Re: [PATCH bpf-next v6 4/4] selftests/bpf: Add tests for signature verification kfuncs
From: Alexei Starovoitov
Date: Sat Jan 24 2026 - 19:19:39 EST
On Sat, Jan 24, 2026 at 9:44 AM Daniel Hodges <git@xxxxxxxxxxxxxxxx> wrote:
>
> Add tests for the signature verification kfuncs:
>
> 1. test_ecdsa_verify_valid_signature: Verifies that a valid ECDSA
> signature over a known message hash is correctly verified using
> the P-256 curve with a test vector.
>
> 2. test_ecdsa_verify_invalid_signature: Verifies that an invalid
> signature (with modified r component) is correctly rejected.
>
> 3. test_ecdsa_size_queries: Tests the bpf_sig_keysize(),
> bpf_sig_digestsize(), and bpf_sig_maxsize() kfuncs to ensure
> they return valid positive values for a P-256 ECDSA context.
>
> 4. test_ecdsa_on_hash_ctx: Tests that calling bpf_sig_verify on
> a hash context fails with -EINVAL due to type mismatch.
>
> 5. test_ecdsa_keysize_on_hash_ctx: Tests that calling bpf_sig_keysize
> on a hash context fails with -EINVAL due to type mismatch.
>
> 6. test_ecdsa_zero_len_msg: Tests that zero-length message is rejected.
>
> 7. test_ecdsa_zero_len_sig: Tests that zero-length signature is rejected.
>
> The test uses the p1363(ecdsa-nist-p256) algorithm with a known
> NIST P-256 test vector for reliable and reproducible testing.
>
> Signed-off-by: Daniel Hodges <git@xxxxxxxxxxxxxxxx>
> ---
> MAINTAINERS | 2 +
> .../selftests/bpf/prog_tests/sig_verify.c | 163 ++++++++++
> .../selftests/bpf/progs/crypto_common.h | 6 +
> .../testing/selftests/bpf/progs/sig_verify.c | 286 ++++++++++++++++++
> 4 files changed, 457 insertions(+)
> create mode 100644 tools/testing/selftests/bpf/prog_tests/sig_verify.c
> create mode 100644 tools/testing/selftests/bpf/progs/sig_verify.c
It's a v6 already, but your new selftests are still failing in CI.
Error: #385 sig_verify
Error: #385/1 sig_verify/verify_valid_signature
Error: #385/3 sig_verify/size_queries
Error: #385/6 sig_verify/zero_len_msg
Error: #385/7 sig_verify/zero_len_sig
Please make sure CI is green before submitting v7.
No one is reviewing the patches when they don't pass their own tests.
pw-bot: cr