backport wycheproof.t
Karel Miko
6 years ago
6 | 6 | use Test::More; |
7 | 7 | |
8 | 8 | plan skip_all => "No JSON::* module installed" unless eval { require JSON::PP } || eval { require JSON::XS } || eval { require Cpanel::JSON::XS }; |
9 | plan tests => 762; | |
9 | plan tests => 984; | |
10 | 10 | |
11 | 11 | use CryptX; |
12 | 12 | use Crypt::Misc 'read_rawfile'; |
116 | 116 | # do the test |
117 | 117 | my $testname = "type=$type/$sha tcId=$tcId comment='$comment' expected-result=$result"; |
118 | 118 | my $pk = Crypt::PK::DSA->new( \$keyPem ); |
119 | my $valid = $pk->verify_message($sig, $message, $sha); | |
120 | 119 | my $hash = digest_data($sha, $message); |
121 | 120 | my $valid_h = $pk->verify_hash($sig, $hash); |
121 | my $valid = $pk->verify_message($sig, $message, $sha); | |
122 | 122 | if ($result eq 'valid' || $result eq 'acceptable') { |
123 | 123 | ok($valid, $testname); |
124 | 124 | } |
133 | 133 | } |
134 | 134 | |
135 | 135 | if (0) { |
136 | #XXX-TODO: | |
137 | # not ok 749 - type=ECDSAVer/SHA256 tcId=50 comment='appending unused 0's' expected-result=invalid verify_message=1 | |
138 | # not ok 819 - type=ECDSAVer/SHA256 tcId=120 comment='Modified r or s, e.g. by adding or subtracting the order of the group' expected-result=invalid verify_message=1 | |
139 | # not ok 820 - type=ECDSAVer/SHA256 tcId=121 comment='Modified r or s, e.g. by adding or subtracting the order of the group' expected-result=invalid verify_message=1 | |
140 | # not ok 821 - type=ECDSAVer/SHA256 tcId=122 comment='Modified r or s, e.g. by adding or subtracting the order of the group' expected-result=invalid verify_message=1 | |
141 | ||
142 | 136 | use Crypt::PK::ECC; |
143 | 137 | |
144 | 138 | my $tests = CryptX::_decode_json read_rawfile 't/wycheproof/ecdsa_test.json'; |
156 | 150 | my $result = $t->{result}; |
157 | 151 | my $message = pack "H*", $t->{message}; |
158 | 152 | my $sig = pack "H*", $t->{sig}; |
153 | # skip unsupported tests: | |
154 | next if $tcId==9 && $result eq 'acceptable' && $comment eq "BER:long form encoding of length"; | |
155 | next if $tcId==10 && $result eq 'acceptable' && $comment eq "BER:long form encoding of length"; | |
156 | next if $tcId==12 && $result eq 'acceptable' && $comment eq "BER:length contains leading 0"; | |
157 | next if $tcId==13 && $result eq 'acceptable' && $comment eq "BER:length contains leading 0"; | |
158 | next if $tcId==14 && $result eq 'acceptable' && $comment eq "BER:indefinite length"; | |
159 | next if $tcId==15 && $result eq 'acceptable' && $comment eq "BER:prepending 0's to integer"; | |
160 | next if $tcId==16 && $result eq 'acceptable' && $comment eq "BER:prepending 0's to integer"; | |
159 | 161 | # do the test |
160 | 162 | my $testname = "type=$type/$sha tcId=$tcId comment='$comment' expected-result=$result"; |
161 | 163 | my $pk = Crypt::PK::ECC->new( \$keyPem ); |
162 | 164 | my $valid = $pk->verify_message($sig, $message, $sha); |
163 | if ($result eq 'valid') { | |
165 | if ($result eq 'valid' || $result eq 'acceptable') { | |
164 | 166 | ok($valid, "$testname verify_message=$valid"); |
165 | 167 | } |
166 | elsif ($result eq 'acceptable') { | |
167 | #XXX-TODO | |
168 | #ok($valid, "$testname verify_message=$valid"); | |
169 | } | |
170 | 168 | elsif ($result eq 'invalid') { |
171 | 169 | ok(!$valid, "$testname verify_message=$valid"); |
172 | 170 | } |
177 | 175 | } |
178 | 176 | } |
179 | 177 | |
180 | if (0) { | |
178 | if (1) { | |
181 | 179 | use Crypt::PK::ECC; |
182 | 180 | |
183 | 181 | my $tests = CryptX::_decode_json read_rawfile 't/wycheproof/ecdsa_webcrypto_test.json'; |
200 | 198 | # do the test |
201 | 199 | my $testname = "type=$type/$sha tcId=$tcId comment='$comment' expected-result=$result"; |
202 | 200 | my $pk = Crypt::PK::ECC->new( \$keyPem ); |
203 | my $valid = $pk->verify_message($sig, $message, $sha); | |
204 | if ($result eq 'valid') { | |
201 | my $valid = $pk->verify_message_rfc7518($sig, $message, $sha); | |
202 | if ($result eq 'valid' || $result eq 'acceptable') { | |
205 | 203 | ok($valid, "$testname verify_message=$valid"); |
206 | } | |
207 | elsif ($result eq 'acceptable') { | |
208 | #XXX-TODO | |
209 | #ok($valid, "$testname verify_message=$valid"); | |
210 | 204 | } |
211 | 205 | elsif ($result eq 'invalid') { |
212 | 206 | ok(!$valid, "$testname verify_message=$valid"); |