Skip to content
Snippets Groups Projects
Select Git revision
  • bfe24f5880b4637c24e4219024114cdd5a2d4c72
  • master default
  • wip-slh-dsa-sha2-128s
  • master-updates
  • release-3.10-fixes
  • getopt-prototype
  • fix-bcrypt-warning
  • refactor-hmac
  • wip-use-alignas
  • trim-sha3-context
  • fix-gitlab-ci
  • check-fat-emulate
  • delete-digest_func-size
  • slh-dsa-shake-128f-nettle
  • slh-dsa-shake-128s-nettle
  • slh-dsa-shake-128s
  • delete-openpgp
  • ppc64-sha512
  • delete-md5-compat
  • cleanup-hmac-tests
  • ppc64-sha256
  • nettle_3.10.2_release_20250626
  • nettle_3.10.1_release_20241230
  • nettle_3.10_release_20240616
  • nettle_3.10rc2
  • nettle_3.10rc1
  • nettle_3.9.1_release_20230601
  • nettle_3.9_release_20230514
  • nettle_3.8.1_release_20220727
  • nettle_3.8_release_20220602
  • nettle_3.7.3_release_20210606
  • nettle_3.7.2_release_20210321
  • nettle_3.7.1_release_20210217
  • nettle_3.7_release_20210104
  • nettle_3.7rc1
  • nettle_3.6_release_20200429
  • nettle_3.6rc3
  • nettle_3.6rc2
  • nettle_3.6rc1
  • nettle_3.5.1_release_20190627
  • nettle_3.5_release_20190626
41 results

ecdsa-verify-test.c

Blame
    • Niels Möller's avatar
    Delete tests and code for ecdsa over curve25519.
    Niels Möller authored 
    * ecc-eh-to-a.c (ecc_eh_to_a): Require op == 0, delete code only
used for non-standard ecdsa over curve25519.
* testsuite/ecdsa-sign-test.c (test_main): Delete test of ecdsa
over curve25519.
* testsuite/ecdsa-verify-test.c (test_main): Likewise.
* testsuite/ecdsa-keygen-test.c (test_main): Exclude curve25519
from test.
    bfe24f58
    History
    Niels Möller's avatar bfe24f58
    History
    ecdsa-verify-test.c 4.56 KiB 
    #include "testutils.h"

static void
test_ecdsa (const struct ecc_curve *ecc,
	    /* Public key */
	    const char *xs, const char *ys,
	    /* Hash */
	    struct tstring *h,
	    /* Valid signature */
	    const char *r, const char *s)
{
  struct ecc_point pub;
  struct dsa_signature signature;
  mpz_t x, y;

  ecc_point_init (&pub, ecc);
  dsa_signature_init (&signature);

  mpz_init_set_str (x, xs, 16);
  mpz_init_set_str (y, ys, 16);

  if (!ecc_point_set (&pub, x, y))
    die ("ecc_point_set failed.\n");

  mpz_set_str (signature.r, r, 16);
  mpz_set_str (signature.s, s, 16);

  if (!ecdsa_verify (&pub, h->length, h->data, &signature))
    {
      fprintf (stderr, "ecdsa_verify failed with valid signature.\n");
    fail:
      fprintf (stderr, "bit_size = %u\nx = ", ecc->p.bit_size);
      mpz_out_str (stderr, 16, x);
      fprintf (stderr, "\ny = ");
      mpz_out_str (stderr, 16, y);
      fprintf (stderr, "\ndigest ");
      print_hex (h->length, h->data);
      fprintf (stderr, "r = ");
      mpz_out_str (stderr, 16, signature.r);
      fprintf (stderr, "\ns = ");
      mpz_out_str (stderr, 16, signature.s);
      fprintf (stderr, "\n");
      abort();
    }

  mpz_combit (signature.r, ecc->p.bit_size / 3);
  if (ecdsa_verify (&pub, h->length, h->data, &signature))
    {
      fprintf (stderr, "ecdsa_verify unexpectedly succeeded with invalid signature.\n");
      goto fail;
    }
  mpz_combit (signature.r, ecc->p.bit_size / 3);
  
  mpz_combit (signature.s, 4*ecc->p.bit_size / 5);
  if (ecdsa_verify (&pub, h->length, h->data, &signature))
    {
      fprintf (stderr, "ecdsa_verify unexpectedly succeeded with invalid signature.\n");
      goto fail;
    }
  mpz_combit (signature.s, 4*ecc->p.bit_size / 5);

