mirror/gmsm
1
0
Fork 0
mirror of https://github.com/emmansun/gmsm.git synced 2025-04-26 12:16:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

supplement test

Browse Source
This commit is contained in:
Emman 2021-12-15 13:57:03 +08:00
parent b45441f0ed
commit bb70b71906
2 changed files with 54 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
sm2/sm2.go
View File

@ -570,7 +570,8 @@ func fermatInverse(k, N *big.Int) *big.Int {
// private key's curve order, the hash will be truncated to that length. It // private key's curve order, the hash will be truncated to that length. It
// returns the signature as a pair of integers. The security of the private key // returns the signature as a pair of integers. The security of the private key
// depends on the entropy of rand. // depends on the entropy of rand.
// https://crypto.stackexchange.com/questions/60644/what-does-chopmd-refer-to-in-the-default-go-ecdsa-package // Backgroud: https://github.com/golang/go/commit/a8049f58f9e3336554da1b0a4f8ea3b9c5cd669c
//
func Sign(rand io.Reader, priv *ecdsa.PrivateKey, hash []byte) (r, s *big.Int, err error) { func Sign(rand io.Reader, priv *ecdsa.PrivateKey, hash []byte) (r, s *big.Int, err error) {
if !strings.EqualFold(priv.Params().Name, P256().Params().Name) { if !strings.EqualFold(priv.Params().Name, P256().Params().Name) {
return ecdsa.Sign(rand, priv, hash) return ecdsa.Sign(rand, priv, hash)

52
sm2/sm2_test.go
View File

@ -250,6 +250,58 @@ func Test_signVerify(t *testing.T) {
} }
} }
func TestNonceSafety(t *testing.T) {
priv, _ := GenerateKey(rand.Reader)
hashed := []byte("testing")
r0, s0, err := Sign(zeroReader, &priv.PrivateKey, hashed)
if err != nil {
t.Errorf("SM2: error signing: %s", err)
return
}
hashed = []byte("testing...")
r1, s1, err := Sign(zeroReader, &priv.PrivateKey, hashed)
if err != nil {
t.Errorf("SM2: error signing: %s", err)
return
}
if s0.Cmp(s1) == 0 {
// This should never happen.
t.Error("SM2: the signatures on two different messages were the same")
}
if r0.Cmp(r1) == 0 {
t.Error("SM2: the nonce used for two diferent messages was the same")
}
}
func TestINDCCA(t *testing.T) {
priv, _ := GenerateKey(rand.Reader)
hashed := []byte("testing")
r0, s0, err := Sign(rand.Reader, &priv.PrivateKey, hashed)
if err != nil {
t.Errorf("SM2: error signing: %s", err)
return
}
r1, s1, err := Sign(rand.Reader, &priv.PrivateKey, hashed)
if err != nil {
t.Errorf("SM2: error signing: %s", err)
return
}
if s0.Cmp(s1) == 0 {
t.Error("SM2: two signatures of the same message produced the same result")
}
if r0.Cmp(r1) == 0 {
t.Error("SM2: two signatures of the same message produced the same nonce")
}
}
func benchmarkEncrypt(b *testing.B, curve elliptic.Curve, plaintext string) { func benchmarkEncrypt(b *testing.B, curve elliptic.Curve, plaintext string) {
for i := 0; i < b.N; i++ { for i := 0; i < b.N; i++ {
priv, _ := ecdsa.GenerateKey(curve, rand.Reader) priv, _ := ecdsa.GenerateKey(curve, rand.Reader)