Import regress tests for SM2. Not yet linked to the build.

Part of Github PR #105
author: tb <> 2021-08-18 16:06:56 +0000
committer: tb <> 2021-08-18 16:06:56 +0000
commit: a5c89764af8f7a72f1c0ddb9d42ec39de836d700 (patch)
tree: 4c8c274fa412a2c828b63050128d911a1fafa9f9 /src
parent: 27a4a421da356671ca87fff69b8b7340d284659c (diff)
download: openbsd-a5c89764af8f7a72f1c0ddb9d42ec39de836d700.tar.gz
openbsd-a5c89764af8f7a72f1c0ddb9d42ec39de836d700.tar.bz2
openbsd-a5c89764af8f7a72f1c0ddb9d42ec39de836d700.zip
4 files changed, 640 insertions, 0 deletions
diff --git a/src/regress/lib/libcrypto/sm2/Makefile b/src/regress/lib/libcrypto/sm2/Makefile
new file mode 100644
index 0000000000..8aa07f7155
--- /dev/null
+++ b/src/regress/lib/libcrypto/sm2/Makefile
@@ -0,0 +1,23 @@
+#       $OpenBSD: Makefile,v 1.1.1.1 2021/08/18 16:06:56 tb Exp $
+PROGS +=        sm2crypttest
+PROGS +=        sm2evptest
+PROGS +=        sm2sigtest
+LDADD =         ${CRYPTO_INT}
+DPADD =         ${LIBCRYPTO}
+WARNINGS =      Yes
+CFLAGS +=       -DLIBRESSL_INTERNAL -Wundef -Werror
+CFLAGS +=       -I${BSDSRCDIR}/lib/libcrypto/sm2
+CFLAGS +=       -I${BSDSRCDIR}/regress/lib/libssl/unit
+.for p in ${PROGS}
+REGRESS_TARGETS += run-$p
+run-$p: $p
+        @echo '\n======== $@ ========'
+        ./$p
+.PHONY: run-$p
+.endfor
+.include <bsd.regress.mk>
diff --git a/src/regress/lib/libcrypto/sm2/sm2crypttest.c b/src/regress/lib/libcrypto/sm2/sm2crypttest.c
new file mode 100644
index 0000000000..30a03b21c9
--- /dev/null
+++ b/src/regress/lib/libcrypto/sm2/sm2crypttest.c
@@ -0,0 +1,191 @@
+/*      $OpenBSD: sm2crypttest.c,v 1.1.1.1 2021/08/18 16:06:56 tb Exp $ */
+/*
+ * Copyright (c) 2017, 2019 Ribose Inc
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <openssl/bio.h>
+#include <openssl/evp.h>
+#include <openssl/bn.h>
+#include <openssl/crypto.h>
+#include <openssl/err.h>
+#include <openssl/rand.h>
+#ifdef OPENSSL_NO_SM2
+int main(int argc, char *argv[])
+{
+    printf("No SM2 support\n");
+    return (0);
+}
+#else
+#include <openssl/sm2.h>
+#include "sm2_locl.h"
+static EC_GROUP *
+create_EC_group(const char *p_hex, const char *a_hex, const char *b_hex,
+    const char *x_hex, const char *y_hex, const char *order_hex,
+    const char *cof_hex)
+{
+        BIGNUM *p = NULL;
+        BIGNUM *a = NULL;
+        BIGNUM *b = NULL;
+        BIGNUM *g_x = NULL;
+        BIGNUM *g_y = NULL;
+        BIGNUM *order = NULL;
+        BIGNUM *cof = NULL;
+        EC_POINT *generator = NULL;
+        EC_GROUP *group = NULL;
+        BN_hex2bn(&p, p_hex);
+        BN_hex2bn(&a, a_hex);
+        BN_hex2bn(&b, b_hex);
+        group = EC_GROUP_new_curve_GFp(p, a, b, NULL);
+        BN_free(p);
+        BN_free(a);
+        BN_free(b);
+        if (group == NULL)
+                return NULL;
+        generator = EC_POINT_new(group);
+        if (generator == NULL)
+                return NULL;
+        BN_hex2bn(&g_x, x_hex);
+        BN_hex2bn(&g_y, y_hex);
+        if (EC_POINT_set_affine_coordinates(group, generator, g_x, g_y,
+            NULL) == 0)
+                return NULL;
+        BN_free(g_x);
+        BN_free(g_y);
+        BN_hex2bn(&order, order_hex);
+        BN_hex2bn(&cof, cof_hex);
+        if (EC_GROUP_set_generator(group, generator, order, cof) == 0)
+                return NULL;
+        EC_POINT_free(generator);
+        BN_free(order);
+        BN_free(cof);
+        return group;
+}
+static int
+test_sm2(const EC_GROUP *group, const EVP_MD *digest, const char *privkey_hex,
+    const char *message)
+{
+        const size_t msg_len = strlen(message);
+        BIGNUM *priv = NULL;
+        EC_KEY *key = NULL;
+        EC_POINT *pt = NULL;
+        size_t ctext_len = 0;
+        uint8_t *ctext = NULL;
+        uint8_t *recovered = NULL;
+        size_t recovered_len = msg_len;
+        int rc = 0;
+        BN_hex2bn(&priv, privkey_hex);
+        key = EC_KEY_new();
+        EC_KEY_set_group(key, group);
+        EC_KEY_set_private_key(key, priv);
+        pt = EC_POINT_new(group);
+        EC_POINT_mul(group, pt, priv, NULL, NULL, NULL);
+        EC_KEY_set_public_key(key, pt);
+        BN_free(priv);
+        EC_POINT_free(pt);
+        if (!SM2_ciphertext_size(key, digest, msg_len, &ctext_len))
+                goto done;
+        ctext = calloc(1, ctext_len);
+        if (ctext == NULL)
+                goto done;
+        rc = SM2_encrypt(key, digest, (const uint8_t *)message, msg_len, ctext, &ctext_len);
+        if (rc == 0)
+                goto done;
+        recovered = calloc(1, msg_len);
+        if (recovered == NULL)
+                goto done;
+        rc = SM2_decrypt(key, digest, ctext, ctext_len, recovered, &recovered_len);
+        if (rc == 0)
+                goto done;
+        if (recovered_len != msg_len)
+                goto done;
+        if (memcmp(recovered, message, msg_len) != 0)
+                goto done;
+        rc = 1;
+ done:
+        free(ctext);
+        free(recovered);
+        EC_KEY_free(key);
+        return rc;
+}
+int
+main(int argc, char **argv)
+{
+        int rc;
+        EC_GROUP *test_group =
+                create_EC_group
+                ("8542D69E4C044F18E8B92435BF6FF7DE457283915C45517D722EDB8B08F1DFC3",
+                 "787968B4FA32C3FD2417842E73BBFEFF2F3C848B6831D7E0EC65228B3937E498",
+                 "63E4C6D3B23B0C849CF84241484BFE48F61D59A5B16BA06E6E12D1DA27C5249A",
+                 "421DEBD61B62EAB6746434EBC3CC315E32220B3BADD50BDC4C4E6C147FEDD43D",
+                 "0680512BCBB42C07D47349D2153B70C4E5D7FDFCBFA36EA1A85841B9E46E09A2",
+                 "8542D69E4C044F18E8B92435BF6FF7DD297720630485628D5AE74EE7C32E79B7",
+                 "1");
+        if (test_group == NULL)
+                return 1;
+        rc = test_sm2(test_group, EVP_sm3(),
+            "1649AB77A00637BD5E2EFE283FBF353534AA7F7CB89463F208DDBC2920BB0DA0",
+            "encryption standard");
+        if (rc == 0)
+                return 1;
+        /* Same test as above except using SHA-256 instead of SM3 */
+        rc = test_sm2(test_group, EVP_sha256(),
+            "1649AB77A00637BD5E2EFE283FBF353534AA7F7CB89463F208DDBC2920BB0DA0",
+            "encryption standard");
+        if (rc == 0)
+                return 1;
+        EC_GROUP_free(test_group);
+        printf("SUCCESS\n");
+        return 0;
+}
+#endif
diff --git a/src/regress/lib/libcrypto/sm2/sm2evptest.c b/src/regress/lib/libcrypto/sm2/sm2evptest.c
new file mode 100644
index 0000000000..93024612f4
--- /dev/null
+++ b/src/regress/lib/libcrypto/sm2/sm2evptest.c
@@ -0,0 +1,256 @@
+/*      $OpenBSD: sm2evptest.c,v 1.1.1.1 2021/08/18 16:06:56 tb Exp $ */
+/*
+ * Copyright (c) 2017, 2019 Ribose Inc
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <openssl/ec.h>
+#include <openssl/evp.h>
+#include <openssl/pem.h>
+#include "tests.h"
+#ifdef OPENSSL_NO_SM2
+int
+main(int argc, char *argv[])
+{
+        printf("No SM2 support\n");
+        return (0);
+}
+#else
+static int
+test_EVP_SM2_verify(void)
+{
+        /* From https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02#appendix-A */
+        const char *pubkey =
+                "-----BEGIN PUBLIC KEY-----\n"
+                "MIIBMzCB7AYHKoZIzj0CATCB4AIBATAsBgcqhkjOPQEBAiEAhULWnkwETxjouSQ1\n"
+                "v2/33kVyg5FcRVF9ci7biwjx38MwRAQgeHlotPoyw/0kF4Quc7v+/y88hItoMdfg\n"
+                "7GUiizk35JgEIGPkxtOyOwyEnPhCQUhL/kj2HVmlsWugbm4S0donxSSaBEEEQh3r\n"
+                "1hti6rZ0ZDTrw8wxXjIiCzut1QvcTE5sFH/t1D0GgFEry7QsB9RzSdIVO3DE5df9\n"
+                "/L+jbqGoWEG55G4JogIhAIVC1p5MBE8Y6LkkNb9v990pdyBjBIVijVrnTufDLnm3\n"
+                "AgEBA0IABArkx3mKoPEZRxvuEYJb5GICu3nipYRElel8BP9N8lSKfAJA+I8c1OFj\n"
+                "Uqc8F7fxbwc1PlOhdtaEqf4Ma7eY6Fc=\n"
+                "-----END PUBLIC KEY-----\n";
+        const char *input = "message digest";
+        const char *user_id = "ALICE123@YAHOO.COM";
+        const uint8_t signature[] = {
+                0x30, 0x44, 0x02, 0x20,
+                0x40, 0xF1, 0xEC, 0x59, 0xF7, 0x93, 0xD9, 0xF4, 0x9E, 0x09, 0xDC,
+                0xEF, 0x49, 0x13, 0x0D, 0x41, 0x94, 0xF7, 0x9F, 0xB1, 0xEE, 0xD2,
+                0xCA, 0xA5, 0x5B, 0xAC, 0xDB, 0x49, 0xC4, 0xE7, 0x55, 0xD1,
+                0x02, 0x20,
+                0x6F, 0xC6, 0xDA, 0xC3, 0x2C, 0x5D, 0x5C, 0xF1, 0x0C, 0x77, 0xDF,
+                0xB2, 0x0F, 0x7C, 0x2E, 0xB6, 0x67, 0xA4, 0x57, 0x87, 0x2F, 0xB0,
+                0x9E, 0xC5, 0x63, 0x27, 0xA6, 0x7E, 0xC7, 0xDE, 0xEB, 0xE7
+        };
+        int rc = 0;
+        BIO *bufio = NULL;
+        EVP_PKEY *pkey = NULL;
+        EVP_MD_CTX *md_ctx_verify = NULL;
+        EVP_PKEY_CTX *verify_ctx = NULL;
+        bufio = BIO_new_mem_buf(pubkey, strlen(pubkey));
+        CHECK_GOTO(bufio != NULL);
+        pkey = PEM_read_bio_PUBKEY(bufio, NULL, NULL, NULL);
+        CHECK_GOTO(pkey != NULL);
+        CHECK_GOTO(EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2));
+        md_ctx_verify = EVP_MD_CTX_new();
+        CHECK_GOTO(md_ctx_verify != NULL);
+        CHECK_GOTO(EVP_DigestVerifyInit(md_ctx_verify, &verify_ctx, EVP_sm3(), NULL, pkey));
+        CHECK_GOTO(EVP_PKEY_CTX_set_sm2_uid(verify_ctx, user_id, strlen(user_id)) > 0);
+        CHECK_GOTO(EVP_PKEY_CTX_hash_sm2_uid(verify_ctx) > 0);
+        CHECK_GOTO(EVP_DigestVerifyUpdate(md_ctx_verify, input, strlen(input)));
+        CHECK_GOTO(EVP_DigestVerifyFinal(md_ctx_verify, signature, sizeof(signature)));
+        rc = 1;
+ err:
+        BIO_free(bufio);
+        EVP_PKEY_free(pkey);
+        EVP_MD_CTX_free(md_ctx_verify);
+        return rc;
+}
+static int
+test_EVP_SM2(void)
+{
+        int ret = 0;
+        EVP_PKEY *pkey = NULL;
+        EVP_PKEY *params = NULL;
+        EVP_PKEY_CTX *pctx = NULL;
+        EVP_PKEY_CTX *sign_ctx = NULL;
+        EVP_PKEY_CTX *verify_ctx = NULL;
+        EVP_PKEY_CTX *kctx = NULL;
+        size_t sig_len = 0;
+        unsigned char *sig = NULL;
+        EVP_MD_CTX *md_ctx = NULL;
+        EVP_MD_CTX *md_ctx_verify = NULL;
+        EVP_PKEY_CTX *cctx = NULL;
+        int useid;
+        const char *uid_str = "nobody@example.com";
+        uint8_t uid_buf[32] = {0};
+        size_t uid_len = 0;
+        uint8_t ciphertext[128];
+        size_t ctext_len = sizeof(ciphertext);
+        uint8_t plaintext[8];
+        size_t ptext_len = sizeof(plaintext);
+        uint8_t kMsg[4] = {1, 2, 3, 4};
+        pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL);
+        CHECK_GOTO(pctx != NULL);
+        CHECK_GOTO(EVP_PKEY_paramgen_init(pctx) == 1);
+        CHECK_GOTO(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, NID_sm2));
+        CHECK_GOTO(EVP_PKEY_paramgen(pctx, &params));
+        kctx = EVP_PKEY_CTX_new(params, NULL);
+        CHECK_GOTO(kctx != NULL);
+        CHECK_GOTO(EVP_PKEY_keygen_init(kctx));
+        CHECK_GOTO(EVP_PKEY_keygen(kctx, &pkey));
+        CHECK_GOTO(EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2));
+        md_ctx = EVP_MD_CTX_new();
+        CHECK_GOTO(md_ctx != NULL);
+        md_ctx_verify = EVP_MD_CTX_new();
+        CHECK_GOTO(md_ctx_verify != NULL);
+        for (useid = 0; useid <= 1; ++useid) {
+                CHECK_GOTO(EVP_DigestSignInit(md_ctx, &sign_ctx, EVP_sm3(), NULL, pkey));
+                if (useid) {
+                        CHECK_GOTO(EVP_PKEY_CTX_set_sm2_uid(sign_ctx, uid_str, strlen(uid_str)) > 0);
+                        CHECK_GOTO(EVP_PKEY_CTX_get_sm2_uid_len(sign_ctx, &uid_len) > 0);
+                        CHECK_GOTO(uid_len == strlen(uid_str));
+                        CHECK_GOTO(EVP_PKEY_CTX_get_sm2_uid(sign_ctx, uid_buf) > 0);
+                        CHECK_GOTO(memcmp(uid_buf, uid_str, uid_len) == 0);
+                        CHECK_GOTO(EVP_PKEY_CTX_hash_sm2_uid(sign_ctx) > 0);
+                }
+                CHECK_GOTO(EVP_DigestSignUpdate(md_ctx, kMsg, sizeof(kMsg)));
+                /* Determine the size of the signature. */
+                CHECK_GOTO(EVP_DigestSignFinal(md_ctx, NULL, &sig_len));
+                CHECK_GOTO(sig_len == (size_t) EVP_PKEY_size(pkey));
+                sig = malloc(sig_len);
+                CHECK_GOTO(sig != NULL);
+                CHECK_GOTO(EVP_DigestSignFinal(md_ctx, sig, &sig_len));
+                /* Ensure that the signature round-trips. */
+                CHECK_GOTO(EVP_DigestVerifyInit(md_ctx_verify, &verify_ctx, EVP_sm3(), NULL, pkey));
+                if (useid) {
+                        CHECK_GOTO(EVP_PKEY_CTX_set_sm2_uid(verify_ctx, uid_str, strlen(uid_str)) > 0);
+                        CHECK_GOTO(EVP_PKEY_CTX_get_sm2_uid_len(verify_ctx, &uid_len) > 0);
+                        CHECK_GOTO(uid_len == strlen(uid_str));
+                        CHECK_GOTO(EVP_PKEY_CTX_get_sm2_uid(verify_ctx, uid_buf) > 0);
+                        CHECK_GOTO(memcmp(uid_buf, uid_str, uid_len) == 0);
+                        CHECK_GOTO(EVP_PKEY_CTX_hash_sm2_uid(verify_ctx) > 0);
+                }
+                CHECK_GOTO(EVP_DigestVerifyUpdate(md_ctx_verify, kMsg, sizeof(kMsg)));
+                CHECK_GOTO(EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len));
+                free(sig);
+                sig = NULL;
+        }
+        /* now check encryption/decryption */
+        cctx = EVP_PKEY_CTX_new(pkey, NULL);
+        CHECK_GOTO(cctx != NULL);
+        CHECK_GOTO(EVP_PKEY_encrypt_init(cctx));
+        CHECK_GOTO(EVP_PKEY_encrypt(cctx, ciphertext, &ctext_len, kMsg, sizeof(kMsg)));
+        CHECK_GOTO(EVP_PKEY_decrypt_init(cctx));
+        CHECK_GOTO(EVP_PKEY_decrypt(cctx, plaintext, &ptext_len, ciphertext, ctext_len));
+        CHECK_GOTO(ptext_len == sizeof(kMsg));
+        CHECK_GOTO(memcmp(plaintext, kMsg, sizeof(kMsg)) == 0);
+        ret = 1;
+ err:
+        EVP_PKEY_free(params);
+        EVP_MD_CTX_free(md_ctx);
+        EVP_MD_CTX_free(md_ctx_verify);
+        EVP_PKEY_CTX_free(pctx);
+        EVP_PKEY_CTX_free(kctx);
+        EVP_PKEY_CTX_free(cctx);
+        EVP_PKEY_free(pkey);
+        free(sig);
+        return ret;
+}
+int
+main(int argc, char *argv[])
+{
+        if (!test_EVP_SM2()) {
+                fprintf(stderr, "test_EVP_SM2() failed.\n");
+                fflush(stderr);
+                return 1;
+        }
+        if (!test_EVP_SM2_verify()) {
+                fprintf(stderr, "test_EVP_SM2_verify() failed.\n");
+                fflush(stderr);
+                return 1;
+        }
+        printf("SUCCESS\n");
+        return 0;
+}
+#endif
diff --git a/src/regress/lib/libcrypto/sm2/sm2sigtest.c b/src/regress/lib/libcrypto/sm2/sm2sigtest.c
new file mode 100644
index 0000000000..bd156799b8
--- /dev/null
+++ b/src/regress/lib/libcrypto/sm2/sm2sigtest.c
@@ -0,0 +1,170 @@
+/*      $OpenBSD: sm2sigtest.c,v 1.1.1.1 2021/08/18 16:06:56 tb Exp $ */
+/*
+ * Copyright (c) 2017, 2019 Ribose Inc
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <openssl/bio.h>
+#include <openssl/evp.h>
+#include <openssl/bn.h>
+#include <openssl/crypto.h>
+#include <openssl/err.h>
+#include <openssl/rand.h>
+#ifdef OPENSSL_NO_SM2
+int
+main(int argc, char *argv[])
+{
+    printf("No SM2 support\n");
+    return (0);
+}
+#else
+#include <openssl/sm2.h>
+#include "sm2_locl.h"
+static EC_GROUP *
+create_EC_group(const char *p_hex, const char *a_hex, const char *b_hex,
+    const char *x_hex, const char *y_hex, const char *order_hex,
+    const char *cof_hex)
+{
+        BIGNUM *p = NULL;
+        BIGNUM *a = NULL;
+        BIGNUM *b = NULL;
+        BIGNUM *g_x = NULL;
+        BIGNUM *g_y = NULL;
+        BIGNUM *order = NULL;
+        BIGNUM *cof = NULL;
+        EC_POINT *generator = NULL;
+        EC_GROUP *group = NULL;
+        BN_hex2bn(&p, p_hex);
+        BN_hex2bn(&a, a_hex);
+        BN_hex2bn(&b, b_hex);
+        group = EC_GROUP_new_curve_GFp(p, a, b, NULL);
+        BN_free(p);
+        BN_free(a);
+        BN_free(b);
+        if (group == NULL)
+                return NULL;
+        generator = EC_POINT_new(group);
+        if (generator == NULL)
+                return NULL;
+        BN_hex2bn(&g_x, x_hex);
+        BN_hex2bn(&g_y, y_hex);
+        if (EC_POINT_set_affine_coordinates(group, generator, g_x, g_y,
+            NULL) == 0)
+                return NULL;
+        BN_free(g_x);
+        BN_free(g_y);
+        BN_hex2bn(&order, order_hex);
+        BN_hex2bn(&cof, cof_hex);
+        if (EC_GROUP_set_generator(group, generator, order, cof) == 0)
+                return NULL;
+        EC_POINT_free(generator);
+        BN_free(order);
+        BN_free(cof);
+        return group;
+}
+static int
+test_sm2(const EC_GROUP *group, const char *userid, const char *privkey_hex,
+    const char *message)
+{
+        const size_t msg_len = strlen(message);
+        int ok = -1;
+        BIGNUM *priv = NULL;
+        EC_POINT *pt = NULL;
+        EC_KEY *key = NULL;
+        ECDSA_SIG *sig = NULL;
+        const BIGNUM *sig_r = NULL;
+        const BIGNUM *sig_s = NULL;
+        BN_hex2bn(&priv, privkey_hex);
+        key = EC_KEY_new();
+        EC_KEY_set_group(key, group);
+        EC_KEY_set_private_key(key, priv);
+        pt = EC_POINT_new(group);
+        EC_POINT_mul(group, pt, priv, NULL, NULL, NULL);
+        EC_KEY_set_public_key(key, pt);
+        sig = sm2_do_sign(key, EVP_sm3(), userid, strlen(userid),
+            (const uint8_t *)message, msg_len);
+        if (sig == NULL)
+                return 0;
+        ECDSA_SIG_get0(sig, &sig_r, &sig_s);
+        ok = sm2_do_verify(key, EVP_sm3(), sig, userid, strlen(userid),
+            (const uint8_t *)message, msg_len);
+        ECDSA_SIG_free(sig);
+        EC_POINT_free(pt);
+        EC_KEY_free(key);
+        BN_free(priv);
+        return ok;
+}
+int
+main(int argc, char **argv)
+{
+        int rc = 0;
+        /* From draft-shen-sm2-ecdsa-02 */
+        EC_GROUP *test_group =
+                create_EC_group
+                ("8542D69E4C044F18E8B92435BF6FF7DE457283915C45517D722EDB8B08F1DFC3",
+                 "787968B4FA32C3FD2417842E73BBFEFF2F3C848B6831D7E0EC65228B3937E498",
+                 "63E4C6D3B23B0C849CF84241484BFE48F61D59A5B16BA06E6E12D1DA27C5249A",
+                 "421DEBD61B62EAB6746434EBC3CC315E32220B3BADD50BDC4C4E6C147FEDD43D",
+                 "0680512BCBB42C07D47349D2153B70C4E5D7FDFCBFA36EA1A85841B9E46E09A2",
+                 "8542D69E4C044F18E8B92435BF6FF7DD297720630485628D5AE74EE7C32E79B7",
+                 "1");
+        if (test_group == NULL)
+                return 1;
+        rc = test_sm2(test_group, "ALICE123@YAHOO.COM",
+            "128B2FA8BD433C6C068C8D803DFF79792A519A55171B1B650C23661D15897263",
+            "message digest");
+        EC_GROUP_free(test_group);
+        if (rc <= 0)
+                return 1;
+        printf("SUCCESS\n");
+        return 0;
+}
+#endif
author	tb <>	2021-08-18 16:06:56 +0000
committer	tb <>	2021-08-18 16:06:56 +0000
commit	a5c89764af8f7a72f1c0ddb9d42ec39de836d700 (patch)
tree	4c8c274fa412a2c828b63050128d911a1fafa9f9 /src
parent	27a4a421da356671ca87fff69b8b7340d284659c (diff)
download	openbsd-a5c89764af8f7a72f1c0ddb9d42ec39de836d700.tar.gz openbsd-a5c89764af8f7a72f1c0ddb9d42ec39de836d700.tar.bz2 openbsd-a5c89764af8f7a72f1c0ddb9d42ec39de836d700.zip

diff --git a/src/regress/lib/libcrypto/sm2/Makefile b/src/regress/lib/libcrypto/sm2/Makefile new file mode 100644 index 0000000000..8aa07f7155 --- /dev/null +++ b/src/regress/lib/libcrypto/sm2/Makefile
@@ -0,0 +1,23 @@
	1	# $OpenBSD: Makefile,v 1.1.1.1 2021/08/18 16:06:56 tb Exp $
	2
	3	PROGS += sm2crypttest
	4	PROGS += sm2evptest
	5	PROGS += sm2sigtest
	6
	7	LDADD = ${CRYPTO_INT}
	8	DPADD = ${LIBCRYPTO}
	9	WARNINGS = Yes
	10
	11	CFLAGS += -DLIBRESSL_INTERNAL -Wundef -Werror
	12	CFLAGS += -I${BSDSRCDIR}/lib/libcrypto/sm2
	13	CFLAGS += -I${BSDSRCDIR}/regress/lib/libssl/unit
	14
	15	.for p in ${PROGS}
	16	REGRESS_TARGETS += run-$p
	17	run-$p: $p
	18	@echo '\n======== $@ ========'
	19	./$p
	20	.PHONY: run-$p
	21	.endfor
	22
	23	.include <bsd.regress.mk>


diff --git a/src/regress/lib/libcrypto/sm2/sm2crypttest.c b/src/regress/lib/libcrypto/sm2/sm2crypttest.c new file mode 100644 index 0000000000..30a03b21c9 --- /dev/null +++ b/src/regress/lib/libcrypto/sm2/sm2crypttest.c
@@ -0,0 +1,191 @@
	1	/* $OpenBSD: sm2crypttest.c,v 1.1.1.1 2021/08/18 16:06:56 tb Exp $ */
	2	/*
	3	* Copyright (c) 2017, 2019 Ribose Inc
	4	*
	5	* Permission to use, copy, modify, and/or distribute this software for any
	6	* purpose with or without fee is hereby granted, provided that the above
	7	* copyright notice and this permission notice appear in all copies.
	8	*
	9	* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
	10	* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
	11	* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
	12	* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
	13	* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
	14	* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
	15	* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
	16	*/
	17
	18	#include <stdio.h>
	19	#include <stdlib.h>
	20	#include <string.h>
	21
	22	#include <openssl/bio.h>
	23	#include <openssl/evp.h>
	24	#include <openssl/bn.h>
	25	#include <openssl/crypto.h>
	26	#include <openssl/err.h>
	27	#include <openssl/rand.h>
	28
	29	#ifdef OPENSSL_NO_SM2
	30	int main(int argc, char *argv[])
	31	{
	32	printf("No SM2 support\n");
	33	return (0);
	34	}
	35	#else
	36	#include <openssl/sm2.h>
	37	#include "sm2_locl.h"
	38
	39	static EC_GROUP *
	40	create_EC_group(const char p_hex, const char a_hex, const char *b_hex,
	41	const char x_hex, const char y_hex, const char *order_hex,
	42	const char *cof_hex)
	43	{
	44	BIGNUM *p = NULL;
	45	BIGNUM *a = NULL;
	46	BIGNUM *b = NULL;
	47	BIGNUM *g_x = NULL;
	48	BIGNUM *g_y = NULL;
	49	BIGNUM *order = NULL;
	50	BIGNUM *cof = NULL;
	51	EC_POINT *generator = NULL;
	52	EC_GROUP *group = NULL;
	53
	54	BN_hex2bn(&p, p_hex);
	55	BN_hex2bn(&a, a_hex);
	56	BN_hex2bn(&b, b_hex);
	57
	58	group = EC_GROUP_new_curve_GFp(p, a, b, NULL);
	59	BN_free(p);
	60	BN_free(a);
	61	BN_free(b);
	62
	63	if (group == NULL)
	64	return NULL;
	65
	66	generator = EC_POINT_new(group);
	67	if (generator == NULL)
	68	return NULL;
	69
	70	BN_hex2bn(&g_x, x_hex);
	71	BN_hex2bn(&g_y, y_hex);
	72
	73	if (EC_POINT_set_affine_coordinates(group, generator, g_x, g_y,
	74	NULL) == 0)
	75	return NULL;
	76
	77	BN_free(g_x);
	78	BN_free(g_y);
	79
	80	BN_hex2bn(&order, order_hex);
	81	BN_hex2bn(&cof, cof_hex);
	82
	83	if (EC_GROUP_set_generator(group, generator, order, cof) == 0)
	84	return NULL;
	85
	86	EC_POINT_free(generator);
	87	BN_free(order);
	88	BN_free(cof);
	89
	90	return group;
	91	}
	92
	93	static int
	94	test_sm2(const EC_GROUP group, const EVP_MD digest, const char *privkey_hex,
	95	const char *message)
	96	{
	97	const size_t msg_len = strlen(message);
	98
	99	BIGNUM *priv = NULL;
	100	EC_KEY *key = NULL;
	101	EC_POINT *pt = NULL;
	102	size_t ctext_len = 0;
	103	uint8_t *ctext = NULL;
	104	uint8_t *recovered = NULL;
	105	size_t recovered_len = msg_len;
	106	int rc = 0;
	107
	108	BN_hex2bn(&priv, privkey_hex);
	109
	110	key = EC_KEY_new();
	111	EC_KEY_set_group(key, group);
	112	EC_KEY_set_private_key(key, priv);
	113
	114	pt = EC_POINT_new(group);
	115	EC_POINT_mul(group, pt, priv, NULL, NULL, NULL);
	116
	117	EC_KEY_set_public_key(key, pt);
	118	BN_free(priv);
	119	EC_POINT_free(pt);
	120
	121	if (!SM2_ciphertext_size(key, digest, msg_len, &ctext_len))
	122	goto done;
	123	ctext = calloc(1, ctext_len);
	124	if (ctext == NULL)
	125	goto done;
	126
	127	rc = SM2_encrypt(key, digest, (const uint8_t *)message, msg_len, ctext, &ctext_len);
	128
	129	if (rc == 0)
	130	goto done;
	131
	132	recovered = calloc(1, msg_len);
	133	if (recovered == NULL)
	134	goto done;
	135	rc = SM2_decrypt(key, digest, ctext, ctext_len, recovered, &recovered_len);
	136
	137	if (rc == 0)
	138	goto done;
	139	if (recovered_len != msg_len)
	140	goto done;
	141	if (memcmp(recovered, message, msg_len) != 0)
	142	goto done;
	143
	144	rc = 1;
	145	done:
	146
	147	free(ctext);
	148	free(recovered);
	149	EC_KEY_free(key);
	150	return rc;
	151	}
	152
	153	int
	154	main(int argc, char **argv)
	155	{
	156	int rc;
	157	EC_GROUP *test_group =
	158	create_EC_group
	159	("8542D69E4C044F18E8B92435BF6FF7DE457283915C45517D722EDB8B08F1DFC3",
	160	"787968B4FA32C3FD2417842E73BBFEFF2F3C848B6831D7E0EC65228B3937E498",
	161	"63E4C6D3B23B0C849CF84241484BFE48F61D59A5B16BA06E6E12D1DA27C5249A",
	162	"421DEBD61B62EAB6746434EBC3CC315E32220B3BADD50BDC4C4E6C147FEDD43D",
	163	"0680512BCBB42C07D47349D2153B70C4E5D7FDFCBFA36EA1A85841B9E46E09A2",
	164	"8542D69E4C044F18E8B92435BF6FF7DD297720630485628D5AE74EE7C32E79B7",
	165	"1");
	166
	167	if (test_group == NULL)
	168	return 1;
	169
	170	rc = test_sm2(test_group, EVP_sm3(),
	171	"1649AB77A00637BD5E2EFE283FBF353534AA7F7CB89463F208DDBC2920BB0DA0",
	172	"encryption standard");
	173
	174	if (rc == 0)
	175	return 1;
	176
	177	/* Same test as above except using SHA-256 instead of SM3 */
	178	rc = test_sm2(test_group, EVP_sha256(),
	179	"1649AB77A00637BD5E2EFE283FBF353534AA7F7CB89463F208DDBC2920BB0DA0",
	180	"encryption standard");
	181	if (rc == 0)
	182	return 1;
	183
	184	EC_GROUP_free(test_group);
	185
	186	printf("SUCCESS\n");
	187
	188	return 0;
	189	}
	190
	191	#endif


diff --git a/src/regress/lib/libcrypto/sm2/sm2evptest.c b/src/regress/lib/libcrypto/sm2/sm2evptest.c new file mode 100644 index 0000000000..93024612f4 --- /dev/null +++ b/src/regress/lib/libcrypto/sm2/sm2evptest.c
@@ -0,0 +1,256 @@
	1	/* $OpenBSD: sm2evptest.c,v 1.1.1.1 2021/08/18 16:06:56 tb Exp $ */
	2	/*
	3	* Copyright (c) 2017, 2019 Ribose Inc
	4	*
	5	* Permission to use, copy, modify, and/or distribute this software for any
	6	* purpose with or without fee is hereby granted, provided that the above
	7	* copyright notice and this permission notice appear in all copies.
