1656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* crypto/ecdsa/ecdsatest.c */ 2656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* 3656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Written by Nils Larsch for the OpenSSL project. 4656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 5656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* ==================================================================== 6656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved. 7656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 8656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Redistribution and use in source and binary forms, with or without 9656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * modification, are permitted provided that the following conditions 10656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * are met: 11656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 12656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 1. Redistributions of source code must retain the above copyright 13656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * notice, this list of conditions and the following disclaimer. 14656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 15656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 2. Redistributions in binary form must reproduce the above copyright 16656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * notice, this list of conditions and the following disclaimer in 17656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * the documentation and/or other materials provided with the 18656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * distribution. 19656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 20656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 3. All advertising materials mentioning features or use of this 21656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * software must display the following acknowledgment: 22656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * "This product includes software developed by the OpenSSL Project 23656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 24656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 25656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 26656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * endorse or promote products derived from this software without 27656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * prior written permission. For written permission, please contact 28656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * licensing@OpenSSL.org. 29656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 30656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 5. Products derived from this software may not be called "OpenSSL" 31656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * nor may "OpenSSL" appear in their names without prior written 32656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * permission of the OpenSSL Project. 33656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 34656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 6. Redistributions of any form whatsoever must retain the following 35656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * acknowledgment: 36656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * "This product includes software developed by the OpenSSL Project 37656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 38656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 39656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 40656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 41656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 42656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 43656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 44656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 45656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 46656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 47656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 48656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 49656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 50656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * OF THE POSSIBILITY OF SUCH DAMAGE. 51656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ==================================================================== 52656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 53656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * This product includes cryptographic software written by Eric Young 54656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * (eay@cryptsoft.com). This product includes software written by Tim 55656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Hudson (tjh@cryptsoft.com). 56656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 57656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 58656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* ==================================================================== 59656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 60656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 61656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Portions of the attached software ("Contribution") are developed by 62656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. 63656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 64656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * The Contribution is licensed pursuant to the OpenSSL open source 65656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * license provided above. 66656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 67656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * The elliptic curve binary polynomial software is originally written by 68656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories. 69656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 70656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 71656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 72656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <stdio.h> 73656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <stdlib.h> 74656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <string.h> 75656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 76656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/opensslconf.h> /* To see if OPENSSL_NO_ECDSA is defined */ 77656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 78656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifdef OPENSSL_NO_ECDSA 79656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint main(int argc, char * argv[]) 80656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 81656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project puts("Elliptic curves are disabled."); 82656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 0; 83656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 84656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#else 85656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 86656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/crypto.h> 87656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/bio.h> 88656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/evp.h> 89656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/bn.h> 90656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/ecdsa.h> 91656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#ifndef OPENSSL_NO_ENGINE 92656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/engine.h> 93656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 94656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/err.h> 95656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/rand.h> 96656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 97656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic const char rnd_seed[] = "string to make the random number generator " 98656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "think it has entropy"; 99656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 100656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* declaration of the test functions */ 101656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint x9_62_tests(BIO *); 102656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint x9_62_test_internal(BIO *out, int nid, const char *r, const char *s); 103656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint test_builtin(BIO *); 104656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 105656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* functions to change the RAND_METHOD */ 106656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint change_rand(void); 107656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint restore_rand(void); 108656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint fbytes(unsigned char *buf, int num); 109656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 110656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source ProjectRAND_METHOD fake_rand; 111656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectconst RAND_METHOD *old_rand; 112656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 113656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint change_rand(void) 114656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 