Fix s2n_ecdsa_secp521r1_sha512 + improve integ ECDSA coverage

nix/shell.sh

@@ -62,7 +62,7 @@ function integ {
             ctest --test-dir ./build -L integrationv2 --no-tests=error --output-on-failure -R "$test" --verbose
             if [ "$?" -ne 0 ]; then
                echo "Test failed, stopping execution"
-               exit 1
+               return 1
             fi
         done
     fi

tests/integrationv2/common.py

@@ -93,9 +93,11 @@ def __init__(self, name, prefix, location=TEST_CERT_DIRECTORY):
         self.cert = location + prefix + "_cert.pem"
         self.key = location + prefix + "_key.pem"
         self.algorithm = 'ANY'
+        self.curve = None
 
         if 'ECDSA' in name:
             self.algorithm = 'EC'
+            self.curve = name[-3:]
         elif 'RSA' in name:
             self.algorithm = 'RSA'
         if 'PSS' in name:
@@ -107,14 +109,12 @@ def compatible_with_cipher(self, cipher):
     def compatible_with_curve(self, curve):
         if self.algorithm != 'EC':
             return True
-
-        return curve.name[-3:] == self.name[-3:]
+        return curve.name[-3:] == self.curve
 
     def compatible_with_sigalg(self, sigalg):
-        if self.algorithm == 'EC':
-            if '384' in self.name and 'p256' in sigalg.name:
-                return False
-
+        sig_alg_has_curve = sigalg.algorithm == 'EC' and sigalg.min_protocol == Protocols.TLS13
+        if sig_alg_has_curve and self.curve not in sigalg.name:
+            return False
         return (self.algorithm == sigalg.algorithm)
 
     def __str__(self):
@@ -140,6 +140,7 @@ class Certificates(object):
 
     ECDSA_256 = Cert("ECDSA_256", "localhost_ecdsa_p256")
     ECDSA_384 = Cert("ECDSA_384", "ecdsa_p384_pkcs1")
+    ECDSA_521 = Cert("ECDSA_521", "ecdsa_p521")
 
     RSA_2048_SHA256_WILDCARD = Cert(
         "RSA_2048_SHA256_WILDCARD", "rsa_2048_sha256_wildcard")
@@ -400,6 +401,7 @@ class Signatures(object):
     RSA_SHA512 = Signature('RSA+SHA512', max_protocol=Protocols.TLS12)
     RSA_MD5_SHA1 = Signature('RSA+MD5_SHA1', max_protocol=Protocols.TLS11)
     ECDSA_SHA224 = Signature('ECDSA+SHA224', max_protocol=Protocols.TLS12)
+    ECDSA_SHA512 = Signature('ECDSA+SHA512', max_protocol=Protocols.TLS12)
     ECDSA_SHA1 = Signature('ECDSA+SHA1', max_protocol=Protocols.TLS12)
 
     RSA_PSS_RSAE_SHA256 = Signature(
@@ -418,6 +420,11 @@ class Signatures(object):
         min_protocol=Protocols.TLS13,
         sig_type='ECDSA',
         sig_digest='SHA256')
+    ECDSA_SECP521r1_SHA512 = Signature(
+        'ecdsa_secp521r1_sha512',
+        min_protocol=Protocols.TLS13,
+        sig_type='ECDSA',
+        sig_digest='SHA512')
 
 
 class Results(object):

tests/integrationv2/configuration.py

@@ -52,7 +52,8 @@
     Certificates.RSA_4096_SHA512,
     Certificates.ECDSA_256,
     Certificates.ECDSA_384,
-    Certificates.RSA_PSS_2048_SHA256
+    Certificates.ECDSA_521,
+    Certificates.RSA_PSS_2048_SHA256,
 ]
 
 

tests/integrationv2/test_signature_algorithms.py

@@ -7,25 +7,19 @@
 from providers import Provider, S2N, OpenSSL, GnuTLS
 from utils import invalid_test_parameters, get_parameter_name, get_expected_s2n_version, to_bytes
 
-certs = [
-    Certificates.RSA_2048_SHA256,
-    Certificates.RSA_2048_SHA384,
-    Certificates.RSA_PSS_2048_SHA256,
-    Certificates.ECDSA_256,
-    Certificates.ECDSA_384,
-]
-
 all_sigs = [
     Signatures.RSA_SHA1,
     Signatures.RSA_SHA224,
     Signatures.RSA_SHA256,
     Signatures.RSA_SHA384,
     Signatures.RSA_SHA512,
     Signatures.ECDSA_SECP256r1_SHA256,
+    Signatures.ECDSA_SECP521r1_SHA512,
     Signatures.RSA_PSS_RSAE_SHA256,
     Signatures.RSA_PSS_PSS_SHA256,
     Signatures.ECDSA_SHA224,
     Signatures.ECDSA_SHA1,
+    Signatures.ECDSA_SHA512,
 ]
 
 

tests/pems/ecdsa_p521_cert.pem

@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE-----
+MIICkDCCAfOgAwIBAgIUT81FWh80/yJIYrJQki2U0l8qX/8wCgYIKoZIzj0EAwIw
+YTELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAldBMRAwDgYDVQQHDAdTZWF0dGxlMQ8w
+DQYDVQQKDAZBbWF6b24xDDAKBgNVBAsMA3MybjEUMBIGA1UEAwwLczJuVGVzdENl
+cnQwIBcNMjMwODE1MDQyNTAxWhgPMjEyMzA3MjIwNDI1MDFaMGExCzAJBgNVBAYT
+AlVTMQswCQYDVQQIDAJXQTEQMA4GA1UEBwwHU2VhdHRsZTEPMA0GA1UECgwGQW1h
+em9uMQwwCgYDVQQLDANzMm4xFDASBgNVBAMMC3MyblRlc3RDZXJ0MIGbMBAGByqG
+SM49AgEGBSuBBAAjA4GGAAQAZue+N75XLVRR85xDMdoZPvAEOpTMkUySOZjOiVhy
+4HrcgoCelJ19sx6x/9ub4J9RYNO1D4jam5ElhHG7YbZlZPgAemJPt83MB3ZVUBv7
++5y3w6y8YNALQ64itu5N3hiHm/c6ZmcZUiENuYL8Tn9cOy9ZyaVVvkd+n07gRrVC
+Cj75J92jRDBCMAsGA1UdDwQEAwIEsDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB
+BQUHAwIwFAYDVR0RBA0wC4IJbG9jYWxob3N0MAoGCCqGSM49BAMCA4GKADCBhgJB
+IJh6U2UupBjtzKtTrkvGpmrKixZXqlMwKzlgMUKdViyIfpOnHleN6WY/KSKMpQv0
+WuTgKIM7xGTLTRNUdW9SKBoCQWpdgspCtqZ40YCAHXaaeUNjnCB4mCmdrJWIzlpg
+2OYM7tWCFNtdp1AIVs5LOWXoW+IcIAaetH+HVClILkeiLfX8
+-----END CERTIFICATE-----

tests/pems/ecdsa_p521_key.pem

@@ -0,0 +1,10 @@
+-----BEGIN EC PARAMETERS-----
+BgUrgQQAIw==
+-----END EC PARAMETERS-----
+-----BEGIN EC PRIVATE KEY-----
+MIHcAgEBBEIAHIpljjg1sQ5+8DZjWX4hv7Ro4uor2LEP/8j3H4djz9BWSsWTOzqL
+iVDYQXWjmSUKNU9SnRLqRAyaWO3BNU1OHqygBwYFK4EEACOhgYkDgYYABABm5743
+vlctVFHznEMx2hk+8AQ6lMyRTJI5mM6JWHLgetyCgJ6UnX2zHrH/25vgn1Fg07UP
+iNqbkSWEcbthtmVk+AB6Yk+3zcwHdlVQG/v7nLfDrLxg0AtDriK27k3eGIeb9zpm
+ZxlSIQ25gvxOf1w7L1nJpVW+R36fTuBGtUIKPvkn3Q==
+-----END EC PRIVATE KEY-----

tests/testlib/s2n_testlib.h

@@ -104,10 +104,12 @@ S2N_RESULT s2n_connection_set_test_master_secret(struct s2n_connection *conn, co
 #define S2N_RSA_2048_PKCS1_LEAF_CERT    "../pems/rsa_2048_pkcs1_leaf.pem"
 #define S2N_ECDSA_P256_PKCS1_CERT_CHAIN "../pems/ecdsa_p256_pkcs1_cert.pem"
 #define S2N_ECDSA_P384_PKCS1_CERT_CHAIN "../pems/ecdsa_p384_pkcs1_cert.pem"
+#define S2N_ECDSA_P512_CERT_CHAIN       "../pems/ecdsa_p521_cert.pem"
 #define S2N_RSA_CERT_CHAIN_CRLF         "../pems/rsa_2048_pkcs1_cert_crlf.pem"
 #define S2N_RSA_KEY_CRLF                "../pems/rsa_2048_pkcs1_key_crlf.pem"
 #define S2N_ECDSA_P256_PKCS1_KEY        "../pems/ecdsa_p256_pkcs1_key.pem"
 #define S2N_ECDSA_P384_PKCS1_KEY        "../pems/ecdsa_p384_pkcs1_key.pem"
+#define S2N_ECDSA_P512_KEY              "../pems/ecdsa_p521_key.pem"
 #define S2N_RSA_2048_PKCS1_KEY          "../pems/rsa_2048_pkcs1_key.pem"
 #define S2N_RSA_2048_PKCS8_KEY          "../pems/rsa_2048_pkcs8_key.pem"
 

tests/unit/s2n_handshake_test.c

@@ -238,6 +238,12 @@ int main(int argc, char **argv)
     char dhparams_pem[S2N_MAX_TEST_PEM_SIZE];
     EXPECT_SUCCESS(s2n_read_test_pem(S2N_DEFAULT_TEST_DHPARAMS, dhparams_pem, S2N_MAX_TEST_PEM_SIZE));
 
