1 /* crypto/dsa/dsatest.c */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
62 #include <sys/types.h>
67 #include <openssl/crypto.h>
68 #include <openssl/rand.h>
69 #include <openssl/bio.h>
70 #include <openssl/err.h>
71 #include <openssl/bn.h>
74 int main(int argc, char *argv[])
76 printf("No DSA support\n");
80 # include <openssl/dsa.h>
82 static int dsa_cb(int p, int n, BN_GENCB *arg);
85 * seed, out_p, out_q, out_g are taken from the updated Appendix 5 to FIPS
86 * PUB 186 and also appear in Appendix 5 to FIPS PIB 186-1
88 static unsigned char seed[20] = {
89 0xd5, 0x01, 0x4e, 0x4b, 0x60, 0xef, 0x2b, 0xa8, 0xb6, 0x21, 0x1b, 0x40,
90 0x62, 0xba, 0x32, 0x24, 0xe0, 0x42, 0x7d, 0xd3,
93 static unsigned char out_p[] = {
94 0x8d, 0xf2, 0xa4, 0x94, 0x49, 0x22, 0x76, 0xaa,
95 0x3d, 0x25, 0x75, 0x9b, 0xb0, 0x68, 0x69, 0xcb,
96 0xea, 0xc0, 0xd8, 0x3a, 0xfb, 0x8d, 0x0c, 0xf7,
97 0xcb, 0xb8, 0x32, 0x4f, 0x0d, 0x78, 0x82, 0xe5,
98 0xd0, 0x76, 0x2f, 0xc5, 0xb7, 0x21, 0x0e, 0xaf,
99 0xc2, 0xe9, 0xad, 0xac, 0x32, 0xab, 0x7a, 0xac,
100 0x49, 0x69, 0x3d, 0xfb, 0xf8, 0x37, 0x24, 0xc2,
101 0xec, 0x07, 0x36, 0xee, 0x31, 0xc8, 0x02, 0x91,
104 static unsigned char out_q[] = {
105 0xc7, 0x73, 0x21, 0x8c, 0x73, 0x7e, 0xc8, 0xee,
106 0x99, 0x3b, 0x4f, 0x2d, 0xed, 0x30, 0xf4, 0x8e,
107 0xda, 0xce, 0x91, 0x5f,
110 static unsigned char out_g[] = {
111 0x62, 0x6d, 0x02, 0x78, 0x39, 0xea, 0x0a, 0x13,
112 0x41, 0x31, 0x63, 0xa5, 0x5b, 0x4c, 0xb5, 0x00,
113 0x29, 0x9d, 0x55, 0x22, 0x95, 0x6c, 0xef, 0xcb,
114 0x3b, 0xff, 0x10, 0xf3, 0x99, 0xce, 0x2c, 0x2e,
115 0x71, 0xcb, 0x9d, 0xe5, 0xfa, 0x24, 0xba, 0xbf,
116 0x58, 0xe5, 0xb7, 0x95, 0x21, 0x92, 0x5c, 0x9c,
117 0xc4, 0x2e, 0x9f, 0x6f, 0x46, 0x4b, 0x08, 0x8c,
118 0xc5, 0x72, 0xaf, 0x53, 0xe6, 0xd7, 0x88, 0x02,
121 static const unsigned char str1[] = "12345678901234567890";
123 static const char rnd_seed[] =
124 "string to make the random number generator think it has entropy";
126 static BIO *bio_err = NULL;
128 int main(int argc, char **argv)
132 int counter, ret = 0, i, j;
133 unsigned char buf[256];
135 unsigned char sig[256];
139 bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
141 CRYPTO_malloc_debug_init();
142 CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
143 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
145 ERR_load_crypto_strings();
146 RAND_seed(rnd_seed, sizeof rnd_seed);
148 BIO_printf(bio_err, "test generation of DSA parameters\n");
154 BN_GENCB_set(cb, dsa_cb, bio_err);
155 if (((dsa = DSA_new()) == NULL) || !DSA_generate_parameters_ex(dsa, 512,
161 BIO_printf(bio_err, "seed\n");
162 for (i = 0; i < 20; i += 4) {
163 BIO_printf(bio_err, "%02X%02X%02X%02X ",
164 seed[i], seed[i + 1], seed[i + 2], seed[i + 3]);
166 BIO_printf(bio_err, "\ncounter=%d h=%ld\n", counter, h);
168 DSA_print(bio_err, dsa, 0);
169 if (counter != 105) {
170 BIO_printf(bio_err, "counter should be 105\n");
174 BIO_printf(bio_err, "h should be 2\n");
178 i = BN_bn2bin(dsa->q, buf);
180 if ((i != j) || (memcmp(buf, out_q, i) != 0)) {
181 BIO_printf(bio_err, "q value is wrong\n");
185 i = BN_bn2bin(dsa->p, buf);
187 if ((i != j) || (memcmp(buf, out_p, i) != 0)) {
188 BIO_printf(bio_err, "p value is wrong\n");
192 i = BN_bn2bin(dsa->g, buf);
194 if ((i != j) || (memcmp(buf, out_g, i) != 0)) {
195 BIO_printf(bio_err, "g value is wrong\n");
199 dsa->flags |= DSA_FLAG_NO_EXP_CONSTTIME;
200 DSA_generate_key(dsa);
201 DSA_sign(0, str1, 20, sig, &siglen, dsa);
202 if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)
205 dsa->flags &= ~DSA_FLAG_NO_EXP_CONSTTIME;
206 DSA_generate_key(dsa);
207 DSA_sign(0, str1, 20, sig, &siglen, dsa);
208 if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)
213 ERR_print_errors(bio_err);
218 CRYPTO_cleanup_all_ex_data();
219 ERR_remove_thread_state(NULL);
221 CRYPTO_mem_leaks(bio_err);
222 if (bio_err != NULL) {
226 # ifdef OPENSSL_SYS_NETWARE
234 static int dsa_cb(int p, int n, BN_GENCB *arg)
237 static int ok = 0, num = 0;
251 BIO_write(BN_GENCB_get_arg(arg), &c, 1);
252 (void)BIO_flush(BN_GENCB_get_arg(arg));
254 if (!ok && (p == 0) && (num > 1)) {
255 BIO_printf((BIO *)arg, "error in dsatest\n");