source-git / openssl

Clone
Source Code
GIT

Blame crypto/fips/fips_ecdsa_selftest.c

c8 c8s master
  1.   3c126e197bf64be56e1432546d39885b80b61a84
  2.   crypto
  3.   fips
  4.   fips_ecdsa_selftest.c
Blob History Raw
Packit Service 084de1 
/* fips/ecdsa/fips_ecdsa_selftest.c */
Packit Service 084de1 
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
Packit Service 084de1 
 * project 2011.
Packit Service 084de1 
 */
Packit Service 084de1 
/* ====================================================================
Packit Service 084de1 
 * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
Packit Service 084de1 
 *
Packit Service 084de1 
 * Redistribution and use in source and binary forms, with or without
Packit Service 084de1 
 * modification, are permitted provided that the following conditions
Packit Service 084de1 
 * are met:
Packit Service 084de1 
 *
Packit Service 084de1 
 * 1. Redistributions of source code must retain the above copyright
Packit Service 084de1 
 *    notice, this list of conditions and the following disclaimer.
Packit Service 084de1 
 *
Packit Service 084de1 
 * 2. Redistributions in binary form must reproduce the above copyright
Packit Service 084de1 
 *    notice, this list of conditions and the following disclaimer in
Packit Service 084de1 
 *    the documentation and/or other materials provided with the
Packit Service 084de1 
 *    distribution.
Packit Service 084de1 
 *
Packit Service 084de1 
 * 3. All advertising materials mentioning features or use of this
Packit Service 084de1 
 *    software must display the following acknowledgment:
Packit Service 084de1 
 *    "This product includes software developed by the OpenSSL Project
Packit Service 084de1 
 *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
Packit Service 084de1 
 *
Packit Service 084de1 
 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
Packit Service 084de1 
 *    endorse or promote products derived from this software without
Packit Service 084de1 
 *    prior written permission. For written permission, please contact
Packit Service 084de1 
 *    licensing@OpenSSL.org.
Packit Service 084de1 
 *
Packit Service 084de1 
 * 5. Products derived from this software may not be called "OpenSSL"
Packit Service 084de1 
 *    nor may "OpenSSL" appear in their names without prior written
Packit Service 084de1 
 *    permission of the OpenSSL Project.
Packit Service 084de1 
 *
Packit Service 084de1 
 * 6. Redistributions of any form whatsoever must retain the following
Packit Service 084de1 
 *    acknowledgment:
Packit Service 084de1 
 *    "This product includes software developed by the OpenSSL Project
Packit Service 084de1 
 *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
Packit Service 084de1 
 *
Packit Service 084de1 
 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
Packit Service 084de1 
 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
Packit Service 084de1 
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
Packit Service 084de1 
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
Packit Service 084de1 
 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
Packit Service 084de1 
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
Packit Service 084de1 
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
Packit Service 084de1 
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
Packit Service 084de1 
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
Packit Service 084de1 
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
Packit Service 084de1 
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
Packit Service 084de1 
 * OF THE POSSIBILITY OF SUCH DAMAGE.
Packit Service 084de1 
 * ====================================================================
Packit Service 084de1 
 *
Packit Service 084de1 
 */
Packit Service 084de1
Packit Service 084de1 
#define OPENSSL_FIPSAPI
Packit Service 084de1
Packit Service 084de1 
#include <string.h>
Packit Service 084de1 
#include <openssl/crypto.h>
Packit Service 084de1 
#include <openssl/ec.h>
Packit Service 084de1 
#include <openssl/ecdsa.h>
Packit Service 084de1 
#include <openssl/fips.h>
Packit Service 084de1 
#include "crypto/fips.h"
Packit Service 084de1 
#include <openssl/err.h>
Packit Service 084de1 
#include <openssl/evp.h>
Packit Service 084de1 
#include <openssl/bn.h>
Packit Service 084de1
Packit Service 084de1 
#ifdef OPENSSL_FIPS
Packit Service 084de1
Packit Service 084de1 
static const char P_256_name[] = "ECDSA P-256";
Packit Service 084de1
Packit Service 084de1 
static const unsigned char P_256_d[] = {
Packit Service 084de1 
    0x51, 0xbd, 0x06, 0xa1, 0x1c, 0xda, 0xe2, 0x12, 0x99, 0xc9, 0x52, 0x3f,
Packit Service 084de1 
    0xea, 0xa4, 0xd2, 0xd1, 0xf4, 0x7f, 0xd4, 0x3e, 0xbd, 0xf8, 0xfc, 0x87,
Packit Service 084de1 
    0xdc, 0x82, 0x53, 0x21, 0xee, 0xa0, 0xdc, 0x64
Packit Service 084de1 
};
Packit Service 084de1
Packit Service 084de1 
static const unsigned char P_256_qx[] = {
Packit Service 084de1 
    0x23, 0x89, 0xe0, 0xf4, 0x69, 0xe0, 0x49, 0xe5, 0xc7, 0xe5, 0x40, 0x6e,
Packit Service 084de1 
    0x8f, 0x25, 0xdd, 0xad, 0x11, 0x16, 0x14, 0x9b, 0xab, 0x44, 0x06, 0x31,
Packit Service 084de1 
    0xbf, 0x5e, 0xa6, 0x44, 0xac, 0x86, 0x00, 0x07
Packit Service 084de1 
};
Packit Service 084de1
Packit Service 084de1 
static const unsigned char P_256_qy[] = {
Packit Service 084de1 
    0xb3, 0x05, 0x0d, 0xd0, 0xdc, 0xf7, 0x40, 0xe6, 0xf9, 0xd8, 0x6d, 0x7b,
Packit Service 084de1 
    0x63, 0xca, 0x97, 0xe6, 0x12, 0xf9, 0xd4, 0x18, 0x59, 0xbe, 0xb2, 0x5e,
Packit Service 084de1 
    0x4a, 0x6a, 0x77, 0x23, 0xf4, 0x11, 0x9d, 0xeb
Packit Service 084de1 
};
Packit Service 084de1
Packit Service 084de1 
typedef struct {
Packit Service 084de1 
    int curve;
Packit Service 084de1 
    const char *name;
Packit Service 084de1 
    const unsigned char *x;
Packit Service 084de1 
    size_t xlen;
Packit Service 084de1 
    const unsigned char *y;
Packit Service 084de1 
    size_t ylen;
Packit Service 084de1 
    const unsigned char *d;
Packit Service 084de1 
    size_t dlen;
Packit Service 084de1 
} EC_SELFTEST_DATA;
Packit Service 084de1
Packit Service 084de1 
# define make_ecdsa_test(nid, pr) { nid, pr##_name, \
Packit Service 084de1 
                                pr##_qx, sizeof(pr##_qx), \
Packit Service 084de1 
                                pr##_qy, sizeof(pr##_qy), \
Packit Service 084de1 
                                pr##_d, sizeof(pr##_d)}
Packit Service 084de1
Packit Service 084de1 
static EC_SELFTEST_DATA test_ec_data[] = {
Packit Service 084de1 
    make_ecdsa_test(NID_X9_62_prime256v1, P_256),
Packit Service 084de1 
};
Packit Service 084de1
Packit Service 084de1 
int FIPS_selftest_ecdsa()
Packit Service 084de1 
{
Packit Service 084de1 
    EC_KEY *ec = NULL;
Packit Service 084de1 
    BIGNUM *x = NULL, *y = NULL, *d = NULL;
Packit Service 084de1 
    EVP_PKEY *pk = NULL;
Packit Service 084de1 
    int rv = 0;
Packit Service 084de1 
    size_t i;
Packit Service 084de1
Packit Service 084de1 
    for (i = 0; i < sizeof(test_ec_data) / sizeof(EC_SELFTEST_DATA); i++) {
Packit Service 084de1 
        EC_SELFTEST_DATA *ecd = test_ec_data + i;
Packit Service 084de1
Packit Service 084de1 
        x = BN_bin2bn(ecd->x, ecd->xlen, x);
Packit Service 084de1 
        y = BN_bin2bn(ecd->y, ecd->ylen, y);
Packit Service 084de1 
        d = BN_bin2bn(ecd->d, ecd->dlen, d);
Packit Service 084de1
Packit Service 084de1 
        if (!x || !y || !d)
Packit Service 084de1 
            goto err;
Packit Service 084de1
Packit Service 084de1 
        ec = EC_KEY_new_by_curve_name(ecd->curve);
Packit Service 084de1 
        if (!ec)
Packit Service 084de1 
            goto err;
Packit Service 084de1
Packit Service 084de1 
        if (!EC_KEY_set_public_key_affine_coordinates(ec, x, y))
Packit Service 084de1 
            goto err;
Packit Service 084de1
Packit Service 084de1 
        if (!EC_KEY_set_private_key(ec, d))
Packit Service 084de1 
            goto err;
Packit Service 084de1
Packit Service 084de1 
        if ((pk = EVP_PKEY_new()) == NULL)
Packit Service 084de1 
            goto err;
Packit Service 084de1
Packit Service 084de1 
        EVP_PKEY_assign_EC_KEY(pk, ec);
Packit Service 084de1
Packit Service 084de1 
        if (!fips_pkey_signature_test(pk, NULL, 0,
Packit Service 084de1 
                                      NULL, 0, EVP_sha256(), 0, ecd->name))
Packit Service 084de1 
            goto err;
Packit Service 084de1 
    }
Packit Service 084de1
Packit Service 084de1 
    rv = 1;
Packit Service 084de1
Packit Service 084de1 
 err:
Packit Service 084de1
Packit Service 084de1 
    if (x)
Packit Service 084de1 
        BN_clear_free(x);
Packit Service 084de1 
    if (y)
Packit Service 084de1 
        BN_clear_free(y);
Packit Service 084de1 
    if (d)
Packit Service 084de1 
        BN_clear_free(d);
Packit Service 084de1 
    if (pk)
Packit Service 084de1 
        EVP_PKEY_free(pk);
Packit Service 084de1 
    else if (ec)
Packit Service 084de1 
        EC_KEY_free(ec);
Packit Service 084de1
Packit Service 084de1 
    return rv;
Packit Service 084de1
Packit Service 084de1 
}
Packit Service 084de1
Packit Service 084de1 
#endif

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation