5079590438

Committed 25 May 2023 12:28PM UTC coverage: 92.228% (+0.5%) from 91.723%

Build # 5079590438

Build Type

Pull #3502

github

Pull Request Pull Request #3502: Apply clang-format to the codebase

Run Details

75589 of 81959 relevant lines covered (92.23%)

12139530.51 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

94.42

/src/tests/unit_ecdsa.cpp

/*
* ECDSA Tests
*
* (C) 2007 Falko Strenzke
*     2007 Manuel Hartl
*     2008,2015 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/

#include "tests.h"
#include <botan/hex.h>
#include <numeric>

#if defined(BOTAN_HAS_ECDSA)
   #include <botan/data_src.h>
   #include <botan/ec_group.h>
   #include <botan/ecdsa.h>
   #include <botan/hash.h>
   #include <botan/pkcs8.h>
   #include <botan/pubkey.h>
#endif

#if defined(BOTAN_HAS_X509_CERTIFICATES)
   #include <botan/x509cert.h>
#endif

namespace Botan_Tests {

namespace {

#if defined(BOTAN_HAS_ECDSA)

/**
* Tests whether the signing routine will work correctly in case
* the integer e that is constructed from the message (thus the hash
* value) is larger than n, the order of the base point.  Tests the
* signing function of the pk signer object
*/
Test::Result test_hash_larger_than_n() {
   Test::Result result("ECDSA Unit");

   Botan::EC_Group dom_pars("secp160r1");

   // n = 0x0100000000000000000001f4c8f927aed3ca752257 (21 bytes)

   Botan::ECDSA_PrivateKey priv_key(Test::rng(), dom_pars);

   std::vector<uint8_t> message(20);
   std::iota(message.begin(), message.end(), static_cast<uint8_t>(0));

   auto sha1 = Botan::HashFunction::create("SHA-1");
   auto sha224 = Botan::HashFunction::create("SHA-224");

   if(!sha1 || !sha224) {
      result.test_note("Skipping due to missing SHA-1 or SHA-224");
      return result;
   }

   Botan::PK_Signer pk_signer_160(priv_key, Test::rng(), "SHA-1");
   Botan::PK_Verifier pk_verifier_160(priv_key, "SHA-1");

   // Verify we can sign and verify with SHA-1
   std::vector<uint8_t> signature_160 = pk_signer_160.sign_message(message, Test::rng());
   result.test_eq("message verifies", pk_verifier_160.verify_message(message, signature_160), true);

   // Verify we can sign and verify with SHA-224
   Botan::PK_Signer pk_signer(priv_key, Test::rng(), "SHA-224");
   std::vector<uint8_t> signature = pk_signer.sign_message(message, Test::rng());
   Botan::PK_Verifier pk_verifier(priv_key, "SHA-224");
   result.test_eq("message verifies", pk_verifier.verify_message(message, signature), true);

   return result;
}

   #if defined(BOTAN_HAS_X509_CERTIFICATES) && defined(BOTAN_TARGET_OS_HAS_FILESYSTEM)
Test::Result test_decode_ecdsa_X509() {
   Test::Result result("ECDSA Unit");
   Botan::X509_Certificate cert(Test::data_file("x509/ecc/CSCA.CSCA.csca-germany.1.crt"));

   result.test_eq("correct signature oid", cert.signature_algorithm().oid().to_formatted_string(), "ECDSA/SHA-224");

   result.test_eq("serial number", cert.serial_number(), Botan::hex_decode("01"));
   result.test_eq("authority key id", cert.authority_key_id(), cert.subject_key_id());
   result.test_eq("key fingerprint",
                  cert.fingerprint("SHA-256"),
                  "3B:6C:99:1C:D6:5A:51:FC:EB:17:E3:AA:F6:3C:1A:DA:14:1F:82:41:30:6F:64:EE:FF:63:F3:1F:D6:07:14:9F");

   auto pubkey = cert.subject_public_key();
   result.test_eq("verify self-signed signature", cert.check_signature(*pubkey), true);

   return result;
}

Test::Result test_decode_ver_link_SHA256() {
   Test::Result result("ECDSA Unit");
   Botan::X509_Certificate root_cert(Test::data_file("x509/ecc/root2_SHA256.cer"));
   Botan::X509_Certificate link_cert(Test::data_file("x509/ecc/link_SHA256.cer"));

   auto pubkey = root_cert.subject_public_key();
   result.confirm("verified self-signed signature", link_cert.check_signature(*pubkey));
   return result;
}

Test::Result test_decode_ver_link_SHA1() {
   Botan::X509_Certificate root_cert(Test::data_file("x509/ecc/root_SHA1.163.crt"));
   Botan::X509_Certificate link_cert(Test::data_file("x509/ecc/link_SHA1.166.crt"));

   Test::Result result("ECDSA Unit");
   auto pubkey = root_cert.subject_public_key();

   auto sha1 = Botan::HashFunction::create("SHA-1");

   if(!sha1) {
      result.confirm("verification of self-signed signature failed due to missing SHA-1",
                     !link_cert.check_signature(*pubkey));
      return result;
   }
   result.confirm("verified self-signed signature", link_cert.check_signature(*pubkey));
   return result;
}
   #endif

Test::Result test_sign_then_ver() {
   Test::Result result("ECDSA Unit");

   Botan::EC_Group dom_pars("secp160r1");
   Botan::ECDSA_PrivateKey ecdsa(Test::rng(), dom_pars);

   Botan::PK_Signer signer(ecdsa, Test::rng(), "SHA-256");

   auto msg = Botan::hex_decode("12345678901234567890abcdef12");
   std::vector<uint8_t> sig = signer.sign_message(msg, Test::rng());

   Botan::PK_Verifier verifier(ecdsa, "SHA-256");

   result.confirm("signature verifies", verifier.verify_message(msg, sig));

   result.confirm("invalid signature rejected", !verifier.verify_message(msg, Test::mutate_vec(sig)));

   return result;
}

Test::Result test_ec_sign() {
   Test::Result result("ECDSA Unit");

   try {
      Botan::EC_Group dom_pars("secp160r1");
      Botan::ECDSA_PrivateKey priv_key(Test::rng(), dom_pars);
      Botan::PK_Signer signer(priv_key, Test::rng(), "SHA-224");
      Botan::PK_Verifier verifier(priv_key, "SHA-224");

      for(size_t i = 0; i != 256; ++i) {
         signer.update(static_cast<uint8_t>(i));
      }
      std::vector<uint8_t> sig = signer.signature(Test::rng());

      for(size_t i = 0; i != 256; ++i) {
         verifier.update(static_cast<uint8_t>(i));
      }

      result.test_eq("ECDSA signature valid", verifier.check_signature(sig), true);

      // now check valid signature, different input
      for(size_t i = 1; i != 256; ++i)  //starting from 1
      {
         verifier.update(static_cast<uint8_t>(i));
      }

      result.test_eq("invalid ECDSA signature invalid", verifier.check_signature(sig), false);

      // now check with original input, modified signature

      sig[sig.size() / 2]++;
      for(size_t i = 0; i != 256; ++i) {
         verifier.update(static_cast<uint8_t>(i));
      }

      result.test_eq("invalid ECDSA signature invalid", verifier.check_signature(sig), false);
   } catch(std::exception& e) { result.test_failure("test_ec_sign", e.what()); }

   return result;
}

Test::Result test_ecdsa_create_save_load() {
   Test::Result result("ECDSA Unit");

   std::string ecc_private_key_pem;
   const std::vector<uint8_t> msg = Botan::hex_decode("12345678901234567890abcdef12");
   std::vector<uint8_t> msg_signature;

   try {
      Botan::EC_Group dom_pars("secp160r1");
      Botan::ECDSA_PrivateKey key(Test::rng(), dom_pars);

      Botan::PK_Signer signer(key, Test::rng(), "SHA-256");
      msg_signature = signer.sign_message(msg, Test::rng());

      ecc_private_key_pem = Botan::PKCS8::PEM_encode(key);
   } catch(std::exception& e) { result.test_failure("create_pkcs8", e.what()); }

   Botan::DataSource_Memory pem_src(ecc_private_key_pem);
   auto loaded_key = Botan::PKCS8::load_key(pem_src);
   Botan::ECDSA_PrivateKey* loaded_ec_key = dynamic_cast<Botan::ECDSA_PrivateKey*>(loaded_key.get());
   result.confirm("the loaded key could be converted into an ECDSA_PrivateKey", loaded_ec_key != nullptr);

   if(loaded_ec_key) {
      result.confirm("the loaded key produces equal encoding",
                     (ecc_private_key_pem == Botan::PKCS8::PEM_encode(*loaded_ec_key)));
      Botan::PK_Verifier verifier(*loaded_ec_key, "SHA-256");
      result.confirm("generated signature valid", verifier.verify_message(msg, msg_signature));
   }

   return result;
}

Test::Result test_unusual_curve() {
   Test::Result result("ECDSA Unit");

   //calc a curve which is not in the registry
   const Botan::BigInt p(
      "2117607112719756483104013348936480976596328609518055062007450442679169492999007105354629105748524349829824407773719892437896937279095106809");
   const Botan::BigInt a(
      "0x0a377dede6b523333d36c78e9b0eaa3bf48ce93041f6d4fc34014d08f6833807498deedd4290101c5866e8dfb589485d13357b9e78c2d7fbe9fe");
   const Botan::BigInt b(
      "0x0a9acf8c8ba617777e248509bcb4717d4db346202bf9e352cd5633731dd92a51b72a4dc3b3d17c823fcc8fbda4da08f25dea89046087342595a7");
   const Botan::BigInt order_g("0x0e1a16196e6000000000bc7f1618d867b15bb86474418f");
   const Botan::BigInt cofactor = Botan::BigInt::one();

   const BigInt Gx(
      "1503931002566715881584977704503341991763310127581173321974500299341775226206001860606586625324214456299149080935147329869147994265934715820");
   const BigInt Gy(
      "1774988776970033741491814582357926984496972046739476148938345272681378523636129776486407268230155403536112014267092770854858769258781598199");

   Botan::EC_Group dom_params(p, a, b, Gx, Gy, order_g, cofactor);

   Botan::EC_Point p_G = dom_params.point(Gx, Gy);

   if(!result.confirm("G is on curve", p_G.on_the_curve())) {
      return result;
   }

   Botan::ECDSA_PrivateKey key_odd_curve(Test::rng(), dom_params);
   std::string key_odd_curve_str = Botan::PKCS8::PEM_encode(key_odd_curve);

   Botan::DataSource_Memory key_data_src(key_odd_curve_str);
   auto loaded_key = Botan::PKCS8::load_key(key_data_src);

   result.confirm("reloaded key", loaded_key != nullptr);

   return result;
}

Test::Result test_encoding_options() {
   Test::Result result("ECDSA Unit");

   Botan::EC_Group group("secp256r1");
   Botan::ECDSA_PrivateKey key(Test::rng(), group);

   result.confirm("Default encoding is uncompressed", key.point_encoding() == Botan::EC_Point_Format::Uncompressed);

   const std::vector<uint8_t> enc_uncompressed = key.public_key_bits();

   key.set_point_encoding(Botan::EC_Point_Format::Compressed);

   result.confirm("set_point_encoding works", key.point_encoding() == Botan::EC_Point_Format::Compressed);

   const std::vector<uint8_t> enc_compressed = key.public_key_bits();

   result.test_lt("Comprssed points are smaller", enc_compressed.size(), enc_uncompressed.size());

   size_t size_diff = enc_uncompressed.size() - enc_compressed.size();

   result.test_gte("Compressed points smaller by group size", size_diff, 32);

   key.set_point_encoding(Botan::EC_Point_Format::Hybrid);

   result.confirm("set_point_encoding works", key.point_encoding() == Botan::EC_Point_Format::Hybrid);

   const std::vector<uint8_t> enc_hybrid = key.public_key_bits();

   result.test_eq("Hybrid point same size as uncompressed", enc_uncompressed.size(), enc_hybrid.size());

   #if !defined(BOTAN_HAS_SANITIZER_UNDEFINED)
   auto invalid_format = static_cast<Botan::EC_Point_Format>(99);

   result.test_throws("Invalid point format throws", "Invalid point encoding for EC_PublicKey", [&] {
      key.set_point_encoding(invalid_format);
   });
   #endif

   return result;
}

   #if defined(BOTAN_TARGET_OS_HAS_FILESYSTEM)

Test::Result test_read_pkcs8() {
   Test::Result result("ECDSA Unit");

   const std::vector<uint8_t> msg = Botan::hex_decode("12345678901234567890abcdef12");

   try {
      Botan::DataSource_Stream key_stream(Test::data_file("x509/ecc/nodompar_private.pkcs8.pem"));
      auto loaded_key_nodp = Botan::PKCS8::load_key(key_stream);
      // anew in each test with unregistered domain-parameters
      Botan::ECDSA_PrivateKey* ecdsa_nodp = dynamic_cast<Botan::ECDSA_PrivateKey*>(loaded_key_nodp.get());
      if(!ecdsa_nodp) {
         throw Test_Error("Unable to load valid PKCS8 ECDSA key");
      }

      Botan::PK_Signer signer(*ecdsa_nodp, Test::rng(), "SHA-256");
      Botan::PK_Verifier verifier(*ecdsa_nodp, "SHA-256");

      std::vector<uint8_t> signature_nodp = signer.sign_message(msg, Test::rng());

      result.confirm("signature valid", verifier.verify_message(msg, signature_nodp));

      try {
         Botan::DataSource_Stream key_stream2(Test::data_file("x509/ecc/withdompar_private.pkcs8.pem"));
         auto should_fail = Botan::PKCS8::load_key(key_stream2);
         result.test_failure("loaded key with unknown OID");
      } catch(std::exception&) { result.test_note("rejected key with unknown OID"); }
   } catch(std::exception& e) { result.test_failure("read_pkcs8", e.what()); }

   return result;
}

Test::Result test_ecc_key_with_rfc5915_extensions() {
   Test::Result result("ECDSA Unit");

   try {
      Botan::DataSource_Stream key_stream(Test::data_file("x509/ecc/ecc_private_with_rfc5915_ext.pem"));
      auto pkcs8 = Botan::PKCS8::load_key(key_stream);

      result.confirm("loaded RFC 5915 key", pkcs8 != nullptr);
      result.test_eq("key is ECDSA", pkcs8->algo_name(), "ECDSA");
      result.confirm("key type is ECDSA", dynamic_cast<Botan::ECDSA_PrivateKey*>(pkcs8.get()) != nullptr);
   } catch(std::exception& e) { result.test_failure("load_rfc5915_ext", e.what()); }

   return result;
}

Test::Result test_ecc_key_with_rfc5915_parameters() {
   Test::Result result("ECDSA Unit");

   try {
      Botan::DataSource_Stream key_stream(Test::data_file("x509/ecc/ecc_private_with_rfc5915_parameters.pem"));
      auto pkcs8 = Botan::PKCS8::load_key(key_stream);

      result.confirm("loaded RFC 5915 key", pkcs8 != nullptr);
      result.test_eq("key is ECDSA", pkcs8->algo_name(), "ECDSA");
      result.confirm("key type is ECDSA", dynamic_cast<Botan::ECDSA_PrivateKey*>(pkcs8.get()) != nullptr);
   } catch(std::exception& e) { result.test_failure("load_rfc5915_params", e.what()); }

   return result;
}

   #endif

Test::Result test_curve_registry() {
   Test::Result result("ECDSA Unit");

   for(const std::string& group_name : Botan::EC_Group::known_named_groups()) {
      try {
         Botan::EC_Group group(group_name);
         Botan::ECDSA_PrivateKey ecdsa(Test::rng(), group);

         Botan::PK_Signer signer(ecdsa, Test::rng(), "SHA-256");
         Botan::PK_Verifier verifier(ecdsa, "SHA-256");

         const std::vector<uint8_t> msg = Botan::hex_decode("12345678901234567890abcdef12");
         const std::vector<uint8_t> sig = signer.sign_message(msg, Test::rng());

         result.confirm("verified signature", verifier.verify_message(msg, sig));
      } catch(Botan::Invalid_Argument& e) { result.test_failure("testing " + group_name + ": " + e.what()); }
   }

   return result;
}

class ECDSA_Unit_Tests final : public Test {
   public:
      std::vector<Test::Result> run() override {
         std::vector<Test::Result> results;

   #if defined(BOTAN_TARGET_OS_HAS_FILESYSTEM)
         results.push_back(test_read_pkcs8());
         results.push_back(test_ecc_key_with_rfc5915_extensions());
         results.push_back(test_ecc_key_with_rfc5915_parameters());

      #if defined(BOTAN_HAS_X509_CERTIFICATES)
         results.push_back(test_decode_ecdsa_X509());
         results.push_back(test_decode_ver_link_SHA256());
         results.push_back(test_decode_ver_link_SHA1());
      #endif

   #endif

         results.push_back(test_hash_larger_than_n());
         results.push_back(test_sign_then_ver());
         results.push_back(test_ec_sign());
         results.push_back(test_ecdsa_create_save_load());
         results.push_back(test_unusual_curve());
         results.push_back(test_curve_registry());
         results.push_back(test_encoding_options());
         return results;
      }
};

BOTAN_REGISTER_TEST("pubkey", "ecdsa_unit", ECDSA_Unit_Tests);
#endif

}

}

1	/*
2	* ECDSA Tests
3	*
4	* (C) 2007 Falko Strenzke
5	* 2007 Manuel Hartl
6	* 2008,2015 Jack Lloyd
7	*
8	* Botan is released under the Simplified BSD License (see license.txt)
9	*/
10
11	#include "tests.h"
12	#include <botan/hex.h>
13	#include <numeric>
14
15	#if defined(BOTAN_HAS_ECDSA)
16	#include <botan/data_src.h>
17	#include <botan/ec_group.h>
18	#include <botan/ecdsa.h>
19	#include <botan/hash.h>
20	#include <botan/pkcs8.h>
21	#include <botan/pubkey.h>
22	#endif
23
24	#if defined(BOTAN_HAS_X509_CERTIFICATES)
25	#include <botan/x509cert.h>
26	#endif
27
28	namespace Botan_Tests {
29
30	namespace {
31
32	#if defined(BOTAN_HAS_ECDSA)
33
34	/**
35	* Tests whether the signing routine will work correctly in case
36	* the integer e that is constructed from the message (thus the hash
37	* value) is larger than n, the order of the base point. Tests the
38	* signing function of the pk signer object
39	*/
40	Test::Result test_hash_larger_than_n() {	1✔
41	Test::Result result("ECDSA Unit");	1✔
42
43	Botan::EC_Group dom_pars("secp160r1");	1✔
44
45	// n = 0x0100000000000000000001f4c8f927aed3ca752257 (21 bytes)
46
47	Botan::ECDSA_PrivateKey priv_key(Test::rng(), dom_pars);	1✔
48
49	std::vector<uint8_t> message(20);	1✔
50	std::iota(message.begin(), message.end(), static_cast<uint8_t>(0));	1✔
51
52	auto sha1 = Botan::HashFunction::create("SHA-1");	1✔
53	auto sha224 = Botan::HashFunction::create("SHA-224");	1✔
54
55	if(!sha1 \|\| !sha224) {	1✔
56	result.test_note("Skipping due to missing SHA-1 or SHA-224");	×
57	return result;	×
58	}
59
60	Botan::PK_Signer pk_signer_160(priv_key, Test::rng(), "SHA-1");	1✔
61	Botan::PK_Verifier pk_verifier_160(priv_key, "SHA-1");	1✔
62
63	// Verify we can sign and verify with SHA-1
64	std::vector<uint8_t> signature_160 = pk_signer_160.sign_message(message, Test::rng());	1✔
65	result.test_eq("message verifies", pk_verifier_160.verify_message(message, signature_160), true);	1✔
66
67	// Verify we can sign and verify with SHA-224
68	Botan::PK_Signer pk_signer(priv_key, Test::rng(), "SHA-224");	1✔
69	std::vector<uint8_t> signature = pk_signer.sign_message(message, Test::rng());	1✔
70	Botan::PK_Verifier pk_verifier(priv_key, "SHA-224");	1✔
71	result.test_eq("message verifies", pk_verifier.verify_message(message, signature), true);	1✔
72
73	return result;	1✔
74	}	6✔
75
76	#if defined(BOTAN_HAS_X509_CERTIFICATES) && defined(BOTAN_TARGET_OS_HAS_FILESYSTEM)
77	Test::Result test_decode_ecdsa_X509() {	1✔
78	Test::Result result("ECDSA Unit");	1✔
79	Botan::X509_Certificate cert(Test::data_file("x509/ecc/CSCA.CSCA.csca-germany.1.crt"));	2✔
80
81	result.test_eq("correct signature oid", cert.signature_algorithm().oid().to_formatted_string(), "ECDSA/SHA-224");	2✔
82
83	result.test_eq("serial number", cert.serial_number(), Botan::hex_decode("01"));	2✔
84	result.test_eq("authority key id", cert.authority_key_id(), cert.subject_key_id());	1✔
85	result.test_eq("key fingerprint",	3✔
86	cert.fingerprint("SHA-256"),	2✔
87	"3B:6C:99:1C:D6:5A:51:FC:EB:17:E3:AA:F6:3C:1A:DA:14:1F:82:41:30:6F:64:EE:FF:63:F3:1F:D6:07:14:9F");
88
89	auto pubkey = cert.subject_public_key();	1✔
90	result.test_eq("verify self-signed signature", cert.check_signature(*pubkey), true);	1✔
91
92	return result;	2✔
93	}	1✔
94
95	Test::Result test_decode_ver_link_SHA256() {	1✔
96	Test::Result result("ECDSA Unit");	1✔
97	Botan::X509_Certificate root_cert(Test::data_file("x509/ecc/root2_SHA256.cer"));	2✔
98	Botan::X509_Certificate link_cert(Test::data_file("x509/ecc/link_SHA256.cer"));	2✔
99
100	auto pubkey = root_cert.subject_public_key();	1✔
101	result.confirm("verified self-signed signature", link_cert.check_signature(*pubkey));	2✔
102	return result;	2✔
103	}	1✔
104
105	Test::Result test_decode_ver_link_SHA1() {	1✔
106	Botan::X509_Certificate root_cert(Test::data_file("x509/ecc/root_SHA1.163.crt"));	2✔
107	Botan::X509_Certificate link_cert(Test::data_file("x509/ecc/link_SHA1.166.crt"));	2✔
108
109	Test::Result result("ECDSA Unit");	1✔
