1 /*############################################################################
2 # Copyright 2016-2017 Intel Corporation
3 #
4 # Licensed under the Apache License, Version 2.0 (the "License");
5 # you may not use this file except in compliance with the License.
6 # You may obtain a copy of the License at
7 #
8 # http://www.apache.org/licenses/LICENSE-2.0
9 #
10 # Unless required by applicable law or agreed to in writing, software
11 # distributed under the License is distributed on an "AS IS" BASIS,
12 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 # See the License for the specific language governing permissions and
14 # limitations under the License.
15 ############################################################################*/
16
17 /*!
18 * \file
19 * \brief EcdsaVerifyBuffer unit tests.
20 */
21
22 #include <cstdint>
23 #include <vector>
24
25 #include "epid/common-testhelper/epid_gtest-testhelper.h"
26 #include "gtest/gtest.h"
27
28 extern "C" {
29 #include "epid/common/math/ecdsa.h"
30 }
31
32 namespace {
33
34 /// Fill message buffer
35 /*!
36
37 Fill a message buffer
38
39 \param[in] buf
40 pointer to buffer to be filled
41 \param[in] buf_len
42 size of buffer in bytes
43
44 \returns ::EpidStatus
45 */
fill_message(uint8_t * buf,size_t buf_len)46 static EpidStatus fill_message(uint8_t* buf, size_t buf_len) {
47 if (!buf) return kEpidBadArgErr;
48 if (buf_len <= 0) return kEpidBadArgErr;
49 for (size_t n = 0; n < buf_len; n++) {
50 buf[n] = (uint8_t)n;
51 }
52 return kEpidNoErr;
53 }
54 class EcdsaVerifyBufferTest : public ::testing::Test {
55 public:
56 /// an Ecdsa key pair
57 /// Regular
58 static const EcdsaPrivateKey kPrivkey0;
59 static const EcdsaPublicKey kPubkey0;
60 /// an Ecdsa key pair
61 // Regular
62 static const EcdsaPrivateKey kPrivkey1;
63 static const EcdsaPublicKey kPubkey1;
64 /// a message
65 static const std::vector<uint8_t> kMsg0;
66 /// a message
67 static const std::vector<uint8_t> kMsg1;
68 /// signature of msg0 with privkey0
69 static const EcdsaSignature kSig_msg0_key0;
70 /// signature of msg0 with privkey1
71 static const EcdsaSignature kSig_msg0_key1;
72 /// signature of msg1 with privkey0
73 static const EcdsaSignature kSig_msg1_key0;
74 /// signature of msg1 with privkey1
75 static const EcdsaSignature kSig_msg1_key1;
76 /// signature of empty msg with privkey0
77 static const EcdsaSignature kSig_emptymsg_key0;
78 /// signature of empty msg with privkey1
79 static const EcdsaSignature kSig_emptymsg_key1;
80 /// signature of 1M msg with privkey0
81 static const EcdsaSignature kSig_1Mmsg_key0;
82 /// signature of 1M msg with privkey1
83 static const EcdsaSignature kSig_1Mmsg_key1;
84 };
85
86 const EcdsaPrivateKey EcdsaVerifyBufferTest::kPrivkey0 = {
87 0xfc, 0x0e, 0x32, 0x3b, 0x5d, 0xf6, 0x95, 0x43, 0x99, 0x0f, 0x46,
88 0x37, 0xb0, 0x19, 0xb3, 0xbb, 0xba, 0xd5, 0x91, 0x63, 0x2d, 0x4a,
89 0x5a, 0x1e, 0xd8, 0x09, 0x4f, 0x44, 0xa9, 0x5c, 0xd8, 0x87,
90 };
91 const EcdsaPublicKey EcdsaVerifyBufferTest::kPubkey0 = {
92 0x32, 0x05, 0x28, 0x50, 0x53, 0x0c, 0x62, 0xdf, 0x17, 0xc7, 0xcb,
93 0x8c, 0xd3, 0x6f, 0x05, 0xe8, 0xbb, 0xbb, 0x6a, 0xf4, 0x43, 0x82,
94 0x59, 0xad, 0xd2, 0x56, 0x6c, 0x63, 0xde, 0x06, 0x37, 0x69, 0x7b,
95 0x42, 0x9a, 0xda, 0x3c, 0x91, 0xf3, 0xc0, 0xdd, 0xc1, 0xd4, 0x9e,
96 0xc2, 0x24, 0x32, 0x09, 0x07, 0x8c, 0xb9, 0xfc, 0xd8, 0x7b, 0x69,
97 0xf9, 0x17, 0x1e, 0x35, 0xb4, 0x20, 0x23, 0x45, 0x94,
98 };
99
100 const EcdsaPrivateKey EcdsaVerifyBufferTest::kPrivkey1 = {
101 0xd6, 0x5a, 0x82, 0x5d, 0xd4, 0xad, 0x28, 0x6f, 0x09, 0x2c, 0x96,
102 0x07, 0x0a, 0x96, 0xac, 0x13, 0xc9, 0xfd, 0xcf, 0xf0, 0xbe, 0x08,
103 0xcb, 0xbb, 0x4b, 0xba, 0x7e, 0x9e, 0xac, 0x02, 0xe9, 0x7c,
104 };
105 const EcdsaPublicKey EcdsaVerifyBufferTest::kPubkey1 = {
106 0x34, 0xb0, 0x88, 0xcc, 0xb7, 0xf3, 0x56, 0xe0, 0x5c, 0x7c, 0xfc,
107 0x03, 0x5d, 0x62, 0x72, 0xe4, 0x70, 0x08, 0xcd, 0x6f, 0x4b, 0x29,
108 0x0e, 0x2d, 0x86, 0x26, 0x93, 0x52, 0x55, 0xef, 0xb4, 0x45, 0x11,
109 0x07, 0xe9, 0xbe, 0x1e, 0x5d, 0xdb, 0x92, 0x64, 0xb6, 0xbf, 0x67,
110 0x83, 0x1f, 0xde, 0xaa, 0x72, 0x84, 0xe9, 0x27, 0x5c, 0xd5, 0xbc,
111 0x82, 0x07, 0xc9, 0x81, 0xd1, 0x70, 0x07, 0xaa, 0xd5,
112 };
113
114 const std::vector<uint8_t> EcdsaVerifyBufferTest::kMsg0 = {'m', 's', 'g', '0'};
115 const std::vector<uint8_t> EcdsaVerifyBufferTest::kMsg1 = {'m', 's', 'g', '1'};
116
117 const EcdsaSignature EcdsaVerifyBufferTest::kSig_msg0_key0 = {
118 0x81, 0xDD, 0x1A, 0x18, 0x35, 0x1E, 0x22, 0x99, 0x85, 0xC5, 0xAA,
119 0xE4, 0x78, 0x02, 0xC5, 0x65, 0xF1, 0x39, 0x80, 0x45, 0xF5, 0xFC,
120 0xBD, 0xC6, 0x67, 0xBD, 0xC1, 0x93, 0x42, 0xF6, 0x17, 0x0E, 0x45,
121 0x19, 0x39, 0xD3, 0x27, 0x1F, 0xA9, 0x2A, 0x14, 0xDD, 0xF1, 0x5A,
122 0x81, 0xA8, 0xEC, 0x3B, 0xB4, 0x0B, 0xF8, 0xC9, 0x9A, 0x06, 0xEB,
123 0x04, 0x77, 0x19, 0xCB, 0x57, 0x9C, 0xB9, 0xE9, 0x2F,
124 };
125
126 const EcdsaSignature EcdsaVerifyBufferTest::kSig_msg0_key1 = {
127 0xA9, 0xFC, 0x44, 0x2D, 0x09, 0x9E, 0x15, 0x6C, 0x25, 0xD9, 0x74,
128 0x9D, 0xD9, 0xAD, 0xC2, 0x7A, 0xFB, 0xC0, 0xD4, 0xFE, 0xC2, 0x48,
129 0x41, 0x80, 0x47, 0x4A, 0x74, 0x8A, 0x62, 0x71, 0x68, 0xFF, 0x51,
130 0xDF, 0x47, 0x76, 0xAB, 0xD7, 0xE2, 0xA0, 0x97, 0x6B, 0x04, 0x51,
131 0x2B, 0x8F, 0x4D, 0x7E, 0xDB, 0x7B, 0x60, 0x08, 0xC6, 0x51, 0x81,
132 0x5E, 0x92, 0x9E, 0x11, 0xDB, 0x9C, 0x16, 0x64, 0x79,
133 };
134 const EcdsaSignature EcdsaVerifyBufferTest::kSig_msg1_key0 = {
135 0xA4, 0xD7, 0xF9, 0x80, 0xBA, 0x93, 0x25, 0xA4, 0x43, 0xD4, 0xCE,
136 0x6F, 0x7C, 0xD9, 0xA9, 0xD2, 0x24, 0x1B, 0xB8, 0x32, 0xDE, 0xE0,
137 0x26, 0x01, 0xA6, 0xC8, 0x57, 0x21, 0xD7, 0x1E, 0xBC, 0x88, 0xA2,
138 0x27, 0x8B, 0x51, 0x93, 0x90, 0xC0, 0x0A, 0x3B, 0xA4, 0x7A, 0x9B,
139 0x8C, 0x5E, 0xC8, 0x8B, 0x39, 0x5F, 0x3D, 0x82, 0xCE, 0x57, 0x9F,
140 0xF7, 0x9A, 0x32, 0x82, 0xEF, 0xF8, 0xC5, 0x8B, 0x22,
141 };
142
143 const EcdsaSignature EcdsaVerifyBufferTest::kSig_msg1_key1 = {
144 0xC1, 0x0A, 0x01, 0xB3, 0x81, 0x47, 0x02, 0xA4, 0xD2, 0xB1, 0xD6,
145 0xF9, 0x25, 0x1F, 0xDF, 0x16, 0x7F, 0x28, 0x7F, 0x04, 0x38, 0xAE,
146 0x6D, 0x6E, 0xE7, 0xFC, 0xCB, 0x9E, 0xB6, 0xA4, 0xF6, 0x41, 0x2B,
147 0xEA, 0x6B, 0x53, 0x32, 0x7B, 0xB0, 0xB6, 0x8F, 0x21, 0x07, 0x0A,
148 0x4C, 0xB7, 0xA9, 0xDE, 0x9F, 0x27, 0x3A, 0xEE, 0x4F, 0xE2, 0xF4,
149 0xE3, 0x1E, 0xC3, 0x3F, 0xAA, 0x41, 0xD4, 0xFA, 0xA2,
150 };
151
152 const EcdsaSignature EcdsaVerifyBufferTest::kSig_emptymsg_key0 = {
153 0xB7, 0xDC, 0x55, 0x35, 0x12, 0xB9, 0xAE, 0x59, 0xAE, 0xE1, 0xB5,
154 0x50, 0x20, 0x65, 0x18, 0x84, 0x3B, 0x1E, 0x54, 0xF4, 0x11, 0x4B,
155 0x71, 0xBD, 0x12, 0x5E, 0x05, 0x41, 0xAB, 0x6A, 0xF9, 0x20, 0x26,
156 0xC9, 0x2B, 0x21, 0x56, 0x62, 0x3F, 0xC3, 0x62, 0xA0, 0xD2, 0x9D,
157 0x27, 0x97, 0xF8, 0xE2, 0x59, 0xE7, 0x0E, 0x7E, 0xEE, 0xA7, 0xB5,
158 0x11, 0x66, 0xD0, 0xF3, 0x6E, 0x41, 0x76, 0x3C, 0xFE,
159 };
160
161 const EcdsaSignature EcdsaVerifyBufferTest::kSig_emptymsg_key1 = {
162 0xCB, 0xED, 0xEF, 0xEE, 0x11, 0x68, 0x21, 0x7D, 0x57, 0x4A, 0x37,
163 0xB1, 0x96, 0xF0, 0xF8, 0x42, 0x46, 0x00, 0x64, 0xEF, 0x19, 0xA7,
164 0xFF, 0x38, 0x8F, 0x3A, 0x25, 0xD5, 0xC4, 0xF3, 0xD0, 0xC4, 0xB0,
165 0xC4, 0xC5, 0xB0, 0x58, 0xAD, 0x74, 0xF2, 0x19, 0xEE, 0x0C, 0x98,
166 0x6D, 0x5F, 0x4F, 0xB7, 0x9A, 0xE8, 0x25, 0x1B, 0xAD, 0x9E, 0x26,
167 0x22, 0xF2, 0xED, 0xB1, 0x8D, 0x3B, 0x02, 0x7F, 0xB1,
168 };
169 const EcdsaSignature EcdsaVerifyBufferTest::kSig_1Mmsg_key0 = {
170 0x4A, 0x45, 0xE3, 0xA5, 0xFC, 0x73, 0x86, 0xAF, 0xD8, 0x21, 0x25,
171 0x35, 0x13, 0xEB, 0x1B, 0xA7, 0x39, 0x08, 0x21, 0x2A, 0x2A, 0x09,
172 0x79, 0x3C, 0xEA, 0x17, 0x67, 0x53, 0x6C, 0xE4, 0xA0, 0x97, 0x36,
173 0x98, 0x79, 0x69, 0x1C, 0xF1, 0x21, 0x42, 0x56, 0x48, 0x38, 0x35,
