APPS: Use a second EVP_MD_CTX for EdDSA verify

Verify for the two EdDSA algorithms fails in "speed eddsa". It appears that the same ctx can not be used for the sign and verify process. Create a second EVP_MD_CTX for the verify purpose. Fixes #11650 Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/12074)
author: Sebastian Andrzej Siewior <sebastian@breakpoint.cc> 2020-06-06 17:21:15 +0200
committer: Dmitry Belyavskiy <beldmit@gmail.com> 2020-06-11 17:28:10 +0300
commit: 1154ffbfb38418ea68af9661e19daa0d6d984adb (patch)
tree: 4510e49115249c7c8dead570c318487b7af7610f /apps/speed.c
parent: 42b2797e8abced593084e5cd02d8c6e5ee5ed5c5 (diff)
1 files changed, 18 insertions, 4 deletions
diff --git a/apps/speed.c b/apps/speed.c
index 9d53bab3ac..4bd42d4e42 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -575,6 +575,7 @@ typedef struct loopargs_st {
     EC_KEY *ecdsa[ECDSA_NUM];
     EVP_PKEY_CTX *ecdh_ctx[EC_NUM];
     EVP_MD_CTX *eddsa_ctx[EdDSA_NUM];
+    EVP_MD_CTX *eddsa_ctx2[EdDSA_NUM];
 # ifndef OPENSSL_NO_SM2
     EVP_MD_CTX *sm2_ctx[SM2_NUM];
     EVP_MD_CTX *sm2_vfy_ctx[SM2_NUM];
@@ -1242,7 +1243,7 @@ static int EdDSA_verify_loop(void *args)
 {
     loopargs_t *tempargs = *(loopargs_t **) args;
     unsigned char *buf = tempargs->buf;
-    EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
+    EVP_MD_CTX **edctx = tempargs->eddsa_ctx2;
     unsigned char *eddsasig = tempargs->buf2;
     size_t eddsasigsize = tempargs->sigsize;
     int ret, count;
@@ -3389,6 +3390,11 @@ int speed_main(int argc, char **argv)
                 st = 0;
                 break;
             }
+            loopargs[i].eddsa_ctx2[testnum] = EVP_MD_CTX_new();
+            if (loopargs[i].eddsa_ctx2[testnum] == NULL) {
+                st = 0;
+                break;
+            }
 
             if ((ed_pctx = EVP_PKEY_CTX_new_id(ed_curves[testnum].nid, NULL))
                     == NULL
@@ -3406,6 +3412,13 @@ int speed_main(int argc, char **argv)
                 EVP_PKEY_free(ed_pkey);
                 break;
             }
+           if (!EVP_DigestVerifyInit(loopargs[i].eddsa_ctx2[testnum], NULL,
+                                     NULL, NULL, ed_pkey)) {
+                st = 0;
+                EVP_PKEY_free(ed_pkey);
+                break;
+            }
+
             EVP_PKEY_free(ed_pkey);
         }
         if (st == 0) {
@@ -3443,10 +3456,9 @@ int speed_main(int argc, char **argv)
                 eddsa_results[testnum][0] = (double)count / d;
                 rsa_count = count;
             }
-
             /* Perform EdDSA verification test */
             for (i = 0; i < loopargs_len; i++) {
-                st = EVP_DigestVerify(loopargs[i].eddsa_ctx[testnum],
+                st = EVP_DigestVerify(loopargs[i].eddsa_ctx2[testnum],
                                       loopargs[i].buf2, loopargs[i].sigsize,
                                       loopargs[i].buf, 20);
                 if (st != 1)
@@ -4021,8 +4033,10 @@ int speed_main(int argc, char **argv)
             EC_KEY_free(loopargs[i].ecdsa[k]);
         for (k = 0; k < EC_NUM; k++)
             EVP_PKEY_CTX_free(loopargs[i].ecdh_ctx[k]);
-        for (k = 0; k < EdDSA_NUM; k++)
+        for (k = 0; k < EdDSA_NUM; k++) {
             EVP_MD_CTX_free(loopargs[i].eddsa_ctx[k]);
+            EVP_MD_CTX_free(loopargs[i].eddsa_ctx2[k]);
+	}
 # ifndef OPENSSL_NO_SM2
         for (k = 0; k < SM2_NUM; k++) {
             EVP_PKEY_CTX *pctx = NULL;
author	Sebastian Andrzej Siewior <sebastian@breakpoint.cc>	2020-06-06 17:21:15 +0200
committer	Dmitry Belyavskiy <beldmit@gmail.com>	2020-06-11 17:28:10 +0300
commit	1154ffbfb38418ea68af9661e19daa0d6d984adb (patch)
tree	4510e49115249c7c8dead570c318487b7af7610f /apps/speed.c
parent	42b2797e8abced593084e5cd02d8c6e5ee5ed5c5 (diff)