[Cryptech-Commits] [sw/libhal] 10/12: PKCS #11 testing turned up a problem with P-521, don't really understand the bug yet, but first step is fixing test-ecdsa.

git at cryptech.is git at cryptech.is
Mon Sep 14 21:43:27 UTC 2015

Previous message (by thread): [Cryptech-Commits] [sw/libhal] 09/12: Avoid gratuitous assertion failure if caller gives us a larger buffer than necessary when writing private key to DER.
Next message (by thread): [Cryptech-Commits] [sw/libhal] 11/12: P-512 parameters were mislabeled.
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This is an automated email from the git hooks/post-receive script.

sra at hactrn.net pushed a commit to branch ecdsa
in repository sw/libhal.

commit c820fa71962f564d8fd97f90e3479ec32737f832
Author: Rob Austein <sra at hactrn.net>
Date:   Sat Sep 12 18:47:46 2015 -0400

    PKCS #11 testing turned up a problem with P-521, don't really
    understand the bug yet, but first step is fixing test-ecdsa.
---
 tests/test-ecdsa.c | 37 ++++++++++++++++++++++---------------
 1 file changed, 22 insertions(+), 15 deletions(-)

diff --git a/tests/test-ecdsa.c b/tests/test-ecdsa.c
index cb590e5..8bccdfc 100644
--- a/tests/test-ecdsa.c
+++ b/tests/test-ecdsa.c
@@ -219,9 +219,13 @@ static int test_keygen_sign_verify(const hal_ecdsa_curve_t curve)
     return 0;
   }
 
+  printf("Generating key\n");
+
   if ((err =  hal_ecdsa_key_gen(&key, keybuf, sizeof(keybuf), curve)) != HAL_OK)
     return printf("hal_ecdsa_key_gen() failed: %s\n", hal_error_string(err)), 0;
 
+  printf("Generating digest\n");
+
   uint8_t hashbuf[hash_descriptor->digest_length];
 
   {
@@ -242,10 +246,14 @@ static int test_keygen_sign_verify(const hal_ecdsa_curve_t curve)
   uint8_t sigbuf[hash_descriptor->digest_length * 3];
   size_t  siglen;
 
+  printf("Signing\n");
+
   if ((err = hal_ecdsa_sign(key, hashbuf, sizeof(hashbuf),
                             sigbuf, &siglen, sizeof(sigbuf), HAL_ECDSA_SIGNATURE_FORMAT_ASN1)) != HAL_OK)
     return printf("hal_ecdsa_sign() failed: %s\n", hal_error_string(err)), 0;
 
+  printf("Verifying\n");
+
   if ((err = hal_ecdsa_verify(key, hashbuf, sizeof(hashbuf),
                               sigbuf, siglen, HAL_ECDSA_SIGNATURE_FORMAT_ASN1)) != HAL_OK)
     return printf("hal_ecdsa_verify() failed: %s\n", hal_error_string(err)), 0;
@@ -282,18 +290,6 @@ static void _time_check(const struct timeval t0, const int ok)
     ok &= _ok;                                  \
   } while (0)
 
-/*
- * Run tests for one ECDSA curve.
- */
-
-static int test_ecdsa(const ecdsa_tc_t * const tc)
-
-{
-  int ok = 1;
-  time_check(test_against_static_vectors(tc));
-  time_check(test_keygen_sign_verify(tc->curve));
-  return ok;
-}
 
 int main(int argc, char *argv[])
 {
@@ -312,11 +308,22 @@ int main(int argc, char *argv[])
 
   printf("\"%8.8s\"  \"%4.4s\"\n\n", name, version);
 
+  int ok = 1;
+
+  /*
+   * Test vectors (where we have them).
+   */
   for (int i = 0; i < sizeof(ecdsa_tc)/sizeof(*ecdsa_tc); i++)
-    if (!test_ecdsa(&ecdsa_tc[i]))
-      return 1;
+    time_check(test_against_static_vectors(&ecdsa_tc[i]));
+
+  /*
+   * Generate/sign/verify test for each curve.
+   */
+  time_check(test_keygen_sign_verify(HAL_ECDSA_CURVE_P256));
+  time_check(test_keygen_sign_verify(HAL_ECDSA_CURVE_P384));
+  time_check(test_keygen_sign_verify(HAL_ECDSA_CURVE_P521));
 
-  return 0;
+  return !ok;
 }
 
 /*

Previous message (by thread): [Cryptech-Commits] [sw/libhal] 09/12: Avoid gratuitous assertion failure if caller gives us a larger buffer than necessary when writing private key to DER.
Next message (by thread): [Cryptech-Commits] [sw/libhal] 11/12: P-512 parameters were mislabeled.
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Commits mailing list