Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
Nettle
nettle
Commits
8cf51d22
Commit
8cf51d22
authored
Feb 18, 2013
by
Niels Möller
Browse files
Added ECDSA tests.
parent
11c6d02d
Changes
7
Hide whitespace changes
Inline
Side-by-side
ChangeLog
View file @
8cf51d22
2013-02-18 Niels Möller <nisse@lysator.liu.se>
* testsuite/testutils.h (SHEX): Deleted const cast.
* testsuite/ecdsa-verify-test.c: New testcase.
* testsuite/ecdsa-sign-test.c: New testcase.
* testsuite/Makefile.in (TS_HOGWEED_SOURCES): Added
ecdsa-sign-test.c and ecdsa-verify-test.c.
* testsuite/testutils.h: Include ecdsa.h.
(SHEX): Deleted const cast.
* ecc-point.c: New file, struct ecc_point abstraction.
* ecc-scalar.c: New file, struct ecc_scalar abstraction.
...
...
testsuite/.gitignore
View file @
8cf51d22
...
...
@@ -23,6 +23,8 @@
/ecc-mul-a-test
/ecc-mul-g-test
/ecc-redc-test
/ecdsa-sign-test
/ecdsa-verify-test
/gcm-test
/gosthash94-test
/hmac-test
...
...
testsuite/.test-rules.make
View file @
8cf51d22
...
...
@@ -175,6 +175,12 @@ ecc-mul-g-test$(EXEEXT): ecc-mul-g-test.$(OBJEXT)
ecc-mul-a-test$(EXEEXT)
:
ecc-mul-a-test.$(OBJEXT)
$(LINK)
ecc-mul-a-test.
$(OBJEXT)
$(TEST_OBJS)
-o
ecc-mul-a-test
$(EXEEXT)
ecdsa-sign-test$(EXEEXT)
:
ecdsa-sign-test.$(OBJEXT)
$(LINK)
ecdsa-sign-test.
$(OBJEXT)
$(TEST_OBJS)
-o
ecdsa-sign-test
$(EXEEXT)
ecdsa-verify-test$(EXEEXT)
:
ecdsa-verify-test.$(OBJEXT)
$(LINK)
ecdsa-verify-test.
$(OBJEXT)
$(TEST_OBJS)
-o
ecdsa-verify-test
$(EXEEXT)
sha1-huge-test$(EXEEXT)
:
sha1-huge-test.$(OBJEXT)
$(LINK)
sha1-huge-test.
$(OBJEXT)
$(TEST_OBJS)
-o
sha1-huge-test
$(EXEEXT)
...
...
testsuite/Makefile.in
View file @
8cf51d22
...
...
@@ -36,7 +36,8 @@ TS_HOGWEED_SOURCES = sexp-test.c sexp-format-test.c \
rsa-test.c rsa-encrypt-test.c rsa-keygen-test.c
\
dsa-test.c dsa-keygen-test.c
\
ecc-mod-test.c ecc-modinv-test.c ecc-redc-test.c
\
ecc-mul-g-test.c ecc-mul-a-test.c
ecc-mul-g-test.c ecc-mul-a-test.c
\
ecdsa-sign-test.c ecdsa-verify-test.c
TS_SOURCES
=
$(TS_NETTLE_SOURCES)
$(TS_HOGWEED_SOURCES)
CXX_SOURCES
=
cxx-test.cxx
...
...
testsuite/ecdsa-sign-test.c
0 → 100644
View file @
8cf51d22
#include
"testutils.h"
static
void
test_ecdsa
(
const
struct
ecc_curve
*
ecc
,
/* Private key */
const
char
*
sz
,
/* Random nonce */
const
char
*
sk
,
/* Hash */
const
struct
tstring
*
h
,
/* Expected signature */
const
char
*
r
,
const
char
*
s
)
{
struct
dsa_signature
ref
;
mpz_t
z
;
mpz_t
k
;
mp_limb_t
*
rp
=
xalloc_limbs
(
ecc
->
size
);
mp_limb_t
*
sp
=
xalloc_limbs
(
ecc
->
size
);
mp_limb_t
*
scratch
=
xalloc_limbs
(
ecc_ecdsa_sign_itch
(
ecc
));
dsa_signature_init
(
&
ref
);
mpz_init_set_str
(
z
,
sz
,
16
);
mpz_init_set_str
(
k
,
sk
,
16
);
ecc_ecdsa_sign
(
ecc
,
_mpz_read_limbs_n
(
z
,
ecc
->
size
),
_mpz_read_limbs_n
(
k
,
ecc
->
size
),
h
->
length
,
h
->
data
,
rp
,
sp
,
scratch
);
mpz_set_str
(
ref
.
r
,
r
,
16
);
mpz_set_str
(
ref
.
s
,
s
,
16
);
if
(
_mpz_cmp_limbs
(
ref
.
r
,
rp
,
ecc
->
size
)
!=
0
||
_mpz_cmp_limbs
(
ref
.
s
,
sp
,
ecc
->
size
)
!=
0
)
{
fprintf
(
stderr
,
"_ecdsa_sign failed, bit_size = %u
\n
"
,
ecc
->
bit_size
);
gmp_fprintf
(
stderr
,
"r = %Nx
\n
"
,
rp
,
ecc
->
size
);
gmp_fprintf
(
stderr
,
"s = %Nx
\n
"
,
sp
,
ecc
->
size
);
gmp_fprintf
(
stderr
,
"ref.r = %Zx
\n
"
,
ref
.
r
);
gmp_fprintf
(
stderr
,
"ref.s = %Zx
\n
"
,
ref
.
s
);
abort
();
}
free
(
rp
);
free
(
sp
);
free
(
scratch
);
dsa_signature_clear
(
&
ref
);
mpz_clear
(
k
);
mpz_clear
(
z
);
}
void
test_main
(
void
)
{
/* Test cases for the smaller groups, verified with a
proof-of-concept implementation done for Yubico AB. */
test_ecdsa
(
&
nettle_secp_192r1
,
"DC51D3866A15BACDE33D96F992FCA99D"
"A7E6EF0934E70975"
,
/* z */
"9E56F509196784D963D1C0A401510EE7"
"ADA3DCC5DEE04B15"
,
/* k */
SHEX
(
"BA7816BF8F01CFEA414140DE5DAE2223"
"B00361A396177A9C"
),
/* h */
"8c478db6a5c131540cebc739f9c0a9a8"
"c720c2abdd14a891"
,
/* r */
"a91fb738f9f175d72f9c98527e881c36"
"8de68cb55ffe589"
);
/* s */
test_ecdsa
(
&
nettle_secp_224r1
,
"446df0a771ed58403ca9cb316e617f6b"
"158420465d00a69601e22858"
,
/* z */
"4c13f1905ad7eb201178bc08e0c9267b"
"4751c15d5e1831ca214c33f4"
,
/* z */
SHEX
(
"1b28a611fe62ab3649350525d06703ba"
"4b979a1e543566fd5caa85c6"
),
/* h */
"2cc280778f3d067df6d3adbe3a6aad63"
"bc75f08f5c5f915411902a99"
,
/* r */
"d0f069fd0f108eb07b7bbc54c8d6c88d"
"f2715c38a95c31a2b486995f"
);
/* s */
/* From RFC 4754 */
test_ecdsa
(
&
nettle_secp_256r1
,
"DC51D386 6A15BACD E33D96F9 92FCA99D"
"A7E6EF09 34E70975 59C27F16 14C88A7F"
,
/* z */
"9E56F509 196784D9 63D1C0A4 01510EE7"
"ADA3DCC5 DEE04B15 4BF61AF1 D5A6DECE"
,
/* k */
SHEX
(
"BA7816BF 8F01CFEA 414140DE 5DAE2223"
"B00361A3 96177A9C B410FF61 F20015AD"
),
/* h */
"CB28E099 9B9C7715 FD0A80D8 E47A7707"
"9716CBBF 917DD72E 97566EA1 C066957C"
,
/* r */
"86FA3BB4 E26CAD5B F90B7F81 899256CE"
"7594BB1E A0C89212 748BFF3B 3D5B0315"
);
/* s */
test_ecdsa
(
&
nettle_secp_384r1
,
"0BEB6466 34BA8773 5D77AE48 09A0EBEA"
"865535DE 4C1E1DCB 692E8470 8E81A5AF"
"62E528C3 8B2A81B3 5309668D 73524D9F"
,
/* z */
"B4B74E44 D71A13D5 68003D74 89908D56"
"4C7761E2 29C58CBF A1895009 6EB7463B"
"854D7FA9 92F934D9 27376285 E63414FA"
,
/* k */
SHEX
(
"CB00753F 45A35E8B B5A03D69 9AC65007"
"272C32AB 0EDED163 1A8B605A 43FF5BED"
"8086072B A1E7CC23 58BAECA1 34C825A7"
),
/* h */
"FB017B91 4E291494 32D8BAC2 9A514640"
"B46F53DD AB2C6994 8084E293 0F1C8F7E"
"08E07C9C 63F2D21A 07DCB56A 6AF56EB3"
,
/* r */
"B263A130 5E057F98 4D38726A 1B468741"
"09F417BC A112674C 528262A4 0A629AF1"
"CBB9F516 CE0FA7D2 FF630863 A00E8B9F"
);
/* s*/
test_ecdsa
(
&
nettle_secp_521r1
,
"0065FDA3 409451DC AB0A0EAD 45495112"
"A3D813C1 7BFD34BD F8C1209D 7DF58491"
"20597779 060A7FF9 D704ADF7 8B570FFA"
"D6F062E9 5C7E0C5D 5481C5B1 53B48B37"
"5FA1"
,
/* z */
"00C1C2B3 05419F5A 41344D7E 4359933D"
"734096F5 56197A9B 244342B8 B62F46F9"
"373778F9 DE6B6497 B1EF825F F24F42F9"
"B4A4BD73 82CFC337 8A540B1B 7F0C1B95"
"6C2F"
,
/* k */
SHEX
(
"DDAF35A1 93617ABA CC417349 AE204131"
"12E6FA4E 89A97EA2 0A9EEEE6 4B55D39A"
"2192992A 274FC1A8 36BA3C23 A3FEEBBD"
"454D4423 643CE80E 2A9AC94F A54CA49F"
),
/* h */
"0154FD38 36AF92D0 DCA57DD5 341D3053"
"988534FD E8318FC6 AAAAB68E 2E6F4339"
"B19F2F28 1A7E0B22 C269D93C F8794A92"
"78880ED7 DBB8D936 2CAEACEE 54432055"
"2251"
,
/* r */
"017705A7 030290D1 CEB605A9 A1BB03FF"
"9CDD521E 87A696EC 926C8C10 C8362DF4"
"97536710 1F67D1CF 9BCCBF2F 3D239534"
"FA509E70 AAC851AE 01AAC68D 62F86647"
"2660"
);
/* s */
}
testsuite/ecdsa-verify-test.c
0 → 100644
View file @
8cf51d22
#include
"testutils.h"
static
void
test_ecdsa
(
const
struct
ecc_curve
*
ecc
,
/* Public key */
const
char
*
xs
,
const
char
*
ys
,
/* Hash */
struct
tstring
*
h
,
/* Valid signature */
const
char
*
r
,
const
char
*
s
)
{
struct
ecc_point
pub
;
struct
dsa_signature
signature
;
mpz_t
x
,
y
;
ecc_point_init
(
&
pub
,
ecc
);
dsa_signature_init
(
&
signature
);
mpz_init_set_str
(
x
,
xs
,
16
);
mpz_init_set_str
(
y
,
ys
,
16
);
if
(
!
ecc_point_set
(
&
pub
,
x
,
y
))
die
(
"ecc_point_set failed.
\n
"
);
mpz_set_str
(
signature
.
r
,
r
,
16
);
mpz_set_str
(
signature
.
s
,
s
,
16
);
if
(
!
ecdsa_verify
(
&
pub
,
h
->
length
,
h
->
data
,
&
signature
))
{
fprintf
(
stderr
,
"ecdsa_verify failed with valid signature.
\n
"
);
fail:
fprintf
(
stderr
,
"bit_size = %u
\n
"
,
ecc
->
bit_size
);
gmp_fprintf
(
stderr
,
"x = %Zx
\n
"
,
x
);
gmp_fprintf
(
stderr
,
"y = %Zx
\n
digest "
,
y
);
print_hex
(
h
->
length
,
h
->
data
);
gmp_fprintf
(
stderr
,
"r = %Zx
\n
"
,
signature
.
r
);
gmp_fprintf
(
stderr
,
"s = %Zx
\n
"
,
signature
.
s
);
abort
();
}
mpz_combit
(
signature
.
r
,
ecc
->
bit_size
/
3
);
if
(
ecdsa_verify
(
&
pub
,
h
->
length
,
h
->
data
,
&
signature
))
{
fprintf
(
stderr
,
"ecdsa_verify unexpectedly succeeded with invalid signature.
\n
"
);
goto
fail
;
}
mpz_combit
(
signature
.
r
,
ecc
->
bit_size
/
3
);
mpz_combit
(
signature
.
s
,
4
*
ecc
->
bit_size
/
5
);
if
(
ecdsa_verify
(
&
pub
,
h
->
length
,
h
->
data
,
&
signature
))
{
fprintf
(
stderr
,
"ecdsa_verify unexpectedly succeeded with invalid signature.
\n
"
);
goto
fail
;
}
mpz_combit
(
signature
.
s
,
4
*
ecc
->
bit_size
/
5
);
h
->
data
[
2
*
h
->
length
/
3
]
^=
0x40
;
if
(
ecdsa_verify
(
&
pub
,
h
->
length
,
h
->
data
,
&
signature
))
{
fprintf
(
stderr
,
"ecdsa_verify unexpectedly succeeded with invalid signature.
\n
"
);
goto
fail
;
}
h
->
data
[
2
*
h
->
length
/
3
]
^=
0x40
;
if
(
!
ecdsa_verify
(
&
pub
,
h
->
length
,
h
->
data
,
&
signature
))
{
fprintf
(
stderr
,
"ecdsa_verify failed, internal testsuite error.
\n
"
);
goto
fail
;
}
ecc_point_clear
(
&
pub
);
dsa_signature_clear
(
&
signature
);
mpz_clear
(
x
);
mpz_clear
(
y
);
}
void
test_main
(
void
)
{
/* From RFC 4754 */
test_ecdsa
(
&
nettle_secp_256r1
,
"2442A5CC 0ECD015F A3CA31DC 8E2BBC70"
"BF42D60C BCA20085 E0822CB0 4235E970"
,
/* x */
"6FC98BD7 E50211A4 A27102FA 3549DF79"
"EBCB4BF2 46B80945 CDDFE7D5 09BBFD7D"
,
/* y */
SHEX
(
"BA7816BF 8F01CFEA 414140DE 5DAE2223"
"B00361A3 96177A9C B410FF61 F20015AD"
),
/* h */
"CB28E099 9B9C7715 FD0A80D8 E47A7707"
"9716CBBF 917DD72E 97566EA1 C066957C"
,
/* r */
"86FA3BB4 E26CAD5B F90B7F81 899256CE"
"7594BB1E A0C89212 748BFF3B 3D5B0315"
);
/* s */
test_ecdsa
(
&
nettle_secp_384r1
,
"96281BF8 DD5E0525 CA049C04 8D345D30"
"82968D10 FEDF5C5A CA0C64E6 465A97EA"
"5CE10C9D FEC21797 41571072 1F437922"
,
/* x */
"447688BA 94708EB6 E2E4D59F 6AB6D7ED"
"FF9301D2 49FE49C3 3096655F 5D502FAD"
"3D383B91 C5E7EDAA 2B714CC9 9D5743CA"
,
/* y */
SHEX
(
"CB00753F 45A35E8B B5A03D69 9AC65007"
"272C32AB 0EDED163 1A8B605A 43FF5BED"
"8086072B A1E7CC23 58BAECA1 34C825A7"
),
/* h */
"FB017B91 4E291494 32D8BAC2 9A514640"
"B46F53DD AB2C6994 8084E293 0F1C8F7E"
"08E07C9C 63F2D21A 07DCB56A 6AF56EB3"
,
/* r */
"B263A130 5E057F98 4D38726A 1B468741"
"09F417BC A112674C 528262A4 0A629AF1"
"CBB9F516 CE0FA7D2 FF630863 A00E8B9F"
);
/* s*/
test_ecdsa
(
&
nettle_secp_521r1
,
"0151518F 1AF0F563 517EDD54 85190DF9"
"5A4BF57B 5CBA4CF2 A9A3F647 4725A35F"
"7AFE0A6D DEB8BEDB CD6A197E 592D4018"
"8901CECD 650699C9 B5E456AE A5ADD190"
"52A8"
,
/* x */
"006F3B14 2EA1BFFF 7E2837AD 44C9E4FF"
"6D2D34C7 3184BBAD 90026DD5 E6E85317"
"D9DF45CA D7803C6C 20035B2F 3FF63AFF"
"4E1BA64D 1C077577 DA3F4286 C58F0AEA"
"E643"
,
/* y */
SHEX
(
"DDAF35A1 93617ABA CC417349 AE204131"
"12E6FA4E 89A97EA2 0A9EEEE6 4B55D39A"
"2192992A 274FC1A8 36BA3C23 A3FEEBBD"
"454D4423 643CE80E 2A9AC94F A54CA49F"
),
/* h */
"0154FD38 36AF92D0 DCA57DD5 341D3053"
"988534FD E8318FC6 AAAAB68E 2E6F4339"
"B19F2F28 1A7E0B22 C269D93C F8794A92"
"78880ED7 DBB8D936 2CAEACEE 54432055"
"2251"
,
/* r */
"017705A7 030290D1 CEB605A9 A1BB03FF"
"9CDD521E 87A696EC 926C8C10 C8362DF4"
"97536710 1F67D1CF 9BCCBF2F 3D239534"
"FA509E70 AAC851AE 01AAC68D 62F86647"
"2660"
);
/* s */
}
testsuite/testutils.h
View file @
8cf51d22
...
...
@@ -22,6 +22,7 @@
# include "ecc-curve.h"
# include "ecc.h"
# include "ecc-internal.h"
# include "ecdsa.h"
# include "gmp-glue.h"
#endif
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment