Bug 1840510: Add ACVP test vectors to the repository r=nkulatova

These cover AES(GCM), ECDSA, RSA, SHA256 and big number operations. This includes both vectors from ACVP and ones produced by fuzzing by acvp-rust. The latter do not necessarily verify the correctness but ensure most code is covered and behaves normally during test execution. Differential Revision: https://phabricator.services.mozilla.com/D182125
ffontaine · Sep 6, 2023 · 49fe465 · 49fe465
1 parent 03417da
commit 49fe465
Show file tree

Hide file tree

Showing 10 changed files with 40,207 additions and 8 deletions.
diff --git a/automation/taskcluster/docker-acvp/bin/run.sh b/automation/taskcluster/docker-acvp/bin/run.sh
@@ -12,15 +12,24 @@ export RUSTFLAGS="-C instrument-coverage"
 cd nss
 CC=clang-15 CXX=clang++-15 ./build.sh -g -v --sourcecov --static --disable-tests
 
+TEST_DIRECTORY=$NSS_SOURCES_PATH/tests/acvp
+
 git clone --depth=1 https://gitlab.com/nisec/nss-project/acvp-rust.git
 cd acvp-rust
 cargo build
 TESTRUN="cargo run --bin test -- --profdata-command llvm-profdata-15"
-echo "AES-GCM:"
-$TESTRUN acvp-rust/samples/aes-gcm.json symmetric nss
-echo "ECDSA:"
-$TESTRUN acvp-rust/samples/ecdsa.json ecdsa nss
-echo "RSA:"
-$TESTRUN acvp-rust/samples/rsa.json rsa nss
-echo "SHA-256:"
-$TESTRUN acvp-rust/samples/sha256.json sha nss
+echo "Big Number (fuzzed):"
+$TESTRUN $TEST_DIRECTORY/fuzzed/bn.json bn nss
+echo "AES-GCM (acvp-server):"
+$TESTRUN $TEST_DIRECTORY/aes-gcm.json symmetric nss
+echo "ECDSA (acvp-server):"
+$TESTRUN $TEST_DIRECTORY/ecdsa.json ecdsa nss
+echo "ECDSA (fuzzed):"
+$TESTRUN $TEST_DIRECTORY/fuzzed/ecdsa.json ecdsa nss
+echo "RSA (acvp-server):"
+$TESTRUN $TEST_DIRECTORY/rsa.json rsa nss
+echo "RSA (fuzzed):"
+$TESTRUN $TEST_DIRECTORY/fuzzed/rsa.json rsa nss
+echo "SHA-256 (acvp-server):"
+$TESTRUN $TEST_DIRECTORY/sha256.json sha nss
+$TESTRUN $TEST_DIRECTORY/sha256.mct.json sha nss
diff --git a/tests/acvp/COPYING b/tests/acvp/COPYING
@@ -0,0 +1,7 @@
+Files "rsa.json", "ecdsa.json", "sha256.json", "sha256.mct.json", "aes-gcm.json" were adapted from JSON samples in https://github.com/usnistgov/ACVP-Server on Nov 20 2022. These are distributed under the following license:
+
+NIST-developed software is provided by NIST as a public service. You may use, copy, and distribute copies of the software in any medium, provided that you keep intact this entire notice. You may improve, modify, and create derivative works of the software or any portion of the software, and you may copy and distribute such modifications or works. Modified works should carry a notice stating that you changed the software and should note the date and nature of any such change. Please explicitly acknowledge the National Institute of Standards and Technology as the source of the software.
+
+NIST-developed software is expressly provided "AS IS." NIST MAKES NO WARRANTY OF ANY KIND, EXPRESS, IMPLIED, IN FACT, OR ARISING BY OPERATION OF LAW, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND DATA ACCURACY. NIST NEITHER REPRESENTS NOR WARRANTS THAT THE OPERATION OF THE SOFTWARE WILL BE UNINTERRUPTED OR ERROR-FREE, OR THAT ANY DEFECTS WILL BE CORRECTED. NIST DOES NOT WARRANT OR MAKE ANY REPRESENTATIONS REGARDING THE USE OF THE SOFTWARE OR THE RESULTS THEREOF, INCLUDING BUT NOT LIMITED TO THE CORRECTNESS, ACCURACY, RELIABILITY, OR USEFULNESS OF THE SOFTWARE.
+
+You are solely responsible for determining the appropriateness of using and distributing the software and you assume all risks associated with its use, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and the unavailability or interruption of operation. This software is not intended to be used in any situation where a failure could cause risk of injury or damage to property. The software developed by NIST employees is not subject to copyright protection within the United States.