c31538bd2e138c1275a1bdf24c5fa8ab3b7b526324e7918a382d1363b3d463764222150e04
|
| |
|
| |
+ # a positive test case that decrypts to 9 byte long value
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-7
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=0ab14c373aeb7d4328d0aaad8c094d88b9eb098b95f21054a29082522be7c27a312878b637917e3d819e6c3c568db5d843802b06d51d9e98a2be0bf40c031423b00edfbff8320efb9171bd2044653a4cb9c5122f6c65e83cda2ec3c126027a9c1a56ba874d0fea23f380b82cf240b8cf540004758c4c77d934157a74f3fc12bfac
|
| |
- Output=d4738623df223aa43843df8467534c41d013e0c803c624e263666b239bde40a5f29aeb8de79e3daa61dd0370f49bd4b013834b98212aef6b1c5ee373b3cb
|
| |
+ Decrypt = RSA-3072
|
| |
+ Input = 6c60845a854b4571f678941ae35a2ac03f67c21e21146f9db1f2306be9f136453b86ad55647d4f7b5c9e62197aaff0c0e40a3b54c4cde14e774b1c5959b6c2a2302896ffae1f73b00b862a20ff4304fe06cea7ff30ecb3773ca9af27a0b54547350d7c07dfb0a39629c7e71e83fc5af9b2adbaf898e037f1de696a3f328cf45af7ec9aff7173854087fb8fbf34be981efbd8493f9438d1b2ba2a86af082662aa46ae9adfbec51e5f3d9550a4dd1dcb7c8969c9587a6edc82a8cabbc785c40d9fbd12064559fb769450ac3e47e87bc046148130d7eaa843e4b3ccef3675d0630500803cb7ffee3882378c1a404e850c3e20707bb745e42b13c18786c4976076ed9fa8fd0ff15e571bef02cbbe2f90c908ac3734a433b73e778d4d17fcc28f49185ebc6e8536a06d293202d94496453bfdf1c2c7833a3f99fa38ca8a81f42eaa529d603b890308a319c0ab63a35ff8ebac965f6278f5a7e5d622be5d5fe55f0ca3ec993d55430d2bf59c5d3e860e90c16d91a04596f6fdf60d89ed95d88c036dde
|
| |
+ Output = "forty two"
|
| |
|
| |
+ # a positive test case with null padded ciphertext
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-7
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=028387a318277434798b4d97f460068df5298faba5041ba11761a1cb7316b24184114ec500257e2589ed3b607a1ebbe97a6cc2e02bf1b681f42312a33b7a77d8e7855c4a6de03e3c04643f786b91a264a0d6805e2cea91e68177eb7a64d9255e4f27e713b7ccec00dc200ebd21c2ea2bb890feae4942df941dc3f97890ed347478
|
| |
- Output=bb47231ca5ea1d3ad46c99345d9a8a61
|
| |
+ Decrypt = RSA-3072
|
| |
+ Input = 00f4d565a3286784dbb85327db8807ae557ead229f92aba945cecda5225f606a7d6130edeeb6f26724d1eff1110f9eb18dc3248140ee3837e6688391e78796c526791384f045e21b6b853fb6342a11f309eb77962f37ce23925af600847fbd30e6e07e57de50b606e6b7f288cc777c1a6834f27e6edace508452128916eef7788c8bb227e3548c6a761cc4e9dd1a3584176dc053ba3500adb1d5e1611291654f12dfc5722832f635db3002d73f9defc310ace62c63868d341619c7ee15b20243b3371e05078e11219770c701d9f341af35df1bc729de294825ff2e416aa11526612852777eb131f9c45151eb144980d70608d2fc4043477368369aa0fe487a48bd57e66b00c3c58f941549f5ec050fca64449debe7a0c4ac51e55cb71620a70312aa4bd85fac1410c9c7f9d6ec610b7d11bf8faeffa20255d1a1bead9297d0aa8765cd2805847d639bc439f4a6c896e2008f746f9590ff4596de5ddde000ed666c452c978043ff4298461eb5a26d5e63d821438627f91201924bf7f2aeee1727
|
| |
+ Output = "forty two"
|
| |
|
| |
+ # a positive test case with null truncated ciphertext
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-7
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- @@ -997,36 +1039,42 @@ njraT2MgdSwJ2AX/fR8a4NAXru7pzvoNfdf/d15EtXgyL2QF1iEdoZUZZmqof9xM
|
| |
- 2MiPa249Z+lh3Luj0A==
|
| |
- -----END PRIVATE KEY-----
|
| |
+ Decrypt = RSA-3072
|
| |
+ Input = f4d565a3286784dbb85327db8807ae557ead229f92aba945cecda5225f606a7d6130edeeb6f26724d1eff1110f9eb18dc3248140ee3837e6688391e78796c526791384f045e21b6b853fb6342a11f309eb77962f37ce23925af600847fbd30e6e07e57de50b606e6b7f288cc777c1a6834f27e6edace508452128916eef7788c8bb227e3548c6a761cc4e9dd1a3584176dc053ba3500adb1d5e1611291654f12dfc5722832f635db3002d73f9defc310ace62c63868d341619c7ee15b20243b3371e05078e11219770c701d9f341af35df1bc729de294825ff2e416aa11526612852777eb131f9c45151eb144980d70608d2fc4043477368369aa0fe487a48bd57e66b00c3c58f941549f5ec050fca64449debe7a0c4ac51e55cb71620a70312aa4bd85fac1410c9c7f9d6ec610b7d11bf8faeffa20255d1a1bead9297d0aa8765cd2805847d639bc439f4a6c896e2008f746f9590ff4596de5ddde000ed666c452c978043ff4298461eb5a26d5e63d821438627f91201924bf7f2aeee1727
|
| |
+ Output = "forty two"
|
| |
|
| |
+ # a positive test case with double null padded ciphertext
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-8
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=09b3683d8a2eb0fb295b62ed1fb9290b714457b7825319f4647872af889b30409472020ad12912bf19b11d4819f49614824ffd84d09c0a17e7d17309d12919790410aa2995699f6a86dbe3242b5acc23af45691080d6b1ae810fb3e3057087f0970092ce00be9562ff4053b6262ce0caa93e13723d2e3a5ba075d45f0d61b54b61
|
| |
- Output=050b755e5e6880f7b9e9d692a74c37aae449b31bfea6deff83747a897f6c2c825bb1adbf850a3c96994b5de5b33cbc7d4a17913a7967
|
| |
+ Decrypt = RSA-3072
|
| |
+ Input = 00001ec97ac981dfd9dcc7a7389fdfa9d361141dac80c23a060410d472c16094e6cdffc0c3684d84aa402d7051dfccb2f6da33f66985d2a259f5b7fbf39ac537e95c5b7050eb18844a0513abef812cc8e74a3c5240009e6e805dcadf532bc1a2702d5acc9e585fad5b89d461fcc1397351cdce35171523758b171dc041f412e42966de7f94856477356d06f2a6b40e3ff0547562a4d91bbf1338e9e049facbee8b20171164505468cd308997447d3dc4b0acb49e7d368fedd8c734251f30a83491d2506f3f87318cc118823244a393dc7c5c739a2733d93e1b13db6840a9429947357f47b23fbe39b7d2d61e5ee26f9946c4632f6c4699e452f412a26641d4751135400713cd56ec66f0370423d55d2af70f5e7ad0adea8e4a0d904a01e4ac272eba4af1a029dd53eb71f115bf31f7a6c8b19a6523adeecc0d4c3c107575e38572a8f8474ccad163e46e2e8b08111132aa97a16fb588c9b7e37b3b3d7490381f3c55d1a9869a0fd42cd86fed59ecec78cb6b2dfd06a497f5afe3419691314ba0
|
| |
+ Output = "forty two"
|
| |
|
| |
+ # a positive test case with double null truncated ciphertext
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-8
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=2ecf15c97c5a15b1476ae986b371b57a24284f4a162a8d0c8182e7905e792256f1812ba5f83f1f7a130e42dcc02232844edc14a31a68ee97ae564a383a3411656424c5f62ddb646093c367be1fcda426cf00a06d8acb7e57776fbbd855ac3df506fc16b1d7c3f2110f3d8068e91e186363831c8409680d8da9ecd8cf1fa20ee39d
|
| |
- Output=4eb68dcd93ca9b19df111bd43608f557026fe4aa1d5cfac227a3eb5ab9548c18a06dded23f81825986b2fcd71109ecef7eff88873f075c2aa0c469f69c92bc
|
| |
+ Decrypt = RSA-3072
|
| |
+ Input = 1ec97ac981dfd9dcc7a7389fdfa9d361141dac80c23a060410d472c16094e6cdffc0c3684d84aa402d7051dfccb2f6da33f66985d2a259f5b7fbf39ac537e95c5b7050eb18844a0513abef812cc8e74a3c5240009e6e805dcadf532bc1a2702d5acc9e585fad5b89d461fcc1397351cdce35171523758b171dc041f412e42966de7f94856477356d06f2a6b40e3ff0547562a4d91bbf1338e9e049facbee8b20171164505468cd308997447d3dc4b0acb49e7d368fedd8c734251f30a83491d2506f3f87318cc118823244a393dc7c5c739a2733d93e1b13db6840a9429947357f47b23fbe39b7d2d61e5ee26f9946c4632f6c4699e452f412a26641d4751135400713cd56ec66f0370423d55d2af70f5e7ad0adea8e4a0d904a01e4ac272eba4af1a029dd53eb71f115bf31f7a6c8b19a6523adeecc0d4c3c107575e38572a8f8474ccad163e46e2e8b08111132aa97a16fb588c9b7e37b3b3d7490381f3c55d1a9869a0fd42cd86fed59ecec78cb6b2dfd06a497f5afe3419691314ba0
|
| |
+ Output = "forty two"
|
| |
|
| |
+ # The old FIPS provider doesn't include the workaround (#13817)
|
| |
+ -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-8
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=4bc89130a5b2dabb7c2fcf90eb5d0eaf9e681b7146a38f3173a3d9cfec52ea9e0a41932e648a9d69344c50da763f51a03c95762131e8052254dcd2248cba40fd31667786ce05a2b7b531ac9dac9ed584a59b677c1a8aed8c5d15d68c05569e2be780bf7db638fd2bfd2a85ab276860f3777338fca989ffd743d13ee08e0ca9893f
|
| |
- Output=8604ac56328c1ab5ad917861
|
| |
+ # a random negative test case that generates a 9 byte long message
|
| |
+ Decrypt = RSA-3072
|
| |
+ Input = 5c8555f5cef627c15d37f85c7f5fd6e499264ea4b8e3f9112023aeb722eb38d8eac2be3751fd5a3785ab7f2d59fa3728e5be8c3de78a67464e30b21ee23b5484bb3cd06d0e1c6ad25649c8518165653eb80488bfb491b20c04897a6772f69292222fc5ef50b5cf9efc6d60426a449b6c489569d48c83488df629d695653d409ce49a795447fcec2c58a1a672e4a391401d428baaf781516e11e323d302fcf20f6eab2b2dbe53a48c987e407c4d7e1cb41131329138313d330204173a4f3ff06c6fadf970f0ed1005d0b27e35c3d11693e0429e272d583e57b2c58d24315c397856b34485dcb077665592b747f889d34febf2be8fce66c265fd9fc3575a6286a5ce88b4b413a08efc57a07a8f57a999605a837b0542695c0d189e678b53662ecf7c3d37d9dbeea585eebfaf79141118e06762c2381fe27ca6288edddc19fd67cd64f16b46e06d8a59ac530f22cd83cc0bc4e37feb52015cbb2283043ccf5e78a4eb7146827d7a466b66c8a4a4826c1bad68123a7f2d00fc1736525ff90c058f56
|
| |
+ Output = 257906ca6de8307728
|
| |
|
| |
+ # The old FIPS provider doesn't include the workaround (#13817)
|
| |
+ -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-8
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=2e456847d8fc36ff0147d6993594b9397227d577752c79d0f904fcb039d4d812fea605a7b574dd82ca786f93752348438ee9f5b5454985d5f0e1699e3e7ad175a32e15f03deb042ab9fe1dd9db1bb86f8c089ccb45e7ef0c5ee7ca9b7290ca6b15bed47039788a8a93ff83e0e8d6244c71006362deef69b6f416fb3c684383fbd0
|
| |
- Output=fdda5fbf6ec361a9d9a4ac68af216a0686f438b1e0e5c36b955f74e107f39c0dddcc
|
| |
+ # a random negative test case that generates a 9 byte long message based on
|
| |
+ # second to last value from PRF
|
| |
+ Decrypt = RSA-3072
|
| |
+ @@ -723,7 +741,7 @@ Input = 758c215aa6acd61248062b88284bf43c13cb3b3d02410be4238607442f1c0216706e21a0
|
| |
+ Output = 043383c929060374ed
|
| |
|
| |
+ # The old FIPS provider doesn't include the workaround (#13817)
|
| |
+ -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-8
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=1fb9356fd5c4b1796db2ebf7d0d393cc810adf6145defc2fce714f79d93800d5e2ac211ea8bbecca4b654b94c3b18b30dd576ce34dc95436ef57a09415645923359a5d7b4171ef22c24670f1b229d3603e91f76671b7df97e7317c97734476d5f3d17d21cf82b5ba9f83df2e588d36984fd1b584468bd23b2e875f32f68953f7b2
|
| |
- Output=4a5f4914bee25de3c69341de07
|
| |
+ # a random negative test that generates message based on 3rd last value from
|
| |
+ # PRF
|
| |
+ Decrypt = RSA-3072
|
| |
+ @@ -731,35 +749,35 @@ Input = 7b22d5e62d287968c6622171a1f75db4b0fd15cdf3134a1895d235d56f8d8fe619f2bf48
|
| |
+ Output = 70263fa6050534b9e0
|
| |
|
| |
+ # The old FIPS provider doesn't include the workaround (#13817)
|
| |
+ -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-8
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- @@ -1057,36 +1105,42 @@ Z7CDuaemy2HkLbNiuMmJbbcGTgKtWuYVh9oVtGSckFlJCf6zfby2VL63Jo7IAeWo
|
| |
- tKo5Eb69iFQvBb4=
|
| |
- -----END PRIVATE KEY-----
|
| |
+ # an otherwise valid plaintext, but with wrong first byte (0x01 instead of 0x00)
|
| |
+ Decrypt = RSA-3072
|
| |
