From 0543603abf9d275298a85beeb365db901e092436 Mon Sep 17 00:00:00 2001 From: Billy Brumley Date: Mon, 29 Feb 2016 22:35:35 +0200 Subject: [PATCH] documentation and duplicate goto statements Reviewed-by: Kurt Roeckx Reviewed-by: Rich Salz --- test/ecdhtest.c | 32 +++++++++++++++++++++++++++++--- test/ecdhtest_cavs.h | 4 +++- 2 files changed, 32 insertions(+), 4 deletions(-) diff --git a/test/ecdhtest.c b/test/ecdhtest.c index 3a67552b1a..356f3e939c 100644 --- a/test/ecdhtest.c +++ b/test/ecdhtest.c @@ -463,6 +463,27 @@ static int ecdh_kat(BIO *out, const ecdh_kat_t *kat) #include "ecdhtest_cavs.h" +/* + * NIST SP800-56A co-factor ECDH tests. + * KATs taken from NIST documents with parameters: + * + * - (QCAVSx,QCAVSy) is the public key for CAVS. + * - dIUT is the private key for IUT. + * - (QIUTx,QIUTy) is the public key for IUT. + * - ZIUT is the shared secret KAT. + * + * CAVS: Cryptographic Algorithm Validation System + * IUT: Implementation Under Test + * + * This function tests two things: + * + * 1. dIUT * G = (QIUTx,QIUTy) + * i.e. public key for IUT computes correctly. + * 2. x-coord of cofactor * dIUT * (QCAVSx,QCAVSy) = ZIUT + * i.e. co-factor ECDH key computes correctly. + * + * returns zero on failure or unsupported curve. One otherwise. + */ static int ecdh_cavs_kat(BIO *out, const ecdh_cavs_kat_t *kat) { int rv = 0, is_char_two = 0; @@ -495,7 +516,9 @@ static int ecdh_cavs_kat(BIO *out, const ecdh_cavs_kat_t *kat) if(!BN_hex2bn(&y, kat->QIUTy)) goto err; if (is_char_two) { -#ifndef OPENSSL_NO_EC2M +#ifdef OPENSSL_NO_EC2M + goto err; +#else if (!EC_POINT_set_affine_coordinates_GF2m(group, pub, x, y, NULL)) goto err; #endif @@ -514,7 +537,9 @@ static int ecdh_cavs_kat(BIO *out, const ecdh_cavs_kat_t *kat) if(!BN_hex2bn(&y, kat->QCAVSy)) goto err; if (is_char_two) { -#ifndef OPENSSL_NO_EC2M +#ifdef OPENSSL_NO_EC2M + goto err; +#else if (!EC_POINT_set_affine_coordinates_GF2m(group, pub, x, y, NULL)) goto err; #endif @@ -551,8 +576,9 @@ static int ecdh_cavs_kat(BIO *out, const ecdh_cavs_kat_t *kat) BN_free(y); OPENSSL_free(Ztmp); OPENSSL_free(Z); - if (rv) + if (rv) { BIO_puts(out, " ok\n"); + } else { fprintf(stderr, "Error in ECC CDH routines\n"); ERR_print_errors_fp(stderr); diff --git a/test/ecdhtest_cavs.h b/test/ecdhtest_cavs.h index 0d700ed390..632d02d69e 100644 --- a/test/ecdhtest_cavs.h +++ b/test/ecdhtest_cavs.h @@ -3,7 +3,7 @@ /* * co-factor ECDH KATs for NIST SP800-56A - * http://csrc.nist.gov/groups/STM/cavp/component-testing.html#ecc-cdh + * http://csrc.nist.gov/groups/STM/cavp/component-testing.html#ECCCDH * $ sha256sum KAS_ECC_CDH_PrimitiveTest.txt * 456068d3f8aad8ac62a03d19ed3173f00ad51f42b51aeab4753c20f30c01cf23 KAS_ECC_CDH_PrimitiveTest.txt */ @@ -19,6 +19,7 @@ typedef struct { } ecdh_cavs_kat_t; static const ecdh_cavs_kat_t ecdh_cavs_kats[] = { + /* curves over prime fields go here */ { NID_X9_62_prime192v1, "42ea6dd9969dd2a61fea1aac7f8e98edcc896c6e55857cc0", "dfbe5d7c61fac88b11811bde328e8a0d12bf01a9d204b523", @@ -1345,6 +1346,7 @@ static const ecdh_cavs_kat_t ecdh_cavs_kats[] = { "b4411cda7a0785b15d149ed301a3697062f42da237aa7f07e0af3fd00eb1800d" "9c41" } #ifndef OPENSSL_NO_EC2M + /* curves over binary fields go here */ , { NID_sect163k1, "0000000574236f1428c432130946783a5b3aabb6c27ea5d6", "00000007908c251b8da021cbac281f123f7af4fac5b3dbb8", -- 2.34.1