Support verification of P256/P384+SHA512 signatures (#857)

ctz · web-flow · commit 35ee4e476410 · 2025-08-14T11:44:29.000-04:00
diff --git a/aws-lc-rs/src/signature.rs b/aws-lc-rs/src/signature.rs
@@ -652,6 +652,13 @@ pub static ECDSA_P256_SHA384_ASN1: EcdsaVerificationAlgorithm = EcdsaVerificatio
     sig_format: EcdsaSignatureFormat::ASN1,
 };
 
+/// *Not recommended.* Verification of ASN.1 DER-encoded ECDSA signatures using the P-256 curve and SHA-512.
+pub static ECDSA_P256_SHA512_ASN1: EcdsaVerificationAlgorithm = EcdsaVerificationAlgorithm {
+    id: &ec::signature::AlgorithmID::ECDSA_P256,
+    digest: &digest::SHA512,
+    sig_format: EcdsaSignatureFormat::ASN1,
+};
+
 /// *Not recommended.* Verification of ASN.1 DER-encoded ECDSA signatures using the P-384 curve and SHA-256.
 pub static ECDSA_P384_SHA256_ASN1: EcdsaVerificationAlgorithm = EcdsaVerificationAlgorithm {
     id: &ec::signature::AlgorithmID::ECDSA_P384,
@@ -666,6 +673,13 @@ pub static ECDSA_P384_SHA384_ASN1: EcdsaVerificationAlgorithm = EcdsaVerificatio
     sig_format: EcdsaSignatureFormat::ASN1,
 };
 