115656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* save old rand method */ 116656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((old_rand = RAND_get_rand_method()) == NULL) 117656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 0; 118656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 119656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project fake_rand.seed = old_rand->seed; 120656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project fake_rand.cleanup = old_rand->cleanup; 121656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project fake_rand.add = old_rand->add; 122656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project fake_rand.status = old_rand->status; 123656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* use own random function */ 124656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project fake_rand.bytes = fbytes; 125656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project fake_rand.pseudorand = old_rand->bytes; 126656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* set new RAND_METHOD */ 127656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!RAND_set_rand_method(&fake_rand)) 128656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 0; 129656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 1; 130656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 131656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 132656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint restore_rand(void) 133656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 134656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!RAND_set_rand_method(old_rand)) 135656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 0; 136656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 137656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 1; 138656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 139656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 140656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int fbytes_counter = 0; 141656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic const char *numbers[8] = { 142656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "651056770906015076056810763456358567190100156695615665659", 143656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "6140507067065001063065065565667405560006161556565665656654", 144656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "8763001015071075675010661307616710783570106710677817767166" 145656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "71676178726717", 146656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "7000000175690566466555057817571571075705015757757057795755" 147656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "55657156756655", 148656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "1275552191113212300012030439187146164646146646466749494799", 149656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "1542725565216523985789236956265265265235675811949404040041", 150656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "1456427555219115346513212300075341203043918714616464614664" 151656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "64667494947990", 152656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "1712787255652165239672857892369562652652652356758119494040" 153656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "40041670216363"}; 154656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 155656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint fbytes(unsigned char *buf, int num) 156656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 157656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int ret; 158656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIGNUM *tmp = NULL; 159656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 160656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (fbytes_counter >= 8) 161656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 0; 162656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tmp = BN_new(); 163656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!tmp) 164656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 0; 165656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!BN_dec2bn(&tmp, numbers[fbytes_counter])) 166656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 167656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BN_free(tmp); 168656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 0; 169656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 170656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project fbytes_counter ++; 171ee7afb3c942c4eefef6ed06201eafaf8ec58e2e3Brian Carlstrom if (num != BN_num_bytes(tmp) || !BN_bn2bin(tmp, buf)) 172656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret = 0; 173ee7afb3c942c4eefef6ed06201eafaf8ec58e2e3Brian Carlstrom else 174656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret = 1; 175656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (tmp) 176656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BN_free(tmp); 177656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return ret; 178656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 179656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 180656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* some tests from the X9.62 draft */ 181656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint x9_62_test_internal(BIO *out, int nid, const char *r_in, const char *s_in) 182656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 183656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int ret = 0; 184656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project const char message[] = "abc"; 185656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project unsigned char digest[20]; 186656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project unsigned int dgst_len = 0; 187656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_MD_CTX md_ctx; 188656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EC_KEY *key = NULL; 189656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ECDSA_SIG *signature = NULL; 190656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIGNUM *r = NULL, *s = NULL; 191656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 192656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_MD_CTX_init(&md_ctx); 193656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* get the message digest */ 194656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_DigestInit(&md_ctx, EVP_ecdsa()); 195656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_DigestUpdate(&md_ctx, (const void*)message, 3); 196656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_DigestFinal(&md_ctx, digest, &dgst_len); 197656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 198656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(out, "testing %s: ", OBJ_nid2sn(nid)); 199656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* create the key */ 200656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((key = EC_KEY_new_by_curve_name(nid)) == NULL) 201656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto x962_int_err; 202656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!EC_KEY_generate_key(key)) 203656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto x962_int_err; 204656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(out, "."); 205656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (void)BIO_flush(out); 206656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* create the signature */ 207656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project signature = ECDSA_do_sign(digest, 20, key); 208656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (signature == NULL) 209656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto x962_int_err; 210656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(out, "."); 211656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (void)BIO_flush(out); 212656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* compare the created signature with the expected signature */ 213656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((r = BN_new()) == NULL || (s = BN_new()) == NULL) 214656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto x962_int_err; 215656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!BN_dec2bn(&r, r_in) || 216656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project !BN_dec2bn(&s, s_in)) 217656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto x962_int_err; 218656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (BN_cmp(signature->r ,r) || BN_cmp(signature->s, s)) 219656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto x962_int_err; 220656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(out, "."); 221656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (void)BIO_flush(out); 222656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* verify the signature */ 223656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ECDSA_do_verify(digest, 20, signature, key) != 1) 224656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto x962_int_err; 225656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(out, "."); 226656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (void)BIO_flush(out); 227656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 228656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(out, " ok\n"); 229656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret = 1; 230656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectx962_int_err: 231656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!ret) 232656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(out, " failed\n"); 233656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (key) 234656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EC_KEY_free(key); 235656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (signature) 236656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ECDSA_SIG_free(signature); 237656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (r) 238656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BN_free(r); 239656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (s) 240656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BN_free(s); 241656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EVP_MD_CTX_cleanup(&md_ctx); 242656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return ret; 243656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 244656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 245656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint x9_62_tests(BIO *out) 246656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 247656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int ret = 0; 248656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 249656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(out, "some tests from X9.62:\n"); 250656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 251656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* set own rand method */ 252656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!change_rand()) 253656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto x962_err; 254656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 255656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!x9_62_test_internal(out, NID_X9_62_prime192v1, 256656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "3342403536405981729393488334694600415596881826869351677613", 257656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "5735822328888155254683894997897571951568553642892029982342")) 258656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto x962_err; 259656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!x9_62_test_internal(out, NID_X9_62_prime239v1, 260656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "3086361431751678114926225473006680188549593787585317781474" 261656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "62058306432176", 262656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "3238135532097973577080787768312505059318910517550078427819" 263656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "78505179448783")) 264656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto x962_err; 265392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#ifndef OPENSSL_NO_EC2M 266656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!x9_62_test_internal(out, NID_X9_62_c2tnb191v1, 267656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "87194383164871543355722284926904419997237591535066528048", 268656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "308992691965804947361541664549085895292153777025772063598")) 269656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto x962_err; 270656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!x9_62_test_internal(out, NID_X9_62_c2tnb239v1, 271656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "2159633321041961198501834003903461262881815148684178964245" 272656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "5876922391552", 273656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "1970303740007316867383349976549972270528498040721988191026" 274656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "49413465737174")) 275656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto x962_err; 276392aa7cc7d2b122614c5393c3e357da07fd07af3Brian Carlstrom#endif 277656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret = 1; 278656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectx962_err: 279656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!restore_rand()) 280656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret = 0; 281656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return ret; 282656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 283656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 284656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint test_builtin(BIO *out) 285656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 286656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EC_builtin_curve *curves = NULL; 287656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project size_t crv_len = 0, n = 0; 288656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EC_KEY *eckey = NULL, *wrong_eckey = NULL; 289656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EC_GROUP *group; 2907b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom ECDSA_SIG *ecdsa_sig = NULL; 291656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project unsigned char digest[20], wrong_digest[20]; 2927b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom unsigned char *signature = NULL; 2937d3d122363e2a85d516db314892f3d6112cb1377Brian Carlstrom const unsigned char *sig_ptr; 2947d3d122363e2a85d516db314892f3d6112cb1377Brian Carlstrom unsigned char *sig_ptr2; 2957b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom unsigned char *raw_buf = NULL; 2967b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom unsigned int sig_len, degree, r_len, s_len, bn_len, buf_len; 297656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int nid, ret = 0; 298656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 299656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* fill digest values with some random data */ 300656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!RAND_pseudo_bytes(digest, 20) || 301656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project !RAND_pseudo_bytes(wrong_digest, 20)) 302656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 303656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(out, "ERROR: unable to get random data\n"); 304656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto builtin_err; 305656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 306656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 307656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* create and verify a ecdsa signature with every availble curve 308656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * (with ) */ 309656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(out, "\ntesting ECDSA_sign() and ECDSA_verify() " 310656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "with some internal curves:\n"); 311656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 312656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* get a list of all internal curves */ 313656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project crv_len = EC_get_builtin_curves(NULL, 0); 314656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 315656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project curves = OPENSSL_malloc(sizeof(EC_builtin_curve) * crv_len); 316656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 317656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (curves == NULL) 318656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 319656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(out, "malloc error\n"); 320656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto builtin_err; 321656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 322656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 323656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!EC_get_builtin_curves(curves, crv_len)) 324656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 325656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(out, "unable to get internal curves\n"); 326656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto builtin_err; 327656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 328656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 329656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* now create and verify a signature for every curve */ 330656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (n = 0; n < crv_len; n++) 331656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 332656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project unsigned char dirt, offset; 333656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 334656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project nid = curves[n].nid; 335656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (nid == NID_ipsec4) 336656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project continue; 337656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* create new ecdsa key (== EC_KEY) */ 338656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((eckey = EC_KEY_new()) == NULL) 339656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto builtin_err; 340656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project group = EC_GROUP_new_by_curve_name(nid); 341656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (group == NULL) 342656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto builtin_err; 343656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (EC_KEY_set_group(eckey, group) == 0) 344656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto builtin_err; 345656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EC_GROUP_free(group); 3467b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom degree = EC_GROUP_get_degree(EC_KEY_get0_group(eckey)); 3477b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom if (degree < 160) 348656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* drop the curve */ 349656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 350656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EC_KEY_free(eckey); 351656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project eckey = NULL; 352656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project continue; 353656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 354656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(out, "%s: ", OBJ_nid2sn(nid)); 355656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* create key */ 356656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!EC_KEY_generate_key(eckey)) 357656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 358656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(out, " failed\n"); 359656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto builtin_err; 360656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 361656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* create second key */ 362656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((wrong_eckey = EC_KEY_new()) == NULL) 363656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto builtin_err; 364656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project group = EC_GROUP_new_by_curve_name(nid); 365656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (group == NULL) 366656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto builtin_err; 367656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (EC_KEY_set_group(wrong_eckey, group) == 0) 368656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto builtin_err; 369656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EC_GROUP_free(group); 370656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!EC_KEY_generate_key(wrong_eckey)) 371656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 372656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(out, " failed\n"); 373656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto builtin_err; 374656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 375656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 376656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(out, "."); 377656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (void)BIO_flush(out); 378656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* check key */ 379656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!EC_KEY_check_key(eckey)) 380656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 381656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(out, " failed\n"); 382656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto builtin_err; 383656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 384656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(out, "."); 385656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (void)BIO_flush(out); 386656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* create signature */ 387656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sig_len = ECDSA_size(eckey); 388656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if ((signature = OPENSSL_malloc(sig_len)) == NULL) 389656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto builtin_err; 390656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!ECDSA_sign(0, digest, 20, signature, &sig_len, eckey)) 391656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 392656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(out, " failed\n"); 393656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto builtin_err; 394656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 395656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(out, "."); 396656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (void)BIO_flush(out); 397656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* verify signature */ 398656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ECDSA_verify(0, digest, 20, signature, sig_len, eckey) != 1) 399656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 400656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(out, " failed\n"); 401656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto builtin_err; 402656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 403656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(out, "."); 404656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (void)BIO_flush(out); 405656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* verify signature with the wrong key */ 406656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ECDSA_verify(0, digest, 20, signature, sig_len, 407656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project wrong_eckey) == 1) 408656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 409656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(out, " failed\n"); 410656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto builtin_err; 411656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 412656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(out, "."); 413656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (void)BIO_flush(out); 414656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* wrong digest */ 415656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ECDSA_verify(0, wrong_digest, 20, signature, sig_len, 416656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project eckey) == 1) 417656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 418656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(out, " failed\n"); 419656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto builtin_err; 420656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 421656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(out, "."); 422656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (void)BIO_flush(out); 4237b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom /* wrong length */ 4247b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom if (ECDSA_verify(0, digest, 20, signature, sig_len - 1, 4257b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom eckey) == 1) 4267b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom { 4277b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom BIO_printf(out, " failed\n"); 4287b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom goto builtin_err; 4297b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom } 4307b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom BIO_printf(out, "."); 4317b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom (void)BIO_flush(out); 4327b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom 4337b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom /* Modify a single byte of the signature: to ensure we don't 4347b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom * garble the ASN1 structure, we read the raw signature and 4357b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom * modify a byte in one of the bignums directly. */ 4367b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom sig_ptr = signature; 4377b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom if ((ecdsa_sig = d2i_ECDSA_SIG(NULL, &sig_ptr, sig_len)) == NULL) 4387b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom { 4397b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom BIO_printf(out, " failed\n"); 4407b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom goto builtin_err; 4417b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom } 4427b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom 4437b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom /* Store the two BIGNUMs in raw_buf. */ 4447b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom r_len = BN_num_bytes(ecdsa_sig->r); 4457b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom s_len = BN_num_bytes(ecdsa_sig->s); 4467b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom bn_len = (degree + 7) / 8; 4477b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom if ((r_len > bn_len) || (s_len > bn_len)) 4487b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom { 4497b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom BIO_printf(out, " failed\n"); 4507b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom goto builtin_err; 4517b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom } 4527b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom buf_len = 2 * bn_len; 4537b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom if ((raw_buf = OPENSSL_malloc(buf_len)) == NULL) 4547b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom goto builtin_err; 4557b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom /* Pad the bignums with leading zeroes. */ 4567b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom memset(raw_buf, 0, buf_len); 4577b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom BN_bn2bin(ecdsa_sig->r, raw_buf + bn_len - r_len); 4587b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom BN_bn2bin(ecdsa_sig->s, raw_buf + buf_len - s_len); 4597b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom 4607b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom /* Modify a single byte in the buffer. */ 4617b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom offset = raw_buf[10] % buf_len; 4627b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom dirt = raw_buf[11] ? raw_buf[11] : 1; 4637b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom raw_buf[offset] ^= dirt; 4647b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom /* Now read the BIGNUMs back in from raw_buf. */ 4657b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom if ((BN_bin2bn(raw_buf, bn_len, ecdsa_sig->r) == NULL) || 4667b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom (BN_bin2bn(raw_buf + bn_len, bn_len, ecdsa_sig->s) == NULL)) 4677b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom goto builtin_err; 4687b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom 4697d3d122363e2a85d516db314892f3d6112cb1377Brian Carlstrom sig_ptr2 = signature; 4707d3d122363e2a85d516db314892f3d6112cb1377Brian Carlstrom sig_len = i2d_ECDSA_SIG(ecdsa_sig, &sig_ptr2); 471656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ECDSA_verify(0, digest, 20, signature, sig_len, eckey) == 1) 472656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 473656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(out, " failed\n"); 474656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto builtin_err; 475656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 4767b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom /* Sanity check: undo the modification and verify signature. */ 4777b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom raw_buf[offset] ^= dirt; 4787b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom if ((BN_bin2bn(raw_buf, bn_len, ecdsa_sig->r) == NULL) || 4797b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom (BN_bin2bn(raw_buf + bn_len, bn_len, ecdsa_sig->s) == NULL)) 4807b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom goto builtin_err; 4817b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom 4827d3d122363e2a85d516db314892f3d6112cb1377Brian Carlstrom sig_ptr2 = signature; 4837d3d122363e2a85d516db314892f3d6112cb1377Brian Carlstrom sig_len = i2d_ECDSA_SIG(ecdsa_sig, &sig_ptr2); 4847b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom if (ECDSA_verify(0, digest, 20, signature, sig_len, eckey) != 1) 4857b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom { 4867b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom BIO_printf(out, " failed\n"); 4877b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom goto builtin_err; 4887b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom } 489656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(out, "."); 490656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (void)BIO_flush(out); 491656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 492656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(out, " ok\n"); 493656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* cleanup */ 4947b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom /* clean bogus errors */ 4957b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom ERR_clear_error(); 496656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OPENSSL_free(signature); 497656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project signature = NULL; 498656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EC_KEY_free(eckey); 499656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project eckey = NULL; 500656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EC_KEY_free(wrong_eckey); 501656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project wrong_eckey = NULL; 5027b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom ECDSA_SIG_free(ecdsa_sig); 5037b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom ecdsa_sig = NULL; 5047b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom OPENSSL_free(raw_buf); 5057b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom raw_buf = NULL; 506656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 507656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 508656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret = 1; 509656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectbuiltin_err: 510656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (eckey) 511656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EC_KEY_free(eckey); 512656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (wrong_eckey) 513656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project EC_KEY_free(wrong_eckey); 5147b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom if (ecdsa_sig) 5157b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom ECDSA_SIG_free(ecdsa_sig); 516656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (signature) 517656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OPENSSL_free(signature); 5187b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom if (raw_buf) 5197b476c43f6a45574eb34697244b592e7b09f05a3Brian Carlstrom OPENSSL_free(raw_buf); 520656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (curves) 521656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OPENSSL_free(curves); 522656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 523656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return ret; 524656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 525656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 526656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint main(void) 527656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 528656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int ret = 1; 529656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO *out; 530656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 531656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project out = BIO_new_fp(stdout, BIO_NOCLOSE); 532656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 533656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* enable memory leak checking unless explicitly disabled */ 534656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) && 535656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))) 536656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 537656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project CRYPTO_malloc_debug_init(); 538656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL); 539656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 540656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 541656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 542656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* OPENSSL_DEBUG_MEMORY=off */ 543656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0); 544656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 545656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); 546656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 547656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_load_crypto_strings(); 548656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 549656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* initialize the prng */ 550656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project RAND_seed(rnd_seed, sizeof(rnd_seed)); 551656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 552656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* the tests */ 553656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!x9_62_tests(out)) goto err; 554656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!test_builtin(out)) goto err; 555656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 556656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret = 0; 557656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projecterr: 558656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ret) 559656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(out, "\nECDSA test failed\n"); 560656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 561656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(out, "\nECDSA test passed\n"); 562656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (ret) 563656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_print_errors(out); 564656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project CRYPTO_cleanup_all_ex_data(); 565221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ERR_remove_thread_state(NULL); 566656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ERR_free_strings(); 567656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project CRYPTO_mem_leaks(out); 568656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (out != NULL) 569656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_free(out); 570656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return ret; 571656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 572656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#endif 573