[bssl] Support ECDSA P-384 signature verification
This functionality is required for the verification of DICE
certificate chain in a subsequent cl.
Bug: 314266221
Test: atest libbssl_avf_nostd.test
Change-Id: Idcc3c7e8b22a0c6151490585d0f16474a17e33b9
diff --git a/libs/bssl/tests/eckey_test.rs b/libs/bssl/tests/eckey_test.rs
index 9c503ba..265dee7 100644
--- a/libs/bssl/tests/eckey_test.rs
+++ b/libs/bssl/tests/eckey_test.rs
@@ -82,12 +82,27 @@
fn ecdsa_p256_signing_and_verification_succeed() -> Result<()> {
let mut ec_key = EcKey::new_p256()?;
ec_key.generate_key()?;
- let digest = sha256(MESSAGE1)?;
+ let digester = Digester::sha256();
+ let digest = digester.digest(MESSAGE1)?;
+ assert_eq!(digest, sha256(MESSAGE1)?);
let signature = ec_key.ecdsa_sign(&digest)?;
ec_key.ecdsa_verify(&signature, &digest)?;
let pkey: PKey = ec_key.try_into()?;
- pkey.verify(&signature, MESSAGE1, Some(Digester::sha256()))
+ pkey.verify(&signature, MESSAGE1, Some(digester))
+}
+
+#[test]
+fn ecdsa_p384_signing_and_verification_succeed() -> Result<()> {
+ let mut ec_key = EcKey::new_p384()?;
+ ec_key.generate_key()?;
+ let digester = Digester::sha384();
+ let digest = digester.digest(MESSAGE1)?;
+
+ let signature = ec_key.ecdsa_sign(&digest)?;
+ ec_key.ecdsa_verify(&signature, &digest)?;
+ let pkey: PKey = ec_key.try_into()?;
+ pkey.verify(&signature, MESSAGE1, Some(digester))
}
#[test]