From: Martin Willi <martin@strongswan.org>
Date: Tue, 18 Mar 2008 12:25:39 +0000 (-0000)
Subject: added false positive signature check
X-Git-Tag: 4.2.0~129
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4bfa63ed25f28ef3d02e1249ce3a9109fd577c67;p=thirdparty%2Fstrongswan.git

added false positive signature check
---

diff --git a/src/charon/plugins/unit_tester/tests/test_rsa_gen.c b/src/charon/plugins/unit_tester/tests/test_rsa_gen.c
index 79f4750630..2dbef04e0f 100644
--- a/src/charon/plugins/unit_tester/tests/test_rsa_gen.c
+++ b/src/charon/plugins/unit_tester/tests/test_rsa_gen.c
@@ -52,6 +52,12 @@ bool test_rsa_gen()
 			DBG1(DBG_CFG, "verifying RSA signature failed");
 			return FALSE;
 		}
+		sig.ptr[sig.len-1]++;
+		if (public->verify(public, SIGN_RSA_EMSA_PKCS1_SHA1, data, sig))
+		{
+			DBG1(DBG_CFG, "verifying faked RSA signature succeeded!");
+			return FALSE;
+		}
 		free(sig.ptr);
 		public->destroy(public);
 		private->destroy(private);