Commit cbb1a94c authored by garciay's avatar garciay
Browse files

ATS security review

parent 2ec4f571
......@@ -87,13 +87,13 @@ module TestCodec_Certificates {
v_encMsg := encvalue(v_cert.toBeSigned);
// Sign the certificate using ECDSA/SHA-256 (NIST p-256)
v_sig := f_signWithEcdsaNistp256WithSha256(bit2oct(v_encMsg), v_private_key);
log("v_sig = ", v_sig);
v_cert.signature_ := m_signature_ecdsaNistP256(
m_ecdsaP256Signature(
m_eccP256CurvePoint_uncompressed(
v_publicKeyX,
v_publicKeyY
),
v_sig
m_eccP256CurvePoint_x_only(
substr(v_sig, 0, 32)
),
substr(v_sig, 32, 32)
)
);
// Final certificate
......@@ -174,12 +174,11 @@ module TestCodec_Certificates {
v_sig := f_signWithEcdsaBrainpoolp256WithSha256(bit2oct(v_encMsg), v_private_key);
v_cert.signature_ := m_signature_ecdsaBrainpoolP256r1(
m_ecdsaP256Signature(
m_eccP256CurvePoint_uncompressed(
v_publicKeyX,
v_publicKeyY
),
v_sig
)
m_eccP256CurvePoint_x_only(
substr(v_sig, 0, 32)
),
substr(v_sig, 32, 32)
)
);
// Final certificate
v_encMsg := encvalue(v_cert);
......@@ -258,13 +257,12 @@ module TestCodec_Certificates {
v_sig := f_signWithEcdsaBrainpoolp384WithSha384(bit2oct(v_encMsg), v_private_key);
v_cert.signature_ := m_signature_ecdsaBrainpoolP384r1(
m_ecdsaP384Signature(
m_eccP384CurvePoint_uncompressed(
v_publicKeyX,
v_publicKeyY
),
v_sig
)
);
m_eccP384CurvePoint_x_only(
substr(v_sig, 0, 48)
),
substr(v_sig, 48, 48)
)
);
// Final certificate
v_encMsg := encvalue(v_cert);
......@@ -280,7 +278,7 @@ module TestCodec_Certificates {
v_cert_dec.signature_.ecdsaBrainpoolP384r1Signature.rSig.x_only & v_cert_dec.signature_.ecdsaNistP256Signature.sSig,
v_cert_dec.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP384r1.uncompressedP384.x,
v_cert_dec.toBeSigned.verifyKeyIndicator.verificationKey.ecdsaBrainpoolP384r1.uncompressedP384.y
) == false) {
) == false) {
setverdict(fail);
} else {
setverdict(pass)
......@@ -342,11 +340,10 @@ module TestCodec_Certificates {
v_sig := f_signWithEcdsaNistp256WithSha256(bit2oct(v_encMsg), v_private_key);
v_cert.signature_ := m_signature_ecdsaNistP256(
m_ecdsaP256Signature(
m_eccP256CurvePoint_uncompressed(
v_publicKeyX,
v_publicKeyY
),
v_sig
m_eccP256CurvePoint_x_only(
substr(v_sig, 0, 32)
),
substr(v_sig, 32, 32)
)
);
// Final certificate
......@@ -587,11 +584,11 @@ module TestCodec_Certificates {
m_ecdsaP256Signature(
m_eccP256CurvePoint_x_only(
'08B2030104020A0D010C0105C0F80BB1460239348D17405C1A845151D4061200'O
),
),
'2617CF4E6B25097F03F502AD0C6F2F125974700D31A60FD1EF12040E4D8231AB'O
)
)
)
);
);
v_cert.toBeSigned.cracaId := v_cracaId;
v_cert.toBeSigned.crlSeries := v_crlSeries;
......
......@@ -300,12 +300,11 @@ module TestCodec_ChainOfCertificates {
v_sig := f_signWithEcdsaNistp256WithSha256(bit2oct(v_enc_msg), p_ca_sec_info.private_key);
v_cert.signature_ := m_signature_ecdsaNistP256(
m_ecdsaP256Signature(
m_eccP256CurvePoint_uncompressed(
p_ca_sec_info.public_key_x,
p_ca_sec_info.public_key_y
),
v_sig
)
m_eccP256CurvePoint_x_only(
substr(v_sig, 0, 32)
),
substr(v_sig, 32, 32)
)
);
log("f_create_ca_certificate_nistP256_1: Signed template ", valueof(v_cert));
......@@ -367,11 +366,10 @@ module TestCodec_ChainOfCertificates {
v_sig := f_signWithEcdsaBrainpoolp256WithSha256(bit2oct(v_enc_msg), p_ca_sec_info.private_key);
v_cert.signature_ := m_signature_ecdsaBrainpoolP256r1(
m_ecdsaP256Signature(
m_eccP256CurvePoint_uncompressed(
p_ca_sec_info.public_key_x,
p_ca_sec_info.public_key_y
),
v_sig
m_eccP256CurvePoint_x_only(
substr(v_sig, 0, 32)
),
substr(v_sig, 32, 32)
)
);
log("f_create_ca_certificate_brainpoolP256_1: Signed template ", valueof(v_cert));
......@@ -430,12 +428,11 @@ module TestCodec_ChainOfCertificates {
v_sig := f_signWithEcdsaNistp256WithSha256(bit2oct(v_enc_msg), p_ca_sec_info.private_key);
v_cert.signature_ := m_signature_ecdsaNistP256(
m_ecdsaP256Signature(
m_eccP256CurvePoint_uncompressed(
p_ca_sec_info.public_key_x,
p_ca_sec_info.public_key_y
),
v_sig
)
m_eccP256CurvePoint_x_only(
substr(v_sig, 0, 32)
),
substr(v_sig, 32, 32)
)
);
log("f_create_aa_certificate_nistP256_1: Signed template ", valueof(v_cert));
......@@ -493,11 +490,10 @@ module TestCodec_ChainOfCertificates {
v_sig := f_signWithEcdsaBrainpoolp256WithSha256(bit2oct(v_enc_msg), p_ca_sec_info.private_key);
v_cert.signature_ := m_signature_ecdsaBrainpoolP256r1(
m_ecdsaP256Signature(
m_eccP256CurvePoint_uncompressed(
p_ca_sec_info.public_key_x,
p_ca_sec_info.public_key_y
),
v_sig
m_eccP256CurvePoint_x_only(
substr(v_sig, 0, 32)
),
substr(v_sig, 32, 32)
)
);
log("f_create_aa_certificate_brainpoolP256_1: Signed template ", valueof(v_cert));
......@@ -557,11 +553,10 @@ module TestCodec_ChainOfCertificates {
v_sig := f_signWithEcdsaNistp256WithSha256(bit2oct(v_enc_msg), p_aa_sec_info.private_key);
v_cert.signature_ := m_signature_ecdsaNistP256(
m_ecdsaP256Signature(
m_eccP256CurvePoint_uncompressed(
p_aa_sec_info.public_key_x,
p_aa_sec_info.public_key_y
),
v_sig
m_eccP256CurvePoint_x_only(
substr(v_sig, 0, 32)
),
substr(v_sig, 32, 32)
)
);
log("f_create_at_certificate_nistP256_1: Signed template ", valueof(v_cert));
......@@ -621,12 +616,11 @@ module TestCodec_ChainOfCertificates {
v_sig := f_signWithEcdsaBrainpoolp256WithSha256(bit2oct(v_enc_msg), p_aa_sec_info.private_key);
v_cert.signature_ := m_signature_ecdsaBrainpoolP256r1(
m_ecdsaP256Signature(
m_eccP256CurvePoint_uncompressed(
p_aa_sec_info.public_key_x,
p_aa_sec_info.public_key_y
),
v_sig
)
m_eccP256CurvePoint_x_only(
substr(v_sig, 0, 32)
),
substr(v_sig, 32, 32)
)
);
log("f_create_at_certificate_brainpoolP256_1: Signed template ", valueof(v_cert));
......@@ -667,9 +661,9 @@ module TestCodec_ChainOfCertificates {
m_signature_ecdsaNistP256(
m_ecdsaP256Signature(
m_eccP256CurvePoint_x_only(
p_at_sec_info.public_key_x
substr(v_sig, 0, 32)
),
v_sig
substr(v_sig, 32, 32)
)
)
)
......@@ -712,11 +706,11 @@ module TestCodec_ChainOfCertificates {
m_signature_ecdsaBrainpoolP256r1(
m_ecdsaP256Signature(
m_eccP256CurvePoint_x_only(
p_at_sec_info.public_key_x
),
v_sig
)
)
substr(v_sig, 0, 32)
),
substr(v_sig, 32, 32)
)
)
)
);
log("f_build_and_sign_secured_message_brainpoolP256_1: v_secured_data = ", v_secured_data);
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment