fips/ecdsa/fips_ecdsavs.c

   1 #define OPENSSL_FIPSAPI
   2 #include <openssl/opensslconf.h>
   3
   4 #ifndef OPENSSL_FIPS
   5 #include <stdio.h>
   6
   7 int main(int argc, char **argv)
   8 {
   9     printf("No FIPS DSA support\n");
  10     return(0);
  11 }
  12 #else
  13
  14 #include <string.h>
  15 #include <ctype.h>
  16 #include <openssl/err.h>
  17 #include <openssl/bn.h>
  18 #include <openssl/ecdsa.h>
  19 #include <openssl/evp.h>
  20 #include "fips_utl.h"
  21
  22 #include <openssl/objects.h>
  23
  24
  25 static int lookup_curve(const char *curve_name)
  26         {
  27         char cname[6];
  28         strncpy(cname, curve_name, 5);
  29         cname[5] = 0;
  30         if (!strcmp(cname, "B-163"))
  31                 return NID_sect163r2;
  32         if (!strcmp(cname, "B-233"))
  33                 return NID_sect233r1;
  34         if (!strcmp(cname, "B-283"))
  35                 return NID_sect283r1;
  36         if (!strcmp(cname, "B-409"))
  37                 return NID_sect409r1;
  38         if (!strcmp(cname, "B-571"))
  39                 return NID_sect571r1;
  40         if (!strcmp(cname, "K-163"))
  41                 return NID_sect163k1;
  42         if (!strcmp(cname, "K-233"))
  43                 return NID_sect233k1;
  44         if (!strcmp(cname, "K-283"))
  45                 return NID_sect283k1;
  46         if (!strcmp(cname, "K-409"))
  47                 return NID_sect409k1;
  48         if (!strcmp(cname, "K-571"))
  49                 return NID_sect571k1;
  50         if (!strcmp(cname, "P-192"))
  51                 return NID_X9_62_prime192v1;
  52         if (!strcmp(cname, "P-224"))
  53                 return NID_secp224r1;
  54         if (!strcmp(cname, "P-256"))
  55                 return NID_X9_62_prime256v1;
  56         if (!strcmp(cname, "P-384"))
  57                 return NID_secp384r1;
  58         if (!strcmp(cname, "P-521"))
  59                 return NID_secp521r1;
  60
  61         fprintf(stderr, "Unknown Curve name %s\n", cname);
  62         return NID_undef;
  63         }
  64
  65 static int PKV(void)
  66         {
  67
  68         char buf[1024], lbuf[1024];
  69         char *keyword, *value;
  70         int curve_nid = NID_undef;
  71         BIGNUM *Qx = NULL, *Qy = NULL;
  72         EC_KEY *key = NULL;
  73         while(fgets(buf, sizeof buf, stdin) != NULL)
  74                 {
  75                 fputs(buf, stdout);
  76                 if (*buf == '[')
  77                         {
  78                         curve_nid = lookup_curve(buf + 1);
  79                         if (curve_nid == NID_undef)
  80                                 return 0;
  81
  82                         }
  83                 if (!parse_line(&keyword, &value, lbuf, buf))
  84                         continue;
  85                 if (!strcmp(keyword, "Qx"))
  86                         {
  87                         if (!do_hex2bn(&Qx, value))
  88                                 {
  89                                 fprintf(stderr, "Invalid Qx value\n");
  90                                 return 0;
  91                                 }
  92                         }
  93                 if (!strcmp(keyword, "Qy"))
  94                         {
  95                         int rv;
  96                         if (!do_hex2bn(&Qy, value))
  97                                 {
  98                                 fprintf(stderr, "Invalid Qy value\n");
  99                                 return 0;
 100                                 }
 101                         key = EC_KEY_new_by_curve_name(curve_nid);
 102                         rv = EC_KEY_set_public_key_affine_coordinates(key, Qx, Qy);
 103                         printf("Result = %s\n", rv ? "P":"F");
 104                         }
 105
 106                 }
 107         return 1;
 108         }
 109
 110 static int SigVer(void)
 111         {
 112         char buf[1024], lbuf[1024];
 113         char *keyword, *value;
 114         unsigned char *msg;
 115         int curve_nid = NID_undef;
 116         long mlen;
 117         BIGNUM *Qx = NULL, *Qy = NULL;
 118         EC_KEY *key = NULL;
 119         ECDSA_SIG sg, *sig = &sg;