110	auto pubkey = root_cert.subject_public_key();	1✔
111
112	auto sha1 = Botan::HashFunction::create("SHA-1");	1✔
113
114	if(!sha1) {	1✔
115	result.confirm("verification of self-signed signature failed due to missing SHA-1",	×
116	!link_cert.check_signature(*pubkey));	×
117	return result;	×
118	}
119	result.confirm("verified self-signed signature", link_cert.check_signature(*pubkey));	2✔
120	return result;	1✔
121	}	2✔
122	#endif
123
124	Test::Result test_sign_then_ver() {	1✔
125	Test::Result result("ECDSA Unit");	1✔
126
127	Botan::EC_Group dom_pars("secp160r1");	1✔
128	Botan::ECDSA_PrivateKey ecdsa(Test::rng(), dom_pars);	1✔
129
130	Botan::PK_Signer signer(ecdsa, Test::rng(), "SHA-256");	1✔
131
132	auto msg = Botan::hex_decode("12345678901234567890abcdef12");	1✔
133	std::vector<uint8_t> sig = signer.sign_message(msg, Test::rng());	1✔
134
135	Botan::PK_Verifier verifier(ecdsa, "SHA-256");	1✔
136
137	result.confirm("signature verifies", verifier.verify_message(msg, sig));	2✔
138
139	result.confirm("invalid signature rejected", !verifier.verify_message(msg, Test::mutate_vec(sig)));	3✔
140
141	return result;	1✔
142	}	3✔
143
144	Test::Result test_ec_sign() {	1✔
145	Test::Result result("ECDSA Unit");	1✔
146
147	try {	1✔
148	Botan::EC_Group dom_pars("secp160r1");	1✔
149	Botan::ECDSA_PrivateKey priv_key(Test::rng(), dom_pars);	1✔
150	Botan::PK_Signer signer(priv_key, Test::rng(), "SHA-224");	1✔
151	Botan::PK_Verifier verifier(priv_key, "SHA-224");	1✔
152
153	for(size_t i = 0; i != 256; ++i) {	257✔
154	signer.update(static_cast<uint8_t>(i));	256✔
155	}
156	std::vector<uint8_t> sig = signer.signature(Test::rng());	1✔
157
158	for(size_t i = 0; i != 256; ++i) {	257✔
159	verifier.update(static_cast<uint8_t>(i));	256✔
160	}
161
162	result.test_eq("ECDSA signature valid", verifier.check_signature(sig), true);	1✔
163
164	// now check valid signature, different input
165	for(size_t i = 1; i != 256; ++i) //starting from 1	256✔
166	{
167	verifier.update(static_cast<uint8_t>(i));	255✔
168	}
169
170	result.test_eq("invalid ECDSA signature invalid", verifier.check_signature(sig), false);	1✔
171
172	// now check with original input, modified signature
173
174	sig[sig.size() / 2]++;	1✔
175	for(size_t i = 0; i != 256; ++i) {	257✔
176	verifier.update(static_cast<uint8_t>(i));	256✔
177	}
178
179	result.test_eq("invalid ECDSA signature invalid", verifier.check_signature(sig), false);	2✔
180	} catch(std::exception& e) { result.test_failure("test_ec_sign", e.what()); }	1✔
181
182	return result;	1✔
183	}	×
184
185	Test::Result test_ecdsa_create_save_load() {	1✔
186	Test::Result result("ECDSA Unit");	1✔
187
188	std::string ecc_private_key_pem;	1✔
189	const std::vector<uint8_t> msg = Botan::hex_decode("12345678901234567890abcdef12");	1✔
190	std::vector<uint8_t> msg_signature;	1✔
191
192	try {	1✔
193	Botan::EC_Group dom_pars("secp160r1");	1✔
194	Botan::ECDSA_PrivateKey key(Test::rng(), dom_pars);	1✔
195
196	Botan::PK_Signer signer(key, Test::rng(), "SHA-256");	1✔
197	msg_signature = signer.sign_message(msg, Test::rng());	2✔
198
199	ecc_private_key_pem = Botan::PKCS8::PEM_encode(key);	1✔
200	} catch(std::exception& e) { result.test_failure("create_pkcs8", e.what()); }	1✔
201
202	Botan::DataSource_Memory pem_src(ecc_private_key_pem);	1✔
203	auto loaded_key = Botan::PKCS8::load_key(pem_src);	1✔
204	Botan::ECDSA_PrivateKey* loaded_ec_key = dynamic_cast<Botan::ECDSA_PrivateKey*>(loaded_key.get());	1✔
205	result.confirm("the loaded key could be converted into an ECDSA_PrivateKey", loaded_ec_key != nullptr);	2✔
206
207	if(loaded_ec_key) {	1✔
208	result.confirm("the loaded key produces equal encoding",	2✔
209	(ecc_private_key_pem == Botan::PKCS8::PEM_encode(*loaded_ec_key)));	1✔
210	Botan::PK_Verifier verifier(*loaded_ec_key, "SHA-256");	1✔
211	result.confirm("generated signature valid", verifier.verify_message(msg, msg_signature));	3✔
212	}	1✔
213
214	return result;	1✔
215	}	5✔
216
217	Test::Result test_unusual_curve() {	1✔
218	Test::Result result("ECDSA Unit");	1✔
219
220	//calc a curve which is not in the registry
221	const Botan::BigInt p(	1✔
222	"2117607112719756483104013348936480976596328609518055062007450442679169492999007105354629105748524349829824407773719892437896937279095106809");	1✔
223	const Botan::BigInt a(	1✔
224	"0x0a377dede6b523333d36c78e9b0eaa3bf48ce93041f6d4fc34014d08f6833807498deedd4290101c5866e8dfb589485d13357b9e78c2d7fbe9fe");	1✔
225	const Botan::BigInt b(	1✔
226	"0x0a9acf8c8ba617777e248509bcb4717d4db346202bf9e352cd5633731dd92a51b72a4dc3b3d17c823fcc8fbda4da08f25dea89046087342595a7");	1✔
227	const Botan::BigInt order_g("0x0e1a16196e6000000000bc7f1618d867b15bb86474418f");	1✔
228	const Botan::BigInt cofactor = Botan::BigInt::one();	1✔
229
230	const BigInt Gx(	1✔
231	"1503931002566715881584977704503341991763310127581173321974500299341775226206001860606586625324214456299149080935147329869147994265934715820");	1✔
232	const BigInt Gy(	1✔
233	"1774988776970033741491814582357926984496972046739476148938345272681378523636129776486407268230155403536112014267092770854858769258781598199");	1✔
234
235	Botan::EC_Group dom_params(p, a, b, Gx, Gy, order_g, cofactor);	1✔
236
237	Botan::EC_Point p_G = dom_params.point(Gx, Gy);	1✔
238
239	if(!result.confirm("G is on curve", p_G.on_the_curve())) {	2✔
240	return result;
241	}
242
243	Botan::ECDSA_PrivateKey key_odd_curve(Test::rng(), dom_params);	1✔
244	std::string key_odd_curve_str = Botan::PKCS8::PEM_encode(key_odd_curve);	1✔
245
246	Botan::DataSource_Memory key_data_src(key_odd_curve_str);	1✔
247	auto loaded_key = Botan::PKCS8::load_key(key_data_src);	1✔
248
249	result.confirm("reloaded key", loaded_key != nullptr);	2✔
250
251	return result;	1✔
252	}	10✔
253
254	Test::Result test_encoding_options() {	1✔
255	Test::Result result("ECDSA Unit");	1✔
256
257	Botan::EC_Group group("secp256r1");	1✔
258	Botan::ECDSA_PrivateKey key(Test::rng(), group);	1✔
259
260	result.confirm("Default encoding is uncompressed", key.point_encoding() == Botan::EC_Point_Format::Uncompressed);	2✔
261
262	const std::vector<uint8_t> enc_uncompressed = key.public_key_bits();	1✔
263
264	key.set_point_encoding(Botan::EC_Point_Format::Compressed);	1✔
265
266	result.confirm("set_point_encoding works", key.point_encoding() == Botan::EC_Point_Format::Compressed);	2✔
267
268	const std::vector<uint8_t> enc_compressed = key.public_key_bits();	1✔
269
270	result.test_lt("Comprssed points are smaller", enc_compressed.size(), enc_uncompressed.size());	1✔
271
272	size_t size_diff = enc_uncompressed.size() - enc_compressed.size();	1✔
273
274	result.test_gte("Compressed points smaller by group size", size_diff, 32);	1✔
275
276	key.set_point_encoding(Botan::EC_Point_Format::Hybrid);	1✔
277
278	result.confirm("set_point_encoding works", key.point_encoding() == Botan::EC_Point_Format::Hybrid);	2✔
279
280	const std::vector<uint8_t> enc_hybrid = key.public_key_bits();	1✔
281
282	result.test_eq("Hybrid point same size as uncompressed", enc_uncompressed.size(), enc_hybrid.size());	1✔
283
284	#if !defined(BOTAN_HAS_SANITIZER_UNDEFINED)
285	auto invalid_format = static_cast<Botan::EC_Point_Format>(99);	1✔
286
287	result.test_throws("Invalid point format throws", "Invalid point encoding for EC_PublicKey", [&] {	3✔
288	key.set_point_encoding(invalid_format);	1✔
289	});
290	#endif
291
292	return result;	2✔
293	}	3✔
294
295	#if defined(BOTAN_TARGET_OS_HAS_FILESYSTEM)
296
297	Test::Result test_read_pkcs8() {	1✔
298	Test::Result result("ECDSA Unit");	1✔
299
300	const std::vector<uint8_t> msg = Botan::hex_decode("12345678901234567890abcdef12");	1✔
301
302	try {	1✔
303	Botan::DataSource_Stream key_stream(Test::data_file("x509/ecc/nodompar_private.pkcs8.pem"));	2✔
304	auto loaded_key_nodp = Botan::PKCS8::load_key(key_stream);	1✔
305	// anew in each test with unregistered domain-parameters
306	Botan::ECDSA_PrivateKey* ecdsa_nodp = dynamic_cast<Botan::ECDSA_PrivateKey*>(loaded_key_nodp.get());	1✔
307	if(!ecdsa_nodp) {	1✔
308	throw Test_Error("Unable to load valid PKCS8 ECDSA key");	×
309	}
310
311	Botan::PK_Signer signer(*ecdsa_nodp, Test::rng(), "SHA-256");	1✔
