X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=test%2Fectest.c;h=bb2a08d59eb7632f59493cffd4e0eef83f4da495;hp=79ec21f82091820044675da3060052add68938c6;hb=2e21539b2b57df9926d165243efb60480f546ba7;hpb=dee502be89e78e2979e3bd1d7724cf79daa6ef61 diff --git a/test/ectest.c b/test/ectest.c index 79ec21f820..bb2a08d59e 100644 --- a/test/ectest.c +++ b/test/ectest.c @@ -1,60 +1,12 @@ -/* crypto/ec/ectest.c */ /* - * Originally written by Bodo Moeller for the OpenSSL project. - */ -/* ==================================================================== - * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). + * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved. * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ + /* ==================================================================== * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. * @@ -71,14 +23,11 @@ #include #include -#ifdef FLAT_INC -# include "e_os.h" -#else -# include "../e_os.h" -#endif #include #include +#include "e_os.h" + #ifdef OPENSSL_NO_EC int main(int argc, char *argv[]) { @@ -120,6 +69,8 @@ static void group_order_tests(EC_GROUP *group) BIGNUM *n1, *n2, *order; EC_POINT *P = EC_POINT_new(group); EC_POINT *Q = EC_POINT_new(group); + EC_POINT *R = EC_POINT_new(group); + EC_POINT *S = EC_POINT_new(group); BN_CTX *ctx = BN_CTX_new(); int i; @@ -199,6 +150,17 @@ static void group_order_tests(EC_GROUP *group) /* Exercise EC_POINTs_mul, including corner cases. */ if (EC_POINT_is_at_infinity(group, P)) ABORT; + + scalars[0] = scalars[1] = BN_value_one(); + points[0] = points[1] = P; + + if (!EC_POINTs_mul(group, R, NULL, 2, points, scalars, ctx)) + ABORT; + if (!EC_POINT_dbl(group, S, points[0], ctx)) + ABORT; + if (0 != EC_POINT_cmp(group, R, S, ctx)) + ABORT; + scalars[0] = n1; points[0] = Q; /* => infinity */ scalars[1] = n2; @@ -220,6 +182,8 @@ static void group_order_tests(EC_GROUP *group) EC_POINT_free(P); EC_POINT_free(Q); + EC_POINT_free(R); + EC_POINT_free(S); BN_free(n1); BN_free(n2); BN_free(order); @@ -234,7 +198,7 @@ static void prime_field_tests(void) EC_GROUP *P_160 = NULL, *P_192 = NULL, *P_224 = NULL, *P_256 = NULL, *P_384 = NULL, *P_521 = NULL; EC_POINT *P, *Q, *R; - BIGNUM *x, *y, *z; + BIGNUM *x, *y, *z, *yplusone; unsigned char buf[100]; size_t i, len; int k; @@ -312,14 +276,15 @@ static void prime_field_tests(void) x = BN_new(); y = BN_new(); z = BN_new(); - if (!x || !y || !z) + yplusone = BN_new(); + if (x == NULL || y == NULL || z == NULL || yplusone == NULL) ABORT; if (!BN_hex2bn(&x, "D")) ABORT; if (!EC_POINT_set_compressed_coordinates_GFp(group, Q, x, 1, ctx)) ABORT; - if (!EC_POINT_is_on_curve(group, Q, ctx)) { + if (EC_POINT_is_on_curve(group, Q, ctx) <= 0) { if (!EC_POINT_get_affine_coordinates_GFp(group, Q, x, y, ctx)) ABORT; fprintf(stderr, "Point is not on curve: x = 0x"); @@ -437,9 +402,17 @@ static void prime_field_tests(void) ABORT; if (!BN_hex2bn(&y, "23a628553168947d59dcc912042351377ac5fb32")) ABORT; + if (!BN_add(yplusone, y, BN_value_one())) + ABORT; + /* + * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, + * and therefore setting the coordinates should fail. + */ + if (EC_POINT_set_affine_coordinates_GFp(group, P, x, yplusone, ctx)) + ABORT; if (!EC_POINT_set_affine_coordinates_GFp(group, P, x, y, ctx)) ABORT; - if (!EC_POINT_is_on_curve(group, P, ctx)) + if (EC_POINT_is_on_curve(group, P, ctx) <= 0) ABORT; if (!BN_hex2bn(&z, "0100000000000000000001F4C8F927AED3CA752257")) ABORT; @@ -466,7 +439,7 @@ static void prime_field_tests(void) group_order_tests(group); - if (!(P_160 = EC_GROUP_new(EC_GROUP_method_of(group)))) + if ((P_160 = EC_GROUP_new(EC_GROUP_method_of(group))) == NULL) ABORT; if (!EC_GROUP_copy(P_160, group)) ABORT; @@ -488,7 +461,7 @@ static void prime_field_tests(void) ABORT; if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 1, ctx)) ABORT; - if (!EC_POINT_is_on_curve(group, P, ctx)) + if (EC_POINT_is_on_curve(group, P, ctx) <= 0) ABORT; if (!BN_hex2bn(&z, "FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831")) ABORT; @@ -508,6 +481,15 @@ static void prime_field_tests(void) if (0 != BN_cmp(y, z)) ABORT; + if (!BN_add(yplusone, y, BN_value_one())) + ABORT; + /* + * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, + * and therefore setting the coordinates should fail. + */ + if (EC_POINT_set_affine_coordinates_GFp(group, P, x, yplusone, ctx)) + ABORT; + fprintf(stdout, "verify degree ..."); if (EC_GROUP_get_degree(group) != 192) ABORT; @@ -515,7 +497,7 @@ static void prime_field_tests(void) group_order_tests(group); - if (!(P_192 = EC_GROUP_new(EC_GROUP_method_of(group)))) + if ((P_192 = EC_GROUP_new(EC_GROUP_method_of(group))) == NULL) ABORT; if (!EC_GROUP_copy(P_192, group)) ABORT; @@ -541,7 +523,7 @@ static void prime_field_tests(void) ABORT; if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 0, ctx)) ABORT; - if (!EC_POINT_is_on_curve(group, P, ctx)) + if (EC_POINT_is_on_curve(group, P, ctx) <= 0) ABORT; if (!BN_hex2bn (&z, "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D")) @@ -563,6 +545,15 @@ static void prime_field_tests(void) if (0 != BN_cmp(y, z)) ABORT; + if (!BN_add(yplusone, y, BN_value_one())) + ABORT; + /* + * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, + * and therefore setting the coordinates should fail. + */ + if (EC_POINT_set_affine_coordinates_GFp(group, P, x, yplusone, ctx)) + ABORT; + fprintf(stdout, "verify degree ..."); if (EC_GROUP_get_degree(group) != 224) ABORT; @@ -570,7 +561,7 @@ static void prime_field_tests(void) group_order_tests(group); - if (!(P_224 = EC_GROUP_new(EC_GROUP_method_of(group)))) + if ((P_224 = EC_GROUP_new(EC_GROUP_method_of(group))) == NULL) ABORT; if (!EC_GROUP_copy(P_224, group)) ABORT; @@ -600,7 +591,7 @@ static void prime_field_tests(void) ABORT; if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 1, ctx)) ABORT; - if (!EC_POINT_is_on_curve(group, P, ctx)) + if (EC_POINT_is_on_curve(group, P, ctx) <= 0) ABORT; if (!BN_hex2bn(&z, "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E" "84F3B9CAC2FC632551")) @@ -623,6 +614,15 @@ static void prime_field_tests(void) if (0 != BN_cmp(y, z)) ABORT; + if (!BN_add(yplusone, y, BN_value_one())) + ABORT; + /* + * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, + * and therefore setting the coordinates should fail. + */ + if (EC_POINT_set_affine_coordinates_GFp(group, P, x, yplusone, ctx)) + ABORT; + fprintf(stdout, "verify degree ..."); if (EC_GROUP_get_degree(group) != 256) ABORT; @@ -630,7 +630,7 @@ static void prime_field_tests(void) group_order_tests(group); - if (!(P_256 = EC_GROUP_new(EC_GROUP_method_of(group)))) + if ((P_256 = EC_GROUP_new(EC_GROUP_method_of(group))) == NULL) ABORT; if (!EC_GROUP_copy(P_256, group)) ABORT; @@ -656,7 +656,7 @@ static void prime_field_tests(void) ABORT; if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 1, ctx)) ABORT; - if (!EC_POINT_is_on_curve(group, P, ctx)) + if (EC_POINT_is_on_curve(group, P, ctx) <= 0) ABORT; if (!BN_hex2bn(&z, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" "FFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973")) @@ -678,6 +678,15 @@ static void prime_field_tests(void) if (0 != BN_cmp(y, z)) ABORT; + if (!BN_add(yplusone, y, BN_value_one())) + ABORT; + /* + * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, + * and therefore setting the coordinates should fail. + */ + if (EC_POINT_set_affine_coordinates_GFp(group, P, x, yplusone, ctx)) + ABORT; + fprintf(stdout, "verify degree ..."); if (EC_GROUP_get_degree(group) != 384) ABORT; @@ -685,7 +694,7 @@ static void prime_field_tests(void) group_order_tests(group); - if (!(P_384 = EC_GROUP_new(EC_GROUP_method_of(group)))) + if ((P_384 = EC_GROUP_new(EC_GROUP_method_of(group))) == NULL) ABORT; if (!EC_GROUP_copy(P_384, group)) ABORT; @@ -715,7 +724,7 @@ static void prime_field_tests(void) ABORT; if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 0, ctx)) ABORT; - if (!EC_POINT_is_on_curve(group, P, ctx)) + if (EC_POINT_is_on_curve(group, P, ctx) <= 0) ABORT; if (!BN_hex2bn(&z, "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" "FFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5" @@ -739,6 +748,15 @@ static void prime_field_tests(void) if (0 != BN_cmp(y, z)) ABORT; + if (!BN_add(yplusone, y, BN_value_one())) + ABORT; + /* + * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, + * and therefore setting the coordinates should fail. + */ + if (EC_POINT_set_affine_coordinates_GFp(group, P, x, yplusone, ctx)) + ABORT; + fprintf(stdout, "verify degree ..."); if (EC_GROUP_get_degree(group) != 521) ABORT; @@ -746,20 +764,24 @@ static void prime_field_tests(void) group_order_tests(group); - if (!(P_521 = EC_GROUP_new(EC_GROUP_method_of(group)))) + if ((P_521 = EC_GROUP_new(EC_GROUP_method_of(group))) == NULL) ABORT; if (!EC_GROUP_copy(P_521, group)) ABORT; /* more tests using the last curve */ + /* Restore the point that got mangled in the (x, y + 1) test. */ + if (!EC_POINT_set_affine_coordinates_GFp(group, P, x, y, ctx)) + ABORT; + if (!EC_POINT_copy(Q, P)) ABORT; if (EC_POINT_is_at_infinity(group, Q)) ABORT; if (!EC_POINT_dbl(group, P, P, ctx)) ABORT; - if (!EC_POINT_is_on_curve(group, P, ctx)) + if (EC_POINT_is_on_curve(group, P, ctx) <= 0) ABORT; if (!EC_POINT_invert(group, Q, ctx)) ABORT; /* P = -2Q */ @@ -851,8 +873,7 @@ static void prime_field_tests(void) BN_free(scalar3); } - if (ctx) - BN_CTX_free(ctx); + BN_CTX_free(ctx); BN_free(p); BN_free(a); BN_free(b); @@ -863,6 +884,7 @@ static void prime_field_tests(void) BN_free(x); BN_free(y); BN_free(z); + BN_free(yplusone); EC_GROUP_free(P_160); EC_GROUP_free(P_192); @@ -877,8 +899,15 @@ static void prime_field_tests(void) # ifdef OPENSSL_EC_BIN_PT_COMP # define CHAR2_CURVE_TEST_INTERNAL(_name, _p, _a, _b, _x, _y, _y_bit, _order, _cof, _degree, _variable) \ if (!BN_hex2bn(&x, _x)) ABORT; \ + if (!BN_hex2bn(&y, _y)) ABORT; \ + if (!BN_add(yplusone, y, BN_value_one())) ABORT; \ + /* \ + * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, \ + * and therefore setting the coordinates should fail. \ + */ \ + if (EC_POINT_set_affine_coordinates_GF2m(group, P, x, yplusone, ctx)) ABORT; \ if (!EC_POINT_set_compressed_coordinates_GF2m(group, P, x, _y_bit, ctx)) ABORT; \ - if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT; \ + if (EC_POINT_is_on_curve(group, P, ctx) <= 0) ABORT; \ if (!BN_hex2bn(&z, _order)) ABORT; \ if (!BN_hex2bn(&cof, _cof)) ABORT; \ if (!EC_GROUP_set_generator(group, P, z, cof)) ABORT; \ @@ -895,8 +924,14 @@ static void prime_field_tests(void) # define CHAR2_CURVE_TEST_INTERNAL(_name, _p, _a, _b, _x, _y, _y_bit, _order, _cof, _degree, _variable) \ if (!BN_hex2bn(&x, _x)) ABORT; \ if (!BN_hex2bn(&y, _y)) ABORT; \ + if (!BN_add(yplusone, y, BN_value_one())) ABORT; \ + /* \ + * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, \ + * and therefore setting the coordinates should fail. \ + */ \ + if (EC_POINT_set_affine_coordinates_GF2m(group, P, x, yplusone, ctx)) ABORT; \ if (!EC_POINT_set_affine_coordinates_GF2m(group, P, x, y, ctx)) ABORT; \ - if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT; \ + if (EC_POINT_is_on_curve(group, P, ctx) <= 0) ABORT; \ if (!BN_hex2bn(&z, _order)) ABORT; \ if (!BN_hex2bn(&cof, _cof)) ABORT; \ if (!EC_GROUP_set_generator(group, P, z, cof)) ABORT; \ @@ -917,7 +952,7 @@ static void prime_field_tests(void) if (EC_GROUP_get_degree(group) != _degree) ABORT; \ fprintf(stdout, " ok\n"); \ group_order_tests(group); \ - if (!(_variable = EC_GROUP_new(EC_GROUP_method_of(group)))) ABORT; \ + if ((_variable = EC_GROUP_new(EC_GROUP_method_of(group))) == NULL) ABORT; \ if (!EC_GROUP_copy(_variable, group)) ABORT; \ # ifndef OPENSSL_NO_EC2M @@ -932,7 +967,7 @@ static void char2_field_tests(void) EC_GROUP *C2_B163 = NULL, *C2_B233 = NULL, *C2_B283 = NULL, *C2_B409 = NULL, *C2_B571 = NULL; EC_POINT *P, *Q, *R; - BIGNUM *x, *y, *z, *cof; + BIGNUM *x, *y, *z, *cof, *yplusone; unsigned char buf[100]; size_t i, len; int k; @@ -944,7 +979,7 @@ static void char2_field_tests(void) p = BN_new(); a = BN_new(); b = BN_new(); - if (!p || !a || !b) + if (p == NULL || a == NULL || b == NULL) ABORT; if (!BN_hex2bn(&p, "13")) @@ -1010,7 +1045,8 @@ static void char2_field_tests(void) y = BN_new(); z = BN_new(); cof = BN_new(); - if (!x || !y || !z || !cof) + yplusone = BN_new(); + if (x == NULL || y == NULL || z == NULL || cof == NULL || yplusone == NULL) ABORT; if (!BN_hex2bn(&x, "6")) @@ -1025,7 +1061,7 @@ static void char2_field_tests(void) if (!EC_POINT_set_affine_coordinates_GF2m(group, Q, x, y, ctx)) ABORT; # endif - if (!EC_POINT_is_on_curve(group, Q, ctx)) { + if (EC_POINT_is_on_curve(group, Q, ctx) <= 0) { /* Change test based on whether binary point compression is enabled or not. */ # ifdef OPENSSL_EC_BIN_PT_COMP if (!EC_POINT_get_affine_coordinates_GF2m(group, Q, x, y, ctx)) @@ -1246,7 +1282,7 @@ static void char2_field_tests(void) ABORT; if (!EC_POINT_dbl(group, P, P, ctx)) ABORT; - if (!EC_POINT_is_on_curve(group, P, ctx)) + if (EC_POINT_is_on_curve(group, P, ctx) <= 0) ABORT; if (!EC_POINT_invert(group, Q, ctx)) ABORT; /* P = -2Q */ @@ -1326,8 +1362,7 @@ static void char2_field_tests(void) fprintf(stdout, " ok\n\n"); } - if (ctx) - BN_CTX_free(ctx); + BN_CTX_free(ctx); BN_free(p); BN_free(a); BN_free(b); @@ -1339,6 +1374,7 @@ static void char2_field_tests(void) BN_free(y); BN_free(z); BN_free(cof); + BN_free(yplusone); EC_GROUP_free(C2_K163); EC_GROUP_free(C2_B163); @@ -1361,9 +1397,7 @@ static void internal_curve_test(void) int ok = 1; crv_len = EC_get_builtin_curves(NULL, 0); - - curves = OPENSSL_malloc(sizeof(EC_builtin_curve) * crv_len); - + curves = OPENSSL_malloc(sizeof(*curves) * crv_len); if (curves == NULL) return; @@ -1402,6 +1436,26 @@ static void internal_curve_test(void) fprintf(stdout, " failed\n\n"); ABORT; } + + /* Test all built-in curves and let the library choose the EC_METHOD */ + for (n = 0; n < crv_len; n++) { + EC_GROUP *group = NULL; + int nid = curves[n].nid; + /* + * Skip for X25519 because low level operations such as EC_POINT_mul() + * are not supported for this curve + */ + if (nid == NID_X25519) + continue; + fprintf(stdout, "%s:\n", OBJ_nid2sn(nid)); + fflush(stdout); + if ((group = EC_GROUP_new_by_curve_name(nid)) == NULL) { + ABORT; + } + group_order_tests(group); + EC_GROUP_free(group); + } + OPENSSL_free(curves); return; } @@ -1416,7 +1470,7 @@ struct nistp_test_params { int degree; /* * Qx, Qy and D are taken from - * http://csrcdocut.gov/groups/ST/toolkit/documents/Examples/ECDSA_Prime.pdf + * http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/ECDSA_Prime.pdf * Otherwise, values are standard curve parameters from FIPS 180-3 */ const char *p, *a, *b, *Qx, *Qy, *Gx, *Gy, *order, *d; @@ -1497,7 +1551,7 @@ static const struct nistp_test_params nistp_tests_params[] = { static void nistp_single_test(const struct nistp_test_params *test) { BN_CTX *ctx; - BIGNUM *p, *a, *b, *x, *y, *n, *m, *order; + BIGNUM *p, *a, *b, *x, *y, *n, *m, *order, *yplusone; EC_GROUP *NISTP; EC_POINT *G, *P, *Q, *Q_CHECK; @@ -1512,6 +1566,7 @@ static void nistp_single_test(const struct nistp_test_params *test) m = BN_new(); n = BN_new(); order = BN_new(); + yplusone = BN_new(); NISTP = EC_GROUP_new(test->meth()); if (!NISTP) @@ -1534,6 +1589,14 @@ static void nistp_single_test(const struct nistp_test_params *test) ABORT; if (!BN_hex2bn(&y, test->Qy)) ABORT; + if (!BN_add(yplusone, y, BN_value_one())) + ABORT; + /* + * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, + * and therefore setting the coordinates should fail. + */ + if (EC_POINT_set_affine_coordinates_GFp(NISTP, Q_CHECK, x, yplusone, ctx)) + ABORT; if (!EC_POINT_set_affine_coordinates_GFp(NISTP, Q_CHECK, x, y, ctx)) ABORT; if (!BN_hex2bn(&x, test->Gx)) @@ -1583,9 +1646,18 @@ static void nistp_single_test(const struct nistp_test_params *test) if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx)) ABORT; + /* + * We have not performed precomputation so have_precompute mult should be + * false + */ + if (EC_GROUP_have_precompute_mult(NISTP)) + ABORT; + /* now repeat all tests with precomputation */ if (!EC_GROUP_precompute_mult(NISTP, ctx)) ABORT; + if (!EC_GROUP_have_precompute_mult(NISTP)) + ABORT; /* fixed point multiplication */ EC_POINT_mul(NISTP, Q, m, NULL, NULL, ctx); @@ -1623,6 +1695,7 @@ static void nistp_single_test(const struct nistp_test_params *test) BN_free(x); BN_free(y); BN_free(order); + BN_free(yplusone); BN_CTX_free(ctx); } @@ -1630,31 +1703,50 @@ static void nistp_tests() { unsigned i; - for (i = 0; - i < sizeof(nistp_tests_params) / sizeof(struct nistp_test_params); - i++) { + for (i = 0; i < OSSL_NELEM(nistp_tests_params); i++) { nistp_single_test(&nistp_tests_params[i]); } } # endif +static void parameter_test(void) +{ + EC_GROUP *group, *group2; + ECPARAMETERS *ecparameters; + + fprintf(stderr, "\ntesting ecparameters conversion ..."); + + group = EC_GROUP_new_by_curve_name(NID_secp112r1); + if (!group) + ABORT; + + ecparameters = EC_GROUP_get_ecparameters(group, NULL); + if (!ecparameters) + ABORT; + group2 = EC_GROUP_new_from_ecparameters(ecparameters); + if (!group2) + ABORT; + if (EC_GROUP_cmp(group, group2, NULL)) + ABORT; + + fprintf(stderr, " ok\n"); + + EC_GROUP_free(group); + EC_GROUP_free(group2); + ECPARAMETERS_free(ecparameters); +} + static const char rnd_seed[] = "string to make the random number generator think it has entropy"; int main(int argc, char *argv[]) { + char *p; - /* enable memory leak checking unless explicitly disabled */ - if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) - && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))) { - CRYPTO_malloc_debug_init(); - CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL); - } else { - /* OPENSSL_DEBUG_MEMORY=off */ - CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0); - } + p = getenv("OPENSSL_DEBUG_MEMORY"); + if (p != NULL && strcmp(p, "on") == 0) + CRYPTO_set_mem_debug(1); CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); - ERR_load_crypto_strings(); RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_generate_prime may fail */ @@ -1669,13 +1761,12 @@ int main(int argc, char *argv[]) /* test the internal curves */ internal_curve_test(); -# ifndef OPENSSL_NO_ENGINE - ENGINE_cleanup(); -# endif - CRYPTO_cleanup_all_ex_data(); - ERR_free_strings(); - ERR_remove_thread_state(NULL); - CRYPTO_mem_leaks_fp(stderr); + parameter_test(); + +#ifndef OPENSSL_NO_CRYPTO_MDEBUG + if (CRYPTO_mem_leaks_fp(stderr) <= 0) + return 1; +#endif return 0; }