add dsa_wycheproof_test + fix old dsa tests

This commit is contained in:
Karel Miko 2017-09-20 11:59:03 +02:00
parent 155e29dd68
commit 66abefc54b

View File

@ -246,6 +246,76 @@ static int _dsa_compat_test(void)
return CRYPT_OK;
}
static int _dsa_wycheproof_test(void)
{
/* test case from https://github.com/google/wycheproof/blob/master/testvectors/dsa_test.json
*
* "comment" : "appending unused 0's",
* "message" : "48656c6c6f",
* "result" : "invalid",
* "sig" : "303d021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef41dd424a4e1c8f16967cf3365813fe87862360000",
* "tcId" : 55
*/
unsigned char msg[] = { 0x48, 0x65, 0x6c, 0x6c, 0x6f };
unsigned char sig[] = { 0x30, 0x3d, 0x02, 0x1c, 0x1e, 0x41, 0xb4, 0x79, 0xad, 0x57, 0x69, 0x05, 0xb9, 0x60, 0xfe,
0x14, 0xea, 0xdb, 0x91, 0xb0, 0xcc, 0xf3, 0x48, 0x43, 0xda, 0xb9, 0x16, 0x17, 0x3b, 0xb8,
0xc9, 0xcd, 0x02, 0x1d, 0x00, 0xad, 0xe6, 0x59, 0x88, 0xd2, 0x37, 0xd3, 0x0f, 0x9e, 0xf4,
0x1d, 0xd4, 0x24, 0xa4, 0xe1, 0xc8, 0xf1, 0x69, 0x67, 0xcf, 0x33, 0x65, 0x81, 0x3f, 0xe8,
0x78, 0x62, 0x36, 0x00, 0x00 };
const char* b64key =
"MIIDQjCCAjUGByqGSM44BAEwggIoAoIBAQCPeTXZuarpv6vtiHrPSVG28y7FnjuvNxjo6sSWHz79"
"NgbnQ1GpxBgzObgJ58KuHFObp0dbhdARrbi0eYd1SYRpXKwOjxSzNggooi/6JxEKPWKpk0U0CaD+"
"aWxGWPhL3SCBnDcJoBBXsZWtzQAjPbpUhLYpH51kjviDRIZ3l5zsBLQ0pqwudemYXeI9sCkvwRGM"
"n/qdgYHnM423krcw17njSVkvaAmYchU5Feo9a4tGU8YzRY+AOzKkwuDycpAlbk4/ijsIOKHEUOTh"
"jBopo33fXqFD3ktm/wSQPtXPFiPhWNSHxgjpfyEc2B3KI8tuOAdl+CLjQr5ITAV2OTlgHNZnAh0A"
"uvaWpoV499/e5/pnyXfHhe8ysjO65YDAvNVpXQKCAQAWplxYIEhQcE51AqOXVwQNNNo6NHjBVNTk"
"pcAtJC7gT5bmHkvQkEq9rI837rHgnzGC0jyQQ8tkL4gAQWDt+coJsyB2p5wypifyRz6Rh5uixOdE"
"vSCBVEy1W4AsNo0fqD7UielOD6BojjJCilx4xHjGjQUntxyaOrsLC+EsRGiWOefTznTbEBplqiuH"
"9kxoJts+xy9LVZmDS7TtsC98kOmkltOlXVNb6/xF1PYZ9j897buHOSXC8iTgdzEpbaiH7B5HSPh+"
"+1/et1SEMWsiMt7lU92vAhErDR8C2jCXMiT+J67ai51LKSLZuovjntnhA6Y8UoELxoi34u1DFuHv"
"F9veA4IBBQACggEAHnf4QrGuD82ZKdOUFh1B4UYU/3UHqaMfSh8U0i4qYnofTllmJIg/GlsWjpQl"
"FG8i1fbuKHV0FHFLuZS6ESnwFdbgSnF+35tTCl1cq5TxRjHotM95rrNYzHQYRVU4QeisRhYw6ASm"
"L0Nna6Z5SvZomcN3uGnqYSp7n+ZhGqlr5S64tiyXkRe7vMqKfsHh/6scffz8cEhwDTrjhYE26Jdw"
"HXwpIbXf7x0fiX9Q2WyhtcLtxYytoYkZ41ZC8IB+6/oAyZoy9NCVwxiPeO1UcRvgMlxLUyrszWVA"
"pWfDJyJUQOoVMZveBlEEeaGGF5niW1fezHPANtdaBwK9NzyiMTSZMQ==";
unsigned char derkey[838];
unsigned long derlen = sizeof(derkey);
unsigned char hash[32];
unsigned long hashlen = sizeof(hash);
dsa_key key;
int stat;
DO(base64_decode((unsigned char*)b64key, strlen(b64key), derkey, &derlen));
if (derlen != 838) {
fprintf(stderr, "base64_decode failed, derlen=%lu (expected 838)\n", derlen);
return CRYPT_FAIL_TESTVECTOR;
}
DO(dsa_import(derkey, derlen, &key));
DO(hash_memory(find_hash("sha224"), msg, sizeof(msg), hash, &hashlen));
if (hashlen != 28) {
fprintf(stderr, "hash_memory failed, hashlen=%lu (expected 32)\n", hashlen);
return CRYPT_FAIL_TESTVECTOR;
}
stat = 666; /* intentionally not one, not zero */
DO(dsa_verify_hash(sig, sizeof(sig)-2, hash, hashlen, &stat, &key));
/* without the last two 0x00 bytes it is a valid signature */
if (stat != 1) {
fprintf(stderr, "dsa_verify_hash rejected valid signature\n");
return CRYPT_FAIL_TESTVECTOR;
}
stat = 666; /* intentionally not one, not zero */
DO(dsa_verify_hash(sig, sizeof(sig), hash, hashlen, &stat, &key));
/* this should be invalid */
if (stat != 0) {
fprintf(stderr, "dsa_verify_hash did not reject invalid signature\n");
return CRYPT_FAIL_TESTVECTOR;
}
return CRYPT_OK;
}
int dsa_test(void)
{
unsigned char msg[16], out[1024], out2[1024], ch;
@ -254,6 +324,7 @@ int dsa_test(void)
dsa_key key, key2;
DO(_dsa_compat_test());
DO(_dsa_wycheproof_test());
/* make a random key */
DO(dsa_generate_pqg(&yarrow_prng, find_prng("yarrow"), 20, 128, &key));
@ -291,9 +362,9 @@ int dsa_test(void)
if (!(stat1 == 1 && stat2 == 0)) { fprintf(stderr, "dsa_verify %d %d", stat1, stat2); return 1; }
/* test exporting it */
x = sizeof(out2);
DO(dsa_export(out2, &x, PK_PRIVATE, &key));
DO(dsa_import(out2, x, &key2));
y = sizeof(out2);
DO(dsa_export(out2, &y, PK_PRIVATE, &key));
DO(dsa_import(out2, y, &key2));
/* verify a signature with it */
DO(dsa_verify_hash(out, x, msg, sizeof(msg), &stat1, &key2));
@ -301,10 +372,10 @@ int dsa_test(void)
dsa_free(&key2);
/* export as public now */
x = sizeof(out2);
DO(dsa_export(out2, &x, PK_PUBLIC, &key));
y = sizeof(out2);
DO(dsa_export(out2, &y, PK_PUBLIC, &key));
DO(dsa_import(out2, x, &key2));
DO(dsa_import(out2, y, &key2));
/* verify a signature with it */
DO(dsa_verify_hash(out, x, msg, sizeof(msg), &stat1, &key2));
if (stat1 == 0) { fprintf(stderr, "dsa_verify (import public) %d ", stat1); return 1; }