Start adding a PK test suite

2013-09-21 12:31:05 +02:00 · 2013-09-21 12:31:05 +02:00 · b0a467fdbe
commit b0a467fdbe
parent 6888167e73
5 changed files with 244 additions and 2 deletions
--- a/programs/pkey/ecdsa.c
+++ b/programs/pkey/ecdsa.c
@ -33,9 +33,14 @@
 #include <stdio.h>

 /*
- * Uncomment to force use of a specific curve
-#define ECPARAMS    POLARSSL_ECP_DP_SECP256R1
+ * Uncomment to show key and signature details
 */
+#define VERBOSE
+
+/*
+ * Uncomment to force use of a specific curve
+ */
+#define ECPARAMS    POLARSSL_ECP_DP_SECP192R1

 #if !defined(ECPARAMS)
 #define ECPARAMS    ecp_curve_list()->grp_id
@ -53,6 +58,38 @@ int main( int argc, char *argv[] )
    return( 0 );
 }
 #else
+
+#if defined(VERBOSE)
+static void dump_buf( char *title, unsigned char *buf, size_t len )
+{
+    size_t i;
+
+    printf( "%s", title );
+    for( i = 0; i < len; i++ )
+        printf("%c%c", "0123456789ABCDEF" [buf[i] / 16],
+                       "0123456789ABCDEF" [buf[i] % 16] );
+    printf( "\n" );
+}
+
+static void dump_pubkey( char *title, ecdsa_context *key )
+{
+    unsigned char buf[300];
+    size_t len;
+
+    if( ecp_point_write_binary( &key->grp, &key->Q,
+                POLARSSL_ECP_PF_UNCOMPRESSED, &len, buf, sizeof buf ) != 0 )
+    {
+        printf("internal error\n");
+        return;
+    }
+
+    dump_buf( title, buf, len );
+}
+#else
+#define dump_buf( a, b, c )
+#define dump_pubkey( a, b )
+#endif
+
 int main( int argc, char *argv[] )
 {
    int ret;
@ -109,6 +146,8 @@ int main( int argc, char *argv[] )

    printf( " ok (key size: %d bits)\n", (int) ctx_sign.grp.pbits );

+    dump_pubkey( "  + Public key: ", &ctx_sign );
+
    /*
     * Sign some message hash
     */
@ -125,6 +164,9 @@ int main( int argc, char *argv[] )
    }
    printf( " ok (signature length = %zu)\n", sig_len );

+    dump_buf( "  + Hash: ", hash, sizeof hash );
+    dump_buf( "  + Signature: ", sig, sig_len );
+
    /*
     * Signature is serialized as defined by RFC 4492 p. 20,
     * but one can also access 'r' and 's' directly from the context
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@ -68,6 +68,7 @@ add_test_suite(mpi)
 add_test_suite(pbkdf2)
 add_test_suite(pkcs1_v21)
 add_test_suite(pkcs5)
+add_test_suite(pk)
 add_test_suite(pkparse)
 add_test_suite(pkwrite)
 add_test_suite(shax)
--- a/tests/Makefile
+++ b/tests/Makefile
@ -48,6 +48,7 @@ APPS =	test_suite_aes.ecb		test_suite_aes.cbc		\
 		test_suite_mpi			test_suite_pbkdf2		\
 		test_suite_pkcs1_v21	test_suite_pkcs5		\
 		test_suite_pkparse		test_suite_pkwrite		\
+		test_suite_pk									\
 		test_suite_rsa			test_suite_shax			\
 		test_suite_x509parse	test_suite_x509write	\
 		test_suite_xtea			test_suite_version
--- a/tests/suites/test_suite_pk.data
+++ b/tests/suites/test_suite_pk.data
@ -0,0 +1,51 @@
+PK utils: RSA
+depends_on:POLARSSL_RSA_C
