mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 20:10:49 +02:00
25a1a20444
Add defense-in-depth checks to wc_ed{25519,448}_check_key() and
ed{25519,448}_verify_msg_final_with_sha() that reject the identity
point and other small-order public keys. Honest EdDSA key generation
never produces such keys, but wolfSSL previously accepted them on
import and verification. The guard runs at both entry points so it
holds even when a key is imported with trusted=1. New tests are gated
on !HAVE_FIPS || FIPS_VERSION3_GE(7,0,0).
59 lines
2.5 KiB
C
59 lines
2.5 KiB
C
/* test_ed448.h
|
|
*
|
|
* Copyright (C) 2006-2026 wolfSSL Inc.
|
|
*
|
|
* This file is part of wolfSSL.
|
|
*
|
|
* wolfSSL is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation; either version 3 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* wolfSSL is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with this program; if not, write to the Free Software
|
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
|
|
*/
|
|
|
|
#ifndef WOLFCRYPT_TEST_ED448_H
|
|
#define WOLFCRYPT_TEST_ED448_H
|
|
|
|
#include <tests/api/api_decl.h>
|
|
|
|
int test_wc_ed448_make_key(void);
|
|
int test_wc_ed448_init(void);
|
|
int test_wc_ed448_sign_msg(void);
|
|
int test_wc_ed448_sign_msg_pubonly_fails(void);
|
|
int test_wc_ed448_import_public(void);
|
|
int test_wc_ed448_import_private_key(void);
|
|
int test_wc_ed448_export(void);
|
|
int test_wc_ed448_size(void);
|
|
int test_wc_ed448_exportKey(void);
|
|
int test_wc_Ed448PublicKeyToDer(void);
|
|
int test_wc_Ed448KeyToDer(void);
|
|
int test_wc_Ed448PrivateKeyToDer(void);
|
|
int test_wc_Ed448KeyToDer_oneasymkey_version(void);
|
|
int test_wc_ed448_reject_small_order_keys(void);
|
|
|
|
#define TEST_ED448_DECLS \
|
|
TEST_DECL_GROUP("ed448", test_wc_ed448_make_key), \
|
|
TEST_DECL_GROUP("ed448", test_wc_ed448_init), \
|
|
TEST_DECL_GROUP("ed448", test_wc_ed448_sign_msg), \
|
|
TEST_DECL_GROUP("ed448", test_wc_ed448_sign_msg_pubonly_fails), \
|
|
TEST_DECL_GROUP("ed448", test_wc_ed448_import_public), \
|
|
TEST_DECL_GROUP("ed448", test_wc_ed448_import_private_key), \
|
|
TEST_DECL_GROUP("ed448", test_wc_ed448_export), \
|
|
TEST_DECL_GROUP("ed448", test_wc_ed448_size), \
|
|
TEST_DECL_GROUP("ed448", test_wc_ed448_exportKey), \
|
|
TEST_DECL_GROUP("ed448", test_wc_Ed448PublicKeyToDer), \
|
|
TEST_DECL_GROUP("ed448", test_wc_Ed448KeyToDer), \
|
|
TEST_DECL_GROUP("ed448", test_wc_Ed448PrivateKeyToDer), \
|
|
TEST_DECL_GROUP("ed448", test_wc_Ed448KeyToDer_oneasymkey_version), \
|
|
TEST_DECL_GROUP("ed448", test_wc_ed448_reject_small_order_keys)
|
|
|
|
#endif /* WOLFCRYPT_TEST_ED448_H */
|