diff options
author | Never <[email protected]> | 2017-02-16 15:44:45 +0100 |
---|---|---|
committer | Never <[email protected]> | 2017-02-16 15:48:26 +0100 |
commit | a6c4a358dfb3b3319c3f5f643e795f0ddc14d070 (patch) | |
tree | c78d6377da28d5285eabd2a9c89a2f79f5f1b39a /src/extra_tests | |
parent | fc3f52703f62d76beda013623f745d5ac3c8cd1c (diff) |
Add ecdsa timing test
Diffstat (limited to 'src/extra_tests')
-rw-r--r-- | src/extra_tests/timing/timing-tests/Makefile | 2 | ||||
-rw-r--r-- | src/extra_tests/timing/timing-tests/TimingTest.h | 19 | ||||
-rw-r--r-- | src/extra_tests/timing/timing-tests/data/ecdsa.vec | 4 | ||||
-rw-r--r-- | src/extra_tests/timing/timing-tests/ecdsa.cpp | 41 | ||||
-rw-r--r-- | src/extra_tests/timing/timing-tests/main.cpp | 6 |
5 files changed, 71 insertions, 1 deletions
diff --git a/src/extra_tests/timing/timing-tests/Makefile b/src/extra_tests/timing/timing-tests/Makefile index df77c70ec..56cc7b9eb 100644 --- a/src/extra_tests/timing/timing-tests/Makefile +++ b/src/extra_tests/timing/timing-tests/Makefile @@ -1,5 +1,5 @@ CC=g++ -BOTAN_DIR=../../../../../botan/ +BOTAN_DIR=../../../../ LDIR=$(BOTAN_DIR) IDIR=$(BOTAN_DIR)build/include DBG_FLAGS=-g -O3 diff --git a/src/extra_tests/timing/timing-tests/TimingTest.h b/src/extra_tests/timing/timing-tests/TimingTest.h index a61e21519..a0295c6fd 100644 --- a/src/extra_tests/timing/timing-tests/TimingTest.h +++ b/src/extra_tests/timing/timing-tests/TimingTest.h @@ -19,6 +19,8 @@ #include <botan/internal/tls_cbc.h> #include <botan/tls_exceptn.h> #include <botan/cipher_mode.h> +#include <botan/ecdsa.h> +#include <botan/reducer.h> using namespace Botan; @@ -97,6 +99,23 @@ class Lucky13Test : public TimingTest Lucky13Test(std::vector<std::string> &inputs, std::string result_file, const std::string& mac_name, size_t mac_keylen); }; + +class ECDSATest : public TimingTest + { + private: + const ECDSA_PrivateKey m_privkey; + const BigInt m_order; + Blinded_Point_Multiply m_base_point; + const BigInt m_x; + const Modular_Reducer m_mod_order; + + protected: + std::vector<byte> prepare_input(std::string input) override; + ticks measure_critical_function(std::vector<byte> input) override; + + public: + ECDSATest(std::vector<std::string> &inputs, std::string result_folder, std::string ecgroup); + }; #endif /* TIMINGTEST_H */
\ No newline at end of file diff --git a/src/extra_tests/timing/timing-tests/data/ecdsa.vec b/src/extra_tests/timing/timing-tests/data/ecdsa.vec new file mode 100644 index 000000000..a940a3c20 --- /dev/null +++ b/src/extra_tests/timing/timing-tests/data/ecdsa.vec @@ -0,0 +1,4 @@ +# leading zeros +01 +# no leading zeros +FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
\ No newline at end of file diff --git a/src/extra_tests/timing/timing-tests/ecdsa.cpp b/src/extra_tests/timing/timing-tests/ecdsa.cpp new file mode 100644 index 000000000..42f281911 --- /dev/null +++ b/src/extra_tests/timing/timing-tests/ecdsa.cpp @@ -0,0 +1,41 @@ +/* + * File: ecdsa.cpp + * + * + */ + +#include "TimingTest.h" + +ECDSATest::ECDSATest(std::vector<std::string> &inputs, std::string result_folder, std::string ecgroup) : + m_privkey(system_rng(), Botan::EC_Group(ecgroup)), + m_order(m_privkey.domain().get_order()), + m_base_point(m_privkey.domain().get_base_point(), m_order), + m_x(m_privkey.private_value()), + m_mod_order(m_order) + { + m_inputs = inputs; + m_result_folder = result_folder; + } + +std::vector<byte> ECDSATest::prepare_input(std::string input) + { + const std::vector<byte> input_vector = Botan::hex_decode(input); + return input_vector; + } + +ticks ECDSATest::measure_critical_function(std::vector<byte> input) + { + const BigInt k(input.data(), input.size()); + const BigInt msg(system_rng(), m_order.bits()); + + ticks start = this->get_ticks(); + + //The following ECDSA operations involve and should not leak any information about k. + const Botan::PointGFp k_times_P = m_base_point.blinded_multiply(k, system_rng()); + const BigInt r = m_mod_order.reduce(k_times_P.get_affine_x()); + const BigInt s = m_mod_order.multiply(inverse_mod(k, m_order), mul_add(m_x, r, msg)); + + ticks end = get_ticks(); + + return (end - start); + } diff --git a/src/extra_tests/timing/timing-tests/main.cpp b/src/extra_tests/timing/timing-tests/main.cpp index 7b9e2b0fc..02742da84 100644 --- a/src/extra_tests/timing/timing-tests/main.cpp +++ b/src/extra_tests/timing/timing-tests/main.cpp @@ -130,6 +130,12 @@ int main(int argc, char* argv[]) std::string result_folder_sha384 = "results/lucky13sha384"; std::unique_ptr<Lucky13Test> test_sha384(new Lucky13Test(inputs, result_folder_sha384, "SHA-384", 48)); test_sha384->execute_evaluation(); + } + else if (executeEvaluationWithFile("ecdsa", file, test_arg)) + { + std::string result_folder_ecdsa = "results/ecdsa"; + std::unique_ptr<ECDSATest> test_ecdsa(new ECDSATest(inputs, result_folder_ecdsa, "secp384r1")); + test_ecdsa->execute_evaluation(); } else { |