1/* Copyright (c) 2017, Google Inc.
2 *
3 * Permission to use, copy, modify, and/or distribute this software for any
4 * purpose with or without fee is hereby granted, provided that the above
5 * copyright notice and this permission notice appear in all copies.
6 *
7 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
8 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
9 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
10 * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
11 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
12 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
13 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
14
15// cavp_ecdsa2_keypair_test processes a NIST CAVP ECDSA2 KeyPair test vector
16// request file and emits the corresponding response.
17
18#include <stdlib.h>
19
20#include <vector>
21
22#include <openssl/bn.h>
23#include <openssl/crypto.h>
24#include <openssl/ec_key.h>
25#include <openssl/err.h>
26#include <openssl/nid.h>
27
28#include "../crypto/test/file_test.h"
29#include "cavp_test_util.h"
30
31
32static bool TestECDSA2KeyPair(FileTest *t, void *arg) {
33  std::string n_str;
34  const char *group_str;
35  int nid = GetECGroupNIDFromInstruction(t, &group_str);
36  if (nid == NID_undef ||
37      !t->GetAttribute(&n_str, "N")) {
38    return false;
39  }
40
41  // Don't use CurrentTestToString to avoid printing the N.
42  printf(
43      "[%s]\r\n\r\n[B.4.2 Key Pair Generation by Testing Candidates]\r\n\r\n",
44      group_str);
45
46  unsigned long n = strtoul(n_str.c_str(), nullptr, 10);
47  for (unsigned long i = 0; i < n; i++) {
48    bssl::UniquePtr<BIGNUM> qx(BN_new()), qy(BN_new());
49    bssl::UniquePtr<EC_KEY> key(EC_KEY_new_by_curve_name(nid));
50    if (!key ||
51        !EC_KEY_generate_key_fips(key.get()) ||
52        !EC_POINT_get_affine_coordinates_GFp(EC_KEY_get0_group(key.get()),
53                                             EC_KEY_get0_public_key(key.get()),
54                                             qx.get(), qy.get(), nullptr)) {
55      return false;
56    }
57
58    size_t degree_len =
59        (EC_GROUP_get_degree(EC_KEY_get0_group(key.get())) + 7) / 8;
60    size_t order_len =
61        BN_num_bytes(EC_GROUP_get0_order(EC_KEY_get0_group(key.get())));
62    std::vector<uint8_t> qx_bytes(degree_len), qy_bytes(degree_len);
63    std::vector<uint8_t> d_bytes(order_len);
64    if (!BN_bn2bin_padded(qx_bytes.data(), qx_bytes.size(), qx.get()) ||
65        !BN_bn2bin_padded(qy_bytes.data(), qy_bytes.size(), qy.get()) ||
66        !BN_bn2bin_padded(d_bytes.data(), d_bytes.size(),
67                          EC_KEY_get0_private_key(key.get()))) {
68      return false;
69    }
70
71    printf("d = %s\r\nQx = %s\r\nQy = %s\r\n\r\n",
72           EncodeHex(d_bytes.data(), d_bytes.size()).c_str(),
73           EncodeHex(qx_bytes.data(), qx_bytes.size()).c_str(),
74           EncodeHex(qy_bytes.data(), qy_bytes.size()).c_str());
75  }
76
77  return true;
78}
79
80int cavp_ecdsa2_keypair_test_main(int argc, char **argv) {
81  if (argc != 2) {
82    fprintf(stderr, "usage: %s <test file>\n",
83            argv[0]);
84    return 1;
85  }
86
87  FileTest::Options opts;
88  opts.path = argv[1];
89  opts.callback = TestECDSA2KeyPair;
90  opts.silent = true;
91  opts.comment_callback = EchoComment;
92  return FileTestMain(opts);
93}
94