diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-12-20 08:16:29 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-12-21 10:55:46 +0100 |
commit | 3d8f3da8c74d93ac8e867426024c4a8590332023 (patch) | |
tree | 3ef579364fab57ff8b4ae27fe2786fb636fd093c | |
parent | 011c3d964b1912151444527c4f92e8c752638126 (diff) | |
download | gnutls-tmp-update-fips-self-tests.tar.gz |
gnutls_pk_self_test: include ECDSA tests on GNUTLS_PK_ECtmp-update-fips-self-tests
Previously when a request for a specific self check on GNUTLS_PK_EC
was done, only ECDH tests would be run. This change includes the ECDSA
tests as well (GNUTLS_PK_EC and GNUTLS_PK_ECDSA are an alias to each other).
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
-rw-r--r-- | lib/crypto-selftests-pk.c | 49 |
1 files changed, 25 insertions, 24 deletions
diff --git a/lib/crypto-selftests-pk.c b/lib/crypto-selftests-pk.c index 22f0c868fa..ea30d848dc 100644 --- a/lib/crypto-selftests-pk.c +++ b/lib/crypto-selftests-pk.c @@ -733,8 +733,8 @@ int gnutls_pk_self_test(unsigned flags, gnutls_pk_algorithm_t pk) return 0; FALLTHROUGH; - case GNUTLS_PK_EC: /* Testing ECDSA */ - /* Test ECDH */ + case GNUTLS_PK_EC: + /* Test ECDH and ECDSA */ #ifndef AVOID_INTERNALS ret = test_ecdh(); if (ret < 0) { @@ -742,30 +742,8 @@ int gnutls_pk_self_test(unsigned flags, gnutls_pk_algorithm_t pk) goto cleanup; } - if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL)) - return 0; #endif - /* Test ECDSA */ -#ifdef ENABLE_NON_SUITEB_CURVES - PK_KNOWN_TEST(GNUTLS_PK_EC, 0, - GNUTLS_CURVE_TO_BITS - (GNUTLS_ECC_CURVE_SECP192R1), - GNUTLS_DIG_SHA256, ecdsa_secp192r1_privkey, - ecdsa_secp192r1_sig); - PK_TEST(GNUTLS_PK_EC, test_sig, - GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP192R1), - GNUTLS_DIG_SHA256); - - PK_KNOWN_TEST(GNUTLS_PK_EC, 0, - GNUTLS_CURVE_TO_BITS - (GNUTLS_ECC_CURVE_SECP224R1), - GNUTLS_DIG_SHA256, ecdsa_secp224r1_privkey, - ecdsa_secp224r1_sig); - PK_TEST(GNUTLS_PK_EC, test_sig, - GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP224R1), - GNUTLS_DIG_SHA256); -#endif PK_KNOWN_TEST(GNUTLS_PK_EC, 0, GNUTLS_CURVE_TO_BITS (GNUTLS_ECC_CURVE_SECP256R1), @@ -775,6 +753,9 @@ int gnutls_pk_self_test(unsigned flags, gnutls_pk_algorithm_t pk) GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP256R1), GNUTLS_DIG_SHA256); + if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL)) + return 0; + PK_KNOWN_TEST(GNUTLS_PK_EC, 0, GNUTLS_CURVE_TO_BITS (GNUTLS_ECC_CURVE_SECP384R1), @@ -793,6 +774,26 @@ int gnutls_pk_self_test(unsigned flags, gnutls_pk_algorithm_t pk) GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP521R1), GNUTLS_DIG_SHA512); +#ifdef ENABLE_NON_SUITEB_CURVES + PK_KNOWN_TEST(GNUTLS_PK_EC, 0, + GNUTLS_CURVE_TO_BITS + (GNUTLS_ECC_CURVE_SECP192R1), + GNUTLS_DIG_SHA256, ecdsa_secp192r1_privkey, + ecdsa_secp192r1_sig); + PK_TEST(GNUTLS_PK_EC, test_sig, + GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP192R1), + GNUTLS_DIG_SHA256); + + PK_KNOWN_TEST(GNUTLS_PK_EC, 0, + GNUTLS_CURVE_TO_BITS + (GNUTLS_ECC_CURVE_SECP224R1), + GNUTLS_DIG_SHA256, ecdsa_secp224r1_privkey, + ecdsa_secp224r1_sig); + PK_TEST(GNUTLS_PK_EC, test_sig, + GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP224R1), + GNUTLS_DIG_SHA256); +#endif + break; default: return gnutls_assert_val(GNUTLS_E_NO_SELF_TEST); |