3f944674b2
Unfortunately, this driver suffers a lot from Wycheproof's Java heritgate, but so it goes. Their test formats bake in a lot of Java API mistakes. Change-Id: I3299e85efb58e99e4fa34841709c3bea6518968d Reviewed-on: https://boringssl-review.googlesource.com/27865 Reviewed-by: Steven Valdez <svaldez@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
3242 lines
228 KiB
Plaintext
3242 lines
228 KiB
Plaintext
# Imported from Wycheproof's ecdh_test.json.
|
|
# This file is generated by convert_wycheproof.go. Do not edit by hand.
|
|
#
|
|
# Algorithm: ECDH
|
|
# Generator version: 0.4
|
|
|
|
[curve = secp224r1]
|
|
|
|
# tcId = 1
|
|
# normal case
|
|
curve = secp224r1
|
|
private = 565577a49415ca761a0322ad54e4ad0ae7625174baf372c2816f5328
|
|
public = 304e301006072a8648ce3d020106052b81040021033a00047d8ac211e1228eb094e285a957d9912e93deee433ed777440ae9fc719b01d050dfbe653e72f39491be87fb1a2742daa6e0a2aada98bb1aca
|
|
result = valid
|
|
shared = b8ecdb552d39228ee332bafe4886dbff272f7109edf933bc7542bd4f
|
|
|
|
# tcId = 2
|
|
# compressed public key
|
|
curve = secp224r1
|
|
private = 565577a49415ca761a0322ad54e4ad0ae7625174baf372c2816f5328
|
|
public = 3032301006072a8648ce3d020106052b81040021031e00027d8ac211e1228eb094e285a957d9912e93deee433ed777440ae9fc71
|
|
result = acceptable
|
|
shared = b8ecdb552d39228ee332bafe4886dbff272f7109edf933bc7542bd4f
|
|
# The point in the public key is compressed. Not every library supports points
|
|
# in compressed format.
|
|
|
|
# tcId = 3
|
|
# edge cases for shared secret
|
|
curve = secp224r1
|
|
private = 0a2b6442a37f9201b56758034d2009be64b0ab7c02d7e398cac9665d6
|
|
public = 304e301006072a8648ce3d020106052b81040021033a00045763fa2ae16367ad23d471cc9a52466f0d81d864e5640cefe384114594d9fecfbed4f254505ac8b41d2532055a07f0241c4818b552cbb636
|
|
result = valid
|
|
shared = 00000000000000000000000100000000000000000000000000000001
|
|
|
|
# tcId = 4
|
|
# edge cases for shared secret
|
|
curve = secp224r1
|
|
private = 0a2b6442a37f9201b56758034d2009be64b0ab7c02d7e398cac9665d6
|
|
public = 304e301006072a8648ce3d020106052b81040021033a0004142c1fd80fa2121a59aa898144084ec033f7a56a34eee0b499e29ae51c6d8c1bbb1ef2a76d565899fe44ffc1207d530d7f598fb77f4bb76b
|
|
result = valid
|
|
shared = 00000000000000ffffffffffffff0000000000000100000000000000
|
|
|
|
# tcId = 5
|
|
# edge cases for shared secret
|
|
curve = secp224r1
|
|
private = 0a2b6442a37f9201b56758034d2009be64b0ab7c02d7e398cac9665d6
|
|
public = 304e301006072a8648ce3d020106052b81040021033a0004ed6f793e10c80d12d871cf8988399c4898a9bf9ffd8f27399f63de25f0051cdf4eec7f368f922cfcd948893ceca0c92e540cc4367a99a66a
|
|
result = valid
|
|
shared = 00000000ffffffffffffffff00000000000000010000000000000000
|
|
|
|
# tcId = 6
|
|
# edge cases for shared secret
|
|
curve = secp224r1
|
|
private = 0a2b6442a37f9201b56758034d2009be64b0ab7c02d7e398cac9665d6
|
|
public = 304e301006072a8648ce3d020106052b81040021033a000408fcfc1a63c82860be12e4137433dfc40be9acdd245f9a8c4e56be61a385fc09f808383383f4b1d0d5365b6e5dcfacdc19bc7bcfed221274
|
|
result = valid
|
|
shared = 0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff
|
|
|
|
# tcId = 7
|
|
# edge cases for shared secret
|
|
curve = secp224r1
|
|
private = 0a2b6442a37f9201b56758034d2009be64b0ab7c02d7e398cac9665d6
|
|
public = 304e301006072a8648ce3d020106052b81040021033a0004d883ed77f1861e8712800d31df67888fe39f150c79a27aa88caeda6b180f3f623e2ff3ab5370cf8179165b085af3dd4502850c0104caed9a
|
|
result = valid
|
|
shared = 0003fffffff00000003fffffff00000003fffffff000000040000000
|
|
|
|
# tcId = 8
|
|
# edge cases for shared secret
|
|
curve = secp224r1
|
|
private = 0a2b6442a37f9201b56758034d2009be64b0ab7c02d7e398cac9665d6
|
|
public = 304e301006072a8648ce3d020106052b81040021033a00042b8b279b85ee3f3d2c0abeb36fdfc5aad6157d652d26489381a32cd73224bd757ef794acc92b0b3b9e7990618bb343a9a09bdb9d3616eff6
|
|
result = valid
|
|
shared = 01fffffffc00000007fffffff00000001fffffffc000000080000001
|
|
|
|
# tcId = 9
|
|
# edge cases for shared secret
|
|
curve = secp224r1
|
|
private = 0a2b6442a37f9201b56758034d2009be64b0ab7c02d7e398cac9665d6
|
|
public = 304e301006072a8648ce3d020106052b81040021033a0004a281ad992b363597ac93ff0de8ab1f7e51a6672dcbb58f9d739ba430ce0192874038daefc3130eec65811c7255da70fea65c1003f6892faa
|
|
result = valid
|
|
shared = 7fffffffffffffffffffffffffffffffffffffffffffffffffffffff
|
|
|
|
# tcId = 10
|
|
# edge cases for shared secret
|
|
curve = secp224r1
|
|
private = 0a2b6442a37f9201b56758034d2009be64b0ab7c02d7e398cac9665d6
|
|
public = 304e301006072a8648ce3d020106052b81040021033a0004be3e22133f51203f631b81dde8c020cdea5daa1f99cfc05c88fad2dc0f243798d6e72d1de9e3cdca4144e0a6c0f2a584d07589006972c197
|
|
result = valid
|
|
shared = fffc0007fff0001fffc0007fff0001fffc0007fff0001fffc0008001
|
|
|
|
# tcId = 11
|
|
# edge cases for shared secret
|
|
curve = secp224r1
|
|
private = 0a2b6442a37f9201b56758034d2009be64b0ab7c02d7e398cac9665d6
|
|
public = 304e301006072a8648ce3d020106052b81040021033a0004af14547c20afbd91bfe64ea03d45a76a71241f23520ef897ff91eff1b54ca6ca8c25fd73852ec6654617434eff7f0225684d4dea7a4f8a97
|
|
result = valid
|
|
shared = ffff0000003ffffff0000003ffffff0000003ffffff0000003ffffff
|
|
|
|
# tcId = 12
|
|
# edge cases for shared secret
|
|
curve = secp224r1
|
|
private = 0a2b6442a37f9201b56758034d2009be64b0ab7c02d7e398cac9665d6
|
|
public = 304e301006072a8648ce3d020106052b81040021033a0004b1e484925018729926acda56ff3e2f6c1e7e8f162b178d8e8afb45564fceaa6da5d998fe26b6b26a055169063a5ab6908852ca8b54e2de6c
|
|
result = valid
|
|
shared = fffff0000007fffffe000000ffffffc000001ffffff8000003ffffff
|
|
|
|
# tcId = 13
|
|
# edge cases for shared secret
|
|
curve = secp224r1
|
|
private = 0a2b6442a37f9201b56758034d2009be64b0ab7c02d7e398cac9665d6
|
|
public = 304e301006072a8648ce3d020106052b81040021033a0004937eb09fb145c8829cb7df20a4cbeed396791373de277871d6c5f9cc3b5b4fd56464a71fc4a2a6af3bd251952bffa829489e68a8d06f96b6
|
|
result = valid
|
|
shared = ffffffff00000000ffffffff00000000ffffffff00000000ffffffff
|
|
|
|
# tcId = 14
|
|
# edge cases for ephemeral key
|
|
curve = secp224r1
|
|
private = 2bc15cf3981f4e15bbad387b506df647989e5478160be862f8c26969
|
|
public = 304e301006072a8648ce3d020106052b81040021033a0004000000000000000000000001000000000000000000000000000000012ea2f4917bdfdb008306cc10a18e2557633ba861001829dcbfb96fba
|
|
result = valid
|
|
shared = be1ded8cb7ff8a585181f96d681e31b332fe27dcae922dca2310300d
|
|
|
|
# tcId = 15
|
|
# edge cases for ephemeral key
|
|
curve = secp224r1
|
|
private = 2bc15cf3981f4e15bbad387b506df647989e5478160be862f8c26969
|
|
public = 304e301006072a8648ce3d020106052b81040021033a000400000000000000ffffffffffffff000000000000010000000000000073ca5f8f104997a2399e0c7f25e72a75ec29fc4542533d3fea89a33a
|
|
result = valid
|
|
shared = a2e86a260e13515918a0cafdd87855f231b5624c560f976159e06a75
|
|
|
|
# tcId = 16
|
|
# edge cases for ephemeral key
|
|
curve = secp224r1
|
|
private = 2bc15cf3981f4e15bbad387b506df647989e5478160be862f8c26969
|
|
public = 304e301006072a8648ce3d020106052b81040021033a000400000000ffffffffffffffff000000000000000100000000000000006fe6805f59b19b0dd389452a1d4a420bfeb6c369cf6fed5b12e6e654
|
|
result = valid
|
|
shared = 31ef7c8d10404a0046994f313a70574b027e87f9028eca242c1b5bf5
|
|
|
|
# tcId = 17
|
|
# edge cases for ephemeral key
|
|
curve = secp224r1
|
|
private = 2bc15cf3981f4e15bbad387b506df647989e5478160be862f8c26969
|
|
public = 304e301006072a8648ce3d020106052b81040021033a00040000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff77c5cfa4e2c384938d48bd8dd98f54c86b279f1df8c0a1f6692439c9
|
|
result = valid
|
|
shared = d1976a8ef5f54f24f5a269ad504fdca849fc9c28587ba294ef267396
|
|
|
|
# tcId = 18
|
|
# edge cases for ephemeral key
|
|
curve = secp224r1
|
|
private = 2bc15cf3981f4e15bbad387b506df647989e5478160be862f8c26969
|
|
public = 304e301006072a8648ce3d020106052b81040021033a00040003fffffff00000003fffffff00000003fffffff00000004000000001f0828136016bb97445461bc59f2175d8d23557d6b9381f26136e3d
|
|
result = valid
|
|
shared = ce7890d108ddb2e5474e6417fcf7a9f2b3bd018816062f4835260dc8
|
|
|
|
# tcId = 19
|
|
# edge cases for ephemeral key
|
|
curve = secp224r1
|
|
private = 2bc15cf3981f4e15bbad387b506df647989e5478160be862f8c26969
|
|
public = 304e301006072a8648ce3d020106052b81040021033a000401fffffffc00000007fffffff00000001fffffffc0000000800000012d8acca6f199d4a94b933ba1aa713a7debde8ac57b928f596ae66a66
|
|
result = valid
|
|
shared = 30b6ff6e8051dae51e4fe34b2d9a0b1879153e007eb0b5bdf1791a9c
|
|
|
|
# tcId = 20
|
|
# edge cases for ephemeral key
|
|
curve = secp224r1
|
|
private = 2bc15cf3981f4e15bbad387b506df647989e5478160be862f8c26969
|
|
public = 304e301006072a8648ce3d020106052b81040021033a00047fffffffffffffffffffffffffffffffffffffffffffffffffffffff7d8dbca36c56bcaae92e3475f799294f30768038e816a7d5f7f07d77
|
|
result = valid
|
|
shared = 73bd63bd384a0faafb75cfed3e95d3892cbacf0db10f282c3b644771
|
|
|
|
# tcId = 21
|
|
# edge cases for ephemeral key
|
|
curve = secp224r1
|
|
private = 2bc15cf3981f4e15bbad387b506df647989e5478160be862f8c26969
|
|
public = 304e301006072a8648ce3d020106052b81040021033a0004fffc0007fff0001fffc0007fff0001fffc0007fff0001fffc000800174f1ff5ea7fbc72b92f61e06556c26bab84c0b082dd6400ca1c1eb6d
|
|
result = valid
|
|
shared = 85b079c62e1f5b0fd6841dfa16026e15b641f65e13a14042567166bb
|
|
|
|
# tcId = 22
|
|
# edge cases for ephemeral key
|
|
curve = secp224r1
|
|
private = 2bc15cf3981f4e15bbad387b506df647989e5478160be862f8c26969
|
|
public = 304e301006072a8648ce3d020106052b81040021033a0004ffff0000003ffffff0000003ffffff0000003ffffff0000003ffffff0126fdd5fccd0b5aa7fd5bb5b1308584b30556248cec80208a2fe962
|
|
result = valid
|
|
shared = 8a834ff40e3fc9f9d412a481e18537ea799536c5520c6c7baaf12166
|
|
|
|
# tcId = 23
|
|
# edge cases for ephemeral key
|
|
curve = secp224r1
|
|
private = 2bc15cf3981f4e15bbad387b506df647989e5478160be862f8c26969
|
|
public = 304e301006072a8648ce3d020106052b81040021033a0004fffff0000007fffffe000000ffffffc000001ffffff8000003ffffff20cfa23077acc9fbcb71339c65880cd0b966b8a9497e65abed17f0b5
|
|
result = valid
|
|
shared = a0887269766e6efcbc81d2b38f2d4638663f12377468a23421044188
|
|
|
|
# tcId = 24
|
|
# edge cases for ephemeral key
|
|
curve = secp224r1
|
|
private = 2bc15cf3981f4e15bbad387b506df647989e5478160be862f8c26969
|
|
public = 304e301006072a8648ce3d020106052b81040021033a0004ffffffff00000000ffffffff00000000ffffffff00000000ffffffff1c05ac2d4f10b69877c3243d51f887277b7bf735c326ab2f0d70da8c
|
|
result = valid
|
|
shared = c65d1911bc076a74588d8793ce7a0dcabf5793460cd2ebb02754a1be
|
|
|
|
# tcId = 25
|
|
# edge case private key
|
|
curve = secp224r1
|
|
private = 3
|
|
public = 304e301006072a8648ce3d020106052b81040021033a0004478e73465bb1183583f4064e67e8b4343af4a05d29dfc04eb60ac2302e5b9a3a1b32e4208d4c284ff26822e09c3a9a4683443e4a35175504
|
|
result = valid
|
|
shared = e71f2157bfe37697ea5193d4732dcc6e5412fa9d38387eacd391c1c6
|
|
|
|
# tcId = 26
|
|
# edge case private key
|
|
curve = secp224r1
|
|
private = 0ffffffffffffffffffffffffffffffffffffffffffffffff
|
|
public = 304e301006072a8648ce3d020106052b81040021033a0004478e73465bb1183583f4064e67e8b4343af4a05d29dfc04eb60ac2302e5b9a3a1b32e4208d4c284ff26822e09c3a9a4683443e4a35175504
|
|
result = valid
|
|
shared = fa2664717c7fa0161ec2c669b2c0986cdc20456a6e5406302bb53c77
|
|
|
|
# tcId = 27
|
|
# edge case private key
|
|
curve = secp224r1
|
|
private = 1000000000000000000000000000000000000000000000000000000
|
|
public = 304e301006072a8648ce3d020106052b81040021033a0004478e73465bb1183583f4064e67e8b4343af4a05d29dfc04eb60ac2302e5b9a3a1b32e4208d4c284ff26822e09c3a9a4683443e4a35175504
|
|
result = valid
|
|
shared = af6e5ad34497bae0745f53ad78ce8b285d79f400d5c6e6a071f8e6bd
|
|
|
|
# tcId = 28
|
|
# edge case private key
|
|
curve = secp224r1
|
|
private = 7fffffffffffffffffffffffffffffffffffffffffffffffffffffff
|
|
public = 304e301006072a8648ce3d020106052b81040021033a0004478e73465bb1183583f4064e67e8b4343af4a05d29dfc04eb60ac2302e5b9a3a1b32e4208d4c284ff26822e09c3a9a4683443e4a35175504
|
|
result = valid
|
|
shared = 12fd302ff8c13c55a9c111f8bb6b0a13ecf88299c0ae3032ce2bcaff
|
|
|
|
# tcId = 29
|
|
# edge case private key
|
|
curve = secp224r1
|
|
private = 080000000000000000000000000000000000000000000000000000000
|
|
public = 304e301006072a8648ce3d020106052b81040021033a0004478e73465bb1183583f4064e67e8b4343af4a05d29dfc04eb60ac2302e5b9a3a1b32e4208d4c284ff26822e09c3a9a4683443e4a35175504
|
|
result = valid
|
|
shared = 73f1a395b842f1a6752ae417e2c3dc90cafc4476d1d861b7e68ad030
|
|
|
|
# tcId = 30
|
|
# edge case private key
|
|
curve = secp224r1
|
|
private = 0ffffffffffffffffffffffffffff16a2e0b8f03d13dd29455c5c2a3d
|
|
public = 304e301006072a8648ce3d020106052b81040021033a0004478e73465bb1183583f4064e67e8b4343af4a05d29dfc04eb60ac2302e5b9a3a1b32e4208d4c284ff26822e09c3a9a4683443e4a35175504
|
|
result = valid
|
|
shared = b329c20ddb7c78ee4e622bb23a984c0d273ba34b6269f3d9e8f89f8e
|
|
|
|
# tcId = 31
|
|
# edge case private key
|
|
curve = secp224r1
|
|
private = 0ffffffffffffffffffffffffffff16a2e0b8f03e13cd29455c5c2a3d
|
|
public = 304e301006072a8648ce3d020106052b81040021033a0004478e73465bb1183583f4064e67e8b4343af4a05d29dfc04eb60ac2302e5b9a3a1b32e4208d4c284ff26822e09c3a9a4683443e4a35175504
|
|
result = valid
|
|
shared = 6f48345209b290ffc5abbe754a201479e5d667a209468080d06197b4
|
|
|
|
# tcId = 32
|
|
# edge case private key
|
|
curve = secp224r1
|
|
private = 0ffffffffffffffffffffffffffff16a2e0b8f03e13d529455c5c2a3d
|
|
public = 304e301006072a8648ce3d020106052b81040021033a0004478e73465bb1183583f4064e67e8b4343af4a05d29dfc04eb60ac2302e5b9a3a1b32e4208d4c284ff26822e09c3a9a4683443e4a35175504
|
|
result = valid
|
|
shared = 9f6e30c1c9dad42a153aacd4b49a8e5c721d085cd07b5d5aec244fc1
|
|
|
|
# tcId = 33
|
|
# edge case private key
|
|
curve = secp224r1
|
|
private = 0ffffffffffffffffffffffffffff16a2e0b8f03e13dd29445c5c2a3d
|
|
public = 304e301006072a8648ce3d020106052b81040021033a0004478e73465bb1183583f4064e67e8b4343af4a05d29dfc04eb60ac2302e5b9a3a1b32e4208d4c284ff26822e09c3a9a4683443e4a35175504
|
|
result = valid
|
|
shared = 8cadfb19a80949e61bd5b829ad0e76d18a5bb2eeb9ed7fe2b901cecd
|
|
|
|
# tcId = 34
|
|
# edge case private key
|
|
curve = secp224r1
|
|
private = 0ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c29b7
|
|
public = 304e301006072a8648ce3d020106052b81040021033a0004478e73465bb1183583f4064e67e8b4343af4a05d29dfc04eb60ac2302e5b9a3a1b32e4208d4c284ff26822e09c3a9a4683443e4a35175504
|
|
result = valid
|
|
shared = 475fd96e0eb8cb8f100a5d7fe043a7a6851d1d611da2643a3c6ae708
|
|
# The private key has a special value. Implementations using addition
|
|
# subtraction chains for the point multiplication may get the point at infinity
|
|
# as an intermediate result. See CVE_2017_10176
|
|
|
|
# tcId = 35
|
|
# edge case private key
|
|
curve = secp224r1
|
|
private = 0ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a37
|
|
public = 304e301006072a8648ce3d020106052b81040021033a0004478e73465bb1183583f4064e67e8b4343af4a05d29dfc04eb60ac2302e5b9a3a1b32e4208d4c284ff26822e09c3a9a4683443e4a35175504
|
|
result = valid
|
|
shared = 41ef931d669d1f57d8bb95a01a92321da74be8c6cbc3bbe0b2e73ebd
|
|
# The private key has a special value. Implementations using addition
|
|
# subtraction chains for the point multiplication may get the point at infinity
|
|
# as an intermediate result. See CVE_2017_10176
|
|
|
|
# tcId = 36
|
|
# edge case private key
|
|
curve = secp224r1
|
|
private = 0ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3a
|
|
public = 304e301006072a8648ce3d020106052b81040021033a0004478e73465bb1183583f4064e67e8b4343af4a05d29dfc04eb60ac2302e5b9a3a1b32e4208d4c284ff26822e09c3a9a4683443e4a35175504
|
|
result = valid
|
|
shared = e71f2157bfe37697ea5193d4732dcc6e5412fa9d38387eacd391c1c6
|
|
|
|
# tcId = 37
|
|
# edge case private key
|
|
curve = secp224r1
|
|
private = 0ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3b
|
|
public = 304e301006072a8648ce3d020106052b81040021033a0004478e73465bb1183583f4064e67e8b4343af4a05d29dfc04eb60ac2302e5b9a3a1b32e4208d4c284ff26822e09c3a9a4683443e4a35175504
|
|
result = valid
|
|
shared = 11ff15126411299cbd49e2b7542e69e91ef132e2551a16ecfebb23a3
|
|
# The private key has a special value. Implementations using addition
|
|
# subtraction chains for the point multiplication may get the point at infinity
|
|
# as an intermediate result. See CVE_2017_10176
|
|
|
|
# tcId = 38
|
|
# public point not on curve
|
|
curve = secp224r1
|
|
private = 0d07629eb653a169ae3231ea1030faaf3e7f8ffe388030ee315d0a1d2
|
|
public = 304e301006072a8648ce3d020106052b81040021033a0004a10fb7bf22d299fc5bc43bd2d0e8da28af28ace8430bee28f9e5b57554275c0615d8d9a3011d7bc4c1c4cf4a834c8dc46f25b98854401a5d
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 39
|
|
# public point = (0,0)
|
|
curve = secp224r1
|
|
private = 0d07629eb653a169ae3231ea1030faaf3e7f8ffe388030ee315d0a1d2
|
|
public = 304e301006072a8648ce3d020106052b81040021033a00040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 40
|
|
# order = -26959946667150639794667015087019625940457807714424391721682722368061
|
|
curve = secp224r1
|
|
private = 0d07629eb653a169ae3231ea1030faaf3e7f8ffe388030ee315d0a1d2
|
|
public = 308201133081d406072a8648ce3d02013081c8020101302806072a8648ce3d0101021d00ffffffffffffffffffffffffffffffff000000000000000000000001303c041cfffffffffffffffffffffffffffffffefffffffffffffffffffffffe041cb4050a850c04b3abf54132565044b0b7d7bfd8ba270b39432355ffb4043904b70e0cbd6bb4bf7f321390b94a03c1d356c21122343280d6115c1d21bd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34021dff0000000000000000000000000000e95d1f470fc1ec22d6baa3a3d5c3020101033a0004a10fb7bf22d299fc5bc43bd2d0e8da28af28ace8430bee28f9e5b57554275c0615d8d9a3011d7bc4c1c4cf4a834c8dc46f25b98854401a5b
|
|
result = invalid
|
|
shared =
|
|
# The order of the public key has been modified. If this order is used in a
|
|
# cryptographic primitive instead of the correct order then private keys may
|
|
# leak. E.g. ECDHC in BC 1.52 suffered from this.
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 41
|
|
# order = 0
|
|
curve = secp224r1
|
|
private = 0d07629eb653a169ae3231ea1030faaf3e7f8ffe388030ee315d0a1d2
|
|
public = 3081f73081b806072a8648ce3d02013081ac020101302806072a8648ce3d0101021d00ffffffffffffffffffffffffffffffff000000000000000000000001303c041cfffffffffffffffffffffffffffffffefffffffffffffffffffffffe041cb4050a850c04b3abf54132565044b0b7d7bfd8ba270b39432355ffb4043904b70e0cbd6bb4bf7f321390b94a03c1d356c21122343280d6115c1d21bd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34020100020101033a0004a10fb7bf22d299fc5bc43bd2d0e8da28af28ace8430bee28f9e5b57554275c0615d8d9a3011d7bc4c1c4cf4a834c8dc46f25b98854401a5b
|
|
result = invalid
|
|
shared =
|
|
# The order of the public key has been modified. If this order is used in a
|
|
# cryptographic primitive instead of the correct order then private keys may
|
|
# leak. E.g. ECDHC in BC 1.52 suffered from this.
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 42
|
|
# order = 1
|
|
curve = secp224r1
|
|
private = 0d07629eb653a169ae3231ea1030faaf3e7f8ffe388030ee315d0a1d2
|
|
public = 3081f73081b806072a8648ce3d02013081ac020101302806072a8648ce3d0101021d00ffffffffffffffffffffffffffffffff000000000000000000000001303c041cfffffffffffffffffffffffffffffffefffffffffffffffffffffffe041cb4050a850c04b3abf54132565044b0b7d7bfd8ba270b39432355ffb4043904b70e0cbd6bb4bf7f321390b94a03c1d356c21122343280d6115c1d21bd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34020101020101033a0004a10fb7bf22d299fc5bc43bd2d0e8da28af28ace8430bee28f9e5b57554275c0615d8d9a3011d7bc4c1c4cf4a834c8dc46f25b98854401a5b
|
|
result = acceptable
|
|
shared = 9b992dad1c2b5dadd3b5aeb84b7a91fb6fe5f46e02ab2c7fa32696a7
|
|
# The order of the public key has been modified. If this order is used in a
|
|
# cryptographic primitive instead of the correct order then private keys may
|
|
# leak. E.g. ECDHC in BC 1.52 suffered from this.
|
|
# A parameter that is typically not used for ECDH has been modified. Sometimes
|
|
# libraries ignore small differences between public and private key. For
|
|
# example, a library might ignore an incorrect cofactor in the public key. We
|
|
# consider ignoring such changes as acceptable as long as these differences do
|
|
# not change the outcome of the ECDH computation, i.e. as long as the
|
|
# computation is done on the curve from the private key.
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 43
|
|
# order = 6277101735386680763835789423207665314073163949517624387909
|
|
curve = secp224r1
|
|
private = 0d07629eb653a169ae3231ea1030faaf3e7f8ffe388030ee315d0a1d2
|
|
public = 3082010f3081d006072a8648ce3d02013081c4020101302806072a8648ce3d0101021d00ffffffffffffffffffffffffffffffff000000000000000000000001303c041cfffffffffffffffffffffffffffffffefffffffffffffffffffffffe041cb4050a850c04b3abf54132565044b0b7d7bfd8ba270b39432355ffb4043904b70e0cbd6bb4bf7f321390b94a03c1d356c21122343280d6115c1d21bd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34021900ffffffffffffffffffffffffffff16a2e0b8f03e13dd2945020101033a0004a10fb7bf22d299fc5bc43bd2d0e8da28af28ace8430bee28f9e5b57554275c0615d8d9a3011d7bc4c1c4cf4a834c8dc46f25b98854401a5b
|
|
result = acceptable
|
|
shared = 9b992dad1c2b5dadd3b5aeb84b7a91fb6fe5f46e02ab2c7fa32696a7
|
|
# The order of the public key has been modified. If this order is used in a
|
|
# cryptographic primitive instead of the correct order then private keys may
|
|
# leak. E.g. ECDHC in BC 1.52 suffered from this.
|
|
# A parameter that is typically not used for ECDH has been modified. Sometimes
|
|
# libraries ignore small differences between public and private key. For
|
|
# example, a library might ignore an incorrect cofactor in the public key. We
|
|
# consider ignoring such changes as acceptable as long as these differences do
|
|
# not change the outcome of the ECDH computation, i.e. as long as the
|
|
# computation is done on the curve from the private key.
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 44
|
|
# generator = (0,0)
|
|
curve = secp224r1
|
|
private = 0d07629eb653a169ae3231ea1030faaf3e7f8ffe388030ee315d0a1d2
|
|
public = 308201133081d406072a8648ce3d02013081c8020101302806072a8648ce3d0101021d00ffffffffffffffffffffffffffffffff000000000000000000000001303c041cfffffffffffffffffffffffffffffffefffffffffffffffffffffffe041cb4050a850c04b3abf54132565044b0b7d7bfd8ba270b39432355ffb40439040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000021d00ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3d020101033a0004a10fb7bf22d299fc5bc43bd2d0e8da28af28ace8430bee28f9e5b57554275c0615d8d9a3011d7bc4c1c4cf4a834c8dc46f25b98854401a5b
|
|
result = acceptable
|
|
shared = 9b992dad1c2b5dadd3b5aeb84b7a91fb6fe5f46e02ab2c7fa32696a7
|
|
# A parameter that is typically not used for ECDH has been modified. Sometimes
|
|
# libraries ignore small differences between public and private key. For
|
|
# example, a library might ignore an incorrect cofactor in the public key. We
|
|
# consider ignoring such changes as acceptable as long as these differences do
|
|
# not change the outcome of the ECDH computation, i.e. as long as the
|
|
# computation is done on the curve from the private key.
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 45
|
|
# generator not on curve
|
|
curve = secp224r1
|
|
private = 0d07629eb653a169ae3231ea1030faaf3e7f8ffe388030ee315d0a1d2
|
|
public = 308201133081d406072a8648ce3d02013081c8020101302806072a8648ce3d0101021d00ffffffffffffffffffffffffffffffff000000000000000000000001303c041cfffffffffffffffffffffffffffffffefffffffffffffffffffffffe041cb4050a850c04b3abf54132565044b0b7d7bfd8ba270b39432355ffb4043904b70e0cbd6bb4bf7f321390b94a03c1d356c21122343280d6115c1d21bd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e36021d00ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3d020101033a0004a10fb7bf22d299fc5bc43bd2d0e8da28af28ace8430bee28f9e5b57554275c0615d8d9a3011d7bc4c1c4cf4a834c8dc46f25b98854401a5b
