From cd681a7e4a17e6da1d94645362b8b177e72b7601 Mon Sep 17 00:00:00 2001 From: Christopher Weimer Date: Sat, 7 Jan 2023 02:38:30 +0000 Subject: [PATCH] Enhancements to the general ECC API and test suites. --- core/common/buffer_util.c | 21 ++++ core/common/buffer_util.h | 2 + core/crypto/crypto_logging.h | 3 + core/crypto/ecc.h | 9 ++ core/crypto/ecc_der_util.c | 8 +- core/crypto/ecc_der_util.h | 1 + core/crypto/ecc_mbedtls.c | 2 +- core/riot/riot_core.c | 6 +- core/testing/common/buffer_util_test.c | 54 +++++++++ core/testing/crypto/ecc_der_util_test.c | 26 ++-- core/testing/crypto/ecc_mbedtls_test.c | 108 +++++++++-------- core/testing/crypto/ecc_test.c | 90 ++++++++++++++ core/testing/crypto/ecc_testing.h | 29 +++++ .../linux/testing/crypto/ecc_openssl_test.c | 114 ++++++++++-------- 14 files changed, 350 insertions(+), 123 deletions(-) diff --git a/core/common/buffer_util.c b/core/common/buffer_util.c index b04955c..a68e16f 100644 --- a/core/common/buffer_util.c +++ b/core/common/buffer_util.c @@ -171,3 +171,24 @@ int buffer_compare_dwords (const uint32_t *buf1, const uint32_t *buf2, size_t dw return (match == 0xffffffff) ? 0 : BUFFER_UTIL_DATA_MISMATCH; } + +/* Set up a pointer to abstract memset calls from the compiler. This is not foolproof, but is the + * default approach used by mbedTLS. A better alternative is to use memset_s, but compiler support + * for that seems to be poor. + * + * Reference: http://www.daemonology.net/blog/2014-09-04-how-to-zero-a-buffer.html */ +static void* (*const volatile memset_ptr) (void*, int, size_t) = memset; + +/** + * Clear a buffer by filling it with zeros. This is not necessarily achieved in the most efficient + * way, but is implemented in a way that should keep it from getting optimized out by compilers. + * + * @param buffer The buffer to clear. + * @param length Length of the buffer. + */ +void buffer_zeroize (void *buffer, size_t length) +{ + if (buffer) { + memset_ptr (buffer, 0, length); + } +} diff --git a/core/common/buffer_util.h b/core/common/buffer_util.h index d06c2bb..d46a219 100644 --- a/core/common/buffer_util.h +++ b/core/common/buffer_util.h @@ -32,6 +32,8 @@ void buffer_reverse_copy (uint8_t *dest, const uint8_t *src, size_t length); int buffer_compare (const uint8_t *buf1, const uint8_t *buf2, size_t length); int buffer_compare_dwords (const uint32_t *buf1, const uint32_t *buf2, size_t dwords); +void buffer_zeroize (void *buffer, size_t length); + #define BUFFER_UTIL_ERROR(code) ROT_ERROR (ROT_MODULE_BUFFER_UTIL, code) diff --git a/core/crypto/crypto_logging.h b/core/crypto/crypto_logging.h index cd7f94d..151a73c 100644 --- a/core/crypto/crypto_logging.h +++ b/core/crypto/crypto_logging.h @@ -4,6 +4,9 @@ #ifndef CRYPTO_LOGGING_H_ #define CRYPTO_LOGGING_H_ +#include "logging/debug_log.h" + + /** * Cerberus crypto log messages. */ diff --git a/core/crypto/ecc.h b/core/crypto/ecc.h index 5123032..1b14dc8 100644 --- a/core/crypto/ecc.h +++ b/core/crypto/ecc.h @@ -40,6 +40,15 @@ struct ecc_public_key { }; #pragma pack(push,1) +/** + * Defines a structure to hold the raw value (i.e. not ASN.1/DER encoded) for an ECC private key. + * No curve information is stored. The curve is implied based on the key length. + */ +struct ecc_raw_private_key { + uint8_t d[ECC_MAX_KEY_LENGTH]; /**< The integer used as the private key. */ + size_t key_length; /**< Length of the private key. */ +}; + /** * Defines a structure to hold the X and Y values for a point on a curve that represents an ECC * public key. No curve information is stored. The curve is implied based on the key length. diff --git a/core/crypto/ecc_der_util.c b/core/crypto/ecc_der_util.c index 0911c51..5b0005a 100644 --- a/core/crypto/ecc_der_util.c +++ b/core/crypto/ecc_der_util.c @@ -57,7 +57,7 @@ static int ecc_der_get_next_tag (uint8_t type, const uint8_t **der, size_t *leng const uint8_t *pos = *der; uint8_t header_len; - if ((*length < 3) || (pos[0] != type)) { + if (*length < 3) { /* While 2 bytes is enough for the short length representation, we will always have more * data overall after a tag, so even in the case of a 2 byte header, not enough space for * more data is an error. Just check the length once here to avoid needing repeated length @@ -65,6 +65,10 @@ static int ecc_der_get_next_tag (uint8_t type, const uint8_t **der, size_t *leng return ECC_DER_UTIL_MALFORMED; } + if (pos[0] != type) { + return ECC_DER_UTIL_UNEXPECTED_TAG; + } + if (pos[1] < 0x80) { *type_len = pos[1]; header_len = 2; @@ -74,7 +78,7 @@ static int ecc_der_get_next_tag (uint8_t type, const uint8_t **der, size_t *leng header_len = 3; } else { - /* We will never get an ASN.1 sequence that needs for that a single length byte. If we do, + /* We will never get an ASN.1 sequence that needs more than a single length byte. If we do, * there is no point parsing it any further since it does not represent an ECC private * key. * diff --git a/core/crypto/ecc_der_util.h b/core/crypto/ecc_der_util.h index 82eca92..7f561a3 100644 --- a/core/crypto/ecc_der_util.h +++ b/core/crypto/ecc_der_util.h @@ -131,6 +131,7 @@ enum { ECC_DER_UTIL_SMALL_DER_BUFFER = ECC_DER_UTIL_ERROR (0x07), /**< A DER output buffer is not large enough for the encoded data. */ ECC_DER_UTIL_UNSUPPORTED_ALGORITHM = ECC_DER_UTIL_ERROR (0x08), /**< A public key uses an unsupported algorithm. */ ECC_DER_UTIL_SIG_TOO_LONG = ECC_DER_UTIL_ERROR (0x09), /**< The encoded signature is too long for the key length. */ + ECC_DER_UTIL_UNEXPECTED_TAG = ECC_DER_UTIL_ERROR (0x0a), /**< The encoded data contained a tag not correct for ASN.1 sequence. */ }; diff --git a/core/crypto/ecc_mbedtls.c b/core/crypto/ecc_mbedtls.c index 5161f19..dd1e238 100644 --- a/core/crypto/ecc_mbedtls.c +++ b/core/crypto/ecc_mbedtls.c @@ -12,12 +12,12 @@ #include "mbedtls/ecdsa.h" #include "mbedtls/ecdh.h" #include "mbedtls/bignum.h" -#include "logging/debug_log.h" #include "crypto/crypto_logging.h" #include "crypto/ecc_der_util.h" #include "crypto/hash.h" #include "common/unused.h" + /** * Get the mbedTLS ECC key pair instance for a public or private key instance. * diff --git a/core/riot/riot_core.c b/core/riot/riot_core.c index 0899c94..aed56bf 100644 --- a/core/riot/riot_core.c +++ b/core/riot/riot_core.c @@ -2,6 +2,7 @@ // Licensed under the MIT license. #include "riot_core.h" +#include "common/buffer_util.h" /** @@ -12,8 +13,5 @@ */ void riot_core_clear (void *data, size_t length) { - volatile uint8_t *clear = data; - while (length--) { - *clear++ = 0; - } + buffer_zeroize (data, length); } diff --git a/core/testing/common/buffer_util_test.c b/core/testing/common/buffer_util_test.c index 6116a65..fc98fbd 100644 --- a/core/testing/common/buffer_util_test.c +++ b/core/testing/common/buffer_util_test.c @@ -1005,6 +1005,57 @@ static void buffer_compare_dwords_test_one_null_non_zero_length (CuTest *test) CuAssertIntEquals (test, BUFFER_UTIL_DATA_MISMATCH, status); } +static void buffer_zerioze_test (CuTest *test) +{ + uint8_t buffer[32]; + uint8_t zero[32] = {0}; + size_t i; + int status; + + TEST_START; + + for (i = 0; i < sizeof (buffer); i++) { + buffer[i] = i; + } + + buffer_zeroize (buffer, sizeof (buffer)); + + status = testing_validate_array (buffer, zero, sizeof (buffer)); + CuAssertIntEquals (test, 0, status); +} + +static void buffer_zerioze_test_zero_length (CuTest *test) +{ + uint8_t buffer[32]; + size_t i; + + TEST_START; + + for (i = 0; i < sizeof (buffer); i++) { + buffer[i] = i; + } + + buffer_zeroize (buffer, 0); + + for (i = 0; i < sizeof (buffer); i++) { + CuAssertIntEquals (test, i, buffer[i]); + } +} + +static void buffer_zerioze_test_null (CuTest *test) +{ + uint8_t buffer[32]; + size_t i; + + TEST_START; + + for (i = 0; i < sizeof (buffer); i++) { + buffer[i] = i; + } + + buffer_zeroize (NULL, sizeof (buffer)); +} + TEST_SUITE_START (buffer_util); @@ -1057,5 +1108,8 @@ TEST (buffer_compare_dwords_test_match_both_null_zero_length); TEST (buffer_compare_dwords_test_match_both_null_non_zero_length); TEST (buffer_compare_dwords_test_one_null_zero_length); TEST (buffer_compare_dwords_test_one_null_non_zero_length); +TEST (buffer_zerioze_test); +TEST (buffer_zerioze_test_zero_length); +TEST (buffer_zerioze_test_null); TEST_SUITE_END; diff --git a/core/testing/crypto/ecc_der_util_test.c b/core/testing/crypto/ecc_der_util_test.c index a00fe6a..4415db3 100644 --- a/core/testing/crypto/ecc_der_util_test.c +++ b/core/testing/crypto/ecc_der_util_test.c @@ -276,7 +276,7 @@ static void ecc_der_decode_private_key_test_malformed_not_sequence (CuTest *test der[0] = 0x03; status = ecc_der_decode_private_key (der, sizeof (der), priv_key, sizeof (priv_key)); - CuAssertIntEquals (test, ECC_DER_UTIL_MALFORMED, status); + CuAssertIntEquals (test, ECC_DER_UTIL_UNEXPECTED_TAG, status); } static void ecc_der_decode_private_key_test_malformed_sequence_too_long (CuTest *test) @@ -308,7 +308,7 @@ static void ecc_der_decode_private_key_test_malformed_not_integer (CuTest *test) der[2] = 0x03; status = ecc_der_decode_private_key (der, sizeof (der), priv_key, sizeof (priv_key)); - CuAssertIntEquals (test, ECC_DER_UTIL_MALFORMED, status); + CuAssertIntEquals (test, ECC_DER_UTIL_UNEXPECTED_TAG, status); } static void ecc_der_decode_private_key_test_malformed_integer_too_long (CuTest *test) @@ -372,7 +372,7 @@ static void ecc_der_decode_private_key_test_malformed_not_octet_string (CuTest * der[5] = 0x03; status = ecc_der_decode_private_key (der, sizeof (der), priv_key, sizeof (priv_key)); - CuAssertIntEquals (test, ECC_DER_UTIL_MALFORMED, status); + CuAssertIntEquals (test, ECC_DER_UTIL_UNEXPECTED_TAG, status); } static void ecc_der_decode_private_key_test_malformed_octet_string_too_long (CuTest *test) @@ -420,7 +420,7 @@ static void ecc_der_decode_private_key_test_malformed_not_explicit_parameters (C der[39] = 0x03; status = ecc_der_decode_private_key (der, sizeof (der), priv_key, sizeof (priv_key)); - CuAssertIntEquals (test, ECC_DER_UTIL_MALFORMED, status); + CuAssertIntEquals (test, ECC_DER_UTIL_UNEXPECTED_TAG, status); } static void ecc_der_decode_private_key_test_malformed_explicit_parameters_too_long (CuTest *test) @@ -452,7 +452,7 @@ static void ecc_der_decode_private_key_test_malformed_not_oid (CuTest *test) der[41] = 0x03; status = ecc_der_decode_private_key (der, sizeof (der), priv_key, sizeof (priv_key)); - CuAssertIntEquals (test, ECC_DER_UTIL_MALFORMED, status); + CuAssertIntEquals (test, ECC_DER_UTIL_UNEXPECTED_TAG, status); } static void ecc_der_decode_private_key_test_malformed_oid_too_long (CuTest *test) @@ -1112,7 +1112,7 @@ static void ecc_der_decode_public_key_test_malformed_not_sequence (CuTest *test) status = ecc_der_decode_public_key (der, sizeof (der), pub_key_x, pub_key_y, ECC_KEY_LENGTH_256); - CuAssertIntEquals (test, ECC_DER_UTIL_MALFORMED, status); + CuAssertIntEquals (test, ECC_DER_UTIL_UNEXPECTED_TAG, status); } static void ecc_der_decode_public_key_test_malformed_sequence_too_long (CuTest *test) @@ -1148,7 +1148,7 @@ static void ecc_der_decode_public_key_test_malformed_algo_not_sequence (CuTest * status = ecc_der_decode_public_key (der, sizeof (der), pub_key_x, pub_key_y, ECC_KEY_LENGTH_256); - CuAssertIntEquals (test, ECC_DER_UTIL_MALFORMED, status); + CuAssertIntEquals (test, ECC_DER_UTIL_UNEXPECTED_TAG, status); } static void ecc_der_decode_public_key_test_malformed_algo_sequence_too_long (CuTest *test) @@ -1184,7 +1184,7 @@ static void ecc_der_decode_public_key_test_malformed_algo_not_oid (CuTest *test) status = ecc_der_decode_public_key (der, sizeof (der), pub_key_x, pub_key_y, ECC_KEY_LENGTH_256); - CuAssertIntEquals (test, ECC_DER_UTIL_MALFORMED, status); + CuAssertIntEquals (test, ECC_DER_UTIL_UNEXPECTED_TAG, status); } static void ecc_der_decode_public_key_test_malformed_algo_oid_too_long (CuTest *test) @@ -1256,7 +1256,7 @@ static void ecc_der_decode_public_key_test_malformed_curve_not_oid (CuTest *test status = ecc_der_decode_public_key (der, sizeof (der), pub_key_x, pub_key_y, ECC_KEY_LENGTH_256); - CuAssertIntEquals (test, ECC_DER_UTIL_MALFORMED, status); + CuAssertIntEquals (test, ECC_DER_UTIL_UNEXPECTED_TAG, status); } static void ecc_der_decode_public_key_test_malformed_curve_oid_too_long (CuTest *test) @@ -1410,7 +1410,7 @@ static void ecc_der_decode_public_key_test_malformed_not_bit_string (CuTest *tes status = ecc_der_decode_public_key (der, sizeof (der), pub_key_x, pub_key_y, ECC_KEY_LENGTH_256); - CuAssertIntEquals (test, ECC_DER_UTIL_MALFORMED, status); + CuAssertIntEquals (test, ECC_DER_UTIL_UNEXPECTED_TAG, status); } static void ecc_der_decode_public_key_test_malformed_bit_string_too_long (CuTest *test) @@ -1911,7 +1911,7 @@ static void ecc_der_decode_ecdsa_signature_test_malformed_not_sequence (CuTest * der[0] = 0x03; status = ecc_der_decode_ecdsa_signature (der, sizeof (der), sig_r, sig_s, ECC_KEY_LENGTH_256); - CuAssertIntEquals (test, ECC_DER_UTIL_MALFORMED, status); + CuAssertIntEquals (test, ECC_DER_UTIL_UNEXPECTED_TAG, status); } static void ecc_der_decode_ecdsa_signature_test_malformed_sequence_too_long (CuTest *test) @@ -1945,7 +1945,7 @@ static void ecc_der_decode_ecdsa_signature_test_malformed_r_not_integer (CuTest der[2] = 0x03; status = ecc_der_decode_ecdsa_signature (der, sizeof (der), sig_r, sig_s, ECC_KEY_LENGTH_256); - CuAssertIntEquals (test, ECC_DER_UTIL_MALFORMED, status); + CuAssertIntEquals (test, ECC_DER_UTIL_UNEXPECTED_TAG, status); } static void ecc_der_decode_ecdsa_signature_test_malformed_r_integer_too_long (CuTest *test) @@ -2014,7 +2014,7 @@ static void ecc_der_decode_ecdsa_signature_test_malformed_s_not_integer (CuTest der[37] = 0x03; status = ecc_der_decode_ecdsa_signature (der, sizeof (der), sig_r, sig_s, ECC_KEY_LENGTH_256); - CuAssertIntEquals (test, ECC_DER_UTIL_MALFORMED, status); + CuAssertIntEquals (test, ECC_DER_UTIL_UNEXPECTED_TAG, status); } static void ecc_der_decode_ecdsa_signature_test_malformed_s_integer_too_long (CuTest *test) diff --git a/core/testing/crypto/ecc_mbedtls_test.c b/core/testing/crypto/ecc_mbedtls_test.c index f542de6..987ff16 100644 --- a/core/testing/crypto/ecc_mbedtls_test.c +++ b/core/testing/crypto/ecc_mbedtls_test.c @@ -15,15 +15,6 @@ TEST_SUITE_LABEL ("ecc_mbedtls"); -/* Maximum lengths of DER-encoded ECDSA signatures. - * Sequence -> 2 bytes overhead (3 for ECC521) - * BIT STRING (r) -> 2 bytes overhead (3 if MSB is 1) - * BIT STRING (s) -> 2 bytes overhead (3 if MSB is 1) */ -#define ECC256_DSA_MAX_LENGTH 72 -#define ECC384_DSA_MAX_LENGTH 104 -#define ECC521_DSA_MAX_LENGTH 141 - - /******************* * Test cases *******************/ @@ -347,7 +338,7 @@ static void ecc_mbedtls_test_private_key_init_key_pair_and_sign (CuTest *test) struct ecc_engine_mbedtls engine; struct ecc_private_key priv_key; int status; - uint8_t out[ECC256_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC256_DSA_MAX_LENGTH * 2]; TEST_START; @@ -362,6 +353,7 @@ static void ecc_mbedtls_test_private_key_init_key_pair_and_sign (CuTest *test) status = engine.base.sign (&engine.base, &priv_key, SIG_HASH_TEST, SIG_HASH_LEN, out, sizeof (out)); CuAssertTrue (test, !ROT_IS_ERROR (status)); + CuAssertTrue (test, status <= ECC_TESTING_ECC256_DSA_MAX_LENGTH); engine.base.release_key_pair (&engine.base, &priv_key, NULL); CuAssertPtrEquals (test, NULL, priv_key.context); @@ -374,7 +366,7 @@ static void ecc_mbedtls_test_public_key_init_key_pair_and_sign (CuTest *test) struct ecc_engine_mbedtls engine; struct ecc_public_key pub_key; int status; - uint8_t out[ECC256_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC256_DSA_MAX_LENGTH * 2]; TEST_START; @@ -403,7 +395,7 @@ static void ecc_mbedtls_test_init_key_pair_and_sign_and_verify (CuTest *test) struct ecc_public_key pub_key; int status; int out_len; - uint8_t out[ECC256_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC256_DSA_MAX_LENGTH * 2]; TEST_START; @@ -419,6 +411,7 @@ static void ecc_mbedtls_test_init_key_pair_and_sign_and_verify (CuTest *test) out_len = engine.base.sign (&engine.base, &priv_key, SIG_HASH_TEST, SIG_HASH_LEN, out, sizeof (out)); CuAssertTrue (test, !ROT_IS_ERROR (out_len)); + CuAssertTrue (test, out_len <= ECC_TESTING_ECC256_DSA_MAX_LENGTH); status = engine.base.verify (&engine.base, &pub_key, SIG_HASH_TEST, SIG_HASH_LEN, out, out_len); CuAssertIntEquals (test, 0, status); @@ -437,7 +430,7 @@ static void ecc_mbedtls_test_init_key_pair_and_sign_and_verify_no_pubkey (CuTest struct ecc_public_key pub_key; int status; int out_len; - uint8_t out[ECC256_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC256_DSA_MAX_LENGTH * 2]; TEST_START; @@ -453,6 +446,7 @@ static void ecc_mbedtls_test_init_key_pair_and_sign_and_verify_no_pubkey (CuTest out_len = engine.base.sign (&engine.base, &priv_key, SIG_HASH_TEST, SIG_HASH_LEN, out, sizeof (out)); CuAssertTrue (test, !ROT_IS_ERROR (out_len)); + CuAssertTrue (test, out_len <= ECC_TESTING_ECC256_DSA_MAX_LENGTH); status = engine.base.verify (&engine.base, &pub_key, SIG_HASH_TEST, SIG_HASH_LEN, out, out_len); CuAssertIntEquals (test, 0, status); @@ -471,7 +465,7 @@ static void ecc_mbedtls_test_init_key_pair_and_sign_and_verify_extra_buffer (CuT struct ecc_public_key pub_key; int status; int out_len; - uint8_t out[ECC256_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC256_DSA_MAX_LENGTH * 2]; uint8_t privkey[ECC_PRIVKEY_DER_LEN * 2]; TEST_START; @@ -490,6 +484,7 @@ static void ecc_mbedtls_test_init_key_pair_and_sign_and_verify_extra_buffer (CuT out_len = engine.base.sign (&engine.base, &priv_key, SIG_HASH_TEST, SIG_HASH_LEN, out, sizeof (out)); CuAssertTrue (test, !ROT_IS_ERROR (out_len)); + CuAssertTrue (test, out_len <= ECC_TESTING_ECC256_DSA_MAX_LENGTH); status = engine.base.verify (&engine.base, &pub_key, SIG_HASH_TEST, SIG_HASH_LEN, out, out_len); CuAssertIntEquals (test, 0, status); @@ -509,7 +504,7 @@ static void ecc_mbedtls_test_init_key_pair_and_sign_and_verify_p384 (CuTest *tes struct ecc_public_key pub_key; int status; int out_len; - uint8_t out[ECC384_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC384_DSA_MAX_LENGTH * 2]; TEST_START; @@ -525,6 +520,7 @@ static void ecc_mbedtls_test_init_key_pair_and_sign_and_verify_p384 (CuTest *tes out_len = engine.base.sign (&engine.base, &priv_key, SHA384_TEST_HASH, SHA384_HASH_LENGTH, out, sizeof (out)); CuAssertTrue (test, !ROT_IS_ERROR (out_len)); + CuAssertTrue (test, out_len <= ECC_TESTING_ECC384_DSA_MAX_LENGTH); status = engine.base.verify (&engine.base, &pub_key, SHA384_TEST_HASH, SHA384_HASH_LENGTH, out, out_len); @@ -544,7 +540,7 @@ static void ecc_mbedtls_test_init_key_pair_and_sign_and_verify_p384_no_pubkey (C struct ecc_public_key pub_key; int status; int out_len; - uint8_t out[ECC384_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC384_DSA_MAX_LENGTH * 2]; TEST_START; @@ -560,6 +556,7 @@ static void ecc_mbedtls_test_init_key_pair_and_sign_and_verify_p384_no_pubkey (C out_len = engine.base.sign (&engine.base, &priv_key, SHA384_TEST_HASH, SHA384_HASH_LENGTH, out, sizeof (out)); CuAssertTrue (test, !ROT_IS_ERROR (out_len)); + CuAssertTrue (test, out_len <= ECC_TESTING_ECC384_DSA_MAX_LENGTH); status = engine.base.verify (&engine.base, &pub_key, SHA384_TEST_HASH, SHA384_HASH_LENGTH, out, out_len); @@ -579,7 +576,7 @@ static void ecc_mbedtls_test_init_key_pair_and_sign_and_verify_p384_extra_buffer struct ecc_public_key pub_key; int status; int out_len; - uint8_t out[ECC384_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC384_DSA_MAX_LENGTH * 2]; uint8_t privkey[ECC384_PRIVKEY_DER_LEN * 2]; TEST_START; @@ -598,6 +595,7 @@ static void ecc_mbedtls_test_init_key_pair_and_sign_and_verify_p384_extra_buffer out_len = engine.base.sign (&engine.base, &priv_key, SHA384_TEST_HASH, SHA384_HASH_LENGTH, out, sizeof (out)); CuAssertTrue (test, !ROT_IS_ERROR (out_len)); + CuAssertTrue (test, out_len <= ECC_TESTING_ECC384_DSA_MAX_LENGTH); status = engine.base.verify (&engine.base, &pub_key, SHA384_TEST_HASH, SHA384_HASH_LENGTH, out, out_len); @@ -619,7 +617,7 @@ static void ecc_mbedtls_test_init_key_pair_and_sign_and_verify_p521 (CuTest *tes struct ecc_public_key pub_key; int status; int out_len; - uint8_t out[ECC521_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC521_DSA_MAX_LENGTH * 2]; TEST_START; @@ -635,6 +633,7 @@ static void ecc_mbedtls_test_init_key_pair_and_sign_and_verify_p521 (CuTest *tes out_len = engine.base.sign (&engine.base, &priv_key, SHA512_TEST_HASH, SHA512_HASH_LENGTH, out, sizeof (out)); CuAssertTrue (test, !ROT_IS_ERROR (out_len)); + CuAssertTrue (test, out_len <= ECC_TESTING_ECC521_DSA_MAX_LENGTH); status = engine.base.verify (&engine.base, &pub_key, SHA512_TEST_HASH, SHA512_HASH_LENGTH, out, out_len); @@ -654,7 +653,7 @@ static void ecc_mbedtls_test_init_key_pair_and_sign_and_verify_p521_no_pubkey (C struct ecc_public_key pub_key; int status; int out_len; - uint8_t out[ECC521_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC521_DSA_MAX_LENGTH * 2]; TEST_START; @@ -670,6 +669,7 @@ static void ecc_mbedtls_test_init_key_pair_and_sign_and_verify_p521_no_pubkey (C out_len = engine.base.sign (&engine.base, &priv_key, SHA512_TEST_HASH, SHA512_HASH_LENGTH, out, sizeof (out)); CuAssertTrue (test, !ROT_IS_ERROR (out_len)); + CuAssertTrue (test, out_len <= ECC_TESTING_ECC521_DSA_MAX_LENGTH); status = engine.base.verify (&engine.base, &pub_key, SHA512_TEST_HASH, SHA512_HASH_LENGTH, out, out_len); @@ -689,7 +689,7 @@ static void ecc_mbedtls_test_init_key_pair_and_sign_and_verify_p521_no_leading_z struct ecc_public_key pub_key; int status; int out_len; - uint8_t out[ECC521_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC521_DSA_MAX_LENGTH * 2]; TEST_START; @@ -705,6 +705,7 @@ static void ecc_mbedtls_test_init_key_pair_and_sign_and_verify_p521_no_leading_z out_len = engine.base.sign (&engine.base, &priv_key, SHA512_TEST_HASH, SHA512_HASH_LENGTH, out, sizeof (out)); CuAssertTrue (test, !ROT_IS_ERROR (out_len)); + CuAssertTrue (test, out_len <= ECC_TESTING_ECC521_DSA_MAX_LENGTH); status = engine.base.verify (&engine.base, &pub_key, SHA512_TEST_HASH, SHA512_HASH_LENGTH, out, out_len); @@ -724,7 +725,7 @@ static void ecc_mbedtls_test_init_key_pair_and_sign_and_verify_p521_extra_buffer struct ecc_public_key pub_key; int status; int out_len; - uint8_t out[ECC521_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC521_DSA_MAX_LENGTH * 2]; uint8_t privkey[ECC521_PRIVKEY_DER_LEN * 2]; TEST_START; @@ -743,6 +744,7 @@ static void ecc_mbedtls_test_init_key_pair_and_sign_and_verify_p521_extra_buffer out_len = engine.base.sign (&engine.base, &priv_key, SHA512_TEST_HASH, SHA512_HASH_LENGTH, out, sizeof (out)); CuAssertTrue (test, !ROT_IS_ERROR (out_len)); + CuAssertTrue (test, out_len <= ECC_TESTING_ECC521_DSA_MAX_LENGTH); status = engine.base.verify (&engine.base, &pub_key, SHA512_TEST_HASH, SHA512_HASH_LENGTH, out, out_len); @@ -762,7 +764,7 @@ static void ecc_mbedtls_test_init_key_pair_and_sign_with_public_key (CuTest *tes struct ecc_private_key priv_key; struct ecc_public_key pub_key; int status; - uint8_t out[ECC256_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC256_DSA_MAX_LENGTH * 2]; TEST_START; @@ -844,7 +846,6 @@ static void ecc_mbedtls_test_init_key_pair_with_public_key (CuTest *test) status = engine.base.init_key_pair (&engine.base, ECC_PUBKEY_DER, ECC_PUBKEY_DER_LEN, NULL, &pub_key); CuAssertTrue (test, (status < 0)); - CuAssertPtrEquals (test, NULL, pub_key.context); ecc_mbedtls_release (&engine); } @@ -863,7 +864,6 @@ static void ecc_mbedtls_test_init_key_pair_with_rsa_key (CuTest *test) status = engine.base.init_key_pair (&engine.base, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN, NULL, &pub_key); CuAssertIntEquals (test, ECC_ENGINE_NOT_EC_KEY, status); - CuAssertPtrEquals (test, NULL, pub_key.context); ecc_mbedtls_release (&engine); } @@ -1102,7 +1102,6 @@ static void ecc_mbedtls_test_init_public_key_with_private_key (CuTest *test) status = engine.base.init_public_key (&engine.base, ECC_PRIVKEY_DER, ECC_PRIVKEY_DER_LEN, &pub_key); CuAssertTrue (test, (status < 0)); - CuAssertPtrEquals (test, NULL, pub_key.context); ecc_mbedtls_release (&engine); } @@ -1121,7 +1120,6 @@ static void ecc_mbedtls_test_init_public_key_with_rsa_key (CuTest *test) status = engine.base.init_public_key (&engine.base, RSA_PUBKEY_DER, RSA_PUBKEY_DER_LEN, &pub_key); CuAssertIntEquals (test, ECC_ENGINE_NOT_EC_KEY, status); - CuAssertPtrEquals (test, NULL, pub_key.context); ecc_mbedtls_release (&engine); } @@ -1239,7 +1237,7 @@ static void ecc_mbedtls_test_private_key_generate_derived_key_pair_and_sign (CuT struct ecc_engine_mbedtls engine; struct ecc_private_key priv_key; int status; - uint8_t out[ECC256_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC256_DSA_MAX_LENGTH * 2]; TEST_START; @@ -1254,6 +1252,7 @@ static void ecc_mbedtls_test_private_key_generate_derived_key_pair_and_sign (CuT status = engine.base.sign (&engine.base, &priv_key, SIG_HASH_TEST, SIG_HASH_LEN, out, sizeof (out)); CuAssertTrue (test, !ROT_IS_ERROR (status)); + CuAssertTrue (test, status <= ECC_TESTING_ECC256_DSA_MAX_LENGTH); engine.base.release_key_pair (&engine.base, &priv_key, NULL); @@ -1265,7 +1264,7 @@ static void ecc_mbedtls_test_public_key_generate_derived_key_pair_and_sign (CuTe struct ecc_engine_mbedtls engine; struct ecc_public_key pub_key; int status; - uint8_t out[ECC256_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC256_DSA_MAX_LENGTH * 2]; TEST_START; @@ -1293,7 +1292,7 @@ static void ecc_mbedtls_test_generate_derived_key_pair_and_sign_and_verify (CuTe struct ecc_public_key pub_key; int status; int out_len; - uint8_t out[ECC256_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC256_DSA_MAX_LENGTH * 2]; TEST_START; @@ -1309,6 +1308,7 @@ static void ecc_mbedtls_test_generate_derived_key_pair_and_sign_and_verify (CuTe out_len = engine.base.sign (&engine.base, &priv_key, SIG_HASH_TEST, SIG_HASH_LEN, out, sizeof (out)); CuAssertTrue (test, !ROT_IS_ERROR (out_len)); + CuAssertTrue (test, out_len <= ECC_TESTING_ECC256_DSA_MAX_LENGTH); status = engine.base.verify (&engine.base, &pub_key, SIG_HASH_TEST, SIG_HASH_LEN, out, out_len); CuAssertIntEquals (test, 0, status); @@ -1326,7 +1326,7 @@ static void ecc_mbedtls_test_generate_derived_key_pair_and_sign_and_verify_p384 int status; #if ECC_MAX_KEY_LENGTH >= ECC_KEY_LENGTH_384 int out_len; - uint8_t out[ECC256_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC256_DSA_MAX_LENGTH * 2]; #endif TEST_START; @@ -1344,6 +1344,7 @@ static void ecc_mbedtls_test_generate_derived_key_pair_and_sign_and_verify_p384 out_len = engine.base.sign (&engine.base, &priv_key, SHA384_TEST_HASH, SHA384_HASH_LENGTH, out, sizeof (out)); CuAssertTrue (test, !ROT_IS_ERROR (out_len)); + CuAssertTrue (test, out_len <= ECC_TESTING_ECC384_DSA_MAX_LENGTH); status = engine.base.verify (&engine.base, &pub_key, SHA384_TEST_HASH, SHA384_HASH_LENGTH, out, out_len); @@ -1365,7 +1366,7 @@ static void ecc_mbedtls_test_generate_derived_key_pair_and_sign_and_verify_p521 int status; #if ECC_MAX_KEY_LENGTH >= ECC_KEY_LENGTH_521 int out_len; - uint8_t out[ECC256_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC256_DSA_MAX_LENGTH * 2]; #endif TEST_START; @@ -1383,6 +1384,7 @@ static void ecc_mbedtls_test_generate_derived_key_pair_and_sign_and_verify_p521 out_len = engine.base.sign (&engine.base, &priv_key, SHA512_TEST_HASH, SHA512_HASH_LENGTH, out, sizeof (out)); CuAssertTrue (test, !ROT_IS_ERROR (out_len)); + CuAssertTrue (test, out_len <= ECC_TESTING_ECC521_DSA_MAX_LENGTH); status = engine.base.verify (&engine.base, &pub_key, SHA512_TEST_HASH, SHA512_HASH_LENGTH, out, out_len); @@ -1402,7 +1404,7 @@ static void ecc_mbedtls_test_generate_derived_key_pair_and_sign_with_public_key struct ecc_private_key priv_key; struct ecc_public_key pub_key; int status; - uint8_t out[ECC256_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC256_DSA_MAX_LENGTH * 2]; TEST_START; @@ -1512,7 +1514,7 @@ static void ecc_mbedtls_test_private_key_generate_key_pair_and_sign (CuTest *tes struct ecc_engine_mbedtls engine; struct ecc_private_key priv_key; int status; - uint8_t out[ECC256_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC256_DSA_MAX_LENGTH * 2]; TEST_START; @@ -1526,6 +1528,7 @@ static void ecc_mbedtls_test_private_key_generate_key_pair_and_sign (CuTest *tes status = engine.base.sign (&engine.base, &priv_key, SIG_HASH_TEST, SIG_HASH_LEN, out, sizeof (out)); CuAssertTrue (test, !ROT_IS_ERROR (status)); + CuAssertTrue (test, status <= ECC_TESTING_ECC256_DSA_MAX_LENGTH); engine.base.release_key_pair (&engine.base, &priv_key, NULL); @@ -1537,7 +1540,7 @@ static void ecc_mbedtls_test_public_key_generate_key_pair_and_sign (CuTest *test struct ecc_engine_mbedtls engine; struct ecc_public_key pub_key; int status; - uint8_t out[ECC256_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC256_DSA_MAX_LENGTH * 2]; TEST_START; @@ -1564,7 +1567,7 @@ static void ecc_mbedtls_test_generate_key_pair_and_sign_and_verify (CuTest *test struct ecc_public_key pub_key; int status; int out_len; - uint8_t out[ECC256_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC256_DSA_MAX_LENGTH * 2]; TEST_START; @@ -1579,6 +1582,7 @@ static void ecc_mbedtls_test_generate_key_pair_and_sign_and_verify (CuTest *test out_len = engine.base.sign (&engine.base, &priv_key, SIG_HASH_TEST, SIG_HASH_LEN, out, sizeof (out)); CuAssertTrue (test, !ROT_IS_ERROR (out_len)); + CuAssertTrue (test, out_len <= ECC_TESTING_ECC256_DSA_MAX_LENGTH); status = engine.base.verify (&engine.base, &pub_key, SIG_HASH_TEST, SIG_HASH_LEN, out, out_len); CuAssertIntEquals (test, 0, status); @@ -1596,7 +1600,7 @@ static void ecc_mbedtls_test_generate_key_pair_and_sign_and_verify_p384 (CuTest int status; #if ECC_MAX_KEY_LENGTH >= ECC_KEY_LENGTH_384 int out_len; - uint8_t out[ECC256_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC256_DSA_MAX_LENGTH * 2]; #endif TEST_START; @@ -1613,6 +1617,7 @@ static void ecc_mbedtls_test_generate_key_pair_and_sign_and_verify_p384 (CuTest out_len = engine.base.sign (&engine.base, &priv_key, SHA384_TEST_HASH, SHA384_HASH_LENGTH, out, sizeof (out)); CuAssertTrue (test, !ROT_IS_ERROR (out_len)); + CuAssertTrue (test, out_len <= ECC_TESTING_ECC384_DSA_MAX_LENGTH); status = engine.base.verify (&engine.base, &pub_key, SHA384_TEST_HASH, SHA384_HASH_LENGTH, out, out_len); @@ -1634,7 +1639,7 @@ static void ecc_mbedtls_test_generate_key_pair_and_sign_and_verify_p521 (CuTest int status; #if ECC_MAX_KEY_LENGTH >= ECC_KEY_LENGTH_521 int out_len; - uint8_t out[ECC256_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC256_DSA_MAX_LENGTH * 2]; #endif TEST_START; @@ -1642,7 +1647,7 @@ static void ecc_mbedtls_test_generate_key_pair_and_sign_and_verify_p521 (CuTest status = ecc_mbedtls_init (&engine); CuAssertIntEquals (test, 0, status); - status = engine.base.generate_key_pair (&engine.base, ECC_KEY_LENGTH_256, &priv_key, &pub_key); + status = engine.base.generate_key_pair (&engine.base, ECC_KEY_LENGTH_521, &priv_key, &pub_key); #if ECC_MAX_KEY_LENGTH >= ECC_KEY_LENGTH_521 CuAssertIntEquals (test, 0, status); CuAssertPtrNotNull (test, priv_key.context); @@ -1651,6 +1656,7 @@ static void ecc_mbedtls_test_generate_key_pair_and_sign_and_verify_p521 (CuTest out_len = engine.base.sign (&engine.base, &priv_key, SHA512_TEST_HASH, SHA512_HASH_LENGTH, out, sizeof (out)); CuAssertTrue (test, !ROT_IS_ERROR (out_len)); + CuAssertTrue (test, out_len <= ECC_TESTING_ECC521_DSA_MAX_LENGTH); status = engine.base.verify (&engine.base, &pub_key, SHA512_TEST_HASH, SHA512_HASH_LENGTH, out, out_len); @@ -1670,7 +1676,7 @@ static void ecc_mbedtls_test_generate_key_pair_and_sign_with_public_key (CuTest struct ecc_private_key priv_key; struct ecc_public_key pub_key; int status; - uint8_t out[ECC256_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC256_DSA_MAX_LENGTH * 2]; TEST_START; @@ -1749,7 +1755,7 @@ static void ecc_mbedtls_test_sign_null (CuTest *test) struct ecc_private_key priv_key; struct ecc_public_key pub_key; int status; - uint8_t out[ECC256_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC256_DSA_MAX_LENGTH * 2]; TEST_START; @@ -1791,7 +1797,7 @@ static void ecc_mbedtls_test_sign_small_buffer (CuTest *test) struct ecc_private_key priv_key; struct ecc_public_key pub_key; int status; - uint8_t out[ECC256_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC256_DSA_MAX_LENGTH * 2]; TEST_START; @@ -1803,7 +1809,7 @@ static void ecc_mbedtls_test_sign_small_buffer (CuTest *test) CuAssertIntEquals (test, 0, status); status = engine.base.sign (&engine.base, &priv_key, SIG_HASH_TEST, SIG_HASH_LEN, out, - ECC256_DSA_MAX_LENGTH - 1); + ECC_TESTING_ECC256_DSA_MAX_LENGTH - 1); CuAssertIntEquals (test, ECC_ENGINE_SIG_BUFFER_TOO_SMALL, status); engine.base.release_key_pair (&engine.base, &priv_key, &pub_key); @@ -1817,7 +1823,7 @@ static void ecc_mbedtls_test_sign_unknown_hash (CuTest *test) struct ecc_private_key priv_key; struct ecc_public_key pub_key; int status; - uint8_t out[ECC256_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC256_DSA_MAX_LENGTH * 2]; TEST_START; @@ -1829,7 +1835,7 @@ static void ecc_mbedtls_test_sign_unknown_hash (CuTest *test) CuAssertIntEquals (test, 0, status); status = engine.base.sign (&engine.base, &priv_key, SHA1_TEST_HASH, SHA1_HASH_LENGTH, out, - ECC256_DSA_MAX_LENGTH); + ECC_TESTING_ECC256_DSA_MAX_LENGTH); CuAssertIntEquals (test, ECC_ENGINE_UNSUPPORTED_HASH_TYPE, status); engine.base.release_key_pair (&engine.base, &priv_key, &pub_key); @@ -1928,7 +1934,7 @@ static void ecc_mbedtls_test_get_signature_max_length (CuTest *test) CuAssertIntEquals (test, 0, status); status = engine.base.get_signature_max_length (&engine.base, &priv_key); - CuAssertIntEquals (test, ECC256_DSA_MAX_LENGTH, status); + CuAssertIntEquals (test, ECC_TESTING_ECC256_DSA_MAX_LENGTH, status); engine.base.release_key_pair (&engine.base, &priv_key, NULL); @@ -1952,7 +1958,7 @@ static void ecc_mbedtls_test_get_signature_max_length_p384 (CuTest *test) CuAssertIntEquals (test, 0, status); status = engine.base.get_signature_max_length (&engine.base, &priv_key); - CuAssertIntEquals (test, ECC384_DSA_MAX_LENGTH, status); + CuAssertIntEquals (test, ECC_TESTING_ECC384_DSA_MAX_LENGTH, status); engine.base.release_key_pair (&engine.base, &priv_key, NULL); @@ -1977,7 +1983,7 @@ static void ecc_mbedtls_test_get_signature_max_length_p521 (CuTest *test) CuAssertIntEquals (test, 0, status); status = engine.base.get_signature_max_length (&engine.base, &priv_key); - CuAssertIntEquals (test, ECC521_DSA_MAX_LENGTH, status); + CuAssertIntEquals (test, ECC_TESTING_ECC521_DSA_MAX_LENGTH, status); engine.base.release_key_pair (&engine.base, &priv_key, NULL); @@ -2001,7 +2007,7 @@ static void ecc_mbedtls_test_get_signature_max_length_derived_key (CuTest *test) CuAssertIntEquals (test, 0, status); status = engine.base.get_signature_max_length (&engine.base, &priv_key); - CuAssertIntEquals (test, ECC256_DSA_MAX_LENGTH, status); + CuAssertIntEquals (test, ECC_TESTING_ECC256_DSA_MAX_LENGTH, status); engine.base.release_key_pair (&engine.base, &priv_key, NULL); @@ -2023,7 +2029,7 @@ static void ecc_mbedtls_test_get_signature_max_length_random_key (CuTest *test) CuAssertIntEquals (test, 0, status); status = engine.base.get_signature_max_length (&engine.base, &priv_key); - CuAssertIntEquals (test, ECC256_DSA_MAX_LENGTH, status); + CuAssertIntEquals (test, ECC_TESTING_ECC256_DSA_MAX_LENGTH, status); engine.base.release_key_pair (&engine.base, &priv_key, NULL); @@ -2370,7 +2376,7 @@ static void ecc_mbedtls_test_compute_shared_secret_different_keys (CuTest *test) int out_len2; uint8_t out1[ECC_KEY_LENGTH_256 * 2]; uint8_t out2[ECC_KEY_LENGTH_256 * 2]; - uint8_t sign[ECC256_DSA_MAX_LENGTH * 2]; + uint8_t sign[ECC_TESTING_ECC256_DSA_MAX_LENGTH * 2]; TEST_START; @@ -2937,7 +2943,7 @@ static void ecc_mbedtls_test_get_public_key_der_private_key (CuTest *test) struct ecc_engine_mbedtls engine; struct ecc_private_key priv_key; int status; - uint8_t *der = (uint8_t*) &status;; + uint8_t *der = (uint8_t*) &status; size_t length; TEST_START; diff --git a/core/testing/crypto/ecc_test.c b/core/testing/crypto/ecc_test.c index 1e8aebc..36f02fa 100644 --- a/core/testing/crypto/ecc_test.c +++ b/core/testing/crypto/ecc_test.c @@ -183,6 +183,28 @@ const uint8_t ECC_SIGNATURE_NOPE[] = { const size_t ECC_SIG_NOPE_LEN = sizeof (ECC_SIGNATURE_NOPE); +const struct ecc_ecdsa_signature ECC_SIGNATURE_NOPE_STRUCT = { + .r = { + 0x94,0x08,0x88,0xc0,0x03,0xd0,0x9c,0x20,0x65,0x4b,0xbe,0x47,0xf3,0x72,0xdf,0x2b, + 0x05,0x4a,0x84,0x4a,0xef,0x0f,0x2f,0xdb,0xb3,0xb2,0x15,0x98,0xfe,0x35,0x70,0x9a, + }, + .s = { + 0x50,0x46,0x0d,0x82,0xf2,0x2a,0x91,0x24,0x13,0xa4,0x60,0x9c,0x3e,0x45,0x6d,0xe0, + 0xff,0xd6,0x55,0xc0,0xe9,0x0b,0x90,0xf0,0xd8,0xc0,0xe0,0x71,0x2c,0xb2,0xe2,0x52 + }, + .length = ECC_KEY_LENGTH_256 +}; + +/* The raw r,s values for the signature of "Nope". */ +const uint8_t ECC_SIGNATURE_NOPE_RAW[] = { + 0x94,0x08,0x88,0xc0,0x03,0xd0,0x9c,0x20,0x65,0x4b,0xbe,0x47,0xf3,0x72,0xdf,0x2b, + 0x05,0x4a,0x84,0x4a,0xef,0x0f,0x2f,0xdb,0xb3,0xb2,0x15,0x98,0xfe,0x35,0x70,0x9a, + 0x50,0x46,0x0d,0x82,0xf2,0x2a,0x91,0x24,0x13,0xa4,0x60,0x9c,0x3e,0x45,0x6d,0xe0, + 0xff,0xd6,0x55,0xc0,0xe9,0x0b,0x90,0xf0,0xd8,0xc0,0xe0,0x71,0x2c,0xb2,0xe2,0x52 +}; + +const size_t ECC_SIG_NOPE_RAW_LEN = sizeof (ECC_SIGNATURE_NOPE_RAW); + /* The SHA256 signature for the string "Bad". */ const uint8_t ECC_SIGNATURE_BAD[] = { 0x30,0x45,0x02,0x21,0x00,0xb3,0x82,0xfc,0x21,0x57,0x66,0xf1,0xeb,0xb4,0x87,0x2f, @@ -194,6 +216,28 @@ const uint8_t ECC_SIGNATURE_BAD[] = { const size_t ECC_SIG_BAD_LEN = sizeof (ECC_SIGNATURE_BAD); +const struct ecc_ecdsa_signature ECC_SIGNATURE_BAD_STRUCT = { + .r = { + 0xb3,0x82,0xfc,0x21,0x57,0x66,0xf1,0xeb,0xb4,0x87,0x2f,0x94,0x53,0x62,0x06,0xa5, + 0x74,0xa5,0x89,0xa3,0x05,0x7c,0xb2,0x6c,0x4e,0x6d,0x5c,0x3b,0x38,0x9b,0xf0,0x03, + }, + .s = { + 0x64,0x91,0x2a,0x2d,0x6e,0x72,0xba,0x8a,0x30,0xfd,0x27,0xdf,0x43,0x41,0xd3,0xa5, + 0xf8,0xd3,0x90,0x87,0xf7,0x63,0xd3,0x3c,0x6d,0x56,0x6c,0xfc,0x89,0xa9,0x2a,0xaf + }, + .length = ECC_KEY_LENGTH_256 +}; + +/* The raw r,s values for the signature of "BAD". */ +const uint8_t ECC_SIGNATURE_BAD_RAW[] = { + 0xb3,0x82,0xfc,0x21,0x57,0x66,0xf1,0xeb,0xb4,0x87,0x2f,0x94,0x53,0x62,0x06,0xa5, + 0x74,0xa5,0x89,0xa3,0x05,0x7c,0xb2,0x6c,0x4e,0x6d,0x5c,0x3b,0x38,0x9b,0xf0,0x03, + 0x64,0x91,0x2a,0x2d,0x6e,0x72,0xba,0x8a,0x30,0xfd,0x27,0xdf,0x43,0x41,0xd3,0xa5, + 0xf8,0xd3,0x90,0x87,0xf7,0x63,0xd3,0x3c,0x6d,0x56,0x6c,0xfc,0x89,0xa9,0x2a,0xaf +}; + +const size_t ECC_SIG_BAD_RAW_LEN = sizeof (ECC_SIGNATURE_BAD_RAW); + /* The ECDH secret generated using the test private and public key (ECC_PRIVKEY and ECC_PUBKEY). * * openssl pkeyutl -derive -inkey eccpriv.pem -peerkey eccpub.pem */ @@ -211,6 +255,52 @@ const uint8_t ECC_PRIVKEY_LEADING_ZERO[] = { const size_t ECC_PRIVKEY_LEADING_ZERO_LEN = sizeof (ECC_PRIVKEY_LEADING_ZERO); +/* Raw public key. X followed by Y. */ +const uint8_t ECC_PUBKEY_LEADING_ZERO[] = { + 0x08,0xf1,0x75,0x65,0x8e,0xcd,0xe5,0x7e,0x12,0xd2,0x65,0xd6,0xdc,0xbf,0xbb,0x42, + 0x93,0x6b,0x2d,0x9d,0x4e,0xd4,0xd5,0xbf,0x1a,0xc1,0x08,0x91,0xe7,0x4c,0x60,0xed, + 0xc8,0x80,0xd0,0xf9,0x42,0x97,0x93,0x4d,0xc9,0x2e,0x0a,0xd9,0x4c,0x2c,0x7c,0xb3, + 0x78,0xdf,0xf4,0x97,0x2b,0x8e,0x95,0x5c,0xdc,0x82,0xee,0xc0,0xa2,0x01,0x71,0x61 +}; + +const size_t ECC_PUBKEY_LEADING_ZERO_LEN = sizeof (ECC_PUBKEY_LEADING_ZERO); + +/* Digests for ECC_PUBKEY */ +const uint8_t ECC_PUBKEY_LEADING_ZERO_SHA1[] = { + 0xd5,0x50,0x55,0xff,0x0c,0x7b,0x27,0x1a,0x08,0x17,0xca,0x4f,0x91,0xd5,0x61,0x7a, + 0xf4,0xcd,0x29,0x1e +}; + +const uint8_t ECC_PUBKEY_LEADING_ZERO_SHA256[] = { + 0x7a,0xa6,0x8c,0x77,0x1b,0x4f,0x83,0xe6,0x71,0x0f,0x7f,0xd3,0x00,0x8a,0xa6,0x7f, + 0x0a,0xf9,0x02,0xd7,0xa3,0x2a,0x8c,0x3e,0xe7,0x6a,0xd1,0xf2,0xeb,0xe4,0xaa,0x29 +}; + +const uint8_t ECC_PUBKEY_LEADING_ZERO_SHA384[] = { + 0xcd,0xc8,0x74,0xe2,0x77,0xd9,0x49,0x45,0x27,0x9b,0x89,0x65,0xd1,0xbd,0xc0,0x52, + 0xc9,0x38,0x78,0x34,0x5e,0xc9,0x1d,0x86,0xa2,0xdc,0xac,0x4b,0xec,0xe4,0x8b,0xcd, + 0xf9,0xc6,0xf0,0x1c,0xf4,0x77,0x3f,0xbd,0x64,0x46,0xb7,0x29,0x4a,0xba,0x06,0x87 +}; + +const uint8_t ECC_PUBKEY_LEADING_ZERO_SHA512[] = { + 0x13,0x3a,0x72,0xed,0xb8,0x7f,0xaa,0x71,0x28,0x00,0xb0,0x69,0x79,0x73,0x46,0x78, + 0xbf,0x12,0x2b,0x54,0x89,0xf6,0xaa,0xa0,0xa4,0xc8,0x33,0x0f,0x77,0xbd,0xb1,0x0b, + 0x6c,0x46,0xe0,0x12,0xb9,0x58,0xa6,0xc9,0x29,0x5b,0xfb,0x87,0x31,0x98,0x24,0x5d, + 0xa3,0xf2,0x1a,0x06,0x7e,0x26,0x1c,0xf5,0xf5,0xb6,0x80,0x3f,0xf4,0x53,0x86,0x4a +}; + +const struct ecc_point_public_key ECC_PUBKEY_LEADING_ZERO_POINT = { + .x = { + 0x08,0xf1,0x75,0x65,0x8e,0xcd,0xe5,0x7e,0x12,0xd2,0x65,0xd6,0xdc,0xbf,0xbb,0x42, + 0x93,0x6b,0x2d,0x9d,0x4e,0xd4,0xd5,0xbf,0x1a,0xc1,0x08,0x91,0xe7,0x4c,0x60,0xed, + }, + .y = { + 0xc8,0x80,0xd0,0xf9,0x42,0x97,0x93,0x4d,0xc9,0x2e,0x0a,0xd9,0x4c,0x2c,0x7c,0xb3, + 0x78,0xdf,0xf4,0x97,0x2b,0x8e,0x95,0x5c,0xdc,0x82,0xee,0xc0,0xa2,0x01,0x71,0x61 + }, + .key_length = ECC_KEY_LENGTH_256 +}; + const char ECC_PUBKEY_LEADING_ZERO_PEM[] = "-----BEGIN PUBLIC KEY-----\n" "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAECPF1ZY7N5X4S0mXW3L+7QpNrLZ1O" "1NW/GsEIkedMYO3IgND5QpeTTckuCtlMLHyzeN/0lyuOlVzcgu7AogFxYQ==\n" diff --git a/core/testing/crypto/ecc_testing.h b/core/testing/crypto/ecc_testing.h index ade913a..d0f03b0 100644 --- a/core/testing/crypto/ecc_testing.h +++ b/core/testing/crypto/ecc_testing.h @@ -9,6 +9,15 @@ #include "crypto/ecc.h" +/* Maximum lengths of DER-encoded ECDSA signatures. + * Sequence -> 2 bytes overhead (3 for ECC521) + * BIT STRING (r) -> 2 bytes overhead (3 if MSB is 1) + * BIT STRING (s) -> 2 bytes overhead (3 if MSB is 1) */ +#define ECC_TESTING_ECC256_DSA_MAX_LENGTH 72 +#define ECC_TESTING_ECC384_DSA_MAX_LENGTH 104 +#define ECC_TESTING_ECC521_DSA_MAX_LENGTH 141 + + extern const uint8_t ECC_PRIVKEY[]; extern const size_t ECC_PRIVKEY_LEN; @@ -56,15 +65,35 @@ extern const size_t ECC_SIG_TEST2_RAW_LEN; extern const uint8_t ECC_SIGNATURE_NOPE[]; extern const size_t ECC_SIG_NOPE_LEN; +extern const struct ecc_ecdsa_signature ECC_SIGNATURE_NOPE_STRUCT; + +extern const uint8_t ECC_SIGNATURE_NOPE_RAW[]; +extern const size_t ECC_SIG_NOPE_RAW_LEN; + extern const uint8_t ECC_SIGNATURE_BAD[]; extern const size_t ECC_SIG_BAD_LEN; +extern const struct ecc_ecdsa_signature ECC_SIGNATURE_BAD_STRUCT; + +extern const uint8_t ECC_SIGNATURE_BAD_RAW[]; +extern const size_t ECC_SIG_BAD_RAW_LEN; + extern const uint8_t ECC_DH_SECRET[]; extern const size_t ECC_DH_SECRET_LEN; extern const uint8_t ECC_PRIVKEY_LEADING_ZERO[]; extern const size_t ECC_PRIVKEY_LEADING_ZERO_LEN; +extern const uint8_t ECC_PUBKEY_LEADING_ZERO[]; +extern const size_t ECC_PUBKEY_LEADING_ZERO_LEN; + +extern const uint8_t ECC_PUBKEY_LEADING_ZERO_SHA1[]; +extern const uint8_t ECC_PUBKEY_LEADING_ZERO_SHA256[]; +extern const uint8_t ECC_PUBKEY_LEADING_ZERO_SHA384[]; +extern const uint8_t ECC_PUBKEY_LEADING_ZERO_SHA512[]; + +extern const struct ecc_point_public_key ECC_PUBKEY_LEADING_ZERO_POINT; + extern const char ECC_PUBKEY_LEADING_ZERO_PEM[]; extern const size_t ECC_PUBKEY_LEADING_ZERO_PEM_LEN; diff --git a/projects/linux/testing/crypto/ecc_openssl_test.c b/projects/linux/testing/crypto/ecc_openssl_test.c index 2d74a7e..99cacf0 100644 --- a/projects/linux/testing/crypto/ecc_openssl_test.c +++ b/projects/linux/testing/crypto/ecc_openssl_test.c @@ -15,15 +15,6 @@ TEST_SUITE_LABEL ("ecc_openssl"); -/* Maximum lengths of DER-encoded ECDSA signatures. - * Sequence -> 2 bytes overhead (3 for ECC521) - * BIT STRING (r) -> 2 bytes overhead (3 if MSB is 1) - * BIT STRING (s) -> 2 bytes overhead (3 if MSB is 1) */ -#define ECC256_DSA_MAX_LENGTH 72 -#define ECC384_DSA_MAX_LENGTH 104 -#define ECC521_DSA_MAX_LENGTH 141 - - /******************* * Test cases *******************/ @@ -347,7 +338,7 @@ static void ecc_openssl_test_private_key_init_key_pair_and_sign (CuTest *test) struct ecc_engine_openssl engine; struct ecc_private_key priv_key; int status; - uint8_t out[ECC256_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC256_DSA_MAX_LENGTH * 2]; TEST_START; @@ -362,6 +353,7 @@ static void ecc_openssl_test_private_key_init_key_pair_and_sign (CuTest *test) status = engine.base.sign (&engine.base, &priv_key, SIG_HASH_TEST, SIG_HASH_LEN, out, sizeof (out)); CuAssertTrue (test, !ROT_IS_ERROR (status)); + CuAssertTrue (test, status <= ECC_TESTING_ECC256_DSA_MAX_LENGTH); engine.base.release_key_pair (&engine.base, &priv_key, NULL); CuAssertPtrEquals (test, NULL, priv_key.context); @@ -374,7 +366,7 @@ static void ecc_openssl_test_public_key_init_key_pair_and_sign (CuTest *test) struct ecc_engine_openssl engine; struct ecc_public_key pub_key; int status; - uint8_t out[ECC256_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC256_DSA_MAX_LENGTH * 2]; TEST_START; @@ -403,7 +395,7 @@ static void ecc_openssl_test_init_key_pair_and_sign_and_verify (CuTest *test) struct ecc_public_key pub_key; int status; int out_len; - uint8_t out[ECC256_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC256_DSA_MAX_LENGTH * 2]; TEST_START; @@ -419,6 +411,7 @@ static void ecc_openssl_test_init_key_pair_and_sign_and_verify (CuTest *test) out_len = engine.base.sign (&engine.base, &priv_key, SIG_HASH_TEST, SIG_HASH_LEN, out, sizeof (out)); CuAssertTrue (test, !ROT_IS_ERROR (out_len)); + CuAssertTrue (test, out_len <= ECC_TESTING_ECC256_DSA_MAX_LENGTH); status = engine.base.verify (&engine.base, &pub_key, SIG_HASH_TEST, SIG_HASH_LEN, out, out_len); CuAssertIntEquals (test, 0, status); @@ -437,7 +430,7 @@ static void ecc_openssl_test_init_key_pair_and_sign_and_verify_no_pubkey (CuTest struct ecc_public_key pub_key; int status; int out_len; - uint8_t out[ECC256_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC256_DSA_MAX_LENGTH * 2]; TEST_START; @@ -453,6 +446,7 @@ static void ecc_openssl_test_init_key_pair_and_sign_and_verify_no_pubkey (CuTest out_len = engine.base.sign (&engine.base, &priv_key, SIG_HASH_TEST, SIG_HASH_LEN, out, sizeof (out)); CuAssertTrue (test, !ROT_IS_ERROR (out_len)); + CuAssertTrue (test, out_len <= ECC_TESTING_ECC256_DSA_MAX_LENGTH); status = engine.base.verify (&engine.base, &pub_key, SIG_HASH_TEST, SIG_HASH_LEN, out, out_len); CuAssertIntEquals (test, 0, status); @@ -471,7 +465,7 @@ static void ecc_openssl_test_init_key_pair_and_sign_and_verify_extra_buffer (CuT struct ecc_public_key pub_key; int status; int out_len; - uint8_t out[ECC256_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC256_DSA_MAX_LENGTH * 2]; uint8_t privkey[ECC_PRIVKEY_DER_LEN * 2]; TEST_START; @@ -490,6 +484,7 @@ static void ecc_openssl_test_init_key_pair_and_sign_and_verify_extra_buffer (CuT out_len = engine.base.sign (&engine.base, &priv_key, SIG_HASH_TEST, SIG_HASH_LEN, out, sizeof (out)); CuAssertTrue (test, !ROT_IS_ERROR (out_len)); + CuAssertTrue (test, out_len <= ECC_TESTING_ECC256_DSA_MAX_LENGTH); status = engine.base.verify (&engine.base, &pub_key, SIG_HASH_TEST, SIG_HASH_LEN, out, out_len); CuAssertIntEquals (test, 0, status); @@ -509,7 +504,7 @@ static void ecc_openssl_test_init_key_pair_and_sign_and_verify_p384 (CuTest *tes struct ecc_public_key pub_key; int status; int out_len; - uint8_t out[ECC384_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC384_DSA_MAX_LENGTH * 2]; TEST_START; @@ -525,6 +520,7 @@ static void ecc_openssl_test_init_key_pair_and_sign_and_verify_p384 (CuTest *tes out_len = engine.base.sign (&engine.base, &priv_key, SHA384_TEST_HASH, SHA384_HASH_LENGTH, out, sizeof (out)); CuAssertTrue (test, !ROT_IS_ERROR (out_len)); + CuAssertTrue (test, out_len <= ECC_TESTING_ECC384_DSA_MAX_LENGTH); status = engine.base.verify (&engine.base, &pub_key, SHA384_TEST_HASH, SHA384_HASH_LENGTH, out, out_len); @@ -544,7 +540,7 @@ static void ecc_openssl_test_init_key_pair_and_sign_and_verify_p384_no_pubkey (C struct ecc_public_key pub_key; int status; int out_len; - uint8_t out[ECC384_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC384_DSA_MAX_LENGTH * 2]; TEST_START; @@ -560,6 +556,7 @@ static void ecc_openssl_test_init_key_pair_and_sign_and_verify_p384_no_pubkey (C out_len = engine.base.sign (&engine.base, &priv_key, SHA384_TEST_HASH, SHA384_HASH_LENGTH, out, sizeof (out)); CuAssertTrue (test, !ROT_IS_ERROR (out_len)); + CuAssertTrue (test, out_len <= ECC_TESTING_ECC384_DSA_MAX_LENGTH); status = engine.base.verify (&engine.base, &pub_key, SHA384_TEST_HASH, SHA384_HASH_LENGTH, out, out_len); @@ -579,7 +576,7 @@ static void ecc_openssl_test_init_key_pair_and_sign_and_verify_p384_extra_buffer struct ecc_public_key pub_key; int status; int out_len; - uint8_t out[ECC384_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC384_DSA_MAX_LENGTH * 2]; uint8_t privkey[ECC384_PRIVKEY_DER_LEN * 2]; TEST_START; @@ -598,6 +595,7 @@ static void ecc_openssl_test_init_key_pair_and_sign_and_verify_p384_extra_buffer out_len = engine.base.sign (&engine.base, &priv_key, SHA384_TEST_HASH, SHA384_HASH_LENGTH, out, sizeof (out)); CuAssertTrue (test, !ROT_IS_ERROR (out_len)); + CuAssertTrue (test, out_len <= ECC_TESTING_ECC384_DSA_MAX_LENGTH); status = engine.base.verify (&engine.base, &pub_key, SHA384_TEST_HASH, SHA384_HASH_LENGTH, out, out_len); @@ -619,7 +617,7 @@ static void ecc_openssl_test_init_key_pair_and_sign_and_verify_p521 (CuTest *tes struct ecc_public_key pub_key; int status; int out_len; - uint8_t out[ECC521_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC521_DSA_MAX_LENGTH * 2]; TEST_START; @@ -635,6 +633,10 @@ static void ecc_openssl_test_init_key_pair_and_sign_and_verify_p521 (CuTest *tes out_len = engine.base.sign (&engine.base, &priv_key, SHA512_TEST_HASH, SHA512_HASH_LENGTH, out, sizeof (out)); CuAssertTrue (test, !ROT_IS_ERROR (out_len)); + if ((out_len > ECC_TESTING_ECC521_DSA_MAX_LENGTH) || (out_len < (ECC_TESTING_ECC521_DSA_MAX_LENGTH - 3))) { + CuAssertIntEquals (test, 0, out_len); + } + CuAssertTrue (test, out_len <= ECC_TESTING_ECC521_DSA_MAX_LENGTH); status = engine.base.verify (&engine.base, &pub_key, SHA512_TEST_HASH, SHA512_HASH_LENGTH, out, out_len); @@ -654,7 +656,7 @@ static void ecc_openssl_test_init_key_pair_and_sign_and_verify_p521_no_pubkey (C struct ecc_public_key pub_key; int status; int out_len; - uint8_t out[ECC521_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC521_DSA_MAX_LENGTH * 2]; TEST_START; @@ -670,6 +672,7 @@ static void ecc_openssl_test_init_key_pair_and_sign_and_verify_p521_no_pubkey (C out_len = engine.base.sign (&engine.base, &priv_key, SHA512_TEST_HASH, SHA512_HASH_LENGTH, out, sizeof (out)); CuAssertTrue (test, !ROT_IS_ERROR (out_len)); + CuAssertTrue (test, out_len <= ECC_TESTING_ECC521_DSA_MAX_LENGTH); status = engine.base.verify (&engine.base, &pub_key, SHA512_TEST_HASH, SHA512_HASH_LENGTH, out, out_len); @@ -689,7 +692,7 @@ static void ecc_openssl_test_init_key_pair_and_sign_and_verify_p521_no_leading_z struct ecc_public_key pub_key; int status; int out_len; - uint8_t out[ECC521_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC521_DSA_MAX_LENGTH * 2]; TEST_START; @@ -705,6 +708,7 @@ static void ecc_openssl_test_init_key_pair_and_sign_and_verify_p521_no_leading_z out_len = engine.base.sign (&engine.base, &priv_key, SHA512_TEST_HASH, SHA512_HASH_LENGTH, out, sizeof (out)); CuAssertTrue (test, !ROT_IS_ERROR (out_len)); + CuAssertTrue (test, out_len <= ECC_TESTING_ECC521_DSA_MAX_LENGTH); status = engine.base.verify (&engine.base, &pub_key, SHA512_TEST_HASH, SHA512_HASH_LENGTH, out, out_len); @@ -724,7 +728,7 @@ static void ecc_openssl_test_init_key_pair_and_sign_and_verify_p521_extra_buffer struct ecc_public_key pub_key; int status; int out_len; - uint8_t out[ECC521_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC521_DSA_MAX_LENGTH * 2]; uint8_t privkey[ECC521_PRIVKEY_DER_LEN * 2]; TEST_START; @@ -743,6 +747,7 @@ static void ecc_openssl_test_init_key_pair_and_sign_and_verify_p521_extra_buffer out_len = engine.base.sign (&engine.base, &priv_key, SHA512_TEST_HASH, SHA512_HASH_LENGTH, out, sizeof (out)); CuAssertTrue (test, !ROT_IS_ERROR (out_len)); + CuAssertTrue (test, out_len <= ECC_TESTING_ECC521_DSA_MAX_LENGTH); status = engine.base.verify (&engine.base, &pub_key, SHA512_TEST_HASH, SHA512_HASH_LENGTH, out, out_len); @@ -762,7 +767,7 @@ static void ecc_openssl_test_init_key_pair_and_sign_with_public_key (CuTest *tes struct ecc_private_key priv_key; struct ecc_public_key pub_key; int status; - uint8_t out[ECC256_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC256_DSA_MAX_LENGTH * 2]; TEST_START; @@ -843,8 +848,8 @@ static void ecc_openssl_test_init_key_pair_with_public_key (CuTest *test) status = engine.base.init_key_pair (&engine.base, ECC_PUBKEY_DER, ECC_PUBKEY_DER_LEN, NULL, &pub_key); - CuAssertIntEquals (test, ECC_ENGINE_NOT_EC_KEY, status); // We can't distinguish this case from the RSA case. - CuAssertPtrEquals (test, NULL, pub_key.context); + // We can't distinguish this case from the RSA case. + CuAssertIntEquals (test, ECC_ENGINE_NOT_EC_KEY, status); ecc_openssl_release (&engine); } @@ -863,7 +868,6 @@ static void ecc_openssl_test_init_key_pair_with_rsa_key (CuTest *test) status = engine.base.init_key_pair (&engine.base, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN, NULL, &pub_key); CuAssertIntEquals (test, ECC_ENGINE_NOT_EC_KEY, status); - CuAssertPtrEquals (test, NULL, pub_key.context); ecc_openssl_release (&engine); } @@ -1102,7 +1106,6 @@ static void ecc_openssl_test_init_public_key_with_private_key (CuTest *test) status = engine.base.init_public_key (&engine.base, ECC_PRIVKEY_DER, ECC_PRIVKEY_DER_LEN, &pub_key); CuAssertTrue (test, (status < 0)); - CuAssertPtrEquals (test, NULL, pub_key.context); ecc_openssl_release (&engine); } @@ -1121,7 +1124,6 @@ static void ecc_openssl_test_init_public_key_with_rsa_key (CuTest *test) status = engine.base.init_public_key (&engine.base, RSA_PUBKEY_DER, RSA_PUBKEY_DER_LEN, &pub_key); CuAssertIntEquals (test, ECC_ENGINE_NOT_EC_KEY, status); - CuAssertPtrEquals (test, NULL, pub_key.context); ecc_openssl_release (&engine); } @@ -1238,7 +1240,7 @@ static void ecc_openssl_test_private_key_generate_derived_key_pair_and_sign (CuT struct ecc_engine_openssl engine; struct ecc_private_key priv_key; int status; - uint8_t out[ECC256_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC256_DSA_MAX_LENGTH * 2]; TEST_START; @@ -1253,6 +1255,7 @@ static void ecc_openssl_test_private_key_generate_derived_key_pair_and_sign (CuT status = engine.base.sign (&engine.base, &priv_key, SIG_HASH_TEST, SIG_HASH_LEN, out, sizeof (out)); CuAssertTrue (test, !ROT_IS_ERROR (status)); + CuAssertTrue (test, status <= ECC_TESTING_ECC256_DSA_MAX_LENGTH); engine.base.release_key_pair (&engine.base, &priv_key, NULL); @@ -1264,7 +1267,7 @@ static void ecc_openssl_test_public_key_generate_derived_key_pair_and_sign (CuTe struct ecc_engine_openssl engine; struct ecc_public_key pub_key; int status; - uint8_t out[ECC256_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC256_DSA_MAX_LENGTH * 2]; TEST_START; @@ -1292,7 +1295,7 @@ static void ecc_openssl_test_generate_derived_key_pair_and_sign_and_verify (CuTe struct ecc_public_key pub_key; int status; int out_len; - uint8_t out[ECC256_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC256_DSA_MAX_LENGTH * 2]; TEST_START; @@ -1308,6 +1311,7 @@ static void ecc_openssl_test_generate_derived_key_pair_and_sign_and_verify (CuTe out_len = engine.base.sign (&engine.base, &priv_key, SIG_HASH_TEST, SIG_HASH_LEN, out, sizeof (out)); CuAssertTrue (test, !ROT_IS_ERROR (out_len)); + CuAssertTrue (test, out_len <= ECC_TESTING_ECC256_DSA_MAX_LENGTH); status = engine.base.verify (&engine.base, &pub_key, SIG_HASH_TEST, SIG_HASH_LEN, out, out_len); CuAssertIntEquals (test, 0, status); @@ -1325,7 +1329,7 @@ static void ecc_openssl_test_generate_derived_key_pair_and_sign_and_verify_p384 int status; #if ECC_MAX_KEY_LENGTH >= ECC_KEY_LENGTH_384 int out_len; - uint8_t out[ECC256_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC256_DSA_MAX_LENGTH * 2]; #endif TEST_START; @@ -1343,6 +1347,7 @@ static void ecc_openssl_test_generate_derived_key_pair_and_sign_and_verify_p384 out_len = engine.base.sign (&engine.base, &priv_key, SHA384_TEST_HASH, SHA384_HASH_LENGTH, out, sizeof (out)); CuAssertTrue (test, !ROT_IS_ERROR (out_len)); + CuAssertTrue (test, out_len <= ECC_TESTING_ECC384_DSA_MAX_LENGTH); status = engine.base.verify (&engine.base, &pub_key, SHA384_TEST_HASH, SHA384_HASH_LENGTH, out, out_len); @@ -1364,7 +1369,7 @@ static void ecc_openssl_test_generate_derived_key_pair_and_sign_and_verify_p521 int status; #if ECC_MAX_KEY_LENGTH >= ECC_KEY_LENGTH_521 int out_len; - uint8_t out[ECC256_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC256_DSA_MAX_LENGTH * 2]; #endif TEST_START; @@ -1382,6 +1387,7 @@ static void ecc_openssl_test_generate_derived_key_pair_and_sign_and_verify_p521 out_len = engine.base.sign (&engine.base, &priv_key, SHA512_TEST_HASH, SHA512_HASH_LENGTH, out, sizeof (out)); CuAssertTrue (test, !ROT_IS_ERROR (out_len)); + CuAssertTrue (test, out_len <= ECC_TESTING_ECC521_DSA_MAX_LENGTH); status = engine.base.verify (&engine.base, &pub_key, SHA512_TEST_HASH, SHA512_HASH_LENGTH, out, out_len); @@ -1401,7 +1407,7 @@ static void ecc_openssl_test_generate_derived_key_pair_and_sign_with_public_key struct ecc_private_key priv_key; struct ecc_public_key pub_key; int status; - uint8_t out[ECC256_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC256_DSA_MAX_LENGTH * 2]; TEST_START; @@ -1511,7 +1517,7 @@ static void ecc_openssl_test_private_key_generate_key_pair_and_sign (CuTest *tes struct ecc_engine_openssl engine; struct ecc_private_key priv_key; int status; - uint8_t out[ECC256_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC256_DSA_MAX_LENGTH * 2]; TEST_START; @@ -1525,6 +1531,7 @@ static void ecc_openssl_test_private_key_generate_key_pair_and_sign (CuTest *tes status = engine.base.sign (&engine.base, &priv_key, SIG_HASH_TEST, SIG_HASH_LEN, out, sizeof (out)); CuAssertTrue (test, !ROT_IS_ERROR (status)); + CuAssertTrue (test, status <= ECC_TESTING_ECC256_DSA_MAX_LENGTH); engine.base.release_key_pair (&engine.base, &priv_key, NULL); @@ -1536,7 +1543,7 @@ static void ecc_openssl_test_public_key_generate_key_pair_and_sign (CuTest *test struct ecc_engine_openssl engine; struct ecc_public_key pub_key; int status; - uint8_t out[ECC256_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC256_DSA_MAX_LENGTH * 2]; TEST_START; @@ -1563,7 +1570,7 @@ static void ecc_openssl_test_generate_key_pair_and_sign_and_verify (CuTest *test struct ecc_public_key pub_key; int status; int out_len; - uint8_t out[ECC256_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC256_DSA_MAX_LENGTH * 2]; TEST_START; @@ -1578,6 +1585,7 @@ static void ecc_openssl_test_generate_key_pair_and_sign_and_verify (CuTest *test out_len = engine.base.sign (&engine.base, &priv_key, SIG_HASH_TEST, SIG_HASH_LEN, out, sizeof (out)); CuAssertTrue (test, !ROT_IS_ERROR (out_len)); + CuAssertTrue (test, out_len <= ECC_TESTING_ECC256_DSA_MAX_LENGTH); status = engine.base.verify (&engine.base, &pub_key, SIG_HASH_TEST, SIG_HASH_LEN, out, out_len); CuAssertIntEquals (test, 0, status); @@ -1595,7 +1603,7 @@ static void ecc_openssl_test_generate_key_pair_and_sign_and_verify_p384 (CuTest int status; #if ECC_MAX_KEY_LENGTH >= ECC_KEY_LENGTH_384 int out_len; - uint8_t out[ECC256_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC256_DSA_MAX_LENGTH * 2]; #endif TEST_START; @@ -1612,6 +1620,7 @@ static void ecc_openssl_test_generate_key_pair_and_sign_and_verify_p384 (CuTest out_len = engine.base.sign (&engine.base, &priv_key, SHA384_TEST_HASH, SHA384_HASH_LENGTH, out, sizeof (out)); CuAssertTrue (test, !ROT_IS_ERROR (out_len)); + CuAssertTrue (test, out_len <= ECC_TESTING_ECC384_DSA_MAX_LENGTH); status = engine.base.verify (&engine.base, &pub_key, SHA384_TEST_HASH, SHA384_HASH_LENGTH, out, out_len); @@ -1633,7 +1642,7 @@ static void ecc_openssl_test_generate_key_pair_and_sign_and_verify_p521 (CuTest int status; #if ECC_MAX_KEY_LENGTH >= ECC_KEY_LENGTH_384 int out_len; - uint8_t out[ECC256_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC256_DSA_MAX_LENGTH * 2]; #endif TEST_START; @@ -1641,7 +1650,7 @@ static void ecc_openssl_test_generate_key_pair_and_sign_and_verify_p521 (CuTest status = ecc_openssl_init (&engine); CuAssertIntEquals (test, 0, status); - status = engine.base.generate_key_pair (&engine.base, ECC_KEY_LENGTH_256, &priv_key, &pub_key); + status = engine.base.generate_key_pair (&engine.base, ECC_KEY_LENGTH_521, &priv_key, &pub_key); #if ECC_MAX_KEY_LENGTH >= ECC_KEY_LENGTH_521 CuAssertIntEquals (test, 0, status); CuAssertPtrNotNull (test, priv_key.context); @@ -1650,6 +1659,7 @@ static void ecc_openssl_test_generate_key_pair_and_sign_and_verify_p521 (CuTest out_len = engine.base.sign (&engine.base, &priv_key, SHA512_TEST_HASH, SHA512_HASH_LENGTH, out, sizeof (out)); CuAssertTrue (test, !ROT_IS_ERROR (out_len)); + CuAssertTrue (test, out_len <= ECC_TESTING_ECC521_DSA_MAX_LENGTH); status = engine.base.verify (&engine.base, &pub_key, SHA512_TEST_HASH, SHA512_HASH_LENGTH, out, out_len); @@ -1669,7 +1679,7 @@ static void ecc_openssl_test_generate_key_pair_and_sign_with_public_key (CuTest struct ecc_private_key priv_key; struct ecc_public_key pub_key; int status; - uint8_t out[ECC256_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC256_DSA_MAX_LENGTH * 2]; TEST_START; @@ -1748,7 +1758,7 @@ static void ecc_openssl_test_sign_null (CuTest *test) struct ecc_private_key priv_key; struct ecc_public_key pub_key; int status; - uint8_t out[ECC256_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC256_DSA_MAX_LENGTH * 2]; TEST_START; @@ -1790,7 +1800,7 @@ static void ecc_openssl_test_sign_small_buffer (CuTest *test) struct ecc_private_key priv_key; struct ecc_public_key pub_key; int status; - uint8_t out[ECC256_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC256_DSA_MAX_LENGTH * 2]; TEST_START; @@ -1802,7 +1812,7 @@ static void ecc_openssl_test_sign_small_buffer (CuTest *test) CuAssertIntEquals (test, 0, status); status = engine.base.sign (&engine.base, &priv_key, SIG_HASH_TEST, SIG_HASH_LEN, out, - ECC256_DSA_MAX_LENGTH - 1); + ECC_TESTING_ECC256_DSA_MAX_LENGTH - 1); CuAssertIntEquals (test, ECC_ENGINE_SIG_BUFFER_TOO_SMALL, status); engine.base.release_key_pair (&engine.base, &priv_key, &pub_key); @@ -1816,7 +1826,7 @@ static void ecc_openssl_test_sign_unknown_hash (CuTest *test) struct ecc_private_key priv_key; struct ecc_public_key pub_key; int status; - uint8_t out[ECC256_DSA_MAX_LENGTH * 2]; + uint8_t out[ECC_TESTING_ECC256_DSA_MAX_LENGTH * 2]; TEST_START; @@ -1828,7 +1838,7 @@ static void ecc_openssl_test_sign_unknown_hash (CuTest *test) CuAssertIntEquals (test, 0, status); status = engine.base.sign (&engine.base, &priv_key, SHA1_TEST_HASH, SHA1_HASH_LENGTH, out, - ECC256_DSA_MAX_LENGTH); + ECC_TESTING_ECC256_DSA_MAX_LENGTH); CuAssertIntEquals (test, ECC_ENGINE_UNSUPPORTED_HASH_TYPE, status); engine.base.release_key_pair (&engine.base, &priv_key, &pub_key); @@ -1927,7 +1937,7 @@ static void ecc_openssl_test_get_signature_max_length (CuTest *test) CuAssertIntEquals (test, 0, status); status = engine.base.get_signature_max_length (&engine.base, &priv_key); - CuAssertIntEquals (test, ECC256_DSA_MAX_LENGTH, status); + CuAssertIntEquals (test, ECC_TESTING_ECC256_DSA_MAX_LENGTH, status); engine.base.release_key_pair (&engine.base, &priv_key, NULL); @@ -1951,7 +1961,7 @@ static void ecc_openssl_test_get_signature_max_length_p384 (CuTest *test) CuAssertIntEquals (test, 0, status); status = engine.base.get_signature_max_length (&engine.base, &priv_key); - CuAssertIntEquals (test, ECC384_DSA_MAX_LENGTH, status); + CuAssertIntEquals (test, ECC_TESTING_ECC384_DSA_MAX_LENGTH, status); engine.base.release_key_pair (&engine.base, &priv_key, NULL); @@ -1976,7 +1986,7 @@ static void ecc_openssl_test_get_signature_max_length_p521 (CuTest *test) CuAssertIntEquals (test, 0, status); status = engine.base.get_signature_max_length (&engine.base, &priv_key); - CuAssertIntEquals (test, ECC521_DSA_MAX_LENGTH, status); + CuAssertIntEquals (test, ECC_TESTING_ECC521_DSA_MAX_LENGTH, status); engine.base.release_key_pair (&engine.base, &priv_key, NULL); @@ -2000,7 +2010,7 @@ static void ecc_openssl_test_get_signature_max_length_derived_key (CuTest *test) CuAssertIntEquals (test, 0, status); status = engine.base.get_signature_max_length (&engine.base, &priv_key); - CuAssertIntEquals (test, ECC256_DSA_MAX_LENGTH, status); + CuAssertIntEquals (test, ECC_TESTING_ECC256_DSA_MAX_LENGTH, status); engine.base.release_key_pair (&engine.base, &priv_key, NULL); @@ -2022,7 +2032,7 @@ static void ecc_openssl_test_get_signature_max_length_random_key (CuTest *test) CuAssertIntEquals (test, 0, status); status = engine.base.get_signature_max_length (&engine.base, &priv_key); - CuAssertIntEquals (test, ECC256_DSA_MAX_LENGTH, status); + CuAssertIntEquals (test, ECC_TESTING_ECC256_DSA_MAX_LENGTH, status); engine.base.release_key_pair (&engine.base, &priv_key, NULL); @@ -2369,7 +2379,7 @@ static void ecc_openssl_test_compute_shared_secret_different_keys (CuTest *test) int out_len2; uint8_t out1[ECC_KEY_LENGTH_256 * 2]; uint8_t out2[ECC_KEY_LENGTH_256 * 2]; - uint8_t sign[ECC256_DSA_MAX_LENGTH * 2]; + uint8_t sign[ECC_TESTING_ECC256_DSA_MAX_LENGTH * 2]; TEST_START; @@ -2935,7 +2945,7 @@ static void ecc_openssl_test_get_public_key_der_private_key (CuTest *test) struct ecc_engine_openssl engine; struct ecc_private_key priv_key; int status; - uint8_t *der = (uint8_t*) &status;; + uint8_t *der = (uint8_t*) &status; size_t length; TEST_START;