diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function index 2f1b26cf8..208e7e675 100644 --- a/tests/suites/helpers.function +++ b/tests/suites/helpers.function @@ -218,3 +218,49 @@ static int rnd_pseudo_rand( void *rng_state, unsigned char *output, size_t len ) return( 0 ); } + +/** + * This function returns a buffer given as a hex string. + * + * The buffer is reversed so that the following are equivalent: + * mpi_fill_random( x, len, not_rnd, str ); + * mpi_read_string( x, 16, str ); + * (So, not random at all. Usefull to match test vectors.) + * Based on unhexify(), just reversed (changes marked by "sic") + */ +static int not_rnd( void *in, unsigned char *out, size_t len ) +{ + unsigned char *obuf; + const char *ibuf = in; + unsigned char c, c2; + assert( len == strlen(ibuf) / 2 ); + assert(!(strlen(ibuf) %1)); // must be even number of bytes + + obuf = out + (len - 1); // sic + while (*ibuf != 0) + { + c = *ibuf++; + if( c >= '0' && c <= '9' ) + c -= '0'; + else if( c >= 'a' && c <= 'f' ) + c -= 'a' - 10; + else if( c >= 'A' && c <= 'F' ) + c -= 'A' - 10; + else + assert( 0 ); + + c2 = *ibuf++; + if( c2 >= '0' && c2 <= '9' ) + c2 -= '0'; + else if( c2 >= 'a' && c2 <= 'f' ) + c2 -= 'a' - 10; + else if( c2 >= 'A' && c2 <= 'F' ) + c2 -= 'A' - 10; + else + assert( 0 ); + + *obuf-- = ( c << 4 ) | c2; // sic + } + + return( 0 ); +} diff --git a/tests/suites/test_suite_ecdsa.data b/tests/suites/test_suite_ecdsa.data index b13d8889b..15848bc2e 100644 --- a/tests/suites/test_suite_ecdsa.data +++ b/tests/suites/test_suite_ecdsa.data @@ -1,15 +1,24 @@ -ECDSA sign-verify #1 -ecdsa_sign_verify:SECP192R1 +ECDSA random sign-verify #1 +ecdsa_random:SECP192R1 -ECDSA sign-verify #2 -ecdsa_sign_verify:SECP224R1 +ECDSA random sign-verify #2 +ecdsa_random:SECP224R1 -ECDSA sign-verify #3 -ecdsa_sign_verify:SECP256R1 +ECDSA random sign-verify #3 +ecdsa_random:SECP256R1 -ECDSA sign-verify #4 -ecdsa_sign_verify:SECP384R1 +ECDSA random sign-verify #4 +ecdsa_random:SECP384R1 -ECDSA sign-verify #5 -ecdsa_sign_verify:SECP521R1 +ECDSA random sign-verify #5 +ecdsa_random:SECP521R1 + +ECDSA rfc 4754 p256 +ecdsa_test_vectors:SECP256R1:DC51D3866A15BACDE33D96F992FCA99DA7E6EF0934E7097559C27F1614C88A7F:2442A5CC0ECD015FA3CA31DC8E2BBC70BF42D60CBCA20085E0822CB04235E970:6FC98BD7E50211A4A27102FA3549DF79EBCB4BF246B80945CDDFE7D509BBFD7D:9E56F509196784D963D1C0A401510EE7ADA3DCC5DEE04B154BF61AF1D5A6DECE:BA7816BF8F01CFEA414140DE5DAE2223B00361A396177A9CB410FF61F20015AD:CB28E0999B9C7715FD0A80D8E47A77079716CBBF917DD72E97566EA1C066957C:86FA3BB4E26CAD5BF90B7F81899256CE7594BB1EA0C89212748BFF3B3D5B0315 + +ECDSA rfc 4754 p384 +ecdsa_test_vectors:SECP384R1:0BEB646634BA87735D77AE4809A0EBEA865535DE4C1E1DCB692E84708E81A5AF62E528C38B2A81B35309668D73524D9F:96281BF8DD5E0525CA049C048D345D3082968D10FEDF5C5ACA0C64E6465A97EA5CE10C9DFEC21797415710721F437922:447688BA94708EB6E2E4D59F6AB6D7EDFF9301D249FE49C33096655F5D502FAD3D383B91C5E7EDAA2B714CC99D5743CA:B4B74E44D71A13D568003D7489908D564C7761E229C58CBFA18950096EB7463B854D7FA992F934D927376285E63414FA:CB00753F45A35E8BB5A03D699AC65007272C32AB0EDED1631A8B605A43FF5BED8086072BA1E7CC2358BAECA134C825A7:FB017B914E29149432D8BAC29A514640B46F53DDAB2C69948084E2930F1C8F7E08E07C9C63F2D21A07DCB56A6AF56EB3:B263A1305E057F984D38726A1B46874109F417BCA112674C528262A40A629AF1CBB9F516CE0FA7D2FF630863A00E8B9F + +ECDSA sign rfc 4754 p521 +ecdsa_test_vectors:SECP521R1:0065FDA3409451DCAB0A0EAD45495112A3D813C17BFD34BDF8C1209D7DF5849120597779060A7FF9D704ADF78B570FFAD6F062E95C7E0C5D5481C5B153B48B375FA1:0151518F1AF0F563517EDD5485190DF95A4BF57B5CBA4CF2A9A3F6474725A35F7AFE0A6DDEB8BEDBCD6A197E592D40188901CECD650699C9B5E456AEA5ADD19052A8:006F3B142EA1BFFF7E2837AD44C9E4FF6D2D34C73184BBAD90026DD5E6E85317D9DF45CAD7803C6C20035B2F3FF63AFF4E1BA64D1C077577DA3F4286C58F0AEAE643:00C1C2B305419F5A41344D7E4359933D734096F556197A9B244342B8B62F46F9373778F9DE6B6497B1EF825FF24F42F9B4A4BD7382CFC3378A540B1B7F0C1B956C2F:DDAF35A193617ABACC417349AE20413112E6FA4E89A97EA20A9EEEE64B55D39A2192992A274FC1A836BA3C23A3FEEBBD454D4423643CE80E2A9AC94FA54CA49F:0154FD3836AF92D0DCA57DD5341D3053988534FDE8318FC6AAAAB68E2E6F4339B19F2F281A7E0B22C269D93CF8794A9278880ED7DBB8D9362CAEACEE544320552251:017705A7030290D1CEB605A9A1BB03FF9CDD521E87A696EC926C8C10C8362DF4975367101F67D1CF9BCCBF2F3D239534FA509E70AAC851AE01AAC68D62F866472660 diff --git a/tests/suites/test_suite_ecdsa.function b/tests/suites/test_suite_ecdsa.function index e90938c63..89f9979a6 100644 --- a/tests/suites/test_suite_ecdsa.function +++ b/tests/suites/test_suite_ecdsa.function @@ -7,7 +7,7 @@ depends_on:POLARSSL_ECDSA_C:POLARSSL_ECP_C:POLARSSL_BIGNUM_C END_DEPENDENCIES BEGIN_CASE -ecdsa_sign_verify:id +ecdsa_random:id { ecp_group grp; ecp_point Q; @@ -35,3 +35,39 @@ ecdsa_sign_verify:id mpi_free( &d ); mpi_free( &r ); mpi_free( &s ); } END_CASE + +BEGIN_CASE +ecdsa_test_vectors:id:d:xQ:yQ:k:hash:r:s +{ + ecp_group grp; + ecp_point Q; + mpi d, r, s, r_check, s_check; + unsigned char buf[66]; + size_t len; + + ecp_group_init( &grp ); + ecp_point_init( &Q ); + mpi_init( &d ); mpi_init( &r ); mpi_init( &s ); + mpi_init( &r_check ); mpi_init( &s_check ); + + TEST_ASSERT( ecp_use_known_dp( &grp, POLARSSL_ECP_DP_{id} ) == 0 ); + TEST_ASSERT( ecp_point_read_string( &Q, 16, "{xQ}", "{yQ}" ) == 0 ); + TEST_ASSERT( mpi_read_string( &d, 16, "{d}" ) == 0 ); + TEST_ASSERT( mpi_read_string( &r_check, 16, "{r}" ) == 0 ); + TEST_ASSERT( mpi_read_string( &s_check, 16, "{s}" ) == 0 ); + len = unhexify(buf, "{hash}"); + + TEST_ASSERT( ecdsa_sign( &grp, &r, &s, &d, buf, len, + ¬_rnd, "{k}" ) == 0 ); + + TEST_ASSERT( mpi_cmp_mpi( &r, &r_check ) == 0 ); + TEST_ASSERT( mpi_cmp_mpi( &s, &s_check ) == 0 ); + + TEST_ASSERT( ecdsa_verify( &grp, buf, len, &Q, &r_check, &s_check ) == 0 ); + + ecp_group_free( &grp ); + ecp_point_free( &Q ); + mpi_free( &d ); mpi_free( &r ); mpi_free( &s ); + mpi_free( &r_check ); mpi_free( &s_check ); +} +END_CASE