14130867032

Committed 28 Mar 2025 02:12PM UTC coverage: 91.542% (+0.005%) from 91.537%

Build # 14130867032

Build Type

push

github

Committed by

web-flow

Commit Message

Merge pull request #4794 from Rohde-Schwarz/fix/missing_compliance_check

Add missing compliance checks in EC(DH)

Run Details

95404 of 104219 relevant lines covered (91.54%)

11709989.75 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

92.06

/src/tests/test_ecdh.cpp

/*
* (C) 2015,2016 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/

#include "tests.h"

#if defined(BOTAN_HAS_ECDH)
   #include "test_pubkey.h"
   #include <botan/ecdh.h>
#endif

namespace Botan_Tests {

namespace {

#if defined(BOTAN_HAS_ECDH)

class ECDH_KAT_Tests final : public PK_Key_Agreement_Test {
   public:
      ECDH_KAT_Tests() : PK_Key_Agreement_Test("ECDH", "pubkey/ecdh.vec", "Secret,CounterKey,K", "KDF") {}

      std::string default_kdf(const VarMap& /*unused*/) const override { return "Raw"; }

      bool skip_this_test(const std::string& group_id, const VarMap&) override {
         return !Botan::EC_Group::supports_named_group(group_id);
      }

      std::unique_ptr<Botan::Private_Key> load_our_key(const std::string& group_id, const VarMap& vars) override {
         const auto group = Botan::EC_Group::from_name(group_id);
         const Botan::BigInt secret = vars.get_req_bn("Secret");
         return std::make_unique<Botan::ECDH_PrivateKey>(this->rng(), group, secret);
      }

      std::vector<uint8_t> load_their_key(const std::string& /*header*/, const VarMap& vars) override {
         return vars.get_req_bin("CounterKey");
      }
};

class ECDH_Keygen_Tests final : public PK_Key_Generation_Test {
   public:
      std::vector<std::string> keygen_params() const override {
         return {
            "secp256r1", "secp384r1", "secp521r1", "brainpool256r1", "brainpool384r1", "brainpool512r1", "frp256v1"};
      }

      std::string algo_name() const override { return "ECDH"; }

      std::unique_ptr<Botan::Public_Key> public_key_from_raw(std::string_view keygen_params,
                                                             std::string_view /* provider */,
                                                             std::span<const uint8_t> raw_pk) const override {
         const auto group = Botan::EC_Group(keygen_params);
         const auto public_key = Botan::EC_AffinePoint(group, raw_pk);
         return std::make_unique<Botan::ECDH_PublicKey>(group, public_key);
      }
};

class ECDH_AllGroups_Tests : public Test {
   public:
      std::vector<Test::Result> run() override {
         std::vector<Test::Result> results;

         for(const std::string& group_name : Botan::EC_Group::known_named_groups()) {
            Test::Result result("ECDH " + group_name);

            result.start_timer();

            const std::string kdf = "Raw";

            try {
               const auto group = Botan::EC_Group::from_name(group_name);

               // Regression test: prohibit loading an all-zero private key
               result.test_throws<Botan::Invalid_Argument>("all-zero private key is unacceptable", [&] {
                  const auto one = Botan::EC_Scalar::one(group);
                  Botan::ECDH_PrivateKey(group, one - one);
               });

               // Regression test: prohibit loading a public point that is the identity (point at infinity)
               result.test_throws<Botan::Invalid_Argument>("point at infinity isn't a valid public key", [&] {
                  const auto infinity = Botan::EC_AffinePoint::identity(group);
                  Botan::ECDH_PublicKey(group, infinity);
               });

               // Regression test: prohibit ECDH-agreement with all-zero public value
               result.test_throws<Botan::Decoding_Error>("ECDH public value is point-at-infinity", [&] {
                  const auto sk = Botan::ECDH_PrivateKey(rng(), group);
                  Botan::PK_Key_Agreement ka(sk, rng(), kdf);
                  const auto sec1_infinity = std::array{uint8_t(0x00)};
                  const auto a_ss = ka.derive_key(0, sec1_infinity);
               });

               for(size_t i = 0; i != 100; ++i) {
                  const Botan::ECDH_PrivateKey a_priv(rng(), group);
                  const auto a_pub = a_priv.public_value();

                  const Botan::ECDH_PrivateKey b_priv(rng(), group);
                  const auto b_pub = b_priv.public_value();

                  Botan::PK_Key_Agreement a_ka(a_priv, rng(), kdf);
                  const auto a_ss = a_ka.derive_key(0, b_pub);

                  Botan::PK_Key_Agreement b_ka(b_priv, rng(), kdf);
                  const auto b_ss = b_ka.derive_key(0, a_pub);

                  result.test_eq("Same shared secret", a_ss.bits_of(), b_ss.bits_of());
               }
            } catch(std::exception& e) {
               result.test_failure("Exception", e.what());
            }

            result.end_timer();

            results.push_back(result);
         }

         return results;
      }
};

BOTAN_REGISTER_TEST("pubkey", "ecdh_kat", ECDH_KAT_Tests);
BOTAN_REGISTER_TEST("pubkey", "ecdh_keygen", ECDH_Keygen_Tests);
BOTAN_REGISTER_TEST("pubkey", "ecdh_all_groups", ECDH_AllGroups_Tests);

#endif

}  // namespace

}  // namespace Botan_Tests

1	/*
2	* (C) 2015,2016 Jack Lloyd
3	*
4	* Botan is released under the Simplified BSD License (see license.txt)
5	*/
6
7	#include "tests.h"
8
9	#if defined(BOTAN_HAS_ECDH)
10	#include "test_pubkey.h"
11	#include <botan/ecdh.h>
12	#endif
13
14	namespace Botan_Tests {
15
16	namespace {
17
18	#if defined(BOTAN_HAS_ECDH)
19
20	class ECDH_KAT_Tests final : public PK_Key_Agreement_Test {
21	public:
22	ECDH_KAT_Tests() : PK_Key_Agreement_Test("ECDH", "pubkey/ecdh.vec", "Secret,CounterKey,K", "KDF") {}	2✔
23
24	std::string default_kdf(const VarMap& /unused/) const override { return "Raw"; }	156✔
25
26	bool skip_this_test(const std::string& group_id, const VarMap&) override {	156✔
27	return !Botan::EC_Group::supports_named_group(group_id);	156✔
28	}
29
30	std::unique_ptr<Botan::Private_Key> load_our_key(const std::string& group_id, const VarMap& vars) override {	156✔
31	const auto group = Botan::EC_Group::from_name(group_id);	156✔
32	const Botan::BigInt secret = vars.get_req_bn("Secret");	156✔
33	return std::make_unique<Botan::ECDH_PrivateKey>(this->rng(), group, secret);	468✔
34	}	156✔
35
36	std::vector<uint8_t> load_their_key(const std::string& /header/, const VarMap& vars) override {	156✔
37	return vars.get_req_bin("CounterKey");	312✔
38	}
39	};
40
41	class ECDH_Keygen_Tests final : public PK_Key_Generation_Test {	×
42	public:
43	std::vector<std::string> keygen_params() const override {	1✔
44	return {	1✔
45	"secp256r1", "secp384r1", "secp521r1", "brainpool256r1", "brainpool384r1", "brainpool512r1", "frp256v1"};	1✔
46	}
47
48	std::string algo_name() const override { return "ECDH"; }	7✔
49
50	std::unique_ptr<Botan::Public_Key> public_key_from_raw(std::string_view keygen_params,	7✔
51	std::string_view /* provider */,
52	std::span<const uint8_t> raw_pk) const override {
53	const auto group = Botan::EC_Group(keygen_params);	7✔
54	const auto public_key = Botan::EC_AffinePoint(group, raw_pk);	7✔
55	return std::make_unique<Botan::ECDH_PublicKey>(group, public_key);	21✔
56	}	7✔
57	};
58
59	class ECDH_AllGroups_Tests : public Test {	×
60	public:
61	std::vector<Test::Result> run() override {	1✔
62	std::vector<Test::Result> results;	1✔
63
64	for(const std::string& group_name : Botan::EC_Group::known_named_groups()) {	29✔
65	Test::Result result("ECDH " + group_name);	28✔
66
67	result.start_timer();	28✔
68
69	const std::string kdf = "Raw";	28✔
70
71	try {	28✔
72	const auto group = Botan::EC_Group::from_name(group_name);	28✔
73
74	// Regression test: prohibit loading an all-zero private key
75	result.test_throws<Botan::Invalid_Argument>("all-zero private key is unacceptable", [&] {	56✔
76	const auto one = Botan::EC_Scalar::one(group);	28✔
77	Botan::ECDH_PrivateKey(group, one - one);	56✔
78	});	28✔
79
80	// Regression test: prohibit loading a public point that is the identity (point at infinity)
81	result.test_throws<Botan::Invalid_Argument>("point at infinity isn't a valid public key", [&] {	56✔
82	const auto infinity = Botan::EC_AffinePoint::identity(group);	28✔
83	Botan::ECDH_PublicKey(group, infinity);	28✔
84	});	28✔
85
86	// Regression test: prohibit ECDH-agreement with all-zero public value
87	result.test_throws<Botan::Decoding_Error>("ECDH public value is point-at-infinity", [&] {	56✔
88	const auto sk = Botan::ECDH_PrivateKey(rng(), group);	28✔
89	Botan::PK_Key_Agreement ka(sk, rng(), kdf);	28✔
90	const auto sec1_infinity = std::array{uint8_t(0x00)};	28✔
91	const auto a_ss = ka.derive_key(0, sec1_infinity);	28✔
92	});	56✔
93
94	for(size_t i = 0; i != 100; ++i) {	2,828✔
95	const Botan::ECDH_PrivateKey a_priv(rng(), group);	2,800✔
96	const auto a_pub = a_priv.public_value();	2,800✔
97
98	const Botan::ECDH_PrivateKey b_priv(rng(), group);	2,800✔
99	const auto b_pub = b_priv.public_value();	2,800✔
100
101	Botan::PK_Key_Agreement a_ka(a_priv, rng(), kdf);	2,800✔
102	const auto a_ss = a_ka.derive_key(0, b_pub);	2,800✔
103
104	Botan::PK_Key_Agreement b_ka(b_priv, rng(), kdf);	2,800✔
105	const auto b_ss = b_ka.derive_key(0, a_pub);	2,800✔
106
107	result.test_eq("Same shared secret", a_ss.bits_of(), b_ss.bits_of());	11,200✔
108	}	11,200✔
109	} catch(std::exception& e) {	28✔
110	result.test_failure("Exception", e.what());	×
111	}	×
112
113	result.end_timer();	28✔
114
115	results.push_back(result);	28✔
116	}	28✔
117
118	return results;	1✔
119	}	×
120	};
121
122	BOTAN_REGISTER_TEST("pubkey", "ecdh_kat", ECDH_KAT_Tests);
123	BOTAN_REGISTER_TEST("pubkey", "ecdh_keygen", ECDH_Keygen_Tests);
124	BOTAN_REGISTER_TEST("pubkey", "ecdh_all_groups", ECDH_AllGroups_Tests);
125
126	#endif
127
128	} // namespace
129
130	} // namespace Botan_Tests

randombit / botan / 14130867032

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous