Make ecdsatest work with nonces.

[openssl.git] / crypto / ecdsa / ecdsatest.c

diff --git a/crypto/ecdsa/ecdsatest.c b/crypto/ecdsa/ecdsatest.c
index 03b82a810e89ef233e9a59731fd6ee27b85dfa47..87c0a65abf42a118802e0d706a99114dff2f0476 100644 (file)
--- a/crypto/ecdsa/ecdsatest.c
+++ b/crypto/ecdsa/ecdsatest.c
@@ -193,6 +193,7 @@ int x9_62_test_internal(BIO *out, int nid, const char *r_in, const char *s_in)
        EC_KEY    *key = NULL;
        ECDSA_SIG *signature = NULL;
        BIGNUM    *r = NULL, *s = NULL;
+       BIGNUM    *kinv = NULL, *rp = NULL;
 
        EVP_MD_CTX_init(&md_ctx);
        /* get the message digest */
@@ -212,7 +213,10 @@ int x9_62_test_internal(BIO *out, int nid, const char *r_in, const char *s_in)
        (void)BIO_flush(out);
        /* create the signature */
        use_fake = 1;
-       signature = ECDSA_do_sign(digest, 20, key);
+       /* Use ECDSA_sign_setup to avoid use of ECDSA nonces */
+       if (!ECDSA_sign_setup(key, NULL, &kinv, &rp))
+               goto x962_int_err;
+       signature = ECDSA_do_sign_ex(digest, 20, kinv, rp, key);
        if (signature == NULL)
                goto x962_int_err;
        BIO_printf(out, ".");
@@ -247,6 +251,10 @@ x962_int_err:
        if (s)
                BN_free(s);
        EVP_MD_CTX_cleanup(&md_ctx);
+       if (kinv)
+               BN_clear_free(kinv);
+       if (rp)
+               BN_clear_free(rp);
        return ret;
        }
 
@@ -298,8 +306,8 @@ int test_builtin(BIO *out)
        ECDSA_SIG       *ecdsa_sig = NULL;
        unsigned char   digest[20], wrong_digest[20];
        unsigned char   *signature = NULL;
-       unsigned char   *sig_ptr;
-       const unsigned char *csig_ptr;
+       const unsigned char     *sig_ptr;
+       unsigned char   *sig_ptr2;
        unsigned char   *raw_buf = NULL;
        unsigned int    sig_len, degree, r_len, s_len, bn_len, buf_len;
        int             nid, ret =  0;
@@ -441,8 +449,8 @@ int test_builtin(BIO *out)
                /* Modify a single byte of the signature: to ensure we don't
                 * garble the ASN1 structure, we read the raw signature and
                 * modify a byte in one of the bignums directly. */
-               csig_ptr = signature;
-               if ((ecdsa_sig = d2i_ECDSA_SIG(NULL, &csig_ptr, sig_len)) == NULL)
+               sig_ptr = signature;
+               if ((ecdsa_sig = d2i_ECDSA_SIG(NULL, &sig_ptr, sig_len)) == NULL)
                        {
                        BIO_printf(out, " failed\n");
                        goto builtin_err;
@@ -474,8 +482,8 @@ int test_builtin(BIO *out)
                        (BN_bin2bn(raw_buf + bn_len, bn_len, ecdsa_sig->s) == NULL))
                        goto builtin_err;
 
-               sig_ptr = signature;
-               sig_len = i2d_ECDSA_SIG(ecdsa_sig, &sig_ptr);
+               sig_ptr2 = signature;
+               sig_len = i2d_ECDSA_SIG(ecdsa_sig, &sig_ptr2);
                if (ECDSA_verify(0, digest, 20, signature, sig_len, eckey) == 1)
                        {
                        BIO_printf(out, " failed\n");
@@ -487,8 +495,8 @@ int test_builtin(BIO *out)
                        (BN_bin2bn(raw_buf + bn_len, bn_len, ecdsa_sig->s) == NULL))
                        goto builtin_err;
 
-               sig_ptr = signature;
-               sig_len = i2d_ECDSA_SIG(ecdsa_sig, &sig_ptr);
+               sig_ptr2 = signature;
+               sig_len = i2d_ECDSA_SIG(ecdsa_sig, &sig_ptr2);
                if (ECDSA_verify(0, digest, 20, signature, sig_len, eckey) != 1)
                        {
                        BIO_printf(out, " failed\n");