2
* (C) 2014,2015 Jack Lloyd
3
* (C) 2017 René Korthaus, Rohde & Schwarz Cybersecurity
5
* Botan is released under the Simplified BSD License (see license.txt)
12
#if defined(BOTAN_HAS_ECDSA)
13
#include "test_pubkey.h"
14
#include <botan/ecdsa.h>
15
#include <botan/oids.h>
18
namespace Botan_Tests {
22
#if defined(BOTAN_HAS_ECDSA)
24
class ECDSA_Signature_KAT_Tests final : public PK_Signature_Generation_Test
27
ECDSA_Signature_KAT_Tests() : PK_Signature_Generation_Test(
29
#if defined(BOTAN_HAS_RFC6979_GENERATOR)
30
"pubkey/ecdsa_rfc6979.vec",
31
"Group,X,Hash,Msg,Signature") {}
33
"pubkey/ecdsa_prob.vec",
34
"Group,X,Hash,Msg,Nonce,Signature") {}
37
bool clear_between_callbacks() const override
42
std::unique_ptr<Botan::Private_Key> load_private_key(const VarMap& vars) override
44
const std::string group_id = get_req_str(vars, "Group");
45
const BigInt x = get_req_bn(vars, "X");
46
Botan::EC_Group group(Botan::OIDS::lookup(group_id));
48
std::unique_ptr<Botan::Private_Key> key(new Botan::ECDSA_PrivateKey(Test::rng(), group, x));
52
std::string default_padding(const VarMap& vars) const override
54
const std::string hash = get_req_str(vars, "Hash");
55
if(hash.substr(0,3) == "Raw")
57
return "EMSA1(" + hash + ")";
60
#if !defined(BOTAN_HAS_RFC6979)
61
Botan::RandomNumberGenerator* test_rng(const std::vector<uint8_t>& nonce) const override
63
// probabilistic ecdsa signature generation extracts more random than just the nonce,
64
// but the nonce is extracted first
65
return new Fixed_Output_Position_RNG(nonce, 1);
70
class ECDSA_Keygen_Tests final : public PK_Key_Generation_Test
73
std::vector<std::string> keygen_params() const override
75
return { "secp256r1", "secp384r1", "secp521r1", "frp256v1" };
77
std::string algo_name() const override
83
class ECDSA_Invalid_Key_Tests final : public Text_Based_Test
86
ECDSA_Invalid_Key_Tests() :
87
Text_Based_Test("pubkey/ecdsa_invalid.vec", "Group,InvalidKeyX,InvalidKeyY") {}
89
bool clear_between_callbacks() const override
94
Test::Result run_one_test(const std::string&, const VarMap& vars) override
96
Test::Result result("ECDSA invalid keys");
98
const std::string group_id = get_req_str(vars, "Group");
99
Botan::EC_Group group(Botan::OIDS::lookup(group_id));
100
const Botan::BigInt x = get_req_bn(vars, "InvalidKeyX");
101
const Botan::BigInt y = get_req_bn(vars, "InvalidKeyY");
103
std::unique_ptr<Botan::PointGFp> public_point;
107
public_point.reset(new Botan::PointGFp(group.get_curve(), x, y));
109
catch(Botan::Invalid_Argument&)
111
// PointGFp() performs a range check on x, y in [0, p−1],
112
// which is also part of the EC public key checks, e.g.,
113
// in NIST SP800-56A rev2, sec. 5.6.2.3.2
114
result.test_success("public key fails check");
118
std::unique_ptr<Botan::Public_Key> key(new Botan::ECDSA_PublicKey(group, *public_point));
119
result.test_eq("public key fails check", key->check_key(Test::rng(), false), false);
124
BOTAN_REGISTER_TEST("ecdsa_sign", ECDSA_Signature_KAT_Tests);
125
BOTAN_REGISTER_TEST("ecdsa_keygen", ECDSA_Keygen_Tests);
126
BOTAN_REGISTER_TEST("ecdsa_invalid", ECDSA_Invalid_Key_Tests);