crypto-selftests-pk: add test case for RSA-OAEP

Signed-off-by: Daiki Ueno <ueno@gnu.org>

diff --git a/lib/crypto-selftests-pk.c b/lib/crypto-selftests-pk.c
index 5cfd2f4cba6bc2cf76a743ada0d8357f8f1db79d..5e638010699bd15dd72dcb1862154a1429df6cdd 100644 (file)
--- a/lib/crypto-selftests-pk.c
+++ b/lib/crypto-selftests-pk.c
@@ -223,7 +223,7 @@ static const char gost12_512_privkey[] =
        "-----END PRIVATE KEY-----\n";
 
 static int test_rsa_enc(gnutls_pk_algorithm_t pk, unsigned bits,
-                       gnutls_digest_algorithm_t ign)
+                       gnutls_digest_algorithm_t dig)
 {
        int ret;
        gnutls_datum_t enc = { NULL, 0 };
@@ -233,6 +233,8 @@ static int test_rsa_enc(gnutls_pk_algorithm_t pk, unsigned bits,
        gnutls_privkey_t key;
        gnutls_pubkey_t pub = NULL;
        unsigned char plaintext2[sizeof(DATASTR) - 1];
+       gnutls_x509_spki_t spki = NULL;
+       gnutls_datum_t oaep_label = { NULL, 0 };
 
        ret = gnutls_privkey_init(&key);
        if (ret < 0)
@@ -251,6 +253,27 @@ static int test_rsa_enc(gnutls_pk_algorithm_t pk, unsigned bits,
                goto cleanup;
        }
 
+       if (pk == GNUTLS_PK_RSA_OAEP) {
+               ret = gnutls_x509_spki_init(&spki);
+               if (ret < 0) {
+                       gnutls_assert();
+                       goto cleanup;
+               }
+
+               ret = gnutls_x509_spki_set_rsa_oaep_params(spki, dig,
+                                                          &oaep_label);
+               if (ret < 0) {
+                       gnutls_assert();
+                       goto cleanup;
+               }
+
+               ret = gnutls_privkey_set_spki(key, spki, 0);
+               if (ret < 0) {
+                       gnutls_assert();
+                       goto cleanup;
+               }
+       }
+
        ret = gnutls_pubkey_import_privkey(pub, key, 0, 0);
        if (ret < 0) {
                gnutls_assert();
@@ -297,6 +320,8 @@ static int test_rsa_enc(gnutls_pk_algorithm_t pk, unsigned bits,
 
        ret = 0;
 cleanup:
+       if (spki != NULL)
+               gnutls_x509_spki_deinit(spki);
        if (pub != NULL)
                gnutls_pubkey_deinit(pub);
        gnutls_privkey_deinit(key);
@@ -973,6 +998,14 @@ int gnutls_pk_self_test(unsigned flags, gnutls_pk_algorithm_t pk)
                if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL))
                        return 0;
 
+               FALLTHROUGH;
+       case GNUTLS_PK_RSA_OAEP:
+               PK_TEST(GNUTLS_PK_RSA_OAEP, test_rsa_enc, 2048,
+                       GNUTLS_DIG_SHA256);
+
+               if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL))
+                       return 0;
+
                FALLTHROUGH;
        case GNUTLS_PK_DSA:
                if (is_post || !is_fips140_mode_enabled) {