WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity
wolfssl/tests/api/test_ecc.c

1865 lines
58 KiB
C
Raw Permalink Blame History

/* test_ecc.c
*
* Copyright (C) 2006-2025 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#include <tests/unit.h>
#ifdef NO_INLINE
#include <wolfssl/wolfcrypt/misc.h>
#else
#define WOLFSSL_MISC_INCLUDED
#include <wolfcrypt/src/misc.c>
#endif
#include <wolfssl/wolfcrypt/ecc.h>
#include <wolfssl/wolfcrypt/aes.h>
#include <wolfssl/wolfcrypt/types.h>
#include <tests/api/api.h>
#include <tests/api/test_ecc.h>
int test_wc_ecc_get_curve_size_from_name(void)
{
EXPECT_DECLS;
#ifdef HAVE_ECC
#if !defined(NO_ECC256) && !defined(NO_ECC_SECP)
ExpectIntEQ(wc_ecc_get_curve_size_from_name("SECP256R1"), 32);
#endif
/* invalid case */
ExpectIntEQ(wc_ecc_get_curve_size_from_name("BADCURVE"), -1);
/* NULL input */
ExpectIntEQ(wc_ecc_get_curve_size_from_name(NULL),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
#endif /* HAVE_ECC */
return EXPECT_RESULT();
}
int test_wc_ecc_get_curve_id_from_name(void)
{
EXPECT_DECLS;
#ifdef HAVE_ECC
#if !defined(NO_ECC256) && !defined(NO_ECC_SECP)
ExpectIntEQ(wc_ecc_get_curve_id_from_name("SECP256R1"),
ECC_SECP256R1);
#endif
/* invalid case */
ExpectIntEQ(wc_ecc_get_curve_id_from_name("BADCURVE"), -1);
/* NULL input */
ExpectIntEQ(wc_ecc_get_curve_id_from_name(NULL),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
#endif /* HAVE_ECC */
return EXPECT_RESULT();
}
int test_wc_ecc_get_curve_id_from_params(void)
{
EXPECT_DECLS;
#ifdef HAVE_ECC
const byte prime[] =
{
0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x01,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFF,
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF
};
const byte primeInvalid[] =
{
0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x01,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFF,
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0x01,0x01
};
const byte Af[] =
{
0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x01,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFF,
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFC
};
const byte Bf[] =
{
0x5A,0xC6,0x35,0xD8,0xAA,0x3A,0x93,0xE7,
0xB3,0xEB,0xBD,0x55,0x76,0x98,0x86,0xBC,
0x65,0x1D,0x06,0xB0,0xCC,0x53,0xB0,0xF6,
0x3B,0xCE,0x3C,0x3E,0x27,0xD2,0x60,0x4B
};
const byte order[] =
{
0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
0xBC,0xE6,0xFA,0xAD,0xA7,0x17,0x9E,0x84,
0xF3,0xB9,0xCA,0xC2,0xFC,0x63,0x25,0x51
};
const byte Gx[] =
{
0x6B,0x17,0xD1,0xF2,0xE1,0x2C,0x42,0x47,
0xF8,0xBC,0xE6,0xE5,0x63,0xA4,0x40,0xF2,
0x77,0x03,0x7D,0x81,0x2D,0xEB,0x33,0xA0,
0xF4,0xA1,0x39,0x45,0xD8,0x98,0xC2,0x96
};
const byte Gy[] =
{
0x4F,0xE3,0x42,0xE2,0xFE,0x1A,0x7F,0x9B,
0x8E,0xE7,0xEB,0x4A,0x7C,0x0F,0x9E,0x16,
0x2B,0xCE,0x33,0x57,0x6B,0x31,0x5E,0xCE,
0xCB,0xB6,0x40,0x68,0x37,0xBF,0x51,0xF5
};
int cofactor = 1;
int fieldSize = 256;
#if !defined(NO_ECC256) && !defined(NO_ECC_SECP)
ExpectIntEQ(wc_ecc_get_curve_id_from_params(fieldSize,
prime, sizeof(prime), Af, sizeof(Af), Bf, sizeof(Bf),
order, sizeof(order), Gx, sizeof(Gx), Gy, sizeof(Gy), cofactor),
ECC_SECP256R1);
#endif
/* invalid case, fieldSize = 0 */
ExpectIntEQ(wc_ecc_get_curve_id_from_params(0, prime, sizeof(prime),
Af, sizeof(Af), Bf, sizeof(Bf), order, sizeof(order),
Gx, sizeof(Gx), Gy, sizeof(Gy), cofactor), ECC_CURVE_INVALID);
/* invalid case, NULL prime */
ExpectIntEQ(wc_ecc_get_curve_id_from_params(fieldSize, NULL, sizeof(prime),
Af, sizeof(Af), Bf, sizeof(Bf), order, sizeof(order),
Gx, sizeof(Gx), Gy, sizeof(Gy), cofactor),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
/* invalid case, invalid prime */
ExpectIntEQ(wc_ecc_get_curve_id_from_params(fieldSize,
primeInvalid, sizeof(primeInvalid),
Af, sizeof(Af), Bf, sizeof(Bf), order, sizeof(order),
Gx, sizeof(Gx), Gy, sizeof(Gy), cofactor), ECC_CURVE_INVALID);
#endif
return EXPECT_RESULT();
}
int test_wc_ecc_get_curve_id_from_dp_params(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && \
!defined(HAVE_SELFTEST) && \
!(defined(HAVE_FIPS) || defined(HAVE_FIPS_VERSION))
#if !defined(NO_ECC256) && !defined(NO_ECC_SECP)
ecc_key* key;
const ecc_set_type* params = NULL;
int ret;
#endif
WOLFSSL_EC_KEY *ecKey = NULL;
#if !defined(NO_ECC256) && !defined(NO_ECC_SECP)
ExpectIntEQ(wc_ecc_get_curve_id_from_name("SECP256R1"), ECC_SECP256R1);
ExpectNotNull(ecKey = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
if (EXPECT_SUCCESS()) {
ret = EC_KEY_generate_key(ecKey);
} else
ret = 0;
if (ret == 1) {
/* normal test */
key = (ecc_key*)ecKey->internal;
if (key != NULL) {
params = key->dp;
}
ExpectIntEQ(wc_ecc_get_curve_id_from_dp_params(params),
ECC_SECP256R1);
}
#endif
/* invalid case, NULL input */
ExpectIntEQ(wc_ecc_get_curve_id_from_dp_params(NULL),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
wolfSSL_EC_KEY_free(ecKey);
#endif
return EXPECT_RESULT();
}
/*
* Testing wc_ecc_make_key.