|
|
result = acceptable
|
|
shared = 9b992dad1c2b5dadd3b5aeb84b7a91fb6fe5f46e02ab2c7fa32696a7
|
|
# A parameter that is typically not used for ECDH has been modified. Sometimes
|
|
# libraries ignore small differences between public and private key. For
|
|
# example, a library might ignore an incorrect cofactor in the public key. We
|
|
# consider ignoring such changes as acceptable as long as these differences do
|
|
# not change the outcome of the ECDH computation, i.e. as long as the
|
|
# computation is done on the curve from the private key.
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 46
|
|
# cofactor = -1
|
|
curve = secp224r1
|
|
private = 0d07629eb653a169ae3231ea1030faaf3e7f8ffe388030ee315d0a1d2
|
|
public = 308201133081d406072a8648ce3d02013081c8020101302806072a8648ce3d0101021d00ffffffffffffffffffffffffffffffff000000000000000000000001303c041cfffffffffffffffffffffffffffffffefffffffffffffffffffffffe041cb4050a850c04b3abf54132565044b0b7d7bfd8ba270b39432355ffb4043904b70e0cbd6bb4bf7f321390b94a03c1d356c21122343280d6115c1d21bd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34021d00ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3d0201ff033a0004a10fb7bf22d299fc5bc43bd2d0e8da28af28ace8430bee28f9e5b57554275c0615d8d9a3011d7bc4c1c4cf4a834c8dc46f25b98854401a5b
|
|
result = invalid
|
|
shared =
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 47
|
|
# cofactor = 0
|
|
curve = secp224r1
|
|
private = 0d07629eb653a169ae3231ea1030faaf3e7f8ffe388030ee315d0a1d2
|
|
public = 308201133081d406072a8648ce3d02013081c8020101302806072a8648ce3d0101021d00ffffffffffffffffffffffffffffffff000000000000000000000001303c041cfffffffffffffffffffffffffffffffefffffffffffffffffffffffe041cb4050a850c04b3abf54132565044b0b7d7bfd8ba270b39432355ffb4043904b70e0cbd6bb4bf7f321390b94a03c1d356c21122343280d6115c1d21bd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34021d00ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3d020100033a0004a10fb7bf22d299fc5bc43bd2d0e8da28af28ace8430bee28f9e5b57554275c0615d8d9a3011d7bc4c1c4cf4a834c8dc46f25b98854401a5b
|
|
result = invalid
|
|
shared =
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 48
|
|
# cofactor = 2
|
|
curve = secp224r1
|
|
private = 0d07629eb653a169ae3231ea1030faaf3e7f8ffe388030ee315d0a1d2
|
|
public = 308201133081d406072a8648ce3d02013081c8020101302806072a8648ce3d0101021d00ffffffffffffffffffffffffffffffff000000000000000000000001303c041cfffffffffffffffffffffffffffffffefffffffffffffffffffffffe041cb4050a850c04b3abf54132565044b0b7d7bfd8ba270b39432355ffb4043904b70e0cbd6bb4bf7f321390b94a03c1d356c21122343280d6115c1d21bd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34021d00ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3d020102033a0004a10fb7bf22d299fc5bc43bd2d0e8da28af28ace8430bee28f9e5b57554275c0615d8d9a3011d7bc4c1c4cf4a834c8dc46f25b98854401a5b
|
|
result = acceptable
|
|
shared = 9b992dad1c2b5dadd3b5aeb84b7a91fb6fe5f46e02ab2c7fa32696a7
|
|
# A parameter that is typically not used for ECDH has been modified. Sometimes
|
|
# libraries ignore small differences between public and private key. For
|
|
# example, a library might ignore an incorrect cofactor in the public key. We
|
|
# consider ignoring such changes as acceptable as long as these differences do
|
|
# not change the outcome of the ECDH computation, i.e. as long as the
|
|
# computation is done on the curve from the private key.
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 49
|
|
# cofactor =
|
|
# 26959946667150639794667015087019625940457807714424391721682722368061
|
|
curve = secp224r1
|
|
private = 0d07629eb653a169ae3231ea1030faaf3e7f8ffe388030ee315d0a1d2
|
|
public = 3082012f3081f006072a8648ce3d02013081e4020101302806072a8648ce3d0101021d00ffffffffffffffffffffffffffffffff000000000000000000000001303c041cfffffffffffffffffffffffffffffffefffffffffffffffffffffffe041cb4050a850c04b3abf54132565044b0b7d7bfd8ba270b39432355ffb4043904b70e0cbd6bb4bf7f321390b94a03c1d356c21122343280d6115c1d21bd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34021d00ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3d021d00ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3d033a0004a10fb7bf22d299fc5bc43bd2d0e8da28af28ace8430bee28f9e5b57554275c0615d8d9a3011d7bc4c1c4cf4a834c8dc46f25b98854401a5b
|
|
result = invalid
|
|
shared =
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 50
|
|
# cofactor = None
|
|
curve = secp224r1
|
|
private = 0d07629eb653a169ae3231ea1030faaf3e7f8ffe388030ee315d0a1d2
|
|
public = 308201103081d106072a8648ce3d02013081c5020101302806072a8648ce3d0101021d00ffffffffffffffffffffffffffffffff000000000000000000000001303c041cfffffffffffffffffffffffffffffffefffffffffffffffffffffffe041cb4050a850c04b3abf54132565044b0b7d7bfd8ba270b39432355ffb4043904b70e0cbd6bb4bf7f321390b94a03c1d356c21122343280d6115c1d21bd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34021d00ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3d033a0004a10fb7bf22d299fc5bc43bd2d0e8da28af28ace8430bee28f9e5b57554275c0615d8d9a3011d7bc4c1c4cf4a834c8dc46f25b98854401a5b
|
|
result = acceptable
|
|
shared = 9b992dad1c2b5dadd3b5aeb84b7a91fb6fe5f46e02ab2c7fa32696a7
|
|
# A parameter that is typically not used for ECDH has been modified. Sometimes
|
|
# libraries ignore small differences between public and private key. For
|
|
# example, a library might ignore an incorrect cofactor in the public key. We
|
|
# consider ignoring such changes as acceptable as long as these differences do
|
|
# not change the outcome of the ECDH computation, i.e. as long as the
|
|
# computation is done on the curve from the private key.
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 51
|
|
# modified prime
|
|
curve = secp224r1
|
|
private = 0d07629eb653a169ae3231ea1030faaf3e7f8ffe388030ee315d0a1d2
|
|
public = 308201133081d406072a8648ce3d02013081c8020101302806072a8648ce3d0101021d00c123da0a46a971da9468161e61a5c71a02e6c9bdb3392f4016fb457b303c041c3edc25f5b9568e256b97e9e19e5a38e4fd1936424cc6d0bfe904ba83041cb4050a850c04b3abf54132565044b0b7d7bfd8ba270b39432355ffb4043904000000000000000000285145f31ae4d40000000000000000000003387edad63d1a600740ce66b6f04d67ed06ea1a75c16294336ed05b3fa3021d00ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3d020101033a0004000000000000000000285145f31ae4d40000000000000000000003387edad63d1a600740ce66b6f04d67ed06ea1a75c16294336ed05b3fa3
|
|
result = invalid
|
|
shared =
|
|
# The modulus of the public key has been modified. The public point of the
|
|
# public key has been chosen so that it is both a point on both the curve of the
|
|
# modified public key and the private key.
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 52
|
|
# using secp256r1
|
|
curve = secp224r1
|
|
private = 0d07629eb653a169ae3231ea1030faaf3e7f8ffe388030ee315d0a1d2
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d03010703420004cbf6606595a3ee50f9fceaa2798c2740c82540516b4e5a7d361ff24e9dd15364e5408b2e679f9d5310d1f6893b36ce16b4a507509175fcb52aea53b781556b39
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 53
|
|
# using secp256k1
|
|
curve = secp224r1
|
|
private = 0d07629eb653a169ae3231ea1030faaf3e7f8ffe388030ee315d0a1d2
|
|
public = 3056301006072a8648ce3d020106052b8104000a03420004a1263e75b87ae0937060ff1472f330ee55cdf8f4329d6284a9ebfbcc856c11684225e72cbebff41e54fb6f00e11afe53a17937bedbf2df787f8ef9584f775838
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 54
|
|
# a = 0
|
|
curve = secp224r1
|
|
private = 0d07629eb653a169ae3231ea1030faaf3e7f8ffe388030ee315d0a1d2
|
|
public = 3081f83081b906072a8648ce3d02013081ad020101302806072a8648ce3d0101021d00ffffffffffffffffffffffffffffffff0000000000000000000000013021040100041cd0d5e347a38ce5b6e1f47edddd8a223bca45d2015de76ec835a4df57043904a10fb7bf22d299fc5bc43bd2d0e8da28af28ace8430bee28f9e5b57554275c0615d8d9a3011d7bc4c1c4cf4a834c8dc46f25b98854401a5b021d00ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3d020101033a0004a10fb7bf22d299fc5bc43bd2d0e8da28af28ace8430bee28f9e5b57554275c0615d8d9a3011d7bc4c1c4cf4a834c8dc46f25b98854401a5b
|
|
result = acceptable
|
|
shared = 9b992dad1c2b5dadd3b5aeb84b7a91fb6fe5f46e02ab2c7fa32696a7
|
|
# A parameter that is typically not used for ECDH has been modified. Sometimes
|
|
# libraries ignore small differences between public and private key. For
|
|
# example, a library might ignore an incorrect cofactor in the public key. We
|
|
# consider ignoring such changes as acceptable as long as these differences do
|
|
# not change the outcome of the ECDH computation, i.e. as long as the
|
|
# computation is done on the curve from the private key.
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 55
|
|
# public key of order 3
|
|
curve = secp224r1
|
|
private = 0d07629eb653a169ae3231ea1030faaf3e7f8ffe388030ee315d0a1d2
|
|
public = 308201133081d406072a8648ce3d02013081c8020101302806072a8648ce3d0101021d00ffffffffffffffffffffffffffffffff000000000000000000000001303c041c5f016b6ef7c87f09477c524fd38cddb24f4e259de4ad4a1f46ddea0e041c1d95579037de3d9d658893716efe3a3569ce699b5d20356e8f83b31e0439049d1a9a4c437596755a6277bd634e4e5a793c5007be2ac3523205e0c5c554f8662ec70ce451c617dda9d184131d1825f5b58c4f8012c48529021d00ffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3d020101033a00049d1a9a4c437596755a6277bd634e4e5a793c5007be2ac3523205e0c53aab0799d138f31bae39e822562e7bebe2e7da0a4a73b07fed3b7ad8
|
|
result = invalid
|
|
shared =
|
|
# The vector contains a weak public key. The curve is not a named curve, the
|
|
# public key point has order 3 and has been chosen to be on the same curve as
|
|
# the private key. This test vector is used to check ECC implementations for
|
|
# missing steps in the verification of the public key.
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 56
|
|
# Private key and public key are not on the same curve
|
|
curve = secp224r1
|
|
private = 2ddd06cb77ca2eae5266a34a107b49e56ffb4c2d3952112da2df90fc
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d03010703420004ea36cf70fab75684eabe6569ce623db0deaa8c95f61c8be50b8b9f3eb7d4b9ec48d9e4814f4cb1c286589eaaa990d3f3238b2d6d6be964abfad964824b653376
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 57
|
|
# Private key and public key are not on the same curve
|
|
curve = secp224r1
|
|
private = 2ddd06cb77ca2eae5266a34a107b49e56ffb4c2d3952112da2df90fc
|
|
public = 3076301006072a8648ce3d020106052b81040022036200044b2470ad3d13269c10a17d222ebdffbd61fb04488db1b1d7caef8d4988b7bb8ba6d81857a05b255232b9e37a30e328bb9d9c42d86096f2bcee3d258cfe208d2fd03cbd5ccc6a3bb8ce4b0efa5b059b4afbd0377aa6e274721a57efe8ee85d86a
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 58
|
|
# Private key and public key are not on the same curve
|
|
curve = secp224r1
|
|
private = 2ddd06cb77ca2eae5266a34a107b49e56ffb4c2d3952112da2df90fc
|
|
public = 30819b301006072a8648ce3d020106052b810400230381860004012841a2260f0f1f424865fef275374779bf0355720223f8ec6a9ba767b1603b492f58a6bba1705d882257bc6be1935de4411c5f1fdad44ec65ba8b97ce0e73e1ac90006937832a602147e37c1a42ca2a63629ffc9a35b31bfacb38c6242b42916125f7446b45c718f797259bc3011cb71e868560b331cf7d01139a0643443f9fd7306c1
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 59
|
|
# Private key and public key are not on the same curve
|
|
curve = secp224r1
|
|
private = 2ddd06cb77ca2eae5266a34a107b49e56ffb4c2d3952112da2df90fc
|
|
public = 3056301006072a8648ce3d020106052b8104000a03420004c2199fecf75648c0e952dff143821fa4012b28f90435ce6ee54653687f969a76092a3844e17d478a594f43b28cc10a5c553b4f64906121031c3a79299c70dbd6
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 60
|
|
# Private key and public key are not on the same curve
|
|
curve = secp224r1
|
|
private = 2ddd06cb77ca2eae5266a34a107b49e56ffb4c2d3952112da2df90fc
|
|
public = 3052301406072a8648ce3d020106092b2403030208010105033a00046caa3d6d86f792df7b29e41eb4203150f60f4fca10f57d0b2454abfb201f9f7e6dcbb92bdcfb9240dc86bcaeaf157c77bca22b2ec86ee8d6
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 61
|
|
# Private key and public key are not on the same curve
|
|
curve = secp224r1
|
|
private = 2ddd06cb77ca2eae5266a34a107b49e56ffb4c2d3952112da2df90fc
|
|
public = 305a301406072a8648ce3d020106092b2403030208010107034200042750180012c3ba7489517d428e4826784e50b50ac42ef7991c61a396c03a52da5e74908ae8a89627a7c15e554b105b0ebaeebcfed10e3ea60223d0a8bc3b36ab
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 62
|
|
# Private key and public key are not on the same curve
|
|
curve = secp224r1
|
|
private = 2ddd06cb77ca2eae5266a34a107b49e56ffb4c2d3952112da2df90fc
|
|
public = 306a301406072a8648ce3d020106092b2403030208010109035200045b523d3a8f20f6a569c6951e0b8de48d89e7549a184e8506820421c3e404473692cd248d7480843b911d87a87e401112fce0d3d2c36978cf6dd7f1d93bfaebe0827d4bf4006006d3202e842126fe1b68
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 63
|
|
# Private key and public key are not on the same curve
|
|
curve = secp224r1
|
|
private = 2ddd06cb77ca2eae5266a34a107b49e56ffb4c2d3952112da2df90fc
|
|
public = 307a301406072a8648ce3d020106092b240303020801010b03620004449607c76c6dc7334c269a0ebab5beec83b6c263377ce06ef5c276f45a9916eff85f50438f5f32ced0210a6c414fe5e242c7c1070823f5395b35965bda6758acf84725f11ea836dda7d391fee91342026645241853224a437a6fb74e4cdc871f
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 64
|
|
# Private key and public key are not on the same curve
|
|
curve = secp224r1
|
|
private = 2ddd06cb77ca2eae5266a34a107b49e56ffb4c2d3952112da2df90fc
|
|
public = 30819b301406072a8648ce3d020106092b240303020801010d038182000463e7a491240848e4f53ea5fb857d428c493053193e4b0b4f995ac8bf4c56276a507870131a384aa7e236c64cd7a049a1b37e40ad00c3b8a920dcbad6531616356ce1b6e6d96a7d1b693e25e5abd83ab560a3d764bcd49ec98a1b49421163bd5fc5a625f44c91eb4c2984d5a2e51e816ebdee8fbe08364bb14b7ac876990e64d9
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 65
|
|
# Private key and public key are not on the same curve
|
|
curve = secp224r1
|
|
private = 2ddd06cb77ca2eae5266a34a107b49e56ffb4c2d3952112da2df90fc
|
|
public = 3052301406072a8648ce3d020106092b2403030208010106033a00047c592ecb8908355d1ebf8d59b3619275dbe3666209b72ced6a3c88740456ce61d6a84e0542d7cd10dd8804afb8c784d5dffd9480d8cfdc95
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 66
|
|
# Private key and public key are not on the same curve
|
|
curve = secp224r1
|
|
private = 2ddd06cb77ca2eae5266a34a107b49e56ffb4c2d3952112da2df90fc
|
|
public = 305a301406072a8648ce3d020106092b240303020801010803420004746226a3e005c37ede51828d3375ef91ebd0ff719a380af69d7dfd131b42a3e8917d4a4d573872935a74d1040f1c47d25d6b26f4156cccdcdc11833b9cde433a
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 67
|
|
# Private key and public key are not on the same curve
|
|
curve = secp224r1
|
|
private = 2ddd06cb77ca2eae5266a34a107b49e56ffb4c2d3952112da2df90fc
|
|
public = 306a301406072a8648ce3d020106092b240303020801010a035200043298b36825c7bd90ab5157b913d40bbfd732a0de0557e02a2c65a0c223e9a65d62c32462040dd6fe578103023c831caff122c1ed4b8ff7373fa2f08d11c9f4c7f85f81802262ffed9bb82cb6d92eed2d
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 68
|
|
# Private key and public key are not on the same curve
|
|
curve = secp224r1
|
|
private = 2ddd06cb77ca2eae5266a34a107b49e56ffb4c2d3952112da2df90fc
|
|
public = 307a301406072a8648ce3d020106092b240303020801010c036200043af2849b981f7e5e6ab936e6abb4f206c1fd5561998df8008bfe98d84173c9f2301cdbd5bffc569c0b5a57ce2a8f4d640f1816475fc6043baa8e5a3453bf327b54cb29c7e54a5f31348969aa94615094dbcd1a8e5c2d630465e45fc556c02194
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 69
|
|
# Private key and public key are not on the same curve
|
|
curve = secp224r1
|
|
private = 2ddd06cb77ca2eae5266a34a107b49e56ffb4c2d3952112da2df90fc
|
|
public = 30819b301406072a8648ce3d020106092b240303020801010e038182000453d2506047e72af6d98558e1633ecb7e6a05c37861cd3289455cf41bfbf1703f2e9a83052b8eca7d84cba2f001abd8b978f68b69ed6bd874755c44d347fe302c5760b2078c56b24ebd0dcd99f26b8f8a23044b3767a3d2a306587687a7b00668974674edbf18c3db2f3473a97ee77065fdcdd1a9aa053716a4c504f3d18b9170
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 70
|
|
# invalid public key
|
|
curve = secp224r1
|
|
private = 0fc28a0ca0f8e36b0d4f71421845135a22aef543b9fddf8c775b2d18f
|
|
public = 3032301006072a8648ce3d020106052b81040021031e00020ca753db5ddeca474241f8d2dafc0844343fd0e37eded2f0192d51b2
|
|
result = invalid
|
|
shared =
|
|
# The point in the public key is compressed. Not every library supports points
|
|
# in compressed format.
|
|
|
|
[curve = secp256r1]
|
|
|
|
# tcId = 71
|
|
# normal case
|
|
curve = secp256r1
|
|
private = 612465c89a023ab17855b0a6bcebfd3febb53aef84138647b5352e02c10c346
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000462d5bd3372af75fe85a040715d0f502428e07046868b0bfdfa61d731afe44f26ac333a93a9e70a81cd5a95b5bf8d13990eb741c8c38872b4a07d275a014e30cf
|
|
result = valid
|
|
shared = 53020d908b0219328b658b525f26780e3ae12bcd952bb25a93bc0895e1714285
|
|
|
|
# tcId = 72
|
|
# compressed public key
|
|
curve = secp256r1
|
|
private = 612465c89a023ab17855b0a6bcebfd3febb53aef84138647b5352e02c10c346
|
|
public = 3039301306072a8648ce3d020106082a8648ce3d0301070322000362d5bd3372af75fe85a040715d0f502428e07046868b0bfdfa61d731afe44f26
|
|
result = acceptable
|
|
shared = 53020d908b0219328b658b525f26780e3ae12bcd952bb25a93bc0895e1714285
|
|
# The point in the public key is compressed. Not every library supports points
|
|
# in compressed format.
|
|
|
|
# tcId = 73
|
|
# edge cases for shared secret
|
|
curve = secp256r1
|
|
private = 0a0d622a47e48f6bc1038ace438c6f528aa00ad2bd1da5f13ee46bf5f633d71a
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000458fd4168a87795603e2b04390285bdca6e57de6027fe211dd9d25e2212d29e62080d36bd224d7405509295eed02a17150e03b314f96da37445b0d1d29377d12c
|
|
result = valid
|
|
shared = 0000000000000000000000000000000000000000000000000000000000000000
|
|
|
|
# tcId = 74
|
|
# edge cases for shared secret
|
|
curve = secp256r1
|
|
private = 0a0d622a47e48f6bc1038ace438c6f528aa00ad2bd1da5f13ee46bf5f633d71a
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d030107034200040f6d20c04261ecc3e92846acad48dc8ec5ee35ae0883f0d2ea71216906ee1c47c042689a996dd12830ae459382e94aac56b717af2e2080215f9e41949b1f52be
|
|
result = valid
|
|
shared = 00000000000000000000000000000000ffffffffffffffffffffffffffffffff
|
|
|
|
# tcId = 75
|
|
# edge cases for shared secret
|
|
curve = secp256r1
|
|
private = 0a0d622a47e48f6bc1038ace438c6f528aa00ad2bd1da5f13ee46bf5f633d71a
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000400c7defeb1a16236738e9a1123ba621bc8e9a3f2485b3f8ffde7f9ce98f5a8a1cb338c3912b1792f60c2b06ec5231e2d84b0e596e9b76d419ce105ece3791dbc
|
|
result = valid
|
|
shared = 0000000000000000ffffffffffffffff00000000000000010000000000000001
|
|
|
|
# tcId = 76
|
|
# edge cases for shared secret
|
|
curve = secp256r1
|
|
private = 0a0d622a47e48f6bc1038ace438c6f528aa00ad2bd1da5f13ee46bf5f633d71a
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d03010703420004e9b98fb2c0ac045f8c76125ffd99eb8a5157be1d7db3e85d655ec1d8210288cf218df24fd2c2746be59df41262ef3a97d986744b2836748a7486230a319ffec0
|
|
result = valid
|
|
shared = 00000000ffffffff00000000ffffffff00000000ffffffff0000000100000000
|
|
|
|
# tcId = 77
|
|
# edge cases for shared secret
|
|
curve = secp256r1
|
|
private = 0a0d622a47e48f6bc1038ace438c6f528aa00ad2bd1da5f13ee46bf5f633d71a
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d03010703420004e9484e58f3331b66ffed6d90cb1c78065fa28cfba5c7dd4352013d3252ee4277bd7503b045a38b4b247b32c59593580f39e6abfa376c3dca20cf7f9cfb659e13
|
|
result = valid
|
|
shared = 000003ffffff0000003ffffff0000003ffffff0000003ffffff0000003ffffff
|
|
|
|
# tcId = 78
|
|
# edge cases for shared secret
|
|
curve = secp256r1
|
|
private = 0a0d622a47e48f6bc1038ace438c6f528aa00ad2bd1da5f13ee46bf5f633d71a
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d03010703420004767d7fbb84aa6a4db1079372644e42ecb2fec200c178822392cb8b950ffdd0c91c86853cafd09b52ba2f287f0ebaa26415a3cfabaf92c6a617a19988563d9dea
|
|
result = valid
|
|
shared = 0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff00010001
|
|
|
|
# tcId = 79
|
|
# edge cases for shared secret
|
|
curve = secp256r1
|
|
private = 0a0d622a47e48f6bc1038ace438c6f528aa00ad2bd1da5f13ee46bf5f633d71a
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d03010703420004f3cb6754b7e2a86d064dfb9f903185aaa4c92b481c2c1a1ff276303bbc4183e49c318599b0984c3563df339311fe143a7d921ee75b755a52c6f804f897b809f7
|
|
result = valid
|
|
shared = 7fff0001fffc0007fff0001fffc0007fff0001fffc0007fff0001fffc0007fff
|
|
|
|
# tcId = 80
|
|
# edge cases for shared secret
|
|
curve = secp256r1
|
|
private = 0a0d622a47e48f6bc1038ace438c6f528aa00ad2bd1da5f13ee46bf5f633d71a
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d03010703420004cce13fbdc96a946dfb8c6d9ed762dbd1731630455689f57a437fee124dd54cecaef78026c653030cf2f314a67064236b0a354defebc5e90c94124e9bf5c4fc24
|
|
result = valid
|
|
shared = 8000000000000000000000000000000000000000000000000000000000000004
|
|
|
|
# tcId = 81
|
|
# edge cases for shared secret
|
|
curve = secp256r1
|
|
private = 0a0d622a47e48f6bc1038ace438c6f528aa00ad2bd1da5f13ee46bf5f633d71a
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d030107034200047633dfd0ad06765097bc11bd5022b200df31f28c4ff0625421221ac7eeb6e6f4cb9c67693609ddd6f92343a5a1c635408240f4f8e27120c12554c7ff8c76e2fe
|
|
result = valid
|
|
shared = 8000003ffffff0000007fffffe000000ffffffc000001ffffff8000004000000
|
|
|
|
# tcId = 82
|
|
# edge cases for shared secret
|
|
curve = secp256r1
|
|
private = 0a0d622a47e48f6bc1038ace438c6f528aa00ad2bd1da5f13ee46bf5f633d71a
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d03010703420004a386ace573f87558a68ead2a20088e3fe928bdae9e109446f93a078c15741f0421261e6db2bf12106e4c6bf85b9581b4c0302a526222f90abc5a549206b11011
|
|
result = valid
|
|
shared = ff00000001fffffffc00000007fffffff00000001fffffffc00000007fffffff
|
|
|
|
# tcId = 83
|
|
# edge cases for shared secret
|
|
curve = secp256r1
|
|
private = 0a0d622a47e48f6bc1038ace438c6f528aa00ad2bd1da5f13ee46bf5f633d71a
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d030107034200048e7b50f7d8c44d5d3496c43141a502f4a43f153d03ad43eda8e39597f1d477b8647f3da67969b7f989ff4addc393515af40c82085ce1f2ee195412c6f583774f
|
|
result = valid
|
|
shared = ffff00000003fffffff00000003fffffff00000003fffffff00000003fffffff
|
|
|
|
# tcId = 84
|
|
# edge cases for shared secret
|
|
curve = secp256r1
|
|
private = 0a0d622a47e48f6bc1038ace438c6f528aa00ad2bd1da5f13ee46bf5f633d71a
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d03010703420004c827fb930fd51d926086191b502af83abb5f717debc8de29897a3934b2571ca05990c0597b0b7a2e42febd56b13235d1d408d76ed2c93b3facf514d902f6910a
|
|
result = valid
|
|
shared = ffffffff00000000000000ffffffffffffff00000000000000ffffffffffffff
|
|
|
|
# tcId = 85
|
|
# edge cases for ephemeral key
|
|
curve = secp256r1
|
|
private = 55d55f11bb8da1ea318bca7266f0376662441ea87270aa2077f1b770c4854a48
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d03010703420004000000000000000000000000000000000000000000000000000000000000000066485c780e2f83d72433bd5d84a06bb6541c2af31dae871728bf856a174f93f4
|
|
result = valid
|
|
shared = cfe4077c8730b1c9384581d36bff5542bc417c9eff5c2afcb98cc8829b2ce848
|
|
|
|
# tcId = 86
|
|
# edge cases for ephemeral key
|
|
curve = secp256r1
|
|
private = 55d55f11bb8da1ea318bca7266f0376662441ea87270aa2077f1b770c4854a48
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000400000000000000000000000000000000ffffffffffffffffffffffffffffffff4f2b92b4c596a5a47f8b041d2dea6043021ac77b9a80b1343ac9d778f4f8f733
|
|
result = valid
|
|
shared = 49ae50fe096a6cd26698b78356b2c8adf1f6a3490f14e364629f7a0639442509
|
|
|
|
# tcId = 87
|
|
# edge cases for ephemeral key
|
|
curve = secp256r1
|
|
private = 55d55f11bb8da1ea318bca7266f0376662441ea87270aa2077f1b770c4854a48
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d030107034200040000000000000000ffffffffffffffff0000000000000001000000000000000138120be6ab31edfa34768c4387d2f84fb4b0be8a9a985864a1575f4436bb37b0
|
|
result = valid
|
|
shared = 5a1334572b2a711ead8b4653eb310cd8d9fd114399379a8f6b872e3b8fdda2d9
|
|
|
|
# tcId = 88
|
|
# edge cases for ephemeral key
|
|
curve = secp256r1
|
|
private = 55d55f11bb8da1ea318bca7266f0376662441ea87270aa2077f1b770c4854a48
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000400000000ffffffff00000000ffffffff00000000ffffffff0000000100000000462c0466e41802238d6c925ecbefc747cfe505ea196af9a2d11b62850fce946e
|
|
result = valid
|
|
shared = c73755133b6b9b4b2a00631cbc7940ecbe6ec08f20448071422e3362f2556888
|
|
|
|
# tcId = 89
|
|
# edge cases for ephemeral key
|
|
curve = secp256r1
|
|
private = 55d55f11bb8da1ea318bca7266f0376662441ea87270aa2077f1b770c4854a48
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d03010703420004000003ffffff0000003ffffff0000003ffffff0000003ffffff0000003ffffff1582fa32e2d4a89dfcfb3d0b149f667dba3329490f4d64ee2ad586c0c9e8c508
|
|
result = valid
|
|
shared = 06fa1059935e47a9fd667e13f469614eb257cc9a7e3fc599bfb92780d59b146d
|
|
|
|
# tcId = 90
|
|
# edge cases for ephemeral key
|
|
curve = secp256r1
|
|
private = 55d55f11bb8da1ea318bca7266f0376662441ea87270aa2077f1b770c4854a48
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d030107034200040000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff00010001684c8a9586ed6f9cbe447058a7da2108bab1e5e0a60d1f73e4e2e713f0a3dfe0
|
|
result = valid
|
|
shared = f237df4c10bd3e357971bb2b16b293566b7e355bdc8141d6c92cabc682983c45
|
|
|
|
# tcId = 91
|
|
# edge cases for ephemeral key
|
|
curve = secp256r1
|
|
private = 55d55f11bb8da1ea318bca7266f0376662441ea87270aa2077f1b770c4854a48
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d030107034200047fff0001fffc0007fff0001fffc0007fff0001fffc0007fff0001fffc0007fff2e2213caf03033e0fd0f7951154f6e6c3a9244a72faca65e9ce9eeb5c8e1cea9
|
|
result = valid
|
|
shared = 55d0a203e22ffb523c8d2705060cee9d28308b51f184beefc518cff690bad346
|
|
|
|
# tcId = 92
|
|
# edge cases for ephemeral key
|
|
curve = secp256r1
|
|
private = 55d55f11bb8da1ea318bca7266f0376662441ea87270aa2077f1b770c4854a48
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000480000000000000000000000000000000000000000000000000000000000000042be8789db81bb4870a9e60c5c18c80c83de464277281f1af1e640843a1a3148e
|
|
result = valid
|
|
shared = 2518d846e577d95e9e7bc766cde7997cb887fb266d3a6cb598a839fd54aa2f4f
|
|
|
|
# tcId = 93
|
|
# edge cases for ephemeral key
|
|
curve = secp256r1
|
|
private = 55d55f11bb8da1ea318bca7266f0376662441ea87270aa2077f1b770c4854a48
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d030107034200048000003ffffff0000007fffffe000000ffffffc000001ffffff8000004000000722540f8a471c379083c600b58fde4d95c7dcad5095f4219fc5e9bdde3c5cd39
|
|
result = valid
|
|
shared = bdb49f4bdf42ac64504e9ce677b3ec5c0a03828c5b3efad726005692d35c0f26
|
|
|
|
# tcId = 94
|
|
# edge cases for ephemeral key
|
|
curve = secp256r1
|
|
private = 55d55f11bb8da1ea318bca7266f0376662441ea87270aa2077f1b770c4854a48
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d03010703420004ff00000001fffffffc00000007fffffff00000001fffffffc00000007fffffff5df80fc6cae26b6c1952fbd00ed174ee1209d069335f5b48588e29e80b9191ad
|
|
result = valid
|
|
shared = f503ac65637e0f17cb4408961cb882c875e4c6ef7a548d2d52d8c2f681838c55
|
|
|
|
# tcId = 95
|
|
# edge cases for ephemeral key
|
|
curve = secp256r1
|
|
private = 55d55f11bb8da1ea318bca7266f0376662441ea87270aa2077f1b770c4854a48
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d03010703420004ffff00000003fffffff00000003fffffff00000003fffffff00000003fffffff2c63650e6a5d332e2987dd09a79008e8faabbd37e49cb016bfb92c8cd0f5da77
|
|
result = valid
|
|
shared = e3c18e7d7377dc540bc45c08d389bdbe255fa80ca8faf1ef6b94d52049987d21
|
|
|
|
# tcId = 96
|
|
# edge cases for ephemeral key
|
|
curve = secp256r1
|
|
private = 55d55f11bb8da1ea318bca7266f0376662441ea87270aa2077f1b770c4854a48
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d03010703420004ffffffff00000000000000ffffffffffffff00000000000000ffffffffffffff7a116c964a4cd60668bf89cffe157714a3ce21b93b3ca607c8a5b93ac54ffc0a
|
|
result = valid
|
|
shared = 516d6d329b095a7c7e93b4023d4d05020c1445ef1ddcb3347b3a27d7d7f57265
|
|
|
|
# tcId = 97
|
|
# edge case private key
|
|
curve = secp256r1
|
|
private = 3
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000431028f3377fc8f2b1967edaab90213acad0da9f50897f08f57537f78f116744743a1930189363bbde2ac4cbd1649cdc6f451add71dd2f16a8a867f2b17caa16b
|
|
result = valid
|
|
shared = 85a0b58519b28e70a694ec5198f72c4bfdabaa30a70f7143b5b1cd7536f716ca
|
|
|
|
# tcId = 98
|
|
# edge case private key
|
|
curve = secp256r1
|
|
private = 0ffffffffffffffffffffffffffffffffffffffffffffffffffffffff
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000431028f3377fc8f2b1967edaab90213acad0da9f50897f08f57537f78f116744743a1930189363bbde2ac4cbd1649cdc6f451add71dd2f16a8a867f2b17caa16b
|
|
result = valid
|
|
shared = a329a7d80424ea2d6c904393808e510dfbb28155092f1bac284dceda1f13afe5
|
|
|
|
# tcId = 99
|
|
# edge case private key
|
|
curve = secp256r1
|
|
private = 100000000000000000000000000000000000000000000000000000000000000
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000431028f3377fc8f2b1967edaab90213acad0da9f50897f08f57537f78f116744743a1930189363bbde2ac4cbd1649cdc6f451add71dd2f16a8a867f2b17caa16b
|
|
result = valid
|
|
shared = bd26d0293e8851c51ebe0d426345683ae94026aca545282a4759faa85fde6687
|
|
|
|
# tcId = 100
|
|
# edge case private key
|
|
curve = secp256r1
|
|
private = 7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000431028f3377fc8f2b1967edaab90213acad0da9f50897f08f57537f78f116744743a1930189363bbde2ac4cbd1649cdc6f451add71dd2f16a8a867f2b17caa16b
|
|
result = valid
|
|
shared = ea9350b2490a2010c7abf43fb1a38be729a2de375ea7a6ac34ff58cc87e51b6c
|
|
|
|
# tcId = 101
|
|
# edge case private key
|
|
curve = secp256r1
|
|
private = 08000000000000000000000000000000000000000000000000000000000000000
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000431028f3377fc8f2b1967edaab90213acad0da9f50897f08f57537f78f116744743a1930189363bbde2ac4cbd1649cdc6f451add71dd2f16a8a867f2b17caa16b
|
|
result = valid
|
|
shared = 34eed3f6673d340b6f716913f6dfa36b5ac85fa667791e2d6a217b0c0b7ba807
|
|
|
|
# tcId = 102
|
|
# edge case private key
|
|
curve = secp256r1
|
|
private = 0ffffffff00000000ffffffffffffffffbce6faada7179e83f3b9cac2fc632551
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000431028f3377fc8f2b1967edaab90213acad0da9f50897f08f57537f78f116744743a1930189363bbde2ac4cbd1649cdc6f451add71dd2f16a8a867f2b17caa16b
|
|
result = valid
|
|
shared = 1354ce6692c9df7b6fc3119d47c56338afbedccb62faa546c0fe6ed4959e41c3
|
|
|
|
# tcId = 103
|
|
# edge case private key
|
|
curve = secp256r1
|
|
private = 0ffffffff00000000ffffffffffffffffbce6faada7179e84f3a9cac2fc632551
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000431028f3377fc8f2b1967edaab90213acad0da9f50897f08f57537f78f116744743a1930189363bbde2ac4cbd1649cdc6f451add71dd2f16a8a867f2b17caa16b
|
|
result = valid
|
|
shared = fe7496c30d534995f0bf428b5471c21585aaafc81733916f0165597a55d12cb4
|
|
|
|
# tcId = 104
|
|
# edge case private key
|
|
curve = secp256r1
|
|
private = 0ffffffff00000000ffffffffffffffffbce6faada7179e84f3b1cac2fc632551
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000431028f3377fc8f2b1967edaab90213acad0da9f50897f08f57537f78f116744743a1930189363bbde2ac4cbd1649cdc6f451add71dd2f16a8a867f2b17caa16b
|
|
result = valid
|
|
shared = 348bf8042e4edf1d03c8b36ab815156e77c201b764ed4562cfe2ee90638ffef5
|
|
|
|
# tcId = 105
|
|
# edge case private key
|
|
curve = secp256r1
|
|
private = 0ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac1fc632551
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000431028f3377fc8f2b1967edaab90213acad0da9f50897f08f57537f78f116744743a1930189363bbde2ac4cbd1649cdc6f451add71dd2f16a8a867f2b17caa16b
|
|
result = valid
|
|
shared = 6e4ec5479a7c20a537501700484f6f433a8a8fe53c288f7a25c8e8c92d39e8dc
|
|
|
|
# tcId = 106
|
|
# edge case private key
|
|
curve = secp256r1
|
|
private = 0ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6324f3
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000431028f3377fc8f2b1967edaab90213acad0da9f50897f08f57537f78f116744743a1930189363bbde2ac4cbd1649cdc6f451add71dd2f16a8a867f2b17caa16b
|
|
result = valid
|
|
shared = f7407d61fdf581be4f564621d590ca9b7ba37f31396150f9922f1501da8c83ef
|
|
# The private key has a special value. Implementations using addition
|
|
# subtraction chains for the point multiplication may get the point at infinity
|
|
# as an intermediate result. See CVE_2017_10176
|
|
|
|
# tcId = 107
|
|
# edge case private key
|
|
curve = secp256r1
|
|
private = 0ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632533
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000431028f3377fc8f2b1967edaab90213acad0da9f50897f08f57537f78f116744743a1930189363bbde2ac4cbd1649cdc6f451add71dd2f16a8a867f2b17caa16b
|
|
result = valid
|
|
shared = 82236fd272208693e0574555ca465c6cc512163486084fa57f5e1bd2e2ccc0b3
|
|
# The private key has a special value. Implementations using addition
|
|
# subtraction chains for the point multiplication may get the point at infinity
|
|
# as an intermediate result. See CVE_2017_10176
|
|
|
|
# tcId = 108
|
|
# edge case private key
|
|
curve = secp256r1
|
|
private = 0ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632543
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000431028f3377fc8f2b1967edaab90213acad0da9f50897f08f57537f78f116744743a1930189363bbde2ac4cbd1649cdc6f451add71dd2f16a8a867f2b17caa16b
|
|
result = valid
|
|
shared = 06537149664dba1a9924654cb7f787ed224851b0df25ef53fcf54f8f26cd5f3f
|
|
# The private key has a special value. Implementations using addition
|
|
# subtraction chains for the point multiplication may get the point at infinity
|
|
# as an intermediate result. See CVE_2017_10176
|
|
|
|
# tcId = 109
|
|
# edge case private key
|
|
curve = secp256r1
|
|
private = 0ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254b
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000431028f3377fc8f2b1967edaab90213acad0da9f50897f08f57537f78f116744743a1930189363bbde2ac4cbd1649cdc6f451add71dd2f16a8a867f2b17caa16b
|
|
result = valid
|
|
shared = f2b38539bce995d443c7bfeeefadc9e42cc2c89c60bf4e86eac95d51987bd112
|
|
# The private key has a special value. Implementations using addition
|
|
# subtraction chains for the point multiplication may get the point at infinity
|
|
# as an intermediate result. See CVE_2017_10176
|
|
|
|
# tcId = 110
|
|
# edge case private key
|
|
curve = secp256r1
|
|
private = 0ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254e
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000431028f3377fc8f2b1967edaab90213acad0da9f50897f08f57537f78f116744743a1930189363bbde2ac4cbd1649cdc6f451add71dd2f16a8a867f2b17caa16b
|
|
result = valid
|
|
shared = 85a0b58519b28e70a694ec5198f72c4bfdabaa30a70f7143b5b1cd7536f716ca
|
|
|
|
# tcId = 111
|
|
# edge case private key
|
|
curve = secp256r1
|
|
private = 0ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254f
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000431028f3377fc8f2b1967edaab90213acad0da9f50897f08f57537f78f116744743a1930189363bbde2ac4cbd1649cdc6f451add71dd2f16a8a867f2b17caa16b
|
|
result = valid
|
|
shared = 027b013a6f166db655d69d643c127ef8ace175311e667dff2520f5b5c75b7659
|
|
# The private key has a special value. Implementations using addition
|
|
# subtraction chains for the point multiplication may get the point at infinity
|
|
# as an intermediate result. See CVE_2017_10176
|
|
|
|
# tcId = 112
|
|
# CVE-2017-8932
|
|
curve = secp256r1
|
|
private = 2a265f8bcbdcaf94d58519141e578124cb40d64a501fba9c11847b28965bc737
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d03010703420004023819813ac969847059028ea88a1f30dfbcde03fc791d3a252c6b41211882eaf93e4ae433cc12cf2a43fc0ef26400c0e125508224cdb649380f25479148a4ad
|
|
result = valid
|
|
shared = 4d4de80f1534850d261075997e3049321a0864082d24a917863366c0724f5ae3
|
|
|
|
# tcId = 113
|
|
# CVE-2017-8932
|
|
curve = secp256r1
|
|
private = 313f72ff9fe811bf573176231b286a3bdb6f1b14e05c40146590727a71c3bccd
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d03010703420004cc11887b2d66cbae8f4d306627192522932146b42f01d3c6f92bd5c8ba739b06a2f08a029cd06b46183085bae9248b0ed15b70280c7ef13a457f5af382426031
|
|
result = valid
|
|
shared = 831c3f6b5f762d2f461901577af41354ac5f228c2591f84f8a6e51e2e3f17991
|
|
|
|
# tcId = 114
|
|
# public point not on curve
|
|
curve = secp256r1
|
|
private = 4f3414d1589b49f7172d439cbbe78e5b5350dc85dea40cd2d6274740c6e0239c
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d030107034200041510264c189c3d523ff9916abd7069efa6968d8dc7ddb6457d7869b53ea60cdcfafb7ed4786da15d29ee59256f536da3575a4888c1bb0a95b256f4a7e9fd764c
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 115
|
|
# public point = (0,0)
|
|
curve = secp256r1
|
|
private = 4f3414d1589b49f7172d439cbbe78e5b5350dc85dea40cd2d6274740c6e0239c
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 116
|
|
# order =
|
|
# -115792089210356248762697446949407573529996955224135760342422259061068512044369
|
|
curve = secp256r1
|
|
private = 4f3414d1589b49f7172d439cbbe78e5b5350dc85dea40cd2d6274740c6e0239c
|
|
public = 308201333081ec06072a8648ce3d02013081e0020101302c06072a8648ce3d0101022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff30440420ffffffff00000001000000000000000000000000fffffffffffffffffffffffc04205ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b0441046b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2964fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f50221ff00000000ffffffff00000000000000004319055258e8617b0c46353d039cdaaf020101034200041510264c189c3d523ff9916abd7069efa6968d8dc7ddb6457d7869b53ea60cdcfafb7ed4786da15d29ee59256f536da3575a4888c1bb0a95b256f4a7e9fd764a
|
|
result = invalid
|
|
shared =
|
|
# The order of the public key has been modified. If this order is used in a
|
|
# cryptographic primitive instead of the correct order then private keys may
|
|
# leak. E.g. ECDHC in BC 1.52 suffered from this.
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 117
|
|
# order = 0
|
|
curve = secp256r1
|
|
private = 4f3414d1589b49f7172d439cbbe78e5b5350dc85dea40cd2d6274740c6e0239c
|
|
public = 308201133081cc06072a8648ce3d02013081c0020101302c06072a8648ce3d0101022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff30440420ffffffff00000001000000000000000000000000fffffffffffffffffffffffc04205ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b0441046b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2964fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5020100020101034200041510264c189c3d523ff9916abd7069efa6968d8dc7ddb6457d7869b53ea60cdcfafb7ed4786da15d29ee59256f536da3575a4888c1bb0a95b256f4a7e9fd764a
|
|
result = invalid
|
|
shared =
|
|
# The order of the public key has been modified. If this order is used in a
|
|
# cryptographic primitive instead of the correct order then private keys may
|
|
# leak. E.g. ECDHC in BC 1.52 suffered from this.
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 118
|
|
# order = 1
|
|
curve = secp256r1
|
|
private = 4f3414d1589b49f7172d439cbbe78e5b5350dc85dea40cd2d6274740c6e0239c
|
|
public = 308201133081cc06072a8648ce3d02013081c0020101302c06072a8648ce3d0101022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff30440420ffffffff00000001000000000000000000000000fffffffffffffffffffffffc04205ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b0441046b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2964fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5020101020101034200041510264c189c3d523ff9916abd7069efa6968d8dc7ddb6457d7869b53ea60cdcfafb7ed4786da15d29ee59256f536da3575a4888c1bb0a95b256f4a7e9fd764a
|
|
result = acceptable
|
|
shared = d003f5cc83852584061f7a8a28bcb5671ecbda096e16e7accfa8f8d311a3db7a
|
|
# The order of the public key has been modified. If this order is used in a
|
|
# cryptographic primitive instead of the correct order then private keys may
|
|
# leak. E.g. ECDHC in BC 1.52 suffered from this.
|
|
# A parameter that is typically not used for ECDH has been modified. Sometimes
|
|
# libraries ignore small differences between public and private key. For
|
|
# example, a library might ignore an incorrect cofactor in the public key. We
|
|
# consider ignoring such changes as acceptable as long as these differences do
|
|
# not change the outcome of the ECDH computation, i.e. as long as the
|
|
# computation is done on the curve from the private key.
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 119
|
|
# order = 26959946660873538060741835960514744168612397095220107664918121663170
|
|
curve = secp256r1
|
|
private = 4f3414d1589b49f7172d439cbbe78e5b5350dc85dea40cd2d6274740c6e0239c
|
|
public = 3082012f3081e806072a8648ce3d02013081dc020101302c06072a8648ce3d0101022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff30440420ffffffff00000001000000000000000000000000fffffffffffffffffffffffc04205ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b0441046b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2964fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5021d00ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2020101034200041510264c189c3d523ff9916abd7069efa6968d8dc7ddb6457d7869b53ea60cdcfafb7ed4786da15d29ee59256f536da3575a4888c1bb0a95b256f4a7e9fd764a
|
|
result = acceptable
|
|
shared = d003f5cc83852584061f7a8a28bcb5671ecbda096e16e7accfa8f8d311a3db7a
|
|
# The order of the public key has been modified. If this order is used in a
|
|
# cryptographic primitive instead of the correct order then private keys may
|
|
# leak. E.g. ECDHC in BC 1.52 suffered from this.
|
|
# A parameter that is typically not used for ECDH has been modified. Sometimes
|
|
# libraries ignore small differences between public and private key. For
|
|
# example, a library might ignore an incorrect cofactor in the public key. We
|
|
# consider ignoring such changes as acceptable as long as these differences do
|
|
# not change the outcome of the ECDH computation, i.e. as long as the
|
|
# computation is done on the curve from the private key.
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 120
|
|
# generator = (0,0)
|
|
curve = secp256r1
|
|
private = 4f3414d1589b49f7172d439cbbe78e5b5350dc85dea40cd2d6274740c6e0239c
|
|
public = 308201333081ec06072a8648ce3d02013081e0020101302c06072a8648ce3d0101022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff30440420ffffffff00000001000000000000000000000000fffffffffffffffffffffffc04205ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b04410400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551020101034200041510264c189c3d523ff9916abd7069efa6968d8dc7ddb6457d7869b53ea60cdcfafb7ed4786da15d29ee59256f536da3575a4888c1bb0a95b256f4a7e9fd764a
|
|
result = acceptable
|
|
shared = d003f5cc83852584061f7a8a28bcb5671ecbda096e16e7accfa8f8d311a3db7a
|
|
# A parameter that is typically not used for ECDH has been modified. Sometimes
|
|
# libraries ignore small differences between public and private key. For
|
|
# example, a library might ignore an incorrect cofactor in the public key. We
|
|
# consider ignoring such changes as acceptable as long as these differences do
|
|
# not change the outcome of the ECDH computation, i.e. as long as the
|
|
# computation is done on the curve from the private key.
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 121
|
|
# generator not on curve
|
|
curve = secp256r1
|
|
private = 4f3414d1589b49f7172d439cbbe78e5b5350dc85dea40cd2d6274740c6e0239c
|
|
public = 308201333081ec06072a8648ce3d02013081e0020101302c06072a8648ce3d0101022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff30440420ffffffff00000001000000000000000000000000fffffffffffffffffffffffc04205ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b0441046b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2964fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f7022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551020101034200041510264c189c3d523ff9916abd7069efa6968d8dc7ddb6457d7869b53ea60cdcfafb7ed4786da15d29ee59256f536da3575a4888c1bb0a95b256f4a7e9fd764a
|
|
result = acceptable
|
|
shared = d003f5cc83852584061f7a8a28bcb5671ecbda096e16e7accfa8f8d311a3db7a
|
|
# A parameter that is typically not used for ECDH has been modified. Sometimes
|
|
# libraries ignore small differences between public and private key. For
|
|
# example, a library might ignore an incorrect cofactor in the public key. We
|
|
# consider ignoring such changes as acceptable as long as these differences do
|
|
# not change the outcome of the ECDH computation, i.e. as long as the
|
|
# computation is done on the curve from the private key.
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 122
|
|
# cofactor = -1
|
|
curve = secp256r1
|
|
private = 4f3414d1589b49f7172d439cbbe78e5b5350dc85dea40cd2d6274740c6e0239c
|
|
public = 308201333081ec06072a8648ce3d02013081e0020101302c06072a8648ce3d0101022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff30440420ffffffff00000001000000000000000000000000fffffffffffffffffffffffc04205ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b0441046b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2964fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc6325510201ff034200041510264c189c3d523ff9916abd7069efa6968d8dc7ddb6457d7869b53ea60cdcfafb7ed4786da15d29ee59256f536da3575a4888c1bb0a95b256f4a7e9fd764a
|
|
result = invalid
|
|
shared =
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 123
|
|
# cofactor = 0
|
|
curve = secp256r1
|
|
private = 4f3414d1589b49f7172d439cbbe78e5b5350dc85dea40cd2d6274740c6e0239c
|
|
public = 308201333081ec06072a8648ce3d02013081e0020101302c06072a8648ce3d0101022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff30440420ffffffff00000001000000000000000000000000fffffffffffffffffffffffc04205ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b0441046b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2964fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551020100034200041510264c189c3d523ff9916abd7069efa6968d8dc7ddb6457d7869b53ea60cdcfafb7ed4786da15d29ee59256f536da3575a4888c1bb0a95b256f4a7e9fd764a
|
|
result = invalid
|
|
shared =
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 124
|
|
# cofactor = 2
|
|
curve = secp256r1
|
|
private = 4f3414d1589b49f7172d439cbbe78e5b5350dc85dea40cd2d6274740c6e0239c
|
|
public = 308201333081ec06072a8648ce3d02013081e0020101302c06072a8648ce3d0101022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff30440420ffffffff00000001000000000000000000000000fffffffffffffffffffffffc04205ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b0441046b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2964fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551020102034200041510264c189c3d523ff9916abd7069efa6968d8dc7ddb6457d7869b53ea60cdcfafb7ed4786da15d29ee59256f536da3575a4888c1bb0a95b256f4a7e9fd764a
|
|
result = acceptable
|
|
shared = d003f5cc83852584061f7a8a28bcb5671ecbda096e16e7accfa8f8d311a3db7a
|
|
# A parameter that is typically not used for ECDH has been modified. Sometimes
|
|
# libraries ignore small differences between public and private key. For
|
|
# example, a library might ignore an incorrect cofactor in the public key. We
|
|
# consider ignoring such changes as acceptable as long as these differences do
|
|
# not change the outcome of the ECDH computation, i.e. as long as the
|
|
# computation is done on the curve from the private key.
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 125
|
|
# cofactor =
|
|
# 115792089210356248762697446949407573529996955224135760342422259061068512044369
|
|
curve = secp256r1
|
|
private = 4f3414d1589b49f7172d439cbbe78e5b5350dc85dea40cd2d6274740c6e0239c
|
|
public = 308201553082010d06072a8648ce3d020130820100020101302c06072a8648ce3d0101022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff30440420ffffffff00000001000000000000000000000000fffffffffffffffffffffffc04205ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b0441046b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2964fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551034200041510264c189c3d523ff9916abd7069efa6968d8dc7ddb6457d7869b53ea60cdcfafb7ed4786da15d29ee59256f536da3575a4888c1bb0a95b256f4a7e9fd764a
|
|
result = invalid
|
|
shared =
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 126
|
|
# cofactor = None
|
|
curve = secp256r1
|
|
private = 4f3414d1589b49f7172d439cbbe78e5b5350dc85dea40cd2d6274740c6e0239c
|
|
public = 308201303081e906072a8648ce3d02013081dd020101302c06072a8648ce3d0101022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff30440420ffffffff00000001000000000000000000000000fffffffffffffffffffffffc04205ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b0441046b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c2964fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551034200041510264c189c3d523ff9916abd7069efa6968d8dc7ddb6457d7869b53ea60cdcfafb7ed4786da15d29ee59256f536da3575a4888c1bb0a95b256f4a7e9fd764a
|
|
result = acceptable
|
|
shared = d003f5cc83852584061f7a8a28bcb5671ecbda096e16e7accfa8f8d311a3db7a
|
|
# A parameter that is typically not used for ECDH has been modified. Sometimes
|
|
# libraries ignore small differences between public and private key. For
|
|
# example, a library might ignore an incorrect cofactor in the public key. We
|
|
# consider ignoring such changes as acceptable as long as these differences do
|
|
# not change the outcome of the ECDH computation, i.e. as long as the
|
|
# computation is done on the curve from the private key.
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 127
|
|
# modified prime
|
|
curve = secp256r1
|
|
private = 4f3414d1589b49f7172d439cbbe78e5b5350dc85dea40cd2d6274740c6e0239c
|
|
public = 308201333081ec06072a8648ce3d02013081e0020101302c06072a8648ce3d0101022100fd091059a6893635f900e9449d63f572b2aebc4cff7b4e5e33f1b200e8bbc1453044042002f6efa55976c9cb06ff16bb629c0a8d4d5143b40084b1a1cc0e4dff17443eb704205ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b0441040000000000000000000006597fa94b1fd90000000000000000000000000000021b8c7dd77f9a95627922eceefea73f028f1ec95ba9b8fa95a3ad24bdf9fff414022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551020101034200040000000000000000000006597fa94b1fd90000000000000000000000000000021b8c7dd77f9a95627922eceefea73f028f1ec95ba9b8fa95a3ad24bdf9fff414
|
|
result = invalid
|
|
shared =
|
|
# The modulus of the public key has been modified. The public point of the
|
|
# public key has been chosen so that it is both a point on both the curve of the
|
|
# modified public key and the private key.
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 128
|
|
# using secp224r1
|
|
curve = secp256r1
|
|
private = 4f3414d1589b49f7172d439cbbe78e5b5350dc85dea40cd2d6274740c6e0239c
|
|
public = 304e301006072a8648ce3d020106052b81040021033a0004074f56dc2ea648ef89c3b72e23bbd2da36f60243e4d2067b70604af1c2165cec2f86603d60c8a611d5b84ba3d91dfe1a480825bcc4af3bcf
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 129
|
|
# using secp256k1
|
|
curve = secp256r1
|
|
private = 4f3414d1589b49f7172d439cbbe78e5b5350dc85dea40cd2d6274740c6e0239c
|
|
public = 3056301006072a8648ce3d020106052b8104000a03420004a1263e75b87ae0937060ff1472f330ee55cdf8f4329d6284a9ebfbcc856c11684225e72cbebff41e54fb6f00e11afe53a17937bedbf2df787f8ef9584f775838
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 130
|
|
# a = 0
|
|
curve = secp256r1
|
|
private = 4f3414d1589b49f7172d439cbbe78e5b5350dc85dea40cd2d6274740c6e0239c
|
|
public = 308201143081cd06072a8648ce3d02013081c1020101302c06072a8648ce3d0101022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff302504010004201b95c2f46065dbf0f3ff09153e4748ed71595e0774ba8e25c364ff1e6be039b70441041510264c189c3d523ff9916abd7069efa6968d8dc7ddb6457d7869b53ea60cdcfafb7ed4786da15d29ee59256f536da3575a4888c1bb0a95b256f4a7e9fd764a022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551020101034200041510264c189c3d523ff9916abd7069efa6968d8dc7ddb6457d7869b53ea60cdcfafb7ed4786da15d29ee59256f536da3575a4888c1bb0a95b256f4a7e9fd764a
|
|
result = acceptable
|
|
shared = d003f5cc83852584061f7a8a28bcb5671ecbda096e16e7accfa8f8d311a3db7a
|
|
# A parameter that is typically not used for ECDH has been modified. Sometimes
|
|
# libraries ignore small differences between public and private key. For
|
|
# example, a library might ignore an incorrect cofactor in the public key. We
|
|
# consider ignoring such changes as acceptable as long as these differences do
|
|
# not change the outcome of the ECDH computation, i.e. as long as the
|
|
# computation is done on the curve from the private key.
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 131
|
|
# public key of order 3
|
|
curve = secp256r1
|
|
private = 4f3414d1589b49f7172d439cbbe78e5b5350dc85dea40cd2d6274740c6e0239c
|
|
public = 308201333081ec06072a8648ce3d02013081e0020101302c06072a8648ce3d0101022100ffffffff00000001000000000000000000000000ffffffffffffffffffffffff30440420e3435a62422acfac83186b528c3c7106bc47f9bddfb4baa77765fb05ad2d75aa04206f9039d823ca56b22f7335d612f6e5b974e3b6dc099a9529dd3222ba971f92f4044104d1a62cae3b48c380bd5003fe1b46a37de15841c34d0b3bc99aa24f33a242016ef3512324ec1eae01073f9ab5ca214d0562906852b3e2c8c9ee3579199818e7e8022100ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63255102010103420004d1a62cae3b48c380bd5003fe1b46a37de15841c34d0b3bc99aa24f33a242016e0caedcda13e151fff8c0654a35deb2fa9d6f97ae4c1d373611ca86e667e71817
|
|
result = invalid
|
|
shared =
|
|
# The vector contains a weak public key. The curve is not a named curve, the
|
|
# public key point has order 3 and has been chosen to be on the same curve as
|
|
# the private key. This test vector is used to check ECC implementations for
|
|
# missing steps in the verification of the public key.
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 132
|
|
# Private key and public key are not on the same curve
|
|
curve = secp256r1
|
|
private = 0b44f9670fedba887ad8e806226063e77604b27c362836326e93ecb7fcc6dc297
|
|
public = 304e301006072a8648ce3d020106052b81040021033a00042af270d2a6030e3dd38cc46e7d719f176c2ca4eb04d7e8b84290c8edbcaed964ebe226b2d7ce17251622804c0d3b7adce020a3cdc97cac6c
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 133
|
|
# Private key and public key are not on the same curve
|
|
curve = secp256r1
|
|
private = 0b44f9670fedba887ad8e806226063e77604b27c362836326e93ecb7fcc6dc297
|
|
public = 3076301006072a8648ce3d020106052b81040022036200041f17901e731b06f349b6e9d7d17d45e8a2b46115a47485be16197932db87b39405b5c941b36fd61b9ef7dd20878e129e55a2277099c601dcdb3747f80ad6e166116378e1ebce2c95744a0986128cfeeaac7f90b71787d9a1cfe417cd4c8f6af5
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 134
|
|
# Private key and public key are not on the same curve
|
|
curve = secp256r1
|
|
private = 0b44f9670fedba887ad8e806226063e77604b27c362836326e93ecb7fcc6dc297
|
|
public = 30819b301006072a8648ce3d020106052b81040023038186000400ed76e5888428fad409ff203ab298b0f24827c091939ae0f9b1245d865ac5fbcd2749f9ae6c90fa8e29414d1bc7dc7b3c4aca904cd824484421cc66fe6af43bdfd200c1f790a0b3ae994937f91b6bdb9778b08c83ecadb8cba22a78c37bf565dac164f18e719be0ef890ee5cbf20e17fcfc9a5585e5416470b9862f82fb769339994f4e
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 135
|
|
# Private key and public key are not on the same curve
|
|
curve = secp256r1
|
|
private = 0b44f9670fedba887ad8e806226063e77604b27c362836326e93ecb7fcc6dc297
|
|
public = 3056301006072a8648ce3d020106052b8104000a034200048028d16082b07696d4aa4aab9d6b1f1463435ac097900631108f9888e13da67c4841fd8dd3ced6e7ad8c6fc656621c2f93d3db0eb29d48d1423154519865dbc1
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 136
|
|
# Private key and public key are not on the same curve
|
|
curve = secp256r1
|
|
private = 0b44f9670fedba887ad8e806226063e77604b27c362836326e93ecb7fcc6dc297
|
|
public = 3052301406072a8648ce3d020106092b2403030208010105033a0004a6bae3d155c1f9ca263928c986ede69acefd0dd9b3a19d2b9f4b0a3a66bea5d167318dcc028945fc1b40c60ce716ba2d414a743c6b856a6f
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 137
|
|
# Private key and public key are not on the same curve
|
|
curve = secp256r1
|
|
private = 0b44f9670fedba887ad8e806226063e77604b27c362836326e93ecb7fcc6dc297
|
|
public = 305a301406072a8648ce3d020106092b2403030208010107034200045d3ddbbb9bc071d8b59855c74bdf3541ae4cb6c1a24ec439034df7abde16a346523edf6a67896b304cb2cd2a083eec2b16935bbc910e85ec6eae38b50230bf70
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 138
|
|
# Private key and public key are not on the same curve
|
|
curve = secp256r1
|
|
private = 0b44f9670fedba887ad8e806226063e77604b27c362836326e93ecb7fcc6dc297
|
|
public = 306a301406072a8648ce3d020106092b240303020801010903520004a43c6ef2500723d54c1fc88f8844d83445ca5a0f585c10b8eb3f022d47d0e84862b7f5cbf97d352d4348ca730f600f2258d1d192da223f6ba83a7cc0d6da598d55c2b77824d326c8df000b8fff156d2c
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 139
|
|
# Private key and public key are not on the same curve
|
|
curve = secp256r1
|
|
private = 0b44f9670fedba887ad8e806226063e77604b27c362836326e93ecb7fcc6dc297
|
|
public = 307a301406072a8648ce3d020106092b240303020801010b036200042391c062833d1e6d89ec256cf4a3989534c1ead5e1e14ffae933a53f962857e4713087e1b3d65ac79634c71577af24698b5ce959183835551f7b08aef7853378c299930b360813fd58d5e4da8b37d5a7473e891ee11cb02881bd848b364fb7d5
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 140
|
|
# Private key and public key are not on the same curve
|
|
curve = secp256r1
|
|
private = 0b44f9670fedba887ad8e806226063e77604b27c362836326e93ecb7fcc6dc297
|
|
public = 30819b301406072a8648ce3d020106092b240303020801010d038182000484beae85096640953c1fd6ebbc32697263d53f89943cbaf14432061aea8c0318acbd9389ab1d2e904fa0e081d08cfabb614ed9bca618211142d94623c14b476a25e47abf98fd3b1da1417dfc2e2cfc8424b16ea14dd45e1422be7d4e0a5cc7f4d4ab5f198cdbaaa3f642ec6361842cbe869382ee78cd596ff5e740d9ec2c3ad6
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 141
|
|
# Private key and public key are not on the same curve
|
|
curve = secp256r1
|
|
private = 0b44f9670fedba887ad8e806226063e77604b27c362836326e93ecb7fcc6dc297
|
|
public = 3052301406072a8648ce3d020106092b2403030208010106033a00042b0a1a858ffc44e7752940731d378f96570837e279ea3948fe00cff8b5f89adb4e2fe6f8781ba6426364f4590b34dd79fc80629de4a86084
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 142
|
|
# Private key and public key are not on the same curve
|
|
curve = secp256r1
|
|
private = 0b44f9670fedba887ad8e806226063e77604b27c362836326e93ecb7fcc6dc297
|
|
public = 305a301406072a8648ce3d020106092b2403030208010108034200043037c01b4a5ac53742e3f5528dffb0f010ab6ebeb08d792b32e19e9006ca331a024b67698d7cf4b575ccd9389441d5c640b77c63771cef1bd85675361c6602a4
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 143
|
|
# Private key and public key are not on the same curve
|
|
curve = secp256r1
|
|
private = 0b44f9670fedba887ad8e806226063e77604b27c362836326e93ecb7fcc6dc297
|
|
public = 306a301406072a8648ce3d020106092b240303020801010a035200040f0fd972a495a140124a4019291a20f5b39fb755c126bf268643bb3091eca44f2a3cda1dead6ab1f4fe08a4b3872423f71e5bf96b1c20bc0ca73b7e2c134cc14a5f77bc838ebcf01084da3bf15663536
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 144
|
|
# Private key and public key are not on the same curve
|
|
curve = secp256r1
|
|
private = 0b44f9670fedba887ad8e806226063e77604b27c362836326e93ecb7fcc6dc297
|
|
public = 307a301406072a8648ce3d020106092b240303020801010c0362000403b65faf5a6bf74bd5c166278a4b566c6c705ac6363e61f3b0699e116d3c5b19e8b7021b75b005f78a8cea8de34c49397f9b3b2bfc8706eb8163c802371eff7dfc825c40aa84dd9d1c4b34615ee5ae28c6c05d58d2a8ccc3786382b712d3bcda
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 145
|
|
# Private key and public key are not on the same curve
|
|
curve = secp256r1
|
|
private = 0b44f9670fedba887ad8e806226063e77604b27c362836326e93ecb7fcc6dc297
|
|
public = 30819b301406072a8648ce3d020106092b240303020801010e03818200047504d660943a69ab043378e44c034896534a346e0e95f35fcaad3503b490856bfb20a753ecabc6d7bfeec28d057f919923b7d3c086953eb16c5bd287b59788db72dbb7c273854294c927ea7eca205aae2f0830e5faaddad8316231bfc3572c85c33cb7054e04c8936e3ce059c907e59f40593444e590b31820bc1f514ed0ec8a
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 146
|
|
# invalid public key
|
|
curve = secp256r1
|
|
private = 6f953faff3599e6c762d7f4cabfeed092de2add1df1bc5748c6cbb725cf35458
|
|
public = 3039301306072a8648ce3d020106082a8648ce3d03010703220002fd4bf61763b46581fd9174d623516cf3c81edd40e29ffa2777fb6cb0ae3ce535
|
|
result = invalid
|
|
shared =
|
|
# The point in the public key is compressed. Not every library supports points
|
|
# in compressed format.
|
|
|
|
# tcId = 147
|
|
# public key is a low order point on twist
|
|
curve = secp256r1
|
|
private = 0d27edf0ff5b6b6b465753e7158370332c153b468a1be087ad0f490bdb99e5f02
|
|
public = 3039301306072a8648ce3d020106082a8648ce3d03010703220003efdde3b32872a9effcf3b94cbf73aa7b39f9683ece9121b9852167f4e3da609b
|
|
result = invalid
|
|
shared =
|
|
# The point in the public key is compressed. Not every library supports points
|
|
# in compressed format.
|
|
|
|
# tcId = 148
|
|
# public key is a low order point on twist
|
|
curve = secp256r1
|
|
private = 0d27edf0ff5b6b6b465753e7158370332c153b468a1be087ad0f490bdb99e5f03
|
|
public = 3039301306072a8648ce3d020106082a8648ce3d03010703220002efdde3b32872a9effcf3b94cbf73aa7b39f9683ece9121b9852167f4e3da609b
|
|
result = invalid
|
|
shared =
|
|
# The point in the public key is compressed. Not every library supports points
|
|
# in compressed format.
|
|
|
|
# tcId = 149
|
|
# public key is a low order point on twist
|
|
curve = secp256r1
|
|
private = 095ead84540c2d027aa3130ff1b47888cc1ed67e8dda46156e71ce0991791e835
|
|
public = 3039301306072a8648ce3d020106082a8648ce3d03010703220002c49524b2adfd8f5f972ef554652836e2efb2d306c6d3b0689234cec93ae73db5
|
|
result = invalid
|
|
shared =
|
|
# The point in the public key is compressed. Not every library supports points
|
|
# in compressed format.
|
|
|
|
# tcId = 150
|
|
# public key is a low order point on twist
|
|
curve = secp256r1
|
|
private = 0a8681ef67fb1f189647d95e8db00c52ceef6d41a85ba0a5bd74c44e8e62c8aa4
|
|
public = 3039301306072a8648ce3d020106082a8648ce3d0301070322000318f9bae7747cd844e98525b7ccd0daf6e1d20a818b2175a9a91e4eae5343bc98
|
|
result = invalid
|
|
shared =
|
|
# The point in the public key is compressed. Not every library supports points
|
|
# in compressed format.
|
|
|
|
# tcId = 151
|
|
# public key is a low order point on twist
|
|
curve = secp256r1
|
|
private = 0a8681ef67fb1f189647d95e8db00c52ceef6d41a85ba0a5bd74c44e8e62c8aa5
|
|
public = 3039301306072a8648ce3d020106082a8648ce3d0301070322000218f9bae7747cd844e98525b7ccd0daf6e1d20a818b2175a9a91e4eae5343bc98
|
|
result = invalid
|
|
shared =
|
|
# The point in the public key is compressed. Not every library supports points
|
|
# in compressed format.
|
|
|
|
# tcId = 152
|
|
# public key is a low order point on twist
|
|
curve = secp256r1
|
|
private = 095ead84540c2d027aa3130ff1b47888cc1ed67e8dda46156e71ce0991791e834
|
|
public = 3039301306072a8648ce3d020106082a8648ce3d03010703220003c49524b2adfd8f5f972ef554652836e2efb2d306c6d3b0689234cec93ae73db5
|
|
result = invalid
|
|
shared =
|
|
# The point in the public key is compressed. Not every library supports points
|
|
# in compressed format.
|
|
|
|
[curve = secp384r1]
|
|
|
|
# tcId = 153
|
|
# normal case
|
|
curve = secp384r1
|
|
private = 766e61425b2da9f846c09fc3564b93a6f8603b7392c785165bf20da948c49fd1fb1dee4edd64356b9f21c588b75dfd81
|
|
public = 3076301006072a8648ce3d020106052b8104002203620004790a6e059ef9a5940163183d4a7809135d29791643fc43a2f17ee8bf677ab84f791b64a6be15969ffa012dd9185d8796d9b954baa8a75e82df711b3b56eadff6b0f668c3b26b4b1aeb308a1fcc1c680d329a6705025f1c98a0b5e5bfcb163caa
|
|
result = valid
|
|
shared = 6461defb95d996b24296f5a1832b34db05ed031114fbe7d98d098f93859866e4de1e229da71fef0c77fe49b249190135
|
|
|
|
# tcId = 154
|
|
# compressed public key
|
|
curve = secp384r1
|
|
private = 766e61425b2da9f846c09fc3564b93a6f8603b7392c785165bf20da948c49fd1fb1dee4edd64356b9f21c588b75dfd81
|
|
public = 3046301006072a8648ce3d020106052b8104002203320002790a6e059ef9a5940163183d4a7809135d29791643fc43a2f17ee8bf677ab84f791b64a6be15969ffa012dd9185d8796
|
|
result = acceptable
|
|
shared = 6461defb95d996b24296f5a1832b34db05ed031114fbe7d98d098f93859866e4de1e229da71fef0c77fe49b249190135
|
|
# The point in the public key is compressed. Not every library supports points
|
|
# in compressed format.
|
|
|
|
# tcId = 155
|
|
# edge cases for shared secret
|
|
curve = secp384r1
|
|
private = 0a2b6442a37f8a3759d2cb91df5eca75b14f5a6766da8035cc1943b15a8e4ebb6025f373be334080f22ab821a3535a6a7
|
|
public = 3076301006072a8648ce3d020106052b8104002203620004490e96d17f4c6ceccd45def408cea33e9704a5f1b01a3de2eaaa3409fd160d78d395d6b3b003d71fd1f590fad95bf1c9d8665efc2070d059aa847125c2f707435955535c7c5df6d6c079ec806dce6b6849d337140db7ca50616f9456de1323c4
|
|
result = valid
|
|
shared = 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
|
|
|
|
# tcId = 156
|
|
# edge cases for shared secret
|
|
curve = secp384r1
|
|
private = 0a2b6442a37f8a3759d2cb91df5eca75b14f5a6766da8035cc1943b15a8e4ebb6025f373be334080f22ab821a3535a6a7
|
|
public = 3076301006072a8648ce3d020106052b81040022036200040161328909675213e32098d35a6b8308a8d500cca39dcee5e804e73bdb8deaf06fe417291fd9793b231ef5fe86945444a97a01f3ae3a8310c4af49b592cb291ef70ee5bc7f5534d3c23dc9eefde2304842c7737ae937ccf9bd215c28103e9fe2
|
|
result = valid
|
|
shared = 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002
|
|
|
|
# tcId = 157
|
|
# edge cases for shared secret
|
|
curve = secp384r1
|
|
private = 0a2b6442a37f8a3759d2cb91df5eca75b14f5a6766da8035cc1943b15a8e4ebb6025f373be334080f22ab821a3535a6a7
|
|
public = 3076301006072a8648ce3d020106052b81040022036200041478ab6e032b9545eda9ac2c264e57a11f08acbc76d16a0ab77b04dbdaf20f215c4183437b32afc471eaa603d14c7c5d8a4c84ee0e895bec5c37f0a1ca075e106ff6bf38801b5c697409d39675231108d33c4a5ea65aaa8c03e939c95d96c4c4
|
|
result = valid
|
|
shared = 0000000000000000ffffffffffffffff0000000000000000ffffffffffffffff00000000000000010000000000000001
|
|
|
|
# tcId = 158
|
|
# edge cases for shared secret
|
|
curve = secp384r1
|
|
private = 0a2b6442a37f8a3759d2cb91df5eca75b14f5a6766da8035cc1943b15a8e4ebb6025f373be334080f22ab821a3535a6a7
|
|
public = 3076301006072a8648ce3d020106052b8104002203620004f63208e34e7e90bb5fb036432467a89981444010663b8533b47bfa94bd2bc16f38aa516b930a4726e3876d3091bfb72ec783ed4da0cac06320817dc8bc64f59ccf06f48abc4386a150913fa95743a7b4601190e1c6ee8f8bf6354b254ecace45
|
|
result = valid
|
|
shared = 00000000ffffffff00000000ffffffff00000000ffffffff00000000ffffffff00000000ffffffff00000000ffffffff
|
|
|
|
# tcId = 159
|
|
# edge cases for shared secret
|
|
curve = secp384r1
|
|
private = 0a2b6442a37f8a3759d2cb91df5eca75b14f5a6766da8035cc1943b15a8e4ebb6025f373be334080f22ab821a3535a6a7
|
|
public = 3076301006072a8648ce3d020106052b8104002203620004033271ef42d92ad47b273b09ea2f45401161baa52696590d0e175ff2d1c0dfa3fea40e4266d446546c05e480d57fabec7889f16a8bcc176602f6d46561614a2f4284abe697b7cb9ce79f7e2e71b155cb1f155ce925d16391a680eda23152e6e1
|
|
result = valid
|
|
shared = 0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff
|
|
|
|
# tcId = 160
|
|
# edge cases for shared secret
|
|
curve = secp384r1
|
|
private = 0a2b6442a37f8a3759d2cb91df5eca75b14f5a6766da8035cc1943b15a8e4ebb6025f373be334080f22ab821a3535a6a7
|
|
public = 3076301006072a8648ce3d020106052b8104002203620004737e8437e18683de2455b68945bba31daec3e754d72f0a0776d3192b2f9298bb95ca1464baa6687aabb679f804cf6ec6c2b4d47d61a60404df63b1e9ac0954b3419bbc2ad52a0409aeeb82f4703758588059165b20367dcb4b235b0caf71d727
|
|
result = valid
|
|
shared = 007fff0001fffc0007fff0001fffc0007fff0001fffc0007fff0001fffc0007fff0001fffc0007fff0001fffc0008000
|
|
|
|
# tcId = 161
|
|
# edge cases for shared secret
|
|
curve = secp384r1
|
|
private = 0a2b6442a37f8a3759d2cb91df5eca75b14f5a6766da8035cc1943b15a8e4ebb6025f373be334080f22ab821a3535a6a7
|
|
public = 3076301006072a8648ce3d020106052b81040022036200042664624307c02ef487030a632162c515f841d15ea3152d98ff2364232d7aab39343d5f703a4d5a31092aa7356c3a2f671c1cd603addfd8b5477552a3b32a18edaf3e33bec22ee2167f9da729636002a7974eaeb5ff082b2aabf8c7056b84c3ab
|
|
result = valid
|
|
shared = 7fffffe000000ffffffc000001ffffff8000003ffffff0000007fffffe000000ffffffc000001ffffff8000004000002
|
|
|
|
# tcId = 162
|
|
# edge cases for shared secret
|
|
curve = secp384r1
|
|
private = 0a2b6442a37f8a3759d2cb91df5eca75b14f5a6766da8035cc1943b15a8e4ebb6025f373be334080f22ab821a3535a6a7
|
|
public = 3076301006072a8648ce3d020106052b8104002203620004665f1f320b6ab1c1b52d144e52d87a154c2b4489838c9119de622c2d1b52b65b0a3955e44e0d4859175360c0f63dee813f14f69972f18caed7916c94a4d20ec344591e7536a4a7a4d8c9832818c96d60b1a81fabe64ea02c5f647e361bf5b60f
|
|
result = valid
|
|
shared = 800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002
|
|
|
|
# tcId = 163
|
|
# edge cases for shared secret
|
|
curve = secp384r1
|
|
private = 0a2b6442a37f8a3759d2cb91df5eca75b14f5a6766da8035cc1943b15a8e4ebb6025f373be334080f22ab821a3535a6a7
|
|
public = 3076301006072a8648ce3d020106052b810400220362000491357ca87dbb08e85d7b1acecfd1e086078a82d19f81474da389364a39fe2543eb934b440173c38e61a1d9407855b5d89ef0d9e920764b6d7765b084cf9541dacc43d1dabaa390b0fb856097b0c00a8556f4e3848568ab4ae790c3d346ca01b6
|
|
result = valid
|
|
shared = fff00000001fffffffc00000007fffffff00000001fffffffc00000007fffffff00000001fffffffc00000007fffffff
|
|
|
|
# tcId = 164
|
|
# edge cases for shared secret
|
|
curve = secp384r1
|
|
private = 0a2b6442a37f8a3759d2cb91df5eca75b14f5a6766da8035cc1943b15a8e4ebb6025f373be334080f22ab821a3535a6a7
|
|
public = 3076301006072a8648ce3d020106052b8104002203620004d5a833bae33b2d10fdff6db7c5477adb614b191c70d97c6f130a14e93931cc1dc058053fee54a264a00fdd16d3166fdc42992276b79925bafcd183b03ed18235350980abfe67b814c6c11074c38f74cd4e734ad58cdb49d9fcd2181d1b8f1119
|
|
result = valid
|
|
shared = fffff0000003ffffff0000003ffffff0000003ffffff0000003ffffff0000003ffffff0000003ffffff0000004000000
|
|
|
|
# tcId = 165
|
|
# edge cases for shared secret
|
|
curve = secp384r1
|
|
private = 0a2b6442a37f8a3759d2cb91df5eca75b14f5a6766da8035cc1943b15a8e4ebb6025f373be334080f22ab821a3535a6a7
|
|
public = 3076301006072a8648ce3d020106052b810400220362000467547cda7fbe8f16be5a4477cbb02979f1af72fc0f39302773552fbcf4667a8e23abc0e12856ee6234deeca5f22ae0503a4df7c068e7432417260cb9fe0d68b9c7fcf7e16a2ada05687d8f8900b84723103edbff0a42b27517da2760b7d38843
|
|
result = valid
|
|
shared = ffffff00000003fffffff00000003fffffff00000003fffffff00000003fffffff00000003fffffff00000003fffffff
|
|
|
|
# tcId = 166
|
|
# edge cases for shared secret
|
|
curve = secp384r1
|
|
private = 0a2b6442a37f8a3759d2cb91df5eca75b14f5a6766da8035cc1943b15a8e4ebb6025f373be334080f22ab821a3535a6a7
|
|
public = 3076301006072a8648ce3d020106052b81040022036200041363e3b99008e09bb3f085949b9b6ea26a318f496de568a96630fdb9d4c72c2814df3087a1741f32f24989b428167f93c653cb3ae8c3ecfaec57efd54bb8ce9d79c7bf6cc70fb1114f939be8f1a99bf1e42b97431124ef9fa33450faa4e76839
|
|
result = valid
|
|
shared = ffffffffffff00000000000000ffffffffffffff00000000000000ffffffffffffff0000000000000100000000000001
|
|
|
|
# tcId = 167
|
|
# edge cases for shared secret
|
|
curve = secp384r1
|
|
private = 0a2b6442a37f8a3759d2cb91df5eca75b14f5a6766da8035cc1943b15a8e4ebb6025f373be334080f22ab821a3535a6a7
|
|
public = 3076301006072a8648ce3d020106052b8104002203620004ba2be8d7147e2417c2ec80b24b4c1aa94464ffd0aae1fa2e078b3afbc77c144489ca9d064acbb7a9cfa6196d0f467b7e65ee1ca1eb1351ff9968f553dfe2e4c59ff8ba34c22a42b3baa13a9a1adc7f13abd40f1fd25d46bc5330852b9371966a
|
|
result = valid
|
|
shared = ffffffffffffffffffffffffffffffff00000000000000000000000000000000ffffffffffffffffffffffffffffffff
|
|
|
|
# tcId = 168
|
|
# edge cases for shared secret
|
|
curve = secp384r1
|
|
private = 0a2b6442a37f8a3759d2cb91df5eca75b14f5a6766da8035cc1943b15a8e4ebb6025f373be334080f22ab821a3535a6a7
|
|
public = 3076301006072a8648ce3d020106052b8104002203620004d69850ccbacc4736ea200ff2f8488f26247945a2ab48dd3708f494b293d8cba83417f48974881c7fb03854089bbf66cc1c773ec03cb8cd5f007ec3b03bdd05a409b352103f0decf25b41673ab8ca3d04334babee01219f15701f2bca22d40b37
|
|
result = valid
|
|
shared = fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffe
|
|
|
|
# tcId = 169
|
|
# edge cases for ephemeral key
|
|
curve = secp384r1
|
|
private = 2bc15cf3981eab6102c39f9a925aa1309db59c2c02a54411928d73c3945d157848dc36959efef7495c8528ea284c1c97
|
|
public = 3076301006072a8648ce3d020106052b81040022036200040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003cf99ef04f51a5ea630ba3f9f960dd593a14c9be39fd2bd215d3b4b08aaaf86bbf927f2c46e52ab06fb742b8850e521e
|
|
result = valid
|
|
shared = 6092a1757ddd43a04e185ff9472a0d18c7f7a7dc802f7e059e0c69ae16c802651719406e04de27652ff83da4a780ef2f
|
|
|
|
# tcId = 170
|
|
# edge cases for ephemeral key
|
|
curve = secp384r1
|
|
private = 2bc15cf3981eab6102c39f9a925aa1309db59c2c02a54411928d73c3945d157848dc36959efef7495c8528ea284c1c97
|
|
public = 3076301006072a8648ce3d020106052b8104002203620004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002732152442fb6ee5c3e6ce1d920c059bc623563814d79042b903ce60f1d4487fccd450a86da03f3e6ed525d02017bfdb3
|
|
result = valid
|
|
shared = 89c804cb81443386b185bcd9e2e6c35ee6177c3b90298985c4e81a89d520cceb17d729540e56ecc343c26bf314f2d052
|
|
|
|
# tcId = 171
|
|
# edge cases for ephemeral key
|
|
curve = secp384r1
|
|
private = 2bc15cf3981eab6102c39f9a925aa1309db59c2c02a54411928d73c3945d157848dc36959efef7495c8528ea284c1c97
|
|
public = 3076301006072a8648ce3d020106052b81040022036200040000000000000000ffffffffffffffff0000000000000000ffffffffffffffff00000000000000010000000000000001141b9ee5310ea8170131b604484a6d677ed42576045b7143c026710ae92b277afbbea0c4458c220d561e69404dc7d888
|
|
result = valid
|
|
shared = 102080c047881d19aefb01c29c82a4fb328a8ea6e6d6c914af73100507c8ee499799aaa646de0ea8c2727c0b5ed2439b
|
|
|
|
# tcId = 172
|
|
# edge cases for ephemeral key
|
|
curve = secp384r1
|
|
private = 2bc15cf3981eab6102c39f9a925aa1309db59c2c02a54411928d73c3945d157848dc36959efef7495c8528ea284c1c97
|
|
public = 3076301006072a8648ce3d020106052b810400220362000400000000ffffffff00000000ffffffff00000000ffffffff00000000ffffffff00000000ffffffff00000000ffffffff70370385413d3eff6fa3407ba24f682c2b01b51445dbdf5ef7b0dd0979f17e713e09081571f1e94dfb66bf282002f39f
|
|
result = valid
|
|
shared = f689f6e475b4e15162521acab4637a3cdb9cb42aa92f9114b0ee300ddae89d5eafff3463a1f5004a2a1bd4aeffa47b78
|
|
|
|
# tcId = 173
|
|
# edge cases for ephemeral key
|
|
curve = secp384r1
|
|
private = 2bc15cf3981eab6102c39f9a925aa1309db59c2c02a54411928d73c3945d157848dc36959efef7495c8528ea284c1c97
|
|
public = 3076301006072a8648ce3d020106052b81040022036200040000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff112e191f1f78bbc54b6cc4f0b1e59ae8c6ff1a07f5128e41dfa2828e1b6538d4fa2ca2394c6aab3449dcb3fc4eb44c09
|
|
result = valid
|
|
shared = f3486244119b3632fd55be9e6951eb5d9c8c62f6a27042f94b924155ecfd4ff8744ba3d25bcf85a7b925bd28a12b897f
|
|
|
|
# tcId = 174
|
|
# edge cases for ephemeral key
|
|
curve = secp384r1
|
|
private = 2bc15cf3981eab6102c39f9a925aa1309db59c2c02a54411928d73c3945d157848dc36959efef7495c8528ea284c1c97
|
|
public = 3076301006072a8648ce3d020106052b8104002203620004007fff0001fffc0007fff0001fffc0007fff0001fffc0007fff0001fffc0007fff0001fffc0007fff0001fffc0008000028a4c8da5a05112fe6025ef41908969de20d05d9668e5c852ef2d492172ddc2a0a622fc488164fcc1a076b872942af2
|
|
result = valid
|
|
shared = 8171b7c80d4c90bb58ae54393921ab9c5c0b3196f045e9fe5c8b168f0e5f6a77e1aa34ecedc5481ce55ab34c14e0f2e8
|
|
|
|
# tcId = 175
|
|
# edge cases for ephemeral key
|
|
curve = secp384r1
|
|
private = 2bc15cf3981eab6102c39f9a925aa1309db59c2c02a54411928d73c3945d157848dc36959efef7495c8528ea284c1c97
|
|
public = 3076301006072a8648ce3d020106052b81040022036200047fffffe000000ffffffc000001ffffff8000003ffffff0000007fffffe000000ffffffc000001ffffff80000040000024480ab33cb4bf7cb79c024eeade3fd641e2f3003698400e8986a7343a5da59a3b26eea4b4176e53239371437d834a1a7
|
|
result = valid
|
|
shared = 1911a0ee6aebe263fdcf3db073f2598cdafabec2123a2f24a28c3d9151c871f32d6dc2f31d25af9c498fd68da23e5bef
|
|
|
|
# tcId = 176
|
|
# edge cases for ephemeral key
|
|
curve = secp384r1
|
|
private = 2bc15cf3981eab6102c39f9a925aa1309db59c2c02a54411928d73c3945d157848dc36959efef7495c8528ea284c1c97
|
|
public = 3076301006072a8648ce3d020106052b81040022036200048000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020797da4c0751ced16de80d16ab7c654a5dc27d092626d0865a192a1c5ea7c1b88c9fcab057946741e41cc28c80ec0b9a
|
|
result = valid
|
|
shared = 15900643e2e0583976974b05f83c7a96611425f7c4a6eb51916ab958a037fd9cc172bdcfff4540a2ff3ce64e6505557e
|
|
|
|
# tcId = 177
|
|
# edge cases for ephemeral key
|
|
curve = secp384r1
|
|
private = 2bc15cf3981eab6102c39f9a925aa1309db59c2c02a54411928d73c3945d157848dc36959efef7495c8528ea284c1c97
|
|
public = 3076301006072a8648ce3d020106052b8104002203620004fff00000001fffffffc00000007fffffff00000001fffffffc00000007fffffff00000001fffffffc00000007fffffff6c70898ae6fb31fa2f086562af2d10486ba4c6fd5e41dfe4aa61598b4707a3bc276a62feb1b98557e3b17c025f7adf4e
|
|
result = valid
|
|
shared = 88a544a769d5c34a051416bd509dfac911863f604c83ea844bf0e4c5c272dec86d057a88b152a9274701938c705900c3
|
|
|
|
# tcId = 178
|
|
# edge cases for ephemeral key
|
|
curve = secp384r1
|
|
private = 2bc15cf3981eab6102c39f9a925aa1309db59c2c02a54411928d73c3945d157848dc36959efef7495c8528ea284c1c97
|
|
public = 3076301006072a8648ce3d020106052b8104002203620004fffff0000003ffffff0000003ffffff0000003ffffff0000003ffffff0000003ffffff0000003ffffff00000040000000eb1592858b6e6e3a199c0f3e7c5f0b4a92915936efb8bc0407680eb7274be7422156ce8cfc8b505b2d902c39992380f
|
|
result = valid
|
|
shared = b7db26b286e7527cb1f454782fe541862ff0f8d7eed960e22855deb7ac2a69611668c777c53bb74c2bcd40edfbf7944d
|
|
|
|
# tcId = 179
|
|
# edge cases for ephemeral key
|
|
curve = secp384r1
|
|
private = 2bc15cf3981eab6102c39f9a925aa1309db59c2c02a54411928d73c3945d157848dc36959efef7495c8528ea284c1c97
|
|
public = 3076301006072a8648ce3d020106052b8104002203620004ffffff00000003fffffff00000003fffffff00000003fffffff00000003fffffff00000003fffffff00000003fffffff4987abae412809c2fa48fd23b1bdf9e622f5a606c44117215ffa61b18ef46e54a7fbbf11f9a6ba59c991b4ae501fedce
|
|
result = valid
|
|
shared = b1e8aab1aa633d98dc6b768594e1e3edb801a9ef483f287c83e19744d2ad343ad3debdc4dc178213ad6876b52284f552
|
|
|
|
# tcId = 180
|
|
# edge cases for ephemeral key
|
|
curve = secp384r1
|
|
private = 2bc15cf3981eab6102c39f9a925aa1309db59c2c02a54411928d73c3945d157848dc36959efef7495c8528ea284c1c97
|
|
public = 3076301006072a8648ce3d020106052b8104002203620004ffffffffffff00000000000000ffffffffffffff00000000000000ffffffffffffff00000000000001000000000000013691fe493d4d28bf8ee1dfec812d6c306eae0842919eda6dc525f0d49ac2d26a992251912139a2936849f9d6fa949a68
|
|
result = valid
|
|
shared = b0de006f80f6f89e4eea6e46dfe305153005612d1e903171ec2886230971961b5202a9f3187bdac413ac24c836adf7a0
|
|
|
|
# tcId = 181
|
|
# edge cases for ephemeral key
|
|
curve = secp384r1
|
|
private = 2bc15cf3981eab6102c39f9a925aa1309db59c2c02a54411928d73c3945d157848dc36959efef7495c8528ea284c1c97
|
|
public = 3076301006072a8648ce3d020106052b8104002203620004ffffffffffffffffffffffffffffffff00000000000000000000000000000000ffffffffffffffffffffffffffffffff615842aa06b06f78f0a66f7bea88d4b6ee59653eeaa00dc5e0a2b658f969b71af90c9b4e96bd3ca33846955bdccbd359
|
|
result = valid
|
|
shared = ca8cfa42c5e374914c14d6402b1a99208e47e02ec49818913694ea0822a2cc6c310259a8f3ab7559b9974bc4c2fa337e
|
|
|
|
# tcId = 182
|
|
# edge cases for ephemeral key
|
|
curve = secp384r1
|
|
private = 2bc15cf3981eab6102c39f9a925aa1309db59c2c02a54411928d73c3945d157848dc36959efef7495c8528ea284c1c97
|
|
public = 3076301006072a8648ce3d020106052b8104002203620004fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffe732152442fb6ee5c3e6ce1d920c059bc623563814d79042b903ce60f1d4487fccd450a86da03f3e6ed525d02017bfdb3
|
|
result = valid
|
|
shared = edf040bace18d90bf9ce720df2a3b31d76d95b7ed9530a159ac0b24e82a871033eada40552f9e606f7115e6a78927511
|
|
|
|
# tcId = 183
|
|
# edge case private key
|
|
curve = secp384r1
|
|
private = 3
|
|
public = 3076301006072a8648ce3d020106052b8104002203620004e9dfaaab808b3aac1ccca7cc6242a7ee583249afe8ee8f66b904cc8eec34ad334456e00f33a94de8b5169cf0199550c020156e9651734ff999c5f3ea62b83d0083a6093f234457251ecf72c41e4df7cea2420b5454a7f690034380bac981e92e
|
|
result = valid
|
|
shared = 455aea9924330bd6d2d6403478327900e172e93598e254cf6d8eb13f0a3d21be51a46107333844e61dfa3d80df6928e9
|
|
|
|
# tcId = 184
|
|
# edge case private key
|
|
curve = secp384r1
|
|
private = 0ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
|
|
public = 3076301006072a8648ce3d020106052b8104002203620004e9dfaaab808b3aac1ccca7cc6242a7ee583249afe8ee8f66b904cc8eec34ad334456e00f33a94de8b5169cf0199550c020156e9651734ff999c5f3ea62b83d0083a6093f234457251ecf72c41e4df7cea2420b5454a7f690034380bac981e92e
|
|
result = valid
|
|
shared = db1d8ef1117282870db8113aa4f58723c756ce598686eb8ea531aa4d39abb1b982b1e7bb2648a6c268d2d351204db8d5
|
|
|
|
# tcId = 185
|
|
# edge case private key
|
|
curve = secp384r1
|
|
private = 10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
|
|
public = 3076301006072a8648ce3d020106052b8104002203620004e9dfaaab808b3aac1ccca7cc6242a7ee583249afe8ee8f66b904cc8eec34ad334456e00f33a94de8b5169cf0199550c020156e9651734ff999c5f3ea62b83d0083a6093f234457251ecf72c41e4df7cea2420b5454a7f690034380bac981e92e
|
|
result = valid
|
|
shared = e98062df47ef884c9411e16466af84ad271d586008b1fbc50aeb3b36836a35a770dd42e0db84d39b26f4dcd2dc03d90b
|
|
|
|
# tcId = 186
|
|
# edge case private key
|
|
curve = secp384r1
|
|
private = 7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
|
|
public = 3076301006072a8648ce3d020106052b8104002203620004e9dfaaab808b3aac1ccca7cc6242a7ee583249afe8ee8f66b904cc8eec34ad334456e00f33a94de8b5169cf0199550c020156e9651734ff999c5f3ea62b83d0083a6093f234457251ecf72c41e4df7cea2420b5454a7f690034380bac981e92e
|
|
result = valid
|
|
shared = 898aae0ebf1cb49fb6b1234d60f59006325421049a8a320820e1ad6af6593cdc2229a08c500aa55ca05999d12829db9c
|
|
|
|
# tcId = 187
|
|
# edge case private key
|
|
curve = secp384r1
|
|
private = 0800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
|
|
public = 3076301006072a8648ce3d020106052b8104002203620004e9dfaaab808b3aac1ccca7cc6242a7ee583249afe8ee8f66b904cc8eec34ad334456e00f33a94de8b5169cf0199550c020156e9651734ff999c5f3ea62b83d0083a6093f234457251ecf72c41e4df7cea2420b5454a7f690034380bac981e92e
|
|
result = valid
|
|
shared = 83f862f496ab8af12b82a8a0c047d836bdfa36281324b3a1eb2e9c1d46699d81cb125cbe4b93939fd84e1ae86d8a83cb
|
|
|
|
# tcId = 188
|
|
# edge case private key
|
|
curve = secp384r1
|
|
private = 0ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a779ecec196accc52973
|
|
public = 3076301006072a8648ce3d020106052b8104002203620004e9dfaaab808b3aac1ccca7cc6242a7ee583249afe8ee8f66b904cc8eec34ad334456e00f33a94de8b5169cf0199550c020156e9651734ff999c5f3ea62b83d0083a6093f234457251ecf72c41e4df7cea2420b5454a7f690034380bac981e92e
|
|
result = valid
|
|
shared = 9a26894887a0342ca559a74a4d4a8e1d6b2084f02e1c65b3097121a9a9af047d8810fb945dc25bbf02222b3b625f1e0a
|
|
|
|
# tcId = 189
|
|
# edge case private key
|
|
curve = secp384r1
|
|
private = 0ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecdc196accc52973
|
|
public = 3076301006072a8648ce3d020106052b8104002203620004e9dfaaab808b3aac1ccca7cc6242a7ee583249afe8ee8f66b904cc8eec34ad334456e00f33a94de8b5169cf0199550c020156e9651734ff999c5f3ea62b83d0083a6093f234457251ecf72c41e4df7cea2420b5454a7f690034380bac981e92e
|
|
result = valid
|
|
shared = 8a8d9dc194a26910cbdae7908d185b6ad04b620c94c5ee331e584ed804e495bebc2290a2d7006a06e65b9bcace86c6f6
|
|
|
|
# tcId = 190
|
|
# edge case private key
|
|
curve = secp384r1
|
|
private = 0ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aece4196accc52973
|
|
public = 3076301006072a8648ce3d020106052b8104002203620004e9dfaaab808b3aac1ccca7cc6242a7ee583249afe8ee8f66b904cc8eec34ad334456e00f33a94de8b5169cf0199550c020156e9651734ff999c5f3ea62b83d0083a6093f234457251ecf72c41e4df7cea2420b5454a7f690034380bac981e92e
|
|
result = valid
|
|
shared = d57f6aa12d3f07e8958499f249e52cfbe5be58482e146c5414dbbf984fc5333710350e2ce96b33beb7678381f40f1dcb
|
|
|
|
# tcId = 191
|
|
# edge case private key
|
|
curve = secp384r1
|
|
private = 0ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec1969ccc52973
|
|
public = 3076301006072a8648ce3d020106052b8104002203620004e9dfaaab808b3aac1ccca7cc6242a7ee583249afe8ee8f66b904cc8eec34ad334456e00f33a94de8b5169cf0199550c020156e9651734ff999c5f3ea62b83d0083a6093f234457251ecf72c41e4df7cea2420b5454a7f690034380bac981e92e
|
|
result = valid
|
|
shared = 188e8041d9a5f0b6cfdad315ada4823beda0146774fad65b500e6ef94376ebf8af7a40ff6f6b45019a09dde7d7fb5552
|
|
|
|
# tcId = 192
|
|
# edge case private key
|
|
curve = secp384r1
|
|
private = 0ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52959
|
|
public = 3076301006072a8648ce3d020106052b8104002203620004e9dfaaab808b3aac1ccca7cc6242a7ee583249afe8ee8f66b904cc8eec34ad334456e00f33a94de8b5169cf0199550c020156e9651734ff999c5f3ea62b83d0083a6093f234457251ecf72c41e4df7cea2420b5454a7f690034380bac981e92e
|
|
result = valid
|
|
shared = 2ecf9dc47e8b07ae61ddbd1680ead02698e9e8469f78d5a28328e48d0c9d7a2ac787e50cba58cc44a32fb1235d2d7027
|
|
# The private key has a special value. Implementations using addition
|
|
# subtraction chains for the point multiplication may get the point at infinity
|
|
# as an intermediate result. See CVE_2017_10176
|
|
|
|
# tcId = 193
|
|
# edge case private key
|
|
curve = secp384r1
|
|
private = 0ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52969
|
|
public = 3076301006072a8648ce3d020106052b8104002203620004e9dfaaab808b3aac1ccca7cc6242a7ee583249afe8ee8f66b904cc8eec34ad334456e00f33a94de8b5169cf0199550c020156e9651734ff999c5f3ea62b83d0083a6093f234457251ecf72c41e4df7cea2420b5454a7f690034380bac981e92e
|
|
result = valid
|
|
shared = 06ee9f55079d3d3c18c683ba33e0d2521be97c4fbf7917bf3b6287d58ffcde2df88842e3f5530b39549ac20974b1b60e
|
|
# The private key has a special value. Implementations using addition
|
|
# subtraction chains for the point multiplication may get the point at infinity
|
|
# as an intermediate result. See CVE_2017_10176
|
|
|
|
# tcId = 194
|
|
# edge case private key
|
|
curve = secp384r1
|
|
private = 0ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52970
|
|
public = 3076301006072a8648ce3d020106052b8104002203620004e9dfaaab808b3aac1ccca7cc6242a7ee583249afe8ee8f66b904cc8eec34ad334456e00f33a94de8b5169cf0199550c020156e9651734ff999c5f3ea62b83d0083a6093f234457251ecf72c41e4df7cea2420b5454a7f690034380bac981e92e
|
|
result = valid
|
|
shared = 455aea9924330bd6d2d6403478327900e172e93598e254cf6d8eb13f0a3d21be51a46107333844e61dfa3d80df6928e9
|
|
|
|
# tcId = 195
|
|
# edge case private key
|
|
curve = secp384r1
|
|
private = 0ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52971
|
|
public = 3076301006072a8648ce3d020106052b8104002203620004e9dfaaab808b3aac1ccca7cc6242a7ee583249afe8ee8f66b904cc8eec34ad334456e00f33a94de8b5169cf0199550c020156e9651734ff999c5f3ea62b83d0083a6093f234457251ecf72c41e4df7cea2420b5454a7f690034380bac981e92e
|
|
result = valid
|
|
shared = 024c5281487216058270cd1cfe259e948310e4adc263a9edaa4da0bc3f5f8ce8ffc88ae41b2c050bf6dd9c8c66857237
|
|
# The private key has a special value. Implementations using addition
|
|
# subtraction chains for the point multiplication may get the point at infinity
|
|
# as an intermediate result. See CVE_2017_10176
|
|
|
|
# tcId = 196
|
|
# public point not on curve
|
|
curve = secp384r1
|
|
private = 0de44e63fd924f177340d780af6aaaea271f52d2cb9a5c519b6020e06c3cf0baafbc0b801c6508c2e1483b15cfef7afc2
|
|
public = 3076301006072a8648ce3d020106052b81040022036200042121a348f9743855859c496f91d0f39fe728fc46e48d007713051b22f1c0257fe20dd85b21df7e1ec82bf8b39b2138a2ae74f80e6257778f8cca9f279b57d25eeeb155960642972f0567e204514f0ac1eb1e27db5115053211914961d09644c8
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 197
|
|
# public point = (0,0)
|
|
curve = secp384r1
|
|
private = 0de44e63fd924f177340d780af6aaaea271f52d2cb9a5c519b6020e06c3cf0baafbc0b801c6508c2e1483b15cfef7afc2
|
|
public = 3076301006072a8648ce3d020106052b8104002203620004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 198
|
|
# order =
|
|
# -39402006196394479212279040100143613805079739270465446667946905279627659399113263569398956308152294913554433653942643
|
|
curve = secp384r1
|
|
private = 0de44e63fd924f177340d780af6aaaea271f52d2cb9a5c519b6020e06c3cf0baafbc0b801c6508c2e1483b15cfef7afc2
|
|
public = 308201b53082014d06072a8648ce3d020130820140020101303c06072a8648ce3d0101023100fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff30640430fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffc0430b3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef046104aa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab73617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f0231ff000000000000000000000000000000000000000000000000389cb27e0bc8d220a7e5f24db74f58851313e695333ad68d020101036200042121a348f9743855859c496f91d0f39fe728fc46e48d007713051b22f1c0257fe20dd85b21df7e1ec82bf8b39b2138a2ae74f80e6257778f8cca9f279b57d25eeeb155960642972f0567e204514f0ac1eb1e27db5115053211914961d09644c6
|
|
result = invalid
|
|
shared = 455cf3c0b0090688599825522ef3312878201514f6330ccc7f42ec1945204adfe419b2dbbfb942dc98b16d8323150cf6
|
|
# The order of the public key has been modified. If this order is used in a
|
|
# cryptographic primitive instead of the correct order then private keys may
|
|
# leak. E.g. ECDHC in BC 1.52 suffered from this.
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 199
|
|
# order = 0
|
|
curve = secp384r1
|
|
private = 0de44e63fd924f177340d780af6aaaea271f52d2cb9a5c519b6020e06c3cf0baafbc0b801c6508c2e1483b15cfef7afc2
|
|
public = 308201853082011d06072a8648ce3d020130820110020101303c06072a8648ce3d0101023100fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff30640430fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffc0430b3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef046104aa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab73617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f020100020101036200042121a348f9743855859c496f91d0f39fe728fc46e48d007713051b22f1c0257fe20dd85b21df7e1ec82bf8b39b2138a2ae74f80e6257778f8cca9f279b57d25eeeb155960642972f0567e204514f0ac1eb1e27db5115053211914961d09644c6
|
|
result = invalid
|
|
shared =
|
|
# The order of the public key has been modified. If this order is used in a
|
|
# cryptographic primitive instead of the correct order then private keys may
|
|
# leak. E.g. ECDHC in BC 1.52 suffered from this.
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 200
|
|
# order = 1
|
|
curve = secp384r1
|
|
private = 0de44e63fd924f177340d780af6aaaea271f52d2cb9a5c519b6020e06c3cf0baafbc0b801c6508c2e1483b15cfef7afc2
|
|
public = 308201853082011d06072a8648ce3d020130820110020101303c06072a8648ce3d0101023100fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff30640430fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffc0430b3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef046104aa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab73617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f020101020101036200042121a348f9743855859c496f91d0f39fe728fc46e48d007713051b22f1c0257fe20dd85b21df7e1ec82bf8b39b2138a2ae74f80e6257778f8cca9f279b57d25eeeb155960642972f0567e204514f0ac1eb1e27db5115053211914961d09644c6
|
|
result = acceptable
|
|
shared = 455cf3c0b0090688599825522ef3312878201514f6330ccc7f42ec1945204adfe419b2dbbfb942dc98b16d8323150cf6
|
|
# The order of the public key has been modified. If this order is used in a
|
|
# cryptographic primitive instead of the correct order then private keys may
|
|
# leak. E.g. ECDHC in BC 1.52 suffered from this.
|
|
# A parameter that is typically not used for ECDH has been modified. Sometimes
|
|
# libraries ignore small differences between public and private key. For
|
|
# example, a library might ignore an incorrect cofactor in the public key. We
|
|
# consider ignoring such changes as acceptable as long as these differences do
|
|
# not change the outcome of the ECDH computation, i.e. as long as the
|
|
# computation is done on the curve from the private key.
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 201
|
|
# order =
|
|
# 9173994463960286046443283581208347763186259956673124494950032159599396260248791326163093631191247821216106
|
|
curve = secp384r1
|
|
private = 0de44e63fd924f177340d780af6aaaea271f52d2cb9a5c519b6020e06c3cf0baafbc0b801c6508c2e1483b15cfef7afc2
|
|
public = 308201b13082014906072a8648ce3d02013082013c020101303c06072a8648ce3d0101023100fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff30640430fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffc0430b3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef046104aa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab73617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f022d00ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196a020101036200042121a348f9743855859c496f91d0f39fe728fc46e48d007713051b22f1c0257fe20dd85b21df7e1ec82bf8b39b2138a2ae74f80e6257778f8cca9f279b57d25eeeb155960642972f0567e204514f0ac1eb1e27db5115053211914961d09644c6
|
|
result = acceptable
|
|
shared = 455cf3c0b0090688599825522ef3312878201514f6330ccc7f42ec1945204adfe419b2dbbfb942dc98b16d8323150cf6
|
|
# The order of the public key has been modified. If this order is used in a
|
|
# cryptographic primitive instead of the correct order then private keys may
|
|
# leak. E.g. ECDHC in BC 1.52 suffered from this.
|
|
# A parameter that is typically not used for ECDH has been modified. Sometimes
|
|
# libraries ignore small differences between public and private key. For
|
|
# example, a library might ignore an incorrect cofactor in the public key. We
|
|
# consider ignoring such changes as acceptable as long as these differences do
|
|
# not change the outcome of the ECDH computation, i.e. as long as the
|
|
# computation is done on the curve from the private key.
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 202
|
|
# generator = (0,0)
|
|
curve = secp384r1
|
|
private = 0de44e63fd924f177340d780af6aaaea271f52d2cb9a5c519b6020e06c3cf0baafbc0b801c6508c2e1483b15cfef7afc2
|
|
public = 308201b53082014d06072a8648ce3d020130820140020101303c06072a8648ce3d0101023100fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff30640430fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffc0430b3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef046104000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000023100ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973020101036200042121a348f9743855859c496f91d0f39fe728fc46e48d007713051b22f1c0257fe20dd85b21df7e1ec82bf8b39b2138a2ae74f80e6257778f8cca9f279b57d25eeeb155960642972f0567e204514f0ac1eb1e27db5115053211914961d09644c6
|
|
result = acceptable
|
|
shared = 455cf3c0b0090688599825522ef3312878201514f6330ccc7f42ec1945204adfe419b2dbbfb942dc98b16d8323150cf6
|
|
# A parameter that is typically not used for ECDH has been modified. Sometimes
|
|
# libraries ignore small differences between public and private key. For
|
|
# example, a library might ignore an incorrect cofactor in the public key. We
|
|
# consider ignoring such changes as acceptable as long as these differences do
|
|
# not change the outcome of the ECDH computation, i.e. as long as the
|
|
# computation is done on the curve from the private key.
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 203
|
|
# generator not on curve
|
|
curve = secp384r1
|
|
private = 0de44e63fd924f177340d780af6aaaea271f52d2cb9a5c519b6020e06c3cf0baafbc0b801c6508c2e1483b15cfef7afc2
|
|
public = 308201b53082014d06072a8648ce3d020130820140020101303c06072a8648ce3d0101023100fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff30640430fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffc0430b3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef046104aa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab73617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e61023100ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973020101036200042121a348f9743855859c496f91d0f39fe728fc46e48d007713051b22f1c0257fe20dd85b21df7e1ec82bf8b39b2138a2ae74f80e6257778f8cca9f279b57d25eeeb155960642972f0567e204514f0ac1eb1e27db5115053211914961d09644c6
|
|
result = acceptable
|
|
shared = 455cf3c0b0090688599825522ef3312878201514f6330ccc7f42ec1945204adfe419b2dbbfb942dc98b16d8323150cf6
|
|
# A parameter that is typically not used for ECDH has been modified. Sometimes
|
|
# libraries ignore small differences between public and private key. For
|
|
# example, a library might ignore an incorrect cofactor in the public key. We
|
|
# consider ignoring such changes as acceptable as long as these differences do
|
|
# not change the outcome of the ECDH computation, i.e. as long as the
|
|
# computation is done on the curve from the private key.
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 204
|
|
# cofactor = -1
|
|
curve = secp384r1
|
|
private = 0de44e63fd924f177340d780af6aaaea271f52d2cb9a5c519b6020e06c3cf0baafbc0b801c6508c2e1483b15cfef7afc2
|
|
public = 308201b53082014d06072a8648ce3d020130820140020101303c06072a8648ce3d0101023100fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff30640430fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffc0430b3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef046104aa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab73617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f023100ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc529730201ff036200042121a348f9743855859c496f91d0f39fe728fc46e48d007713051b22f1c0257fe20dd85b21df7e1ec82bf8b39b2138a2ae74f80e6257778f8cca9f279b57d25eeeb155960642972f0567e204514f0ac1eb1e27db5115053211914961d09644c6
|
|
result = invalid
|
|
shared = 455cf3c0b0090688599825522ef3312878201514f6330ccc7f42ec1945204adfe419b2dbbfb942dc98b16d8323150cf6
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 205
|
|
# cofactor = 0
|
|
curve = secp384r1
|
|
private = 0de44e63fd924f177340d780af6aaaea271f52d2cb9a5c519b6020e06c3cf0baafbc0b801c6508c2e1483b15cfef7afc2
|
|
public = 308201b53082014d06072a8648ce3d020130820140020101303c06072a8648ce3d0101023100fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff30640430fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffc0430b3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef046104aa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab73617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f023100ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973020100036200042121a348f9743855859c496f91d0f39fe728fc46e48d007713051b22f1c0257fe20dd85b21df7e1ec82bf8b39b2138a2ae74f80e6257778f8cca9f279b57d25eeeb155960642972f0567e204514f0ac1eb1e27db5115053211914961d09644c6
|
|
result = invalid
|
|
shared = 455cf3c0b0090688599825522ef3312878201514f6330ccc7f42ec1945204adfe419b2dbbfb942dc98b16d8323150cf6
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 206
|
|
# cofactor = 2
|
|
curve = secp384r1
|
|
private = 0de44e63fd924f177340d780af6aaaea271f52d2cb9a5c519b6020e06c3cf0baafbc0b801c6508c2e1483b15cfef7afc2
|
|
public = 308201b53082014d06072a8648ce3d020130820140020101303c06072a8648ce3d0101023100fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff30640430fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffc0430b3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef046104aa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab73617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f023100ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973020102036200042121a348f9743855859c496f91d0f39fe728fc46e48d007713051b22f1c0257fe20dd85b21df7e1ec82bf8b39b2138a2ae74f80e6257778f8cca9f279b57d25eeeb155960642972f0567e204514f0ac1eb1e27db5115053211914961d09644c6
|
|
result = acceptable
|
|
shared = 455cf3c0b0090688599825522ef3312878201514f6330ccc7f42ec1945204adfe419b2dbbfb942dc98b16d8323150cf6
|
|
# A parameter that is typically not used for ECDH has been modified. Sometimes
|
|
# libraries ignore small differences between public and private key. For
|
|
# example, a library might ignore an incorrect cofactor in the public key. We
|
|
# consider ignoring such changes as acceptable as long as these differences do
|
|
# not change the outcome of the ECDH computation, i.e. as long as the
|
|
# computation is done on the curve from the private key.
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 207
|
|
# cofactor =
|
|
# 39402006196394479212279040100143613805079739270465446667946905279627659399113263569398956308152294913554433653942643
|
|
curve = secp384r1
|
|
private = 0de44e63fd924f177340d780af6aaaea271f52d2cb9a5c519b6020e06c3cf0baafbc0b801c6508c2e1483b15cfef7afc2
|
|
public = 308201e53082017d06072a8648ce3d020130820170020101303c06072a8648ce3d0101023100fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff30640430fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffc0430b3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef046104aa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab73617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f023100ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973023100ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973036200042121a348f9743855859c496f91d0f39fe728fc46e48d007713051b22f1c0257fe20dd85b21df7e1ec82bf8b39b2138a2ae74f80e6257778f8cca9f279b57d25eeeb155960642972f0567e204514f0ac1eb1e27db5115053211914961d09644c6
|
|
result = invalid
|
|
shared = 455cf3c0b0090688599825522ef3312878201514f6330ccc7f42ec1945204adfe419b2dbbfb942dc98b16d8323150cf6
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 208
|
|
# cofactor = None
|
|
curve = secp384r1
|
|
private = 0de44e63fd924f177340d780af6aaaea271f52d2cb9a5c519b6020e06c3cf0baafbc0b801c6508c2e1483b15cfef7afc2
|
|
public = 308201b23082014a06072a8648ce3d02013082013d020101303c06072a8648ce3d0101023100fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff30640430fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffc0430b3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef046104aa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab73617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f023100ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973036200042121a348f9743855859c496f91d0f39fe728fc46e48d007713051b22f1c0257fe20dd85b21df7e1ec82bf8b39b2138a2ae74f80e6257778f8cca9f279b57d25eeeb155960642972f0567e204514f0ac1eb1e27db5115053211914961d09644c6
|
|
result = acceptable
|
|
shared = 455cf3c0b0090688599825522ef3312878201514f6330ccc7f42ec1945204adfe419b2dbbfb942dc98b16d8323150cf6
|
|
# A parameter that is typically not used for ECDH has been modified. Sometimes
|
|
# libraries ignore small differences between public and private key. For
|
|
# example, a library might ignore an incorrect cofactor in the public key. We
|
|
# consider ignoring such changes as acceptable as long as these differences do
|
|
# not change the outcome of the ECDH computation, i.e. as long as the
|
|
# computation is done on the curve from the private key.
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 209
|
|
# modified prime
|
|
curve = secp384r1
|
|
private = 0de44e63fd924f177340d780af6aaaea271f52d2cb9a5c519b6020e06c3cf0baafbc0b801c6508c2e1483b15cfef7afc2
|
|
public = 308201b53082014d06072a8648ce3d020130820140020101303c06072a8648ce3d0101023100f47e533e4e43e4bf04e901db0eea6efba14bbcdc3b1c5753a7c141487e4f43784e57a72310202323361f44760c8368bf306404300b81acc1b1bc1b40fb16fe24f11591045eb44323c4e3a8ac583ebeb781b0bc86b1a858dbefdfdcdcc9e0bb8af37c973d0430b3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef04610400000000000000000000000000000000fffffffffffd38000000000000000000000000000000000000000000000001cf3646298bba2f24e84189cf0d1e75188fc4fcf5b0844281822e789e3d534b159f4c419342260197625ad924a2c72c4d0f023100ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc529730201010362000400000000000000000000000000000000fffffffffffd38000000000000000000000000000000000000000000000001cf3646298bba2f24e84189cf0d1e75188fc4fcf5b0844281822e789e3d534b159f4c419342260197625ad924a2c72c4d0f
|
|
result = invalid
|
|
shared = 5df0762488bc0a7be1121508949382861f781c331676048c2d45d245be6f476c872113e6710bc746c3d06970510193ce
|
|
# The modulus of the public key has been modified. The public point of the
|
|
# public key has been chosen so that it is both a point on both the curve of the
|
|
# modified public key and the private key.
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 210
|
|
# using secp224r1
|
|
curve = secp384r1
|
|
private = 0de44e63fd924f177340d780af6aaaea271f52d2cb9a5c519b6020e06c3cf0baafbc0b801c6508c2e1483b15cfef7afc2
|
|
public = 304e301006072a8648ce3d020106052b81040021033a0004074f56dc2ea648ef89c3b72e23bbd2da36f60243e4d2067b70604af1c2165cec2f86603d60c8a611d5b84ba3d91dfe1a480825bcc4af3bcf
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 211
|
|
# using secp256r1
|
|
curve = secp384r1
|
|
private = 0de44e63fd924f177340d780af6aaaea271f52d2cb9a5c519b6020e06c3cf0baafbc0b801c6508c2e1483b15cfef7afc2
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d03010703420004cbf6606595a3ee50f9fceaa2798c2740c82540516b4e5a7d361ff24e9dd15364e5408b2e679f9d5310d1f6893b36ce16b4a507509175fcb52aea53b781556b39
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 212
|
|
# using secp256k1
|
|
curve = secp384r1
|
|
private = 0de44e63fd924f177340d780af6aaaea271f52d2cb9a5c519b6020e06c3cf0baafbc0b801c6508c2e1483b15cfef7afc2
|
|
public = 3056301006072a8648ce3d020106052b8104000a03420004a1263e75b87ae0937060ff1472f330ee55cdf8f4329d6284a9ebfbcc856c11684225e72cbebff41e54fb6f00e11afe53a17937bedbf2df787f8ef9584f775838
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 213
|
|
# a = 0
|
|
curve = secp384r1
|
|
private = 0de44e63fd924f177340d780af6aaaea271f52d2cb9a5c519b6020e06c3cf0baafbc0b801c6508c2e1483b15cfef7afc2
|
|
public = 308201863082011e06072a8648ce3d020130820111020101303c06072a8648ce3d0101023100fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff303504010004304fcc45ccf5e23ee407b9291d2e85523962a2a79a50da3facca04b7267ad316db202cb07c24905740d201ded3028881090461042121a348f9743855859c496f91d0f39fe728fc46e48d007713051b22f1c0257fe20dd85b21df7e1ec82bf8b39b2138a2ae74f80e6257778f8cca9f279b57d25eeeb155960642972f0567e204514f0ac1eb1e27db5115053211914961d09644c6023100ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973020101036200042121a348f9743855859c496f91d0f39fe728fc46e48d007713051b22f1c0257fe20dd85b21df7e1ec82bf8b39b2138a2ae74f80e6257778f8cca9f279b57d25eeeb155960642972f0567e204514f0ac1eb1e27db5115053211914961d09644c6
|
|
result = acceptable
|
|
shared = 455cf3c0b0090688599825522ef3312878201514f6330ccc7f42ec1945204adfe419b2dbbfb942dc98b16d8323150cf6
|
|
# A parameter that is typically not used for ECDH has been modified. Sometimes
|
|
# libraries ignore small differences between public and private key. For
|
|
# example, a library might ignore an incorrect cofactor in the public key. We
|
|
# consider ignoring such changes as acceptable as long as these differences do
|
|
# not change the outcome of the ECDH computation, i.e. as long as the
|
|
# computation is done on the curve from the private key.
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 214
|
|
# public key of order 3
|
|
curve = secp384r1
|
|
private = 0de44e63fd924f177340d780af6aaaea271f52d2cb9a5c519b6020e06c3cf0baafbc0b801c6508c2e1483b15cfef7afc2
|
|
public = 308201b53082014d06072a8648ce3d020130820140020101303c06072a8648ce3d0101023100fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff30640430cba7f9015366e8e6bba0f30bcd1ab0a279e92e2ceb5fe5bbfee62db1fe23a64639709b7e5efcd539d6f2882e40713f3304309c564d918760892977fab2a7c507ca1337cd282c27e832eb3d0dc8ab1b03c5bdb72351d7a3fb388eac1f6fdfe2faaac8046104f610585fa59340e1df571af1e2d8cd3d6bbcf0fde2c272444b2a1ec58f71b7aed0cf709ee9c6777304c3149ef788719c07f9f6ffa32808b6371504fd55a5b02c3a571bc6aba9915f80c902b753d9abbefc8f510e7a9908466b795508188cb28c023100ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc5297302010103620004f610585fa59340e1df571af1e2d8cd3d6bbcf0fde2c272444b2a1ec58f71b7aed0cf709ee9c6777304c3149ef788719cf80609005cd7f749c8eafb02aa5a4fd3c5a8e43954566ea07f36fd48ac2654400370aef08566f7b99486aaf8e7734d73
|
|
result = invalid
|
|
shared = 1565d888a631c08afaeda6da8d1aea4c916aa0a157abb44dff9f8181948e434d8b4f3366d29a34b2e3a3cb419675ac13
|
|
# The vector contains a weak public key. The curve is not a named curve, the
|
|
# public key point has order 3 and has been chosen to be on the same curve as
|
|
# the private key. This test vector is used to check ECC implementations for
|
|
# missing steps in the verification of the public key.
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 215
|
|
# Private key and public key are not on the same curve
|
|
curve = secp384r1
|
|
private = 0d6331a5a968e4d3bd7336a423b41055b68edd100b8b998d00eb9ed93881c21e3912bb2ee08e71327be205898675ef7a4
|
|
public = 304e301006072a8648ce3d020106052b81040021033a00040710b0c6f4675459f3df2bdf7ca02819f8086198d15c69b8abda37639e6031caca8a0121894d2491d8b3dce093703c70705bc5dbc8fa17c8
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 216
|
|
# Private key and public key are not on the same curve
|
|
curve = secp384r1
|
|
private = 0d6331a5a968e4d3bd7336a423b41055b68edd100b8b998d00eb9ed93881c21e3912bb2ee08e71327be205898675ef7a4
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d030107034200045fa4fa0b235c21e5c9f3baea9303bf86eccb7d31d0b998e141bc54b5dc43b23eef7fc5cf56308ed595eee99ade6aaf74d591c3d00aa1b438abc59c9607c22c36
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 217
|
|
# Private key and public key are not on the same curve
|
|
curve = secp384r1
|
|
private = 0d6331a5a968e4d3bd7336a423b41055b68edd100b8b998d00eb9ed93881c21e3912bb2ee08e71327be205898675ef7a4
|
|
public = 30819b301006072a8648ce3d020106052b810400230381860004005bce61fe27c440fedbad47d88bccf645db9c1d30daa086e592e8b6a0a173b87991b619801907b420fa558c7953ab97badd9c6c1d85859d9ebef7441a088ff57ed5008d7638de703faabeb5a78e83e8fcd4eb786144a75d79bd4cc8cfa8be66612d756c7b65c67f72c6acbade6f0d59e9752e845205b2a560d4f8d6a9e84bf812f94d18
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 218
|
|
# Private key and public key are not on the same curve
|
|
curve = secp384r1
|
|
private = 0d6331a5a968e4d3bd7336a423b41055b68edd100b8b998d00eb9ed93881c21e3912bb2ee08e71327be205898675ef7a4
|
|
public = 3056301006072a8648ce3d020106052b8104000a03420004a69ced11a8bf7a907bfa47cba3368f2498b465a2407c90649c8da224d2a85bf445ad2df3d0113e72aedccf92ba6b8529ed6faa154bc27aba25f49371981e3b38
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 219
|
|
# Private key and public key are not on the same curve
|
|
curve = secp384r1
|
|
private = 0d6331a5a968e4d3bd7336a423b41055b68edd100b8b998d00eb9ed93881c21e3912bb2ee08e71327be205898675ef7a4
|
|
public = 3052301406072a8648ce3d020106092b2403030208010105033a0004a9b0f90e49a57fbe508847bf16e4a7b565dfe870a50164bc2862fe6e4d54bd8b109939f7dbbf800522722b9c0b309ace3884abb69c927ad0
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 220
|
|
# Private key and public key are not on the same curve
|
|
curve = secp384r1
|
|
private = 0d6331a5a968e4d3bd7336a423b41055b68edd100b8b998d00eb9ed93881c21e3912bb2ee08e71327be205898675ef7a4
|
|
public = 305a301406072a8648ce3d020106092b240303020801010703420004512fe17172db1125a49f9dbb85e387869adf015e4899c06f66ef870d72092d4d195e1d21b4a4647bf734468bee802ddad5449202eba1041df2fd8cde04697237
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 221
|
|
# Private key and public key are not on the same curve
|
|
curve = secp384r1
|
|
private = 0d6331a5a968e4d3bd7336a423b41055b68edd100b8b998d00eb9ed93881c21e3912bb2ee08e71327be205898675ef7a4
|
|
public = 306a301406072a8648ce3d020106092b240303020801010903520004c391dc7a817d47a3961ea1857895e101c0f5a8767d3a9c7cad49f7af8029f24c67309373cedd0831ccc0a0f45d344f3ab5923d2452507a980301a283848ae31574a57db51ce5e61d35aee483f1bb8e66
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 222
|
|
# Private key and public key are not on the same curve
|
|
curve = secp384r1
|
|
private = 0d6331a5a968e4d3bd7336a423b41055b68edd100b8b998d00eb9ed93881c21e3912bb2ee08e71327be205898675ef7a4
|
|
public = 307a301406072a8648ce3d020106092b240303020801010b0362000419d3c811c04c5c0990d0258386195b2e29fdaba58d3f12b0bac8d3d53828c66c7a35e3d1eb0bdf2c08f23d0e4ab6a3246e456bf0fb863d03423dbe431baf799657c7816a619662fe5b900b754107ba5cc06b1d62c9a927891efee1a1fd404d7e
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 223
|
|
# Private key and public key are not on the same curve
|
|
curve = secp384r1
|
|
private = 0d6331a5a968e4d3bd7336a423b41055b68edd100b8b998d00eb9ed93881c21e3912bb2ee08e71327be205898675ef7a4
|
|
public = 30819b301406072a8648ce3d020106092b240303020801010d0381820004216eb619457f1168ac873f5b560a75df80749f2bdf9abac31d6580e521ad70368013c3db74f663263b61eb12d4dcd597ad6c77cef6a5d6d2240b1e244d76403f693fb317ffc602a7ac313991b0a62f7bf469bbc95b3ff35003d972eb8ebcc8d4833e6c24ad52d49c1ce6244c7889ab67a8818232e192944542763fc667e5799d
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 224
|
|
# Private key and public key are not on the same curve
|
|
curve = secp384r1
|
|
private = 0d6331a5a968e4d3bd7336a423b41055b68edd100b8b998d00eb9ed93881c21e3912bb2ee08e71327be205898675ef7a4
|
|
public = 3052301406072a8648ce3d020106092b2403030208010106033a0004691b24004380a599770214d0c60ab37cfc804cfaa7aedd11cbf0a05467ebec5e33322cda707b848086fd740244f62cdeb867fc057207fde2
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 225
|
|
# Private key and public key are not on the same curve
|
|
curve = secp384r1
|
|
private = 0d6331a5a968e4d3bd7336a423b41055b68edd100b8b998d00eb9ed93881c21e3912bb2ee08e71327be205898675ef7a4
|
|
public = 305a301406072a8648ce3d020106092b24030302080101080342000422bf69f3a81dfa1ed8a97301943626e20377b78f7e7d714b880deb5a4a9c63a11591c2e47b777488990771855768b9a4050d61bf02d84cc6aa40447a07507285
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 226
|
|
# Private key and public key are not on the same curve
|
|
curve = secp384r1
|
|
private = 0d6331a5a968e4d3bd7336a423b41055b68edd100b8b998d00eb9ed93881c21e3912bb2ee08e71327be205898675ef7a4
|
|
public = 306a301406072a8648ce3d020106092b240303020801010a0352000476568300e2b4c68861589b4966e67bc414811e4011260cb8be5f884869fa179ca8af40f80009e0a58b17ac3e551a772e76683c32e6e09112572542d7c1fe3d49abb56da56d669186e2623dc797129dc0
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 227
|
|
# Private key and public key are not on the same curve
|
|
curve = secp384r1
|
|
private = 0d6331a5a968e4d3bd7336a423b41055b68edd100b8b998d00eb9ed93881c21e3912bb2ee08e71327be205898675ef7a4
|
|
public = 307a301406072a8648ce3d020106092b240303020801010c036200043345dffded3c33f7dcc19bb8997a39f2d6230abcb765d6142c30bf320c1fadff535feafd8505eb3e614db71826c1e258077a1e6057add7474f6d35dce68417812e7b919b1c673032b28c45d0a9251c43a2a73ab152f64ff8eba4eab312fa73bd
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 228
|
|
# Private key and public key are not on the same curve
|
|
curve = secp384r1
|
|
private = 0d6331a5a968e4d3bd7336a423b41055b68edd100b8b998d00eb9ed93881c21e3912bb2ee08e71327be205898675ef7a4
|
|
public = 30819b301406072a8648ce3d020106092b240303020801010e0381820004a3677c646cd887685940c28076f55cda7469032845f2cb2af51c61492dc435aaa5b771d8e1528417cdeb89b5f629e06b234e21236b9edf46c7025177ee65a8e940f670d10c722cea355bd3a5c8847a38324b9a06a50a95da4e70bb492cd00194a8830975dd1e115e19315575ff841b30fd4a3f8a44725dfe280d0af57fc80cc3
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 229
|
|
# invalid public key
|
|
curve = secp384r1
|
|
private = 2b9e57572da6cf4fb58cb94eab8df19383a136f219f2a515776a8bf48e1538dd1d811946c16d9f0184c9ce5cdf1dac51
|
|
public = 3046301006072a8648ce3d020106052b81040022033200024424530ea70bace90601f8d5869e4179a6cd689b6a18fdfec50cecf17cb836d24820211ada67815b42c2c2606303f69e
|
|
result = invalid
|
|
shared =
|
|
# The point in the public key is compressed. Not every library supports points
|
|
# in compressed format.
|
|
|
|
[curve = secp521r1]
|
|
|
|
# tcId = 230
|
|
# normal case
|
|
curve = secp521r1
|
|
private = 1939982b529596ce77a94bc6efd03e92c21a849eb4f87b8f619d506efc9bb22e7c61640c90d598f795b64566dc6df43992ae34a1341d458574440a7371f611c7dcd
|
|
public = 30819b301006072a8648ce3d020106052b8104002303818600040064da3e94733db536a74a0d8a5cb2265a31c54a1da6529a198377fbd38575d9d79769ca2bdf2d4c972642926d444891a652e7f492337251adf1613cf3077999b5ce00e04ad19cf9fd4722b0c824c069f70c3c0e7ebc5288940dfa92422152ae4a4f79183ced375afb54db1409ddf338b85bb6dbfc5950163346bb63a90a70c5aba098f7
|
|
result = valid
|
|
shared = 01f1e410f2c6262bce6879a3f46dfb7dd11d30eeee9ab49852102e1892201dd10f27266c2cf7cbccc7f6885099043dad80ff57f0df96acf283fb090de53df95f7d87
|
|
|
|
# tcId = 231
|
|
# compressed public key
|
|
curve = secp521r1
|
|
private = 1939982b529596ce77a94bc6efd03e92c21a849eb4f87b8f619d506efc9bb22e7c61640c90d598f795b64566dc6df43992ae34a1341d458574440a7371f611c7dcd
|
|
public = 3058301006072a8648ce3d020106052b81040023034400030064da3e94733db536a74a0d8a5cb2265a31c54a1da6529a198377fbd38575d9d79769ca2bdf2d4c972642926d444891a652e7f492337251adf1613cf3077999b5ce
|
|
result = acceptable
|
|
shared = 01f1e410f2c6262bce6879a3f46dfb7dd11d30eeee9ab49852102e1892201dd10f27266c2cf7cbccc7f6885099043dad80ff57f0df96acf283fb090de53df95f7d87
|
|
# The point in the public key is compressed. Not every library supports points
|
|
# in compressed format.
|
|
|
|
# tcId = 232
|
|
# edge cases for shared secret
|
|
curve = secp521r1
|
|
private = 0a2b6442a37f8a3759d2cb91df5eca75af6b89e27baf2f6cbf971dee5058ffa9d8dac805c7bc72f3718489d6a9cb2787af8c93a17ddeb1a19211ab23604d47b7646
|
|
public = 30819b301006072a8648ce3d020106052b810400230381860004014c643329691ba27459a40dfe7c4ce17b3ea14d0cd7aa47b01f1315404db51436fbbfe6de0842e0f7e1265f6ff3aca28750677d3370b2fb2a6ef497356f4b95811201051b14178639a09a41465c72d3743436ee1c191ff7388a40140b34d5317de5911ea03cdbb0329fdeb446695a3b92d437271a9f3c318b02dec4d473908158140e97
|
|
result = valid
|
|
shared = 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
|
|
|
|
# tcId = 233
|
|
# edge cases for shared secret
|
|
curve = secp521r1
|
|
private = 0a2b6442a37f8a3759d2cb91df5eca75af6b89e27baf2f6cbf971dee5058ffa9d8dac805c7bc72f3718489d6a9cb2787af8c93a17ddeb1a19211ab23604d47b7646
|
|
public = 30819b301006072a8648ce3d020106052b8104002303818600040029cd32125c23a41af24fd4b729da0faacbc35516ef0ba59096602571693cd282e26d67e18ef4643d0f6f158d7370d3394ca9a8de7938032ac178c6fd34e3702b8d008649834e2b41be3a8b7510bfe570f4c67075943cd0cbb9d9e1d1da52618b5b96d6aec9b650daf1ca6624c13e5116302b9c79c8c4d3d351915d1e8e1ab6ad76098e
|
|
result = valid
|
|
shared = 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001
|
|
|
|
# tcId = 234
|
|
# edge cases for shared secret
|
|
curve = secp521r1
|
|
private = 0a2b6442a37f8a3759d2cb91df5eca75af6b89e27baf2f6cbf971dee5058ffa9d8dac805c7bc72f3718489d6a9cb2787af8c93a17ddeb1a19211ab23604d47b7646
|
|
public = 30819b301006072a8648ce3d020106052b8104002303818600040032c6f06ce6a15ea064464d35aa368d299c9a9e1e368f694aefb603876248f898f223ce0217bef37d61eb09b27c93187cf8e61ba7b14e3c9bee692b06ac6d95f836019fd19f8480e21c63211d48d45f96f6365cf55f958e1a0fe7ea6b6b9ff230a87b70bb1b14d3a5fb6669a91641c6acf4570c1d3a9e709913b7fe6b35ff81c394d6a7
|
|
result = valid
|
|
shared = 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002
|
|
|
|
# tcId = 235
|
|
# edge cases for shared secret
|
|
curve = secp521r1
|
|
private = 0a2b6442a37f8a3759d2cb91df5eca75af6b89e27baf2f6cbf971dee5058ffa9d8dac805c7bc72f3718489d6a9cb2787af8c93a17ddeb1a19211ab23604d47b7646
|
|
public = 30819b301006072a8648ce3d020106052b810400230381860004006ddf9b10965d5fc129e96f7a37667ccf66cc44384772906fedb21f9de4629e01aaa09ac7c9866112064bbc9bd58ebc123ab2fe19d8fed1a056d27bfef0630509c7001c441311ef20a16346332ea42d5c65788d68f6817b0267fcab11ea9c948ed108115dda8e823a380b601460742d3772d6424c67b240da24772ff0d2ccd9a1e0cea6
|
|
result = valid
|
|
shared = 000000ffffffffffffff00000000000000ffffffffffffff00000000000000ffffffffffffff00000000000000ffffffffffffff0000000000000100000000000000
|
|
|
|
# tcId = 236
|
|
# edge cases for shared secret
|
|
curve = secp521r1
|
|
private = 0a2b6442a37f8a3759d2cb91df5eca75af6b89e27baf2f6cbf971dee5058ffa9d8dac805c7bc72f3718489d6a9cb2787af8c93a17ddeb1a19211ab23604d47b7646
|
|
public = 30819b301006072a8648ce3d020106052b810400230381860004007a8c547268c948b626da636cf54428ea2ab23861d499a84ad7be1cf691b92872a06e26c6dba08ca9ed386f83d396156d5fa023f57d5ea6440ec7401dad2c08ad70018c3815b1b9a2e42555419a6c19043fa2b0ddcc4b5a6e372fee9fcb227d85bad704687e7e1a818b612d5c046cd75972f7a2dd5c9a200ac5582cd59fec47ac525ecf
|
|
result = valid
|
|
shared = 00003fffffff00000003fffffff00000003fffffff00000003fffffff00000003fffffff00000003fffffff00000003fffffff00000003fffffff00000003fffffff
|
|
|
|
# tcId = 237
|
|
# edge cases for shared secret
|
|
curve = secp521r1
|
|
private = 0a2b6442a37f8a3759d2cb91df5eca75af6b89e27baf2f6cbf971dee5058ffa9d8dac805c7bc72f3718489d6a9cb2787af8c93a17ddeb1a19211ab23604d47b7646
|
|
public = 30819b301006072a8648ce3d020106052b8104002303818600040029153cf062f88f303e5d6f9aac968bd901076d5994ea7f831833b1e69b67e9e9fe20cf9c5623e00e0b9e3592fca2a03324b5df7c93186aff697aca864600d44ecc002801a62e2f4106f34106da23dc93d50e3e975a1d47510021835290649b7a4125109f656b6b0b5bd00b24d84ea1ba4e1ed49e61c526fb1011005131caee7ee0501e
|
|
result = valid
|
|
shared = 010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
|
|
|
|
# tcId = 238
|
|
# edge cases for shared secret
|
|
curve = secp521r1
|
|
private = 0a2b6442a37f8a3759d2cb91df5eca75af6b89e27baf2f6cbf971dee5058ffa9d8dac805c7bc72f3718489d6a9cb2787af8c93a17ddeb1a19211ab23604d47b7646
|
|
public = 30819b301006072a8648ce3d020106052b81040023038186000400a61eb994e28722c59b3c6007dfdf8b37893f6350f461b26a00e1a45104314aae9989da87e4facb2c4ef721185b7d96d9a45a28a102756501a1acc5d329a21bbf73010e8d0e12f5a9a40e0d59c90ce73043d39730aeadd3788e31d7c2bb62a1166161994664afa658ce2e60a13f45f27f914307c8d6f8d4ed16ab041b8f69908a62782f
|
|
result = valid
|
|
shared = 010000003ffffff0000003ffffff0000003ffffff0000003ffffff0000003ffffff0000003ffffff0000003ffffff0000003ffffff0000003ffffff0000003ffffff
|
|
|
|
# tcId = 239
|
|
# edge cases for shared secret
|
|
curve = secp521r1
|
|
private = 0a2b6442a37f8a3759d2cb91df5eca75af6b89e27baf2f6cbf971dee5058ffa9d8dac805c7bc72f3718489d6a9cb2787af8c93a17ddeb1a19211ab23604d47b7646
|
|
public = 30819b301006072a8648ce3d020106052b810400230381860004011dd497b30c73709906b164a9a79dc7f2a98c0148ed63016bb95243834fbcdf8eb74b0ff652d54f59f31aef51da6e8974d363655b1da138dc4de0f2a8d800f475ae0057bd4b84607400d863ffbf45a3cf58999ee24ba05e93eca7b0e4ae760eb1733559a45d15579d3370d716ffa3ec4bfdae418e32fb06138dfca213720a938577610e
|
|
result = valid
|
|
shared = 01ff00000000000000000000000000000000ffffffffffffffffffffffffffffffff0000000000000000000000000000000100000000000000000000000000000000
|
|
|
|
# tcId = 240
|
|
# edge cases for shared secret
|
|
curve = secp521r1
|
|
private = 0a2b6442a37f8a3759d2cb91df5eca75af6b89e27baf2f6cbf971dee5058ffa9d8dac805c7bc72f3718489d6a9cb2787af8c93a17ddeb1a19211ab23604d47b7646
|
|
public = 30819b301006072a8648ce3d020106052b81040023038186000401283eb93fa369fe7012b647d21e0a97cf9950e5fbed819ef56158f20c8a9473a418eccbca4dc2b47f4cb6d322f917005859bf221e84ac9827cab82a801c627fb1ec0075c480cbafb352fcaf93baf23a1405fd81febe09729a908d1077e177dd8993d94b251a0d52652da3edb6fdf864e80cd51540e73d0b5107e3433576dcaa4e18db43
|
|
result = valid
|
|
shared = 01ff0000000000000000ffffffffffffffff0000000000000000ffffffffffffffff0000000000000000ffffffffffffffff0000000000000000ffffffffffffffff
|
|
|
|
# tcId = 241
|
|
# edge cases for shared secret
|
|
curve = secp521r1
|
|
private = 0a2b6442a37f8a3759d2cb91df5eca75af6b89e27baf2f6cbf971dee5058ffa9d8dac805c7bc72f3718489d6a9cb2787af8c93a17ddeb1a19211ab23604d47b7646
|
|
public = 30819b301006072a8648ce3d020106052b81040023038186000400173beefe35ee868d497ff6601628f65ce18a1591f7e4a3a406622f3f508e2da68f101ed02febc38418c6ddfc26a5ec9848c42792463b1e945f9e167db34bdf2d660053070647aba7cd60eb295ab81a268a3903f393c5d28bbc5e022351c377cd84f02c19deb36442372cae1332e92f95ba60b6c852e0de0718e89d24e43cd479c9fb11
|
|
result = valid
|
|
shared = 01ff00000000ffffffff00000000ffffffff00000000ffffffff00000000ffffffff00000000ffffffff00000000ffffffff00000000ffffffff00000000ffffffff
|
|
|
|
# tcId = 242
|
|
# edge cases for shared secret
|
|
curve = secp521r1
|
|
private = 0a2b6442a37f8a3759d2cb91df5eca75af6b89e27baf2f6cbf971dee5058ffa9d8dac805c7bc72f3718489d6a9cb2787af8c93a17ddeb1a19211ab23604d47b7646
|
|
public = 30819b301006072a8648ce3d020106052b810400230381860004009829cd5432687739ab6ae10af8ea73d2cb53b81ebb06b5961b7badc1676b3ef7b00454f7cde56774a01312d574a9193c1a5fe5336fbe62623ad9bf81143789f9f90012f955697ed578207197bf9aac3896521615dbacc8dc665d4f1715b08439f49c2aa6ed337023ffccc5075a85944936826db92f919737ca3afeadba1847084bdef7
|
|
result = valid
|
|
shared = 01ff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff00010000
|
|
|
|
# tcId = 243
|
|
# edge cases for shared secret
|
|
curve = secp521r1
|
|
private = 0a2b6442a37f8a3759d2cb91df5eca75af6b89e27baf2f6cbf971dee5058ffa9d8dac805c7bc72f3718489d6a9cb2787af8c93a17ddeb1a19211ab23604d47b7646
|
|
public = 30819b301006072a8648ce3d020106052b8104002303818600040126e3c959cd41120bb83693b1d6a034b385137c1bb3213b776122fed96056e329885718a73bee639c0ba4b68818682f498ce5496925002bd7652516405fcc4fecad0073a9c6e3b0c694bf7cc8ccbbd09800e81e3548ba44a0c2381cef0b07bf702a19054bb5d717a1b79294609cbdafd4e2018064f7b2c4c204d818eb7ce521c3268ce5
|
|
result = valid
|
|
shared = 01ffc000001ffffff8000003ffffff0000007fffffe000000ffffffc000001ffffff8000003ffffff0000007fffffe000000ffffffc000001ffffff8000004000001
|
|
|
|
# tcId = 244
|
|
# edge cases for shared secret
|
|
curve = secp521r1
|
|
private = 0a2b6442a37f8a3759d2cb91df5eca75af6b89e27baf2f6cbf971dee5058ffa9d8dac805c7bc72f3718489d6a9cb2787af8c93a17ddeb1a19211ab23604d47b7646
|
|
public = 30819b301006072a8648ce3d020106052b8104002303818600040153dc481ab3c5dc8decd24ceaee1bec77f59f21f7f31c19538af047d281ac9e2567933fd3d21096b185d4098919571931bb9b0be7197995e2fbaf21c8a10007ade001ad69f08fcae164390be826256b50fae47502ce0e9ca46af0c490cb4033c886f88661a99ff2bd3c9c8e7da30faf2b4c769edc5831810ac05054c97e41063f496e1f
|
|
result = valid
|
|
shared = 01ffc0007fff0001fffc0007fff0001fffc0007fff0001fffc0007fff0001fffc0007fff0001fffc0007fff0001fffc0007fff0001fffc0007fff0001fffc0007fff
|
|
|
|
# tcId = 245
|
|
# edge cases for shared secret
|
|
curve = secp521r1
|
|
private = 0a2b6442a37f8a3759d2cb91df5eca75af6b89e27baf2f6cbf971dee5058ffa9d8dac805c7bc72f3718489d6a9cb2787af8c93a17ddeb1a19211ab23604d47b7646
|
|
public = 30819b301006072a8648ce3d020106052b81040023038186000401f586611c87150288c3e86116c5db94a26718978829d701ddac05e9b0ce22dee4b18e95f60cba783ed3384da373deaefc57b8265d3a34eeb458bf24b9d82be32819008456e0f1d80492ef0078cc246d32fc7c7fb6720b4d458b51b2098d35746752b0ef0345bd0d342dfee6dd2f12ed12b34bd95d058c2811fd479d2dde32180e6c9ef2
|
|
result = valid
|
|
shared = 01ffffff00000001fffffffc00000007fffffff00000001fffffffc00000007fffffff00000001fffffffc00000007fffffff00000001fffffffc000000080000002
|
|
|
|
# tcId = 246
|
|
# edge cases for shared secret
|
|
curve = secp521r1
|
|
private = 0a2b6442a37f8a3759d2cb91df5eca75af6b89e27baf2f6cbf971dee5058ffa9d8dac805c7bc72f3718489d6a9cb2787af8c93a17ddeb1a19211ab23604d47b7646
|
|
public = 30819b301006072a8648ce3d020106052b810400230381860004015edc87fd499a73eabffd14d2b6a70a8fb69b6a39d0d9c4dda2337b53cc72e49a9e3d5a2d9e8930cfa11852dac33443227fba6684bd74732e6879884b6ef9dae98f010eeb8d2e3360ea9726628085268af3f2a05ad41235d0a892098bd661b636f7ef0a820282906eda3f1ff1980b98fb5937228e9edcd6332e3641216c7307e7f3f452
|
|
result = valid
|
|
shared = 01fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffd
|
|
|
|
# tcId = 247
|
|
# edge cases for shared secret
|
|
curve = secp521r1
|
|
private = 0a2b6442a37f8a3759d2cb91df5eca75af6b89e27baf2f6cbf971dee5058ffa9d8dac805c7bc72f3718489d6a9cb2787af8c93a17ddeb1a19211ab23604d47b7646
|
|
public = 30819b301006072a8648ce3d020106052b8104002303818600040131b43002f7e687eec1ecf6a253c2ccc9e48f04d86fccd18fee0d2d22191f1ea539c40d521970b4709dc03986f647e0e8bb3340cf8a3e643a3541035437cf25f01500b27a55ac45f0296f8c9656bcfd52b5cea9f4115c06e4c64319609847d45e92418400e7868672c0d3e6e5e6e004a7190476ed77cfc33ad19a4bd2c615ad9950f374
|
|
result = valid
|
|
shared = 01fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe
|
|
|
|
# tcId = 248
|
|
# edge cases for ephemeral key
|
|
curve = secp521r1
|
|
private = 12bc15cf3981eab6102c39f9a925aa130763d01ed6edaf14306eb0a14dd75dff504070def7b88d8b165082f69992de0ffa5ee922cb3ab39917da8524cac73f0a09c
|
|
public = 30819b301006072a8648ce3d020106052b81040023038186000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d20ec9fea6b577c10d26ca1bb446f40b299e648b1ad508aad068896fee3f8e614bc63054d5772bf01a65d412e0bcaa8e965d2f5d332d7f39f846d440ae001f4f87
|
|
result = valid
|
|
shared = 0053bf137fee8922769f8d0fe279caa4dac9c6054ad0460995588a845d0a959e24bc0fc2391a2b92f7bd400f50a11a9db37f07bef7fa8dad2a903fcf534abc8736f7
|
|
|
|
# tcId = 249
|
|
# edge cases for ephemeral key
|
|
curve = secp521r1
|
|
private = 12bc15cf3981eab6102c39f9a925aa130763d01ed6edaf14306eb0a14dd75dff504070def7b88d8b165082f69992de0ffa5ee922cb3ab39917da8524cac73f0a09c
|
|
public = 30819b301006072a8648ce3d020106052b8104002303818600040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010010e59be93c4f269c0269c79e2afd65d6aeaa9b701eacc194fb3ee03df47849bf550ec636ebee0ddd4a16f1cd9406605af38f584567770e3f272d688c832e843564
|
|
result = valid
|
|
shared = 01c95ac417c90a520149b29105cdab36f528a23efb5621520dbdafea95a7d43499c4c8be02cd1c2de000da18104fa84a1e9ece6386f0e0efa5234a24595d7c4c96f4
|
|
|
|
# tcId = 250
|
|
# edge cases for ephemeral key
|
|
curve = secp521r1
|
|
private = 12bc15cf3981eab6102c39f9a925aa130763d01ed6edaf14306eb0a14dd75dff504070def7b88d8b165082f69992de0ffa5ee922cb3ab39917da8524cac73f0a09c
|
|
public = 30819b301006072a8648ce3d020106052b81040023038186000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200d9254fdf800496acb33790b103c5ee9fac12832fe546c632225b0f7fce3da4574b1a879b623d722fa8fc34d5fc2a8731aad691a9a8bb8b554c95a051d6aa505acf
|
|
result = valid
|
|
shared = 01b47ec41e3a5abd9dd9808fc04d9078cbed72b9eba98d3c1ded70a29938f0efd5a27a7113ff721f122cb17411de307a355c685074f5766b6d1a033d2fa188c945b6
|
|
|
|
# tcId = 251
|
|
# edge cases for ephemeral key
|
|
curve = secp521r1
|
|
private = 12bc15cf3981eab6102c39f9a925aa130763d01ed6edaf14306eb0a14dd75dff504070def7b88d8b165082f69992de0ffa5ee922cb3ab39917da8524cac73f0a09c
|
|
public = 30819b301006072a8648ce3d020106052b810400230381860004000000ffffffffffffff00000000000000ffffffffffffff00000000000000ffffffffffffff00000000000000ffffffffffffff000000000000010000000000000000f33ffc45da3eac1baab727ab8fd355cfa134c42047d55262651654fb50df7e9a5a75f179c8c86c4388213b5687dc43dfebb37f30128703c44ccd5c3284833b8717
|
|
result = valid
|
|
shared = 0168df272d53e3161926168c4aeab5f355b8d2a6689cfd567f2b6eb2011a18c775ac2a21f8dd497f6957217020b3b1afcb7021f24fccc2523be76a2bff44596e5a14
|
|
|
|
# tcId = 252
|
|
# edge cases for ephemeral key
|
|
curve = secp521r1
|
|
private = 12bc15cf3981eab6102c39f9a925aa130763d01ed6edaf14306eb0a14dd75dff504070def7b88d8b165082f69992de0ffa5ee922cb3ab39917da8524cac73f0a09c
|
|
public = 30819b301006072a8648ce3d020106052b81040023038186000400003fffffff00000003fffffff00000003fffffff00000003fffffff00000003fffffff00000003fffffff00000003fffffff00000003fffffff00000003fffffff00cd2839d857b4699f5c8e8a0194786e26a862f086b4ba80746ae5225ed3aa68f96b7aaec55225830bb98f52d75221141897ba49d7a31ebbf0b6d7d31352e5266190
|
|
result = valid
|
|
shared = 013db1b9241b23d33860d32dec37a79e4546a41afdfdd9c438d04e1f8b566ac8d9d3f572c293e96943722a4ee290e113fffaa82a61867d9ca28d349982354c9b256f
|
|
|
|
# tcId = 253
|
|
# edge cases for ephemeral key
|
|
curve = secp521r1
|
|
private = 12bc15cf3981eab6102c39f9a925aa130763d01ed6edaf14306eb0a14dd75dff504070def7b88d8b165082f69992de0ffa5ee922cb3ab39917da8524cac73f0a09c
|
|
public = 30819b301006072a8648ce3d020106052b810400230381860004010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000813d9829119f42ffa95fea8ba9e81e4cd6a6ca97fb0778e12e5f5dfe35201dd4cca8eca0d2e395555997041381e6ac1f18ddf4c74e0b6e9041cfdca1d1c103091
|
|
result = valid
|
|
shared = 01d2bbe9f754584ebbc7c7ad74136d1c8a144948948aa8be49989dd9b4c514db2e2ab1e0713ad1699f632dd2cea53da218ed549f030a113e282fd9e3be462d9aba84
|
|
|
|
# tcId = 254
|
|
# edge cases for ephemeral key
|
|
curve = secp521r1
|
|
private = 12bc15cf3981eab6102c39f9a925aa130763d01ed6edaf14306eb0a14dd75dff504070def7b88d8b165082f69992de0ffa5ee922cb3ab39917da8524cac73f0a09c
|
|
public = 30819b301006072a8648ce3d020106052b810400230381860004010000003ffffff0000003ffffff0000003ffffff0000003ffffff0000003ffffff0000003ffffff0000003ffffff0000003ffffff0000003ffffff0000003ffffff00878ad597d290db2cf660594aeed0f9b7c8dd68451d2d1b2cbc816b1ec4f35465b3964aff2edf1255163f5fca580132f85cade2887a017e7cd0b37196ad85221107
|
|
result = valid
|
|
shared = 000f37a2e2caef54fff4126c0fa96e7c47f0cad74626ef91e589e12d2e1e8c221be7295be9dc2712b87bb0aa0f5880b738bc1242f2ba773bf9eb2a54e3c1ca4758d7
|
|
|
|
# tcId = 255
|
|
# edge cases for ephemeral key
|
|
curve = secp521r1
|
|
private = 12bc15cf3981eab6102c39f9a925aa130763d01ed6edaf14306eb0a14dd75dff504070def7b88d8b165082f69992de0ffa5ee922cb3ab39917da8524cac73f0a09c
|
|
public = 30819b301006072a8648ce3d020106052b81040023038186000401ff00000000000000000000000000000000ffffffffffffffffffffffffffffffff000000000000000000000000000000010000000000000000000000000000000000b5e1191b449fa1ebdbd677daa48f90e2d1d6c058c877087cafd9364d99dbb283c68402e6e6c5f5411b2ed42824d8b280ceb910aba6847883a7e3780e2132af41c1
|
|
result = valid
|
|
shared = 017aeb254d9c8c8ee06215ff33811357da73bf7f6dd6d7f8f176d62c065a88a9005f680c630e9f2763585ea2ee76b6e4ab45e673f814ebfa95947c0c63fb24fa6e9b
|
|
|
|
# tcId = 256
|
|
# edge cases for ephemeral key
|
|
curve = secp521r1
|
|
private = 12bc15cf3981eab6102c39f9a925aa130763d01ed6edaf14306eb0a14dd75dff504070def7b88d8b165082f69992de0ffa5ee922cb3ab39917da8524cac73f0a09c
|
|
public = 30819b301006072a8648ce3d020106052b81040023038186000401ff0000000000000000ffffffffffffffff0000000000000000ffffffffffffffff0000000000000000ffffffffffffffff0000000000000000ffffffffffffffff00207513d615656a1cc7505c18aa21b08e2b1d5a841de0816cc29c004efdb2d902ac1a7bb05e20722b576b64a3ddf4d2486421ac706bf4a424f252386368a5340fb6
|
|
result = valid
|
|
shared = 0061bed42248a37b4625ef04c4f9c7ef69ee3c6f9503378351fcab1b8ce1343206997eec1b88449eb6f7355711ea1a818a486ee30a24126241a7e2289267cf5dd61f
|
|
|
|
# tcId = 257
|
|
# edge cases for ephemeral key
|
|
curve = secp521r1
|
|
private = 12bc15cf3981eab6102c39f9a925aa130763d01ed6edaf14306eb0a14dd75dff504070def7b88d8b165082f69992de0ffa5ee922cb3ab39917da8524cac73f0a09c
|
|
public = 30819b301006072a8648ce3d020106052b81040023038186000401ff00000000ffffffff00000000ffffffff00000000ffffffff00000000ffffffff00000000ffffffff00000000ffffffff00000000ffffffff00000000ffffffff001fe800c50e54012b75a33e4be7d07c8d60f29680a395e951a6a31c5096b0ea928fc2cbf327dd784dc0a7ca46ea73992b758b5641364b4aba39e93798a4d925a008
|
|
result = valid
|
|
shared = 001067d9104e296ef42b944587de11b10df05d2d959ed44cac9e7ef1c7a05d90819c43bc79c7397918f957cc98db931763bbeb1bdfc35865e8a359a013f13d60c433
|
|
|
|
# tcId = 258
|
|
# edge cases for ephemeral key
|
|
curve = secp521r1
|
|
private = 12bc15cf3981eab6102c39f9a925aa130763d01ed6edaf14306eb0a14dd75dff504070def7b88d8b165082f69992de0ffa5ee922cb3ab39917da8524cac73f0a09c
|
|
public = 30819b301006072a8648ce3d020106052b81040023038186000401ff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff0000ffff00010000008dd18a1f5e482140be79bb65a21ad60c8987e532c84345f0135affd46ec71ef02b1ca3ad56f301d955fa306c122d441d6fedcf8b855ef256350bf69d23a7207ad9
|
|
result = valid
|
|
shared = 00b779d83035cf7bb0bb04c7b2f46d08f6791f0d1542c9bcce7250e772b12ad8e38fce1d2b063a06f0fa3a1b072dd976f5f8542979903075162f1f5c6ba3b76cc45d
|
|
|
|
# tcId = 259
|
|
# edge cases for ephemeral key
|
|
curve = secp521r1
|
|
private = 12bc15cf3981eab6102c39f9a925aa130763d01ed6edaf14306eb0a14dd75dff504070def7b88d8b165082f69992de0ffa5ee922cb3ab39917da8524cac73f0a09c
|
|
public = 30819b301006072a8648ce3d020106052b81040023038186000401ffc000001ffffff8000003ffffff0000007fffffe000000ffffffc000001ffffff8000003ffffff0000007fffffe000000ffffffc000001ffffff800000400000100566203dd325a081c4441f001f780365874fd3d0c9bc47227481afe76a93ae1bfde63af972203abfe22c63b80e83f7cc2184c3cb8cfd0152c54324c4759fd1f9a50
|
|
result = valid
|
|
shared = 01afe5d23733728b79c743933b9ba7dfec5ed19b7737e393908a1d000918aa795d1ce0ad533983d018f927b35d2af6463356573f387febd75911a49486202ca69d3a
|
|
|
|
# tcId = 260
|
|
# edge cases for ephemeral key
|
|
curve = secp521r1
|
|
private = 12bc15cf3981eab6102c39f9a925aa130763d01ed6edaf14306eb0a14dd75dff504070def7b88d8b165082f69992de0ffa5ee922cb3ab39917da8524cac73f0a09c
|
|
public = 30819b301006072a8648ce3d020106052b81040023038186000401ffc0007fff0001fffc0007fff0001fffc0007fff0001fffc0007fff0001fffc0007fff0001fffc0007fff0001fffc0007fff0001fffc0007fff0001fffc0007fff00b11c668fbd549f36889f7b63434051da26f15705839136b1b14a09152d7a182ea7806c35478a32d3aa3c9c1627a61519ebec71b36fa77449025b8829e27f307834
|
|
result = valid
|
|
shared = 019612aeb386febb1a28096fe5b2f682dead02389785225b80a27df439510d08349a193839525f248b7f9bcabfd3dc8da8cc1724022299b7b5e72399d89464b82e44
|
|
|
|
# tcId = 261
|
|
# edge cases for ephemeral key
|
|
curve = secp521r1
|
|
private = 12bc15cf3981eab6102c39f9a925aa130763d01ed6edaf14306eb0a14dd75dff504070def7b88d8b165082f69992de0ffa5ee922cb3ab39917da8524cac73f0a09c
|
|
public = 30819b301006072a8648ce3d020106052b81040023038186000401ffffff00000001fffffffc00000007fffffff00000001fffffffc00000007fffffff00000001fffffffc00000007fffffff00000001fffffffc00000008000000200aa75efc0a8daac1d73f32c9c552414bccf44af8e74331b47439e7dcc49a135b3ee61e9f69717d89b4bba3567a195aeda13fbec634bf2984b5ec6b6f80f5978ed5a
|
|
result = valid
|
|
shared = 00570673f87adcef49c1f011e8b9f1e11f7fd3b3c93114d08d3f515aa4a895a6c701c523063bdc13ad1db0a54f6e7b476fe10db2070441befc58c8cff3c08ef76e59
|
|
|
|
# tcId = 262
|
|
# edge cases for ephemeral key
|
|
curve = secp521r1
|
|
private = 12bc15cf3981eab6102c39f9a925aa130763d01ed6edaf14306eb0a14dd75dff504070def7b88d8b165082f69992de0ffa5ee922cb3ab39917da8524cac73f0a09c
|
|
public = 30819b301006072a8648ce3d020106052b81040023038186000401fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffd0010e59be93c4f269c0269c79e2afd65d6aeaa9b701eacc194fb3ee03df47849bf550ec636ebee0ddd4a16f1cd9406605af38f584567770e3f272d688c832e843564
|
|
result = valid
|
|
shared = 0016aaf228b0aec190d4e4e5b8138ff9cc46d705da1bf002901c6ab420f59314d5b641712b14ef3e4fb125652c47888676804fb5575b741a8408c5625bfccff4fdda
|
|
|
|
# tcId = 263
|
|
# edge cases for ephemeral key
|
|
curve = secp521r1
|
|
private = 12bc15cf3981eab6102c39f9a925aa130763d01ed6edaf14306eb0a14dd75dff504070def7b88d8b165082f69992de0ffa5ee922cb3ab39917da8524cac73f0a09c
|
|
public = 30819b301006072a8648ce3d020106052b81040023038186000401fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe00d9254fdf800496acb33790b103c5ee9fac12832fe546c632225b0f7fce3da4574b1a879b623d722fa8fc34d5fc2a8731aad691a9a8bb8b554c95a051d6aa505acf
|
|
result = valid
|
|
shared = 00a5d6dfda2b269f4ab895a41c3b71b6ba10d5c9f0d9b3e730275345e4721594abfd39464c227716ded8ef3e60bb1ca0b551716e3f6eebb48d5ce8e0ab58cb1b73c9
|
|
|
|
# tcId = 264
|
|
# edge case private key
|
|
curve = secp521r1
|
|
private = 3
|
|
public = 30819b301006072a8648ce3d020106052b81040023038186000401ad5043591dbe81657fe3d1c3d7a516606ad9d320a35fce8aaec8a950fb53f95388f3fc48be998e99334ad9e9234cded14471fe86caccaa07d058ee8771733ac3b900854de36366590b9ee4d0370ea6b00f7ebd8156ccf14e99f1a5344a9b4964fbb8348b081a8840c6b64be77997ad8bebfea5e7d9f7a6a7fa6d7655c50b2b7835f314
|
|
result = valid
|
|
shared = 00f2246431b597930f2eae61e9aabbd39f8f6ae97c3cf2521a6aeecedda10b5ef5f3b2eb3a8906d02f51d244710aa9e19cc0be21db920132be1c91deb85e466c28df
|
|
|
|
# tcId = 265
|
|
# edge case private key
|
|
curve = secp521r1
|
|
private = 1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
|
|
public = 30819b301006072a8648ce3d020106052b81040023038186000401ad5043591dbe81657fe3d1c3d7a516606ad9d320a35fce8aaec8a950fb53f95388f3fc48be998e99334ad9e9234cded14471fe86caccaa07d058ee8771733ac3b900854de36366590b9ee4d0370ea6b00f7ebd8156ccf14e99f1a5344a9b4964fbb8348b081a8840c6b64be77997ad8bebfea5e7d9f7a6a7fa6d7655c50b2b7835f314
|
|
result = valid
|
|
shared = 00347c51f587c726070bdeb9173d0a547427ead3f2c8de62d9ecc3013285f645d220931520bcef85d08cfb6786045745fbfbfb1924c44a89d06676131a965677272a
|
|
|
|
# tcId = 266
|
|
# edge case private key
|
|
curve = secp521r1
|
|
private = 200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
|
|
public = 30819b301006072a8648ce3d020106052b81040023038186000401ad5043591dbe81657fe3d1c3d7a516606ad9d320a35fce8aaec8a950fb53f95388f3fc48be998e99334ad9e9234cded14471fe86caccaa07d058ee8771733ac3b900854de36366590b9ee4d0370ea6b00f7ebd8156ccf14e99f1a5344a9b4964fbb8348b081a8840c6b64be77997ad8bebfea5e7d9f7a6a7fa6d7655c50b2b7835f314
|
|
result = valid
|
|
shared = 01c41dc4437c2f2b94a940711b3a691723397a1f83d6bc0c67ddc7a657160925c7f85bb4eb3842b60b2610ddb7c0b8676267710e58359a8750843c6d8e25d48d1cd9
|
|
|
|
# tcId = 267
|
|
# edge case private key
|
|
curve = secp521r1
|
|
private = 0ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
|
|
public = 30819b301006072a8648ce3d020106052b81040023038186000401ad5043591dbe81657fe3d1c3d7a516606ad9d320a35fce8aaec8a950fb53f95388f3fc48be998e99334ad9e9234cded14471fe86caccaa07d058ee8771733ac3b900854de36366590b9ee4d0370ea6b00f7ebd8156ccf14e99f1a5344a9b4964fbb8348b081a8840c6b64be77997ad8bebfea5e7d9f7a6a7fa6d7655c50b2b7835f314
|
|
result = valid
|
|
shared = 006a239cdb7a783840658d5f314bfe5c51e806a4bf1236f8421265bcc503c673eb16c5c2b38b5717fa04ee7dbcdeb15c871711507abb7557a8a8c7b3250141e854d5
|
|
|
|
# tcId = 268
|
|
# edge case private key
|
|
curve = secp521r1
|
|
private = 10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
|
|
public = 30819b301006072a8648ce3d020106052b81040023038186000401ad5043591dbe81657fe3d1c3d7a516606ad9d320a35fce8aaec8a950fb53f95388f3fc48be998e99334ad9e9234cded14471fe86caccaa07d058ee8771733ac3b900854de36366590b9ee4d0370ea6b00f7ebd8156ccf14e99f1a5344a9b4964fbb8348b081a8840c6b64be77997ad8bebfea5e7d9f7a6a7fa6d7655c50b2b7835f314
|
|
result = valid
|
|
shared = 0112dbf9713aadd478e4f2ebcb058f05b512b1959c7da1994f851f373ce8c341d39c6843373f6fe559905953e1147640159437953c571961c09bad157a8e1a5bf476
|
|
|
|
# tcId = 269
|
|
# edge case private key
|
|
curve = secp521r1
|
|
private = 1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47adbb6fb71e91386409
|
|
public = 30819b301006072a8648ce3d020106052b81040023038186000401ad5043591dbe81657fe3d1c3d7a516606ad9d320a35fce8aaec8a950fb53f95388f3fc48be998e99334ad9e9234cded14471fe86caccaa07d058ee8771733ac3b900854de36366590b9ee4d0370ea6b00f7ebd8156ccf14e99f1a5344a9b4964fbb8348b081a8840c6b64be77997ad8bebfea5e7d9f7a6a7fa6d7655c50b2b7835f314
|
|
result = valid
|
|
shared = 003eca2210c8623105085aa284d119f3d716730595c6291aa89bf32a95e8a5fdc64f3d76e92494a43a9dced12d05b6dca4ffe649b32ac12cb0202e702dc83a2cb277
|
|
|
|
# tcId = 270
|
|
# edge case private key
|
|
curve = secp521r1
|
|
private = 1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb5fb71e91386409
|
|
public = 30819b301006072a8648ce3d020106052b81040023038186000401ad5043591dbe81657fe3d1c3d7a516606ad9d320a35fce8aaec8a950fb53f95388f3fc48be998e99334ad9e9234cded14471fe86caccaa07d058ee8771733ac3b900854de36366590b9ee4d0370ea6b00f7ebd8156ccf14e99f1a5344a9b4964fbb8348b081a8840c6b64be77997ad8bebfea5e7d9f7a6a7fa6d7655c50b2b7835f314
|
|
result = valid
|
|
shared = 01c4cae9fbfdd45de51d8525e8447a7553c35cf358f1346f1d79666887bb749a3ba0de62e1866b47a447d53b6f1ca5a33ec94507e2cfb65544f5a1195fc6b4dc5810
|
|
|
|
# tcId = 271
|
|
# edge case private key
|
|
curve = secp521r1
|
|
private = 1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb67b71e91386409
|
|
public = 30819b301006072a8648ce3d020106052b81040023038186000401ad5043591dbe81657fe3d1c3d7a516606ad9d320a35fce8aaec8a950fb53f95388f3fc48be998e99334ad9e9234cded14471fe86caccaa07d058ee8771733ac3b900854de36366590b9ee4d0370ea6b00f7ebd8156ccf14e99f1a5344a9b4964fbb8348b081a8840c6b64be77997ad8bebfea5e7d9f7a6a7fa6d7655c50b2b7835f314
|
|
result = valid
|
|
shared = 008073b4796e748f3d0de5e85b22aed463f1a6aecdb336bc287b50d139e3591ef5f86b78c3f6051467755f059f295d758075347d657aaae02383838bb96071eacbd4
|
|
|
|
# tcId = 272
|
|
# edge case private key
|
|
curve = secp521r1
|
|
private = 1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71d91386409
|
|
public = 30819b301006072a8648ce3d020106052b81040023038186000401ad5043591dbe81657fe3d1c3d7a516606ad9d320a35fce8aaec8a950fb53f95388f3fc48be998e99334ad9e9234cded14471fe86caccaa07d058ee8771733ac3b900854de36366590b9ee4d0370ea6b00f7ebd8156ccf14e99f1a5344a9b4964fbb8348b081a8840c6b64be77997ad8bebfea5e7d9f7a6a7fa6d7655c50b2b7835f314
|
|
result = valid
|
|
shared = 01f11ff8983792d4a790d0de4b56d078b9033ad6318a440e8119342937cc48a39375150ab2cf98273b0fe35d5a3af5d84322a685e89f2cb378a99b9b7bac87e44952
|
|
|
|
# tcId = 273
|
|
# edge case private key
|
|
curve = secp521r1
|
|
private = 1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e9138631b
|
|
public = 30819b301006072a8648ce3d020106052b81040023038186000401ad5043591dbe81657fe3d1c3d7a516606ad9d320a35fce8aaec8a950fb53f95388f3fc48be998e99334ad9e9234cded14471fe86caccaa07d058ee8771733ac3b900854de36366590b9ee4d0370ea6b00f7ebd8156ccf14e99f1a5344a9b4964fbb8348b081a8840c6b64be77997ad8bebfea5e7d9f7a6a7fa6d7655c50b2b7835f314
|
|
result = valid
|
|
shared = 00286cefaaf38ca4c6657eb9b187d8614d51775fd71c1a79b4c0ef1a0d4ce72b6f5b2bc854a4e78283530942a3f4fd2a8586d5ea51513c89d3d29de5de06321e118e
|
|
# The private key has a special value. Implementations using addition
|
|
# subtraction chains for the point multiplication may get the point at infinity
|
|
# as an intermediate result. See CVE_2017_10176
|
|
|
|
# tcId = 274
|
|
# edge case private key
|
|
curve = secp521r1
|
|
private = 1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e9138639b
|
|
public = 30819b301006072a8648ce3d020106052b81040023038186000401ad5043591dbe81657fe3d1c3d7a516606ad9d320a35fce8aaec8a950fb53f95388f3fc48be998e99334ad9e9234cded14471fe86caccaa07d058ee8771733ac3b900854de36366590b9ee4d0370ea6b00f7ebd8156ccf14e99f1a5344a9b4964fbb8348b081a8840c6b64be77997ad8bebfea5e7d9f7a6a7fa6d7655c50b2b7835f314
|
|
result = valid
|
|
shared = 014790de14c481f1336fcb7d33a8bf8e23eb594cc48608e9edfe0e326e106b67e7eaa3f04ec9985599178f632a5ee6419e11217060e9fcd5958a43882bf8cd3be6ba
|
|
# The private key has a special value. Implementations using addition
|
|
# subtraction chains for the point multiplication may get the point at infinity
|
|
# as an intermediate result. See CVE_2017_10176
|
|
|
|
# tcId = 275
|
|
# edge case private key
|
|
curve = secp521r1
|
|
private = 1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e913863db
|
|
public = 30819b301006072a8648ce3d020106052b81040023038186000401ad5043591dbe81657fe3d1c3d7a516606ad9d320a35fce8aaec8a950fb53f95388f3fc48be998e99334ad9e9234cded14471fe86caccaa07d058ee8771733ac3b900854de36366590b9ee4d0370ea6b00f7ebd8156ccf14e99f1a5344a9b4964fbb8348b081a8840c6b64be77997ad8bebfea5e7d9f7a6a7fa6d7655c50b2b7835f314
|
|
result = valid
|
|
shared = 01ae775dbc4096a3aea7977b1a0af4b2830ecf9ca927a6247fba4cccb46b3f71d0e7abb8dda72d1c1ee7bb5b875b4773cc8df40f732819c4147da330775d1742ea35
|
|
# The private key has a special value. Implementations using addition
|
|
# subtraction chains for the point multiplication may get the point at infinity
|
|
# as an intermediate result. See CVE_2017_10176
|
|
|
|
# tcId = 276
|
|
# edge case private key
|
|
curve = secp521r1
|
|
private = 1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e913863fb
|
|
public = 30819b301006072a8648ce3d020106052b81040023038186000401ad5043591dbe81657fe3d1c3d7a516606ad9d320a35fce8aaec8a950fb53f95388f3fc48be998e99334ad9e9234cded14471fe86caccaa07d058ee8771733ac3b900854de36366590b9ee4d0370ea6b00f7ebd8156ccf14e99f1a5344a9b4964fbb8348b081a8840c6b64be77997ad8bebfea5e7d9f7a6a7fa6d7655c50b2b7835f314
|
|
result = valid
|
|
shared = 01979fb05e068a12a3f20cfdfb9eaee9f22b356edcc7655383ed38124b86814f86a6f2216a34f3fc2299d403ee42408f95d08c5c6cd11db72cbf299a4a3c2545be25
|
|
# The private key has a special value. Implementations using addition
|
|
# subtraction chains for the point multiplication may get the point at infinity
|
|
# as an intermediate result. See CVE_2017_10176
|
|
|
|
# tcId = 277
|
|
# edge case private key
|
|
curve = secp521r1
|
|
private = 1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386403
|
|
public = 30819b301006072a8648ce3d020106052b81040023038186000401ad5043591dbe81657fe3d1c3d7a516606ad9d320a35fce8aaec8a950fb53f95388f3fc48be998e99334ad9e9234cded14471fe86caccaa07d058ee8771733ac3b900854de36366590b9ee4d0370ea6b00f7ebd8156ccf14e99f1a5344a9b4964fbb8348b081a8840c6b64be77997ad8bebfea5e7d9f7a6a7fa6d7655c50b2b7835f314
|
|
result = valid
|
|
shared = 0197ebe26798bf67f06ff0282773af75115531f41d94c093d87481b76bef707bc222f2d6672f84a00fa20c5ed27027ab4006b68d93ee2151016c9ddbe014346272e2
|
|
# The private key has a special value. Implementations using addition
|
|
# subtraction chains for the point multiplication may get the point at infinity
|
|
# as an intermediate result. See CVE_2017_10176
|
|
|
|
# tcId = 278
|
|
# edge case private key
|
|
curve = secp521r1
|
|
private = 1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386406
|
|
public = 30819b301006072a8648ce3d020106052b81040023038186000401ad5043591dbe81657fe3d1c3d7a516606ad9d320a35fce8aaec8a950fb53f95388f3fc48be998e99334ad9e9234cded14471fe86caccaa07d058ee8771733ac3b900854de36366590b9ee4d0370ea6b00f7ebd8156ccf14e99f1a5344a9b4964fbb8348b081a8840c6b64be77997ad8bebfea5e7d9f7a6a7fa6d7655c50b2b7835f314
|
|
result = valid
|
|
shared = 00f2246431b597930f2eae61e9aabbd39f8f6ae97c3cf2521a6aeecedda10b5ef5f3b2eb3a8906d02f51d244710aa9e19cc0be21db920132be1c91deb85e466c28df
|
|
|
|
# tcId = 279
|
|
# edge case private key
|
|
curve = secp521r1
|
|
private = 1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386407
|
|
public = 30819b301006072a8648ce3d020106052b81040023038186000401ad5043591dbe81657fe3d1c3d7a516606ad9d320a35fce8aaec8a950fb53f95388f3fc48be998e99334ad9e9234cded14471fe86caccaa07d058ee8771733ac3b900854de36366590b9ee4d0370ea6b00f7ebd8156ccf14e99f1a5344a9b4964fbb8348b081a8840c6b64be77997ad8bebfea5e7d9f7a6a7fa6d7655c50b2b7835f314
|
|
result = valid
|
|
shared = 01c168314cdc85757ade34a52a9e5379ffa5968f084b7e404939a8033a0fc698e26211754b9b2c04cf8a1420abe6e986ef1a238bbb91dd402b72e0ed50a876f1a83e
|
|
# The private key has a special value. Implementations using addition
|
|
# subtraction chains for the point multiplication may get the point at infinity
|
|
# as an intermediate result. See CVE_2017_10176
|
|
|
|
# tcId = 280
|
|
# CVE-2017-10176: Issue with elliptic curve addition
|
|
curve = secp521r1
|
|
private = 1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e913863f7
|
|
public = 30819b301006072a8648ce3d020106052b81040023038186000400c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650
|
|
result = valid
|
|
shared = 01bc33425e72a12779eacb2edcc5b63d1281f7e86dbc7bf99a7abd0cfe367de4666d6edbb8525bffe5222f0702c3096dec0884ce572f5a15c423fdf44d01dd99c61d
|
|
# This test vector leads to an EC point multiplication where an intermediate
|
|
# result can be the point at infinity, if addition-subtraction chains are used
|
|
# to speed up the point multiplication.
|
|
|
|
# tcId = 281
|
|
# public point not on curve
|
|
curve = secp521r1
|
|
private = 1396a99a337821d8c92d75f562793c70afa4074ae5e6dad2bd2cc6aea8f36f6c45ddde73931440d229f340093ab8c6fb3f20d20999a37371fe92104692136d019b7
|
|
public = 30819b301006072a8648ce3d020106052b81040023038186000400c2a43ac3742b09e006c2dfc9c36444d7e699f567a73f674ce257330b312dd7a8a04fbe92d1d9acbcc65f6184711ada5bf39f6e11e0cbde98f1640d099eb90dfce701802d7755c2fe3180848d4a70b170096ec64eba99b478ba7f6fc129b0566279b8e1ab7962fa912fc4ae53b5202a03520617843dc63e5cb5f956ec7f1453d0865fe1
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 282
|
|
# public point = (0,0)
|
|
curve = secp521r1
|
|
private = 1396a99a337821d8c92d75f562793c70afa4074ae5e6dad2bd2cc6aea8f36f6c45ddde73931440d229f340093ab8c6fb3f20d20999a37371fe92104692136d019b7
|
|
public = 30819b301006072a8648ce3d020106052b810400230381860004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 283
|
|
# order =
|
|
# -6864797660130609714981900799081393217269435300143305409394463459185543183397655394245057746333217197532963996371363321113864768612440380340372808892707005449
|
|
curve = secp521r1
|
|
private = 1396a99a337821d8c92d75f562793c70afa4074ae5e6dad2bd2cc6aea8f36f6c45ddde73931440d229f340093ab8c6fb3f20d20999a37371fe92104692136d019b7
|
|
public = 30820245308201b806072a8648ce3d0201308201ab020101304d06072a8648ce3d0101024201ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff308187044201fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc044151953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f000481850400c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd166500242fe000000000000000000000000000000000000000000000000000000000000000005ae79787c40d069948033feb708f65a2fc44a36477663b851449048e16ec79bf7020101038186000400c2a43ac3742b09e006c2dfc9c36444d7e699f567a73f674ce257330b312dd7a8a04fbe92d1d9acbcc65f6184711ada5bf39f6e11e0cbde98f1640d099eb90dfce701802d7755c2fe3180848d4a70b170096ec64eba99b478ba7f6fc129b0566279b8e1ab7962fa912fc4ae53b5202a03520617843dc63e5cb5f956ec7f1453d0865fdf
|
|
result = invalid
|
|
shared = 00fb8542487cbd45e609632f681db6b48fdabed9b97a2467a34205eadadad9dedb54a2a647d23dca68e929a2041888b091f4bb4023a0517be669a6c9f9c847ef89de
|
|
# The order of the public key has been modified. If this order is used in a
|
|
# cryptographic primitive instead of the correct order then private keys may
|
|
# leak. E.g. ECDHC in BC 1.52 suffered from this.
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 284
|
|
# order = 0
|
|
curve = secp521r1
|
|
private = 1396a99a337821d8c92d75f562793c70afa4074ae5e6dad2bd2cc6aea8f36f6c45ddde73931440d229f340093ab8c6fb3f20d20999a37371fe92104692136d019b7
|
|
public = 308202043082017706072a8648ce3d02013082016a020101304d06072a8648ce3d0101024201ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff308187044201fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc044151953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f000481850400c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650020100020101038186000400c2a43ac3742b09e006c2dfc9c36444d7e699f567a73f674ce257330b312dd7a8a04fbe92d1d9acbcc65f6184711ada5bf39f6e11e0cbde98f1640d099eb90dfce701802d7755c2fe3180848d4a70b170096ec64eba99b478ba7f6fc129b0566279b8e1ab7962fa912fc4ae53b5202a03520617843dc63e5cb5f956ec7f1453d0865fdf
|
|
result = invalid
|
|
shared =
|
|
# The order of the public key has been modified. If this order is used in a
|
|
# cryptographic primitive instead of the correct order then private keys may
|
|
# leak. E.g. ECDHC in BC 1.52 suffered from this.
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 285
|
|
# order = 1
|
|
curve = secp521r1
|
|
private = 1396a99a337821d8c92d75f562793c70afa4074ae5e6dad2bd2cc6aea8f36f6c45ddde73931440d229f340093ab8c6fb3f20d20999a37371fe92104692136d019b7
|
|
public = 308202043082017706072a8648ce3d02013082016a020101304d06072a8648ce3d0101024201ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff308187044201fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc044151953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f000481850400c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650020101020101038186000400c2a43ac3742b09e006c2dfc9c36444d7e699f567a73f674ce257330b312dd7a8a04fbe92d1d9acbcc65f6184711ada5bf39f6e11e0cbde98f1640d099eb90dfce701802d7755c2fe3180848d4a70b170096ec64eba99b478ba7f6fc129b0566279b8e1ab7962fa912fc4ae53b5202a03520617843dc63e5cb5f956ec7f1453d0865fdf
|
|
result = acceptable
|
|
shared = 00fb8542487cbd45e609632f681db6b48fdabed9b97a2467a34205eadadad9dedb54a2a647d23dca68e929a2041888b091f4bb4023a0517be669a6c9f9c847ef89de
|
|
# The order of the public key has been modified. If this order is used in a
|
|
# cryptographic primitive instead of the correct order then private keys may
|
|
# leak. E.g. ECDHC in BC 1.52 suffered from this.
|
|
# A parameter that is typically not used for ECDH has been modified. Sometimes
|
|
# libraries ignore small differences between public and private key. For
|
|
# example, a library might ignore an incorrect cofactor in the public key. We
|
|
# consider ignoring such changes as acceptable as long as these differences do
|
|
# not change the outcome of the ECDH computation, i.e. as long as the
|
|
# computation is done on the curve from the private key.
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 286
|
|
# order =
|
|
# 1598335257761788022467377781654101148543282249044465229239888363328190330275719844327554513312228302828260696579553960150541916632196023208175974174
|
|
curve = secp521r1
|
|
private = 1396a99a337821d8c92d75f562793c70afa4074ae5e6dad2bd2cc6aea8f36f6c45ddde73931440d229f340093ab8c6fb3f20d20999a37371fe92104692136d019b7
|
|
public = 30820241308201b406072a8648ce3d0201308201a7020101304d06072a8648ce3d0101024201ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff308187044201fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc044151953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f000481850400c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650023e01fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e020101038186000400c2a43ac3742b09e006c2dfc9c36444d7e699f567a73f674ce257330b312dd7a8a04fbe92d1d9acbcc65f6184711ada5bf39f6e11e0cbde98f1640d099eb90dfce701802d7755c2fe3180848d4a70b170096ec64eba99b478ba7f6fc129b0566279b8e1ab7962fa912fc4ae53b5202a03520617843dc63e5cb5f956ec7f1453d0865fdf
|
|
result = acceptable
|
|
shared = 00fb8542487cbd45e609632f681db6b48fdabed9b97a2467a34205eadadad9dedb54a2a647d23dca68e929a2041888b091f4bb4023a0517be669a6c9f9c847ef89de
|
|
# The order of the public key has been modified. If this order is used in a
|
|
# cryptographic primitive instead of the correct order then private keys may
|
|
# leak. E.g. ECDHC in BC 1.52 suffered from this.
|
|
# A parameter that is typically not used for ECDH has been modified. Sometimes
|
|
# libraries ignore small differences between public and private key. For
|
|
# example, a library might ignore an incorrect cofactor in the public key. We
|
|
# consider ignoring such changes as acceptable as long as these differences do
|
|
# not change the outcome of the ECDH computation, i.e. as long as the
|
|
# computation is done on the curve from the private key.
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 287
|
|
# generator = (0,0)
|
|
curve = secp521r1
|
|
private = 1396a99a337821d8c92d75f562793c70afa4074ae5e6dad2bd2cc6aea8f36f6c45ddde73931440d229f340093ab8c6fb3f20d20999a37371fe92104692136d019b7
|
|
public = 30820245308201b806072a8648ce3d0201308201ab020101304d06072a8648ce3d0101024201ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff308187044201fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc044151953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f0004818504000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000024201fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409020101038186000400c2a43ac3742b09e006c2dfc9c36444d7e699f567a73f674ce257330b312dd7a8a04fbe92d1d9acbcc65f6184711ada5bf39f6e11e0cbde98f1640d099eb90dfce701802d7755c2fe3180848d4a70b170096ec64eba99b478ba7f6fc129b0566279b8e1ab7962fa912fc4ae53b5202a03520617843dc63e5cb5f956ec7f1453d0865fdf
|
|
result = acceptable
|
|
shared = 00fb8542487cbd45e609632f681db6b48fdabed9b97a2467a34205eadadad9dedb54a2a647d23dca68e929a2041888b091f4bb4023a0517be669a6c9f9c847ef89de
|
|
# A parameter that is typically not used for ECDH has been modified. Sometimes
|
|
# libraries ignore small differences between public and private key. For
|
|
# example, a library might ignore an incorrect cofactor in the public key. We
|
|
# consider ignoring such changes as acceptable as long as these differences do
|
|
# not change the outcome of the ECDH computation, i.e. as long as the
|
|
# computation is done on the curve from the private key.
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 288
|
|
# generator not on curve
|
|
curve = secp521r1
|
|
private = 1396a99a337821d8c92d75f562793c70afa4074ae5e6dad2bd2cc6aea8f36f6c45ddde73931440d229f340093ab8c6fb3f20d20999a37371fe92104692136d019b7
|
|
public = 30820245308201b806072a8648ce3d0201308201ab020101304d06072a8648ce3d0101024201ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff308187044201fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc044151953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f000481850400c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16652024201fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409020101038186000400c2a43ac3742b09e006c2dfc9c36444d7e699f567a73f674ce257330b312dd7a8a04fbe92d1d9acbcc65f6184711ada5bf39f6e11e0cbde98f1640d099eb90dfce701802d7755c2fe3180848d4a70b170096ec64eba99b478ba7f6fc129b0566279b8e1ab7962fa912fc4ae53b5202a03520617843dc63e5cb5f956ec7f1453d0865fdf
|
|
result = acceptable
|
|
shared = 00fb8542487cbd45e609632f681db6b48fdabed9b97a2467a34205eadadad9dedb54a2a647d23dca68e929a2041888b091f4bb4023a0517be669a6c9f9c847ef89de
