1 #define OPENSSL_FIPSAPI
2 #include <openssl/opensslconf.h>
7 int main(int argc, char **argv)
9 printf("No FIPS ECDSA support\n");
16 #include <openssl/err.h>
17 #include <openssl/bn.h>
18 #include <openssl/ecdsa.h>
19 #include <openssl/evp.h>
22 #include <openssl/objects.h>
25 static int lookup_curve(char *curve_name, const EVP_MD **pmd)
28 cname = curve_name + 1;
29 p = strchr(cname, ']');
32 fprintf(stderr, "Parse error: missing ]\n");
36 p = strchr(cname, ',');
41 fprintf(stderr, "Parse error: unexpected digest\n");
47 if (!strcmp(p, "SHA-1"))
49 else if (!strcmp(p, "SHA-224"))
51 else if (!strcmp(p, "SHA-256"))
53 else if (!strcmp(p, "SHA-384"))
55 else if (!strcmp(p, "SHA-512"))
59 fprintf(stderr, "Unknown digest %s\n", p);
66 if (!strcmp(cname, "B-163"))
68 if (!strcmp(cname, "B-233"))
70 if (!strcmp(cname, "B-283"))
72 if (!strcmp(cname, "B-409"))
74 if (!strcmp(cname, "B-571"))
76 if (!strcmp(cname, "K-163"))
78 if (!strcmp(cname, "K-233"))
80 if (!strcmp(cname, "K-283"))
82 if (!strcmp(cname, "K-409"))
84 if (!strcmp(cname, "K-571"))
86 if (!strcmp(cname, "P-192"))
87 return NID_X9_62_prime192v1;
88 if (!strcmp(cname, "P-224"))
90 if (!strcmp(cname, "P-256"))
91 return NID_X9_62_prime256v1;
92 if (!strcmp(cname, "P-384"))
94 if (!strcmp(cname, "P-521"))
97 fprintf(stderr, "Unknown Curve name %s\n", cname);
104 char buf[2048], lbuf[2048];
105 char *keyword, *value;
106 int curve_nid = NID_undef;
107 BIGNUM *Qx = NULL, *Qy = NULL;
109 while(fgets(buf, sizeof buf, stdin) != NULL)
114 curve_nid = lookup_curve(buf, NULL);
115 if (curve_nid == NID_undef)
119 if (!parse_line(&keyword, &value, lbuf, buf))
121 if (!strcmp(keyword, "Qx"))
123 if (!do_hex2bn(&Qx, value))
125 fprintf(stderr, "Invalid Qx value\n");
129 if (!strcmp(keyword, "Qy"))
132 if (!do_hex2bn(&Qy, value))
134 fprintf(stderr, "Invalid Qy value\n");
137 key = EC_KEY_new_by_curve_name(curve_nid);
138 rv = EC_KEY_set_public_key_affine_coordinates(key, Qx, Qy);
139 printf("Result = %s\n", rv ? "P":"F");
146 static int SigVer(void)
148 char buf[2048], lbuf[2048];
149 char *keyword, *value;
151 int curve_nid = NID_undef;
153 BIGNUM *Qx = NULL, *Qy = NULL;
155 ECDSA_SIG sg, *sig = &sg;
156 const EVP_MD *digest = NULL;
158 EVP_MD_CTX_init(&mctx);
161 while(fgets(buf, sizeof buf, stdin) != NULL)
166 curve_nid = lookup_curve(buf, &digest);
167 if (curve_nid == NID_undef)
170 if (!parse_line(&keyword, &value, lbuf, buf))
172 if (!strcmp(keyword, "Msg"))
174 msg = hex2bin_m(value, &mlen);
177 fprintf(stderr, "Invalid Message\n");
182 if (!strcmp(keyword, "Qx"))
184 if (!do_hex2bn(&Qx, value))
186 fprintf(stderr, "Invalid Qx value\n");
190 if (!strcmp(keyword, "Qy"))
192 if (!do_hex2bn(&Qy, value))
194 fprintf(stderr, "Invalid Qy value\n");
198 if (!strcmp(keyword, "R"))
200 if (!do_hex2bn(&sig->r, value))
202 fprintf(stderr, "Invalid R value\n");
206 if (!strcmp(keyword, "S"))
209 if (!do_hex2bn(&sig->s, value))
211 fprintf(stderr, "Invalid S value\n");
214 key = EC_KEY_new_by_curve_name(curve_nid);
215 rv = EC_KEY_set_public_key_affine_coordinates(key, Qx, Qy);
219 fprintf(stderr, "Error setting public key\n");
223 FIPS_digestinit(&mctx, digest);
224 FIPS_digestupdate(&mctx, msg, mlen);
226 rv = FIPS_ecdsa_verify_ctx(key, &mctx, sig);
229 printf("Result = %s\n", rv ? "P":"F");
236 int main(int argc, char **argv)
238 const char *cmd = argv[1];
239 fips_set_error_print();
242 fprintf(stderr, "fips_ecdsavs [PKV|SigVer]\n");
245 if (!strcmp(cmd, "PKV"))
250 if (!strcmp(cmd, "SigVer"))
257 fprintf(stderr, "Error running %s\n", cmd);