diff options
Diffstat (limited to 'regress/lib/libcrypto/ecdsa/ecdsatest.c')
-rw-r--r-- | regress/lib/libcrypto/ecdsa/ecdsatest.c | 372 |
1 files changed, 177 insertions, 195 deletions
diff --git a/regress/lib/libcrypto/ecdsa/ecdsatest.c b/regress/lib/libcrypto/ecdsa/ecdsatest.c index cb8f38b3480..64815812b7a 100644 --- a/regress/lib/libcrypto/ecdsa/ecdsatest.c +++ b/regress/lib/libcrypto/ecdsa/ecdsatest.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ecdsatest.c,v 1.13 2022/08/31 09:39:59 tb Exp $ */ +/* $OpenBSD: ecdsatest.c,v 1.14 2022/09/02 11:47:25 tb Exp $ */ /* * Written by Nils Larsch for the OpenSSL project. */ @@ -84,118 +84,116 @@ #include <openssl/err.h> /* declaration of the test functions */ -int x9_62_test_internal(BIO *out, int nid, const char *r, const char *s); -int test_builtin(BIO *); +int x9_62_test_internal(int nid, const char *r, const char *s); +int test_builtin(void); /* some tests from the X9.62 draft */ int -x9_62_test_internal(BIO *out, int nid, const char *r_in, const char *s_in) +x9_62_test_internal(int nid, const char *r_in, const char *s_in) { - int ret = 0; + EVP_MD_CTX *md_ctx = NULL; const char message[] = "abc"; unsigned char digest[20]; - unsigned int dgst_len = 0; - EVP_MD_CTX *md_ctx = NULL; - EC_KEY *key = NULL; + unsigned int dgst_len = 0; + EC_KEY *key = NULL; ECDSA_SIG *signature = NULL; - BIGNUM *r = NULL, *s = NULL; + BIGNUM *r = NULL, *s = NULL; + int failed = 1; if ((md_ctx = EVP_MD_CTX_new()) == NULL) - goto x962_int_err; - /* get the message digest */ + goto err; + if (!EVP_DigestInit(md_ctx, EVP_sha1())) - goto x962_int_err; - if (!EVP_DigestUpdate(md_ctx, (const void*)message, 3)) - goto x962_int_err; + goto err; + if (!EVP_DigestUpdate(md_ctx, message, 3)) + goto err; if (!EVP_DigestFinal(md_ctx, digest, &dgst_len)) - goto x962_int_err; + goto err; + + printf("testing %s: ", OBJ_nid2sn(nid)); - BIO_printf(out, "testing %s: ", OBJ_nid2sn(nid)); - /* create the key */ if ((key = EC_KEY_new_by_curve_name(nid)) == NULL) - goto x962_int_err; + goto err; if (!EC_KEY_generate_key(key)) - goto x962_int_err; - BIO_printf(out, "."); - (void)BIO_flush(out); - /* create the signature */ - signature = ECDSA_do_sign(digest, 20, key); - if (signature == NULL) - goto x962_int_err; - BIO_printf(out, "."); - (void)BIO_flush(out); - /* compare the created signature with the expected signature */ - if ((r = BN_new()) == NULL || (s = BN_new()) == NULL) - goto x962_int_err; - if (!BN_dec2bn(&r, r_in) || - !BN_dec2bn(&s, s_in)) - goto x962_int_err; + goto err; + + printf("."); + fflush(stdout); + + if ((signature = ECDSA_do_sign(digest, 20, key)) == NULL) + goto err; + + printf("."); + fflush(stdout); + + if (!BN_dec2bn(&r, r_in) || !BN_dec2bn(&s, s_in)) + goto err; if (BN_cmp(ECDSA_SIG_get0_r(signature), r) || BN_cmp(ECDSA_SIG_get0_s(signature), s)) - goto x962_int_err; - BIO_printf(out, "."); - (void)BIO_flush(out); - /* verify the signature */ + goto err; + + printf("."); + fflush(stdout); + if (ECDSA_do_verify(digest, 20, signature, key) != 1) - goto x962_int_err; - BIO_printf(out, "."); - (void)BIO_flush(out); - - BIO_printf(out, " ok\n"); - ret = 1; - x962_int_err: - if (!ret) - BIO_printf(out, " failed\n"); - if (key) - EC_KEY_free(key); - if (signature) - ECDSA_SIG_free(signature); - if (r) - BN_free(r); - if (s) - BN_free(s); + goto err; + + printf("."); + fflush(stdout); + + printf(" ok\n"); + + failed = 0; + + err: + if (failed) + printf(" failed\n"); + EC_KEY_free(key); + ECDSA_SIG_free(signature); + BN_free(r); + BN_free(s); EVP_MD_CTX_free(md_ctx); - return ret; + return failed; } int -test_builtin(BIO *out) +test_builtin(void) { + unsigned char digest[20], wrong_digest[20]; EC_builtin_curve *curves = NULL; - size_t num_curves = 0, n = 0; - EC_KEY *eckey = NULL, *wrong_eckey = NULL; - EC_GROUP *group; - ECDSA_SIG *ecdsa_sig = NULL; - BIGNUM *r = NULL, *s = NULL; - unsigned char digest[20], wrong_digest[20]; - unsigned char *signature = NULL; - const unsigned char *sig_ptr; - unsigned char *sig_ptr2; - unsigned char *raw_buf = NULL; - unsigned int sig_len, degree, r_len, s_len, bn_len, buf_len; - int nid, ret = 0; + size_t num_curves = 0, n = 0; + EC_KEY *eckey = NULL, *wrong_eckey = NULL; + EC_GROUP *group; + ECDSA_SIG *ecdsa_sig = NULL; + BIGNUM *r = NULL, *s = NULL; + unsigned char *signature = NULL; + const unsigned char *sig_ptr; + unsigned char *sig_ptr2; + unsigned char *raw_buf = NULL; + unsigned int sig_len, degree, r_len, s_len, bn_len, buf_len; + int nid; + int failed = 1; /* fill digest values with some random data */ arc4random_buf(digest, 20); arc4random_buf(wrong_digest, 20); /* create and verify a ecdsa signature with every available curve */ - BIO_printf(out, "\ntesting ECDSA_sign() and ECDSA_verify() " - "with some internal curves:\n"); + printf("\ntesting ECDSA_sign() and ECDSA_verify() " + "with some internal curves:\n"); /* get a list of all internal curves */ num_curves = EC_get_builtin_curves(NULL, 0); curves = reallocarray(NULL, sizeof(EC_builtin_curve), num_curves); - if (curves == NULL) { - BIO_printf(out, "reallocarray error\n"); - goto builtin_err; + printf("reallocarray error\n"); + goto err; } if (!EC_get_builtin_curves(curves, num_curves)) { - BIO_printf(out, "unable to get internal curves\n"); - goto builtin_err; + printf("unable to get internal curves\n"); + goto err; } /* now create and verify a signature for every curve */ @@ -205,94 +203,85 @@ test_builtin(BIO *out) nid = curves[n].nid; if (nid == NID_ipsec4) continue; - /* create new ecdsa key (== EC_KEY) */ + if ((eckey = EC_KEY_new()) == NULL) - goto builtin_err; + goto err; group = EC_GROUP_new_by_curve_name(nid); if (group == NULL) - goto builtin_err; + goto err; if (EC_KEY_set_group(eckey, group) == 0) - goto builtin_err; + goto err; + degree = EC_GROUP_get_degree(group); EC_GROUP_free(group); - degree = EC_GROUP_get_degree(EC_KEY_get0_group(eckey)); if (degree < 160) { /* drop the curve */ EC_KEY_free(eckey); eckey = NULL; continue; } - BIO_printf(out, "%s: ", OBJ_nid2sn(nid)); - /* create key */ + printf("%s: ", OBJ_nid2sn(nid)); + if (!EC_KEY_generate_key(eckey)) { - BIO_printf(out, " failed\n"); - goto builtin_err; + goto err; } - /* create second key */ + if ((wrong_eckey = EC_KEY_new()) == NULL) - goto builtin_err; + goto err; group = EC_GROUP_new_by_curve_name(nid); if (group == NULL) - goto builtin_err; + goto err; if (EC_KEY_set_group(wrong_eckey, group) == 0) - goto builtin_err; + goto err; EC_GROUP_free(group); - if (!EC_KEY_generate_key(wrong_eckey)) { - BIO_printf(out, " failed\n"); - goto builtin_err; - } + if (!EC_KEY_generate_key(wrong_eckey)) + goto err; + + printf("."); + fflush(stdout); + + if (!EC_KEY_check_key(eckey)) + goto err; + + printf("."); + fflush(stdout); - BIO_printf(out, "."); - (void)BIO_flush(out); - /* check key */ - if (!EC_KEY_check_key(eckey)) { - BIO_printf(out, " failed\n"); - goto builtin_err; - } - BIO_printf(out, "."); - (void)BIO_flush(out); - /* create signature */ if ((sig_len = ECDSA_size(eckey)) == 0) - goto builtin_err; + goto err; if ((signature = malloc(sig_len)) == NULL) - goto builtin_err; - if (!ECDSA_sign(0, digest, 20, signature, &sig_len, eckey)) { - BIO_printf(out, " failed\n"); - goto builtin_err; - } - BIO_printf(out, "."); - (void)BIO_flush(out); - /* verify signature */ - if (ECDSA_verify(0, digest, 20, signature, sig_len, - eckey) != 1) { - BIO_printf(out, " failed\n"); - goto builtin_err; - } - BIO_printf(out, "."); - (void)BIO_flush(out); + goto err; + if (!ECDSA_sign(0, digest, 20, signature, &sig_len, eckey)) + goto err; + + printf("."); + fflush(stdout); + + if (ECDSA_verify(0, digest, 20, signature, sig_len, eckey) != 1) + goto err; + + printf("."); + fflush(stdout); + /* verify signature with the wrong key */ if (ECDSA_verify(0, digest, 20, signature, sig_len, - wrong_eckey) == 1) { - BIO_printf(out, " failed\n"); - goto builtin_err; - } - BIO_printf(out, "."); - (void)BIO_flush(out); - /* wrong digest */ + wrong_eckey) == 1) + goto err; + + printf("."); + fflush(stdout); + if (ECDSA_verify(0, wrong_digest, 20, signature, sig_len, - eckey) == 1) { - BIO_printf(out, " failed\n"); - goto builtin_err; - } - BIO_printf(out, "."); - (void)BIO_flush(out); - /* wrong length */ + eckey) == 1) + goto err; + + printf("."); + fflush(stdout); + if (ECDSA_verify(0, digest, 20, signature, sig_len - 1, - eckey) == 1) { - BIO_printf(out, " failed\n"); - goto builtin_err; - } - BIO_printf(out, "."); - (void)BIO_flush(out); + eckey) == 1) + goto err; + + printf("."); + fflush(stdout); /* * Modify a single byte of the signature: to ensure we don't @@ -301,82 +290,77 @@ test_builtin(BIO *out) */ sig_ptr = signature; if ((ecdsa_sig = d2i_ECDSA_SIG(NULL, &sig_ptr, - sig_len)) == NULL) { - BIO_printf(out, " failed\n"); - goto builtin_err; - } + sig_len)) == NULL) + goto err; /* Store the two BIGNUMs in raw_buf. */ r_len = BN_num_bytes(ECDSA_SIG_get0_r(ecdsa_sig)); s_len = BN_num_bytes(ECDSA_SIG_get0_s(ecdsa_sig)); bn_len = (degree + 7) / 8; - if ((r_len > bn_len) || (s_len > bn_len)) { - BIO_printf(out, " failed\n"); - goto builtin_err; - } + if ((r_len > bn_len) || (s_len > bn_len)) + goto err; + buf_len = 2 * bn_len; if ((raw_buf = calloc(1, buf_len)) == NULL) - goto builtin_err; - BN_bn2bin(ECDSA_SIG_get0_r(ecdsa_sig), raw_buf + bn_len - r_len); - BN_bn2bin(ECDSA_SIG_get0_s(ecdsa_sig), raw_buf + buf_len - s_len); + goto err; + BN_bn2bin(ECDSA_SIG_get0_r(ecdsa_sig), + raw_buf + bn_len - r_len); + BN_bn2bin(ECDSA_SIG_get0_s(ecdsa_sig), + raw_buf + buf_len - s_len); /* Modify a single byte in the buffer. */ offset = raw_buf[10] % buf_len; - dirt = raw_buf[11] ? raw_buf[11] : 1; + dirt = raw_buf[11] ? raw_buf[11] : 1; raw_buf[offset] ^= dirt; /* Now read the BIGNUMs back in from raw_buf. */ if ((r = BN_bin2bn(raw_buf, bn_len, NULL)) == NULL || (s = BN_bin2bn(raw_buf + bn_len, bn_len, NULL)) == NULL) - goto builtin_err; + goto err; if (!ECDSA_SIG_set0(ecdsa_sig, r, s)) - goto builtin_err; + goto err; r = NULL; s = NULL; if ((sig_len = i2d_ECDSA_SIG(ecdsa_sig, NULL)) <= 0) - goto builtin_err; + goto err; free(signature); if ((signature = calloc(1, sig_len)) == NULL) - goto builtin_err; + goto err; sig_ptr2 = signature; if ((sig_len = i2d_ECDSA_SIG(ecdsa_sig, &sig_ptr2)) <= 0) - goto builtin_err; - if (ECDSA_verify(0, digest, 20, signature, sig_len, - eckey) == 1) { - BIO_printf(out, " failed\n"); - goto builtin_err; - } + goto err; + if (ECDSA_verify(0, digest, 20, signature, sig_len, eckey) == 1) + goto err; + /* Sanity check: undo the modification and verify signature. */ raw_buf[offset] ^= dirt; if ((r = BN_bin2bn(raw_buf, bn_len, NULL)) == NULL || (s = BN_bin2bn(raw_buf + bn_len, bn_len, NULL)) == NULL) - goto builtin_err; + goto err; if (!ECDSA_SIG_set0(ecdsa_sig, r, s)) - goto builtin_err; + goto err; r = NULL; s = NULL; if ((sig_len = i2d_ECDSA_SIG(ecdsa_sig, NULL)) <= 0) - goto builtin_err; + goto err; free(signature); if ((signature = calloc(1, sig_len)) == NULL) - goto builtin_err; + goto err; sig_ptr2 = signature; if ((sig_len = i2d_ECDSA_SIG(ecdsa_sig, &sig_ptr2)) <= 0) - goto builtin_err; + goto err; if (ECDSA_verify(0, digest, 20, signature, sig_len, - eckey) != 1) { - BIO_printf(out, " failed\n"); - goto builtin_err; - } - BIO_printf(out, "."); - (void)BIO_flush(out); + eckey) != 1) + goto err; + + printf("."); + fflush(stdout); + + printf(" ok\n"); - BIO_printf(out, " ok\n"); - /* cleanup */ - /* clean bogus errors */ ERR_clear_error(); free(signature); signature = NULL; @@ -390,8 +374,12 @@ test_builtin(BIO *out) raw_buf = NULL; } - ret = 1; - builtin_err: + failed = 0; + + err: + if (failed) + printf(" failed\n"); + BN_free(r); BN_free(s); EC_KEY_free(eckey); @@ -401,36 +389,30 @@ test_builtin(BIO *out) free(raw_buf); free(curves); - return ret; + return failed; } int main(void) { - int ret = 1; - BIO *out; - - out = BIO_new_fp(stdout, BIO_NOCLOSE); - - ERR_load_crypto_strings(); + int failed = 1; /* the tests */ - if (!test_builtin(out)) + if (test_builtin()) goto err; - ret = 0; + printf("\nECDSA test passed\n"); + failed = 0; + err: - if (ret) - BIO_printf(out, "\nECDSA test failed\n"); - else - BIO_printf(out, "\nECDSA test passed\n"); - if (ret) - ERR_print_errors(out); + if (failed) { + printf("\nECDSA test failed\n"); + ERR_print_errors_fp(stdout); + } + CRYPTO_cleanup_all_ex_data(); ERR_remove_thread_state(NULL); ERR_free_strings(); - CRYPTO_mem_leaks(out); - if (out != NULL) - BIO_free(out); - return ret; + + return failed; } |