diff options
| author | tb <> | 2025-09-06 03:57:54 +0000 |
|---|---|---|
| committer | tb <> | 2025-09-06 03:57:54 +0000 |
| commit | 201a639e8893abd78da5bcd170ca7ba6027212ca (patch) | |
| tree | e9dc2ffec8112f175af3e9f01d227d34d7fdbe01 /src | |
| parent | 21ce890cad6ae67e0d52f7bfdc44579df2bfc032 (diff) | |
| download | openbsd-201a639e8893abd78da5bcd170ca7ba6027212ca.tar.gz openbsd-201a639e8893abd78da5bcd170ca7ba6027212ca.tar.bz2 openbsd-201a639e8893abd78da5bcd170ca7ba6027212ca.zip | |
wycheproof: use a cleaner way of dealing with P1363 signature length
Diffstat (limited to 'src')
| -rw-r--r-- | src/regress/lib/libcrypto/wycheproof/wycheproof.go | 16 |
1 files changed, 12 insertions, 4 deletions
diff --git a/src/regress/lib/libcrypto/wycheproof/wycheproof.go b/src/regress/lib/libcrypto/wycheproof/wycheproof.go index 63b8eedb8e..a0ca65d2bf 100644 --- a/src/regress/lib/libcrypto/wycheproof/wycheproof.go +++ b/src/regress/lib/libcrypto/wycheproof/wycheproof.go | |||
| @@ -1,7 +1,7 @@ | |||
| 1 | /* $OpenBSD: wycheproof.go,v 1.181 2025/09/05 14:11:39 tb Exp $ */ | 1 | /* $OpenBSD: wycheproof.go,v 1.182 2025/09/06 03:57:54 tb Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2018,2023 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2018,2023 Joel Sing <jsing@openbsd.org> |
| 4 | * Copyright (c) 2018,2019,2022-2024 Theo Buehler <tb@openbsd.org> | 4 | * Copyright (c) 2018,2019,2022-2025 Theo Buehler <tb@openbsd.org> |
| 5 | * | 5 | * |
| 6 | * Permission to use, copy, modify, and distribute this software for any | 6 | * Permission to use, copy, modify, and distribute this software for any |
| 7 | * purpose with or without fee is hereby granted, provided that the above | 7 | * purpose with or without fee is hereby granted, provided that the above |
| @@ -86,7 +86,6 @@ import ( | |||
| 86 | "path/filepath" | 86 | "path/filepath" |
| 87 | "regexp" | 87 | "regexp" |
| 88 | "runtime" | 88 | "runtime" |
| 89 | "slices" | ||
| 90 | "strings" | 89 | "strings" |
| 91 | "sync" | 90 | "sync" |
| 92 | "unsafe" | 91 | "unsafe" |
| @@ -1860,6 +1859,15 @@ func runECDSATest(ecKey *C.EC_KEY, md *C.EVP_MD, nid int, variant testVariant, w | |||
| 1860 | 1859 | ||
| 1861 | var ret C.int | 1860 | var ret C.int |
| 1862 | if variant == Webcrypto || variant == P1363 { | 1861 | if variant == Webcrypto || variant == P1363 { |
| 1862 | order_bytes := int((C.EC_GROUP_order_bits(C.EC_KEY_get0_group(ecKey)) + 7) / 8) | ||
| 1863 | if len(wt.Sig) / 2 != 2 * order_bytes { | ||
| 1864 | if wt.Result == "valid" { | ||
| 1865 | fmt.Printf("FAIL: %s - incorrect signature length, %d, %d\n", wt, len(wt.Sig) / 2, 2 * order_bytes) | ||
| 1866 | return false | ||
| 1867 | } | ||
| 1868 | return true | ||
| 1869 | } | ||
| 1870 | |||
| 1863 | cDer, derLen := encodeECDSAWebCryptoSig(wt.Sig) | 1871 | cDer, derLen := encodeECDSAWebCryptoSig(wt.Sig) |
| 1864 | if cDer == nil { | 1872 | if cDer == nil { |
| 1865 | fmt.Print("FAIL: unable to decode signature") | 1873 | fmt.Print("FAIL: unable to decode signature") |
| @@ -1876,7 +1884,7 @@ func runECDSATest(ecKey *C.EC_KEY, md *C.EVP_MD, nid int, variant testVariant, w | |||
| 1876 | 1884 | ||
| 1877 | // XXX audit acceptable cases... | 1885 | // XXX audit acceptable cases... |
| 1878 | success := true | 1886 | success := true |
| 1879 | if ret == 1 != (wt.Result == "valid") && wt.Result != "acceptable" && !slices.Contains(wt.Flags, "SignatureSize") { | 1887 | if ret == 1 != (wt.Result == "valid") && wt.Result != "acceptable" { |
| 1880 | fmt.Printf("FAIL: %s - ECDSA_verify() = %d.\n", wt, int(ret)) | 1888 | fmt.Printf("FAIL: %s - ECDSA_verify() = %d.\n", wt, int(ret)) |
| 1881 | success = false | 1889 | success = false |
| 1882 | } | 1890 | } |