Add ECDSA key tests from Google's project Wycheproof

author: René Korthaus <[email protected]> 2017-02-12 13:54:21 +0100
committer: René Korthaus <[email protected]> 2017-02-12 13:54:21 +0100
commit: 96033661c46807b94b35419a8520d43445cabee2 (patch)
tree: 9f2443d0fab35fc9e6c088ee00754f0d5c398664 /src
parent: d7990d845e7f7ab98b61de9b651a9afe96d6d873 (diff)
4 files changed, 57 insertions, 13 deletions
diff --git a/src/tests/data/pubkey/ecc_invalid.vec b/src/tests/data/pubkey/ecc_invalid.vec
new file mode 100644
index 000000000..887658f26
--- /dev/null
+++ b/src/tests/data/pubkey/ecc_invalid.vec
@@ -0,0 +1,18 @@
+
+# Public keys failing checks from Google's Wycheproof
+# https://github.com/google/wycheproof/blob/master/java/com/google/security/wycheproof/testcases/EcKeyTest.java 
+
+# order = -115792089210356248762697446949407573529996955224135760342422259061068512044369
+SubjectPublicKey = 308201333081ec06072a8648ce3d02013081e0020101302c06072a8648ce3d0101022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff30440420ffffffff00000001000000000000000000000000fffffffffffffffffffffffc04205ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b0441046b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2964fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f50221ff00000000ffffffff00000000000000004319055258e8617b0c46353d039cdaaf02010103420004cdeb39edd03e2b1a11a5e134ec99d5f25f21673d403f3ecb47bd1fa676638958ea58493b8429598c0b49bbb85c3303ddb1553c3b761c2caacca71606ba9ebac8
+
+# order = 0
+SubjectPublicKey = 308201123081cb06072a8648ce3d02013081bf020101302c06072a8648ce3d0101022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff30440420ffffffff00000001000000000000000000000000fffffffffffffffffffffffc04205ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b0441046b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2964fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5020002010103420004cdeb39edd03e2b1a11a5e134ec99d5f25f21673d403f3ecb47bd1fa676638958ea58493b8429598c0b49bbb85c3303ddb1553c3b761c2caacca71606ba9ebac8
+
+# cofactor = -1
+SubjectPublicKey = 308201333081ec06072a8648ce3d02013081e0020101302c06072a8648ce3d0101022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff30440420ffffffff00000001000000000000000000000000fffffffffffffffffffffffc04205ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b0441046b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2964fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325510201ff03420004cdeb39edd03e2b1a11a5e134ec99d5f25f21673d403f3ecb47bd1fa676638958ea58493b8429598c0b49bbb85c3303ddb1553c3b761c2caacca71606ba9ebac8
+
+# cofactor = 0
+SubjectPublicKey = 308201323081eb06072a8648ce3d02013081df020101302c06072a8648ce3d0101022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff30440420ffffffff00000001000000000000000000000000fffffffffffffffffffffffc04205ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b0441046b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2964fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551020003420004cdeb39edd03e2b1a11a5e134ec99d5f25f21673d403f3ecb47bd1fa676638958ea58493b8429598c0b49bbb85c3303ddb1553c3b761c2caacca71606ba9ebac8
+
+# cofactor = 115792089210356248762697446949407573529996955224135760342422259061068512044369
+SubjectPublicKey = 308201553082010d06072a8648ce3d020130820100020101302c06072a8648ce3d0101022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff30440420ffffffff00000001000000000000000000000000fffffffffffffffffffffffc04205ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b0441046b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2964fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63255103420004cdeb39edd03e2b1a11a5e134ec99d5f25f21673d403f3ecb47bd1fa676638958ea58493b8429598c0b49bbb85c3303ddb1553c3b761c2caacca71606ba9ebac8
diff --git a/src/tests/data/pubkey/ecdsa_invalid.vec b/src/tests/data/pubkey/ecdsa_invalid.vec
index b4c8b6663..db87a38f7 100644
--- a/src/tests/data/pubkey/ecdsa_invalid.vec
+++ b/src/tests/data/pubkey/ecdsa_invalid.vec
@@ -366,6 +366,3 @@ InvalidKeyY = 0x1cf24be44e919e1576ecf51abdea113f8bb7121d670b86d8ee93ce1e6f79b17a
 # InvalidKeyX or InvalidKeyY out of range
 InvalidKeyX = 0x3d68ed9ce2bcb68f12ac37385ccdb6ee445f7b0a8f257593735abdf8bc0b98bc5ab5c5750e2e111fec2ecde6be321522ddc90d2b54634d30d28f43024f76e4653a7
 InvalidKeyY = 0x03f6f5f224d6aee43d781e3ad723062a61729a6ed959cd18c75d4982961ba8033767ed1168674a545b0a693d3587fbeaebc9b116143dbe1155ead48de89d980d617
-
-
-# TODO Google Wycheproof has some tests, too
-\ No newline at end of file
diff --git a/src/tests/test_ecdsa.cpp b/src/tests/test_ecdsa.cpp
index 41d81a576..148abaacc 100644
--- a/src/tests/test_ecdsa.cpp
+++ b/src/tests/test_ecdsa.cpp
@@ -89,17 +89,17 @@ class ECDSA_Invalid_Key_Tests : public Text_Based_Test
          std::unique_ptr<Botan::PointGFp> public_point;
 