+ Input = 6db80adb5ff0a768caf1378ecc382a694e7d1bde2eff4ba12c48aaf794ded7a994a5b2b57acec20dbec4ae385c9dd531945c0f197a5496908725fc99d88601a17d3bb0b2d38d2c1c3100f39955a4cb3dbed5a38bf900f23d91e173640e4ec655c84fdfe71fcdb12a386108fcf718c9b7af37d39703e882436224c877a2235e8344fba6c951eb7e2a4d1d1de81fb463ac1b880f6cc0e59ade05c8ce35179ecd09546731fc07b141d3d6b342a97ae747e61a9130f72d37ac5a2c30215b6cbd66c7db893810df58b4c457b4b54f34428247d584e0fa71062446210db08254fb9ead1ba1a393c724bd291f0cf1a7143f32df849051dc896d7d176fef3b57ab6dffd626d0c3044e9edb2e3d012ace202d2581df01bec7e9aa0727a6650dd373d374f0bc0f4a611f8139dfe97d63e70c6188f4df5b672e47c51d8aa567097293fbff127c75ec690b43407578b73c85451710a0cece58fd497d7f7bd36a8a92783ef7dc6265dff52aac8b70340b996508d39217f2783ce6fc91a1cc94bb2ac487b84f62
|
| |
+ Output = 6d8d3a094ff3afff4c
|
| |
|
| |
+ # The old FIPS provider doesn't include the workaround (#13817)
|
| |
+ -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-9
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=267bcd118acab1fc8ba81c85d73003cb8610fa55c1d97da8d48a7c7f06896a4db751aa284255b9d36ad65f37653d829f1b37f97b8001942545b2fc2c55a7376ca7a1be4b1760c8e05a33e5aa2526b8d98e317088e7834c755b2a59b12631a182c05d5d43ab1779264f8456f515ce57dfdf512d5493dab7b7338dc4b7d78db9c091ac3baf537a69fc7f549d979f0eff9a94fda4169bd4d1d19a69c99e33c3b55490d501b39b1edae118ff6793a153261584d3a5f39f6e682e3d17c8cd1261fa72
|
| |
- Output=f735fd55ba92592c3b52b8f9c4f69aaa1cbef8fe88add095595412467f9cf4ec0b896c59eda16210e7549c8abb10cdbc21a12ec9b6b5b8fd2f10399eb6
|
| |
+ # an otherwise valid plaintext, but with wrong second byte (0x01 instead of 0x02)
|
| |
+ Decrypt = RSA-3072
|
| |
+ Input = 417328c034458563079a4024817d0150340c34e25ae16dcad690623f702e5c748a6ebb3419ff48f486f83ba9df35c05efbd7f40613f0fc996c53706c30df6bba6dcd4a40825f96133f3c21638a342bd4663dffbd0073980dac47f8c1dd8e97ce1412e4f91f2a8adb1ac2b1071066efe8d718bbb88ca4a59bd61500e826f2365255a409bece0f972df97c3a55e09289ef5fa815a2353ef393fd1aecfc888d611c16aec532e5148be15ef1bf2834b8f75bb26db08b66d2baad6464f8439d1986b533813321dbb180080910f233bcc4dd784fb21871aef41be08b7bfad4ecc3b68f228cb5317ac6ec1227bc7d0e452037ba918ee1da9fdb8393ae93b1e937a8d4691a17871d5092d2384b6190a53df888f65b951b05ed4ad57fe4b0c6a47b5b22f32a7f23c1a234c9feb5d8713d949686760680da4db454f4acad972470033472b9864d63e8d23eefc87ebcf464ecf33f67fbcdd48eab38c5292586b36aef5981ed2fa07b2f9e23fc57d9eb71bfff4111c857e9fff23ceb31e72592e70c874b4936
|
| |
+ Output = c6ae80ffa80bc184b0
|
| |
|
| |
+ # The old FIPS provider doesn't include the workaround (#13817)
|
| |
+ -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-9
|
| |
- Ctrl = rsa_padding_mode:oaep
|
| |
- Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=93ac9f0671ec29acbb444effc1a5741351d60fdb0e393fbf754acf0de49761a14841df7772e9bc82773966a1584c4d72baea00118f83f35cca6e537cbd4d811f5583b29783d8a6d94cd31be70d6f526c10ff09c6fa7ce069795a3fcd0511fd5fcb564bcc80ea9c78f38b80012539d8a4ddf6fe81e9cddb7f50dbbbbcc7e5d86097ccf4ec49189fb8bf318be6d5a0715d516b49af191258cd32dc833ce6eb4673c03a19bbace88cc54895f636cc0c1ec89096d11ce235a265ca1764232a689ae8
|
| |
- Output=81b906605015a63aabe42ddf11e1978912f5404c7474b26dce3ed482bf961ecc818bf420c54659
|
| |
+ # an otherwise valid plaintext, but with zero byte in first byte of padding
|
| |
+ Decrypt = RSA-3072
|
| |
+ Input = 8542c626fe533467acffcd4e617692244c9b5a3bf0a215c5d64891ced4bf4f9591b4b2aedff9843057986d81631b0acb3704ec2180e5696e8bd15b217a0ec36d2061b0e2182faa3d1c59bd3f9086a10077a3337a3f5da503ec3753535ffd25b837a12f2541afefd0cffb0224b8f874e4bed13949e105c075ed44e287c5ae03b155e06b90ed247d2c07f1ef3323e3508cce4e4074606c54172ad74d12f8c3a47f654ad671104bf7681e5b061862747d9afd37e07d8e0e2291e01f14a95a1bb4cbb47c304ef067595a3947ee2d722067e38a0f046f43ec29cac6a8801c6e3e9a2331b1d45a7aa2c6af3205be382dd026e389614ee095665a611ab2e8dced2ee1c9d08ac9de11aef5b3803fc9a9ce8231ec87b5fed386fb92ee3db995a89307bcba844bd0a691c29ae51216e949dfc813133cb06a07265fd807bcb3377f6adb0a481d9b7f442003115895939773e6b95371c4febef29edae946fa245e7c50729e2e558cfaad773d1fd5f67b457a6d9d17a847c6fcbdb103a86f35f228cefc06cea0
|
| |
+ Output = a8a9301daa01bb25c7
|
| |
|
| |
+ # The old FIPS provider doesn't include the workaround (#13817)
|
| |
+ -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-9
|
| |
+ # an otherwise valid plaintext, but with zero byte in eight byte of padding
|
| |
+ Decrypt = RSA-3072
|
| |
+ Input = 449dfa237a70a99cb0351793ec8677882021c2aa743580bf6a0ea672055cffe8303ac42855b1d1f3373aae6af09cb9074180fc963e9d1478a4f98b3b4861d3e7f0aa8560cf603711f139db77667ca14ba3a1acdedfca9ef4603d6d7eb0645bfc805304f9ad9d77d34762ce5cd84bd3ec9d35c30e3be72a1e8d355d5674a141b5530659ad64ebb6082e6f73a80832ab6388912538914654d34602f4b3b1c78589b4a5d964b2efcca1dc7004c41f6cafcb5a7159a7fc7c0398604d0edbd4c8f4f04067da6a153a05e7cbeea13b5ee412400ef7d4f3106f4798da707ec37a11286df2b7a204856d5ff773613fd1e453a7114b78e347d3e8078e1cb3276b3562486ba630bf719697e0073a123c3e60ebb5c7a1ccff4279faffa2402bc1109f8d559d6766e73591943dfcf25ba10c3762f02af85187799b8b4b135c3990793a6fd32642f1557405ba55cc7cf7336a0e967073c5fa50743f9cc5e3017c172d9898d2af83345e71b3e0c22ab791eacb6484a32ec60ebc226ec9deaee91b1a0560c2b571
|
| |
+ Output = 6c716fe01d44398018
|
| |
+
|
| |
+ # The old FIPS provider doesn't include the workaround (#13817)
|
| |
+ -FIPSversion = >=3.2.0
|
| |
+ +Availablein = default
|
| |
+ # an otherwise valid plaintext, but with null separator missing
|
| |
+ Decrypt = RSA-3072
|
| |
+ Input = a7a5c99e50da48769ecb779d9abe86ef9ec8c38c6f43f17c7f2d7af608a4a1bd6cf695b47e97c191c61fb5a27318d02f495a176b9fae5a55b5d3fabd1d8aae4957e3879cb0c60f037724e11be5f30f08fc51c033731f14b44b414d11278cd3dba7e1c8bfe208d2b2bb7ec36366dacb6c88b24cd79ab394adf19dbbc21dfa5788bacbadc6a62f79cf54fd8cf585c615b5c0eb94c35aa9de25321c8ffefb8916bbaa2697cb2dd82ee98939df9b6704cee77793edd2b4947d82e00e5749664970736c59a84197bd72b5c71e36aae29cd39af6ac73a368edbc1ca792e1309f442aafcd77c992c88f8e4863149f221695cb7b0236e75b2339a02c4ea114854372c306b9412d8eedb600a31532002f2cea07b4df963a093185e4607732e46d753b540974fb5a5c3f9432df22e85bb17611370966c5522fd23f2ad3484341ba7fd8885fc8e6d379a611d13a2aca784fba2073208faad2137bf1979a0fa146c1880d4337db3274269493bab44a1bcd0681f7227ffdf589c2e925ed9d36302509d1109ba4
|
| |
+ @@ -1106,36 +1124,42 @@ vcDtKrdWo6btTWc1Kml9QhbpMhKxJ6Y9VBHOb6mNXb79cyY+NygUJ0OBgWbtfdY2
|
| |
+ h90qjKHS9PvY4Q==
|
| |
+ -----END PRIVATE KEY-----
|
| |
+
|
| |
+ +Availablein = default
|
| |
+ Decrypt=RSA-OAEP-1
|
| |
Ctrl = rsa_padding_mode:oaep
|
| |
Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=81ebdd95054b0c822ef9ad7693f5a87adfb4b4c4ce70df2df84ed49c04da58ba5fc20a19e1a6e8b7a3900b22796dc4e869ee6b42792d15a8eceb56c09c69914e813cea8f6931e4b8ed6f421af298d595c97f4789c7caa612c7ef360984c21b93edc5401068b5af4c78a8771b984d53b8ea8adf2f6a7d4a0ba76c75e1dd9f658f20ded4a46071d46d7791b56803d8fea7f0b0f8e41ae3f09383a6f9585fe7753eaaffd2bf94563108beecc207bbb535f5fcc705f0dde9f708c62f49a9c90371d3
|
| |
- Output=fd326429df9b890e09b54b18b8f34f1e24
|
| |
+ Input=354fe67b4a126d5d35fe36c777791a3f7ba13def484e2d3908aff722fad468fb21696de95d0be911c2d3174f8afcc201035f7b6d8e69402de5451618c21a535fa9d7bfc5b8dd9fc243f8cf927db31322d6e881eaa91a996170e657a05a266426d98c88003f8477c1227094a0d9fa1e8c4024309ce1ecccb5210035d47ac72e8a
|
| |
+ Output=6628194e12073db03ba94cda9ef9532397d50dba79b987004afefe34
|
| |
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-9
|
| |
+ Decrypt=RSA-OAEP-1
|
| |
Ctrl = rsa_padding_mode:oaep
|
| |
Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=bcc35f94cde66cb1136625d625b94432a35b22f3d2fa11a613ff0fca5bd57f87b902ccdc1cd0aebcb0715ee869d1d1fe395f6793003f5eca465059c88660d446ff5f0818552022557e38c08a67ead991262254f10682975ec56397768537f4977af6d5f6aaceb7fb25dec5937230231fd8978af49119a29f29e424ab8272b47562792d5c94f774b8829d0b0d9f1a8c9eddf37574d5fa248eefa9c5271fc5ec2579c81bdd61b410fa61fe36e424221c113addb275664c801d34ca8c6351e4a858
|
| |
- Output=f1459b5f0c92f01a0f723a2e5662484d8f8c0a20fc29dad6acd43bb5f3effdf4e1b63e07fdfe6628d0d74ca19bf2d69e4a0abf86d293925a796772f8088e
|
| |
+ Input=640db1acc58e0568fe5407e5f9b701dff8c3c91e716c536fc7fcec6cb5b71c1165988d4a279e1577d730fc7a29932e3f00c81515236d8d8e31017a7a09df4352d904cdeb79aa583adcc31ea698a4c05283daba9089be5491f67c1a4ee48dc74bbbe6643aef846679b4cb395a352d5ed115912df696ffe0702932946d71492b44
|
| |
+ Output=750c4047f547e8e41411856523298ac9bae245efaf1397fbe56f9dd5
|
| |
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-9
|
| |
+ Decrypt=RSA-OAEP-1
|
| |
Ctrl = rsa_padding_mode:oaep
|
| |
Ctrl = rsa_mgf1_md:sha1
|
| |
- Input=232afbc927fa08c2f6a27b87d4a5cb09c07dc26fae73d73a90558839f4fd66d281b87ec734bce237ba166698ed829106a7de6942cd6cdce78fed8d2e4d81428e66490d036264cef92af941d3e35055fe3981e14d29cbb9a4f67473063baec79a1179f5a17c9c1832f2838fd7d5e59bb9659d56dce8a019edef1bb3accc697cc6cc7a778f60a064c7f6f5d529c6210262e003de583e81e3167b89971fb8c0e15d44fffef89b53d8d64dd797d159b56d2b08ea5307ea12c241bd58d4ee278a1f2e
|
| |
- Output=53e6e8c729d6f9c319dd317e74b0db8e4ccca25f3c8305746e137ac63a63ef3739e7b595abb96e8d55e54f7bd41ab433378ffb911d
|
| |
+ Input=423736ed035f6026af276c35c0b3741b365e5f76ca091b4e8c29e2f0befee603595aa8322d602d2e625e95eb81b2f1c9724e822eca76db8618cf09c5343503a4360835b5903bc637e3879fb05e0ef32685d5aec5067cd7cc96fe4b2670b6eac3066b1fcf5686b68589aafb7d629b02d8f8625ca3833624d4800fb081b1cf94eb
|
| |
+ Output=d94ae0832e6445ce42331cb06d531a82b1db4baad30f746dc916df24d4e3c2451fff59a6423eb0e1d02d4fe646cf699dfd818c6e97b051
|
| |
|
| |
+Availablein = default
|
| |
- Decrypt=RSA-OAEP-9
|
| |
+ Decrypt=RSA-OAEP-1
|
| |
Ctrl = rsa_padding_mode:oaep
|
| |
Ctrl = rsa_mgf1_md:sha1
|
| |
- diff --git a/test/recipes/80-test_cms.t b/test/recipes/80-test_cms.t
|
| |
- index cbec426137..9ba7fbeed2 100644
|
| |
- --- a/test/recipes/80-test_cms.t
|
| |
- +++ b/test/recipes/80-test_cms.t
|
| |
- @@ -233,7 +233,7 @@ my @smime_pkcs7_tests = (
|
| |
- \&final_compare
|
| |
- ],
|
| |
-
|
| |
- - [ "enveloped content test streaming S/MIME format, AES-256 cipher, 3 recipients",
|
| |
- + [ "enveloped content test streaming S/MIME format, AES-256 cipher, 3 recipients, no Red Hat FIPS",
|
| |
- [ "{cmd1}", @prov, "-encrypt", "-in", $smcont,
|
| |
- "-aes256", "-stream", "-out", "{output}.cms",
|
| |
- $smrsa1,
|
| |
- @@ -1022,6 +1022,9 @@ sub check_availability {
|
| |
- return "$tnam: skipped, DSA disabled\n"
|
| |
- if ($no_dsa && $tnam =~ / DSA/);
|
| |
-
|
| |
- + return "$tnam: skipped, Red Hat FIPS\n"
|
| |
- + if ($tnam =~ /no Red Hat FIPS/);
|
| |
- +
|
| |
- return "";
|
| |
- }
|
| |
-
|
| |
- diff --git a/test/recipes/80-test_ssl_old.t b/test/recipes/80-test_ssl_old.t
|
| |
- index e2dcb68fb5..0775112b40 100644
|
| |
- --- a/test/recipes/80-test_ssl_old.t
|
| |
- +++ b/test/recipes/80-test_ssl_old.t
|
| |
- @@ -493,6 +493,18 @@ sub testssl {
|
| |
- # the default choice if TLSv1.3 enabled
|
| |
- my $flag = $protocol eq "-tls1_3" ? "" : $protocol;
|
| |
- my $ciphersuites = "";
|
| |