174 0x3C, 0xC1, 0x30, 0x7C, 0x49, 0x4F, 0xC9, 0xFA, 0xE1, 0x69, 0xF9,
175 0x42, 0x3D, 0x7D, 0x4B, 0x6D, 0xB1, 0xEE, 0x9D, 0x4B,
176 };
177
178 const EcdsaSignature EcdsaVerifyBufferTest::kSig_1Mmsg_key1 = {
179 0x87, 0xE0, 0x27, 0x51, 0xC1, 0x16, 0x79, 0x8F, 0xCF, 0x82, 0x60,
180 0x48, 0x72, 0x04, 0xE1, 0xC4, 0xDA, 0xEE, 0x31, 0x4D, 0x12, 0xF9,
181 0xCA, 0x19, 0x1B, 0xDC, 0xA4, 0xCA, 0x8C, 0xCC, 0xBD, 0x2A, 0xD4,
182 0x73, 0x2B, 0x6B, 0xE4, 0x9B, 0xA1, 0x56, 0xF2, 0x28, 0x4A, 0xBD,
183 0x41, 0x69, 0x98, 0xAB, 0x62, 0x3D, 0x8D, 0xC9, 0x77, 0xE1, 0x98,
184 0xF1, 0x53, 0xF5, 0xD0, 0x97, 0x80, 0x89, 0xCB, 0x97,
185 };
TEST_F(EcdsaVerifyBufferTest,FailsGivenNullParameters)186 TEST_F(EcdsaVerifyBufferTest, FailsGivenNullParameters) {
187 // tests using a trivial message
188 EXPECT_EQ(kEpidBadArgErr,
189 EcdsaVerifyBuffer(kMsg0.data(), kMsg0.size(), &kPubkey0, nullptr));
190 EXPECT_EQ(kEpidBadArgErr, EcdsaVerifyBuffer(kMsg0.data(), kMsg0.size(),
191 nullptr, &kSig_msg0_key0));
192 // tests using a null message
193 EXPECT_EQ(kEpidBadArgErr, EcdsaVerifyBuffer(nullptr, 0, &kPubkey0, nullptr));
194 EXPECT_EQ(kEpidBadArgErr,
195 EcdsaVerifyBuffer(nullptr, 0, nullptr, &kSig_msg0_key0));
196 }
197
TEST_F(EcdsaVerifyBufferTest,VerifiesZeroLengthMsg)198 TEST_F(EcdsaVerifyBufferTest, VerifiesZeroLengthMsg) {
199 // tests using a non-null message buffer
200 EXPECT_EQ(kEpidSigValid,
201 EcdsaVerifyBuffer(kMsg0.data(), 0, &kPubkey0, &kSig_emptymsg_key0));
202 EXPECT_EQ(kEpidSigValid,
203 EcdsaVerifyBuffer(kMsg0.data(), 0, &kPubkey1, &kSig_emptymsg_key1));
204 // tests using a null message buffer
205 EXPECT_EQ(kEpidSigValid,
206 EcdsaVerifyBuffer(nullptr, 0, &kPubkey0, &kSig_emptymsg_key0));
207 EXPECT_EQ(kEpidSigValid,
208 EcdsaVerifyBuffer(nullptr, 0, &kPubkey1, &kSig_emptymsg_key1));
209 }
210
TEST_F(EcdsaVerifyBufferTest,VerifiesShortMessage)211 TEST_F(EcdsaVerifyBufferTest, VerifiesShortMessage) {
212 EXPECT_EQ(kEpidSigValid, EcdsaVerifyBuffer(kMsg0.data(), kMsg0.size(),
213 &kPubkey0, &kSig_msg0_key0));
214 EXPECT_EQ(kEpidSigValid, EcdsaVerifyBuffer(kMsg0.data(), kMsg0.size(),
215 &kPubkey1, &kSig_msg0_key1));
216 EXPECT_EQ(kEpidSigValid, EcdsaVerifyBuffer(kMsg1.data(), kMsg1.size(),
217 &kPubkey0, &kSig_msg1_key0));
218 EXPECT_EQ(kEpidSigValid, EcdsaVerifyBuffer(kMsg1.data(), kMsg1.size(),
219 &kPubkey1, &kSig_msg1_key1));
220 }
221
TEST_F(EcdsaVerifyBufferTest,VerifiesLongMessage)222 TEST_F(EcdsaVerifyBufferTest, VerifiesLongMessage) {
223 std::vector<uint8_t> msg_1mb(0x100000);
224 fill_message(msg_1mb.data(), msg_1mb.size());
225 EXPECT_EQ(kEpidSigValid, EcdsaVerifyBuffer(msg_1mb.data(), msg_1mb.size(),
226 &kPubkey0, &kSig_1Mmsg_key0));
227 EXPECT_EQ(kEpidSigValid, EcdsaVerifyBuffer(msg_1mb.data(), msg_1mb.size(),
228 &kPubkey1, &kSig_1Mmsg_key1));
229 }
230
TEST_F(EcdsaVerifyBufferTest,FailsGivenWrongKey)231 TEST_F(EcdsaVerifyBufferTest, FailsGivenWrongKey) {
232 EXPECT_EQ(kEpidSigInvalid, EcdsaVerifyBuffer(kMsg0.data(), kMsg0.size(),
233 &kPubkey1, &kSig_msg0_key0));
234 EXPECT_EQ(kEpidSigInvalid, EcdsaVerifyBuffer(kMsg0.data(), kMsg0.size(),
235 &kPubkey0, &kSig_msg0_key1));
236 EXPECT_EQ(kEpidSigInvalid, EcdsaVerifyBuffer(kMsg1.data(), kMsg1.size(),
237 &kPubkey1, &kSig_msg1_key0));
238 EXPECT_EQ(kEpidSigInvalid, EcdsaVerifyBuffer(kMsg1.data(), kMsg1.size(),
239 &kPubkey0, &kSig_msg1_key1));
240 }
241
TEST_F(EcdsaVerifyBufferTest,FailsGivenWrongMsg)242 TEST_F(EcdsaVerifyBufferTest, FailsGivenWrongMsg) {
243 EXPECT_EQ(kEpidSigInvalid, EcdsaVerifyBuffer(kMsg1.data(), kMsg1.size(),
244 &kPubkey0, &kSig_msg0_key0));
245 EXPECT_EQ(kEpidSigInvalid, EcdsaVerifyBuffer(kMsg1.data(), kMsg1.size(),
246 &kPubkey1, &kSig_msg0_key1));
247 EXPECT_EQ(kEpidSigInvalid, EcdsaVerifyBuffer(kMsg0.data(), kMsg0.size(),
248 &kPubkey0, &kSig_msg1_key0));
249 EXPECT_EQ(kEpidSigInvalid, EcdsaVerifyBuffer(kMsg0.data(), kMsg0.size(),
250 &kPubkey1, &kSig_msg1_key1));
251 }
252
TEST_F(EcdsaVerifyBufferTest,FailsGivenInvalidKey)253 TEST_F(EcdsaVerifyBufferTest, FailsGivenInvalidKey) {
254 // define a public key with the high half set to all FF. This will
255 // not be on the curve specified for this API
256 EcdsaPublicKey invalid_pubkey = kPubkey0;
257 for (size_t i = 0; i < sizeof(invalid_pubkey.x); i++) {
258 invalid_pubkey.x.data[i] = 0xff;
259 }
260 EXPECT_EQ(kEpidBadArgErr,
261 EcdsaVerifyBuffer(kMsg0.data(), kMsg0.size(), &invalid_pubkey,
262 &kSig_msg0_key0));
263 EXPECT_EQ(kEpidBadArgErr,
264 EcdsaVerifyBuffer(kMsg1.data(), kMsg1.size(), &invalid_pubkey,
265 &kSig_msg1_key0));
266 }
267
TEST_F(EcdsaVerifyBufferTest,FailsGivenInvalidSignature)268 TEST_F(EcdsaVerifyBufferTest, FailsGivenInvalidSignature) {
269 // define a signature with the high half set to all FF. This will
270 // not be on the curve specified for this API
271 EcdsaSignature invalid_sig = kSig_msg0_key0;
272 for (size_t i = 0; i < sizeof(invalid_sig.x); i++) {
273 invalid_sig.x.data[i] = 0xff;
274 }
275 EXPECT_EQ(kEpidBadArgErr, EcdsaVerifyBuffer(kMsg0.data(), kMsg0.size(),
276 &kPubkey0, &invalid_sig));
277 }
278
279 } // namespace
280