Package list libcryptx-perl / 7bc1e16
attempt to fix fix #69 Identifier Octets Leniency in RSA PKCS#1 Signature Verification Karel Miko 2 months ago
3 changed file(s) with 73 addition(s) and 1 deletion(s). Raw diff Collapse all Expand all
00 Changes for CryptX
1
2 0.072 2021-XX-XX
3 - fix #69 Identifier Octet's Leniency in RSA PKCS#1 Signature Verification
14
25 0.071 2021-03-30
36 - fix #67 (better handling of PEM decoding failures)
154154 }
155155
156156 switch (type) {
157 case LTC_ASN1_CUSTOM_TYPE:
158 case LTC_ASN1_SET:
159 case LTC_ASN1_SETOF:
160 case LTC_ASN1_SEQUENCE:
161 break;
162 default:
163 /* Verify that all basic types are indeed UNIVERSAL&PRIMITIVE */
164 if (((flags & LTC_DER_SEQ_STRICT) == LTC_DER_SEQ_STRICT) && (inlen > 0)) {
165 if (in[x] & 0xE0u) {
166 err = CRYPT_PK_ASN1_ERROR;
167 goto LBL_ERR;
168 }
169 }
170 }
171
172 switch (type) {
157173 case LTC_ASN1_BOOLEAN:
158174 z = inlen;
159175 if ((err = der_decode_boolean(in + x, z, ((int *)data))) != CRYPT_OK) {
00 use strict;
11 use warnings;
2 use Test::More tests => 49;
2 use Test::More tests => 52;
33
44 use Crypt::PK::RSA qw(rsa_encrypt rsa_decrypt rsa_sign_message rsa_verify_message rsa_sign_hash rsa_verify_hash);
55
111111 ok($sig, 'rsa_sign_hash');
112112 ok(rsa_verify_hash('t/data/cryptx_pub_rsa1.der', $sig, $hash, 'SHA1'), 'rsa_verify_hash');
113113 }
114
115 {
116 ## https://github.com/DCIT/perl-CryptX/issues/69
117
118 # my $priv = Crypt::PK::RSA->new({
119 # e => "03",
120 # N => "E932AC92252F585B3A80A4DD76A897C8B7652952FE788F6EC8DD640587A1EE5647670A8AD4C2BE0F9FA6E49C605ADF77B5174230".
121 # "AF7BD50E5D6D6D6D28CCF0A886A514CC72E51D209CC772A52EF419F6A953F3135929588EBE9B351FCA61CED78F346FE00DBB6306".
122 # "E5C2A4C6DFC3779AF85AB417371CF34D8387B9B30AE46D7A5FF5A655B8D8455F1B94AE736989D60A6F2FD5CADBFFBD504C5A756A".
123 # "2E6BB5CECC13BCA7503F6DF8B52ACE5C410997E98809DB4DC30D943DE4E812A47553DCE54844A78E36401D13F77DC650619FED88".
124 # "D8B3926E3D8E319C80C744779AC5D6ABE252896950917476ECE5E8FC27D5F053D6018D91B502C4787558A002B9283DA7",
125 # d => "009b771db6c374e59227006de8f9c5ba85cf98c63754505f9f30939803afc1498eda44b1b1e32c7eb51519edbd9591ea4fce0f81".
126 # "75ca528e09939e48f37088a07059c36332f74368c06884f718c9f8114f1b8d4cb790c63b09d46778bfdc41348fb4cd9feab3d242".
127 # "04992c6dd9ea824fbca591cd64cf68a233ad0526775c9848fafa31528177e1f8df9181a8b945081106fd58bd3d73799b229575c4".
128 # "f3b29101a03ee1f05472b3615784d9244ce0ed639c77e8e212ab52abddf4a928224b6b6f74b7114786dd6071bd9113d7870c6b52".
129 # "c0bc8b9c102cfe321dac357e030ed6c580040ca41c13d6b4967811807ef2a225983ea9f88d67faa42620f42a4f5bdbe03b",
130 # });
131 # my $sig_hex = unpack("H*", $priv->sign_message('hello world!', 'SHA256', 'v1.5'));
132
133 my $pub = Crypt::PK::RSA->new({
134 e => "03",
135 N => "E932AC92252F585B3A80A4DD76A897C8B7652952FE788F6EC8DD640587A1EE5647670A8AD4C2BE0F9FA6E49C605ADF77B5174230".
136 "AF7BD50E5D6D6D6D28CCF0A886A514CC72E51D209CC772A52EF419F6A953F3135929588EBE9B351FCA61CED78F346FE00DBB6306".
