sysadmin/ipxe
1
0
Fork 0
mirror of https://github.com/ipxe/ipxe synced 2026-01-21 18:30:56 +03:00
Code Issues Packages Projects Releases Wiki Activity

[test] Test verification of constructed signature

Browse Source 
Some signature schemes (such as ECDSA) allow for non-deterministic
signatures.  Provide more information in test results by performing
verification of the constructed signature even when it does not match
the expected test case result: this allows us to distinguish between a
bug that is generating invalid signatures and a bug that is generating
valid but non-canonical signatures.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
This commit is contained in:
Michael Brown
2025-12-18 23:10:57 +00:00
parent cfbf0da93c
commit 948677fe5e
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/tests/pubkey_test.c
View File

@@ -146,6 +146,10 @@ void pubkey_sign_okx ( struct pubkey_sign_test *test, const char *file,
okx ( asn1_compare ( asn1_built ( &builder ), &test->signature ) == 0, okx ( asn1_compare ( asn1_built ( &builder ), &test->signature ) == 0,
file, line ); file, line );
/* Test verification of constructed signature */
okx ( pubkey_verify ( pubkey, &test->public, digest, digestout,
asn1_built ( &builder ) ) == 0, file, line );
/* Free signature */ /* Free signature */
free ( builder.data ); free ( builder.data );
} }