+pk_utils:POLARSSL_PK_RSA:512:64:"RSA"
+
+PK utils: ECKEY
+depends_on:POLARSSL_ECP_C
+pk_utils:POLARSSL_PK_ECKEY:192:24:"EC"
+
+PK utils: ECKEY_DH
+depends_on:POLARSSL_ECP_C
+pk_utils:POLARSSL_PK_ECKEY_DH:192:24:"EC_DH"
+
+PK utils: ECDSA
+depends_on:POLARSSL_ECDSA_C
+pk_utils:POLARSSL_PK_ECDSA:192:24:"ECDSA"
+
+RSA verify test vector #1 (good)
+depends_on:POLARSSL_RSA_C:POLARSSL_SHA1_C:POLARSSL_PKCS1_V15
+pk_rsa_verify_test_vec:"206ef4bf396c6087f8229ef196fd35f37ccb8de5efcdb238f20d556668f114257a11fbe038464a67830378e62ae9791453953dac1dbd7921837ba98e84e856eb80ed9487e656d0b20c28c8ba5e35db1abbed83ed1c7720a97701f709e3547a4bfcabca9c89c57ad15c3996577a0ae36d7c7b699035242f37954646c1cd5c08ac":POLARSSL_MD_SHA1:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"5abc01f5de25b70867ff0c24e222c61f53c88daf42586fddcd56f3c4588f074be3c328056c063388688b6385a8167957c6e5355a510e005b8a851d69c96b36ec6036644078210e5d7d326f96365ee0648882921492bc7b753eb9c26cdbab37555f210df2ca6fec1b25b463d38b81c0dcea202022b04af5da58aa03d77be949b7":0
+
+RSA verify test vector #2 (bad)
+depends_on:POLARSSL_RSA_C:POLARSSL_SHA1_C:POLARSSL_PKCS1_V15
+pk_rsa_verify_test_vec:"d6248c3e96b1a7e5fea978870fcc4c9786b4e5156e16b7faef4557d667f730b8bc4c784ef00c624df5309513c3a5de8ca94c2152e0459618666d3148092562ebc256ffca45b27fd2d63c68bd5e0a0aefbe496e9e63838a361b1db6fc272464f191490bf9c029643c49d2d9cd08833b8a70b4b3431f56fb1eb55ccd39e77a9c92":POLARSSL_MD_SHA1:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"3203b7647fb7e345aa457681e5131777f1adc371f2fba8534928c4e52ef6206a856425d6269352ecbf64db2f6ad82397768cafdd8cd272e512d617ad67992226da6bc291c31404c17fd4b7e2beb20eff284a44f4d7af47fd6629e2c95809fa7f2241a04f70ac70d3271bb13258af1ed5c5988c95df7fa26603515791075feccd":POLARSSL_ERR_RSA_VERIFY_FAILED
+
+ECDSA verify test vector #1 (good)
+depends_on:POLARSSL_ECP_DP_SECP192R1_ENABLED
+pk_ec_test_vec:POLARSSL_PK_ECDSA:POLARSSL_ECP_DP_SECP192R1:"046FDD3028FA94A863CD4F78DBFF8B3AA561FC6D9CCBBCA88E0AE6FA437F5415F957542D0717FF8B84562DAE99872EF841":"546869732073686F756C64206265207468652068617368206F662061206D6573736167652E00":"30350218185B2A7FB5CD9C9A8488B119B68B47D6EC833509CE9FA1FF021900FB7D259A744A2348BD45D241A39DC915B81CC2084100FA24":0
+
+ECDSA verify test vector #2 (bad)
+depends_on:POLARSSL_ECP_DP_SECP192R1_ENABLED
+pk_ec_test_vec:POLARSSL_PK_ECDSA:POLARSSL_ECP_DP_SECP192R1:"046FDD3028FA94A863CD4F78DBFF8B3AA561FC6D9CCBBCA88E0AE6FA437F5415F957542D0717FF8B84562DAE99872EF841":"546869732073686F756C64206265207468652068617368206F662061206D6573736167652E00":"30350218185B2A7FB5CD9C9A8488B119B68B47D6EC833509CE9FA1FF021900FB7D259A744A2348BD45D241A39DC915B81CC2084100FA25":POLARSSL_ERR_ECP_VERIFY_FAILED
+
+EC(DSA) verify test vector #1 (good)
+depends_on:POLARSSL_ECP_DP_SECP192R1_ENABLED
+pk_ec_test_vec:POLARSSL_PK_ECKEY:POLARSSL_ECP_DP_SECP192R1:"046FDD3028FA94A863CD4F78DBFF8B3AA561FC6D9CCBBCA88E0AE6FA437F5415F957542D0717FF8B84562DAE99872EF841":"546869732073686F756C64206265207468652068617368206F662061206D6573736167652E00":"30350218185B2A7FB5CD9C9A8488B119B68B47D6EC833509CE9FA1FF021900FB7D259A744A2348BD45D241A39DC915B81CC2084100FA24":0
+
+EC(DSA) verify test vector #2 (bad)
+depends_on:POLARSSL_ECP_DP_SECP192R1_ENABLED
+pk_ec_test_vec:POLARSSL_PK_ECKEY:POLARSSL_ECP_DP_SECP192R1:"046FDD3028FA94A863CD4F78DBFF8B3AA561FC6D9CCBBCA88E0AE6FA437F5415F957542D0717FF8B84562DAE99872EF841":"546869732073686F756C64206265207468652068617368206F662061206D6573736167652E00":"30350218185B2A7FB5CD9C9A8488B119B68B47D6EC833509CE9FA1FF021900FB7D259A744A2348BD45D241A39DC915B81CC2084100FA25":POLARSSL_ERR_ECP_VERIFY_FAILED
+
+ECDSA sign-verify
+depends_on:POLARSSL_ECDSA_C:POLARSSL_ECP_DP_SECP192R1_ENABLED
+pk_sign_verify:POLARSSL_PK_ECDSA:0:0
+
+EC(DSA) sign-verify
+depends_on:POLARSSL_ECDSA_C:POLARSSL_ECP_DP_SECP192R1_ENABLED
+pk_sign_verify:POLARSSL_PK_ECKEY:0:0
+
+RSA sign-verify
+depends_on:POLARSSL_RSA_C
+pk_sign_verify:POLARSSL_PK_RSA:0:0
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@ -0,0 +1,147 @@
+/* BEGIN_HEADER */
+#include <polarssl/pk.h>
+
+static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len );
+
+static int pk_genkey( pk_context *pk )
+{
+#if defined(POLARSSL_RSA_C)
+    if( pk_get_type( pk ) == POLARSSL_PK_RSA )
+        return rsa_gen_key( pk_rsa( *pk ), rnd_std_rand, NULL, 512, 3 );
+#endif
+#if defined(POLARSSL_ECP_C)
+    if( pk_get_type( pk ) == POLARSSL_PK_ECKEY ||
+        pk_get_type( pk ) == POLARSSL_PK_ECKEY_DH ||
+        pk_get_type( pk ) == POLARSSL_PK_ECDSA )
+    {
+        int ret;
+        if( ( ret = ecp_use_known_dp( &pk_ec( *pk )->grp,
+                                      POLARSSL_ECP_DP_SECP192R1 ) ) != 0 )
+            return( ret );
+
+        return ecp_gen_keypair( &pk_ec( *pk )->grp, &pk_ec( *pk )->d,
+                                &pk_ec( *pk )->Q, rnd_std_rand, NULL );
+    }
+#endif
+    return( -1 );
+}
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:POLARSSL_PK_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void pk_utils( int type, int size, int len, char *name )
+{
+    pk_context pk;
+
+    pk_init( &pk );
+
+    TEST_ASSERT( pk_init_ctx( &pk, pk_info_from_type( type ) ) == 0 );
+    TEST_ASSERT( pk_genkey( &pk ) == 0 );
+
+    TEST_ASSERT( (int) pk_get_type( &pk ) == type );
+    TEST_ASSERT( pk_can_do( &pk, type ) );
+    TEST_ASSERT( pk_get_size( &pk ) == (unsigned) size );
+    TEST_ASSERT( pk_get_len( &pk ) == (unsigned) len );
+    TEST_ASSERT( strcmp( pk_get_name( &pk), name ) == 0 );
+
+    pk_free( &pk );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void pk_rsa_verify_test_vec( char *message_hex_string, int digest,
+                       int mod, int radix_N, char *input_N, int radix_E,
+                       char *input_E, char *result_hex_str, int result )
+{
+    unsigned char message_str[1000];
+    unsigned char hash_result[1000];
+    unsigned char result_str[1000];
+    rsa_context *rsa;
+    pk_context pk;
+    int msg_len;
+
+    pk_init( &pk );
+
+    memset( message_str, 0x00, 1000 );
+    memset( hash_result, 0x00, 1000 );
+    memset( result_str, 0x00, 1000 );
+
+    TEST_ASSERT( pk_init_ctx( &pk, pk_info_from_type( POLARSSL_PK_RSA ) ) == 0 );
+    rsa = pk_rsa( pk );
+
+    rsa->len = mod / 8;
+    TEST_ASSERT( mpi_read_string( &rsa->N, radix_N, input_N ) == 0 );
+    TEST_ASSERT( mpi_read_string( &rsa->E, radix_E, input_E ) == 0 );
+
+    msg_len = unhexify( message_str, message_hex_string );
+    unhexify( result_str, result_hex_str );
+
+    if( md_info_from_type( digest ) != NULL )
+        TEST_ASSERT( md( md_info_from_type( digest ), message_str, msg_len, hash_result ) == 0 );
+
+    TEST_ASSERT( pk_verify( &pk, digest, hash_result, 0,
+                            result_str, pk_get_len( &pk ) ) == result );
+
+    pk_free( &pk );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:POLARSSL_ECDSA_C */
+void pk_ec_test_vec( int type, int id, char *key_str,
+                     char *hash_str, char * sig_str, int ret )
+{
+    pk_context pk;
+    ecp_keypair *eckey;
+    unsigned char hash[100], sig[500], key[500];
+    size_t hash_len, sig_len, key_len;
+
+    pk_init( &pk );
+
+    memset( hash, 0, sizeof( hash ) );  hash_len = unhexify(hash, hash_str);
+    memset( sig, 0, sizeof( sig ) );    sig_len = unhexify(sig, sig_str);
+    memset( key, 0, sizeof( key ) );    key_len = unhexify(key, key_str);
+
+    TEST_ASSERT( pk_init_ctx( &pk, pk_info_from_type( type ) ) == 0 );
+
+    TEST_ASSERT( pk_can_do( &pk, POLARSSL_PK_ECDSA ) );
+    eckey = pk_ec( pk );
+
+    TEST_ASSERT( ecp_use_known_dp( &eckey->grp, id ) == 0 );
+    TEST_ASSERT( ecp_point_read_binary( &eckey->grp, &eckey->Q,
+                                        key, key_len ) == 0 );
+
+    TEST_ASSERT( pk_verify( &pk, POLARSSL_MD_NONE,
+                            hash, hash_len, sig, sig_len ) == ret );
+
+    pk_free( &pk );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void pk_sign_verify( int type, int sign_ret, int verify_ret )
+{
+    pk_context pk;
+    unsigned char hash[50], sig[5000];
+    size_t sig_len;
+
+    pk_init( &pk );
+
+    memset( hash, 0x2a, sizeof hash );
+    memset( sig, 0, sizeof sig );
+
+    TEST_ASSERT( pk_init_ctx( &pk, pk_info_from_type( type ) ) == 0 );
+    TEST_ASSERT( pk_genkey( &pk ) == 0 );
+
+    TEST_ASSERT( pk_sign( &pk, POLARSSL_MD_NONE, hash, sizeof hash,
+                          sig, &sig_len, rnd_std_rand, NULL ) == sign_ret );
+
+    TEST_ASSERT( pk_verify( &pk, POLARSSL_MD_NONE,
+                            hash, sizeof hash, sig, sig_len ) == verify_ret );
+
+    pk_free( &pk );
+}
+/* END_CASE */