312	Botan::PK_Verifier verifier(*ecdsa_nodp, "SHA-256");	1✔
313
314	std::vector<uint8_t> signature_nodp = signer.sign_message(msg, Test::rng());	1✔
315
316	result.confirm("signature valid", verifier.verify_message(msg, signature_nodp));	2✔
317
318	try {	1✔
319	Botan::DataSource_Stream key_stream2(Test::data_file("x509/ecc/withdompar_private.pkcs8.pem"));	2✔
320	auto should_fail = Botan::PKCS8::load_key(key_stream2);	1✔
321	result.test_failure("loaded key with unknown OID");	×
322	} catch(std::exception&) { result.test_note("rejected key with unknown OID"); }	3✔
323	} catch(std::exception& e) { result.test_failure("read_pkcs8", e.what()); }	2✔
324
325	return result;	1✔
326	}	1✔
327
328	Test::Result test_ecc_key_with_rfc5915_extensions() {	1✔
329	Test::Result result("ECDSA Unit");	1✔
330
331	try {	1✔
332	Botan::DataSource_Stream key_stream(Test::data_file("x509/ecc/ecc_private_with_rfc5915_ext.pem"));	2✔
333	auto pkcs8 = Botan::PKCS8::load_key(key_stream);	1✔
334
335	result.confirm("loaded RFC 5915 key", pkcs8 != nullptr);	2✔
336	result.test_eq("key is ECDSA", pkcs8->algo_name(), "ECDSA");	2✔
337	result.confirm("key type is ECDSA", dynamic_cast<Botan::ECDSA_PrivateKey*>(pkcs8.get()) != nullptr);	3✔
338	} catch(std::exception& e) { result.test_failure("load_rfc5915_ext", e.what()); }	1✔
339
340	return result;	1✔
341	}	×
342
343	Test::Result test_ecc_key_with_rfc5915_parameters() {	1✔
344	Test::Result result("ECDSA Unit");	1✔
345
346	try {	1✔
347	Botan::DataSource_Stream key_stream(Test::data_file("x509/ecc/ecc_private_with_rfc5915_parameters.pem"));	2✔
348	auto pkcs8 = Botan::PKCS8::load_key(key_stream);	1✔
349
350	result.confirm("loaded RFC 5915 key", pkcs8 != nullptr);	2✔
351	result.test_eq("key is ECDSA", pkcs8->algo_name(), "ECDSA");	2✔
352	result.confirm("key type is ECDSA", dynamic_cast<Botan::ECDSA_PrivateKey*>(pkcs8.get()) != nullptr);	3✔
353	} catch(std::exception& e) { result.test_failure("load_rfc5915_params", e.what()); }	1✔
354
355	return result;	1✔
356	}	×
357
358	#endif
359
360	Test::Result test_curve_registry() {	1✔
361	Test::Result result("ECDSA Unit");	1✔
362
363	for(const std::string& group_name : Botan::EC_Group::known_named_groups()) {	28✔
364	try {	27✔
365	Botan::EC_Group group(group_name);	27✔
366	Botan::ECDSA_PrivateKey ecdsa(Test::rng(), group);	27✔
367
368	Botan::PK_Signer signer(ecdsa, Test::rng(), "SHA-256");	27✔
369	Botan::PK_Verifier verifier(ecdsa, "SHA-256");	27✔
370
371	const std::vector<uint8_t> msg = Botan::hex_decode("12345678901234567890abcdef12");	27✔
372	const std::vector<uint8_t> sig = signer.sign_message(msg, Test::rng());	27✔
373
374	result.confirm("verified signature", verifier.verify_message(msg, sig));	81✔
375	} catch(Botan::Invalid_Argument& e) { result.test_failure("testing " + group_name + ": " + e.what()); }	54✔
376	}
377
378	return result;	1✔
379	}	×
380
381	class ECDSA_Unit_Tests final : public Test {	×
382	public:
383	std::vector<Test::Result> run() override {	1✔
384	std::vector<Test::Result> results;	1✔
385
386	#if defined(BOTAN_TARGET_OS_HAS_FILESYSTEM)
387	results.push_back(test_read_pkcs8());	2✔
388	results.push_back(test_ecc_key_with_rfc5915_extensions());	2✔
389	results.push_back(test_ecc_key_with_rfc5915_parameters());	2✔
390
391	#if defined(BOTAN_HAS_X509_CERTIFICATES)
392	results.push_back(test_decode_ecdsa_X509());	2✔
393	results.push_back(test_decode_ver_link_SHA256());	2✔
394	results.push_back(test_decode_ver_link_SHA1());	2✔
395	#endif
396
397	#endif
398
399	results.push_back(test_hash_larger_than_n());	2✔
400	results.push_back(test_sign_then_ver());	2✔
401	results.push_back(test_ec_sign());	2✔
402	results.push_back(test_ecdsa_create_save_load());	2✔
403	results.push_back(test_unusual_curve());	2✔
404	results.push_back(test_curve_registry());	2✔
405	results.push_back(test_encoding_options());	2✔
406	return results;	1✔
407	}	×
408	};
409
410	BOTAN_REGISTER_TEST("pubkey", "ecdsa_unit", ECDSA_Unit_Tests);
411	#endif
412
413	}
414
415	}

randombit / botan / 5079590438

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous