From d00b465123d798e3fa9f72f8a93151d9b193573b Mon Sep 17 00:00:00 2001 From: Peter Dettman Date: Mon, 4 Mar 2024 19:03:02 +0700 Subject: Add regression test for #524 --- crypto/Contributors.html | 2 +- crypto/Readme.html | 18 +++++++++++++++ crypto/test/src/crypto/test/PSSTest.cs | 40 +++++++++++++++++++++++++++++++++- 3 files changed, 58 insertions(+), 2 deletions(-) diff --git a/crypto/Contributors.html b/crypto/Contributors.html index b3cf33bac..1f8ef780c 100644 --- a/crypto/Contributors.html +++ b/crypto/Contributors.html @@ -269,7 +269,7 @@ University of Wollongong, Institute of Cybersecurity and Cryptology, under the s

Matthew Sitton (https://github.com/mdsitton) - Addition of missing ALPN Protocol names.

  • -

    Jozef Gajdoš (https://github.com/harrison314) - Time constructor optimization, RevokedStatus fix, improved thread-safe singleton code (e.g. X509Certificate/X509Crl cached encoding), SubjectPublicKeyInfo support in OpenSsl.PemWriter.

    +

    Jozef Gajdoš (https://github.com/harrison314) - Time constructor optimization, RevokedStatus fix, improved thread-safe singleton code (e.g. X509Certificate/X509Crl cached encoding), SubjectPublicKeyInfo support in OpenSsl.PemWriter, fixed PSS raw signing over spans.

  • Ben Adams (https://github.com/benaadams) - Performance optimization for AES-NI.

    diff --git a/crypto/Readme.html b/crypto/Readme.html index ee726b5a4..76afc29a4 100644 --- a/crypto/Readme.html +++ b/crypto/Readme.html @@ -31,6 +31,8 @@
  • Notes:
      +
    1. + Release 2.3.1
    2. Release 2.3.0
    3. @@ -329,6 +331,22 @@

      Notes:

      +

      Release 2.3.1, TBD

      +
      Defects Fixed
      +
        +
      • PSS: Fixed regression in 2.3.0 when updating signer from a span.
        • +
      +
      Additional Features and Functionality
      +
        +
      +
      Additional Notes
      +
        +
      • + See the (cumulative) list of GitHub pull requests that we have accepted at + bcgit/bc-csharp. +
        • +
      +

      Release 2.3.0, Monday February 5, 2024

      Defects Fixed
        diff --git a/crypto/test/src/crypto/test/PSSTest.cs b/crypto/test/src/crypto/test/PSSTest.cs index 599c2c8c7..72558e62f 100644 --- a/crypto/test/src/crypto/test/PSSTest.cs +++ b/crypto/test/src/crypto/test/PSSTest.cs @@ -4,6 +4,7 @@ using NUnit.Framework; using Org.BouncyCastle.Crypto.Digests; using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Generators; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Crypto.Signers; using Org.BouncyCastle.Math; @@ -215,7 +216,44 @@ namespace Org.BouncyCastle.Crypto.Tests get { return "PSSTest"; } } - private void doTestSig( + [Test] + public void TestRegression_GitHub_bc_csharp_524() + { + SecureRandom secureRandom = new SecureRandom(); + + var kpg = new RsaKeyPairGenerator(); + kpg.Init(new RsaKeyGenerationParameters(BigInteger.ValueOf(17), secureRandom, 1024, 100)); + var keyPair = kpg.GenerateKeyPair(); + + var digest = new Sha256Digest(); + + var hash = SecureRandom.GetNextBytes(secureRandom, digest.GetDigestSize()); + + var signer = PssSigner.CreateRawSigner(new RsaBlindedEngine(), digest); + signer.Init(true, keyPair.Private); + // NOTE: .NET Core 3.1 has Span, but is tested against our .NET Standard 2.0 assembly. + //#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER +#if NET6_0_OR_GREATER || NETSTANDARD2_1_OR_GREATER + signer.BlockUpdate(hash); +#else + signer.BlockUpdate(hash, 0, hash.Length); +#endif + byte[] signature = signer.GenerateSignature(); + + signer.Init(false, keyPair.Public); + // NOTE: .NET Core 3.1 has Span, but is tested against our .NET Standard 2.0 assembly. +//#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER +#if NET6_0_OR_GREATER || NETSTANDARD2_1_OR_GREATER + signer.BlockUpdate(hash); +#else + signer.BlockUpdate(hash, 0, hash.Length); +#endif + bool verified = signer.VerifySignature(signature); + + Assert.IsTrue(verified); + } + + private void doTestSig( int id, RsaKeyParameters pub, RsaKeyParameters prv, -- cgit 1.5.1