  h->data[2*h->length / 3] ^= 0x40;
  if (ecdsa_verify (&pub, h->length, h->data, &signature))
    {
      fprintf (stderr, "ecdsa_verify unexpectedly succeeded with invalid signature.\n");
      goto fail;
    }
  h->data[2*h->length / 3] ^= 0x40;
  if (!ecdsa_verify (&pub, h->length, h->data, &signature))
    {
          fprintf (stderr, "ecdsa_verify failed, internal testsuite error.\n");
      goto fail;
    }

  ecc_point_clear (&pub);
  dsa_signature_clear (&signature);
  mpz_clear (x);
  mpz_clear (y);  
}

void
test_main (void)
{
  /* From RFC 4754 */
  test_ecdsa (&_nettle_secp_256r1,
	      "2442A5CC 0ECD015F A3CA31DC 8E2BBC70"
	      "BF42D60C BCA20085 E0822CB0 4235E970",  /* x */

	      "6FC98BD7 E50211A4 A27102FA 3549DF79"
	      "EBCB4BF2 46B80945 CDDFE7D5 09BBFD7D",  /* y */

	      SHEX("BA7816BF 8F01CFEA 414140DE 5DAE2223"
		   "B00361A3 96177A9C B410FF61 F20015AD"),  /* h */
	      
	      "CB28E099 9B9C7715 FD0A80D8 E47A7707"
	      "9716CBBF 917DD72E 97566EA1 C066957C",  /* r */
	      "86FA3BB4 E26CAD5B F90B7F81 899256CE"
	      "7594BB1E A0C89212 748BFF3B 3D5B0315"); /* s */

  test_ecdsa (&_nettle_secp_384r1,
	      "96281BF8 DD5E0525 CA049C04 8D345D30"
	      "82968D10 FEDF5C5A CA0C64E6 465A97EA"
	      "5CE10C9D FEC21797 41571072 1F437922",  /* x */

	      "447688BA 94708EB6 E2E4D59F 6AB6D7ED"
	      "FF9301D2 49FE49C3 3096655F 5D502FAD"
	      "3D383B91 C5E7EDAA 2B714CC9 9D5743CA",  /* y */

	      SHEX("CB00753F 45A35E8B B5A03D69 9AC65007"
		   "272C32AB 0EDED163 1A8B605A 43FF5BED"
		   "8086072B A1E7CC23 58BAECA1 34C825A7"),  /* h */

	      "FB017B91 4E291494 32D8BAC2 9A514640"
	      "B46F53DD AB2C6994 8084E293 0F1C8F7E"
	      "08E07C9C 63F2D21A 07DCB56A 6AF56EB3",  /* r */
	      "B263A130 5E057F98 4D38726A 1B468741"
	      "09F417BC A112674C 528262A4 0A629AF1"
	      "CBB9F516 CE0FA7D2 FF630863 A00E8B9F"); /* s*/

  test_ecdsa (&_nettle_secp_521r1,
	      "0151518F 1AF0F563 517EDD54 85190DF9"
	      "5A4BF57B 5CBA4CF2 A9A3F647 4725A35F"
	      "7AFE0A6D DEB8BEDB CD6A197E 592D4018"
	      "8901CECD 650699C9 B5E456AE A5ADD190"
	      "52A8", /* x */

	      "006F3B14 2EA1BFFF 7E2837AD 44C9E4FF"
	      "6D2D34C7 3184BBAD 90026DD5 E6E85317"
	      "D9DF45CA D7803C6C 20035B2F 3FF63AFF"
	      "4E1BA64D 1C077577 DA3F4286 C58F0AEA"
	      "E643", /* y */

	      SHEX("DDAF35A1 93617ABA CC417349 AE204131" 
		   "12E6FA4E 89A97EA2 0A9EEEE6 4B55D39A"
		   "2192992A 274FC1A8 36BA3C23 A3FEEBBD" 
		   "454D4423 643CE80E 2A9AC94F A54CA49F"), /* h */

	      "0154FD38 36AF92D0 DCA57DD5 341D3053" 
	      "988534FD E8318FC6 AAAAB68E 2E6F4339"
	      "B19F2F28 1A7E0B22 C269D93C F8794A92" 
    	      "78880ED7 DBB8D936 2CAEACEE 54432055"
	      "2251", /* r */
	      "017705A7 030290D1 CEB605A9 A1BB03FF"
	      "9CDD521E 87A696EC 926C8C10 C8362DF4"
	      "97536710 1F67D1CF 9BCCBF2F 3D239534" 
	      "FA509E70 AAC851AE 01AAC68D 62F86647"
	      "2660"); /* s */
}