- if ((ecdsa = ECDSA_new()) == NULL) goto err;
-
- set_p192_param(ecdsa);
- ECDSA_print(bio_err, ecdsa, 0);
-
- /* en- decode tests */
-
- /* i2d_ - d2i_ECDSAParameters() */
- BIO_printf(bio_err, "\nTesting i2d_ - d2i_ECDSAParameters \n");
- buf_len = i2d_ECDSAParameters(ecdsa, NULL);
- if (!buf_len || (buffer = OPENSSL_malloc(buf_len)) == NULL) goto err;
- pp = buffer;
- if (!i2d_ECDSAParameters(ecdsa, &pp)) goto err;
- pp = buffer;
- if ((ret_ecdsa = d2i_ECDSAParameters(&ret_ecdsa, (const unsigned char **)&pp,
- buf_len)) == NULL) goto err;
- ECDSAParameters_print(bio_err, ret_ecdsa);
- if (ecdsa_cmp(ecdsa, ret_ecdsa)) goto err;
- OPENSSL_free(buffer);
- buffer = NULL;
- ECDSA_free(ret_ecdsa);
- ret_ecdsa = NULL;
-
- /* i2d_ - d2i_ECDSAPrivateKey() */
- BIO_printf(bio_err, "\nTesting i2d_ - d2i_ECDSAPrivateKey \n");
- buf_len = i2d_ECDSAPrivateKey(ecdsa, NULL);
- if (!buf_len || (buffer = OPENSSL_malloc(buf_len)) == NULL) goto err;
- pp = buffer;
- if (!i2d_ECDSAPrivateKey(ecdsa, &pp)) goto err;
- pp = buffer;
- if ((ret_ecdsa = d2i_ECDSAPrivateKey(&ret_ecdsa, (const unsigned char**)&pp,
- buf_len)) == NULL) goto err;
- ECDSA_print(bio_err, ret_ecdsa, 0);
- if (ecdsa_cmp(ecdsa, ret_ecdsa)) goto err;
- ECDSA_free(ret_ecdsa);
- ret_ecdsa = NULL;
- OPENSSL_free(buffer);
- buffer = NULL;
-
- /* X509_PUBKEY_set() & X509_PUBKEY_get() */
-
- BIO_printf(bio_err, "\nTesting X509_PUBKEY_{get,set} : ");
- if ((pkey = EVP_PKEY_new()) == NULL) goto err;
- EVP_PKEY_assign_ECDSA(pkey, ecdsa);
- if ((x509_pubkey = X509_PUBKEY_new()) == NULL) goto err;
- if (!X509_PUBKEY_set(&x509_pubkey, pkey)) goto err;
-
- if ((ret_pkey = X509_PUBKEY_get(x509_pubkey)) == NULL) goto err;
- ret_ecdsa = EVP_PKEY_get1_ECDSA(ret_pkey);
- EVP_PKEY_free(ret_pkey);
- ret_pkey = NULL;
-
- if (ecdsa_cmp(ecdsa, ret_ecdsa))
- {
- BIO_printf(bio_err, "TEST FAILED \n");
- goto err;
- }
- else BIO_printf(bio_err, "TEST OK \n");
- X509_PUBKEY_free(x509_pubkey);
- x509_pubkey = NULL;
- ECDSA_free(ret_ecdsa);
- ret_ecdsa = NULL;
-
- /* Testing PKCS8_PRIV_KEY_INFO <-> EVP_PKEY */
- BIO_printf(bio_err, "Testing PKCS8_PRIV_KEY_INFO <-> EVP_PKEY : \n");
- BIO_printf(bio_err, "PKCS8_OK : ");
- if ((pkcs8 = EVP_PKEY2PKCS8_broken(pkey, PKCS8_OK)) == NULL) goto err;
- if ((ret_pkey = EVP_PKCS82PKEY(pkcs8)) == NULL) goto err;
- ret_ecdsa = EVP_PKEY_get1_ECDSA(ret_pkey);
- if (ecdsa_cmp(ecdsa, ret_ecdsa))
- {
- BIO_printf(bio_err, "TEST FAILED \n");
- goto err;
- }
- else BIO_printf(bio_err, "TEST OK \n");
- EVP_PKEY_free(ret_pkey);
- ret_pkey = NULL;
- ECDSA_free(ret_ecdsa);
- ret_ecdsa = NULL;
- PKCS8_PRIV_KEY_INFO_free(pkcs8);
- BIO_printf(bio_err, "PKCS8_NO_OCTET : ");
- if ((pkcs8 = EVP_PKEY2PKCS8_broken(pkey, PKCS8_NO_OCTET)) == NULL) goto err;
- if ((ret_pkey = EVP_PKCS82PKEY(pkcs8)) == NULL) goto err;
- ret_ecdsa = EVP_PKEY_get1_ECDSA(ret_pkey);
