diff options
| author | Hubert Kario <hkario@redhat.com> | 2021-07-23 19:08:02 +0200 |
|---|---|---|
| committer | Hubert Kario <hkario@redhat.com> | 2021-08-03 14:06:06 +0200 |
| commit | 9e6ce5f4e9bec6c24f42728c337acf95717901f6 (patch) | |
| tree | 20e727e653828590e2b223dc46f68efd39901524 | |
| parent | ee8fea3e5615b54bc6662d5461f481cb584b8bc7 (diff) | |
| download | ecdsa-eddsa.tar.gz | |
WIP: interoperability tests with openssleddsa
| -rw-r--r-- | src/ecdsa/test_pyecdsa.py | 67 |
1 files changed, 67 insertions, 0 deletions
diff --git a/src/ecdsa/test_pyecdsa.py b/src/ecdsa/test_pyecdsa.py index c1393bc..3ed260e 100644 --- a/src/ecdsa/test_pyecdsa.py +++ b/src/ecdsa/test_pyecdsa.py @@ -43,6 +43,8 @@ from .curves import ( BRAINPOOLP320r1, BRAINPOOLP384r1, BRAINPOOLP512r1, + Ed25519, + Ed448, curves, ) from .ecdsa import ( @@ -1354,6 +1356,71 @@ class OpenSSL(unittest.TestCase): % mdarg ) + OPENSSL_SUPPORTED_TYPES = set() + try: + if "-rawin" in run_openssl("pkeyutl -help"): + OPENSSL_SUPPORTED_TYPES = set( + c.lower() + for c in run_openssl("list -public-key-methods").split("\n") + if not c.startswith("\t") and not c.startswith(" ") + ) + except SubprocessError: + pass + + def do_eddsa_test_to_openssl(self, curve): + curvename = curve.name.upper() + + if os.path.isdir("t"): + shutil.rmtree("t") + os.mkdir("t") + + sk = SigningKey.generate(curve=curve) + vk = sk.get_verifying_key() + + data = b"data" + with open("t/pubkey.der", "wb") as e: + e.write(vk.to_der()) + with open("t/pubkey.pem", "wb") as e: + e.write(vk.to_pem()) + + sig = sk.sign(data) + + with open("t/data.sig", "wb") as e: + e.write(sig) + with open("t/data.txt", "wb") as e: + e.write(data) + with open("t/baddata.txt", "wb") as e: + e.write(data + b"corrupt") + + with self.assertRaises(SubprocessError): + run_openssl( + "pkeyutl -verify -pubin -inkey t/pubkey.pem -rawin " + "-in t/baddata.txt -sigfile t/data.sig" + ) + run_openssl( + "pkeyutl -verify -pubin -inkey t/pubkey.pem -rawin " + "-in t/data.txt -sigfile t/data.sig" + ) + + # to create a signature: + # pkeyutl -sign -inkey t/privkey.pem -out t/data-ossl.sig -rawin -in data.txt + + shutil.rmtree("t") + + @pytest.mark.skipif( + "ed25519" not in OPENSSL_SUPPORTED_TYPES, + reason="system openssl does not support Ed25519", + ) + def test_to_openssl_ed25519(self): + return self.do_eddsa_test_to_openssl(Ed25519) + + @pytest.mark.skipif( + "ed448" not in OPENSSL_SUPPORTED_TYPES, + reason="system openssl does not support Ed448", + ) + def test_to_openssl_ed448(self): + return self.do_eddsa_test_to_openssl(Ed448) + class TooSmallCurve(unittest.TestCase): OPENSSL_SUPPORTED_CURVES = set( |