PolarSSL v1.3.9
test_suite_ecdsa.c
Go to the documentation of this file.
1#if !defined(POLARSSL_CONFIG_FILE)
2#include <polarssl/config.h>
3#else
4#include POLARSSL_CONFIG_FILE
5#endif
6
7#ifdef POLARSSL_ECDSA_C
8
9#include <polarssl/ecdsa.h>
10#endif /* POLARSSL_ECDSA_C */
11
12
13#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
14#include "polarssl/memory.h"
15#endif
16
17#if defined(POLARSSL_PLATFORM_C)
18#include "polarssl/platform.h"
19#else
20#define polarssl_malloc malloc
21#define polarssl_free free
22#endif
23
24#ifdef _MSC_VER
25#include <basetsd.h>
26typedef UINT32 uint32_t;
27#else
28#include <inttypes.h>
29#endif
30
31#include <assert.h>
32#include <stdlib.h>
33#include <string.h>
34
35/*
36 * 32-bit integer manipulation macros (big endian)
37 */
38#ifndef GET_UINT32_BE
39#define GET_UINT32_BE(n,b,i) \
40{ \
41 (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
42 | ( (uint32_t) (b)[(i) + 1] << 16 ) \
43 | ( (uint32_t) (b)[(i) + 2] << 8 ) \
44 | ( (uint32_t) (b)[(i) + 3] ); \
45}
46#endif
47
48#ifndef PUT_UINT32_BE
49#define PUT_UINT32_BE(n,b,i) \
50{ \
51 (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
52 (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
53 (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
54 (b)[(i) + 3] = (unsigned char) ( (n) ); \
55}
56#endif
57
58static int unhexify(unsigned char *obuf, const char *ibuf)
59{
60 unsigned char c, c2;
61 int len = strlen(ibuf) / 2;
62 assert(!(strlen(ibuf) %1)); // must be even number of bytes
63
64 while (*ibuf != 0)
65 {
66 c = *ibuf++;
67 if( c >= '0' && c <= '9' )
68 c -= '0';
69 else if( c >= 'a' && c <= 'f' )
70 c -= 'a' - 10;
71 else if( c >= 'A' && c <= 'F' )
72 c -= 'A' - 10;
73 else
74 assert( 0 );
75
76 c2 = *ibuf++;
77 if( c2 >= '0' && c2 <= '9' )
78 c2 -= '0';
79 else if( c2 >= 'a' && c2 <= 'f' )
80 c2 -= 'a' - 10;
81 else if( c2 >= 'A' && c2 <= 'F' )
82 c2 -= 'A' - 10;
83 else
84 assert( 0 );
85
86 *obuf++ = ( c << 4 ) | c2;
87 }
88
89 return len;
90}
91
92static void hexify(unsigned char *obuf, const unsigned char *ibuf, int len)
93{
94 unsigned char l, h;
95
96 while (len != 0)
97 {
98 h = (*ibuf) / 16;
99 l = (*ibuf) % 16;
100
101 if( h < 10 )
102 *obuf++ = '0' + h;
103 else
104 *obuf++ = 'a' + h - 10;
105
106 if( l < 10 )
107 *obuf++ = '0' + l;
108 else
109 *obuf++ = 'a' + l - 10;
110
111 ++ibuf;
112 len--;
113 }
114}
115
123static unsigned char *zero_alloc( size_t len )
124{
125 void *p;
126 size_t actual_len = len != 0 ? len : 1;
127
128 p = polarssl_malloc( actual_len );
129 assert( p != NULL );
130
131 memset( p, 0x00, actual_len );
132
133 return( p );
134}
135
146static unsigned char *unhexify_alloc( const char *ibuf, size_t *olen )
147{
148 unsigned char *obuf;
149
150 *olen = strlen(ibuf) / 2;
151
152 if( *olen == 0 )
153 return( zero_alloc( *olen ) );
154
155 obuf = polarssl_malloc( *olen );
156 assert( obuf != NULL );
157
158 (void) unhexify( obuf, ibuf );
159
160 return( obuf );
161}
162
172static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len )
173{
174#if !defined(__OpenBSD__)
175 size_t i;
176
177 if( rng_state != NULL )
178 rng_state = NULL;
179
180 for( i = 0; i < len; ++i )
181 output[i] = rand();
182#else
183 if( rng_state != NULL )
184 rng_state = NULL;
185
186 arc4random_buf( output, len );
187#endif /* !OpenBSD */
188
189 return( 0 );
190}
191
197static int rnd_zero_rand( void *rng_state, unsigned char *output, size_t len )
198{
199 if( rng_state != NULL )
200 rng_state = NULL;
201
202 memset( output, 0, len );
203
204 return( 0 );
205}
206
207typedef struct
208{
209 unsigned char *buf;
210 size_t length;
211} rnd_buf_info;
212
224static int rnd_buffer_rand( void *rng_state, unsigned char *output, size_t len )
225{
226 rnd_buf_info *info = (rnd_buf_info *) rng_state;
227 size_t use_len;
228
229 if( rng_state == NULL )
230 return( rnd_std_rand( NULL, output, len ) );
231
232 use_len = len;
233 if( len > info->length )
234 use_len = info->length;
235
236 if( use_len )
237 {
238 memcpy( output, info->buf, use_len );
239 info->buf += use_len;
240 info->length -= use_len;
241 }
242
243 if( len - use_len > 0 )
244 return( rnd_std_rand( NULL, output + use_len, len - use_len ) );
245
246 return( 0 );
247}
248
256typedef struct
257{
258 uint32_t key[16];
259 uint32_t v0, v1;
260} rnd_pseudo_info;
261
270static int rnd_pseudo_rand( void *rng_state, unsigned char *output, size_t len )
271{
272 rnd_pseudo_info *info = (rnd_pseudo_info *) rng_state;
273 uint32_t i, *k, sum, delta=0x9E3779B9;
274 unsigned char result[4], *out = output;
275
276 if( rng_state == NULL )
277 return( rnd_std_rand( NULL, output, len ) );
278
279 k = info->key;
280
281 while( len > 0 )
282 {
283 size_t use_len = ( len > 4 ) ? 4 : len;
284 sum = 0;
285
286 for( i = 0; i < 32; i++ )
287 {
288 info->v0 += (((info->v1 << 4) ^ (info->v1 >> 5)) + info->v1) ^ (sum + k[sum & 3]);
289 sum += delta;
290 info->v1 += (((info->v0 << 4) ^ (info->v0 >> 5)) + info->v0) ^ (sum + k[(sum>>11) & 3]);
291 }
292
293 PUT_UINT32_BE( info->v0, result, 0 );
294 memcpy( out, result, use_len );
295 len -= use_len;
296 out += 4;
297 }
298
299 return( 0 );
300}
301
302
303#include <stdio.h>
304#include <string.h>
305
306#if defined(POLARSSL_PLATFORM_C)
307#include "polarssl/platform.h"
308#else
309#define polarssl_printf printf
310#define polarssl_malloc malloc
311#define polarssl_free free
312#endif
313
314static int test_errors = 0;
315
316#ifdef POLARSSL_ECDSA_C
317
318#define TEST_SUITE_ACTIVE
319
320static int test_assert( int correct, const char *test )
321{
322 if( correct )
323 return( 0 );
324
325 test_errors++;
326 if( test_errors == 1 )
327 printf( "FAILED\n" );
328 printf( " %s\n", test );
329
330 return( 1 );
331}
332
333#define TEST_ASSERT( TEST ) \
334 do { test_assert( (TEST) ? 1 : 0, #TEST ); \
335 if( test_errors) goto exit; \
336 } while (0)
337
338int verify_string( char **str )
339{
340 if( (*str)[0] != '"' ||
341 (*str)[strlen( *str ) - 1] != '"' )
342 {
343 printf( "Expected string (with \"\") for parameter and got: %s\n", *str );
344 return( -1 );
345 }
346
347 (*str)++;
348 (*str)[strlen( *str ) - 1] = '\0';
349
350 return( 0 );
351}
352
353int verify_int( char *str, int *value )
354{
355 size_t i;
356 int minus = 0;
357 int digits = 1;
358 int hex = 0;
359
360 for( i = 0; i < strlen( str ); i++ )
361 {
362 if( i == 0 && str[i] == '-' )
363 {
364 minus = 1;
365 continue;
366 }
367
368 if( ( ( minus && i == 2 ) || ( !minus && i == 1 ) ) &&
369 str[i - 1] == '0' && str[i] == 'x' )
370 {
371 hex = 1;
372 continue;
373 }
374
375 if( ! ( ( str[i] >= '0' && str[i] <= '9' ) ||
376 ( hex && ( ( str[i] >= 'a' && str[i] <= 'f' ) ||
377 ( str[i] >= 'A' && str[i] <= 'F' ) ) ) ) )
378 {
379 digits = 0;
380 break;
381 }
382 }
383
384 if( digits )
385 {
386 if( hex )
387 *value = strtol( str, NULL, 16 );
388 else
389 *value = strtol( str, NULL, 10 );
390
391 return( 0 );
392 }
393
394 if( strcmp( str, "POLARSSL_ECP_DP_SECP384R1" ) == 0 )
395 {
396 *value = ( POLARSSL_ECP_DP_SECP384R1 );
397 return( 0 );
398 }
399 if( strcmp( str, "POLARSSL_ECP_DP_SECP192R1" ) == 0 )
400 {
401 *value = ( POLARSSL_ECP_DP_SECP192R1 );
402 return( 0 );
403 }
404 if( strcmp( str, "POLARSSL_ECP_DP_SECP224R1" ) == 0 )
405 {
406 *value = ( POLARSSL_ECP_DP_SECP224R1 );
407 return( 0 );
408 }
409 if( strcmp( str, "POLARSSL_ECP_DP_SECP256R1" ) == 0 )
410 {
411 *value = ( POLARSSL_ECP_DP_SECP256R1 );
412 return( 0 );
413 }
414#ifdef POLARSSL_ECDSA_DETERMINISTIC
415 if( strcmp( str, "POLARSSL_MD_SHA512" ) == 0 )
416 {
417 *value = ( POLARSSL_MD_SHA512 );
418 return( 0 );
419 }
420#endif // POLARSSL_ECDSA_DETERMINISTIC
421#ifdef POLARSSL_ECDSA_DETERMINISTIC
422 if( strcmp( str, "POLARSSL_MD_SHA384" ) == 0 )
423 {
424 *value = ( POLARSSL_MD_SHA384 );
425 return( 0 );
426 }
427#endif // POLARSSL_ECDSA_DETERMINISTIC
428#ifdef POLARSSL_ECDSA_DETERMINISTIC
429 if( strcmp( str, "POLARSSL_MD_SHA256" ) == 0 )
430 {
431 *value = ( POLARSSL_MD_SHA256 );
432 return( 0 );
433 }
434#endif // POLARSSL_ECDSA_DETERMINISTIC
435 if( strcmp( str, "POLARSSL_ECP_DP_SECP521R1" ) == 0 )
436 {
437 *value = ( POLARSSL_ECP_DP_SECP521R1 );
438 return( 0 );
439 }
440#ifdef POLARSSL_ECDSA_DETERMINISTIC
441 if( strcmp( str, "POLARSSL_MD_SHA1" ) == 0 )
442 {
443 *value = ( POLARSSL_MD_SHA1 );
444 return( 0 );
445 }
446#endif // POLARSSL_ECDSA_DETERMINISTIC
447#ifdef POLARSSL_ECDSA_DETERMINISTIC
448 if( strcmp( str, "POLARSSL_MD_SHA224" ) == 0 )
449 {
450 *value = ( POLARSSL_MD_SHA224 );
451 return( 0 );
452 }
453#endif // POLARSSL_ECDSA_DETERMINISTIC
454
455
456 printf( "Expected integer for parameter and got: %s\n", str );
457 return( -1 );
458}
459
460void test_suite_ecdsa_prim_random( int id )
461{
462 ecp_group grp;
463 ecp_point Q;
464 mpi d, r, s;
465 rnd_pseudo_info rnd_info;
466 unsigned char buf[66];
467
468 ecp_group_init( &grp );
469 ecp_point_init( &Q );
470 mpi_init( &d ); mpi_init( &r ); mpi_init( &s );
471 memset( &rnd_info, 0x00, sizeof( rnd_pseudo_info ) );
472 memset( buf, 0, sizeof( buf ) );
473
474 /* prepare material for signature */
475 TEST_ASSERT( rnd_pseudo_rand( &rnd_info, buf, sizeof( buf ) ) == 0 );
476 TEST_ASSERT( ecp_use_known_dp( &grp, id ) == 0 );
477 TEST_ASSERT( ecp_gen_keypair( &grp, &d, &Q, &rnd_pseudo_rand, &rnd_info )
478 == 0 );
479
480 TEST_ASSERT( ecdsa_sign( &grp, &r, &s, &d, buf, sizeof( buf ),
481 &rnd_pseudo_rand, &rnd_info ) == 0 );
482 TEST_ASSERT( ecdsa_verify( &grp, buf, sizeof( buf ), &Q, &r, &s ) == 0 );
483
484exit:
485 ecp_group_free( &grp );
486 ecp_point_free( &Q );
487 mpi_free( &d ); mpi_free( &r ); mpi_free( &s );
488}
489
490void test_suite_ecdsa_prim_test_vectors( int id, char *d_str, char *xQ_str, char *yQ_str,
491 char *k_str, char *hash_str, char *r_str,
492 char *s_str )
493{
494 ecp_group grp;
495 ecp_point Q;
496 mpi d, r, s, r_check, s_check;
497 unsigned char hash[66], rnd_buf[66];
498 size_t hlen;
499 rnd_buf_info rnd_info;
500
501 ecp_group_init( &grp );
502 ecp_point_init( &Q );
503 mpi_init( &d ); mpi_init( &r ); mpi_init( &s );
504 mpi_init( &r_check ); mpi_init( &s_check );
505 memset( hash, 0, sizeof( hash ) );
506 memset( rnd_buf, 0, sizeof( rnd_buf ) );
507
508 TEST_ASSERT( ecp_use_known_dp( &grp, id ) == 0 );
509 TEST_ASSERT( ecp_point_read_string( &Q, 16, xQ_str, yQ_str ) == 0 );
510 TEST_ASSERT( mpi_read_string( &d, 16, d_str ) == 0 );
511 TEST_ASSERT( mpi_read_string( &r_check, 16, r_str ) == 0 );
512 TEST_ASSERT( mpi_read_string( &s_check, 16, s_str ) == 0 );
513 hlen = unhexify(hash, hash_str);
514 rnd_info.buf = rnd_buf;
515 rnd_info.length = unhexify( rnd_buf, k_str );
516
517 /* Fix rnd_buf by shifting it left if necessary */
518 if( grp.nbits % 8 != 0 )
519 {
520 unsigned char shift = 8 - ( grp.nbits % 8 );
521 size_t i;
522
523 for( i = 0; i < rnd_info.length - 1; i++ )
524 rnd_buf[i] = rnd_buf[i] << shift | rnd_buf[i+1] >> ( 8 - shift );
525
526 rnd_buf[rnd_info.length-1] <<= shift;
527 }
528
529 TEST_ASSERT( ecdsa_sign( &grp, &r, &s, &d, hash, hlen,
530 rnd_buffer_rand, &rnd_info ) == 0 );
531
532 TEST_ASSERT( mpi_cmp_mpi( &r, &r_check ) == 0 );
533 TEST_ASSERT( mpi_cmp_mpi( &s, &s_check ) == 0 );
534
535 TEST_ASSERT( ecdsa_verify( &grp, hash, hlen, &Q, &r_check, &s_check ) == 0 );
536
537exit:
538 ecp_group_free( &grp );
539 ecp_point_free( &Q );
540 mpi_free( &d ); mpi_free( &r ); mpi_free( &s );
541 mpi_free( &r_check ); mpi_free( &s_check );
542}
543
544#ifdef POLARSSL_ECDSA_DETERMINISTIC
545void test_suite_ecdsa_det_test_vectors( int id, char *d_str, int md_alg,
546 char *msg, char *r_str, char *s_str )
547{
548 ecp_group grp;
549 mpi d, r, s, r_check, s_check;
550 unsigned char hash[POLARSSL_MD_MAX_SIZE];
551 size_t hlen;
552 const md_info_t *md_info;
553
554 ecp_group_init( &grp );
555 mpi_init( &d ); mpi_init( &r ); mpi_init( &s );
556 mpi_init( &r_check ); mpi_init( &s_check );
557 memset( hash, 0, sizeof( hash ) );
558
559 TEST_ASSERT( ecp_use_known_dp( &grp, id ) == 0 );
560 TEST_ASSERT( mpi_read_string( &d, 16, d_str ) == 0 );
561 TEST_ASSERT( mpi_read_string( &r_check, 16, r_str ) == 0 );
562 TEST_ASSERT( mpi_read_string( &s_check, 16, s_str ) == 0 );
563
564 md_info = md_info_from_type( md_alg );
565 TEST_ASSERT( md_info != NULL );
566 hlen = md_info->size;
567 md( md_info, (const unsigned char *) msg, strlen( msg ), hash );
568
569 TEST_ASSERT( ecdsa_sign_det( &grp, &r, &s, &d, hash, hlen, md_alg ) == 0 );
570
571 TEST_ASSERT( mpi_cmp_mpi( &r, &r_check ) == 0 );
572 TEST_ASSERT( mpi_cmp_mpi( &s, &s_check ) == 0 );
573
574exit:
575 ecp_group_free( &grp );
576 mpi_free( &d ); mpi_free( &r ); mpi_free( &s );
577 mpi_free( &r_check ); mpi_free( &s_check );
578}
579#endif /* POLARSSL_ECDSA_DETERMINISTIC */
580
581void test_suite_ecdsa_write_read_random( int id )
582{
583 ecdsa_context ctx;
584 rnd_pseudo_info rnd_info;
585 unsigned char hash[66];
586 unsigned char sig[200];
587 size_t sig_len, i;
588
589 ecdsa_init( &ctx );
590 memset( &rnd_info, 0x00, sizeof( rnd_pseudo_info ) );
591 memset( hash, 0, sizeof( hash ) );
592 memset( sig, 0x2a, sizeof( sig ) );
593
594 /* prepare material for signature */
595 TEST_ASSERT( rnd_pseudo_rand( &rnd_info, hash, sizeof( hash ) ) == 0 );
596
597 /* generate signing key */
598 TEST_ASSERT( ecdsa_genkey( &ctx, id, &rnd_pseudo_rand, &rnd_info ) == 0 );
599
600 /* generate and write signature, then read and verify it */
601 TEST_ASSERT( ecdsa_write_signature( &ctx, hash, sizeof( hash ),
602 sig, &sig_len, &rnd_pseudo_rand, &rnd_info ) == 0 );
603 TEST_ASSERT( ecdsa_read_signature( &ctx, hash, sizeof( hash ),
604 sig, sig_len ) == 0 );
605
606 /* check we didn't write past the announced length */
607 for( i = sig_len; i < sizeof( sig ); i++ )
608 TEST_ASSERT( sig[i] == 0x2a );
609
610 /* try verification with invalid length */
611 TEST_ASSERT( ecdsa_read_signature( &ctx, hash, sizeof( hash ),
612 sig, sig_len - 1 ) != 0 );
613 TEST_ASSERT( ecdsa_read_signature( &ctx, hash, sizeof( hash ),
614 sig, sig_len + 1 ) != 0 );
615
616 /* try invalid sequence tag */
617 sig[0]++;
618 TEST_ASSERT( ecdsa_read_signature( &ctx, hash, sizeof( hash ),
619 sig, sig_len ) != 0 );
620 sig[0]--;
621
622 /* try modifying r */
623 sig[10]++;
624 TEST_ASSERT( ecdsa_read_signature( &ctx, hash, sizeof( hash ),
625 sig, sig_len ) != 0 );
626 sig[10]--;
627
628 /* try modifying s */
629 sig[sig_len - 1]++;
630 TEST_ASSERT( ecdsa_read_signature( &ctx, hash, sizeof( hash ),
631 sig, sig_len ) != 0 );
632 sig[sig_len - 1]--;
633
634exit:
635 ecdsa_free( &ctx );
636}
637
638#ifdef POLARSSL_ECDSA_DETERMINISTIC
639void test_suite_ecdsa_write_read_det_random( int id, int md_alg )
640{
641 ecdsa_context ctx;
642 rnd_pseudo_info rnd_info;
643 unsigned char msg[100];
644 unsigned char hash[POLARSSL_MD_MAX_SIZE];
645 unsigned char sig[200];
646 size_t sig_len;
647
648 ecdsa_init( &ctx );
649 memset( &rnd_info, 0x00, sizeof( rnd_pseudo_info ) );
650 memset( hash, 0, sizeof( hash ) );
651 memset( sig, 0x2a, sizeof( sig ) );
652
653 /* prepare material for signature */
654 TEST_ASSERT( rnd_pseudo_rand( &rnd_info, msg, sizeof( msg ) ) == 0 );
655 md( md_info_from_type( md_alg ), msg, sizeof( msg ), hash );
656
657 /* generate signing key */
658 TEST_ASSERT( ecdsa_genkey( &ctx, id, &rnd_pseudo_rand, &rnd_info ) == 0 );
659
660 /* generate and write signature, then read and verify it */
661 TEST_ASSERT( ecdsa_write_signature_det( &ctx, hash, sizeof( hash ),
662 sig, &sig_len, md_alg ) == 0 );
663 TEST_ASSERT( ecdsa_read_signature( &ctx, hash, sizeof( hash ),
664 sig, sig_len ) == 0 );
665
666exit:
667 ecdsa_free( &ctx );
668}
669#endif /* POLARSSL_ECDSA_DETERMINISTIC */
670
671
672#endif /* POLARSSL_ECDSA_C */
673
674
675int dep_check( char *str )
676{
677 if( str == NULL )
678 return( 1 );
679
680 if( strcmp( str, "POLARSSL_ECP_DP_SECP192R1_ENABLED" ) == 0 )
681 {
682#if defined(POLARSSL_ECP_DP_SECP192R1_ENABLED)
683 return( 0 );
684#else
685 return( 1 );
686#endif
687 }
688 if( strcmp( str, "POLARSSL_ECP_DP_SECP256R1_ENABLED" ) == 0 )
689 {
690#if defined(POLARSSL_ECP_DP_SECP256R1_ENABLED)
691 return( 0 );
692#else
693 return( 1 );
694#endif
695 }
696 if( strcmp( str, "POLARSSL_SHA512_C" ) == 0 )
697 {
698#if defined(POLARSSL_SHA512_C)
699 return( 0 );
700#else
701 return( 1 );
702#endif
703 }
704 if( strcmp( str, "POLARSSL_SHA256_C" ) == 0 )
705 {
706#if defined(POLARSSL_SHA256_C)
707 return( 0 );
708#else
709 return( 1 );
710#endif
711 }
712 if( strcmp( str, "POLARSSL_ECP_DP_SECP224R1_ENABLED" ) == 0 )
713 {
714#if defined(POLARSSL_ECP_DP_SECP224R1_ENABLED)
715 return( 0 );
716#else
717 return( 1 );
718#endif
719 }
720 if( strcmp( str, "POLARSSL_ECP_DP_SECP521R1_ENABLED" ) == 0 )
721 {
722#if defined(POLARSSL_ECP_DP_SECP521R1_ENABLED)
723 return( 0 );
724#else
725 return( 1 );
726#endif
727 }
728 if( strcmp( str, "POLARSSL_SHA1_C" ) == 0 )
729 {
730#if defined(POLARSSL_SHA1_C)
731 return( 0 );
732#else
733 return( 1 );
734#endif
735 }
736 if( strcmp( str, "POLARSSL_ECP_DP_SECP384R1_ENABLED" ) == 0 )
737 {
738#if defined(POLARSSL_ECP_DP_SECP384R1_ENABLED)
739 return( 0 );
740#else
741 return( 1 );
742#endif
743 }
744
745
746 return( 1 );
747}
748
749int dispatch_test(int cnt, char *params[50])
750{
751 int ret;
752 ((void) cnt);
753 ((void) params);
754
755#if defined(TEST_SUITE_ACTIVE)
756 if( strcmp( params[0], "ecdsa_prim_random" ) == 0 )
757 {
758
759 int param1;
760
761 if( cnt != 2 )
762 {
763 fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 2 );
764 return( 2 );
765 }
766
767 if( verify_int( params[1], &param1 ) != 0 ) return( 2 );
768
769 test_suite_ecdsa_prim_random( param1 );
770 return ( 0 );
771
772 return ( 3 );
773 }
774 else
775 if( strcmp( params[0], "ecdsa_prim_test_vectors" ) == 0 )
776 {
777
778 int param1;
779 char *param2 = params[2];
780 char *param3 = params[3];
781 char *param4 = params[4];
782 char *param5 = params[5];
783 char *param6 = params[6];
784 char *param7 = params[7];
785 char *param8 = params[8];
786
787 if( cnt != 9 )
788 {
789 fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 9 );
790 return( 2 );
791 }
792
793 if( verify_int( params[1], &param1 ) != 0 ) return( 2 );
794 if( verify_string( &param2 ) != 0 ) return( 2 );
795 if( verify_string( &param3 ) != 0 ) return( 2 );
796 if( verify_string( &param4 ) != 0 ) return( 2 );
797 if( verify_string( &param5 ) != 0 ) return( 2 );
798 if( verify_string( &param6 ) != 0 ) return( 2 );
799 if( verify_string( &param7 ) != 0 ) return( 2 );
800 if( verify_string( &param8 ) != 0 ) return( 2 );
801
802 test_suite_ecdsa_prim_test_vectors( param1, param2, param3, param4, param5, param6, param7, param8 );
803 return ( 0 );
804
805 return ( 3 );
806 }
807 else
808 if( strcmp( params[0], "ecdsa_det_test_vectors" ) == 0 )
809 {
810 #ifdef POLARSSL_ECDSA_DETERMINISTIC
811
812 int param1;
813 char *param2 = params[2];
814 int param3;
815 char *param4 = params[4];
816 char *param5 = params[5];
817 char *param6 = params[6];
818
819 if( cnt != 7 )
820 {
821 fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 7 );
822 return( 2 );
823 }
824
825 if( verify_int( params[1], &param1 ) != 0 ) return( 2 );
826 if( verify_string( &param2 ) != 0 ) return( 2 );
827 if( verify_int( params[3], &param3 ) != 0 ) return( 2 );
828 if( verify_string( &param4 ) != 0 ) return( 2 );
829 if( verify_string( &param5 ) != 0 ) return( 2 );
830 if( verify_string( &param6 ) != 0 ) return( 2 );
831
832 test_suite_ecdsa_det_test_vectors( param1, param2, param3, param4, param5, param6 );
833 return ( 0 );
834 #endif /* POLARSSL_ECDSA_DETERMINISTIC */
835
836 return ( 3 );
837 }
838 else
839 if( strcmp( params[0], "ecdsa_write_read_random" ) == 0 )
840 {
841
842 int param1;
843
844 if( cnt != 2 )
845 {
846 fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 2 );
847 return( 2 );
848 }
849
850 if( verify_int( params[1], &param1 ) != 0 ) return( 2 );
851
852 test_suite_ecdsa_write_read_random( param1 );
853 return ( 0 );
854
855 return ( 3 );
856 }
857 else
858 if( strcmp( params[0], "ecdsa_write_read_det_random" ) == 0 )
859 {
860 #ifdef POLARSSL_ECDSA_DETERMINISTIC
861
862 int param1;
863 int param2;
864
865 if( cnt != 3 )
866 {
867 fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 3 );
868 return( 2 );
869 }
870
871 if( verify_int( params[1], &param1 ) != 0 ) return( 2 );
872 if( verify_int( params[2], &param2 ) != 0 ) return( 2 );
873
874 test_suite_ecdsa_write_read_det_random( param1, param2 );
875 return ( 0 );
876 #endif /* POLARSSL_ECDSA_DETERMINISTIC */
877
878 return ( 3 );
879 }
880 else
881
882 {
883 fprintf( stdout, "FAILED\nSkipping unknown test function '%s'\n", params[0] );
884 fflush( stdout );
885 return( 1 );
886 }
887#else
888 return( 3 );
889#endif
890 return( ret );
891}
892
893int get_line( FILE *f, char *buf, size_t len )
894{
895 char *ret;
896
897 ret = fgets( buf, len, f );
898 if( ret == NULL )
899 return( -1 );
900
901 if( strlen( buf ) && buf[strlen(buf) - 1] == '\n' )
902 buf[strlen(buf) - 1] = '\0';
903 if( strlen( buf ) && buf[strlen(buf) - 1] == '\r' )
904 buf[strlen(buf) - 1] = '\0';
905
906 return( 0 );
907}
908
909int parse_arguments( char *buf, size_t len, char *params[50] )
910{
911 int cnt = 0, i;
912 char *cur = buf;
913 char *p = buf, *q;
914
915 params[cnt++] = cur;
916
917 while( *p != '\0' && p < buf + len )
918 {
919 if( *p == '\\' )
920 {
921 p++;
922 p++;
923 continue;
924 }
925 if( *p == ':' )
926 {
927 if( p + 1 < buf + len )
928 {
929 cur = p + 1;
930 params[cnt++] = cur;
931 }
932 *p = '\0';
933 }
934
935 p++;
936 }
937
938 // Replace newlines, question marks and colons in strings
939 for( i = 0; i < cnt; i++ )
940 {
941 p = params[i];
942 q = params[i];
943
944 while( *p != '\0' )
945 {
946 if( *p == '\\' && *(p + 1) == 'n' )
947 {
948 p += 2;
949 *(q++) = '\n';
950 }
951 else if( *p == '\\' && *(p + 1) == ':' )
952 {
953 p += 2;
954 *(q++) = ':';
955 }
956 else if( *p == '\\' && *(p + 1) == '?' )
957 {
958 p += 2;
959 *(q++) = '?';
960 }
961 else
962 *(q++) = *(p++);
963 }
964 *q = '\0';
965 }
966
967 return( cnt );
968}
969
970int main()
971{
972 int ret, i, cnt, total_errors = 0, total_tests = 0, total_skipped = 0;
973 const char *filename = "/builddir/build/BUILD/polarssl-1.3.9/tests/suites/test_suite_ecdsa.data";
974 FILE *file;
975 char buf[5000];
976 char *params[50];
977
978#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
979 unsigned char alloc_buf[1000000];
980 memory_buffer_alloc_init( alloc_buf, sizeof(alloc_buf) );
981#endif
982
983 file = fopen( filename, "r" );
984 if( file == NULL )
985 {
986 fprintf( stderr, "Failed to open\n" );
987 return( 1 );
988 }
989
990 while( !feof( file ) )
991 {
992 int skip = 0;
993
994 if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 )
995 break;
996 fprintf( stdout, "%s%.66s", test_errors ? "\n" : "", buf );
997 fprintf( stdout, " " );
998 for( i = strlen( buf ) + 1; i < 67; i++ )
999 fprintf( stdout, "." );
1000 fprintf( stdout, " " );
1001 fflush( stdout );
1002
1003 total_tests++;
1004
1005 if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 )
1006 break;
1007 cnt = parse_arguments( buf, strlen(buf), params );
1008
1009 if( strcmp( params[0], "depends_on" ) == 0 )
1010 {
1011 for( i = 1; i < cnt; i++ )
1012 if( dep_check( params[i] ) != 0 )
1013 skip = 1;
1014
1015 if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 )
1016 break;
1017 cnt = parse_arguments( buf, strlen(buf), params );
1018 }
1019
1020 if( skip == 0 )
1021 {
1022 test_errors = 0;
1023 ret = dispatch_test( cnt, params );
1024 }
1025
1026 if( skip == 1 || ret == 3 )
1027 {
1028 total_skipped++;
1029 fprintf( stdout, "----\n" );
1030 fflush( stdout );
1031 }
1032 else if( ret == 0 && test_errors == 0 )
1033 {
1034 fprintf( stdout, "PASS\n" );
1035 fflush( stdout );
1036 }
1037 else if( ret == 2 )
1038 {
1039 fprintf( stderr, "FAILED: FATAL PARSE ERROR\n" );
1040 fclose(file);
1041 exit( 2 );
1042 }
1043 else
1044 total_errors++;
1045
1046 if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 )
1047 break;
1048 if( strlen(buf) != 0 )
1049 {
1050 fprintf( stderr, "Should be empty %d\n", (int) strlen(buf) );
1051 return( 1 );
1052 }
1053 }
1054 fclose(file);
1055
1056 fprintf( stdout, "\n----------------------------------------------------------------------------\n\n");
1057 if( total_errors == 0 )
1058 fprintf( stdout, "PASSED" );
1059 else
1060 fprintf( stdout, "FAILED" );
1061
1062 fprintf( stdout, " (%d / %d tests (%d skipped))\n",
1063 total_tests - total_errors, total_tests, total_skipped );
1064
1065#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
1066#if defined(POLARSSL_MEMORY_DEBUG)
1067 memory_buffer_alloc_status();
1068#endif
1069 memory_buffer_alloc_free();
1070#endif
1071
1072 return( total_errors != 0 );
1073}
1074
1075
mpi_init
void mpi_init(mpi *X)
Initialize one MPI.
mpi_read_string
int mpi_read_string(mpi *X, int radix, const char *s)
Import from an ASCII string.
mpi_free
void mpi_free(mpi *X)
Unallocate one MPI.
mpi_cmp_mpi
int mpi_cmp_mpi(const mpi *X, const mpi *Y)
Compare signed values.
config.h
Configuration options (set of defines)
ecdsa.h
Elliptic curve DSA.
ecdsa_sign
int ecdsa_sign(ecp_group *grp, mpi *r, mpi *s, const mpi *d, const unsigned char *buf, size_t blen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Compute ECDSA signature of a previously hashed message.
ecdsa_read_signature
int ecdsa_read_signature(ecdsa_context *ctx, const unsigned char *hash, size_t hlen, const unsigned char *sig, size_t slen)
Read and verify an ECDSA signature.
ecdsa_init
void ecdsa_init(ecdsa_context *ctx)
Initialize context.
ecdsa_write_signature
int ecdsa_write_signature(ecdsa_context *ctx, const unsigned char *hash, size_t hlen, unsigned char *sig, size_t *slen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Compute ECDSA signature and write it to buffer, serialized as defined in RFC 4492 page 20.
ecdsa_verify
int ecdsa_verify(ecp_group *grp, const unsigned char *buf, size_t blen, const ecp_point *Q, const mpi *r, const mpi *s)
Verify ECDSA signature of a previously hashed message.
ecdsa_free
void ecdsa_free(ecdsa_context *ctx)
Free context.
ecdsa_genkey
int ecdsa_genkey(ecdsa_context *ctx, ecp_group_id gid, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Generate an ECDSA keypair on the given curve.
ecdsa_write_signature_det
int ecdsa_write_signature_det(ecdsa_context *ctx, const unsigned char *hash, size_t hlen, unsigned char *sig, size_t *slen, md_type_t md_alg)
Compute ECDSA signature and write it to buffer, serialized as defined in RFC 4492 page 20.
ecdsa_sign_det
int ecdsa_sign_det(ecp_group *grp, mpi *r, mpi *s, const mpi *d, const unsigned char *buf, size_t blen, md_type_t md_alg)
Compute ECDSA signature of a previously hashed message (deterministic version)
ecp_point_read_string
int ecp_point_read_string(ecp_point *P, int radix, const char *x, const char *y)
Import a non-zero point from two ASCII strings.
ecp_point_free
void ecp_point_free(ecp_point *pt)
Free the components of a point.
POLARSSL_ECP_DP_SECP521R1
@ POLARSSL_ECP_DP_SECP521R1
Definition ecp.h:64
POLARSSL_ECP_DP_SECP256R1
@ POLARSSL_ECP_DP_SECP256R1
Definition ecp.h:62
POLARSSL_ECP_DP_SECP384R1
@ POLARSSL_ECP_DP_SECP384R1
Definition ecp.h:63
POLARSSL_ECP_DP_SECP224R1
@ POLARSSL_ECP_DP_SECP224R1
Definition ecp.h:61
POLARSSL_ECP_DP_SECP192R1
@ POLARSSL_ECP_DP_SECP192R1
Definition ecp.h:60
ecp_point_init
void ecp_point_init(ecp_point *pt)
Initialize a point (as zero)
ecp_group_init
void ecp_group_init(ecp_group *grp)
Initialize a group (to something meaningless)
ecp_gen_keypair
int ecp_gen_keypair(ecp_group *grp, mpi *d, ecp_point *Q, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Generate a keypair.
ecp_group_free
void ecp_group_free(ecp_group *grp)
Free the components of an ECP group.
ecp_use_known_dp
int ecp_use_known_dp(ecp_group *grp, ecp_group_id index)
Set a group using well-known domain parameters.
POLARSSL_MD_MAX_SIZE
#define POLARSSL_MD_MAX_SIZE
Definition md.h:67
md_info_from_type
const md_info_t * md_info_from_type(md_type_t md_type)
Returns the message digest information associated with the given digest type.
md
int md(const md_info_t *md_info, const unsigned char *input, size_t ilen, unsigned char *output)
Output = message_digest( input buffer )
POLARSSL_MD_SHA224
@ POLARSSL_MD_SHA224
Definition md.h:57
POLARSSL_MD_SHA1
@ POLARSSL_MD_SHA1
Definition md.h:56
POLARSSL_MD_SHA384
@ POLARSSL_MD_SHA384
Definition md.h:59
POLARSSL_MD_SHA512
@ POLARSSL_MD_SHA512
Definition md.h:60
POLARSSL_MD_SHA256
@ POLARSSL_MD_SHA256
Definition md.h:58
memory.h
Memory allocation layer (Deprecated to platform layer)
memory_buffer_alloc_free
void memory_buffer_alloc_free(void)
Free the mutex for thread-safety and clear remaining memory.
memory_buffer_alloc_init
int memory_buffer_alloc_init(unsigned char *buf, size_t len)
Initialize use of stack-based memory allocator.
platform.h
PolarSSL Platform abstraction layer.
ecdsa_context
ECDSA context structure.
Definition ecdsa.h:42
ecp_group
ECP group structure.
Definition ecp.h:137
ecp_group::nbits
size_t nbits
Definition ecp.h:145
ecp_point
ECP point structure (jacobian coordinates)
Definition ecp.h:105
md_info_t
Message digest information.
Definition md.h:74
md_info_t::size
int size
Output length of the digest function.
Definition md.h:82
mpi
MPI structure.
Definition bignum.h:183
rnd_buf_info
Definition test_suite_aes.cbc.c:208
rnd_buf_info::length
size_t length
Definition test_suite_aes.cbc.c:210
rnd_buf_info::buf
unsigned char * buf
Definition test_suite_aes.cbc.c:209
rnd_pseudo_info
Info structure for the pseudo random function.
Definition test_suite_aes.cbc.c:257
rnd_pseudo_info::v1
uint32_t v1
Definition test_suite_aes.cbc.c:259
rnd_pseudo_info::key
uint32_t key[16]
Definition test_suite_aes.cbc.c:258
rnd_pseudo_info::v0
uint32_t v0
Definition test_suite_aes.cbc.c:259
verify_int
int verify_int(char *str, int *value)
Definition test_suite_aes.cbc.c:353
test_assert
static int test_assert(int correct, const char *test)
Definition test_suite_aes.cbc.c:320
verify_string
int verify_string(char **str)
Definition test_suite_aes.cbc.c:338
TEST_ASSERT
#define TEST_ASSERT(TEST)
Definition test_suite_aes.cbc.c:333
unhexify_alloc
static unsigned char * unhexify_alloc(const char *ibuf, size_t *olen)
Allocate and fill a buffer from hex data.
Definition test_suite_ecdsa.c:146
dep_check
int dep_check(char *str)
Definition test_suite_ecdsa.c:675
dispatch_test
int dispatch_test(int cnt, char *params[50])
Definition test_suite_ecdsa.c:749
polarssl_malloc
#define polarssl_malloc
Definition test_suite_ecdsa.c:20
hexify
static void hexify(unsigned char *obuf, const unsigned char *ibuf, int len)
Definition test_suite_ecdsa.c:92
parse_arguments
int parse_arguments(char *buf, size_t len, char *params[50])
Definition test_suite_ecdsa.c:909
PUT_UINT32_BE
#define PUT_UINT32_BE(n, b, i)
Definition test_suite_ecdsa.c:49
rnd_pseudo_rand
static int rnd_pseudo_rand(void *rng_state, unsigned char *output, size_t len)
This function returns random based on a pseudo random function.
Definition test_suite_ecdsa.c:270
get_line
int get_line(FILE *f, char *buf, size_t len)
Definition test_suite_ecdsa.c:893
test_errors
static int test_errors
Definition test_suite_ecdsa.c:314
rnd_buffer_rand
static int rnd_buffer_rand(void *rng_state, unsigned char *output, size_t len)
This function returns random based on a buffer it receives.
Definition test_suite_ecdsa.c:224
unhexify
static int unhexify(unsigned char *obuf, const char *ibuf)
Definition test_suite_ecdsa.c:58
zero_alloc
static unsigned char * zero_alloc(size_t len)
Allocate and zeroize a buffer.
Definition test_suite_ecdsa.c:123
rnd_std_rand
static int rnd_std_rand(void *rng_state, unsigned char *output, size_t len)
This function just returns data from rand().
Definition test_suite_ecdsa.c:172
main
int main()
Definition test_suite_ecdsa.c:970
rnd_zero_rand
static int rnd_zero_rand(void *rng_state, unsigned char *output, size_t len)
This function only returns zeros.
Definition test_suite_ecdsa.c:197
Generated on Tue Feb 18 2025 20:02:19 for PolarSSL v1.3.9 by doxygen 1.12.0