| # Imported from Wycheproof's ecdh_test.json. |
| # This file is generated by convert_wycheproof.go. Do not edit by hand. |
| # |
| # Algorithm: ECDH |
| # Generator version: 0.4.6 |
| |
| [curve = secp224r1] |
| [encoding = asn] |
| |
| # tcId = 1 |
| # normal case |
| curve = secp224r1 |
| private = 565577a49415ca761a0322ad54e4ad0ae7625174baf372c2816f5328 |
| public = 304e301006072a8648ce3d020106052b81040021033a00047d8ac211e1228eb094e285a957d9912e93deee433ed777440ae9fc719b01d050dfbe653e72f39491be87fb1a2742daa6e0a2aada98bb1aca |
| result = valid |
| shared = b8ecdb552d39228ee332bafe4886dbff272f7109edf933bc7542bd4f |
| |
| # tcId = 2 |
| # compressed public key |
| curve = secp224r1 |
| private = 565577a49415ca761a0322ad54e4ad0ae7625174baf372c2816f5328 |
| public = 3032301006072a8648ce3d020106052b81040021031e00027d8ac211e1228eb094e285a957d9912e93deee433ed777440ae9fc71 |
| result = acceptable |
| shared = b8ecdb552d39228ee332bafe4886dbff272f7109edf933bc7542bd4f |
| # The point in the public key is compressed. Not every library supports points |
| # in compressed format. |
| |
| # tcId = 3 |
| # edge cases for shared secret |
| curve = secp224r1 |
| private = 0a2b6442a37f9201b56758034d2009be64b0ab7c02d7e398cac9665d6 |
| public = 304e301006072a8648ce3d020106052b81040021033a00045763fa2ae16367ad23d471cc9a52466f0d81d864e5640cefe384114594d9fecfbed4f254505ac8b41d2532055a07f0241c4818b552cbb636 |
| result = valid |
| shared = 00000000000000000000000100000000000000000000000000000001 |
| |
| # tcId = 4 |
| # edge cases for shared secret |
| curve = secp224r1 |
| private = 0a2b6442a37f9201b56758034d2009be64b0ab7c02d7e398cac9665d6 |
| public = 304e301006072a8648ce3d020106052b81040021033a0004142c1fd80fa2121a59aa898144084ec033f7a56a34eee0b499e29ae51c6d8c1bbb1ef2a76d565899fe44ffc1207d530d7f598fb77f4bb76b |
| result = valid |
| shared = 00000000000000ffffffffffffff0000000000000100000000000000 |
| |
| # tcId = 5 |
| # edge cases for shared secret |
| curve = secp224r1 |
| private = 0a2b6442a37f9201b56758034d2009be64b0ab7c02d7e398cac9665d6 |
| public = 304e301006072a8648ce3d020106052b81040021033a0004ed6f793e10c80d12d871cf8988399c4898a9bf9ffd8f27399f63de25f0051cdf4eec7f368f922cfcd948893ceca0c92e540cc4367a99a66a |
| result = valid |
| shared = 00000000ffffffffffffffff00000000000000010000000000000000 |
| |
| # tcId = 6 |
| # edge cases for shared secret |
| curve = secp224r1 |
| private = 0a2b6442a37f9201b56758034d2009be64b0ab7c02d7e398cac9665d6 |
| public = 304e301006072a8648ce3d020106052b81040021033a000408fcfc1a63c82860be12e4137433dfc40be9acdd245f9a8c4e56be61a385fc09f808383383f4b1d0d5365b6e5dcfacdc19bc7bcfed221274 |
| result = valid |
| shared = 0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff |
| |
| # tcId = 7 |
| # edge cases for shared secret |
| curve = secp224r1 |
| private = 0a2b6442a37f9201b56758034d2009be64b0ab7c02d7e398cac9665d6 |
| public = 304e301006072a8648ce3d020106052b81040021033a0004d883ed77f1861e8712800d31df67888fe39f150c79a27aa88caeda6b180f3f623e2ff3ab5370cf8179165b085af3dd4502850c0104caed9a |
| result = valid |
| shared = 0003fffffff00000003fffffff00000003fffffff000000040000000 |
| |
| # tcId = 8 |
| # edge cases for shared secret |
| curve = secp224r1 |
| private = 0a2b6442a37f9201b56758034d2009be64b0ab7c02d7e398cac9665d6 |
| public = 304e301006072a8648ce3d020106052b81040021033a00042b8b279b85ee3f3d2c0abeb36fdfc5aad6157d652d26489381a32cd73224bd757ef794acc92b0b3b9e7990618bb343a9a09bdb9d3616eff6 |
| result = valid |
| shared = 01fffffffc00000007fffffff00000001fffffffc000000080000001 |
| |
| # tcId = 9 |
| # edge cases for shared secret |
| curve = secp224r1 |
| private = 0a2b6442a37f9201b56758034d2009be64b0ab7c02d7e398cac9665d6 |
| public = 304e301006072a8648ce3d020106052b81040021033a0004a281ad992b363597ac93ff0de8ab1f7e51a6672dcbb58f9d739ba430ce0192874038daefc3130eec65811c7255da70fea65c1003f6892faa |
| result = valid |
| shared = 7fffffffffffffffffffffffffffffffffffffffffffffffffffffff |
| |
| # tcId = 10 |
| # edge cases for shared secret |
| curve = secp224r1 |
| private = 0a2b6442a37f9201b56758034d2009be64b0ab7c02d7e398cac9665d6 |
| public = 304e301006072a8648ce3d020106052b81040021033a0004be3e22133f51203f631b81dde8c020cdea5daa1f99cfc05c88fad2dc0f243798d6e72d1de9e3cdca4144e0a6c0f2a584d07589006972c197 |
| result = valid |
| shared = fffc0007fff0001fffc0007fff0001fffc0007fff0001fffc0008001 |
| |
| # tcId = 11 |
| # edge cases for shared secret |
| curve = secp224r1 |
| private = 0a2b6442a37f9201b56758034d2009be64b0ab7c02d7e398cac9665d6 |
| public = 304e301006072a8648ce3d020106052b81040021033a0004af14547c20afbd91bfe64ea03d45a76a71241f23520ef897ff91eff1b54ca6ca8c25fd73852ec6654617434eff7f0225684d4dea7a4f8a97 |
| result = valid |
| shared = ffff0000003ffffff0000003ffffff0000003ffffff0000003ffffff |
| |
| # tcId = 12 |
| # edge cases for shared secret |
| curve = secp224r1 |
| private = 0a2b6442a37f9201b56758034d2009be64b0ab7c02d7e398cac9665d6 |
| public = 304e301006072a8648ce3d020106052b81040021033a0004b1e484925018729926acda56ff3e2f6c1e7e8f162b178d8e8afb45564fceaa6da5d998fe26b6b26a055169063a5ab6908852ca8b54e2de6c |
| result = valid |
| shared = fffff0000007fffffe000000ffffffc000001ffffff8000003ffffff |
| |
| # tcId = 13 |
| # edge cases for shared secret |
| curve = secp224r1 |
| private = 0a2b6442a37f9201b56758034d2009be64b0ab7c02d7e398cac9665d6 |
| public = 304e301006072a8648ce3d020106052b81040021033a0004937eb09fb145c8829cb7df20a4cbeed396791373de277871d6c5f9cc3b5b4fd56464a71fc4a2a6af3bd251952bffa829489e68a8d06f96b6 |
| result = valid |
| shared = ffffffff00000000ffffffff00000000ffffffff00000000ffffffff |
| |
| # tcId = 14 |
| # edge cases for ephemeral key |
| curve = secp224r1 |
| private = 2bc15cf3981f4e15bbad387b506df647989e5478160be862f8c26969 |
| public = 304e301006072a8648ce3d020106052b81040021033a0004000000000000000000000001000000000000000000000000000000012ea2f4917bdfdb008306cc10a18e2557633ba861001829dcbfb96fba |
| result = valid |
| shared = be1ded8cb7ff8a585181f96d681e31b332fe27dcae922dca2310300d |
| |
| # tcId = 15 |
| # edge cases for ephemeral key |
| curve = secp224r1 |
| private = 2bc15cf3981f4e15bbad387b506df647989e5478160be862f8c26969 |
| public = 304e301006072a8648ce3d020106052b81040021033a000400000000000000ffffffffffffff000000000000010000000000000073ca5f8f104997a2399e0c7f25e72a75ec29fc4542533d3fea89a33a |
| result = valid |
| shared = a2e86a260e13515918a0cafdd87855f231b5624c560f976159e06a75 |
| |
| # tcId = 16 |
| # edge cases for ephemeral key |
| curve = secp224r1 |
| private = 2bc15cf3981f4e15bbad387b506df647989e5478160be862f8c26969 |
| public = 304e301006072a8648ce3d020106052b81040021033a000400000000ffffffffffffffff000000000000000100000000000000006fe6805f59b19b0dd389452a1d4a420bfeb6c369cf6fed5b12e6e654 |
| result = valid |
| shared = 31ef7c8d10404a0046994f313a70574b027e87f9028eca242c1b5bf5 |
| |
| # tcId = 17 |
| # edge cases for ephemeral key |
| curve = secp224r1 |
| private = 2bc15cf3981f4e15bbad387b506df647989e5478160be862f8c26969 |
| public = 304e301006072a8648ce3d020106052b81040021033a00040000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff77c5cfa4e2c384938d48bd8dd98f54c86b279f1df8c0a1f6692439c9 |
| result = valid |
| shared = d1976a8ef5f54f24f5a269ad504fdca849fc9c28587ba294ef267396 |
| |
| # tcId = 18 |
| # edge cases for ephemeral key |
| curve = secp224r1 |
| private = 2bc15cf3981f4e15bbad387b506df647989e5478160be862f8c26969 |
| public = 304e301006072a8648ce3d020106052b81040021033a00040003fffffff00000003fffffff00000003fffffff00000004000000001f0828136016bb97445461bc59f2175d8d23557d6b9381f26136e3d |
| result = valid |
| shared = ce7890d108ddb2e5474e6417fcf7a9f2b3bd018816062f4835260dc8 |
| |
| # tcId = 19 |
| # edge cases for ephemeral key |
| curve = secp224r1 |
| private = 2bc15cf3981f4e15bbad387b506df647989e5478160be862f8c26969 |
| public = 304e301006072a8648ce3d020106052b81040021033a000401fffffffc00000007fffffff00000001fffffffc0000000800000012d8acca6f199d4a94b933ba1aa713a7debde8ac57b928f596ae66a66 |
| result = valid |
| shared = 30b6ff6e8051dae51e4fe34b2d9a0b1879153e007eb0b5bdf1791a9c |
| |
| # tcId = 20 |
| # edge cases for ephemeral key |
| curve = secp224r1 |
| private = 2bc15cf3981f4e15bbad387b506df647989e5478160be862f8c26969 |
| public = 304e301006072a8648ce3d020106052b81040021033a00047fffffffffffffffffffffffffffffffffffffffffffffffffffffff7d8dbca36c56bcaae92e3475f799294f30768038e816a7d5f7f07d77 |
| result = valid |
| shared = 73bd63bd384a0faafb75cfed3e95d3892cbacf0db10f282c3b644771 |
| |
| # tcId = 21 |
| # edge cases for ephemeral key |
| curve = secp224r1 |
| private = 2bc15cf3981f4e15bbad387b506df647989e5478160be862f8c26969 |
| public = 304e301006072a8648ce3d020106052b81040021033a0004fffc0007fff0001fffc0007fff0001fffc0007fff0001fffc000800174f1ff5ea7fbc72b92f61e06556c26bab84c0b082dd6400ca1c1eb6d |
| result = valid |
| shared = 85b079c62e1f5b0fd6841dfa16026e15b641f65e13a14042567166bb |
| |
| # tcId = 22 |
| # edge cases for ephemeral key |
| curve = secp224r1 |
| private = 2bc15cf3981f4e15bbad387b506df647989e5478160be862f8c26969 |
| public = 304e301006072a8648ce3d020106052b81040021033a0004ffff0000003ffffff0000003ffffff0000003ffffff0000003ffffff0126fdd5fccd0b5aa7fd5bb5b1308584b30556248cec80208a2fe962 |
| result = valid |
| shared = 8a834ff40e3fc9f9d412a481e18537ea799536c5520c6c7baaf12166 |
| |
| # tcId = 23 |
| # edge cases for ephemeral key |
| curve = secp224r1 |
| private = 2bc15cf3981f4e15bbad387b506df647989e5478160be862f8c26969 |
| public = 304e301006072a8648ce3d020106052b81040021033a0004fffff0000007fffffe000000ffffffc000001ffffff8000003ffffff20cfa23077acc9fbcb71339c65880cd0b966b8a9497e65abed17f0b5 |
| result = valid |
| shared = a0887269766e6efcbc81d2b38f2d4638663f12377468a23421044188 |
| |
| # tcId = 24 |
| # edge cases for ephemeral key |
| curve = secp224r1 |
| private = 2bc15cf3981f4e15bbad387b506df647989e5478160be862f8c26969 |
| public = 304e301006072a8648ce3d020106052b81040021033a0004ffffffff00000000ffffffff00000000ffffffff00000000ffffffff1c05ac2d4f10b69877c3243d51f887277b7bf735c326ab2f0d70da8c |
| result = valid |
| shared = c65d1911bc076a74588d8793ce7a0dcabf5793460cd2ebb02754a1be |
| |
| # tcId = 25 |
| # edge case private key |
| curve = secp224r1 |
| private = 3 |
| public = 304e301006072a8648ce3d020106052b81040021033a0004478e73465bb1183583f4064e67e8b4343af4a05d29dfc04eb60ac2302e5b9a3a1b32e4208d4c284ff26822e09c3a9a4683443e4a35175504 |
| result = valid |
| shared = e71f2157bfe37697ea5193d4732dcc6e5412fa9d38387eacd391c1c6 |
| |
| # tcId = 26 |
| # edge case private key |
| curve = secp224r1 |
| private = 0ffffffffffffffffffffffffffffffffffffffffffffffff |
| public = 304e301006072a8648ce3d020106052b81040021033a0004478e73465bb1183583f4064e67e8b4343af4a05d29dfc04eb60ac2302e5b9a3a1b32e4208d4c284ff26822e09c3a9a4683443e4a35175504 |
| result = valid |
| shared = fa2664717c7fa0161ec2c669b2c0986cdc20456a6e5406302bb53c77 |
| |
| # tcId = 27 |
| # edge case private key |
| curve = secp224r1 |
| private = 1000000000000000000000000000000000000000000000000000000 |
| public = 304e301006072a8648ce3d020106052b81040021033a0004478e73465bb1183583f4064e67e8b4343af4a05d29dfc04eb60ac2302e5b9a3a1b32e4208d4c284ff26822e09c3a9a4683443e4a35175504 |
| result = valid |
| shared = af6e5ad34497bae0745f53ad78ce8b285d79f400d5c6e6a071f8e6bd |
| |
| # tcId = 28 |
| # edge case private key |
| curve = secp224r1 |
| private = 7fffffffffffffffffffffffffffffffffffffffffffffffffffffff |
| public = 304e301006072a8648ce3d020106052b81040021033a0004478e73465bb1183583f4064e67e8b4343af4a05d29dfc04eb60ac2302e5b9a3a1b32e4208d4c284ff26822e09c3a9a4683443e4a35175504 |
| result = valid |
| shared = 12fd302ff8c13c55a9c111f8bb6b0a13ecf88299c0ae3032ce2bcaff |
| |
| # tcId = 29 |
| # edge case private key |
| curve = secp224r1 |
| private = 080000000000000000000000000000000000000000000000000000000 |
| public = 304e301006072a8648ce3d020106052b81040021033a0004478e73465bb1183583f4064e67e8b4343af4a05d29dfc04eb60ac2302e5b9a3a1b32e4208d4c284ff26822e09c3a9a4683443e4a35175504 |
| result = valid |
| shared = 73f1a395b842f1a6752ae417e2c3dc90cafc4476d1d861b7e68ad030 |
| |
| # tcId = 30 |
| # edge case private key |
| curve = secp224r1 |
| private = 0ffffffffffffffffffffffffffff16a2e0b8f03d13dd29455c5c2a3d |
| public = 304e301006072a8648ce3d020106052b81040021033a0004478e73465bb1183583f4064e67e8b4343af4a05d29dfc04eb60ac2302e5b9a3a1b32e4208d4c284ff26822e09c3a9a4683443e4a35175504 |
| result = valid |
| shared = b329c20ddb7c78ee4e622bb23a984c0d273ba34b6269f3d9e8f89f8e |
| |
| # tcId = 31 |
| # edge case private key |
| curve = secp224r1 |
| private = 0ffffffffffffffffffffffffffff16a2e0b8f03e13cd29455c5c2a3d |
| public = 304e301006072a8648ce3d020106052b81040021033a0004478e73465bb1183583f4064e67e8b4343af4a05d29dfc04eb60ac2302e5b9a3a1b32e4208d4c284ff26822e09c3a9a4683443e4a35175504 |
| result = valid |
| shared = 6f48345209b290ffc5abbe754a201479e5d667a209468080d06197b4 |
| |
| # tcId = 32 |
| # edge case private key |
| curve = secp224r1 |
| private = 0ffffffffffffffffffffffffffff16a2e0b8f03e13d529455c5c2a3d |
| public = 304e301006072a8648ce3d020106052b81040021033a0004478e73465bb1183583f4064e67e8b4343af4a05d29dfc04eb60ac2302e5b9a3a1b32e4208d4c284ff26822e09c3a9a4683443e4a35175504 |
| result = valid |
| shared = 9f6e30c1c9dad42a153aacd4b49a8e5c721d085cd07b5d5aec244fc1 |
| |
| # tcId = 33 |
| # edge case private key |
| curve = secp224r1 |
| private = 0ffffffffffffffffffffffffffff16a2e0b8f03e13dd29445c5c2a3d |
| public = 304e301006072a8648ce3d020106052b81040021033a0004478e73465bb1183583f4064e67e8b4343af4a05d29dfc04eb60ac2302e5b9a3a1b32e4208d4c284ff26822e09c3a9a4683443e4a35175504 |
| result = valid |
| shared = 8cadfb19a80949e61bd5b829ad0e76d18a5bb2eeb9ed7fe2b901cecd |
| |
| # tcId = 34 |
| # edge case private key |
| curve = secp224r1 |
| private = 0ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c29b7 |
| public = 304e301006072a8648ce3d020106052b81040021033a0004478e73465bb1183583f4064e67e8b4343af4a05d29dfc04eb60ac2302e5b9a3a1b32e4208d4c284ff26822e09c3a9a4683443e4a35175504 |
| result = valid |
| shared = 475fd96e0eb8cb8f100a5d7fe043a7a6851d1d611da2643a3c6ae708 |
| # The private key has a special value. Implementations using addition |
| # subtraction chains for the point multiplication may get the point at infinity |
| # as an intermediate result. See CVE_2017_10176 |
| |
| # tcId = 35 |
| # edge case private key |
| curve = secp224r1 |
| private = 0ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a37 |
| public = 304e301006072a8648ce3d020106052b81040021033a0004478e73465bb1183583f4064e67e8b4343af4a05d29dfc04eb60ac2302e5b9a3a1b32e4208d4c284ff26822e09c3a9a4683443e4a35175504 |
| result = valid |
| shared = 41ef931d669d1f57d8bb95a01a92321da74be8c6cbc3bbe0b2e73ebd |
| # The private key has a special value. Implementations using addition |
| # subtraction chains for the point multiplication may get the point at infinity |
| # as an intermediate result. See CVE_2017_10176 |
| |
| # tcId = 36 |
| # edge case private key |
| curve = secp224r1 |
| private = 0ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3a |
| public = 304e301006072a8648ce3d020106052b81040021033a0004478e73465bb1183583f4064e67e8b4343af4a05d29dfc04eb60ac2302e5b9a3a1b32e4208d4c284ff26822e09c3a9a4683443e4a35175504 |
| result = valid |
| shared = e71f2157bfe37697ea5193d4732dcc6e5412fa9d38387eacd391c1c6 |
| |
| # tcId = 37 |
| # edge case private key |
| curve = secp224r1 |
| private = 0ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3b |
| public = 304e301006072a8648ce3d020106052b81040021033a0004478e73465bb1183583f4064e67e8b4343af4a05d29dfc04eb60ac2302e5b9a3a1b32e4208d4c284ff26822e09c3a9a4683443e4a35175504 |
| result = valid |
| shared = 11ff15126411299cbd49e2b7542e69e91ef132e2551a16ecfebb23a3 |
| # The private key has a special value. Implementations using addition |
| # subtraction chains for the point multiplication may get the point at infinity |
| # as an intermediate result. See CVE_2017_10176 |
| |
| # tcId = 38 |
| # public point not on curve |
| curve = secp224r1 |
| private = 0d07629eb653a169ae3231ea1030faaf3e7f8ffe388030ee315d0a1d2 |
| public = 304e301006072a8648ce3d020106052b81040021033a0004a10fb7bf22d299fc5bc43bd2d0e8da28af28ace8430bee28f9e5b57554275c0615d8d9a3011d7bc4c1c4cf4a834c8dc46f25b98854401a5d |
| result = invalid |
| shared = 9b992dad1c2b5dadd3b5aeb84b7a91fb6fe5f46e02ab2c7fa32696a7 |
| # The public key has been modified and is invalid. An implementation should |
| # always check whether the public key is valid and on the same curve as the |
| # private key. The test vector includes the shared secret computed with the |
| # original public key. Generating a shared secret other than the one with the |
| # original key likely indicates that the bug is exploitable. |
| |
| # tcId = 39 |
| # public point = (0,0) |
| curve = secp224r1 |
| private = 0d07629eb653a169ae3231ea1030faaf3e7f8ffe388030ee315d0a1d2 |
| public = 304e301006072a8648ce3d020106052b81040021033a00040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 |
| result = invalid |
| shared = 9b992dad1c2b5dadd3b5aeb84b7a91fb6fe5f46e02ab2c7fa32696a7 |
| # The public key has been modified and is invalid. An implementation should |
| # always check whether the public key is valid and on the same curve as the |
| # private key. The test vector includes the shared secret computed with the |
| # original public key. Generating a shared secret other than the one with the |
| # original key likely indicates that the bug is exploitable. |
| |
| # tcId = 40 |
| # order = -26959946667150639794667015087019625940457807714424391721682722368061 |
| curve = secp224r1 |
| private = 0d07629eb653a169ae3231ea1030faaf3e7f8ffe388030ee315d0a1d2 |
| public = 308201133081d406072a8648ce3d02013081c8020101302806072a8648ce3d0101021d00ffffffffffffffffffffffffffffffff000000000000000000000001303c041cfffffffffffffffffffffffffffffffefffffffffffffffffffffffe041cb4050a850c04b3abf54132565044b0b7d7bfd8ba270b39432355ffb4043904b70e0cbd6bb4bf7f321390b94a03c1d356c21122343280d6115c1d21bd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34021dff0000000000000000000000000000e95d1f470fc1ec22d6baa3a3d5c3020101033a0004a10fb7bf22d299fc5bc43bd2d0e8da28af28ace8430bee28f9e5b57554275c0615d8d9a3011d7bc4c1c4cf4a834c8dc46f25b98854401a5b |
| result = invalid |
| shared = 9b992dad1c2b5dadd3b5aeb84b7a91fb6fe5f46e02ab2c7fa32696a7 |
| # The order of the public key has been modified. If this order is used in a |
| # cryptographic primitive instead of the correct order then private keys may |
| # leak. E.g. ECDHC in BC 1.52 suffered from this. |
| # The public key has been modified and is invalid. An implementation should |
| # always check whether the public key is valid and on the same curve as the |
| # private key. The test vector includes the shared secret computed with the |
| # original public key. Generating a shared secret other than the one with the |
| # original key likely indicates that the bug is exploitable. |
| # The public key does not use a named curve. RFC 3279 allows to encode such |
| # curves by explicitly encoding, the parameters of the curve equation, modulus, |
| # generator, order and cofactor. However, many crypto libraries only support |
| # named curves. Modifying some of the EC parameters and encoding the |
| # corresponding public key as an unnamed curve is a potential attack vector. |
| |
| # tcId = 41 |
| # order = 0 |
| curve = secp224r1 |
| private = 0d07629eb653a169ae3231ea1030faaf3e7f8ffe388030ee315d0a1d2 |
| public = 3081f73081b806072a8648ce3d02013081ac020101302806072a8648ce3d0101021d00ffffffffffffffffffffffffffffffff000000000000000000000001303c041cfffffffffffffffffffffffffffffffefffffffffffffffffffffffe041cb4050a850c04b3abf54132565044b0b7d7bfd8ba270b39432355ffb4043904b70e0cbd6bb4bf7f321390b94a03c1d356c21122343280d6115c1d21bd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34020100020101033a0004a10fb7bf22d299fc5bc43bd2d0e8da28af28ace8430bee28f9e5b57554275c0615d8d9a3011d7bc4c1c4cf4a834c8dc46f25b98854401a5b |
| result = invalid |
| shared = 9b992dad1c2b5dadd3b5aeb84b7a91fb6fe5f46e02ab2c7fa32696a7 |
| # The order of the public key has been modified. If this order is used in a |
| # cryptographic primitive instead of the correct order then private keys may |
| # leak. E.g. ECDHC in BC 1.52 suffered from this. |
| # The public key has been modified and is invalid. An implementation should |
| # always check whether the public key is valid and on the same curve as the |
| # private key. The test vector includes the shared secret computed with the |
| # original public key. Generating a shared secret other than the one with the |
| # original key likely indicates that the bug is exploitable. |
| # The public key does not use a named curve. RFC 3279 allows to encode such |
| # curves by explicitly encoding, the parameters of the curve equation, modulus, |
| # generator, order and cofactor. However, many crypto libraries only support |
| # named curves. Modifying some of the EC parameters and encoding the |
| # corresponding public key as an unnamed curve is a potential attack vector. |
| |
| # tcId = 42 |
| # order = 1 |
| curve = secp224r1 |
| private = 0d07629eb653a169ae3231ea1030faaf3e7f8ffe388030ee315d0a1d2 |
| public = 3081f73081b806072a8648ce3d02013081ac020101302806072a8648ce3d0101021d00ffffffffffffffffffffffffffffffff000000000000000000000001303c041cfffffffffffffffffffffffffffffffefffffffffffffffffffffffe041cb4050a850c04b3abf54132565044b0b7d7bfd8ba270b39432355ffb4043904b70e0cbd6bb4bf7f321390b94a03c1d356c21122343280d6115c1d21bd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34020101020101033a0004a10fb7bf22d299fc5bc43bd2d0e8da28af28ace8430bee28f9e5b57554275c0615d8d9a3011d7bc4c1c4cf4a834c8dc46f25b98854401a5b |
| result = acceptable |
| shared = 9b992dad1c2b5dadd3b5aeb84b7a91fb6fe5f46e02ab2c7fa32696a7 |
| # The order of the public key has been modified. If this order is used in a |
| # cryptographic primitive instead of the correct order then private keys may |
| # leak. E.g. ECDHC in BC 1.52 suffered from this. |
| # A parameter that is typically not used for ECDH has been modified. Sometimes |
| # libraries ignore small differences between public and private key. For |
| # example, a library might ignore an incorrect cofactor in the public key. We |
| # consider ignoring such changes as acceptable as long as these differences do |
| # not change the outcome of the ECDH computation, i.e. as long as the |
| # computation is done on the curve from the private key. |
| # The public key does not use a named curve. RFC 3279 allows to encode such |
| # curves by explicitly encoding, the parameters of the curve equation, modulus, |
| # generator, order and cofactor. However, many crypto libraries only support |
| # named curves. Modifying some of the EC parameters and encoding the |
| # corresponding public key as an unnamed curve is a potential attack vector. |
| |
| # tcId = 43 |
| # order = 6277101735386680763835789423207665314073163949517624387909 |
| curve = secp224r1 |
| private = 0d07629eb653a169ae3231ea1030faaf3e7f8ffe388030ee315d0a1d2 |
| public = 3082010f3081d006072a8648ce3d02013081c4020101302806072a8648ce3d0101021d00ffffffffffffffffffffffffffffffff000000000000000000000001303c041cfffffffffffffffffffffffffffffffefffffffffffffffffffffffe041cb4050a850c04b3abf54132565044b0b7d7bfd8ba270b39432355ffb4043904b70e0cbd6bb4bf7f321390b94a03c1d356c21122343280d6115c1d21bd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34021900ffffffffffffffffffffffffffff16a2e0b8f03e13dd2945020101033a0004a10fb7bf22d299fc5bc43bd2d0e8da28af28ace8430bee28f9e5b57554275c0615d8d9a3011d7bc4c1c4cf4a834c8dc46f25b98854401a5b |
| result = acceptable |
| shared = 9b992dad1c2b5dadd3b5aeb84b7a91fb6fe5f46e02ab2c7fa32696a7 |
| # The order of the public key has been modified. If this order is used in a |
| # cryptographic primitive instead of the correct order then private keys may |
| # leak. E.g. ECDHC in BC 1.52 suffered from this. |
| # A parameter that is typically not used for ECDH has been modified. Sometimes |
| # libraries ignore small differences between public and private key. For |
| # example, a library might ignore an incorrect cofactor in the public key. We |
| # consider ignoring such changes as acceptable as long as these differences do |
| # not change the outcome of the ECDH computation, i.e. as long as the |
| # computation is done on the curve from the private key. |
| # The public key does not use a named curve. RFC 3279 allows to encode such |
| # curves by explicitly encoding, the parameters of the curve equation, modulus, |
| # generator, order and cofactor. However, many crypto libraries only support |
| # named curves. Modifying some of the EC parameters and encoding the |
| # corresponding public key as an unnamed curve is a potential attack vector. |
| |
| # tcId = 44 |
| # generator = (0,0) |
| curve = secp224r1 |
| private = 0d07629eb653a169ae3231ea1030faaf3e7f8ffe388030ee315d0a1d2 |
| public = 308201133081d406072a8648ce3d02013081c8020101302806072a8648ce3d0101021d00ffffffffffffffffffffffffffffffff000000000000000000000001303c041cfffffffffffffffffffffffffffffffefffffffffffffffffffffffe041cb4050a850c04b3abf54132565044b0b7d7bfd8ba270b39432355ffb40439040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000021d00ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3d020101033a0004a10fb7bf22d299fc5bc43bd2d0e8da28af28ace8430bee28f9e5b57554275c0615d8d9a3011d7bc4c1c4cf4a834c8dc46f25b98854401a5b |
| result = acceptable |
| shared = 9b992dad1c2b5dadd3b5aeb84b7a91fb6fe5f46e02ab2c7fa32696a7 |
| # A parameter that is typically not used for ECDH has been modified. Sometimes |
| # libraries ignore small differences between public and private key. For |
| # example, a library might ignore an incorrect cofactor in the public key. We |
| # consider ignoring such changes as acceptable as long as these differences do |
| # not change the outcome of the ECDH computation, i.e. as long as the |
| # computation is done on the curve from the private key. |
| # The public key does not use a named curve. RFC 3279 allows to encode such |
| # curves by explicitly encoding, the parameters of the curve equation, modulus, |
| # generator, order and cofactor. However, many crypto libraries only support |
| # named curves. Modifying some of the EC parameters and encoding the |
| # corresponding public key as an unnamed curve is a potential attack vector. |
| |
| # tcId = 45 |
| # generator not on curve |
| curve = secp224r1 |
| private = 0d07629eb653a169ae3231ea1030faaf3e7f8ffe388030ee315d0a1d2 |
| public = 308201133081d406072a8648ce3d02013081c8020101302806072a8648ce3d0101021d00ffffffffffffffffffffffffffffffff000000000000000000000001303c041cfffffffffffffffffffffffffffffffefffffffffffffffffffffffe041cb4050a850c04b3abf54132565044b0b7d7bfd8ba270b39432355ffb4043904b70e0cbd6bb4bf7f321390b94a03c1d356c21122343280d6115c1d21bd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e36021d00ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3d020101033a0004a10fb7bf22d299fc5bc43bd2d0e8da28af28ace8430bee28f9e5b57554275c0615d8d9a3011d7bc4c1c4cf4a834c8dc46f25b98854401a5b |
| result = acceptable |
| shared = 9b992dad1c2b5dadd3b5aeb84b7a91fb6fe5f46e02ab2c7fa32696a7 |
| # A parameter that is typically not used for ECDH has been modified. Sometimes |
| # libraries ignore small differences between public and private key. For |
| # example, a library might ignore an incorrect cofactor in the public key. We |
| # consider ignoring such changes as acceptable as long as these differences do |
| # not change the outcome of the ECDH computation, i.e. as long as the |
| # computation is done on the curve from the private key. |
| # The public key does not use a named curve. RFC 3279 allows to encode such |
| # curves by explicitly encoding, the parameters of the curve equation, modulus, |
| # generator, order and cofactor. However, many crypto libraries only support |
| # named curves. Modifying some of the EC parameters and encoding the |
| # corresponding public key as an unnamed curve is a potential attack vector. |
| |
| # tcId = 46 |
| # cofactor = -1 |
| curve = secp224r1 |
| private = 0d07629eb653a169ae3231ea1030faaf3e7f8ffe388030ee315d0a1d2 |
| public = 308201133081d406072a8648ce3d02013081c8020101302806072a8648ce3d0101021d00ffffffffffffffffffffffffffffffff000000000000000000000001303c041cfffffffffffffffffffffffffffffffefffffffffffffffffffffffe041cb4050a850c04b3abf54132565044b0b7d7bfd8ba270b39432355ffb4043904b70e0cbd6bb4bf7f321390b94a03c1d356c21122343280d6115c1d21bd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34021d00ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3d0201ff033a0004a10fb7bf22d299fc5bc43bd2d0e8da28af28ace8430bee28f9e5b57554275c0615d8d9a3011d7bc4c1c4cf4a834c8dc46f25b98854401a5b |
| result = invalid |
| shared = 9b992dad1c2b5dadd3b5aeb84b7a91fb6fe5f46e02ab2c7fa32696a7 |
| # The public key has been modified and is invalid. An implementation should |
| # always check whether the public key is valid and on the same curve as the |
| # private key. The test vector includes the shared secret computed with the |
| # original public key. Generating a shared secret other than the one with the |
| # original key likely indicates that the bug is exploitable. |
| # The public key does not use a named curve. RFC 3279 allows to encode such |
| # curves by explicitly encoding, the parameters of the curve equation, modulus, |
| # generator, order and cofactor. However, many crypto libraries only support |
| # named curves. Modifying some of the EC parameters and encoding the |
| # corresponding public key as an unnamed curve is a potential attack vector. |
| |
| # tcId = 47 |
| # cofactor = 0 |
| curve = secp224r1 |
| private = 0d07629eb653a169ae3231ea1030faaf3e7f8ffe388030ee315d0a1d2 |
| public = 308201133081d406072a8648ce3d02013081c8020101302806072a8648ce3d0101021d00ffffffffffffffffffffffffffffffff000000000000000000000001303c041cfffffffffffffffffffffffffffffffefffffffffffffffffffffffe041cb4050a850c04b3abf54132565044b0b7d7bfd8ba270b39432355ffb4043904b70e0cbd6bb4bf7f321390b94a03c1d356c21122343280d6115c1d21bd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34021d00ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3d020100033a0004a10fb7bf22d299fc5bc43bd2d0e8da28af28ace8430bee28f9e5b57554275c0615d8d9a3011d7bc4c1c4cf4a834c8dc46f25b98854401a5b |
| result = invalid |
| shared = 9b992dad1c2b5dadd3b5aeb84b7a91fb6fe5f46e02ab2c7fa32696a7 |
| # The public key has been modified and is invalid. An implementation should |
| # always check whether the public key is valid and on the same curve as the |
| # private key. The test vector includes the shared secret computed with the |
| # original public key. Generating a shared secret other than the one with the |
| # original key likely indicates that the bug is exploitable. |
| # The public key does not use a named curve. RFC 3279 allows to encode such |
| # curves by explicitly encoding, the parameters of the curve equation, modulus, |
| # generator, order and cofactor. However, many crypto libraries only support |
| # named curves. Modifying some of the EC parameters and encoding the |
| # corresponding public key as an unnamed curve is a potential attack vector. |
| |
| # tcId = 48 |
| # cofactor = 2 |
| curve = secp224r1 |
| private = 0d07629eb653a169ae3231ea1030faaf3e7f8ffe388030ee315d0a1d2 |
| public = 308201133081d406072a8648ce3d02013081c8020101302806072a8648ce3d0101021d00ffffffffffffffffffffffffffffffff000000000000000000000001303c041cfffffffffffffffffffffffffffffffefffffffffffffffffffffffe041cb4050a850c04b3abf54132565044b0b7d7bfd8ba270b39432355ffb4043904b70e0cbd6bb4bf7f321390b94a03c1d356c21122343280d6115c1d21bd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34021d00ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3d020102033a0004a10fb7bf22d299fc5bc43bd2d0e8da28af28ace8430bee28f9e5b57554275c0615d8d9a3011d7bc4c1c4cf4a834c8dc46f25b98854401a5b |
| result = acceptable |
| shared = 9b992dad1c2b5dadd3b5aeb84b7a91fb6fe5f46e02ab2c7fa32696a7 |
| # A parameter that is typically not used for ECDH has been modified. Sometimes |
| # libraries ignore small differences between public and private key. For |
| # example, a library might ignore an incorrect cofactor in the public key. We |
| # consider ignoring such changes as acceptable as long as these differences do |
| # not change the outcome of the ECDH computation, i.e. as long as the |
| # computation is done on the curve from the private key. |
| # The public key does not use a named curve. RFC 3279 allows to encode such |
| # curves by explicitly encoding, the parameters of the curve equation, modulus, |
| # generator, order and cofactor. However, many crypto libraries only support |
| # named curves. Modifying some of the EC parameters and encoding the |
| # corresponding public key as an unnamed curve is a potential attack vector. |
| |
| # tcId = 49 |
| # cofactor = |
| # 26959946667150639794667015087019625940457807714424391721682722368061 |
| curve = secp224r1 |
| private = 0d07629eb653a169ae3231ea1030faaf3e7f8ffe388030ee315d0a1d2 |
| public = 3082012f3081f006072a8648ce3d02013081e4020101302806072a8648ce3d0101021d00ffffffffffffffffffffffffffffffff000000000000000000000001303c041cfffffffffffffffffffffffffffffffefffffffffffffffffffffffe041cb4050a850c04b3abf54132565044b0b7d7bfd8ba270b39432355ffb4043904b70e0cbd6bb4bf7f321390b94a03c1d356c21122343280d6115c1d21bd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34021d00ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3d021d00ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3d033a0004a10fb7bf22d299fc5bc43bd2d0e8da28af28ace8430bee28f9e5b57554275c0615d8d9a3011d7bc4c1c4cf4a834c8dc46f25b98854401a5b |
| result = invalid |
| shared = 9b992dad1c2b5dadd3b5aeb84b7a91fb6fe5f46e02ab2c7fa32696a7 |
| # The public key has been modified and is invalid. An implementation should |
| # always check whether the public key is valid and on the same curve as the |
| # private key. The test vector includes the shared secret computed with the |
| # original public key. Generating a shared secret other than the one with the |
| # original key likely indicates that the bug is exploitable. |
| # The public key does not use a named curve. RFC 3279 allows to encode such |
| # curves by explicitly encoding, the parameters of the curve equation, modulus, |
| # generator, order and cofactor. However, many crypto libraries only support |
| # named curves. Modifying some of the EC parameters and encoding the |
| # corresponding public key as an unnamed curve is a potential attack vector. |
| |
| # tcId = 50 |
| # cofactor = None |
| curve = secp224r1 |
| private = 0d07629eb653a169ae3231ea1030faaf3e7f8ffe388030ee315d0a1d2 |
| public = 308201103081d106072a8648ce3d02013081c5020101302806072a8648ce3d0101021d00ffffffffffffffffffffffffffffffff000000000000000000000001303c041cfffffffffffffffffffffffffffffffefffffffffffffffffffffffe041cb4050a850c04b3abf54132565044b0b7d7bfd8ba270b39432355ffb4043904b70e0cbd6bb4bf7f321390b94a03c1d356c21122343280d6115c1d21bd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34021d00ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3d033a0004a10fb7bf22d299fc5bc43bd2d0e8da28af28ace8430bee28f9e5b57554275c0615d8d9a3011d7bc4c1c4cf4a834c8dc46f25b98854401a5b |
| result = acceptable |
| shared = 9b992dad1c2b5dadd3b5aeb84b7a91fb6fe5f46e02ab2c7fa32696a7 |
| # A parameter that is typically not used for ECDH has been modified. Sometimes |
| # libraries ignore small differences between public and private key. For |
