Changes between 0.9.7 and 0.9.8 [xx XXX 2002]
+ *) Add ECDH engine support.
+ [Nils Gura and Douglas Stebila (Sun Microsystems Laboratories)]
+
+ *) Add ECDH in new directory crypto/ecdh/.
+ [Douglas Stebila (Sun Microsystems Laboratories)]
+
*) Let BN_rand_range() abort with an error after 100 iterations
without success (which indicates a broken PRNG).
[Bodo Moeller]
- X509_PUBKEY_get (crypto/asn1/x_pubkey.c) and
d2i_PublicKey (crypto/asn1/d2i_pu.c) have been modified to make
them suitable for ECDSA where domain parameters must be
- extracted before the specific public key.
+ extracted before the specific public key;
+ - ECDSA engine support has been added.
[Nils Larsch <nla@trustcenter.de>]
*) Include some named elliptic curves, and add OIDs from X9.62,
$depflags .= "-DOPENSSL_NO_MDC2 ";
$openssl_algorithm_defines .= "#define OPENSSL_NO_MDC2\n";
}
- if ($algo eq "EC" || $algo eq "SHA" || $algo eq "SHA1")
+ if ($algo eq "EC")
+ {
+ push @skip, "ecdsa";
+ push @skip, "ecdh";
+ $options .= " no-ecdsa";
+ $options .= " no-ecdh";
+ $flags .= "-DOPENSSL_NO_ECDSA ";
+ $flags .= "-DOPENSSL_NO_ECDH ";
+ $depflags .= "-DOPENSSL_NO_ECDSA ";
+ $depflags .= "-DOPENSSL_NO_ECDH ";
+ $openssl_algorithm_defines .= "#define OPENSSL_NO_ECDSA\n";
+ $openssl_algorithm_defines .= "#define OPENSSL_NO_ECDH\n";
+ }
+ if ($algo eq "SHA" || $algo eq "SHA1")
{
push @skip, "ecdsa";
$options .= " no-ecdsa";
SDIRS= \
md2 md4 md5 sha mdc2 hmac ripemd \
des rc2 rc4 rc5 idea bf cast \
- bn ec rsa dsa ecdsa dh dso engine aes \
+ bn ec rsa dsa ecdsa dh ecdh dso engine aes \
buffer bio stack lhash rand err objects \
evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5
BIO_free(in);
in=NULL;
- {
- BIGNUM *order = BN_new();
-
- if (!order)
- goto end;
- if (!EC_GROUP_get_order(ec_params->group, order, NULL))
- goto end;
- newkey = BN_num_bits(order);
- BN_free(order);
- }
+ newkey = EC_GROUP_get_degree(ec_params->group);
}
else
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * Portions of the attached software ("Contribution") are developed by
+ * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
+ *
+ * The Contribution is licensed pursuant to the OpenSSL open source
+ * license provided above.
+ *
+ * In addition, Sun covenants to all licensees who provide a reciprocal
+ * covenant with respect to their own patents if any, not to sue under
+ * current and future patent claims necessarily infringed by the making,
+ * using, practicing, selling, offering for sale and/or otherwise
+ * disposing of the Contribution as delivered hereunder
+ * (or portions thereof), provided that such covenant shall not apply:
+ * 1) for code that a licensee deletes from the Contribution;
+ * 2) separates from the Contribution; or
+ * 3) for infringements caused by:
+ * i) the modification of the Contribution or
+ * ii) the combination of the Contribution with other software or
+ * devices where such combination causes the infringement.
+ *
+ * The ECDH and ECDSA speed test software is originally written by
+ * Sumit Gupta of Sun Microsystems Laboratories.
+ *
+ */
/* most of this code has been pilfered from my libdes speed.c program */
#define SECONDS 3
#define RSA_SECONDS 10
#define DSA_SECONDS 10
+#define ECDSA_SECONDS 10
+#define ECDH_SECONDS 10
/* 11-Sep-92 Andrew Daviel Support for Silicon Graphics IRIX added */
/* 06-Apr-92 Luke Brennan Support for VMS and add extra signal calls */
#ifndef OPENSSL_NO_DSA
#include "./testdsa.h"
#endif
+#ifndef OPENSSL_NO_ECDSA
+#include <openssl/ecdsa.h>
+#endif
+#ifndef OPENSSL_NO_ECDH
+#include <openssl/ecdh.h>
+#endif
/* The following if from times(3) man page. It may need to be changed */
#ifndef HZ
#define SIZE_NUM 5
#define RSA_NUM 4
#define DSA_NUM 3
+
+#define EC_NUM 15
+#define MAX_ECDH_SIZE 256
+
static const char *names[ALGOR_NUM]={
"md2","mdc2","md4","md5","hmac(md5)","sha1","rmd160","rc4",
"des cbc","des ede3","idea cbc",
static int lengths[SIZE_NUM]={16,64,256,1024,8*1024};
static double rsa_results[RSA_NUM][2];
static double dsa_results[DSA_NUM][2];
+static double ecdsa_results[EC_NUM][2];
+static double ecdh_results[EC_NUM][1];
+
#ifdef SIGALRM
#if defined(__STDC__) || defined(sgi) || defined(_AIX)
#define R_RSA_1024 1
#define R_RSA_2048 2
#define R_RSA_4096 3
+
+#define R_EC_P160 0
+#define R_EC_P224 1
+#define R_EC_P256 2
+#define R_EC_P384 3
+#define R_EC_P521 4
+#define R_EC_K163 5
+#define R_EC_K233 6
+#define R_EC_K283 7
+#define R_EC_K409 8
+#define R_EC_K571 9
+#define R_EC_B163 10
+#define R_EC_B233 11
+#define R_EC_B283 12
+#define R_EC_B409 13
+#define R_EC_B571 14
+
#ifndef OPENSSL_NO_RSA
RSA *rsa_key[RSA_NUM];
long rsa_c[RSA_NUM][2];
long dsa_c[DSA_NUM][2];
static unsigned int dsa_bits[DSA_NUM]={512,1024,2048};
#endif
+#ifndef OPENSSL_NO_EC
+ /* We only test over the following curves as they are representative,
+ * To add tests over more curves, simply add the curve NID
+ * and curve name to the following arrays and increase the
+ * EC_NUM value accordingly.
+ */
+ static unsigned int test_curves[EC_NUM] =
+ {
+ /* Prime Curves */
+ EC_GROUP_SECG_PRIME_160R1,
+ EC_GROUP_NIST_PRIME_224,
+ EC_GROUP_NIST_PRIME_256,
+ EC_GROUP_NIST_PRIME_384,
+ EC_GROUP_NIST_PRIME_521,
+ /* Binary Curves */
+ EC_GROUP_NIST_CHAR2_K163,
+ EC_GROUP_NIST_CHAR2_K233,
+ EC_GROUP_NIST_CHAR2_K283,
+ EC_GROUP_NIST_CHAR2_K409,
+ EC_GROUP_NIST_CHAR2_K571,
+ EC_GROUP_NIST_CHAR2_B163,
+ EC_GROUP_NIST_CHAR2_B233,
+ EC_GROUP_NIST_CHAR2_B283,
+ EC_GROUP_NIST_CHAR2_B409,
+ EC_GROUP_NIST_CHAR2_B571
+ };
+ static char * test_curves_names[EC_NUM] =
+ {
+ /* Prime Curves */
+ "secp160r1",
+ "nistp224",
+ "nistp256",
+ "nistp384",
+ "nistp521",
+ /* Binary Curves */
+ "nistk163",
+ "nistk233",
+ "nistk283",
+ "nistk409",
+ "nistk571",
+ "nistb163",
+ "nistb233",
+ "nistb283",
+ "nistb409",
+ "nistb571"
+ };
+ static int test_curves_bits[EC_NUM] =
+ {
+ 160, 224, 256, 384, 521,
+ 163, 233, 283, 409, 571,
+ 163, 233, 283, 409, 571
+ };
+
+#endif
+
+#ifndef OPENSSL_NO_ECDSA
+ unsigned char ecdsasig[256];
+ unsigned int ecdsasiglen;
+ EC_KEY *ecdsa[EC_NUM];
+ long ecdsa_c[EC_NUM][2];
+#endif
+
+#ifndef OPENSSL_NO_ECDH
+ EC_KEY *ecdh_a[EC_NUM], *ecdh_b[EC_NUM];
+ unsigned char secret_a[MAX_ECDH_SIZE], secret_b[MAX_ECDH_SIZE];
+ int secret_size_a, secret_size_b;
+ int ecdh_check = 0;
+ int secret_idx = 0;
+ long ecdh_c[EC_NUM][2];
+#endif
+
int rsa_doit[RSA_NUM];
int dsa_doit[DSA_NUM];
+ int ecdsa_doit[EC_NUM];
+ int ecdh_doit[EC_NUM];
int doit[ALGOR_NUM];
int pr_header=0;
const EVP_CIPHER *evp_cipher=NULL;
#ifndef OPENSSL_NO_DSA
memset(dsa_key,0,sizeof(dsa_key));
#endif
+#ifndef OPENSSL_NO_ECDSA
+ for (i=0; i<EC_NUM; i++) ecdsa[i] = NULL;
+#endif
+#ifndef OPENSSL_NO_ECDH
+ for (i=0; i<EC_NUM; i++)
+ {
+ ecdh_a[i] = NULL;
+ ecdh_b[i] = NULL;
+ }
+#endif
+
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
rsa_doit[i]=0;
for (i=0; i<DSA_NUM; i++)
dsa_doit[i]=0;
+#ifndef OPENSSL_NO_ECDSA
+ for (i=0; i<EC_NUM; i++)
+ ecdsa_doit[i]=0;
+#endif
+#ifndef OPENSSL_NO_ECDH
+ for (i=0; i<EC_NUM; i++)
+ ecdh_doit[i]=0;
+#endif
+
j=0;
argc--;
dsa_doit[R_DSA_1024]=1;
}
else
+#endif
+#ifndef OPENSSL_NO_ECDSA
+ if (strcmp(*argv,"ecdsap160") == 0) ecdsa_doit[R_EC_P160]=2;
+ else if (strcmp(*argv,"ecdsap224") == 0) ecdsa_doit[R_EC_P224]=2;
+ else if (strcmp(*argv,"ecdsap256") == 0) ecdsa_doit[R_EC_P256]=2;
+ else if (strcmp(*argv,"ecdsap384") == 0) ecdsa_doit[R_EC_P384]=2;
+ else if (strcmp(*argv,"ecdsap521") == 0) ecdsa_doit[R_EC_P521]=2;
+ else if (strcmp(*argv,"ecdsak163") == 0) ecdsa_doit[R_EC_K163]=2;
+ else if (strcmp(*argv,"ecdsak233") == 0) ecdsa_doit[R_EC_K233]=2;
+ else if (strcmp(*argv,"ecdsak283") == 0) ecdsa_doit[R_EC_K283]=2;
+ else if (strcmp(*argv,"ecdsak409") == 0) ecdsa_doit[R_EC_K409]=2;
+ else if (strcmp(*argv,"ecdsak571") == 0) ecdsa_doit[R_EC_K571]=2;
+ else if (strcmp(*argv,"ecdsab163") == 0) ecdsa_doit[R_EC_B163]=2;
+ else if (strcmp(*argv,"ecdsab233") == 0) ecdsa_doit[R_EC_B233]=2;
+ else if (strcmp(*argv,"ecdsab283") == 0) ecdsa_doit[R_EC_B283]=2;
+ else if (strcmp(*argv,"ecdsab409") == 0) ecdsa_doit[R_EC_B409]=2;
+ else if (strcmp(*argv,"ecdsab571") == 0) ecdsa_doit[R_EC_B571]=2;
+ else if (strcmp(*argv,"ecdsa") == 0)
+ {
+ for (i=0; i < EC_NUM; i++)
+ ecdsa_doit[i]=1;
+ }
+ else
+#endif
+#ifndef OPENSSL_NO_ECDH
+ if (strcmp(*argv,"ecdhp160") == 0) ecdh_doit[R_EC_P160]=2;
+ else if (strcmp(*argv,"ecdhp224") == 0) ecdh_doit[R_EC_P224]=2;
+ else if (strcmp(*argv,"ecdhp256") == 0) ecdh_doit[R_EC_P256]=2;
+ else if (strcmp(*argv,"ecdhp384") == 0) ecdh_doit[R_EC_P384]=2;
+ else if (strcmp(*argv,"ecdhp521") == 0) ecdh_doit[R_EC_P521]=2;
+ else if (strcmp(*argv,"ecdhk163") == 0) ecdh_doit[R_EC_K163]=2;
+ else if (strcmp(*argv,"ecdhk233") == 0) ecdh_doit[R_EC_K233]=2;
+ else if (strcmp(*argv,"ecdhk283") == 0) ecdh_doit[R_EC_K283]=2;
+ else if (strcmp(*argv,"ecdhk409") == 0) ecdh_doit[R_EC_K409]=2;
+ else if (strcmp(*argv,"ecdhk571") == 0) ecdh_doit[R_EC_K571]=2;
+ else if (strcmp(*argv,"ecdhb163") == 0) ecdh_doit[R_EC_B163]=2;
+ else if (strcmp(*argv,"ecdhb233") == 0) ecdh_doit[R_EC_B233]=2;
+ else if (strcmp(*argv,"ecdhb283") == 0) ecdh_doit[R_EC_B283]=2;
+ else if (strcmp(*argv,"ecdhb409") == 0) ecdh_doit[R_EC_B409]=2;
+ else if (strcmp(*argv,"ecdhb571") == 0) ecdh_doit[R_EC_B571]=2;
+ else if (strcmp(*argv,"ecdh") == 0)
+ {
+ for (i=0; i < EC_NUM; i++)
+ ecdh_doit[i]=1;
+ }
+ else
#endif
{
BIO_printf(bio_err,"Error: bad option or value\n");
#ifndef OPENSSL_NO_DSA
BIO_printf(bio_err,"dsa512 dsa1024 dsa2048\n");
#endif
+#ifndef OPENSSL_NO_ECDSA
+ BIO_printf(bio_err,"ecdsap160 ecdsap224 ecdsap256 ecdsap384 ecdsap521\n");
+ BIO_printf(bio_err,"ecdsak163 ecdsak233 ecdsak283 ecdsak409 ecdsak571\n");
+ BIO_printf(bio_err,"ecdsab163 ecdsab233 ecdsab283 ecdsab409 ecdsab571\n");
+ BIO_printf(bio_err,"ecdsa\n");
+#endif
+#ifndef OPENSSL_NO_ECDH
+ BIO_printf(bio_err,"ecdhp160 ecdhp224 ecdhp256 ecdhp384 ecdhp521\n");
+ BIO_printf(bio_err,"ecdhk163 ecdhk233 ecdhk283 ecdhk409 ecdhk571\n");
+ BIO_printf(bio_err,"ecdhb163 ecdhb233 ecdhb283 ecdhb409 ecdhb571\n");
+ BIO_printf(bio_err,"ecdh\n");
+#endif
#ifndef OPENSSL_NO_IDEA
BIO_printf(bio_err,"idea ");
}
#endif
+#ifndef OPENSSL_NO_ECDSA
+ ecdsa_c[R_EC_P160][0]=count/1000;
+ ecdsa_c[R_EC_P160][1]=count/1000/2;
+ for (i=R_EC_P224; i<=R_EC_P521; i++)
+ {
+ ecdsa_c[i][0]=ecdsa_c[i-1][0]/2;
+ ecdsa_c[i][1]=ecdsa_c[i-1][1]/2;
+ if ((ecdsa_doit[i] <= 1) && (ecdsa_c[i][0] == 0))
+ ecdsa_doit[i]=0;
+ else
+ {
+ if (ecdsa_c[i] == 0)
+ {
+ ecdsa_c[i][0]=1;
+ ecdsa_c[i][1]=1;
+ }
+ }
+ }
+ ecdsa_c[R_EC_K163][0]=count/1000;
+ ecdsa_c[R_EC_K163][1]=count/1000/2;
+ for (i=R_EC_K233; i<=R_EC_K571; i++)
+ {
+ ecdsa_c[i][0]=ecdsa_c[i-1][0]/2;
+ ecdsa_c[i][1]=ecdsa_c[i-1][1]/2;
+ if ((ecdsa_doit[i] <= 1) && (ecdsa_c[i][0] == 0))
+ ecdsa_doit[i]=0;
+ else
+ {
+ if (ecdsa_c[i] == 0)
+ {
+ ecdsa_c[i][0]=1;
+ ecdsa_c[i][1]=1;
+ }
+ }
+ }
+ ecdsa_c[R_EC_B163][0]=count/1000;
+ ecdsa_c[R_EC_B163][1]=count/1000/2;
+ for (i=R_EC_B233; i<=R_EC_B571; i++)
+ {
+ ecdsa_c[i][0]=ecdsa_c[i-1][0]/2;
+ ecdsa_c[i][1]=ecdsa_c[i-1][1]/2;
+ if ((ecdsa_doit[i] <= 1) && (ecdsa_c[i][0] == 0))
+ ecdsa_doit[i]=0;
+ else
+ {
+ if (ecdsa_c[i] == 0)
+ {
+ ecdsa_c[i][0]=1;
+ ecdsa_c[i][1]=1;
+ }
+ }
+ }
+#endif
+
+#ifndef OPENSSL_NO_ECDH
+ ecdh_c[R_EC_P160][0]=count/1000;
+ ecdh_c[R_EC_P160][1]=count/1000;
+ for (i=R_EC_P224; i<=R_EC_P521; i++)
+ {
+ ecdh_c[i][0]=ecdh_c[i-1][0]/2;
+ ecdh_c[i][1]=ecdh_c[i-1][1]/2;
+ if ((ecdh_doit[i] <= 1) && (ecdh_c[i][0] == 0))
+ ecdh_doit[i]=0;
+ else
+ {
+ if (ecdh_c[i] == 0)
+ {
+ ecdh_c[i][0]=1;
+ ecdh_c[i][1]=1;
+ }
+ }
+ }
+ ecdh_c[R_EC_K163][0]=count/1000;
+ ecdh_c[R_EC_K163][1]=count/1000;
+ for (i=R_EC_K233; i<=R_EC_K571; i++)
+ {
+ ecdh_c[i][0]=ecdh_c[i-1][0]/2;
+ ecdh_c[i][1]=ecdh_c[i-1][1]/2;
+ if ((ecdh_doit[i] <= 1) && (ecdh_c[i][0] == 0))
+ ecdh_doit[i]=0;
+ else
+ {
+ if (ecdh_c[i] == 0)
+ {
+ ecdh_c[i][0]=1;
+ ecdh_c[i][1]=1;
+ }
+ }
+ }
+ ecdh_c[R_EC_B163][0]=count/1000;
+ ecdh_c[R_EC_B163][1]=count/1000;
+ for (i=R_EC_B233; i<=R_EC_B571; i++)
+ {
+ ecdh_c[i][0]=ecdh_c[i-1][0]/2;
+ ecdh_c[i][1]=ecdh_c[i-1][1]/2;
+ if ((ecdh_doit[i] <= 1) && (ecdh_c[i][0] == 0))
+ ecdh_doit[i]=0;
+ else
+ {
+ if (ecdh_c[i] == 0)
+ {
+ ecdh_c[i][0]=1;
+ ecdh_c[i][1]=1;
+ }
+ }
+ }
+#endif
+
#define COND(d) (count < (d))
#define COUNT(d) (d)
#else
}
if (rnd_fake) RAND_cleanup();
#endif
+
+#ifndef OPENSSL_NO_ECDSA
+ if (RAND_status() != 1)
+ {
+ RAND_seed(rnd_seed, sizeof rnd_seed);
+ rnd_fake = 1;
+ }
+ for (j=0; j<EC_NUM; j++)
+ {
+ int ret;
+
+ if (!ecdsa_doit[j]) continue; /* Ignore Curve */
+ ecdsa[j] = EC_KEY_new();
+ if (ecdsa[j] == NULL)
+ {
+ BIO_printf(bio_err,"ECDSA failure.\n");
+ ERR_print_errors(bio_err);
+ rsa_count=1;
+ }
+ else
+ {
+ ecdsa[j]->group = EC_GROUP_new_by_nid(test_curves[j]);
+ /* Could not obtain group information */
+ if (ecdsa[j]->group == NULL)
+ {
+ BIO_printf(bio_err,"ECDSA failure.Could not obtain group information\n");
+ ERR_print_errors(bio_err);
+ rsa_count=1;
+ }
+ else
+ {
+ /* Perform ECDSA signature test */
+ EC_KEY_generate_key(ecdsa[j]);
+ ret = ECDSA_sign(EVP_PKEY_ECDSA, buf, 20, ecdsasig,
+ &ecdsasiglen, ecdsa[j]);
+ if (ret == 0)
+ {
+ BIO_printf(bio_err,"ECDSA sign failure. No ECDSA sign will be done.\n");
+ ERR_print_errors(bio_err);
+ rsa_count=1;
+ }
+ else
+ {
+ pkey_print_message("sign","ecdsa",
+ ecdsa_c[j][0],
+ test_curves_bits[j],
+ ECDSA_SECONDS);
+
+ Time_F(START);
+ for (count=0,run=1; COND(ecdsa_c[j][0]); count++)
+ {
+ ret=ECDSA_sign(EVP_PKEY_ECDSA, buf, 20, ecdsasig, &ecdsasiglen, ecdsa[j]);
+ if (ret == 0)
+ {
+ BIO_printf(bio_err, "ECDSA sign failure\n");
+ ERR_print_errors(bio_err);
+ count=1;
+ break;
+ }
+ }
+ d=Time_F(STOP);
+
+ BIO_printf(bio_err, mr ? "+R5:%ld:%d:%.2f\n" :
+ "%ld %d bit ECDSA signs in %.2fs \n",
+ count, test_curves_bits[j], d);
+ ecdsa_results[j][0]=d/(double)count;
+ rsa_count=count;
+ }
+
+ /* Perform ECDSA verification test */
+ ret=ECDSA_verify(EVP_PKEY_ECDSA, buf, 20, ecdsasig, ecdsasiglen, ecdsa[j]);
+ if (ret != 1)
+ {
+ BIO_printf(bio_err,"ECDSA verify failure. No ECDSA verify will be done.\n");
+ ERR_print_errors(bio_err);
+ ecdsa_doit[j] = 0;
+ }
+ else
+ {
+ pkey_print_message("verify","ecdsa",
+ ecdsa_c[j][1],
+ test_curves_bits[j],
+ ECDSA_SECONDS);
+ Time_F(START);
+ for (count=0,run=1; COND(ecdsa_c[j][1]); count++)
+ {
+ ret=ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[j]);
+ if (ret != 1)
+ {
+ BIO_printf(bio_err, "ECDSA verify failure\n");
+ ERR_print_errors(bio_err);
+ count=1;
+ break;
+ }
+ }
+ d=Time_F(STOP);
+ BIO_printf(bio_err, mr? "+R6:%ld:%d:%.2f\n"
+ : "%ld %d bit ECDSA verify in %.2fs\n",
+ count, test_curves_bits[j], d);
+ ecdsa_results[j][1]=d/(double)count;
+ }
+
+ if (rsa_count <= 1)
+ {
+ /* if longer than 10s, don't do any more */
+ for (j++; j<EC_NUM; j++)
+ ecdsa_doit[j]=0;
+ }
+ }
+ }
+ }
+ if (rnd_fake) RAND_cleanup();
+#endif
+
+#ifndef OPENSSL_NO_ECDH
+ if (RAND_status() != 1)
+ {
+ RAND_seed(rnd_seed, sizeof rnd_seed);
+ rnd_fake = 1;
+ }
+ for (j=0; j<EC_NUM; j++)
+ {
+ if (!ecdh_doit[j]) continue;
+ ecdh_a[j] = EC_KEY_new();
+ ecdh_b[j] = EC_KEY_new();
+ if ((ecdh_a[j] == NULL) || (ecdh_b[j] == NULL))
+ {
+ BIO_printf(bio_err,"ECDH failure.\n");
+ ERR_print_errors(bio_err);
+ rsa_count=1;
+ }
+ else
+ {
+ ecdh_a[j]->group = EC_GROUP_new_by_nid(test_curves[j]);
+ if (ecdh_a[j]->group == NULL)
+ {
+ BIO_printf(bio_err,"ECDH failure.\n");
+ ERR_print_errors(bio_err);
+ rsa_count=1;
+ }
+ else
+ {
+ ecdh_b[j]->group = ecdh_a[j]->group;
+
+ /* generate two ECDH key pairs */
+ if (!EC_KEY_generate_key(ecdh_a[j]) ||
+ !EC_KEY_generate_key(ecdh_b[j]))
+ {
+ BIO_printf(bio_err,"ECDH key generation failure.\n");
+ ERR_print_errors(bio_err);
+ rsa_count=1;
+ }
+ else
+ {
+ secret_size_a = ECDH_compute_key(secret_a,
+ ecdh_b[j]->pub_key,
+ ecdh_a[j]);
+ secret_size_b = ECDH_compute_key(secret_b,
+ ecdh_a[j]->pub_key,
+ ecdh_b[j]);
+ if (secret_size_a != secret_size_b)
+ ecdh_check = 0;
+ else
+ ecdh_check = 1;
+
+ for (secret_idx = 0;
+ (secret_idx < secret_size_a) && (ecdh_check == 1);
+ secret_idx++)
+ {
+ if (secret_a[secret_idx] != secret_b[secret_idx])
+ ecdh_check = 0;
+ }
+
+ if (ecdh_check == 0)
+ {
+ BIO_printf(bio_err,"ECDH computations don't match.\n");
+ ERR_print_errors(bio_err);
+ rsa_count=1;
+ }
+
+ pkey_print_message("","ecdh",
+ ecdh_c[j][0],
+ test_curves_bits[j],
+ ECDH_SECONDS);
+ Time_F(START);
+ for (count=0,run=1; COND(ecdh_c[j][0]); count++)
+ {
+ ECDH_compute_key(secret_a,
+ ecdh_b[j]->pub_key,
+ ecdh_a[j]);
+ }
+ d=Time_F(STOP);
+ BIO_printf(bio_err, mr ? "+R7:%ld:%d:%.2f\n" :"%ld %d-bit ECDH ops in %.2fs\n",
+ count, test_curves_bits[j], d);
+ ecdh_results[j][0]=d/(double)count;
+ rsa_count=count;
+ }
+ }
+ }
+
+ if (rsa_count <= 1)
+ {
+ /* if longer than 10s, don't do any more */
+ for (j++; j<EC_NUM; j++)
+ ecdh_doit[j]=0;
+ }
+ }
+ if (rnd_fake) RAND_cleanup();
+#endif
#ifdef HAVE_FORK
show_res:
#endif
1.0/dsa_results[k][0],1.0/dsa_results[k][1]);
}
#endif
+#ifndef OPENSSL_NO_ECDSA
+ j=1;
+ for (k=0; k<EC_NUM; k++)
+ {
+ if (!ecdsa_doit[k]) continue;
+ if (j && !mr)
+ {
+ printf("%30ssign verify sign/s verify/s\n"," ");
+ j=0;
+ }
+
+ if (mr)
+ fprintf(stdout,"+F4:%u:%u:%f:%f\n",
+ k, test_curves_bits[k],
+ ecdsa_results[k][0],ecdsa_results[k][1]);
+ else
+ fprintf(stdout,
+ "%4u bit ecdsa (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
+ test_curves_bits[k],
+ test_curves_names[k],
+ ecdsa_results[k][0],ecdsa_results[k][1],
+ 1.0/ecdsa_results[k][0],1.0/ecdsa_results[k][1]);
+ }
+#endif
+
+
+#ifndef OPENSSL_NO_ECDH
+ j=1;
+ for (k=0; k<EC_NUM; k++)
+ {
+ if (!ecdh_doit[k]) continue;
+ if (j && !mr)
+ {
+ printf("%30sop op/s\n"," ");
+ j=0;
+ }
+ if (mr)
+ fprintf(stdout,"+F5:%u:%u:%f:%f\n",
+ k, test_curves_bits[k],
+ ecdh_results[k][0], 1.0/ecdh_results[k][0]);
+
+ else
+ fprintf(stdout,"%4u bit ecdh (%s) %8.4fs %8.1f\n",
+ test_curves_bits[k],
+ test_curves_names[k],
+ ecdh_results[k][0], 1.0/ecdh_results[k][0]);
+ }
+#endif
+
mret=0;
+
end:
ERR_print_errors(bio_err);
if (buf != NULL) OPENSSL_free(buf);
if (dsa_key[i] != NULL)
DSA_free(dsa_key[i]);
#endif
+
+#ifndef OPENSSL_NO_ECDSA
+ for (i=0; i<EC_NUM; i++)
+ if (ecdsa[i] != NULL)
+ EC_KEY_free(ecdsa[i]);
+#endif
+#ifndef OPENSSL_NO_ECDH
+ for (i=0; i<EC_NUM; i++)
+ {
+ if (ecdh_a[i] != NULL)
+ EC_KEY_free(ecdh_a[i]);
+ if (ecdh_b[i] != NULL)
+ EC_KEY_free(ecdh_b[i]);
+ }
+#endif
+
apps_shutdown();
EXIT(mret);
}
else
dsa_results[k][1]=d;
}
+#ifndef OPENSSL_NO_ECDSA
+ else if(!strncmp(buf,"+F4:",4))
+ {
+ int k;
+ double d;
+
+ p=buf+4;
+ k=atoi(sstrsep(&p,sep));
+ sstrsep(&p,sep);
+
+ d=atof(sstrsep(&p,sep));
+ if(n)
+ ecdsa_results[k][0]=1/(1/ecdsa_results[k][0]+1/d);
+ else
+ ecdsa_results[k][0]=d;
+
+ d=atof(sstrsep(&p,sep));
+ if(n)
+ ecdsa_results[k][1]=1/(1/ecdsa_results[k][1]+1/d);
+ else
+ ecdsa_results[k][1]=d;
+ }
+#endif
+
+#ifndef OPENSSL_NO_ECDH
+ else if(!strncmp(buf,"+F5:",4))
+ {
+ int k;
+ double d;
+
+ p=buf+4;
+ k=atoi(sstrsep(&p,sep));
+ sstrsep(&p,sep);
+
+ d=atof(sstrsep(&p,sep));
+ if(n)
+ ecdh_results[k][0]=1/(1/ecdh_results[k][0]+1/d);
+ else
+ ecdh_results[k][0]=d;
+
+ }
+#endif
+
else if(!strncmp(buf,"+H:",3))
{
}
SDIRS= md2 md5 sha mdc2 hmac ripemd \
des rc2 rc4 rc5 idea bf cast \
- bn ec rsa dsa ecdsa dh dso engine aes \
+ bn ec rsa dsa ecdsa ecdh dh dso engine aes \
buffer bio stack lhash rand err objects \
evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * Binary polynomial ECC support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
#include <stdio.h>
#include "cryptlib.h"
goto err;
}
- if (!EC_GROUP_get_curve_GFp(x, p, a, b, ctx))
+ if (EC_METHOD_get_field_type(EC_GROUP_method_of(x)) == NID_X9_62_prime_field)
{
- reason = ERR_R_EC_LIB;
- goto err;
+ if (!EC_GROUP_get_curve_GFp(x, p, a, b, ctx))
+ {
+ reason = ERR_R_EC_LIB;
+ goto err;
+ }
+ }
+ else
+ {
+ if (!EC_GROUP_get_curve_GF2m(x, p, a, b, ctx))
+ {
+ reason = ERR_R_EC_LIB;
+ goto err;
+ }
}
if ((point = EC_GROUP_get0_generator(x)) == NULL)
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECDH support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
#include <stdio.h>
#include <string.h>
"ui",
"ecdsa",
"ec",
-#if CRYPTO_NUM_LOCKS != 33
+ "ecdh",
+#if CRYPTO_NUM_LOCKS != 34
# error "Inconsistency between crypto.h and cryptlib.c"
#endif
};
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECDH support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
#ifndef HEADER_CRYPTO_H
#define HEADER_CRYPTO_H
#define CRYPTO_LOCK_UI 30
#define CRYPTO_LOCK_ECDSA 31
#define CRYPTO_LOCK_EC 32
-#define CRYPTO_NUM_LOCKS 33
+#define CRYPTO_LOCK_ECDH 33
+#define CRYPTO_NUM_LOCKS 34
#define CRYPTO_LOCK 1
#define CRYPTO_UNLOCK 2
#define CRYPTO_EX_INDEX_X509 10
#define CRYPTO_EX_INDEX_UI 11
#define CRYPTO_EX_INDEX_ECDSA 12
+#define CRYPTO_EX_INDEX_ECDH 13
/* Dynamically assigned indexes start from this value (don't use directly, use
* via CRYPTO_ex_data_new_class). */
void EC_KEY_free(EC_KEY *);
EC_KEY *EC_KEY_copy(EC_KEY *, const EC_KEY *);
EC_KEY *EC_KEY_dup(const EC_KEY *);
+int EC_KEY_up_ref(EC_KEY *);
/* EC_KEY_generate_key() creates a ec private (public) key */
int EC_KEY_generate_key(EC_KEY *);
#include <openssl/err.h>
#include <openssl/asn1t.h>
#include <openssl/objects.h>
+#include <string.h>
/* some structures needed for the asn1 encoding */
typedef struct x9_62_fieldid_st {
* Hudson (tjh@cryptsoft.com).
*
*/
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * Portions originally developed by SUN MICROSYSTEMS, INC., and
+ * contributed to the OpenSSL project.
+ */
#include "ec_lcl.h"
#include <openssl/err.h>
+#include <string.h>
EC_KEY *EC_KEY_new(void)
{
return ret;
}
+int EC_KEY_up_ref(EC_KEY *r)
+ {
+ int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_EC);
+#ifdef REF_PRINT
+ REF_PRINT("EC_KEY",r);
+#endif
+#ifdef REF_CHECK
+ if (i < 2)
+ {
+ fprintf(stderr, "EC_KEY_up, bad reference count\n");
+ abort();
+ }
+#endif
+ return ((i > 1) ? 1 : 0);
+ }
+
int EC_KEY_generate_key(EC_KEY *eckey)
{
int ok = 0;
--- /dev/null
+#
+# crypto/ecdh/Makefile
+#
+
+DIR= ecdh
+TOP= ../..
+CC= cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g -Wall
+INSTALL_PREFIX=
+OPENSSLDIR= /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE= make -f Makefile.ssl
+MAKEDEPPROG= makedepend
+MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE= Makefile.ssl
+AR= ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=ecdhtest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= ech_lib.c ech_ossl.c ech_key.c ech_err.c
+
+LIBOBJ= ech_lib.o ech_ossl.o ech_key.o ech_err.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= ecdh.h
+HEADER= $(EXHEADER)
+
+ALL= $(GENERAL) $(SRC) $(HEADER)
+
+top:
+ (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all: lib
+
+lib: $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
+ $(RANLIB) $(LIB) || echo Never mind.
+ @touch lib
+
+files:
+ $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+ @$(TOP)/util/point.sh Makefile.ssl Makefile
+ @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+ @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+ @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+ @for i in $(EXHEADER) ; \
+ do \
+ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+ done;
+
+tags:
+ ctags $(SRC)
+
+tests:
+
+lint:
+ lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+ $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
+
+dclean:
+ $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+ mv -f Makefile.new $(MAKEFILE)
+
+clean:
+ rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+ech_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+ech_err.o: ../../include/openssl/e_os2.h ../../include/openssl/ecdh.h
+ech_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ech_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+ech_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ech_err.o: ../../include/openssl/symhacks.h ech_err.c
+ech_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ech_key.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ech_key.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+ech_key.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ech_key.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+ech_key.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+ech_key.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+ech_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ech_key.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+ech_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ech_key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h ecdh.h
+ech_key.o: ech_key.c
+ech_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ech_lib.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ech_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+ech_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ech_lib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+ech_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+ech_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+ech_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ech_lib.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+ech_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ech_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h ecdh.h
+ech_lib.o: ech_lib.c
+ech_ossl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ech_ossl.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ech_ossl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ech_ossl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ech_ossl.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
+ech_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ech_ossl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+ech_ossl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ech_ossl.o: ecdh.h ech_ossl.c
--- /dev/null
+/* crypto/ecdh/ecdh.h */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
+ * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
+ * to the OpenSSL project.
+ *
+ * The ECC Code is licensed pursuant to the OpenSSL open source
+ * license provided below.
+ *
+ * In addition, Sun covenants to all licensees who provide a reciprocal
+ * covenant with respect to their own patents if any, not to sue under
+ * current and future patent claims necessarily infringed by the making,
+ * using, practicing, selling, offering for sale and/or otherwise
+ * disposing of the ECC Code as delivered hereunder (or portions thereof),
+ * provided that such covenant shall not apply:
+ * 1) for code that a licensee deletes from the ECC Code;
+ * 2) separates from the ECC Code; or
+ * 3) for infringements caused by:
+ * i) the modification of the ECC Code or
+ * ii) the combination of the ECC Code with other software or
+ * devices where such combination causes the infringement.
+ *
+ * The ECDH software is originally written by Douglas Stebila of
+ * Sun Microsystems Laboratories.
+ *
+ */
+/* ====================================================================
+ * Copyright (c) 2000-2002 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#ifndef HEADER_ECDH_H
+#define HEADER_ECDH_H
+
+#ifdef OPENSSL_NO_ECDH
+#error ECDH is disabled.
+#endif
+
+#include <openssl/bn.h>
+#include <openssl/ec.h>
+#include <openssl/ossl_typ.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct ecdh_method
+{
+ const char *name;
+ int (*compute_key)(unsigned char *key,const EC_POINT *pub_key, EC_KEY *ecdh);
+#if 0
+ int (*init)(EC_KEY *eckey);
+ int (*finish)(EC_KEY *eckey);
+#endif
+ int flags;
+ char *app_data;
+} ECDH_METHOD;
+
+typedef struct ecdh_data_st {
+ /* EC_KEY_METH_DATA part */
+ int (*init)(EC_KEY *);
+ void (*finish)(EC_KEY *);
+ /* method specific part */
+ ENGINE *engine;
+ int flags;
+ const ECDH_METHOD *meth;
+ CRYPTO_EX_DATA ex_data;
+} ECDH_DATA;
+
+/* ECDH_DATA functions */
+ECDH_DATA *ECDH_DATA_new(void);
+ECDH_DATA *ECDH_DATA_new_method(ENGINE *);
+void ECDH_DATA_free(ECDH_DATA *);
+
+ECDH_DATA *ecdh_check(EC_KEY *);
+
+
+const ECDH_METHOD *ECDH_OpenSSL(void);
+
+void ECDH_set_default_method(const ECDH_METHOD *);
+const ECDH_METHOD *ECDH_get_default_method(void);
+int ECDH_set_method(EC_KEY *, const ECDH_METHOD *);
+
+int ECDH_size(const EC_KEY *);
+int ECDH_compute_key(unsigned char *key,const EC_POINT *pub_key, EC_KEY *ecdh);
+
+
+int ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new
+ *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
+int ECDH_set_ex_data(EC_KEY *d, int idx, void *arg);
+void *ECDH_get_ex_data(EC_KEY *d, int idx);
+
+
+/* BEGIN ERROR CODES */
+/* The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_ECDH_strings(void);
+
+/* Error codes for the ECDH functions. */
+
+/* Function codes. */
+#define ECDH_F_ECDH_COMPUTE_KEY 100
+#define ECDH_F_ECDH_DATA_NEW 101
+
+/* Reason codes. */
+#define ECDH_R_NO_PRIVATE_VALUE 100
+#define ECDH_R_POINT_ARITHMETIC_FAILURE 101
+#define ECDH_R_SHA1_DIGEST_FAILED 102
+
+#ifdef __cplusplus
+}
+#endif
+#endif
--- /dev/null
+/* crypto/ecdh/ecdhtest.c */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
+ * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
+ * to the OpenSSL project.
+ *
+ * The ECC Code is licensed pursuant to the OpenSSL open source
+ * license provided below.
+ *
+ * In addition, Sun covenants to all licensees who provide a reciprocal
+ * covenant with respect to their own patents if any, not to sue under
+ * current and future patent claims necessarily infringed by the making,
+ * using, practicing, selling, offering for sale and/or otherwise
+ * disposing of the ECC Code as delivered hereunder (or portions thereof),
+ * provided that such covenant shall not apply:
+ * 1) for code that a licensee deletes from the ECC Code;
+ * 2) separates from the ECC Code; or
+ * 3) for infringements caused by:
+ * i) the modification of the ECC Code or
+ * ii) the combination of the ECC Code with other software or
+ * devices where such combination causes the infringement.
+ *
+ * The ECDH software is originally written by Douglas Stebila of
+ * Sun Microsystems Laboratories.
+ *
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#ifdef OPENSSL_SYS_WINDOWS
+#include "../bio/bss_file.c"
+#endif
+#include <openssl/crypto.h>
+#include <openssl/bio.h>
+#include <openssl/bn.h>
+#include <openssl/ec.h>
+#include <openssl/objects.h>
+#include <openssl/rand.h>
+#include <openssl/err.h>
+
+#ifdef OPENSSL_NO_ECDH
+int main(int argc, char *argv[])
+{
+ printf("No ECDH support\n");
+ return(0);
+}
+#else
+#include <openssl/ecdh.h>
+
+#ifdef OPENSSL_SYS_WIN16
+#define MS_CALLBACK _far _loadds
+#else
+#define MS_CALLBACK
+#endif
+
+static void MS_CALLBACK cb(int p, int n, void *arg);
+#ifdef OPENSSL_NO_STDIO
+#define APPS_WIN16
+#include "bss_file.c"
+#endif
+
+static const char rnd_seed[] = "string to make the random number generator think it has entropy";
+
+
+int test_ecdh_curve(int nid, char *text, BN_CTX *ctx, BIO *out)
+ {
+ EC_KEY *a=NULL;
+ EC_KEY *b=NULL;
+ BIGNUM *x=NULL, *y=NULL;
+ char buf[12];
+ unsigned char *abuf=NULL,*bbuf=NULL;
+ int i,alen,blen,aout,bout,ret=0;
+
+ if ((a=EC_KEY_new()) == NULL) goto err;
+ if ((a->group=EC_GROUP_new_by_name(nid)) == NULL) goto err;
+
+ if ((b=EC_KEY_new()) == NULL) goto err;
+ b->group = a->group;
+
+ if ((x=BN_new()) == NULL) goto err;
+ if ((y=BN_new()) == NULL) goto err;
+
+ BIO_puts(out,"Testing key generation with ");
+ BIO_puts(out,text);
+ BIO_puts(out,"\n");
+
+ if (!EC_KEY_generate_key(a)) goto err;
+ BIO_puts(out," pri 1=");
+ BN_print(out,a->priv_key);
+ BIO_puts(out,"\n pub 1=");
+ if (EC_METHOD_get_field_type(EC_GROUP_method_of(a->group)) == NID_X9_62_prime_field)
+ {
+ if (!EC_POINT_get_affine_coordinates_GFp(a->group, a->pub_key, x, y, ctx)) goto err;
+ }
+ else
+ {
+ if (!EC_POINT_get_affine_coordinates_GF2m(a->group, a->pub_key, x, y, ctx)) goto err;
+ }
+ BN_print(out,x);
+ BIO_puts(out,",");
+ BN_print(out,y);
+ BIO_puts(out,"\n");
+
+ if (!EC_KEY_generate_key(b)) goto err;
+ BIO_puts(out," pri 2=");
+ BN_print(out,b->priv_key);
+ BIO_puts(out,"\n pub 2=");
+ if (EC_METHOD_get_field_type(EC_GROUP_method_of(b->group)) == NID_X9_62_prime_field)
+ {
+ if (!EC_POINT_get_affine_coordinates_GFp(b->group, b->pub_key, x, y, ctx)) goto err;
+ }
+ else
+ {
+ if (!EC_POINT_get_affine_coordinates_GF2m(a->group, b->pub_key, x, y, ctx)) goto err;
+ }
+ BN_print(out,x);
+ BIO_puts(out,",");
+ BN_print(out,y);
+ BIO_puts(out,"\n");
+
+ alen=ECDH_size(a);
+ abuf=(unsigned char *)OPENSSL_malloc(alen);
+ aout=ECDH_compute_key(abuf,b->pub_key,a);
+
+ BIO_puts(out," key1 =");
+ for (i=0; i<aout; i++)
+ {
+ sprintf(buf,"%02X",abuf[i]);
+ BIO_puts(out,buf);
+ }
+ BIO_puts(out,"\n");
+
+ blen=ECDH_size(b);
+ bbuf=(unsigned char *)OPENSSL_malloc(blen);
+ bout=ECDH_compute_key(bbuf,a->pub_key,b);
+
+ BIO_puts(out," key2 =");
+ for (i=0; i<bout; i++)
+ {
+ sprintf(buf,"%02X",bbuf[i]);
+ BIO_puts(out,buf);
+ }
+ BIO_puts(out,"\n");
+ if ((aout < 4) || (bout != aout) || (memcmp(abuf,bbuf,aout) != 0))
+ {
+ fprintf(stderr,"Error in ECDH routines\n");
+ ret=0;
+ }
+ else
+ ret=1;
+err:
+ ERR_print_errors_fp(stderr);
+
+ if (abuf != NULL) OPENSSL_free(abuf);
+ if (bbuf != NULL) OPENSSL_free(bbuf);
+ if (x) BN_free(x);
+ if (y) BN_free(y);
+ if (a->group) EC_GROUP_free(a->group);
+ a->group = b->group = NULL;
+ if (b) EC_KEY_free(b);
+ if (a) EC_KEY_free(a);
+ return(ret);
+ }
+
+int main(int argc, char *argv[])
+ {
+ BN_CTX *ctx=NULL;
+ int ret=1;
+ BIO *out;
+
+ CRYPTO_malloc_debug_init();
+ CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
+ CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+#ifdef OPENSSL_SYS_WIN32
+ CRYPTO_malloc_init();
+#endif
+
+ RAND_seed(rnd_seed, sizeof rnd_seed);
+
+ out=BIO_new(BIO_s_file());
+ if (out == NULL) exit(1);
+ BIO_set_fp(out,stdout,BIO_NOCLOSE);
+
+ if ((ctx=BN_CTX_new()) == NULL) goto err;
+
+ /* NIST PRIME CURVES TESTS */
+ if (!test_ecdh_curve(EC_GROUP_NIST_PRIME_192, "NIST Prime-Curve P-192", ctx, out)) goto err;
+ if (!test_ecdh_curve(EC_GROUP_NIST_PRIME_224, "NIST Prime-Curve P-224", ctx, out)) goto err;
+ if (!test_ecdh_curve(EC_GROUP_NIST_PRIME_256, "NIST Prime-Curve P-256", ctx, out)) goto err;
+ if (!test_ecdh_curve(EC_GROUP_NIST_PRIME_384, "NIST Prime-Curve P-384", ctx, out)) goto err;
+ if (!test_ecdh_curve(EC_GROUP_NIST_PRIME_521, "NIST Prime-Curve P-521", ctx, out)) goto err;
+ /* NIST BINARY CURVES TESTS */
+ if (!test_ecdh_curve(EC_GROUP_NIST_CHAR2_K163, "NIST Binary-Curve K-163", ctx, out)) goto err;
+ if (!test_ecdh_curve(EC_GROUP_NIST_CHAR2_B163, "NIST Binary-Curve B-163", ctx, out)) goto err;
+ if (!test_ecdh_curve(EC_GROUP_NIST_CHAR2_K233, "NIST Binary-Curve K-233", ctx, out)) goto err;
+ if (!test_ecdh_curve(EC_GROUP_NIST_CHAR2_B233, "NIST Binary-Curve B-233", ctx, out)) goto err;
+ if (!test_ecdh_curve(EC_GROUP_NIST_CHAR2_K283, "NIST Binary-Curve K-283", ctx, out)) goto err;
+ if (!test_ecdh_curve(EC_GROUP_NIST_CHAR2_B283, "NIST Binary-Curve B-283", ctx, out)) goto err;
+ if (!test_ecdh_curve(EC_GROUP_NIST_CHAR2_K409, "NIST Binary-Curve K-409", ctx, out)) goto err;
+ if (!test_ecdh_curve(EC_GROUP_NIST_CHAR2_B409, "NIST Binary-Curve B-409", ctx, out)) goto err;
+ if (!test_ecdh_curve(EC_GROUP_NIST_CHAR2_K571, "NIST Binary-Curve K-571", ctx, out)) goto err;
+ if (!test_ecdh_curve(EC_GROUP_NIST_CHAR2_B571, "NIST Binary-Curve B-571", ctx, out)) goto err;
+
+ ret = 0;
+
+err:
+ ERR_print_errors_fp(stderr);
+ if (ctx) BN_CTX_free(ctx);
+ BIO_free(out);
+ CRYPTO_cleanup_all_ex_data();
+ ERR_remove_state(0);
+ CRYPTO_mem_leaks_fp(stderr);
+ exit(ret);
+ return(ret);
+ }
+
+static void MS_CALLBACK cb(int p, int n, void *arg)
+ {
+ char c='*';
+
+ if (p == 0) c='.';
+ if (p == 1) c='+';
+ if (p == 2) c='*';
+ if (p == 3) c='\n';
+ BIO_write((BIO *)arg,&c,1);
+ (void)BIO_flush((BIO *)arg);
+#ifdef LINT
+ p=n;
+#endif
+ }
+#endif
--- /dev/null
+/* crypto/ecdh/ech_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/* NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/ecdh.h>
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+static ERR_STRING_DATA ECDH_str_functs[]=
+ {
+{ERR_PACK(0,ECDH_F_ECDH_COMPUTE_KEY,0), "ECDH_compute_key"},
+{ERR_PACK(0,ECDH_F_ECDH_DATA_NEW,0), "ECDH_DATA_new"},
+{0,NULL}
+ };
+
+static ERR_STRING_DATA ECDH_str_reasons[]=
+ {
+{ECDH_R_NO_PRIVATE_VALUE ,"no private value"},
+{ECDH_R_POINT_ARITHMETIC_FAILURE ,"point arithmetic failure"},
+{ECDH_R_SHA1_DIGEST_FAILED ,"sha1 digest failed"},
+{0,NULL}
+ };
+
+#endif
+
+void ERR_load_ECDH_strings(void)
+ {
+ static int init=1;
+
+ if (init)
+ {
+ init=0;
+#ifndef OPENSSL_NO_ERR
+ ERR_load_strings(ERR_LIB_ECDH,ECDH_str_functs);
+ ERR_load_strings(ERR_LIB_ECDH,ECDH_str_reasons);
+#endif
+
+ }
+ }
--- /dev/null
+/* crypto/ecdh/ecdh_key.c */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
+ * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
+ * to the OpenSSL project.
+ *
+ * The ECC Code is licensed pursuant to the OpenSSL open source
+ * license provided below.
+ *
+ * In addition, Sun covenants to all licensees who provide a reciprocal
+ * covenant with respect to their own patents if any, not to sue under
+ * current and future patent claims necessarily infringed by the making,
+ * using, practicing, selling, offering for sale and/or otherwise
+ * disposing of the ECC Code as delivered hereunder (or portions thereof),
+ * provided that such covenant shall not apply:
+ * 1) for code that a licensee deletes from the ECC Code;
+ * 2) separates from the ECC Code; or
+ * 3) for infringements caused by:
+ * i) the modification of the ECC Code or
+ * ii) the combination of the ECC Code with other software or
+ * devices where such combination causes the infringement.
+ *
+ * The ECDH software is originally written by Douglas Stebila of
+ * Sun Microsystems Laboratories.
+ *
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "ecdh.h"
+#include <openssl/engine.h>
+
+int ECDH_compute_key(unsigned char *key, const EC_POINT *pub_key, EC_KEY *eckey)
+{
+ ECDH_DATA *ecdh = ecdh_check(eckey);
+ if (ecdh == NULL)
+ return NULL;
+ return ecdh->meth->compute_key(key, pub_key, eckey);
+}
--- /dev/null
+/* crypto/ecdh/ech_lib.c */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
+ * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
+ * to the OpenSSL project.
+ *
+ * The ECC Code is licensed pursuant to the OpenSSL open source
+ * license provided below.
+ *
+ * In addition, Sun covenants to all licensees who provide a reciprocal
+ * covenant with respect to their own patents if any, not to sue under
+ * current and future patent claims necessarily infringed by the making,
+ * using, practicing, selling, offering for sale and/or otherwise
+ * disposing of the ECC Code as delivered hereunder (or portions thereof),
+ * provided that such covenant shall not apply:
+ * 1) for code that a licensee deletes from the ECC Code;
+ * 2) separates from the ECC Code; or
+ * 3) for infringements caused by:
+ * i) the modification of the ECC Code or
+ * ii) the combination of the ECC Code with other software or
+ * devices where such combination causes the infringement.
+ *
+ * The ECDH software is originally written by Douglas Stebila of
+ * Sun Microsystems Laboratories.
+ *
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "ecdh.h"
+#include <string.h>
+#include <openssl/engine.h>
+
+const char *ECDH_version="ECDH" OPENSSL_VERSION_PTEXT;
+
+static void ecdh_finish(EC_KEY *);
+
+static const ECDH_METHOD *default_ECDH_method = NULL;
+
+void ECDH_set_default_method(const ECDH_METHOD *meth)
+ {
+ default_ECDH_method = meth;
+ }
+
+const ECDH_METHOD *ECDH_get_default_method(void)
+ {
+ if(!default_ECDH_method)
+ default_ECDH_method = ECDH_OpenSSL();
+ return default_ECDH_method;
+ }
+
+int ECDH_set_method(EC_KEY *eckey, const ECDH_METHOD *meth)
+ {
+ const ECDH_METHOD *mtmp;
+ ECDH_DATA *ecdh;
+
+ ecdh = ecdh_check(eckey);
+
+ if (ecdh == NULL)
+ return 0;
+
+ mtmp = ecdh->meth;
+#if 0
+ if (mtmp->finish)
+ mtmp->finish(eckey);
+#endif
+ if (ecdh->engine)
+ {
+ ENGINE_finish(ecdh->engine);
+ ecdh->engine = NULL;
+ }
+ ecdh->meth = meth;
+#if 0
+ if (meth->init)
+ meth->init(eckey);
+#endif
+ return 1;
+ }
+
+ECDH_DATA *ECDH_DATA_new(void)
+ {
+ return ECDH_DATA_new_method(NULL);
+ }
+
+ECDH_DATA *ECDH_DATA_new_method(ENGINE *engine)
+ {
+ ECDH_DATA *ret;
+
+ ret=(ECDH_DATA *)OPENSSL_malloc(sizeof(ECDH_DATA));
+ if (ret == NULL)
+ {
+ ECDHerr(ECDH_F_ECDH_DATA_NEW, ERR_R_MALLOC_FAILURE);
+ return(NULL);
+ }
+
+ ret->init = NULL;
+ ret->finish = ecdh_finish;
+
+ ret->meth = ECDH_get_default_method();
+ ret->engine = engine;
+ if (!ret->engine)
+ ret->engine = ENGINE_get_default_ECDH();
+ if (ret->engine)
+ {
+ ret->meth = ENGINE_get_ECDH(ret->engine);
+ if (!ret->meth)
+ {
+ ECDHerr(ECDH_F_ECDH_DATA_NEW, ERR_R_ENGINE_LIB);
+ ENGINE_finish(ret->engine);
+ OPENSSL_free(ret);
+ return NULL;
+ }
+ }
+
+ ret->flags = ret->meth->flags;
+ CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ECDH, ret, &ret->ex_data);
+#if 0
+ if ((ret->meth->init != NULL) && !ret->meth->init(ret))
+ {
+ CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDH, ret, &ret->ex_data);
+ OPENSSL_free(ret);
+ ret=NULL;
+ }
+#endif
+ return(ret);
+ }
+
+void ECDH_DATA_free(ECDH_DATA *r)
+ {
+#if 0
+ if (r->meth->finish)
+ r->meth->finish(r);
+#endif
+ if (r->engine)
+ ENGINE_finish(r->engine);
+
+ CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDH, r, &r->ex_data);
+
+ memset((void *)r, 0x0, sizeof(ECDH_DATA));
+
+ OPENSSL_free(r);
+ }
+
+ECDH_DATA *ecdh_check(EC_KEY *key)
+ {
+ if (key->meth_data)
+ {
+ if (key->meth_data->finish != ecdh_finish)
+ {
+ key->meth_data->finish(key);
+ key->meth_data = (EC_KEY_METH_DATA *)ECDH_DATA_new();
+ }
+ }
+ else
+ key->meth_data = (EC_KEY_METH_DATA *)ECDH_DATA_new();
+ return (ECDH_DATA *)key->meth_data;
+ }
+
+static void ecdh_finish(EC_KEY *key)
+ {
+ if (key->meth_data && key->meth_data->finish == ecdh_finish)
+ ECDH_DATA_free((ECDH_DATA *)key->meth_data);
+ }
+
+
+int ECDH_size(const EC_KEY *ecdh)
+ {
+ return 20;
+ }
+
+
+int ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+ CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
+ {
+ return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ECDH, argl, argp,
+ new_func, dup_func, free_func);
+ }
+
+int ECDH_set_ex_data(EC_KEY *d, int idx, void *arg)
+ {
+ ECDH_DATA *ecdh;
+ ecdh = ecdh_check(d);
+ if (ecdh == NULL)
+ return 0;
+ return(CRYPTO_set_ex_data(&ecdh->ex_data,idx,arg));
+ }
+
+void *ECDH_get_ex_data(EC_KEY *d, int idx)
+ {
+ ECDH_DATA *ecdh;
+ ecdh = ecdh_check(d);
+ if (ecdh == NULL)
+ return NULL;
+ return(CRYPTO_get_ex_data(&ecdh->ex_data,idx));
+ }
--- /dev/null
+/* crypto/ecdh/ech_ossl.c */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
+ * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
+ * to the OpenSSL project.
+ *
+ * The ECC Code is licensed pursuant to the OpenSSL open source
+ * license provided below.
+ *
+ * In addition, Sun covenants to all licensees who provide a reciprocal
+ * covenant with respect to their own patents if any, not to sue under
+ * current and future patent claims necessarily infringed by the making,
+ * using, practicing, selling, offering for sale and/or otherwise
+ * disposing of the ECC Code as delivered hereunder (or portions thereof),
+ * provided that such covenant shall not apply:
+ * 1) for code that a licensee deletes from the ECC Code;
+ * 2) separates from the ECC Code; or
+ * 3) for infringements caused by:
+ * i) the modification of the ECC Code or
+ * ii) the combination of the ECC Code with other software or
+ * devices where such combination causes the infringement.
+ *
+ * The ECDH software is originally written by Douglas Stebila of
+ * Sun Microsystems Laboratories.
+ *
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+
+#include "ecdh.h"
+#include <openssl/err.h>
+#include <openssl/sha.h>
+#include <openssl/obj_mac.h>
+
+static int ecdh_compute_key(unsigned char *key, const EC_POINT *pub_key, EC_KEY *ecdh);
+
+static ECDH_METHOD openssl_ecdh_meth = {
+ "OpenSSL ECDH method",
+ ecdh_compute_key,
+#if 0
+ NULL, /* init */
+ NULL, /* finish */
+#endif
+ 0, /* flags */
+ NULL /* app_data */
+};
+
+const ECDH_METHOD *ECDH_OpenSSL(void)
+ {
+ return &openssl_ecdh_meth;
+ }
+
+
+/* This implementation is based on the following primitives in the IEEE 1363 standard:
+ * - ECKAS-DH1
+ * - ECSVDP-DH
+ * - KDF1 with SHA-1
+ */
+static int ecdh_compute_key(unsigned char *key, const EC_POINT *pub_key, EC_KEY *ecdh)
+ {
+ BN_CTX *ctx;
+ EC_POINT *tmp=NULL;
+ BIGNUM *x=NULL, *y=NULL;
+ int ret= -1, len;
+ unsigned char *buf=NULL;
+
+ if ((ctx = BN_CTX_new()) == NULL) goto err;
+ BN_CTX_start(ctx);
+ x = BN_CTX_get(ctx);
+ y = BN_CTX_get(ctx);
+
+ if (ecdh->priv_key == NULL)
+ {
+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_NO_PRIVATE_VALUE);
+ goto err;
+ }
+
+ if ((tmp=EC_POINT_new(ecdh->group)) == NULL)
+ {
+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ if (!EC_POINT_mul(ecdh->group, tmp, NULL, pub_key, ecdh->priv_key, ctx))
+ {
+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE);
+ goto err;
+ }
+
+ if (EC_METHOD_get_field_type(EC_GROUP_method_of(ecdh->group)) == NID_X9_62_prime_field)
+ {
+ if (!EC_POINT_get_affine_coordinates_GFp(ecdh->group, tmp, x, y, ctx))
+ {
+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE);
+ goto err;
+ }
+ }
+ else
+ {
+ if (!EC_POINT_get_affine_coordinates_GF2m(ecdh->group, tmp, x, y, ctx))
+ {
+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE);
+ goto err;
+ }
+ }
+
+ if ((buf = (unsigned char *)OPENSSL_malloc(sizeof(unsigned char) * BN_num_bytes(x))) == NULL)
+ {
+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ if ((len = BN_bn2bin(x,buf)) <= 0)
+ {
+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB);
+ goto err;
+ }
+
+ if ((SHA1(buf, len, key) == NULL))
+ {
+ ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_SHA1_DIGEST_FAILED);
+ goto err;
+ }
+
+ ret = 20;
+
+err:
+ if (tmp) EC_POINT_free(tmp);
+ if (ctx) BN_CTX_end(ctx);
+ if (ctx) BN_CTX_free(ctx);
+ if (buf) OPENSSL_free(buf);
+ return(ret);
+ }
* Hudson (tjh@cryptsoft.com).
*
*/
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * Portions of the attached software ("Contribution") are developed by
+ * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
+ *
+ * The Contribution is licensed pursuant to the OpenSSL open source
+ * license provided above.
+ *
+ * In addition, Sun covenants to all licensees who provide a reciprocal
+ * covenant with respect to their own patents if any, not to sue under
+ * current and future patent claims necessarily infringed by the making,
+ * using, practicing, selling, offering for sale and/or otherwise
+ * disposing of the Contribution as delivered hereunder
+ * (or portions thereof), provided that such covenant shall not apply:
+ * 1) for code that a licensee deletes from the Contribution;
+ * 2) separates from the Contribution; or
+ * 3) for infringements caused by:
+ * i) the modification of the Contribution or
+ * ii) the combination of the Contribution with other software or
+ * devices where such combination causes the infringement.
+ *
+ * The elliptic curve binary polynomial software is originally written by
+ * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
+ *
+ */
+
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
OPENSSL_free(dgst);
dgst = NULL;
-
- /* NIST PRIME CURVES TESTS */
- /* EC_GROUP_NIST_PRIME_192 */
for (i=0; i<ECDSA_NIST_TESTS; i++)
- if (!RAND_bytes(digest[i], 20)) goto err;
-
- BIO_printf(bio_err, "\nTesting sign & verify with NIST Prime-Curve P-192 : \n");
- EC_KEY_free(ecdsa);
- if ((ecdsa = EC_KEY_new()) == NULL) goto err;
- if ((ecdsa->group = EC_GROUP_new_by_name(EC_GROUP_NIST_PRIME_192))
- == NULL) goto err;
- if (!EC_KEY_generate_key(ecdsa)) goto err;
- tim = clock();
- for (i=0; i<ECDSA_NIST_TESTS; i++)
- if ((signatures[i] = ECDSA_do_sign(digest[i], 20, ecdsa)) == NULL) goto err;
- tim = clock() - tim;
- tim_d = (double)tim / CLOCKS_PER_SEC;
- BIO_printf(bio_err, "%d x ECDSA_do_sign() in %.2f"UNIT" => average time for ECDSA_do_sign() %.4f"UNIT"\n"
- , ECDSA_NIST_TESTS, tim_d, tim_d / ECDSA_NIST_TESTS);
- tim = clock();
- for (i=0; i<ECDSA_NIST_TESTS; i++)
- if (!ECDSA_do_verify(digest[i], 20, signatures[i], ecdsa)) goto err;
- tim = clock() - tim;
- tim_d = (double)tim / CLOCKS_PER_SEC;
- BIO_printf(bio_err, "%d x ECDSA_do_verify() in %.2f"UNIT" => average time for ECDSA_do_verify() %.4f"UNIT"\n"
- , ECDSA_NIST_TESTS, tim_d, tim_d/ECDSA_NIST_TESTS);
- for (i=0; i<ECDSA_NIST_TESTS; i++)
- {
- ECDSA_SIG_free(signatures[i]);
- signatures[i] = NULL;
- }
-
- /* EC_GROUP_NIST_PRIME_224 */
- BIO_printf(bio_err, "Testing sign & verify with NIST Prime-Curve P-224 : \n");
- EC_KEY_free(ecdsa);
- if ((ecdsa = EC_KEY_new()) == NULL) goto err;
- if ((ecdsa->group = EC_GROUP_new_by_name(EC_GROUP_NIST_PRIME_224)) == NULL) goto err;
- if (!EC_KEY_generate_key(ecdsa)) goto err;
- tim = clock();
- for (i=0; i<ECDSA_NIST_TESTS; i++)
- if ((signatures[i] = ECDSA_do_sign(digest[i], 20, ecdsa)) == NULL) goto err;
- tim = clock() - tim;
- tim_d = (double)tim / CLOCKS_PER_SEC;
- BIO_printf(bio_err, "%d x ECDSA_do_sign() in %.2f"UNIT" => average time for ECDSA_do_sign() %.4f"UNIT"\n"
- , ECDSA_NIST_TESTS, tim_d, tim_d / ECDSA_NIST_TESTS);
- tim = clock();
- for (i=0; i<ECDSA_NIST_TESTS; i++)
- if (!ECDSA_do_verify(digest[i], 20, signatures[i], ecdsa)) goto err;
- tim = clock() - tim;
- tim_d = (double)tim / CLOCKS_PER_SEC;
- BIO_printf(bio_err, "%d x ECDSA_do_verify() in %.2f"UNIT" => average time for ECDSA_do_verify() %.4f"UNIT"\n"
- , ECDSA_NIST_TESTS, tim_d, tim_d/ECDSA_NIST_TESTS);
- for (i=0; i<ECDSA_NIST_TESTS; i++)
- {
- ECDSA_SIG_free(signatures[i]);
- signatures[i] = NULL;
- }
-
- /* EC_GROUP_NIST_PRIME_256 */
- BIO_printf(bio_err, "Testing sign & verify with NIST Prime-Curve P-256 : \n");
- EC_KEY_free(ecdsa);
- if ((ecdsa = EC_KEY_new()) == NULL) goto err;
- if ((ecdsa->group = EC_GROUP_new_by_name(EC_GROUP_NIST_PRIME_256)) == NULL) goto err;
- if (!EC_KEY_generate_key(ecdsa)) goto err;
- tim = clock();
- for (i=0; i<ECDSA_NIST_TESTS; i++)
- if ((signatures[i] = ECDSA_do_sign(digest[i], 20, ecdsa)) == NULL) goto err;
- tim = clock() - tim;
- tim_d = (double)tim / CLOCKS_PER_SEC;
- BIO_printf(bio_err, "%d x ECDSA_do_sign() in %.2f"UNIT" => average time for ECDSA_do_sign() %.4f"UNIT"\n"
- , ECDSA_NIST_TESTS, tim_d, tim_d / ECDSA_NIST_TESTS);
- tim = clock();
- for (i=0; i<ECDSA_NIST_TESTS; i++)
- if (!ECDSA_do_verify(digest[i], 20, signatures[i], ecdsa)) goto err;
- tim = clock() - tim;
- tim_d = (double)tim / CLOCKS_PER_SEC;
- BIO_printf(bio_err, "%d x ECDSA_do_verify() in %.2f"UNIT" => average time for ECDSA_do_verify() %.4f"UNIT"\n"
- , ECDSA_NIST_TESTS, tim_d, tim_d/ECDSA_NIST_TESTS);
- for (i=0; i<ECDSA_NIST_TESTS; i++)
- {
- ECDSA_SIG_free(signatures[i]);
- signatures[i] = NULL;
- }
-
- /* EC_GROUP_NIST_PRIME_384 */
- BIO_printf(bio_err, "Testing sign & verify with NIST Prime-Curve P-384 : \n");
- EC_KEY_free(ecdsa);
- if ((ecdsa = EC_KEY_new()) == NULL) goto err;
- if ((ecdsa->group = EC_GROUP_new_by_name(EC_GROUP_NIST_PRIME_384)) == NULL) goto err;
- if (!EC_KEY_generate_key(ecdsa)) goto err;
- tim = clock();
- for (i=0; i<ECDSA_NIST_TESTS; i++)
- if ((signatures[i] = ECDSA_do_sign(digest[i], 20, ecdsa)) == NULL) goto err;
- tim = clock() - tim;
- tim_d = (double)tim / CLOCKS_PER_SEC;
- BIO_printf(bio_err, "%d x ECDSA_do_sign() in %.2f"UNIT" => average time for ECDSA_do_sign() %.4f"UNIT"\n"
- , ECDSA_NIST_TESTS, tim_d, tim_d / ECDSA_NIST_TESTS);
- tim = clock();
- for (i=0; i<ECDSA_NIST_TESTS; i++)
- if (!ECDSA_do_verify(digest[i], 20, signatures[i], ecdsa)) goto err;
- tim = clock() - tim;
- tim_d = (double)tim / CLOCKS_PER_SEC;
- BIO_printf(bio_err, "%d x ECDSA_do_verify() in %.2f"UNIT" => average time for ECDSA_do_verify() %.4f"UNIT"\n"
- , ECDSA_NIST_TESTS, tim_d, tim_d/ECDSA_NIST_TESTS);
- for (i=0; i<ECDSA_NIST_TESTS; i++)
- {
- ECDSA_SIG_free(signatures[i]);
- signatures[i] = NULL;
+ if (!RAND_bytes(digest[i], 20)) goto err;
+
+ BIO_printf(bio_err, "\n");
+
+/* Macro for each test */
+#define ECDSA_GROUP_TEST(text, curve) \
+ BIO_printf(bio_err, "Testing sign & verify with %s : \n", text); \
+ EC_KEY_free(ecdsa); \
+ if ((ecdsa = EC_KEY_new()) == NULL) goto err; \
+ if ((ecdsa->group = EC_GROUP_new_by_name(curve)) == NULL) goto err; \
+ if (!EC_KEY_generate_key(ecdsa)) goto err; \
+ tim = clock(); \
+ for (i=0; i<ECDSA_NIST_TESTS; i++) \
+ if ((signatures[i] = ECDSA_do_sign(digest[i], 20, ecdsa)) == NULL) goto err; \
+ tim = clock() - tim; \
+ tim_d = (double)tim / CLOCKS_PER_SEC; \
+ BIO_printf(bio_err, "%d x ECDSA_do_sign() in %.2f"UNIT" => average time for ECDSA_do_sign() %.4f"UNIT"\n" \
+ , ECDSA_NIST_TESTS, tim_d, tim_d / ECDSA_NIST_TESTS); \
+ tim = clock(); \
+ for (i=0; i<ECDSA_NIST_TESTS; i++) \
+ if (!ECDSA_do_verify(digest[i], 20, signatures[i], ecdsa)) goto err; \
+ tim = clock() - tim; \
+ tim_d = (double)tim / CLOCKS_PER_SEC; \
+ BIO_printf(bio_err, "%d x ECDSA_do_verify() in %.2f"UNIT" => average time for ECDSA_do_verify() %.4f"UNIT"\n" \
+ , ECDSA_NIST_TESTS, tim_d, tim_d/ECDSA_NIST_TESTS); \
+ for (i=0; i<ECDSA_NIST_TESTS; i++) \
+ { \
+ ECDSA_SIG_free(signatures[i]); \
+ signatures[i] = NULL; \
}
+
+ /* NIST PRIME CURVES TESTS */
+ ECDSA_GROUP_TEST("NIST Prime-Curve P-192", EC_GROUP_NIST_PRIME_192);
+ ECDSA_GROUP_TEST("NIST Prime-Curve P-224", EC_GROUP_NIST_PRIME_224);
+ ECDSA_GROUP_TEST("NIST Prime-Curve P-256", EC_GROUP_NIST_PRIME_256);
+ ECDSA_GROUP_TEST("NIST Prime-Curve P-384", EC_GROUP_NIST_PRIME_384);
+ ECDSA_GROUP_TEST("NIST Prime-Curve P-521", EC_GROUP_NIST_PRIME_521);
+ /* NIST BINARY CURVES TESTS */
+ ECDSA_GROUP_TEST("NIST Binary-Curve K-163", EC_GROUP_NIST_CHAR2_K163);
+ ECDSA_GROUP_TEST("NIST Binary-Curve B-163", EC_GROUP_NIST_CHAR2_B163);
+ ECDSA_GROUP_TEST("NIST Binary-Curve K-233", EC_GROUP_NIST_CHAR2_K233);
+ ECDSA_GROUP_TEST("NIST Binary-Curve B-233", EC_GROUP_NIST_CHAR2_B233);
+ ECDSA_GROUP_TEST("NIST Binary-Curve K-283", EC_GROUP_NIST_CHAR2_K283);
+ ECDSA_GROUP_TEST("NIST Binary-Curve B-283", EC_GROUP_NIST_CHAR2_B283);
+ ECDSA_GROUP_TEST("NIST Binary-Curve K-409", EC_GROUP_NIST_CHAR2_K409);
+ ECDSA_GROUP_TEST("NIST Binary-Curve B-409", EC_GROUP_NIST_CHAR2_B409);
+ ECDSA_GROUP_TEST("NIST Binary-Curve K-571", EC_GROUP_NIST_CHAR2_K571);
+ ECDSA_GROUP_TEST("NIST Binary-Curve B-571", EC_GROUP_NIST_CHAR2_B571);
+#undef ECDSA_GROUP_TEST
- /* EC_GROUP_NIST_PRIME_521 */
- BIO_printf(bio_err, "Testing sign & verify with NIST Prime-Curve P-521 : \n");
- EC_KEY_free(ecdsa);
- if ((ecdsa = EC_KEY_new()) == NULL) goto err;
- if ((ecdsa->group = EC_GROUP_new_by_name(EC_GROUP_NIST_PRIME_521)) == NULL) goto err;
- if (!EC_KEY_generate_key(ecdsa)) goto err;
- tim = clock();
- for (i=0; i<ECDSA_NIST_TESTS; i++)
- if ((signatures[i] = ECDSA_do_sign(digest[i], 20, ecdsa)) == NULL) goto err;
- tim = clock() - tim;
- tim_d = (double)tim / CLOCKS_PER_SEC;
- BIO_printf(bio_err, "%d x ECDSA_do_sign() in %.2f"UNIT" => average time for ECDSA_do_sign() %.4f"UNIT"\n"
- , ECDSA_NIST_TESTS, tim_d, tim_d / ECDSA_NIST_TESTS);
- tim = clock();
- for (i=0; i<ECDSA_NIST_TESTS; i++)
- if (!ECDSA_do_verify(digest[i], 20, signatures[i], ecdsa)) goto err;
- tim = clock() - tim;
- tim_d = (double)tim / CLOCKS_PER_SEC;
- BIO_printf(bio_err, "%d x ECDSA_do_verify() in %.2f"UNIT" => average time for ECDSA_do_verify() %.4f"UNIT"\n"
- , ECDSA_NIST_TESTS, tim_d, tim_d/ECDSA_NIST_TESTS);
EC_KEY_free(ecdsa);
ecdsa = NULL;
- for (i=0; i<ECDSA_NIST_TESTS; i++)
- {
- ECDSA_SIG_free(signatures[i]);
- signatures[i] = NULL;
- }
-
OPENSSL_free(buffer);
buffer = NULL;
EVP_PKEY_free(pkey);
pkey = NULL;
- ecdsa = NULL;
ret = 1;
err: if (!ret)
if (d) BN_free(d);
if (dgst) OPENSSL_free(dgst);
if (md_ctx) EVP_MD_CTX_destroy(md_ctx);
+ if (pkey) EVP_PKEY_free(pkey);
CRYPTO_cleanup_all_ex_data();
ERR_remove_state(0);
ERR_free_strings();
LIB=$(TOP)/libcrypto.a
LIBSRC= eng_err.c eng_lib.c eng_list.c eng_init.c eng_ctrl.c \
eng_table.c eng_pkey.c eng_fat.c eng_all.c \
- tb_rsa.c tb_dsa.c tb_ecdsa.c tb_dh.c tb_rand.c tb_cipher.c tb_digest.c \
+ tb_rsa.c tb_dsa.c tb_ecdsa.c tb_dh.c tb_rand.c tb_cipher.c tb_digest.c tb_ecdh.c \
eng_openssl.c eng_dyn.c eng_cnf.c \
hw_atalla.c hw_cswift.c hw_ncipher.c hw_nuron.c hw_ubsec.c \
hw_openbsd_dev_crypto.c hw_aep.c hw_sureware.c hw_4758_cca.c
LIBOBJ= eng_err.o eng_lib.o eng_list.o eng_init.o eng_ctrl.o \
eng_table.o eng_pkey.o eng_fat.o eng_all.o \
- tb_rsa.o tb_dsa.o tb_ecdsa.o tb_dh.o tb_rand.o tb_cipher.o tb_digest.o \
+ tb_rsa.o tb_dsa.o tb_ecdsa.o tb_dh.o tb_rand.o tb_cipher.o tb_digest.o tb_ecdh.o \
eng_openssl.o eng_dyn.o eng_cnf.o \
hw_atalla.o hw_cswift.o hw_ncipher.o hw_nuron.o hw_ubsec.o \
hw_openbsd_dev_crypto.o hw_aep.o hw_sureware.o hw_4758_cca.o
tb_dsa.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
tb_dsa.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
tb_dsa.o: eng_int.h tb_dsa.c
+tb_ecdh.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
+tb_ecdh.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+tb_ecdh.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+tb_ecdh.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+tb_ecdh.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+tb_ecdh.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+tb_ecdh.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+tb_ecdh.o: ../../include/openssl/ecdh.h ../../include/openssl/engine.h
+tb_ecdh.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+tb_ecdh.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+tb_ecdh.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+tb_ecdh.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+tb_ecdh.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+tb_ecdh.o: ../../include/openssl/opensslconf.h
+tb_ecdh.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tb_ecdh.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
+tb_ecdh.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+tb_ecdh.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+tb_ecdh.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+tb_ecdh.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+tb_ecdh.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+tb_ecdh.o: eng_int.h tb_ecdh.c
tb_ecdsa.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
tb_ecdsa.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
tb_ecdsa.o: ../../include/openssl/bn.h ../../include/openssl/cast.h
* Hudson (tjh@cryptsoft.com).
*
*/
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECDH support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
#include <openssl/crypto.h>
#include "cryptlib.h"
#ifndef OPENSSL_NO_DH
if((flags & ENGINE_METHOD_DH) & !ENGINE_set_default_DH(e))
return 0;
+#endif
+#ifndef OPENSSL_NO_ECDH
+ if((flags & ENGINE_METHOD_ECDH) & !ENGINE_set_default_ECDH(e))
+ return 0;
+#endif
+#ifndef OPENSSL_NO_ECDSA
+ if((flags & ENGINE_METHOD_ECDSA) & !ENGINE_set_default_ECDSA(e))
+ return 0;
#endif
if((flags & ENGINE_METHOD_RAND) & !ENGINE_set_default_RAND(e))
return 0;
*pflags |= ENGINE_METHOD_RSA;
else if (!strncmp(alg, "DSA", len))
*pflags |= ENGINE_METHOD_DSA;
+ else if (!strncmp(alg, "ECDH", len))
+ *pflags |= ENGINE_METHOD_ECDH;
+ else if (!strncmp(alg, "ECDSA", len))
+ *pflags |= ENGINE_METHOD_ECDSA;
else if (!strncmp(alg, "DH", len))
*pflags |= ENGINE_METHOD_DH;
else if (!strncmp(alg, "RAND", len))
#endif
#ifndef OPENSSL_NO_DH
ENGINE_register_DH(e);
+#endif
+#ifndef OPENSSL_NO_ECDH
+ ENGINE_register_ECDH(e);
+#endif
+#ifndef OPENSSL_NO_ECDSA
+ ENGINE_register_ECDSA(e);
#endif
ENGINE_register_RAND(e);
return 1;
* Hudson (tjh@cryptsoft.com).
*
*/
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECDH support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
#ifndef HEADER_ENGINE_INT_H
#define HEADER_ENGINE_INT_H
const RSA_METHOD *rsa_meth;
const DSA_METHOD *dsa_meth;
const DH_METHOD *dh_meth;
+ const ECDH_METHOD *ecdh_meth;
const ECDSA_METHOD *ecdsa_meth;
const RAND_METHOD *rand_meth;
/* Cipher handling is via this callback */
* Hudson (tjh@cryptsoft.com).
*
*/
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECDH support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
#include <openssl/crypto.h>
#include "cryptlib.h"
#ifndef OPENSSL_NO_DH
dest->dh_meth = src->dh_meth;
#endif
+#ifndef OPENSSL_NO_ECDH
+ dest->ecdh_meth = src->ecdh_meth;
+#endif
#ifndef OPENSSL_NO_ECDSA
dest->ecdsa_meth = src->ecdsa_meth;
#endif
* Hudson (tjh@cryptsoft.com).
*
*/
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECDH support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
#include <stdio.h>
#ifndef OPENSSL_NO_DSA
|| !ENGINE_set_DSA(e, DSA_get_default_method())
#endif
+#ifndef OPENSSL_NO_ECDH
+ || !ENGINE_set_ECDH(e, ECDH_OpenSSL())
+#endif
+#ifndef OPENSSL_NO_ECDSA
+ || !ENGINE_set_ECDSA(e, ECDSA_OpenSSL())
+#endif
#ifndef OPENSSL_NO_DH
|| !ENGINE_set_DH(e, DH_get_default_method())
#endif
* Hudson (tjh@cryptsoft.com).
*
*/
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECDH support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
#ifndef HEADER_ENGINE_H
#define HEADER_ENGINE_H
#ifndef OPENSSL_NO_DH
#include <openssl/dh.h>
#endif
+#ifndef OPENSSL_NO_ECDH
+#include <openssl/ecdh.h>
+#endif
#ifndef OPENSSL_NO_ECDSA
#include <openssl/ecdsa.h>
#endif
#ifdef OPENSSL_NO_DH
typedef void DH_METHOD;
#endif
+#ifdef OPENSSL_NO_ECDH
+typedef void ECDH_METHOD;
+#endif
#ifdef OPENSSL_NO_ECDSA
typedef void ECDSA_METHOD;
#endif
#define ENGINE_METHOD_DSA (unsigned int)0x0002
#define ENGINE_METHOD_DH (unsigned int)0x0004
#define ENGINE_METHOD_RAND (unsigned int)0x0008
-#define ENGINE_METHOD_ECDSA (unsigned int)0x000F
+#define ENGINE_METHOD_ECDH (unsigned int)0x0010
+#define ENGINE_METHOD_ECDSA (unsigned int)0x0020
#define ENGINE_METHOD_CIPHERS (unsigned int)0x0040
#define ENGINE_METHOD_DIGESTS (unsigned int)0x0080
/* Obvious all-or-nothing cases. */
void ENGINE_unregister_DSA(ENGINE *e);
void ENGINE_register_all_DSA(void);
+int ENGINE_register_ECDH(ENGINE *e);
+void ENGINE_unregister_ECDH(ENGINE *e);
+void ENGINE_register_all_ECDH(void);
+
int ENGINE_register_ECDSA(ENGINE *e);
void ENGINE_unregister_ECDSA(ENGINE *e);
void ENGINE_register_all_ECDSA(void);
int ENGINE_set_name(ENGINE *e, const char *name);
int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+int ENGINE_set_ECDH(ENGINE *e, const ECDH_METHOD *ecdh_meth);
int ENGINE_set_ECDSA(ENGINE *e, const ECDSA_METHOD *ecdsa_meth);
int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
const char *ENGINE_get_name(const ENGINE *e);
const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+const ECDH_METHOD *ENGINE_get_ECDH(const ENGINE *e);
const ECDSA_METHOD *ENGINE_get_ECDSA(const ENGINE *e);
const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
ENGINE *ENGINE_get_default_RSA(void);
/* Same for the other "methods" */
ENGINE *ENGINE_get_default_DSA(void);
+ENGINE *ENGINE_get_default_ECDH(void);
ENGINE *ENGINE_get_default_ECDSA(void);
ENGINE *ENGINE_get_default_DH(void);
ENGINE *ENGINE_get_default_RAND(void);
int ENGINE_set_default_string(ENGINE *e, const char *list);
/* Same for the other "methods" */
int ENGINE_set_default_DSA(ENGINE *e);
+int ENGINE_set_default_ECDH(ENGINE *e);
int ENGINE_set_default_ECDSA(ENGINE *e);
int ENGINE_set_default_DH(ENGINE *e);
int ENGINE_set_default_RAND(ENGINE *e);
#define ERR_LIB_UI 40
#define ERR_LIB_COMP 41
#define ERR_LIB_ECDSA 42
+#define ERR_LIB_ECDH 43
#define ERR_LIB_USER 128
#define UIerr(f,r) ERR_PUT_error(ERR_LIB_UI,(f),(r),__FILE__,__LINE__)
#define COMPerr(f,r) ERR_PUT_error(ERR_LIB_COMP,(f),(r),__FILE__,__LINE__)
#define ECDSAerr(f,r) ERR_PUT_error(ERR_LIB_ECDSA,(f),(r),__FILE__,__LINE__)
+#define ECDHerr(f,r) ERR_PUT_error(ERR_LIB_ECDH,(f),(r),__FILE__,__LINE__)
/* Borland C seems too stupid to be able to shift and do longs in
* the pre-processor :-( */
#define ERR_R_UI_LIB ERR_LIB_UI /* 40 */
#define ERR_R_COMP_LIB ERR_LIB_COMP /* 41 */
#define ERR_R_ECDSA_LIB ERR_LIB_ECDSA /* 42 */
+#define ERR_R_ECDH_LIB ERR_LIB_ECDH /* 43 */
#define ERR_R_NESTED_ASN1_ERROR 58
#define ERR_R_BAD_ASN1_OBJECT_HEADER 59
L OCSP crypto/ocsp/ocsp.h crypto/ocsp/ocsp_err.c
L UI crypto/ui/ui.h crypto/ui/ui_err.c
L ECDSA crypto/ecdsa/ecdsa.h crypto/ecdsa/ecs_err.c
+L ECDH crypto/ecdh/ecdh.h crypto/ecdh/ech_err.c
# additional header files to be scanned for function names
L NONE crypto/x509/x509_vfy.h NONE
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECDH support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
#ifndef HEADER_X509_H
#define HEADER_X509_H
#include <openssl/ecdsa.h>
#endif
+#ifndef OPENSSL_NO_ECDH
+#include <openssl/ecdh.h>
+#endif
+
#ifndef OPENSSL_NO_DH
#include <openssl/dh.h>
#endif
BNTEST= bntest
ECTEST= ectest
ECDSATEST= ecdsatest
+ECDHTEST= ecdhtest
EXPTEST= exptest
IDEATEST= ideatest
SHATEST= shatest
TESTS= alltests
-EXE= $(BNTEST) $(ECTEST) $(ECDSATEST) $(IDEATEST) \
+EXE= $(BNTEST) $(ECTEST) $(ECDSATEST) $(ECDHTEST) $(IDEATEST) \
$(MD2TEST) $(MD4TEST) $(MD5TEST) $(HMACTEST) \
$(RC2TEST) $(RC4TEST) $(RC5TEST) \
$(DESTEST) $(SHATEST) $(SHA1TEST) $(MDC2TEST) $(RMDTEST) \
# $(METHTEST)
-OBJ= $(BNTEST).o $(ECTEST).o $(ECDSATEST).o $(IDEATEST).o \
+OBJ= $(BNTEST).o $(ECTEST).o $(ECDSATEST).o $(ECDHTEST).o $(IDEATEST).o \
$(MD2TEST).o $(MD4TEST).o $(MD5TEST).o \
$(HMACTEST).o \
$(RC2TEST).o $(RC4TEST).o $(RC5TEST).o \
$(RANDTEST).o $(DHTEST).o $(ENGINETEST).o $(CASTTEST).o \
$(BFTEST).o $(SSLTEST).o $(DSATEST).o $(EXPTEST).o $(RSATEST).o \
$(EVPTEST).o
-SRC= $(BNTEST).c $(ECTEST).c $(ECDSATEST).c $(IDEATEST).c \
+SRC= $(BNTEST).c $(ECTEST).c $(ECDSATEST).c $(ECDHTEST).c $(IDEATEST).c \
$(MD2TEST).c $(MD4TEST).c $(MD5TEST).c \
$(HMACTEST).c \
$(RC2TEST).c $(RC4TEST).c $(RC5TEST).c \
test_des test_idea test_sha test_md4 test_md5 test_hmac \
test_md2 test_mdc2 \
test_rmd test_rc2 test_rc4 test_rc5 test_bf test_cast test_rd \
- test_rand test_bn test_ec test_ecdsa \
+ test_rand test_bn test_ec test_ecdsa test_ecdh \
test_enc test_x509 test_rsa test_crl test_sid \
test_gen test_req test_pkcs7 test_verify test_dh test_dsa \
test_ss test_ca test_engine test_evp test_ssl
@echo 'test ecdsa'
./$(ECDSATEST)
+test_ecdh:
+ @echo 'test ecdh'
+ ./$(ECDHTEST)
+
test_verify:
@echo "The following command should have some OK's and some failures"
@echo "There are definitly a few expired certificates"
$(ECDSATEST): $(ECDSATEST).o $(DLIBCRYPTO)
$(CC) -o $(ECDSATEST) $(CFLAGS) $(ECDSATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+$(ECDHTEST): $(ECDHTEST).o $(DLIBCRYPTO)
+ $(CC) -o $(ECDHTEST) $(CFLAGS) $(ECDHTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
#$(RDTEST).o: $(RDTEST).c
# $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(RDTEST).c
ectest.o: ../include/openssl/rand.h ../include/openssl/rsa.h
ectest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
ectest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h ectest.c
+ecdhtest.o: ../include/openssl/bio.h ../include/openssl/bn.h
+ecdhtest.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+ecdhtest.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+ecdhtest.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+ecdhtest.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+ecdhtest.o: ../include/openssl/engine.h ../include/openssl/err.h
+ecdhtest.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+ecdhtest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ecdhtest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ecdhtest.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+ecdhtest.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+ecdhtest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ecdhtest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+ecdhtest.o: ../include/openssl/ui.h ../include/openssl/x509.h
+ecdhtest.o: ../include/openssl/x509_vfy.h ecdhtest.c
enginetest.o: ../include/openssl/asn1.h ../include/openssl/bio.h
enginetest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
enginetest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
"CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1",
"RIPEMD",
- "MDC2", "RSA", "DSA", "DH", "EC", "ECDSA", "HMAC", "AES",
+ "MDC2", "RSA", "DSA", "DH", "EC", "ECDH", "ECDSA", "HMAC", "AES",
# Envelope "algorithms"
"EVP", "X509", "ASN1_TYPEDEFS",
# Helper "algorithms"
my $no_cast;
my $no_md2; my $no_md4; my $no_md5; my $no_sha; my $no_ripemd; my $no_mdc2;
my $no_rsa; my $no_dsa; my $no_dh; my $no_hmac=0; my $no_aes; my $no_krb5;
-my $no_ec; my $no_ecdsa;
+my $no_ec; my $no_ecdsa; my $no_ecdh;
my $no_fp_api;
foreach (@ARGV, split(/ /, $options))
elsif (/^no-dh$/) { $no_dh=1; }
elsif (/^no-ec$/) { $no_ec=1; }
elsif (/^no-ecdsa$/) { $no_ecdsa=1; }
+ elsif (/^no-ecdh$/) { $no_ecdh=1; }
elsif (/^no-hmac$/) { $no_hmac=1; }
elsif (/^no-aes$/) { $no_aes=1; }
elsif (/^no-evp$/) { $no_evp=1; }
$crypto.=" crypto/dh/dh.h" ; # unless $no_dh;
$crypto.=" crypto/ec/ec.h" ; # unless $no_ec;
$crypto.=" crypto/ecdsa/ecdsa.h" ; # unless $no_ecdsa;
+$crypto.=" crypto/ecdh/ecdh.h" ; # unless $no_ecdh;
$crypto.=" crypto/hmac/hmac.h" ; # unless $no_hmac;
$crypto.=" crypto/engine/engine.h";
if ($keyword eq "DH" && $no_dh) { return 0; }
if ($keyword eq "EC" && $no_ec) { return 0; }
if ($keyword eq "ECDSA" && $no_ecdsa) { return 0; }
+ if ($keyword eq "ECDH" && $no_ecdh) { return 0; }
if ($keyword eq "HMAC" && $no_hmac) { return 0; }
if ($keyword eq "AES" && $no_aes) { return 0; }
if ($keyword eq "EVP" && $no_evp) { return 0; }