+    const char *ecdsa_certs[][2] = {
+            { S2N_ECDSA_P256_PKCS1_CERT_CHAIN, S2N_ECDSA_P256_PKCS1_KEY },
+            { S2N_ECDSA_P384_PKCS1_CERT_CHAIN, S2N_ECDSA_P384_PKCS1_KEY },
+            { S2N_ECDSA_P512_CERT_CHAIN, S2N_ECDSA_P512_KEY },
+    };
+
     for (test_type = TEST_TYPE_START; test_type < TEST_TYPE_END; test_type++) {
         /*  Test: RSA cert */
         {
@@ -311,12 +317,12 @@ int main(int argc, char **argv)
         };
 
         /*  Test: ECDSA cert */
-        {
+        for (size_t i = 0; i < s2n_array_len(ecdsa_certs); i++) {
             struct s2n_config *server_config, *client_config;
 
             struct s2n_cert_chain_and_key *chain_and_key;
             EXPECT_SUCCESS(s2n_test_cert_chain_and_key_new(&chain_and_key,
-                    S2N_ECDSA_P384_PKCS1_CERT_CHAIN, S2N_ECDSA_P384_PKCS1_KEY));
+                    ecdsa_certs[i][0], ecdsa_certs[i][1]));
 
             EXPECT_NOT_NULL(server_config = s2n_config_new());
             EXPECT_SUCCESS(s2n_config_set_cipher_preferences(server_config, "test_all_ecdsa"));

tests/unit/s2n_signature_scheme_test.c

@@ -0,0 +1,48 @@
+/*
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License").
+ * You may not use this file except in compliance with the License.
+ * A copy of the License is located at
+ *
+ *  http://aws.amazon.com/apache2.0
+ *
+ * or in the "license" file accompanying this file. This file is distributed
+ * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing
+ * permissions and limitations under the License.
+ */
+
+#include "tls/s2n_signature_scheme.c"
+
+#include "s2n_test.h"
+
+int main(int argc, char **argv)
+{
+    BEGIN_TEST();
+
+    /* Test all signature schemes */
+    size_t policy_i = 0;
+    while(security_policy_selection[policy_i].version != NULL) {
+        const struct s2n_signature_preferences *sig_prefs =
+                security_policy_selection[policy_i].security_policy->signature_preferences;
+        for (size_t sig_i = 0; sig_i < sig_prefs->count; sig_i++) {
+            const struct s2n_signature_scheme *const sig_scheme = sig_prefs->signature_schemes[sig_i];
+
+            EXPECT_NOT_EQUAL(sig_scheme->iana_value, 0);
+            EXPECT_NOT_EQUAL(sig_scheme->hash_alg, S2N_HASH_NONE);
+            EXPECT_NOT_EQUAL(sig_scheme->sig_alg, S2N_SIGNATURE_ANONYMOUS);
+            EXPECT_NOT_EQUAL(sig_scheme->libcrypto_nid, 0);
+
+            if (sig_scheme->sig_alg == S2N_SIGNATURE_ECDSA
+                    && sig_scheme->minimum_protocol_version == S2N_TLS13) {
+                EXPECT_NOT_NULL(sig_scheme->signature_curve);
+            } else {
+                EXPECT_NULL(sig_scheme->signature_curve);
+            }
+        }
+        policy_i++;
+    }
+
+    END_TEST();
+}

tls/s2n_signature_scheme.c

@@ -148,6 +148,7 @@ const struct s2n_signature_scheme s2n_ecdsa_secp521r1_sha512 = {
     .iana_value = TLS_SIGNATURE_SCHEME_ECDSA_SECP521R1_SHA512,
     .hash_alg = S2N_HASH_SHA512,
     .sig_alg = S2N_SIGNATURE_ECDSA,
+    .libcrypto_nid = NID_ecdsa_with_SHA512,
     .signature_curve = &s2n_ecc_curve_secp521r1, /* Hardcoded as of TLS 1.3 */
     .minimum_protocol_version = S2N_TLS13,
 };