- if (ecdsa_cmp(ecdsa, ret_ecdsa))
- {
- BIO_printf(bio_err, "TEST FAILED \n");
- goto err;
- }
- else BIO_printf(bio_err, "TEST OK \n");
- EVP_PKEY_free(ret_pkey);
- ret_pkey = NULL;
- ECDSA_free(ret_ecdsa);
- ret_ecdsa = NULL;
- PKCS8_PRIV_KEY_INFO_free(pkcs8);
- BIO_printf(bio_err, "PKCS8_EMBEDDED_PARAM : ");
- if ((pkcs8 = EVP_PKEY2PKCS8_broken(pkey, PKCS8_EMBEDDED_PARAM)) == NULL) goto err;
- if ((ret_pkey = EVP_PKCS82PKEY(pkcs8)) == NULL) goto err;
- ret_ecdsa = EVP_PKEY_get1_ECDSA(ret_pkey);
- if (ecdsa_cmp(ecdsa, ret_ecdsa))
- {
- BIO_printf(bio_err, "TEST FAILED \n");
- goto err;
- }
- else BIO_printf(bio_err, "TEST OK \n");
- EVP_PKEY_free(ret_pkey);
- ret_pkey = NULL;
- ECDSA_free(ret_ecdsa);
- ret_ecdsa = NULL;
- PKCS8_PRIV_KEY_INFO_free(pkcs8);
- BIO_printf(bio_err, "PKCS8_NS_DB : ");
- if ((pkcs8 = EVP_PKEY2PKCS8_broken(pkey, PKCS8_NS_DB)) == NULL) goto err;
- if ((ret_pkey = EVP_PKCS82PKEY(pkcs8)) == NULL) goto err;
- ret_ecdsa = EVP_PKEY_get1_ECDSA(ret_pkey);
- if (ecdsa_cmp(ecdsa, ret_ecdsa))
- {
- BIO_printf(bio_err, "TEST FAILED \n");
- goto err;
- }
- else BIO_printf(bio_err, "TEST OK \n");
- EVP_PKEY_free(ret_pkey);
- ret_pkey = NULL;
- ECDSA_free(ret_ecdsa);
- ret_ecdsa = NULL;
- EVP_PKEY_free(pkey);
- pkey = NULL;
- ecdsa = NULL;
- PKCS8_PRIV_KEY_INFO_free(pkcs8);
- pkcs8 = NULL;
-
- /* sign and verify tests */
- if ((d = BN_new()) == NULL) goto err;
-
- if (!BN_dec2bn(&d, "968236873715988614170569073515315707566766479517")) goto err;
- dgst_len = BN_num_bytes(d);
- if ((dgst = OPENSSL_malloc(dgst_len)) == NULL) goto err;
- if (!BN_bn2bin(d, dgst)) goto err;
-
- BIO_printf(bio_err, "Performing tests based on examples H.3.1 and H.3.2 of X9.62 \n");
-
- BIO_printf(bio_err, "PRIME_192_V1 : ");
- if ((ecdsa = ECDSA_new()) == NULL) goto err;
- if (!set_p192_param(ecdsa)) goto err;
- if (!test_x962_sig_vrf(ecdsa, dgst, "6140507067065001063065065565667405560006161556565665656654",
- "3342403536405981729393488334694600415596881826869351677613",
- "5735822328888155254683894997897571951568553642892029982342"))
- goto err;
- else
- BIO_printf(bio_err, "OK\n");
- BIO_printf(bio_err, "PRIME_239_V1 : ");
- if (!set_p239_param(ecdsa))
- goto err;
- if (!test_x962_sig_vrf(ecdsa, dgst, "700000017569056646655505781757157107570501575775705779575555657156756655",
- "308636143175167811492622547300668018854959378758531778147462058306432176",
- "323813553209797357708078776831250505931891051755007842781978505179448783"))
- goto err;
- else
- BIO_printf(bio_err, "OK\n");
-
- ECDSA_free(ecdsa);
- ecdsa = NULL;
- OPENSSL_free(dgst);
- dgst = NULL;
-
-
- /* NIST PRIME CURVES TESTS */
- /* EC_GROUP_NIST_PRIME_192 */
- for (i=0; i<ECDSA_NIST_TESTS; i++)
- if (!RAND_bytes(digest[i], 20)) goto err;
-
- BIO_printf(bio_err, "\nTesting sign & verify with NIST Prime-Curve P-192 : \n");
- ECDSA_free(ecdsa);
- if ((ecdsa = ECDSA_new()) == NULL) goto err;
- if ((ecdsa->group = EC_GROUP_new_by_name(EC_GROUP_NIST_PRIME_192)) == NULL) goto err;
- if (!ECDSA_generate_key(ecdsa)) goto err;
- tim = clock();
- for (i=0; i<ECDSA_NIST_TESTS; i++)
- if ((signatures[i] = ECDSA_do_sign(digest[i], 20, ecdsa)) == NULL) goto err;
- tim = clock() - tim;
- tim_d = (double)tim / CLOCKS_PER_SEC;
- BIO_printf(bio_err, "%d x ECDSA_do_sign() in %.2f"UNIT" => average time for ECDSA_do_sign() %.4f"UNIT"\n"
- , ECDSA_NIST_TESTS, tim_d, tim_d / ECDSA_NIST_TESTS);
- tim = clock();
- for (i=0; i<ECDSA_NIST_TESTS; i++)
- if (!ECDSA_do_verify(digest[i], 20, signatures[i], ecdsa)) goto err;
- tim = clock() - tim;
- tim_d = (double)tim / CLOCKS_PER_SEC;
- BIO_printf(bio_err, "%d x ECDSA_do_verify() in %.2f"UNIT" => average time for ECDSA_do_verify() %.4f"UNIT"\n"
- , ECDSA_NIST_TESTS, tim_d, tim_d/ECDSA_NIST_TESTS);
- for (i=0; i<ECDSA_NIST_TESTS; i++)
- {
- ECDSA_SIG_free(signatures[i]);
- signatures[i] = NULL;
- }
-
- /* EC_GROUP_NIST_PRIME_224 */
- BIO_printf(bio_err, "Testing sign & verify with NIST Prime-Curve P-224 : \n");
- ECDSA_free(ecdsa);
- if ((ecdsa = ECDSA_new()) == NULL) goto err;
- if ((ecdsa->group = EC_GROUP_new_by_name(EC_GROUP_NIST_PRIME_224)) == NULL) goto err;
- if (!ECDSA_generate_key(ecdsa)) goto err;
- tim = clock();
- for (i=0; i<ECDSA_NIST_TESTS; i++)
- if ((signatures[i] = ECDSA_do_sign(digest[i], 20, ecdsa)) == NULL) goto err;
- tim = clock() - tim;
- tim_d = (double)tim / CLOCKS_PER_SEC;
- BIO_printf(bio_err, "%d x ECDSA_do_sign() in %.2f"UNIT" => average time for ECDSA_do_sign() %.4f"UNIT"\n"
- , ECDSA_NIST_TESTS, tim_d, tim_d / ECDSA_NIST_TESTS);
- tim = clock();
- for (i=0; i<ECDSA_NIST_TESTS; i++)
- if (!ECDSA_do_verify(digest[i], 20, signatures[i], ecdsa)) goto err;
- tim = clock() - tim;
- tim_d = (double)tim / CLOCKS_PER_SEC;
- BIO_printf(bio_err, "%d x ECDSA_do_verify() in %.2f"UNIT" => average time for ECDSA_do_verify() %.4f"UNIT"\n"
- , ECDSA_NIST_TESTS, tim_d, tim_d/ECDSA_NIST_TESTS);
- for (i=0; i<ECDSA_NIST_TESTS; i++)
- {
- ECDSA_SIG_free(signatures[i]);
- signatures[i] = NULL;
- }
-
- /* EC_GROUP_NIST_PRIME_256 */
- BIO_printf(bio_err, "Testing sign & verify with NIST Prime-Curve P-256 : \n");
- ECDSA_free(ecdsa);
- if ((ecdsa = ECDSA_new()) == NULL) goto err;
- if ((ecdsa->group = EC_GROUP_new_by_name(EC_GROUP_NIST_PRIME_256)) == NULL) goto err;
- if (!ECDSA_generate_key(ecdsa)) goto err;
- tim = clock();
- for (i=0; i<ECDSA_NIST_TESTS; i++)
- if ((signatures[i] = ECDSA_do_sign(digest[i], 20, ecdsa)) == NULL) goto err;
- tim = clock() - tim;
- tim_d = (double)tim / CLOCKS_PER_SEC;
- BIO_printf(bio_err, "%d x ECDSA_do_sign() in %.2f"UNIT" => average time for ECDSA_do_sign() %.4f"UNIT"\n"
- , ECDSA_NIST_TESTS, tim_d, tim_d / ECDSA_NIST_TESTS);
- tim = clock();
- for (i=0; i<ECDSA_NIST_TESTS; i++)
- if (!ECDSA_do_verify(digest[i], 20, signatures[i], ecdsa)) goto err;
- tim = clock() - tim;
- tim_d = (double)tim / CLOCKS_PER_SEC;
- BIO_printf(bio_err, "%d x ECDSA_do_verify() in %.2f"UNIT" => average time for ECDSA_do_verify() %.4f"UNIT"\n"
- , ECDSA_NIST_TESTS, tim_d, tim_d/ECDSA_NIST_TESTS);
- for (i=0; i<ECDSA_NIST_TESTS; i++)
- {
- ECDSA_SIG_free(signatures[i]);
- signatures[i] = NULL;
- }
-
- /* EC_GROUP_NIST_PRIME_384 */
- BIO_printf(bio_err, "Testing sign & verify with NIST Prime-Curve P-384 : \n");
- ECDSA_free(ecdsa);
- if ((ecdsa = ECDSA_new()) == NULL) goto err;
- if ((ecdsa->group = EC_GROUP_new_by_name(EC_GROUP_NIST_PRIME_384)) == NULL) goto err;
- if (!ECDSA_generate_key(ecdsa)) goto err;
- tim = clock();
- for (i=0; i<ECDSA_NIST_TESTS; i++)
- if ((signatures[i] = ECDSA_do_sign(digest[i], 20, ecdsa)) == NULL) goto err;
- tim = clock() - tim;
- tim_d = (double)tim / CLOCKS_PER_SEC;
- BIO_printf(bio_err, "%d x ECDSA_do_sign() in %.2f"UNIT" => average time for ECDSA_do_sign() %.4f"UNIT"\n"
- , ECDSA_NIST_TESTS, tim_d, tim_d / ECDSA_NIST_TESTS);
- tim = clock();
- for (i=0; i<ECDSA_NIST_TESTS; i++)
- if (!ECDSA_do_verify(digest[i], 20, signatures[i], ecdsa)) goto err;
- tim = clock() - tim;
- tim_d = (double)tim / CLOCKS_PER_SEC;
- BIO_printf(bio_err, "%d x ECDSA_do_verify() in %.2f"UNIT" => average time for ECDSA_do_verify() %.4f"UNIT"\n"
- , ECDSA_NIST_TESTS, tim_d, tim_d/ECDSA_NIST_TESTS);
- for (i=0; i<ECDSA_NIST_TESTS; i++)
- {
- ECDSA_SIG_free(signatures[i]);
- signatures[i] = NULL;
- }
-
- /* EC_GROUP_NIST_PRIME_521 */
- BIO_printf(bio_err, "Testing sign & verify with NIST Prime-Curve P-521 : \n");
- ECDSA_free(ecdsa);
- if ((ecdsa = ECDSA_new()) == NULL) goto err;
- if ((ecdsa->group = EC_GROUP_new_by_name(EC_GROUP_NIST_PRIME_521)) == NULL) goto err;
- if (!ECDSA_generate_key(ecdsa)) goto err;
- tim = clock();
- for (i=0; i<ECDSA_NIST_TESTS; i++)
- if ((signatures[i] = ECDSA_do_sign(digest[i], 20, ecdsa)) == NULL) goto err;
- tim = clock() - tim;
- tim_d = (double)tim / CLOCKS_PER_SEC;
- BIO_printf(bio_err, "%d x ECDSA_do_sign() in %.2f"UNIT" => average time for ECDSA_do_sign() %.4f"UNIT"\n"
- , ECDSA_NIST_TESTS, tim_d, tim_d / ECDSA_NIST_TESTS);
- tim = clock();
- for (i=0; i<ECDSA_NIST_TESTS; i++)
- if (!ECDSA_do_verify(digest[i], 20, signatures[i], ecdsa)) goto err;
- tim = clock() - tim;
- tim_d = (double)tim / CLOCKS_PER_SEC;
- BIO_printf(bio_err, "%d x ECDSA_do_verify() in %.2f"UNIT" => average time for ECDSA_do_verify() %.4f"UNIT"\n"
- , ECDSA_NIST_TESTS, tim_d, tim_d/ECDSA_NIST_TESTS);
- ECDSA_free(ecdsa);
- ecdsa = NULL;
- for (i=0; i<ECDSA_NIST_TESTS; i++)
- {
- ECDSA_SIG_free(signatures[i]);
- signatures[i] = NULL;
- }
-
- OPENSSL_free(buffer);
- buffer = NULL;
- EVP_PKEY_free(pkey);
- pkey = NULL;
- ecdsa = NULL;