Add test for ecdsa_read_signature_restartable()
Test values taken from a random signature as generated in
ecdsa_write_read_random() test function
diff --git a/include/mbedtls/ecdsa.h b/include/mbedtls/ecdsa.h
index f09e754..c7b9f27 100644
--- a/include/mbedtls/ecdsa.h
+++ b/include/mbedtls/ecdsa.h
@@ -62,7 +62,7 @@
*/
typedef struct
{
- mbedtls_ecp_restart_ctx rs_ecp; /*!< base context (admin+ecp info) */
+ mbedtls_ecp_restart_ctx ecp; /*!< base context (admin+ecp info) */
} mbedtls_ecdsa_restart_ctx;
#else /* MBEDTLS_ECP_RESTARTABLE */
diff --git a/library/ecdsa.c b/library/ecdsa.c
index 3003812..19f9d5e 100644
--- a/library/ecdsa.c
+++ b/library/ecdsa.c
@@ -476,7 +476,7 @@
*/
void mbedtls_ecdsa_restart_init( mbedtls_ecdsa_restart_ctx *ctx )
{
- mbedtls_ecp_restart_init( &ctx->rs_ecp );
+ mbedtls_ecp_restart_init( &ctx->ecp );
}
/*
@@ -484,7 +484,7 @@
*/
void mbedtls_ecdsa_restart_free( mbedtls_ecdsa_restart_ctx *ctx )
{
- mbedtls_ecp_restart_free( &ctx->rs_ecp );
+ mbedtls_ecp_restart_free( &ctx->ecp );
}
#endif /* MBEDTLS_ECP_RESTARTABLE */
diff --git a/tests/suites/test_suite_ecdsa.data b/tests/suites/test_suite_ecdsa.data
index c0fab76..6ca912a 100644
--- a/tests/suites/test_suite_ecdsa.data
+++ b/tests/suites/test_suite_ecdsa.data
@@ -250,3 +250,6 @@
depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA512_C
ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA512:"test":"13E99020ABF5CEE7525D16B69B229652AB6BDF2AFFCAEF38773B4B7D08725F10CDB93482FDCC54EDCEE91ECA4166B2A7C6265EF0CE2BD7051B7CEF945BABD47EE6D":"1FBD0013C674AA79CB39849527916CE301C66EA7CE8B80682786AD60F98F7E78A19CA69EFF5C57400E3B3A0AD66CE0978214D13BAF4E9AC60752F7B155E2DE4DCE3"
+ECDSA restartable read-verify: restart disabled
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ecdsa_read_restart:MBEDTLS_ECP_DP_SECP256R1:"04e8f573412a810c5f81ecd2d251bb94387e72f28af70dced90ebe75725c97a6428231069c2b1ef78509a22c59044319f6ed3cb750dfe64c2a282b35967a458ad6":"dee9d4d8b0e40a034602d6e638197998060f6e9f353ae1d10c94cd56476d3c92":"304502210098a5a1392abe29e4b0a4da3fefe9af0f8c32e5b839ab52ba6a05da9c3b7edd0f0220596f0e195ae1e58c1e53e9e7f0f030b274348a8c11232101778d89c4943f5ad2":0:0:0
diff --git a/tests/suites/test_suite_ecdsa.function b/tests/suites/test_suite_ecdsa.function
index 491ab43..d5cb654 100644
--- a/tests/suites/test_suite_ecdsa.function
+++ b/tests/suites/test_suite_ecdsa.function
@@ -202,3 +202,65 @@
}
/* END_CASE */
+/* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE */
+void ecdsa_read_restart( int id, char *k_str, char *h_str, char *s_str,
+ int max_ops, int min_restart, int max_restart )
+{
+ mbedtls_ecdsa_context ctx;
+ mbedtls_ecdsa_restart_ctx rs_ctx;
+ unsigned char hash[64];
+ unsigned char sig[200];
+ unsigned char pk[65];
+ size_t sig_len, hash_len, pk_len;
+ int ret, cnt_restart;
+
+ mbedtls_ecdsa_init( &ctx );
+ mbedtls_ecdsa_restart_init( &rs_ctx );
+
+ hash_len = unhexify(hash, h_str);
+ sig_len = unhexify(sig, s_str);
+ pk_len = unhexify(pk, k_str);
+
+ TEST_ASSERT( mbedtls_ecp_group_load( &ctx.grp, id ) == 0 );
+ TEST_ASSERT( mbedtls_ecp_point_read_binary( &ctx.grp, &ctx.Q, pk, pk_len ) == 0 );
+
+ mbedtls_ecp_set_max_ops( max_ops );
+
+ cnt_restart = 0;
+ do {
+ ret = mbedtls_ecdsa_read_signature_restartable( &ctx,
+ hash, hash_len, sig, sig_len, &rs_ctx );
+ } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart );
+
+ TEST_ASSERT( ret == 0 );
+ TEST_ASSERT( cnt_restart >= min_restart );
+ TEST_ASSERT( cnt_restart <= max_restart );
+
+ /* try modifying r */
+ sig[10]++;
+ do {
+ ret = mbedtls_ecdsa_read_signature_restartable( &ctx,
+ hash, hash_len, sig, sig_len, &rs_ctx );
+ } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
+ TEST_ASSERT( ret == MBEDTLS_ERR_ECP_VERIFY_FAILED );
+ sig[10]--;
+
+ /* try modifying s */
+ sig[sig_len - 1]++;
+ do {
+ ret = mbedtls_ecdsa_read_signature_restartable( &ctx,
+ hash, hash_len, sig, sig_len, &rs_ctx );
+ } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
+ TEST_ASSERT( ret == MBEDTLS_ERR_ECP_VERIFY_FAILED );
+ sig[sig_len - 1]--;
+
+ /* do we leak memory when aborting? */
+ ret = mbedtls_ecdsa_read_signature_restartable( &ctx,
+ hash, hash_len, sig, sig_len, &rs_ctx );
+ TEST_ASSERT( ret == 0 || ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
+
+exit:
+ mbedtls_ecdsa_free( &ctx );
+ mbedtls_ecdsa_restart_free( &rs_ctx );
+}
+/* END_CASE */