]> git.ipfire.org Git - thirdparty/strongswan.git/blame - src/libstrongswan/tests/suites/test_ed25519.c
projects / thirdparty / strongswan.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
wolfssl: Add wolfSSL plugin for cryptographic implementations
[thirdparty/strongswan.git] / src / libstrongswan / tests / suites / test_ed25519.c
CommitLineData
d47ad3d6
AS		 1/*
2 * Copyright (C) 2016 Andreas Steffen
3 * HSR Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16#include "test_suite.h"
17
d47ad3d6
AS		 18#include <time.h>
19
20typedef struct sig_test_t sig_test_t;
21
22struct sig_test_t {
23 chunk_t key;
24 chunk_t pubkey;
25 chunk_t msg;
26 chunk_t sig;
8d7bf5b0
TB		 27 chunk_t fp_pk;
28 chunk_t fp_spki;
d47ad3d6
AS		 29};
30
31/**
2571898d 32 * Ed25519 Test Vectors from RFC 8032
d47ad3d6
AS		 33 */
34static sig_test_t sig_tests[] = {
35 /* Test 1 */
36 { chunk_from_chars(
37 0x30, 0x2e, 0x02, 0x01, 0x00, 0x30, 0x05, 0x06, 0x03, 0x2b,
38 0x65, 0x70, 0x04, 0x22, 0x04, 0x20, 0x9d, 0x61, 0xb1, 0x9d,
39 0xef, 0xfd, 0x5a, 0x60, 0xba, 0x84, 0x4a, 0xf4, 0x92, 0xec,
40 0x2c, 0xc4, 0x44, 0x49, 0xc5, 0x69, 0x7b, 0x32, 0x69, 0x19,
41 0x70, 0x3b, 0xac, 0x03, 0x1c, 0xae, 0x7f, 0x60),
42 chunk_from_chars(
43 0x30, 0x2a, 0x30, 0x05, 0x06, 0x03, 0x2b, 0x65, 0x70, 0x03,
44 0x21, 0x00, 0xd7, 0x5a, 0x98, 0x01, 0x82, 0xb1, 0x0a, 0xb7,
45 0xd5, 0x4b, 0xfe, 0xd3, 0xc9, 0x64, 0x07, 0x3a, 0x0e, 0xe1,
46 0x72, 0xf3, 0xda, 0xa6, 0x23, 0x25, 0xaf, 0x02, 0x1a, 0x68,
47 0xf7, 0x07, 0x51, 0x1a),
48 { NULL, 0 },
49 chunk_from_chars(
50 0xe5, 0x56, 0x43, 0x00, 0xc3, 0x60, 0xac, 0x72, 0x90, 0x86,
51 0xe2, 0xcc, 0x80, 0x6e, 0x82, 0x8a, 0x84, 0x87, 0x7f, 0x1e,
52 0xb8, 0xe5, 0xd9, 0x74, 0xd8, 0x73, 0xe0, 0x65, 0x22, 0x49,
53 0x01, 0x55, 0x5f, 0xb8, 0x82, 0x15, 0x90, 0xa3, 0x3b, 0xac,
54 0xc6, 0x1e, 0x39, 0x70, 0x1c, 0xf9, 0xb4, 0x6b, 0xd2, 0x5b,
55 0xf5, 0xf0, 0x59, 0x5b, 0xbe, 0x24, 0x65, 0x51, 0x41, 0x43,
8d7bf5b0
TB		 56 0x8e, 0x7a, 0x10, 0x0b),
57 chunk_from_chars(
58 0x5b, 0x27, 0xaa, 0x55, 0x89, 0x17, 0x97, 0x70, 0xe4, 0x75,
59 0x75, 0xb1, 0x62, 0xa1, 0xde, 0xd9, 0x7b, 0x8b, 0xfc, 0x6d),
60 chunk_from_chars(
61 0xa5, 0x66, 0xbe, 0x19, 0x84, 0x01, 0x73, 0x41, 0x3a, 0x61,
62 0x04, 0x83, 0x50, 0xef, 0xf2, 0x3e, 0x8f, 0xe2, 0x22, 0x66),
d47ad3d6
AS		 63 },
64 /* Test 2 */
65 { chunk_from_chars(
66 0x30, 0x2e, 0x02, 0x01, 0x00, 0x30, 0x05, 0x06, 0x03, 0x2b,
67 0x65, 0x70, 0x04, 0x22, 0x04, 0x20, 0x4c, 0xcd, 0x08, 0x9b,
68 0x28, 0xff, 0x96, 0xda, 0x9d, 0xb6, 0xc3, 0x46, 0xec, 0x11,
69 0x4e, 0x0f, 0x5b, 0x8a, 0x31, 0x9f, 0x35, 0xab, 0xa6, 0x24,
70 0xda, 0x8c, 0xf6, 0xed, 0x4f, 0xb8, 0xa6, 0xfb),
71 chunk_from_chars(
72 0x30, 0x2a, 0x30, 0x05, 0x06, 0x03, 0x2b, 0x65, 0x70, 0x03,
73 0x21, 0x00, 0x3d, 0x40, 0x17, 0xc3, 0xe8, 0x43, 0x89, 0x5a,
74 0x92, 0xb7, 0x0a, 0xa7, 0x4d, 0x1b, 0x7e, 0xbc, 0x9c, 0x98,
75 0x2c, 0xcf, 0x2e, 0xc4, 0x96, 0x8c, 0xc0, 0xcd, 0x55, 0xf1,
76 0x2a, 0xf4, 0x66, 0x0c),
77 chunk_from_chars(
78 0x72),
79 chunk_from_chars(
80 0x92, 0xa0, 0x09, 0xa9, 0xf0, 0xd4, 0xca, 0xb8, 0x72, 0x0e,
81 0x82, 0x0b, 0x5f, 0x64, 0x25, 0x40, 0xa2, 0xb2, 0x7b, 0x54,
82 0x16, 0x50, 0x3f, 0x8f, 0xb3, 0x76, 0x22, 0x23, 0xeb, 0xdb,
83 0x69, 0xda, 0x08, 0x5a, 0xc1, 0xe4, 0x3e, 0x15, 0x99, 0x6e,
84 0x45, 0x8f, 0x36, 0x13, 0xd0, 0xf1, 0x1d, 0x8c, 0x38, 0x7b,
85 0x2e, 0xae, 0xb4, 0x30, 0x2a, 0xee, 0xb0, 0x0d, 0x29, 0x16,
8d7bf5b0
TB		 86 0x12, 0xbb, 0x0c, 0x00),
87 chunk_from_chars(
88 0x13, 0xf7, 0x72, 0x66, 0x9e, 0x15, 0x2a, 0xe6, 0xa6, 0x2a,
89 0x60, 0xa3, 0x48, 0x8a, 0x6f, 0x29, 0x7d, 0x06, 0x13, 0xdd),
90 chunk_from_chars(
91 0xbd, 0xae, 0x41, 0xeb, 0x5d, 0xbf, 0x88, 0xb9, 0xdf, 0x18,
92 0xda, 0xbb, 0x2d, 0xee, 0xa9, 0x1a, 0x4e, 0x03, 0x38, 0xe4),
d47ad3d6
AS		 93 },
94 /* Test 3 */
95 { chunk_from_chars(
96 0x30, 0x2e, 0x02, 0x01, 0x00, 0x30, 0x05, 0x06, 0x03, 0x2b,
97 0x65, 0x70, 0x04, 0x22, 0x04, 0x20, 0xc5, 0xaa, 0x8d, 0xf4,
98 0x3f, 0x9f, 0x83, 0x7b, 0xed, 0xb7, 0x44, 0x2f, 0x31, 0xdc,
99 0xb7, 0xb1, 0x66, 0xd3, 0x85, 0x35,0x07, 0x6f, 0x09, 0x4b,
100 0x85, 0xce, 0x3a, 0x2e, 0x0b, 0x44, 0x58, 0xf7),
101 chunk_from_chars(
102 0x30, 0x2a, 0x30, 0x05, 0x06, 0x03, 0x2b, 0x65, 0x70, 0x03,
103 0x21, 0x00, 0xfc, 0x51, 0xcd, 0x8e, 0x62, 0x18, 0xa1, 0xa3,
104 0x8d, 0xa4, 0x7e, 0xd0, 0x02, 0x30, 0xf0, 0x58, 0x08, 0x16,
105 0xed, 0x13, 0xba, 0x33, 0x03, 0xac, 0x5d, 0xeb, 0x91, 0x15,
106 0x48, 0x90, 0x80, 0x25),
107 chunk_from_chars(
108 0xaf, 0x82),
109 chunk_from_chars(
110 0x62, 0x91, 0xd6, 0x57, 0xde, 0xec, 0x24, 0x02, 0x48, 0x27,
111 0xe6, 0x9c, 0x3a, 0xbe, 0x01, 0xa3, 0x0c, 0xe5, 0x48, 0xa2,
112 0x84, 0x74, 0x3a, 0x44, 0x5e, 0x36, 0x80, 0xd7, 0xdb, 0x5a,
113 0xc3, 0xac, 0x18, 0xff, 0x9b, 0x53, 0x8d, 0x16, 0xf2, 0x90,
114 0xae, 0x67, 0xf7, 0x60, 0x98, 0x4d, 0xc6, 0x59, 0x4a, 0x7c,
115 0x15, 0xe9, 0x71, 0x6e, 0xd2, 0x8d, 0xc0, 0x27, 0xbe, 0xce,
8d7bf5b0
TB		 116 0xea, 0x1e, 0xc4, 0x0a),
117 chunk_from_chars(
118 0x88, 0xc7, 0x64, 0xc8, 0xbe, 0x44, 0x37, 0x4a, 0x7d, 0x2f,
119 0x5d, 0x84, 0x72, 0x1f, 0x8e, 0x32, 0x5e, 0x5b, 0xd6, 0x4c),
120 chunk_from_chars(
121 0xad, 0x01, 0x30, 0xb1, 0x2b, 0x48, 0x62, 0x9b, 0xb9, 0xad,
122 0xea, 0x92, 0x1f, 0xfe, 0xd2, 0x9a, 0x42, 0xf0, 0xad, 0xe6),
d47ad3d6
AS		 123 },
124 /* Test 1024 */
125 { chunk_from_chars(
126 0x30, 0x2e, 0x02, 0x01, 0x00, 0x30, 0x05, 0x06, 0x03, 0x2b,
127 0x65, 0x70, 0x04, 0x22, 0x04, 0x20, 0xf5, 0xe5, 0x76, 0x7c,
128 0xf1, 0x53, 0x31, 0x95, 0x17, 0x63, 0x0f, 0x22, 0x68, 0x76,
129 0xb8, 0x6c, 0x81, 0x60, 0xcc, 0x58, 0x3b, 0xc0, 0x13, 0x74,
130 0x4c, 0x6b, 0xf2, 0x55, 0xf5, 0xcc, 0x0e, 0xe5),
131 chunk_from_chars(
132 0x30, 0x2a, 0x30, 0x05, 0x06, 0x03, 0x2b, 0x65, 0x70, 0x03,
133 0x21, 0x00, 0x27, 0x81, 0x17, 0xfc, 0x14, 0x4c, 0x72, 0x34,
134 0x0f, 0x67, 0xd0, 0xf2, 0x31, 0x6e, 0x83, 0x86, 0xce, 0xff,
135 0xbf, 0x2b, 0x24, 0x28, 0xc9, 0xc5, 0x1f, 0xef, 0x7c, 0x59,
136 0x7f, 0x1d, 0x42, 0x6e),
137 chunk_from_chars(
138 0x08, 0xb8, 0xb2, 0xb7, 0x33, 0x42, 0x42, 0x43, 0x76, 0x0f,
139 0xe4, 0x26, 0xa4, 0xb5, 0x49, 0x08, 0x63, 0x21, 0x10, 0xa6,
140 0x6c, 0x2f, 0x65, 0x91, 0xea, 0xbd, 0x33, 0x45, 0xe3, 0xe4,
141 0xeb, 0x98, 0xfa, 0x6e, 0x26, 0x4b, 0xf0, 0x9e, 0xfe, 0x12,
142 0xee, 0x50, 0xf8, 0xf5, 0x4e, 0x9f, 0x77, 0xb1, 0xe3, 0x55,
143 0xf6, 0xc5, 0x05, 0x44, 0xe2, 0x3f, 0xb1, 0x43, 0x3d, 0xdf,
144 0x73, 0xbe, 0x84, 0xd8, 0x79, 0xde, 0x7c, 0x00, 0x46, 0xdc,
145 0x49, 0x96, 0xd9, 0xe7, 0x73, 0xf4, 0xbc, 0x9e, 0xfe, 0x57,
146 0x38, 0x82, 0x9a, 0xdb, 0x26, 0xc8, 0x1b, 0x37, 0xc9, 0x3a,
147 0x1b, 0x27, 0x0b, 0x20, 0x32, 0x9d, 0x65, 0x86, 0x75, 0xfc,
148
149 0x6e, 0xa5, 0x34, 0xe0, 0x81, 0x0a, 0x44, 0x32, 0x82, 0x6b,
150 0xf5, 0x8c, 0x94, 0x1e, 0xfb, 0x65, 0xd5, 0x7a, 0x33, 0x8b,
151 0xbd, 0x2e, 0x26, 0x64, 0x0f, 0x89, 0xff, 0xbc, 0x1a, 0x85,
152 0x8e, 0xfc, 0xb8, 0x55, 0x0e, 0xe3, 0xa5, 0xe1, 0x99, 0x8b,
153 0xd1, 0x77, 0xe9, 0x3a, 0x73, 0x63, 0xc3, 0x44, 0xfe, 0x6b,
154 0x19, 0x9e, 0xe5, 0xd0, 0x2e, 0x82, 0xd5, 0x22, 0xc4, 0xfe,
155 0xba, 0x15, 0x45, 0x2f, 0x80, 0x28, 0x8a, 0x82, 0x1a, 0x57,
156 0x91, 0x16, 0xec, 0x6d, 0xad, 0x2b, 0x3b, 0x31, 0x0d, 0xa9,
157 0x03, 0x40, 0x1a, 0xa6, 0x21, 0x00, 0xab, 0x5d, 0x1a, 0x36,
158 0x55, 0x3e, 0x06, 0x20, 0x3b, 0x33, 0x89, 0x0c, 0xc9, 0xb8,
159
160 0x32, 0xf7, 0x9e, 0xf8, 0x05, 0x60, 0xcc, 0xb9, 0xa3, 0x9c,
161 0xe7, 0x67, 0x96, 0x7e, 0xd6, 0x28, 0xc6, 0xad, 0x57, 0x3c,
162 0xb1, 0x16, 0xdb, 0xef, 0xef, 0xd7, 0x54, 0x99, 0xda, 0x96,
163 0xbd, 0x68, 0xa8, 0xa9, 0x7b, 0x92, 0x8a, 0x8b, 0xbc, 0x10,
164 0x3b, 0x66, 0x21, 0xfc, 0xde, 0x2b, 0xec, 0xa1, 0x23, 0x1d,
165 0x20, 0x6b, 0xe6, 0xcd, 0x9e, 0xc7, 0xaf, 0xf6, 0xf6, 0xc9,
166 0x4f, 0xcd, 0x72, 0x04, 0xed, 0x34, 0x55, 0xc6, 0x8c, 0x83,
167 0xf4, 0xa4, 0x1d, 0xa4, 0xaf, 0x2b, 0x74, 0xef, 0x5c, 0x53,
168 0xf1, 0xd8, 0xac, 0x70, 0xbd, 0xcb, 0x7e, 0xd1, 0x85, 0xce,
169 0x81, 0xbd, 0x84, 0x35, 0x9d, 0x44, 0x25, 0x4d, 0x95, 0x62,
170
171 0x9e, 0x98, 0x55, 0xa9, 0x4a, 0x7c, 0x19, 0x58, 0xd1, 0xf8,
172 0xad, 0xa5, 0xd0, 0x53, 0x2e, 0xd8, 0xa5, 0xaa, 0x3f, 0xb2,
173 0xd1, 0x7b, 0xa7, 0x0e, 0xb6, 0x24, 0x8e, 0x59, 0x4e, 0x1a,
174 0x22, 0x97, 0xac, 0xbb, 0xb3, 0x9d, 0x50, 0x2f, 0x1a, 0x8c,
175 0x6e, 0xb6, 0xf1, 0xce, 0x22, 0xb3, 0xde, 0x1a, 0x1f, 0x40,
176 0xcc, 0x24, 0x55, 0x41, 0x19, 0xa8, 0x31, 0xa9, 0xaa, 0xd6,
177 0x07, 0x9c, 0xad, 0x88, 0x42, 0x5d, 0xe6, 0xbd, 0xe1, 0xa9,
178 0x18, 0x7e, 0xbb, 0x60, 0x92, 0xcf, 0x67, 0xbf, 0x2b, 0x13,
179 0xfd, 0x65, 0xf2, 0x70, 0x88, 0xd7, 0x8b, 0x7e, 0x88, 0x3c,
180 0x87, 0x59, 0xd2, 0xc4, 0xf5, 0xc6, 0x5a, 0xdb, 0x75, 0x53,
181
182 0x87, 0x8a, 0xd5, 0x75, 0xf9, 0xfa, 0xd8, 0x78, 0xe8, 0x0a,
183 0x0c, 0x9b, 0xa6, 0x3b, 0xcb, 0xcc, 0x27, 0x32, 0xe6, 0x94,
184 0x85, 0xbb, 0xc9, 0xc9, 0x0b, 0xfb, 0xd6, 0x24, 0x81, 0xd9,
185 0x08, 0x9b, 0xec, 0xcf, 0x80, 0xcf, 0xe2, 0xdf, 0x16, 0xa2,
186 0xcf, 0x65, 0xbd, 0x92, 0xdd, 0x59, 0x7b, 0x07, 0x07, 0xe0,
187 0x91, 0x7a, 0xf4, 0x8b, 0xbb, 0x75, 0xfe, 0xd4, 0x13, 0xd2,
188 0x38, 0xf5, 0x55, 0x5a, 0x7a, 0x56, 0x9d, 0x80, 0xc3, 0x41,
189 0x4a, 0x8d, 0x08, 0x59, 0xdc, 0x65, 0xa4, 0x61, 0x28, 0xba,
190 0xb2, 0x7a, 0xf8, 0x7a, 0x71, 0x31, 0x4f, 0x31, 0x8c, 0x78,
191 0x2b, 0x23, 0xeb, 0xfe, 0x80, 0x8b, 0x82, 0xb0, 0xce, 0x26,
192
193 0x40, 0x1d, 0x2e, 0x22, 0xf0, 0x4d, 0x83, 0xd1, 0x25, 0x5d,
194 0xc5, 0x1a, 0xdd, 0xd3, 0xb7, 0x5a, 0x2b, 0x1a, 0xe0, 0x78,
195 0x45, 0x04, 0xdf, 0x54, 0x3a, 0xf8, 0x96, 0x9b, 0xe3, 0xea,
196 0x70, 0x82, 0xff, 0x7f, 0xc9, 0x88, 0x8c, 0x14, 0x4d, 0xa2,
197 0xaf, 0x58, 0x42, 0x9e, 0xc9, 0x60, 0x31, 0xdb, 0xca, 0xd3,
198 0xda, 0xd9, 0xaf, 0x0d, 0xcb, 0xaa, 0xaf, 0x26, 0x8c, 0xb8,
199 0xfc, 0xff, 0xea, 0xd9, 0x4f, 0x3c, 0x7c, 0xa4, 0x95, 0xe0,
200 0x56, 0xa9, 0xb4, 0x7a, 0xcd, 0xb7, 0x51, 0xfb, 0x73, 0xe6,
201 0x66, 0xc6, 0xc6, 0x55, 0xad, 0xe8, 0x29, 0x72, 0x97, 0xd0,
202 0x7a, 0xd1, 0xba, 0x5e, 0x43, 0xf1, 0xbc, 0xa3, 0x23, 0x01,
203
204 0x65, 0x13, 0x39, 0xe2, 0x29, 0x04, 0xcc, 0x8c, 0x42, 0xf5,
205 0x8c, 0x30, 0xc0, 0x4a, 0xaf, 0xdb, 0x03, 0x8d, 0xda, 0x08,
206 0x47, 0xdd, 0x98, 0x8d, 0xcd, 0xa6, 0xf3, 0xbf, 0xd1, 0x5c,
207 0x4b, 0x4c, 0x45, 0x25, 0x00, 0x4a, 0xa0, 0x6e, 0xef, 0xf8,
208 0xca, 0x61, 0x78, 0x3a, 0xac, 0xec, 0x57, 0xfb, 0x3d, 0x1f,
209 0x92, 0xb0, 0xfe, 0x2f, 0xd1, 0xa8, 0x5f, 0x67, 0x24, 0x51,
210 0x7b, 0x65, 0xe6, 0x14, 0xad, 0x68, 0x08, 0xd6, 0xf6, 0xee,
211 0x34, 0xdf, 0xf7, 0x31, 0x0f, 0xdc, 0x82, 0xae, 0xbf, 0xd9,
212 0x04, 0xb0, 0x1e, 0x1d, 0xc5, 0x4b, 0x29, 0x27, 0x09, 0x4b,
213 0x2d, 0xb6, 0x8d, 0x6f, 0x90, 0x3b, 0x68, 0x40, 0x1a, 0xde,
214
215 0xbf, 0x5a, 0x7e, 0x08, 0xd7, 0x8f, 0xf4, 0xef, 0x5d, 0x63,
216 0x65, 0x3a, 0x65, 0x04, 0x0c, 0xf9, 0xbf, 0xd4, 0xac, 0xa7,
217 0x98, 0x4a, 0x74, 0xd3, 0x71, 0x45, 0x98, 0x67, 0x80, 0xfc,
218 0x0b, 0x16, 0xac, 0x45, 0x16, 0x49, 0xde, 0x61, 0x88, 0xa7,
219 0xdb, 0xdf, 0x19, 0x1f, 0x64, 0xb5, 0xfc, 0x5e, 0x2a, 0xb4,
220 0x7b, 0x57, 0xf7, 0xf7, 0x27, 0x6c, 0xd4, 0x19, 0xc1, 0x7a,
221 0x3c, 0xa8, 0xe1, 0xb9, 0x39, 0xae, 0x49, 0xe4, 0x88, 0xac,
222 0xba, 0x6b, 0x96, 0x56, 0x10, 0xb5, 0x48, 0x01, 0x09, 0xc8,
223 0xb1, 0x7b, 0x80, 0xe1, 0xb7, 0xb7, 0x50, 0xdf, 0xc7, 0x59,
224 0x8d, 0x5d, 0x50, 0x11, 0xfd, 0x2d, 0xcc, 0x56, 0x00, 0xa3,
225
226 0x2e, 0xf5, 0xb5, 0x2a, 0x1e, 0xcc, 0x82, 0x0e, 0x30, 0x8a,
227 0xa3, 0x42, 0x72, 0x1a, 0xac, 0x09, 0x43, 0xbf, 0x66, 0x86,
228 0xb6, 0x4b, 0x25, 0x79, 0x37, 0x65, 0x04, 0xcc, 0xc4, 0x93,
229 0xd9, 0x7e, 0x6a, 0xed, 0x3f, 0xb0, 0xf9, 0xcd, 0x71, 0xa4,
230 0x3d, 0xd4, 0x97, 0xf0, 0x1f, 0x17, 0xc0, 0xe2, 0xcb, 0x37,
231 0x97, 0xaa, 0x2a, 0x2f, 0x25, 0x66, 0x56, 0x16, 0x8e, 0x6c,
232 0x49, 0x6a, 0xfc, 0x5f, 0xb9, 0x32, 0x46, 0xf6, 0xb1, 0x11,
233 0x63, 0x98, 0xa3, 0x46, 0xf1, 0xa6, 0x41, 0xf3, 0xb0, 0x41,
234 0xe9, 0x89, 0xf7, 0x91, 0x4f, 0x90, 0xcc, 0x2c, 0x7f, 0xff,
235 0x35, 0x78, 0x76, 0xe5, 0x06, 0xb5, 0x0d, 0x33, 0x4b, 0xa7,
236
237 0x7c, 0x22, 0x5b, 0xc3, 0x07, 0xba, 0x53, 0x71, 0x52, 0xf3,
238 0xf1, 0x61, 0x0e, 0x4e, 0xaf, 0xe5, 0x95, 0xf6, 0xd9, 0xd9,
239 0x0d, 0x11, 0xfa, 0xa9, 0x33, 0xa1, 0x5e, 0xf1, 0x36, 0x95,
240 0x46, 0x86, 0x8a, 0x7f, 0x3a, 0x45, 0xa9, 0x67, 0x68, 0xd4,
241 0x0f, 0xd9, 0xd0, 0x34, 0x12, 0xc0, 0x91, 0xc6, 0x31, 0x5c,
242 0xf4, 0xfd, 0xe7, 0xcb, 0x68, 0x60, 0x69, 0x37, 0x38, 0x0d,
243 0xb2, 0xea, 0xaa, 0x70, 0x7b, 0x4c, 0x41, 0x85, 0xc3, 0x2e,
244 0xdd, 0xcd, 0xd3, 0x06, 0x70, 0x5e, 0x4d, 0xc1, 0xff, 0xc8,
245 0x72, 0xee, 0xee, 0x47, 0x5a, 0x64, 0xdf, 0xac, 0x86, 0xab,
246 0xa4, 0x1c, 0x06, 0x18, 0x98, 0x3f, 0x87, 0x41, 0xc5, 0xef,
247
248 0x68, 0xd3, 0xa1, 0x01, 0xe8, 0xa3, 0xb8, 0xca, 0xc6, 0x0c,
249 0x90, 0x5c, 0x15, 0xfc, 0x91, 0x08, 0x40, 0xb9, 0x4c, 0x00,
250 0xa0, 0xb9, 0xd0),
251 chunk_from_chars(
252 0x0a, 0xab, 0x4c, 0x90, 0x05, 0x01, 0xb3, 0xe2, 0x4d, 0x7c,
253 0xdf, 0x46, 0x63, 0x32, 0x6a, 0x3a, 0x87, 0xdf, 0x5e, 0x48,
254 0x43, 0xb2, 0xcb, 0xdb, 0x67, 0xcb, 0xf6, 0xe4, 0x60, 0xfe,
255 0xc3, 0x50, 0xaa, 0x53, 0x71, 0xb1, 0x50, 0x8f, 0x9f, 0x45,
256 0x28, 0xec, 0xea, 0x23, 0xc4, 0x36, 0xd9, 0x4b, 0x5e, 0x8f,
257 0xcd, 0x4f, 0x68, 0x1e, 0x30, 0xa6, 0xac, 0x00, 0xa9, 0x70,
8d7bf5b0
TB		 258 0x4a, 0x18, 0x8a, 0x03),
259 chunk_from_chars(
260 0x11, 0x2d, 0xb3, 0x08, 0x97, 0x6e, 0x38, 0x8f, 0x5f, 0x5e,
261 0xb0, 0xae, 0x8f, 0x5f, 0x59, 0x1d, 0xff, 0x74, 0xf4, 0x44),
262 chunk_from_chars(
