source-git / openssl

Clone
Source Code
GIT

Blame crypto/fips/fips_ecdsa_selftest.c

c8 c8s master
  1.   f3830c93d16a7616a69ed9876ce5c40b4e5a7679
  2.   crypto
  3.   fips
  4.   fips_ecdsa_selftest.c
Blob History Raw
Packit c4476c 
/* fips/ecdsa/fips_ecdsa_selftest.c */
Packit c4476c 
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
Packit c4476c 
 * project 2011.
Packit c4476c 
 */
Packit c4476c 
/* ====================================================================
Packit c4476c 
 * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
Packit c4476c 
 *
Packit c4476c 
 * Redistribution and use in source and binary forms, with or without
Packit c4476c 
 * modification, are permitted provided that the following conditions
Packit c4476c 
 * are met:
Packit c4476c 
 *
Packit c4476c 
 * 1. Redistributions of source code must retain the above copyright
Packit c4476c 
 *    notice, this list of conditions and the following disclaimer.
Packit c4476c 
 *
Packit c4476c 
 * 2. Redistributions in binary form must reproduce the above copyright
Packit c4476c 
 *    notice, this list of conditions and the following disclaimer in
Packit c4476c 
 *    the documentation and/or other materials provided with the
Packit c4476c 
 *    distribution.
Packit c4476c 
 *
Packit c4476c 
 * 3. All advertising materials mentioning features or use of this
Packit c4476c 
 *    software must display the following acknowledgment:
Packit c4476c 
 *    "This product includes software developed by the OpenSSL Project
Packit c4476c 
 *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
Packit c4476c 
 *
Packit c4476c 
 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
Packit c4476c 
 *    endorse or promote products derived from this software without
Packit c4476c 
 *    prior written permission. For written permission, please contact
Packit c4476c 
 *    licensing@OpenSSL.org.
Packit c4476c 
 *
Packit c4476c 
 * 5. Products derived from this software may not be called "OpenSSL"
Packit c4476c 
 *    nor may "OpenSSL" appear in their names without prior written
Packit c4476c 
 *    permission of the OpenSSL Project.
Packit c4476c 
 *
Packit c4476c 
 * 6. Redistributions of any form whatsoever must retain the following
Packit c4476c 
 *    acknowledgment:
Packit c4476c 
 *    "This product includes software developed by the OpenSSL Project
Packit c4476c 
 *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
Packit c4476c 
 *
Packit c4476c 
 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
Packit c4476c 
 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
Packit c4476c 
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
Packit c4476c 
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
Packit c4476c 
 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
Packit c4476c 
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
Packit c4476c 
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
Packit c4476c 
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
Packit c4476c 
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
Packit c4476c 
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
Packit c4476c 
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
Packit c4476c 
 * OF THE POSSIBILITY OF SUCH DAMAGE.
Packit c4476c 
 * ====================================================================
Packit c4476c 
 *
Packit c4476c 
 */
Packit c4476c
Packit c4476c 
#define OPENSSL_FIPSAPI
Packit c4476c
Packit c4476c 
#include <string.h>
Packit c4476c 
#include <openssl/crypto.h>
Packit c4476c 
#include <openssl/ec.h>
Packit c4476c 
#include <openssl/ecdsa.h>
Packit c4476c 
#include <openssl/fips.h>
Packit c4476c 
#include "crypto/fips.h"
Packit c4476c 
#include <openssl/err.h>
Packit c4476c 
#include <openssl/evp.h>
Packit c4476c 
#include <openssl/bn.h>
Packit c4476c
Packit c4476c 
#ifdef OPENSSL_FIPS
Packit c4476c
Packit c4476c 
static const char P_256_name[] = "ECDSA P-256";
Packit c4476c
