Fix the Changelog and extend tests to cover the hash of all-bits zero
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
This commit is contained in:
parent
782a7eab14
commit
5feb6702dd
2 changed files with 78 additions and 50 deletions
|
@ -1,4 +1,4 @@
|
|||
Bugfix
|
||||
* Fix a bug in ECDSA that would cause it to fail when the payload is all-bits
|
||||
* Fix a bug in ECDSA that would cause it to fail when the hash is all-bits
|
||||
zero.
|
||||
Fixes #1792
|
||||
|
|
|
@ -212,6 +212,7 @@ void ecdsa_prim_random( int id )
|
|||
mbedtls_mpi d, r, s;
|
||||
mbedtls_test_rnd_pseudo_info rnd_info;
|
||||
unsigned char buf[MBEDTLS_MD_MAX_SIZE];
|
||||
int test_runs = 2;
|
||||
|
||||
mbedtls_ecp_group_init( &grp );
|
||||
mbedtls_ecp_point_init( &Q );
|
||||
|
@ -219,18 +220,31 @@ void ecdsa_prim_random( int id )
|
|||
memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) );
|
||||
memset( buf, 0, sizeof( buf ) );
|
||||
|
||||
/* prepare material for signature */
|
||||
TEST_ASSERT( mbedtls_test_rnd_pseudo_rand( &rnd_info,
|
||||
buf, sizeof( buf ) ) == 0 );
|
||||
TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
|
||||
TEST_ASSERT( mbedtls_ecp_gen_keypair( &grp, &d, &Q,
|
||||
&mbedtls_test_rnd_pseudo_rand,
|
||||
&rnd_info ) == 0 );
|
||||
while ( test_runs-- )
|
||||
{
|
||||
/* prepare material for signature */
|
||||
if ( test_runs == 1 )
|
||||
{
|
||||
TEST_ASSERT( mbedtls_test_rnd_pseudo_rand( &rnd_info,
|
||||
buf, sizeof( buf ) )
|
||||
== 0 );
|
||||
} else {
|
||||
TEST_ASSERT( mbedtls_test_rnd_zero_rand( NULL,
|
||||
buf, sizeof( buf ) )
|
||||
== 0 );
|
||||
}
|
||||
|
||||
TEST_ASSERT( mbedtls_ecdsa_sign( &grp, &r, &s, &d, buf, sizeof( buf ),
|
||||
&mbedtls_test_rnd_pseudo_rand,
|
||||
&rnd_info ) == 0 );
|
||||
TEST_ASSERT( mbedtls_ecdsa_verify( &grp, buf, sizeof( buf ), &Q, &r, &s ) == 0 );
|
||||
TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
|
||||
TEST_ASSERT( mbedtls_ecp_gen_keypair( &grp, &d, &Q,
|
||||
&mbedtls_test_rnd_pseudo_rand,
|
||||
&rnd_info ) == 0 );
|
||||
|
||||
TEST_ASSERT( mbedtls_ecdsa_sign( &grp, &r, &s, &d, buf, sizeof( buf ),
|
||||
&mbedtls_test_rnd_pseudo_rand,
|
||||
&rnd_info ) == 0 );
|
||||
TEST_ASSERT( mbedtls_ecdsa_verify( &grp, buf, sizeof( buf ), &Q, &r, &s )
|
||||
== 0 );
|
||||
}
|
||||
|
||||
exit:
|
||||
mbedtls_ecp_group_free( &grp );
|
||||
|
@ -354,56 +368,70 @@ void ecdsa_write_read_random( int id )
|
|||
unsigned char hash[32];
|
||||
unsigned char sig[200];
|
||||
size_t sig_len, i;
|
||||
int test_runs = 2;
|
||||
|
||||
mbedtls_ecdsa_init( &ctx );
|
||||
memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) );
|
||||
memset( hash, 0, sizeof( hash ) );
|
||||
memset( sig, 0x2a, sizeof( sig ) );
|
||||
|
||||
/* prepare material for signature */
|
||||
TEST_ASSERT( mbedtls_test_rnd_pseudo_rand( &rnd_info,
|
||||
hash, sizeof( hash ) ) == 0 );
|
||||
while ( test_runs-- )
|
||||
{
|
||||
memset( sig, 0x2a, sizeof( sig ) );
|
||||
|
||||
/* generate signing key */
|
||||
TEST_ASSERT( mbedtls_ecdsa_genkey( &ctx, id,
|
||||
&mbedtls_test_rnd_pseudo_rand,
|
||||
&rnd_info ) == 0 );
|
||||
/* prepare material for signature */
|
||||
if ( test_runs == 1 )
|
||||
{
|
||||
TEST_ASSERT( mbedtls_test_rnd_pseudo_rand( &rnd_info,
|
||||
hash, sizeof( hash ) )
|
||||
== 0 );
|
||||
} else {
|
||||
TEST_ASSERT( mbedtls_test_rnd_zero_rand( NULL,
|
||||
hash, sizeof( hash ) )
|
||||
== 0 );
|
||||
}
|
||||
|
||||
/* generate and write signature, then read and verify it */
|
||||
TEST_ASSERT( mbedtls_ecdsa_write_signature( &ctx, MBEDTLS_MD_SHA256,
|
||||
hash, sizeof( hash ),
|
||||
sig, &sig_len, &mbedtls_test_rnd_pseudo_rand,
|
||||
&rnd_info ) == 0 );
|
||||
TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ),
|
||||
sig, sig_len ) == 0 );
|
||||
/* generate signing key */
|
||||
TEST_ASSERT( mbedtls_ecdsa_genkey( &ctx, id,
|
||||
&mbedtls_test_rnd_pseudo_rand,
|
||||
&rnd_info ) == 0 );
|
||||
|
||||
/* check we didn't write past the announced length */
|
||||
for( i = sig_len; i < sizeof( sig ); i++ )
|
||||
TEST_ASSERT( sig[i] == 0x2a );
|
||||
/* generate and write signature, then read and verify it */
|
||||
TEST_ASSERT( mbedtls_ecdsa_write_signature( &ctx, MBEDTLS_MD_SHA256,
|
||||
hash, sizeof( hash ),
|
||||
sig, &sig_len, &mbedtls_test_rnd_pseudo_rand,
|
||||
&rnd_info ) == 0 );
|
||||
|
||||
/* try verification with invalid length */
|
||||
TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ),
|
||||
sig, sig_len - 1 ) != 0 );
|
||||
TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ),
|
||||
sig, sig_len + 1 ) != 0 );
|
||||
TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ),
|
||||
sig, sig_len ) == 0 );
|
||||
|
||||
/* try invalid sequence tag */
|
||||
sig[0]++;
|
||||
TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ),
|
||||
sig, sig_len ) != 0 );
|
||||
sig[0]--;
|
||||
/* check we didn't write past the announced length */
|
||||
for( i = sig_len; i < sizeof( sig ); i++ )
|
||||
TEST_ASSERT( sig[i] == 0x2a );
|
||||
|
||||
/* try modifying r */
|
||||
sig[10]++;
|
||||
TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ),
|
||||
sig, sig_len ) == MBEDTLS_ERR_ECP_VERIFY_FAILED );
|
||||
sig[10]--;
|
||||
/* try verification with invalid length */
|
||||
TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ),
|
||||
sig, sig_len - 1 ) != 0 );
|
||||
TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ),
|
||||
sig, sig_len + 1 ) != 0 );
|
||||
|
||||
/* try modifying s */
|
||||
sig[sig_len - 1]++;
|
||||
TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ),
|
||||
sig, sig_len ) == MBEDTLS_ERR_ECP_VERIFY_FAILED );
|
||||
sig[sig_len - 1]--;
|
||||
/* try invalid sequence tag */
|
||||
sig[0]++;
|
||||
TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ),
|
||||
sig, sig_len ) != 0 );
|
||||
sig[0]--;
|
||||
|
||||
/* try modifying r */
|
||||
sig[10]++;
|
||||
TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ),
|
||||
sig, sig_len ) == MBEDTLS_ERR_ECP_VERIFY_FAILED );
|
||||
sig[10]--;
|
||||
|
||||
/* try modifying s */
|
||||
sig[sig_len - 1]++;
|
||||
TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ),
|
||||
sig, sig_len ) == MBEDTLS_ERR_ECP_VERIFY_FAILED );
|
||||
sig[sig_len - 1]--;
|
||||
}
|
||||
|
||||
exit:
|
||||
mbedtls_ecdsa_free( &ctx );
|
||||
|
|
Loading…
Reference in a new issue