Return to test_ed25519.c CVS log | Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libstrongswan / tests / suites |
1.1 misho 1: /* 2: * Copyright (C) 2016 Andreas Steffen 3: * HSR Hochschule fuer Technik Rapperswil 4: * 5: * This program is free software; you can redistribute it and/or modify it 6: * under the terms of the GNU General Public License as published by the 7: * Free Software Foundation; either version 2 of the License, or (at your 8: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. 9: * 10: * This program is distributed in the hope that it will be useful, but 11: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY 12: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 13: * for more details. 14: */ 15: 16: #include "test_suite.h" 17: 18: #include <time.h> 19: 20: typedef struct sig_test_t sig_test_t; 21: 22: struct sig_test_t { 23: chunk_t key; 24: chunk_t pubkey; 25: chunk_t msg; 26: chunk_t sig; 27: chunk_t fp_pk; 28: chunk_t fp_spki; 29: }; 30: 31: /** 32: * Ed25519 Test Vectors from RFC 8032 33: */ 34: static sig_test_t sig_tests[] = { 35: /* Test 1 */ 36: { chunk_from_chars( 37: 0x30, 0x2e, 0x02, 0x01, 0x00, 0x30, 0x05, 0x06, 0x03, 0x2b, 38: 0x65, 0x70, 0x04, 0x22, 0x04, 0x20, 0x9d, 0x61, 0xb1, 0x9d, 39: 0xef, 0xfd, 0x5a, 0x60, 0xba, 0x84, 0x4a, 0xf4, 0x92, 0xec, 40: 0x2c, 0xc4, 0x44, 0x49, 0xc5, 0x69, 0x7b, 0x32, 0x69, 0x19, 41: 0x70, 0x3b, 0xac, 0x03, 0x1c, 0xae, 0x7f, 0x60), 42: chunk_from_chars( 43: 0x30, 0x2a, 0x30, 0x05, 0x06, 0x03, 0x2b, 0x65, 0x70, 0x03, 44: 0x21, 0x00, 0xd7, 0x5a, 0x98, 0x01, 0x82, 0xb1, 0x0a, 0xb7, 45: 0xd5, 0x4b, 0xfe, 0xd3, 0xc9, 0x64, 0x07, 0x3a, 0x0e, 0xe1, 46: 0x72, 0xf3, 0xda, 0xa6, 0x23, 0x25, 0xaf, 0x02, 0x1a, 0x68, 47: 0xf7, 0x07, 0x51, 0x1a), 48: { NULL, 0 }, 49: chunk_from_chars( 50: 0xe5, 0x56, 0x43, 0x00, 0xc3, 0x60, 0xac, 0x72, 0x90, 0x86, 51: 0xe2, 0xcc, 0x80, 0x6e, 0x82, 0x8a, 0x84, 0x87, 0x7f, 0x1e, 52: 0xb8, 0xe5, 0xd9, 0x74, 0xd8, 0x73, 0xe0, 0x65, 0x22, 0x49, 53: 0x01, 0x55, 0x5f, 0xb8, 0x82, 0x15, 0x90, 0xa3, 0x3b, 0xac, 54: 0xc6, 0x1e, 0x39, 0x70, 0x1c, 0xf9, 0xb4, 0x6b, 0xd2, 0x5b, 55: 0xf5, 0xf0, 0x59, 0x5b, 0xbe, 0x24, 0x65, 0x51, 0x41, 0x43, 56: 0x8e, 0x7a, 0x10, 0x0b), 57: chunk_from_chars( 58: 0x5b, 0x27, 0xaa, 0x55, 0x89, 0x17, 0x97, 0x70, 0xe4, 0x75, 59: 0x75, 0xb1, 0x62, 0xa1, 0xde, 0xd9, 0x7b, 0x8b, 0xfc, 0x6d), 60: chunk_from_chars( 61: 0xa5, 0x66, 0xbe, 0x19, 0x84, 0x01, 0x73, 0x41, 0x3a, 0x61, 62: 0x04, 0x83, 0x50, 0xef, 0xf2, 0x3e, 0x8f, 0xe2, 0x22, 0x66), 63: }, 64: /* Test 2 */ 65: { chunk_from_chars( 66: 0x30, 0x2e, 0x02, 0x01, 0x00, 0x30, 0x05, 0x06, 0x03, 0x2b, 67: 0x65, 0x70, 0x04, 0x22, 0x04, 0x20, 0x4c, 0xcd, 0x08, 0x9b, 68: 0x28, 0xff, 0x96, 0xda, 0x9d, 0xb6, 0xc3, 0x46, 0xec, 0x11, 69: 0x4e, 0x0f, 0x5b, 0x8a, 0x31, 0x9f, 0x35, 0xab, 0xa6, 0x24, 70: 0xda, 0x8c, 0xf6, 0xed, 0x4f, 0xb8, 0xa6, 0xfb), 71: chunk_from_chars( 72: 0x30, 0x2a, 0x30, 0x05, 0x06, 0x03, 0x2b, 0x65, 0x70, 0x03, 73: 0x21, 0x00, 0x3d, 0x40, 0x17, 0xc3, 0xe8, 0x43, 0x89, 0x5a, 74: 0x92, 0xb7, 0x0a, 0xa7, 0x4d, 0x1b, 0x7e, 0xbc, 0x9c, 0x98, 75: 0x2c, 0xcf, 0x2e, 0xc4, 0x96, 0x8c, 0xc0, 0xcd, 0x55, 0xf1, 76: 0x2a, 0xf4, 0x66, 0x0c), 77: chunk_from_chars( 78: 0x72), 79: chunk_from_chars( 80: 0x92, 0xa0, 0x09, 0xa9, 0xf0, 0xd4, 0xca, 0xb8, 0x72, 0x0e, 81: 0x82, 0x0b, 0x5f, 0x64, 0x25, 0x40, 0xa2, 0xb2, 0x7b, 0x54, 82: 0x16, 0x50, 0x3f, 0x8f, 0xb3, 0x76, 0x22, 0x23, 0xeb, 0xdb, 83: 0x69, 0xda, 0x08, 0x5a, 0xc1, 0xe4, 0x3e, 0x15, 0x99, 0x6e, 84: 0x45, 0x8f, 0x36, 0x13, 0xd0, 0xf1, 0x1d, 0x8c, 0x38, 0x7b, 85: 0x2e, 0xae, 0xb4, 0x30, 0x2a, 0xee, 0xb0, 0x0d, 0x29, 0x16, 86: 0x12, 0xbb, 0x0c, 0x00), 87: chunk_from_chars( 88: 0x13, 0xf7, 0x72, 0x66, 0x9e, 0x15, 0x2a, 0xe6, 0xa6, 0x2a, 89: 0x60, 0xa3, 0x48, 0x8a, 0x6f, 0x29, 0x7d, 0x06, 0x13, 0xdd), 90: chunk_from_chars( 91: 0xbd, 0xae, 0x41, 0xeb, 0x5d, 0xbf, 0x88, 0xb9, 0xdf, 0x18, 92: 0xda, 0xbb, 0x2d, 0xee, 0xa9, 0x1a, 0x4e, 0x03, 0x38, 0xe4), 93: }, 94: /* Test 3 */ 95: { chunk_from_chars( 96: 0x30, 0x2e, 0x02, 0x01, 0x00, 0x30, 0x05, 0x06, 0x03, 0x2b, 97: 0x65, 0x70, 0x04, 0x22, 0x04, 0x20, 0xc5, 0xaa, 0x8d, 0xf4, 98: 0x3f, 0x9f, 0x83, 0x7b, 0xed, 0xb7, 0x44, 0x2f, 0x31, 0xdc, 99: 0xb7, 0xb1, 0x66, 0xd3, 0x85, 0x35,0x07, 0x6f, 0x09, 0x4b, 100: 0x85, 0xce, 0x3a, 0x2e, 0x0b, 0x44, 0x58, 0xf7), 101: chunk_from_chars( 102: 0x30, 0x2a, 0x30, 0x05, 0x06, 0x03, 0x2b, 0x65, 0x70, 0x03, 103: 0x21, 0x00, 0xfc, 0x51, 0xcd, 0x8e, 0x62, 0x18, 0xa1, 0xa3, 104: 0x8d, 0xa4, 0x7e, 0xd0, 0x02, 0x30, 0xf0, 0x58, 0x08, 0x16, 105: 0xed, 0x13, 0xba, 0x33, 0x03, 0xac, 0x5d, 0xeb, 0x91, 0x15, 106: 0x48, 0x90, 0x80, 0x25), 107: chunk_from_chars( 108: 0xaf, 0x82), 109: chunk_from_chars( 110: 0x62, 0x91, 0xd6, 0x57, 0xde, 0xec, 0x24, 0x02, 0x48, 0x27, 111: 0xe6, 0x9c, 0x3a, 0xbe, 0x01, 0xa3, 0x0c, 0xe5, 0x48, 0xa2, 112: 0x84, 0x74, 0x3a, 0x44, 0x5e, 0x36, 0x80, 0xd7, 0xdb, 0x5a, 113: 0xc3, 0xac, 0x18, 0xff, 0x9b, 0x53, 0x8d, 0x16, 0xf2, 0x90, 114: 0xae, 0x67, 0xf7, 0x60, 0x98, 0x4d, 0xc6, 0x59, 0x4a, 0x7c, 115: 0x15, 0xe9, 0x71, 0x6e, 0xd2, 0x8d, 0xc0, 0x27, 0xbe, 0xce, 116: 0xea, 0x1e, 0xc4, 0x0a), 117: chunk_from_chars( 118: 0x88, 0xc7, 0x64, 0xc8, 0xbe, 0x44, 0x37, 0x4a, 0x7d, 0x2f, 119: 0x5d, 0x84, 0x72, 0x1f, 0x8e, 0x32, 0x5e, 0x5b, 0xd6, 0x4c), 120: chunk_from_chars( 121: 0xad, 0x01, 0x30, 0xb1, 0x2b, 0x48, 0x62, 0x9b, 0xb9, 0xad, 122: 0xea, 0x92, 0x1f, 0xfe, 0xd2, 0x9a, 0x42, 0xf0, 0xad, 0xe6), 123: }, 124: /* Test 1024 */ 125: { chunk_from_chars( 126: 0x30, 0x2e, 0x02, 0x01, 0x00, 0x30, 0x05, 0x06, 0x03, 0x2b, 127: 0x65, 0x70, 0x04, 0x22, 0x04, 0x20, 0xf5, 0xe5, 0x76, 0x7c, 128: 0xf1, 0x53, 0x31, 0x95, 0x17, 0x63, 0x0f, 0x22, 0x68, 0x76, 129: 0xb8, 0x6c, 0x81, 0x60, 0xcc, 0x58, 0x3b, 0xc0, 0x13, 0x74, 130: 0x4c, 0x6b, 0xf2, 0x55, 0xf5, 0xcc, 0x0e, 0xe5), 131: chunk_from_chars( 132: 0x30, 0x2a, 0x30, 0x05, 0x06, 0x03, 0x2b, 0x65, 0x70, 0x03, 133: 0x21, 0x00, 0x27, 0x81, 0x17, 0xfc, 0x14, 0x4c, 0x72, 0x34, 134: 0x0f, 0x67, 0xd0, 0xf2, 0x31, 0x6e, 0x83, 0x86, 0xce, 0xff, 135: 0xbf, 0x2b, 0x24, 0x28, 0xc9, 0xc5, 0x1f, 0xef, 0x7c, 0x59, 136: 0x7f, 0x1d, 0x42, 0x6e), 137: chunk_from_chars( 138: 0x08, 0xb8, 0xb2, 0xb7, 0x33, 0x42, 0x42, 0x43, 0x76, 0x0f, 139: 0xe4, 0x26, 0xa4, 0xb5, 0x49, 0x08, 0x63, 0x21, 0x10, 0xa6, 140: 0x6c, 0x2f, 0x65, 0x91, 0xea, 0xbd, 0x33, 0x45, 0xe3, 0xe4, 141: 0xeb, 0x98, 0xfa, 0x6e, 0x26, 0x4b, 0xf0, 0x9e, 0xfe, 0x12, 142: 0xee, 0x50, 0xf8, 0xf5, 0x4e, 0x9f, 0x77, 0xb1, 0xe3, 0x55, 143: 0xf6, 0xc5, 0x05, 0x44, 0xe2, 0x3f, 0xb1, 0x43, 