Commit 4adb5846 authored by Michael Hamburg's avatar Michael Hamburg

ed25519 prehashed test vector. ed448 prehashed test vectors look invalid??

parent 3b9ffc4c
......@@ -110,7 +110,7 @@ template<class CRTP, Prehashed ph> class Signing;
template<class CRTP> class Signing<CRTP,PREHASHED> {
public:
/* Sign a prehash context, and reset the context */
inline SecureBuffer sign_prehashed ( Prehash &ph ) const throw(std::bad_alloc) {
inline SecureBuffer sign_prehashed ( Prehash &ph ) const /*throw(std::bad_alloc)*/ {
SecureBuffer out(CRTP::SIG_BYTES);
FixedArrayBuffer<Prehash::OUTPUT_BYTES> tmp;
ph.final(tmp);
......@@ -126,6 +126,17 @@ public:
ph.context_.size()
#endif
);
return out;
}
/* Sign a message using the prehasher */
inline SecureBuffer sign_with_prehash (
const Block &message,
const Block &context = Block(NULL,0)
) const /*throw(LengthException,CryptoException)*/ {
Prehash ph(context);
ph += message;
return sign_prehashed(ph);
}
};
......@@ -229,14 +240,14 @@ public:
}
/** Assignment from string */
inline PrivateKey &operator=(const FixedBlock<SER_BYTES> &b) NOEXCEPT {
inline PrivateKeyBase &operator=(const FixedBlock<SER_BYTES> &b) NOEXCEPT {
memcpy(priv_.data(),b.data(),b.size());
$(c_ns)_eddsa_derive_public_key(pub_.data(), priv_.data());
return *this;
}
/** Copy assignment */
inline PrivateKey &operator=(const PrivateKey &k) NOEXCEPT {
inline PrivateKeyBase &operator=(const PrivateKey &k) NOEXCEPT {
memcpy(priv_.data(),k.priv_.data(), priv_.size());
memcpy(pub_.data(),k.pub_.data(), pub_.size());
return *this;
......@@ -355,6 +366,17 @@ public:
throw CryptoException();
}
}
/* Verify a message using the prehasher */
inline void verify_with_prehash (
const FixedBlock<$(C_NS)_EDDSA_SIGNATURE_BYTES> &sig,
const Block &message,
const Block &context = Block(NULL,0)
) const /*throw(LengthException,CryptoException)*/ {
Prehash ph(context);
ph += message;
verify_prehashed(sig,ph);
}
};
......
......@@ -466,6 +466,7 @@ static void test_cfrg_crypto() {
}
}
static const bool eddsa_prehashed[];
static const Block eddsa_sk[], eddsa_pk[], eddsa_message[], eddsa_context[], eddsa_sig[];
static void test_cfrg_vectors() {
......@@ -490,10 +491,20 @@ static void test_cfrg_vectors() {
printf("\n");
}
SecureBuffer sig;
if (priv.SUPPORTS_CONTEXTS) {
sig = priv.sign(eddsa_message[t],eddsa_context[t]);
if (eddsa_prehashed[t]) {
typename EdDSA<Group>::PrivateKeyPh priv2(eddsa_sk[t]);
if (priv2.SUPPORTS_CONTEXTS) {
sig = priv2.sign_with_prehash(eddsa_message[t],eddsa_context[t]);
} else {
sig = priv2.sign_with_prehash(eddsa_message[t]);
}
} else {
sig = priv.sign(eddsa_message[t]);
if (priv.SUPPORTS_CONTEXTS) {
sig = priv.sign(eddsa_message[t],eddsa_context[t]);
} else {
sig = priv.sign(eddsa_message[t]);
}
}
if (!memeq(SecureBuffer(eddsa_sig[t]),sig)) {
......@@ -572,7 +583,7 @@ static void run() {
}; /* template<GroupId GROUP> struct Tests */
#include "vectors.inc.c"
#include "vectors.inc.cxx"
int main(int argc, char **argv) {
(void) argc; (void) argv;
......
......@@ -163,6 +163,15 @@ const uint8_t ed448_eddsa_message[][12] = {{
0x81,0x1e,0x29,0x15
}};
template<> const bool Tests<Ed448Goldilocks>::eddsa_prehashed[] = {
false,
false,
false,
false,
false
};
const uint8_t ed448_eddsa_context[][3] = {{
0x66,0x6f,0x6f
}};
......@@ -284,7 +293,7 @@ template<> const Block Tests<Ed448Goldilocks>::eddsa_sig[] = {
Block(ed448_eddsa_sig[3],114)
};
const uint8_t ed25519_eddsa_sk[3][32] = {{
const uint8_t ed25519_eddsa_sk[][32] = {{
0x9d,0x61,0xb1,0x9d,0xef,0xfd,0x5a,0x60,
0xba,0x84,0x4a,0xf4,0x92,0xec,0x2c,0xc4,
0x44,0x49,0xc5,0x69,0x7b,0x32,0x69,0x19,
......@@ -299,8 +308,13 @@ const uint8_t ed25519_eddsa_sk[3][32] = {{
0xed,0xb7,0x44,0x2f,0x31,0xdc,0xb7,0xb1,
0x66,0xd3,0x85,0x35,0x07,0x6f,0x09,0x4b,
0x85,0xce,0x3a,0x2e,0x0b,0x44,0x58,0xf7
}, {
0x83,0x3f,0xe6,0x24,0x09,0x23,0x7b,0x9d,
0x62,0xec,0x77,0x58,0x75,0x20,0x91,0x1e,
0x9a,0x75,0x9c,0xec,0x1d,0x19,0x75,0x5b,
0x7d,0xa9,0x01,0xb9,0x6d,0xca,0x3d,0x42
}};
const uint8_t ed25519_eddsa_pk[3][32] = {{
const uint8_t ed25519_eddsa_pk[][32] = {{
0xd7,0x5a,0x98,0x01,0x82,0xb1,0x0a,0xb7,
0xd5,0x4b,0xfe,0xd3,0xc9,0x64,0x07,0x3a,
0x0e,0xe1,0x72,0xf3,0xda,0xa6,0x23,0x25,
......@@ -315,15 +329,22 @@ const uint8_t ed25519_eddsa_pk[3][32] = {{
0x8d,0xa4,0x7e,0xd0,0x02,0x30,0xf0,0x58,
0x08,0x16,0xed,0x13,0xba,0x33,0x03,0xac,
0x5d,0xeb,0x91,0x15,0x48,0x90,0x80,0x25
}, {
0xec,0x17,0x2b,0x93,0xad,0x5e,0x56,0x3b,
0xf4,0x93,0x2c,0x70,0xe1,0x24,0x50,0x34,
0xc3,0x54,0x67,0xef,0x2e,0xfd,0x4d,0x64,
0xeb,0xf8,0x19,0x68,0x34,0x67,0xe2,0xbf
}};
const uint8_t ed25519_eddsa_message[3][2] = {{
const uint8_t ed25519_eddsa_message[][3] = {{
0
}, {
0x72
}, {
0xaf,0x82
}, {
0x61,0x62,0x63
}};
const uint8_t ed25519_eddsa_sig[3][64] = {{
const uint8_t ed25519_eddsa_sig[][64] = {{
0xe5,0x56,0x43,0x00,0xc3,0x60,0xac,0x72,
0x90,0x86,0xe2,0xcc,0x80,0x6e,0x82,0x8a,
0x84,0x87,0x7f,0x1e,0xb8,0xe5,0xd9,0x74,
......@@ -350,29 +371,51 @@ const uint8_t ed25519_eddsa_sig[3][64] = {{
0xae,0x67,0xf7,0x60,0x98,0x4d,0xc6,0x59,
0x4a,0x7c,0x15,0xe9,0x71,0x6e,0xd2,0x8d,
0xc0,0x27,0xbe,0xce,0xea,0x1e,0xc4,0x0a
}, {
0xdc,0x2a,0x44,0x59,0xe7,0x36,0x96,0x33,
0xa5,0x2b,0x1b,0xf2,0x77,0x83,0x9a,0x00,
0x20,0x10,0x09,0xa3,0xef,0xbf,0x3e,0xcb,
0x69,0xbe,0xa2,0x18,0x6c,0x26,0xb5,0x89,
0x09,0x35,0x1f,0xc9,0xac,0x90,0xb3,0xec,
0xfd,0xfb,0xc7,0xc6,0x64,0x31,0xe0,0x30,
0x3d,0xca,0x17,0x9c,0x13,0x8a,0xc1,0x7a,
0xd9,0xbe,0xf1,0x17,0x73,0x31,0xa7,0x04
}};
template<> const bool Tests<IsoEd25519>::eddsa_prehashed[] = {
false,
false,
false,
true
};
template<> const Block Tests<IsoEd25519>::eddsa_sk[] = {
Block(ed25519_eddsa_sk[0],32),
Block(ed25519_eddsa_sk[1],32),
Block(ed25519_eddsa_sk[2],32),
Block(ed25519_eddsa_sk[3],32),
Block(NULL,0)
};
template<> const Block Tests<IsoEd25519>::eddsa_pk[] = {
Block(ed25519_eddsa_pk[0],32),
Block(ed25519_eddsa_pk[1],32),
Block(ed25519_eddsa_pk[2],32)
Block(ed25519_eddsa_pk[2],32),
Block(ed25519_eddsa_pk[3],32)
};
template<> const Block Tests<IsoEd25519>::eddsa_context[] = {
Block(NULL,0),
Block(NULL,0),
Block(NULL,0),
Block(NULL,0)
};
template<> const Block Tests<IsoEd25519>::eddsa_message[] = {
Block(ed25519_eddsa_message[0],0),
Block(ed25519_eddsa_message[1],1),
Block(ed25519_eddsa_message[2],2)
Block(ed25519_eddsa_message[2],2),
Block(ed25519_eddsa_message[3],3)
};
template<> const Block Tests<IsoEd25519>::eddsa_sig[] = {
Block(ed25519_eddsa_sig[0],64),
Block(ed25519_eddsa_sig[1],64),
Block(ed25519_eddsa_sig[2],64)
Block(ed25519_eddsa_sig[2],64),
Block(ed25519_eddsa_sig[3],64)
};
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment