openssl
/
CVE-2021-3711-0003-Extend-tests-for-S...

From 733fa41c3fc4bcac37f94aa917f7242420f8a5a6 Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Fri, 13 Aug 2021 14:49:47 +0100
Subject: [PATCH] Extend tests for SM2 decryption

Check the case where C1y < 32 bytes in length (i.e. short overhead), and
also the case with longer plaintext and C1x and C1y > 32 bytes in length
(i.e. long overhead)

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>

Reference: https://github.com/openssl/openssl/commit/733fa41c3fc4bcac37f94aa917f7242420f8a5a6
Conflict: NA
---
 test/recipes/30-test_evp_data/evppkey.txt | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/test/recipes/30-test_evp_data/evppkey.txt b/test/recipes/30-test_evp_data/evppkey.txt
index 736e0ce4d3..c3947cb000 100644
--- a/test/recipes/30-test_evp_data/evppkey.txt
+++ b/test/recipes/30-test_evp_data/evppkey.txt
@@ -18444,6 +18444,16 @@ Decrypt = SM2_key1
 Input = 30818A0220466BE2EF5C11782EC77864A0055417F407A5AFC11D653C6BCE69E417BB1D05B6022062B572E21FF0DDF5C726BD3F9FF2EAE56E6294713A607E9B9525628965F62CC804203C1B5713B5DB2728EB7BF775E44F4689FC32668BDC564F52EA45B09E8DF2A5F40422084A9D0CC2997092B7D3C404FCE95956EB604D732B2307A8E5B8900ED6608CA5B197
 Output = "The floofy bunnies hop at midnight"

+# Test with an C1y value < 32 bytes in length (self generated)
+Decrypt = SM2_key1
+Input = 3072022070DAD60CDA7C30D64CF4F278A849003581223F5324BFEC9BB329229BFFAD21A6021F18AFAB2B35459D2643243B242BE4EA80C6FA5071D2D847340CC57EB9309E5D04200B772E4DB664B2601E3B85E39C4AA8C2C1910308BE13B331E009C5A9258C29FD040B6D588BE9260A94DA18E0E6
+Output = "Hello World"
+
+# Test with an C1x and C1y valuey > 32 bytes in length, and longer plaintext (self generated)
+Decrypt = SM2_key1
+Input = 3081DD022100CD49634BBCB21CAFFFA6D33669A5A867231CB2A942A14352EF4CAF6DC3344D54022100C35B41D4DEBB3A2735EFEE821B9EBA566BD86900176A0C06672E30EE5CC04E930420C4190A3D80D86C4BD20E99F7E4B59BF6427C6808793533EEA9591D1188EC56B50473747295470E81D951BED279AC1B86A1AFE388CD2833FA9632799EC199C7D364E5663D5A94888BB2358CFCBF6283184DE0CBC41CCEA91D24746E99D231A1DA77AFD83CDF908190ED628B7369724494568A27C782A1D1D7294BCAD80C34569ED22859896301128A8118F48924D8CCD43E998D9533
+Output = "Some longer plaintext for testing SM2 decryption. Blah blah blah blah blah blah blah blah blah blah blah blah blah."
+
 # This is a "fake" test as it does only verify that the SM2 EVP_PKEY interface
 # is capable of creating a signature without failing, but it does not say
 # anything about the generated signature being valid, nor does it test the
--
2.23.0