Add ECDSA verify KAT to FIPS self-tests.
Change-Id: Ib67cd8c10df837687da7864a3f65456b2611d0f9
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/43687
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
diff --git a/crypto/fipsmodule/self_check/self_check.c b/crypto/fipsmodule/self_check/self_check.c
index 4b954b7..91ec8ca 100644
--- a/crypto/fipsmodule/self_check/self_check.c
+++ b/crypto/fipsmodule/self_check/self_check.c
@@ -611,7 +611,7 @@
goto err;
}
- // ECDSA Sign/Verify PWCT
+ // ECDSA Sign/Verify KAT
// The 'k' value for ECDSA is fixed to avoid an entropy draw.
ec_key->fixed_k = BN_new();
@@ -632,7 +632,13 @@
!BN_bn2bin(sig->s, ecdsa_s_bytes) ||
!check_test(kECDSASigR, ecdsa_r_bytes, sizeof(kECDSASigR), "ECDSA R") ||
!check_test(kECDSASigS, ecdsa_s_bytes, sizeof(kECDSASigS), "ECDSA S")) {
- fprintf(stderr, "ECDSA KAT failed.\n");
+ fprintf(stderr, "ECDSA signature KAT failed.\n");
+ goto err;
+ }
+
+ if (!ECDSA_do_verify(kPlaintextSHA256, sizeof(kPlaintextSHA256), sig,
+ ec_key)) {
+ fprintf(stderr, "ECDSA verification KAT failed.\n");
goto err;
}