[test] Test signature verification independently of signing

Copy and modify the signature defined within the test case for
verification tests, rather than relying on the modifiable signature
constructed by the signing portion of the same test.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

diff --git a/src/tests/pubkey_test.c b/src/tests/pubkey_test.c
index 3bb414e47a5c5eee901e75654a68e32618c25d5e..15b24f00510e9b711406157889aa724a74fea7fc 100644 (file)
--- a/src/tests/pubkey_test.c
+++ b/src/tests/pubkey_test.c
@@ -108,9 +108,11 @@ void pubkey_sign_okx ( struct pubkey_sign_test *test, const char *file,
                       unsigned int line ) {
        struct pubkey_algorithm *pubkey = test->pubkey;
        struct digest_algorithm *digest = test->digest;
-       uint8_t digestctx[digest->ctxsize ];
+       uint8_t digestctx[digest->ctxsize];
        uint8_t digestout[digest->digestsize];
-       struct asn1_builder signature = { NULL, 0 };
+       uint8_t signature[test->signature.len];
+       struct asn1_cursor cursor = { signature, sizeof ( signature ) };
+       struct asn1_builder builder = { NULL, 0 };
        uint8_t *bad;
 
        /* Test key matching */
@@ -123,25 +125,27 @@ void pubkey_sign_okx ( struct pubkey_sign_test *test, const char *file,
                        test->plaintext_len );
        digest_final ( digest, digestctx, digestout );
 
-       /* Test signing using private key */
-       okx ( pubkey_sign ( pubkey, &test->private, digest, digestout,
-                           &signature ) == 0, file, line );
-       okx ( signature.len != 0, file, line );
-       okx ( asn1_compare ( asn1_built ( &signature ),
-                            &test->signature ) == 0, file, line );
-
        /* Test verification using public key */
        okx ( pubkey_verify ( pubkey, &test->public, digest, digestout,
                              &test->signature ) == 0, file, line );
 
        /* Test verification failure of modified signature */
-       bad = ( signature.data + ( test->signature.len / 2 ) );
+       memcpy ( signature, test->signature.data, sizeof ( signature ) );
+       bad = ( signature + ( sizeof ( signature ) / 2 ) );
+       *bad ^= 0x40;
        okx ( pubkey_verify ( pubkey, &test->public, digest, digestout,
-                             asn1_built ( &signature ) ) == 0, file, line );
+                             &cursor ) != 0, file, line );
        *bad ^= 0x40;
        okx ( pubkey_verify ( pubkey, &test->public, digest, digestout,
-                             asn1_built ( &signature ) ) != 0, file, line );
+                             &cursor ) == 0, file, line );
+
+       /* Test signing using private key */
+       okx ( pubkey_sign ( pubkey, &test->private, digest, digestout,
+                           &builder ) == 0, file, line );
+       okx ( builder.len != 0, file, line );
+       okx ( asn1_compare ( asn1_built ( &builder ), &test->signature ) == 0,
+             file, line );
 
        /* Free signature */
-       free ( signature.data );
+       free ( builder.data );
 }