| # example, a library might ignore an incorrect cofactor in the public key. We |
| # consider ignoring such changes as acceptable as long as these differences do |
| # not change the outcome of the ECDH computation, i.e. as long as the |
| # computation is done on the curve from the private key. |
| # The public key does not use a named curve. RFC 3279 allows to encode such |
| # curves by explicitly encoding, the parameters of the curve equation, modulus, |
| # generator, order and cofactor. However, many crypto libraries only support |
| # named curves. Modifying some of the EC parameters and encoding the |
| # corresponding public key as an unnamed curve is a potential attack vector. |
| |
| # tcId = 51 |
| # modified prime |
| curve = secp224r1 |
| private = 0d07629eb653a169ae3231ea1030faaf3e7f8ffe388030ee315d0a1d2 |
| public = 308201133081d406072a8648ce3d02013081c8020101302806072a8648ce3d0101021d00c123da0a46a971da9468161e61a5c71a02e6c9bdb3392f4016fb457b303c041c3edc25f5b9568e256b97e9e19e5a38e4fd1936424cc6d0bfe904ba83041cb4050a850c04b3abf54132565044b0b7d7bfd8ba270b39432355ffb4043904000000000000000000285145f31ae4d40000000000000000000003387edad63d1a600740ce66b6f04d67ed06ea1a75c16294336ed05b3fa3021d00ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3d020101033a0004000000000000000000285145f31ae4d40000000000000000000003387edad63d1a600740ce66b6f04d67ed06ea1a75c16294336ed05b3fa3 |
| result = invalid |
| shared = 9b992dad1c2b5dadd3b5aeb84b7a91fb6fe5f46e02ab2c7fa32696a7 |
| # The modulus of the public key has been modified. The public point of the |
| # public key has been chosen so that it is both a point on both the curve of the |
| # modified public key and the private key. |
| # The public key has been modified and is invalid. An implementation should |
| # always check whether the public key is valid and on the same curve as the |
| # private key. The test vector includes the shared secret computed with the |
| # original public key. Generating a shared secret other than the one with the |
| # original key likely indicates that the bug is exploitable. |
| # The public key does not use a named curve. RFC 3279 allows to encode such |
| # curves by explicitly encoding, the parameters of the curve equation, modulus, |
| # generator, order and cofactor. However, many crypto libraries only support |
| # named curves. Modifying some of the EC parameters and encoding the |
| # corresponding public key as an unnamed curve is a potential attack vector. |
| |
| # tcId = 52 |
| # using secp256r1 |
| curve = secp224r1 |
| private = 0d07629eb653a169ae3231ea1030faaf3e7f8ffe388030ee315d0a1d2 |
| public = 3059301306072a8648ce3d020106082a8648ce3d03010703420004cbf6606595a3ee50f9fceaa2798c2740c82540516b4e5a7d361ff24e9dd15364e5408b2e679f9d5310d1f6893b36ce16b4a507509175fcb52aea53b781556b39 |
| result = invalid |
| shared = 9b992dad1c2b5dadd3b5aeb84b7a91fb6fe5f46e02ab2c7fa32696a7 |
| # The public key has been modified and is invalid. An implementation should |
| # always check whether the public key is valid and on the same curve as the |
| # private key. The test vector includes the shared secret computed with the |
| # original public key. Generating a shared secret other than the one with the |
| # original key likely indicates that the bug is exploitable. |
| |
| # tcId = 53 |
| # using secp256k1 |
| curve = secp224r1 |
| private = 0d07629eb653a169ae3231ea1030faaf3e7f8ffe388030ee315d0a1d2 |
| public = 3056301006072a8648ce3d020106052b8104000a03420004a1263e75b87ae0937060ff1472f330ee55cdf8f4329d6284a9ebfbcc856c11684225e72cbebff41e54fb6f00e11afe53a17937bedbf2df787f8ef9584f775838 |
| result = invalid |
| shared = 9b992dad1c2b5dadd3b5aeb84b7a91fb6fe5f46e02ab2c7fa32696a7 |
| # The public key has been modified and is invalid. An implementation should |
| # always check whether the public key is valid and on the same curve as the |
| # private key. The test vector includes the shared secret computed with the |
| # original public key. Generating a shared secret other than the one with the |
| # original key likely indicates that the bug is exploitable. |
| |
| # tcId = 54 |
| # a = 0 |
| curve = secp224r1 |
| private = 0d07629eb653a169ae3231ea1030faaf3e7f8ffe388030ee315d0a1d2 |
| public = 3081f83081b906072a8648ce3d02013081ad020101302806072a8648ce3d0101021d00ffffffffffffffffffffffffffffffff0000000000000000000000013021040100041cd0d5e347a38ce5b6e1f47edddd8a223bca45d2015de76ec835a4df57043904a10fb7bf22d299fc5bc43bd2d0e8da28af28ace8430bee28f9e5b57554275c0615d8d9a3011d7bc4c1c4cf4a834c8dc46f25b98854401a5b021d00ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3d020101033a0004a10fb7bf22d299fc5bc43bd2d0e8da28af28ace8430bee28f9e5b57554275c0615d8d9a3011d7bc4c1c4cf4a834c8dc46f25b98854401a5b |
| result = acceptable |
| shared = 9b992dad1c2b5dadd3b5aeb84b7a91fb6fe5f46e02ab2c7fa32696a7 |
| # A parameter that is typically not used for ECDH has been modified. Sometimes |
| # libraries ignore small differences between public and private key. For |
| # example, a library might ignore an incorrect cofactor in the public key. We |
| # consider ignoring such changes as acceptable as long as these differences do |
| # not change the outcome of the ECDH computation, i.e. as long as the |
| # computation is done on the curve from the private key. |
| # The public key does not use a named curve. RFC 3279 allows to encode such |
| # curves by explicitly encoding, the parameters of the curve equation, modulus, |
| # generator, order and cofactor. However, many crypto libraries only support |
| # named curves. Modifying some of the EC parameters and encoding the |
| # corresponding public key as an unnamed curve is a potential attack vector. |
| |
| # tcId = 55 |
| # public key of order 3 |
| curve = secp224r1 |
| private = 0d07629eb653a169ae3231ea1030faaf3e7f8ffe388030ee315d0a1d2 |
| public = 308201133081d406072a8648ce3d02013081c8020101302806072a8648ce3d0101021d00ffffffffffffffffffffffffffffffff000000000000000000000001303c041c638e13764a07715dd0f3dc73c3b96a57d7edf087edd548055acba86d041cc9a6db972cff80f0a883ee0ea939544a707b32284b77b79c72118f390439043afa3ffd1cb3be8625468884aad7a07f33de1cfd74b06a060142a7d7470e6fb68cd0695a6c52b98246f92030ff4cdeb97dc90591eee1a1f0021d00ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3d020101033a00043afa3ffd1cb3be8625468884aad7a07f33de1cfd74b06a060142a7d7b8f19049732f96a593ad467db906dfce00b321468236fa6e111e5e11 |
| result = invalid |
| shared = 9b992dad1c2b5dadd3b5aeb84b7a91fb6fe5f46e02ab2c7fa32696a7 |
| # The vector contains a weak public key. The curve is not a named curve, the |
| # public key point has order 3 and has been chosen to be on the same curve as |
| # the private key. This test vector is used to check ECC implementations for |
| # missing steps in the verification of the public key. |
| # The public key has been modified and is invalid. An implementation should |
| # always check whether the public key is valid and on the same curve as the |
| # private key. The test vector includes the shared secret computed with the |
| # original public key. Generating a shared secret other than the one with the |
| # original key likely indicates that the bug is exploitable. |
| # The public key does not use a named curve. RFC 3279 allows to encode such |
| # curves by explicitly encoding, the parameters of the curve equation, modulus, |
| # generator, order and cofactor. However, many crypto libraries only support |
| # named curves. Modifying some of the EC parameters and encoding the |
| # corresponding public key as an unnamed curve is a potential attack vector. |
| |
| # tcId = 56 |
| # Public key uses wrong curve: secp256r1 |
| curve = secp224r1 |
| private = 2ddd06cb77ca2eae5266a34a107b49e56ffb4c2d3952112da2df90fc |
| public = 3059301306072a8648ce3d020106082a8648ce3d03010703420004ea36cf70fab75684eabe6569ce623db0deaa8c95f61c8be50b8b9f3eb7d4b9ec48d9e4814f4cb1c286589eaaa990d3f3238b2d6d6be964abfad964824b653376 |
| result = invalid |
| shared = |
| |
| # tcId = 57 |
| # Public key uses wrong curve: secp384r1 |
| curve = secp224r1 |
| private = 2ddd06cb77ca2eae5266a34a107b49e56ffb4c2d3952112da2df90fc |
| public = 3076301006072a8648ce3d020106052b81040022036200044b2470ad3d13269c10a17d222ebdffbd61fb04488db1b1d7caef8d4988b7bb8ba6d81857a05b255232b9e37a30e328bb9d9c42d86096f2bcee3d258cfe208d2fd03cbd5ccc6a3bb8ce4b0efa5b059b4afbd0377aa6e274721a57efe8ee85d86a |
| result = invalid |
| shared = |
| |
| # tcId = 58 |
| # Public key uses wrong curve: secp521r1 |
| curve = secp224r1 |
| private = 2ddd06cb77ca2eae5266a34a107b49e56ffb4c2d3952112da2df90fc |
| public = 30819b301006072a8648ce3d020106052b810400230381860004012841a2260f0f1f424865fef275374779bf0355720223f8ec6a9ba767b1603b492f58a6bba1705d882257bc6be1935de4411c5f1fdad44ec65ba8b97ce0e73e1ac90006937832a602147e37c1a42ca2a63629ffc9a35b31bfacb38c6242b42916125f7446b45c718f797259bc3011cb71e868560b331cf7d01139a0643443f9fd7306c1 |
| result = invalid |
| shared = |
| |
| # tcId = 59 |
| # Public key uses wrong curve: secp256k1 |
| curve = secp224r1 |
| private = 2ddd06cb77ca2eae5266a34a107b49e56ffb4c2d3952112da2df90fc |
| public = 3056301006072a8648ce3d020106052b8104000a03420004c2199fecf75648c0e952dff143821fa4012b28f90435ce6ee54653687f969a76092a3844e17d478a594f43b28cc10a5c553b4f64906121031c3a79299c70dbd6 |
| result = invalid |
| shared = |
| |
| # tcId = 60 |
| # Public key uses wrong curve: brainpoolP224r1 |
| curve = secp224r1 |
| private = 2ddd06cb77ca2eae5266a34a107b49e56ffb4c2d3952112da2df90fc |
| public = 3052301406072a8648ce3d020106092b2403030208010105033a00046caa3d6d86f792df7b29e41eb4203150f60f4fca10f57d0b2454abfb201f9f7e6dcbb92bdcfb9240dc86bcaeaf157c77bca22b2ec86ee8d6 |
| result = invalid |
| shared = |
| |
| # tcId = 61 |
| # Public key uses wrong curve: brainpoolP256r1 |
| curve = secp224r1 |
| private = 2ddd06cb77ca2eae5266a34a107b49e56ffb4c2d3952112da2df90fc |
| public = 305a301406072a8648ce3d020106092b2403030208010107034200042750180012c3ba7489517d428e4826784e50b50ac42ef7991c61a396c03a52da5e74908ae8a89627a7c15e554b105b0ebaeebcfed10e3ea60223d0a8bc3b36ab |
| result = invalid |
| shared = |
| |
| # tcId = 62 |
| # Public key uses wrong curve: brainpoolP320r1 |
| curve = secp224r1 |
| private = 2ddd06cb77ca2eae5266a34a107b49e56ffb4c2d3952112da2df90fc |
| public = 306a301406072a8648ce3d020106092b2403030208010109035200045b523d3a8f20f6a569c6951e0b8de48d89e7549a184e8506820421c3e404473692cd248d7480843b911d87a87e401112fce0d3d2c36978cf6dd7f1d93bfaebe0827d4bf4006006d3202e842126fe1b68 |
| result = invalid |
| shared = |
| |
| # tcId = 63 |
| # Public key uses wrong curve: brainpoolP384r1 |
| curve = secp224r1 |
| private = 2ddd06cb77ca2eae5266a34a107b49e56ffb4c2d3952112da2df90fc |
| public = 307a301406072a8648ce3d020106092b240303020801010b03620004449607c76c6dc7334c269a0ebab5beec83b6c263377ce06ef5c276f45a9916eff85f50438f5f32ced0210a6c414fe5e242c7c1070823f5395b35965bda6758acf84725f11ea836dda7d391fee91342026645241853224a437a6fb74e4cdc871f |
| result = invalid |
| shared = |
| |
| # tcId = 64 |
| # Public key uses wrong curve: brainpoolP512r1 |
| curve = secp224r1 |
| private = 2ddd06cb77ca2eae5266a34a107b49e56ffb4c2d3952112da2df90fc |
| public = 30819b301406072a8648ce3d020106092b240303020801010d038182000463e7a491240848e4f53ea5fb857d428c493053193e4b0b4f995ac8bf4c56276a507870131a384aa7e236c64cd7a049a1b37e40ad00c3b8a920dcbad6531616356ce1b6e6d96a7d1b693e25e5abd83ab560a3d764bcd49ec98a1b49421163bd5fc5a625f44c91eb4c2984d5a2e51e816ebdee8fbe08364bb14b7ac876990e64d9 |
| result = invalid |
| shared = |
| |
| # tcId = 65 |
| # Public key uses wrong curve: brainpoolP224t1 |
| curve = secp224r1 |
| private = 2ddd06cb77ca2eae5266a34a107b49e56ffb4c2d3952112da2df90fc |
| public = 3052301406072a8648ce3d020106092b2403030208010106033a00047c592ecb8908355d1ebf8d59b3619275dbe3666209b72ced6a3c88740456ce61d6a84e0542d7cd10dd8804afb8c784d5dffd9480d8cfdc95 |
| result = invalid |
| shared = |
| |
| # tcId = 66 |
| # Public key uses wrong curve: brainpoolP256t1 |
| curve = secp224r1 |
| private = 2ddd06cb77ca2eae5266a34a107b49e56ffb4c2d3952112da2df90fc |
| public = 305a301406072a8648ce3d020106092b240303020801010803420004746226a3e005c37ede51828d3375ef91ebd0ff719a380af69d7dfd131b42a3e8917d4a4d573872935a74d1040f1c47d25d6b26f4156cccdcdc11833b9cde433a |
| result = invalid |
| shared = |
| |
| # tcId = 67 |
| # Public key uses wrong curve: brainpoolP320t1 |
| curve = secp224r1 |
| private = 2ddd06cb77ca2eae5266a34a107b49e56ffb4c2d3952112da2df90fc |
| public = 306a301406072a8648ce3d020106092b240303020801010a035200043298b36825c7bd90ab5157b913d40bbfd732a0de0557e02a2c65a0c223e9a65d62c32462040dd6fe578103023c831caff122c1ed4b8ff7373fa2f08d11c9f4c7f85f81802262ffed9bb82cb6d92eed2d |
| result = invalid |
| shared = |
| |
| # tcId = 68 |
| # Public key uses wrong curve: brainpoolP384t1 |
| curve = secp224r1 |
| private = 2ddd06cb77ca2eae5266a34a107b49e56ffb4c2d3952112da2df90fc |
| public = 307a301406072a8648ce3d020106092b240303020801010c036200043af2849b981f7e5e6ab936e6abb4f206c1fd5561998df8008bfe98d84173c9f2301cdbd5bffc569c0b5a57ce2a8f4d640f1816475fc6043baa8e5a3453bf327b54cb29c7e54a5f31348969aa94615094dbcd1a8e5c2d630465e45fc556c02194 |
| result = invalid |
| shared = |
| |
| # tcId = 69 |
| # Public key uses wrong curve: brainpoolP512t1 |
| curve = secp224r1 |
| private = 2ddd06cb77ca2eae5266a34a107b49e56ffb4c2d3952112da2df90fc |
| public = 30819b301406072a8648ce3d020106092b240303020801010e038182000453d2506047e72af6d98558e1633ecb7e6a05c37861cd3289455cf41bfbf1703f2e9a83052b8eca7d84cba2f001abd8b978f68b69ed6bd874755c44d347fe302c5760b2078c56b24ebd0dcd99f26b8f8a23044b3767a3d2a306587687a7b00668974674edbf18c3db2f3473a97ee77065fdcdd1a9aa053716a4c504f3d18b9170 |
| result = invalid |
| shared = |
| |
| # tcId = 70 |
| # invalid public key |
| curve = secp224r1 |
| private = 0fc28a0ca0f8e36b0d4f71421845135a22aef543b9fddf8c775b2d18f |
| public = 3032301006072a8648ce3d020106052b81040021031e00020ca753db5ddeca474241f8d2dafc0844343fd0e37eded2f0192d51b2 |
| result = invalid |
| shared = |
| # The point in the public key is compressed. Not every library supports points |
| # in compressed format. |
| |
| # tcId = 71 |
| # long form encoding of length |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 30814e301006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 72 |
| # long form encoding of length |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304f30811006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 73 |
| # long form encoding of length |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304f30110681072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 74 |
| # long form encoding of length |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304f301106072a8648ce3d02010681052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 75 |
| # long form encoding of length |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304f301006072a8648ce3d020106052b8104002103813a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 76 |
| # length contains leading 0 |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3082004e301006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 77 |
| # length contains leading 0 |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 30503082001006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 78 |
| # length contains leading 0 |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 30503012068200072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 79 |
| # length contains leading 0 |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3050301206072a8648ce3d0201068200052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 80 |
| # length contains leading 0 |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3050301006072a8648ce3d020106052b810400210382003a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 81 |
| # wrong length |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304f301006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 82 |
| # wrong length |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304d301006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 83 |
| # wrong length |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304e301106072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 84 |
| # wrong length |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304e300f06072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 85 |
| # wrong length |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304e301006082a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 86 |
| # wrong length |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304e301006062a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 87 |
| # wrong length |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304e301006072a8648ce3d020106062b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 88 |
| # wrong length |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304e301006072a8648ce3d020106042b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 89 |
| # wrong length |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304e301006072a8648ce3d020106052b81040021033b000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 90 |
| # wrong length |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304e301006072a8648ce3d020106052b810400210339000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 91 |
| # uint32 overflow in length |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3085010000004e301006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 92 |
| # uint32 overflow in length |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 30533085010000001006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 93 |
| # uint32 overflow in length |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 30533015068501000000072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 94 |
| # uint32 overflow in length |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3053301506072a8648ce3d0201068501000000052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 95 |
| # uint32 overflow in length |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3053301006072a8648ce3d020106052b810400210385010000003a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 96 |
| # uint64 overflow in length |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 308901000000000000004e301006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 97 |
| # uint64 overflow in length |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3057308901000000000000001006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 98 |
| # uint64 overflow in length |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3057301906890100000000000000072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 99 |
| # uint64 overflow in length |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3057301906072a8648ce3d020106890100000000000000052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 100 |
| # uint64 overflow in length |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3057301006072a8648ce3d020106052b81040021038901000000000000003a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 101 |
| # length = 2**31 - 1 |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 30847fffffff301006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 102 |
| # length = 2**31 - 1 |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 305230847fffffff06072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 103 |
| # length = 2**31 - 1 |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3052301406847fffffff2a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 104 |
| # length = 2**31 - 1 |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3052301406072a8648ce3d020106847fffffff2b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 105 |
| # length = 2**31 - 1 |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3052301006072a8648ce3d020106052b8104002103847fffffff000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 106 |
| # length = 2**32 - 1 |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3084ffffffff301006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 107 |
| # length = 2**32 - 1 |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 30523084ffffffff06072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 108 |
| # length = 2**32 - 1 |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 305230140684ffffffff2a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 109 |
| # length = 2**32 - 1 |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3052301406072a8648ce3d02010684ffffffff2b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 110 |
| # length = 2**32 - 1 |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3052301006072a8648ce3d020106052b810400210384ffffffff000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 111 |
| # length = 2**40 - 1 |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3085ffffffffff301006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 112 |
| # length = 2**40 - 1 |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 30533085ffffffffff06072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 113 |
| # length = 2**40 - 1 |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 305330150685ffffffffff2a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 114 |
| # length = 2**40 - 1 |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3053301506072a8648ce3d02010685ffffffffff2b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 115 |
| # length = 2**40 - 1 |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3053301006072a8648ce3d020106052b810400210385ffffffffff000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 116 |
| # length = 2**64 - 1 |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3088ffffffffffffffff301006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 117 |
| # length = 2**64 - 1 |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 30563088ffffffffffffffff06072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 118 |
| # length = 2**64 - 1 |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 305630180688ffffffffffffffff2a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 119 |
| # length = 2**64 - 1 |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3056301806072a8648ce3d02010688ffffffffffffffff2b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 120 |
| # length = 2**64 - 1 |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3056301006072a8648ce3d020106052b810400210388ffffffffffffffff000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 121 |
| # incorrect length |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 30ff301006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 122 |
| # incorrect length |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304e30ff06072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 123 |
| # incorrect length |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304e301006ff2a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 124 |
| # incorrect length |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304e301006072a8648ce3d020106ff2b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 125 |
| # incorrect length |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304e301006072a8648ce3d020106052b8104002103ff000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 126 |
| # indefinite length without termination |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3080301006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 127 |
| # indefinite length without termination |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304e308006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 128 |
| # indefinite length without termination |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304e301006802a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 129 |
| # indefinite length without termination |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304e301006072a8648ce3d020106802b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 130 |
| # indefinite length without termination |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304e301006072a8648ce3d020106052b810400210380000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 131 |
| # removing sequence |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 132 |
| # removing sequence |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 303c033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 133 |
| # lonely sequence tag |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 30 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 134 |
| # lonely sequence tag |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 303d30033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 135 |
| # appending 0's to sequence |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3050301006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da620000 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 136 |
| # appending 0's to sequence |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3050301206072a8648ce3d020106052b810400210000033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 137 |
| # prepending 0's to sequence |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 30500000301006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 138 |
| # prepending 0's to sequence |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 30503012000006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 139 |
| # appending unused 0's to sequence |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304e301006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da620000 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 140 |
| # appending unused 0's to sequence |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3050301006072a8648ce3d020106052b810400210000033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 141 |
| # appending null value to sequence |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3050301006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da620500 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 142 |
| # appending null value to sequence |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3050301206072a8648ce3d020106052b810400210500033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 143 |
| # including garbage |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3053498177304e301006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 144 |
| # including garbage |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 30522500304e301006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 145 |
| # including garbage |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3050304e301006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da620004deadbeef |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 146 |
| # including garbage |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 30533015498177301006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 147 |
| # including garbage |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 305230142500301006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 148 |
| # including garbage |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 30563012301006072a8648ce3d020106052b810400210004deadbeef033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 149 |
| # including garbage |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 30533015260c49817706072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 150 |
| # including garbage |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 30523014260b250006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 151 |
| # including garbage |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 30563018260906072a8648ce3d02010004deadbeef06052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 152 |
| # including garbage |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3053301506072a8648ce3d0201260a49817706052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 153 |
| # including garbage |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3052301406072a8648ce3d02012609250006052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 154 |
| # including garbage |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3056301806072a8648ce3d0201260706052b810400210004deadbeef033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 155 |
| # including garbage |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3053301006072a8648ce3d020106052b81040021233f498177033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 156 |
| # including garbage |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3052301006072a8648ce3d020106052b81040021233e2500033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 157 |
| # including garbage |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3056301006072a8648ce3d020106052b81040021233c033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da620004deadbeef |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 158 |
| # including undefined tags |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3056aa00bb00cd00304e301006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 159 |
| # including undefined tags |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3054aa02aabb304e301006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 160 |
| # including undefined tags |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 30563018aa00bb00cd00301006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 161 |
| # including undefined tags |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 30543016aa02aabb301006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 162 |
| # including undefined tags |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 30563018260faa00bb00cd0006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 163 |
| # including undefined tags |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 30543016260daa02aabb06072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 164 |
| # including undefined tags |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3056301806072a8648ce3d0201260daa00bb00cd0006052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 165 |
| # including undefined tags |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3054301606072a8648ce3d0201260baa02aabb06052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 166 |
| # including undefined tags |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3056301006072a8648ce3d020106052b810400212342aa00bb00cd00033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 167 |
| # including undefined tags |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3054301006072a8648ce3d020106052b810400212340aa02aabb033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 168 |
| # truncated length of sequence |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3081 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 169 |
| # truncated length of sequence |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 303e3081033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 170 |
| # Replacing sequence with NULL |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 0500 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 171 |
| # Replacing sequence with NULL |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 303e0500033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 172 |
| # changing tag value of sequence |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 2e4e301006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 173 |
| # changing tag value of sequence |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 2f4e301006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 174 |
| # changing tag value of sequence |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 314e301006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 175 |
| # changing tag value of sequence |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 324e301006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 176 |
| # changing tag value of sequence |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = ff4e301006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 177 |
| # changing tag value of sequence |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304e2e1006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 178 |
| # changing tag value of sequence |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304e2f1006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 179 |
| # changing tag value of sequence |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304e311006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 180 |
| # changing tag value of sequence |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304e321006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 181 |
| # changing tag value of sequence |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304eff1006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 182 |
| # dropping value of sequence |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3000 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 183 |
| # dropping value of sequence |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 303e3000033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 184 |
| # truncate sequence |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304d301006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 185 |
| # truncate sequence |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304d1006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 186 |
| # truncate sequence |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304d300f06072a8648ce3d020106052b810400033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 187 |
| # truncate sequence |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304d300f072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 188 |
| # indefinite length |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3080301006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da620000 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 189 |
| # indefinite length |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3050308006072a8648ce3d020106052b810400210000033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 190 |
| # indefinite length with truncated delimiter |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3080301006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da6200 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 191 |
| # indefinite length with truncated delimiter |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304f308006072a8648ce3d020106052b8104002100033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 192 |
| # indefinite length with additional element |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3080301006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da6205000000 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 193 |
| # indefinite length with additional element |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3052308006072a8648ce3d020106052b8104002105000000033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 194 |
| # indefinite length with truncated element |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3080301006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62060811220000 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 195 |
| # indefinite length with truncated element |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3054308006072a8648ce3d020106052b81040021060811220000033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 196 |
| # indefinite length with garbage |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3080301006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da620000fe02beef |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 197 |
| # indefinite length with garbage |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3054308006072a8648ce3d020106052b810400210000fe02beef033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 198 |
| # indefinite length with nonempty EOC |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3080301006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da620002beef |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 199 |
| # indefinite length with nonempty EOC |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3052308006072a8648ce3d020106052b810400210002beef033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 200 |
| # prepend empty sequence |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 30503000301006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 201 |
| # prepend empty sequence |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 30503012300006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 202 |
| # append empty sequence |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3050301006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da623000 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 203 |
| # append empty sequence |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3050301206072a8648ce3d020106052b810400213000033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 204 |
| # sequence of sequence |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3050304e301006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 205 |
| # sequence of sequence |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 30503012301006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 206 |
| # truncated sequence |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3012301006072a8648ce3d020106052b81040021 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 207 |
| # truncated sequence |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3047300906072a8648ce3d0201033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 208 |
| # repeat element in sequence |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 30818a301006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 209 |
| # repeat element in sequence |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3055301706072a8648ce3d020106052b8104002106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 210 |
| # removing oid |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3045300706052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 211 |
| # lonely oid tag |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304630080606052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 212 |
| # lonely oid tag |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3048300a06072a8648ce3d020106033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 213 |
| # appending 0's to oid |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3050301206092a8648ce3d0201000006052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 214 |
| # appending 0's to oid |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3050301206072a8648ce3d020106072b810400210000033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 215 |
| # prepending 0's to oid |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 30503012060900002a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 216 |
| # prepending 0's to oid |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3050301206072a8648ce3d0201060700002b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 217 |
| # appending unused 0's to oid |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3050301206072a8648ce3d0201000006052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 218 |
| # appending null value to oid |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3050301206092a8648ce3d0201050006052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 219 |
| # appending null value to oid |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3050301206072a8648ce3d020106072b810400210500033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 220 |
| # truncated length of oid |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 30473009068106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 221 |
| # truncated length of oid |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3049300b06072a8648ce3d02010681033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 222 |
| # Replacing oid with NULL |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 30473009050006052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 223 |
| # Replacing oid with NULL |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3049300b06072a8648ce3d02010500033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 224 |
| # changing tag value of oid |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304e301004072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 225 |
| # changing tag value of oid |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304e301005072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 226 |
| # changing tag value of oid |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304e301007072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 227 |
| # changing tag value of oid |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304e301008072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 228 |
| # changing tag value of oid |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304e3010ff072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 229 |
| # changing tag value of oid |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304e301006072a8648ce3d020104052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 230 |
| # changing tag value of oid |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304e301006072a8648ce3d020105052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 231 |
| # changing tag value of oid |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304e301006072a8648ce3d020107052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 232 |
| # changing tag value of oid |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304e301006072a8648ce3d020108052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 233 |
| # changing tag value of oid |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304e301006072a8648ce3d0201ff052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 234 |
| # dropping value of oid |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 30473009060006052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 235 |
| # dropping value of oid |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3049300b06072a8648ce3d02010600033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 236 |
| # modify first byte of oid |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304e30100607288648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 237 |
| # modify first byte of oid |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304e301006072a8648ce3d020106052981040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 238 |
| # modify last byte of oid |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304e301006072a8648ce3d028106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 239 |
| # modify last byte of oid |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304e301006072a8648ce3d020106052b810400a1033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 240 |
| # truncate oid |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304d300f06062a8648ce3d0206052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 241 |
| # truncate oid |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304d300f06068648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 242 |
| # truncate oid |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304d300f06072a8648ce3d020106042b810400033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 243 |
| # truncate oid |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304d300f06072a8648ce3d0201060481040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 244 |
| # wrong oid |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 30513013060a3262306530333032316106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 245 |
| # wrong oid |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3059301b061236303836343830313635303330343032303106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 246 |
| # wrong oid |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3053301506072a8648ce3d0201060a32623065303330323161033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 247 |
| # wrong oid |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 305b301d06072a8648ce3d02010612363038363438303136353033303430323031033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 248 |
| # longer oid |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3057301906103261383634386365336430323031303106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 249 |
| # longer oid |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3055301706072a8648ce3d0201060c326238313034303032313031033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 250 |
| # oid with modified node |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 30553017060e326138363438636533643032313106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 251 |
| # oid with modified node |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 305d301f06163261383634386365336430323838383038303830303106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 252 |
| # oid with modified node |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3053301506072a8648ce3d0201060a32623831303430303331033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 253 |
| # oid with modified node |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 305b301d06072a8648ce3d02010612326238313034303038383830383038303231033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 254 |
| # large integer in oid |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 306730290620326138363438636533643032383238303830383038303830383038303830303106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 255 |
| # large integer in oid |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3065302706072a8648ce3d0201061c32623831303430303832383038303830383038303830383038303231033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 256 |
| # oid with invalid node |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3058301a0611326138363438636533643032303165303306052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 257 |
| # oid with invalid node |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304f301106082a808648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 258 |
| # oid with invalid node |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3056301806072a8648ce3d0201060d32623831303430303231653033033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 259 |
| # oid with invalid node |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304f301106072a8648ce3d020106062b8081040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 260 |
| # lonely bit string tag |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3013301006072a8648ce3d020106052b8104002103 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 261 |
| # appending 0's to bit string |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3050301006072a8648ce3d020106052b81040021033c000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da620000 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 262 |
| # prepending 0's to bit string |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3050301006072a8648ce3d020106052b81040021033c0000000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 263 |
| # appending null value to bit string |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3050301006072a8648ce3d020106052b81040021033c000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da620500 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 264 |
| # truncated length of bit string |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3014301006072a8648ce3d020106052b810400210381 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 265 |
| # Replacing bit string with NULL |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3014301006072a8648ce3d020106052b810400210500 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 266 |
| # changing tag value of bit string |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304e301006072a8648ce3d020106052b81040021013a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 267 |
| # changing tag value of bit string |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304e301006072a8648ce3d020106052b81040021023a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 268 |
| # changing tag value of bit string |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304e301006072a8648ce3d020106052b81040021043a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 269 |
| # changing tag value of bit string |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304e301006072a8648ce3d020106052b81040021053a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 270 |
| # changing tag value of bit string |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304e301006072a8648ce3d020106052b81040021ff3a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 271 |
| # dropping value of bit string |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3014301006072a8648ce3d020106052b810400210300 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 272 |
| # modify first byte of bit string |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304e301006072a8648ce3d020106052b81040021033a020486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 273 |
| # modify last byte of bit string |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304e301006072a8648ce3d020106052b81040021033a000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3dae2 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 274 |
| # truncate bit string |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304d301006072a8648ce3d020106052b810400210339000486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 275 |
| # truncate bit string |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304d301006072a8648ce3d020106052b8104002103390486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 276 |
| # declaring bits as unused in a bit-string |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304e301006072a8648ce3d020106052b81040021033a010486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 277 |
| # unused bits in a bit-string |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3052301006072a8648ce3d020106052b81040021033e200486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da6201020304 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 278 |
| # unused bits in empty bit-string |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 3015301006072a8648ce3d020106052b81040021030103 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| # tcId = 279 |
| # 128 unused bits |
| curve = secp224r1 |
| private = 0a1b9444f59642d428e2f299055004165a34c3b8796c5057ae8a1a572 |
| public = 304e301006072a8648ce3d020106052b81040021033a800486e2f72bccd974a3f1a4fc2cdcf22043eaf8be047de6be726b62001fda6f50f6df0b51bee99195d8a1a1c97e59e72fa4fcf8c1d21cb3da62 |
| result = acceptable |
| shared = 85a70fc4dfc8509fb9ba1cfcf1879443e2ce176d794228029b10da63 |
| # The public key in this test uses an invalid ASN encoding. Some cases where the |
| # ASN parser is not strictly checking the ASN format are benign as long as the |
| # ECDH computation still returns the correct shared value. |
| |
| [curve = secp256r1] |
| [encoding = asn] |
| |
| # tcId = 280 |
| # normal case |
| curve = secp256r1 |
| private = 612465c89a023ab17855b0a6bcebfd3febb53aef84138647b5352e02c10c346 |
| public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000462d5bd3372af75fe85a040715d0f502428e07046868b0bfdfa61d731afe44f26ac333a93a9e70a81cd5a95b5bf8d13990eb741c8c38872b4a07d275a014e30cf |
| result = valid |
| shared = 53020d908b0219328b658b525f26780e3ae12bcd952bb25a93bc0895e1714285 |
| |
| # tcId = 281 |
| # compressed public key |
| curve = secp256r1 |
| private = 612465c89a023ab17855b0a6bcebfd3febb53aef84138647b5352e02c10c346 |
| public = 3039301306072a8648ce3d020106082a8648ce3d0301070322000362d5bd3372af75fe85a040715d0f502428e07046868b0bfdfa61d731afe44f26 |
| result = acceptable |
| shared = 53020d908b0219328b658b525f26780e3ae12bcd952bb25a93bc0895e1714285 |
| # The point in the public key is compressed. Not every library supports points |
| # in compressed format. |
| |
| # tcId = 282 |
| # edge cases for shared secret |
| curve = secp256r1 |
| private = 0a0d622a47e48f6bc1038ace438c6f528aa00ad2bd1da5f13ee46bf5f633d71a |
| public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000458fd4168a87795603e2b04390285bdca6e57de6027fe211dd9d25e2212d29e62080d36bd224d7405509295eed02a17150e03b314f96da37445b0d1d29377d12c |
| result = valid |
| shared = 0000000000000000000000000000000000000000000000000000000000000000 |
| |
| # tcId = 283 |
| # edge cases for shared secret |
| curve = secp256r1 |
| private = 0a0d622a47e48f6bc1038ace438c6f528aa00ad2bd1da5f13ee46bf5f633d71a |
| public = 3059301306072a8648ce3d020106082a8648ce3d030107034200040f6d20c04261ecc3e92846acad48dc8ec5ee35ae0883f0d2ea71216906ee1c47c042689a996dd12830ae459382e94aac56b717af2e2080215f9e41949b1f52be |
| result = valid |
| shared = 00000000000000000000000000000000ffffffffffffffffffffffffffffffff |
| |
| # tcId = 284 |
| # edge cases for shared secret |
| curve = secp256r1 |
| private = 0a0d622a47e48f6bc1038ace438c6f528aa00ad2bd1da5f13ee46bf5f633d71a |
| public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000400c7defeb1a16236738e9a1123ba621bc8e9a3f2485b3f8ffde7f9ce98f5a8a1cb338c3912b1792f60c2b06ec5231e2d84b0e596e9b76d419ce105ece3791dbc |
| result = valid |
| shared = 0000000000000000ffffffffffffffff00000000000000010000000000000001 |
| |
| # tcId = 285 |
| # edge cases for shared secret |
| curve = secp256r1 |
| private = 0a0d622a47e48f6bc1038ace438c6f528aa00ad2bd1da5f13ee46bf5f633d71a |
| public = 3059301306072a8648ce3d020106082a8648ce3d03010703420004e9b98fb2c0ac045f8c76125ffd99eb8a5157be1d7db3e85d655ec1d8210288cf218df24fd2c2746be59df41262ef3a97d986744b2836748a7486230a319ffec0 |
| result = valid |
| shared = 00000000ffffffff00000000ffffffff00000000ffffffff0000000100000000 |
| |
| # tcId = 286 |
| # edge cases for shared secret |
| curve = secp256r1 |
| private = 0a0d622a47e48f6bc1038ace438c6f528aa00ad2bd1da5f13ee46bf5f633d71a |
| public = 3059301306072a8648ce3d020106082a8648ce3d03010703420004e9484e58f3331b66ffed6d90cb1c78065fa28cfba5c7dd4352013d3252ee4277bd7503b045a38b4b247b32c59593580f39e6abfa376c3dca20cf7f9cfb659e13 |
| result = valid |
| shared = 000003ffffff0000003ffffff0000003ffffff0000003ffffff0000003ffffff |
| |
| # tcId = 287 |
| # edge cases for shared secret |
| curve = secp256r1 |
| private = 0a0d622a47e48f6bc1038ace438c6f528aa00ad2bd1da5f13ee46bf5f633d71a |
| public = 3059301306072a8648ce3d020106082a8648ce3d03010703420004767d7fbb84aa6a4db1079372644e42ecb2fec200c178822392cb8b950ffdd0c91c86853cafd09b52ba2f287f0ebaa26415a3cfabaf92c6a617a19988563d9dea |
| result = valid |
| shared = 0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff00010001 |
| |
| # tcId = 288 |
| # edge cases for shared secret |
| curve = secp256r1 |
| private = 0a0d622a47e48f6bc1038ace438c6f528aa00ad2bd1da5f13ee46bf5f633d71a |
| public = 3059301306072a8648ce3d020106082a8648ce3d03010703420004f3cb6754b7e2a86d064dfb9f903185aaa4c92b481c2c1a1ff276303bbc4183e49c318599b0984c3563df339311fe143a7d921ee75b755a52c6f804f897b809f7 |
| result = valid |
| shared = 7fff0001fffc0007fff0001fffc0007fff0001fffc0007fff0001fffc0007fff |
| |
| # tcId = 289 |
| # edge cases for shared secret |
| curve = secp256r1 |
| private = 0a0d622a47e48f6bc1038ace438c6f528aa00ad2bd1da5f13ee46bf5f633d71a |
| public = 3059301306072a8648ce3d020106082a8648ce3d03010703420004cce13fbdc96a946dfb8c6d9ed762dbd1731630455689f57a437fee124dd54cecaef78026c653030cf2f314a67064236b0a354defebc5e90c94124e9bf5c4fc24 |
| result = valid |
| shared = 8000000000000000000000000000000000000000000000000000000000000004 |
| |
| # tcId = 290 |
| # edge cases for shared secret |
| curve = secp256r1 |
| private = 0a0d622a47e48f6bc1038ace438c6f528aa00ad2bd1da5f13ee46bf5f633d71a |
| public = 3059301306072a8648ce3d020106082a8648ce3d030107034200047633dfd0ad06765097bc11bd5022b200df31f28c4ff0625421221ac7eeb6e6f4cb9c67693609ddd6f92343a5a1c635408240f4f8e27120c12554c7ff8c76e2fe |
| result = valid |
| shared = 8000003ffffff0000007fffffe000000ffffffc000001ffffff8000004000000 |
| |
| # tcId = 291 |
| # edge cases for shared secret |
| curve = secp256r1 |
| private = 0a0d622a47e48f6bc1038ace438c6f528aa00ad2bd1da5f13ee46bf5f633d71a |
| public = 3059301306072a8648ce3d020106082a8648ce3d03010703420004a386ace573f87558a68ead2a20088e3fe928bdae9e109446f93a078c15741f0421261e6db2bf12106e4c6bf85b9581b4c0302a526222f90abc5a549206b11011 |
| result = valid |
| shared = ff00000001fffffffc00000007fffffff00000001fffffffc00000007fffffff |
| |
| # tcId = 292 |
| # edge cases for shared secret |
| curve = secp256r1 |
| private = 0a0d622a47e48f6bc1038ace438c6f528aa00ad2bd1da5f13ee46bf5f633d71a |
| public = 3059301306072a8648ce3d020106082a8648ce3d030107034200048e7b50f7d8c44d5d3496c43141a502f4a43f153d03ad43eda8e39597f1d477b8647f3da67969b7f989ff4addc393515af40c82085ce1f2ee195412c6f583774f |
| result = valid |
| shared = ffff00000003fffffff00000003fffffff00000003fffffff00000003fffffff |
| |
| # tcId = 293 |
| # edge cases for shared secret |
| curve = secp256r1 |
| private = 0a0d622a47e48f6bc1038ace438c6f528aa00ad2bd1da5f13ee46bf5f633d71a |
| public = 3059301306072a8648ce3d020106082a8648ce3d03010703420004c827fb930fd51d926086191b502af83abb5f717debc8de29897a3934b2571ca05990c0597b0b7a2e42febd56b13235d1d408d76ed2c93b3facf514d902f6910a |
| result = valid |
| shared = ffffffff00000000000000ffffffffffffff00000000000000ffffffffffffff |
| |
| # tcId = 294 |
| # edge cases for ephemeral key |
| curve = secp256r1 |
| private = 55d55f11bb8da1ea318bca7266f0376662441ea87270aa2077f1b770c4854a48 |
| public = 3059301306072a8648ce3d020106082a8648ce3d03010703420004000000000000000000000000000000000000000000000000000000000000000066485c780e2f83d72433bd5d84a06bb6541c2af31dae871728bf856a174f93f4 |
| result = valid |
| shared = cfe4077c8730b1c9384581d36bff5542bc417c9eff5c2afcb98cc8829b2ce848 |
| |
| # tcId = 295 |
| # edge cases for ephemeral key |
| curve = secp256r1 |
| private = 55d55f11bb8da1ea318bca7266f0376662441ea87270aa2077f1b770c4854a48 |
| public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000400000000000000000000000000000000ffffffffffffffffffffffffffffffff4f2b92b4c596a5a47f8b041d2dea6043021ac77b9a80b1343ac9d778f4f8f733 |
| result = valid |
| shared = 49ae50fe096a6cd26698b78356b2c8adf1f6a3490f14e364629f7a0639442509 |
| |
| # tcId = 296 |
| # edge cases for ephemeral key |
| curve = secp256r1 |
| private = 55d55f11bb8da1ea318bca7266f0376662441ea87270aa2077f1b770c4854a48 |
| public = 3059301306072a8648ce3d020106082a8648ce3d030107034200040000000000000000ffffffffffffffff0000000000000001000000000000000138120be6ab31edfa34768c4387d2f84fb4b0be8a9a985864a1575f4436bb37b0 |
| result = valid |
| shared = 5a1334572b2a711ead8b4653eb310cd8d9fd114399379a8f6b872e3b8fdda2d9 |
| |
| # tcId = 297 |
| # edge cases for ephemeral key |
| curve = secp256r1 |
| private = 55d55f11bb8da1ea318bca7266f0376662441ea87270aa2077f1b770c4854a48 |
| public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000400000000ffffffff00000000ffffffff00000000ffffffff0000000100000000462c0466e41802238d6c925ecbefc747cfe505ea196af9a2d11b62850fce946e |
| result = valid |
| shared = c73755133b6b9b4b2a00631cbc7940ecbe6ec08f20448071422e3362f2556888 |
| |
| # tcId = 298 |
| # edge cases for ephemeral key |
| curve = secp256r1 |
| private = 55d55f11bb8da1ea318bca7266f0376662441ea87270aa2077f1b770c4854a48 |
| public = 3059301306072a8648ce3d020106082a8648ce3d03010703420004000003ffffff0000003ffffff0000003ffffff0000003ffffff0000003ffffff1582fa32e2d4a89dfcfb3d0b149f667dba3329490f4d64ee2ad586c0c9e8c508 |
| result = valid |
| shared = 06fa1059935e47a9fd667e13f469614eb257cc9a7e3fc599bfb92780d59b146d |
| |
| # tcId = 299 |
| # edge cases for ephemeral key |
| curve = secp256r1 |
| private = 55d55f11bb8da1ea318bca7266f0376662441ea87270aa2077f1b770c4854a48 |
| public = 3059301306072a8648ce3d020106082a8648ce3d030107034200040000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff00010001684c8a9586ed6f9cbe447058a7da2108bab1e5e0a60d1f73e4e2e713f0a3dfe0 |
| result = valid |
| shared = f237df4c10bd3e357971bb2b16b293566b7e355bdc8141d6c92cabc682983c45 |
| |
| # tcId = 300 |
| # edge cases for ephemeral key |
| curve = secp256r1 |
| private = 55d55f11bb8da1ea318bca7266f0376662441ea87270aa2077f1b770c4854a48 |
| public = 3059301306072a8648ce3d020106082a8648ce3d030107034200047fff0001fffc0007fff0001fffc0007fff0001fffc0007fff0001fffc0007fff2e2213caf03033e0fd0f7951154f6e6c3a9244a72faca65e9ce9eeb5c8e1cea9 |
| result = valid |
| shared = 55d0a203e22ffb523c8d2705060cee9d28308b51f184beefc518cff690bad346 |
| |
| # tcId = 301 |
| # edge cases for ephemeral key |
| curve = secp256r1 |
| private = 55d55f11bb8da1ea318bca7266f0376662441ea87270aa2077f1b770c4854a48 |
| public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000480000000000000000000000000000000000000000000000000000000000000042be8789db81bb4870a9e60c5c18c80c83de464277281f1af1e640843a1a3148e |
| result = valid |
| shared = 2518d846e577d95e9e7bc766cde7997cb887fb266d3a6cb598a839fd54aa2f4f |
| |
| # tcId = 302 |
| # edge cases for ephemeral key |
| curve = secp256r1 |
| private = 55d55f11bb8da1ea318bca7266f0376662441ea87270aa2077f1b770c4854a48 |
| public = 3059301306072a8648ce3d020106082a8648ce3d030107034200048000003ffffff0000007fffffe000000ffffffc000001ffffff8000004000000722540f8a471c379083c600b58fde4d95c7dcad5095f4219fc5e9bdde3c5cd39 |
| result = valid |
| shared = bdb49f4bdf42ac64504e9ce677b3ec5c0a03828c5b3efad726005692d35c0f26 |
| |
| # tcId = 303 |
| # edge cases for ephemeral key |
| curve = secp256r1 |
| private = 55d55f11bb8da1ea318bca7266f0376662441ea87270aa2077f1b770c4854a48 |
| public = 3059301306072a8648ce3d020106082a8648ce3d03010703420004ff00000001fffffffc00000007fffffff00000001fffffffc00000007fffffff5df80fc6cae26b6c1952fbd00ed174ee1209d069335f5b48588e29e80b9191ad |
| result = valid |
| shared = f503ac65637e0f17cb4408961cb882c875e4c6ef7a548d2d52d8c2f681838c55 |
| |
| # tcId = 304 |
| # edge cases for ephemeral key |
| curve = secp256r1 |
| private = 55d55f11bb8da1ea318bca7266f0376662441ea87270aa2077f1b770c4854a48 |
| public = 3059301306072a8648ce3d020106082a8648ce3d03010703420004ffff00000003fffffff00000003fffffff00000003fffffff00000003fffffff2c63650e6a5d332e2987dd09a79008e8faabbd37e49cb016bfb92c8cd0f5da77 |
| result = valid |
| shared = e3c18e7d7377dc540bc45c08d389bdbe255fa80ca8faf1ef6b94d52049987d21 |
| |
| # tcId = 305 |
| # edge cases for ephemeral key |
| curve = secp256r1 |
| private = 55d55f11bb8da1ea318bca7266f0376662441ea87270aa2077f1b770c4854a48 |
| public = 3059301306072a8648ce3d020106082a8648ce3d03010703420004ffffffff00000000000000ffffffffffffff00000000000000ffffffffffffff7a116c964a4cd60668bf89cffe157714a3ce21b93b3ca607c8a5b93ac54ffc0a |
| result = valid |
| shared = 516d6d329b095a7c7e93b4023d4d05020c1445ef1ddcb3347b3a27d7d7f57265 |
| |
| # tcId = 306 |
| # edge case private key |
| curve = secp256r1 |
| private = 3 |
| public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000431028f3377fc8f2b1967edaab90213acad0da9f50897f08f57537f78f116744743a1930189363bbde2ac4cbd1649cdc6f451add71dd2f16a8a867f2b17caa16b |
| result = valid |
| shared = 85a0b58519b28e70a694ec5198f72c4bfdabaa30a70f7143b5b1cd7536f716ca |
| |
| # tcId = 307 |
| # edge case private key |
| curve = secp256r1 |
| private = 0ffffffffffffffffffffffffffffffffffffffffffffffffffffffff |
| public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000431028f3377fc8f2b1967edaab90213acad0da9f50897f08f57537f78f116744743a1930189363bbde2ac4cbd1649cdc6f451add71dd2f16a8a867f2b17caa16b |
| result = valid |
| shared = a329a7d80424ea2d6c904393808e510dfbb28155092f1bac284dceda1f13afe5 |
| |
| # tcId = 308 |
| # edge case private key |
| curve = secp256r1 |
| private = 100000000000000000000000000000000000000000000000000000000000000 |
| public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000431028f3377fc8f2b1967edaab90213acad0da9f50897f08f57537f78f116744743a1930189363bbde2ac4cbd1649cdc6f451add71dd2f16a8a867f2b17caa16b |
| result = valid |
| shared = bd26d0293e8851c51ebe0d426345683ae94026aca545282a4759faa85fde6687 |
| |
| # tcId = 309 |
| # edge case private key |
| curve = secp256r1 |
| private = 7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff |
| public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000431028f3377fc8f2b1967edaab90213acad0da9f50897f08f57537f78f116744743a1930189363bbde2ac4cbd1649cdc6f451add71dd2f16a8a867f2b17caa16b |
| result = valid |
| shared = ea9350b2490a2010c7abf43fb1a38be729a2de375ea7a6ac34ff58cc87e51b6c |
| |
| # tcId = 310 |
| # edge case private key |
| curve = secp256r1 |
| private = 08000000000000000000000000000000000000000000000000000000000000000 |
| public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000431028f3377fc8f2b1967edaab90213acad0da9f50897f08f57537f78f116744743a1930189363bbde2ac4cbd1649cdc6f451add71dd2f16a8a867f2b17caa16b |
| result = valid |
| shared = 34eed3f6673d340b6f716913f6dfa36b5ac85fa667791e2d6a217b0c0b7ba807 |
| |
| # tcId = 311 |
| # edge case private key |
| curve = secp256r1 |
| private = 0ffffffff00000000ffffffffffffffffbce6faada7179e83f3b9cac2fc632551 |
| public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000431028f3377fc8f2b1967edaab90213acad0da9f50897f08f57537f78f116744743a1930189363bbde2ac4cbd1649cdc6f451add71dd2f16a8a867f2b17caa16b |
| result = valid |
| shared = 1354ce6692c9df7b6fc3119d47c56338afbedccb62faa546c0fe6ed4959e41c3 |
| |
| # tcId = 312 |
| # edge case private key |
| curve = secp256r1 |
| private = 0ffffffff00000000ffffffffffffffffbce6faada7179e84f3a9cac2fc632551 |
| public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000431028f3377fc8f2b1967edaab90213acad0da9f50897f08f57537f78f116744743a1930189363bbde2ac4cbd1649cdc6f451add71dd2f16a8a867f2b17caa16b |
| result = valid |
| shared = fe7496c30d534995f0bf428b5471c21585aaafc81733916f0165597a55d12cb4 |
| |
| # tcId = 313 |
| # edge case private key |
| curve = secp256r1 |
| private = 0ffffffff00000000ffffffffffffffffbce6faada7179e84f3b1cac2fc632551 |
| public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000431028f3377fc8f2b1967edaab90213acad0da9f50897f08f57537f78f116744743a1930189363bbde2ac4cbd1649cdc6f451add71dd2f16a8a867f2b17caa16b |
| result = valid |
| shared = 348bf8042e4edf1d03c8b36ab815156e77c201b764ed4562cfe2ee90638ffef5 |
| |
| # tcId = 314 |
| # edge case private key |
| curve = secp256r1 |
| private = 0ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac1fc632551 |
| public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000431028f3377fc8f2b1967edaab90213acad0da9f50897f08f57537f78f116744743a1930189363bbde2ac4cbd1649cdc6f451add71dd2f16a8a867f2b17caa16b |
| result = valid |
| shared = 6e4ec5479a7c20a537501700484f6f433a8a8fe53c288f7a25c8e8c92d39e8dc |
| |
| # tcId = 315 |
| # edge case private key |
| curve = secp256r1 |
| private = 0ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6324f3 |
| public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000431028f3377fc8f2b1967edaab90213acad0da9f50897f08f57537f78f116744743a1930189363bbde2ac4cbd1649cdc6f451add71dd2f16a8a867f2b17caa16b |
| result = valid |
| shared = f7407d61fdf581be4f564621d590ca9b7ba37f31396150f9922f1501da8c83ef |
| # The private key has a special value. Implementations using addition |
| # subtraction chains for the point multiplication may get the point at infinity |
| # as an intermediate result. See CVE_2017_10176 |
| |
| # tcId = 316 |
| # edge case private key |
| curve = secp256r1 |
| private = 0ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632533 |
| public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000431028f3377fc8f2b1967edaab90213acad0da9f50897f08f57537f78f116744743a1930189363bbde2ac4cbd1649cdc6f451add71dd2f16a8a867f2b17caa16b |
| result = valid |
| shared = 82236fd272208693e0574555ca465c6cc512163486084fa57f5e1bd2e2ccc0b3 |
| # The private key has a special value. Implementations using addition |
| # subtraction chains for the point multiplication may get the point at infinity |
| # as an intermediate result. See CVE_2017_10176 |
| |
| # tcId = 317 |
| # edge case private key |
| curve = secp256r1 |
| private = 0ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632543 |
| public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000431028f3377fc8f2b1967edaab90213acad0da9f50897f08f57537f78f116744743a1930189363bbde2ac4cbd1649cdc6f451add71dd2f16a8a867f2b17caa16b |
| result = valid |
| shared = 06537149664dba1a9924654cb7f787ed224851b0df25ef53fcf54f8f26cd5f3f |
| # The private key has a special value. Implementations using addition |
| # subtraction chains for the point multiplication may get the point at infinity |
| # as an intermediate result. See CVE_2017_10176 |
| |
| # tcId = 318 |
| # edge case private key |
| curve = secp256r1 |
| private = 0ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254b |
| public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000431028f3377fc8f2b1967edaab90213acad0da9f50897f08f57537f78f116744743a1930189363bbde2ac4cbd1649cdc6f451add71dd2f16a8a867f2b17caa16b |
| result = valid |
| shared = f2b38539bce995d443c7bfeeefadc9e42cc2c89c60bf4e86eac95d51987bd112 |
| # The private key has a special value. Implementations using addition |
| # subtraction chains for the point multiplication may get the point at infinity |
| # as an intermediate result. See CVE_2017_10176 |
| |
| # tcId = 319 |
| # edge case private key |
| curve = secp256r1 |
| private = 0ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254e |
| public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000431028f3377fc8f2b1967edaab90213acad0da9f50897f08f57537f78f116744743a1930189363bbde2ac4cbd1649cdc6f451add71dd2f16a8a867f2b17caa16b |
| result = valid |
| shared = 85a0b58519b28e70a694ec5198f72c4bfdabaa30a70f7143b5b1cd7536f716ca |
| |
| # tcId = 320 |
| # edge case private key |
| curve = secp256r1 |
| private = 0ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254f |
| public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000431028f3377fc8f2b1967edaab90213acad0da9f50897f08f57537f78f116744743a1930189363bbde2ac4cbd1649cdc6f451add71dd2f16a8a867f2b17caa16b |
| result = valid |
| shared = 027b013a6f166db655d69d643c127ef8ace175311e667dff2520f5b5c75b7659 |
| # The private key has a special value. Implementations using addition |
| # subtraction chains for the point multiplication may get the point at infinity |
| # as an intermediate result. See CVE_2017_10176 |
| |
| # tcId = 321 |
| # CVE-2017-8932 |
| curve = secp256r1 |
| private = 2a265f8bcbdcaf94d58519141e578124cb40d64a501fba9c11847b28965bc737 |
| public = 3059301306072a8648ce3d020106082a8648ce3d03010703420004023819813ac969847059028ea88a1f30dfbcde03fc791d3a252c6b41211882eaf93e4ae433cc12cf2a43fc0ef26400c0e125508224cdb649380f25479148a4ad |
| result = valid |
| shared = 4d4de80f1534850d261075997e3049321a0864082d24a917863366c0724f5ae3 |
| |
| # tcId = 322 |
| # CVE-2017-8932 |
| curve = secp256r1 |
| private = 313f72ff9fe811bf573176231b286a3bdb6f1b14e05c40146590727a71c3bccd |
| public = 3059301306072a8648ce3d020106082a8648ce3d03010703420004cc11887b2d66cbae8f4d306627192522932146b42f01d3c6f92bd5c8ba739b06a2f08a029cd06b46183085bae9248b0ed15b70280c7ef13a457f5af382426031 |
| result = valid |
| shared = 831c3f6b5f762d2f461901577af41354ac5f228c2591f84f8a6e51e2e3f17991 |
| |
| # tcId = 323 |
| # public point not on curve |
| curve = secp256r1 |
| private = 4f3414d1589b49f7172d439cbbe78e5b5350dc85dea40cd2d6274740c6e0239c |
| public = 3059301306072a8648ce3d020106082a8648ce3d030107034200041510264c189c3d523ff9916abd7069efa6968d8dc7ddb6457d7869b53ea60cdcfafb7ed4786da15d29ee59256f536da3575a4888c1bb0a95b256f4a7e9fd764c |
| result = invalid |
| shared = d003f5cc83852584061f7a8a28bcb5671ecbda096e16e7accfa8f8d311a3db7a |
| # The public key has been modified and is invalid. An implementation should |
| # always check whether the public key is valid and on the same curve as the |
| # private key. The test vector includes the shared secret computed with the |
| # original public key. Generating a shared secret other than the one with the |
| # original key likely indicates that the bug is exploitable. |
| |
| # tcId = 324 |
| # public point = (0,0) |
| curve = secp256r1 |
| private = 4f3414d1589b49f7172d439cbbe78e5b5350dc85dea40cd2d6274740c6e0239c |
| public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 |
| result = invalid |
| shared = d003f5cc83852584061f7a8a28bcb5671ecbda096e16e7accfa8f8d311a3db7a |
| # The public key has been modified and is invalid. An implementation should |
| # always check whether the public key is valid and on the same curve as the |
| # private key. The test vector includes the shared secret computed with the |
| # original public key. Generating a shared secret other than the one with the |
| # original key likely indicates that the bug is exploitable. |
| |
| # tcId = 325 |
| # order = |
| # -115792089210356248762697446949407573529996955224135760342422259061068512044369 |
| curve = secp256r1 |
| private = 4f3414d1589b49f7172d439cbbe78e5b5350dc85dea40cd2d6274740c6e0239c |
| public = 308201333081ec06072a8648ce3d02013081e0020101302c06072a8648ce3d0101022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff30440420ffffffff00000001000000000000000000000000fffffffffffffffffffffffc04205ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b0441046b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2964fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f50221ff00000000ffffffff00000000000000004319055258e8617b0c46353d039cdaaf020101034200041510264c189c3d523ff9916abd7069efa6968d8dc7ddb6457d7869b53ea60cdcfafb7ed4786da15d29ee59256f536da3575a4888c1bb0a95b256f4a7e9fd764a |
| result = invalid |
| shared = d003f5cc83852584061f7a8a28bcb5671ecbda096e16e7accfa8f8d311a3db7a |
| # The order of the public key has been modified. If this order is used in a |
| # cryptographic primitive instead of the correct order then private keys may |
| # leak. E.g. ECDHC in BC 1.52 suffered from this. |
| # The public key has been modified and is invalid. An implementation should |
| # always check whether the public key is valid and on the same curve as the |
| # private key. The test vector includes the shared secret computed with the |
| # original public key. Generating a shared secret other than the one with the |
| # original key likely indicates that the bug is exploitable. |
| # The public key does not use a named curve. RFC 3279 allows to encode such |
| # curves by explicitly encoding, the parameters of the curve equation, modulus, |
| # generator, order and cofactor. However, many crypto libraries only support |
| # named curves. Modifying some of the EC parameters and encoding the |
| # corresponding public key as an unnamed curve is a potential attack vector. |
| |
| # tcId = 326 |
| # order = 0 |
| curve = secp256r1 |
| private = 4f3414d1589b49f7172d439cbbe78e5b5350dc85dea40cd2d6274740c6e0239c |
| public = 308201133081cc06072a8648ce3d02013081c0020101302c06072a8648ce3d0101022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff30440420ffffffff00000001000000000000000000000000fffffffffffffffffffffffc04205ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b0441046b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2964fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5020100020101034200041510264c189c3d523ff9916abd7069efa6968d8dc7ddb6457d7869b53ea60cdcfafb7ed4786da15d29ee59256f536da3575a4888c1bb0a95b256f4a7e9fd764a |
| result = invalid |
| shared = d003f5cc83852584061f7a8a28bcb5671ecbda096e16e7accfa8f8d311a3db7a |
| # The order of the public key has been modified. If this order is used in a |
| # cryptographic primitive instead of the correct order then private keys may |
| # leak. E.g. ECDHC in BC 1.52 suffered from this. |
| # The public key has been modified and is invalid. An implementation should |
| # always check whether the public key is valid and on the same curve as the |
| # private key. The test vector includes the shared secret computed with the |
| # original public key. Generating a shared secret other than the one with the |
| # original key likely indicates that the bug is exploitable. |
| # The public key does not use a named curve. RFC 3279 allows to encode such |
| # curves by explicitly encoding, the parameters of the curve equation, modulus, |
| # generator, order and cofactor. However, many crypto libraries only support |
| # named curves. Modifying some of the EC parameters and encoding the |
| # corresponding public key as an unnamed curve is a potential attack vector. |
| |
| # tcId = 327 |
| # order = 1 |
| curve = secp256r1 |
| private = 4f3414d1589b49f7172d439cbbe78e5b5350dc85dea40cd2d6274740c6e0239c |
| public = 308201133081cc06072a8648ce3d02013081c0020101302c06072a8648ce3d0101022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff30440420ffffffff00000001000000000000000000000000fffffffffffffffffffffffc04205ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b0441046b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2964fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5020101020101034200041510264c189c3d523ff9916abd7069efa6968d8dc7ddb6457d7869b53ea60cdcfafb7ed4786da15d29ee59256f536da3575a4888c1bb0a95b256f4a7e9fd764a |
| result = acceptable |
| shared = d003f5cc83852584061f7a8a28bcb5671ecbda096e16e7accfa8f8d311a3db7a |
| # The order of the public key has been modified. If this order is used in a |
| # cryptographic primitive instead of the correct order then private keys may |
| # leak. E.g. ECDHC in BC 1.52 suffered from this. |
| # A parameter that is typically not used for ECDH has been modified. Sometimes |
| # libraries ignore small differences between public and private key. For |
| # example, a library might ignore an incorrect cofactor in the public key. We |
| # consider ignoring such changes as acceptable as long as these differences do |
| # not change the outcome of the ECDH computation, i.e. as long as the |
| # computation is done on the curve from the private key. |
| # The public key does not use a named curve. RFC 3279 allows to encode such |
| # curves by explicitly encoding, the parameters of the curve equation, modulus, |
| # generator, order and cofactor. However, many crypto libraries only support |
| # named curves. Modifying some of the EC parameters and encoding the |
| # corresponding public key as an unnamed curve is a potential attack vector. |
| |
| # tcId = 328 |
| # order = 26959946660873538060741835960514744168612397095220107664918121663170 |
| curve = secp256r1 |
| private = 4f3414d1589b49f7172d439cbbe78e5b5350dc85dea40cd2d6274740c6e0239c |
| public = 3082012f3081e806072a8648ce3d02013081dc020101302c06072a8648ce3d0101022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff30440420ffffffff00000001000000000000000000000000fffffffffffffffffffffffc04205ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b0441046b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2964fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5021d00ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2020101034200041510264c189c3d523ff9916abd7069efa6968d8dc7ddb6457d7869b53ea60cdcfafb7ed4786da15d29ee59256f536da3575a4888c1bb0a95b256f4a7e9fd764a |
| result = acceptable |
| shared = d003f5cc83852584061f7a8a28bcb5671ecbda096e16e7accfa8f8d311a3db7a |
| # The order of the public key has been modified. If this order is used in a |
| # cryptographic primitive instead of the correct order then private keys may |
| # leak. E.g. ECDHC in BC 1.52 suffered from this. |
| # A parameter that is typically not used for ECDH has been modified. Sometimes |
| # libraries ignore small differences between public and private key. For |
| # example, a library might ignore an incorrect cofactor in the public key. We |
| # consider ignoring such changes as acceptable as long as these differences do |
| # not change the outcome of the ECDH computation, i.e. as long as the |
| # computation is done on the curve from the private key. |
| # The public key does not use a named curve. RFC 3279 allows to encode such |
| # curves by explicitly encoding, the parameters of the curve equation, modulus, |
| # generator, order and cofactor. However, many crypto libraries only support |
| # named curves. Modifying some of the EC parameters and encoding the |
| # corresponding public key as an unnamed curve is a potential attack vector. |
| |
| # tcId = 329 |
| # generator = (0,0) |
| curve = secp256r1 |
| private = 4f3414d1589b49f7172d439cbbe78e5b5350dc85dea40cd2d6274740c6e0239c |
| public = 308201333081ec06072a8648ce3d02013081e0020101302c06072a8648ce3d0101022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff30440420ffffffff00000001000000000000000000000000fffffffffffffffffffffffc04205ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b04410400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551020101034200041510264c189c3d523ff9916abd7069efa6968d8dc7ddb6457d7869b53ea60cdcfafb7ed4786da15d29ee59256f536da3575a4888c1bb0a95b256f4a7e9fd764a |
| result = acceptable |
| shared = d003f5cc83852584061f7a8a28bcb5671ecbda096e16e7accfa8f8d311a3db7a |
| # A parameter that is typically not used for ECDH has been modified. Sometimes |
| # libraries ignore small differences between public and private key. For |
| # example, a library might ignore an incorrect cofactor in the public key. We |
| # consider ignoring such changes as acceptable as long as these differences do |
| # not change the outcome of the ECDH computation, i.e. as long as the |
| # computation is done on the curve from the private key. |
| # The public key does not use a named curve. RFC 3279 allows to encode such |
| # curves by explicitly encoding, the parameters of the curve equation, modulus, |
| # generator, order and cofactor. However, many crypto libraries only support |
| # named curves. Modifying some of the EC parameters and encoding the |
| # corresponding public key as an unnamed curve is a potential attack vector. |
| |
| # tcId = 330 |
| # generator not on curve |
| curve = secp256r1 |
| private = 4f3414d1589b49f7172d439cbbe78e5b5350dc85dea40cd2d6274740c6e0239c |
| public = 308201333081ec06072a8648ce3d02013081e0020101302c06072a8648ce3d0101022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff30440420ffffffff00000001000000000000000000000000fffffffffffffffffffffffc04205ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b0441046b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2964fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f7022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551020101034200041510264c189c3d523ff9916abd7069efa6968d8dc7ddb6457d7869b53ea60cdcfafb7ed4786da15d29ee59256f536da3575a4888c1bb0a95b256f4a7e9fd764a |
| result = acceptable |
| shared = d003f5cc83852584061f7a8a28bcb5671ecbda096e16e7accfa8f8d311a3db7a |
| # A parameter that is typically not used for ECDH has been modified. Sometimes |
| # libraries ignore small differences between public and private key. For |
| # example, a library might ignore an incorrect cofactor in the public key. We |
| # consider ignoring such changes as acceptable as long as these differences do |
| # not change the outcome of the ECDH computation, i.e. as long as the |
| # computation is done on the curve from the private key. |
| # The public key does not use a named curve. RFC 3279 allows to encode such |
| # curves by explicitly encoding, the parameters of the curve equation, modulus, |
| # generator, order and cofactor. However, many crypto libraries only support |
| # named curves. Modifying some of the EC parameters and encoding the |
| # corresponding public key as an unnamed curve is a potential attack vector. |
| |
| # tcId = 331 |
| # cofactor = -1 |
| curve = secp256r1 |
| private = 4f3414d1589b49f7172d439cbbe78e5b5350dc85dea40cd2d6274740c6e0239c |
| public = 308201333081ec06072a8648ce3d02013081e0020101302c06072a8648ce3d0101022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff30440420ffffffff00000001000000000000000000000000fffffffffffffffffffffffc04205ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b0441046b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2964fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325510201ff034200041510264c189c3d523ff9916abd7069efa6968d8dc7ddb6457d7869b53ea60cdcfafb7ed4786da15d29ee59256f536da3575a4888c1bb0a95b256f4a7e9fd764a |
| result = invalid |
| shared = d003f5cc83852584061f7a8a28bcb5671ecbda096e16e7accfa8f8d311a3db7a |
| # The public key has been modified and is invalid. An implementation should |
| # always check whether the public key is valid and on the same curve as the |
| # private key. The test vector includes the shared secret computed with the |
| # original public key. Generating a shared secret other than the one with the |
| # original key likely indicates that the bug is exploitable. |
| # The public key does not use a named curve. RFC 3279 allows to encode such |
| # curves by explicitly encoding, the parameters of the curve equation, modulus, |
| # generator, order and cofactor. However, many crypto libraries only support |
| # named curves. Modifying some of the EC parameters and encoding the |
| # corresponding public key as an unnamed curve is a potential attack vector. |
| |
| # tcId = 332 |
| # cofactor = 0 |
| curve = secp256r1 |
| private = 4f3414d1589b49f7172d439cbbe78e5b5350dc85dea40cd2d6274740c6e0239c |
| public = 308201333081ec06072a8648ce3d02013081e0020101302c06072a8648ce3d0101022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff30440420ffffffff00000001000000000000000000000000fffffffffffffffffffffffc04205ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b0441046b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2964fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551020100034200041510264c189c3d523ff9916abd7069efa6968d8dc7ddb6457d7869b53ea60cdcfafb7ed4786da15d29ee59256f536da3575a4888c1bb0a95b256f4a7e9fd764a |
| result = invalid |
| shared = d003f5cc83852584061f7a8a28bcb5671ecbda096e16e7accfa8f8d311a3db7a |
| # The public key has been modified and is invalid. An implementation should |
| # always check whether the public key is valid and on the same curve as the |
| # private key. The test vector includes the shared secret computed with the |
| # original public key. Generating a shared secret other than the one with the |
| # original key likely indicates that the bug is exploitable. |
| # The public key does not use a named curve. RFC 3279 allows to encode such |
| # curves by explicitly encoding, the parameters of the curve equation, modulus, |
| # generator, order and cofactor. However, many crypto libraries only support |
| # named curves. Modifying some of the EC parameters and encoding the |
| # corresponding public key as an unnamed curve is a potential attack vector. |
| |
| # tcId = 333 |
| # cofactor = 2 |
| curve = secp256r1 |
| private = 4f3414d1589b49f7172d439cbbe78e5b5350dc85dea40cd2d6274740c6e0239c |
| public = 308201333081ec06072a8648ce3d02013081e0020101302c06072a8648ce3d0101022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff30440420ffffffff00000001000000000000000000000000fffffffffffffffffffffffc04205ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b0441046b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2964fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551020102034200041510264c189c3d523ff9916abd7069efa6968d8dc7ddb6457d7869b53ea60cdcfafb7ed4786da15d29ee59256f536da3575a4888c1bb0a95b256f4a7e9fd764a |
| result = acceptable |
| shared = d003f5cc83852584061f7a8a28bcb5671ecbda096e16e7accfa8f8d311a3db7a |
| # A parameter that is typically not used for ECDH has been modified. Sometimes |
| # libraries ignore small differences between public and private key. For |
| # example, a library might ignore an incorrect cofactor in the public key. We |
| # consider ignoring such changes as acceptable as long as these differences do |
| # not change the outcome of the ECDH computation, i.e. as long as the |
| # computation is done on the curve from the private key. |
| # The public key does not use a named curve. RFC 3279 allows to encode such |
| # curves by explicitly encoding, the parameters of the curve equation, modulus, |
| # generator, order and cofactor. However, many crypto libraries only support |
| # named curves. Modifying some of the EC parameters and encoding the |
| # corresponding public key as an unnamed curve is a potential attack vector. |
| |
| # tcId = 334 |
| # cofactor = |
| # 115792089210356248762697446949407573529996955224135760342422259061068512044369 |
| curve = secp256r1 |
| private = 4f3414d1589b49f7172d439cbbe78e5b5350dc85dea40cd2d6274740c6e0239c |
| public = 308201553082010d06072a8648ce3d020130820100020101302c06072a8648ce3d0101022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff30440420ffffffff00000001000000000000000000000000fffffffffffffffffffffffc04205ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b0441046b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2964fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551034200041510264c189c3d523ff9916abd7069efa6968d8dc7ddb6457d7869b53ea60cdcfafb7ed4786da15d29ee59256f536da3575a4888c1bb0a95b256f4a7e9fd764a |
| result = invalid |
| shared = d003f5cc83852584061f7a8a28bcb5671ecbda096e16e7accfa8f8d311a3db7a |
| # The public key has been modified and is invalid. An implementation should |
| # always check whether the public key is valid and on the same curve as the |
| # private key. The test vector includes the shared secret computed with the |
| # original public key. Generating a shared secret other than the one with the |
| # original key likely indicates that the bug is exploitable. |
| # The public key does not use a named curve. RFC 3279 allows to encode such |
| # curves by explicitly encoding, the parameters of the curve equation, modulus, |
| # generator, order and cofactor. However, many crypto libraries only support |
| # named curves. Modifying some of the EC parameters and encoding the |
| # corresponding public key as an unnamed curve is a potential attack vector. |
| |
| # tcId = 335 |
| # cofactor = None |
| curve = secp256r1 |
| private = 4f3414d1589b49f7172d439cbbe78e5b5350dc85dea40cd2d6274740c6e0239c |
| public = 308201303081e906072a8648ce3d02013081dd020101302c06072a8648ce3d0101022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff30440420ffffffff00000001000000000000000000000000fffffffffffffffffffffffc04205ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b0441046b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2964fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551034200041510264c189c3d523ff9916abd7069efa6968d8dc7ddb6457d7869b53ea60cdcfafb7ed4786da15d29ee59256f536da3575a4888c1bb0a95b256f4a7e9fd764a |
| result = acceptable |
| shared = d003f5cc83852584061f7a8a28bcb5671ecbda096e16e7accfa8f8d311a3db7a |
| # A parameter that is typically not used for ECDH has been modified. Sometimes |
| # libraries ignore small differences between public and private key. For |
| # example, a library might ignore an incorrect cofactor in the public key. We |
| # consider ignoring such changes as acceptable as long as these differences do |
| # not change the outcome of the ECDH computation, i.e. as long as the |
| # computation is done on the curve from the private key. |
| # The public key does not use a named curve. RFC 3279 allows to encode such |
| # curves by explicitly encoding, the parameters of the curve equation, modulus, |
| # generator, order and cofactor. However, many crypto libraries only support |
| # named curves. Modifying some of the EC parameters and encoding the |
| # corresponding public key as an unnamed curve is a potential attack vector. |
| |
| # tcId = 336 |
| # modified prime |
| curve = secp256r1 |
| private = 4f3414d1589b49f7172d439cbbe78e5b5350dc85dea40cd2d6274740c6e0239c |
| public = 308201333081ec06072a8648ce3d02013081e0020101302c06072a8648ce3d0101022100fd091059a6893635f900e9449d63f572b2aebc4cff7b4e5e33f1b200e8bbc1453044042002f6efa55976c9cb06ff16bb629c0a8d4d5143b40084b1a1cc0e4dff17443eb704205ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b0441040000000000000000000006597fa94b1fd90000000000000000000000000000021b8c7dd77f9a95627922eceefea73f028f1ec95ba9b8fa95a3ad24bdf9fff414022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551020101034200040000000000000000000006597fa94b1fd90000000000000000000000000000021b8c7dd77f9a95627922eceefea73f028f1ec95ba9b8fa95a3ad24bdf9fff414 |
| result = invalid |
| shared = d003f5cc83852584061f7a8a28bcb5671ecbda096e16e7accfa8f8d311a3db7a |
| # The modulus of the public key has been modified. The public point of the |
| # public key has been chosen so that it is both a point on both the curve of the |
| # modified public key and the private key. |
| # The public key has been modified and is invalid. An implementation should |
| # always check whether the public key is valid and on the same curve as the |
| # private key. The test vector includes the shared secret computed with the |
| # original public key. Generating a shared secret other than the one with the |
| # original key likely indicates that the bug is exploitable. |
| # The public key does not use a named curve. RFC 3279 allows to encode such |
| # curves by explicitly encoding, the parameters of the curve equation, modulus, |
| # generator, order and cofactor. However, many crypto libraries only support |
| # named curves. Modifying some of the EC parameters and encoding the |
| # corresponding public key as an unnamed curve is a potential attack vector. |
| |
| # tcId = 337 |
| # using secp224r1 |
| curve = secp256r1 |
| private = 4f3414d1589b49f7172d439cbbe78e5b5350dc85dea40cd2d6274740c6e0239c |
| public = 304e301006072a8648ce3d020106052b81040021033a0004074f56dc2ea648ef89c3b72e23bbd2da36f60243e4d2067b70604af1c2165cec2f86603d60c8a611d5b84ba3d91dfe1a480825bcc4af3bcf |
| result = invalid |
| shared = d003f5cc83852584061f7a8a28bcb5671ecbda096e16e7accfa8f8d311a3db7a |
| # The public key has been modified and is invalid. An implementation should |
| # always check whether the public key is valid and on the same curve as the |
| # private key. The test vector includes the shared secret computed with the |
| # original public key. Generating a shared secret other than the one with the |
| # original key likely indicates that the bug is exploitable. |
| |
| # tcId = 338 |
| # using secp256k1 |
| curve = secp256r1 |
| private = 4f3414d1589b49f7172d439cbbe78e5b5350dc85dea40cd2d6274740c6e0239c |
| public = 3056301006072a8648ce3d020106052b8104000a03420004a1263e75b87ae0937060ff1472f330ee55cdf8f4329d6284a9ebfbcc856c11684225e72cbebff41e54fb6f00e11afe53a17937bedbf2df787f8ef9584f775838 |
| result = invalid |
| shared = d003f5cc83852584061f7a8a28bcb5671ecbda096e16e7accfa8f8d311a3db7a |
| # The public key has been modified and is invalid. An implementation should |
| # always check whether the public key is valid and on the same curve as the |
| # private key. The test vector includes the shared secret computed with the |
| # original public key. Generating a shared secret other than the one with the |
| # original key likely indicates that the bug is exploitable. |
| |
| # tcId = 339 |
| # a = 0 |
| curve = secp256r1 |
| private = 4f3414d1589b49f7172d439cbbe78e5b5350dc85dea40cd2d6274740c6e0239c |
| public = 308201143081cd06072a8648ce3d02013081c1020101302c06072a8648ce3d0101022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff302504010004201b95c2f46065dbf0f3ff09153e4748ed71595e0774ba8e25c364ff1e6be039b70441041510264c189c3d523ff9916abd7069efa6968d8dc7ddb6457d7869b53ea60cdcfafb7ed4786da15d29ee59256f536da3575a4888c1bb0a95b256f4a7e9fd764a022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551020101034200041510264c189c3d523ff9916abd7069efa6968d8dc7ddb6457d7869b53ea60cdcfafb7ed4786da15d29ee59256f536da3575a4888c1bb0a95b256f4a7e9fd764a |
| result = acceptable |
| shared = d003f5cc83852584061f7a8a28bcb5671ecbda096e16e7accfa8f8d311a3db7a |
| # A parameter that is typically not used for ECDH has been modified. Sometimes |
| # libraries ignore small differences between public and private key. For |
| # example, a library might ignore an incorrect cofactor in the public key. We |
| # consider ignoring such changes as acceptable as long as these differences do |
| # not change the outcome of the ECDH computation, i.e. as long as the |
| # computation is done on the curve from the private key. |
| # The public key does not use a named curve. RFC 3279 allows to encode such |
| # curves by explicitly encoding, the parameters of the curve equation, modulus, |
| # generator, order and cofactor. However, many crypto libraries only support |
| # named curves. Modifying some of the EC parameters and encoding the |
| # corresponding public key as an unnamed curve is a potential attack vector. |
| |
| # tcId = 340 |
| # public key of order 3 |
| curve = secp256r1 |
| private = 4f3414d1589b49f7172d439cbbe78e5b5350dc85dea40cd2d6274740c6e0239c |
| public = 308201333081ec06072a8648ce3d02013081e0020101302c06072a8648ce3d0101022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff304404207fe51581de0fd5f6a3f08793c6763330d51c6a9c332272132281ed58c314da360420fcf3e76add34e1daa4e8d962604a3bb6075a79da47c6719e389fe4fe37d35250044104bf0bb5f8717a07846f828f91fb493d3850365b7da5b355e76615b07ced174fe16a2542257eb94a12e3703989ee36f5459fb3b5c1028e766ec1b7a0ba39c0ed8a022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63255102010103420004bf0bb5f8717a07846f828f91fb493d3850365b7da5b355e76615b07ced174fe195dabdd98146b5ee1c8fc67611c90aba604c4a3ffd7189913e485f45c63f1275 |
| result = invalid |
| shared = d003f5cc83852584061f7a8a28bcb5671ecbda096e16e7accfa8f8d311a3db7a |
| # The vector contains a weak public key. The curve is not a named curve, the |
| # public key point has order 3 and has been chosen to be on the same curve as |
| # the private key. This test vector is used to check ECC implementations for |
| # missing steps in the verification of the public key. |
| # The public key has been modified and is invalid. An implementation should |
| # always check whether the public key is valid and on the same curve as the |
| # private key. The test vector includes the shared secret computed with the |
| # original public key. Generating a shared secret other than the one with the |
| # original key likely indicates that the bug is exploitable. |
| # The public key does not use a named curve. RFC 3279 allows to encode such |
| # curves by explicitly encoding, the parameters of the curve equation, modulus, |
| # generator, order and cofactor. However, many crypto libraries only support |
| # named curves. Modifying some of the EC parameters and encoding the |
| # corresponding public key as an unnamed curve is a potential attack vector. |
| |
| # tcId = 341 |
| # Public key uses wrong curve: secp224r1 |
| curve = secp256r1 |
| private = 0b44f9670fedba887ad8e806226063e77604b27c362836326e93ecb7fcc6dc297 |
| public = 304e301006072a8648ce3d020106052b81040021033a00042af270d2a6030e3dd38cc46e7d719f176c2ca4eb04d7e8b84290c8edbcaed964ebe226b2d7ce17251622804c0d3b7adce020a3cdc97cac6c |
| result = invalid |
| shared = |
| |
| # tcId = 342 |
| # Public key uses wrong curve: secp384r1 |
| curve = secp256r1 |
| private = 0b44f9670fedba887ad8e806226063e77604b27c362836326e93ecb7fcc6dc297 |
| public = 3076301006072a8648ce3d020106052b81040022036200041f17901e731b06f349b6e9d7d17d45e8a2b46115a47485be16197932db87b39405b5c941b36fd61b9ef7dd20878e129e55a2277099c601dcdb3747f80ad6e166116378e1ebce2c95744a0986128cfeeaac7f90b71787d9a1cfe417cd4c8f6af5 |
| result = invalid |
| shared = |
| |
| # tcId = 343 |
| # Public key uses wrong curve: secp521r1 |
| curve = secp256r1 |
| private = 0b44f9670fedba887ad8e806226063e77604b27c362836326e93ecb7fcc6dc297 |
| public = 30819b301006072a8648ce3d020106052b81040023038186000400ed76e5888428fad409ff203ab298b0f24827c091939ae0f9b1245d865ac5fbcd2749f9ae6c90fa8e29414d1bc7dc7b3c4aca904cd824484421cc66fe6af43bdfd200c1f790a0b3ae994937f91b6bdb9778b08c83ecadb8cba22a78c37bf565dac164f18e719be0ef890ee5cbf20e17fcfc9a5585e5416470b9862f82fb769339994f4e |
| result = invalid |
| shared = |
| |
| # tcId = 344 |
| # Public key uses wrong curve: secp256k1 |
| curve = secp256r1 |
| private = 0b44f9670fedba887ad8e806226063e77604b27c362836326e93ecb7fcc6dc297 |
| public = 3056301006072a8648ce3d020106052b8104000a034200048028d16082b07696d4aa4aab9d6b1f1463435ac097900631108f9888e13da67c4841fd8dd3ced6e7ad8c6fc656621c2f93d3db0eb29d48d1423154519865dbc1 |
| result = invalid |
| shared = |
| |
| # tcId = 345 |
| # Public key uses wrong curve: brainpoolP224r1 |
| curve = secp256r1 |
| private = 0b44f9670fedba887ad8e806226063e77604b27c362836326e93ecb7fcc6dc297 |
| public = 3052301406072a8648ce3d020106092b2403030208010105033a0004a6bae3d155c1f9ca263928c986ede69acefd0dd9b3a19d2b9f4b0a3a66bea5d167318dcc028945fc1b40c60ce716ba2d414a743c6b856a6f |
| result = invalid |
| shared = |
| |
| # tcId = 346 |
| # Public key uses wrong curve: brainpoolP256r1 |
| curve = secp256r1 |
| private = 0b44f9670fedba887ad8e806226063e77604b27c362836326e93ecb7fcc6dc297 |
| public = 305a301406072a8648ce3d020106092b2403030208010107034200045d3ddbbb9bc071d8b59855c74bdf3541ae4cb6c1a24ec439034df7abde16a346523edf6a67896b304cb2cd2a083eec2b16935bbc910e85ec6eae38b50230bf70 |
| result = invalid |
| shared = |
| |
| # tcId = 347 |
| # Public key uses wrong curve: brainpoolP320r1 |
| curve = secp256r1 |
| private = 0b44f9670fedba887ad8e806226063e77604b27c362836326e93ecb7fcc6dc297 |
| public = 306a301406072a8648ce3d020106092b240303020801010903520004a43c6ef2500723d54c1fc88f8844d83445ca5a0f585c10b8eb3f022d47d0e84862b7f5cbf97d352d4348ca730f600f2258d1d192da223f6ba83a7cc0d6da598d55c2b77824d326c8df000b8fff156d2c |
| result = invalid |
| shared = |
| |
| # tcId = 348 |
| # Public key uses wrong curve: brainpoolP384r1 |
| curve = secp256r1 |
| private = 0b44f9670fedba887ad8e806226063e77604b27c362836326e93ecb7fcc6dc297 |
| public = 307a301406072a8648ce3d020106092b240303020801010b036200042391c062833d1e6d89ec256cf4a3989534c1ead5e1e14ffae933a53f962857e4713087e1b3d65ac79634c71577af24698b5ce959183835551f7b08aef7853378c299930b360813fd58d5e4da8b37d5a7473e891ee11cb02881bd848b364fb7d5 |
| result = invalid |
| shared = |
| |
| # tcId = 349 |
| # Public key uses wrong curve: brainpoolP512r1 |
| curve = secp256r1 |
| private = 0b44f9670fedba887ad8e806226063e77604b27c362836326e93ecb7fcc6dc297 |
| public = 30819b301406072a8648ce3d020106092b240303020801010d038182000484beae85096640953c1fd6ebbc32697263d53f89943cbaf14432061aea8c0318acbd9389ab1d2e904fa0e081d08cfabb614ed9bca618211142d94623c14b476a25e47abf98fd3b1da1417dfc2e2cfc8424b16ea14dd45e1422be7d4e0a5cc7f4d4ab5f198cdbaaa3f642ec6361842cbe869382ee78cd596ff5e740d9ec2c3ad6 |
| result = invalid |
| shared = |
| |
| # tcId = 350 |
| # Public key uses wrong curve: brainpoolP224t1 |
| curve = secp256r1 |
| private = 0b44f9670fedba887ad8e806226063e77604b27c362836326e93ecb7fcc6dc297 |
| public = 3052301406072a8648ce3d020106092b2403030208010106033a00042b0a1a858ffc44e7752940731d378f96570837e279ea3948fe00cff8b5f89adb4e2fe6f8781ba6426364f4590b34dd79fc80629de4a86084 |
| result = invalid |
| shared = |
| |
| # tcId = 351 |
| # Public key uses wrong curve: brainpoolP256t1 |
| curve = secp256r1 |
| private = 0b44f9670fedba887ad8e806226063e77604b27c362836326e93ecb7fcc6dc297 |
| public = 305a301406072a8648ce3d020106092b2403030208010108034200043037c01b4a5ac53742e3f5528dffb0f010ab6ebeb08d792b32e19e9006ca331a024b67698d7cf4b575ccd9389441d5c640b77c63771cef1bd85675361c6602a4 |
| result = invalid |
| shared = |
| |
| # tcId = 352 |
| # Public key uses wrong curve: brainpoolP320t1 |
| curve = secp256r1 |
| private = 0b44f9670fedba887ad8e806226063e77604b27c362836326e93ecb7fcc6dc297 |
| public = 306a301406072a8648ce3d020106092b240303020801010a035200040f0fd972a495a140124a4019291a20f5b39fb755c126bf268643bb3091eca44f2a3cda1dead6ab1f4fe08a4b3872423f71e5bf96b1c20bc0ca73b7e2c134cc14a5f77bc838ebcf01084da3bf15663536 |
| result = invalid |
| shared = |
| |
| # tcId = 353 |
| # Public key uses wrong curve: brainpoolP384t1 |
| curve = secp256r1 |
| private = 0b44f9670fedba887ad8e806226063e77604b27c362836326e93ecb7fcc6dc297 |
| public = 307a301406072a8648ce3d020106092b240303020801010c0362000403b65faf5a6bf74bd5c166278a4b566c6c705ac6363e61f3b0699e116d3c5b19e8b7021b75b005f78a8cea8de34c49397f9b3b2bfc8706eb8163c802371eff7dfc825c40aa84dd9d1c4b34615ee5ae28c6c05d58d2a8ccc3786382b712d3bcda |
| result = invalid |
| shared = |
| |
| # tcId = 354 |
| # Public key uses wrong curve: brainpoolP512t1 |
| curve = secp256r1 |
| private = 0b44f9670fedba887ad8e806226063e77604b27c362836326e93ecb7fcc6dc297 |
| public = 30819b301406072a8648ce3d020106092b240303020801010e03818200047504d660943a69ab043378e44c034896534a346e0e95f35fcaad3503b490856bfb20a753ecabc6d7bfeec28d057f919923b7d3c086953eb16c5bd287b59788db72dbb7c273854294c927ea7eca205aae2f0830e5faaddad8316231bfc3572c85c33cb7054e04c8936e3ce059c907e59f40593444e590b31820bc1f514ed0ec8a |
| result = invalid |
| shared = |
| |
| # tcId = 355 |
| # invalid public key |
| curve = secp256r1 |
| private = 6f953faff3599e6c762d7f4cabfeed092de2add1df1bc5748c6cbb725cf35458 |
| public = 3039301306072a8648ce3d020106082a8648ce3d03010703220002fd4bf61763b46581fd9174d623516cf3c81edd40e29ffa2777fb6cb0ae3ce535 |
| result = invalid |
| shared = |
| # The point in the public key is compressed. Not every library supports points |
| # in compressed format. |
| |
| # tcId = 356 |
| # public key is a low order point on twist |
| curve = secp256r1 |
| private = 0d27edf0ff5b6b6b465753e7158370332c153b468a1be087ad0f490bdb99e5f02 |
| public = 3039301306072a8648ce3d020106082a8648ce3d03010703220003efdde3b32872a9effcf3b94cbf73aa7b39f9683ece9121b9852167f4e3da609b |
| result = invalid |
| shared = |
| # The point in the public key is compressed. Not every library supports points |
| # in compressed format. |
| |
| # tcId = 357 |
| # public key is a low order point on twist |
| curve = secp256r1 |
| private = 0d27edf0ff5b6b6b465753e7158370332c153b468a1be087ad0f490bdb99e5f03 |
| public = 3039301306072a8648ce3d020106082a8648ce3d03010703220002efdde3b32872a9effcf3b94cbf73aa7b39f9683ece9121b9852167f4e3da609b |
| result = invalid |
| shared = |
| # The point in the public key is compressed. Not every library supports points |
| # in compressed format. |
| |
| # tcId = 358 |
| # public key is a low order point on twist |
|