OLD | NEW |
| (Empty) |
1 /* crypto/ecdh/ecdhtest.c */ | |
2 /* ==================================================================== | |
3 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. | |
4 * | |
5 * The Elliptic Curve Public-Key Crypto Library (ECC Code) included | |
6 * herein is developed by SUN MICROSYSTEMS, INC., and is contributed | |
7 * to the OpenSSL project. | |
8 * | |
9 * The ECC Code is licensed pursuant to the OpenSSL open source | |
10 * license provided below. | |
11 * | |
12 * The ECDH software is originally written by Douglas Stebila of | |
13 * Sun Microsystems Laboratories. | |
14 * | |
15 */ | |
16 /* ==================================================================== | |
17 * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved. | |
18 * | |
19 * Redistribution and use in source and binary forms, with or without | |
20 * modification, are permitted provided that the following conditions | |
21 * are met: | |
22 * | |
23 * 1. Redistributions of source code must retain the above copyright | |
24 * notice, this list of conditions and the following disclaimer. | |
25 * | |
26 * 2. Redistributions in binary form must reproduce the above copyright | |
27 * notice, this list of conditions and the following disclaimer in | |
28 * the documentation and/or other materials provided with the | |
29 * distribution. | |
30 * | |
31 * 3. All advertising materials mentioning features or use of this | |
32 * software must display the following acknowledgment: | |
33 * "This product includes software developed by the OpenSSL Project | |
34 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" | |
35 * | |
36 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | |
37 * endorse or promote products derived from this software without | |
38 * prior written permission. For written permission, please contact | |
39 * openssl-core@openssl.org. | |
40 * | |
41 * 5. Products derived from this software may not be called "OpenSSL" | |
42 * nor may "OpenSSL" appear in their names without prior written | |
43 * permission of the OpenSSL Project. | |
44 * | |
45 * 6. Redistributions of any form whatsoever must retain the following | |
46 * acknowledgment: | |
47 * "This product includes software developed by the OpenSSL Project | |
48 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" | |
49 * | |
50 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | |
51 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
52 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | |
53 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | |
54 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | |
55 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | |
56 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | |
57 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
58 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | |
59 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | |
60 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | |
61 * OF THE POSSIBILITY OF SUCH DAMAGE. | |
62 * ==================================================================== | |
63 * | |
64 * This product includes cryptographic software written by Eric Young | |
65 * (eay@cryptsoft.com). This product includes software written by Tim | |
66 * Hudson (tjh@cryptsoft.com). | |
67 * | |
68 */ | |
69 | |
70 #include <stdio.h> | |
71 #include <stdlib.h> | |
72 #include <string.h> | |
73 | |
74 #include "../e_os.h" | |
75 | |
76 #include <openssl/opensslconf.h> /* for OPENSSL_NO_ECDH */ | |
77 #include <openssl/crypto.h> | |
78 #include <openssl/bio.h> | |
79 #include <openssl/bn.h> | |
80 #include <openssl/objects.h> | |
81 #include <openssl/rand.h> | |
82 #include <openssl/sha.h> | |
83 #include <openssl/err.h> | |
84 | |
85 #ifdef OPENSSL_NO_ECDH | |
86 int main(int argc, char *argv[]) | |
87 { | |
88 printf("No ECDH support\n"); | |
89 return(0); | |
90 } | |
91 #else | |
92 #include <openssl/ec.h> | |
93 #include <openssl/ecdh.h> | |
94 | |
95 #ifdef OPENSSL_SYS_WIN16 | |
96 #define MS_CALLBACK _far _loadds | |
97 #else | |
98 #define MS_CALLBACK | |
99 #endif | |
100 | |
101 #if 0 | |
102 static void MS_CALLBACK cb(int p, int n, void *arg); | |
103 #endif | |
104 | |
105 static const char rnd_seed[] = "string to make the random number generator think
it has entropy"; | |
106 | |
107 | |
108 static const int KDF1_SHA1_len = 20; | |
109 static void *KDF1_SHA1(const void *in, size_t inlen, void *out, size_t *outlen) | |
110 { | |
111 #ifndef OPENSSL_NO_SHA | |
112 if (*outlen < SHA_DIGEST_LENGTH) | |
113 return NULL; | |
114 else | |
115 *outlen = SHA_DIGEST_LENGTH; | |
116 return SHA1(in, inlen, out); | |
117 #else | |
118 return NULL; | |
119 #endif | |
120 } | |
121 | |
122 | |
123 static int test_ecdh_curve(int nid, const char *text, BN_CTX *ctx, BIO *out) | |
124 { | |
125 EC_KEY *a=NULL; | |
126 EC_KEY *b=NULL; | |
127 BIGNUM *x_a=NULL, *y_a=NULL, | |
128 *x_b=NULL, *y_b=NULL; | |
129 char buf[12]; | |
130 unsigned char *abuf=NULL,*bbuf=NULL; | |
131 int i,alen,blen,aout,bout,ret=0; | |
132 const EC_GROUP *group; | |
133 | |
134 a = EC_KEY_new_by_curve_name(nid); | |
135 b = EC_KEY_new_by_curve_name(nid); | |
136 if (a == NULL || b == NULL) | |
137 goto err; | |
138 | |
139 group = EC_KEY_get0_group(a); | |
140 | |
141 if ((x_a=BN_new()) == NULL) goto err; | |
142 if ((y_a=BN_new()) == NULL) goto err; | |
143 if ((x_b=BN_new()) == NULL) goto err; | |
144 if ((y_b=BN_new()) == NULL) goto err; | |
145 | |
146 BIO_puts(out,"Testing key generation with "); | |
147 BIO_puts(out,text); | |
148 #ifdef NOISY | |
149 BIO_puts(out,"\n"); | |
150 #else | |
151 (void)BIO_flush(out); | |
152 #endif | |
153 | |
154 if (!EC_KEY_generate_key(a)) goto err; | |
155 | |
156 if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_pri
me_field) | |
157 { | |
158 if (!EC_POINT_get_affine_coordinates_GFp(group, | |
159 EC_KEY_get0_public_key(a), x_a, y_a, ctx)) goto err; | |
160 } | |
161 #ifndef OPENSSL_NO_EC2M | |
162 else | |
163 { | |
164 if (!EC_POINT_get_affine_coordinates_GF2m(group, | |
165 EC_KEY_get0_public_key(a), x_a, y_a, ctx)) goto err; | |
166 } | |
167 #endif | |
168 #ifdef NOISY | |
169 BIO_puts(out," pri 1="); | |
170 BN_print(out,a->priv_key); | |
171 BIO_puts(out,"\n pub 1="); | |
172 BN_print(out,x_a); | |
173 BIO_puts(out,","); | |
174 BN_print(out,y_a); | |
175 BIO_puts(out,"\n"); | |
176 #else | |
177 BIO_printf(out," ."); | |
178 (void)BIO_flush(out); | |
179 #endif | |
180 | |
181 if (!EC_KEY_generate_key(b)) goto err; | |
182 | |
183 if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_pri
me_field) | |
184 { | |
185 if (!EC_POINT_get_affine_coordinates_GFp(group, | |
186 EC_KEY_get0_public_key(b), x_b, y_b, ctx)) goto err; | |
187 } | |
188 #ifndef OPENSSL_NO_EC2M | |
189 else | |
190 { | |
191 if (!EC_POINT_get_affine_coordinates_GF2m(group, | |
192 EC_KEY_get0_public_key(b), x_b, y_b, ctx)) goto err; | |
193 } | |
194 #endif | |
195 | |
196 #ifdef NOISY | |
197 BIO_puts(out," pri 2="); | |
198 BN_print(out,b->priv_key); | |
199 BIO_puts(out,"\n pub 2="); | |
200 BN_print(out,x_b); | |
201 BIO_puts(out,","); | |
202 BN_print(out,y_b); | |
203 BIO_puts(out,"\n"); | |
204 #else | |
205 BIO_printf(out,"."); | |
206 (void)BIO_flush(out); | |
207 #endif | |
208 | |
209 alen=KDF1_SHA1_len; | |
210 abuf=(unsigned char *)OPENSSL_malloc(alen); | |
211 aout=ECDH_compute_key(abuf,alen,EC_KEY_get0_public_key(b),a,KDF1_SHA1); | |
212 | |
213 #ifdef NOISY | |
214 BIO_puts(out," key1 ="); | |
215 for (i=0; i<aout; i++) | |
216 { | |
217 sprintf(buf,"%02X",abuf[i]); | |
218 BIO_puts(out,buf); | |
219 } | |
220 BIO_puts(out,"\n"); | |
221 #else | |
222 BIO_printf(out,"."); | |
223 (void)BIO_flush(out); | |
224 #endif | |
225 | |
226 blen=KDF1_SHA1_len; | |
227 bbuf=(unsigned char *)OPENSSL_malloc(blen); | |
228 bout=ECDH_compute_key(bbuf,blen,EC_KEY_get0_public_key(a),b,KDF1_SHA1); | |
229 | |
230 #ifdef NOISY | |
231 BIO_puts(out," key2 ="); | |
232 for (i=0; i<bout; i++) | |
233 { | |
234 sprintf(buf,"%02X",bbuf[i]); | |
235 BIO_puts(out,buf); | |
236 } | |
237 BIO_puts(out,"\n"); | |
238 #else | |
239 BIO_printf(out,"."); | |
240 (void)BIO_flush(out); | |
241 #endif | |
242 | |
243 if ((aout < 4) || (bout != aout) || (memcmp(abuf,bbuf,aout) != 0)) | |
244 { | |
245 #ifndef NOISY | |
246 BIO_printf(out, " failed\n\n"); | |
247 BIO_printf(out, "key a:\n"); | |
248 BIO_printf(out, "private key: "); | |
249 BN_print(out, EC_KEY_get0_private_key(a)); | |
250 BIO_printf(out, "\n"); | |
251 BIO_printf(out, "public key (x,y): "); | |
252 BN_print(out, x_a); | |
253 BIO_printf(out, ","); | |
254 BN_print(out, y_a); | |
255 BIO_printf(out, "\nkey b:\n"); | |
256 BIO_printf(out, "private key: "); | |
257 BN_print(out, EC_KEY_get0_private_key(b)); | |
258 BIO_printf(out, "\n"); | |
259 BIO_printf(out, "public key (x,y): "); | |
260 BN_print(out, x_b); | |
261 BIO_printf(out, ","); | |
262 BN_print(out, y_b); | |
263 BIO_printf(out, "\n"); | |
264 BIO_printf(out, "generated key a: "); | |
265 for (i=0; i<bout; i++) | |
266 { | |
267 sprintf(buf, "%02X", bbuf[i]); | |
268 BIO_puts(out, buf); | |
269 } | |
270 BIO_printf(out, "\n"); | |
271 BIO_printf(out, "generated key b: "); | |
272 for (i=0; i<aout; i++) | |
273 { | |
274 sprintf(buf, "%02X", abuf[i]); | |
275 BIO_puts(out,buf); | |
276 } | |
277 BIO_printf(out, "\n"); | |
278 #endif | |
279 fprintf(stderr,"Error in ECDH routines\n"); | |
280 ret=0; | |
281 } | |
282 else | |
283 { | |
284 #ifndef NOISY | |
285 BIO_printf(out, " ok\n"); | |
286 #endif | |
287 ret=1; | |
288 } | |
289 err: | |