- + my %redhat_skip_cipher = map {$_ => 1} qw(
|
| |
- +AES256-GCM-SHA384:@SECLEVEL=0
|
| |
- +AES256-CCM8:@SECLEVEL=0
|
| |
- +AES256-CCM:@SECLEVEL=0
|
| |
- +AES128-GCM-SHA256:@SECLEVEL=0
|
| |
- +AES128-CCM8:@SECLEVEL=0
|
| |
- +AES128-CCM:@SECLEVEL=0
|
| |
- +AES256-SHA256:@SECLEVEL=0
|
| |
- +AES128-SHA256:@SECLEVEL=0
|
| |
- +AES256-SHA:@SECLEVEL=0
|
| |
- +AES128-SHA:@SECLEVEL=0
|
| |
- + );
|
| |
- foreach my $cipher (@{$ciphersuites{$protocol}}) {
|
| |
- if ($protocol eq "-ssl3" && $cipher =~ /ECDH/ ) {
|
| |
- note "*****SKIPPING $protocol $cipher";
|
| |
- @@ -504,11 +516,16 @@ sub testssl {
|
| |
- } else {
|
| |
- $cipher = $cipher.':@SECLEVEL=0';
|
| |
- }
|
| |
- - ok(run(test([@ssltest, @exkeys, "-cipher",
|
| |
- - $cipher,
|
| |
- - "-ciphersuites", $ciphersuites,
|
| |
- - $flag || ()])),
|
| |
- - "Testing $cipher");
|
| |
- + if ($provider eq "fips" && exists $redhat_skip_cipher{$cipher}) {
|
| |
- + note "*****SKIPPING $cipher in Red Hat FIPS mode";
|
| |
- + ok(1);
|
| |
- + } else {
|
| |
- + ok(run(test([@ssltest, @exkeys, "-cipher",
|
| |
- + $cipher,
|
| |
- + "-ciphersuites", $ciphersuites,
|
| |
- + $flag || ()])),
|
| |
- + "Testing $cipher");
|
| |
- + }
|
| |
- }
|
| |
- }
|
| |
- next if $protocol eq "-tls1_3";
|
| |
- --
|
| |
- 2.41.0
|
| |
-
|
| |
- diff -up openssl-3.2.0/test/recipes/30-test_evp_data/evppkey_rsa_common.txt.patch-58 openssl-3.2.0/test/recipes/30-test_evp_data/evppkey_rsa_common.txt
|
| |
- --- openssl-3.2.0/test/recipes/30-test_evp_data/evppkey_rsa_common.txt.patch-58 2023-12-11 19:15:32.167790754 +0100
|
| |
- +++ openssl-3.2.0/test/recipes/30-test_evp_data/evppkey_rsa_common.txt 2023-12-11 21:16:08.390089120 +0100
|
| |
- @@ -248,7 +248,7 @@ Input = 64b0e9f9892371110c40ba5739dc0974
|
| |
- Output = 0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef
|
| |
+ Input=45ead4ca551e662c9800f1aca8283b0525e6abae30be4b4aba762fa40fd3d38e22abefc69794f6ebbbc05ddbb11216247d2f412fd0fba87c6e3acd888813646fd0e48e785204f9c3f73d6d8239562722dddd8771fec48b83a31ee6f592c4cfd4bc88174f3b13a112aae3b9f7b80e0fc6f7255ba880dc7d8021e22ad6a85f0755
|
| |
+ Output=52e650d98e7f2a048b4f86852153b97e01dd316f346a19f67a85
|
| |
|
| |
- # RSA decrypt
|
| |
- -
|
| |
+Availablein = default
|
| |
- Decrypt = RSA-2048
|
| |
- Input = 550AF55A2904E7B9762352F8FB7FA235A9CB053AACB2D5FCB8CA48453CB2EE3619746C701ABF2D4CC67003471A187900B05AA812BD25ED05C675DFC8C97A24A7BF49BD6214992CAD766D05A9A2B57B74F26A737E0237B8B76C45F1F226A836D7CFBC75BA999BDBE48DBC09227AA46C88F21DCCBA7840141AD5A5D71FD122E6BD6AC3E564780DFE623FC1CA9B995A6037BF0BBD43B205A84AC5444F34202C05CE9113087176432476576DE6FFFF9A52EA57C08BE3EC2F49676CB8E12F762AC71FA3C321E00AC988910C85FF52F93825666CE0D40FFAA0592078919D4493F46D95CCF76364C6D57760DD0B64805F9AFC76A2365A5575CA301D5103F0EA76CB9A78
|
| |
- Output = "Hello World"
|
| |
- @@ -270,7 +270,7 @@ Input = 550AF55A2904E7B9762352F8FB7FA235
|
| |
- Output = 4cbb988d6a46228379132b0b5f8c249b3860043848c93632fb982c807c7c82fffc7a9ef83f4908f890373ac181ffea6381e103bcaa27e65638b6ecebef38b59ed4226a9d12af675cfcb634d8c40e7a7aff
|
| |
+ Decrypt=RSA-OAEP-1
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ Input=36f6e34d94a8d34daacba33a2139d00ad85a9345a86051e73071620056b920e219005855a213a0f23897cdcd731b45257c777fe908202befdd0b58386b1244ea0cf539a05d5d10329da44e13030fd760dcd644cfef2094d1910d3f433e1c7c6dd18bc1f2df7f643d662fb9dd37ead9059190f4fa66ca39e869c4eb449cbdc439
|
| |
+ Output=8da89fd9e5f974a29feffb462b49180f6cf9e802
|
| |
|
| |
- # The old FIPS provider doesn't include the workaround (#13817)
|
| |
- -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- # Corrupted ciphertext
|
| |
- # Note: disable the Bleichenbacher workaround to see if it fails
|
| |
- Decrypt = RSA-2048
|
| |
- diff -up openssl-3.2.0/test/recipes/30-test_evp_data/evppkey_rsa_common.txt.only-default openssl-3.2.0/test/recipes/30-test_evp_data/evppkey_rsa_common.txt
|
| |
- --- openssl-3.2.0/test/recipes/30-test_evp_data/evppkey_rsa_common.txt.only-default 2024-02-01 15:09:31.498568631 +0100
|
| |
- +++ openssl-3.2.0/test/recipes/30-test_evp_data/evppkey_rsa_common.txt 2024-02-01 15:14:45.858384004 +0100
|
| |
- @@ -365,28 +365,28 @@ Input = 8bfe264e85d3bdeaa6b8851b8e3b956e
|
| |
- Output = "lorem ipsum dolor sit amet"
|
| |
+ Decrypt=RSA-OAEP-1
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ @@ -1160,36 +1184,42 @@ SwGNdhGLJDiac1Dsg2sAY6IXISNv2O222JtR5+64e2EbcTLLfqc1bCMVHB53UVB8
|
| |
+ eG2e4XlBcKjI6A==
|
| |
+ -----END PRIVATE KEY-----
|
| |
|
| |
- # The old FIPS provider doesn't include the workaround (#13817)
|
| |
- -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- # a random negative test case decrypting to empty
|
| |
- Decrypt = RSA-2048-2
|
| |
- Input = 20aaa8adbbc593a924ba1c5c7990b5c2242ae4b99d0fe636a19a4cf754edbcee774e472fe028160ed42634f8864900cb514006da642cae6ae8c7d087caebcfa6dad1551301e130344989a1d462d4164505f6393933450c67bc6d39d8f5160907cabc251b737925a1cf21e5c6aa5781b7769f6a2a583d97cce008c0f8b6add5f0b2bd80bee60237aa39bb20719fe75749f4bc4e42466ef5a861ae3a92395c7d858d430bfe38040f445ea93fa2958b503539800ffa5ce5f8cf51fa8171a91f36cb4f4575e8de6b4d3f096ee140b938fd2f50ee13f0d050222e2a72b0a3069ff3a6738e82c87090caa5aed4fcbe882c49646aa250b98f12f83c8d528113614a29e7
|
| |
- Output =
|
| |
+ Decrypt=RSA-OAEP-2
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ Input=0181af8922b9fcb4d79d92ebe19815992fc0c1439d8bcd491398a0f4ad3a329a5bd9385560db532683c8b7da04e4b12aed6aacdf471c34c9cda891addcc2df3456653aa6382e9ae59b54455257eb099d562bbe10453f2b6d13c59c02e10f1f8abb5da0d0570932dacf2d0901db729d0fefcc054e70968ea540c81b04bcaefe720e
|
| |
+ Output=8ff00caa605c702830634d9a6c3d42c652b58cf1d92fec570beee7
|
| |
|
| |
- # The old FIPS provider doesn't include the workaround (#13817)
|
| |
- -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- # invalid decrypting to max length message
|
| |
- Decrypt = RSA-2048-2
|
| |
- Input = 48cceab10f39a4db32f60074feea473cbcdb7accf92e150417f76b44756b190e843e79ec12aa85083a21f5437e7bad0a60482e601198f9d86923239c8786ee728285afd0937f7dde12717f28389843d7375912b07b991f4fdb0190fced8ba665314367e8c5f9d2981d0f5128feeb46cb50fc237e64438a86df198dd0209364ae3a842d77532b66b7ef263b83b1541ed671b120dfd660462e2107a4ee7b964e734a7bd68d90dda61770658a3c242948532da32648687e0318286473f675b412d6468f013f14d760a358dfcad3cda2afeec5e268a37d250c37f722f468a70dfd92d7294c3c1ee1e7f8843b7d16f9f37ef35748c3ae93aa155cdcdfeb4e78567303
|
| |
- Output = 22d850137b9eebe092b24f602dc5bb7918c16bd89ddbf20467b119d205f9c2e4bd7d2592cf1e532106e0f33557565923c73a02d4f09c0c22bea89148183e60317f7028b3aa1f261f91c979393101d7e15f4067e63979b32751658ef769610fe97cf9cef3278b3117d384051c3b1d82c251c2305418c8f6840530e631aad63e70e20e025bcd8efb54c92ec6d3b106a2f8e64eeff7d38495b0fc50c97138af4b1c0a67a1c4e27b077b8439332edfa8608dfeae653cd6a628ac550395f7e74390e42c11682234870925eeaa1fa71b76cf1f2ee3bda69f6717033ff8b7c95c9799e7a3bea5e7e4a1c359772fb6b1c6e6c516661dfe30c3
|
| |
+ Decrypt=RSA-OAEP-2
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ Input=018759ff1df63b2792410562314416a8aeaf2ac634b46f940ab82d64dbf165eee33011da749d4bab6e2fcd18129c9e49277d8453112b429a222a8471b070993998e758861c4d3f6d749d91c4290d332c7a4ab3f7ea35ff3a07d497c955ff0ffc95006b62c6d296810d9bfab024196c7934012c2df978ef299aba239940cba10245
|
| |
+ Output=2d
|
| |
|
| |
- # The old FIPS provider doesn't include the workaround (#13817)
|
| |
- -FIPSversion = >=3.2.0
|
| |
- # invalid decrypting to message with length specified by second to last value from PRF
|
| |
+Availablein = default
|
| |
- Decrypt = RSA-2048-2
|
| |
- Input = 1439e08c3f84c1a7fec74ce07614b20e01f6fa4e8c2a6cffdc3520d8889e5d9a950c6425798f85d4be38d300ea5695f13ecd4cb389d1ff5b82484b494d6280ab7fa78e645933981cb934cce8bfcd114cc0e6811eefa47aae20af638a1cd163d2d3366186d0a07df0c81f6c9f3171cf3561472e98a6006bf75ddb457bed036dcce199369de7d94ef2c68e8467ee0604eea2b3009479162a7891ba5c40cab17f49e1c438cb6eaea4f76ce23cce0e483ff0e96fa790ea15be67671814342d0a23f4a20262b6182e72f3a67cd289711503c85516a9ed225422f98b116f1ab080a80abd6f0216df88d8cfd67c139243be8dd78502a7aaf6bc99d7da71bcdf627e7354
|
| |
- Output = 0f9b
|
| |
+ Decrypt=RSA-OAEP-2
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ Input=018802bab04c60325e81c4962311f2be7c2adce93041a00719c88f957575f2c79f1b7bc8ced115c706b311c08a2d986ca3b6a9336b147c29c6f229409ddec651bd1fdd5a0b7f610c9937fdb4a3a762364b8b3206b4ea485fd098d08f63d4aa8bb2697d027b750c32d7f74eaf5180d2e9b66b17cb2fa55523bc280da10d14be2053
|
| |
+ Output=74fc88c51bc90f77af9d5e9a4a70133d4b4e0b34da3c37c7ef8e
|
| |
|
| |
- # The old FIPS provider doesn't include the workaround (#13817)
|
| |
- -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- # invalid decrypting to message with length specified by third to last value from PRF
|
| |
- Decrypt = RSA-2048-2
|
| |
- Input = 1690ebcceece2ce024f382e467cf8510e74514120937978576caf684d4a02ad569e8d76cbe365a060e00779de2f0865ccf0d923de3b4783a4e2c74f422e2f326086c390b658ba47f31ab013aa80f468c71256e5fa5679b24e83cd82c3d1e05e398208155de2212993cd2b8bab6987cf4cc1293f19909219439d74127545e9ed8a706961b8ee2119f6bfacafbef91b75a789ba65b8b833bc6149cf49b5c4d2c6359f62808659ba6541e1cd24bf7f7410486b5103f6c0ea29334ea6f4975b17387474fe920710ea61568d7b7c0a7916acf21665ad5a31c4eabcde44f8fb6120d8457afa1f3c85d517cda364af620113ae5a3c52a048821731922737307f77a1081
|
| |
- @@ -428,14 +428,14 @@ Input = 1ea0b50ca65203d0a09280d39704b24f
|
| |
- Output = "lorem ipsum"
|
| |
+ Decrypt=RSA-OAEP-2
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ Input=00a4578cbc176318a638fba7d01df15746af44d4f6cd96d7e7c495cbf425b09c649d32bf886da48fbaf989a2117187cafb1fb580317690e3ccd446920b7af82b31db5804d87d01514acbfa9156e782f867f6bed9449e0e9a2c09bcecc6aa087636965e34b3ec766f2fe2e43018a2fddeb140616a0e9d82e5331024ee0652fc7641
|
| |
+ Output=a7eb2a5036931d27d4e891326d99692ffadda9bf7efd3e34e622c4adc085f721dfe885072c78a203b151739be540fa8c153a10f00a
|
| |
|
| |
- # The old FIPS provider doesn't include the workaround (#13817)
|
| |
- -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- # a random negative test that generates an 11 byte long message
|
| |
- Decrypt = RSA-2048-2
|
| |
- Input = 5f02f4b1f46935c742ebe62b6f05aa0a3286aab91a49b34780adde6410ab46f7386e05748331864ac98e1da63686e4babe3a19ed40a7f5ceefb89179596aab07ab1015e03b8f825084dab028b6731288f2e511a4b314b6ea3997d2e8fe2825cef8897cbbdfb6c939d441d6e04948414bb69e682927ef8576c9a7090d4aad0e74c520d6d5ce63a154720f00b76de8cc550b1aa14f016d63a7b6d6eaa1f7dbe9e50200d3159b3d099c900116bf4eba3b94204f18b1317b07529751abf64a26b0a0bf1c8ce757333b3d673211b67cc0653f2fe2620d57c8b6ee574a0323a167eab1106d9bc7fd90d415be5f1e9891a0e6c709f4fc0404e8226f8477b4e939b36eb2
|
| |
- Output = af9ac70191c92413cb9f2d
|
| |
+ Decrypt=RSA-OAEP-2
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ Input=00ebc5f5fda77cfdad3c83641a9025e77d72d8a6fb33a810f5950f8d74c73e8d931e8634d86ab1246256ae07b6005b71b7f2fb98351218331ce69b8ffbdc9da08bbc9c704f876deb9df9fc2ec065cad87f9090b07acc17aa7f997b27aca48806e897f771d95141fe4526d8a5301b678627efab707fd40fbebd6e792a25613e7aec
|
| |
+ Output=2ef2b066f854c33f3bdcbb5994a435e73d6c6c
|
| |
|
| |
- # The old FIPS provider doesn't include the workaround (#13817)
|
| |
- -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- # an otherwise correct plaintext, but with wrong first byte
|
| |
- # (0x01 instead of 0x00), generates a random 11 byte long plaintext
|
| |
- Decrypt = RSA-2048-2
|
| |
- @@ -443,7 +443,7 @@ Input = 9b2ec9c0c917c98f1ad3d0119aec6be5
|
| |
- Output = a1f8c9255c35cfba403ccc
|
| |
+ Decrypt=RSA-OAEP-2
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ @@ -1214,36 +1244,42 @@ iUGx07dw5a0x7jc7KKzaaf+bb0D+V4ufGvuFg2+WJ9N6z/c8J3nmNLsmARwsj38z
|
| |
+ Ya4qnqZe1onjY5o=
|
| |
+ -----END PRIVATE KEY-----
|
| |
|
| |
- # The old FIPS provider doesn't include the workaround (#13817)
|
| |
- -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- # an otherwise correct plaintext, but with wrong second byte
|
| |
- # (0x01 instead of 0x02), generates a random 11 byte long plaintext
|
| |
- Decrypt = RSA-2048-2
|
| |
- @@ -451,7 +451,7 @@ Input = 782c2b59a21a511243820acedd567c13
|
| |
- Output = e6d700309ca0ed62452254
|
| |
+ Decrypt=RSA-OAEP-3
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ Input=026a0485d96aebd96b4382085099b962e6a2bdec3d90c8db625e14372de85e2d5b7baab65c8faf91bb5504fb495afce5c988b3f6a52e20e1d6cbd3566c5cd1f2b8318bb542cc0ea25c4aab9932afa20760eaddec784396a07ea0ef24d4e6f4d37e5052a7a31e146aa480a111bbe926401307e00f410033842b6d82fe5ce4dfae80
|
| |
+ Output=087820b569e8fa8d
|
| |
|
| |
- # The old FIPS provider doesn't include the workaround (#13817)
|
| |
- -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- # an invalid ciphertext, with a zero byte in first byte of
|
| |
- # ciphertext, decrypts to a random 11 byte long synthetic
|
| |
- # plaintext
|
| |
- @@ -460,7 +460,7 @@ Input = 0096136621faf36d5290b16bd26295de
|
| |
- Output = ba27b1842e7c21c0e7ef6a
|
| |
+ Decrypt=RSA-OAEP-3
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ Input=024db89c7802989be0783847863084941bf209d761987e38f97cb5f6f1bc88da72a50b73ebaf11c879c4f95df37b850b8f65d7622e25b1b889e80fe80baca2069d6e0e1d829953fc459069de98ea9798b451e557e99abf8fe3d9ccf9096ebbf3e5255d3b4e1c6d2ecadf067a359eea86405acd47d5e165517ccafd47d6dbee4bf5
|
| |
+ Output=4653acaf171960b01f52a7be63a3ab21dc368ec43b50d82ec3781e04
|
| |
|
| |
- # The old FIPS provider doesn't include the workaround (#13817)
|
| |
- -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- # an invalid ciphertext, with a zero byte removed from first byte of
|
| |
- # ciphertext, decrypts to a random 11 byte long synthetic
|
| |
- # plaintext
|
| |
- @@ -469,7 +469,7 @@ Input = 96136621faf36d5290b16bd26295de27
|
| |
- Output = ba27b1842e7c21c0e7ef6a
|
| |
+ Decrypt=RSA-OAEP-3
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ Input=0239bce681032441528877d6d1c8bb28aa3bc97f1df584563618995797683844ca86664732f4bed7a0aab083aaabfb7238f582e30958c2024e44e57043b97950fd543da977c90cdde5337d618442f99e60d7783ab59ce6dd9d69c47ad1e962bec22d05895cff8d3f64ed5261d92b2678510393484990ba3f7f06818ae6ffce8a3a
|
| |
+ Output=d94cd0e08fa404ed89
|
| |
|
| |
- # The old FIPS provider doesn't include the workaround (#13817)
|
| |
- -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- # an invalid ciphertext, with two zero bytes in first bytes of
|
| |
- # ciphertext, decrypts to a random 11 byte long synthetic
|
| |
- # plaintext
|
| |
- @@ -478,7 +478,7 @@ Input = 0000587cccc6b264bdfe0dc2149a9880
|
| |
- Output = d5cf555b1d6151029a429a
|
| |
+ Decrypt=RSA-OAEP-3
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ Input=02994c62afd76f498ba1fd2cf642857fca81f4373cb08f1cbaee6f025c3b512b42c3e8779113476648039dbe0493f9246292fac28950600e7c0f32edf9c81b9dec45c3bde0cc8d8847590169907b7dc5991ceb29bb0714d613d96df0f12ec5d8d3507c8ee7ae78dd83f216fa61de100363aca48a7e914ae9f42ddfbe943b09d9a0
|
| |
+ Output=6cc641b6b61e6f963974dad23a9013284ef1
|
| |
|
| |
- # The old FIPS provider doesn't include the workaround (#13817)
|
| |
- -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- # an invalid ciphertext, with two zero bytes removed from first bytes of
|
| |
- # ciphertext, decrypts to a random 11 byte long synthetic
|
| |
- # plaintext
|
| |
- @@ -487,7 +487,7 @@ Input = 587cccc6b264bdfe0dc2149a988047fa
|
| |
- Output = d5cf555b1d6151029a429a
|
| |
+ Decrypt=RSA-OAEP-3
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ Input=0162042ff6969592a6167031811a239834ce638abf54fec8b99478122afe2ee67f8c5b18b0339805bfdbc5a4e6720b37c59cfba942464c597ff532a119821545fd2e59b114e61daf71820529f5029cf524954327c34ec5e6f5ba7efcc4de943ab8ad4ed787b1454329f70db798a3a8f4d92f8274e2b2948ade627ce8ee33e43c60
|
| |
+ Output=df5151832b61f4f25891fb4172f328d2eddf8371ffcfdbe997939295f30eca6918017cfda1153bf7a6af87593223
|
| |
|
| |
- # The old FIPS provider doesn't include the workaround (#13817)
|
| |
- -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- # and invalid ciphertext, otherwise valid but starting with 000002, decrypts
|
| |
- # to random 11 byte long synthetic plaintext
|
| |
- Decrypt = RSA-2048-2
|
| |
- @@ -495,7 +495,7 @@ Input = 1786550ce8d8433052e01ecba8b76d30
|
| |
- Output = 3d4a054d9358209e9cbbb9
|
| |
+ Decrypt=RSA-OAEP-3
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ @@ -1268,36 +1304,42 @@ s/XkIiO6MDAcQabYfLtw4wy308Z9JUc9sfbL8D4/kSbj6XloJ5qGWywrQmUkz8Uq
|
| |
+ aD0x7TDrmEvkEro=
|
| |
+ -----END PRIVATE KEY-----
|
| |
|
| |
- # The old FIPS provider doesn't include the workaround (#13817)
|
| |
- -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- # negative test with otherwise valid padding but a zero byte in first byte
|
| |
- # of padding
|
| |
- Decrypt = RSA-2048-2
|
| |
- @@ -503,7 +503,7 @@ Input = 179598823812d2c58a7eb50521150a48
|
| |
- Output = 1f037dd717b07d3e7f7359
|
| |
+ Decrypt=RSA-OAEP-4
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ Input=04cce19614845e094152a3fe18e54e3330c44e5efbc64ae16886cb1869014cc5781b1f8f9e045384d0112a135ca0d12e9c88a8e4063416deaae3844f60d6e96fe155145f4525b9a34431ca3766180f70e15a5e5d8e8b1a516ff870609f13f896935ced188279a58ed13d07114277d75c6568607e0ab092fd803a223e4a8ee0b1a8
|
| |
+ Output=4a86609534ee434a6cbca3f7e962e76d455e3264c19f605f6e5ff6137c65c56d7fb344cd52bc93374f3d166c9f0c6f9c506bad19330972d2
|
| |
|
| |
- # The old FIPS provider doesn't include the workaround (#13817)
|
| |
- -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- # negative test with otherwise valid padding but a zero byte at the eighth
|
| |
- # byte of padding
|
| |
- Decrypt = RSA-2048-2
|
| |
- @@ -511,7 +511,7 @@ Input = a7a340675a82c30e22219a55bc07cdf3
|
| |
- Output = 63cb0bf65fc8255dd29e17
|
| |
+ Decrypt=RSA-OAEP-4
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ Input=0097b698c6165645b303486fbf5a2a4479c0ee85889b541a6f0b858d6b6597b13b854eb4f839af03399a80d79bda6578c841f90d645715b280d37143992dd186c80b949b775cae97370e4ec97443136c6da484e970ffdb1323a20847821d3b18381de13bb49aaea66530c4a4b8271f3eae172cd366e07e6636f1019d2a28aed15e
|
| |
+ Output=b0adc4f3fe11da59ce992773d9059943c03046497ee9d9f9a06df1166db46d98f58d27ec074c02eee6cbe2449c8b9fc5080c5c3f4433092512ec46aa793743c8
|
| |
|
| |
- # The old FIPS provider doesn't include the workaround (#13817)
|
| |
- -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- # negative test with an otherwise valid plaintext but with missing separator
|
| |
- # byte
|
| |
- Decrypt = RSA-2048-2
|
| |
- @@ -566,53 +566,58 @@ PrivPubKeyPair = RSA-2049:RSA-2049-PUBLI
|
| |
- # RSA decrypt
|
| |
+ Decrypt=RSA-OAEP-4
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ Input=0301f935e9c47abcb48acbbe09895d9f5971af14839da4ff95417ee453d1fd77319072bb7297e1b55d7561cd9d1bb24c1a9a37c619864308242804879d86ebd001dce5183975e1506989b70e5a83434154d5cbfd6a24787e60eb0c658d2ac193302d1192c6e622d4a12ad4b53923bca246df31c6395e37702c6a78ae081fb9d065
|
| |
+ Output=bf6d42e701707b1d0206b0c8b45a1c72641ff12889219a82bdea965b5e79a96b0d0163ed9d578ec9ada20f2fbcf1ea3c4089d83419ba81b0c60f3606da99
|
| |
|
| |
- # The old FIPS provider doesn't include the workaround (#13817)
|
| |
- -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- # malformed that generates length specified by 3rd last value from PRF
|
| |
- Decrypt = RSA-2049
|
| |
- Input = 00b26f6404b82649629f2704494282443776929122e279a9cf30b0c6fe8122a0a9042870d97cc8ef65490fe58f031eb2442352191f5fbc311026b5147d32df914599f38b825ebb824af0d63f2d541a245c5775d1c4b78630e4996cc5fe413d38455a776cf4edcc0aa7fccb31c584d60502ed2b77398f536e137ff7ba6430e9258e21c2db5b82f5380f566876110ac4c759178900fbad7ab70ea07b1daf7a1639cbb4196543a6cbe8271f35dddb8120304f6eef83059e1c5c5678710f904a6d760c4d1d8ad076be17904b9e69910040b47914a0176fb7eea0c06444a6c4b86d674d19a556a1de5490373cb01ce31bbd15a5633362d3d2cd7d4af1b4c5121288b894
|
| |
- Output = 42
|
| |
+ Decrypt=RSA-OAEP-4
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ Input=02d110ad30afb727beb691dd0cf17d0af1a1e7fa0cc040ec1a4ba26a42c59d0a796a2e22c8f357ccc98b6519aceb682e945e62cb734614a529407cd452bee3e44fece8423cc19e55548b8b994b849c7ecde4933e76037e1d0ce44275b08710c68e430130b929730ed77e09b015642c5593f04e4ffb9410798102a8e96ffdfe11e4
|
| |
+ Output=fb2ef112f5e766eb94019297934794f7be2f6fc1c58e
|
| |
|
| |
- # simple positive test case
|
| |
+Availablein = default
|
| |
- Decrypt = RSA-2049
|
| |
- Input = 013300edbf0bb3571e59889f7ed76970bf6d57e1c89bbb6d1c3991d9df8e65ed54b556d928da7d768facb395bbcc81e9f8573b45cf8195dbd85d83a59281cddf4163aec11b53b4140053e3bd109f787a7c3cec31d535af1f50e0598d85d96d91ea01913d07097d25af99c67464ebf2bb396fb28a9233e56f31f7e105d71a23e9ef3b736d1e80e713d1691713df97334779552fc94b40dd733c7251bc522b673d3ec9354af3dd4ad44fa71c0662213a57ada1d75149697d0eb55c053aaed5ffd0b815832f454179519d3736fb4faf808416071db0d0f801aca8548311ee708c131f4be658b15f6b54256872c2903ac708bd43b017b073b5707bc84c2cd9da70e967
|
| |
- Output = "lorem ipsum"
|
| |
+ Decrypt=RSA-OAEP-4
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ Input=00dbb8a7439d90efd919a377c54fae8fe11ec58c3b858362e23ad1b8a44310799066b99347aa525691d2adc58d9b06e34f288c170390c5f0e11c0aa3645959f18ee79e8f2be8d7ac5c23d061f18dd74b8c5f2a58fcb5eb0c54f99f01a83247568292536583340948d7a8c97c4acd1e98d1e29dc320e97a260532a8aa7a758a1ec2
|
| |
+ Output=28ccd447bb9e85166dabb9e5b7d1adadc4b9d39f204e96d5e440ce9ad928bc1c2284
|
| |
|
| |
- # positive test case with null padded ciphertext
|
| |
+Availablein = default
|
| |
- Decrypt = RSA-2049
|
| |
- Input = 0002aadf846a329fadc6760980303dbd87bfadfa78c2015ce4d6c5782fd9d3f1078bd3c0a2c5bfbdd1c024552e5054d98b5bcdc94e476dd280e64d650089326542ce7c61d4f1ab40004c2e6a88a883613568556a10f3f9edeab67ae8dddc1e6b0831c2793d2715de943f7ce34c5c05d1b09f14431fde566d17e76c9feee90d86a2c158616ec81dda0c642f58c0ba8fa4495843124a7235d46fb4069715a51bf710fd024259131ba94da73597ace494856c94e7a3ec261545793b0990279b15fa91c7fd13dbfb1df2f221dab9fa9f7c1d21e48aa49f6aaecbabf5ee76dc6c2af2317ffb4e303115386a97f8729afc3d0c89419669235f1a3a69570e0836c79fc162
|
| |
- Output = "lorem ipsum"
|
| |
+ Decrypt=RSA-OAEP-4
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ @@ -1322,36 +1364,42 @@ OPlAQGLrhaQpJFILOPW7iGoBlvSLuNzqYP2SzAJ/GOeBWKNKXF1fhgoPbAQHGn0B
|
| |
+ MSwGUGLx60i3nRyDyw==
|
| |
+ -----END PRIVATE KEY-----
|
| |
|
| |
- # positive test case with null truncated ciphertext
|
| |
+Availablein = default
|
| |
- Decrypt = RSA-2049
|
| |
- Input = 02aadf846a329fadc6760980303dbd87bfadfa78c2015ce4d6c5782fd9d3f1078bd3c0a2c5bfbdd1c024552e5054d98b5bcdc94e476dd280e64d650089326542ce7c61d4f1ab40004c2e6a88a883613568556a10f3f9edeab67ae8dddc1e6b0831c2793d2715de943f7ce34c5c05d1b09f14431fde566d17e76c9feee90d86a2c158616ec81dda0c642f58c0ba8fa4495843124a7235d46fb4069715a51bf710fd024259131ba94da73597ace494856c94e7a3ec261545793b0990279b15fa91c7fd13dbfb1df2f221dab9fa9f7c1d21e48aa49f6aaecbabf5ee76dc6c2af2317ffb4e303115386a97f8729afc3d0c89419669235f1a3a69570e0836c79fc162
|
| |
- Output = "lorem ipsum"
|
| |
+ Decrypt=RSA-OAEP-5
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ Input=036046a4a47d9ed3ba9a89139c105038eb7492b05a5d68bfd53accff4597f7a68651b47b4a4627d927e485eed7b4566420e8b409879e5d606eae251d22a5df799f7920bfc117b992572a53b1263146bcea03385cc5e853c9a101c8c3e1bda31a519807496c6cb5e5efb408823a352b8fa0661fb664efadd593deb99fff5ed000e5
|
| |
+ Output=af71a901e3a61d3132f0fc1fdb474f9ea6579257ffc24d164170145b3dbde8
|
| |
|
| |
- # positive test case with double null padded ciphertext
|
| |
+Availablein = default
|
| |
- Decrypt = RSA-2049
|
| |
- Input = 0000f36da3b72d8ff6ded74e7efd08c01908f3f5f0de7b55eab92b5f875190809c39d4162e1e6649618f854fd84aeab03970d16bb814e999852c06de38d82b95c0f32e2a7b5714021fe303389be9c0eac24c90a6b7210f929d390fabf903d44e04110bb7a7fd6c383c275804721efa6d7c93aa64c0bb2b18d97c5220a846c66a4895ae52adddbe2a9996825e013585adcec4b32ba61d782737bd343e5fabd68e8a95b8b1340318559860792dd70dffbe05a1052b54cbfb48cfa7bb3c19cea52076bddac5c25ee276f153a610f6d06ed696d192d8ae4507ffae4e5bdda10a625d6b67f32f7cffcd48dee2431fe66f6105f9d17e611cdcc674868e81692a360f4052
|
| |
- Output = "lorem ipsum"
|
| |
+ Decrypt=RSA-OAEP-5
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ Input=03d6eb654edce615bc59f455265ed4e5a18223cbb9be4e4069b473804d5de96f54dcaaa603d049c5d94aa1470dfcd2254066b7c7b61ff1f6f6770e3215c51399fd4e34ec5082bc48f089840ad04354ae66dc0f1bd18e461a33cc1258b443a2837a6df26759aa2302334986f87380c9cc9d53be9f99605d2c9a97da7b0915a4a7ad
|
| |
+ Output=a3b844a08239a8ac41605af17a6cfda4d350136585903a417a79268760519a4b4ac3303ec73f0f87cfb32399
|
| |
|
| |
- # positive test case with double null truncated ciphertext
|
| |
+Availablein = default
|
| |
- Decrypt = RSA-2049
|
| |
- Input = f36da3b72d8ff6ded74e7efd08c01908f3f5f0de7b55eab92b5f875190809c39d4162e1e6649618f854fd84aeab03970d16bb814e999852c06de38d82b95c0f32e2a7b5714021fe303389be9c0eac24c90a6b7210f929d390fabf903d44e04110bb7a7fd6c383c275804721efa6d7c93aa64c0bb2b18d97c5220a846c66a4895ae52adddbe2a9996825e013585adcec4b32ba61d782737bd343e5fabd68e8a95b8b1340318559860792dd70dffbe05a1052b54cbfb48cfa7bb3c19cea52076bddac5c25ee276f153a610f6d06ed696d192d8ae4507ffae4e5bdda10a625d6b67f32f7cffcd48dee2431fe66f6105f9d17e611cdcc674868e81692a360f4052
|
| |
- Output = "lorem ipsum"
|
| |
+ Decrypt=RSA-OAEP-5
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ Input=0770952181649f9f9f07ff626ff3a22c35c462443d905d456a9fd0bff43cac2ca7a9f554e9478b9acc3ac838b02040ffd3e1847de2e4253929f9dd9ee4044325a9b05cabb808b2ee840d34e15d105a3f1f7b27695a1a07a2d73fe08ecaaa3c9c9d4d5a89ff890d54727d7ae40c0ec1a8dd86165d8ee2c6368141016a48b55b6967
|
| |
+ Output=308b0ecbd2c76cb77fc6f70c5edd233fd2f20929d629f026953bb62a8f4a3a314bde195de85b5f816da2aab074d26cb6acddf323ae3b9c678ac3cf12fbdde7
|
| |
|
| |
- # The old FIPS provider doesn't include the workaround (#13817)
|
| |
- -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- # a random negative test case that generates an 11 byte long message
|
| |
- Decrypt = RSA-2049
|
| |
- Input = 00f910200830fc8fff478e99e145f1474b312e2512d0f90b8cef77f8001d09861688c156d1cbaf8a8957f7ebf35f724466952d0524cad48aad4fba1e45ce8ea27e8f3ba44131b7831b62d60c0762661f4c1d1a88cd06263a259abf1ba9e6b0b172069afb86a7e88387726f8ab3adb30bfd6b3f6be6d85d5dfd044e7ef052395474a9cbb1c3667a92780b43a22693015af6c513041bdaf87d43b24ddd244e791eeaea1066e1f4917117b3a468e22e0f7358852bb981248de4d720add2d15dccba6280355935b67c96f9dcb6c419cc38ab9f6fba2d649ef2066e0c34c9f788ae49babd9025fa85b21113e56ce4f43aa134c512b030dd7ac7ce82e76f0be9ce09ebca
|
| |
- Output = 1189b6f5498fd6df532b00
|
| |
+ Decrypt=RSA-OAEP-5
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ Input=0812b76768ebcb642d040258e5f4441a018521bd96687e6c5e899fcd6c17588ff59a82cc8ae03a4b45b31299af1788c329f7dcd285f8cf4ced82606b97612671a45bedca133442144d1617d114f802857f0f9d739751c57a3f9ee400912c61e2e6992be031a43dd48fa6ba14eef7c422b5edc4e7afa04fdd38f402d1c8bb719abf
|
| |
+ Output=15c5b9ee1185
|
| |
|
| |
- # The old FIPS provider doesn't include the workaround (#13817)
|
| |
- -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- # otherwise correct plaintext, but with wrong first byte (0x01 instead of 0x00)
|
| |
- Decrypt = RSA-2049
|
| |
- Input = 002c9ddc36ba4cf0038692b2d3a1c61a4bb3786a97ce2e46a3ba74d03158aeef456ce0f4db04dda3fe062268a1711250a18c69778a6280d88e133a16254e1f0e30ce8dac9b57d2e39a2f7d7be3ee4e08aec2fdbe8dadad7fdbf442a29a8fb40857407bf6be35596b8eefb5c2b3f58b894452c2dc54a6123a1a38d642e23751746597e08d71ac92704adc17803b19e131b4d1927881f43b0200e6f95658f559f912c889b4cd51862784364896cd6e8618f485a992f82997ad6a0917e32ae5872eaf850092b2d6c782ad35f487b79682333c1750c685d7d32ab3e1538f31dcaa5e7d5d2825875242c83947308dcf63ba4bfff20334c9c140c837dbdbae7a8dee72ff
|
| |
- Output = f6d0f5b78082fe61c04674
|
| |
+ Decrypt=RSA-OAEP-5
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ Input=07b60e14ec954bfd29e60d0047e789f51d57186c63589903306793ced3f68241c743529aba6a6374f92e19e0163efa33697e196f7661dfaaa47aac6bde5e51deb507c72c589a2ca1693d96b1460381249b2cdb9eac44769f2489c5d3d2f99f0ee3c7ee5bf64a5ac79c42bd433f149be8cb59548361640595513c97af7bc2509723
|
| |
+ Output=21026e6800c7fa728fcaaba0d196ae28d7a2ac4ffd8abce794f0985f60c8a6737277365d3fea11db8923a2029a
|
| |
|
| |
- # The old FIPS provider doesn't include the workaround (#13817)
|
| |
- -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- # otherwise correct plaintext, but with wrong second byte (0x01 instead of 0x02)
|
| |
- Decrypt = RSA-2049
|
| |
- Input = 00c5d77826c1ab7a34d6390f9d342d5dbe848942e2618287952ba0350d7de6726112e9cebc391a0fae1839e2bf168229e3e0d71d4161801509f1f28f6e1487ca52df05c466b6b0a6fbbe57a3268a970610ec0beac39ec0fa67babce1ef2a86bf77466dc127d7d0d2962c20e66593126f276863cd38dc6351428f884c1384f67cad0a0ffdbc2af16711fb68dc559b96b37b4f04cd133ffc7d79c43c42ca4948fa895b9daeb853150c8a5169849b730cc77d68b0217d6c0e3dbf38d751a1998186633418367e7576530566c23d6d4e0da9b038d0bb5169ce40133ea076472d055001f0135645940fd08ea44269af2604c8b1ba225053d6db9ab43577689401bdc0f3
|
| |
- diff -up openssl-3.2.0/test/recipes/30-test_evp_data/evppkey_rsa_common.txt.only-default openssl-3.2.0/test/recipes/30-test_evp_data/evppkey_rsa_common.txt
|
| |
- --- openssl-3.2.0/test/recipes/30-test_evp_data/evppkey_rsa_common.txt.only-default 2024-02-01 15:22:09.981463726 +0100
|
| |
- +++ openssl-3.2.0/test/recipes/30-test_evp_data/evppkey_rsa_common.txt 2024-02-01 15:28:41.789966051 +0100
|
| |
- @@ -269,7 +269,7 @@ Input = 550AF55A2904E7B9762352F8FB7FA235
|
| |
- Output = "Hello World"
|
| |
+ Decrypt=RSA-OAEP-5
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ @@ -1376,36 +1424,42 @@ xT1F29tenZbQ/s9Cdd8JdLxKBza0p0wyaQU++2hqziQG4iyeBY3bSuVAYnri/bCC
|
| |
+ Yejn5Ly8mU2q+jBcRQ==
|
| |
+ -----END PRIVATE KEY-----
|
| |
|
| |
- # The old FIPS provider doesn't include the workaround (#13817)
|
| |
- -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- # Note: disable the Bleichenbacher workaround to see if it passes
|
| |
- Decrypt = RSA-2048
|
| |
- Ctrl = rsa_pkcs1_implicit_rejection:0
|
| |
- @@ -277,7 +277,7 @@ Input = 550AF55A2904E7B9762352F8FB7FA235
|
| |
- Output = "Hello World"
|
| |
+ Decrypt=RSA-OAEP-6
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ Input=0630eebcd2856c24f798806e41f9e67345eda9ceda386acc9facaea1eeed06ace583709718d9d169fadf414d5c76f92996833ef305b75b1e4b95f662a20faedc3bae0c4827a8bf8a88edbd57ec203a27a841f02e43a615bab1a8cac0701de34debdef62a088089b55ec36ea7522fd3ec8d06b6a073e6df833153bc0aefd93bd1a3
|
| |
+ Output=4046ca8baa3347ca27f49e0d81f9cc1d71be9ba517d4
|
| |
|
| |
- # The old FIPS provider doesn't include the workaround (#13817)
|
| |
- -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- # Corrupted ciphertext
|
| |
- # Note: output is generated synthethically by the Bleichenbacher workaround
|
| |
- Decrypt = RSA-2048
|
| |
- @@ -360,6 +360,7 @@ PrivPubKeyPair = RSA-2048-2:RSA-2048-2-P
|
| |
- # RSA decrypt
|
| |
+ Decrypt=RSA-OAEP-6
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ Input=0ebc37376173a4fd2f89cc55c2ca62b26b11d51c3c7ce49e8845f74e7607317c436bc8d23b9667dfeb9d087234b47bc6837175ae5c0559f6b81d7d22416d3e50f4ac533d8f0812f2db9e791fe9c775ac8b6ad0f535ad9ceb23a4a02014c58ab3f8d3161499a260f39348e714ae2a1d3443208fd8b722ccfdfb393e98011f99e63f
|
| |
+ Output=5cc72c60231df03b3d40f9b57931bc31109f972527f28b19e7480c7288cb3c92b22512214e4be6c914792ddabdf57faa8aa7
|
| |
|
| |
- # a random positive test case
|
| |
+Availablein = default
|
| |
- Decrypt = RSA-2048-2
|
| |
- Input = 8bfe264e85d3bdeaa6b8851b8e3b956ee3d226fd3f69063a86880173a273d9f283b2eebdd1ed35f7e02d91c571981b6737d5320bd8396b0f3ad5b019daec1b0aab3cbbc026395f4fd14f13673f2dfc81f9b660ec26ac381e6db3299b4e460b43fab9955df2b3cfaa20e900e19c856238fd371899c2bf2ce8c868b76754e5db3b036533fd603746be13c10d4e3e6022ebc905d20c2a7f32b215a4cd53b3f44ca1c327d2c2b651145821c08396c89071f665349c25e44d2733cd9305985ceef6430c3cf57af5fa224089221218fa34737c79c446d28a94c41c96e4e92ac53fbcf384dea8419ea089f8784445a492c812eb0d409467f75afd7d4d1078886205a066
|
| |
- Output = "lorem ipsum dolor sit amet"
|
| |
- @@ -393,36 +394,43 @@ Input = 1690ebcceece2ce024f382e467cf8510
|
| |
- Output = 4f02
|
| |
+ Decrypt=RSA-OAEP-6
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ Input=0a98bf1093619394436cf68d8f38e2f158fde8ea54f3435f239b8d06b8321844202476aeed96009492480ce3a8d705498c4c8c68f01501dc81db608f60087350c8c3b0bd2e9ef6a81458b7c801b89f2e4fe99d4900ba6a4b5e5a96d865dc676c7755928794130d6280a8160a190f2df3ea7cf9aa0271d88e9e6905ecf1c5152d65
|
| |
+ Output=b20e651303092f4bccb43070c0f86d23049362ed96642fc5632c27db4a52e3d831f2ab068b23b149879c002f6bf3feee97591112562c
|
| |
|
| |
- # positive test with 11 byte long value
|
| |
+Availablein = default
|
| |
- Decrypt = RSA-2048-2
|
| |
- Input = 6213634593332c485cef783ea2846e3d6e8b0e005cd8293eaebbaa5079712fd681579bdfbbda138ae4d9d952917a03c92398ec0cb2bb0c6b5a8d55061fed0d0d8d72473563152648cfe640b335dc95331c21cb133a91790fa93ae44497c128708970d2beeb77e8721b061b1c44034143734a77be8220877415a6dba073c3871605380542a9f25252a4babe8331cdd53cf828423f3cc70b560624d0581fb126b2ed4f4ed358f0eb8065cf176399ac1a846a31055f9ae8c9c24a1ba050bc20842125bc1753158f8065f3adb9cc16bfdf83816bdf38b624f12022c5a6fbfe29bc91542be8c0208a770bcd677dc597f5557dc2ce28a11bf3e3857f158717a33f6592
|
| |
- Output = "lorem ipsum"
|
| |
+ Decrypt=RSA-OAEP-6
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ Input=008e7a67cacfb5c4e24bec7dee149117f19598ce8c45808fef88c608ff9cd6e695263b9a3c0ad4b8ba4c95238e96a8422b8535629c8d5382374479ad13fa39974b242f9a759eeaf9c83ad5a8ca18940a0162ba755876df263f4bd50c6525c56090267c1f0e09ce0899a0cf359e88120abd9bf893445b3cae77d3607359ae9a52f8
|
| |
+ Output=684e3038c5c041f7
|
| |
|
| |
- # positive test with 11 byte long value and zero padded ciphertext
|
| |
+Availablein = default
|
| |
- Decrypt = RSA-2048-2
|
| |
- Input = 00a2e8f114ea8d05d12dc843e3cc3b2edc8229ff2a028bda29ba9d55e3cd02911902fef1f42a075bf05e8016e8567213d6f260fa49e360779dd81aeea3e04c2cb567e0d72b98bf754014561b7511e083d20e0bfb9cd23f8a0d3c88900c49d2fcd5843ff0765607b2026f28202a87aa94678aed22a0c20724541394cd8f44e373eba1d2bae98f516c1e2ba3d86852d064f856b1daf24795e767a2b90396e50743e3150664afab131fe40ea405dcf572dd1079af1d3f0392ccadcca0a12740dbb213b925ca2a06b1bc1383e83a658c82ba2e7427342379084d5f66b544579f07664cb26edd4f10fd913fdbc0de05ef887d4d1ec1ac95652397ea7fd4e4759fda8b
|
| |
- Output = "lorem ipsum"
|
| |
+ Decrypt=RSA-OAEP-6
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ Input=00003474416c7b68bdf961c385737944d7f1f40cb395343c693cc0b4fe63b31fedf1eaeeac9ccc0678b31dc32e0977489514c4f09085f6298a9653f01aea4045ff582ee887be26ae575b73eef7f3774921e375a3d19adda0ca31aa1849887c1f42cac9677f7a2f4e923f6e5a868b38c084ef187594dc9f7f048fea2e02955384ab
|
| |
+ Output=32488cb262d041d6e4dd35f987bf3ca696db1f06ac29a44693
|
| |
|
| |
- # positive test with 11 byte long value and zero truncated ciphertext
|
| |
+Availablein = default
|
| |
- Decrypt = RSA-2048-2
|
| |
- Input = a2e8f114ea8d05d12dc843e3cc3b2edc8229ff2a028bda29ba9d55e3cd02911902fef1f42a075bf05e8016e8567213d6f260fa49e360779dd81aeea3e04c2cb567e0d72b98bf754014561b7511e083d20e0bfb9cd23f8a0d3c88900c49d2fcd5843ff0765607b2026f28202a87aa94678aed22a0c20724541394cd8f44e373eba1d2bae98f516c1e2ba3d86852d064f856b1daf24795e767a2b90396e50743e3150664afab131fe40ea405dcf572dd1079af1d3f0392ccadcca0a12740dbb213b925ca2a06b1bc1383e83a658c82ba2e7427342379084d5f66b544579f07664cb26edd4f10fd913fdbc0de05ef887d4d1ec1ac95652397ea7fd4e4759fda8b
|
| |
- Output = "lorem ipsum"
|
| |
+ Decrypt=RSA-OAEP-6
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ @@ -1430,36 +1484,42 @@ tu4XIedy0DiaVZw9PN+VUNRXxGsDe3RkGx1SFmr4ohPIOWIGzfukQi8Y1vYdvLXS
|
| |
+ FMlxv0gq65dqc3DC
|
| |
+ -----END PRIVATE KEY-----
|
| |
|
| |
- # positive test with 11 byte long value and double zero padded ciphertext
|
| |
+Availablein = default
|
| |
- Decrypt = RSA-2048-2
|
| |
- Input = 00001f71879b426127f7dead621f7380a7098cf7d22173aa27991b143c46d53383c209bd0c9c00d84078037e715f6b98c65005a77120070522ede51d472c87ef94b94ead4c5428ee108a345561658301911ec5a8f7dd43ed4a3957fd29fb02a3529bf63f8040d3953490939bd8f78b2a3404b6fb5ff70a4bfdaac5c541d6bcce49c9778cc390be24cbef1d1eca7e870457241d3ff72ca44f9f56bdf31a890fa5eb3a9107b603ccc9d06a5dd911a664c82b6abd4fe036f8db8d5a070c2d86386ae18d97adc1847640c211d91ff5c3387574a26f8ef27ca7f48d2dd1f0c7f14b81cc9d33ee6853031d3ecf10a914ffd90947909c8011fd30249219348ebff76bfc
|
| |
- Output = "lorem ipsum"
|
| |
+ Decrypt=RSA-OAEP-7
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ Input=1688e4ce7794bba6cb7014169ecd559cede2a30b56a52b68d9fe18cf1973ef97b2a03153951c755f6294aa49adbdb55845ab6875fb3986c93ecf927962840d282f9e54ce8b690f7c0cb8bbd73440d9571d1b16cd9260f9eab4783cc482e5223dc60973871783ec27b0ae0fd47732cbc286a173fc92b00fb4ba6824647cd93c85c1
|
| |
+ Output=47aae909
|
| |
|
| |
- # positive test with 11 byte long value and double zero truncated ciphertext
|
| |
+Availablein = default
|
| |
- Decrypt = RSA-2048-2
|
| |
- Input = 1f71879b426127f7dead621f7380a7098cf7d22173aa27991b143c46d53383c209bd0c9c00d84078037e715f6b98c65005a77120070522ede51d472c87ef94b94ead4c5428ee108a345561658301911ec5a8f7dd43ed4a3957fd29fb02a3529bf63f8040d3953490939bd8f78b2a3404b6fb5ff70a4bfdaac5c541d6bcce49c9778cc390be24cbef1d1eca7e870457241d3ff72ca44f9f56bdf31a890fa5eb3a9107b603ccc9d06a5dd911a664c82b6abd4fe036f8db8d5a070c2d86386ae18d97adc1847640c211d91ff5c3387574a26f8ef27ca7f48d2dd1f0c7f14b81cc9d33ee6853031d3ecf10a914ffd90947909c8011fd30249219348ebff76bfc
|
| |
- Output = "lorem ipsum"
|
| |
+ Decrypt=RSA-OAEP-7
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ Input=1052ed397b2e01e1d0ee1c50bf24363f95e504f4a03434a08fd822574ed6b9736edbb5f390db10321479a8a139350e2bd4977c3778ef331f3e78ae118b268451f20a2f01d471f5d53c566937171b2dbc2d4bde459a5799f0372d6574239b2323d245d0bb81c286b63c89a361017337e4902f88a467f4c7f244bfd5ab46437ff3b6
|
| |
+ Output=1d9b2e2223d9bc13bfb9f162ce735db48ba7c68f6822a0a1a7b6ae165834e7
|
| |
|
| |
- # positive that generates a 0 byte long synthetic message internally
|
| |
+Availablein = default
|
| |
- Decrypt = RSA-2048-2
|
| |
- Input = b5e49308f6e9590014ffaffc5b8560755739dd501f1d4e9227a7d291408cf4b753f292322ff8bead613bf2caa181b221bc38caf6392deafb28eb21ad60930841ed02fd6225cc9c463409adbe7d8f32440212fbe3881c51375bb09565efb22e62b071472fb38676e5b4e23a0617db5d14d93519ac0007a30a9c822eb31c38b57fcb1be29608fcf1ca2abdcaf5d5752bbc2b5ac7dba5afcff4a5641da360dd01f7112539b1ed46cdb550a3b1006559b9fe1891030ec80f0727c42401ddd6cbb5e3c80f312df6ec89394c5a7118f573105e7ab00fe57833c126141b50a935224842addfb479f75160659ba28877b512bb9a93084ad8bec540f92640f63a11a010e0
|
| |
- Output = "lorem ipsum"
|
| |
+ Decrypt=RSA-OAEP-7
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ Input=2155cd843ff24a4ee8badb7694260028a490813ba8b369a4cbf106ec148e5298707f5965be7d101c1049ea8584c24cd63455ad9c104d686282d3fb803a4c11c1c2e9b91c7178801d1b6640f003f5728df007b8a4ccc92bce05e41a27278d7c85018c52414313a5077789001d4f01910b72aad05d220aa14a58733a7489bc54556b
|
| |
+ Output=d976fc
|
| |
|
| |
- # positive that generates a 245 byte long synthetic message internally
|
| |
+Availablein = default
|
| |
- Decrypt = RSA-2048-2
|
| |
- Input = 1ea0b50ca65203d0a09280d39704b24fe6e47800189db5033f202761a78bafb270c5e25abd1f7ecc6e7abc4f26d1b0cd9b8c648d529416ee64ccbdd7aa72a771d0353262b543f0e436076f40a1095f5c7dfd10dcf0059ccb30e92dfa5e0156618215f1c3ff3aa997a9d999e506924f5289e3ac72e5e2086cc7b499d71583ed561028671155db4005bee01800a7cdbdae781dd32199b8914b5d4011dd6ff11cd26d46aad54934d293b0bc403dd211bf13b5a5c6836a5e769930f437ffd8634fb7371776f4bc88fa6c271d8aa6013df89ae6470154497c4ac861be2a1c65ebffec139bf7aaba3a81c7c5cdd84da9af5d3edfb957848074686b5837ecbcb6a41c50
|
| |
- Output = "lorem ipsum"
|
| |
- @@ -681,14 +690,14 @@ ooCElYcob01/JWzoXl61Z5sdrMH5CVZJty5foHKu
|
| |
- PrivPubKeyPair = RSA-3072:RSA-3072-PUBLIC
|
| |
+ Decrypt=RSA-OAEP-7
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ Input=0ab14c373aeb7d4328d0aaad8c094d88b9eb098b95f21054a29082522be7c27a312878b637917e3d819e6c3c568db5d843802b06d51d9e98a2be0bf40c031423b00edfbff8320efb9171bd2044653a4cb9c5122f6c65e83cda2ec3c126027a9c1a56ba874d0fea23f380b82cf240b8cf540004758c4c77d934157a74f3fc12bfac
|
| |
+ Output=d4738623df223aa43843df8467534c41d013e0c803c624e263666b239bde40a5f29aeb8de79e3daa61dd0370f49bd4b013834b98212aef6b1c5ee373b3cb
|
| |
|
| |
- # The old FIPS provider doesn't include the workaround (#13817)
|
| |
- -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- # a random invalid ciphertext that generates an empty synthetic one
|
| |
- Decrypt = RSA-3072
|
| |
- Input = 5e956cd9652f4a2ece902931013e09662b6a9257ad1e987fb75f73a0606df2a4b04789770820c2e02322c4e826f767bd895734a01e20609c3be4517a7a2a589ea1cdc137beb73eb38dac781b52e863de9620f79f9b90fd5b953651fcbfef4a9f1cc07421d511a87dd6942caab6a5a0f4df473e62defb529a7de1509ab99c596e1dff1320402298d8be73a896cc86c38ae3f2f576e9ea70cc28ad575cb0f854f0be43186baa9c18e29c47c6ca77135db79c811231b7c1730955887d321fdc06568382b86643cf089b10e35ab23e827d2e5aa7b4e99ff2e914f302351819eb4d1693243b35f8bf1d42d08f8ec4acafa35f747a4a975a28643ec630d8e4fa5be59d81995660a14bb64c1fea5146d6b11f92da6a3956dd5cb5e0d747cf2ea23f81617769185336263d46ef4c144b754de62a6337342d6c85a95f19f015724546ee3fc4823eca603dbc1dc01c2d5ed50bd72d8e96df2dc048edde0081284068283fc5e73a6139851abf2f29977d0b3d160c883a42a37efba1be05c1a0b1741d7ddf59
|
| |
- Output =
|
| |
+ Decrypt=RSA-OAEP-7
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ Input=028387a318277434798b4d97f460068df5298faba5041ba11761a1cb7316b24184114ec500257e2589ed3b607a1ebbe97a6cc2e02bf1b681f42312a33b7a77d8e7855c4a6de03e3c04643f786b91a264a0d6805e2cea91e68177eb7a64d9255e4f27e713b7ccec00dc200ebd21c2ea2bb890feae4942df941dc3f97890ed347478
|
| |
+ Output=bb47231ca5ea1d3ad46c99345d9a8a61
|
| |
|
| |
- # The old FIPS provider doesn't include the workaround (#13817)
|
| |
- -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- # a random invalid that has PRF output with a length one byte too long
|
| |
- # in the last value
|
| |
- Decrypt = RSA-3072
|
| |
- @@ -696,46 +705,51 @@ Input = 7db0390d75fcf9d4c59cf27b264190d8
|
| |
- Output = 56a3bea054e01338be9b7d7957539c
|
| |
+ Decrypt=RSA-OAEP-7
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ @@ -1484,36 +1544,42 @@ njraT2MgdSwJ2AX/fR8a4NAXru7pzvoNfdf/d15EtXgyL2QF1iEdoZUZZmqof9xM
|
| |
+ 2MiPa249Z+lh3Luj0A==
|
| |
+ -----END PRIVATE KEY-----
|
| |
|
| |
- # The old FIPS provider doesn't include the workaround (#13817)
|
| |
- -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- # a random invalid that generates a synthetic of maximum size
|
| |
- Decrypt = RSA-3072
|
| |
- Input = 1715065322522dff85049800f6a29ab5f98c465020467414b2a44127fe9446da47fa18047900f99afe67c2df6f50160bb8e90bff296610fde632b3859d4d0d2e644f23835028c46cca01b84b88231d7e03154edec6627bcba23de76740d839851fa12d74c8f92e540c73fe837b91b7d699b311997d5f0f7864c486d499c3a79c111faaacbe4799597a25066c6200215c3d158f3817c1aa57f18bdaad0be1658da9da93f5cc6c3c4dd72788af57adbb6a0c26f42d32d95b8a4f95e8c6feb2f8a5d53b19a50a0b7cbc25e055ad03e5ace8f3f7db13e57759f67b65d143f08cca15992c6b2aae643390483de111c2988d4e76b42596266005103c8de6044fb7398eb3c28a864fa672de5fd8774510ff45e05969a11a4c7d3f343e331190d2dcf24fb9154ba904dc94af98afc5774a9617d0418fe6d13f8245c7d7626c176138dd698a23547c25f27c2b98ea4d8a45c7842b81888e4cc14e5b72e9cf91f56956c93dbf2e5f44a8282a7813157fc481ff1371a0f66b31797e81ebdb09a673d4db96d6
|
| |
- Output = 7b036fcd6243900e4236c894e2462c17738acc87e01a76f4d95cb9a328d9acde81650283b8e8f60a217e3bdee835c7b222ad4c85d0acdb9a309bd2a754609a65dec50f3aa04c6d5891034566b9563d42668ede1f8992b17753a2132e28970584e255efc8b45a41c5dbd7567f014acec5fe6fdb6d484790360a913ebb9defcd74ff377f2a8ba46d2ed85f733c9a3da08eb57ecedfafda806778f03c66b2c5d2874cec1c291b2d49eb194c7b5d0dd2908ae90f4843268a2c45563092ade08acb6ab481a08176102fc803fbb2f8ad11b0e1531bd37df543498daf180b12017f4d4d426ca29b4161075534bfb914968088a9d13785d0adc0e2580d3548494b2a9e91605f2b27e6cc701c796f0de7c6f471f6ab6cb9272a1ed637ca32a60d117505d82af3c1336104afb537d01a8f70b510e1eebf4869cb976c419473795a66c7f5e6e20a8094b1bb603a74330c537c5c0698c31538bd2e138c1275a1bdf24c5fa8ab3b7b526324e7918a382d1363b3d463764222150e04
|
| |
+ Decrypt=RSA-OAEP-8
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ Input=09b3683d8a2eb0fb295b62ed1fb9290b714457b7825319f4647872af889b30409472020ad12912bf19b11d4819f49614824ffd84d09c0a17e7d17309d12919790410aa2995699f6a86dbe3242b5acc23af45691080d6b1ae810fb3e3057087f0970092ce00be9562ff4053b6262ce0caa93e13723d2e3a5ba075d45f0d61b54b61
|
| |
+ Output=050b755e5e6880f7b9e9d692a74c37aae449b31bfea6deff83747a897f6c2c825bb1adbf850a3c96994b5de5b33cbc7d4a17913a7967
|
| |
|
| |
- # a positive test case that decrypts to 9 byte long value
|
| |
+Availablein = default
|
| |
- Decrypt = RSA-3072
|
| |
- Input = 6c60845a854b4571f678941ae35a2ac03f67c21e21146f9db1f2306be9f136453b86ad55647d4f7b5c9e62197aaff0c0e40a3b54c4cde14e774b1c5959b6c2a2302896ffae1f73b00b862a20ff4304fe06cea7ff30ecb3773ca9af27a0b54547350d7c07dfb0a39629c7e71e83fc5af9b2adbaf898e037f1de696a3f328cf45af7ec9aff7173854087fb8fbf34be981efbd8493f9438d1b2ba2a86af082662aa46ae9adfbec51e5f3d9550a4dd1dcb7c8969c9587a6edc82a8cabbc785c40d9fbd12064559fb769450ac3e47e87bc046148130d7eaa843e4b3ccef3675d0630500803cb7ffee3882378c1a404e850c3e20707bb745e42b13c18786c4976076ed9fa8fd0ff15e571bef02cbbe2f90c908ac3734a433b73e778d4d17fcc28f49185ebc6e8536a06d293202d94496453bfdf1c2c7833a3f99fa38ca8a81f42eaa529d603b890308a319c0ab63a35ff8ebac965f6278f5a7e5d622be5d5fe55f0ca3ec993d55430d2bf59c5d3e860e90c16d91a04596f6fdf60d89ed95d88c036dde
|
| |
- Output = "forty two"
|
| |
+ Decrypt=RSA-OAEP-8
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ Input=2ecf15c97c5a15b1476ae986b371b57a24284f4a162a8d0c8182e7905e792256f1812ba5f83f1f7a130e42dcc02232844edc14a31a68ee97ae564a383a3411656424c5f62ddb646093c367be1fcda426cf00a06d8acb7e57776fbbd855ac3df506fc16b1d7c3f2110f3d8068e91e186363831c8409680d8da9ecd8cf1fa20ee39d
|
| |
+ Output=4eb68dcd93ca9b19df111bd43608f557026fe4aa1d5cfac227a3eb5ab9548c18a06dded23f81825986b2fcd71109ecef7eff88873f075c2aa0c469f69c92bc
|
| |
|
| |
- # a positive test case with null padded ciphertext
|
| |
+Availablein = default
|
| |
- Decrypt = RSA-3072
|
| |
- Input = 00f4d565a3286784dbb85327db8807ae557ead229f92aba945cecda5225f606a7d6130edeeb6f26724d1eff1110f9eb18dc3248140ee3837e6688391e78796c526791384f045e21b6b853fb6342a11f309eb77962f37ce23925af600847fbd30e6e07e57de50b606e6b7f288cc777c1a6834f27e6edace508452128916eef7788c8bb227e3548c6a761cc4e9dd1a3584176dc053ba3500adb1d5e1611291654f12dfc5722832f635db3002d73f9defc310ace62c63868d341619c7ee15b20243b3371e05078e11219770c701d9f341af35df1bc729de294825ff2e416aa11526612852777eb131f9c45151eb144980d70608d2fc4043477368369aa0fe487a48bd57e66b00c3c58f941549f5ec050fca64449debe7a0c4ac51e55cb71620a70312aa4bd85fac1410c9c7f9d6ec610b7d11bf8faeffa20255d1a1bead9297d0aa8765cd2805847d639bc439f4a6c896e2008f746f9590ff4596de5ddde000ed666c452c978043ff4298461eb5a26d5e63d821438627f91201924bf7f2aeee1727
|
| |
- Output = "forty two"
|
| |
+ Decrypt=RSA-OAEP-8
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ Input=4bc89130a5b2dabb7c2fcf90eb5d0eaf9e681b7146a38f3173a3d9cfec52ea9e0a41932e648a9d69344c50da763f51a03c95762131e8052254dcd2248cba40fd31667786ce05a2b7b531ac9dac9ed584a59b677c1a8aed8c5d15d68c05569e2be780bf7db638fd2bfd2a85ab276860f3777338fca989ffd743d13ee08e0ca9893f
|
| |
+ Output=8604ac56328c1ab5ad917861
|
| |
|
| |
- # a positive test case with null truncated ciphertext
|
| |
+Availablein = default
|
| |
- Decrypt = RSA-3072
|
| |
- Input = f4d565a3286784dbb85327db8807ae557ead229f92aba945cecda5225f606a7d6130edeeb6f26724d1eff1110f9eb18dc3248140ee3837e6688391e78796c526791384f045e21b6b853fb6342a11f309eb77962f37ce23925af600847fbd30e6e07e57de50b606e6b7f288cc777c1a6834f27e6edace508452128916eef7788c8bb227e3548c6a761cc4e9dd1a3584176dc053ba3500adb1d5e1611291654f12dfc5722832f635db3002d73f9defc310ace62c63868d341619c7ee15b20243b3371e05078e11219770c701d9f341af35df1bc729de294825ff2e416aa11526612852777eb131f9c45151eb144980d70608d2fc4043477368369aa0fe487a48bd57e66b00c3c58f941549f5ec050fca64449debe7a0c4ac51e55cb71620a70312aa4bd85fac1410c9c7f9d6ec610b7d11bf8faeffa20255d1a1bead9297d0aa8765cd2805847d639bc439f4a6c896e2008f746f9590ff4596de5ddde000ed666c452c978043ff4298461eb5a26d5e63d821438627f91201924bf7f2aeee1727
|
| |
- Output = "forty two"
|
| |
+ Decrypt=RSA-OAEP-8
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ Input=2e456847d8fc36ff0147d6993594b9397227d577752c79d0f904fcb039d4d812fea605a7b574dd82ca786f93752348438ee9f5b5454985d5f0e1699e3e7ad175a32e15f03deb042ab9fe1dd9db1bb86f8c089ccb45e7ef0c5ee7ca9b7290ca6b15bed47039788a8a93ff83e0e8d6244c71006362deef69b6f416fb3c684383fbd0
|
| |
+ Output=fdda5fbf6ec361a9d9a4ac68af216a0686f438b1e0e5c36b955f74e107f39c0dddcc
|
| |
|
| |
- # a positive test case with double null padded ciphertext
|
| |
+Availablein = default
|
| |
- Decrypt = RSA-3072
|
| |
- Input = 00001ec97ac981dfd9dcc7a7389fdfa9d361141dac80c23a060410d472c16094e6cdffc0c3684d84aa402d7051dfccb2f6da33f66985d2a259f5b7fbf39ac537e95c5b7050eb18844a0513abef812cc8e74a3c5240009e6e805dcadf532bc1a2702d5acc9e585fad5b89d461fcc1397351cdce35171523758b171dc041f412e42966de7f94856477356d06f2a6b40e3ff0547562a4d91bbf1338e9e049facbee8b20171164505468cd308997447d3dc4b0acb49e7d368fedd8c734251f30a83491d2506f3f87318cc118823244a393dc7c5c739a2733d93e1b13db6840a9429947357f47b23fbe39b7d2d61e5ee26f9946c4632f6c4699e452f412a26641d4751135400713cd56ec66f0370423d55d2af70f5e7ad0adea8e4a0d904a01e4ac272eba4af1a029dd53eb71f115bf31f7a6c8b19a6523adeecc0d4c3c107575e38572a8f8474ccad163e46e2e8b08111132aa97a16fb588c9b7e37b3b3d7490381f3c55d1a9869a0fd42cd86fed59ecec78cb6b2dfd06a497f5afe3419691314ba0
|
| |
- Output = "forty two"
|
| |
+ Decrypt=RSA-OAEP-8
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ Input=1fb9356fd5c4b1796db2ebf7d0d393cc810adf6145defc2fce714f79d93800d5e2ac211ea8bbecca4b654b94c3b18b30dd576ce34dc95436ef57a09415645923359a5d7b4171ef22c24670f1b229d3603e91f76671b7df97e7317c97734476d5f3d17d21cf82b5ba9f83df2e588d36984fd1b584468bd23b2e875f32f68953f7b2
|
| |
+ Output=4a5f4914bee25de3c69341de07
|
| |
|
| |
- # a positive test case with double null truncated ciphertext
|
| |
+Availablein = default
|
| |
- Decrypt = RSA-3072
|
| |
- Input = 1ec97ac981dfd9dcc7a7389fdfa9d361141dac80c23a060410d472c16094e6cdffc0c3684d84aa402d7051dfccb2f6da33f66985d2a259f5b7fbf39ac537e95c5b7050eb18844a0513abef812cc8e74a3c5240009e6e805dcadf532bc1a2702d5acc9e585fad5b89d461fcc1397351cdce35171523758b171dc041f412e42966de7f94856477356d06f2a6b40e3ff0547562a4d91bbf1338e9e049facbee8b20171164505468cd308997447d3dc4b0acb49e7d368fedd8c734251f30a83491d2506f3f87318cc118823244a393dc7c5c739a2733d93e1b13db6840a9429947357f47b23fbe39b7d2d61e5ee26f9946c4632f6c4699e452f412a26641d4751135400713cd56ec66f0370423d55d2af70f5e7ad0adea8e4a0d904a01e4ac272eba4af1a029dd53eb71f115bf31f7a6c8b19a6523adeecc0d4c3c107575e38572a8f8474ccad163e46e2e8b08111132aa97a16fb588c9b7e37b3b3d7490381f3c55d1a9869a0fd42cd86fed59ecec78cb6b2dfd06a497f5afe3419691314ba0
|
| |
- Output = "forty two"
|
| |
+ Decrypt=RSA-OAEP-8
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ @@ -1544,36 +1610,42 @@ Z7CDuaemy2HkLbNiuMmJbbcGTgKtWuYVh9oVtGSckFlJCf6zfby2VL63Jo7IAeWo
|
| |
+ tKo5Eb69iFQvBb4=
|
| |
+ -----END PRIVATE KEY-----
|
| |
|
| |
- # The old FIPS provider doesn't include the workaround (#13817)
|
| |
- -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- # a random negative test case that generates a 9 byte long message
|
| |
- Decrypt = RSA-3072
|
| |
- Input = 5c8555f5cef627c15d37f85c7f5fd6e499264ea4b8e3f9112023aeb722eb38d8eac2be3751fd5a3785ab7f2d59fa3728e5be8c3de78a67464e30b21ee23b5484bb3cd06d0e1c6ad25649c8518165653eb80488bfb491b20c04897a6772f69292222fc5ef50b5cf9efc6d60426a449b6c489569d48c83488df629d695653d409ce49a795447fcec2c58a1a672e4a391401d428baaf781516e11e323d302fcf20f6eab2b2dbe53a48c987e407c4d7e1cb41131329138313d330204173a4f3ff06c6fadf970f0ed1005d0b27e35c3d11693e0429e272d583e57b2c58d24315c397856b34485dcb077665592b747f889d34febf2be8fce66c265fd9fc3575a6286a5ce88b4b413a08efc57a07a8f57a999605a837b0542695c0d189e678b53662ecf7c3d37d9dbeea585eebfaf79141118e06762c2381fe27ca6288edddc19fd67cd64f16b46e06d8a59ac530f22cd83cc0bc4e37feb52015cbb2283043ccf5e78a4eb7146827d7a466b66c8a4a4826c1bad68123a7f2d00fc1736525ff90c058f56
|
| |
- Output = 257906ca6de8307728
|
| |
+ Decrypt=RSA-OAEP-9
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ Input=267bcd118acab1fc8ba81c85d73003cb8610fa55c1d97da8d48a7c7f06896a4db751aa284255b9d36ad65f37653d829f1b37f97b8001942545b2fc2c55a7376ca7a1be4b1760c8e05a33e5aa2526b8d98e317088e7834c755b2a59b12631a182c05d5d43ab1779264f8456f515ce57dfdf512d5493dab7b7338dc4b7d78db9c091ac3baf537a69fc7f549d979f0eff9a94fda4169bd4d1d19a69c99e33c3b55490d501b39b1edae118ff6793a153261584d3a5f39f6e682e3d17c8cd1261fa72
|
| |
+ Output=f735fd55ba92592c3b52b8f9c4f69aaa1cbef8fe88add095595412467f9cf4ec0b896c59eda16210e7549c8abb10cdbc21a12ec9b6b5b8fd2f10399eb6
|
| |
|
| |
- # The old FIPS provider doesn't include the workaround (#13817)
|
| |
- -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- # a random negative test case that generates a 9 byte long message based on
|
| |
- # second to last value from PRF
|
| |
- Decrypt = RSA-3072
|
| |
- @@ -743,7 +757,7 @@ Input = 758c215aa6acd61248062b88284bf43c
|
| |
- Output = 043383c929060374ed
|
| |
+ Decrypt=RSA-OAEP-9
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ Input=93ac9f0671ec29acbb444effc1a5741351d60fdb0e393fbf754acf0de49761a14841df7772e9bc82773966a1584c4d72baea00118f83f35cca6e537cbd4d811f5583b29783d8a6d94cd31be70d6f526c10ff09c6fa7ce069795a3fcd0511fd5fcb564bcc80ea9c78f38b80012539d8a4ddf6fe81e9cddb7f50dbbbbcc7e5d86097ccf4ec49189fb8bf318be6d5a0715d516b49af191258cd32dc833ce6eb4673c03a19bbace88cc54895f636cc0c1ec89096d11ce235a265ca1764232a689ae8
|
| |
+ Output=81b906605015a63aabe42ddf11e1978912f5404c7474b26dce3ed482bf961ecc818bf420c54659
|
| |
|
| |
- # The old FIPS provider doesn't include the workaround (#13817)
|
| |
- -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- # a random negative test that generates message based on 3rd last value from
|
| |
- # PRF
|
| |
- Decrypt = RSA-3072
|
| |
- @@ -751,35 +765,35 @@ Input = 7b22d5e62d287968c6622171a1f75db4
|
| |
- Output = 70263fa6050534b9e0
|
| |
+ Decrypt=RSA-OAEP-9
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ Input=81ebdd95054b0c822ef9ad7693f5a87adfb4b4c4ce70df2df84ed49c04da58ba5fc20a19e1a6e8b7a3900b22796dc4e869ee6b42792d15a8eceb56c09c69914e813cea8f6931e4b8ed6f421af298d595c97f4789c7caa612c7ef360984c21b93edc5401068b5af4c78a8771b984d53b8ea8adf2f6a7d4a0ba76c75e1dd9f658f20ded4a46071d46d7791b56803d8fea7f0b0f8e41ae3f09383a6f9585fe7753eaaffd2bf94563108beecc207bbb535f5fcc705f0dde9f708c62f49a9c90371d3
|
| |
+ Output=fd326429df9b890e09b54b18b8f34f1e24
|
| |
|
| |
- # The old FIPS provider doesn't include the workaround (#13817)
|
| |
- -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- # an otherwise valid plaintext, but with wrong first byte (0x01 instead of 0x00)
|
| |
- Decrypt = RSA-3072
|
| |
- Input = 6db80adb5ff0a768caf1378ecc382a694e7d1bde2eff4ba12c48aaf794ded7a994a5b2b57acec20dbec4ae385c9dd531945c0f197a5496908725fc99d88601a17d3bb0b2d38d2c1c3100f39955a4cb3dbed5a38bf900f23d91e173640e4ec655c84fdfe71fcdb12a386108fcf718c9b7af37d39703e882436224c877a2235e8344fba6c951eb7e2a4d1d1de81fb463ac1b880f6cc0e59ade05c8ce35179ecd09546731fc07b141d3d6b342a97ae747e61a9130f72d37ac5a2c30215b6cbd66c7db893810df58b4c457b4b54f34428247d584e0fa71062446210db08254fb9ead1ba1a393c724bd291f0cf1a7143f32df849051dc896d7d176fef3b57ab6dffd626d0c3044e9edb2e3d012ace202d2581df01bec7e9aa0727a6650dd373d374f0bc0f4a611f8139dfe97d63e70c6188f4df5b672e47c51d8aa567097293fbff127c75ec690b43407578b73c85451710a0cece58fd497d7f7bd36a8a92783ef7dc6265dff52aac8b70340b996508d39217f2783ce6fc91a1cc94bb2ac487b84f62
|
| |
- Output = 6d8d3a094ff3afff4c
|
| |
+ Decrypt=RSA-OAEP-9
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ Input=bcc35f94cde66cb1136625d625b94432a35b22f3d2fa11a613ff0fca5bd57f87b902ccdc1cd0aebcb0715ee869d1d1fe395f6793003f5eca465059c88660d446ff5f0818552022557e38c08a67ead991262254f10682975ec56397768537f4977af6d5f6aaceb7fb25dec5937230231fd8978af49119a29f29e424ab8272b47562792d5c94f774b8829d0b0d9f1a8c9eddf37574d5fa248eefa9c5271fc5ec2579c81bdd61b410fa61fe36e424221c113addb275664c801d34ca8c6351e4a858
|
| |
+ Output=f1459b5f0c92f01a0f723a2e5662484d8f8c0a20fc29dad6acd43bb5f3effdf4e1b63e07fdfe6628d0d74ca19bf2d69e4a0abf86d293925a796772f8088e
|
| |
|
| |
- # The old FIPS provider doesn't include the workaround (#13817)
|
| |
- -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- # an otherwise valid plaintext, but with wrong second byte (0x01 instead of 0x02)
|
| |
- Decrypt = RSA-3072
|
| |
- Input = 417328c034458563079a4024817d0150340c34e25ae16dcad690623f702e5c748a6ebb3419ff48f486f83ba9df35c05efbd7f40613f0fc996c53706c30df6bba6dcd4a40825f96133f3c21638a342bd4663dffbd0073980dac47f8c1dd8e97ce1412e4f91f2a8adb1ac2b1071066efe8d718bbb88ca4a59bd61500e826f2365255a409bece0f972df97c3a55e09289ef5fa815a2353ef393fd1aecfc888d611c16aec532e5148be15ef1bf2834b8f75bb26db08b66d2baad6464f8439d1986b533813321dbb180080910f233bcc4dd784fb21871aef41be08b7bfad4ecc3b68f228cb5317ac6ec1227bc7d0e452037ba918ee1da9fdb8393ae93b1e937a8d4691a17871d5092d2384b6190a53df888f65b951b05ed4ad57fe4b0c6a47b5b22f32a7f23c1a234c9feb5d8713d949686760680da4db454f4acad972470033472b9864d63e8d23eefc87ebcf464ecf33f67fbcdd48eab38c5292586b36aef5981ed2fa07b2f9e23fc57d9eb71bfff4111c857e9fff23ceb31e72592e70c874b4936
|
| |
- Output = c6ae80ffa80bc184b0
|
| |
+ Decrypt=RSA-OAEP-9
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ Input=232afbc927fa08c2f6a27b87d4a5cb09c07dc26fae73d73a90558839f4fd66d281b87ec734bce237ba166698ed829106a7de6942cd6cdce78fed8d2e4d81428e66490d036264cef92af941d3e35055fe3981e14d29cbb9a4f67473063baec79a1179f5a17c9c1832f2838fd7d5e59bb9659d56dce8a019edef1bb3accc697cc6cc7a778f60a064c7f6f5d529c6210262e003de583e81e3167b89971fb8c0e15d44fffef89b53d8d64dd797d159b56d2b08ea5307ea12c241bd58d4ee278a1f2e
|
| |
+ Output=53e6e8c729d6f9c319dd317e74b0db8e4ccca25f3c8305746e137ac63a63ef3739e7b595abb96e8d55e54f7bd41ab433378ffb911d
|
| |
|
| |
- # The old FIPS provider doesn't include the workaround (#13817)
|
| |
- -FIPSversion = >=3.2.0
|
| |
+Availablein = default
|
| |
- # an otherwise valid plaintext, but with zero byte in first byte of padding
|
| |
- Decrypt = RSA-3072
|
| |
- Input = 8542c626fe533467acffcd4e617692244c9b5a3bf0a215c5d64891ced4bf4f9591b4b2aedff9843057986d81631b0acb3704ec2180e5696e8bd15b217a0ec36d2061b0e2182faa3d1c59bd3f9086a10077a3337a3f5da503ec3753535ffd25b837a12f2541afefd0cffb0224b8f874e4bed13949e105c075ed44e287c5ae03b155e06b90ed247d2c07f1ef3323e3508cce4e4074606c54172ad74d12f8c3a47f654ad671104bf7681e5b061862747d9afd37e07d8e0e2291e01f14a95a1bb4cbb47c304ef067595a3947ee2d722067e38a0f046f43ec29cac6a8801c6e3e9a2331b1d45a7aa2c6af3205be382dd026e389614ee095665a611ab2e8dced2ee1c9d08ac9de11aef5b3803fc9a9ce8231ec87b5fed386fb92ee3db995a89307bcba844bd0a691c29ae51216e949dfc813133cb06a07265fd807bcb3377f6adb0a481d9b7f442003115895939773e6b95371c4febef29edae946fa245e7c50729e2e558cfaad773d1fd5f67b457a6d9d17a847c6fcbdb103a86f35f228cefc06cea0
|
| |
- Output = a8a9301daa01bb25c7
|
| |
+ Decrypt=RSA-OAEP-9
|
| |
+ Ctrl = rsa_padding_mode:oaep
|
| |
+ Ctrl = rsa_mgf1_md:sha1
|
| |
+ diff --git a/test/recipes/80-test_cms.t b/test/recipes/80-test_cms.t
|
| |
+ index 4e368c730b..879d5d76eb 100644
|
| |
+ --- a/test/recipes/80-test_cms.t
|
| |
+ +++ b/test/recipes/80-test_cms.t
|
| |
+ @@ -235,7 +235,7 @@ my @smime_pkcs7_tests = (
|
| |
+ \&final_compare
|
| |
+ ],
|
| |
|
| |
- # The old FIPS provider doesn't include the workaround (#13817)
|
| |
- -FIPSversion = >=3.2.0
|
| |
- +Availablein = default
|
| |
- # an otherwise valid plaintext, but with zero byte in eight byte of padding
|
| |
- Decrypt = RSA-3072
|
| |
- Input = 449dfa237a70a99cb0351793ec8677882021c2aa743580bf6a0ea672055cffe8303ac42855b1d1f3373aae6af09cb9074180fc963e9d1478a4f98b3b4861d3e7f0aa8560cf603711f139db77667ca14ba3a1acdedfca9ef4603d6d7eb0645bfc805304f9ad9d77d34762ce5cd84bd3ec9d35c30e3be72a1e8d355d5674a141b5530659ad64ebb6082e6f73a80832ab6388912538914654d34602f4b3b1c78589b4a5d964b2efcca1dc7004c41f6cafcb5a7159a7fc7c0398604d0edbd4c8f4f04067da6a153a05e7cbeea13b5ee412400ef7d4f3106f4798da707ec37a11286df2b7a204856d5ff773613fd1e453a7114b78e347d3e8078e1cb3276b3562486ba630bf719697e0073a123c3e60ebb5c7a1ccff4279faffa2402bc1109f8d559d6766e73591943dfcf25ba10c3762f02af85187799b8b4b135c3990793a6fd32642f1557405ba55cc7cf7336a0e967073c5fa50743f9cc5e3017c172d9898d2af83345e71b3e0c22ab791eacb6484a32ec60ebc226ec9deaee91b1a0560c2b571
|
| |
- Output = 6c716fe01d44398018
|
| |
+ - [ "enveloped content test streaming S/MIME format, AES-256 cipher, 3 recipients",
|
| |
+ + [ "enveloped content test streaming S/MIME format, AES-256 cipher, 3 recipients, no Red Hat FIPS",
|
| |
+ [ "{cmd1}", @prov, "-encrypt", "-in", $smcont,
|
| |
+ "-aes256", "-stream", "-out", "{output}.cms",
|
| |
+ $smrsa1,
|
| |
+ @@ -1118,6 +1118,9 @@ sub check_availability {
|
| |
+ return "$tnam: skipped, DSA disabled\n"
|
| |
+ if ($no_dsa && $tnam =~ / DSA/);
|
| |
|
| |
- # The old FIPS provider doesn't include the workaround (#13817)
|
| |
- -FIPSversion = >=3.2.0
|
| |
- +Availablein = default
|
| |
- # an otherwise valid plaintext, but with null separator missing
|
| |
- Decrypt = RSA-3072
|
| |
- Input = a7a5c99e50da48769ecb779d9abe86ef9ec8c38c6f43f17c7f2d7af608a4a1bd6cf695b47e97c191c61fb5a27318d02f495a176b9fae5a55b5d3fabd1d8aae4957e3879cb0c60f037724e11be5f30f08fc51c033731f14b44b414d11278cd3dba7e1c8bfe208d2b2bb7ec36366dacb6c88b24cd79ab394adf19dbbc21dfa5788bacbadc6a62f79cf54fd8cf585c615b5c0eb94c35aa9de25321c8ffefb8916bbaa2697cb2dd82ee98939df9b6704cee77793edd2b4947d82e00e5749664970736c59a84197bd72b5c71e36aae29cd39af6ac73a368edbc1ca792e1309f442aafcd77c992c88f8e4863149f221695cb7b0236e75b2339a02c4ea114854372c306b9412d8eedb600a31532002f2cea07b4df963a093185e4607732e46d753b540974fb5a5c3f9432df22e85bb17611370966c5522fd23f2ad3484341ba7fd8885fc8e6d379a611d13a2aca784fba2073208faad2137bf1979a0fa146c1880d4337db3274269493bab44a1bcd0681f7227ffdf589c2e925ed9d36302509d1109ba4
|
| |
+ + return "$tnam: skipped, Red Hat FIPS\n"
|
| |
+ + if ($tnam =~ /no Red Hat FIPS/);
|
| |
+ +
|
| |
+ return "";
|
| |
+ }
|
| |
+
|
| |
+ diff --git a/test/recipes/80-test_ssl_old.t b/test/recipes/80-test_ssl_old.t
|
| |
+ index e2dcb68fb5..0775112b40 100644
|
| |
+ --- a/test/recipes/80-test_ssl_old.t
|
| |
+ +++ b/test/recipes/80-test_ssl_old.t
|
| |
+ @@ -493,6 +493,18 @@ sub testssl {
|
| |
+ # the default choice if TLSv1.3 enabled
|
| |
+ my $flag = $protocol eq "-tls1_3" ? "" : $protocol;
|
| |
+ my $ciphersuites = "";
|
| |
+ + my %redhat_skip_cipher = map {$_ => 1} qw(
|
| |
+ +AES256-GCM-SHA384:@SECLEVEL=0
|
| |
+ +AES256-CCM8:@SECLEVEL=0
|
| |
+ +AES256-CCM:@SECLEVEL=0
|
| |
+ +AES128-GCM-SHA256:@SECLEVEL=0
|
| |
+ +AES128-CCM8:@SECLEVEL=0
|
| |
+ +AES128-CCM:@SECLEVEL=0
|
| |
+ +AES256-SHA256:@SECLEVEL=0
|
| |
+ +AES128-SHA256:@SECLEVEL=0
|
| |
+ +AES256-SHA:@SECLEVEL=0
|
| |
+ +AES128-SHA:@SECLEVEL=0
|
| |
+ + );
|
| |
+ foreach my $cipher (@{$ciphersuites{$protocol}}) {
|
| |
+ if ($protocol eq "-ssl3" && $cipher =~ /ECDH/ ) {
|
| |
+ note "*****SKIPPING $protocol $cipher";
|
| |
+ @@ -504,11 +516,16 @@ sub testssl {
|
| |
+ } else {
|
| |
+ $cipher = $cipher.':@SECLEVEL=0';
|
| |
+ }
|
| |
+ - ok(run(test([@ssltest, @exkeys, "-cipher",
|
| |
+ - $cipher,
|
| |
+ - "-ciphersuites", $ciphersuites,
|
| |
+ - $flag || ()])),
|
| |
+ - "Testing $cipher");
|
| |
+ + if ($provider eq "fips" && exists $redhat_skip_cipher{$cipher}) {
|
| |
+ + note "*****SKIPPING $cipher in Red Hat FIPS mode";
|
| |
+ + ok(1);
|
| |
+ + } else {
|
| |
+ + ok(run(test([@ssltest, @exkeys, "-cipher",
|
| |
+ + $cipher,
|
| |
+ + "-ciphersuites", $ciphersuites,
|
| |
+ + $flag || ()])),
|
| |
+ + "Testing $cipher");
|
| |
+ + }
|
| |
+ }
|
| |
+ }
|
| |
+ next if $protocol eq "-tls1_3";
|
| |
+ --
|
| |
+ 2.44.0
|
| |
+
|
| |
