Make sure we detect corruption.

2 files changed, 23 insertions, 5 deletions

diff --git a/crypto/rsa/rsa_test.c b/crypto/rsa/rsa_test.c
index 51135ea3e0..4080de8bcf 100644
--- a/crypto/rsa/rsa_test.c
+++ b/crypto/rsa/rsa_test.c
@@ -219,6 +219,7 @@ int main(int argc, char *argv[])
     int plen;
     int clen = 0;
     int num;
+    int n;
 
     CRYPTO_malloc_debug_init();
     CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
@@ -278,7 +279,7 @@ int main(int argc, char *argv[])
 	    err=1;
 	    goto next;
 	    }
-  
+
 	num = RSA_private_decrypt(num, ctext, ptext, key,
 				  RSA_PKCS1_OAEP_PADDING);
 	if (num != plen || memcmp(ptext, ptext_ex, num) != 0)
@@ -287,10 +288,7 @@ int main(int argc, char *argv[])
 	    err=1;
 	    }
 	else if (memcmp(ctext, ctext_ex, num) == 0)
-	    {
 	    printf("OAEP test vector %d passed!\n", v);
-	    goto next;
-	    }
     
 	/* Different ciphertexts (rsa_oaep.c without -DPKCS_TESTVECT).
 	   Try decrypting ctext_ex */
@@ -305,6 +303,26 @@ int main(int argc, char *argv[])
 	    }
 	else
 	    printf("OAEP encryption/decryption ok\n");
+
+	/* Try decrypting corrupted ciphertexts */
+	for(n = 0 ; n < clen ; ++n)
+	    {
+	    int b;
+	    unsigned char saved = ctext[n];
+	    for(b = 0 ; b < 256 ; ++b)
+		{
+		if(b == saved)
+		    continue;
+		ctext[n] = b;
+		num = RSA_private_decrypt(num, ctext, ptext, key,
+					  RSA_PKCS1_OAEP_PADDING);
+		if(num > 0)
+		    {
+		    printf("Corrupt data decrypted!\n");
+		    err = 1;
+		    }
+		}
+	    }
     next:
 	RSA_free(key);
 	}
diff --git a/test/Makefile b/test/Makefile
index f24d3ce5a8..62c63861eb 100644
--- a/test/Makefile
+++ b/test/Makefile
@@ -199,7 +199,7 @@ test_x509:
 	echo test second x509v3 certificate
 	sh ./tx509 v3-cert2.pem 2>/dev/null
 
-test_rsa:
+test_rsa: $(RSATEST)$(EXE_EXT)
 	@sh ./trsa 2>/dev/null
 	../util/shlib_wrap.sh ./$(RSATEST)