Gitiles
Code Review Sign In
gerrit.openfyde.cn / boringssl.googlesource.com / boringssl / 7944a9f008d8b6020c1b652a375f2e7b63644e09^! / . / ssl / test / runner / runner.go
commit7944a9f008d8b6020c1b652a375f2e7b63644e09[log] [tgz]
authorDavid Benjamin <davidben@google.com>Tue Jul 12 22:27:01 2016 -0400
committerCQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>Wed Jul 13 15:32:05 2016 +0000
treeb4e9092cfd0b27b316601016b0ea3fd44700d0fc
parent1c256544dda26e4042c1af082580a1b87c9a690f [diff] [blame]
Account for key size when selecting RSA-PSS.

RSASSA-PSS with SHA-512 is slightly too large for 1024-bit RSA. One
should not be using 1024-bit RSA, but it's common enough for tests
(including our own in runner before they were regenerated), that we
should probably do the size check and avoid unnecessary turbulence to
everyone else's test setups.

Change-Id: If0c7e401d7d05404755cba4cbff76de3bc65c138
Reviewed-on: https://boringssl-review.googlesource.com/8746
Reviewed-by: Steven Valdez <svaldez@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

diff --git a/ssl/test/runner/runner.go b/ssl/test/runner/runner.go
index 3531909..45dc7cb 100644
--- a/ssl/test/runner/runner.go
+++ b/ssl/test/runner/runner.go

@@ -61,6 +61,7 @@
 
 const (
 	testCertRSA testCert = iota
+	testCertRSA1024
 	testCertECDSAP256
 	testCertECDSAP384
 	testCertECDSAP521
@@ -68,6 +69,7 @@
 
 const (
 	rsaCertificateFile       = "cert.pem"
+	rsa1024CertificateFile   = "rsa_1024_cert.pem"
 	ecdsaP256CertificateFile = "ecdsa_p256_cert.pem"
 	ecdsaP384CertificateFile = "ecdsa_p384_cert.pem"
 	ecdsaP521CertificateFile = "ecdsa_p521_cert.pem"
@@ -75,13 +77,20 @@
 
 const (
 	rsaKeyFile       = "key.pem"
+	rsa1024KeyFile   = "rsa_1024_key.pem"
 	ecdsaP256KeyFile = "ecdsa_p256_key.pem"
 	ecdsaP384KeyFile = "ecdsa_p384_key.pem"
 	ecdsaP521KeyFile = "ecdsa_p521_key.pem"
 	channelIDKeyFile = "channel_id_key.pem"
 )
 
-var rsaCertificate, ecdsaP256Certificate, ecdsaP384Certificate, ecdsaP521Certificate Certificate
+var (
+	rsaCertificate       Certificate
+	rsa1024Certificate   Certificate
+	ecdsaP256Certificate Certificate
+	ecdsaP384Certificate Certificate
+	ecdsaP521Certificate Certificate
+)
 
 var testCerts = []struct {
 	id                testCert
@@ -95,6 +104,12 @@
 		cert:     &rsaCertificate,
 	},
 	{
+		id:       testCertRSA1024,
+		certFile: rsa1024CertificateFile,
+		keyFile:  rsa1024KeyFile,
+		cert:     &rsa1024Certificate,
+	},
+	{
 		id:       testCertECDSAP256,
 		certFile: ecdsaP256CertificateFile,
 		keyFile:  ecdsaP256KeyFile,
@@ -5173,6 +5188,25 @@
 		},
 		expectedPeerSignatureAlgorithm: signatureECDSAWithP256AndSHA256,
 	})
+
+	// RSASSA-PSS with SHA-512 is too large for 1024-bit RSA. Test that the
+	// server does not attempt to sign in that case.
+	testCases = append(testCases, testCase{
+		testType: serverTest,
+		name:     "RSA-PSS-Large",
+		config: Config{
+			MaxVersion: VersionTLS13,
+			VerifySignatureAlgorithms: []signatureAlgorithm{
+				signatureRSAPSSWithSHA512,
+			},
+		},
+		flags: []string{
+			"-cert-file", path.Join(*resourceDir, rsa1024CertificateFile),
+			"-key-file", path.Join(*resourceDir, rsa1024KeyFile),
+		},
+		shouldFail:    true,
+		expectedError: ":NO_COMMON_SIGNATURE_ALGORITHMS:",
+	})
 }
 
 // timeouts is the retransmit schedule for BoringSSL. It doubles and