          try
-         {
-         public_point.reset(new Botan::PointGFp(group.get_curve(), x, y));
-         }
+            {
+            public_point.reset(new Botan::PointGFp(group.get_curve(), x, y));
+            }
          catch(Botan::Invalid_Argument&)
-			{
-         // PointGFp() performs a range check on x, y in [0, p−1],
-         // which is also part of the EC public key checks, e.g.,
-         // in NIST SP800-56A rev2, sec. 5.6.2.3.2
-         result.test_success("public key fails check");
-         return result;
-			}
+            {
+            // PointGFp() performs a range check on x, y in [0, p−1],
+            // which is also part of the EC public key checks, e.g.,
+            // in NIST SP800-56A rev2, sec. 5.6.2.3.2
+            result.test_success("public key fails check");
+            return result;
+            }
 
          std::unique_ptr<Botan::Public_Key> key(new Botan::ECDSA_PublicKey(group, *public_point));
          result.test_eq("public key fails check", key->check_key(Test::rng(), false), false);
diff --git a/src/tests/unit_ecc.cpp b/src/tests/unit_ecc.cpp
index 3ab22e57e..aac1d3ddf 100644
--- a/src/tests/unit_ecc.cpp
+++ b/src/tests/unit_ecc.cpp
@@ -18,6 +18,8 @@
   #include <botan/reducer.h>
   #include <botan/oids.h>
   #include <botan/hex.h>
+  #include <botan/data_src.h>
+  #include <botan/x509_key.h>
 #endif
 
 namespace Botan_Tests {
@@ -833,6 +835,33 @@ class ECC_Unit_Tests : public Test
 
 BOTAN_REGISTER_TEST("ecc_unit", ECC_Unit_Tests);
 
+class ECC_Invalid_Key_Tests : public Text_Based_Test
+   {
+   public:
+      ECC_Invalid_Key_Tests() :
+         Text_Based_Test("pubkey/ecc_invalid.vec", "SubjectPublicKey") {}
+
+      bool clear_between_callbacks() const override { return false; }
+
+      Test::Result run_one_test(const std::string&, const VarMap& vars) override
+         {
+         // TODO extract params from encoded key and move test vectors to ecdsa_invalid.vec
+         Test::Result result("ECC invalid keys");
+
+         const std::string encoded = get_req_str(vars, "SubjectPublicKey");
+         Botan::DataSource_Memory key_data(Botan::hex_decode(encoded));
+
+         std::unique_ptr<Botan::Public_Key> key(Botan::X509::load_key(key_data));
+         result.test_eq("public key fails check", key->check_key(Test::rng(), false), false);
+
+         std::cout << key->algo_name() << std::endl;
+
+         return result;
+         }
+   };
+
+BOTAN_REGISTER_TEST("ecc_invalid", ECC_Invalid_Key_Tests);
+
 #endif
 
 }
author	René Korthaus <[email protected]>	2017-02-12 13:54:21 +0100
committer	René Korthaus <[email protected]>	2017-02-12 13:54:21 +0100
commit	96033661c46807b94b35419a8520d43445cabee2 (patch)
tree	9f2443d0fab35fc9e6c088ee00754f0d5c398664 /src
parent	d7990d845e7f7ab98b61de9b651a9afe96d6d873 (diff)