X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=test%2Fecdsatest.c;h=ce73778791ffe93a9fa9574fe00a50534519b9ca;hb=141ecc4e55c944a470aeef3b7713296be84da477;hp=1eeaabaa04eba02217beb85789c2f25026216a38;hpb=23a1d5e97cd543d2b8e1b01dbf0f619b2e5ce540;p=oweals%2Fopenssl.git diff --git a/test/ecdsatest.c b/test/ecdsatest.c index 1eeaabaa04..ce73778791 100644 --- a/test/ecdsatest.c +++ b/test/ecdsatest.c @@ -1,60 +1,12 @@ -/* crypto/ecdsa/ecdsatest.c */ /* - * Written by Nils Larsch for the OpenSSL project. - */ -/* ==================================================================== - * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). + * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved. * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ + /* ==================================================================== * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. * @@ -87,7 +39,7 @@ int main(int argc, char *argv[]) # include # include # include -# include +# include # ifndef OPENSSL_NO_ENGINE # include # endif @@ -107,8 +59,8 @@ int change_rand(void); int restore_rand(void); int fbytes(unsigned char *buf, int num); -RAND_METHOD fake_rand; -const RAND_METHOD *old_rand; +static RAND_METHOD fake_rand; +static const RAND_METHOD *old_rand; int change_rand(void) { @@ -188,17 +140,20 @@ int x9_62_test_internal(BIO *out, int nid, const char *r_in, const char *s_in) const char message[] = "abc"; unsigned char digest[20]; unsigned int dgst_len = 0; - EVP_MD_CTX md_ctx; + EVP_MD_CTX *md_ctx = EVP_MD_CTX_new(); EC_KEY *key = NULL; ECDSA_SIG *signature = NULL; BIGNUM *r = NULL, *s = NULL; BIGNUM *kinv = NULL, *rp = NULL; + const BIGNUM *sig_r, *sig_s; + + if (md_ctx == NULL) + goto x962_int_err; - EVP_MD_CTX_init(&md_ctx); /* get the message digest */ - if (!EVP_DigestInit(&md_ctx, EVP_ecdsa()) - || !EVP_DigestUpdate(&md_ctx, (const void *)message, 3) - || !EVP_DigestFinal(&md_ctx, digest, &dgst_len)) + if (!EVP_DigestInit(md_ctx, EVP_sha1()) + || !EVP_DigestUpdate(md_ctx, (const void *)message, 3) + || !EVP_DigestFinal(md_ctx, digest, &dgst_len)) goto x962_int_err; BIO_printf(out, "testing %s: ", OBJ_nid2sn(nid)); @@ -225,7 +180,8 @@ int x9_62_test_internal(BIO *out, int nid, const char *r_in, const char *s_in) goto x962_int_err; if (!BN_dec2bn(&r, r_in) || !BN_dec2bn(&s, s_in)) goto x962_int_err; - if (BN_cmp(signature->r, r) || BN_cmp(signature->s, s)) + ECDSA_SIG_get0(signature, &sig_r, &sig_s); + if (BN_cmp(sig_r, r) || BN_cmp(sig_s, s)) goto x962_int_err; BIO_printf(out, "."); (void)BIO_flush(out); @@ -241,11 +197,10 @@ int x9_62_test_internal(BIO *out, int nid, const char *r_in, const char *s_in) if (!ret) BIO_printf(out, " failed\n"); EC_KEY_free(key); - if (signature) - ECDSA_SIG_free(signature); + ECDSA_SIG_free(signature); BN_free(r); BN_free(s); - EVP_MD_CTX_cleanup(&md_ctx); + EVP_MD_CTX_free(md_ctx); BN_clear_free(kinv); BN_clear_free(rp); return ret; @@ -296,12 +251,15 @@ int test_builtin(BIO *out) size_t crv_len = 0, n = 0; EC_KEY *eckey = NULL, *wrong_eckey = NULL; EC_GROUP *group; - ECDSA_SIG *ecdsa_sig = NULL; + ECDSA_SIG *ecdsa_sig = NULL, *modified_sig = NULL; unsigned char digest[20], wrong_digest[20]; unsigned char *signature = NULL; const unsigned char *sig_ptr; unsigned char *sig_ptr2; unsigned char *raw_buf = NULL; + const BIGNUM *sig_r, *sig_s; + BIGNUM *modified_r = NULL, *modified_s = NULL; + BIGNUM *unmodified_r = NULL, *unmodified_s = NULL; unsigned int sig_len, degree, r_len, s_len, bn_len, buf_len; int nid, ret = 0; @@ -312,16 +270,14 @@ int test_builtin(BIO *out) } /* - * create and verify a ecdsa signature with every availble curve (with ) + * create and verify a ecdsa signature with every available curve (with ) */ BIO_printf(out, "\ntesting ECDSA_sign() and ECDSA_verify() " "with some internal curves:\n"); /* get a list of all internal curves */ crv_len = EC_get_builtin_curves(NULL, 0); - - curves = OPENSSL_malloc(sizeof(EC_builtin_curve) * crv_len); - + curves = OPENSSL_malloc(sizeof(*curves) * crv_len); if (curves == NULL) { BIO_printf(out, "malloc error\n"); goto builtin_err; @@ -337,7 +293,7 @@ int test_builtin(BIO *out) unsigned char dirt, offset; nid = curves[n].nid; - if (nid == NID_ipsec4) + if (nid == NID_ipsec4 || nid == NID_X25519) continue; /* create new ecdsa key (== EC_KEY) */ if ((eckey = EC_KEY_new()) == NULL) @@ -434,33 +390,39 @@ int test_builtin(BIO *out) goto builtin_err; } + ECDSA_SIG_get0(ecdsa_sig, &sig_r, &sig_s); + /* Store the two BIGNUMs in raw_buf. */ - r_len = BN_num_bytes(ecdsa_sig->r); - s_len = BN_num_bytes(ecdsa_sig->s); + r_len = BN_num_bytes(sig_r); + s_len = BN_num_bytes(sig_s); bn_len = (degree + 7) / 8; if ((r_len > bn_len) || (s_len > bn_len)) { BIO_printf(out, " failed\n"); goto builtin_err; } buf_len = 2 * bn_len; - if ((raw_buf = OPENSSL_malloc(buf_len)) == NULL) + if ((raw_buf = OPENSSL_zalloc(buf_len)) == NULL) goto builtin_err; - /* Pad the bignums with leading zeroes. */ - memset(raw_buf, 0, buf_len); - BN_bn2bin(ecdsa_sig->r, raw_buf + bn_len - r_len); - BN_bn2bin(ecdsa_sig->s, raw_buf + buf_len - s_len); + BN_bn2bin(sig_r, raw_buf + bn_len - r_len); + BN_bn2bin(sig_s, raw_buf + buf_len - s_len); /* Modify a single byte in the buffer. */ offset = raw_buf[10] % buf_len; dirt = raw_buf[11] ? raw_buf[11] : 1; raw_buf[offset] ^= dirt; /* Now read the BIGNUMs back in from raw_buf. */ - if ((BN_bin2bn(raw_buf, bn_len, ecdsa_sig->r) == NULL) || - (BN_bin2bn(raw_buf + bn_len, bn_len, ecdsa_sig->s) == NULL)) + modified_sig = ECDSA_SIG_new(); + if (modified_sig == NULL) goto builtin_err; - + if (((modified_r = BN_bin2bn(raw_buf, bn_len, NULL)) == NULL) + || ((modified_s = BN_bin2bn(raw_buf + bn_len, bn_len, NULL)) == NULL) + || !ECDSA_SIG_set0(modified_sig, modified_r, modified_s)) { + BN_free(modified_r); + BN_free(modified_s); + goto builtin_err; + } sig_ptr2 = signature; - sig_len = i2d_ECDSA_SIG(ecdsa_sig, &sig_ptr2); + sig_len = i2d_ECDSA_SIG(modified_sig, &sig_ptr2); if (ECDSA_verify(0, digest, 20, signature, sig_len, eckey) == 1) { BIO_printf(out, " failed\n"); goto builtin_err; @@ -469,12 +431,16 @@ int test_builtin(BIO *out) * Sanity check: undo the modification and verify signature. */ raw_buf[offset] ^= dirt; - if ((BN_bin2bn(raw_buf, bn_len, ecdsa_sig->r) == NULL) || - (BN_bin2bn(raw_buf + bn_len, bn_len, ecdsa_sig->s) == NULL)) + if (((unmodified_r = BN_bin2bn(raw_buf, bn_len, NULL)) == NULL) + || ((unmodified_s = BN_bin2bn(raw_buf + bn_len, bn_len, NULL)) == NULL) + || !ECDSA_SIG_set0(modified_sig, unmodified_r, unmodified_s)) { + BN_free(unmodified_r); + BN_free(unmodified_s); goto builtin_err; + } sig_ptr2 = signature; - sig_len = i2d_ECDSA_SIG(ecdsa_sig, &sig_ptr2); + sig_len = i2d_ECDSA_SIG(modified_sig, &sig_ptr2); if (ECDSA_verify(0, digest, 20, signature, sig_len, eckey) != 1) { BIO_printf(out, " failed\n"); goto builtin_err; @@ -494,6 +460,8 @@ int test_builtin(BIO *out) wrong_eckey = NULL; ECDSA_SIG_free(ecdsa_sig); ecdsa_sig = NULL; + ECDSA_SIG_free(modified_sig); + modified_sig = NULL; OPENSSL_free(raw_buf); raw_buf = NULL; } @@ -502,14 +470,11 @@ int test_builtin(BIO *out) builtin_err: EC_KEY_free(eckey); EC_KEY_free(wrong_eckey); - if (ecdsa_sig) - ECDSA_SIG_free(ecdsa_sig); - if (signature) - OPENSSL_free(signature); - if (raw_buf) - OPENSSL_free(raw_buf); - if (curves) - OPENSSL_free(curves); + ECDSA_SIG_free(ecdsa_sig); + ECDSA_SIG_free(modified_sig); + OPENSSL_free(signature); + OPENSSL_free(raw_buf); + OPENSSL_free(curves); return ret; } @@ -518,21 +483,13 @@ int main(void) { int ret = 1; BIO *out; + char *p; - out = BIO_new_fp(stdout, BIO_NOCLOSE); - - /* enable memory leak checking unless explicitly disabled */ - if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) && - (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))) { - CRYPTO_malloc_debug_init(); - CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL); - } else { - /* OPENSSL_DEBUG_MEMORY=off */ - CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0); - } - CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); + out = BIO_new_fp(stdout, BIO_NOCLOSE | BIO_FP_TEXT); - ERR_load_crypto_strings(); + p = getenv("OPENSSL_DEBUG_MEMORY"); + if (p != NULL && strcmp(p, "on") == 0) + CRYPTO_set_mem_debug(1); /* initialize the prng */ RAND_seed(rnd_seed, sizeof(rnd_seed)); @@ -551,10 +508,11 @@ int main(void) BIO_printf(out, "\nECDSA test passed\n"); if (ret) ERR_print_errors(out); - CRYPTO_cleanup_all_ex_data(); - ERR_remove_thread_state(NULL); - ERR_free_strings(); - CRYPTO_mem_leaks(out); + +#ifndef OPENSSL_NO_CRYPTO_MDEBUG + if (CRYPTO_mem_leaks(out) <= 0) + ret = 1; +#endif BIO_free(out); return ret; }