+/// *Not recommended.* Verification of ASN.1 DER-encoded ECDSA signatures using the P-384 curve and SHA-512.
+pub static ECDSA_P384_SHA512_ASN1: EcdsaVerificationAlgorithm = EcdsaVerificationAlgorithm {
+    id: &ec::signature::AlgorithmID::ECDSA_P384,
+    digest: &digest::SHA512,
+    sig_format: EcdsaSignatureFormat::ASN1,
+};
+
 /// Verification of ASN.1 DER-encoded ECDSA signatures using the P-384 curve and SHA3-384.
 pub static ECDSA_P384_SHA3_384_ASN1: EcdsaVerificationAlgorithm = EcdsaVerificationAlgorithm {
     id: &ec::signature::AlgorithmID::ECDSA_P384,
diff --git a/aws-lc-rs/tests/data/ecdsa_verify_asn1_tests.txt b/aws-lc-rs/tests/data/ecdsa_verify_asn1_tests.txt
@@ -1385,4 +1385,34 @@ Digest = SHA256
 Msg = 915dca7fb2514693c1975dc5e55380345ef59ec7cb15fdcaeb4676286101419f546ef067673adb23d5029edaa80418fa976e384350c7c7a05c19d2a0a8048585b1353cddbdcdc3ad692c2d076c0aa1197ba53abf27450368f3ca5603d056d0026306da5ebd31cccafe25efcb86baa5ec11f3a381e2670d25da4e9ee4bd1c550c
 Q = 04e4f184c13b3ddcf96c10340e57f46dcb3160e704bd0d38a077094b40c3b9850f54159847d47b00662b6b70a80c56e654e82ee55db25ae7ef9ab4455b8d09b316
 Sig = 304502201d53181ce02ee677b372fe6f3faac10c1633184ecb8035719d47fb843cdb82570221009d57798c299bbc425f4f5785a5336c1f56ddda242f54b42a7e225e3aa3447c4d
-Result = F(1 - Message changed)
+Result = F(1 - Message changed)
+
+# from wycheproof ecdsa_secp256r1_sha512_test.json
+Curve = P-256
+Digest = SHA512
+Msg = ""
+Q = 0404aaec73635726f213fb8a9e64da3b8632e41495a944d0045b522eba7240fad587d9315798aaa3a5ba01775787ced05eaaf7b4e09fc81d6d1aa546e8365d525d
+Sig = 30440220093f3825c0cf820cced816a3a67446c85606a6d529e43857643fccc11e1f705f0220769782888c63058630f97a5891c8700e82979e4f233586bfc5042fa73cb70a4e
+Result = P (0 )
+
+Curve = P-256
+Digest = SHA512
+Msg = 313233343030
+Q = 042927b10512bae3eddcfe467828128bad2903269919f7086069c8c4df6c732838c7787964eaac00e5921fb1498a60f4606766b3d9685001558d1a974e7341513e
+Sig = 30432478f1d049f6d857ac900a7af1772226a4c59b345fbb90613c66f42b98f981c1022100a07a59c4a41688538eb315e94effca0f4039035c6c2ed1dc84841359d1b34eb2
+Result = F(1 - Message changed)
+
+# from wycheproof ecdsa_secp384r1_sha512_test.json
+Curve = P-384
+Digest = SHA512
+Msg = ""
+Q = 0429bdb76d5fa741bfd70233cb3a66cc7d44beb3b0663d92a8136650478bcefb61ef182e155a54345a5e8e5e88f064e5bc9a525ab7f764dad3dae1468c2b419f3b62b9ba917d5e8c4fb1ec47404a3fc76474b2713081be9db4c00e043ada9fc4a3
+Sig = 306402302290c886bbad8f53089583d543a269a727665626d6b94a3796324c62d08988f66f6011e845811a03589e92abe1f17faf023066e2cb4380997f4e7f85022541adb22d24d1196be68a3db888b03eb3d2d40b0d9a3a6a00a1a4782ee0a00e8410ba2d86
+Result = P (0 )
+
+Curve = P-384
+Digest = SHA512
+Msg = 313233343030
+Q = 042da57dda1089276a543f9ffdac0bff0d976cad71eb7280e7d9bfd9fee4bdb2f20f47ff888274389772d98cc5752138aa4b6d054d69dcf3e25ec49df870715e34883b1836197d76f8ad962e78f6571bbc7407b0d6091f9e4d88f014274406174f
+Sig = 306400814cc9a70febda342d4ada87fc39426f403d5e89808428460c1eca60c897bfd6728da14673854673d7d297ea944a15e302310084f5ef11d22f22d0548af6a50dbf2f6a1bb9054585af5e600c49cf35b1e69b712754dd781c837355ddd41c752193a7cd
+Result = F(1 - Message changed)
diff --git a/aws-lc-rs/tests/ecdsa_tests.rs b/aws-lc-rs/tests/ecdsa_tests.rs
@@ -172,8 +172,10 @@ fn test_signature_ecdsa_verify_asn1(data_file: test::File) {
         let (alg, digest_alg) = match (curve_name.as_str(), digest_name.as_str()) {
             ("P-256", "SHA256") => (&signature::ECDSA_P256_SHA256_ASN1, &SHA256),
             ("P-256", "SHA384") => (&signature::ECDSA_P256_SHA384_ASN1, &SHA384),
+            ("P-256", "SHA512") => (&signature::ECDSA_P256_SHA512_ASN1, &SHA512),
             ("P-384", "SHA256") => (&signature::ECDSA_P384_SHA256_ASN1, &SHA256),
             ("P-384", "SHA384") => (&signature::ECDSA_P384_SHA384_ASN1, &SHA384),
+            ("P-384", "SHA512") => (&signature::ECDSA_P384_SHA512_ASN1, &SHA512),
             ("P-384", "SHA3-384") => (&signature::ECDSA_P384_SHA3_384_ASN1, &SHA3_384),
             ("P-521", "SHA1") => (&signature::ECDSA_P521_SHA1_ASN1, &SHA1_FOR_LEGACY_USE_ONLY),
             ("P-521", "SHA224") => (&signature::ECDSA_P521_SHA224_ASN1, &SHA224),
