From 2d4bb591eb0cc35bfc559ab62bca722ab2e901f1 Mon Sep 17 00:00:00 2001 From: lloyd Date: Sat, 11 Oct 2008 19:29:21 +0000 Subject: Correct the expected signature name in test_decode_ecdsa_X509 - it wanted ECC_TESTDATA/EMSA1_BSI(SHA-224), while Botan is providing ECDSA/EMSA1_BSI(SHA-224) which seems more useful anyway. Also reindent the code to match more or less the convention in the rest of the codebase. At this point all ECDSA tests are pasing. (That probably just means there aren't enough ECDSA tests) --- doc/examples/ecdsa_tests.cpp | 789 +++++++++++++++++++++---------------------- 1 file changed, 393 insertions(+), 396 deletions(-) (limited to 'doc/examples') diff --git a/doc/examples/ecdsa_tests.cpp b/doc/examples/ecdsa_tests.cpp index c2ac8ccd2..706f39d1e 100644 --- a/doc/examples/ecdsa_tests.cpp +++ b/doc/examples/ecdsa_tests.cpp @@ -2,7 +2,8 @@ * ECDSA tests * * * * (C) 2007 Falko Strenzke * -* hartl@flexsecure.de * +* Manuel Hartl * +* 2008 Jack Lloyd * ******************************************************/ #include @@ -26,9 +27,8 @@ using namespace Botan; using namespace std; -#define BOOST_AUTO_TEST_CASE(name) void name() -#define BOOST_CHECK_MESSAGE(expr, print) try { if(!(expr)) std::cout << print << "\n"; } catch(std::exception& e) { std::cout << __FUNCTION__ << ": " << e.what() << "\n"; } -#define BOOST_CHECK(expr) try { if(!(expr)) std::cout << #expr << "\n"; } catch(std::exception& e) { std::cout << __FUNCTION__ << ": " << e.what() << "\n"; } +#define CHECK_MESSAGE(expr, print) try { if(!(expr)) std::cout << print << "\n"; } catch(std::exception& e) { std::cout << __FUNCTION__ << ": " << e.what() << "\n"; } +#define CHECK(expr) try { if(!(expr)) std::cout << #expr << "\n"; } catch(std::exception& e) { std::cout << __FUNCTION__ << ": " << e.what() << "\n"; } namespace { @@ -47,9 +47,9 @@ SecureVector decode_hex(const std::string& in) SecureVector result; try { - Botan::Pipe pipe(new Botan::Hex_Decoder); - pipe.process_msg(in); - result = pipe.read_all(); + Botan::Pipe pipe(new Botan::Hex_Decoder); + pipe.process_msg(in); + result = pipe.read_all(); } catch(std::exception& e) { @@ -62,222 +62,219 @@ SecureVector decode_hex(const std::string& in) /** - * Tests whether the the signing routine will work correctly in case the integer e - * that is constructed from the message (thus the hash value) is larger than n, the order of the base point. - * Tests the signing function of the pk signer object - */ - -BOOST_AUTO_TEST_CASE( test_hash_larger_than_n) -{ - cout << "." << flush; - - std::auto_ptr rng( - RandomNumberGenerator::make_rng()); - - //EC_Domain_Params dom_pars = global_config().get_ec_dompar("1.3.132.0.8"); - Botan::EC_Domain_Params dom_pars(Botan::get_EC_Dom_Pars_by_oid("1.3.132.0.8")); - // n: - // 0x0100000000000000000001f4c8f927aed3ca752257 // 21 bytes - // -> shouldn´t work with SHA224 which outputs 23 bytes - Botan::ECDSA_PrivateKey priv_key(*rng, dom_pars); - Botan::SecureVector message; - for (unsigned j= 0; j<20; j++) - { +* Tests whether the the signing routine will work correctly in case the integer e +* that is constructed from the message (thus the hash value) is larger than n, the order of the base point. +* Tests the signing function of the pk signer object +*/ + +void test_hash_larger_than_n() + { + cout << "." << flush; + + std::auto_ptr rng( + RandomNumberGenerator::make_rng()); + + //EC_Domain_Params dom_pars = global_config().get_ec_dompar("1.3.132.0.8"); + Botan::EC_Domain_Params dom_pars(Botan::get_EC_Dom_Pars_by_oid("1.3.132.0.8")); + // n: + // 0x0100000000000000000001f4c8f927aed3ca752257 // 21 bytes + // -> shouldn´t work with SHA224 which outputs 23 bytes + Botan::ECDSA_PrivateKey priv_key(*rng, dom_pars); + Botan::SecureVector message; + for (unsigned j= 0; j<20; j++) + { message.append(j); - } + } - for (int i = 0; i<3; i++) - { + for (int i = 0; i<3; i++) + { //cout << "i = " << i << endl; std::string format; if(i==1) - { - format = "EMSA1_BSI(SHA-224)"; - } + { + format = "EMSA1_BSI(SHA-224)"; + } else - { - format = "EMSA1_BSI(SHA-1)"; - } + { + format = "EMSA1_BSI(SHA-1)"; + } auto_ptr pk_signer(get_pk_signer(priv_key, format)); Botan::SecureVector signature; - bool sig_exc = false; - try - { - signature = pk_signer->sign_message(message, *rng); - } - catch(Botan::Encoding_Error e) - { - sig_exc = true; - } - if(i==1) - { - BOOST_CHECK(sig_exc); - } - if(i==0) - { - BOOST_CHECK(!sig_exc); - } - - - if(i==0) // makes no sense to check for sha224 - { - auto_ptr pk_verifier(get_pk_verifier(priv_key, format)); - bool ver = pk_verifier->verify_message(message, signature); - BOOST_CHECK(ver); - } - - } // for - - // now check that verification alone fails - - // sign it with the normal EMSA1 - auto_ptr pk_signer(get_pk_signer(priv_key, "EMSA1(SHA-224)")); - Botan::SecureVector signature = pk_signer->sign_message(message, *rng); - - auto_ptr pk_verifier(get_pk_verifier(priv_key, "EMSA1_BSI(SHA-224)")); - - - // verify against EMSA1_BSI - // we make sure it doesn´t fail because of the invalid signature, - // but because of the Encoding_Error - bool ver_exc = false; - try - { - pk_verifier->verify_message(message, signature); - } - catch(Botan::Encoding_Error e) - { - ver_exc = true; - } - BOOST_CHECK(ver_exc); + bool sig_exc = false; + try + { + signature = pk_signer->sign_message(message, *rng); + } + catch(Botan::Encoding_Error e) + { + sig_exc = true; + } + if(i==1) + { + CHECK(sig_exc); + } + if(i==0) + { + CHECK(!sig_exc); + } -} + if(i==0) // makes no sense to check for sha224 + { + auto_ptr pk_verifier(get_pk_verifier(priv_key, format)); + bool ver = pk_verifier->verify_message(message, signature); + CHECK(ver); + } + + } // for + + // now check that verification alone fails + + // sign it with the normal EMSA1 + auto_ptr pk_signer(get_pk_signer(priv_key, "EMSA1(SHA-224)")); + Botan::SecureVector signature = pk_signer->sign_message(message, *rng); + + auto_ptr pk_verifier(get_pk_verifier(priv_key, "EMSA1_BSI(SHA-224)")); + // verify against EMSA1_BSI + // we make sure it doesn´t fail because of the invalid signature, + // but because of the Encoding_Error + bool ver_exc = false; + try + { + pk_verifier->verify_message(message, signature); + } + catch(Botan::Encoding_Error e) + { + ver_exc = true; + } + CHECK(ver_exc); + } + /** * Tests whether the the signing routine will work correctly in case the integer e * that is constructed from the message is larger than n, the order of the base point */ -BOOST_AUTO_TEST_CASE( test_message_larger_than_n) -{ - cout << "." << flush; - - std::auto_ptr rng(RandomNumberGenerator::make_rng()); - - //Botan::EC_Domain_Params dom_pars = global_config().get_ec_dompar("1.3.132.0.8"); - Botan::EC_Domain_Params dom_pars(Botan::get_EC_Dom_Pars_by_oid("1.3.132.0.8")); - //Botan::EC_Domain_Params dom_pars = global_config().get_ec_dompar("1.2.840.10045.3.1.1"); - //Botan::EC_Domain_Params dom_pars = global_config().get_ec_dompar("1.3.36.3.3.2.8.1.1.3"); - Botan::ECDSA_PrivateKey priv_key(*rng, dom_pars); - string str_message = ("12345678901234567890abcdef1212345678901234567890abcdef1212345678901234567890abcdef12"); - Botan::SecureVector sv_message = decode_hex(str_message); - bool thrn = false; - Botan::SecureVector signature; - try - { - signature = priv_key.sign(sv_message.begin(), sv_message.size(), *rng); - } - catch (Botan::Invalid_Argument e) - { +void test_message_larger_than_n() + { + cout << "." << flush; + + std::auto_ptr rng(RandomNumberGenerator::make_rng()); + + //Botan::EC_Domain_Params dom_pars = global_config().get_ec_dompar("1.3.132.0.8"); + Botan::EC_Domain_Params dom_pars(Botan::get_EC_Dom_Pars_by_oid("1.3.132.0.8")); + //Botan::EC_Domain_Params dom_pars = global_config().get_ec_dompar("1.2.840.10045.3.1.1"); + //Botan::EC_Domain_Params dom_pars = global_config().get_ec_dompar("1.3.36.3.3.2.8.1.1.3"); + Botan::ECDSA_PrivateKey priv_key(*rng, dom_pars); + string str_message = ("12345678901234567890abcdef1212345678901234567890abcdef1212345678901234567890abcdef12"); + Botan::SecureVector sv_message = decode_hex(str_message); + bool thrn = false; + Botan::SecureVector signature; + try + { + signature = priv_key.sign(sv_message.begin(), sv_message.size(), *rng); + } + catch (Botan::Invalid_Argument e) + { thrn = true; - } - //cout << "signature = " << hex_encode(signature.begin(), signature.size()) << "\n"; - bool ver_success = priv_key.verify(sv_message.begin(), sv_message.size(), signature.begin(), signature.size()); - BOOST_CHECK_MESSAGE(ver_success, "generated signature could not be verified positively"); - //BOOST_CHECK_MESSAGE(thrn, "no exception was thrown although message to sign was too long"); -} + } + //cout << "signature = " << hex_encode(signature.begin(), signature.size()) << "\n"; + bool ver_success = priv_key.verify(sv_message.begin(), sv_message.size(), signature.begin(), signature.size()); + CHECK_MESSAGE(ver_success, "generated signature could not be verified positively"); + //CHECK_MESSAGE(thrn, "no exception was thrown although message to sign was too long"); + } -BOOST_AUTO_TEST_CASE( test_decode_ecdsa_X509) -{ - cout << "." << flush; +void test_decode_ecdsa_X509() + { + cout << "." << flush; - Botan::X509_Certificate cert("ecc_testdata/CSCA.CSCA.csca-germany.1.crt"); - BOOST_CHECK_MESSAGE(Botan::OIDS::lookup(cert.signature_algorithm().oid) == "ECC_TESTDATA/EMSA1_BSI(SHA-224)", "error reading signature algorithm from x509 ecdsa certificate"); - BOOST_CHECK_MESSAGE(to_hex(cert.serial_number()) == "01", "error reading serial from x509 ecdsa certificate"); - BOOST_CHECK_MESSAGE(to_hex(cert.authority_key_id()) == "0096452DE588F966C4CCDF161DD1F3F5341B71E7", "error reading authority key id from x509 ecdsa certificate"); - BOOST_CHECK_MESSAGE(to_hex(cert.subject_key_id()) == "0096452DE588F966C4CCDF161DD1F3F5341B71E7", "error reading Subject key id from x509 ecdsa certificate"); + Botan::X509_Certificate cert("ecc_testdata/CSCA.CSCA.csca-germany.1.crt"); + CHECK_MESSAGE(Botan::OIDS::lookup(cert.signature_algorithm().oid) == "ECDSA/EMSA1_BSI(SHA-224)", "error reading signature algorithm from x509 ecdsa certificate"); + CHECK_MESSAGE(to_hex(cert.serial_number()) == "01", "error reading serial from x509 ecdsa certificate"); + CHECK_MESSAGE(to_hex(cert.authority_key_id()) == "0096452DE588F966C4CCDF161DD1F3F5341B71E7", "error reading authority key id from x509 ecdsa certificate"); + CHECK_MESSAGE(to_hex(cert.subject_key_id()) == "0096452DE588F966C4CCDF161DD1F3F5341B71E7", "error reading Subject key id from x509 ecdsa certificate"); - auto_ptr pubkey(cert.subject_public_key()); - bool ver_ec = cert.check_signature(*pubkey); - BOOST_CHECK_MESSAGE(ver_ec, "could not positively verify correct selfsigned x509-ecdsa certificate"); -} + auto_ptr pubkey(cert.subject_public_key()); + bool ver_ec = cert.check_signature(*pubkey); + CHECK_MESSAGE(ver_ec, "could not positively verify correct selfsigned x509-ecdsa certificate"); + } -BOOST_AUTO_TEST_CASE( test_decode_ver_link_SHA256) -{ - cout << "." << flush; +void test_decode_ver_link_SHA256() + { + cout << "." << flush; - Botan::X509_Certificate root_cert("ecc_testdata/root2_SHA256.cer"); - Botan::X509_Certificate link_cert("ecc_testdata/link_SHA256.cer"); + Botan::X509_Certificate root_cert("ecc_testdata/root2_SHA256.cer"); + Botan::X509_Certificate link_cert("ecc_testdata/link_SHA256.cer"); - auto_ptr pubkey(root_cert.subject_public_key()); - bool ver_ec = link_cert.check_signature(*pubkey); - BOOST_CHECK_MESSAGE(ver_ec, "could not positively verifiy correct SHA256 link x509-ecdsa certificate"); + auto_ptr pubkey(root_cert.subject_public_key()); + bool ver_ec = link_cert.check_signature(*pubkey); + CHECK_MESSAGE(ver_ec, "could not positively verifiy correct SHA256 link x509-ecdsa certificate"); -} -BOOST_AUTO_TEST_CASE( test_decode_ver_link_SHA1) -{ - cout << "." << flush; + } +void test_decode_ver_link_SHA1() + { + cout << "." << flush; - Botan::X509_Certificate root_cert("ecc_testdata/root_SHA1.163.crt"); - Botan::X509_Certificate link_cert("ecc_testdata/link_SHA1.166.crt"); + Botan::X509_Certificate root_cert("ecc_testdata/root_SHA1.163.crt"); + Botan::X509_Certificate link_cert("ecc_testdata/link_SHA1.166.crt"); - auto_ptr pubkey(root_cert.subject_public_key()); - bool ver_ec = link_cert.check_signature(*pubkey); - BOOST_CHECK_MESSAGE(ver_ec, "could not positively verifiy correct SHA1 link x509-ecdsa certificate"); -} + auto_ptr pubkey(root_cert.subject_public_key()); + bool ver_ec = link_cert.check_signature(*pubkey); + CHECK_MESSAGE(ver_ec, "could not positively verifiy correct SHA1 link x509-ecdsa certificate"); + } -BOOST_AUTO_TEST_CASE( test_sign_then_ver) -{ - cout << "." << flush; - - std::auto_ptr rng(RandomNumberGenerator::make_rng()); - - string g_secp("024a96b5688ef573284664698968c38bb913cbfc82"); - Botan::SecureVector sv_g_secp = decode_hex(g_secp); - BigInt bi_p_secp("0xffffffffffffffffffffffffffffffff7fffffff"); - BigInt bi_a_secp("0xffffffffffffffffffffffffffffffff7ffffffc"); - BigInt bi_b_secp("0x1c97befc54bd7a8b65acf89f81d4d4adc565fa45"); - BigInt order = BigInt("0x0100000000000000000001f4c8f927aed3ca752257"); - CurveGFp curve(GFpElement(bi_p_secp,bi_a_secp), GFpElement(bi_p_secp, bi_b_secp), bi_p_secp); - BigInt cofactor = BigInt(1); - PointGFp p_G = OS2ECP ( sv_g_secp, curve ); - - Botan::EC_Domain_Params dom_pars = Botan::EC_Domain_Params(curve, p_G, order, cofactor); - Botan::ECDSA_PrivateKey my_priv_key(*rng, dom_pars); - - string str_message = ("12345678901234567890abcdef12"); - Botan::SecureVector sv_message = decode_hex(str_message); - Botan::SecureVector signature = my_priv_key.sign(sv_message.begin(), sv_message.size(), *rng); - //cout << "signature = " << hex_encode(signature.begin(), signature.size()) << "\n"; - bool ver_success = my_priv_key.verify(sv_message.begin(), sv_message.size(), signature.begin(), signature.size()); - BOOST_CHECK_MESSAGE(ver_success, "generated signature could not be verified positively"); - signature[signature.size()-1] += 0x01; - bool ver_must_fail = my_priv_key.verify(sv_message.begin(), sv_message.size(), signature.begin(), signature.size()); - BOOST_CHECK_MESSAGE(!ver_must_fail, "corrupted signature could be verified positively"); -} +void test_sign_then_ver() + { + cout << "." << flush; + + std::auto_ptr rng(RandomNumberGenerator::make_rng()); + + string g_secp("024a96b5688ef573284664698968c38bb913cbfc82"); + Botan::SecureVector sv_g_secp = decode_hex(g_secp); + BigInt bi_p_secp("0xffffffffffffffffffffffffffffffff7fffffff"); + BigInt bi_a_secp("0xffffffffffffffffffffffffffffffff7ffffffc"); + BigInt bi_b_secp("0x1c97befc54bd7a8b65acf89f81d4d4adc565fa45"); + BigInt order = BigInt("0x0100000000000000000001f4c8f927aed3ca752257"); + CurveGFp curve(GFpElement(bi_p_secp,bi_a_secp), GFpElement(bi_p_secp, bi_b_secp), bi_p_secp); + BigInt cofactor = BigInt(1); + PointGFp p_G = OS2ECP ( sv_g_secp, curve ); + + Botan::EC_Domain_Params dom_pars = Botan::EC_Domain_Params(curve, p_G, order, cofactor); + Botan::ECDSA_PrivateKey my_priv_key(*rng, dom_pars); + + string str_message = ("12345678901234567890abcdef12"); + Botan::SecureVector sv_message = decode_hex(str_message); + Botan::SecureVector signature = my_priv_key.sign(sv_message.begin(), sv_message.size(), *rng); + //cout << "signature = " << hex_encode(signature.begin(), signature.size()) << "\n"; + bool ver_success = my_priv_key.verify(sv_message.begin(), sv_message.size(), signature.begin(), signature.size()); + CHECK_MESSAGE(ver_success, "generated signature could not be verified positively"); + signature[signature.size()-1] += 0x01; + bool ver_must_fail = my_priv_key.verify(sv_message.begin(), sv_message.size(), signature.begin(), signature.size()); + CHECK_MESSAGE(!ver_must_fail, "corrupted signature could be verified positively"); + } -BOOST_AUTO_TEST_CASE(test_ec_sign) -{ - cout << "." << flush; +void test_ec_sign() + { + cout << "." << flush; #if 0 - try - { + try + { ifstream message("checks/messages/ec_test_mes1"); - if (!message) - { - BOOST_CHECK_MESSAGE(false, "Couldn't read the message file."); - return; - } + if(!message) + { + CHECK_MESSAGE(false, "Couldn't read the message file."); + return; + } string outfile = "ecc_testdata/ec_test_mes1.sig"; ofstream sigfile(outfile.c_str()); - if (!sigfile) - { - BOOST_CHECK_MESSAGE(false, "Couldn't write the signature to " << outfile); - return; - } + if(!sigfile) + { + CHECK_MESSAGE(false, "Couldn't write the signature to " << outfile); + return; + } std::auto_ptr rng(RandomNumberGenerator::make_rng()); @@ -301,23 +298,23 @@ BOOST_AUTO_TEST_CASE(test_ec_sign) ofstream os_priv_key("ecc_testdata/matching_key.pkcs8.pem"); os_priv_key << Botan::PKCS8::PEM_encode(priv_key); - //BOOST_CHECK(true); - } + //CHECK(true); + } - catch (exception& e) - { - BOOST_CHECK_MESSAGE(false, "something went wrong while signing..."); - } + catch (exception& e) + { + CHECK_MESSAGE(false, "something went wrong while signing..."); + } #endif -} + } -BOOST_AUTO_TEST_CASE( test_create_pkcs8) -{ - cout << "." << flush; - try - { - std::auto_ptr rng(RandomNumberGenerator::make_rng()); +void test_create_pkcs8() + { + cout << "." << flush; + try + { + std::auto_ptr rng(RandomNumberGenerator::make_rng()); Botan::RSA_PrivateKey rsa_key(*rng, 1024); //RSA_PrivateKey rsa_key2(1024); @@ -332,126 +329,126 @@ BOOST_AUTO_TEST_CASE( test_create_pkcs8) Botan::ECDSA_PrivateKey key(*rng, dom_pars); ofstream priv_key("ecc_testdata/wo_dompar_private.pkcs8.pem"); priv_key << Botan::PKCS8::PEM_encode(key); - //BOOST_CHECK(true); - } + //CHECK(true); + } - catch (exception& e) - { - BOOST_CHECK_MESSAGE(false, "something went wrong while writing key-file"); - } -} + catch (exception& e) + { + CHECK_MESSAGE(false, "something went wrong while writing key-file"); + } + } + +void test_create_and_verify() + { + std::auto_ptr rng(RandomNumberGenerator::make_rng()); + + { + cout << "." << flush; + // cout << "create_and_verify started" << endl; -BOOST_AUTO_TEST_CASE( test_create_and_verify) -{ - std::auto_ptr rng(RandomNumberGenerator::make_rng()); - - { - cout << "." << flush; -// cout << "create_and_verify started" << endl; - - - //Botan::EC_Domain_Params dom_pars = global_config().get_ec_dompar("1.3.132.0.8"); - Botan::EC_Domain_Params dom_pars(Botan::get_EC_Dom_Pars_by_oid("1.3.132.0.8")); - Botan::ECDSA_PrivateKey key(*rng, dom_pars); - ofstream priv_key("ecc_testdata/dompar_private.pkcs8.pem"); - priv_key << Botan::PKCS8::PEM_encode(key); - - auto_ptr loaded_key(Botan::PKCS8::load_key("ecc_testdata/wo_dompar_private.pkcs8.pem", *rng)); - Botan::ECDSA_PrivateKey* loaded_ec_key = dynamic_cast(loaded_key.get()); - BOOST_CHECK_MESSAGE(loaded_ec_key, "the loaded key could not be converted into an ECDSA_PrivateKey"); - - auto_ptr loaded_key_1(Botan::PKCS8::load_key("ecc_testdata/rsa_private.pkcs8.pem", *rng)); - Botan::ECDSA_PrivateKey* loaded_rsa_key = dynamic_cast(loaded_key_1.get()); - BOOST_CHECK_MESSAGE(!loaded_rsa_key, "the loaded key is ECDSA_PrivateKey -> shouldn't be, is a RSA-Key"); - } - - { - //calc a curve which is not in the registry - - // init the lib - - // string p_secp = "2117607112719756483104013348936480976596328609518055062007450442679169492999007105354629105748524349829824407773719892437896937279095106809"; - string a_secp = "0a377dede6b523333d36c78e9b0eaa3bf48ce93041f6d4fc34014d08f6833807498deedd4290101c5866e8dfb589485d13357b9e78c2d7fbe9fe"; - string b_secp = "0a9acf8c8ba617777e248509bcb4717d4db346202bf9e352cd5633731dd92a51b72a4dc3b3d17c823fcc8fbda4da08f25dea89046087342595a7"; - string G_secp_comp = "04081523d03d4f12cd02879dea4bf6a4f3a7df26ed888f10c5b2235a1274c386a2f218300dee6ed217841164533bcdc903f07a096f9fbf4ee95bac098a111f296f5830fe5c35b3e344d5df3a2256985f64fbe6d0edcc4c61d18bef681dd399df3d0194c5a4315e012e0245ecea56365baa9e8be1f7"; - string order_g = "0e1a16196e6000000000bc7f1618d867b15bb86474418f"; - - // ::Botan::SecureVector sv_p_secp = decode_hex ( p_secp ); - Botan::SecureVector sv_a_secp = decode_hex ( a_secp ); - Botan::SecureVector sv_b_secp = decode_hex ( b_secp ); - Botan::SecureVector sv_G_secp_comp = decode_hex ( G_secp_comp ); - Botan::SecureVector sv_order_g = decode_hex ( order_g ); - - // BigInt bi_p_secp = BigInt::decode ( sv_p_secp.begin(), sv_p_secp.size() ); - BigInt bi_p_secp("2117607112719756483104013348936480976596328609518055062007450442679169492999007105354629105748524349829824407773719892437896937279095106809"); - BigInt bi_a_secp = BigInt::decode ( sv_a_secp.begin(), sv_a_secp.size() ); - BigInt bi_b_secp = BigInt::decode ( sv_b_secp.begin(), sv_b_secp.size() ); - BigInt bi_order_g = BigInt::decode ( sv_order_g.begin(), sv_order_g.size() ); - CurveGFp curve ( GFpElement ( bi_p_secp,bi_a_secp ), GFpElement ( bi_p_secp, bi_b_secp ), bi_p_secp ); - PointGFp p_G = OS2ECP ( sv_G_secp_comp, curve ); - { - Botan::EC_Domain_Params dom_params(curve, p_G, bi_order_g, BigInt(1)); - p_G.check_invariants(); - Botan::ECDSA_PrivateKey key(*rng, dom_params); - ofstream priv_key("ecc_testdata/ec_oid_not_in_reg_private.pkcs8.pem"); + + //Botan::EC_Domain_Params dom_pars = global_config().get_ec_dompar("1.3.132.0.8"); + Botan::EC_Domain_Params dom_pars(Botan::get_EC_Dom_Pars_by_oid("1.3.132.0.8")); + Botan::ECDSA_PrivateKey key(*rng, dom_pars); + ofstream priv_key("ecc_testdata/dompar_private.pkcs8.pem"); priv_key << Botan::PKCS8::PEM_encode(key); - } - auto_ptr loaded_key(Botan::PKCS8::load_key("ecc_testdata/ec_oid_not_in_reg_private.pkcs8.pem", *rng)); - Botan::ECDSA_PrivateKey* loaded_ec_key = dynamic_cast(loaded_key.get()); - BOOST_CHECK_MESSAGE(loaded_ec_key, "the loaded key could not be converted into an ECDSA_PrivateKey"); - } + auto_ptr loaded_key(Botan::PKCS8::load_key("ecc_testdata/wo_dompar_private.pkcs8.pem", *rng)); + Botan::ECDSA_PrivateKey* loaded_ec_key = dynamic_cast(loaded_key.get()); + CHECK_MESSAGE(loaded_ec_key, "the loaded key could not be converted into an ECDSA_PrivateKey"); -// cout << "create_and_verify finished" << endl; -} + auto_ptr loaded_key_1(Botan::PKCS8::load_key("ecc_testdata/rsa_private.pkcs8.pem", *rng)); + Botan::ECDSA_PrivateKey* loaded_rsa_key = dynamic_cast(loaded_key_1.get()); + CHECK_MESSAGE(!loaded_rsa_key, "the loaded key is ECDSA_PrivateKey -> shouldn't be, is a RSA-Key"); + } + + { + //calc a curve which is not in the registry + + // init the lib + + // string p_secp = "2117607112719756483104013348936480976596328609518055062007450442679169492999007105354629105748524349829824407773719892437896937279095106809"; + string a_secp = "0a377dede6b523333d36c78e9b0eaa3bf48ce93041f6d4fc34014d08f6833807498deedd4290101c5866e8dfb589485d13357b9e78c2d7fbe9fe"; + string b_secp = "0a9acf8c8ba617777e248509bcb4717d4db346202bf9e352cd5633731dd92a51b72a4dc3b3d17c823fcc8fbda4da08f25dea89046087342595a7"; + string G_secp_comp = "04081523d03d4f12cd02879dea4bf6a4f3a7df26ed888f10c5b2235a1274c386a2f218300dee6ed217841164533bcdc903f07a096f9fbf4ee95bac098a111f296f5830fe5c35b3e344d5df3a2256985f64fbe6d0edcc4c61d18bef681dd399df3d0194c5a4315e012e0245ecea56365baa9e8be1f7"; + string order_g = "0e1a16196e6000000000bc7f1618d867b15bb86474418f"; + + // ::Botan::SecureVector sv_p_secp = decode_hex ( p_secp ); + Botan::SecureVector sv_a_secp = decode_hex ( a_secp ); + Botan::SecureVector sv_b_secp = decode_hex ( b_secp ); + Botan::SecureVector sv_G_secp_comp = decode_hex ( G_secp_comp ); + Botan::SecureVector sv_order_g = decode_hex ( order_g ); + + // BigInt bi_p_secp = BigInt::decode ( sv_p_secp.begin(), sv_p_secp.size() ); + BigInt bi_p_secp("2117607112719756483104013348936480976596328609518055062007450442679169492999007105354629105748524349829824407773719892437896937279095106809"); + BigInt bi_a_secp = BigInt::decode ( sv_a_secp.begin(), sv_a_secp.size() ); + BigInt bi_b_secp = BigInt::decode ( sv_b_secp.begin(), sv_b_secp.size() ); + BigInt bi_order_g = BigInt::decode ( sv_order_g.begin(), sv_order_g.size() ); + CurveGFp curve ( GFpElement ( bi_p_secp,bi_a_secp ), GFpElement ( bi_p_secp, bi_b_secp ), bi_p_secp ); + PointGFp p_G = OS2ECP ( sv_G_secp_comp, curve ); + { + Botan::EC_Domain_Params dom_params(curve, p_G, bi_order_g, BigInt(1)); + p_G.check_invariants(); + Botan::ECDSA_PrivateKey key(*rng, dom_params); + ofstream priv_key("ecc_testdata/ec_oid_not_in_reg_private.pkcs8.pem"); + priv_key << Botan::PKCS8::PEM_encode(key); + } + + auto_ptr loaded_key(Botan::PKCS8::load_key("ecc_testdata/ec_oid_not_in_reg_private.pkcs8.pem", *rng)); + Botan::ECDSA_PrivateKey* loaded_ec_key = dynamic_cast(loaded_key.get()); + CHECK_MESSAGE(loaded_ec_key, "the loaded key could not be converted into an ECDSA_PrivateKey"); + } -BOOST_AUTO_TEST_CASE( test_curve_registry) -{ - bool skip_test = false; - //cout << "start test_curve_registry " << endl; + // cout << "create_and_verify finished" << endl; + } + +void test_curve_registry() + { + bool skip_test = false; + //cout << "start test_curve_registry " << endl; - if (skip_test) - { + if(skip_test) + { //cout << "test_curve_registry disabled" << endl; return; - } - - // setting up oid's - vector oids; - oids.push_back("1.3.132.0.8"); - oids.push_back("1.2.840.10045.3.1.1"); - oids.push_back("1.2.840.10045.3.1.2"); - oids.push_back("1.2.840.10045.3.1.3"); - oids.push_back("1.2.840.10045.3.1.4"); - oids.push_back("1.2.840.10045.3.1.5"); - oids.push_back("1.2.840.10045.3.1.6"); - oids.push_back("1.2.840.10045.3.1.7"); - oids.push_back("1.3.132.0.6"); - oids.push_back("1.3.132.0.7"); - oids.push_back("1.3.132.0.28"); - oids.push_back("1.3.132.0.29"); - oids.push_back("1.3.132.0.9"); - oids.push_back("1.3.132.0.30"); - oids.push_back("1.3.132.0.31"); - oids.push_back("1.3.132.0.32"); - oids.push_back("1.3.132.0.33"); - oids.push_back("1.3.132.0.10"); - oids.push_back("1.3.132.0.34"); - oids.push_back("1.3.132.0.35"); - oids.push_back("1.3.6.1.4.1.8301.3.1.2.9.0.38"); - oids.push_back("1.3.36.3.3.2.8.1.1.1"); - oids.push_back("1.3.36.3.3.2.8.1.1.3"); - oids.push_back("1.3.36.3.3.2.8.1.1.5"); - oids.push_back("1.3.36.3.3.2.8.1.1.7"); - oids.push_back("1.3.36.3.3.2.8.1.1.9"); - oids.push_back("1.3.36.3.3.2.8.1.1.11"); - oids.push_back("1.3.36.3.3.2.8.1.1.13"); - - std::auto_ptr rng(RandomNumberGenerator::make_rng()); - - unsigned int i; - for (i = 0; i < oids.size(); i++) - { + } + + // setting up oid's + vector oids; + oids.push_back("1.3.132.0.8"); + oids.push_back("1.2.840.10045.3.1.1"); + oids.push_back("1.2.840.10045.3.1.2"); + oids.push_back("1.2.840.10045.3.1.3"); + oids.push_back("1.2.840.10045.3.1.4"); + oids.push_back("1.2.840.10045.3.1.5"); + oids.push_back("1.2.840.10045.3.1.6"); + oids.push_back("1.2.840.10045.3.1.7"); + oids.push_back("1.3.132.0.6"); + oids.push_back("1.3.132.0.7"); + oids.push_back("1.3.132.0.28"); + oids.push_back("1.3.132.0.29"); + oids.push_back("1.3.132.0.9"); + oids.push_back("1.3.132.0.30"); + oids.push_back("1.3.132.0.31"); + oids.push_back("1.3.132.0.32"); + oids.push_back("1.3.132.0.33"); + oids.push_back("1.3.132.0.10"); + oids.push_back("1.3.132.0.34"); + oids.push_back("1.3.132.0.35"); + oids.push_back("1.3.6.1.4.1.8301.3.1.2.9.0.38"); + oids.push_back("1.3.36.3.3.2.8.1.1.1"); + oids.push_back("1.3.36.3.3.2.8.1.1.3"); + oids.push_back("1.3.36.3.3.2.8.1.1.5"); + oids.push_back("1.3.36.3.3.2.8.1.1.7"); + oids.push_back("1.3.36.3.3.2.8.1.1.9"); + oids.push_back("1.3.36.3.3.2.8.1.1.11"); + oids.push_back("1.3.36.3.3.2.8.1.1.13"); + + std::auto_ptr rng(RandomNumberGenerator::make_rng()); + + unsigned int i; + for (i = 0; i < oids.size(); i++) + { cout << "." << flush; //cout << "testing curve " << i+1 << "/" << oids.size() << ": " << oids[i] << endl; //EC_Domain_Params dom_pars = global_config().get_ec_dompar(oids[i]); @@ -466,135 +463,135 @@ BOOST_AUTO_TEST_CASE( test_curve_registry) Botan::SecureVector sv_message = decode_hex(str_message); Botan::SecureVector signature = key.sign(sv_message.begin(), sv_message.size(), *rng); bool ver_success = key.verify(sv_message.begin(), sv_message.size(), signature.begin(), signature.size()); - BOOST_CHECK_MESSAGE(ver_success, "generated signature could not be verified positively"); + CHECK_MESSAGE(ver_success, "generated signature could not be verified positively"); } catch(Botan::Invalid_Argument& e) { std::cout << "Error testing curve " << oids[i] << " - " << e.what() << "\n"; } - } -// cout << "test_curve_registry finished" << endl; -} + } + // cout << "test_curve_registry finished" << endl; + } -BOOST_AUTO_TEST_CASE( test_read_pkcs8) -{ - cout << "." << flush; - try - { - std::auto_ptr rng(RandomNumberGenerator::make_rng()); +void test_read_pkcs8() + { + cout << "." << flush; + try + { + std::auto_ptr rng(RandomNumberGenerator::make_rng()); - auto_ptr loaded_key(Botan::PKCS8::load_key("ecc_testdata/wo_dompar_private.pkcs8.pem", *rng)); + auto_ptr loaded_key(Botan::PKCS8::load_key("ecc_testdata/wo_dompar_private.pkcs8.pem", *rng)); Botan::ECDSA_PrivateKey* loaded_ec_key = dynamic_cast(loaded_key.get()); - BOOST_CHECK_MESSAGE(loaded_ec_key, "the loaded key could not be converted into an ECDSA_PrivateKey"); + CHECK_MESSAGE(loaded_ec_key, "the loaded key could not be converted into an ECDSA_PrivateKey"); string str_message = ("12345678901234567890abcdef12"); Botan::SecureVector sv_message = decode_hex(str_message); Botan::SecureVector signature = loaded_ec_key->sign(sv_message.begin(), sv_message.size(), *rng); //cout << "signature = " << hex_encode(signature.begin(), signature.size()) << "\n"; bool ver_success = loaded_ec_key->verify(sv_message.begin(), sv_message.size(), signature.begin(), signature.size()); - BOOST_CHECK_MESSAGE(ver_success, "generated signature could not be verified positively"); + CHECK_MESSAGE(ver_success, "generated signature could not be verified positively"); auto_ptr loaded_key_nodp(Botan::PKCS8::load_key("ecc_testdata/nodompar_private.pkcs8.pem", *rng)); // anew in each test with unregistered domain-parameters Botan::ECDSA_PrivateKey* loaded_ec_key_nodp = dynamic_cast(loaded_key_nodp.get()); - BOOST_CHECK_MESSAGE(loaded_ec_key_nodp, "the loaded key could not be converted into an ECDSA_PrivateKey"); + CHECK_MESSAGE(loaded_ec_key_nodp, "the loaded key could not be converted into an ECDSA_PrivateKey"); Botan::SecureVector signature_nodp = loaded_ec_key_nodp->sign(sv_message.begin(), sv_message.size(), *rng); //cout << "signature = " << hex_encode(signature.begin(), signature.size()) << "\n"; bool ver_success_nodp = loaded_ec_key_nodp->verify(sv_message.begin(), sv_message.size(), signature_nodp.begin(), signature_nodp.size()); - BOOST_CHECK_MESSAGE(ver_success_nodp, "generated signature could not be verified positively (no_dom)"); + CHECK_MESSAGE(ver_success_nodp, "generated signature could not be verified positively (no_dom)"); try - { - auto_ptr loaded_key_withdp(Botan::PKCS8::load_key("ecc_testdata/withdompar_private.pkcs8.pem", *rng)); - BOOST_CHECK_MESSAGE(false, "could load key but unknown OID is set"); - } + { + auto_ptr loaded_key_withdp(Botan::PKCS8::load_key("ecc_testdata/withdompar_private.pkcs8.pem", *rng)); + CHECK_MESSAGE(false, "could load key but unknown OID is set"); + } catch (exception& e) - { - BOOST_CHECK(true); - } - } - catch (exception& e) - { - BOOST_CHECK_MESSAGE(false, "Exception in test_read_pkcs8 message: " << e.what()); - } -} + { + CHECK(true); + } + } + catch (exception& e) + { + CHECK_MESSAGE(false, "Exception in test_read_pkcs8 message: " << e.what()); + } + } /** * The following test tests the copy ctors and and copy-assignment operators */ -BOOST_AUTO_TEST_CASE( test_cp_and_as_ctors ) -{ - cout << "." << flush; +void test_cp_and_as_ctors () + { + cout << "." << flush; - std::auto_ptr rng(RandomNumberGenerator::make_rng()); + std::auto_ptr rng(RandomNumberGenerator::make_rng()); - auto_ptr loaded_key(Botan::PKCS8::load_key("ecc_testdata/wo_dompar_private.pkcs8.pem", *rng)); - Botan::ECDSA_PrivateKey* loaded_ec_key = dynamic_cast(loaded_key.get()); - BOOST_CHECK_MESSAGE(loaded_ec_key, "the loaded key could not be converted into an ECDSA_PrivateKey"); - string str_message = ("12345678901234567890abcdef12"); - Botan::SecureVector sv_message = decode_hex(str_message); - Botan::SecureVector signature_1 = loaded_ec_key->sign(sv_message.begin(), sv_message.size(), *rng); - //cout << "signature = " << hex_encode(signature.begin(), signature.size()) << "\n"; + auto_ptr loaded_key(Botan::PKCS8::load_key("ecc_testdata/wo_dompar_private.pkcs8.pem", *rng)); + Botan::ECDSA_PrivateKey* loaded_ec_key = dynamic_cast(loaded_key.get()); + CHECK_MESSAGE(loaded_ec_key, "the loaded key could not be converted into an ECDSA_PrivateKey"); + string str_message = ("12345678901234567890abcdef12"); + Botan::SecureVector sv_message = decode_hex(str_message); + Botan::SecureVector signature_1 = loaded_ec_key->sign(sv_message.begin(), sv_message.size(), *rng); + //cout << "signature = " << hex_encode(signature.begin(), signature.size()) << "\n"; - Botan::ECDSA_PrivateKey cp_priv_key(*loaded_ec_key); // priv-key, cp-ctor - Botan::SecureVector signature_2 = cp_priv_key.sign(sv_message.begin(), sv_message.size(), *rng); + Botan::ECDSA_PrivateKey cp_priv_key(*loaded_ec_key); // priv-key, cp-ctor + Botan::SecureVector signature_2 = cp_priv_key.sign(sv_message.begin(), sv_message.size(), *rng); - Botan::ECDSA_PrivateKey as_priv_key = *loaded_ec_key; //priv-key, as-op - Botan::SecureVector signature_3 = as_priv_key.sign(sv_message.begin(), sv_message.size(), *rng); + Botan::ECDSA_PrivateKey as_priv_key = *loaded_ec_key; //priv-key, as-op + Botan::SecureVector signature_3 = as_priv_key.sign(sv_message.begin(), sv_message.size(), *rng); - Botan::ECDSA_PublicKey pk_1 = cp_priv_key; // pub-key, as-op - Botan::ECDSA_PublicKey pk_2(pk_1); // pub-key, cp-ctor - Botan::ECDSA_PublicKey pk_3; - pk_3 = pk_2; // pub-key, as-op + Botan::ECDSA_PublicKey pk_1 = cp_priv_key; // pub-key, as-op + Botan::ECDSA_PublicKey pk_2(pk_1); // pub-key, cp-ctor + Botan::ECDSA_PublicKey pk_3; + pk_3 = pk_2; // pub-key, as-op - bool ver_success_1 = pk_1.verify(sv_message.begin(), sv_message.size(), signature_1.begin(), signature_1.size()); + bool ver_success_1 = pk_1.verify(sv_message.begin(), sv_message.size(), signature_1.begin(), signature_1.size()); - bool ver_success_2 = pk_2.verify(sv_message.begin(), sv_message.size(), signature_2.begin(), signature_2.size()); + bool ver_success_2 = pk_2.verify(sv_message.begin(), sv_message.size(), signature_2.begin(), signature_2.size()); - bool ver_success_3 = pk_3.verify(sv_message.begin(), sv_message.size(), signature_3.begin(), signature_3.size()); + bool ver_success_3 = pk_3.verify(sv_message.begin(), sv_message.size(), signature_3.begin(), signature_3.size()); - BOOST_CHECK_MESSAGE((ver_success_1 && ver_success_2 && ver_success_3), "different results for copied keys"); -} + CHECK_MESSAGE((ver_success_1 && ver_success_2 && ver_success_3), "different results for copied keys"); + } /** * The following test tests whether ECDSA keys exhibit correct behaviour when it is * attempted to use them in an uninitialized state */ -BOOST_AUTO_TEST_CASE( test_non_init_ecdsa_keys ) -{ - cout << "." << flush; - - std::auto_ptr rng(RandomNumberGenerator::make_rng()); - - auto_ptr loaded_key(Botan::PKCS8::load_key("ecc_testdata/wo_dompar_private.pkcs8.pem", *rng)); - //Botan::ECDSA_PrivateKey* loaded_ec_key = dynamic_cast(loaded_key.get()); - //BOOST_CHECK_MESSAGE(loaded_ec_key, "the loaded key could not be converted into an ECDSA_PrivateKey"); - string str_message = ("12345678901234567890abcdef12"); - Botan::ECDSA_PrivateKey empty_priv; - Botan::ECDSA_PublicKey empty_pub; - Botan::SecureVector sv_message = decode_hex(str_message); - bool exc1 = false; - try - { - Botan::SecureVector signature_1 = empty_priv.sign(sv_message.begin(), sv_message.size(), *rng); - } - catch (Botan::Exception e) - { +void test_non_init_ecdsa_keys () + { + cout << "." << flush; + + std::auto_ptr rng(RandomNumberGenerator::make_rng()); + + auto_ptr loaded_key(Botan::PKCS8::load_key("ecc_testdata/wo_dompar_private.pkcs8.pem", *rng)); + //Botan::ECDSA_PrivateKey* loaded_ec_key = dynamic_cast(loaded_key.get()); + //CHECK_MESSAGE(loaded_ec_key, "the loaded key could not be converted into an ECDSA_PrivateKey"); + string str_message = ("12345678901234567890abcdef12"); + Botan::ECDSA_PrivateKey empty_priv; + Botan::ECDSA_PublicKey empty_pub; + Botan::SecureVector sv_message = decode_hex(str_message); + bool exc1 = false; + try + { + Botan::SecureVector signature_1 = empty_priv.sign(sv_message.begin(), sv_message.size(), *rng); + } + catch (Botan::Exception e) + { exc1 = true; - } - BOOST_CHECK_MESSAGE(exc1, "there was no exception thrown when attempting to use an uninitialized ECDSA key"); + } + CHECK_MESSAGE(exc1, "there was no exception thrown when attempting to use an uninitialized ECDSA key"); - bool exc2 = false; - try - { + bool exc2 = false; + try + { empty_pub.verify(sv_message.begin(), sv_message.size(), sv_message.begin(), sv_message.size()); - } - catch (Botan::Exception e) - { + } + catch (Botan::Exception e) + { exc2 = true; - } - BOOST_CHECK_MESSAGE(exc2, "there was no exception thrown when attempting to use an uninitialized ECDSA key"); -} + } + CHECK_MESSAGE(exc2, "there was no exception thrown when attempting to use an uninitialized ECDSA key"); + } int main() { -- cgit v1.2.3