*/
int test_wc_ecc_make_key(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && !defined(WC_NO_RNG)
ecc_key key;
WC_RNG rng;
int ret;
XMEMSET(&key, 0, sizeof(ecc_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_ecc_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ret = wc_ecc_make_key(&rng, KEY14, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
ExpectIntEQ(ret, 0);
/* Pass in bad args. */
ExpectIntEQ(wc_ecc_make_key(NULL, KEY14, &key),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wc_ecc_make_key(&rng, KEY14, NULL),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ecc_free(&key);
#ifdef FP_ECC
wc_ecc_fp_free();
#endif
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_make_key */
/*
* Testing wc_ecc_init()
*/
int test_wc_ecc_init(void)
{
EXPECT_DECLS;
#ifdef HAVE_ECC
ecc_key key;
XMEMSET(&key, 0, sizeof(ecc_key));
ExpectIntEQ(wc_ecc_init(&key), 0);
/* Pass in bad args. */
ExpectIntEQ(wc_ecc_init(NULL), WC_NO_ERR_TRACE(BAD_FUNC_ARG));
wc_ecc_free(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_init */
/*
* Testing wc_ecc_check_key()
*/
int test_wc_ecc_check_key(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && !defined(WC_NO_RNG)
ecc_key key;
WC_RNG rng;
int ret;
XMEMSET(&rng, 0, sizeof(rng));
XMEMSET(&key, 0, sizeof(key));
ExpectIntEQ(wc_ecc_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ret = wc_ecc_make_key(&rng, KEY14, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
ExpectIntEQ(ret, 0);
ExpectIntEQ(wc_ecc_check_key(&key), 0);
/* Pass in bad args. */
ExpectIntEQ(wc_ecc_check_key(NULL), WC_NO_ERR_TRACE(BAD_FUNC_ARG));
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ecc_free(&key);
#ifdef FP_ECC
wc_ecc_fp_free();
#endif
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_check_key */
/*
* Testing wc_ecc_get_generator()
*/
int test_wc_ecc_get_generator(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && !defined(WC_NO_RNG) && !defined(HAVE_SELFTEST) && \
!defined(HAVE_FIPS) && defined(OPENSSL_EXTRA)
ecc_point* pt = NULL;
ExpectNotNull(pt = wc_ecc_new_point());
ExpectIntEQ(wc_ecc_get_generator(pt, wc_ecc_get_curve_idx(ECC_SECP256R1)),
MP_OKAY);
/* Test bad args. */
/* Returns Zero for bad arg. */
ExpectIntNE(wc_ecc_get_generator(pt, -1), MP_OKAY);
ExpectIntNE(wc_ecc_get_generator(NULL, wc_ecc_get_curve_idx(ECC_SECP256R1)),
MP_OKAY);
/* If we ever get to 1000 curves increase this number */
ExpectIntNE(wc_ecc_get_generator(pt, 1000), MP_OKAY);
ExpectIntNE(wc_ecc_get_generator(NULL, -1), MP_OKAY);
wc_ecc_del_point(pt);
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_get_generator */
/*
* Testing wc_ecc_size()
*/
int test_wc_ecc_size(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && !defined(WC_NO_RNG)
WC_RNG rng;
ecc_key key;
int ret;
XMEMSET(&key, 0, sizeof(ecc_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_ecc_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ret = wc_ecc_make_key(&rng, KEY14, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
ExpectIntEQ(ret, 0);
ExpectIntEQ(wc_ecc_size(&key), KEY14);
/* Test bad args. */
/* Returns Zero for bad arg. */
ExpectIntEQ(wc_ecc_size(NULL), 0);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ecc_free(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_size */
int test_wc_ecc_params(void)
{
EXPECT_DECLS;
/* FIPS/CAVP self-test modules do not have `wc_ecc_get_curve_params`.
It was added after certifications */
#if defined(HAVE_ECC) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
const ecc_set_type* ecc_set = NULL;
#if !defined(NO_ECC256) && !defined(NO_ECC_SECP)
/* Test for SECP256R1 curve */
int curve_id = ECC_SECP256R1;
int curve_idx = 0;
ExpectIntNE(curve_idx = wc_ecc_get_curve_idx(curve_id), ECC_CURVE_INVALID);
ExpectNotNull(ecc_set = wc_ecc_get_curve_params(curve_idx));
ExpectIntEQ(ecc_set->id, curve_id);
#endif
/* Test case when SECP256R1 is not enabled */
/* Test that we get curve params for index 0 */
ExpectNotNull(ecc_set = wc_ecc_get_curve_params(0));
#endif /* HAVE_ECC && !HAVE_FIPS && !HAVE_SELFTEST */
return EXPECT_RESULT();
}
/*
* Testing wc_ecc_sign_hash() and wc_ecc_verify_hash()
*/
int test_wc_ecc_signVerify_hash(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_SIGN) && !defined(NO_ASN) && \
!defined(WC_NO_RNG)
ecc_key key;
WC_RNG rng;
int ret;
#ifdef HAVE_ECC_VERIFY
int verify = 0;
#endif
word32 siglen = ECC_BUFSIZE;
byte sig[ECC_BUFSIZE];
byte adjustedSig[ECC_BUFSIZE+1];
byte digest[] = TEST_STRING;
word32 digestlen = (word32)TEST_STRING_SZ;
/* Init stack var */
XMEMSET(&key, 0, sizeof(ecc_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(sig, 0, siglen);
XMEMSET(adjustedSig, 0, ECC_BUFSIZE+1);
/* Init structs. */
ExpectIntEQ(wc_ecc_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ret = wc_ecc_make_key(&rng, KEY14, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
ExpectIntEQ(ret, 0);
ExpectIntEQ(wc_ecc_sign_hash(digest, digestlen, sig, &siglen, &rng, &key),
0);
/* Check bad args. */
ExpectIntEQ(wc_ecc_sign_hash(NULL, digestlen, sig, &siglen, &rng, &key),
WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
ExpectIntEQ(wc_ecc_sign_hash(digest, digestlen, NULL, &siglen, &rng, &key),
WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
ExpectIntEQ(wc_ecc_sign_hash(digest, digestlen, sig, NULL, &rng, &key),
WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
ExpectIntEQ(wc_ecc_sign_hash(digest, digestlen, sig, &siglen, NULL, &key),
WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
ExpectIntEQ(wc_ecc_sign_hash(digest, digestlen, sig, &siglen, &rng, NULL),
WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
#ifdef HAVE_ECC_VERIFY
ExpectIntEQ(wc_ecc_verify_hash(sig, siglen, digest, digestlen, &verify,
&key), 0);
ExpectIntEQ(verify, 1);
/* test check on length of signature passed in */
XMEMCPY(adjustedSig, sig, siglen);
adjustedSig[1] = adjustedSig[1] + 1; /* add 1 to length for extra byte */
#ifndef NO_STRICT_ECDSA_LEN
ExpectIntNE(wc_ecc_verify_hash(adjustedSig, siglen+1, digest, digestlen,
&verify, &key), 0);
#else
/* if NO_STRICT_ECDSA_LEN is set then extra bytes after the signature
* is allowed */
ExpectIntEQ(wc_ecc_verify_hash(adjustedSig, siglen+1, digest, digestlen,
&verify, &key), 0);
#endif
/* Test bad args. */
ExpectIntEQ(wc_ecc_verify_hash(NULL, siglen, digest, digestlen, &verify,
&key), WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
ExpectIntEQ(wc_ecc_verify_hash(sig, siglen, NULL, digestlen, &verify, &key),
WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
ExpectIntEQ(wc_ecc_verify_hash(sig, siglen, digest, digestlen, NULL, &key),
WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
ExpectIntEQ(wc_ecc_verify_hash(sig, siglen, digest, digestlen, &verify,
NULL), WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
#endif /* HAVE_ECC_VERIFY */
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ecc_free(&key);
#ifdef FP_ECC
wc_ecc_fp_free();
#endif
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_sign_hash */
/*
* Testing wc_ecc_shared_secret()
*/
int test_wc_ecc_shared_secret(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_DHE) && !defined(WC_NO_RNG)
ecc_key key;
ecc_key pubKey;
WC_RNG rng;
#if defined(NO_ECC256)
int ret;
#endif
byte out[KEY32];
int keySz = sizeof(out);
word32 outlen = (word32)sizeof(out);
#if defined(HAVE_ECC) && !defined(NO_ECC256)
const char* qx =
"bb33ac4c27504ac64aa504c33cde9f36db722dce94ea2bfacb2009392c16e861";
const char* qy =
"02e9af4dd302939a315b9792217ff0cf18da9111023486e82058330b803489d8";
const char* d =
"45b66902739c6c85a1385b72e8e8c7acc4038d533504fa6c28dc348de1a8098c";
const char* curveName = "SECP256R1";
const byte expected_shared_secret[] =
{
0x65, 0xc0, 0xd4, 0x61, 0x17, 0xe6, 0x09, 0x75,
0xf0, 0x12, 0xa0, 0x4d, 0x0b, 0x41, 0x30, 0x7a,
0x51, 0xf0, 0xb3, 0xaf, 0x23, 0x8f, 0x0f, 0xdf,
0xf1, 0xff, 0x23, 0x64, 0x28, 0xca, 0xf8, 0x06
};
#endif
PRIVATE_KEY_UNLOCK();
/* Initialize variables. */
XMEMSET(&key, 0, sizeof(ecc_key));
XMEMSET(&pubKey, 0, sizeof(ecc_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(out, 0, keySz);
ExpectIntEQ(wc_ecc_init(&key), 0);
ExpectIntEQ(wc_ecc_init(&pubKey), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
#if !defined(NO_ECC256)
ExpectIntEQ(wc_ecc_import_raw(&key, qx, qy, d, curveName), 0);
ExpectIntEQ(wc_ecc_import_raw(&pubKey, qx, qy, NULL, curveName), 0);
#else
ret = wc_ecc_make_key(&rng, keySz, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
ExpectIntEQ(ret, 0);
ret = wc_ecc_make_key(&rng, keySz, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
ExpectIntEQ(ret, 0);
#endif
#if defined(ECC_TIMING_RESISTANT) && (!defined(HAVE_FIPS) || \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION != 2))) && \
!defined(HAVE_SELFTEST)
ExpectIntEQ(wc_ecc_set_rng(&key, &rng), 0);
#endif
ExpectIntEQ(wc_ecc_shared_secret(&key, &pubKey, out, &outlen), 0);
#if !defined(NO_ECC256)
ExpectIntEQ(XMEMCMP(out, expected_shared_secret, outlen), 0);
#endif
/* Test bad args. */
ExpectIntEQ(wc_ecc_shared_secret(NULL, &pubKey, out, &outlen),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wc_ecc_shared_secret(&key, NULL, out, &outlen),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wc_ecc_shared_secret(&key, &pubKey, NULL, &outlen),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wc_ecc_shared_secret(&key, &pubKey, out, NULL),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
/* Invalid length */
outlen = 1;
ExpectIntEQ(wc_ecc_shared_secret(&key, &pubKey, out, &outlen),
WC_NO_ERR_TRACE(BUFFER_E));
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ecc_free(&pubKey);
wc_ecc_free(&key);
#ifdef FP_ECC
wc_ecc_fp_free();
#endif
PRIVATE_KEY_LOCK();
#endif
return EXPECT_RESULT();
} /* END tests_wc_ecc_shared_secret */
/*
* testint wc_ecc_export_x963()
*/
int test_wc_ecc_export_x963(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT) && !defined(WC_NO_RNG)
ecc_key key;
WC_RNG rng;
byte out[ECC_ASN963_MAX_BUF_SZ];
word32 outlen = sizeof(out);
int ret;
PRIVATE_KEY_UNLOCK();
/* Initialize variables. */
XMEMSET(&key, 0, sizeof(ecc_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(out, 0, outlen);
ExpectIntEQ(wc_ecc_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ret = wc_ecc_make_key(&rng, KEY20, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
ExpectIntEQ(ret, 0);
ExpectIntEQ(wc_ecc_export_x963(&key, out, &outlen), 0);
/* Test bad args. */
ExpectIntEQ(wc_ecc_export_x963(NULL, out, &outlen),
WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
ExpectIntEQ(wc_ecc_export_x963(&key, NULL, &outlen),
WC_NO_ERR_TRACE(LENGTH_ONLY_E));
ExpectIntEQ(wc_ecc_export_x963(&key, out, NULL),
WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
key.idx = -4;
ExpectIntEQ(wc_ecc_export_x963(&key, out, &outlen),
WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ecc_free(&key);
#ifdef FP_ECC
wc_ecc_fp_free();
#endif
PRIVATE_KEY_LOCK();
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_export_x963 */
/*
* Testing wc_ecc_export_x963_ex()
* compile with --enable-compkey will use compression.
*/
int test_wc_ecc_export_x963_ex(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT) && !defined(WC_NO_RNG)
ecc_key key;
WC_RNG rng;
int ret;
byte out[ECC_ASN963_MAX_BUF_SZ];
word32 outlen = sizeof(out);
#ifdef HAVE_COMP_KEY
word32 badOutLen = 5;
#endif
/* Init stack variables. */
XMEMSET(&key, 0, sizeof(ecc_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(out, 0, outlen);
PRIVATE_KEY_UNLOCK();
ExpectIntEQ(wc_ecc_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ret = wc_ecc_make_key(&rng, KEY64, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
ExpectIntEQ(ret, 0);
#ifdef HAVE_COMP_KEY
ExpectIntEQ(wc_ecc_export_x963_ex(&key, out, &outlen, COMP), 0);
#else
ExpectIntEQ(ret = wc_ecc_export_x963_ex(&key, out, &outlen, NOCOMP), 0);
#endif
/* Test bad args. */
#ifdef HAVE_COMP_KEY
ExpectIntEQ(wc_ecc_export_x963_ex(NULL, out, &outlen, COMP),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wc_ecc_export_x963_ex(&key, NULL, &outlen, COMP),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wc_ecc_export_x963_ex(&key, out, NULL, COMP),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
#if defined(HAVE_FIPS) && (!defined(FIPS_VERSION_LT) || FIPS_VERSION_LT(5,3))
ExpectIntEQ(wc_ecc_export_x963_ex(&key, out, &badOutLen, COMP),
WC_NO_ERR_TRACE(BUFFER_E));
#else
ExpectIntEQ(wc_ecc_export_x963_ex(&key, out, &badOutLen, COMP),
WC_NO_ERR_TRACE(LENGTH_ONLY_E));
#endif
key.idx = -4;
ExpectIntEQ(wc_ecc_export_x963_ex(&key, out, &outlen, COMP),
WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
#else
ExpectIntEQ(wc_ecc_export_x963_ex(NULL, out, &outlen, NOCOMP),
WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
ExpectIntEQ(wc_ecc_export_x963_ex(&key, NULL, &outlen, NOCOMP),
WC_NO_ERR_TRACE(LENGTH_ONLY_E));
ExpectIntEQ(wc_ecc_export_x963_ex(&key, out, &outlen, 1),
WC_NO_ERR_TRACE(NOT_COMPILED_IN));
ExpectIntEQ(wc_ecc_export_x963_ex(&key, out, NULL, NOCOMP),
WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
key.idx = -4;
ExpectIntEQ(wc_ecc_export_x963_ex(&key, out, &outlen, NOCOMP),
WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
#endif
PRIVATE_KEY_LOCK();
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ecc_free(&key);
#ifdef FP_ECC
wc_ecc_fp_free();
#endif
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_export_x963_ex */
/*
* testing wc_ecc_import_x963()
*/
int test_wc_ecc_import_x963(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_IMPORT) && \
defined(HAVE_ECC_KEY_EXPORT) && !defined(WC_NO_RNG)
ecc_key pubKey;
ecc_key key;
WC_RNG rng;
byte x963[ECC_ASN963_MAX_BUF_SZ];
word32 x963Len = (word32)sizeof(x963);
int ret;
/* Init stack variables. */
XMEMSET(&key, 0, sizeof(ecc_key));
