Fix the Changelog and extend tests to cover the hash of all-bits zero
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
diff --git a/tests/suites/test_suite_ecdsa.function b/tests/suites/test_suite_ecdsa.function
index e6da884..08bbe63 100644
--- a/tests/suites/test_suite_ecdsa.function
+++ b/tests/suites/test_suite_ecdsa.function
@@ -212,6 +212,7 @@
mbedtls_mpi d, r, s;
mbedtls_test_rnd_pseudo_info rnd_info;
unsigned char buf[MBEDTLS_MD_MAX_SIZE];
+ int test_runs = 2;
mbedtls_ecp_group_init( &grp );
mbedtls_ecp_point_init( &Q );
@@ -219,18 +220,31 @@
memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) );
memset( buf, 0, sizeof( buf ) );
- /* prepare material for signature */
- TEST_ASSERT( mbedtls_test_rnd_pseudo_rand( &rnd_info,
- buf, sizeof( buf ) ) == 0 );
- TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
- TEST_ASSERT( mbedtls_ecp_gen_keypair( &grp, &d, &Q,
- &mbedtls_test_rnd_pseudo_rand,
- &rnd_info ) == 0 );
+ while ( test_runs-- )
+ {
+ /* prepare material for signature */
+ if ( test_runs == 1 )
+ {
+ TEST_ASSERT( mbedtls_test_rnd_pseudo_rand( &rnd_info,
+ buf, sizeof( buf ) )
+ == 0 );
+ } else {
+ TEST_ASSERT( mbedtls_test_rnd_zero_rand( NULL,
+ buf, sizeof( buf ) )
+ == 0 );
+ }
- TEST_ASSERT( mbedtls_ecdsa_sign( &grp, &r, &s, &d, buf, sizeof( buf ),
- &mbedtls_test_rnd_pseudo_rand,
- &rnd_info ) == 0 );
- TEST_ASSERT( mbedtls_ecdsa_verify( &grp, buf, sizeof( buf ), &Q, &r, &s ) == 0 );
+ TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
+ TEST_ASSERT( mbedtls_ecp_gen_keypair( &grp, &d, &Q,
+ &mbedtls_test_rnd_pseudo_rand,
+ &rnd_info ) == 0 );
+
+ TEST_ASSERT( mbedtls_ecdsa_sign( &grp, &r, &s, &d, buf, sizeof( buf ),
+ &mbedtls_test_rnd_pseudo_rand,
+ &rnd_info ) == 0 );
+ TEST_ASSERT( mbedtls_ecdsa_verify( &grp, buf, sizeof( buf ), &Q, &r, &s )
+ == 0 );
+ }
exit:
mbedtls_ecp_group_free( &grp );
@@ -354,56 +368,70 @@
unsigned char hash[32];
unsigned char sig[200];
size_t sig_len, i;
+ int test_runs = 2;
mbedtls_ecdsa_init( &ctx );
memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) );
memset( hash, 0, sizeof( hash ) );
- memset( sig, 0x2a, sizeof( sig ) );
- /* prepare material for signature */
- TEST_ASSERT( mbedtls_test_rnd_pseudo_rand( &rnd_info,
- hash, sizeof( hash ) ) == 0 );
+ while ( test_runs-- )
+ {
+ memset( sig, 0x2a, sizeof( sig ) );
- /* generate signing key */
- TEST_ASSERT( mbedtls_ecdsa_genkey( &ctx, id,
- &mbedtls_test_rnd_pseudo_rand,
- &rnd_info ) == 0 );
+ /* prepare material for signature */
+ if ( test_runs == 1 )
+ {
+ TEST_ASSERT( mbedtls_test_rnd_pseudo_rand( &rnd_info,
+ hash, sizeof( hash ) )
+ == 0 );
+ } else {
+ TEST_ASSERT( mbedtls_test_rnd_zero_rand( NULL,
+ hash, sizeof( hash ) )
+ == 0 );
+ }
- /* generate and write signature, then read and verify it */
- TEST_ASSERT( mbedtls_ecdsa_write_signature( &ctx, MBEDTLS_MD_SHA256,
- hash, sizeof( hash ),
- sig, &sig_len, &mbedtls_test_rnd_pseudo_rand,
- &rnd_info ) == 0 );
- TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ),
- sig, sig_len ) == 0 );
+ /* generate signing key */
+ TEST_ASSERT( mbedtls_ecdsa_genkey( &ctx, id,
+ &mbedtls_test_rnd_pseudo_rand,
+ &rnd_info ) == 0 );
- /* check we didn't write past the announced length */
- for( i = sig_len; i < sizeof( sig ); i++ )
- TEST_ASSERT( sig[i] == 0x2a );
+ /* generate and write signature, then read and verify it */
+ TEST_ASSERT( mbedtls_ecdsa_write_signature( &ctx, MBEDTLS_MD_SHA256,
+ hash, sizeof( hash ),
+ sig, &sig_len, &mbedtls_test_rnd_pseudo_rand,
+ &rnd_info ) == 0 );
- /* try verification with invalid length */
- TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ),
- sig, sig_len - 1 ) != 0 );
- TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ),
- sig, sig_len + 1 ) != 0 );
+ TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ),
+ sig, sig_len ) == 0 );
- /* try invalid sequence tag */
- sig[0]++;
- TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ),
- sig, sig_len ) != 0 );
- sig[0]--;
+ /* check we didn't write past the announced length */
+ for( i = sig_len; i < sizeof( sig ); i++ )
+ TEST_ASSERT( sig[i] == 0x2a );
- /* try modifying r */
- sig[10]++;
- TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ),
- sig, sig_len ) == MBEDTLS_ERR_ECP_VERIFY_FAILED );
- sig[10]--;
+ /* try verification with invalid length */
+ TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ),
+ sig, sig_len - 1 ) != 0 );
+ TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ),
+ sig, sig_len + 1 ) != 0 );
- /* try modifying s */
- sig[sig_len - 1]++;
- TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ),
- sig, sig_len ) == MBEDTLS_ERR_ECP_VERIFY_FAILED );
- sig[sig_len - 1]--;
+ /* try invalid sequence tag */
+ sig[0]++;
+ TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ),
+ sig, sig_len ) != 0 );
+ sig[0]--;
+
+ /* try modifying r */
+ sig[10]++;
+ TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ),
+ sig, sig_len ) == MBEDTLS_ERR_ECP_VERIFY_FAILED );
+ sig[10]--;
+
+ /* try modifying s */
+ sig[sig_len - 1]++;
+ TEST_ASSERT( mbedtls_ecdsa_read_signature( &ctx, hash, sizeof( hash ),
+ sig, sig_len ) == MBEDTLS_ERR_ECP_VERIFY_FAILED );
+ sig[sig_len - 1]--;
+ }
exit:
mbedtls_ecdsa_free( &ctx );