290 ERR_print_errors_fp(stderr); | |
291 | |
292 if (abuf != NULL) OPENSSL_free(abuf); | |
293 if (bbuf != NULL) OPENSSL_free(bbuf); | |
294 if (x_a) BN_free(x_a); | |
295 if (y_a) BN_free(y_a); | |
296 if (x_b) BN_free(x_b); | |
297 if (y_b) BN_free(y_b); | |
298 if (b) EC_KEY_free(b); | |
299 if (a) EC_KEY_free(a); | |
300 return(ret); | |
301 } | |
302 | |
303 int main(int argc, char *argv[]) | |
304 { | |
305 BN_CTX *ctx=NULL; | |
306 int ret=1; | |
307 BIO *out; | |
308 | |
309 CRYPTO_malloc_debug_init(); | |
310 CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL); | |
311 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); | |
312 | |
313 #ifdef OPENSSL_SYS_WIN32 | |
314 CRYPTO_malloc_init(); | |
315 #endif | |
316 | |
317 RAND_seed(rnd_seed, sizeof rnd_seed); | |
318 | |
319 out=BIO_new(BIO_s_file()); | |
320 if (out == NULL) EXIT(1); | |
321 BIO_set_fp(out,stdout,BIO_NOCLOSE); | |
322 | |
323 if ((ctx=BN_CTX_new()) == NULL) goto err; | |
324 | |
325 /* NIST PRIME CURVES TESTS */ | |
326 if (!test_ecdh_curve(NID_X9_62_prime192v1, "NIST Prime-Curve P-192", ctx
, out)) goto err; | |
327 if (!test_ecdh_curve(NID_secp224r1, "NIST Prime-Curve P-224", ctx, out))
goto err; | |
328 if (!test_ecdh_curve(NID_X9_62_prime256v1, "NIST Prime-Curve P-256", ctx
, out)) goto err; | |
329 if (!test_ecdh_curve(NID_secp384r1, "NIST Prime-Curve P-384", ctx, out))
goto err; | |
330 if (!test_ecdh_curve(NID_secp521r1, "NIST Prime-Curve P-521", ctx, out))
goto err; | |
331 #ifndef OPENSSL_NO_EC2M | |
332 /* NIST BINARY CURVES TESTS */ | |
333 if (!test_ecdh_curve(NID_sect163k1, "NIST Binary-Curve K-163", ctx, out)
) goto err; | |
334 if (!test_ecdh_curve(NID_sect163r2, "NIST Binary-Curve B-163", ctx, out)
) goto err; | |
335 if (!test_ecdh_curve(NID_sect233k1, "NIST Binary-Curve K-233", ctx, out)
) goto err; | |
336 if (!test_ecdh_curve(NID_sect233r1, "NIST Binary-Curve B-233", ctx, out)
) goto err; | |
337 if (!test_ecdh_curve(NID_sect283k1, "NIST Binary-Curve K-283", ctx, out)
) goto err; | |
338 if (!test_ecdh_curve(NID_sect283r1, "NIST Binary-Curve B-283", ctx, out)
) goto err; | |
339 if (!test_ecdh_curve(NID_sect409k1, "NIST Binary-Curve K-409", ctx, out)
) goto err; | |
340 if (!test_ecdh_curve(NID_sect409r1, "NIST Binary-Curve B-409", ctx, out)
) goto err; | |
341 if (!test_ecdh_curve(NID_sect571k1, "NIST Binary-Curve K-571", ctx, out)
) goto err; | |
342 if (!test_ecdh_curve(NID_sect571r1, "NIST Binary-Curve B-571", ctx, out)
) goto err; | |
343 #endif | |
344 | |
345 ret = 0; | |
346 | |
347 err: | |
348 ERR_print_errors_fp(stderr); | |
349 if (ctx) BN_CTX_free(ctx); | |
350 BIO_free(out); | |
351 CRYPTO_cleanup_all_ex_data(); | |
352 ERR_remove_thread_state(NULL); | |
353 CRYPTO_mem_leaks_fp(stderr); | |
354 EXIT(ret); | |
355 return(ret); | |
356 } | |
357 | |
358 #if 0 | |
359 static void MS_CALLBACK cb(int p, int n, void *arg) | |
360 { | |
361 char c='*'; | |
362 | |
363 if (p == 0) c='.'; | |
364 if (p == 1) c='+'; | |
365 if (p == 2) c='*'; | |
366 if (p == 3) c='\n'; | |
367 BIO_write((BIO *)arg,&c,1); | |
368 (void)BIO_flush((BIO *)arg); | |
369 #ifdef LINT | |
370 p=n; | |
371 #endif | |
372 } | |
373 #endif | |
374 #endif | |
OLD | NEW |