72 lines
1.3 KiB
C
72 lines
1.3 KiB
C
|
/* fips/ecdsa/fips_ecdsa_selftest.c */
|
||
|
|
||
|
#define OPENSSL_FIPSAPI
|
||
|
|
||
|
#include <string.h>
|
||
|
#include <openssl/crypto.h>
|
||
|
#include <openssl/ec.h>
|
||
|
#include <openssl/ecdsa.h>
|
||
|
#include <openssl/fips.h>
|
||
|
#include <openssl/err.h>
|
||
|
#include <openssl/evp.h>
|
||
|
#include <openssl/bn.h>
|
||
|
|
||
|
#ifdef OPENSSL_FIPS
|
||
|
|
||
|
static const unsigned char str1[]="12345678901234567890";
|
||
|
|
||
|
static int corrupt_ecdsa = 0;
|
||
|
|
||
|
void FIPS_corrupt_ecdsa()
|
||
|
{
|
||
|
corrupt_ecdsa = 1;
|
||
|
}
|
||
|
|
||
|
int FIPS_selftest_ecdsa()
|
||
|
{
|
||
|
EC_KEY *ec=NULL;
|
||
|
int ret = 0;
|
||
|
EVP_MD_CTX mctx;
|
||
|
ECDSA_SIG *esig = NULL;
|
||
|
|
||
|
FIPS_md_ctx_init(&mctx);
|
||
|
|
||
|
ec = EC_KEY_new_by_curve_name(NID_secp384r1);
|
||
|
|
||
|
if(ec == NULL)
|
||
|
goto err;
|
||
|
|
||
|
EC_KEY_generate_key(ec);
|
||
|
|
||
|
if (!FIPS_digestinit(&mctx, EVP_sha512()))
|
||
|
goto err;
|
||
|
if (!FIPS_digestupdate(&mctx, str1, 20))
|
||
|
goto err;
|
||
|
esig = FIPS_ecdsa_sign_ctx(ec, &mctx);
|
||
|
if (!esig)
|
||
|
goto err;
|
||
|
|
||
|
if (corrupt_ecdsa)
|
||
|
BN_add_word(esig->r, 1);
|
||
|
|
||
|
if (!FIPS_digestinit(&mctx, EVP_sha512()))
|
||
|
goto err;
|
||
|
if (!FIPS_digestupdate(&mctx, str1, 20))
|
||
|
goto err;
|
||
|
if (FIPS_ecdsa_verify_ctx(ec, &mctx, esig) != 1)
|
||
|
goto err;
|
||
|
|
||
|
ret = 1;
|
||
|
|
||
|
err:
|
||
|
FIPS_md_ctx_cleanup(&mctx);
|
||
|
if (ec)
|
||
|
EC_KEY_free(ec);
|
||
|
if (esig)
|
||
|
FIPS_ecdsa_sig_free(esig);
|
||
|
if (ret == 0)
|
||
|
FIPSerr(FIPS_F_FIPS_SELFTEST_ECDSA,FIPS_R_SELFTEST_FAILED);
|
||
|
return ret;
|
||
|
}
|
||
|
#endif
|