 120         const EVP_MD *digest = EVP_sha1();
 121         EVP_MD_CTX mctx;
 122         EVP_MD_CTX_init(&mctx);
 123         sig->r = NULL;
 124         sig->s = NULL;
 125         while(fgets(buf, sizeof buf, stdin) != NULL)
 126                 {
 127                 fputs(buf, stdout);
 128                 if (*buf == '[')
 129                         {
 130                         curve_nid = lookup_curve(buf + 1);
 131                         if (curve_nid == NID_undef)
 132                                 return 0;
 133                         }
 134                 if (!parse_line(&keyword, &value, lbuf, buf))
 135                         continue;
 136                 if (!strcmp(keyword, "Msg"))
 137                         {
 138                         msg = hex2bin_m(value, &mlen);
 139                         if (!msg)
 140                                 {
 141                                 fprintf(stderr, "Invalid Message\n");
 142                                 return 0;
 143                                 }
 144                         }
 145
 146                 if (!strcmp(keyword, "Qx"))
 147                         {
 148                         if (!do_hex2bn(&Qx, value))
 149                                 {
 150                                 fprintf(stderr, "Invalid Qx value\n");
 151                                 return 0;
 152                                 }
 153                         }
 154                 if (!strcmp(keyword, "Qy"))
 155                         {
 156                         if (!do_hex2bn(&Qy, value))
 157                                 {
 158                                 fprintf(stderr, "Invalid Qy value\n");
 159                                 return 0;
 160                                 }
 161                         }
 162                 if (!strcmp(keyword, "R"))
 163                         {
 164                         if (!do_hex2bn(&sig->r, value))
 165                                 {
 166                                 fprintf(stderr, "Invalid R value\n");
 167                                 return 0;
 168                                 }
 169                         }
 170                 if (!strcmp(keyword, "S"))
 171                         {
 172                         int rv;
 173                         if (!do_hex2bn(&sig->s, value))
 174                                 {
 175                                 fprintf(stderr, "Invalid S value\n");
 176                                 return 0;
 177                                 }
 178                         key = EC_KEY_new_by_curve_name(curve_nid);
 179                         rv = EC_KEY_set_public_key_affine_coordinates(key, Qx, Qy);
 180
 181                         if (rv != 1)
 182                                 {
 183                                 fprintf(stderr, "Error setting public key\n");
 184                                 return 0;
 185                                 }
 186
 187                         FIPS_digestinit(&mctx, digest);
 188                         FIPS_digestupdate(&mctx, msg, mlen);
 189                         no_err = 1;
 190                         rv = FIPS_ecdsa_verify_ctx(key, &mctx, sig);
 191                         no_err = 0;
 192
 193                         printf("Result = %s\n", rv ? "P":"F");
 194                         }
 195
 196                 }
 197         return 1;
 198         }
 199
 200 int main(int argc, char **argv)
 201         {
 202         const char *cmd = argv[1];
 203         fips_set_error_print();
 204         if (!cmd)
 205                 {
 206                 fprintf(stderr, "fips_ecdsavs [PKV|SigVer]\n");
 207                 return 1;
 208                 }
 209         if (!strcmp(cmd, "PKV"))
 210                 {
 211                 if (PKV() <= 0)
 212                         goto err;
 213                 }
 214         if (!strcmp(cmd, "SigVer"))
 215                 {
 216                 if (SigVer() <= 0)
 217                         goto err;
 218                 }
 219         return 0;
 220         err:
 221         fprintf(stderr, "Error running %s\n", cmd);
 222         return 1;
 223         }
 224
 225 #endif