137 "E5C2A4C6DFC3779AF85AB417371CF34D8387B9B30AE46D7A5FF5A655B8D8455F1B94AE736989D60A6F2FD5CADBFFBD504C5A756A".
138 "2E6BB5CECC13BCA7503F6DF8B52ACE5C410997E98809DB4DC30D943DE4E812A47553DCE54844A78E36401D13F77DC650619FED88".
139 "D8B3926E3D8E319C80C744779AC5D6ABE252896950917476ECE5E8FC27D5F053D6018D91B502C4787558A002B9283DA7",
140 });
141
142 my $sig1 = pack("H*", "8df69d774c6ac8b5f8aa16576ca37a4f948706c5daecb3c15cfd247a7657616b2bbb786b50158cac8c23e3".
143 "289d300d3fbb82380b8746d929df36bdaf43a5fc5d1d04c61c98d47c22de02d051be3ba9e42b1c47aa5192".
144 "66d4cae244e5ce99b24771a13a7c8c7b08868a3eccf70b4bc7570d5131a1ac8943d91b0151c39da2ad75cd".
145 "1b9a697d100eef6747217df581b272cfd1f549a901ff4951036a4eb28fd2ea1e9df3fa9fa457663f4259be".
146 "8e5f2f2fb84f831a0ca5320e2b79f04a17830f43062c4c8fc0d0b1ff90567f3342d524f682ca26661caadf".
147 "4272f2585e6013a92bfa68de72fe6174096890e4296aedd72da43aa508007df53fb852bd7162ab635b");
148
149 my $sig2 = pack("H*", "1ee08947536e6b11d8923c3b00061d26a6933b5345077ea0214fdcbcc1ad68395008ff709117047e6b01dd".
150 "2a371dfa032c0732abc86ab2e0273bbd0dfe6b1c769e21bb9079982801d8f72e01be3244959312ab09bb8f".
151 "88572dc23216719b9810c73edf826749604feb8da1345f83f0209271aca462c1235b4cb4ba538f85a9c03d".
152 "d1dde1856fe73fd86b95566df2dfe8b0895c34489b97e02c8e48dabad7067619edec6267a776fa416fbcac".
153 "0fcacf3efa7852ce33ed63a9149c685c303d98c3dc37ee87521bc5b130377345fc95c87aa48505470deaf6".
154 "fb1064df041e3f03322b1ec90d3608deb17bf77f47066ecc6c511bfba69eed6da42881dcce603fcb2a");
155
156 my $sig3 = pack("H*", "02364fdabb83d98118fe3d3bb86866038de4dc6e569f59fd6dc0360d3785e7fbded2f5a4c6d87052aeab25".
157 "c451a91f8dccbc0d6db3b59ddd57368180091183369221b67a399a96ca5d318a908575462fe42d1aabba27".
158 "7b7b5bb2aae43567ecd671dfc1d8b935c7dc06d0058a45dadabfc21b1cbae3cb719f3bca8b1365576e2eb9".
159 "54cba048beba174e515a919148ac4a9ae3505b3a8ad6326b63757d1dd59a9f83df60bb295b32d90053b016".
160 "b4cd2745eb29f12a2aad86c05f04ebd3cca3a8c63c752ccad07d7fd4e6e2adab4f353efbda04a6b5b7f4a6".
161 "d540c085e7ddc90f1665adb048dfc707eac2db28246e1bffe53f115a02f7c74defccafa7213cb22245");
162
163 is($pub->verify_message($sig1, 'hello world!', 'SHA256', 'v1.5'), 0, "github issue 69 - invalid signature/1");
164 is($pub->verify_message($sig2, 'hello world!', 'SHA256', 'v1.5'), 0, "github issue 69 - invalid signature/2");
165 is($pub->verify_message($sig3, 'hello world!', 'SHA256', 'v1.5'), 1, "github issue 69 - valid signature/3");
166 }