XMEMSET(&pubKey, 0, sizeof(ecc_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(x963, 0, x963Len);
ExpectIntEQ(wc_ecc_init(&pubKey), 0);
ExpectIntEQ(wc_ecc_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
#if FIPS_VERSION3_GE(6,0,0)
ret = wc_ecc_make_key(&rng, KEY32, &key);
#else
ret = wc_ecc_make_key(&rng, KEY24, &key);
#endif
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
ExpectIntEQ(ret, 0);
PRIVATE_KEY_UNLOCK();
ExpectIntEQ(wc_ecc_export_x963(&key, x963, &x963Len), 0);
PRIVATE_KEY_LOCK();
ExpectIntEQ(wc_ecc_import_x963(x963, x963Len, &pubKey), 0);
/* Test bad args. */
ExpectIntEQ(wc_ecc_import_x963(NULL, x963Len, &pubKey),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wc_ecc_import_x963(x963, x963Len, NULL),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wc_ecc_import_x963(x963, x963Len + 1, &pubKey),
WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ecc_free(&key);
wc_ecc_free(&pubKey);
#ifdef FP_ECC
wc_ecc_fp_free();
#endif
#endif
return EXPECT_RESULT();
} /* END wc_ecc_import_x963 */
/*
* testing wc_ecc_import_private_key()
*/
int test_wc_ecc_import_private_key(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_IMPORT) && \
defined(HAVE_ECC_KEY_EXPORT) && !defined(WC_NO_RNG)
ecc_key key;
ecc_key keyImp;
WC_RNG rng;
byte privKey[ECC_PRIV_KEY_BUF]; /* Raw private key.*/
byte x963Key[ECC_ASN963_MAX_BUF_SZ];
word32 privKeySz = (word32)sizeof(privKey);
word32 x963KeySz = (word32)sizeof(x963Key);
int ret;
/* Init stack variables. */
XMEMSET(&key, 0, sizeof(ecc_key));
XMEMSET(&keyImp, 0, sizeof(ecc_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(privKey, 0, privKeySz);
XMEMSET(x963Key, 0, x963KeySz);
PRIVATE_KEY_UNLOCK();
ExpectIntEQ(wc_ecc_init(&key), 0);
ExpectIntEQ(wc_ecc_init(&keyImp), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ret = wc_ecc_make_key(&rng, KEY48, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
ExpectIntEQ(ret, 0);
PRIVATE_KEY_UNLOCK();
ExpectIntEQ(wc_ecc_export_x963(&key, x963Key, &x963KeySz), 0);
PRIVATE_KEY_LOCK();
ExpectIntEQ(wc_ecc_export_private_only(&key, privKey, &privKeySz), 0);
ExpectIntEQ(wc_ecc_import_private_key(privKey, privKeySz, x963Key,
x963KeySz, &keyImp), 0);
/* Pass in bad args. */
ExpectIntEQ(wc_ecc_import_private_key(privKey, privKeySz, x963Key,
x963KeySz, NULL), WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wc_ecc_import_private_key(NULL, privKeySz, x963Key, x963KeySz,
&keyImp), WC_NO_ERR_TRACE(BAD_FUNC_ARG));
PRIVATE_KEY_LOCK();
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ecc_free(&keyImp);
wc_ecc_free(&key);
#ifdef FP_ECC
wc_ecc_fp_free();
#endif
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_import_private_key */
/*
* Testing wc_ecc_export_private_only()
*/
int test_wc_ecc_export_private_only(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT) && !defined(WC_NO_RNG)
ecc_key key;
WC_RNG rng;
byte out[ECC_PRIV_KEY_BUF];
word32 outlen = sizeof(out);
int ret;
/* Init stack variables. */
XMEMSET(&key, 0, sizeof(ecc_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(out, 0, outlen);
PRIVATE_KEY_UNLOCK();
ExpectIntEQ(wc_ecc_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ret = wc_ecc_make_key(&rng, KEY32, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
ExpectIntEQ(ret, 0);
ExpectIntEQ(wc_ecc_export_private_only(&key, out, &outlen), 0);
/* Pass in bad args. */
ExpectIntEQ(wc_ecc_export_private_only(NULL, out, &outlen),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wc_ecc_export_private_only(&key, NULL, &outlen),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wc_ecc_export_private_only(&key, out, NULL),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
PRIVATE_KEY_LOCK();
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ecc_free(&key);
#ifdef FP_ECC
wc_ecc_fp_free();
#endif
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_export_private_only */
/*
* Testing wc_ecc_rs_to_sig()
*/
int test_wc_ecc_rs_to_sig(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && !defined(NO_ASN)
/* first [P-192,SHA-1] vector from FIPS 186-3 NIST vectors */
const char* R = "6994d962bdd0d793ffddf855ec5bf2f91a9698b46258a63e";
const char* S = "02ba6465a234903744ab02bc8521405b73cf5fc00e1a9f41";
const char* zeroStr = "0";
byte sig[ECC_MAX_SIG_SIZE];
word32 siglen = (word32)sizeof(sig);
/* R and S max size is the order of curve. 2^192.*/
int keySz = KEY24;
byte r[KEY24];
byte s[KEY24];
word32 rlen = (word32)sizeof(r);
word32 slen = (word32)sizeof(s);
#if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
word32 zeroLen = 0;
#endif
/* Init stack variables. */
XMEMSET(sig, 0, ECC_MAX_SIG_SIZE);
XMEMSET(r, 0, keySz);
XMEMSET(s, 0, keySz);
ExpectIntEQ(wc_ecc_rs_to_sig(R, S, sig, &siglen), 0);
ExpectIntEQ(wc_ecc_sig_to_rs(sig, siglen, r, &rlen, s, &slen), 0);
/* Test bad args. */
ExpectIntEQ(wc_ecc_rs_to_sig(NULL, S, sig, &siglen),
WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
ExpectIntEQ(wc_ecc_rs_to_sig(R, NULL, sig, &siglen),
WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
ExpectIntEQ(wc_ecc_rs_to_sig(R, S, sig, NULL),
WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
ExpectIntEQ(wc_ecc_rs_to_sig(R, S, NULL, &siglen),
WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
ExpectIntEQ(wc_ecc_rs_to_sig(R, zeroStr, sig, &siglen),
WC_NO_ERR_TRACE(MP_ZERO_E));
ExpectIntEQ(wc_ecc_rs_to_sig(zeroStr, S, sig, &siglen),
WC_NO_ERR_TRACE(MP_ZERO_E));
ExpectIntEQ(wc_ecc_sig_to_rs(NULL, siglen, r, &rlen, s, &slen),
WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
ExpectIntEQ(wc_ecc_sig_to_rs(sig, siglen, NULL, &rlen, s, &slen),
WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
ExpectIntEQ(wc_ecc_sig_to_rs(sig, siglen, r, NULL, s, &slen),
WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
ExpectIntEQ(wc_ecc_sig_to_rs(sig, siglen, r, &rlen, NULL, &slen),
WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
ExpectIntEQ(wc_ecc_sig_to_rs(sig, siglen, r, &rlen, s, NULL),
WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
#if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
ExpectIntEQ(wc_ecc_sig_to_rs(sig, siglen, r, &zeroLen, s, &slen),
WC_NO_ERR_TRACE(BUFFER_E));
ExpectIntEQ(wc_ecc_sig_to_rs(sig, siglen, r, &rlen, s, &zeroLen),
WC_NO_ERR_TRACE(BUFFER_E));
#endif
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_rs_to_sig */
int test_wc_ecc_import_raw(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && !defined(NO_ECC256)
ecc_key key;
const char* qx =
"bb33ac4c27504ac64aa504c33cde9f36db722dce94ea2bfacb2009392c16e861";
const char* qy =
"02e9af4dd302939a315b9792217ff0cf18da9111023486e82058330b803489d8";
const char* d =
"45b66902739c6c85a1385b72e8e8c7acc4038d533504fa6c28dc348de1a8098c";
const char* curveName = "SECP256R1";
#ifdef WOLFSSL_VALIDATE_ECC_IMPORT
const char* kNullStr = "";
int ret;
#endif
XMEMSET(&key, 0, sizeof(ecc_key));
ExpectIntEQ(wc_ecc_init(&key), 0);
/* Test good import */
ExpectIntEQ(wc_ecc_import_raw(&key, qx, qy, d, curveName), 0);
/* Test bad args. */
ExpectIntEQ(wc_ecc_import_raw(NULL, qx, qy, d, curveName),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wc_ecc_import_raw(&key, NULL, qy, d, curveName),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wc_ecc_import_raw(&key, qx, NULL, d, curveName),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wc_ecc_import_raw(&key, qx, qy, d, NULL),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
#ifdef WOLFSSL_VALIDATE_ECC_IMPORT
#if !defined(USE_FAST_MATH) && !defined(WOLFSSL_SP_MATH)
wc_ecc_free(&key);
#endif
ExpectIntLT(ret = wc_ecc_import_raw(&key, kNullStr, kNullStr, kNullStr,
curveName), 0);
ExpectTrue((ret == WC_NO_ERR_TRACE(ECC_INF_E)) ||
(ret == WC_NO_ERR_TRACE(BAD_FUNC_ARG)));
#endif
#if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
#if !defined(USE_FAST_MATH) && !defined(WOLFSSL_SP_MATH)
wc_ecc_free(&key);
#endif
#ifdef WOLFSSL_VALIDATE_ECC_IMPORT
ExpectIntLT(ret = wc_ecc_import_raw(&key, "0", qy, d, curveName), 0);
ExpectTrue((ret == WC_NO_ERR_TRACE(BAD_FUNC_ARG)) ||
(ret == WC_NO_ERR_TRACE(MP_VAL)));
#else
ExpectIntEQ(wc_ecc_import_raw(&key, "0", qy, d, curveName), 0);
#endif
#if !defined(USE_FAST_MATH) && !defined(WOLFSSL_SP_MATH)
wc_ecc_free(&key);
#endif
#ifdef WOLFSSL_VALIDATE_ECC_IMPORT
ExpectIntLT(ret = wc_ecc_import_raw(&key, qx, "0", d, curveName), 0);
ExpectTrue((ret == WC_NO_ERR_TRACE(BAD_FUNC_ARG)) ||
(ret == WC_NO_ERR_TRACE(MP_VAL)));
#else
ExpectIntEQ(wc_ecc_import_raw(&key, qx, "0", d, curveName), 0);
#endif
#if !defined(USE_FAST_MATH) && !defined(WOLFSSL_SP_MATH)
wc_ecc_free(&key);
#endif
ExpectIntEQ(wc_ecc_import_raw(&key, "0", "0", d, curveName),
WC_NO_ERR_TRACE(ECC_INF_E));
#endif
wc_ecc_free(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_import_raw */
int test_wc_ecc_import_unsigned(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && !defined(NO_ECC256) && !defined(HAVE_SELFTEST) && \
(!defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \
HAVE_FIPS_VERSION >= 2))
ecc_key key;
const byte qx[] = {
0xbb, 0x33, 0xac, 0x4c, 0x27, 0x50, 0x4a, 0xc6,
0x4a, 0xa5, 0x04, 0xc3, 0x3c, 0xde, 0x9f, 0x36,
0xdb, 0x72, 0x2d, 0xce, 0x94, 0xea, 0x2b, 0xfa,
0xcb, 0x20, 0x09, 0x39, 0x2c, 0x16, 0xe8, 0x61
};
const byte qy[] = {
0x02, 0xe9, 0xaf, 0x4d, 0xd3, 0x02, 0x93, 0x9a,
0x31, 0x5b, 0x97, 0x92, 0x21, 0x7f, 0xf0, 0xcf,
0x18, 0xda, 0x91, 0x11, 0x02, 0x34, 0x86, 0xe8,
0x20, 0x58, 0x33, 0x0b, 0x80, 0x34, 0x89, 0xd8
};
const byte d[] = {
0x45, 0xb6, 0x69, 0x02, 0x73, 0x9c, 0x6c, 0x85,
0xa1, 0x38, 0x5b, 0x72, 0xe8, 0xe8, 0xc7, 0xac,
0xc4, 0x03, 0x8d, 0x53, 0x35, 0x04, 0xfa, 0x6c,
0x28, 0xdc, 0x34, 0x8d, 0xe1, 0xa8, 0x09, 0x8c
};
#ifdef WOLFSSL_VALIDATE_ECC_IMPORT
const byte nullBytes[32] = {0};
int ret;
#endif
int curveId = ECC_SECP256R1;
XMEMSET(&key, 0, sizeof(ecc_key));
ExpectIntEQ(wc_ecc_init(&key), 0);
ExpectIntEQ(wc_ecc_import_unsigned(&key, (byte*)qx, (byte*)qy, (byte*)d,
curveId), 0);
/* Test bad args. */
ExpectIntEQ(wc_ecc_import_unsigned(NULL, (byte*)qx, (byte*)qy, (byte*)d,
curveId), WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wc_ecc_import_unsigned(&key, NULL, (byte*)qy, (byte*)d,
curveId), WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wc_ecc_import_unsigned(&key, (byte*)qx, NULL, (byte*)d,
curveId), WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wc_ecc_import_unsigned(&key, (byte*)qx, (byte*)qy, (byte*)d,
ECC_CURVE_INVALID), WC_NO_ERR_TRACE(BAD_FUNC_ARG));
#ifdef WOLFSSL_VALIDATE_ECC_IMPORT
ExpectIntLT(ret = wc_ecc_import_unsigned(&key, (byte*)nullBytes,
(byte*)nullBytes, (byte*)nullBytes, curveId), 0);
ExpectTrue((ret == WC_NO_ERR_TRACE(ECC_INF_E)) ||
(ret == WC_NO_ERR_TRACE(BAD_FUNC_ARG)));
#endif
wc_ecc_free(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_import_unsigned */
/*
* Testing wc_ecc_sig_size()
*/
int test_wc_ecc_sig_size(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && !defined(WC_NO_RNG)
ecc_key key;
WC_RNG rng;
int keySz = KEY16;
int ret;
XMEMSET(&rng, 0, sizeof(rng));
XMEMSET(&key, 0, sizeof(key));
ExpectIntEQ(wc_ecc_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ret = wc_ecc_make_key(&rng, keySz, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
ExpectIntEQ(ret, 0);
ExpectIntLE(wc_ecc_sig_size(&key),
(2 * keySz + SIG_HEADER_SZ + ECC_MAX_PAD_SZ));
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ecc_free(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_sig_size */
/*
* Testing wc_ecc_ctx_new()
*/
int test_wc_ecc_ctx_new(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_ENCRYPT) && !defined(WC_NO_RNG)
WC_RNG rng;
ecEncCtx* cli = NULL;
ecEncCtx* srv = NULL;
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectNotNull(cli = wc_ecc_ctx_new(REQ_RESP_CLIENT, &rng));
ExpectNotNull(srv = wc_ecc_ctx_new(REQ_RESP_SERVER, &rng));
wc_ecc_ctx_free(cli);
cli = NULL;
wc_ecc_ctx_free(srv);
/* Test bad args. */
/* wc_ecc_ctx_new_ex() will free if returned NULL. */
ExpectNull(cli = wc_ecc_ctx_new(0, &rng));
ExpectNull(cli = wc_ecc_ctx_new(REQ_RESP_CLIENT, NULL));
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ecc_ctx_free(cli);
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_ctx_new */
/*
* Tesing wc_ecc_reset()
*/
int test_wc_ecc_ctx_reset(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_ENCRYPT) && !defined(WC_NO_RNG)
ecEncCtx* ctx = NULL;
WC_RNG rng;
XMEMSET(&rng, 0, sizeof(rng));
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectNotNull(ctx = wc_ecc_ctx_new(REQ_RESP_CLIENT, &rng));
ExpectIntEQ(wc_ecc_ctx_reset(ctx, &rng), 0);
/* Pass in bad args. */
ExpectIntEQ(wc_ecc_ctx_reset(NULL, &rng), WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wc_ecc_ctx_reset(ctx, NULL), WC_NO_ERR_TRACE(BAD_FUNC_ARG));
wc_ecc_ctx_free(ctx);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_ctx_reset */
/*
* Testing wc_ecc_ctx_set_peer_salt() and wc_ecc_ctx_get_own_salt()
*/
int test_wc_ecc_ctx_set_peer_salt(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_ENCRYPT) && !defined(WC_NO_RNG)
WC_RNG rng;
ecEncCtx* cliCtx = NULL;
ecEncCtx* servCtx = NULL;
const byte* cliSalt = NULL;
const byte* servSalt = NULL;
XMEMSET(&rng, 0, sizeof(rng));
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectNotNull(cliCtx = wc_ecc_ctx_new(REQ_RESP_CLIENT, &rng));
ExpectNotNull(servCtx = wc_ecc_ctx_new(REQ_RESP_SERVER, &rng));
/* Test bad args. */
ExpectNull(cliSalt = wc_ecc_ctx_get_own_salt(NULL));
ExpectNotNull(cliSalt = wc_ecc_ctx_get_own_salt(cliCtx));
ExpectNotNull(servSalt = wc_ecc_ctx_get_own_salt(servCtx));
ExpectIntEQ(wc_ecc_ctx_set_peer_salt(cliCtx, servSalt), 0);
/* Test bad args. */
ExpectIntEQ(wc_ecc_ctx_set_peer_salt(NULL, servSalt),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wc_ecc_ctx_set_peer_salt(cliCtx, NULL),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
wc_ecc_ctx_free(cliCtx);
wc_ecc_ctx_free(servCtx);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_ctx_set_peer_salt */
/*
* Testing wc_ecc_ctx_set_info()
*/
int test_wc_ecc_ctx_set_info(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_ENCRYPT) && !defined(WC_NO_RNG)
ecEncCtx* ctx = NULL;
WC_RNG rng;
const char* optInfo = "Optional Test Info.";
int optInfoSz = (int)XSTRLEN(optInfo);
const char* badOptInfo = NULL;
XMEMSET(&rng, 0, sizeof(rng));
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectNotNull(ctx = wc_ecc_ctx_new(REQ_RESP_CLIENT, &rng));
ExpectIntEQ(wc_ecc_ctx_set_info(ctx, (byte*)optInfo, optInfoSz), 0);
/* Test bad args. */
ExpectIntEQ(wc_ecc_ctx_set_info(NULL, (byte*)optInfo, optInfoSz),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wc_ecc_ctx_set_info(ctx, (byte*)badOptInfo, optInfoSz),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wc_ecc_ctx_set_info(ctx, (byte*)optInfo, -1),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
wc_ecc_ctx_free(ctx);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_ctx_set_info */
/*
* Testing wc_ecc_encrypt() and wc_ecc_decrypt()
*/
int test_wc_ecc_encryptDecrypt(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_ENCRYPT) && !defined(WC_NO_RNG) && \
defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128)
ecc_key srvKey;
ecc_key cliKey;
ecc_key tmpKey;
WC_RNG rng;
int ret;
const char* msg = "EccBlock Size 16";
word32 msgSz = (word32)XSTRLEN("EccBlock Size 16");
#ifdef WOLFSSL_ECIES_OLD
byte out[(sizeof("EccBlock Size 16") - 1) + WC_SHA256_DIGEST_SIZE];
#elif defined(WOLFSSL_ECIES_GEN_IV)
byte out[KEY20 * 2 + 1 + AES_BLOCK_SIZE +
(sizeof("EccBlock Size 16") - 1) + WC_SHA256_DIGEST_SIZE];
#else
byte out[KEY20 * 2 + 1 + (sizeof("EccBlock Size 16") - 1) +
WC_SHA256_DIGEST_SIZE];
#endif
word32 outSz = (word32)sizeof(out);
byte plain[sizeof("EccBlock Size 16")];
word32 plainSz = (word32)sizeof(plain);
int keySz = KEY20;
/* Init stack variables. */
XMEMSET(out, 0, outSz);
XMEMSET(plain, 0, plainSz);
XMEMSET(&rng, 0, sizeof(rng));
XMEMSET(&srvKey, 0, sizeof(ecc_key));
XMEMSET(&cliKey, 0, sizeof(ecc_key));
XMEMSET(&tmpKey, 0, sizeof(ecc_key));
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_ecc_init(&cliKey), 0);
ret = wc_ecc_make_key(&rng, keySz, &cliKey);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &cliKey.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
ExpectIntEQ(ret, 0);
ExpectIntEQ(wc_ecc_init(&srvKey), 0);
ret = wc_ecc_make_key(&rng, keySz, &srvKey);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &srvKey.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
ExpectIntEQ(ret, 0);
ExpectIntEQ(wc_ecc_init(&tmpKey), 0);
#if defined(ECC_TIMING_RESISTANT) && (!defined(HAVE_FIPS) || \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION != 2))) && \
!defined(HAVE_SELFTEST)
ExpectIntEQ(wc_ecc_set_rng(&srvKey, &rng), 0);
ExpectIntEQ(wc_ecc_set_rng(&cliKey, &rng), 0);
#endif
ExpectIntEQ(wc_ecc_encrypt(&cliKey, &srvKey, (byte*)msg, msgSz, out,
&outSz, NULL), 0);
/* Test bad args. */
ExpectIntEQ(wc_ecc_encrypt(NULL, &srvKey, (byte*)msg, msgSz, out, &outSz,
NULL), WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wc_ecc_encrypt(&cliKey, NULL, (byte*)msg, msgSz, out, &outSz,
NULL), WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wc_ecc_encrypt(&cliKey, &srvKey, NULL, msgSz, out, &outSz,
NULL), WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wc_ecc_encrypt(&cliKey, &srvKey, (byte*)msg, msgSz, NULL,
&outSz, NULL), WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wc_ecc_encrypt(&cliKey, &srvKey, (byte*)msg, msgSz, out, NULL,
NULL), WC_NO_ERR_TRACE(BAD_FUNC_ARG));
#ifdef WOLFSSL_ECIES_OLD
tmpKey.dp = cliKey.dp;
ExpectIntEQ(wc_ecc_copy_point(&cliKey.pubkey, &tmpKey.pubkey), 0);
#endif
ExpectIntEQ(wc_ecc_decrypt(&srvKey, &tmpKey, out, outSz, plain, &plainSz,
NULL), 0);
ExpectIntEQ(wc_ecc_decrypt(NULL, &tmpKey, out, outSz, plain, &plainSz,
NULL), WC_NO_ERR_TRACE(BAD_FUNC_ARG));
#ifdef WOLFSSL_ECIES_OLD
/* NULL parameter allowed in new implementations - public key comes from
* the message. */
ExpectIntEQ(wc_ecc_decrypt(&srvKey, NULL, out, outSz, plain, &plainSz,
NULL), WC_NO_ERR_TRACE(BAD_FUNC_ARG));
#endif
ExpectIntEQ(wc_ecc_decrypt(&srvKey, &tmpKey, NULL, outSz, plain, &plainSz,
NULL), WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wc_ecc_decrypt(&srvKey, &tmpKey, out, outSz, NULL, &plainSz,
NULL), WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wc_ecc_decrypt(&srvKey, &tmpKey, out, outSz, plain, NULL, NULL),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(XMEMCMP(msg, plain, msgSz), 0);
wc_ecc_free(&tmpKey);
wc_ecc_free(&srvKey);
wc_ecc_free(&cliKey);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_encryptDecrypt */
/*
* Testing wc_ecc_del_point() and wc_ecc_new_point()
*/
int test_wc_ecc_del_point(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC)
ecc_point* pt = NULL;
ExpectNotNull(pt = wc_ecc_new_point());
wc_ecc_del_point(pt);
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_del_point */
/*
* Testing wc_ecc_point_is_at_infinity(), wc_ecc_export_point_der(),
* wc_ecc_import_point_der(), wc_ecc_copy_point(), wc_ecc_point_is_on_curve(),
* and wc_ecc_cmp_point()
*/
int test_wc_ecc_pointFns(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT) && \
!defined(WC_NO_RNG) && !defined(WOLFSSL_ATECC508A) && \
!defined(WOLFSSL_ATECC608A)
ecc_key key;
WC_RNG rng;
int ret;
ecc_point* point = NULL;
ecc_point* cpypt = NULL;
int idx = 0;
int keySz = KEY32;
byte der[DER_SZ(KEY32)];
word32 derlenChk = 0;
word32 derSz = DER_SZ(KEY32);
/* Init stack variables. */
XMEMSET(der, 0, derSz);
XMEMSET(&key, 0, sizeof(ecc_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_ecc_init(&key), 0);
ret = wc_ecc_make_key(&rng, keySz, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
ExpectIntEQ(ret, 0);
ExpectNotNull(point = wc_ecc_new_point());
ExpectNotNull(cpypt = wc_ecc_new_point());
/* Export */
ExpectIntEQ(wc_ecc_export_point_der((idx = key.idx), &key.pubkey, NULL,
&derlenChk), WC_NO_ERR_TRACE(LENGTH_ONLY_E));
/* Check length value. */
ExpectIntEQ(derSz, derlenChk);
ExpectIntEQ(wc_ecc_export_point_der((idx = key.idx), &key.pubkey, der,
&derSz), 0);
/* Test bad args. */
ExpectIntEQ(wc_ecc_export_point_der(-2, &key.pubkey, der, &derSz),
WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
ExpectIntEQ(wc_ecc_export_point_der((idx = key.idx), NULL, der, &derSz),
WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
ExpectIntEQ(wc_ecc_export_point_der((idx = key.idx), &key.pubkey, der,
NULL), WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
/* Import */
ExpectIntEQ(wc_ecc_import_point_der(der, derSz, idx, point), 0);
ExpectIntEQ(wc_ecc_cmp_point(&key.pubkey, point), 0);
/* Test bad args. */
ExpectIntEQ( wc_ecc_import_point_der(NULL, derSz, idx, point),
WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
ExpectIntEQ(wc_ecc_import_point_der(der, derSz, idx, NULL),
WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
ExpectIntEQ(wc_ecc_import_point_der(der, derSz, -1, point),
WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
ExpectIntEQ(wc_ecc_import_point_der(der, derSz + 1, idx, point),
WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
/* Copy */
ExpectIntEQ(wc_ecc_copy_point(point, cpypt), 0);
/* Test bad args. */
ExpectIntEQ(wc_ecc_copy_point(NULL, cpypt), WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
ExpectIntEQ(wc_ecc_copy_point(point, NULL), WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
/* Compare point */
ExpectIntEQ(wc_ecc_cmp_point(point, cpypt), 0);
/* Test bad args. */
ExpectIntEQ(wc_ecc_cmp_point(NULL, cpypt), WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wc_ecc_cmp_point(point, NULL), WC_NO_ERR_TRACE(BAD_FUNC_ARG));
/* At infinity if return == 1, otherwise return == 0. */
ExpectIntEQ(wc_ecc_point_is_at_infinity(point), 0);
/* Test bad args. */
ExpectIntEQ(wc_ecc_point_is_at_infinity(NULL),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)))
#ifdef USE_ECC_B_PARAM
/* On curve if ret == 0 */
ExpectIntEQ(wc_ecc_point_is_on_curve(point, idx), 0);
/* Test bad args. */
ExpectIntEQ(wc_ecc_point_is_on_curve(NULL, idx),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wc_ecc_point_is_on_curve(point, 1000),
WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
#endif /* USE_ECC_B_PARAM */
#endif /* !HAVE_SELFTEST && (!HAVE_FIPS || HAVE_FIPS_VERSION > 2) */
/* Free */
wc_ecc_del_point(point);
wc_ecc_del_point(cpypt);
wc_ecc_free(&key);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_pointFns */
/*
* Testing wc_ecc_shared_secret_ssh()
*/
int test_wc_ecc_shared_secret_ssh(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_DHE) && \
!defined(WC_NO_RNG) && !defined(WOLFSSL_ATECC508A) && \
!defined(WOLFSSL_ATECC608A) && !defined(PLUTON_CRYPTO_ECC) && \
!defined(WOLFSSL_CRYPTOCELL)
ecc_key key;
ecc_key key2;
WC_RNG rng;
int ret;
int keySz = KEY32;
#if FIPS_VERSION3_GE(6,0,0)
int key2Sz = KEY28;
#else
int key2Sz = KEY24;
#endif
byte secret[KEY32];
word32 secretLen = (word32)keySz;
/* Init stack variables. */
XMEMSET(&key, 0, sizeof(ecc_key));
XMEMSET(&key2, 0, sizeof(ecc_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(secret, 0, secretLen);
PRIVATE_KEY_UNLOCK();
/* Make keys */
ExpectIntEQ(wc_ecc_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ret = wc_ecc_make_key(&rng, keySz, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
ExpectIntEQ(ret, 0);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
ExpectIntEQ(wc_ecc_init(&key2), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ret = wc_ecc_make_key(&rng, key2Sz, &key2);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key2.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
ExpectIntEQ(ret, 0);
#if defined(ECC_TIMING_RESISTANT) && (!defined(HAVE_FIPS) || \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION != 2))) && \
!defined(HAVE_SELFTEST)
ExpectIntEQ(wc_ecc_set_rng(&key, &rng), 0);
#endif
ExpectIntEQ(wc_ecc_shared_secret_ssh(&key, &key2.pubkey, secret,
&secretLen), 0);
/* Pass in bad args. */
ExpectIntEQ(wc_ecc_shared_secret_ssh(NULL, &key2.pubkey, secret,
&secretLen), WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wc_ecc_shared_secret_ssh(&key, NULL, secret, &secretLen),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wc_ecc_shared_secret_ssh(&key, &key2.pubkey, NULL, &secretLen),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wc_ecc_shared_secret_ssh(&key, &key2.pubkey, secret, NULL),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
key.type = ECC_PUBLICKEY;
ExpectIntEQ(wc_ecc_shared_secret_ssh(&key, &key2.pubkey, secret,
&secretLen), WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
PRIVATE_KEY_LOCK();
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ecc_free(&key);
wc_ecc_free(&key2);
#ifdef FP_ECC
wc_ecc_fp_free();
#endif
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_shared_secret_ssh */
/*
* Testing wc_ecc_verify_hash_ex() and wc_ecc_verify_hash_ex()
*/
int test_wc_ecc_verify_hash_ex(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_SIGN) && defined(WOLFSSL_PUBLIC_MP) \
&& !defined(WC_NO_RNG) && !defined(WOLFSSL_ATECC508A) && \
!defined(WOLFSSL_ATECC608A) && !defined(WOLFSSL_KCAPI_ECC)
ecc_key key;
WC_RNG rng;
int ret;
mp_int r;
mp_int s;
mp_int z;
unsigned char hash[] = "Everyone gets Friday off.EccSig";
unsigned char iHash[] = "Everyone gets Friday off.......";
unsigned char shortHash[] = TEST_STRING;
word32 hashlen = sizeof(hash);
word32 iHashLen = sizeof(iHash);
word32 shortHashLen = sizeof(shortHash);
int keySz = KEY32;
int verify_ok = 0;
XMEMSET(&key, 0, sizeof(ecc_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(&r, 0, sizeof(mp_int));
XMEMSET(&s, 0, sizeof(mp_int));
XMEMSET(&z, 0, sizeof(mp_int));
/* Initialize r, s and z. */
ExpectIntEQ(mp_init_multi(&r, &s, &z, NULL, NULL, NULL), MP_OKAY);
ExpectIntEQ(wc_ecc_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ret = wc_ecc_make_key(&rng, keySz, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
ExpectIntEQ(ret, 0);
ExpectIntEQ(wc_ecc_sign_hash_ex(hash, hashlen, &rng, &key, &r, &s), 0);
/* verify_ok should be 1. */
ExpectIntEQ(wc_ecc_verify_hash_ex(&r, &s, hash, hashlen, &verify_ok, &key),
0);
ExpectIntEQ(verify_ok, 1);
/* verify_ok should be 0 */
ExpectIntEQ(wc_ecc_verify_hash_ex(&r, &s, iHash, iHashLen, &verify_ok,
&key), 0);
ExpectIntEQ(verify_ok, 0);
/* verify_ok should be 0. */
ExpectIntEQ(wc_ecc_verify_hash_ex(&r, &s, shortHash, shortHashLen,
&verify_ok, &key), 0);
ExpectIntEQ(verify_ok, 0);
/* Test bad args. */
ExpectIntEQ(wc_ecc_sign_hash_ex(NULL, hashlen, &rng, &key, &r, &s),
WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
ExpectIntEQ(wc_ecc_sign_hash_ex(hash, hashlen, NULL, &key, &r, &s),
WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
ExpectIntEQ(wc_ecc_sign_hash_ex(hash, hashlen, &rng, NULL, &r, &s),
WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
ExpectIntEQ(wc_ecc_sign_hash_ex(hash, hashlen, &rng, &key, NULL, &s),
WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
ExpectIntEQ(wc_ecc_sign_hash_ex(hash, hashlen, &rng, &key, &r, NULL),
WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
/* Test bad args. */
ExpectIntEQ(wc_ecc_verify_hash_ex(NULL, &s, shortHash, shortHashLen,
&verify_ok, &key), WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
ExpectIntEQ(wc_ecc_verify_hash_ex(&r, NULL, shortHash, shortHashLen,
&verify_ok, &key), WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
ExpectIntEQ(wc_ecc_verify_hash_ex(&z, &s, shortHash, shortHashLen,
&verify_ok, &key), WC_NO_ERR_TRACE(MP_ZERO_E));
ExpectIntEQ(wc_ecc_verify_hash_ex(&r, &z, shortHash, shortHashLen,
&verify_ok, &key), WC_NO_ERR_TRACE(MP_ZERO_E));
ExpectIntEQ(wc_ecc_verify_hash_ex(&z, &z, shortHash, shortHashLen,
&verify_ok, &key), WC_NO_ERR_TRACE(MP_ZERO_E));
ExpectIntEQ(wc_ecc_verify_hash_ex(&r, &s, NULL, shortHashLen, &verify_ok,
&key), WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
ExpectIntEQ(wc_ecc_verify_hash_ex(&r, &s, shortHash, shortHashLen, NULL,
&key), WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
ExpectIntEQ(wc_ecc_verify_hash_ex(&r, &s, shortHash, shortHashLen,
&verify_ok, NULL), WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
wc_ecc_free(&key);
mp_free(&r);
mp_free(&s);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_verify_hash_ex */
/*
* Testing wc_ecc_mulmod()
*/
int test_wc_ecc_mulmod(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && !defined(WC_NO_RNG) && \
!(defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A) || \
defined(WOLFSSL_VALIDATE_ECC_IMPORT))
ecc_key key1;
ecc_key key2;
ecc_key key3;
WC_RNG rng;
int ret;
XMEMSET(&key1, 0, sizeof(ecc_key));
XMEMSET(&key2, 0, sizeof(ecc_key));
XMEMSET(&key3, 0, sizeof(ecc_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_ecc_init(&key1), 0);
ExpectIntEQ(wc_ecc_init(&key2), 0);
ExpectIntEQ(wc_ecc_init(&key3), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ret = wc_ecc_make_key(&rng, KEY32, &key1);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key1.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
ExpectIntEQ(ret, 0);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
ExpectIntEQ(wc_ecc_import_raw_ex(&key2, key1.dp->Gx, key1.dp->Gy,
key1.dp->Af, ECC_SECP256R1), 0);
ExpectIntEQ(wc_ecc_import_raw_ex(&key3, key1.dp->Gx, key1.dp->Gy,
key1.dp->prime, ECC_SECP256R1), 0);
ExpectIntEQ(wc_ecc_mulmod(wc_ecc_key_get_priv(&key1), &key2.pubkey,
&key3.pubkey, wc_ecc_key_get_priv(&key2), wc_ecc_key_get_priv(&key3),
1), 0);
/* Test bad args. */
ExpectIntEQ(ret = wc_ecc_mulmod(NULL, &key2.pubkey, &key3.pubkey,
wc_ecc_key_get_priv(&key2), wc_ecc_key_get_priv(&key3), 1),
WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
ExpectIntEQ(wc_ecc_mulmod(wc_ecc_key_get_priv(&key1), NULL, &key3.pubkey,
wc_ecc_key_get_priv(&key2), wc_ecc_key_get_priv(&key3), 1),
WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
ExpectIntEQ(wc_ecc_mulmod(wc_ecc_key_get_priv(&key1), &key2.pubkey, NULL,
wc_ecc_key_get_priv(&key2), wc_ecc_key_get_priv(&key3), 1),
WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
ExpectIntEQ(wc_ecc_mulmod(wc_ecc_key_get_priv(&key1), &key2.pubkey,
&key3.pubkey, wc_ecc_key_get_priv(&key2), NULL, 1),
WC_NO_ERR_TRACE(ECC_BAD_ARG_E));
wc_ecc_free(&key1);
wc_ecc_free(&key2);
wc_ecc_free(&key3);
#ifdef FP_ECC
wc_ecc_fp_free();
#endif
#endif /* HAVE_ECC && !WOLFSSL_ATECC508A */
return EXPECT_RESULT();
} /* END test_wc_ecc_mulmod */
/*
* Testing wc_ecc_is_valid_idx()
*/
int test_wc_ecc_is_valid_idx(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && !defined(WC_NO_RNG)
ecc_key key;
WC_RNG rng;
int ret;
int iVal = -2;
int iVal2 = 3000;
XMEMSET(&key, 0, sizeof(ecc_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_ecc_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ret = wc_ecc_make_key(&rng, 32, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
ExpectIntEQ(ret, 0);
ExpectIntEQ(wc_ecc_is_valid_idx(key.idx), 1);
/* Test bad args. */
ExpectIntEQ(wc_ecc_is_valid_idx(iVal), 0);
ExpectIntEQ(wc_ecc_is_valid_idx(iVal2), 0);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ecc_free(&key);
#ifdef FP_ECC
wc_ecc_fp_free();
#endif
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_is_valid_idx */
/*
* Testing wc_ecc_get_curve_id_from_oid()
*/
int test_wc_ecc_get_curve_id_from_oid(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && !defined(NO_ECC256) && !defined(HAVE_SELFTEST) && \
!defined(HAVE_FIPS)
const byte oid[] = {0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x07};
word32 len = sizeof(oid);
/* Bad Cases */
ExpectIntEQ(wc_ecc_get_curve_id_from_oid(NULL, len),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wc_ecc_get_curve_id_from_oid(oid, 0), ECC_CURVE_INVALID);
/* Good Case */
ExpectIntEQ(wc_ecc_get_curve_id_from_oid(oid, len), ECC_SECP256R1);
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_get_curve_id_from_oid */
/*
* Testing wc_ecc_sig_size_calc()
*/
int test_wc_ecc_sig_size_calc(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && !defined(WC_NO_RNG) && !defined(HAVE_SELFTEST)
ecc_key key;
WC_RNG rng;
int sz = 0;
int ret;
XMEMSET(&key, 0, sizeof(ecc_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
ExpectIntEQ(wc_ecc_init(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ret = wc_ecc_make_key(&rng, 16, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
#if FIPS_VERSION3_GE(6,0,0)
ExpectIntEQ(ret, WC_NO_ERR_TRACE(BAD_FUNC_ARG));
#else
ExpectIntEQ(ret, 0);
#endif
#if FIPS_VERSION3_LT(6,0,0)
sz = key.dp->size;
ExpectIntGT(wc_ecc_sig_size_calc(sz), 0);
#else
(void) sz;
#endif
DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ecc_free(&key);
#endif
return EXPECT_RESULT();
} /* END test_wc_ecc_sig_size_calc */
/*
* Testing wc_EccPrivateKeyToDer
*/
int test_wc_EccPrivateKeyToDer(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT) && !defined(WC_NO_RNG)
byte output[ONEK_BUF];
ecc_key eccKey;
WC_RNG rng;
word32 inLen = 0;
word32 outLen = 0;
int ret;
XMEMSET(&eccKey, 0, sizeof(ecc_key));
XMEMSET(&rng, 0, sizeof(WC_RNG));
PRIVATE_KEY_UNLOCK();
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_ecc_init(&eccKey), 0);
ret = wc_ecc_make_key(&rng, KEY14, &eccKey);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &eccKey.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
ExpectIntEQ(ret, 0);
/* Bad Cases */
ExpectIntEQ(wc_EccPrivateKeyToDer(NULL, NULL, 0),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wc_EccPrivateKeyToDer(NULL, output, inLen),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
inLen = wc_EccPrivateKeyToDer(&eccKey, NULL, 0);
ExpectIntGT(inLen, 0);
ExpectIntEQ(wc_EccPrivateKeyToDer(&eccKey, output, 0),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
/* Good Case */
ExpectIntGT(outLen = (word32)wc_EccPrivateKeyToDer(&eccKey, output, inLen),
0);
wc_ecc_free(&eccKey);
DoExpectIntEQ(wc_FreeRng(&rng), 0);
#if defined(OPENSSL_EXTRA) && defined(HAVE_ALL_CURVES)
{
/* test importing private only into a PKEY struct */
EC_KEY* ec = NULL;
EVP_PKEY* pkey = NULL;
const unsigned char* der;
der = output;
ExpectNotNull(pkey = d2i_PrivateKey(EVP_PKEY_EC, NULL, &der, outLen));
der = output;
ExpectNotNull(ec = d2i_ECPrivateKey(NULL, &der, outLen));
ExpectIntEQ(EVP_PKEY_assign_EC_KEY(pkey, ec), SSL_SUCCESS);
if (EXPECT_FAIL()) {
EC_KEY_free(ec);
}
EVP_PKEY_free(pkey); /* EC_KEY should be free'd by free'ing pkey */
}
#endif
PRIVATE_KEY_LOCK();
#endif
return EXPECT_RESULT();
} /* End test_wc_EccPrivateKeyToDer */
Reference in New Issue View Git Blame Copy Permalink