summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/ec
diff options
context:
space:
mode:
authorcvs2svn <admin@example.com>2011-11-03 02:32:25 +0000
committercvs2svn <admin@example.com>2011-11-03 02:32:25 +0000
commit279182cf9975981f7d3c660b5cafa392216fcd94 (patch)
tree3ee21f04641147b64fb808a991bfcf16598fbe1f /src/lib/libcrypto/ec
parentbd081fc6d9aca84ff3cbde2c626c28668f73d967 (diff)
downloadopenbsd-openssl_1_0_0_e.tar.gz
openbsd-openssl_1_0_0_e.tar.bz2
openbsd-openssl_1_0_0_e.zip
This commit was manufactured by cvs2git to create tag 'openssl_1_0_0_e'.openssl_1_0_0_e
Diffstat (limited to '')
-rw-r--r--src/lib/libcrypto/ec/ecp_recp.c133
-rw-r--r--src/lib/libcrypto/ecdh/Makefile121
-rw-r--r--src/lib/libcrypto/ecdh/ecdhtest.c368
-rw-r--r--src/lib/libcrypto/ecdh/ech_ossl.c213
-rw-r--r--src/lib/libcrypto/ecdsa/Makefile140
-rw-r--r--src/lib/libcrypto/ecdsa/ecdsatest.c499
-rw-r--r--src/lib/libssl/src/crypto/rsa/rsa_depr.c (renamed from src/lib/libcrypto/ec/ec2_smpt.c)59
7 files changed, 1384 insertions, 149 deletions
diff --git a/src/lib/libcrypto/ec/ecp_recp.c b/src/lib/libcrypto/ec/ecp_recp.c
deleted file mode 100644
index fec843b5c8..0000000000
--- a/src/lib/libcrypto/ec/ecp_recp.c
+++ /dev/null
@@ -1,133 +0,0 @@
1/* crypto/ec/ecp_recp.c */
2/* ====================================================================
3 * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@openssl.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56#include "ec_lcl.h"
57
58#if 0
59const EC_METHOD *EC_GFp_recp_method(void)
60 {
61 static const EC_METHOD ret = {
62 ec_GFp_recp_group_init,
63 ec_GFp_recp_group_finish,
64 ec_GFp_recp_group_clear_finish,
65 ec_GFp_recp_group_copy,
66 ec_GFp_recp_group_set_curve_GFp,
67 ec_GFp_simple_group_get_curve_GFp,
68 ec_GFp_simple_group_set_generator,
69 ec_GFp_simple_group_get0_generator,
70 ec_GFp_simple_group_get_order,
71 ec_GFp_simple_group_get_cofactor,
72 ec_GFp_simple_point_init,
73 ec_GFp_simple_point_finish,
74 ec_GFp_simple_point_clear_finish,
75 ec_GFp_simple_point_copy,
76 ec_GFp_simple_point_set_to_infinity,
77 ec_GFp_simple_set_Jprojective_coordinates_GFp,
78 ec_GFp_simple_get_Jprojective_coordinates_GFp,
79 ec_GFp_simple_point_set_affine_coordinates_GFp,
80 ec_GFp_simple_point_get_affine_coordinates_GFp,
81 ec_GFp_simple_set_compressed_coordinates_GFp,
82 ec_GFp_simple_point2oct,
83 ec_GFp_simple_oct2point,
84 ec_GFp_simple_add,
85 ec_GFp_simple_dbl,
86 ec_GFp_simple_invert,
87 ec_GFp_simple_is_at_infinity,
88 ec_GFp_simple_is_on_curve,
89 ec_GFp_simple_cmp,
90 ec_GFp_simple_make_affine,
91 ec_GFp_simple_points_make_affine,
92 ec_GFp_recp_field_mul,
93 ec_GFp_recp_field_sqr,
94 0 /* field_encode */,
95 0 /* field_decode */,
96 0 /* field_set_to_one */ };
97
98 return &ret;
99 }
100#endif
101
102int ec_GFp_recp_group_init(EC_GROUP *group)
103 {
104 int ok;
105
106 ok = ec_GFp_simple_group_init(group);
107 group->field_data1 = NULL;
108 return ok;
109 }
110
111
112int ec_GFp_recp_group_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
113/* TODO */
114
115
116void ec_GFp_recp_group_finish(EC_GROUP *group);
117/* TODO */
118
119
120void ec_GFp_recp_group_clear_finish(EC_GROUP *group);
121/* TODO */
122
123
124int ec_GFp_recp_group_copy(EC_GROUP *dest, const EC_GROUP *src);
125/* TODO */
126
127
128int ec_GFp_recp_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
129/* TODO */
130
131
132int ec_GFp_recp_field_sqr(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, BN_CTX *ctx);
133/* TODO */
diff --git a/src/lib/libcrypto/ecdh/Makefile b/src/lib/libcrypto/ecdh/Makefile
new file mode 100644
index 0000000000..65d8904ee8
--- /dev/null
+++ b/src/lib/libcrypto/ecdh/Makefile
@@ -0,0 +1,121 @@
1#
2# crypto/ecdh/Makefile
3#
4
5DIR= ecdh
6TOP= ../..
7CC= cc
8INCLUDES= -I.. -I$(TOP) -I../../include
9CFLAG=-g -Wall
10MAKEFILE= Makefile
11AR= ar r
12
13CFLAGS= $(INCLUDES) $(CFLAG)
14
15GENERAL=Makefile
16TEST=ecdhtest.c
17APPS=
18
19LIB=$(TOP)/libcrypto.a
20LIBSRC= ech_lib.c ech_ossl.c ech_key.c ech_err.c
21
22LIBOBJ= ech_lib.o ech_ossl.o ech_key.o ech_err.o
23
24SRC= $(LIBSRC)
25
26EXHEADER= ecdh.h
27HEADER= ech_locl.h $(EXHEADER)
28
29ALL= $(GENERAL) $(SRC) $(HEADER)
30
31top:
32 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
33
34all: lib
35
36lib: $(LIBOBJ)
37 $(AR) $(LIB) $(LIBOBJ)
38 $(RANLIB) $(LIB) || echo Never mind.
39 @touch lib
40
41files:
42 $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
43
44links:
45 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
46 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
47 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
48
49install:
50 @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
51 @headerlist="$(EXHEADER)"; for i in $$headerlist; \
52 do \
53 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
54 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
55 done;
56
57tags:
58 ctags $(SRC)
59
60tests:
61
62lint:
63 lint -DLINT $(INCLUDES) $(SRC)>fluff
64
65depend:
66 @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
67 $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
68
69dclean:
70 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
71 mv -f Makefile.new $(MAKEFILE)
72
73clean:
74 rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
75
76# DO NOT DELETE THIS LINE -- make depend depends on it.
77
78ech_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
79ech_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
80ech_err.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
81ech_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
82ech_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
83ech_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
84ech_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
85ech_err.o: ech_err.c
86ech_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
87ech_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
88ech_key.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
89ech_key.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
90ech_key.o: ../../include/openssl/engine.h ../../include/openssl/evp.h
91ech_key.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
92ech_key.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
93ech_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
94ech_key.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
95ech_key.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
96ech_key.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
97ech_key.o: ../../include/openssl/x509_vfy.h ech_key.c ech_locl.h
98ech_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
99ech_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
100ech_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
101ech_lib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
102ech_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h
103ech_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
104ech_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
105ech_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
106ech_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
107ech_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
108ech_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
109ech_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
110ech_lib.o: ech_lib.c ech_locl.h
111ech_ossl.o: ../../e_os.h ../../include/openssl/asn1.h
112ech_ossl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
113ech_ossl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
114ech_ossl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
115ech_ossl.o: ../../include/openssl/ecdh.h ../../include/openssl/err.h
116ech_ossl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
117ech_ossl.o: ../../include/openssl/opensslconf.h
118ech_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
119ech_ossl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
120ech_ossl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
121ech_ossl.o: ../cryptlib.h ech_locl.h ech_ossl.c
diff --git a/src/lib/libcrypto/ecdh/ecdhtest.c b/src/lib/libcrypto/ecdh/ecdhtest.c
new file mode 100644
index 0000000000..212a87efa4
--- /dev/null
+++ b/src/lib/libcrypto/ecdh/ecdhtest.c
@@ -0,0 +1,368 @@
1/* crypto/ecdh/ecdhtest.c */
2/* ====================================================================
3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
4 *
5 * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
6 * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
7 * to the OpenSSL project.
8 *
9 * The ECC Code is licensed pursuant to the OpenSSL open source
10 * license provided below.
11 *
12 * The ECDH software is originally written by Douglas Stebila of
13 * Sun Microsystems Laboratories.
14 *
15 */
16/* ====================================================================
17 * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved.
18 *
19 * Redistribution and use in source and binary forms, with or without
20 * modification, are permitted provided that the following conditions
21 * are met:
22 *
23 * 1. Redistributions of source code must retain the above copyright
24 * notice, this list of conditions and the following disclaimer.
25 *
26 * 2. Redistributions in binary form must reproduce the above copyright
27 * notice, this list of conditions and the following disclaimer in
28 * the documentation and/or other materials provided with the
29 * distribution.
30 *
31 * 3. All advertising materials mentioning features or use of this
32 * software must display the following acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
35 *
36 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
37 * endorse or promote products derived from this software without
38 * prior written permission. For written permission, please contact
39 * openssl-core@openssl.org.
40 *
41 * 5. Products derived from this software may not be called "OpenSSL"
42 * nor may "OpenSSL" appear in their names without prior written
43 * permission of the OpenSSL Project.
44 *
45 * 6. Redistributions of any form whatsoever must retain the following
46 * acknowledgment:
47 * "This product includes software developed by the OpenSSL Project
48 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
49 *
50 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
51 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
52 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
53 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
54 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
55 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
56 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
57 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
58 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
59 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
60 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
61 * OF THE POSSIBILITY OF SUCH DAMAGE.
62 * ====================================================================
63 *
64 * This product includes cryptographic software written by Eric Young
65 * (eay@cryptsoft.com). This product includes software written by Tim
66 * Hudson (tjh@cryptsoft.com).
67 *
68 */
69
70#include <stdio.h>
71#include <stdlib.h>
72#include <string.h>
73
74#include "../e_os.h"
75
76#include <openssl/opensslconf.h> /* for OPENSSL_NO_ECDH */
77#include <openssl/crypto.h>
78#include <openssl/bio.h>
79#include <openssl/bn.h>
80#include <openssl/objects.h>
81#include <openssl/rand.h>
82#include <openssl/sha.h>
83#include <openssl/err.h>
84
85#ifdef OPENSSL_NO_ECDH
86int main(int argc, char *argv[])
87{
88 printf("No ECDH support\n");
89 return(0);
90}
91#else
92#include <openssl/ec.h>
93#include <openssl/ecdh.h>
94
95#ifdef OPENSSL_SYS_WIN16
96#define MS_CALLBACK _far _loadds
97#else
98#define MS_CALLBACK
99#endif
100
101#if 0
102static void MS_CALLBACK cb(int p, int n, void *arg);
103#endif
104
105static const char rnd_seed[] = "string to make the random number generator think it has entropy";
106
107
108static const int KDF1_SHA1_len = 20;
109static void *KDF1_SHA1(const void *in, size_t inlen, void *out, size_t *outlen)
110 {
111#ifndef OPENSSL_NO_SHA
112 if (*outlen < SHA_DIGEST_LENGTH)
113 return NULL;
114 else
115 *outlen = SHA_DIGEST_LENGTH;
116 return SHA1(in, inlen, out);
117#else
118 return NULL;
119#endif
120 }
121
122
123static int test_ecdh_curve(int nid, const char *text, BN_CTX *ctx, BIO *out)
124 {
125 EC_KEY *a=NULL;
126 EC_KEY *b=NULL;
127 BIGNUM *x_a=NULL, *y_a=NULL,
128 *x_b=NULL, *y_b=NULL;
129 char buf[12];
130 unsigned char *abuf=NULL,*bbuf=NULL;
131 int i,alen,blen,aout,bout,ret=0;
132 const EC_GROUP *group;
133
134 a = EC_KEY_new_by_curve_name(nid);
135 b = EC_KEY_new_by_curve_name(nid);
136 if (a == NULL || b == NULL)
137 goto err;
138
139 group = EC_KEY_get0_group(a);
140
141 if ((x_a=BN_new()) == NULL) goto err;
142 if ((y_a=BN_new()) == NULL) goto err;
143 if ((x_b=BN_new()) == NULL) goto err;
144 if ((y_b=BN_new()) == NULL) goto err;
145
146 BIO_puts(out,"Testing key generation with ");
147 BIO_puts(out,text);
148#ifdef NOISY
149 BIO_puts(out,"\n");
150#else
151 (void)BIO_flush(out);
152#endif
153
154 if (!EC_KEY_generate_key(a)) goto err;
155
156 if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field)
157 {
158 if (!EC_POINT_get_affine_coordinates_GFp(group,
159 EC_KEY_get0_public_key(a), x_a, y_a, ctx)) goto err;
160 }
161 else
162 {
163 if (!EC_POINT_get_affine_coordinates_GF2m(group,
164 EC_KEY_get0_public_key(a), x_a, y_a, ctx)) goto err;
165 }
166#ifdef NOISY
167 BIO_puts(out," pri 1=");
168 BN_print(out,a->priv_key);
169 BIO_puts(out,"\n pub 1=");
170 BN_print(out,x_a);
171 BIO_puts(out,",");
172 BN_print(out,y_a);
173 BIO_puts(out,"\n");
174#else
175 BIO_printf(out," .");
176 (void)BIO_flush(out);
177#endif
178
179 if (!EC_KEY_generate_key(b)) goto err;
180
181 if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field)
182 {
183 if (!EC_POINT_get_affine_coordinates_GFp(group,
184 EC_KEY_get0_public_key(b), x_b, y_b, ctx)) goto err;
185 }
186 else
187 {
188 if (!EC_POINT_get_affine_coordinates_GF2m(group,
189 EC_KEY_get0_public_key(b), x_b, y_b, ctx)) goto err;
190 }
191
192#ifdef NOISY
193 BIO_puts(out," pri 2=");
194 BN_print(out,b->priv_key);
195 BIO_puts(out,"\n pub 2=");
196 BN_print(out,x_b);
197 BIO_puts(out,",");
198 BN_print(out,y_b);
199 BIO_puts(out,"\n");
200#else
201 BIO_printf(out,".");
202 (void)BIO_flush(out);
203#endif
204
205 alen=KDF1_SHA1_len;
206 abuf=(unsigned char *)OPENSSL_malloc(alen);
207 aout=ECDH_compute_key(abuf,alen,EC_KEY_get0_public_key(b),a,KDF1_SHA1);
208
209#ifdef NOISY
210 BIO_puts(out," key1 =");
211 for (i=0; i<aout; i++)
212 {
213 sprintf(buf,"%02X",abuf[i]);
214 BIO_puts(out,buf);
215 }
216 BIO_puts(out,"\n");
217#else
218 BIO_printf(out,".");
219 (void)BIO_flush(out);
220#endif
221
222 blen=KDF1_SHA1_len;
223 bbuf=(unsigned char *)OPENSSL_malloc(blen);
224 bout=ECDH_compute_key(bbuf,blen,EC_KEY_get0_public_key(a),b,KDF1_SHA1);
225
226#ifdef NOISY
227 BIO_puts(out," key2 =");
228 for (i=0; i<bout; i++)
229 {
230 sprintf(buf,"%02X",bbuf[i]);
231 BIO_puts(out,buf);
232 }
233 BIO_puts(out,"\n");
234#else
235 BIO_printf(out,".");
236 (void)BIO_flush(out);
237#endif
238
239 if ((aout < 4) || (bout != aout) || (memcmp(abuf,bbuf,aout) != 0))
240 {
241#ifndef NOISY
242 BIO_printf(out, " failed\n\n");
243 BIO_printf(out, "key a:\n");
244 BIO_printf(out, "private key: ");
245 BN_print(out, EC_KEY_get0_private_key(a));
246 BIO_printf(out, "\n");
247 BIO_printf(out, "public key (x,y): ");
248 BN_print(out, x_a);
249 BIO_printf(out, ",");
250 BN_print(out, y_a);
251 BIO_printf(out, "\nkey b:\n");
252 BIO_printf(out, "private key: ");
253 BN_print(out, EC_KEY_get0_private_key(b));
254 BIO_printf(out, "\n");
255 BIO_printf(out, "public key (x,y): ");
256 BN_print(out, x_b);
257 BIO_printf(out, ",");
258 BN_print(out, y_b);
259 BIO_printf(out, "\n");
260 BIO_printf(out, "generated key a: ");
261 for (i=0; i<bout; i++)
262 {
263 sprintf(buf, "%02X", bbuf[i]);
264 BIO_puts(out, buf);
265 }
266 BIO_printf(out, "\n");
267 BIO_printf(out, "generated key b: ");
268 for (i=0; i<aout; i++)
269 {
270 sprintf(buf, "%02X", abuf[i]);
271 BIO_puts(out,buf);
272 }
273 BIO_printf(out, "\n");
274#endif
275 fprintf(stderr,"Error in ECDH routines\n");
276 ret=0;
277 }
278 else
279 {
280#ifndef NOISY
281 BIO_printf(out, " ok\n");
282#endif
283 ret=1;
284 }
285err:
286 ERR_print_errors_fp(stderr);
287
288 if (abuf != NULL) OPENSSL_free(abuf);
289 if (bbuf != NULL) OPENSSL_free(bbuf);
290 if (x_a) BN_free(x_a);
291 if (y_a) BN_free(y_a);
292 if (x_b) BN_free(x_b);
293 if (y_b) BN_free(y_b);
294 if (b) EC_KEY_free(b);
295 if (a) EC_KEY_free(a);
296 return(ret);
297 }
298
299int main(int argc, char *argv[])
300 {
301 BN_CTX *ctx=NULL;
302 int ret=1;
303 BIO *out;
304
305 CRYPTO_malloc_debug_init();
306 CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
