From eabf434a480026997a899b1b104011fef9a5219f Mon Sep 17 00:00:00 2001 From: EinMByte Date: Sat, 29 Aug 2015 23:21:32 +0200 Subject: [PATCH] Add tests for EdDSA25519, fix Verifier. --- core/crypto/EdDSA25519.cpp | 4 +- core/crypto/EdDSA25519.h | 2 +- core/crypto/ed25519/crypto_verify_32.h | 2 +- core/crypto/ed25519/open.cpp | 1 - tests/Crypto.cpp | 104 +++++++++++++++++++++++++ 5 files changed, 108 insertions(+), 5 deletions(-) diff --git a/core/crypto/EdDSA25519.cpp b/core/crypto/EdDSA25519.cpp index e954e058..2a97d88e 100644 --- a/core/crypto/EdDSA25519.cpp +++ b/core/crypto/EdDSA25519.cpp @@ -14,7 +14,7 @@ EDDSA25519Verifier::EDDSA25519Verifier(const uint8_t* signingKey) bool EDDSA25519Verifier::Verify(const uint8_t* buf, size_t len, const uint8_t* signature) const { - return ed25519_ref10_open(signature, buf, len, m_PublicKey) > 0; + return ed25519_ref10_open(signature, buf, len, m_PublicKey) >= 0; } size_t EDDSA25519Verifier::GetPublicKeyLen() const @@ -35,7 +35,7 @@ EDDSA25519Signer::EDDSA25519Signer(const uint8_t* signingPrivateKey) ed25519_ref10_pubkey(m_PublicKey, m_PrivateKey); } -void EDDSA25519Signer::Sign(CryptoPP::RandomNumberGenerator& rnd, const uint8_t* buf, int len, uint8_t* signature) const +void EDDSA25519Signer::Sign(CryptoPP::RandomNumberGenerator&, const uint8_t* buf, int len, uint8_t* signature) const { ed25519_ref10_sign(signature, buf, len, m_PrivateKey, m_PublicKey); } diff --git a/core/crypto/EdDSA25519.h b/core/crypto/EdDSA25519.h index f6951014..89b2c769 100644 --- a/core/crypto/EdDSA25519.h +++ b/core/crypto/EdDSA25519.h @@ -37,7 +37,7 @@ public: * @todo do not pass random number generator, EdDSA does not require a random * source */ - void Sign(CryptoPP::RandomNumberGenerator& rnd, const uint8_t* buf, int len, uint8_t* signature) const; + void Sign(CryptoPP::RandomNumberGenerator&, const uint8_t* buf, int len, uint8_t* signature) const; uint8_t m_PrivateKey[EDDSA25519_PRIVATE_KEY_LENGTH]; uint8_t m_PublicKey[EDDSA25519_PUBLIC_KEY_LENGTH]; diff --git a/core/crypto/ed25519/crypto_verify_32.h b/core/crypto/ed25519/crypto_verify_32.h index 11dfbacc..6fb00c59 100644 --- a/core/crypto/ed25519/crypto_verify_32.h +++ b/core/crypto/ed25519/crypto_verify_32.h @@ -1,3 +1,3 @@ #include -#define crypto_verify_32(a,b) (std::memcmp((a), (b), 32) == 0) +#define crypto_verify_32(a,b) (!!std::memcmp((a), (b), 32)) diff --git a/core/crypto/ed25519/open.cpp b/core/crypto/ed25519/open.cpp index a7cd1744..0264f893 100644 --- a/core/crypto/ed25519/open.cpp +++ b/core/crypto/ed25519/open.cpp @@ -33,7 +33,6 @@ int crypto_sign_open( ge_tobytes(rcheck,&R); if (crypto_verify_32(rcheck,rcopy) == 0) return 0; - badsig: return -1; diff --git a/tests/Crypto.cpp b/tests/Crypto.cpp index fe6d9ba3..9440975e 100644 --- a/tests/Crypto.cpp +++ b/tests/Crypto.cpp @@ -2,6 +2,7 @@ #include #include "crypto/aes.h" +#include "crypto/EdDSA25519.h" using namespace i2p::crypto; @@ -200,5 +201,108 @@ BOOST_FIXTURE_TEST_CASE(AesCbcDecrypt, AesCbcFixture) } } +struct EDDSAFixture { + + EDDSAFixture() + : verifier(public_key), signer(private_key), dummy_rng() {} + + uint8_t private_key[32] = { + 0xe1, 0xec, 0xff, 0xa6, 0xcd, 0x4e, 0xc7, 0x09, 0x2f, 0x87, + 0x44, 0xaf, 0x48, 0xb3, 0x7f, 0x63, 0x71, 0x63, 0x1e, 0x01, + 0xf7, 0x20, 0xe9, 0x0a, 0xfa, 0x3c, 0x90, 0xec, 0x97, 0x4c, + 0x16, 0x27 + }; + uint8_t public_key[32] = { + 