summaryrefslogtreecommitdiffstats
path: root/src/crypto/ecdsa/ecdsa_test.cc
diff options
context:
space:
mode:
Diffstat (limited to 'src/crypto/ecdsa/ecdsa_test.cc')
-rw-r--r--src/crypto/ecdsa/ecdsa_test.cc55
1 files changed, 42 insertions, 13 deletions
diff --git a/src/crypto/ecdsa/ecdsa_test.cc b/src/crypto/ecdsa/ecdsa_test.cc
index a6bd7a1..b916509 100644
--- a/src/crypto/ecdsa/ecdsa_test.cc
+++ b/src/crypto/ecdsa/ecdsa_test.cc
@@ -78,18 +78,13 @@ static bool VerifyECDSASig(Api api, const uint8_t *digest,
switch (api) {
case kEncodedApi: {
- int sig_len = i2d_ECDSA_SIG(ecdsa_sig, NULL);
- if (sig_len <= 0) {
+ uint8_t *der;
+ size_t der_len;
+ if (!ECDSA_SIG_to_bytes(&der, &der_len, ecdsa_sig)) {
return false;
}
- std::vector<uint8_t> signature(static_cast<size_t>(sig_len));
- uint8_t *sig_ptr = bssl::vector_data(&signature);
- sig_len = i2d_ECDSA_SIG(ecdsa_sig, &sig_ptr);
- if (sig_len <= 0) {
- return false;
- }
- actual_result = ECDSA_verify(0, digest, digest_len, bssl::vector_data(&signature),
- signature.size(), eckey);
+ ScopedOpenSSLBytes delete_der(der);
+ actual_result = ECDSA_verify(0, digest, digest_len, der, der_len, eckey);
break;
}
@@ -267,8 +262,8 @@ static bool TestBuiltin(FILE *out) {
fprintf(out, ".");
fflush(out);
// Verify a tampered signature.
- const uint8_t *sig_ptr = bssl::vector_data(&signature);
- ScopedECDSA_SIG ecdsa_sig(d2i_ECDSA_SIG(NULL, &sig_ptr, signature.size()));
+ ScopedECDSA_SIG ecdsa_sig(ECDSA_SIG_from_bytes(
+ bssl::vector_data(&signature), signature.size()));
if (!ecdsa_sig ||
!TestTamperedSig(out, kEncodedApi, digest, 20, ecdsa_sig.get(),
eckey.get(), order.get())) {
@@ -325,11 +320,45 @@ static bool TestBuiltin(FILE *out) {
return true;
}
+static bool TestECDSA_SIG_max_len(size_t order_len) {
+ /* Create the largest possible |ECDSA_SIG| of the given constraints. */
+ ScopedECDSA_SIG sig(ECDSA_SIG_new());
+ if (!sig) {
+ return false;
+ }
+ std::vector<uint8_t> bytes(order_len, 0xff);
+ if (!BN_bin2bn(bssl::vector_data(&bytes), bytes.size(), sig->r) ||
+ !BN_bin2bn(bssl::vector_data(&bytes), bytes.size(), sig->s)) {
+ return false;
+ }
+ /* Serialize it. */
+ uint8_t *der;
+ size_t der_len;
+ if (!ECDSA_SIG_to_bytes(&der, &der_len, sig.get())) {
+ return false;
+ }
+ ScopedOpenSSLBytes delete_der(der);
+
+ size_t max_len = ECDSA_SIG_max_len(order_len);
+ if (max_len != der_len) {
+ fprintf(stderr, "ECDSA_SIG_max_len(%u) returned %u, wanted %u\n",
+ static_cast<unsigned>(order_len), static_cast<unsigned>(max_len),
+ static_cast<unsigned>(der_len));
+ return false;
+ }
+ return true;
+}
+
int main(void) {
CRYPTO_library_init();
ERR_load_crypto_strings();
- if (!TestBuiltin(stdout)) {
+ if (!TestBuiltin(stdout) ||
+ !TestECDSA_SIG_max_len(224/8) ||
+ !TestECDSA_SIG_max_len(256/8) ||
+ !TestECDSA_SIG_max_len(384/8) ||
+ !TestECDSA_SIG_max_len(512/8) ||
+ !TestECDSA_SIG_max_len(10000)) {
printf("\nECDSA test failed\n");
ERR_print_errors_fp(stdout);
return 1;