aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKrzysztof Kwiatkowski <[email protected]>2017-06-10 16:01:20 +0100
committerKrzysztof Kwiatkowski <[email protected]>2017-06-10 16:01:20 +0100
commit904cd4fe1ce7f88873891e5cb8a0ed32cec8925b (patch)
treeb40716cc29354d5bc4e580c8825196692c2eab76
parentee16e9d29b6eba5c528dfe4e092cbd8e5c465aa9 (diff)
FFI: Posibility to load EC privkey
-rw-r--r--src/lib/ffi/ffi.cpp24
-rw-r--r--src/lib/ffi/ffi.h7
-rw-r--r--src/tests/test_ffi.cpp100
3 files changed, 84 insertions, 47 deletions
diff --git a/src/lib/ffi/ffi.cpp b/src/lib/ffi/ffi.cpp
index d7f164b86..3803e5dd6 100644
--- a/src/lib/ffi/ffi.cpp
+++ b/src/lib/ffi/ffi.cpp
@@ -1699,6 +1699,30 @@ int botan_pubkey_ed25519_get_pubkey(botan_pubkey_t key,
#endif
}
+int botan_privkey_load_ec(botan_privkey_t* key,
+ const botan_mp_t scalar,
+ const char* curve_name)
+ {
+#if defined(BOTAN_HAS_ECDSA)
+ *key = nullptr;
+ try
+ {
+ Botan::Null_RNG null_rng;
+ Botan::EC_Group grp(curve_name);
+ *key = new botan_privkey_struct(new Botan::ECDSA_PrivateKey(null_rng, grp, safe_get(scalar)));
+ return 0;
+ }
+ catch(std::exception& e)
+ {
+ log_exception(BOTAN_CURRENT_FUNCTION, e.what());
+ }
+ return -1;
+#else
+ BOTAN_UNUSED(key, scalar, scalar_len, curve_name);
+ return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
+#endif
+ }
+
int botan_pubkey_get_field(botan_mp_t output,
botan_pubkey_t key,
const char* field_name_cstr)
diff --git a/src/lib/ffi/ffi.h b/src/lib/ffi/ffi.h
index 3e64c69cd..206b749b2 100644
--- a/src/lib/ffi/ffi.h
+++ b/src/lib/ffi/ffi.h
@@ -862,6 +862,13 @@ BOTAN_DLL int botan_pubkey_ed25519_get_pubkey(botan_pubkey_t key,
uint8_t pubkey[32]);
/*
+* Algorithm specific key operations: ECDSA and ECDH
+*/
+BOTAN_DLL int botan_privkey_load_ec(botan_privkey_t* key,
+ const botan_mp_t scalar,
+ const char* curve_name);
+
+/*
* Public Key Encryption
*/
typedef struct botan_pk_op_encrypt_struct* botan_pk_op_encrypt_t;
diff --git a/src/tests/test_ffi.cpp b/src/tests/test_ffi.cpp
index 75fe337f3..8411af941 100644
--- a/src/tests/test_ffi.cpp
+++ b/src/tests/test_ffi.cpp
@@ -1196,71 +1196,77 @@ class FFI_Unit_Tests : public Test
Test::Result ffi_test_ecdsa(botan_rng_t rng)
{
Test::Result result("FFI ECDSA");
-
+ static const char* kCurve = "secp384r1";
botan_privkey_t priv;
+ botan_privkey_t loaded_privkey;
+ botan_pubkey_t pub;
- if(TEST_FFI_OK(botan_privkey_create_ecdsa, (&priv, rng, "secp384r1")))
- {
- botan_pubkey_t pub;
- TEST_FFI_OK(botan_privkey_export_pubkey, (&pub, priv));
-
- ffi_test_pubkey_export(result, pub, priv, rng);
+ REQUIRE_FFI_OK(botan_privkey_create_ecdsa, (&priv, rng, kCurve));
+ TEST_FFI_OK(botan_privkey_export_pubkey, (&pub, priv));
+ ffi_test_pubkey_export(result, pub, priv, rng);
- char namebuf[32] = { 0 };
- size_t name_len = sizeof(namebuf);
- TEST_FFI_OK(botan_pubkey_algo_name, (pub, &namebuf[0], &name_len));
+ // Check key load functions
+ botan_mp_t x;
+ botan_mp_init(&x);
- result.test_eq(namebuf, namebuf, "ECDSA");
+ TEST_FFI_OK(botan_privkey_get_field, (x, priv, "x"));
+ TEST_FFI_OK(botan_privkey_load_ec, (&loaded_privkey, x, kCurve));
+ TEST_FFI_OK(botan_privkey_check_key, (loaded_privkey, rng, 0));
- std::vector<uint8_t> message(1280), signature;
- TEST_FFI_OK(botan_rng_get, (rng, message.data(), message.size()));
+ char namebuf[32] = { 0 };
+ size_t name_len = sizeof(namebuf);
- botan_pk_op_sign_t signer;
+ TEST_FFI_OK(botan_pubkey_algo_name, (pub, &namebuf[0], &name_len));
+ result.test_eq(namebuf, namebuf, "ECDSA");
- if(TEST_FFI_OK(botan_pk_op_sign_create, (&signer, priv, "EMSA1(SHA-384)", 0)))
- {
- // TODO: break input into multiple calls to update
- TEST_FFI_OK(botan_pk_op_sign_update, (signer, message.data(), message.size()));
-
- signature.resize(96); // TODO: no way to derive this from API
- size_t sig_len = signature.size();
- TEST_FFI_OK(botan_pk_op_sign_finish, (signer, rng, signature.data(), &sig_len));
- signature.resize(sig_len);
+ std::vector<uint8_t> message(1280), signature;
+ TEST_FFI_OK(botan_rng_get, (rng, message.data(), message.size()));
+ botan_pk_op_sign_t signer;
+ if(TEST_FFI_OK(botan_pk_op_sign_create, (&signer, loaded_privkey, "EMSA1(SHA-384)", 0)))
+ {
+ // TODO: break input into multiple calls to update
+ TEST_FFI_OK(botan_pk_op_sign_update, (signer, message.data(), message.size()));
- TEST_FFI_OK(botan_pk_op_sign_destroy, (signer));
- }
+ signature.resize(96); // TODO: no way to derive this from API
+ size_t sig_len = signature.size();
+ TEST_FFI_OK(botan_pk_op_sign_finish, (signer, rng, signature.data(), &sig_len));
+ signature.resize(sig_len);
- botan_pk_op_verify_t verifier;
+ TEST_FFI_OK(botan_pk_op_sign_destroy, (signer));
+ }
- if(TEST_FFI_OK(botan_pk_op_verify_create, (&verifier, pub, "EMSA1(SHA-384)", 0)))
- {
- TEST_FFI_OK(botan_pk_op_verify_update, (verifier, message.data(), message.size()));
- TEST_FFI_OK(botan_pk_op_verify_finish, (verifier, signature.data(), signature.size()));
+ botan_pk_op_verify_t verifier;
- // TODO: randomize this
- signature[0] ^= 1;
- TEST_FFI_OK(botan_pk_op_verify_update, (verifier, message.data(), message.size()));
- TEST_FFI_FAIL("bad signature", botan_pk_op_verify_finish, (verifier, signature.data(), signature.size()));
+ if(TEST_FFI_OK(botan_pk_op_verify_create, (&verifier, pub, "EMSA1(SHA-384)", 0)))
+ {
+ TEST_FFI_OK(botan_pk_op_verify_update, (verifier, message.data(), message.size()));
+ TEST_FFI_OK(botan_pk_op_verify_finish, (verifier, signature.data(), signature.size()));
- message[0] ^= 1;
- TEST_FFI_OK(botan_pk_op_verify_update, (verifier, message.data(), message.size()));
- TEST_FFI_FAIL("bad signature", botan_pk_op_verify_finish, (verifier, signature.data(), signature.size()));
+ // TODO: randomize this
+ signature[0] ^= 1;
+ TEST_FFI_OK(botan_pk_op_verify_update, (verifier, message.data(), message.size()));
+ TEST_FFI_FAIL("bad signature", botan_pk_op_verify_finish, (verifier, signature.data(), signature.size()));
- signature[0] ^= 1;
- TEST_FFI_OK(botan_pk_op_verify_update, (verifier, message.data(), message.size()));
- TEST_FFI_FAIL("bad signature", botan_pk_op_verify_finish, (verifier, signature.data(), signature.size()));
+ message[0] ^= 1;
+ TEST_FFI_OK(botan_pk_op_verify_update, (verifier, message.data(), message.size()));
+ TEST_FFI_FAIL("bad signature", botan_pk_op_verify_finish, (verifier, signature.data(), signature.size()));
- message[0] ^= 1;
- TEST_FFI_OK(botan_pk_op_verify_update, (verifier, message.data(), message.size()));
- TEST_FFI_OK(botan_pk_op_verify_finish, (verifier, signature.data(), signature.size()));
+ signature[0] ^= 1;
+ TEST_FFI_OK(botan_pk_op_verify_update, (verifier, message.data(), message.size()));
+ TEST_FFI_FAIL("bad signature", botan_pk_op_verify_finish, (verifier, signature.data(), signature.size()));
- TEST_FFI_OK(botan_pk_op_verify_destroy, (verifier));
- }
+ message[0] ^= 1;
+ TEST_FFI_OK(botan_pk_op_verify_update, (verifier, message.data(), message.size()));
+ TEST_FFI_OK(botan_pk_op_verify_finish, (verifier, signature.data(), signature.size()));
- TEST_FFI_OK(botan_pubkey_destroy, (pub));
- TEST_FFI_OK(botan_privkey_destroy, (priv));
+ TEST_FFI_OK(botan_pk_op_verify_destroy, (verifier));
}
+ botan_mp_destroy(x);
+ TEST_FFI_OK(botan_pubkey_destroy, (pub));
+ TEST_FFI_OK(botan_privkey_destroy, (priv));
+ TEST_FFI_OK(botan_privkey_destroy, (loaded_privkey));
+
return result;
}