0x0f, 0x90, 0x8b, 0xaf, 0xef, 0x40, 0x79, 0xb5, 0x94, 0xb5, + 0x13, 0xf9, 0xf6, 0x02, 0x65, 0xef, 0x4d, 0x95, 0xa4, 0x84, + 0x2d, 0xc7, 0x23, 0x1b, 0x93, 0xe4, 0x2e, 0x9d, 0x45, 0x52, + 0xed, 0x62 + }; + + EDDSA25519Verifier verifier; + EDDSA25519Signer signer; + CryptoPP::RandomNumberGenerator dummy_rng; +}; + +BOOST_FIXTURE_TEST_CASE(EdDSA25519KeyLength, EDDSAFixture) +{ + BOOST_CHECK_EQUAL(verifier.GetPublicKeyLen(), EDDSA25519_PUBLIC_KEY_LENGTH); +} + + +BOOST_FIXTURE_TEST_CASE(EdDSA25519SignatureLength, EDDSAFixture) +{ + BOOST_CHECK_EQUAL(verifier.GetSignatureLen(), EDDSA25519_SIGNATURE_LENGTH); +} + +BOOST_FIXTURE_TEST_CASE(EdDSA25519Sign, EDDSAFixture) +{ + const uint8_t message[33] = { + 0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, 0x61, 0x20, + 0x74, 0x65, 0x73, 0x74, 0x20, 0x6d, 0x65, 0x73, 0x73, 0x61, + 0x67, 0x65, 0x21, 0x20, 0x2d, 0x45, 0x69, 0x6e, 0x4d, 0x42, + 0x79, 0x74, 0x65 + }; + const uint8_t signature[64] = { + 0xfa, 0x69, 0x31, 0x22, 0x61, 0xb5, 0x4f, 0xf5, 0x7e, 0x20, + 0xa6, 0x05, 0x91, 0xe7, 0xab, 0x41, 0x43, 0x48, 0x85, 0x02, + 0xac, 0xcf, 0x3f, 0x17, 0x13, 0x09, 0x3e, 0x25, 0x3c, 0x15, + 0x6d, 0xc3, 0x55, 0xcd, 0x8a, 0x30, 0x07, 0xe2, 0x41, 0xa1, + 0x98, 0x24, 0xe5, 0xc0, 0x9e, 0x90, 0xbb, 0x9e, 0x6b, 0xe8, + 0x41, 0x84, 0x2d, 0x13, 0x2e, 0x1f, 0x2a, 0x46, 0x31, 0x2e, + 0x5c, 0x94, 0x7e, 0x0d + }; + uint8_t output[64] = {}; + signer.Sign(dummy_rng, message, 33, output); + BOOST_CHECK_EQUAL_COLLECTIONS(output, output + 64, signature, signature + 64); +} + + +BOOST_FIXTURE_TEST_CASE(EdDSA25519Verify, EDDSAFixture) +{ + const uint8_t message[33] = { + 0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, 0x61, 0x20, + 0x74, 0x65, 0x73, 0x74, 0x20, 0x6d, 0x65, 0x73, 0x73, 0x61, + 0x67, 0x65, 0x21, 0x20, 0x2d, 0x45, 0x69, 0x6e, 0x4d, 0x42, + 0x79, 0x74, 0x65 + }; + const uint8_t signature[64] = { + 0xfa, 0x69, 0x31, 0x22, 0x61, 0xb5, 0x4f, 0xf5, 0x7e, 0x20, + 0xa6, 0x05, 0x91, 0xe7, 0xab, 0x41, 0x43, 0x48, 0x85, 0x02, + 0xac, 0xcf, 0x3f, 0x17, 0x13, 0x09, 0x3e, 0x25, 0x3c, 0x15, + 0x6d, 0xc3, 0x55, 0xcd, 0x8a, 0x30, 0x07, 0xe2, 0x41, 0xa1, + 0x98, 0x24, 0xe5, 0xc0, 0x9e, 0x90, 0xbb, 0x9e, 0x6b, 0xe8, + 0x41, 0x84, 0x2d, 0x13, 0x2e, 0x1f, 0x2a, 0x46, 0x31, 0x2e, + 0x5c, 0x94, 0x7e, 0x0d + }; + BOOST_CHECK(verifier.Verify(message, 33, signature)); +} + +BOOST_FIXTURE_TEST_CASE(EdDSA25519VerifyBadMsg, EDDSAFixture) +{ + const uint8_t message[10] = {}; + const uint8_t signature[64] = { + 0xfa, 0x69, 0x31, 0x22, 0x61, 0xb5, 0x4f, 0xf5, 0x7e, 0x20, + 0xa6, 0x05, 0x91, 0xe7, 0xab, 0x41, 0x43, 0x48, 0x85, 0x02, + 0xac, 0xcf, 0x3f, 0x17, 0x13, 0x09, 0x3e, 0x25, 0x3c, 0x15, + 0x6d, 0xc3, 0x55, 0xcd, 0x8a, 0x30, 0x07, 0xe2, 0x41, 0xa1, + 0x98, 0x24, 0xe5, 0xc0, 0x9e, 0x90, 0xbb, 0x9e, 0x6b, 0xe8, + 0x41, 0x84, 0x2d, 0x13, 0x2e, 0x1f, 0x2a, 0x46, 0x31, 0x2e, + 0x5c, 0x94, 0x7e, 0x0d + }; + BOOST_CHECK(!verifier.Verify(message, 10, signature)); +} + +BOOST_FIXTURE_TEST_CASE(EdDSA25519VerifyBadSignature, EDDSAFixture) +{ + const uint8_t message[33] = { + 0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, 0x61, 0x20, + 0x74, 0x65, 0x73, 0x74, 0x20, 0x6d, 0x65, 0x73, 0x73, 0x61, + 0x67, 0x65, 0x21, 0x20, 0x2d, 0x45, 0x69, 0x6e, 0x4d, 0x42, + 0x79, 0x74, 0x65 + }; + const uint8_t signature[64] = {}; + BOOST_CHECK(!verifier.Verify(message, 33, signature)); +} BOOST_AUTO_TEST_SUITE_END()