|
|
# A parameter that is typically not used for ECDH has been modified. Sometimes
|
|
# libraries ignore small differences between public and private key. For
|
|
# example, a library might ignore an incorrect cofactor in the public key. We
|
|
# consider ignoring such changes as acceptable as long as these differences do
|
|
# not change the outcome of the ECDH computation, i.e. as long as the
|
|
# computation is done on the curve from the private key.
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 289
|
|
# cofactor = -1
|
|
curve = secp521r1
|
|
private = 1396a99a337821d8c92d75f562793c70afa4074ae5e6dad2bd2cc6aea8f36f6c45ddde73931440d229f340093ab8c6fb3f20d20999a37371fe92104692136d019b7
|
|
public = 30820245308201b806072a8648ce3d0201308201ab020101304d06072a8648ce3d0101024201ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff308187044201fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc044151953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f000481850400c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650024201fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e913864090201ff038186000400c2a43ac3742b09e006c2dfc9c36444d7e699f567a73f674ce257330b312dd7a8a04fbe92d1d9acbcc65f6184711ada5bf39f6e11e0cbde98f1640d099eb90dfce701802d7755c2fe3180848d4a70b170096ec64eba99b478ba7f6fc129b0566279b8e1ab7962fa912fc4ae53b5202a03520617843dc63e5cb5f956ec7f1453d0865fdf
|
|
result = invalid
|
|
shared = 00fb8542487cbd45e609632f681db6b48fdabed9b97a2467a34205eadadad9dedb54a2a647d23dca68e929a2041888b091f4bb4023a0517be669a6c9f9c847ef89de
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 290
|
|
# cofactor = 0
|
|
curve = secp521r1
|
|
private = 1396a99a337821d8c92d75f562793c70afa4074ae5e6dad2bd2cc6aea8f36f6c45ddde73931440d229f340093ab8c6fb3f20d20999a37371fe92104692136d019b7
|
|
public = 30820245308201b806072a8648ce3d0201308201ab020101304d06072a8648ce3d0101024201ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff308187044201fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc044151953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f000481850400c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650024201fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409020100038186000400c2a43ac3742b09e006c2dfc9c36444d7e699f567a73f674ce257330b312dd7a8a04fbe92d1d9acbcc65f6184711ada5bf39f6e11e0cbde98f1640d099eb90dfce701802d7755c2fe3180848d4a70b170096ec64eba99b478ba7f6fc129b0566279b8e1ab7962fa912fc4ae53b5202a03520617843dc63e5cb5f956ec7f1453d0865fdf
|
|
result = invalid
|
|
shared = 00fb8542487cbd45e609632f681db6b48fdabed9b97a2467a34205eadadad9dedb54a2a647d23dca68e929a2041888b091f4bb4023a0517be669a6c9f9c847ef89de
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 291
|
|
# cofactor = 2
|
|
curve = secp521r1
|
|
private = 1396a99a337821d8c92d75f562793c70afa4074ae5e6dad2bd2cc6aea8f36f6c45ddde73931440d229f340093ab8c6fb3f20d20999a37371fe92104692136d019b7
|
|
public = 30820245308201b806072a8648ce3d0201308201ab020101304d06072a8648ce3d0101024201ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff308187044201fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc044151953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f000481850400c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650024201fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409020102038186000400c2a43ac3742b09e006c2dfc9c36444d7e699f567a73f674ce257330b312dd7a8a04fbe92d1d9acbcc65f6184711ada5bf39f6e11e0cbde98f1640d099eb90dfce701802d7755c2fe3180848d4a70b170096ec64eba99b478ba7f6fc129b0566279b8e1ab7962fa912fc4ae53b5202a03520617843dc63e5cb5f956ec7f1453d0865fdf
|
|
result = acceptable
|
|
shared = 00fb8542487cbd45e609632f681db6b48fdabed9b97a2467a34205eadadad9dedb54a2a647d23dca68e929a2041888b091f4bb4023a0517be669a6c9f9c847ef89de
|
|
# A parameter that is typically not used for ECDH has been modified. Sometimes
|
|
# libraries ignore small differences between public and private key. For
|
|
# example, a library might ignore an incorrect cofactor in the public key. We
|
|
# consider ignoring such changes as acceptable as long as these differences do
|
|
# not change the outcome of the ECDH computation, i.e. as long as the
|
|
# computation is done on the curve from the private key.
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 292
|
|
# cofactor =
|
|
# 6864797660130609714981900799081393217269435300143305409394463459185543183397655394245057746333217197532963996371363321113864768612440380340372808892707005449
|
|
curve = secp521r1
|
|
private = 1396a99a337821d8c92d75f562793c70afa4074ae5e6dad2bd2cc6aea8f36f6c45ddde73931440d229f340093ab8c6fb3f20d20999a37371fe92104692136d019b7
|
|
public = 30820286308201f906072a8648ce3d0201308201ec020101304d06072a8648ce3d0101024201ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff308187044201fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc044151953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f000481850400c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650024201fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409024201fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409038186000400c2a43ac3742b09e006c2dfc9c36444d7e699f567a73f674ce257330b312dd7a8a04fbe92d1d9acbcc65f6184711ada5bf39f6e11e0cbde98f1640d099eb90dfce701802d7755c2fe3180848d4a70b170096ec64eba99b478ba7f6fc129b0566279b8e1ab7962fa912fc4ae53b5202a03520617843dc63e5cb5f956ec7f1453d0865fdf
|
|
result = invalid
|
|
shared = 00fb8542487cbd45e609632f681db6b48fdabed9b97a2467a34205eadadad9dedb54a2a647d23dca68e929a2041888b091f4bb4023a0517be669a6c9f9c847ef89de
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 293
|
|
# cofactor = None
|
|
curve = secp521r1
|
|
private = 1396a99a337821d8c92d75f562793c70afa4074ae5e6dad2bd2cc6aea8f36f6c45ddde73931440d229f340093ab8c6fb3f20d20999a37371fe92104692136d019b7
|
|
public = 30820242308201b506072a8648ce3d0201308201a8020101304d06072a8648ce3d0101024201ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff308187044201fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc044151953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f000481850400c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650024201fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409038186000400c2a43ac3742b09e006c2dfc9c36444d7e699f567a73f674ce257330b312dd7a8a04fbe92d1d9acbcc65f6184711ada5bf39f6e11e0cbde98f1640d099eb90dfce701802d7755c2fe3180848d4a70b170096ec64eba99b478ba7f6fc129b0566279b8e1ab7962fa912fc4ae53b5202a03520617843dc63e5cb5f956ec7f1453d0865fdf
|
|
result = acceptable
|
|
shared = 00fb8542487cbd45e609632f681db6b48fdabed9b97a2467a34205eadadad9dedb54a2a647d23dca68e929a2041888b091f4bb4023a0517be669a6c9f9c847ef89de
|
|
# A parameter that is typically not used for ECDH has been modified. Sometimes
|
|
# libraries ignore small differences between public and private key. For
|
|
# example, a library might ignore an incorrect cofactor in the public key. We
|
|
# consider ignoring such changes as acceptable as long as these differences do
|
|
# not change the outcome of the ECDH computation, i.e. as long as the
|
|
# computation is done on the curve from the private key.
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 294
|
|
# modified prime
|
|
curve = secp521r1
|
|
private = 1396a99a337821d8c92d75f562793c70afa4074ae5e6dad2bd2cc6aea8f36f6c45ddde73931440d229f340093ab8c6fb3f20d20999a37371fe92104692136d019b7
|
|
public = 30820244308201b706072a8648ce3d0201308201aa020101304d06072a8648ce3d0101024201e99d17d498f3c68ed8e50430ec4f36c14dbeeaf7652e985636bf0548ffb981e9e011607fd0059cd4fe51e882f19a3839ebe7f1d7376cb761431b214ed76970cc0130818604411662e82b670c3971271afbcf13b0c93eb24115089ad167a9c940fab700467e161fee9f802ffa632b01ae177d0e65c7c614180e28c893489ebce4deb128968f33fb044151953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f0004818504000000000000000000000000000000000000000000000a14517cc6b91f8000000000000000000000000000000000000000000000000000000000000000000000032c006b0f530bec5bed532357d436727699f0e3c5b9366f1a435be640b97cd43d937655b1f157c7d0c7df25011fef7c3ab7d8e556e6125b59b847fcdd89a4051796a797024201fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e913864090201010381860004000000000000000000000000000000000000000000000a14517cc6b91f8000000000000000000000000000000000000000000000000000000000000000000000032c006b0f530bec5bed532357d436727699f0e3c5b9366f1a435be640b97cd43d937655b1f157c7d0c7df25011fef7c3ab7d8e556e6125b59b847fcdd89a4051796a797
|
|
result = invalid
|
|
shared = 00ebef6771455911ee573c183e990f7086650f9bafdb722c896751bd2c0f87959c78a39382d10fdfb46fd3515c8feb590943dd79778b13adbc7f670ba2a009753483
|
|
# The modulus of the public key has been modified. The public point of the
|
|
# public key has been chosen so that it is both a point on both the curve of the
|
|
# modified public key and the private key.
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 295
|
|
# using secp224r1
|
|
curve = secp521r1
|
|
private = 1396a99a337821d8c92d75f562793c70afa4074ae5e6dad2bd2cc6aea8f36f6c45ddde73931440d229f340093ab8c6fb3f20d20999a37371fe92104692136d019b7
|
|
public = 304e301006072a8648ce3d020106052b81040021033a0004074f56dc2ea648ef89c3b72e23bbd2da36f60243e4d2067b70604af1c2165cec2f86603d60c8a611d5b84ba3d91dfe1a480825bcc4af3bcf
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 296
|
|
# using secp256r1
|
|
curve = secp521r1
|
|
private = 1396a99a337821d8c92d75f562793c70afa4074ae5e6dad2bd2cc6aea8f36f6c45ddde73931440d229f340093ab8c6fb3f20d20999a37371fe92104692136d019b7
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d03010703420004cbf6606595a3ee50f9fceaa2798c2740c82540516b4e5a7d361ff24e9dd15364e5408b2e679f9d5310d1f6893b36ce16b4a507509175fcb52aea53b781556b39
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 297
|
|
# using secp256k1
|
|
curve = secp521r1
|
|
private = 1396a99a337821d8c92d75f562793c70afa4074ae5e6dad2bd2cc6aea8f36f6c45ddde73931440d229f340093ab8c6fb3f20d20999a37371fe92104692136d019b7
|
|
public = 3056301006072a8648ce3d020106052b8104000a03420004a1263e75b87ae0937060ff1472f330ee55cdf8f4329d6284a9ebfbcc856c11684225e72cbebff41e54fb6f00e11afe53a17937bedbf2df787f8ef9584f775838
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 298
|
|
# a = 0
|
|
curve = secp521r1
|
|
private = 1396a99a337821d8c92d75f562793c70afa4074ae5e6dad2bd2cc6aea8f36f6c45ddde73931440d229f340093ab8c6fb3f20d20999a37371fe92104692136d019b7
|
|
public = 308202033082017606072a8648ce3d020130820169020101304d06072a8648ce3d0101024201ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff3046040100044109a88e6f050cfefa0b49fac45689b6b93ad4fa3b65db7d2f4cb31b67fe056a100066dd80dc5f785d27f82e3369eb22ab2c5729a9e5d9906a1dc31e02f84026484a0481850400c2a43ac3742b09e006c2dfc9c36444d7e699f567a73f674ce257330b312dd7a8a04fbe92d1d9acbcc65f6184711ada5bf39f6e11e0cbde98f1640d099eb90dfce701802d7755c2fe3180848d4a70b170096ec64eba99b478ba7f6fc129b0566279b8e1ab7962fa912fc4ae53b5202a03520617843dc63e5cb5f956ec7f1453d0865fdf024201fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409020101038186000400c2a43ac3742b09e006c2dfc9c36444d7e699f567a73f674ce257330b312dd7a8a04fbe92d1d9acbcc65f6184711ada5bf39f6e11e0cbde98f1640d099eb90dfce701802d7755c2fe3180848d4a70b170096ec64eba99b478ba7f6fc129b0566279b8e1ab7962fa912fc4ae53b5202a03520617843dc63e5cb5f956ec7f1453d0865fdf
|
|
result = acceptable
|
|
shared = 00fb8542487cbd45e609632f681db6b48fdabed9b97a2467a34205eadadad9dedb54a2a647d23dca68e929a2041888b091f4bb4023a0517be669a6c9f9c847ef89de
|
|
# A parameter that is typically not used for ECDH has been modified. Sometimes
|
|
# libraries ignore small differences between public and private key. For
|
|
# example, a library might ignore an incorrect cofactor in the public key. We
|
|
# consider ignoring such changes as acceptable as long as these differences do
|
|
# not change the outcome of the ECDH computation, i.e. as long as the
|
|
# computation is done on the curve from the private key.
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 299
|
|
# public key of order 3
|
|
curve = secp521r1
|
|
private = 1396a99a337821d8c92d75f562793c70afa4074ae5e6dad2bd2cc6aea8f36f6c45ddde73931440d229f340093ab8c6fb3f20d20999a37371fe92104692136d019b7
|
|
public = 30820246308201b906072a8648ce3d0201308201ac020101304d06072a8648ce3d0101024201ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff308188044201b2ac25ed3b202bee00aaaeb8521977f025a9123df3eaa422077dbb7bd05d7ad92f456d1f8c73d070e1dbd4e250951eb525b8fca24f330b5b2724de0f0cc159e1ca0442014c822bd9cc28dc26c31385e52f86855f59c8b4f278915b23c7c002e73372016a8e6dac70a1d07eb309bb83efcbbeefe92cdee4d3d9c7218ca663298389e52c8acc04818504017d26208a6b9b4ccbc6bdeb8fdda68f6cabba6876b2fb96fab4efc899fd851be71b3491f45432ecb992fcb950416a733e3da561a7621fc4fca2deb3d83f9073bbdc019017d42efa595d03524e404362b124986e50878635d5382d39c793d4f980f3b48ce2ea0702667dee3a92f374920e04f8544e48b451051d68c69ec67098722cc6fc024201fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e913864090201010381860004017d26208a6b9b4ccbc6bdeb8fdda68f6cabba6876b2fb96fab4efc899fd851be71b3491f45432ecb992fcb950416a733e3da561a7621fc4fca2deb3d83f9073bbdc006fe82bd105a6a2fcadb1bfbc9d4edb6791af7879ca2ac7d2c6386c2b067f0c4b731d15f8fd998211c56d0c8b6df1fb07abb1b74baefae2973961398f678dd33903
|
|
result = invalid
|
|
shared = 0173a7def25e016ec3326d4c881dd62a1f33bfcf88d77ccbadc1b49044d9d179342840cf2ac6c09e41c9b1e7b6127f70e294c5fa8ffa132a222767f09a7f350eb300
|
|
# The vector contains a weak public key. The curve is not a named curve, the
|
|
# public key point has order 3 and has been chosen to be on the same curve as
|
|
# the private key. This test vector is used to check ECC implementations for
|
|
# missing steps in the verification of the public key.
|
|
# The public key does not use a named curve. RFC 3279 allows to encode such
|
|
# curves by explicitly encoding, the parameters of the curve equation, modulus,
|
|
# generator, order and cofactor. However, many crypto libraries only support
|
|
# named curves. Modifying some of the EC parameters and encoding the
|
|
# corresponding public key as an unnamed curve is a potential attack vector.
|
|
|
|
# tcId = 300
|
|
# Private key and public key are not on the same curve
|
|
curve = secp521r1
|
|
private = 2b0d77cd5c47890a52612fc9b38d804266b9784abca2b94de99bdc67475aecc2abc31e72a6dada0cf1d4d776b002c8d2dbd601ab8a0cae4157370846b20e8dd657
|
|
public = 304e301006072a8648ce3d020106052b81040021033a0004af6dd5b71a8c1cf921e36854ae091aaa589d337e740e8579f816eb9e36b03eec5cf956d0fdd2fc1687335507fc1c4a5717d3b5b8ea8340d1
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 301
|
|
# Private key and public key are not on the same curve
|
|
curve = secp521r1
|
|
private = 2b0d77cd5c47890a52612fc9b38d804266b9784abca2b94de99bdc67475aecc2abc31e72a6dada0cf1d4d776b002c8d2dbd601ab8a0cae4157370846b20e8dd657
|
|
public = 3059301306072a8648ce3d020106082a8648ce3d0301070342000453366db79b320781936df61bb55d4499949d813ee5abaa5dda70da4f97f68228ccc69d7cd0b7266cfc28d0dcafdf3e83738cc611acb08f8b896c4ecf82dd65ae
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 302
|
|
# Private key and public key are not on the same curve
|
|
curve = secp521r1
|
|
private = 2b0d77cd5c47890a52612fc9b38d804266b9784abca2b94de99bdc67475aecc2abc31e72a6dada0cf1d4d776b002c8d2dbd601ab8a0cae4157370846b20e8dd657
|
|
public = 3076301006072a8648ce3d020106052b8104002203620004aa45c13ce3cfea8538422712903edc0ce56df74ede0776e843555a786f9738de1943dffd729addfd4772169751d7765a45b5bb540a47d198f4c8c7c21e67560c1e12f70b64520109bb8858a3f8d6bb4012003431db0778633313fdb9464c47ec
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 303
|
|
# Private key and public key are not on the same curve
|
|
curve = secp521r1
|
|
private = 2b0d77cd5c47890a52612fc9b38d804266b9784abca2b94de99bdc67475aecc2abc31e72a6dada0cf1d4d776b002c8d2dbd601ab8a0cae4157370846b20e8dd657
|
|
public = 3056301006072a8648ce3d020106052b8104000a0342000475e01a1555380be188d69aac340a4675e4a6f73d63976a1075249827d8ecc2a31e65ed1eb591954e33a38f68ef8aa6c930229d8755e53257602b3eaa87de6f02
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 304
|
|
# Private key and public key are not on the same curve
|
|
curve = secp521r1
|
|
private = 2b0d77cd5c47890a52612fc9b38d804266b9784abca2b94de99bdc67475aecc2abc31e72a6dada0cf1d4d776b002c8d2dbd601ab8a0cae4157370846b20e8dd657
|
|
public = 3052301406072a8648ce3d020106092b2403030208010105033a0004905a06d5bc093697155aaff67305976a769b904d8db9573c4be361626def2ffe1d5ec14462c02e5ffb24fb3edb2b6c77a5cfee2492db757b
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 305
|
|
# Private key and public key are not on the same curve
|
|
curve = secp521r1
|
|
private = 2b0d77cd5c47890a52612fc9b38d804266b9784abca2b94de99bdc67475aecc2abc31e72a6dada0cf1d4d776b002c8d2dbd601ab8a0cae4157370846b20e8dd657
|
|
public = 305a301406072a8648ce3d020106092b2403030208010107034200042b87df1b6a5cbc4c4a184b7eec9b6c0483f7b80e6477b29649630c37481876bb0e3423f7a00d469320b7e60c88370979064efb9ceb8b387aa87a7c6941ccd9ed
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 306
|
|
# Private key and public key are not on the same curve
|
|
curve = secp521r1
|
|
private = 2b0d77cd5c47890a52612fc9b38d804266b9784abca2b94de99bdc67475aecc2abc31e72a6dada0cf1d4d776b002c8d2dbd601ab8a0cae4157370846b20e8dd657
|
|
public = 306a301406072a8648ce3d020106092b24030302080101090352000470df62394ee036eefbc8ef11a9a5f3a8af659016f29e7125e52cfda0a74e52c7b21d18ac4375f5e4164c5338fa2f545a3fb2022f0e0686d5b4882958f72b1bb626e37093e3f19673968c237823327fd6
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 307
|
|
# Private key and public key are not on the same curve
|
|
curve = secp521r1
|
|
private = 2b0d77cd5c47890a52612fc9b38d804266b9784abca2b94de99bdc67475aecc2abc31e72a6dada0cf1d4d776b002c8d2dbd601ab8a0cae4157370846b20e8dd657
|
|
public = 307a301406072a8648ce3d020106092b240303020801010b03620004808dc7b1c6d3ec470a7fe5d6144c9c3a8c92b116103aa2edbfce0b2c827312eebcd1350d09a739eac901af341487861b195270f671e0a758deb23222db4fe7983d42a785b35fd158344cd6483c4da5b409e77d0a284dfa9c3e0d91a4d275fce9
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 308
|
|
# Private key and public key are not on the same curve
|
|
curve = secp521r1
|
|
private = 2b0d77cd5c47890a52612fc9b38d804266b9784abca2b94de99bdc67475aecc2abc31e72a6dada0cf1d4d776b002c8d2dbd601ab8a0cae4157370846b20e8dd657
|
|
public = 30819b301406072a8648ce3d020106092b240303020801010d0381820004aa11b560dc1e572f2374e5869210304d66d95b1d8ce40940157f5f5b4a7dc8a340f7c305d6bea289f5c430eb888e2a03528336aaf4680d9d153cd162e2229df330425025df2625b147568927f6acf704e4936f8989ff9d44f33ee22196e70dfd8711e8934d8d42abb4b67afcfee213c3ad5e5c83fcf4283d253d6c5c0e581970
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 309
|
|
# Private key and public key are not on the same curve
|
|
curve = secp521r1
|
|
private = 2b0d77cd5c47890a52612fc9b38d804266b9784abca2b94de99bdc67475aecc2abc31e72a6dada0cf1d4d776b002c8d2dbd601ab8a0cae4157370846b20e8dd657
|
|
public = 3052301406072a8648ce3d020106092b2403030208010106033a00048d7a746de095728a8d83219e587040cb6e794d088ab6eab426638202579850b0f235edcf4eb8adcb51bf41878f6b71a1f2d4101022964340
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 310
|
|
# Private key and public key are not on the same curve
|
|
curve = secp521r1
|
|
private = 2b0d77cd5c47890a52612fc9b38d804266b9784abca2b94de99bdc67475aecc2abc31e72a6dada0cf1d4d776b002c8d2dbd601ab8a0cae4157370846b20e8dd657
|
|
public = 305a301406072a8648ce3d020106092b24030302080101080342000424ad316bf41e4102dd7ae16311b64464df2d13ea68a11dd27a4445ed900962180ff8c627ed73f0c667863ee3a671e6ed1fa2781b51a229ee2cd21fbf69437d60
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 311
|
|
# Private key and public key are not on the same curve
|
|
curve = secp521r1
|
|
private = 2b0d77cd5c47890a52612fc9b38d804266b9784abca2b94de99bdc67475aecc2abc31e72a6dada0cf1d4d776b002c8d2dbd601ab8a0cae4157370846b20e8dd657
|
|
public = 306a301406072a8648ce3d020106092b240303020801010a03520004548ce4997cc618800d3834dd4b3346e4559be066ab5d0cecd7123c4de940c168fecd3bae067fe3fc7aee875c9da0a86932f0779f42344470860c22dbc6f305eab792fc0874157e175c7d3c4d3bf54c4b
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 312
|
|
# Private key and public key are not on the same curve
|
|
curve = secp521r1
|
|
private = 2b0d77cd5c47890a52612fc9b38d804266b9784abca2b94de99bdc67475aecc2abc31e72a6dada0cf1d4d776b002c8d2dbd601ab8a0cae4157370846b20e8dd657
|
|
public = 307a301406072a8648ce3d020106092b240303020801010c036200044fc2b35e3019a57a8ca6efe2ec1f72072c599a78c2725f7cfc2d9edf220b5f6abdb0c0d8d160182de451e26bcbb4e8c18726263e21ce56fb4bafaa1f186c745e2c8392ef8c5a1c03f5462ebbbcde0ffcc31e9a0b3e898ddb9c1c79e420fd7a35
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 313
|
|
# Private key and public key are not on the same curve
|
|
curve = secp521r1
|
|
private = 2b0d77cd5c47890a52612fc9b38d804266b9784abca2b94de99bdc67475aecc2abc31e72a6dada0cf1d4d776b002c8d2dbd601ab8a0cae4157370846b20e8dd657
|
|
public = 30819b301406072a8648ce3d020106092b240303020801010e03818200047122f743122681ac73b0d611af86847d8bec654cf99e7eaf5d4f684e4078a8e61dc6d07e831ad02cd40d41dbdb6b0e877d960b78a5ac34c1e6ce7c483503d6de2eaddeffbfb3f144d29d13535a05815934186707146e45f64476bbdbc8645be973270a4c5e35d70ffd5eab2f08d1fb04762bc8aa80e999da14f744be9ff8c923
|
|
result = invalid
|
|
shared =
|
|
|
|
# tcId = 314
|
|
# invalid public key
|
|
curve = secp521r1
|
|
private = 1c1fb2cac9087a3397814b198a80e2ea5b437aac1b41e8a2bd8fef8700e4812aa817320e6e1e3865bd2cf75e43a78be5c27ff1c4b5f5019333cb37d0c9c4ff3ec61
|
|
public = 3058301006072a8648ce3d020106052b810400230344000200429cb431c18f5f4e4e502f74214e6ac5ec2c3f86b830bac24de95feae142ca7d9aa8aa5b34f55af4b2848f2e6ba6df4c3ecd401a1d7b2a8287a332b202196fadbb
|
|
result = invalid
|
|
shared =
|
|
# The point in the public key is compressed. Not every library supports points
|
|
# in compressed format.
|
|
|
|
# tcId = 315
|
|
# public key is a low order point on twist
|
|
curve = secp521r1
|
|
private = 6619644155c449758f65e2dfe7ba89dee1e090c1d68b6342f43cb1ac000090a7f0408138c1de217990bb015cd1d95f1d884cf659f7324f2fe21eeba63ea988aacd
|
|
public = 3058301006072a8648ce3d020106052b81040023034400020108cbf3c9bf8e42135d87127556831076d84d5e549e645afda8a099249231b59b6c508dee4e91c9a543e90ebc82613f86cb1290e29102a0f2fdeb57bf4193fb4639
|
|
result = invalid
|
|
shared =
|
|
# The point in the public key is compressed. Not every library supports points
|
|
# in compressed format.
|
|
|
|
# tcId = 316
|
|
# public key is a low order point on twist
|
|
curve = secp521r1
|
|
private = 0a257d97aa4e5195e2919c147c1639bb0da0cce479a036489006b7b8e7e885096066e5adc8fe7c45940c5a6b94d5065b966a45f099a0cecfe9cce1b3e99dca479f2
|
|
public = 3058301006072a8648ce3d020106052b8104002303440003011f2dca6b686e2141c11822e2d5439261583ce98cd6c4041c6d1be9e17dee33ea4a65c3e8cca6de50a30a39c788a585f1188bef0680a9c0264b3c8dcf494d0eb948
|
|
result = invalid
|
|
shared =
|
|
# The point in the public key is compressed. Not every library supports points
|
|
# in compressed format.
|
|
|
|
# tcId = 317
|
|
# public key is a low order point on twist
|
|
curve = secp521r1
|
|
private = 0a257d97aa4e5195e2919c147c1639bb0da0cce479a036489006b7b8e7e885096066e5adc8fe7c45940c5a6b94d5065b966a45f099a0cecfe9cce1b3e99dca479f3
|
|
public = 3058301006072a8648ce3d020106052b8104002303440002011f2dca6b686e2141c11822e2d5439261583ce98cd6c4041c6d1be9e17dee33ea4a65c3e8cca6de50a30a39c788a585f1188bef0680a9c0264b3c8dcf494d0eb948
|
|
result = invalid
|
|
shared =
|
|
# The point in the public key is compressed. Not every library supports points
|
|
# in compressed format.
|
|
|
|
# tcId = 318
|
|
# public key is a low order point on twist
|
|
curve = secp521r1
|
|
private = 6619644155c449758f65e2dfe7ba89dee1e090c1d68b6342f43cb1ac000090a7f0408138c1de217990bb015cd1d95f1d884cf659f7324f2fe21eeba63ea988aacc
|
|
public = 3058301006072a8648ce3d020106052b81040023034400030108cbf3c9bf8e42135d87127556831076d84d5e549e645afda8a099249231b59b6c508dee4e91c9a543e90ebc82613f86cb1290e29102a0f2fdeb57bf4193fb4639
|
|
result = invalid
|
|
shared =
|
|
# The point in the public key is compressed. Not every library supports points
|
|
# in compressed format.
|
|
|
|
# tcId = 319
|
|
# public key is a low order point on twist
|
|
curve = secp521r1
|
|
private = 2a35258787f91ad0bd3432c3022e4d3ed349c8768a7e7caa1836022fc0c89a9073f6ce14d0990d5b7bb413061c7160e7bd566a5c89f14901b2cc19f1ad531f41e2
|
|
public = 3058301006072a8648ce3d020106052b81040023034400020009cc73141cf1843d2b2c95dc5cbc4d615c6da4814c1c7208615d8e78c7a8666aba1852faaa45a45d32bd0fde6ea78f262a96bf1e02949cea48c33c695103683048
|
|
result = invalid
|
|
shared =
|
|
# The point in the public key is compressed. Not every library supports points
|
|
# in compressed format.
|
|
|
|
# tcId = 320
|
|
# public key is a low order point on twist
|
|
curve = secp521r1
|
|
private = 1afe5c77a626161fb2c25964c7895b9fff787099db83f077f05a4bfa320fb61f9315bb44d3fb9dd72225d9d993a18df82ac53fb4a5f86b23cb650e5e4778066f677
|
|
public = 3058301006072a8648ce3d020106052b81040023034400030047b9cf28e04b38796858545d60d6133fbdc20ede086e5d95111c982b8c276628235e536c075637a97c0a6c30d02b83b19e578203473eea16dfdeaeccb1dc0d9b19
|
|
result = invalid
|
|
shared =
|
|
# The point in the public key is compressed. Not every library supports points
|
|
# in compressed format.
|
|
|
|
# tcId = 321
|
|
# public key is a low order point on twist
|
|
curve = secp521r1
|
|
private = 24ae709e1644e3087b52470c565268becbdbf97de59916763507d109c2e5b7c21727c64e9b560aa248d7bc9fe0ac95720d507263b7b2859b056ea165301cd599d5
|
|
public = 3058301006072a8648ce3d020106052b810400230344000300c18410f5727ee0101a52ef95c0ac455cbc65bf9967f0a2c419aa0a291cabad569f2337e102d0a9128f4212dbf9fa9e5a8f14ca7f28e82977281facdd9ca7a92c78
|
|
result = invalid
|
|
shared =
|
|
# The point in the public key is compressed. Not every library supports points
|
|
# in compressed format.
|
|
|
|
# tcId = 322
|
|
# public key is a low order point on twist
|
|
curve = secp521r1
|
|
private = 24ae709e1644e3087b52470c565268becbdbf97de59916763507d109c2e5b7c21727c64e9b560aa248d7bc9fe0ac95720d507263b7b2859b056ea165301cd599d6
|
|
public = 3058301006072a8648ce3d020106052b810400230344000200c18410f5727ee0101a52ef95c0ac455cbc65bf9967f0a2c419aa0a291cabad569f2337e102d0a9128f4212dbf9fa9e5a8f14ca7f28e82977281facdd9ca7a92c78
|
|
result = invalid
|
|
shared =
|
|
# The point in the public key is compressed. Not every library supports points
|
|
# in compressed format.
|
|
|
|
# tcId = 323
|
|
# public key is a low order point on twist
|
|
curve = secp521r1
|
|
private = 1afe5c77a626161fb2c25964c7895b9fff787099db83f077f05a4bfa320fb61f9315bb44d3fb9dd72225d9d993a18df82ac53fb4a5f86b23cb650e5e4778066f678
|
|
public = 3058301006072a8648ce3d020106052b81040023034400020047b9cf28e04b38796858545d60d6133fbdc20ede086e5d95111c982b8c276628235e536c075637a97c0a6c30d02b83b19e578203473eea16dfdeaeccb1dc0d9b19
|
|
result = invalid
|
|
shared =
|
|
# The point in the public key is compressed. Not every library supports points
|
|
# in compressed format.
|
|
|
|
# tcId = 324
|
|
# public key is a low order point on twist
|
|
curve = secp521r1
|
|
private = 2a35258787f91ad0bd3432c3022e4d3ed349c8768a7e7caa1836022fc0c89a9073f6ce14d0990d5b7bb413061c7160e7bd566a5c89f14901b2cc19f1ad531f41e1
|
|
public = 3058301006072a8648ce3d020106052b81040023034400030009cc73141cf1843d2b2c95dc5cbc4d615c6da4814c1c7208615d8e78c7a8666aba1852faaa45a45d32bd0fde6ea78f262a96bf1e02949cea48c33c695103683048
|
|
result = invalid
|
|
shared =
|
|
# The point in the public key is compressed. Not every library supports points
|
|
# in compressed format.
|
|
|