diff options
| author | lloyd <[email protected]> | 2010-03-16 17:36:31 +0000 |
|---|---|---|
| committer | lloyd <[email protected]> | 2010-03-16 17:36:31 +0000 |
| commit | 651aa262cab86a8e98ee9815ec365ea68ffff5b1 (patch) | |
| tree | dd8f53acea45c204d169edaaec36aa4dfeeb9268 /checks/pk.cpp | |
| parent | 3b285e35294dfe67650063cc774d6f4e4e77b934 (diff) | |
Add a couple of verification tests for GOST 34.10
Generating the test vectors found yet another inane (and, of course,
undocumented) behavior in the GOST implementation included in OpenSSL;
it treats the hash inputs as little endian. Just out of curiousity, I
checked RFC 5832, which supposedly specifies this algorithm; not a
peep about endian conversions.
The more I deal with standards coming out of the CryptoPro people, the
less confidence I have in them.
Diffstat (limited to 'checks/pk.cpp')
| -rw-r--r-- | checks/pk.cpp | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/checks/pk.cpp b/checks/pk.cpp index bc1308f1c..23ceda7fe 100644 --- a/checks/pk.cpp +++ b/checks/pk.cpp @@ -512,6 +512,34 @@ u32bit validate_ecdsa_sig(const std::string& algo, return 2; } +u32bit validate_gost_ver(const std::string& algo, + const std::vector<std::string>& str) + { + if(str.size() != 5) + throw std::runtime_error("Invalid input from pk_valid.dat"); + +#if defined(BOTAN_HAS_GOST_34_10_2001) + + EC_Domain_Params group(OIDS::lookup(str[0])); + + PointGFp public_point = OS2ECP(decode_hex(str[1]), group.get_curve()); + + GOST_3410_PublicKey gost(group, public_point); + + std::string emsa = algo.substr(13, std::string::npos); + + PK_Verifier v(gost, emsa); + + SecureVector<byte> msg = decode_hex(str[2]); + SecureVector<byte> sig = decode_hex(str[3]); + + bool passed = v.verify_message(msg, msg.size(), sig, sig.size()); + return (passed ? 0 : 1); +#endif + + return 2; + } + u32bit validate_dsa_ver(const std::string& algo, const std::vector<std::string>& str) { @@ -820,6 +848,9 @@ u32bit do_pk_validation_tests(const std::string& filename, else if(algorithm.find("ECDSA/") == 0) new_errors = validate_ecdsa_sig(algorithm, substr); + else if(algorithm.find("GOST_3410_VA/") == 0) + new_errors = validate_gost_ver(algorithm, substr); + else if(algorithm.find("RSAES_PKCS8/") == 0) new_errors = validate_rsa_enc_pkcs8(algorithm, substr, rng); else if(algorithm.find("RSAVA_X509/") == 0) |