263 0xcb, 0x36, 0xcc, 0x6a, 0x82, 0x2c, 0x49, 0x40, 0xfb, 0x08,
264 0x04, 0xf6, 0x3a, 0x4f, 0x20, 0x2b, 0xe5, 0x73, 0x43, 0x2f),
d47ad3d6
AS		 265 },
266 /* Test SHA(abc) */
267 { chunk_from_chars(
268 0x30, 0x2e, 0x02, 0x01, 0x00, 0x30, 0x05, 0x06, 0x03, 0x2b,
269 0x65, 0x70, 0x04, 0x22, 0x04, 0x20, 0x83, 0x3f, 0xe6, 0x24,
270 0x09, 0x23, 0x7b, 0x9d, 0x62, 0xec, 0x77, 0x58, 0x75, 0x20,
271 0x91, 0x1e, 0x9a, 0x75, 0x9c, 0xec, 0x1d, 0x19, 0x75, 0x5b,
272 0x7d, 0xa9, 0x01, 0xb9, 0x6d, 0xca, 0x3d, 0x42),
273 chunk_from_chars(
274 0x30, 0x2a, 0x30, 0x05, 0x06, 0x03, 0x2b, 0x65, 0x70, 0x03,
275 0x21, 0x00, 0xec, 0x17, 0x2b, 0x93, 0xad, 0x5e, 0x56, 0x3b,
276 0xf4, 0x93, 0x2c, 0x70, 0xe1, 0x24, 0x50, 0x34, 0xc3, 0x54,
277 0x67, 0xef, 0x2e, 0xfd, 0x4d, 0x64, 0xeb, 0xf8, 0x19, 0x68,
278 0x34, 0x67, 0xe2, 0xbf),
279 chunk_from_chars(
280 0xdd, 0xaf, 0x35, 0xa1, 0x93, 0x61, 0x7a, 0xba, 0xcc, 0x41,
281 0x73, 0x49, 0xae, 0x20, 0x41, 0x31, 0x12, 0xe6, 0xfa, 0x4e,
282 0x89, 0xa9, 0x7e, 0xa2, 0x0a, 0x9e, 0xee, 0xe6, 0x4b, 0x55,
283 0xd3, 0x9a, 0x21, 0x92, 0x99, 0x2a, 0x27, 0x4f, 0xc1, 0xa8,
284 0x36, 0xba, 0x3c, 0x23, 0xa3, 0xfe, 0xeb, 0xbd, 0x45, 0x4d,
285 0x44, 0x23, 0x64, 0x3c, 0xe8, 0x0e, 0x2a, 0x9a, 0xc9, 0x4f,
286 0xa5, 0x4c, 0xa4, 0x9f),
287 chunk_from_chars(
288 0xdc, 0x2a, 0x44, 0x59, 0xe7, 0x36, 0x96, 0x33, 0xa5, 0x2b,
289 0x1b, 0xf2, 0x77, 0x83, 0x9a, 0x00, 0x20, 0x10, 0x09, 0xa3,
290 0xef, 0xbf, 0x3e, 0xcb, 0x69, 0xbe, 0xa2, 0x18, 0x6c, 0x26,
291 0xb5, 0x89, 0x09, 0x35, 0x1f, 0xc9, 0xac, 0x90, 0xb3, 0xec,
292 0xfd, 0xfb, 0xc7, 0xc6, 0x64, 0x31, 0xe0, 0x30, 0x3d, 0xca,
293 0x17, 0x9c, 0x13, 0x8a, 0xc1, 0x7a, 0xd9, 0xbe, 0xf1, 0x17,
8d7bf5b0
TB		 294 0x73, 0x31, 0xa7, 0x04),
295 chunk_from_chars(
296 0x26, 0x4c, 0xa5, 0x7f, 0x89, 0x6d, 0x64, 0x81, 0xd1, 0x87,
297 0xe9, 0x89, 0x47, 0x29, 0x5a, 0xfe, 0xe3, 0x6d, 0x82, 0x44),
298 chunk_from_chars(
299 0x27, 0x88, 0xfc, 0x14, 0xb1, 0xcd, 0xd0, 0x24, 0xd5, 0x9d,
300 0x31, 0x65, 0x59, 0x63, 0x69, 0xcf, 0xaf, 0x50, 0x10, 0xe7),
d47ad3d6
AS		 301 }
302};
303
4f19112b 304START_TEST(test_ed25519_sign)
d47ad3d6
AS		 305{
306 private_key_t *key;
307 public_key_t *pubkey, *public;
8d7bf5b0 308 chunk_t sig, encoding, fp;
d47ad3d6
AS		 309
310 /* load private key */
311 key = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_ED25519,
312 BUILD_BLOB_ASN1_DER, sig_tests[_i].key, BUILD_END);
313 ck_assert(key != NULL);
314 ck_assert(key->get_encoding(key, PRIVKEY_ASN1_DER, &encoding));
cbf07ab5 315 ck_assert_chunk_eq(encoding, sig_tests[_i].key);
d47ad3d6
AS		 316 chunk_free(&encoding);
317
8d7bf5b0
TB		 318 ck_assert(key->get_fingerprint(key, KEYID_PUBKEY_SHA1, &fp));
319 ck_assert_chunk_eq(sig_tests[_i].fp_pk, fp);
320 ck_assert(key->get_fingerprint(key, KEYID_PUBKEY_INFO_SHA1, &fp));
321 ck_assert_chunk_eq(sig_tests[_i].fp_spki, fp);
322
d47ad3d6
AS		 323 /* load public key */
324 pubkey = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_ED25519,
325 BUILD_BLOB_ASN1_DER, sig_tests[_i].pubkey, BUILD_END);
326 ck_assert(pubkey != NULL);
327 ck_assert(pubkey->get_encoding(pubkey, PUBKEY_SPKI_ASN1_DER, &encoding));
cbf07ab5 328 ck_assert_chunk_eq(encoding, sig_tests[_i].pubkey);
d47ad3d6
AS		 329 chunk_free(&encoding);
330
8d7bf5b0
TB		 331 ck_assert(pubkey->get_fingerprint(pubkey, KEYID_PUBKEY_SHA1, &fp));
332 ck_assert_chunk_eq(sig_tests[_i].fp_pk, fp);
333 ck_assert(pubkey->get_fingerprint(pubkey, KEYID_PUBKEY_INFO_SHA1, &fp));
334 ck_assert_chunk_eq(sig_tests[_i].fp_spki, fp);
335
d47ad3d6
AS		 336 /* compare public keys */
337 public = key->get_public_key(key);
338 ck_assert(public != NULL);
339 ck_assert(public->equals(public, pubkey));
340
341 /* sign */
de280c2e 342 ck_assert(key->sign(key, SIGN_ED25519, NULL, sig_tests[_i].msg, &sig));
d47ad3d6 343 ck_assert(sig.len == 64);
cbf07ab5 344 ck_assert_chunk_eq(sig, sig_tests[_i].sig);
d47ad3d6
AS		 345
346 /* verify */
a413571f
TB		 347 ck_assert(pubkey->verify(pubkey, SIGN_ED25519, NULL, sig_tests[_i].msg,
348 sig_tests[_i].sig));
d47ad3d6
AS		 349
350 /* cleanup */
351 key->destroy(key);
352 pubkey->destroy(pubkey);
353 public->destroy(public);
354 chunk_free(&sig);
355}
356END_TEST
357
4f19112b 358START_TEST(test_ed25519_gen)
d47ad3d6
AS		 359{
360 private_key_t *key, *key2;
361 public_key_t *pubkey, *pubkey2;
362 chunk_t msg = chunk_from_str("Ed25519"), sig, encoding, fp_priv, fp_pub;
363
364 /* generate private key */
365 key = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_ED25519,
366 BUILD_KEY_SIZE, 256, BUILD_END);
367 ck_assert(key != NULL);
368 ck_assert(key->get_type(key) == KEY_ED25519);
369 ck_assert(key->get_keysize(key) == 256);
370 ck_assert(!key->get_encoding(key, PRIVKEY_PGP, &encoding));
371 ck_assert(key->get_encoding(key, PRIVKEY_PEM, &encoding));
372 ck_assert(encoding.ptr != NULL);
373 ck_assert(strstr(encoding.ptr, "PRIVATE KEY"));
374 chunk_free(&encoding);
375
376 /* clone private key */
377 key2 = key->get_ref(key);
378 ck_assert(key2);
379 key2->destroy(key2);
380
381 /* decryption not supported */
382 ck_assert(!key->decrypt(key, ENCRYPT_UNKNOWN, msg, NULL));
383
384 /* wrong signature scheme */
de280c2e 385 ck_assert(!key->sign(key, SIGN_ED448, NULL, msg, &sig));
d47ad3d6
AS		 386
387 /* correct signature scheme*/
de280c2e 388 ck_assert(key->sign(key, SIGN_ED25519, NULL, msg, &sig));
d47ad3d6
AS		 389
390 /* export public key */
391 pubkey = key->get_public_key(key);
392 ck_assert(pubkey != NULL);
393 ck_assert(pubkey->get_type(pubkey) == KEY_ED25519);
394 ck_assert(pubkey->get_keysize(pubkey) == 256);
395 ck_assert(pubkey->get_encoding(pubkey, PUBKEY_PEM, &encoding));
396 ck_assert(encoding.ptr != NULL);
397 ck_assert(strstr(encoding.ptr, "PUBLIC KEY"));
398 chunk_free(&encoding);
399
400 /* generate and compare public and private key fingerprints */
401 ck_assert(!key->get_fingerprint(key, KEYID_PGPV4, &fp_priv));
402 ck_assert(key->get_fingerprint(key, KEYID_PUBKEY_SHA1, &fp_priv));
403 ck_assert(key->get_fingerprint(key, KEYID_PUBKEY_SHA1, &fp_priv));
404 ck_assert(fp_priv.ptr != NULL);
405 ck_assert(!pubkey->get_fingerprint(pubkey, KEYID_PGPV4, &fp_pub));
406 ck_assert(pubkey->get_fingerprint(pubkey, KEYID_PUBKEY_SHA1, &fp_pub));
407 ck_assert(pubkey->get_fingerprint(pubkey, KEYID_PUBKEY_SHA1, &fp_pub));
408 ck_assert(fp_pub.ptr != NULL);
cbf07ab5 409 ck_assert_chunk_eq(fp_pub, fp_priv);
d47ad3d6
AS		 410
411 /* clone public key */
412 pubkey2 = pubkey->get_ref(pubkey);
413 ck_assert(pubkey2 != NULL);
414 pubkey2->destroy(pubkey2);
415
416 /* encryption not supported */
417 ck_assert(!pubkey->encrypt(pubkey, ENCRYPT_UNKNOWN, msg, NULL));
418
419 /* verify with wrong signature scheme */
a413571f 420 ck_assert(!pubkey->verify(pubkey, SIGN_ED448, NULL, msg, sig));
d47ad3d6
AS		 421
422 /* verify with correct signature scheme */
a413571f 423 ck_assert(pubkey->verify(pubkey, SIGN_ED25519, NULL, msg, sig));
d47ad3d6
AS		 424
425 /* cleanup */
426 key->destroy(key);
427 pubkey->destroy(pubkey);
428 chunk_free(&sig);
429}
430END_TEST
431
4f19112b 432START_TEST(test_ed25519_speed)
d47ad3d6
AS		 433{
434 private_key_t *key;
435 public_key_t *pubkey;
436 chunk_t msg = chunk_from_str("Hello Ed25519"), sig;
d47ad3d6
AS		 437 int i, count = 1000;
438
4f19112b
AS		 439#ifdef HAVE_CLOCK_GETTIME
440 struct timespec start, stop;
d47ad3d6 441 clock_gettime(CLOCK_THREAD_CPUTIME_ID, &start);
4f19112b
AS		 442#endif
443
d47ad3d6
AS		 444 for (i = 0; i < count; i++)
445 {
446 key = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_ED25519,
447 BUILD_KEY_SIZE, 256, BUILD_END);
448 ck_assert(key != NULL);
de280c2e 449 ck_assert(key->sign(key, SIGN_ED25519, NULL, msg, &sig));
d47ad3d6
AS		 450 pubkey = key->get_public_key(key);
451 ck_assert(pubkey != NULL);
a413571f 452 ck_assert(pubkey->verify(pubkey, SIGN_ED25519, NULL, msg, sig));
d47ad3d6
AS		 453 key->destroy(key);
454 pubkey->destroy(pubkey);
455 chunk_free(&sig);
456 }
d47ad3d6 457
4f19112b
AS		 458#ifdef HAVE_CLOCK_GETTIME
459 clock_gettime(CLOCK_THREAD_CPUTIME_ID, &stop);
d47ad3d6
AS		 460 DBG0(DBG_LIB, "%d Ed25519 keys and signatures in %d ms\n", count,
461 (stop.tv_nsec - start.tv_nsec) / 1000000 +
462 (stop.tv_sec - start.tv_sec) * 1000);
4f19112b 463#endif
d47ad3d6
AS		 464}
465END_TEST
466
467static chunk_t zero_pk = chunk_from_chars(
468 0x30, 0x2a, 0x30, 0x05, 0x06, 0x03, 0x2b, 0x65, 0x70, 0x03,
469 0x21, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
470 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
471 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
472 0x00, 0x00, 0x00, 0x00);
473
2571898d
TB		 474/* sig_tests[0].sig with s+L */
475static chunk_t malleable_sig = chunk_from_chars(
476 0xe5, 0x56, 0x43, 0x00, 0xc3, 0x60, 0xac, 0x72, 0x90, 0x86,
477 0xe2, 0xcc, 0x80, 0x6e, 0x82, 0x8a, 0x84, 0x87, 0x7f, 0x1e,
478 0xb8, 0xe5, 0xd9, 0x74, 0xd8, 0x73, 0xe0, 0x65, 0x22, 0x49,
479 0x01, 0x55, 0x4c, 0x8c, 0x78, 0x72, 0xaa, 0x06, 0x4e, 0x04,
480 0x9d, 0xbb, 0x30, 0x13, 0xfb, 0xf2, 0x93, 0x80, 0xd2, 0x5b,
481 0xf5, 0xf0, 0x59, 0x5b, 0xbe, 0x24, 0x65, 0x51, 0x41, 0x43,
482 0x8e, 0x7a, 0x10, 0x1b);
483
4f19112b 484START_TEST(test_ed25519_fail)
d47ad3d6
AS		 485{
486 private_key_t *key;
487 public_key_t *pubkey;
488 chunk_t blob, sig;
489 uint8_t sig1[64];
490
491 /* Invalid private key format */
492 key = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_ED25519,
493 BUILD_BLOB_ASN1_DER, chunk_empty, BUILD_END);
494 ck_assert(key == NULL);
495
496 key = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_ED25519,
497 BUILD_EDDSA_PRIV_ASN1_DER, chunk_empty, BUILD_END);
498 ck_assert(key == NULL);
499
500 blob = chunk_from_chars(0x04, 0x01, 0x9d);
501 key = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_ED25519,
502 BUILD_EDDSA_PRIV_ASN1_DER, blob, BUILD_END);
503 ck_assert(key == NULL);
504
505 /* Invalid public key format */
506 pubkey = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_ED25519,
507 BUILD_BLOB_ASN1_DER, chunk_empty, BUILD_END);
508 ck_assert(pubkey == NULL);
509
510 blob = chunk_from_chars(0x30, 0x0b, 0x30, 0x05, 0x06, 0x03, 0x2b, 0x65,
511 0x70, 0x03, 0x02, 0x00, 0xd7);
512 pubkey = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_ED25519,
513 BUILD_BLOB_ASN1_DER, blob, BUILD_END);
514 ck_assert(pubkey == NULL);
515
516 blob = chunk_from_chars(0x30, 0x0b, 0x30, 0x05, 0x06, 0x03, 0x2b, 0x00,
517 0x70, 0x03, 0x02, 0x00, 0xd7);
518 pubkey = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_ED25519,
519 BUILD_BLOB_ASN1_DER, blob, BUILD_END);
520 ck_assert(pubkey == NULL);
521
522 pubkey = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_ED25519,
523 BUILD_KEY_SIZE, 256, BUILD_BLOB_ASN1_DER, blob, BUILD_END);
524 ck_assert(pubkey == NULL);
525
526 /* Invalid signature format */
527 pubkey = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_ED25519,
528 BUILD_BLOB_ASN1_DER, sig_tests[0].pubkey, BUILD_END);
529 ck_assert(pubkey != NULL);
530
a413571f
TB		 531 ck_assert(!pubkey->verify(pubkey, SIGN_ED25519, NULL, chunk_empty,
532 chunk_empty));
d47ad3d6 533
2571898d 534 /* RFC 8032, section 5.1.7 requires that 0 <= s < L to prevent signature
c92eade8
SP		 535 * malleability. Only a warning because Botan, OpenSSL and wolfSSL are
536 * all vulnerable to this. */
2571898d
TB		 537 if (pubkey->verify(pubkey, SIGN_ED25519, NULL, sig_tests[0].msg,
538 malleable_sig))
539 {
540 warn("Ed25519 signature verification is vulnerable to malleable "
541 "signatures");
542 }
543
d47ad3d6
AS		 544 /* malformed signature */
545 sig = chunk_create(sig1, 64);
546 memcpy(sig1, sig_tests[0].sig.ptr, 64);
547 sig1[63] |= 0xe0;
a413571f
TB		 548 ck_assert(!pubkey->verify(pubkey, SIGN_ED25519, NULL, sig_tests[0].msg,
549 sig));
d47ad3d6
AS		 550
551 /* wrong signature */
552 memcpy(sig1, sig_tests[0].sig.ptr, 64);
553 sig1[0] = 0xe4;
a413571f
TB		 554 ck_assert(!pubkey->verify(pubkey, SIGN_ED25519, NULL, sig_tests[0].msg,
555 sig));
d47ad3d6
AS		 556
557 /* detect all-zeroes public key */
558 pubkey->destroy(pubkey);
559 pubkey = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_ED25519,
560 BUILD_BLOB_ASN1_DER, zero_pk, BUILD_END);
561 ck_assert(pubkey != NULL);
a413571f
TB		 562 ck_assert(!pubkey->verify(pubkey, SIGN_ED25519, NULL, sig_tests[0].msg,
563 sig));
d47ad3d6
AS		 564 pubkey->destroy(pubkey);
565}
566END_TEST
567
4f19112b 568Suite *ed25519_suite_create()
d47ad3d6
AS		 569{
570 Suite *s;
571 TCase *tc;
572
4f19112b 573 s = suite_create("ed25519");
d47ad3d6
AS		 574
575 tc = tcase_create("ed25519_sign");
4f19112b 576 tcase_add_loop_test(tc, test_ed25519_sign, 0, countof(sig_tests));
d47ad3d6
AS		 577 suite_add_tcase(s, tc);
578
579 tc = tcase_create("ed25519_gen");
4f19112b 580 tcase_add_test(tc, test_ed25519_gen);
d47ad3d6
AS		 581 suite_add_tcase(s, tc);
582
583 tc = tcase_create("ed25519_fail");
4f19112b 584 tcase_add_test(tc, test_ed25519_fail);
d47ad3d6
AS		 585 suite_add_tcase(s, tc);
586
587 tc = tcase_create("ed25519_speed");
588 test_case_set_timeout(tc, 10);
4f19112b 589 tcase_add_test(tc, test_ed25519_speed);
d47ad3d6
AS		 590 suite_add_tcase(s, tc);
591
592 return s;
593}
Unnamed repository; edit this file 'description' to name the repository.