From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mga09.intel.com (mga09.intel.com [134.134.136.24])
 by mx.groups.io with SMTP id smtpd.web11.4307.1665470221304550128
 for <devel@edk2.groups.io>;
 Mon, 10 Oct 2022 23:37:07 -0700
Authentication-Results: mx.groups.io;
 dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=VGn41HMq;
 spf=pass (domain: intel.com, ip: 134.134.136.24, mailfrom: qi1.zhang@intel.com)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1665470227; x=1697006227;
  h=from:to:cc:subject:date:message-id:in-reply-to:
   references:mime-version:content-transfer-encoding;
  bh=P8BDFOczOqZwS83T1z+/Hn+xLk00DMoje0puxu/hmk0=;
  b=VGn41HMqJeWBUrz3dawj0f9Hf/oSIGwsZUt8RXYfJvJ2+BQqD03AzVJK
   SE4NIZ42XJolp4InjVJNGY4ly5q3yOi3EbTslKkA3fJCBMnyqUqsLmx37
   DzsRU/EcI6pe5RSxUOy9n6ASDRfisXvMLtOCQovYdYMu4wTgt9Mlbw74O
   xVNLL/QQwgy7wEsYrirN3+MOdrGwgKjhhkZZSpMH2a1iAXMxtEfUHdWNH
   lUwKPtN8PzpJ6qvyQKfT4uUqTWRmM5RLqbFZJmm0pfIGiehcj/buQROWY
   JHvG+iyOI7es/S2Zw5a7GQnoyKwUqyM8HHpnRbpVEPNVBNbXMp7xUTlDx
   g==;
X-IronPort-AV: E=McAfee;i="6500,9779,10496"; a="305476539"
X-IronPort-AV: E=Sophos;i="5.95,175,1661842800"; 
   d="scan'208";a="305476539"
Received: from fmsmga004.fm.intel.com ([10.253.24.48])
  by orsmga102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Oct 2022 23:37:06 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=McAfee;i="6500,9779,10496"; a="694938686"
X-IronPort-AV: E=Sophos;i="5.95,175,1661842800"; 
   d="scan'208";a="694938686"
Received: from shwdesssddpdqi.ccr.corp.intel.com ([10.239.157.129])
  by fmsmga004.fm.intel.com with ESMTP; 10 Oct 2022 23:37:04 -0700
From: "Qi Zhang" <qi1.zhang@intel.com>
To: devel@edk2.groups.io
Cc: Qi Zhang <qi1.zhang@intel.com>,
	Jiewen Yao <jiewen.yao@intel.com>,
	Jian J Wang <jian.j.wang@intel.com>,
	Xiaoyu Lu <xiaoyu1.lu@intel.com>,
	Guomin Jiang <guomin.jiang@intel.com>
Subject: [PATCH 3/3] CryptoPkg: add unit test for EC key interface.
Date: Tue, 11 Oct 2022 14:36:55 +0800
Message-Id: <e60d389e1a26449dee06e81851291591e8aa0309.1665469855.git.qi1.zhang@intel.com>
X-Mailer: git-send-email 2.26.2.windows.1
In-Reply-To: <cover.1665469855.git.qi1.zhang@intel.com>
References: <cover.1665469855.git.qi1.zhang@intel.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4102

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
---
 .../UnitTest/Library/BaseCryptLib/EcTests.c   | 156 ++++++++++++++++++
 1 file changed, 156 insertions(+)

diff --git a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/EcTests.c b/Crypt=
oPkg/Test/UnitTest/Library/BaseCryptLib/EcTests.c
index 54ce0b22df..ee1e6e870b 100644
--- a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/EcTests.c
+++ b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/EcTests.c
@@ -60,6 +60,89 @@ struct Generator  EcCurveGenerator[EC_CURVE_NUM_SUPPORTE=
D] =3D
   }=0D
 };=0D
 =0D
+//=0D
+// Root CA X509 Certificate for X509 Verification Routine (Generated by Op=
enSSL utility).=0D
+//=0D
+GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8  mEccTestRootCer[] =3D {=0D
+  0x30, 0x82, 0x01, 0xd2, 0x30, 0x82, 0x01, 0x77, 0xa0, 0x03, 0x02, 0x01,=
=0D
+  0x02, 0x02, 0x09, 0x00, 0xcc, 0x10, 0x45, 0x50, 0xaf, 0x50, 0x1b, 0xe2,=
=0D
+  0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02,=
=0D
+  0x30, 0x45, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13,=
=0D
+  0x02, 0x41, 0x55, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08,=
=0D
+  0x0c, 0x0a, 0x53, 0x6f, 0x6d, 0x65, 0x2d, 0x53, 0x74, 0x61, 0x74, 0x65,=
=0D
+  0x31, 0x21, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x18, 0x49,=
=0D
+  0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x20, 0x57, 0x69, 0x64, 0x67,=
=0D
+  0x69, 0x74, 0x73, 0x20, 0x50, 0x74, 0x79, 0x20, 0x4c, 0x74, 0x64, 0x30,=
=0D
+  0x1e, 0x17, 0x0d, 0x32, 0x30, 0x30, 0x32, 0x32, 0x37, 0x31, 0x32, 0x30,=
=0D
+  0x32, 0x31, 0x30, 0x5a, 0x17, 0x0d, 0x33, 0x30, 0x30, 0x32, 0x32, 0x34,=
=0D
+  0x31, 0x32, 0x30, 0x32, 0x31, 0x30, 0x5a, 0x30, 0x45, 0x31, 0x0b, 0x30,=
=0D
+  0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x41, 0x55, 0x31, 0x13,=
=0D
+  0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x0a, 0x53, 0x6f, 0x6d,=
=0D
+  0x65, 0x2d, 0x53, 0x74, 0x61, 0x74, 0x65, 0x31, 0x21, 0x30, 0x1f, 0x06,=
=0D
+  0x03, 0x55, 0x04, 0x0a, 0x0c, 0x18, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x6e,=
=0D
+  0x65, 0x74, 0x20, 0x57, 0x69, 0x64, 0x67, 0x69, 0x74, 0x73, 0x20, 0x50,=
=0D
+  0x74, 0x79, 0x20, 0x4c, 0x74, 0x64, 0x30, 0x59, 0x30, 0x13, 0x06, 0x07,=
=0D
+  0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48,=
=0D
+  0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0x11, 0xa4, 0x06,=
=0D
+  0x65, 0xb6, 0x79, 0x6e, 0x72, 0xb6, 0xd8, 0x09, 0x84, 0x92, 0x86, 0x11,=
=0D
+  0x09, 0xde, 0xea, 0xd0, 0x0c, 0x60, 0xf1, 0x8a, 0xff, 0x7c, 0xde, 0xce,=
=0D
+  0xec, 0x07, 0xba, 0xa5, 0xb8, 0xd5, 0x17, 0xe5, 0x62, 0x33, 0x2d, 0x88,=
=0D
+  0xb1, 0x9a, 0xe6, 0xf3, 0x09, 0x43, 0x0e, 0xa9, 0xf7, 0x3c, 0xe9, 0x20,=
=0D
+  0xba, 0xbd, 0xb1, 0x3c, 0x03, 0x89, 0x1e, 0x2a, 0xff, 0x6e, 0x08, 0xff,=
=0D
+  0x2e, 0xa3, 0x50, 0x30, 0x4e, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e,=
=0D
+  0x04, 0x16, 0x04, 0x14, 0x62, 0xe6, 0xd9, 0xa0, 0xee, 0x38, 0x18, 0x83,=
=0D
+  0xfa, 0xe3, 0xed, 0x44, 0xa4, 0x37, 0xfd, 0x4a, 0x04, 0xdf, 0xe1, 0xd5,=
=0D
+  0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80,=
=0D
+  0x14, 0x62, 0xe6, 0xd9, 0xa0, 0xee, 0x38, 0x18, 0x83, 0xfa, 0xe3, 0xed,=
=0D
+  0x44, 0xa4, 0x37, 0xfd, 0x4a, 0x04, 0xdf, 0xe1, 0xd5, 0x30, 0x0c, 0x06,=
=0D
+  0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, 0x30,=
=0D
+  0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03,=
=0D
+  0x49, 0x00, 0x30, 0x46, 0x02, 0x21, 0x00, 0x99, 0x2f, 0x43, 0xeb, 0xdc,=
=0D
+  0x4e, 0x53, 0xc7, 0xc1, 0xbd, 0xed, 0x95, 0xdc, 0xae, 0xd3, 0x75, 0xfa,=
=0D
+  0xc4, 0xf7, 0xa4, 0x61, 0x00, 0x57, 0xce, 0xf3, 0xe0, 0x23, 0xf6, 0xf0,=
=0D
+  0x41, 0x6f, 0xb5, 0x02, 0x21, 0x00, 0xf3, 0x97, 0x11, 0x06, 0x61, 0x10,=
=0D
+  0xc7, 0x35, 0xe9, 0xf8, 0x3b, 0x59, 0xec, 0xf5, 0x51, 0xa0, 0xa6, 0x64,=
=0D
+  0x6e, 0xe1, 0x44, 0xc7, 0xe1, 0xa2, 0xce, 0x90, 0x7f, 0xae, 0xad, 0xf4,=
=0D
+  0xa9, 0xfa,=0D
+};=0D
+=0D
+//=0D
+// PEM key data for EC Private key Retrieving. (Generated by OpenSSL utili=
ty).=0D
+//=0D
+GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8  mEccTestPemKey[] =3D {=0D
+  0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x42, 0x45, 0x47, 0x49, 0x4e, 0x20, 0x45,=
=0D
+  0x43, 0x20, 0x50, 0x41, 0x52, 0x41, 0x4d, 0x45, 0x54, 0x45, 0x52, 0x53,=
=0D
+  0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x0a, 0x42, 0x67, 0x67, 0x71, 0x68, 0x6b,=
=0D
+  0x6a, 0x4f, 0x50, 0x51, 0x4d, 0x42, 0x42, 0x77, 0x3d, 0x3d, 0x0a, 0x2d,=
=0D
+  0x2d, 0x2d, 0x2d, 0x2d, 0x45, 0x4e, 0x44, 0x20, 0x45, 0x43, 0x20, 0x50,=
=0D
+  0x41, 0x52, 0x41, 0x4d, 0x45, 0x54, 0x45, 0x52, 0x53, 0x2d, 0x2d, 0x2d,=
=0D
+  0x2d, 0x2d, 0x0a, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x42, 0x45, 0x47, 0x49,=
=0D
+  0x4e, 0x20, 0x45, 0x43, 0x20, 0x50, 0x52, 0x49, 0x56, 0x41, 0x54, 0x45,=
=0D
+  0x20, 0x4b, 0x45, 0x59, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x0a, 0x4d, 0x48,=
=0D
+  0x63, 0x43, 0x41, 0x51, 0x45, 0x45, 0x49, 0x4d, 0x4a, 0x54, 0x69, 0x75,=
=0D
+  0x34, 0x56, 0x54, 0x54, 0x57, 0x68, 0x78, 0x4b, 0x62, 0x51, 0x65, 0x78,=
=0D
+  0x6e, 0x30, 0x43, 0x58, 0x41, 0x77, 0x33, 0x44, 0x57, 0x6b, 0x6f, 0x78,=
=0D
+  0x79, 0x77, 0x6b, 0x7a, 0x46, 0x50, 0x62, 0x32, 0x48, 0x68, 0x5a, 0x6e,=
=0D
+  0x5a, 0x52, 0x6f, 0x41, 0x6f, 0x47, 0x43, 0x43, 0x71, 0x47, 0x53, 0x4d,=
=0D
+  0x34, 0x39, 0x0a, 0x41, 0x77, 0x45, 0x48, 0x6f, 0x55, 0x51, 0x44, 0x51,=
=0D
+  0x67, 0x41, 0x45, 0x45, 0x61, 0x51, 0x47, 0x5a, 0x62, 0x5a, 0x35, 0x62,=
=0D
+  0x6e, 0x4b, 0x32, 0x32, 0x41, 0x6d, 0x45, 0x6b, 0x6f, 0x59, 0x52, 0x43,=
=0D
+  0x64, 0x37, 0x71, 0x30, 0x41, 0x78, 0x67, 0x38, 0x59, 0x72, 0x2f, 0x66,=
=0D
+  0x4e, 0x37, 0x4f, 0x37, 0x41, 0x65, 0x36, 0x70, 0x62, 0x6a, 0x56, 0x46,=
=0D
+  0x2b, 0x56, 0x69, 0x4d, 0x79, 0x32, 0x49, 0x0a, 0x73, 0x5a, 0x72, 0x6d,=
=0D
+  0x38, 0x77, 0x6c, 0x44, 0x44, 0x71, 0x6e, 0x33, 0x50, 0x4f, 0x6b, 0x67,=
=0D
+  0x75, 0x72, 0x32, 0x78, 0x50, 0x41, 0x4f, 0x4a, 0x48, 0x69, 0x72, 0x2f,=
=0D
+  0x62, 0x67, 0x6a, 0x2f, 0x4c, 0x67, 0x3d, 0x3d, 0x0a, 0x2d, 0x2d, 0x2d,=
=0D
+  0x2d, 0x2d, 0x45, 0x4e, 0x44, 0x20, 0x45, 0x43, 0x20, 0x50, 0x52, 0x49,=
=0D
+  0x56, 0x41, 0x54, 0x45, 0x20, 0x4b, 0x45, 0x59, 0x2d, 0x2d, 0x2d, 0x2d,=
=0D
+  0x2d, 0x0a,=0D
+};=0D
+=0D
+//=0D
+// Payload for PKCS#7 Signing & Verification Validation.=0D
+//=0D
+CONST CHAR8  *mEcPayload =3D "payload data for PKCS#7 EC Signing";=0D
+=0D
 VOID  *Ec1;=0D
 VOID  *Ec2;=0D
 VOID  *Group;=0D
@@ -279,12 +362,85 @@ TestVerifyEcDh (
   return UNIT_TEST_PASSED;=0D
 }=0D
 =0D
+UNIT_TEST_STATUS=0D
+EFIAPI=0D
+TestVerifyEcKey (=0D
+  UNIT_TEST_CONTEXT  Context=0D
+  )=0D
+{=0D
+  BOOLEAN  Status;=0D
+  VOID     *EcPrivKey;=0D
+  VOID     *EcPubKey;=0D
+  UINT8    HashValue[SHA256_DIGEST_SIZE];=0D
+  UINTN    HashSize;=0D
+  UINT8    Signature[66 * 2];=0D
+  UINTN    SigSize;=0D
+=0D
+  //=0D
+  // Retrieve EC private key from PEM data.=0D
+  //=0D
+  Status =3D EcGetPrivateKeyFromPem (=0D
+             mEccTestPemKey,=0D
+             sizeof (mEccTestPemKey),=0D
+             NULL,=0D
+             &EcPrivKey=0D
+             );=0D
+  UT_ASSERT_TRUE (Status);=0D
+=0D
+  //=0D
+  // Retrieve EC public key from X509 Certificate.=0D
+  //=0D
+  Status =3D EcGetPublicKeyFromX509 (=0D
+             mEccTestRootCer,=0D
+             sizeof (mEccTestRootCer),=0D
+             &EcPubKey=0D
+             );=0D
+  UT_ASSERT_TRUE (Status);=0D
+=0D
+  //=0D
+  // Verify EC-DSA=0D
+  //=0D
+  HashSize =3D sizeof (HashValue);=0D
+  SigSize  =3D sizeof (Signature);=0D
+  //=0D
+  // EC-DSA Signing ...=0D
+  //=0D
+  Status =3D EcDsaSign (=0D
+             EcPrivKey,=0D
+             CRYPTO_NID_SHA256,=0D
+             HashValue,=0D
+             HashSize,=0D
+             Signature,=0D
+             &SigSize=0D
+             );=0D
+  UT_ASSERT_TRUE (Status);=0D
+=0D
+  //=0D
+  // EC-DSA Verification ...=0D
+  //=0D
+  Status =3D EcDsaVerify (=0D
+             EcPubKey,=0D
+             CRYPTO_NID_SHA256,=0D
+             HashValue,=0D
+             HashSize,=0D
+             Signature,=0D
+             SigSize=0D
+             );=0D
+  UT_ASSERT_TRUE (Status);=0D
+=0D
+  EcFree (EcPrivKey);=0D
+  EcFree (EcPubKey);=0D
+=0D
+  return UNIT_TEST_PASSED;=0D
+}=0D
+=0D
 TEST_DESC  mEcTest[] =3D {=0D
   //=0D
   // -----Description-----------------Class------------------Function----P=
re----Post----Context=0D
   //=0D
   { "TestVerifyEcBasic()", "CryptoPkg.BaseCryptLib.Ec", TestVerifyEcBasic,=
 TestVerifyEcPreReq, TestVerifyEcCleanUp, NULL },=0D
   { "TestVerifyEcDh()",    "CryptoPkg.BaseCryptLib.Ec", TestVerifyEcDh,   =
 TestVerifyEcPreReq, TestVerifyEcCleanUp, NULL },=0D
+  { "TestVerifyEcKey()",   "CryptoPkg.BaseCryptLib.Ec", TestVerifyEcKey,  =
 NULL,               NULL,                NULL },=0D
 };=0D
 =0D
 UINTN  mEcTestNum =3D ARRAY_SIZE (mEcTest);=0D
--=20
2.26.2.windows.1