diff options
Diffstat (limited to 'checks')
| -rw-r--r-- | checks/check.cpp | 4 | ||||
| -rw-r--r-- | checks/ec_tests.cpp | 32 | ||||
| -rw-r--r-- | checks/ecdsa.cpp | 4 | ||||
| -rw-r--r-- | checks/pk.cpp | 31 | ||||
| -rw-r--r-- | checks/pk_bench.cpp | 17 | ||||
| -rw-r--r-- | checks/pk_valid.dat | 18 | ||||
| -rw-r--r-- | checks/x509.cpp | 2 |
7 files changed, 79 insertions, 29 deletions
diff --git a/checks/check.cpp b/checks/check.cpp index 1f46b5b4c..952384a19 100644 --- a/checks/check.cpp +++ b/checks/check.cpp @@ -106,8 +106,6 @@ int main(int argc, char* argv[]) Botan::LibraryInitializer init("thread_safe=no"); - Botan::AutoSeeded_RNG rng; - if(opts.is_set("help") || argc <= 1) { std::cerr << "Test driver for " @@ -121,6 +119,8 @@ int main(int argc, char* argv[]) return 1; } + Botan::AutoSeeded_RNG rng; + if(opts.is_set("validate") || opts.is_set("test")) { return run_test_suite(rng); diff --git a/checks/ec_tests.cpp b/checks/ec_tests.cpp index d86645dbc..3d7b3a8b0 100644 --- a/checks/ec_tests.cpp +++ b/checks/ec_tests.cpp @@ -147,7 +147,8 @@ void test_coordinates() PointGFp p0 = p_G; PointGFp p1 = p_G * 2; PointGFp point_exp(secp160r1, exp_affine_x, exp_affine_y); - point_exp.check_invariants(); + if(!point_exp.on_the_curve()) + throw Internal_Error("Point not on the curve"); CHECK_MESSAGE( p1.get_affine_x() == exp_affine_x, " p1_x = " << p1.get_affine_x() << "\n" << "exp_x = " << exp_affine_x << "\n"); CHECK_MESSAGE( p1.get_affine_y() == exp_affine_y, " p1_y = " << p1.get_affine_y() << "\n" << "exp_y = " << exp_affine_y << "\n"); @@ -246,7 +247,8 @@ void test_zeropoint() BigInt("16984103820118642236896513183038186009872590470"), BigInt("1373093393927139016463695321221277758035357890939")); - p1.check_invariants(); + if(!p1.on_the_curve()) + throw Internal_Error("Point not on the curve"); p1 -= p1; CHECK_MESSAGE( p1.is_zero(), "p - q with q = p is not zero!"); @@ -294,7 +296,8 @@ void test_calc_with_zeropoint() BigInt("16984103820118642236896513183038186009872590470"), BigInt("1373093393927139016463695321221277758035357890939")); - p.check_invariants(); + if(!p.on_the_curve()) + throw Internal_Error("Point not on the curve"); CHECK_MESSAGE( !p.is_zero(), "created is zeropoint, shouldn't be!"); PointGFp zero(curve); @@ -618,7 +621,8 @@ void test_enc_dec_uncompressed_521_prime_too_large() try { p_G = std::unique_ptr<PointGFp>(new PointGFp(OS2ECP ( sv_G_secp_uncomp, secp521r1))); - p_G->check_invariants(); + if(!p_G->on_the_curve()) + throw Internal_Error("Point not on the curve"); } catch (std::exception e) { @@ -626,11 +630,6 @@ void test_enc_dec_uncompressed_521_prime_too_large() } CHECK_MESSAGE(exc, "attempt of creation of point on curve with too high prime did not throw an exception"); - //SecureVector<byte> sv_result = EC2OSP(p_G, PointGFp::UNCOMPRESSED); - //string result = hex_encode(sv_result.begin(), sv_result.size()); - //string exp_result = hex_encode(sv_G_secp_uncomp.begin(), sv_G_secp_uncomp.size()); - - //CHECK_MESSAGE( sv_result == sv_G_secp_uncomp, "\ncalc. result = " << result << "\nexp. result = " << exp_result << "\n"); } void test_gfp_store_restore() @@ -673,7 +672,8 @@ void test_cdc_curve_33() bool exc = false; try { - p_G.check_invariants(); + if(!p_G.on_the_curve()) + throw Internal_Error("Point not on the curve"); } catch (std::exception) { @@ -698,11 +698,14 @@ void test_more_zeropoint() BigInt("16984103820118642236896513183038186009872590470"), BigInt("1373093393927139016463695321221277758035357890939")); - p1.check_invariants(); + if(!p1.on_the_curve()) + throw Internal_Error("Point not on the curve"); PointGFp minus_p1 = -p1; - minus_p1.check_invariants(); + if(!minus_p1.on_the_curve()) + throw Internal_Error("Point not on the curve"); PointGFp shouldBeZero = p1 + minus_p1; - shouldBeZero.check_invariants(); + if(!shouldBeZero.on_the_curve()) + throw Internal_Error("Point not on the curve"); BigInt y1 = p1.get_affine_y(); y1 = curve.get_p() - y1; @@ -713,7 +716,8 @@ void test_more_zeropoint() "problem with minus_p1 : y"); PointGFp zero(curve); - zero.check_invariants(); + if(!zero.on_the_curve()) + throw Internal_Error("Point not on the curve"); CHECK_MESSAGE(p1 + zero == p1, "addition of zero modified point"); CHECK_MESSAGE( shouldBeZero.is_zero(), "p - q with q = p is not zero!"); diff --git a/checks/ecdsa.cpp b/checks/ecdsa.cpp index 7b8b65ed2..277239e72 100644 --- a/checks/ecdsa.cpp +++ b/checks/ecdsa.cpp @@ -304,7 +304,8 @@ void test_create_and_verify(RandomNumberGenerator& rng) PointGFp p_G = OS2ECP ( sv_G_secp_comp, curve ); EC_Domain_Params dom_params(curve, p_G, bi_order_g, BigInt(1)); - p_G.check_invariants(); + if(!p_G.on_the_curve()) + throw Internal_Error("Point not on the curve"); ECDSA_PrivateKey key_odd_oid(rng, dom_params); std::string key_odd_oid_str = PKCS8::PEM_encode(key_odd_oid); @@ -359,7 +360,6 @@ void test_curve_registry(RandomNumberGenerator& rng) { OID oid(oids[i]); EC_Domain_Params dom_pars(oid); - dom_pars.get_base_point().check_invariants(); ECDSA_PrivateKey ecdsa(rng, dom_pars); PK_Signer signer(ecdsa, "EMSA1(SHA-1)"); diff --git a/checks/pk.cpp b/checks/pk.cpp index da6c6277d..834e0031d 100644 --- a/checks/pk.cpp +++ b/checks/pk.cpp @@ -512,6 +512,34 @@ u32bit validate_ecdsa_sig(const std::string& algo, return 2; } +u32bit validate_gost_ver(const std::string& algo, + const std::vector<std::string>& str) + { + if(str.size() != 5) + throw std::runtime_error("Invalid input from pk_valid.dat"); + +#if defined(BOTAN_HAS_GOST_34_10_2001) + + EC_Domain_Params group(OIDS::lookup(str[0])); + + PointGFp public_point = OS2ECP(decode_hex(str[1]), group.get_curve()); + + GOST_3410_PublicKey gost(group, public_point); + + std::string emsa = algo.substr(13, std::string::npos); + + PK_Verifier v(gost, emsa); + + SecureVector<byte> msg = decode_hex(str[2]); + SecureVector<byte> sig = decode_hex(str[3]); + + bool passed = v.verify_message(msg, msg.size(), sig, sig.size()); + return (passed ? 0 : 1); +#endif + + return 2; + } + u32bit validate_dsa_ver(const std::string& algo, const std::vector<std::string>& str) { @@ -820,6 +848,9 @@ u32bit do_pk_validation_tests(const std::string& filename, else if(algorithm.find("ECDSA/") == 0) new_errors = validate_ecdsa_sig(algorithm, substr); + else if(algorithm.find("GOST_3410_VA/") == 0) + new_errors = validate_gost_ver(algorithm, substr); + else if(algorithm.find("RSAES_PKCS8/") == 0) new_errors = validate_rsa_enc_pkcs8(algorithm, substr, rng); else if(algorithm.find("RSAVA_X509/") == 0) diff --git a/checks/pk_bench.cpp b/checks/pk_bench.cpp index 513a84f76..0ca836ff9 100644 --- a/checks/pk_bench.cpp +++ b/checks/pk_bench.cpp @@ -189,7 +189,7 @@ void benchmark_rsa(RandomNumberGenerator& rng, Benchmark_Report& report) { - size_t keylens[] = { 512, 1024, 2048, 4096, 6144, 8192, 0 }; + size_t keylens[] = { 1024, 2048, 4096, 6144, 0 }; for(size_t i = 0; keylens[i]; ++i) { @@ -264,7 +264,7 @@ void benchmark_rw(RandomNumberGenerator& rng, Benchmark_Report& report) { - const u32bit keylens[] = { 512, 1024, 2048, 4096, 6144, 8192, 0 }; + const u32bit keylens[] = { 1024, 2048, 4096, 6144, 0 }; for(size_t j = 0; keylens[j]; j++) { @@ -361,7 +361,7 @@ void benchmark_gost_3410(RandomNumberGenerator& rng, u32bit hashbits = pbits; - if(hashbits < 160) + if(hashbits <= 192) hashbits = 160; if(hashbits == 521) hashbits = 512; @@ -379,7 +379,7 @@ void benchmark_gost_3410(RandomNumberGenerator& rng, GOST_3410_PrivateKey key(rng, params); keygen_timer.stop(); - PK_Signer sig(key, padding); + PK_Signer sig(key, padding, IEEE_1363, DISABLE_FAULT_PROTECTION); PK_Verifier ver(key, padding); benchmark_sig_ver(ver, sig, verify_timer, @@ -458,9 +458,7 @@ void benchmark_dsa_nr(RandomNumberGenerator& rng, Benchmark_Report& report) { #if defined(BOTAN_HAS_NYBERG_RUEPPEL) || defined(BOTAN_HAS_DSA) - const char* domains[] = { "dsa/jce/512", - "dsa/jce/768", - "dsa/jce/1024", + const char* domains[] = { "dsa/jce/1024", "dsa/botan/2048", "dsa/botan/3072", NULL }; @@ -488,7 +486,7 @@ void benchmark_dsa_nr(RandomNumberGenerator& rng, algo_name = key.algo_name(); keygen_timer.stop(); - PK_Signer sig(key, padding); + PK_Signer sig(key, padding, IEEE_1363, DISABLE_FAULT_PROTECTION); PK_Verifier ver(key, padding); benchmark_sig_ver(ver, sig, verify_timer, @@ -508,8 +506,7 @@ void benchmark_dh(RandomNumberGenerator& rng, double seconds, Benchmark_Report& report) { - const char* domains[] = { "modp/ietf/768", - "modp/ietf/1024", + const char* domains[] = { "modp/ietf/1024", "modp/ietf/2048", "modp/ietf/3072", "modp/ietf/4096", diff --git a/checks/pk_valid.dat b/checks/pk_valid.dat index 40bd830c2..1190886e9 100644 --- a/checks/pk_valid.dat +++ b/checks/pk_valid.dat @@ -4200,6 +4200,24 @@ x962_p239v1:\ 2CB7F36803EBB9C427C58D8265F11FC5084747133078FC279DE874FBECB0\ 2EEAE988104E9C2234A3C2BEB1F53BFA5DC11FF36A875D1E3CCB1F7E45CF +# ECC verification format is group name:public key:message:signature +[GOST_3410_VA/EMSA1(GOST-34.11)] +gost_256A:\ +0400B6F1D75EF48902B0C2302F52CCC71233EC55B903061673AAA586A2B5\ +864048EA2675E8FD8DB1FEDFC7DD40E3CF3A319EE3130E0BE9FDF994B625\ +BC1885F271:\ +:\ +AA3CB0563295A3E281BA368DF8471DE0A4150B3CFCEA575D8A9CC9779035EC36\ +FE406F383A54127453AED406FA9A3B610B28F89FC918C07A5A75289E97B3A991 + +gost_256A:\ +04BFE0BA366BE575E45C5BBA339C51ACD75D517008A9D3169E3CCEA6EF08\ +046DA74312382D835BEEA1C561A75AFCAFDA0F75A4E5D9787F9DB2870A03\ +2AC1D90465:\ +:\ +B7AB61F33E0B70166C355963BB80B8F6DF54F7F6A43872295CD42B6ACF7DF678\ +F3AFCBE1398DDC01F0A9E4B45397F3ACD8F343399BD2805FB6293E9CB871123A + # NR Format: p:q:g:y:x:message:k:output [NR/EMSA1(SHA-1)] # Trickiness: in some of these, we put a leading 0 digit on the nonce (k). This diff --git a/checks/x509.cpp b/checks/x509.cpp index 96d99eee2..59bc8444b 100644 --- a/checks/x509.cpp +++ b/checks/x509.cpp @@ -119,7 +119,7 @@ u32bit check_against_copy(const Private_Key& orig, if(orig_id != pub_id || orig_id != priv_id || orig_id != priv_enc_id) { - std::cout << "Failed copy check\n"; + std::cout << "Failed copy check for " << orig.algo_name() << "\n"; return 1; } return 0; |