13345891044

Committed 15 Feb 2025 02:24PM UTC coverage: 91.637% (-0.002%) from 91.639%

Build # 13345891044

Build Type

push

github

Committed by

web-flow

Commit Message

Merge pull request #4690 from randombit/jack/prep-for-curve-preregistration

Modify tests to avoid implicitly creating EC_Groups

Run Details

94971 of 103638 relevant lines covered (91.64%)

11153236.5 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

78.81

/src/tests/unit_ecdsa.cpp

/*
* ECDSA Tests
*
* (C) 2007 Falko Strenzke
*     2007 Manuel Hartl
*     2008,2015 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/

#include "tests.h"

#if defined(BOTAN_HAS_ECDSA)
   #include <botan/data_src.h>
   #include <botan/ec_group.h>
   #include <botan/ecdsa.h>
   #include <botan/hash.h>
   #include <botan/pkcs8.h>
   #include <botan/pubkey.h>
#endif

#if defined(BOTAN_HAS_X509_CERTIFICATES)
   #include <botan/x509cert.h>
#endif

namespace Botan_Tests {

namespace {

#if defined(BOTAN_HAS_ECDSA)

   #if defined(BOTAN_HAS_X509_CERTIFICATES) && defined(BOTAN_TARGET_OS_HAS_FILESYSTEM)
Test::Result test_decode_ecdsa_X509() {
   Test::Result result("Parse CSCA cert");

   if(Botan::EC_Group::supports_application_specific_group()) {
      try {
         Botan::X509_Certificate cert(Test::data_file("x509/ecc/CSCA.CSCA.csca-germany.1.crt"));

         result.test_eq(
            "correct signature oid", cert.signature_algorithm().oid().to_formatted_string(), "ECDSA/SHA-224");

         result.test_eq("serial number", cert.serial_number(), std::vector<uint8_t>{1});
         result.test_eq("authority key id", cert.authority_key_id(), cert.subject_key_id());
         result.test_eq(
            "key fingerprint",
            cert.fingerprint("SHA-256"),
            "3B:6C:99:1C:D6:5A:51:FC:EB:17:E3:AA:F6:3C:1A:DA:14:1F:82:41:30:6F:64:EE:FF:63:F3:1F:D6:07:14:9F");

         auto pubkey = cert.subject_public_key();
         result.test_eq("verify self-signed signature", cert.check_signature(*pubkey), true);
      } catch(Botan::Exception& e) {
         result.test_failure(e.what());
      }
   }

   return result;
}

Test::Result test_decode_ver_link_SHA256() {
   Test::Result result("Check ECDSA signature");

   if(Botan::EC_Group::supports_application_specific_group()) {
      try {
         Botan::X509_Certificate root_cert(Test::data_file("x509/ecc/root2_SHA256.cer"));
         Botan::X509_Certificate link_cert(Test::data_file("x509/ecc/link_SHA256.cer"));

         auto pubkey = root_cert.subject_public_key();
         result.confirm("verified self-signed signature", link_cert.check_signature(*pubkey));
      } catch(Botan::Exception& e) {
         result.test_failure(e.what());
      }
   }

   return result;
}

Test::Result test_decode_ver_link_SHA1() {
   Test::Result result("Check ECDSA signature SHA-1");

   if(Botan::EC_Group::supports_application_specific_group()) {
      try {
         Botan::X509_Certificate root_cert(Test::data_file("x509/ecc/root_SHA1.163.crt"));
         Botan::X509_Certificate link_cert(Test::data_file("x509/ecc/link_SHA1.166.crt"));

         auto pubkey = root_cert.subject_public_key();

         auto sha1 = Botan::HashFunction::create("SHA-1");

         if(!sha1) {
            result.confirm("verification of self-signed signature failed due to missing SHA-1",
                           !link_cert.check_signature(*pubkey));
            return result;
         }
         result.confirm("verified self-signed signature", link_cert.check_signature(*pubkey));
      } catch(Botan::Exception& e) {
         result.test_failure(e.what());
      }
   }

   return result;
}
   #endif

Test::Result test_encoding_options() {
   Test::Result result("ECDSA encoding");

   try {
      auto rng = Test::new_rng("ecdsa_encoding_options");

      for(const auto& group_id : Botan::EC_Group::known_named_groups()) {
         const auto group = Botan::EC_Group::from_name(group_id);
         Botan::ECDSA_PrivateKey key(*rng, group);

         result.confirm("Default encoding is uncompressed",
                        key.point_encoding() == Botan::EC_Point_Format::Uncompressed);

         const std::vector<uint8_t> enc_uncompressed = key.public_key_bits();
         key.set_point_encoding(Botan::EC_Point_Format::Compressed);

         result.confirm("set_point_encoding works", key.point_encoding() == Botan::EC_Point_Format::Compressed);

         const std::vector<uint8_t> enc_compressed = key.public_key_bits();
         result.test_lt("Compressed points are smaller", enc_compressed.size(), enc_uncompressed.size());
         size_t size_diff = enc_uncompressed.size() - enc_compressed.size();
         result.test_gte("Compressed points smaller by group size", size_diff, group.get_p_bytes());
         key.set_point_encoding(Botan::EC_Point_Format::Hybrid);
         result.confirm("set_point_encoding works", key.point_encoding() == Botan::EC_Point_Format::Hybrid);
         const std::vector<uint8_t> enc_hybrid = key.public_key_bits();
         result.test_eq("Hybrid point same size as uncompressed", enc_uncompressed.size(), enc_hybrid.size());

   #if !defined(BOTAN_HAS_SANITIZER_UNDEFINED)
         // NOLINTNEXTLINE(clang-analyzer-optin.core.EnumCastOutOfRange)
         auto invalid_format = static_cast<Botan::EC_Point_Format>(99);

         result.test_throws("Invalid point format throws", "Invalid point encoding for EC_PublicKey", [&] {
            key.set_point_encoding(invalid_format);
         });
   #endif
      }
   } catch(Botan::Exception& e) {
      result.test_failure(e.what());
   }

   return result;
}

   #if defined(BOTAN_TARGET_OS_HAS_FILESYSTEM)

Test::Result test_ecc_key_with_rfc5915_extensions() {
   Test::Result result("ECDSA Unit");

   try {
      if(Botan::EC_Group::supports_named_group("secp256r1")) {
         Botan::DataSource_Stream key_stream(Test::data_file("x509/ecc/ecc_private_with_rfc5915_ext.pem"));
         auto pkcs8 = Botan::PKCS8::load_key(key_stream);

         result.confirm("loaded RFC 5915 key", pkcs8 != nullptr);
         result.test_eq("key is ECDSA", pkcs8->algo_name(), "ECDSA");
         result.confirm("key type is ECDSA", dynamic_cast<Botan::ECDSA_PrivateKey*>(pkcs8.get()) != nullptr);
      }
   } catch(std::exception& e) {
      result.test_failure("load_rfc5915_ext", e.what());
   }

   return result;
}

Test::Result test_ecc_key_with_rfc5915_parameters() {
   Test::Result result("ECDSA Unit");

   try {
      if(Botan::EC_Group::supports_named_group("secp256r1")) {
         Botan::DataSource_Stream key_stream(Test::data_file("x509/ecc/ecc_private_with_rfc5915_parameters.pem"));
         auto pkcs8 = Botan::PKCS8::load_key(key_stream);

         result.confirm("loaded RFC 5915 key", pkcs8 != nullptr);
         result.test_eq("key is ECDSA", pkcs8->algo_name(), "ECDSA");
         result.confirm("key type is ECDSA", dynamic_cast<Botan::ECDSA_PrivateKey*>(pkcs8.get()) != nullptr);
      }
   } catch(std::exception& e) {
      result.test_failure("load_rfc5915_params", e.what());
   }

   return result;
}

   #endif

class ECDSA_Unit_Tests final : public Test {
   public:
      std::vector<Test::Result> run() override {
         std::vector<Test::Result> results;

   #if defined(BOTAN_TARGET_OS_HAS_FILESYSTEM)
         results.push_back(test_ecc_key_with_rfc5915_extensions());
         results.push_back(test_ecc_key_with_rfc5915_parameters());

      #if defined(BOTAN_HAS_X509_CERTIFICATES)
         results.push_back(test_decode_ecdsa_X509());
         results.push_back(test_decode_ver_link_SHA256());
         results.push_back(test_decode_ver_link_SHA1());
      #endif

   #endif

         results.push_back(test_encoding_options());
         return results;
      }
};

BOTAN_REGISTER_TEST("pubkey", "ecdsa_unit", ECDSA_Unit_Tests);
#endif

}  // namespace

}  // namespace Botan_Tests

1	/*
2	* ECDSA Tests
3	*
4	* (C) 2007 Falko Strenzke
5	* 2007 Manuel Hartl
6	* 2008,2015 Jack Lloyd
7	*
8	* Botan is released under the Simplified BSD License (see license.txt)
9	*/
10
11	#include "tests.h"
12
13	#if defined(BOTAN_HAS_ECDSA)
14	#include <botan/data_src.h>
15	#include <botan/ec_group.h>
16	#include <botan/ecdsa.h>
17	#include <botan/hash.h>
18	#include <botan/pkcs8.h>
19	#include <botan/pubkey.h>
20	#endif
21
22	#if defined(BOTAN_HAS_X509_CERTIFICATES)
23	#include <botan/x509cert.h>
24	#endif
25
26	namespace Botan_Tests {
27
28	namespace {
29
30	#if defined(BOTAN_HAS_ECDSA)
31
32	#if defined(BOTAN_HAS_X509_CERTIFICATES) && defined(BOTAN_TARGET_OS_HAS_FILESYSTEM)
33	Test::Result test_decode_ecdsa_X509() {	1✔
34	Test::Result result("Parse CSCA cert");	1✔
35
36	if(Botan::EC_Group::supports_application_specific_group()) {	1✔
37	try {	1✔
38	Botan::X509_Certificate cert(Test::data_file("x509/ecc/CSCA.CSCA.csca-germany.1.crt"));	2✔
39
40	result.test_eq(	3✔
41	"correct signature oid", cert.signature_algorithm().oid().to_formatted_string(), "ECDSA/SHA-224");	2✔
42
43	result.test_eq("serial number", cert.serial_number(), std::vector<uint8_t>{1});	2✔
44	result.test_eq("authority key id", cert.authority_key_id(), cert.subject_key_id());	2✔
45	result.test_eq(	3✔
46	"key fingerprint",
47	cert.fingerprint("SHA-256"),	2✔
48	"3B:6C:99:1C:D6:5A:51:FC:EB:17:E3:AA:F6:3C:1A:DA:14:1F:82:41:30:6F:64:EE:FF:63:F3:1F:D6:07:14:9F");
49
50	auto pubkey = cert.subject_public_key();	1✔
51	result.test_eq("verify self-signed signature", cert.check_signature(*pubkey), true);	2✔
52	} catch(Botan::Exception& e) {	1✔
53	result.test_failure(e.what());	×
54	}	×
55	}
56
57	return result;	1✔
58	}	×
59
60	Test::Result test_decode_ver_link_SHA256() {	1✔
61	Test::Result result("Check ECDSA signature");	1✔
62
63	if(Botan::EC_Group::supports_application_specific_group()) {	1✔
64	try {	1✔
65	Botan::X509_Certificate root_cert(Test::data_file("x509/ecc/root2_SHA256.cer"));	2✔
66	Botan::X509_Certificate link_cert(Test::data_file("x509/ecc/link_SHA256.cer"));	2✔
67
68	auto pubkey = root_cert.subject_public_key();	1✔
69	result.confirm("verified self-signed signature", link_cert.check_signature(*pubkey));	2✔
70	} catch(Botan::Exception& e) {	1✔
71	result.test_failure(e.what());	×
72	}	×
73	}
74
75	return result;	1✔
76	}	×
77
78	Test::Result test_decode_ver_link_SHA1() {	1✔
79	Test::Result result("Check ECDSA signature SHA-1");	1✔
80
81	if(Botan::EC_Group::supports_application_specific_group()) {	1✔
82	try {	1✔
83	Botan::X509_Certificate root_cert(Test::data_file("x509/ecc/root_SHA1.163.crt"));	2✔
84	Botan::X509_Certificate link_cert(Test::data_file("x509/ecc/link_SHA1.166.crt"));	2✔
85
86	auto pubkey = root_cert.subject_public_key();	1✔
87
88	auto sha1 = Botan::HashFunction::create("SHA-1");	1✔
89
90	if(!sha1) {	1✔
91	result.confirm("verification of self-signed signature failed due to missing SHA-1",	×
92	!link_cert.check_signature(*pubkey));	×
93	return result;	×
94	}
95	result.confirm("verified self-signed signature", link_cert.check_signature(*pubkey));	2✔
96	} catch(Botan::Exception& e) {	2✔
97	result.test_failure(e.what());	×
98	}	×
99	}
100
101	return result;
102	}	×
103	#endif
104
105	Test::Result test_encoding_options() {	1✔
106	Test::Result result("ECDSA encoding");	1✔
107
108	try {	1✔
109	auto rng = Test::new_rng("ecdsa_encoding_options");	1✔
110
111	for(const auto& group_id : Botan::EC_Group::known_named_groups()) {	29✔
112	const auto group = Botan::EC_Group::from_name(group_id);	28✔
113	Botan::ECDSA_PrivateKey key(*rng, group);	28✔
114
115	result.confirm("Default encoding is uncompressed",	56✔
116	key.point_encoding() == Botan::EC_Point_Format::Uncompressed);	28✔
117
118	const std::vector<uint8_t> enc_uncompressed = key.public_key_bits();	28✔
119	key.set_point_encoding(Botan::EC_Point_Format::Compressed);	28✔
120
121	result.confirm("set_point_encoding works", key.point_encoding() == Botan::EC_Point_Format::Compressed);	56✔
122
123	const std::vector<uint8_t> enc_compressed = key.public_key_bits();	28✔
124	result.test_lt("Compressed points are smaller", enc_compressed.size(), enc_uncompressed.size());	28✔
125	size_t size_diff = enc_uncompressed.size() - enc_compressed.size();	28✔
126	result.test_gte("Compressed points smaller by group size", size_diff, group.get_p_bytes());	28✔
127	key.set_point_encoding(Botan::EC_Point_Format::Hybrid);	28✔
128	result.confirm("set_point_encoding works", key.point_encoding() == Botan::EC_Point_Format::Hybrid);	56✔
129	const std::vector<uint8_t> enc_hybrid = key.public_key_bits();	28✔
130	result.test_eq("Hybrid point same size as uncompressed", enc_uncompressed.size(), enc_hybrid.size());	28✔
131
132	#if !defined(BOTAN_HAS_SANITIZER_UNDEFINED)
133	// NOLINTNEXTLINE(clang-analyzer-optin.core.EnumCastOutOfRange)
134	auto invalid_format = static_cast<Botan::EC_Point_Format>(99);	28✔
135
136	result.test_throws("Invalid point format throws", "Invalid point encoding for EC_PublicKey", [&] {	84✔
137	key.set_point_encoding(invalid_format);	28✔
138	});
139	#endif
140	}	84✔
141	} catch(Botan::Exception& e) {	1✔
142	result.test_failure(e.what());	×
143	}	×
144
145	return result;	1✔
146	}	×
147
148	#if defined(BOTAN_TARGET_OS_HAS_FILESYSTEM)
149
150	Test::Result test_ecc_key_with_rfc5915_extensions() {	1✔
151	Test::Result result("ECDSA Unit");	1✔
152
153	try {	1✔
154	if(Botan::EC_Group::supports_named_group("secp256r1")) {	1✔
155	Botan::DataSource_Stream key_stream(Test::data_file("x509/ecc/ecc_private_with_rfc5915_ext.pem"));	2✔
156	auto pkcs8 = Botan::PKCS8::load_key(key_stream);	1✔
157
158	result.confirm("loaded RFC 5915 key", pkcs8 != nullptr);	2✔
159	result.test_eq("key is ECDSA", pkcs8->algo_name(), "ECDSA");	2✔
160	result.confirm("key type is ECDSA", dynamic_cast<Botan::ECDSA_PrivateKey*>(pkcs8.get()) != nullptr);	2✔
161	}	1✔
162	} catch(std::exception& e) {	×
163	result.test_failure("load_rfc5915_ext", e.what());	×
164	}	×
165
166	return result;	1✔
167	}	×
168
169	Test::Result test_ecc_key_with_rfc5915_parameters() {	1✔
170	Test::Result result("ECDSA Unit");	1✔
171
172	try {	1✔
173	if(Botan::EC_Group::supports_named_group("secp256r1")) {	1✔
174	Botan::DataSource_Stream key_stream(Test::data_file("x509/ecc/ecc_private_with_rfc5915_parameters.pem"));	2✔
175	auto pkcs8 = Botan::PKCS8::load_key(key_stream);	1✔
176
177	result.confirm("loaded RFC 5915 key", pkcs8 != nullptr);	2✔
178	result.test_eq("key is ECDSA", pkcs8->algo_name(), "ECDSA");	2✔
179	result.confirm("key type is ECDSA", dynamic_cast<Botan::ECDSA_PrivateKey*>(pkcs8.get()) != nullptr);	2✔
180	}	1✔
181	} catch(std::exception& e) {	×
182	result.test_failure("load_rfc5915_params", e.what());	×
183	}	×
184
185	return result;	1✔
186	}	×
187
188	#endif
189
190	class ECDSA_Unit_Tests final : public Test {	×
191	public:
192	std::vector<Test::Result> run() override {	1✔
193	std::vector<Test::Result> results;	1✔
194
195	#if defined(BOTAN_TARGET_OS_HAS_FILESYSTEM)
196	results.push_back(test_ecc_key_with_rfc5915_extensions());	2✔
197	results.push_back(test_ecc_key_with_rfc5915_parameters());	2✔
198
199	#if defined(BOTAN_HAS_X509_CERTIFICATES)
200	results.push_back(test_decode_ecdsa_X509());	2✔
201	results.push_back(test_decode_ver_link_SHA256());	2✔
202	results.push_back(test_decode_ver_link_SHA1());	2✔
203	#endif
204
205	#endif
206
207	results.push_back(test_encoding_options());	2✔
208	return results;	1✔
209	}	×
210	};
211
212	BOTAN_REGISTER_TEST("pubkey", "ecdsa_unit", ECDSA_Unit_Tests);
213	#endif
214
215	} // namespace
216
217	} // namespace Botan_Tests

randombit / botan / 13345891044

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous