Skip to content

Improve FIPS signatures self-tests

Anderson Sasaki requested to merge ansasaki/gnutls:improve_fips_selftests into master

This supersedes !1073 (closed)

The goal of this patch set is to fix some bugs and clarify what are the tests actually executed for signing algorithms during the FIPS power-on self-tests. It addresses few bugs which could misguide the reader:

  • The PK_KNOWN_TEST and PK_TEST macros included the check for GNUTLS_SELF_TEST_FLAG_ALL. If more than one test was declared in a sequence, only the first one would be executed when the flag was not set. The macros were changed to not check the GNUTLS_SELF_TEST_FLAG_ALL, allowing more than one test to be executed in sequence.
  • The test_sig() function always uses the same key regardless the value provided in the bits parameter. The value given in the bits parameter only changes the output message. Thus, calling test_sig() multiple times for a single key type passing different values in bits would always use the same key, but print messages as if different keys were tested. The code was changed to not call test_sig() for algorithms tested with test_known_sig() and to call test_sig() only once per key type.
  • Previously, the test_known_sig() would generate signatures only for deterministic algorithms. For non-deterministic algorithms only the verification operation was exercised. The code was changed to call test_known_sig() only for deterministic algorithms, which can have known answer tests.

Other than the bugs addressed, the following improvements were made:

  • Use deterministic signatures generation for ECDSA and DSA tests. This allows known answer tests to be executed for these algorithms
  • Use 2048 bits long key for DSA tests instead of 512 bits key

Note:

  • The RSA-PSS signature verification fails when deterministic signature is generated (with zero salt). Thus, the test for RSA-PSS was not changed to be a known answer test.

Checklist

  • Commits have Signed-off-by: with name/author being identical to the commit author
  • Code modified for feature
  • Test suite updated with functionality tests
  • Test suite updated with negative tests
  • Documentation updated / NEWS entry present (for non-trivial changes)
  • CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout)

Reviewer's checklist:

  • Any issues marked for closing are addressed
  • There is a test suite reasonably covering new functionality or modifications
  • Function naming, parameters, return values, types, etc., are consistent and according to CONTRIBUTION.md
  • This feature/change has adequate documentation added
  • No obvious mistakes in the code
Edited by Nikos Mavrogiannopoulos

Merge request reports