307 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
308
309#ifdef OPENSSL_SYS_WIN32
310 CRYPTO_malloc_init();
311#endif
312
313 RAND_seed(rnd_seed, sizeof rnd_seed);
314
315 out=BIO_new(BIO_s_file());
316 if (out == NULL) EXIT(1);
317 BIO_set_fp(out,stdout,BIO_NOCLOSE);
318
319 if ((ctx=BN_CTX_new()) == NULL) goto err;
320
321 /* NIST PRIME CURVES TESTS */
322 if (!test_ecdh_curve(NID_X9_62_prime192v1, "NIST Prime-Curve P-192", ctx, out)) goto err;
323 if (!test_ecdh_curve(NID_secp224r1, "NIST Prime-Curve P-224", ctx, out)) goto err;
324 if (!test_ecdh_curve(NID_X9_62_prime256v1, "NIST Prime-Curve P-256", ctx, out)) goto err;
325 if (!test_ecdh_curve(NID_secp384r1, "NIST Prime-Curve P-384", ctx, out)) goto err;
326 if (!test_ecdh_curve(NID_secp521r1, "NIST Prime-Curve P-521", ctx, out)) goto err;
327 /* NIST BINARY CURVES TESTS */
328 if (!test_ecdh_curve(NID_sect163k1, "NIST Binary-Curve K-163", ctx, out)) goto err;
329 if (!test_ecdh_curve(NID_sect163r2, "NIST Binary-Curve B-163", ctx, out)) goto err;
330 if (!test_ecdh_curve(NID_sect233k1, "NIST Binary-Curve K-233", ctx, out)) goto err;
331 if (!test_ecdh_curve(NID_sect233r1, "NIST Binary-Curve B-233", ctx, out)) goto err;
332 if (!test_ecdh_curve(NID_sect283k1, "NIST Binary-Curve K-283", ctx, out)) goto err;
333 if (!test_ecdh_curve(NID_sect283r1, "NIST Binary-Curve B-283", ctx, out)) goto err;
334 if (!test_ecdh_curve(NID_sect409k1, "NIST Binary-Curve K-409", ctx, out)) goto err;
335 if (!test_ecdh_curve(NID_sect409r1, "NIST Binary-Curve B-409", ctx, out)) goto err;
336 if (!test_ecdh_curve(NID_sect571k1, "NIST Binary-Curve K-571", ctx, out)) goto err;
337 if (!test_ecdh_curve(NID_sect571r1, "NIST Binary-Curve B-571", ctx, out)) goto err;
338
339 ret = 0;
340
341err:
342 ERR_print_errors_fp(stderr);
343 if (ctx) BN_CTX_free(ctx);
344 BIO_free(out);
345 CRYPTO_cleanup_all_ex_data();
346 ERR_remove_thread_state(NULL);
347 CRYPTO_mem_leaks_fp(stderr);
348 EXIT(ret);
349 return(ret);
350 }
351
352#if 0
353static void MS_CALLBACK cb(int p, int n, void *arg)
354 {
355 char c='*';
356
357 if (p == 0) c='.';
358 if (p == 1) c='+';
359 if (p == 2) c='*';
360 if (p == 3) c='\n';
361 BIO_write((BIO *)arg,&c,1);
362 (void)BIO_flush((BIO *)arg);
363#ifdef LINT
364 p=n;
365#endif
366 }
367#endif
368#endif
diff --git a/src/lib/libcrypto/ecdh/ech_ossl.c b/src/lib/libcrypto/ecdh/ech_ossl.c
new file mode 100644
index 0000000000..2a40ff12df
--- /dev/null
+++ b/src/lib/libcrypto/ecdh/ech_ossl.c
@@ -0,0 +1,213 @@
1/* crypto/ecdh/ech_ossl.c */
2/* ====================================================================
3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
4 *
5 * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
6 * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
7 * to the OpenSSL project.
8 *
9 * The ECC Code is licensed pursuant to the OpenSSL open source
10 * license provided below.
11 *
12 * The ECDH software is originally written by Douglas Stebila of
13 * Sun Microsystems Laboratories.
14 *
15 */
16/* ====================================================================
17 * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved.
18 *
19 * Redistribution and use in source and binary forms, with or without
20 * modification, are permitted provided that the following conditions
21 * are met:
22 *
23 * 1. Redistributions of source code must retain the above copyright
24 * notice, this list of conditions and the following disclaimer.
25 *
26 * 2. Redistributions in binary form must reproduce the above copyright
27 * notice, this list of conditions and the following disclaimer in
28 * the documentation and/or other materials provided with the
29 * distribution.
30 *
31 * 3. All advertising materials mentioning features or use of this
32 * software must display the following acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
35 *
36 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
37 * endorse or promote products derived from this software without
38 * prior written permission. For written permission, please contact
39 * openssl-core@OpenSSL.org.
40 *
41 * 5. Products derived from this software may not be called "OpenSSL"
42 * nor may "OpenSSL" appear in their names without prior written
43 * permission of the OpenSSL Project.
44 *
45 * 6. Redistributions of any form whatsoever must retain the following
46 * acknowledgment:
47 * "This product includes software developed by the OpenSSL Project
48 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
49 *
50 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
51 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
52 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
53 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
54 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
55 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
56 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
57 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
58 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
59 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
60 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
61 * OF THE POSSIBILITY OF SUCH DAMAGE.
62 * ====================================================================
63 *
64 * This product includes cryptographic software written by Eric Young
65 * (eay@cryptsoft.com). This product includes software written by Tim
66 * Hudson (tjh@cryptsoft.com).
67 *
68 */
69
70
71#include <string.h>
72#include <limits.h>
73
74#include "cryptlib.h"
75
76#include "ech_locl.h"
77#include <openssl/err.h>
78#include <openssl/sha.h>
79#include <openssl/obj_mac.h>
80#include <openssl/bn.h>
81
82static int ecdh_compute_key(void *out, size_t len, const EC_POINT *pub_key,
83 EC_KEY *ecdh,
84 void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen));
85
86static ECDH_METHOD openssl_ecdh_meth = {
87 "OpenSSL ECDH method",
88 ecdh_compute_key,
89#if 0
90 NULL, /* init */
91 NULL, /* finish */
92#endif
93 0, /* flags */
94 NULL /* app_data */
95};
96
97const ECDH_METHOD *ECDH_OpenSSL(void)
98 {
99 return &openssl_ecdh_meth;
100 }
101
102
103/* This implementation is based on the following primitives in the IEEE 1363 standard:
104 * - ECKAS-DH1
105 * - ECSVDP-DH
106 * Finally an optional KDF is applied.
107 */
108static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
109 EC_KEY *ecdh,
110 void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen))
111 {
112 BN_CTX *ctx;
113 EC_POINT *tmp=NULL;
114 BIGNUM *x=NULL, *y=NULL;
115 const BIGNUM *priv_key;
116 const EC_GROUP* group;
117 int ret= -1;
118 size_t buflen, len;
119 unsigned char *buf=NULL;
120
121 if (outlen > INT_MAX)
122 {
123 ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); /* sort of, anyway */
124 return -1;
125 }
126
127 if ((ctx = BN_CTX_new()) == NULL) goto err;
128 BN_CTX_start(ctx);
129 x = BN_CTX_get(ctx);
130 y = BN_CTX_get(ctx);
131
132 priv_key = EC_KEY_get0_private_key(ecdh);
133 if (priv_key == NULL)
134 {
135 ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_NO_PRIVATE_VALUE);
136 goto err;
137 }
138
139 group = EC_KEY_get0_group(ecdh);
140 if ((tmp=EC_POINT_new(group)) == NULL)
141 {
142 ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE);
143 goto err;
144 }
145
146 if (!EC_POINT_mul(group, tmp, NULL, pub_key, priv_key, ctx))
147 {
148 ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE);
149 goto err;
150 }
151
152 if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field)
153 {
154 if (!EC_POINT_get_affine_coordinates_GFp(group, tmp, x, y, ctx))
155 {
156 ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE);
157 goto err;
158 }
159 }
160 else
161 {
162 if (!EC_POINT_get_affine_coordinates_GF2m(group, tmp, x, y, ctx))
163 {
164 ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE);
165 goto err;
166 }
167 }
168
169 buflen = (EC_GROUP_get_degree(group) + 7)/8;
170 len = BN_num_bytes(x);
171 if (len > buflen)
172 {
173 ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_INTERNAL_ERROR);
174 goto err;
175 }
176 if ((buf = OPENSSL_malloc(buflen)) == NULL)
177 {
178 ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE);
179 goto err;
180 }
181
182 memset(buf, 0, buflen - len);
183 if (len != (size_t)BN_bn2bin(x, buf + buflen - len))
184 {
185 ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB);
186 goto err;
187 }
188
189 if (KDF != 0)
190 {
191 if (KDF(buf, buflen, out, &outlen) == NULL)
192 {
193 ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_KDF_FAILED);
194 goto err;
195 }
196 ret = outlen;
197 }
198 else
199 {
200 /* no KDF, just copy as much as we can */
201 if (outlen > buflen)
202 outlen = buflen;
203 memcpy(out, buf, outlen);
204 ret = outlen;
205 }
206
207err:
208 if (tmp) EC_POINT_free(tmp);
209 if (ctx) BN_CTX_end(ctx);
210 if (ctx) BN_CTX_free(ctx);
211 if (buf) OPENSSL_free(buf);
212 return(ret);
213 }
diff --git a/src/lib/libcrypto/ecdsa/Makefile b/src/lib/libcrypto/ecdsa/Makefile
new file mode 100644
index 0000000000..e89e0c010c
--- /dev/null
+++ b/src/lib/libcrypto/ecdsa/Makefile
@@ -0,0 +1,140 @@
1#
2# crypto/ecdsa/Makefile
3#
4
5DIR= ecdsa
6TOP= ../..
7CC= cc
8INCLUDES= -I.. -I$(TOP) -I../../include
9CFLAG=-g -Wall
10MAKEFILE= Makefile
11AR= ar r
12
13CFLAGS= $(INCLUDES) $(CFLAG)
14
15GENERAL=Makefile
16TEST=ecdsatest.c
17APPS=
18
19LIB=$(TOP)/libcrypto.a
20LIBSRC= ecs_lib.c ecs_asn1.c ecs_ossl.c ecs_sign.c ecs_vrf.c ecs_err.c
21
22LIBOBJ= ecs_lib.o ecs_asn1.o ecs_ossl.o ecs_sign.o ecs_vrf.o ecs_err.o
23
24SRC= $(LIBSRC)
25
26EXHEADER= ecdsa.h
27HEADER= ecs_locl.h $(EXHEADER)
28
29ALL= $(GENERAL) $(SRC) $(HEADER)
30
31top:
32 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
33
34all: lib
35
36lib: $(LIBOBJ)
37 $(AR) $(LIB) $(LIBOBJ)
38 $(RANLIB) $(LIB) || echo Never mind.
39 @touch lib
40
41files:
42 $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
43
44links:
45 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
46 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
47 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
48
49install:
50 @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
51 @headerlist="$(EXHEADER)"; for i in $$headerlist; \
52 do \
53 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
54 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
55 done;
56
57tags:
58 ctags $(SRC)
59
60tests:
61
62lint:
63 lint -DLINT $(INCLUDES) $(SRC)>fluff
64
65depend:
66 @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
67 $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
68
69dclean:
70 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
71 mv -f Makefile.new $(MAKEFILE)
72
73clean:
74 rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
75
76# DO NOT DELETE THIS LINE -- make depend depends on it.
77
78ecs_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
79ecs_asn1.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
80ecs_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
81ecs_asn1.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
82ecs_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
83ecs_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
84ecs_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
85ecs_asn1.o: ../../include/openssl/symhacks.h ecs_asn1.c ecs_locl.h
86ecs_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
87ecs_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
88ecs_err.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
89ecs_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
90ecs_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
91ecs_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
92ecs_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
93ecs_err.o: ecs_err.c
94ecs_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
95ecs_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
96ecs_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
97ecs_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
98ecs_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
99ecs_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
100ecs_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
101ecs_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
102ecs_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
103ecs_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
104ecs_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
105ecs_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
106ecs_lib.o: ../../include/openssl/x509_vfy.h ecs_lib.c ecs_locl.h
107ecs_ossl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
108ecs_ossl.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
109ecs_ossl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
110ecs_ossl.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
111ecs_ossl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
112ecs_ossl.o: ../../include/openssl/opensslconf.h
113ecs_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
114ecs_ossl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
115ecs_ossl.o: ../../include/openssl/symhacks.h ecs_locl.h ecs_ossl.c
116ecs_sign.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
117ecs_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
118ecs_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
119ecs_sign.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
120ecs_sign.o: ../../include/openssl/engine.h ../../include/openssl/evp.h
121ecs_sign.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
122ecs_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
123ecs_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
124ecs_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
125ecs_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
126ecs_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
127ecs_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
128ecs_sign.o: ecs_locl.h ecs_sign.c
129ecs_vrf.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
130ecs_vrf.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
131ecs_vrf.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
132ecs_vrf.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
133ecs_vrf.o: ../../include/openssl/engine.h ../../include/openssl/evp.h
134ecs_vrf.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
135ecs_vrf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
136ecs_vrf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
137ecs_vrf.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
138ecs_vrf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
139ecs_vrf.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
140ecs_vrf.o: ../../include/openssl/x509_vfy.h ecs_locl.h ecs_vrf.c
diff --git a/src/lib/libcrypto/ecdsa/ecdsatest.c b/src/lib/libcrypto/ecdsa/ecdsatest.c
new file mode 100644
index 0000000000..26a4a9ee7c
--- /dev/null
+++ b/src/lib/libcrypto/ecdsa/ecdsatest.c
@@ -0,0 +1,499 @@
1/* crypto/ecdsa/ecdsatest.c */
2/*
3 * Written by Nils Larsch for the OpenSSL project.
4 */
5/* ====================================================================
6 * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58/* ====================================================================
59 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
60 *
61 * Portions of the attached software ("Contribution") are developed by
62 * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
63 *
64 * The Contribution is licensed pursuant to the OpenSSL open source
65 * license provided above.
66 *
67 * The elliptic curve binary polynomial software is originally written by
68 * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
69 *
70 */
71
72#include <stdio.h>
73#include <stdlib.h>
74#include <string.h>
75
76#include <openssl/opensslconf.h> /* To see if OPENSSL_NO_ECDSA is defined */
77
78#ifdef OPENSSL_NO_ECDSA
79int main(int argc, char * argv[])
80 {
81 puts("Elliptic curves are disabled.");
82 return 0;
83 }
84#else
85
86#include <openssl/crypto.h>
87#include <openssl/bio.h>
88#include <openssl/evp.h>
89#include <openssl/bn.h>
90#include <openssl/ecdsa.h>
91#ifndef OPENSSL_NO_ENGINE
92#include <openssl/engine.h>
93#endif
94#include <openssl/err.h>
95#include <openssl/rand.h>
96
97static const char rnd_seed[] = "string to make the random number generator "
98 "think it has entropy";
99
100/* declaration of the test functions */
101int x9_62_tests(BIO *);
102int x9_62_test_internal(BIO *out, int nid, const char *r, const char *s);
103int test_builtin(BIO *);
104
105/* functions to change the RAND_METHOD */
106int change_rand(void);
107int restore_rand(void);
108int fbytes(unsigned char *buf, int num);
109
110RAND_METHOD fake_rand;
111const RAND_METHOD *old_rand;
112
113int change_rand(void)
114 {
115 /* save old rand method */
116 if ((old_rand = RAND_get_rand_method()) == NULL)
117 return 0;
118
119 fake_rand.seed = old_rand->seed;
120 fake_rand.cleanup = old_rand->cleanup;
121 fake_rand.add = old_rand->add;
122 fake_rand.status = old_rand->status;
123 /* use own random function */
124 fake_rand.bytes = fbytes;
125 fake_rand.pseudorand = old_rand->bytes;
126 /* set new RAND_METHOD */
127 if (!RAND_set_rand_method(&fake_rand))
128 return 0;
129 return 1;
130 }
131
132int restore_rand(void)
133 {
134 if (!RAND_set_rand_method(old_rand))
135 return 0;
136 else
137 return 1;
138 }
139
140static int fbytes_counter = 0;
141static const char *numbers[8] = {
142 "651056770906015076056810763456358567190100156695615665659",
143 "6140507067065001063065065565667405560006161556565665656654",
144 "8763001015071075675010661307616710783570106710677817767166"
145 "71676178726717",
146 "7000000175690566466555057817571571075705015757757057795755"
147 "55657156756655",
148 "1275552191113212300012030439187146164646146646466749494799",
149 "1542725565216523985789236956265265265235675811949404040041",
150 "1456427555219115346513212300075341203043918714616464614664"
151 "64667494947990",
152 "1712787255652165239672857892369562652652652356758119494040"
153 "40041670216363"};
154
155int fbytes(unsigned char *buf, int num)
156 {
157 int ret;
158 BIGNUM *tmp = NULL;
159
160 if (fbytes_counter >= 8)
161 return 0;
162 tmp = BN_new();
163 if (!tmp)
164 return 0;
165 if (!BN_dec2bn(&tmp, numbers[fbytes_counter]))
166 {
167 BN_free(tmp);
168 return 0;
169 }
170 fbytes_counter ++;
171 if (num != BN_num_bytes(tmp) || !BN_bn2bin(tmp, buf))
172 ret = 0;
173 else
174 ret = 1;
175 if (tmp)
176 BN_free(tmp);
177 return ret;
178 }
179
180/* some tests from the X9.62 draft */
181int x9_62_test_internal(BIO *out, int nid, const char *r_in, const char *s_in)
182 {
183 int ret = 0;
184 const char message[] = "abc";
185 unsigned char digest[20];
186 unsigned int dgst_len = 0;
187 EVP_MD_CTX md_ctx;
188 EC_KEY *key = NULL;
189 ECDSA_SIG *signature = NULL;
190 BIGNUM *r = NULL, *s = NULL;
191
192 EVP_MD_CTX_init(&md_ctx);
193 /* get the message digest */
194 EVP_DigestInit(&md_ctx, EVP_ecdsa());
195 EVP_DigestUpdate(&md_ctx, (const void*)message, 3);
196 EVP_DigestFinal(&md_ctx, digest, &dgst_len);
197
198 BIO_printf(out, "testing %s: ", OBJ_nid2sn(nid));
199 /* create the key */
200 if ((key = EC_KEY_new_by_curve_name(nid)) == NULL)
201 goto x962_int_err;
202 if (!EC_KEY_generate_key(key))
203 goto x962_int_err;
204 BIO_printf(out, ".");
205 (void)BIO_flush(out);
206 /* create the signature */
207 signature = ECDSA_do_sign(digest, 20, key);
208 if (signature == NULL)
209 goto x962_int_err;
210 BIO_printf(out, ".");
211 (void)BIO_flush(out);
212 /* compare the created signature with the expected signature */
213 if ((r = BN_new()) == NULL || (s = BN_new()) == NULL)
214 goto x962_int_err;
215 if (!BN_dec2bn(&r, r_in) ||
216 !BN_dec2bn(&s, s_in))
217 goto x962_int_err;
218 if (BN_cmp(signature->r ,r) || BN_cmp(signature->s, s))
219 goto x962_int_err;
220 BIO_printf(out, ".");
221 (void)BIO_flush(out);
222 /* verify the signature */
223 if (ECDSA_do_verify(digest, 20, signature, key) != 1)
224 goto x962_int_err;
225 BIO_printf(out, ".");
226 (void)BIO_flush(out);
227
228 BIO_printf(out, " ok\n");
229 ret = 1;
230x962_int_err:
231 if (!ret)
232 BIO_printf(out, " failed\n");
233 if (key)
234 EC_KEY_free(key);
235 if (signature)
236 ECDSA_SIG_free(signature);
237 if (r)
238 BN_free(r);
239 if (s)
240 BN_free(s);
241 EVP_MD_CTX_cleanup(&md_ctx);
242 return ret;
243 }
244
245int x9_62_tests(BIO *out)
246 {
247 int ret = 0;
248
249 BIO_printf(out, "some tests from X9.62:\n");
250
251 /* set own rand method */
252 if (!change_rand())
253 goto x962_err;
254
255 if (!x9_62_test_internal(out, NID_X9_62_prime192v1,
256 "3342403536405981729393488334694600415596881826869351677613",
257 "5735822328888155254683894997897571951568553642892029982342"))
258 goto x962_err;
259 if (!x9_62_test_internal(out, NID_X9_62_prime239v1,
260 "3086361431751678114926225473006680188549593787585317781474"
261 "62058306432176",
262 "3238135532097973577080787768312505059318910517550078427819"
263 "78505179448783"))
264 goto x962_err;
265 if (!x9_62_test_internal(out, NID_X9_62_c2tnb191v1,
266 "87194383164871543355722284926904419997237591535066528048",
267 "308992691965804947361541664549085895292153777025772063598"))
268 goto x962_err;
269 if (!x9_62_test_internal(out, NID_X9_62_c2tnb239v1,
270 "2159633321041961198501834003903461262881815148684178964245"
271 "5876922391552",
272 "1970303740007316867383349976549972270528498040721988191026"
273 "49413465737174"))
274 goto x962_err;
275
276 ret = 1;
277x962_err:
278 if (!restore_rand())
279 ret = 0;
280 return ret;
281 }
282
283int test_builtin(BIO *out)
284 {
285 EC_builtin_curve *curves = NULL;
286 size_t crv_len = 0, n = 0;
287 EC_KEY *eckey = NULL, *wrong_eckey = NULL;
288 EC_GROUP *group;
289 unsigned char digest[20], wrong_digest[20];
290 unsigned char *signature = NULL;
291 unsigned int sig_len;
292 int nid, ret = 0;
293
294 /* fill digest values with some random data */
295 if (!RAND_pseudo_bytes(digest, 20) ||
296 !RAND_pseudo_bytes(wrong_digest, 20))
297 {
298 BIO_printf(out, "ERROR: unable to get random data\n");
299 goto builtin_err;
300 }
301
302 /* create and verify a ecdsa signature with every availble curve
303 * (with ) */
304 BIO_printf(out, "\ntesting ECDSA_sign() and ECDSA_verify() "
305 "with some internal curves:\n");
306
307 /* get a list of all internal curves */
308 crv_len = EC_get_builtin_curves(NULL, 0);
309
310 curves = OPENSSL_malloc(sizeof(EC_builtin_curve) * crv_len);
311
312 if (curves == NULL)
313 {
314 BIO_printf(out, "malloc error\n");
315 goto builtin_err;
316 }
317
318 if (!EC_get_builtin_curves(curves, crv_len))
319 {
320 BIO_printf(out, "unable to get internal curves\n");
321 goto builtin_err;
322 }
323
324 /* now create and verify a signature for every curve */
325 for (n = 0; n < crv_len; n++)
326 {
327 unsigned char dirt, offset;
328
329 nid = curves[n].nid;
330 if (nid == NID_ipsec4)
331 continue;
332 /* create new ecdsa key (== EC_KEY) */
333 if ((eckey = EC_KEY_new()) == NULL)
334 goto builtin_err;
335 group = EC_GROUP_new_by_curve_name(nid);
336 if (group == NULL)
337 goto builtin_err;
338 if (EC_KEY_set_group(eckey, group) == 0)
339 goto builtin_err;
340 EC_GROUP_free(group);
341 if (EC_GROUP_get_degree(EC_KEY_get0_group(eckey)) < 160)
342 /* drop the curve */
343 {
344 EC_KEY_free(eckey);
345 eckey = NULL;
346 continue;
347 }
348 BIO_printf(out, "%s: ", OBJ_nid2sn(nid));
349 /* create key */
350 if (!EC_KEY_generate_key(eckey))
351 {
352 BIO_printf(out, " failed\n");
353 goto builtin_err;
354 }
355 /* create second key */
356 if ((wrong_eckey = EC_KEY_new()) == NULL)
357 goto builtin_err;
358 group = EC_GROUP_new_by_curve_name(nid);
359 if (group == NULL)
360 goto builtin_err;
361 if (EC_KEY_set_group(wrong_eckey, group) == 0)
362 goto builtin_err;
363 EC_GROUP_free(group);
364 if (!EC_KEY_generate_key(wrong_eckey))
365 {
366 BIO_printf(out, " failed\n");
367 goto builtin_err;
368 }
369
370 BIO_printf(out, ".");
371 (void)BIO_flush(out);
372 /* check key */
373 if (!EC_KEY_check_key(eckey))
374 {
375 BIO_printf(out, " failed\n");
376 goto builtin_err;
377 }
378 BIO_printf(out, ".");
379 (void)BIO_flush(out);
380 /* create signature */
381 sig_len = ECDSA_size(eckey);
382 if ((signature = OPENSSL_malloc(sig_len)) == NULL)
383 goto builtin_err;
384 if (!ECDSA_sign(0, digest, 20, signature, &sig_len, eckey))
385 {
386 BIO_printf(out, " failed\n");
387 goto builtin_err;
388 }
389 BIO_printf(out, ".");
390 (void)BIO_flush(out);
391 /* verify signature */
392 if (ECDSA_verify(0, digest, 20, signature, sig_len, eckey) != 1)
393 {
394 BIO_printf(out, " failed\n");
395 goto builtin_err;
396 }
397 BIO_printf(out, ".");
398 (void)BIO_flush(out);
399 /* verify signature with the wrong key */
400 if (ECDSA_verify(0, digest, 20, signature, sig_len,
401 wrong_eckey) == 1)
402 {
403 BIO_printf(out, " failed\n");
404 goto builtin_err;
405 }
406 BIO_printf(out, ".");
407 (void)BIO_flush(out);
408 /* wrong digest */
409 if (ECDSA_verify(0, wrong_digest, 20, signature, sig_len,
410 eckey) == 1)
411 {
412 BIO_printf(out, " failed\n");
413 goto builtin_err;
414 }
415 BIO_printf(out, ".");
416 (void)BIO_flush(out);
417 /* modify a single byte of the signature */
418 offset = signature[10] % sig_len;
419 dirt = signature[11];
420 signature[offset] ^= dirt ? dirt : 1;
421 if (ECDSA_verify(0, digest, 20, signature, sig_len, eckey) == 1)
422 {
423 BIO_printf(out, " failed\n");
424 goto builtin_err;
425 }
426 BIO_printf(out, ".");
427 (void)BIO_flush(out);
428
429 BIO_printf(out, " ok\n");
430 /* cleanup */
431 OPENSSL_free(signature);
432 signature = NULL;
433 EC_KEY_free(eckey);
434 eckey = NULL;
435 EC_KEY_free(wrong_eckey);
436 wrong_eckey = NULL;
437 }
438
439 ret = 1;
440builtin_err:
441 if (eckey)
442 EC_KEY_free(eckey);
443 if (wrong_eckey)
444 EC_KEY_free(wrong_eckey);
445 if (signature)
446 OPENSSL_free(signature);
447 if (curves)
448 OPENSSL_free(curves);
449
450 return ret;
451 }
452
453int main(void)
454 {
455 int ret = 1;
456 BIO *out;
457
458 out = BIO_new_fp(stdout, BIO_NOCLOSE);
459
460 /* enable memory leak checking unless explicitly disabled */
461 if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) &&
462 (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off"))))
463 {
464 CRYPTO_malloc_debug_init();
465 CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
466 }
467 else
468 {
469 /* OPENSSL_DEBUG_MEMORY=off */
470 CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
471 }
472 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
473
474 ERR_load_crypto_strings();
475
476 /* initialize the prng */
477 RAND_seed(rnd_seed, sizeof(rnd_seed));
478
479 /* the tests */
480 if (!x9_62_tests(out)) goto err;
481 if (!test_builtin(out)) goto err;
482
483 ret = 0;
484err:
485 if (ret)
486 BIO_printf(out, "\nECDSA test failed\n");
487 else
488 BIO_printf(out, "\nECDSA test passed\n");
489 if (ret)
490 ERR_print_errors(out);
491 CRYPTO_cleanup_all_ex_data();
492 ERR_remove_thread_state(NULL);
493 ERR_free_strings();
494 CRYPTO_mem_leaks(out);
495 if (out != NULL)
496 BIO_free(out);
497 return ret;
498 }
499#endif
diff --git a/src/lib/libcrypto/ec/ec2_smpt.c b/src/lib/libssl/src/crypto/rsa/rsa_depr.c
index 59d52bf663..a859ded987 100644
--- a/src/lib/libcrypto/ec/ec2_smpt.c
+++ b/src/lib/libssl/src/crypto/rsa/rsa_depr.c
@@ -1,7 +1,4 @@
1/* crypto/ec/ec2_smpt.c */ 1/* crypto/rsa/rsa_depr.c */
2/* This code was originally written by Douglas Stebila
3 * <dstebila@student.math.uwaterloo.ca> for the OpenSSL project.
4 */
5/* ==================================================================== 2/* ====================================================================
6 * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
7 * 4 *
@@ -56,19 +53,49 @@
56 * 53 *
57 */ 54 */
58 55
56/* NB: This file contains deprecated functions (compatibility wrappers to the
57 * "new" versions). */
59 58
60/* Calaculates and sets the affine coordinates of an EC_POINT from the given 59#include <stdio.h>
61 * compressed coordinates. Uses algorithm 2.3.4 of SEC 1. 60#include <time.h>
62 * Note that the simple implementation only uses affine coordinates. 61#include "cryptlib.h"
63 * 62#include <openssl/bn.h>
64 * This algorithm is patented by Certicom Corp. under US Patent 6,141,420 63#include <openssl/rsa.h>
65 * (for licensing information, contact licensing@certicom.com). 64
66 * This function is disabled by default and can be enabled by defining the 65#ifdef OPENSSL_NO_DEPRECATED
67 * preprocessor macro OPENSSL_EC_BIN_PT_COMP at Configure-time. 66
68 */ 67static void *dummy=&dummy;
69int ec_GF2m_simple_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *point, 68
70 const BIGNUM *x_, int y_bit, BN_CTX *ctx) 69#else
70
71RSA *RSA_generate_key(int bits, unsigned long e_value,
72 void (*callback)(int,int,void *), void *cb_arg)
71 { 73 {
72 ECerr(EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES, ERR_R_DISABLED); 74 BN_GENCB cb;
75 int i;
76 RSA *rsa = RSA_new();
77 BIGNUM *e = BN_new();
78
79 if(!rsa || !e) goto err;
80
81 /* The problem is when building with 8, 16, or 32 BN_ULONG,
82 * unsigned long can be larger */
83 for (i=0; i<(int)sizeof(unsigned long)*8; i++)
84 {
85 if (e_value & (1UL<<i))
86 if (BN_set_bit(e,i) == 0)
87 goto err;
88 }
89
90 BN_GENCB_set_old(&cb, callback, cb_arg);
91
92 if(RSA_generate_key_ex(rsa, bits, e, &cb)) {
93 BN_free(e);
94 return rsa;
95 }
96err:
97 if(e) BN_free(e);
98 if(rsa) RSA_free(rsa);
73 return 0; 99 return 0;
74 } 100 }
101#endif
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2026-02-11 19:45:25 +0000