X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=fips%2Fecdh%2Ffips_ecdhvs.c;h=72ebe815ddb310f570689fdbf5d6d6ec7ebc30fe;hp=c68daf2e946ee14623e38b230b9c428b649c187b;hb=d35c284b7329f54e398ee8b9eac15ce9a3a1b972;hpb=1acc24a8ba4ea461b5e2ae94b7c9b625dc7d4c52

diff --git a/fips/ecdh/fips_ecdhvs.c b/fips/ecdh/fips_ecdhvs.c
index c68daf2e94..72ebe815dd 100644
--- a/fips/ecdh/fips_ecdhvs.c
+++ b/fips/ecdh/fips_ecdhvs.c
@@ -106,18 +106,9 @@ static const EVP_MD *parse_md(char *line)
 		return NULL;
 	}
 
-static int lookup_curve(char *cname)
+static int lookup_curve2(char *cname)
 	{
 	char *p;
-	p = strchr(cname, ':');
-	if (!p)
-		{
-		fprintf(stderr, "Parse error: missing :\n");
-		return NID_undef;
-		}
-	cname = p + 1;
-	while(isspace(*cname))
-		cname++;
 	p = strchr(cname, ']');
 	if (!p)
 		{
@@ -161,6 +152,21 @@ static int lookup_curve(char *cname)
 	return NID_undef;
 	}
 
+static int lookup_curve(char *cname)
+	{
+	char *p;
+	p = strchr(cname, ':');
+	if (!p)
+		{
+		fprintf(stderr, "Parse error: missing :\n");
+		return NID_undef;
+		}
+	cname = p + 1;
+	while(isspace(*cname))
+		cname++;
+	return lookup_curve2(cname);
+	}
+
 static EC_POINT *make_peer(EC_GROUP *group, BIGNUM *x, BIGNUM *y)
 	{
 	EC_POINT *peer;
@@ -190,13 +196,14 @@ static EC_POINT *make_peer(EC_GROUP *group, BIGNUM *x, BIGNUM *y)
 	return NULL;
 	}
 
-static int ec_print_pubkey(FILE *out, EC_KEY *key)
+static int ec_print_key(FILE *out, EC_KEY *key, int add_e, int exout)
 	{
 	const EC_POINT *pt;
 	const EC_GROUP *grp;
 	const EC_METHOD *meth;
 	int rv;
 	BIGNUM *tx, *ty;
+	const BIGNUM *d = NULL;
 	BN_CTX *ctx;
 	ctx = BN_CTX_new();
 	if (!ctx)
@@ -207,6 +214,8 @@ static int ec_print_pubkey(FILE *out, EC_KEY *key)
 		return 0;
 	grp = EC_KEY_get0_group(key);
 	pt = EC_KEY_get0_public_key(key);
+	if (exout)
+		d = EC_KEY_get0_private_key(key);
 	meth = EC_GROUP_method_of(grp);
 	if (EC_METHOD_get_field_type(meth) == NID_X9_62_prime_field)
 		rv = EC_POINT_get_affine_coordinates_GFp(grp, pt, tx, ty, ctx);
@@ -220,8 +229,20 @@ static int ec_print_pubkey(FILE *out, EC_KEY *key)
 		rv = EC_POINT_get_affine_coordinates_GF2m(grp, pt, tx, ty, ctx);
 #endif
 
-	do_bn_print_name(out, "QeIUTx", tx);
-	do_bn_print_name(out, "QeIUTy", ty);
+	if (add_e)
+		{
+		do_bn_print_name(out, "QeIUTx", tx);
+		do_bn_print_name(out, "QeIUTy", ty);
+		if (d)
+			do_bn_print_name(out, "QeIUTd", d);
+		}
+	else
+		{
+		do_bn_print_name(out, "QIUTx", tx);
+		do_bn_print_name(out, "QIUTy", ty);
+		if (d)
+			do_bn_print_name(out, "QIUTd", d);
+		}
 
 	BN_CTX_free(ctx);
 
@@ -244,9 +265,10 @@ static void ec_output_Zhash(FILE *out, int exout, EC_GROUP *group,
 	peerkey = make_peer(group, cx, cy);
 	if (rhash == NULL)
 		{
-		rhashlen = M_EVP_MD_size(md);
+		if (md)
+			rhashlen = M_EVP_MD_size(md);
 		EC_KEY_generate_key(ec);
-		ec_print_pubkey(out, ec);
+		ec_print_key(out, ec, md ? 1 : 0, exout);
 		}
 	else
 		{
@@ -258,15 +280,21 @@ static void ec_output_Zhash(FILE *out, int exout, EC_GROUP *group,
 	if (!Z)
 		exit(1);
 	ECDH_compute_key(Z, Zlen, peerkey, ec, 0);
-	if (exout)
-		OutputValue("Z", Z, Zlen, out, 0);
-	FIPS_digest(Z, Zlen, chash, NULL, md);
-	OutputValue(rhash ? "IUTHashZZ" : "HashZZ", chash, rhashlen, out, 0);
-	if (rhash)
+	if (md)
 		{
-		fprintf(out, "Result = %s\n",
+		if (exout)
+			OutputValue("Z", Z, Zlen, out, 0);
+		FIPS_digest(Z, Zlen, chash, NULL, md);
+		OutputValue(rhash ? "IUTHashZZ" : "HashZZ",
+						chash, rhashlen, out, 0);
+		if (rhash)
+			{
+			fprintf(out, "Result = %s\n",
 				memcmp(chash, rhash, rhashlen) ? "F" : "P");
+			}
 		}
+	else
+		OutputValue("ZIUT", Z, Zlen, out, 0);
 	OPENSSL_cleanse(Z, Zlen);
 	OPENSSL_free(Z);
 	EC_KEY_free(ec);
@@ -279,7 +307,7 @@ int main(int argc,char **argv)
 	int argn = argc - 1;
 	FILE *in, *out;
 	char buf[2048], lbuf[2048];
-	unsigned char *rhash;
+	unsigned char *rhash = NULL;
 	long rhashlen;
 	BIGNUM *cx = NULL, *cy = NULL;
 	BIGNUM *id = NULL, *ix = NULL, *iy = NULL;
@@ -291,9 +319,7 @@ int main(int argc,char **argv)
 	int curve_nids[5] = {0,0,0,0,0};
 	int param_set = -1;
 
-	fips_set_error_print();
-	if(!FIPS_mode_set(1))
-		exit(1);
+	fips_algtest_init();
 
 	if (argn && !strcmp(*args, "ecdhver"))
 		{
@@ -374,6 +400,16 @@ int main(int argc,char **argv)
 			curve_nids[param_set] = nid;
 			}
 
+		if (strlen(buf) > 4 && buf[0] == '[' && buf[2] == '-')
+			{
+			int nid = lookup_curve2(buf + 1);
+			if (nid == NID_undef)
+				goto parse_error;
+			if (group)
+				EC_GROUP_free(group);
+			group = EC_GROUP_new_by_curve_name(nid);
+			}
+
 		if (strlen(buf) > 6 && !strncmp(buf, "[E", 2))
 			{
 			md = parse_md(buf);
@@ -383,12 +419,12 @@ int main(int argc,char **argv)
 			}
 		if (!parse_line(&keyword, &value, lbuf, buf))
 			continue;
-		if (!strcmp(keyword, "QeCAVSx"))
+		if (!strcmp(keyword, "QeCAVSx") || !strcmp(keyword, "QCAVSx"))
 			{
 			if (!do_hex2bn(&cx, value))
 				goto parse_error;
 			}
-		else if (!strcmp(keyword, "QeCAVSy"))
+		else if (!strcmp(keyword, "QeCAVSy") || !strcmp(keyword, "QCAVSy"))
 			{
 			if (!do_hex2bn(&cy, value))
 				goto parse_error;