0x3d, 0xdf, 144: 0x73, 0xbe, 0x84, 0xd8, 0x79, 0xde, 0x7c, 0x00, 0x46, 0xdc, 145: 0x49, 0x96, 0xd9, 0xe7, 0x73, 0xf4, 0xbc, 0x9e, 0xfe, 0x57, 146: 0x38, 0x82, 0x9a, 0xdb, 0x26, 0xc8, 0x1b, 0x37, 0xc9, 0x3a, 147: 0x1b, 0x27, 0x0b, 0x20, 0x32, 0x9d, 0x65, 0x86, 0x75, 0xfc, 148: 149: 0x6e, 0xa5, 0x34, 0xe0, 0x81, 0x0a, 0x44, 0x32, 0x82, 0x6b, 150: 0xf5, 0x8c, 0x94, 0x1e, 0xfb, 0x65, 0xd5, 0x7a, 0x33, 0x8b, 151: 0xbd, 0x2e, 0x26, 0x64, 0x0f, 0x89, 0xff, 0xbc, 0x1a, 0x85, 152: 0x8e, 0xfc, 0xb8, 0x55, 0x0e, 0xe3, 0xa5, 0xe1, 0x99, 0x8b, 153: 0xd1, 0x77, 0xe9, 0x3a, 0x73, 0x63, 0xc3, 0x44, 0xfe, 0x6b, 154: 0x19, 0x9e, 0xe5, 0xd0, 0x2e, 0x82, 0xd5, 0x22, 0xc4, 0xfe, 155: 0xba, 0x15, 0x45, 0x2f, 0x80, 0x28, 0x8a, 0x82, 0x1a, 0x57, 156: 0x91, 0x16, 0xec, 0x6d, 0xad, 0x2b, 0x3b, 0x31, 0x0d, 0xa9, 157: 0x03, 0x40, 0x1a, 0xa6, 0x21, 0x00, 0xab, 0x5d, 0x1a, 0x36, 158: 0x55, 0x3e, 0x06, 0x20, 0x3b, 0x33, 0x89, 0x0c, 0xc9, 0xb8, 159: 160: 0x32, 0xf7, 0x9e, 0xf8, 0x05, 0x60, 0xcc, 0xb9, 0xa3, 0x9c, 161: 0xe7, 0x67, 0x96, 0x7e, 0xd6, 0x28, 0xc6, 0xad, 0x57, 0x3c, 162: 0xb1, 0x16, 0xdb, 0xef, 0xef, 0xd7, 0x54, 0x99, 0xda, 0x96, 163: 0xbd, 0x68, 0xa8, 0xa9, 0x7b, 0x92, 0x8a, 0x8b, 0xbc, 0x10, 164: 0x3b, 0x66, 0x21, 0xfc, 0xde, 0x2b, 0xec, 0xa1, 0x23, 0x1d, 165: 0x20, 0x6b, 0xe6, 0xcd, 0x9e, 0xc7, 0xaf, 0xf6, 0xf6, 0xc9, 166: 0x4f, 0xcd, 0x72, 0x04, 0xed, 0x34, 0x55, 0xc6, 0x8c, 0x83, 167: 0xf4, 0xa4, 0x1d, 0xa4, 0xaf, 0x2b, 0x74, 0xef, 0x5c, 0x53, 168: 0xf1, 0xd8, 0xac, 0x70, 0xbd, 0xcb, 0x7e, 0xd1, 0x85, 0xce, 169: 0x81, 0xbd, 0x84, 0x35, 0x9d, 0x44, 0x25, 0x4d, 0x95, 0x62, 170: 171: 0x9e, 0x98, 0x55, 0xa9, 0x4a, 0x7c, 0x19, 0x58, 0xd1, 0xf8, 172: 0xad, 0xa5, 0xd0, 0x53, 0x2e, 0xd8, 0xa5, 0xaa, 0x3f, 0xb2, 173: 0xd1, 0x7b, 0xa7, 0x0e, 0xb6, 0x24, 0x8e, 0x59, 0x4e, 0x1a, 174: 0x22, 0x97, 0xac, 0xbb, 0xb3, 0x9d, 0x50, 0x2f, 0x1a, 0x8c, 175: 0x6e, 0xb6, 0xf1, 0xce, 0x22, 0xb3, 0xde, 0x1a, 0x1f, 0x40, 176: 0xcc, 0x24, 0x55, 0x41, 0x19, 0xa8, 0x31, 0xa9, 0xaa, 0xd6, 177: 0x07, 0x9c, 0xad, 0x88, 0x42, 0x5d, 0xe6, 0xbd, 0xe1, 0xa9, 178: 0x18, 0x7e, 0xbb, 0x60, 0x92, 0xcf, 0x67, 0xbf, 0x2b, 0x13, 179: 0xfd, 0x65, 0xf2, 0x70, 0x88, 0xd7, 0x8b, 0x7e, 0x88, 0x3c, 180: 0x87, 0x59, 0xd2, 0xc4, 0xf5, 0xc6, 0x5a, 0xdb, 0x75, 0x53, 181: 182: 0x87, 0x8a, 0xd5, 0x75, 0xf9, 0xfa, 0xd8, 0x78, 0xe8, 0x0a, 183: 0x0c, 0x9b, 0xa6, 0x3b, 0xcb, 0xcc, 0x27, 0x32, 0xe6, 0x94, 184: 0x85, 0xbb, 0xc9, 0xc9, 0x0b, 0xfb, 0xd6, 0x24, 0x81, 0xd9, 185: 0x08, 0x9b, 0xec, 0xcf, 0x80, 0xcf, 0xe2, 0xdf, 0x16, 0xa2, 186: 0xcf, 0x65, 0xbd, 0x92, 0xdd, 0x59, 0x7b, 0x07, 0x07, 0xe0, 187: 0x91, 0x7a, 0xf4, 0x8b, 0xbb, 0x75, 0xfe, 0xd4, 0x13, 0xd2, 188: 0x38, 0xf5, 0x55, 0x5a, 0x7a, 0x56, 0x9d, 0x80, 0xc3, 0x41, 189: 0x4a, 0x8d, 0x08, 0x59, 0xdc, 0x65, 0xa4, 0x61, 0x28, 0xba, 190: 0xb2, 0x7a, 0xf8, 0x7a, 0x71, 0x31, 0x4f, 0x31, 0x8c, 0x78, 191: 0x2b, 0x23, 0xeb, 0xfe, 0x80, 0x8b, 0x82, 0xb0, 0xce, 0x26, 192: 193: 0x40, 0x1d, 0x2e, 0x22, 0xf0, 0x4d, 0x83, 0xd1, 0x25, 0x5d, 194: 0xc5, 0x1a, 0xdd, 0xd3, 0xb7, 0x5a, 0x2b, 0x1a, 0xe0, 0x78, 195: 0x45, 0x04, 0xdf, 0x54, 0x3a, 0xf8, 0x96, 0x9b, 0xe3, 0xea, 196: 0x70, 0x82, 0xff, 0x7f, 0xc9, 0x88, 0x8c, 0x14, 0x4d, 0xa2, 197: 0xaf, 0x58, 0x42, 0x9e, 0xc9, 0x60, 0x31, 0xdb, 0xca, 0xd3, 198: 0xda, 0xd9, 0xaf, 0x0d, 0xcb, 0xaa, 0xaf, 0x26, 0x8c, 0xb8, 199: 0xfc, 0xff, 0xea, 0xd9, 0x4f, 0x3c, 0x7c, 0xa4, 0x95, 0xe0, 200: 0x56, 0xa9, 0xb4, 0x7a, 0xcd, 0xb7, 0x51, 0xfb, 0x73, 0xe6, 201: 0x66, 0xc6, 0xc6, 0x55, 0xad, 0xe8, 0x29, 0x72, 0x97, 0xd0, 202: 0x7a, 0xd1, 0xba, 0x5e, 0x43, 0xf1, 0xbc, 0xa3, 0x23, 0x01, 203: 204: 0x65, 0x13, 0x39, 0xe2, 0x29, 0x04, 0xcc, 0x8c, 0x42, 0xf5, 205: 0x8c, 0x30, 0xc0, 0x4a, 0xaf, 0xdb, 0x03, 0x8d, 0xda, 0x08, 206: 0x47, 0xdd, 0x98, 0x8d, 0xcd, 0xa6, 0xf3, 0xbf, 0xd1, 0x5c, 207: 0x4b, 0x4c, 0x45, 0x25, 0x00, 0x4a, 0xa0, 0x6e, 0xef, 0xf8, 208: 0xca, 0x61, 0x78, 0x3a, 0xac, 0xec, 0x57, 0xfb, 0x3d, 0x1f, 209: 0x92, 0xb0, 0xfe, 0x2f, 0xd1, 0xa8, 0x5f, 0x67, 0x24, 0x51, 210: 0x7b, 0x65, 0xe6, 0x14, 0xad, 0x68, 0x08, 0xd6, 0xf6, 0xee, 211: 0x34, 0xdf, 0xf7, 0x31, 0x0f, 0xdc, 0x82, 0xae, 0xbf, 0xd9, 212: 0x04, 0xb0, 0x1e, 0x1d, 0xc5, 0x4b, 0x29, 0x27, 0x09, 0x4b, 213: 0x2d, 0xb6, 0x8d, 0x6f, 0x90, 0x3b, 0x68, 0x40, 0x1a, 0xde, 214: 215: 0xbf, 0x5a, 0x7e, 0x08, 0xd7, 0x8f, 0xf4, 0xef, 0x5d, 0x63, 216: 0x65, 0x3a, 0x65, 0x04, 0x0c, 0xf9, 0xbf, 0xd4, 0xac, 0xa7, 217: 0x98, 0x4a, 0x74, 0xd3, 0x71, 0x45, 0x98, 0x67, 0x80, 0xfc, 218: 0x0b, 0x16, 0xac, 0x45, 0x16, 0x49, 0xde, 0x61, 0x88, 0xa7, 219: 0xdb, 0xdf, 0x19, 0x1f, 0x64, 0xb5, 0xfc, 0x5e, 0x2a, 0xb4, 220: 0x7b, 0x57, 0xf7, 0xf7, 0x27, 0x6c, 0xd4, 0x19, 0xc1, 0x7a, 221: 0x3c, 0xa8, 0xe1, 0xb9, 0x39, 0xae, 0x49, 0xe4, 0x88, 0xac, 222: 0xba, 0x6b, 0x96, 0x56, 0x10, 0xb5, 0x48, 0x01, 0x09, 0xc8, 223: 0xb1, 0x7b, 0x80, 0xe1, 0xb7, 0xb7, 0x50, 0xdf, 0xc7, 0x59, 224: 0x8d, 0x5d, 0x50, 0x11, 0xfd, 0x2d, 0xcc, 0x56, 0x00, 0xa3, 225: 226: 0x2e, 0xf5, 0xb5, 0x2a, 0x1e, 0xcc, 0x82, 0x0e, 0x30, 0x8a, 227: 0xa3, 0x42, 0x72, 0x1a, 0xac, 0x09, 0x43, 0xbf, 0x66, 0x86, 228: 0xb6, 0x4b, 0x25, 0x79, 0x37, 0x65, 0x04, 0xcc, 0xc4, 0x93, 229: 0xd9, 0x7e, 0x6a, 0xed, 0x3f, 0xb0, 0xf9, 0xcd, 0x71, 0xa4, 230: 0x3d, 0xd4, 0x97, 0xf0, 0x1f, 0x17, 0xc0, 0xe2, 0xcb, 0x37, 231: 0x97, 0xaa, 0x2a, 0x2f, 0x25, 0x66, 0x56, 0x16, 0x8e, 0x6c, 232: 0x49, 0x6a, 0xfc, 0x5f, 0xb9, 0x32, 0x46, 0xf6, 0xb1, 0x11, 233: 0x63, 0x98, 0xa3, 0x46, 0xf1, 0xa6, 0x41, 0xf3, 0xb0, 0x41, 234: 0xe9, 0x89, 0xf7, 0x91, 0x4f, 0x90, 0xcc, 0x2c, 0x7f, 0xff, 235: 0x35, 0x78, 0x76, 0xe5, 0x06, 0xb5, 0x0d, 0x33, 0x4b, 0xa7, 236: 237: 0x7c, 0x22, 0x5b, 0xc3, 0x07, 0xba, 0x53, 0x71, 0x52, 0xf3, 238: 0xf1, 0x61, 0x0e, 0x4e, 0xaf, 0xe5, 0x95, 0xf6, 0xd9, 0xd9, 239: 0x0d, 0x11, 0xfa, 0xa9, 0x33, 0xa1, 0x5e, 0xf1, 0x36, 0x95, 240: 0x46, 0x86, 0x8a, 0x7f, 0x3a, 0x45, 0xa9, 0x67, 0x68, 0xd4, 241: 0x0f, 0xd9, 0xd0, 0x34, 0x12, 0xc0, 0x91, 0xc6, 0x31, 0x5c, 242: 0xf4, 0xfd, 0xe7, 0xcb, 0x68, 0x60, 0x69, 0x37, 0x38, 0x0d, 243: 0xb2, 0xea, 0xaa, 0x70, 0x7b, 0x4c, 0x41, 0x85, 0xc3, 0x2e, 244: 0xdd, 0xcd, 0xd3, 0x06, 0x70, 0x5e, 0x4d, 0xc1, 0xff, 0xc8, 245: 0x72, 0xee, 0xee, 0x47, 0x5a, 0x64, 0xdf, 0xac, 0x86, 0xab, 246: 0xa4, 0x1c, 0x06, 0x18, 0x98, 0x3f, 0x87, 0x41, 0xc5, 0xef, 247: 248: 0x68, 0xd3, 0xa1, 0x01, 0xe8, 0xa3, 0xb8, 0xca, 0xc6, 0x0c, 249: 0x90, 0x5c, 0x15, 0xfc, 0x91, 0x08, 0x40, 0xb9, 0x4c, 0x00, 250: 0xa0, 0xb9, 0xd0), 251: chunk_from_chars( 252: 0x0a, 0xab, 0x4c, 0x90, 0x05, 0x01, 0xb3, 0xe2, 0x4d, 0x7c, 253: 0xdf, 0x46, 0x63, 0x32, 0x6a, 0x3a, 0x87, 0xdf, 0x5e, 0x48, 254: 0x43, 0xb2, 0xcb, 0xdb, 0x67, 0xcb, 0xf6, 0xe4, 0x60, 0xfe, 255: 0xc3, 0x50, 0xaa, 0x53, 0x71, 0xb1, 0x50, 0x8f, 0x9f, 0x45, 256: 0x28, 0xec, 0xea, 0x23, 0xc4, 0x36, 0xd9, 0x4b, 0x5e, 0x8f, 257: 0xcd, 0x4f, 0x68, 0x1e, 0x30, 0xa6, 0xac, 0x00, 0xa9, 0x70, 258: 0x4a, 0x18, 0x8a, 0x03), 259: chunk_from_chars( 260: 0x11, 0x2d, 0xb3, 0x08, 0x97, 0x6e, 0x38, 0x8f, 0x5f, 0x5e, 261: 0xb0, 0xae, 0x8f, 0x5f, 0x59, 0x1d, 0xff, 0x74, 0xf4, 0x44), 262: chunk_from_chars( 263: 0xcb, 0x36, 0xcc, 0x6a, 0x82, 0x2c, 0x49, 0x40, 0xfb, 0x08, 264: 0x04, 0xf6, 0x3a, 0x4f, 0x20, 0x2b, 0xe5, 0x73, 0x43, 0x2f), 265: }, 266: /* Test SHA(abc) */ 267: { chunk_from_chars( 268: 0x30, 0x2e, 0x02, 0x01, 0x00, 0x30, 0x05, 0x06, 0x03, 0x2b, 269: 0x65, 0x70, 0x04, 0x22, 0x04, 0x20, 0x83, 0x3f, 0xe6, 0x24, 270: 0x09, 0x23, 0x7b, 0x9d, 0x62, 0xec, 0x77, 0x58, 0x75, 0x20, 271: 0x91, 0x1e, 0x9a, 0x75, 0x9c, 0xec, 0x1d, 0x19, 0x75, 0x5b, 272: 0x7d, 0xa9, 0x01, 0xb9, 0x6d, 0xca, 0x3d, 0x42), 273: chunk_from_chars( 274: 0x30, 0x2a, 0x30, 0x05, 0x06, 0x03, 0x2b, 0x65, 0x70, 0x03, 275: 0x21, 0x00, 0xec, 0x17, 0x2b, 0x93, 0xad, 0x5e, 0x56, 0x3b, 276: 0xf4, 0x93, 0x2c, 0x70, 0xe1, 0x24, 0x50, 0x34, 0xc3, 0x54, 277: 0x67, 0xef, 0x2e, 0xfd, 0x4d, 0x64, 0xeb, 0xf8, 0x19, 0x68, 278: 0x34, 0x67, 0xe2, 0xbf), 279: chunk_from_chars( 280: 0xdd, 0xaf, 0x35, 0xa1, 0x93, 0x61, 0x7a, 0xba, 0xcc, 0x41, 281: 0x73, 0x49, 0xae, 0x20, 0x41, 0x31, 0x12, 0xe6, 0xfa, 0x4e, 282: 0x89, 0xa9, 0x7e, 0xa2, 0x0a, 0x9e, 0xee, 0xe6, 0x4b, 0x55, 283: 0xd3, 0x9a, 0x21, 0x92, 0x99, 0x2a, 0x27, 0x4f, 0xc1, 0xa8, 284: 0x36, 0xba, 0x3c, 0x23, 0xa3, 0xfe, 0xeb, 0xbd, 0x45, 0x4d, 285: 0x44, 0x23, 0x64, 0x3c, 0xe8, 0x0e, 0x2a, 0x9a, 0xc9, 0x4f, 286: 0xa5, 0x4c, 0xa4, 0x9f), 287: chunk_from_chars( 288: 0xdc, 0x2a, 0x44, 0x59, 0xe7, 0x36, 0x96, 0x33, 0xa5, 0x2b, 289: 0x1b, 0xf2, 0x77, 0x83, 0x9a, 0x00, 0x20, 0x10, 0x09, 0xa3, 290: 0xef, 0xbf, 0x3e, 0xcb, 0x69, 0xbe, 0xa2, 0x18, 0x6c, 0x26, 291: 0xb5, 0x89, 0x09, 0x35, 0x1f, 0xc9, 0xac, 0x90, 0xb3, 0xec, 292: 0xfd, 0xfb, 0xc7, 0xc6, 0x64, 0x31, 0xe0, 0x30, 0x3d, 0xca, 293: 0x17, 0x9c, 0x13, 0x8a, 0xc1, 0x7a, 0xd9, 0xbe, 0xf1, 0x17, 294: 0x73, 0x31, 0xa7, 0x04), 295: chunk_from_chars( 296: 0x26, 0x4c, 0xa5, 0x7f, 0x89, 0x6d, 0x64, 0x81, 0xd1, 0x87, 297: 0xe9, 0x89, 0x47, 0x29, 0x5a, 0xfe, 0xe3, 0x6d, 0x82, 0x44), 298: chunk_from_chars( 299: 0x27, 0x88, 0xfc, 0x14, 0xb1, 0xcd, 0xd0, 0x24, 0xd5, 0x9d, 300: 0x31, 0x65, 0x59, 0x63, 0x69, 0xcf, 0xaf, 0x50, 0x10, 0xe7), 301: } 302: }; 303: 304: START_TEST(test_ed25519_sign) 305: { 306: private_key_t *key; 307: public_key_t *pubkey, *public; 308: chunk_t sig, encoding, fp; 309: 310: /* load private key */ 311: key = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_ED25519, 312: BUILD_BLOB_ASN1_DER, sig_tests[_i].key, BUILD_END); 313: ck_assert(key != NULL); 314: ck_assert(key->get_encoding(key, PRIVKEY_ASN1_DER, &encoding)); 315: ck_assert_chunk_eq(encoding, sig_tests[_i].key); 316: chunk_free(&encoding); 317: 318: ck_assert(key->get_fingerprint(key, KEYID_PUBKEY_SHA1, &fp)); 319: ck_assert_chunk_eq(sig_tests[_i].fp_pk, fp); 320: ck_assert(key->get_fingerprint(key, KEYID_PUBKEY_INFO_SHA1, &fp)); 321: ck_assert_chunk_eq(sig_tests[_i].fp_spki, fp); 322: 323: /* load public key */ 324: pubkey = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_ED25519, 325: BUILD_BLOB_ASN1_DER, sig_tests[_i].pubkey, BUILD_END); 326: ck_assert(pubkey != NULL); 327: ck_assert(pubkey->get_encoding(pubkey, PUBKEY_SPKI_ASN1_DER, &encoding)); 328: ck_assert_chunk_eq(encoding, sig_tests[_i].pubkey); 329: chunk_free(&encoding); 330: 331: ck_assert(pubkey->get_fingerprint(pubkey, KEYID_PUBKEY_SHA1, &fp)); 332: ck_assert_chunk_eq(sig_tests[_i].fp_pk, fp); 333: ck_assert(pubkey->get_fingerprint(pubkey, KEYID_PUBKEY_INFO_SHA1, &fp)); 334: ck_assert_chunk_eq(sig_tests[_i].fp_spki, fp); 335: 336: /* compare public keys */ 337: public = key->get_public_key(key); 338: ck_assert(public != NULL); 339: ck_assert(public->equals(public, pubkey)); 340: 341: /* sign */ 342: ck_assert(key->sign(key, SIGN_ED25519, NULL, sig_tests[_i].msg, &sig)); 343: ck_assert(sig.len == 64); 344: ck_assert_chunk_eq(sig, sig_tests[_i].sig); 345: 346: /* verify */ 347: ck_assert(pubkey->verify(pubkey, SIGN_ED25519, NULL, sig_tests[_i].msg, 348: sig_tests[_i].sig)); 349: 350: /* cleanup */ 351: key->destroy(key); 352: pubkey->destroy(pubkey); 353: public->destroy(public); 354: chunk_free(&sig); 355: } 356: END_TEST 357: 358: START_TEST(test_ed25519_gen) 359: { 360: private_key_t *key, *key2; 361: public_key_t *pubkey, *pubkey2; 362: chunk_t msg = chunk_from_str("Ed25519"), sig, encoding, fp_priv, fp_pub; 363: 364: /* generate private key */ 365: key = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_ED25519, 366: BUILD_KEY_SIZE, 256, BUILD_END); 367: ck_assert(key != NULL); 368: ck_assert(key->get_type(key) == KEY_ED25519); 369: ck_assert(key->get_keysize(key) == 256); 370: ck_assert(!key->get_encoding(key, PRIVKEY_PGP, &encoding)); 371: ck_assert(key->get_encoding(key, PRIVKEY_PEM, &encoding)); 372: ck_assert(encoding.ptr != NULL); 373: ck_assert(strstr(encoding.ptr, "PRIVATE KEY")); 374: chunk_free(&encoding); 375: 376: /* clone private key */ 377: key2 = key->get_ref(key); 378: ck_assert(key2); 379: key2->destroy(key2); 380: 381: /* decryption not supported */ 382: ck_assert(!key->decrypt(key, ENCRYPT_UNKNOWN, msg, NULL)); 383: 384: /* wrong signature scheme */ 385: ck_assert(!key->sign(key, SIGN_ED448, NULL, msg, &sig)); 386: 387: /* correct signature scheme*/ 388: ck_assert(key->sign(key, SIGN_ED25519, NULL, msg, &sig)); 389: 390: /* export public key */ 391: pubkey = key->get_public_key(key); 392: ck_assert(pubkey != NULL); 393: ck_assert(pubkey->get_type(pubkey) == KEY_ED25519); 394: ck_assert(pubkey->get_keysize(pubkey) == 256); 395: ck_assert(pubkey->get_encoding(pubkey, PUBKEY_PEM, &encoding)); 396: ck_assert(encoding.ptr != NULL); 397: ck_assert(strstr(encoding.ptr, "PUBLIC KEY")); 398: chunk_free(&encoding); 399: 400: /* generate and compare public and private key fingerprints */ 401: ck_assert(!key->get_fingerprint(key, KEYID_PGPV4, &fp_priv)); 402: ck_assert(key->get_fingerprint(key, KEYID_PUBKEY_SHA1, &fp_priv)); 403: ck_assert(key->get_fingerprint(key, KEYID_PUBKEY_SHA1, &fp_priv)); 404: ck_assert(fp_priv.ptr != NULL); 405: ck_assert(!pubkey->get_fingerprint(pubkey, KEYID_PGPV4, &fp_pub)); 406: ck_assert(pubkey->get_fingerprint(pubkey, KEYID_PUBKEY_SHA1, &fp_pub)); 407: ck_assert(pubkey->get_fingerprint(pubkey, KEYID_PUBKEY_SHA1, &fp_pub)); 408: ck_assert(fp_pub.ptr != NULL); 409: ck_assert_chunk_eq(fp_pub, fp_priv); 410: 411: /* clone public key */ 412: pubkey2 = pubkey->get_ref(pubkey); 413: ck_assert(pubkey2 != NULL); 414: pubkey2->destroy(pubkey2); 415: 416: /* encryption not supported */ 417: ck_assert(!pubkey->encrypt(pubkey, ENCRYPT_UNKNOWN, msg, NULL)); 418: 419: /* verify with wrong signature scheme */ 420: ck_assert(!pubkey->verify(pubkey, SIGN_ED448, NULL, msg, sig)); 421: 422: /* verify with correct signature scheme */ 423: ck_assert(pubkey->verify(pubkey, SIGN_ED25519, NULL, msg, sig)); 424: 425: /* cleanup */ 426: key->destroy(key); 427: pubkey->destroy(pubkey); 428: chunk_free(&sig); 429: } 430: END_TEST 431: 432: START_TEST(test_ed25519_speed) 433: { 434: private_key_t *key; 435: public_key_t *pubkey; 436: chunk_t msg = chunk_from_str("Hello Ed25519"), sig; 437: int i, count = 1000; 438: 439: #ifdef HAVE_CLOCK_GETTIME 440: struct timespec start, stop; 441: clock_gettime(CLOCK_THREAD_CPUTIME_ID, &start); 442: #endif 443: 444: for (i = 0; i < count; i++) 445: { 446: key = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_ED25519, 447: BUILD_KEY_SIZE, 256, BUILD_END); 448: ck_assert(key != NULL); 449: ck_assert(key->sign(key, SIGN_ED25519, NULL, msg, &sig)); 450: pubkey = key->get_public_key(key); 451: ck_assert(pubkey != NULL); 452: ck_assert(pubkey->verify(pubkey, SIGN_ED25519, NULL, msg, sig)); 453: key->destroy(key); 454: pubkey->destroy(pubkey); 455: chunk_free(&sig); 456: } 457: 458: #ifdef HAVE_CLOCK_GETTIME 459: clock_gettime(CLOCK_THREAD_CPUTIME_ID, &stop); 460: DBG0(DBG_LIB, "%d Ed25519 keys and signatures in %d ms\n", count, 461: (stop.tv_nsec - start.tv_nsec) / 1000000 + 462: (stop.tv_sec - start.tv_sec) * 1000); 463: #endif 464: } 465: END_TEST 466: 467: static chunk_t zero_pk = chunk_from_chars( 468: 0x30, 0x2a, 0x30, 0x05, 0x06, 0x03, 0x2b, 0x65, 0x70, 0x03, 469: 0x21, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 470: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 471: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 472: 0x00, 0x00, 0x00, 0x00); 473: 474: /* sig_tests[0].sig with s+L */ 475: static chunk_t malleable_sig = chunk_from_chars( 476: 0xe5, 0x56, 0x43, 0x00, 0xc3, 0x60, 0xac, 0x72, 0x90, 0x86, 477: 0xe2, 0xcc, 0x80, 0x6e, 0x82, 0x8a, 0x84, 0x87, 0x7f, 0x1e, 478: 0xb8, 0xe5, 0xd9, 0x74, 0xd8, 0x73, 0xe0, 0x65, 0x22, 0x49, 479: 0x01, 0x55, 0x4c, 0x8c, 0x78, 0x72, 0xaa, 0x06, 0x4e, 0x04, 480: 0x9d, 0xbb, 0x30, 0x13, 0xfb, 0xf2, 0x93, 0x80, 0xd2, 0x5b, 481: 0xf5, 0xf0, 0x59, 0x5b, 0xbe, 0x24, 0x65, 0x51, 0x41, 0x43, 482: 0x8e, 0x7a, 0x10, 0x1b); 483: 484: START_TEST(test_ed25519_fail) 485: { 486: private_key_t *key; 487: public_key_t *pubkey; 488: chunk_t blob, sig; 489: uint8_t sig1[64]; 490: 491: /* Invalid private key format */ 492: key = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_ED25519, 493: BUILD_BLOB_ASN1_DER, chunk_empty, BUILD_END); 494: ck_assert(key == NULL); 495: 496: key = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_ED25519, 497: BUILD_EDDSA_PRIV_ASN1_DER, chunk_empty, BUILD_END); 498: ck_assert(key == NULL); 499: 500: blob = chunk_from_chars(0x04, 0x01, 0x9d); 501: key = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_ED25519, 502: BUILD_EDDSA_PRIV_ASN1_DER, blob, BUILD_END); 503: ck_assert(key == NULL); 504: 505: /* Invalid public key format */ 506: pubkey = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_ED25519, 507: BUILD_BLOB_ASN1_DER, chunk_empty, BUILD_END); 508: ck_assert(pubkey == NULL); 509: 510: blob = chunk_from_chars(0x30, 0x0b, 0x30, 0x05, 0x06, 0x03, 0x2b, 0x65, 511: 0x70, 0x03, 0x02, 0x00, 0xd7); 512: pubkey = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_ED25519, 513: BUILD_BLOB_ASN1_DER, blob, BUILD_END); 514: ck_assert(pubkey == NULL); 515: 516: blob = chunk_from_chars(0x30, 0x0b, 0x30, 0x05, 0x06, 0x03, 0x2b, 0x00, 517: 0x70, 0x03, 0x02, 0x00, 0xd7); 518: pubkey = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_ED25519, 519: BUILD_BLOB_ASN1_DER, blob, BUILD_END); 520: ck_assert(pubkey == NULL); 521: 522: pubkey = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_ED25519, 523: BUILD_KEY_SIZE, 256, BUILD_BLOB_ASN1_DER, blob, BUILD_END); 524: ck_assert(pubkey == NULL); 525: 526: /* Invalid signature format */ 527: pubkey = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_ED25519, 528: BUILD_BLOB_ASN1_DER, sig_tests[0].pubkey, BUILD_END); 529: ck_assert(pubkey != NULL); 530: 531: ck_assert(!pubkey->verify(pubkey, SIGN_ED25519, NULL, chunk_empty, 532: chunk_empty)); 533: 534: /* RFC 8032, section 5.1.7 requires that 0 <= s < L to prevent signature 535: * malleability. Only a warning because Botan, OpenSSL and wolfSSL are 536: * all vulnerable to this. */ 537: if (pubkey->verify(pubkey, SIGN_ED25519, NULL, sig_tests[0].msg, 538: malleable_sig)) 539: { 540: warn("Ed25519 signature verification is vulnerable to malleable " 541: "signatures"); 542: } 543: 544: /* malformed signature */ 545: sig = chunk_create(sig1, 64); 546: memcpy(sig1, sig_tests[0].sig.ptr, 64); 547: sig1[63] |= 0xe0; 548: ck_assert(!pubkey->verify(pubkey, SIGN_ED25519, NULL, sig_tests[0].msg, 549: sig)); 550: 551: /* wrong signature */ 552: memcpy(sig1, sig_tests[0].sig.ptr, 64); 553: sig1[0] = 0xe4; 554: ck_assert(!pubkey->verify(pubkey, SIGN_ED25519, NULL, sig_tests[0].msg, 555: sig)); 556: 557: /* detect all-zeroes public key */ 558: pubkey->destroy(pubkey); 559: pubkey = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_ED25519, 560: BUILD_BLOB_ASN1_DER, zero_pk, BUILD_END); 561: ck_assert(pubkey != NULL); 562: ck_assert(!pubkey->verify(pubkey, SIGN_ED25519, NULL, sig_tests[0].msg, 563: sig)); 564: pubkey->destroy(pubkey); 565: } 566: END_TEST 567: 568: Suite *ed25519_suite_create() 569: { 570: Suite *s; 571: TCase *tc; 572: 573: s = suite_create("ed25519"); 574: 575: tc = tcase_create("ed25519_sign"); 576: tcase_add_loop_test(tc, test_ed25519_sign, 0, countof(sig_tests)); 577: suite_add_tcase(s, tc); 578: 579: tc = tcase_create("ed25519_gen"); 580: tcase_add_test(tc, test_ed25519_gen); 581: suite_add_tcase(s, tc); 582: 583: tc = tcase_create("ed25519_fail"); 584: tcase_add_test(tc, test_ed25519_fail); 585: suite_add_tcase(s, tc); 586: 587: tc = tcase_create("ed25519_speed"); 588: test_case_set_timeout(tc, 10); 589: tcase_add_test(tc, test_ed25519_speed); 590: suite_add_tcase(s, tc); 591: 592: return s; 593: }