Packit c4476c 
static const unsigned char P_256_d[] = {
Packit c4476c 
    0x51, 0xbd, 0x06, 0xa1, 0x1c, 0xda, 0xe2, 0x12, 0x99, 0xc9, 0x52, 0x3f,
Packit c4476c 
    0xea, 0xa4, 0xd2, 0xd1, 0xf4, 0x7f, 0xd4, 0x3e, 0xbd, 0xf8, 0xfc, 0x87,
Packit c4476c 
    0xdc, 0x82, 0x53, 0x21, 0xee, 0xa0, 0xdc, 0x64
Packit c4476c 
};
Packit c4476c
Packit c4476c 
static const unsigned char P_256_qx[] = {
Packit c4476c 
    0x23, 0x89, 0xe0, 0xf4, 0x69, 0xe0, 0x49, 0xe5, 0xc7, 0xe5, 0x40, 0x6e,
Packit c4476c 
    0x8f, 0x25, 0xdd, 0xad, 0x11, 0x16, 0x14, 0x9b, 0xab, 0x44, 0x06, 0x31,
Packit c4476c 
    0xbf, 0x5e, 0xa6, 0x44, 0xac, 0x86, 0x00, 0x07
Packit c4476c 
};
Packit c4476c
Packit c4476c 
static const unsigned char P_256_qy[] = {
Packit c4476c 
    0xb3, 0x05, 0x0d, 0xd0, 0xdc, 0xf7, 0x40, 0xe6, 0xf9, 0xd8, 0x6d, 0x7b,
Packit c4476c 
    0x63, 0xca, 0x97, 0xe6, 0x12, 0xf9, 0xd4, 0x18, 0x59, 0xbe, 0xb2, 0x5e,
Packit c4476c 
    0x4a, 0x6a, 0x77, 0x23, 0xf4, 0x11, 0x9d, 0xeb
Packit c4476c 
};
Packit c4476c
Packit c4476c 
typedef struct {
Packit c4476c 
    int curve;
Packit c4476c 
    const char *name;
Packit c4476c 
    const unsigned char *x;
Packit c4476c 
    size_t xlen;
Packit c4476c 
    const unsigned char *y;
Packit c4476c 
    size_t ylen;
Packit c4476c 
    const unsigned char *d;
Packit c4476c 
    size_t dlen;
Packit c4476c 
} EC_SELFTEST_DATA;
Packit c4476c
Packit c4476c 
# define make_ecdsa_test(nid, pr) { nid, pr##_name, \
Packit c4476c 
                                pr##_qx, sizeof(pr##_qx), \
Packit c4476c 
                                pr##_qy, sizeof(pr##_qy), \
Packit c4476c 
                                pr##_d, sizeof(pr##_d)}
Packit c4476c
Packit c4476c 
static EC_SELFTEST_DATA test_ec_data[] = {
Packit c4476c 
    make_ecdsa_test(NID_X9_62_prime256v1, P_256),
Packit c4476c 
};
Packit c4476c
Packit c4476c 
int FIPS_selftest_ecdsa()
Packit c4476c 
{
Packit c4476c 
    EC_KEY *ec = NULL;
Packit c4476c 
    BIGNUM *x = NULL, *y = NULL, *d = NULL;
Packit c4476c 
    EVP_PKEY *pk = NULL;
Packit c4476c 
    int rv = 0;
Packit c4476c 
    size_t i;
Packit c4476c
Packit c4476c 
    for (i = 0; i < sizeof(test_ec_data) / sizeof(EC_SELFTEST_DATA); i++) {
Packit c4476c 
        EC_SELFTEST_DATA *ecd = test_ec_data + i;
Packit c4476c
Packit c4476c 
        x = BN_bin2bn(ecd->x, ecd->xlen, x);
Packit c4476c 
        y = BN_bin2bn(ecd->y, ecd->ylen, y);
Packit c4476c 
        d = BN_bin2bn(ecd->d, ecd->dlen, d);
Packit c4476c
Packit c4476c 
        if (!x || !y || !d)
Packit c4476c 
            goto err;
Packit c4476c
Packit c4476c 
        ec = EC_KEY_new_by_curve_name(ecd->curve);
Packit c4476c 
        if (!ec)
Packit c4476c 
            goto err;
Packit c4476c
Packit c4476c 
        if (!EC_KEY_set_public_key_affine_coordinates(ec, x, y))
Packit c4476c 
            goto err;
Packit c4476c
Packit c4476c 
        if (!EC_KEY_set_private_key(ec, d))
Packit c4476c 
            goto err;
Packit c4476c
Packit c4476c 
        if ((pk = EVP_PKEY_new()) == NULL)
Packit c4476c 
            goto err;
Packit c4476c
Packit c4476c 
        EVP_PKEY_assign_EC_KEY(pk, ec);
Packit c4476c
Packit c4476c 
        if (!fips_pkey_signature_test(pk, NULL, 0,
Packit c4476c 
                                      NULL, 0, EVP_sha256(), 0, ecd->name))
Packit c4476c 
            goto err;
Packit c4476c 
    }
Packit c4476c
Packit c4476c 
    rv = 1;
Packit c4476c
Packit c4476c 
 err:
Packit c4476c
Packit c4476c 
    if (x)
Packit c4476c 
        BN_clear_free(x);
Packit c4476c 
    if (y)
Packit c4476c 
        BN_clear_free(y);
Packit c4476c 
    if (d)
Packit c4476c 
        BN_clear_free(d);
Packit c4476c 
    if (pk)
Packit c4476c 
        EVP_PKEY_free(pk);
Packit c4476c 
    else if (ec)
Packit c4476c 
        EC_KEY_free(ec);
Packit c4476c
Packit c4476c 
    return rv;
Packit c4476c
Packit c4476c 
}
Packit c4476c
Packit c4476c 
#endif

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation