diff options
author | René Korthaus <[email protected]> | 2017-09-13 17:09:00 +0200 |
---|---|---|
committer | René Korthaus <[email protected]> | 2017-09-13 17:09:00 +0200 |
commit | 8da78e708e35810ea35ad9f3bfcf3ff4e1f40063 (patch) | |
tree | 8af726c7a78fb1b0df3e5c3e205f9daaa91e5019 /src/tests | |
parent | 5651315cd6fc35f9380f99a9f571d9c0b044a4ee (diff) |
Remove inner/outer OID check in EC_PrivateKey ctor
RFC 5915 mandates that the OID of an ECDSA ECPrivateKey
shall be id-ecPublicKey with the named curve as the parameters.
ECPrivateKey may contain the named curve OID, too, which is
compared to id-ecPublicKey. Such keys could not be loaded.
We remove this check and add a test vector from strongswan.
Diffstat (limited to 'src/tests')
-rw-r--r-- | src/tests/data/ecc/ecc_private_with_rfc5915_parameters.pem | 6 | ||||
-rw-r--r-- | src/tests/unit_ecdsa.cpp | 27 |
2 files changed, 31 insertions, 2 deletions
diff --git a/src/tests/data/ecc/ecc_private_with_rfc5915_parameters.pem b/src/tests/data/ecc/ecc_private_with_rfc5915_parameters.pem new file mode 100644 index 000000000..9044ba49e --- /dev/null +++ b/src/tests/data/ecc/ecc_private_with_rfc5915_parameters.pem @@ -0,0 +1,6 @@ +-----BEGIN PRIVATE KEY----- +MIGTAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBHkwdwIBAQQgQsaM/yuLh6H7UPb+ +1oizCkiyxY9Q4M9A+lfRxmwgZMWgCgYIKoZIzj0DAQehRANCAAScslLLwFzPl93W +50kyRwyO222/yBoKAeheP45kM7QVuxul7flLp+heb0kk9zL0m0xH3PEoRBw32+77 +2L1OXOsH +-----END PRIVATE KEY----- diff --git a/src/tests/unit_ecdsa.cpp b/src/tests/unit_ecdsa.cpp index ea622ade4..2654753eb 100644 --- a/src/tests/unit_ecdsa.cpp +++ b/src/tests/unit_ecdsa.cpp @@ -370,18 +370,40 @@ Test::Result test_ecc_key_with_rfc5915_extensions() std::unique_ptr<Botan::Private_Key> pkcs8( Botan::PKCS8::load_key(Test::data_file("ecc/ecc_private_with_rfc5915_ext.pem"), Test::rng())); - result.confirm("loaded RFC 5914 key", pkcs8.get()); + result.confirm("loaded RFC 5915 key", pkcs8.get()); result.test_eq("key is ECDSA", pkcs8->algo_name(), "ECDSA"); result.confirm("key type is ECDSA", dynamic_cast<Botan::ECDSA_PrivateKey*>(pkcs8.get())); } catch(std::exception& e) { - result.test_failure("load_rfc5915", e.what()); + result.test_failure("load_rfc5915_ext", e.what()); } return result; } +Test::Result test_ecc_key_with_rfc5915_parameters() + { + Test::Result result("ECDSA Unit"); + + try + { + std::unique_ptr<Botan::Private_Key> pkcs8( + Botan::PKCS8::load_key(Test::data_file("ecc/ecc_private_with_rfc5915_parameters.pem"), Test::rng())); + + result.confirm("loaded RFC 5915 key", pkcs8.get()); + result.test_eq("key is ECDSA", pkcs8->algo_name(), "ECDSA"); + result.confirm("key type is ECDSA", dynamic_cast<Botan::ECDSA_PrivateKey*>(pkcs8.get())); + } + catch(std::exception& e) + { + result.test_failure("load_rfc5915_params", e.what()); + } + + return result; + } + + class ECDSA_Unit_Tests : public Test { @@ -402,6 +424,7 @@ class ECDSA_Unit_Tests : public Test results.push_back(test_unusual_curve()); results.push_back(test_curve_registry()); results.push_back(test_ecc_key_with_rfc5915_extensions()); + results.push_back(test_ecc_key_with_rfc5915_parameters()); return results; } }; |