Add some negative testing for ecdsa_verify()
diff --git a/include/mbedtls/ecdsa.h b/include/mbedtls/ecdsa.h
index a277715..259948d 100644
--- a/include/mbedtls/ecdsa.h
+++ b/include/mbedtls/ecdsa.h
@@ -120,7 +120,7 @@
* prescribed by SEC1 4.1.4 step 3.
*
* \return 0 if successful,
- * MBEDTLS_ERR_ECP_BAD_INPUT_DATA if signature is invalid
+ * MBEDTLS_ERR_ECP_VERIFY_FAILED if signature is invalid
* or a MBEDTLS_ERR_ECP_XXX or MBEDTLS_MPI_XXX error code
*/
int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp,
diff --git a/tests/suites/test_suite_ecdsa.function b/tests/suites/test_suite_ecdsa.function
index 88e07a9..491ab43 100644
--- a/tests/suites/test_suite_ecdsa.function
+++ b/tests/suites/test_suite_ecdsa.function
@@ -87,6 +87,16 @@
TEST_ASSERT( mbedtls_ecdsa_verify( &grp, hash, hlen, &Q, &r_check, &s_check ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_sub_int( &r, &r, 1 ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_add_int( &s, &s, 1 ) == 0 );
+
+ TEST_ASSERT( mbedtls_ecdsa_verify( &grp, hash, hlen,
+ &Q, &r, &s_check ) == MBEDTLS_ERR_ECP_VERIFY_FAILED );
+ TEST_ASSERT( mbedtls_ecdsa_verify( &grp, hash, hlen,
+ &Q, &r_check, &s ) == MBEDTLS_ERR_ECP_VERIFY_FAILED );
+ TEST_ASSERT( mbedtls_ecdsa_verify( &grp, hash, hlen,
+ &grp.G, &r_check, &s_check ) == MBEDTLS_ERR_ECP_VERIFY_FAILED );
+
exit:
mbedtls_ecp_group_free( &grp );
mbedtls_ecp_point_free( &Q );
@@ -178,13 +188,13 @@
/* try modifying r */
sig[10]++;
TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ),
- sig, sig_len ) != 0 );
+ sig, sig_len ) == MBEDTLS_ERR_ECP_VERIFY_FAILED );
sig[10]--;
/* try modifying s */
sig[sig_len - 1]++;
TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ),
- sig, sig_len ) != 0 );
+ sig, sig_len ) == MBEDTLS_ERR_ECP_VERIFY_FAILED );
sig[sig_len - 1]--;
exit: