PolarSSL v1.3.8
test_suite_ecdsa.c
Go to the documentation of this file.
1 #if !defined(POLARSSL_CONFIG_FILE)
2 #include <polarssl/config.h>
3 #else
4 #include POLARSSL_CONFIG_FILE
5 #endif
6 
7 #ifdef POLARSSL_ECDSA_C
8 
9 #include <polarssl/ecdsa.h>
10 #endif /* POLARSSL_ECDSA_C */
11 
12 
13 #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
14 #include "polarssl/memory.h"
15 #endif
16 
17 #if defined(POLARSSL_PLATFORM_C)
18 #include "polarssl/platform.h"
19 #else
20 #define polarssl_malloc malloc
21 #define polarssl_free free
22 #endif
23 
24 #ifdef _MSC_VER
25 #include <basetsd.h>
26 typedef UINT32 uint32_t;
27 #else
28 #include <inttypes.h>
29 #endif
30 
31 #include <assert.h>
32 #include <stdlib.h>
33 #include <string.h>
34 
35 /*
36  * 32-bit integer manipulation macros (big endian)
37  */
38 #ifndef GET_UINT32_BE
39 #define GET_UINT32_BE(n,b,i) \
40 { \
41  (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
42  | ( (uint32_t) (b)[(i) + 1] << 16 ) \
43  | ( (uint32_t) (b)[(i) + 2] << 8 ) \
44  | ( (uint32_t) (b)[(i) + 3] ); \
45 }
46 #endif
47 
48 #ifndef PUT_UINT32_BE
49 #define PUT_UINT32_BE(n,b,i) \
50 { \
51  (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
52  (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
53  (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
54  (b)[(i) + 3] = (unsigned char) ( (n) ); \
55 }
56 #endif
57 
58 static int unhexify(unsigned char *obuf, const char *ibuf)
59 {
60  unsigned char c, c2;
61  int len = strlen(ibuf) / 2;
62  assert(!(strlen(ibuf) %1)); // must be even number of bytes
63 
64  while (*ibuf != 0)
65  {
66  c = *ibuf++;
67  if( c >= '0' && c <= '9' )
68  c -= '0';
69  else if( c >= 'a' && c <= 'f' )
70  c -= 'a' - 10;
71  else if( c >= 'A' && c <= 'F' )
72  c -= 'A' - 10;
73  else
74  assert( 0 );
75 
76  c2 = *ibuf++;
77  if( c2 >= '0' && c2 <= '9' )
78  c2 -= '0';
79  else if( c2 >= 'a' && c2 <= 'f' )
80  c2 -= 'a' - 10;
81  else if( c2 >= 'A' && c2 <= 'F' )
82  c2 -= 'A' - 10;
83  else
84  assert( 0 );
85 
86  *obuf++ = ( c << 4 ) | c2;
87  }
88 
89  return len;
90 }
91 
92 static void hexify(unsigned char *obuf, const unsigned char *ibuf, int len)
93 {
94  unsigned char l, h;
95 
96  while (len != 0)
97  {
98  h = (*ibuf) / 16;
99  l = (*ibuf) % 16;
100 
101  if( h < 10 )
102  *obuf++ = '0' + h;
103  else
104  *obuf++ = 'a' + h - 10;
105 
106  if( l < 10 )
107  *obuf++ = '0' + l;
108  else
109  *obuf++ = 'a' + l - 10;
110 
111  ++ibuf;
112  len--;
113  }
114 }
115 
123 static unsigned char *zero_alloc( size_t len )
124 {
125  void *p;
126  size_t actual_len = len != 0 ? len : 1;
127 
128  p = polarssl_malloc( actual_len );
129  assert( p != NULL );
130 
131  memset( p, 0x00, actual_len );
132 
133  return( p );
134 }
135 
146 static unsigned char *unhexify_alloc( const char *ibuf, size_t *olen )
147 {
148  unsigned char *obuf;
149 
150  *olen = strlen(ibuf) / 2;
151 
152  if( *olen == 0 )
153  return( zero_alloc( *olen ) );
154 
155  obuf = polarssl_malloc( *olen );
156  assert( obuf != NULL );
157 
158  (void) unhexify( obuf, ibuf );
159 
160  return( obuf );
161 }
162 
172 static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len )
173 {
174 #if !defined(__OpenBSD__)
175  size_t i;
176 
177  if( rng_state != NULL )
178  rng_state = NULL;
179 
180  for( i = 0; i < len; ++i )
181  output[i] = rand();
182 #else
183  if( rng_state != NULL )
184  rng_state = NULL;
185 
186  arc4random_buf( output, len );
187 #endif /* !OpenBSD */
188 
189  return( 0 );
190 }
191 
197 static int rnd_zero_rand( void *rng_state, unsigned char *output, size_t len )
198 {
199  if( rng_state != NULL )
200  rng_state = NULL;
201 
202  memset( output, 0, len );
203 
204  return( 0 );
205 }
206 
207 typedef struct
208 {
209  unsigned char *buf;
210  size_t length;
211 } rnd_buf_info;
212 
224 static int rnd_buffer_rand( void *rng_state, unsigned char *output, size_t len )
225 {
226  rnd_buf_info *info = (rnd_buf_info *) rng_state;
227  size_t use_len;
228 
229  if( rng_state == NULL )
230  return( rnd_std_rand( NULL, output, len ) );
231 
232  use_len = len;
233  if( len > info->length )
234  use_len = info->length;
235 
236  if( use_len )
237  {
238  memcpy( output, info->buf, use_len );
239  info->buf += use_len;
240  info->length -= use_len;
241  }
242 
243  if( len - use_len > 0 )
244  return( rnd_std_rand( NULL, output + use_len, len - use_len ) );
245 
246  return( 0 );
247 }
248 
256 typedef struct
257 {
258  uint32_t key[16];
259  uint32_t v0, v1;
261 
270 static int rnd_pseudo_rand( void *rng_state, unsigned char *output, size_t len )
271 {
272  rnd_pseudo_info *info = (rnd_pseudo_info *) rng_state;
273  uint32_t i, *k, sum, delta=0x9E3779B9;
274  unsigned char result[4], *out = output;
275 
276  if( rng_state == NULL )
277  return( rnd_std_rand( NULL, output, len ) );
278 
279  k = info->key;
280 
281  while( len > 0 )
282  {
283  size_t use_len = ( len > 4 ) ? 4 : len;
284  sum = 0;
285 
286  for( i = 0; i < 32; i++ )
287  {
288  info->v0 += (((info->v1 << 4) ^ (info->v1 >> 5)) + info->v1) ^ (sum + k[sum & 3]);
289  sum += delta;
290  info->v1 += (((info->v0 << 4) ^ (info->v0 >> 5)) + info->v0) ^ (sum + k[(sum>>11) & 3]);
291  }
292 
293  PUT_UINT32_BE( info->v0, result, 0 );
294  memcpy( out, result, use_len );
295  len -= use_len;
296  out += 4;
297  }
298 
299  return( 0 );
300 }
301 
302 
303 #include <stdio.h>
304 #include <string.h>
305 
306 #if defined(POLARSSL_PLATFORM_C)
307 #include "polarssl/platform.h"
308 #else
309 #define polarssl_printf printf
310 #define polarssl_malloc malloc
311 #define polarssl_free free
312 #endif
313 
314 static int test_errors = 0;
315 
316 #ifdef POLARSSL_ECDSA_C
317 
318 #define TEST_SUITE_ACTIVE
319 
320 static int test_assert( int correct, const char *test )
321 {
322  if( correct )
323  return( 0 );
324 
325  test_errors++;
326  if( test_errors == 1 )
327  printf( "FAILED\n" );
328  printf( " %s\n", test );
329 
330  return( 1 );
331 }
332 
333 #define TEST_ASSERT( TEST ) \
334  do { test_assert( (TEST) ? 1 : 0, #TEST ); \
335  if( test_errors) goto exit; \
336  } while (0)
337 
338 int verify_string( char **str )
339 {
340  if( (*str)[0] != '"' ||
341  (*str)[strlen( *str ) - 1] != '"' )
342  {
343  printf( "Expected string (with \"\") for parameter and got: %s\n", *str );
344  return( -1 );
345  }
346 
347  (*str)++;
348  (*str)[strlen( *str ) - 1] = '\0';
349 
350  return( 0 );
351 }
352 
353 int verify_int( char *str, int *value )
354 {
355  size_t i;
356  int minus = 0;
357  int digits = 1;
358  int hex = 0;
359 
360  for( i = 0; i < strlen( str ); i++ )
361  {
362  if( i == 0 && str[i] == '-' )
363  {
364  minus = 1;
365  continue;
366  }
367 
368  if( ( ( minus && i == 2 ) || ( !minus && i == 1 ) ) &&
369  str[i - 1] == '0' && str[i] == 'x' )
370  {
371  hex = 1;
372  continue;
373  }
374 
375  if( ! ( ( str[i] >= '0' && str[i] <= '9' ) ||
376  ( hex && ( ( str[i] >= 'a' && str[i] <= 'f' ) ||
377  ( str[i] >= 'A' && str[i] <= 'F' ) ) ) ) )
378  {
379  digits = 0;
380  break;
381  }
382  }
383 
384  if( digits )
385  {
386  if( hex )
387  *value = strtol( str, NULL, 16 );
388  else
389  *value = strtol( str, NULL, 10 );
390 
391  return( 0 );
392  }
393 
394  if( strcmp( str, "POLARSSL_ECP_DP_SECP256R1" ) == 0 )
395  {
396  *value = ( POLARSSL_ECP_DP_SECP256R1 );
397  return( 0 );
398  }
399 #ifdef POLARSSL_ECDSA_DETERMINISTIC
400  if( strcmp( str, "POLARSSL_MD_SHA224" ) == 0 )
401  {
402  *value = ( POLARSSL_MD_SHA224 );
403  return( 0 );
404  }
405 #endif // POLARSSL_ECDSA_DETERMINISTIC
406  if( strcmp( str, "POLARSSL_ECP_DP_SECP521R1" ) == 0 )
407  {
408  *value = ( POLARSSL_ECP_DP_SECP521R1 );
409  return( 0 );
410  }
411 #ifdef POLARSSL_ECDSA_DETERMINISTIC
412  if( strcmp( str, "POLARSSL_MD_SHA256" ) == 0 )
413  {
414  *value = ( POLARSSL_MD_SHA256 );
415  return( 0 );
416  }
417 #endif // POLARSSL_ECDSA_DETERMINISTIC
418 #ifdef POLARSSL_ECDSA_DETERMINISTIC
419  if( strcmp( str, "POLARSSL_MD_SHA1" ) == 0 )
420  {
421  *value = ( POLARSSL_MD_SHA1 );
422  return( 0 );
423  }
424 #endif // POLARSSL_ECDSA_DETERMINISTIC
425  if( strcmp( str, "POLARSSL_ECP_DP_SECP224R1" ) == 0 )
426  {
427  *value = ( POLARSSL_ECP_DP_SECP224R1 );
428  return( 0 );
429  }
430  if( strcmp( str, "POLARSSL_ECP_DP_SECP384R1" ) == 0 )
431  {
432  *value = ( POLARSSL_ECP_DP_SECP384R1 );
433  return( 0 );
434  }
435 #ifdef POLARSSL_ECDSA_DETERMINISTIC
436  if( strcmp( str, "POLARSSL_MD_SHA512" ) == 0 )
437  {
438  *value = ( POLARSSL_MD_SHA512 );
439  return( 0 );
440  }
441 #endif // POLARSSL_ECDSA_DETERMINISTIC
442 #ifdef POLARSSL_ECDSA_DETERMINISTIC
443  if( strcmp( str, "POLARSSL_MD_SHA384" ) == 0 )
444  {
445  *value = ( POLARSSL_MD_SHA384 );
446  return( 0 );
447  }
448 #endif // POLARSSL_ECDSA_DETERMINISTIC
449  if( strcmp( str, "POLARSSL_ECP_DP_SECP192R1" ) == 0 )
450  {
451  *value = ( POLARSSL_ECP_DP_SECP192R1 );
452  return( 0 );
453  }
454 
455 
456  printf( "Expected integer for parameter and got: %s\n", str );
457  return( -1 );
458 }
459 
460 void test_suite_ecdsa_prim_random( int id )
461 {
462  ecp_group grp;
463  ecp_point Q;
464  mpi d, r, s;
465  rnd_pseudo_info rnd_info;
466  unsigned char buf[66];
467 
468  ecp_group_init( &grp );
469  ecp_point_init( &Q );
470  mpi_init( &d ); mpi_init( &r ); mpi_init( &s );
471  memset( &rnd_info, 0x00, sizeof( rnd_pseudo_info ) );
472  memset( buf, 0, sizeof( buf ) );
473 
474  /* prepare material for signature */
475  TEST_ASSERT( rnd_pseudo_rand( &rnd_info, buf, sizeof( buf ) ) == 0 );
476  TEST_ASSERT( ecp_use_known_dp( &grp, id ) == 0 );
477  TEST_ASSERT( ecp_gen_keypair( &grp, &d, &Q, &rnd_pseudo_rand, &rnd_info )
478  == 0 );
479 
480  TEST_ASSERT( ecdsa_sign( &grp, &r, &s, &d, buf, sizeof( buf ),
481  &rnd_pseudo_rand, &rnd_info ) == 0 );
482  TEST_ASSERT( ecdsa_verify( &grp, buf, sizeof( buf ), &Q, &r, &s ) == 0 );
483 
484 exit:
485  ecp_group_free( &grp );
486  ecp_point_free( &Q );
487  mpi_free( &d ); mpi_free( &r ); mpi_free( &s );
488 }
489 
490 void test_suite_ecdsa_prim_test_vectors( int id, char *d_str, char *xQ_str, char *yQ_str,
491  char *k_str, char *hash_str, char *r_str,
492  char *s_str )
493 {
494  ecp_group grp;
495  ecp_point Q;
496  mpi d, r, s, r_check, s_check;
497  unsigned char hash[66], rnd_buf[66];
498  size_t hlen;
499  rnd_buf_info rnd_info;
500 
501  ecp_group_init( &grp );
502  ecp_point_init( &Q );
503  mpi_init( &d ); mpi_init( &r ); mpi_init( &s );
504  mpi_init( &r_check ); mpi_init( &s_check );
505  memset( hash, 0, sizeof( hash ) );
506  memset( rnd_buf, 0, sizeof( rnd_buf ) );
507 
508  TEST_ASSERT( ecp_use_known_dp( &grp, id ) == 0 );
509  TEST_ASSERT( ecp_point_read_string( &Q, 16, xQ_str, yQ_str ) == 0 );
510  TEST_ASSERT( mpi_read_string( &d, 16, d_str ) == 0 );
511  TEST_ASSERT( mpi_read_string( &r_check, 16, r_str ) == 0 );
512  TEST_ASSERT( mpi_read_string( &s_check, 16, s_str ) == 0 );
513  hlen = unhexify(hash, hash_str);
514  rnd_info.buf = rnd_buf;
515  rnd_info.length = unhexify( rnd_buf, k_str );
516 
517  /* Fix rnd_buf by shifting it left if necessary */
518  if( grp.nbits % 8 != 0 )
519  {
520  unsigned char shift = 8 - ( grp.nbits % 8 );
521  size_t i;
522 
523  for( i = 0; i < rnd_info.length - 1; i++ )
524  rnd_buf[i] = rnd_buf[i] << shift | rnd_buf[i+1] >> ( 8 - shift );
525 
526  rnd_buf[rnd_info.length-1] <<= shift;
527  }
528 
529  TEST_ASSERT( ecdsa_sign( &grp, &r, &s, &d, hash, hlen,
530  rnd_buffer_rand, &rnd_info ) == 0 );
531 
532  TEST_ASSERT( mpi_cmp_mpi( &r, &r_check ) == 0 );
533  TEST_ASSERT( mpi_cmp_mpi( &s, &s_check ) == 0 );
534 
535  TEST_ASSERT( ecdsa_verify( &grp, hash, hlen, &Q, &r_check, &s_check ) == 0 );
536 
537 exit:
538  ecp_group_free( &grp );
539  ecp_point_free( &Q );
540  mpi_free( &d ); mpi_free( &r ); mpi_free( &s );
541  mpi_free( &r_check ); mpi_free( &s_check );
542 }
543 
544 #ifdef POLARSSL_ECDSA_DETERMINISTIC
545 void test_suite_ecdsa_det_test_vectors( int id, char *d_str, int md_alg,
546  char *msg, char *r_str, char *s_str )
547 {
548  ecp_group grp;
549  mpi d, r, s, r_check, s_check;
550  unsigned char hash[POLARSSL_MD_MAX_SIZE];
551  size_t hlen;
552  const md_info_t *md_info;
553 
554  ecp_group_init( &grp );
555  mpi_init( &d ); mpi_init( &r ); mpi_init( &s );
556  mpi_init( &r_check ); mpi_init( &s_check );
557  memset( hash, 0, sizeof( hash ) );
558 
559  TEST_ASSERT( ecp_use_known_dp( &grp, id ) == 0 );
560  TEST_ASSERT( mpi_read_string( &d, 16, d_str ) == 0 );
561  TEST_ASSERT( mpi_read_string( &r_check, 16, r_str ) == 0 );
562  TEST_ASSERT( mpi_read_string( &s_check, 16, s_str ) == 0 );
563 
564  md_info = md_info_from_type( md_alg );
565  TEST_ASSERT( md_info != NULL );
566  hlen = md_info->size;
567  md( md_info, (const unsigned char *) msg, strlen( msg ), hash );
568 
569  TEST_ASSERT( ecdsa_sign_det( &grp, &r, &s, &d, hash, hlen, md_alg ) == 0 );
570 
571  TEST_ASSERT( mpi_cmp_mpi( &r, &r_check ) == 0 );
572  TEST_ASSERT( mpi_cmp_mpi( &s, &s_check ) == 0 );
573 
574 exit:
575  ecp_group_free( &grp );
576  mpi_free( &d ); mpi_free( &r ); mpi_free( &s );
577  mpi_free( &r_check ); mpi_free( &s_check );
578 }
579 #endif /* POLARSSL_ECDSA_DETERMINISTIC */
580 
581 void test_suite_ecdsa_write_read_random( int id )
582 {
583  ecdsa_context ctx;
584  rnd_pseudo_info rnd_info;
585  unsigned char hash[66];
586  unsigned char sig[200];
587  size_t sig_len, i;
588 
589  ecdsa_init( &ctx );
590  memset( &rnd_info, 0x00, sizeof( rnd_pseudo_info ) );
591  memset( hash, 0, sizeof( hash ) );
592  memset( sig, 0x2a, sizeof( sig ) );
593 
594  /* prepare material for signature */
595  TEST_ASSERT( rnd_pseudo_rand( &rnd_info, hash, sizeof( hash ) ) == 0 );
596 
597  /* generate signing key */
598  TEST_ASSERT( ecdsa_genkey( &ctx, id, &rnd_pseudo_rand, &rnd_info ) == 0 );
599 
600  /* generate and write signature, then read and verify it */
601  TEST_ASSERT( ecdsa_write_signature( &ctx, hash, sizeof( hash ),
602  sig, &sig_len, &rnd_pseudo_rand, &rnd_info ) == 0 );
603  TEST_ASSERT( ecdsa_read_signature( &ctx, hash, sizeof( hash ),
604  sig, sig_len ) == 0 );
605 
606  /* check we didn't write past the announced length */
607  for( i = sig_len; i < sizeof( sig ); i++ )
608  TEST_ASSERT( sig[i] == 0x2a );
609 
610  /* try verification with invalid length */
611  TEST_ASSERT( ecdsa_read_signature( &ctx, hash, sizeof( hash ),
612  sig, sig_len - 1 ) != 0 );
613  TEST_ASSERT( ecdsa_read_signature( &ctx, hash, sizeof( hash ),
614  sig, sig_len + 1 ) != 0 );
615 
616  /* try invalid sequence tag */
617  sig[0]++;
618  TEST_ASSERT( ecdsa_read_signature( &ctx, hash, sizeof( hash ),
619  sig, sig_len ) != 0 );
620  sig[0]--;
621 
622  /* try modifying r */
623  sig[10]++;
624  TEST_ASSERT( ecdsa_read_signature( &ctx, hash, sizeof( hash ),
625  sig, sig_len ) != 0 );
626  sig[10]--;
627 
628  /* try modifying s */
629  sig[sig_len - 1]++;
630  TEST_ASSERT( ecdsa_read_signature( &ctx, hash, sizeof( hash ),
631  sig, sig_len ) != 0 );
632  sig[sig_len - 1]--;
633 
634 exit:
635  ecdsa_free( &ctx );
636 }
637 
638 #ifdef POLARSSL_ECDSA_DETERMINISTIC
639 void test_suite_ecdsa_write_read_det_random( int id, int md_alg )
640 {
641  ecdsa_context ctx;
642  rnd_pseudo_info rnd_info;
643  unsigned char msg[100];
644  unsigned char hash[POLARSSL_MD_MAX_SIZE];
645  unsigned char sig[200];
646  size_t sig_len;
647 
648  ecdsa_init( &ctx );
649  memset( &rnd_info, 0x00, sizeof( rnd_pseudo_info ) );
650  memset( hash, 0, sizeof( hash ) );
651  memset( sig, 0x2a, sizeof( sig ) );
652 
653  /* prepare material for signature */
654  TEST_ASSERT( rnd_pseudo_rand( &rnd_info, msg, sizeof( msg ) ) == 0 );
655  md( md_info_from_type( md_alg ), msg, sizeof( msg ), hash );
656 
657  /* generate signing key */
658  TEST_ASSERT( ecdsa_genkey( &ctx, id, &rnd_pseudo_rand, &rnd_info ) == 0 );
659 
660  /* generate and write signature, then read and verify it */
661  TEST_ASSERT( ecdsa_write_signature_det( &ctx, hash, sizeof( hash ),
662  sig, &sig_len, md_alg ) == 0 );
663  TEST_ASSERT( ecdsa_read_signature( &ctx, hash, sizeof( hash ),
664  sig, sig_len ) == 0 );
665 
666 exit:
667  ecdsa_free( &ctx );
668 }
669 #endif /* POLARSSL_ECDSA_DETERMINISTIC */
670 
671 
672 #endif /* POLARSSL_ECDSA_C */
673 
674 
675 int dep_check( char *str )
676 {
677  if( str == NULL )
678  return( 1 );
679 
680  if( strcmp( str, "POLARSSL_ECP_DP_SECP224R1_ENABLED" ) == 0 )
681  {
682 #if defined(POLARSSL_ECP_DP_SECP224R1_ENABLED)
683  return( 0 );
684 #else
685  return( 1 );
686 #endif
687  }
688  if( strcmp( str, "POLARSSL_ECP_DP_SECP384R1_ENABLED" ) == 0 )
689  {
690 #if defined(POLARSSL_ECP_DP_SECP384R1_ENABLED)
691  return( 0 );
692 #else
693  return( 1 );
694 #endif
695  }
696  if( strcmp( str, "POLARSSL_SHA512_C" ) == 0 )
697  {
698 #if defined(POLARSSL_SHA512_C)
699  return( 0 );
700 #else
701  return( 1 );
702 #endif
703  }
704  if( strcmp( str, "POLARSSL_ECP_DP_SECP192R1_ENABLED" ) == 0 )
705  {
706 #if defined(POLARSSL_ECP_DP_SECP192R1_ENABLED)
707  return( 0 );
708 #else
709  return( 1 );
710 #endif
711  }
712  if( strcmp( str, "POLARSSL_SHA256_C" ) == 0 )
713  {
714 #if defined(POLARSSL_SHA256_C)
715  return( 0 );
716 #else
717  return( 1 );
718 #endif
719  }
720  if( strcmp( str, "POLARSSL_ECP_DP_SECP256R1_ENABLED" ) == 0 )
721  {
722 #if defined(POLARSSL_ECP_DP_SECP256R1_ENABLED)
723  return( 0 );
724 #else
725  return( 1 );
726 #endif
727  }
728  if( strcmp( str, "POLARSSL_ECP_DP_SECP521R1_ENABLED" ) == 0 )
729  {
730 #if defined(POLARSSL_ECP_DP_SECP521R1_ENABLED)
731  return( 0 );
732 #else
733  return( 1 );
734 #endif
735  }
736  if( strcmp( str, "POLARSSL_SHA1_C" ) == 0 )
737  {
738 #if defined(POLARSSL_SHA1_C)
739  return( 0 );
740 #else
741  return( 1 );
742 #endif
743  }
744 
745 
746  return( 1 );
747 }
748 
749 int dispatch_test(int cnt, char *params[50])
750 {
751  int ret;
752  ((void) cnt);
753  ((void) params);
754 
755 #if defined(TEST_SUITE_ACTIVE)
756  if( strcmp( params[0], "ecdsa_prim_random" ) == 0 )
757  {
758 
759  int param1;
760 
761  if( cnt != 2 )
762  {
763  fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 2 );
764  return( 2 );
765  }
766 
767  if( verify_int( params[1], &param1 ) != 0 ) return( 2 );
768 
769  test_suite_ecdsa_prim_random( param1 );
770  return ( 0 );
771 
772  return ( 3 );
773  }
774  else
775  if( strcmp( params[0], "ecdsa_prim_test_vectors" ) == 0 )
776  {
777 
778  int param1;
779  char *param2 = params[2];
780  char *param3 = params[3];
781  char *param4 = params[4];
782  char *param5 = params[5];
783  char *param6 = params[6];
784  char *param7 = params[7];
785  char *param8 = params[8];
786 
787  if( cnt != 9 )
788  {
789  fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 9 );
790  return( 2 );
791  }
792 
793  if( verify_int( params[1], &param1 ) != 0 ) return( 2 );
794  if( verify_string( &param2 ) != 0 ) return( 2 );
795  if( verify_string( &param3 ) != 0 ) return( 2 );
796  if( verify_string( &param4 ) != 0 ) return( 2 );
797  if( verify_string( &param5 ) != 0 ) return( 2 );
798  if( verify_string( &param6 ) != 0 ) return( 2 );
799  if( verify_string( &param7 ) != 0 ) return( 2 );
800  if( verify_string( &param8 ) != 0 ) return( 2 );
801 
802  test_suite_ecdsa_prim_test_vectors( param1, param2, param3, param4, param5, param6, param7, param8 );
803  return ( 0 );
804 
805  return ( 3 );
806  }
807  else
808  if( strcmp( params[0], "ecdsa_det_test_vectors" ) == 0 )
809  {
810  #ifdef POLARSSL_ECDSA_DETERMINISTIC
811 
812  int param1;
813  char *param2 = params[2];
814  int param3;
815  char *param4 = params[4];
816  char *param5 = params[5];
817  char *param6 = params[6];
818 
819  if( cnt != 7 )
820  {
821  fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 7 );
822  return( 2 );
823  }
824 
825  if( verify_int( params[1], &param1 ) != 0 ) return( 2 );
826  if( verify_string( &param2 ) != 0 ) return( 2 );
827  if( verify_int( params[3], &param3 ) != 0 ) return( 2 );
828  if( verify_string( &param4 ) != 0 ) return( 2 );
829  if( verify_string( &param5 ) != 0 ) return( 2 );
830  if( verify_string( &param6 ) != 0 ) return( 2 );
831 
832  test_suite_ecdsa_det_test_vectors( param1, param2, param3, param4, param5, param6 );
833  return ( 0 );
834  #endif /* POLARSSL_ECDSA_DETERMINISTIC */
835 
836  return ( 3 );
837  }
838  else
839  if( strcmp( params[0], "ecdsa_write_read_random" ) == 0 )
840  {
841 
842  int param1;
843 
844  if( cnt != 2 )
845  {
846  fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 2 );
847  return( 2 );
848  }
849 
850  if( verify_int( params[1], &param1 ) != 0 ) return( 2 );
851 
852  test_suite_ecdsa_write_read_random( param1 );
853  return ( 0 );
854 
855  return ( 3 );
856  }
857  else
858  if( strcmp( params[0], "ecdsa_write_read_det_random" ) == 0 )
859  {
860  #ifdef POLARSSL_ECDSA_DETERMINISTIC
861 
862  int param1;
863  int param2;
864 
865  if( cnt != 3 )
866  {
867  fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 3 );
868  return( 2 );
869  }
870 
871  if( verify_int( params[1], &param1 ) != 0 ) return( 2 );
872  if( verify_int( params[2], &param2 ) != 0 ) return( 2 );
873 
874  test_suite_ecdsa_write_read_det_random( param1, param2 );
875  return ( 0 );
876  #endif /* POLARSSL_ECDSA_DETERMINISTIC */
877 
878  return ( 3 );
879  }
880  else
881 
882  {
883  fprintf( stdout, "FAILED\nSkipping unknown test function '%s'\n", params[0] );
884  fflush( stdout );
885  return( 1 );
886  }
887 #else
888  return( 3 );
889 #endif
890  return( ret );
891 }
892 
893 int get_line( FILE *f, char *buf, size_t len )
894 {
895  char *ret;
896 
897  ret = fgets( buf, len, f );
898  if( ret == NULL )
899  return( -1 );
900 
901  if( strlen( buf ) && buf[strlen(buf) - 1] == '\n' )
902  buf[strlen(buf) - 1] = '\0';
903  if( strlen( buf ) && buf[strlen(buf) - 1] == '\r' )
904  buf[strlen(buf) - 1] = '\0';
905 
906  return( 0 );
907 }
908 
909 int parse_arguments( char *buf, size_t len, char *params[50] )
910 {
911  int cnt = 0, i;
912  char *cur = buf;
913  char *p = buf, *q;
914 
915  params[cnt++] = cur;
916 
917  while( *p != '\0' && p < buf + len )
918  {
919  if( *p == '\\' )
920  {
921  p++;
922  p++;
923  continue;
924  }
925  if( *p == ':' )
926  {
927  if( p + 1 < buf + len )
928  {
929  cur = p + 1;
930  params[cnt++] = cur;
931  }
932  *p = '\0';
933  }
934 
935  p++;
936  }
937 
938  // Replace newlines, question marks and colons in strings
939  for( i = 0; i < cnt; i++ )
940  {
941  p = params[i];
942  q = params[i];
943 
944  while( *p != '\0' )
945  {
946  if( *p == '\\' && *(p + 1) == 'n' )
947  {
948  p += 2;
949  *(q++) = '\n';
950  }
951  else if( *p == '\\' && *(p + 1) == ':' )
952  {
953  p += 2;
954  *(q++) = ':';
955  }
956  else if( *p == '\\' && *(p + 1) == '?' )
957  {
958  p += 2;
959  *(q++) = '?';
960  }
961  else
962  *(q++) = *(p++);
963  }
964  *q = '\0';
965  }
966 
967  return( cnt );
968 }
969 
970 int main()
971 {
972  int ret, i, cnt, total_errors = 0, total_tests = 0, total_skipped = 0;
973  const char *filename = "/home/iurt/rpmbuild/BUILD/polarssl-1.3.8/tests/suites/test_suite_ecdsa.data";
974  FILE *file;
975  char buf[5000];
976  char *params[50];
977 
978 #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
979  unsigned char alloc_buf[1000000];
980  memory_buffer_alloc_init( alloc_buf, sizeof(alloc_buf) );
981 #endif
982 
983  file = fopen( filename, "r" );
984  if( file == NULL )
985  {
986  fprintf( stderr, "Failed to open\n" );
987  return( 1 );
988  }
989 
990  while( !feof( file ) )
991  {
992  int skip = 0;
993 
994  if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 )
995  break;
996  fprintf( stdout, "%s%.66s", test_errors ? "\n" : "", buf );
997  fprintf( stdout, " " );
998  for( i = strlen( buf ) + 1; i < 67; i++ )
999  fprintf( stdout, "." );
1000  fprintf( stdout, " " );
1001  fflush( stdout );
1002 
1003  total_tests++;
1004 
1005  if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 )
1006  break;
1007  cnt = parse_arguments( buf, strlen(buf), params );
1008 
1009  if( strcmp( params[0], "depends_on" ) == 0 )
1010  {
1011  for( i = 1; i < cnt; i++ )
1012  if( dep_check( params[i] ) != 0 )
1013  skip = 1;
1014 
1015  if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 )
1016  break;
1017  cnt = parse_arguments( buf, strlen(buf), params );
1018  }
1019 
1020  if( skip == 0 )
1021  {
1022  test_errors = 0;
1023  ret = dispatch_test( cnt, params );
1024  }
1025 
1026  if( skip == 1 || ret == 3 )
1027  {
1028  total_skipped++;
1029  fprintf( stdout, "----\n" );
1030  fflush( stdout );
1031  }
1032  else if( ret == 0 && test_errors == 0 )
1033  {
1034  fprintf( stdout, "PASS\n" );
1035  fflush( stdout );
1036  }
1037  else if( ret == 2 )
1038  {
1039  fprintf( stderr, "FAILED: FATAL PARSE ERROR\n" );
1040  fclose(file);
1041  exit( 2 );
1042  }
1043  else
1044  total_errors++;
1045 
1046  if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 )
1047  break;
1048  if( strlen(buf) != 0 )
1049  {
1050  fprintf( stderr, "Should be empty %d\n", (int) strlen(buf) );
1051  return( 1 );
1052  }
1053  }
1054  fclose(file);
1055 
1056  fprintf( stdout, "\n----------------------------------------------------------------------------\n\n");
1057  if( total_errors == 0 )
1058  fprintf( stdout, "PASSED" );
1059  else
1060  fprintf( stdout, "FAILED" );
1061 
1062  fprintf( stdout, " (%d / %d tests (%d skipped))\n",
1063  total_tests - total_errors, total_tests, total_skipped );
1064 
1065 #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
1066 #if defined(POLARSSL_MEMORY_DEBUG)
1067  memory_buffer_alloc_status();
1068 #endif
1070 #endif
1071 
1072  return( total_errors != 0 );
1073 }
1074 
1075 
int md(const md_info_t *md_info, const unsigned char *input, size_t ilen, unsigned char *output)
Output = message_digest( input buffer )
static void hexify(unsigned char *obuf, const unsigned char *ibuf, int len)
int ecdsa_verify(ecp_group *grp, const unsigned char *buf, size_t blen, const ecp_point *Q, const mpi *r, const mpi *s)
Verify ECDSA signature of a previously hashed message.
static unsigned char * zero_alloc(size_t len)
Allocate and zeroize a buffer.
Memory allocation layer (Deprecated to platform layer)
Info structure for the pseudo random function.
static int unhexify(unsigned char *obuf, const char *ibuf)
void memory_buffer_alloc_free(void)
Free the mutex for thread-safety and clear remaining memory.
static int test_errors
#define polarssl_malloc
int ecdsa_write_signature(ecdsa_context *ctx, const unsigned char *hash, size_t hlen, unsigned char *sig, size_t *slen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Compute ECDSA signature and write it to buffer, serialized as defined in RFC 4492 page 20...
Elliptic curve DSA.
int ecdsa_sign(ecp_group *grp, mpi *r, mpi *s, const mpi *d, const unsigned char *buf, size_t blen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Compute ECDSA signature of a previously hashed message.
ECP group structure.
Definition: ecp.h:136
Configuration options (set of defines)
static int rnd_std_rand(void *rng_state, unsigned char *output, size_t len)
This function just returns data from rand().
static int rnd_pseudo_rand(void *rng_state, unsigned char *output, size_t len)
This function returns random based on a pseudo random function.
MPI structure.
Definition: bignum.h:182
PolarSSL Platform abstraction layer.
static int test_assert(int correct, const char *test)
void mpi_init(mpi *X)
Initialize one MPI.
int main(int argc, char *argv[])
int mpi_cmp_mpi(const mpi *X, const mpi *Y)
Compare signed values.
static unsigned char * unhexify_alloc(const char *ibuf, size_t *olen)
Allocate and fill a buffer from hex data.
int dep_check(char *str)
int memory_buffer_alloc_init(unsigned char *buf, size_t len)
Initialize use of stack-based memory allocator.
#define TEST_ASSERT(TEST)
const md_info_t * md_info_from_type(md_type_t md_type)
Returns the message digest information associated with the given digest type.
ECP point structure (jacobian coordinates)
Definition: ecp.h:104
void ecp_point_init(ecp_point *pt)
Initialize a point (as zero)
ECDSA context structure.
Definition: ecdsa.h:41
int ecp_point_read_string(ecp_point *P, int radix, const char *x, const char *y)
Import a non-zero point from two ASCII strings.
void mpi_free(mpi *X)
Unallocate one MPI.
void ecp_group_free(ecp_group *grp)
Free the components of an ECP group.
int ecdsa_read_signature(ecdsa_context *ctx, const unsigned char *hash, size_t hlen, const unsigned char *sig, size_t slen)
Read and verify an ECDSA signature.
static int rnd_buffer_rand(void *rng_state, unsigned char *output, size_t len)
This function returns random based on a buffer it receives.
void ecdsa_init(ecdsa_context *ctx)
Initialize context.
int ecp_gen_keypair(ecp_group *grp, mpi *d, ecp_point *Q, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Generate a keypair.
int parse_arguments(char *buf, size_t len, char *params[50])
int ecp_use_known_dp(ecp_group *grp, ecp_group_id index)
Set a group using well-known domain parameters.
int mpi_read_string(mpi *X, int radix, const char *s)
Import from an ASCII string.
int verify_string(char **str)
int ecdsa_genkey(ecdsa_context *ctx, ecp_group_id gid, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Generate an ECDSA keypair on the given curve.
void ecp_group_init(ecp_group *grp)
Initialize a group (to something meaningless)
size_t nbits
Definition: ecp.h:145
#define POLARSSL_MD_MAX_SIZE
Definition: md.h:67
int dispatch_test(int cnt, char *params[50])
int ecdsa_sign_det(ecp_group *grp, mpi *r, mpi *s, const mpi *d, const unsigned char *buf, size_t blen, md_type_t md_alg)
Compute ECDSA signature of a previously hashed message (deterministic version)
unsigned char * buf
void ecdsa_free(ecdsa_context *ctx)
Free context.
#define PUT_UINT32_BE(n, b, i)
int size
Output length of the digest function.
Definition: md.h:82
int verify_int(char *str, int *value)
Message digest information.
Definition: md.h:74
static int rnd_zero_rand(void *rng_state, unsigned char *output, size_t len)
This function only returns zeros.
int ecdsa_write_signature_det(ecdsa_context *ctx, const unsigned char *hash, size_t hlen, unsigned char *sig, size_t *slen, md_type_t md_alg)
Compute ECDSA signature and write it to buffer, serialized as defined in RFC 4492 page 20...
int get_line(FILE *f, char *buf, size_t len)
void ecp_point_free(ecp_point *pt)
Free the components of a point.