	8	*
	9	* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
	10	* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
	11	* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
	12	* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
	13	* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
	14	* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
	15	* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
	16	*/
	17
	18	#include <stdio.h>
	19	#include <stdlib.h>
	20	#include <string.h>
	21
	22	#include <openssl/ec.h>
	23	#include <openssl/evp.h>
	24	#include <openssl/pem.h>
	25
	26	#include "tests.h"
	27
	28	#ifdef OPENSSL_NO_SM2
	29	int
	30	main(int argc, char *argv[])
	31	{
	32	printf("No SM2 support\n");
	33	return (0);
	34	}
	35	#else
	36	static int
	37	test_EVP_SM2_verify(void)
	38	{
	39	/* From https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02#appendix-A */
	40	const char *pubkey =
	41	"-----BEGIN PUBLIC KEY-----\n"
	42	"MIIBMzCB7AYHKoZIzj0CATCB4AIBATAsBgcqhkjOPQEBAiEAhULWnkwETxjouSQ1\n"
	43	"v2/33kVyg5FcRVF9ci7biwjx38MwRAQgeHlotPoyw/0kF4Quc7v+/y88hItoMdfg\n"
	44	"7GUiizk35JgEIGPkxtOyOwyEnPhCQUhL/kj2HVmlsWugbm4S0donxSSaBEEEQh3r\n"
	45	"1hti6rZ0ZDTrw8wxXjIiCzut1QvcTE5sFH/t1D0GgFEry7QsB9RzSdIVO3DE5df9\n"
	46	"/L+jbqGoWEG55G4JogIhAIVC1p5MBE8Y6LkkNb9v990pdyBjBIVijVrnTufDLnm3\n"
	47	"AgEBA0IABArkx3mKoPEZRxvuEYJb5GICu3nipYRElel8BP9N8lSKfAJA+I8c1OFj\n"
	48	"Uqc8F7fxbwc1PlOhdtaEqf4Ma7eY6Fc=\n"
	49	"-----END PUBLIC KEY-----\n";
	50
	51	const char *input = "message digest";
	52	const char *user_id = "ALICE123@YAHOO.COM";
	53
	54	const uint8_t signature[] = {
	55	0x30, 0x44, 0x02, 0x20,
	56	0x40, 0xF1, 0xEC, 0x59, 0xF7, 0x93, 0xD9, 0xF4, 0x9E, 0x09, 0xDC,
	57	0xEF, 0x49, 0x13, 0x0D, 0x41, 0x94, 0xF7, 0x9F, 0xB1, 0xEE, 0xD2,
	58	0xCA, 0xA5, 0x5B, 0xAC, 0xDB, 0x49, 0xC4, 0xE7, 0x55, 0xD1,
	59	0x02, 0x20,
	60	0x6F, 0xC6, 0xDA, 0xC3, 0x2C, 0x5D, 0x5C, 0xF1, 0x0C, 0x77, 0xDF,
	61	0xB2, 0x0F, 0x7C, 0x2E, 0xB6, 0x67, 0xA4, 0x57, 0x87, 0x2F, 0xB0,
	62	0x9E, 0xC5, 0x63, 0x27, 0xA6, 0x7E, 0xC7, 0xDE, 0xEB, 0xE7
	63	};
	64
	65	int rc = 0;
	66	BIO *bufio = NULL;
	67	EVP_PKEY *pkey = NULL;
	68	EVP_MD_CTX *md_ctx_verify = NULL;
	69	EVP_PKEY_CTX *verify_ctx = NULL;
	70
	71	bufio = BIO_new_mem_buf(pubkey, strlen(pubkey));
	72	CHECK_GOTO(bufio != NULL);
	73
	74	pkey = PEM_read_bio_PUBKEY(bufio, NULL, NULL, NULL);
	75	CHECK_GOTO(pkey != NULL);
	76
	77	CHECK_GOTO(EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2));
	78
	79	md_ctx_verify = EVP_MD_CTX_new();
	80	CHECK_GOTO(md_ctx_verify != NULL);
	81
	82	CHECK_GOTO(EVP_DigestVerifyInit(md_ctx_verify, &verify_ctx, EVP_sm3(), NULL, pkey));
	83
	84	CHECK_GOTO(EVP_PKEY_CTX_set_sm2_uid(verify_ctx, user_id, strlen(user_id)) > 0);
	85
	86	CHECK_GOTO(EVP_PKEY_CTX_hash_sm2_uid(verify_ctx) > 0);
	87
	88	CHECK_GOTO(EVP_DigestVerifyUpdate(md_ctx_verify, input, strlen(input)));
	89
	90	CHECK_GOTO(EVP_DigestVerifyFinal(md_ctx_verify, signature, sizeof(signature)));
	91
	92	rc = 1;
	93	err:
	94	BIO_free(bufio);
	95	EVP_PKEY_free(pkey);
	96	EVP_MD_CTX_free(md_ctx_verify);
	97	return rc;
	98	}
	99
	100	static int
	101	test_EVP_SM2(void)
	102	{
	103	int ret = 0;
	104	EVP_PKEY *pkey = NULL;
	105	EVP_PKEY *params = NULL;
	106	EVP_PKEY_CTX *pctx = NULL;
	107	EVP_PKEY_CTX *sign_ctx = NULL;
	108	EVP_PKEY_CTX *verify_ctx = NULL;
	109	EVP_PKEY_CTX *kctx = NULL;
	110	size_t sig_len = 0;
	111	unsigned char *sig = NULL;
	112	EVP_MD_CTX *md_ctx = NULL;
	113	EVP_MD_CTX *md_ctx_verify = NULL;
	114	EVP_PKEY_CTX *cctx = NULL;
	115	int useid;
	116	const char *uid_str = "nobody@example.com";
	117	uint8_t uid_buf[32] = {0};
	118	size_t uid_len = 0;
	119
	120	uint8_t ciphertext[128];
	121	size_t ctext_len = sizeof(ciphertext);
	122
	123	uint8_t plaintext[8];
	124	size_t ptext_len = sizeof(plaintext);
	125
	126	uint8_t kMsg[4] = {1, 2, 3, 4};
	127
	128	pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL);
	129	CHECK_GOTO(pctx != NULL);
	130
	131	CHECK_GOTO(EVP_PKEY_paramgen_init(pctx) == 1);
	132
	133	CHECK_GOTO(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, NID_sm2));
	134
	135	CHECK_GOTO(EVP_PKEY_paramgen(pctx, &params));
	136
	137	kctx = EVP_PKEY_CTX_new(params, NULL);
	138	CHECK_GOTO(kctx != NULL);
	139
	140	CHECK_GOTO(EVP_PKEY_keygen_init(kctx));
	141
	142	CHECK_GOTO(EVP_PKEY_keygen(kctx, &pkey));
	143
	144	CHECK_GOTO(EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2));
	145
	146	md_ctx = EVP_MD_CTX_new();
	147	CHECK_GOTO(md_ctx != NULL);
	148
	149	md_ctx_verify = EVP_MD_CTX_new();
	150	CHECK_GOTO(md_ctx_verify != NULL);
	151
	152	for (useid = 0; useid <= 1; ++useid) {
	153	CHECK_GOTO(EVP_DigestSignInit(md_ctx, &sign_ctx, EVP_sm3(), NULL, pkey));
	154
	155	if (useid) {
	156	CHECK_GOTO(EVP_PKEY_CTX_set_sm2_uid(sign_ctx, uid_str, strlen(uid_str)) > 0);
	157
	158	CHECK_GOTO(EVP_PKEY_CTX_get_sm2_uid_len(sign_ctx, &uid_len) > 0);
	159
	160	CHECK_GOTO(uid_len == strlen(uid_str));
	161
	162	CHECK_GOTO(EVP_PKEY_CTX_get_sm2_uid(sign_ctx, uid_buf) > 0);
	163
	164	CHECK_GOTO(memcmp(uid_buf, uid_str, uid_len) == 0);
	165
	166	CHECK_GOTO(EVP_PKEY_CTX_hash_sm2_uid(sign_ctx) > 0);
	167	}
	168
	169	CHECK_GOTO(EVP_DigestSignUpdate(md_ctx, kMsg, sizeof(kMsg)));
	170
	171	/* Determine the size of the signature. */
	172	CHECK_GOTO(EVP_DigestSignFinal(md_ctx, NULL, &sig_len));
	173
	174	CHECK_GOTO(sig_len == (size_t) EVP_PKEY_size(pkey));
	175
	176	sig = malloc(sig_len);
	177	CHECK_GOTO(sig != NULL);
	178
	179	CHECK_GOTO(EVP_DigestSignFinal(md_ctx, sig, &sig_len));
	180
	181	/* Ensure that the signature round-trips. */
	182
	183	CHECK_GOTO(EVP_DigestVerifyInit(md_ctx_verify, &verify_ctx, EVP_sm3(), NULL, pkey));
	184
	185	if (useid) {
	186	CHECK_GOTO(EVP_PKEY_CTX_set_sm2_uid(verify_ctx, uid_str, strlen(uid_str)) > 0);
	187
	188	CHECK_GOTO(EVP_PKEY_CTX_get_sm2_uid_len(verify_ctx, &uid_len) > 0);
	189
	190	CHECK_GOTO(uid_len == strlen(uid_str));
	191
	192	CHECK_GOTO(EVP_PKEY_CTX_get_sm2_uid(verify_ctx, uid_buf) > 0);
	193
	194	CHECK_GOTO(memcmp(uid_buf, uid_str, uid_len) == 0);
	195
	196	CHECK_GOTO(EVP_PKEY_CTX_hash_sm2_uid(verify_ctx) > 0);
	197	}
	198
	199	CHECK_GOTO(EVP_DigestVerifyUpdate(md_ctx_verify, kMsg, sizeof(kMsg)));
	200
	201	CHECK_GOTO(EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len));
	202
	203	free(sig);
	204	sig = NULL;
	205	}
	206
	207	/* now check encryption/decryption */
	208
	209	cctx = EVP_PKEY_CTX_new(pkey, NULL);
	210	CHECK_GOTO(cctx != NULL);
	211
	212	CHECK_GOTO(EVP_PKEY_encrypt_init(cctx));
	213
	214	CHECK_GOTO(EVP_PKEY_encrypt(cctx, ciphertext, &ctext_len, kMsg, sizeof(kMsg)));
	215
	216	CHECK_GOTO(EVP_PKEY_decrypt_init(cctx));
	217
	218	CHECK_GOTO(EVP_PKEY_decrypt(cctx, plaintext, &ptext_len, ciphertext, ctext_len));
	219
	220	CHECK_GOTO(ptext_len == sizeof(kMsg));
	221
	222	CHECK_GOTO(memcmp(plaintext, kMsg, sizeof(kMsg)) == 0);
	223
	224	ret = 1;
	225	err:
	226	EVP_PKEY_free(params);
	227	EVP_MD_CTX_free(md_ctx);
	228	EVP_MD_CTX_free(md_ctx_verify);
	229	EVP_PKEY_CTX_free(pctx);
	230	EVP_PKEY_CTX_free(kctx);
	231	EVP_PKEY_CTX_free(cctx);
	232	EVP_PKEY_free(pkey);
	233	free(sig);
	234	return ret;
	235	}
	236
	237	int
	238	main(int argc, char *argv[])
	239	{
	240	if (!test_EVP_SM2()) {
	241	fprintf(stderr, "test_EVP_SM2() failed.\n");
	242	fflush(stderr);
	243	return 1;
	244	}
	245	if (!test_EVP_SM2_verify()) {
	246	fprintf(stderr, "test_EVP_SM2_verify() failed.\n");
	247	fflush(stderr);
	248	return 1;
	249	}
	250
	251	printf("SUCCESS\n");
	252
	253	return 0;
	254	}
	255
	256	#endif


diff --git a/src/regress/lib/libcrypto/sm2/sm2sigtest.c b/src/regress/lib/libcrypto/sm2/sm2sigtest.c new file mode 100644 index 0000000000..bd156799b8 --- /dev/null +++ b/src/regress/lib/libcrypto/sm2/sm2sigtest.c
@@ -0,0 +1,170 @@
	1	/* $OpenBSD: sm2sigtest.c,v 1.1.1.1 2021/08/18 16:06:56 tb Exp $ */
	2	/*
	3	* Copyright (c) 2017, 2019 Ribose Inc
	4	*
	5	* Permission to use, copy, modify, and/or distribute this software for any
	6	* purpose with or without fee is hereby granted, provided that the above
	7	* copyright notice and this permission notice appear in all copies.
	8	*
	9	* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
	10	* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
	11	* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
	12	* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
	13	* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
	14	* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
	15	* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
	16	*/
	17
	18	#include <stdio.h>
	19	#include <stdlib.h>
	20	#include <string.h>
	21
	22	#include <openssl/bio.h>
	23	#include <openssl/evp.h>
	24	#include <openssl/bn.h>
	25	#include <openssl/crypto.h>
	26	#include <openssl/err.h>
	27	#include <openssl/rand.h>
	28
	29	#ifdef OPENSSL_NO_SM2
	30	int
	31	main(int argc, char *argv[])
	32	{
	33	printf("No SM2 support\n");
	34	return (0);
	35	}
	36	#else
	37	#include <openssl/sm2.h>
	38	#include "sm2_locl.h"
	39
	40	static EC_GROUP *
	41	create_EC_group(const char p_hex, const char a_hex, const char *b_hex,
	42	const char x_hex, const char y_hex, const char *order_hex,
	43	const char *cof_hex)
	44	{
	45	BIGNUM *p = NULL;
	46	BIGNUM *a = NULL;
	47	BIGNUM *b = NULL;
	48	BIGNUM *g_x = NULL;
	49	BIGNUM *g_y = NULL;
	50	BIGNUM *order = NULL;
	51	BIGNUM *cof = NULL;
	52	EC_POINT *generator = NULL;
	53	EC_GROUP *group = NULL;
	54
	55	BN_hex2bn(&p, p_hex);
	56	BN_hex2bn(&a, a_hex);
	57	BN_hex2bn(&b, b_hex);
	58
	59	group = EC_GROUP_new_curve_GFp(p, a, b, NULL);
	60	BN_free(p);
	61	BN_free(a);
	62	BN_free(b);
	63
	64	if (group == NULL)
	65	return NULL;
	66
	67	generator = EC_POINT_new(group);
	68	if (generator == NULL)
	69	return NULL;
	70
	71	BN_hex2bn(&g_x, x_hex);
	72	BN_hex2bn(&g_y, y_hex);
	73
	74	if (EC_POINT_set_affine_coordinates(group, generator, g_x, g_y,
	75	NULL) == 0)
	76	return NULL;
	77
	78	BN_free(g_x);
	79	BN_free(g_y);
	80
	81	BN_hex2bn(&order, order_hex);
	82	BN_hex2bn(&cof, cof_hex);
	83
	84	if (EC_GROUP_set_generator(group, generator, order, cof) == 0)
	85	return NULL;
	86
	87	EC_POINT_free(generator);
	88	BN_free(order);
	89	BN_free(cof);
	90
	91	return group;
	92	}
	93
	94
	95	static int
	96	test_sm2(const EC_GROUP group, const char userid, const char *privkey_hex,
	97	const char *message)
	98	{
	99	const size_t msg_len = strlen(message);
	100	int ok = -1;
	101	BIGNUM *priv = NULL;
	102	EC_POINT *pt = NULL;
	103	EC_KEY *key = NULL;
	104	ECDSA_SIG *sig = NULL;
	105	const BIGNUM *sig_r = NULL;
	106	const BIGNUM *sig_s = NULL;
	107
	108	BN_hex2bn(&priv, privkey_hex);
	109
	110	key = EC_KEY_new();
	111	EC_KEY_set_group(key, group);
	112	EC_KEY_set_private_key(key, priv);
	113
	114	pt = EC_POINT_new(group);
	115	EC_POINT_mul(group, pt, priv, NULL, NULL, NULL);
	116	EC_KEY_set_public_key(key, pt);
	117
	118	sig = sm2_do_sign(key, EVP_sm3(), userid, strlen(userid),
	119	(const uint8_t *)message, msg_len);
	120
	121	if (sig == NULL)
	122	return 0;
	123
	124	ECDSA_SIG_get0(sig, &sig_r, &sig_s);
	125
	126	ok = sm2_do_verify(key, EVP_sm3(), sig, userid, strlen(userid),
	127	(const uint8_t *)message, msg_len);
	128
	129	ECDSA_SIG_free(sig);
	130	EC_POINT_free(pt);
	131	EC_KEY_free(key);
	132	BN_free(priv);
	133
	134	return ok;
	135	}
	136
	137	int
	138	main(int argc, char **argv)
	139	{
	140	int rc = 0;
	141	/* From draft-shen-sm2-ecdsa-02 */
	142	EC_GROUP *test_group =
	143	create_EC_group
	144	("8542D69E4C044F18E8B92435BF6FF7DE457283915C45517D722EDB8B08F1DFC3",
	145	"787968B4FA32C3FD2417842E73BBFEFF2F3C848B6831D7E0EC65228B3937E498",
	146	"63E4C6D3B23B0C849CF84241484BFE48F61D59A5B16BA06E6E12D1DA27C5249A",
	147	"421DEBD61B62EAB6746434EBC3CC315E32220B3BADD50BDC4C4E6C147FEDD43D",
	148	"0680512BCBB42C07D47349D2153B70C4E5D7FDFCBFA36EA1A85841B9E46E09A2",
	149	"8542D69E4C044F18E8B92435BF6FF7DD297720630485628D5AE74EE7C32E79B7",
	150	"1");
	151
	152	if (test_group == NULL)
	153	return 1;
	154
	155	rc = test_sm2(test_group, "ALICE123@YAHOO.COM",
	156	"128B2FA8BD433C6C068C8D803DFF79792A519A55171B1B650C23661D15897263",
	157	"message digest");
	158
	159	EC_GROUP_free(test_group);
	160
	161	if (rc <= 0)
	162	return 1;
	163
	164
	165	printf("SUCCESS\n");
	166
	167	return 0;
	168	}
	169
	170	#endif