From 19fc8ec5e632046a98a8a4fc7d4a20146dc24dd3 Mon Sep 17 00:00:00 2001
From: Kevin Jacobs <kjacobs@mozilla.com>
Date: Mon, 29 Jun 2020 20:10:32 +0000
Subject: Bug 1649226 - Add Wycheproof ECDSA tests. r=bbeurdouche

Differential Revision: https://phabricator.services.mozilla.com/D81589
---
 gtests/pk11_gtest/pk11_ecdsa_unittest.cc | 48 ++++++++++++++++++++++++++++++++
 1 file changed, 48 insertions(+)

(limited to 'gtests/pk11_gtest')

diff --git a/gtests/pk11_gtest/pk11_ecdsa_unittest.cc b/gtests/pk11_gtest/pk11_ecdsa_unittest.cc
index 1816e3c9c..83ac47306 100644
--- a/gtests/pk11_gtest/pk11_ecdsa_unittest.cc
+++ b/gtests/pk11_gtest/pk11_ecdsa_unittest.cc
@@ -6,12 +6,16 @@
 #include "nss.h"
 #include "pk11pub.h"
 #include "sechash.h"
+#include "cryptohi.h"
 
 #include "gtest/gtest.h"
 #include "nss_scoped_ptrs.h"
 
 #include "pk11_ecdsa_vectors.h"
 #include "pk11_signature_test.h"
+#include "testvectors/p256ecdsa-sha256-vectors.h"
+#include "testvectors/p384ecdsa-sha384-vectors.h"
+#include "testvectors/p521ecdsa-sha512-vectors.h"
 
 namespace nss_test {
 
@@ -172,4 +176,48 @@ TEST_F(Pkcs11EcdsaSha256Test, ImportSpkiPointNotOnCurve) {
   EXPECT_EQ(handle, static_cast<decltype(handle)>(CK_INVALID_HANDLE));
 }
 
+class Pkcs11EcdsaWycheproofTest
+    : public ::testing::TestWithParam<EcdsaTestVector> {
+ protected:
+  void Derive(const EcdsaTestVector vec) {
+    SECItem spki_item = {siBuffer, toUcharPtr(vec.public_key.data()),
+                         static_cast<unsigned int>(vec.public_key.size())};
+    SECItem sig_item = {siBuffer, toUcharPtr(vec.sig.data()),
+                        static_cast<unsigned int>(vec.sig.size())};
+
+    DataBuffer hash;
+    hash.Allocate(static_cast<size_t>(HASH_ResultLenByOidTag(vec.hash_oid)));
+    SECStatus rv = PK11_HashBuf(vec.hash_oid, toUcharPtr(hash.data()),
+                                toUcharPtr(vec.msg.data()), vec.msg.size());
+    ASSERT_EQ(rv, SECSuccess);
+    SECItem hash_item = {siBuffer, toUcharPtr(hash.data()),
+                         static_cast<unsigned int>(hash.len())};
+
+    ScopedCERTSubjectPublicKeyInfo cert_spki(
+        SECKEY_DecodeDERSubjectPublicKeyInfo(&spki_item));
+    ASSERT_TRUE(cert_spki);
+    ScopedSECKEYPublicKey pub_key(SECKEY_ExtractPublicKey(cert_spki.get()));
+    ASSERT_TRUE(pub_key);
+
+    rv = VFY_VerifyDigestDirect(&hash_item, pub_key.get(), &sig_item,
+                                SEC_OID_ANSIX962_EC_PUBLIC_KEY, vec.hash_oid,
+                                nullptr);
+    EXPECT_EQ(rv, vec.valid ? SECSuccess : SECFailure);
+  };
+};
+
+TEST_P(Pkcs11EcdsaWycheproofTest, Verify) { Derive(GetParam()); }
+
+INSTANTIATE_TEST_CASE_P(WycheproofP256SignatureSha256Test,
+                        Pkcs11EcdsaWycheproofTest,
+                        ::testing::ValuesIn(kP256EcdsaSha256Vectors));
+
+INSTANTIATE_TEST_CASE_P(WycheproofP384SignatureSha384Test,
+                        Pkcs11EcdsaWycheproofTest,
+                        ::testing::ValuesIn(kP384EcdsaSha384Vectors));
+
+INSTANTIATE_TEST_CASE_P(WycheproofP521SignatureSha512Test,
+                        Pkcs11EcdsaWycheproofTest,
+                        ::testing::ValuesIn(kP521EcdsaSha512Vectors));
+
 }  // namespace nss_test
-- 
cgit v1.2.1