diff options
author | Bodo Möller <bodo@openssl.org> | 2002-08-09 08:43:04 +0000 |
---|---|---|
committer | Bodo Möller <bodo@openssl.org> | 2002-08-09 08:43:04 +0000 |
commit | e172d60ddbba3dd37748c8c468064c99213b9e60 (patch) | |
tree | 1ededc75b7669b610533758ac42f0ad91f59330b /crypto | |
parent | f8fe7fa4913d34f33fac12181a0fc722ef367238 (diff) |
Add ECDH support.
Additional changes:
- use EC_GROUP_get_degree() in apps/req.c
- add ECDSA and ECDH to apps/speed.c
- adds support for EC curves over binary fields to ECDSA
- new function EC_KEY_up_ref() in crypto/ec/ec_key.c
- reorganize crypto/ecdsa/ecdsatest.c
- add engine support for ECDH
- fix a few bugs in ECDSA engine support
Submitted by: Douglas Stebila <douglas.stebila@sun.com>
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/Makefile.ssl | 2 | ||||
-rw-r--r-- | crypto/asn1/t_pkey.c | 22 | ||||
-rw-r--r-- | crypto/cryptlib.c | 8 | ||||
-rw-r--r-- | crypto/crypto.h | 9 | ||||
-rw-r--r-- | crypto/ec/ec.h | 1 | ||||
-rw-r--r-- | crypto/ec/ec_asn1.c | 1 | ||||
-rw-r--r-- | crypto/ec/ec_key.c | 22 | ||||
-rw-r--r-- | crypto/ecdh/Makefile.ssl | 121 | ||||
-rw-r--r-- | crypto/ecdh/ecdh.h | 164 | ||||
-rw-r--r-- | crypto/ecdh/ecdhtest.c | 288 | ||||
-rw-r--r-- | crypto/ecdh/ech_err.c | 97 | ||||
-rw-r--r-- | crypto/ecdh/ech_key.c | 92 | ||||
-rw-r--r-- | crypto/ecdh/ech_lib.c | 248 | ||||
-rw-r--r-- | crypto/ecdh/ech_ossl.c | 187 | ||||
-rw-r--r-- | crypto/ecdsa/ecdsatest.c | 210 | ||||
-rw-r--r-- | crypto/engine/Makefile.ssl | 26 | ||||
-rw-r--r-- | crypto/engine/eng_fat.c | 23 | ||||
-rw-r--r-- | crypto/engine/eng_int.h | 6 | ||||
-rw-r--r-- | crypto/engine/eng_list.c | 8 | ||||
-rw-r--r-- | crypto/engine/eng_openssl.c | 11 | ||||
-rw-r--r-- | crypto/engine/engine.h | 22 | ||||
-rw-r--r-- | crypto/err/err.h | 3 | ||||
-rw-r--r-- | crypto/err/openssl.ec | 1 | ||||
-rw-r--r-- | crypto/x509/x509.h | 9 |
24 files changed, 1438 insertions, 143 deletions
diff --git a/crypto/Makefile.ssl b/crypto/Makefile.ssl index 55e970baec..42a01e194a 100644 --- a/crypto/Makefile.ssl +++ b/crypto/Makefile.ssl @@ -28,7 +28,7 @@ LIBS= SDIRS= md2 md5 sha mdc2 hmac ripemd \ des rc2 rc4 rc5 idea bf cast \ - bn ec rsa dsa ecdsa dh dso engine aes \ + bn ec rsa dsa ecdsa ecdh dh dso engine aes \ buffer bio stack lhash rand err objects \ evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 diff --git a/crypto/asn1/t_pkey.c b/crypto/asn1/t_pkey.c index fb01e38d79..873b5d793c 100644 --- a/crypto/asn1/t_pkey.c +++ b/crypto/asn1/t_pkey.c @@ -55,6 +55,11 @@ * copied and put under another distribution licence * [including the GNU Public Licence.] */ +/* ==================================================================== + * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. + * Binary polynomial ECC support in OpenSSL originally developed by + * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. + */ #include <stdio.h> #include "cryptlib.h" @@ -333,10 +338,21 @@ int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off) goto err; } - if (!EC_GROUP_get_curve_GFp(x, p, a, b, ctx)) + if (EC_METHOD_get_field_type(EC_GROUP_method_of(x)) == NID_X9_62_prime_field) { - reason = ERR_R_EC_LIB; - goto err; + if (!EC_GROUP_get_curve_GFp(x, p, a, b, ctx)) + { + reason = ERR_R_EC_LIB; + goto err; + } + } + else + { + if (!EC_GROUP_get_curve_GF2m(x, p, a, b, ctx)) + { + reason = ERR_R_EC_LIB; + goto err; + } } if ((point = EC_GROUP_get0_generator(x)) == NULL) diff --git a/crypto/cryptlib.c b/crypto/cryptlib.c index 9a7ed2cf75..b72f7fb015 100644 --- a/crypto/cryptlib.c +++ b/crypto/cryptlib.c @@ -55,6 +55,11 @@ * copied and put under another distribution licence * [including the GNU Public Licence.] */ +/* ==================================================================== + * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. + * ECDH support in OpenSSL originally developed by + * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. + */ #include <stdio.h> #include <string.h> @@ -105,7 +110,8 @@ static const char* lock_names[CRYPTO_NUM_LOCKS] = "ui", "ecdsa", "ec", -#if CRYPTO_NUM_LOCKS != 33 + "ecdh", +#if CRYPTO_NUM_LOCKS != 34 # error "Inconsistency between crypto.h and cryptlib.c" #endif }; diff --git a/crypto/crypto.h b/crypto/crypto.h index 0991cf294c..e4d1526e0e 100644 --- a/crypto/crypto.h +++ b/crypto/crypto.h @@ -55,6 +55,11 @@ * copied and put under another distribution licence * [including the GNU Public Licence.] */ +/* ==================================================================== + * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. + * ECDH support in OpenSSL originally developed by + * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. + */ #ifndef HEADER_CRYPTO_H #define HEADER_CRYPTO_H @@ -128,7 +133,8 @@ extern "C" { #define CRYPTO_LOCK_UI 30 #define CRYPTO_LOCK_ECDSA 31 #define CRYPTO_LOCK_EC 32 -#define CRYPTO_NUM_LOCKS 33 +#define CRYPTO_LOCK_ECDH 33 +#define CRYPTO_NUM_LOCKS 34 #define CRYPTO_LOCK 1 #define CRYPTO_UNLOCK 2 @@ -236,6 +242,7 @@ DECLARE_STACK_OF(CRYPTO_EX_DATA_FUNCS) #define CRYPTO_EX_INDEX_X509 10 #define CRYPTO_EX_INDEX_UI 11 #define CRYPTO_EX_INDEX_ECDSA 12 +#define CRYPTO_EX_INDEX_ECDH 13 /* Dynamically assigned indexes start from this value (don't use directly, use * via CRYPTO_ex_data_new_class). */ diff --git a/crypto/ec/ec.h b/crypto/ec/ec.h index 4a1787f0b7..17083f23a2 100644 --- a/crypto/ec/ec.h +++ b/crypto/ec/ec.h @@ -386,6 +386,7 @@ EC_KEY *EC_KEY_new(void); void EC_KEY_free(EC_KEY *); EC_KEY *EC_KEY_copy(EC_KEY *, const EC_KEY *); EC_KEY *EC_KEY_dup(const EC_KEY *); +int EC_KEY_up_ref(EC_KEY *); /* EC_KEY_generate_key() creates a ec private (public) key */ int EC_KEY_generate_key(EC_KEY *); diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c index bb81cfb3c3..fa38f5231f 100644 --- a/crypto/ec/ec_asn1.c +++ b/crypto/ec/ec_asn1.c @@ -57,6 +57,7 @@ #include <openssl/err.h> #include <openssl/asn1t.h> #include <openssl/objects.h> +#include <string.h> /* some structures needed for the asn1 encoding */ typedef struct x9_62_fieldid_st { diff --git a/crypto/ec/ec_key.c b/crypto/ec/ec_key.c index 790d930225..f9f98cfd9d 100644 --- a/crypto/ec/ec_key.c +++ b/crypto/ec/ec_key.c @@ -55,9 +55,15 @@ * Hudson (tjh@cryptsoft.com). * */ +/* ==================================================================== + * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. + * Portions originally developed by SUN MICROSYSTEMS, INC., and + * contributed to the OpenSSL project. + */ #include "ec_lcl.h" #include <openssl/err.h> +#include <string.h> EC_KEY *EC_KEY_new(void) { @@ -210,6 +216,22 @@ EC_KEY *EC_KEY_dup(const EC_KEY *eckey) return ret; } +int EC_KEY_up_ref(EC_KEY *r) + { + int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_EC); +#ifdef REF_PRINT + REF_PRINT("EC_KEY",r); +#endif +#ifdef REF_CHECK + if (i < 2) + { + fprintf(stderr, "EC_KEY_up, bad reference count\n"); + abort(); + } +#endif + return ((i > 1) ? 1 : 0); + } + int EC_KEY_generate_key(EC_KEY *eckey) { int ok = 0; diff --git a/crypto/ecdh/Makefile.ssl b/crypto/ecdh/Makefile.ssl new file mode 100644 index 0000000000..f8a474631c --- /dev/null +++ b/crypto/ecdh/Makefile.ssl @@ -0,0 +1,121 @@ +# +# crypto/ecdh/Makefile +# + +DIR= ecdh +TOP= ../.. +CC= cc +INCLUDES= -I.. -I$(TOP) -I../../include +CFLAG=-g -Wall +INSTALL_PREFIX= +OPENSSLDIR= /usr/local/ssl +INSTALLTOP=/usr/local/ssl +MAKE= make -f Makefile.ssl +MAKEDEPPROG= makedepend +MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) +MAKEFILE= Makefile.ssl +AR= ar r + +CFLAGS= $(INCLUDES) $(CFLAG) + +GENERAL=Makefile +TEST=ecdhtest.c +APPS= + +LIB=$(TOP)/libcrypto.a +LIBSRC= ech_lib.c ech_ossl.c ech_key.c ech_err.c + +LIBOBJ= ech_lib.o ech_ossl.o ech_key.o ech_err.o + +SRC= $(LIBSRC) + +EXHEADER= ecdh.h +HEADER= $(EXHEADER) + +ALL= $(GENERAL) $(SRC) $(HEADER) + +top: + (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) + +all: lib + +lib: $(LIBOBJ) + $(AR) $(LIB) $(LIBOBJ) + $(RANLIB) $(LIB) || echo Never mind. + @touch lib + +files: + $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO + +links: + @$(TOP)/util/point.sh Makefile.ssl Makefile + @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) + @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) + @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) + +install: + @for i in $(EXHEADER) ; \ + do \ + (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ + chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ + done; + +tags: + ctags $(SRC) + +tests: + +lint: + lint -DLINT $(INCLUDES) $(SRC)>fluff + +depend: + $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) + +dclean: + $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new + mv -f Makefile.new $(MAKEFILE) + +clean: + rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff + +# DO NOT DELETE THIS LINE -- make depend depends on it. + +ech_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h +ech_err.o: ../../include/openssl/e_os2.h ../../include/openssl/ecdh.h +ech_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +ech_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +ech_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +ech_err.o: ../../include/openssl/symhacks.h ech_err.c +ech_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +ech_key.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h +ech_key.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +ech_key.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +ech_key.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +ech_key.o: ../../include/openssl/engine.h ../../include/openssl/err.h +ech_key.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +ech_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +ech_key.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h +ech_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +ech_key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h ecdh.h +ech_key.o: ech_key.c +ech_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +ech_lib.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h +ech_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +ech_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +ech_lib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h +ech_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h +ech_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +ech_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +ech_lib.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h +ech_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +ech_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h ecdh.h +ech_lib.o: ech_lib.c +ech_ossl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +ech_ossl.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h +ech_ossl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +ech_ossl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +ech_ossl.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h +ech_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +ech_ossl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +ech_ossl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +ech_ossl.o: ecdh.h ech_ossl.c diff --git a/crypto/ecdh/ecdh.h b/crypto/ecdh/ecdh.h new file mode 100644 index 0000000000..b5b877b55f --- /dev/null +++ b/crypto/ecdh/ecdh.h @@ -0,0 +1,164 @@ +/* crypto/ecdh/ecdh.h */ +/* ==================================================================== + * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. + * + * The Elliptic Curve Public-Key Crypto Library (ECC Code) included + * herein is developed by SUN MICROSYSTEMS, INC., and is contributed + * to the OpenSSL project. + * + * The ECC Code is licensed pursuant to the OpenSSL open source + * license provided below. + * + * In addition, Sun covenants to all licensees who provide a reciprocal + * covenant with respect to their own patents if any, not to sue under + * current and future patent claims necessarily infringed by the making, + * using, practicing, selling, offering for sale and/or otherwise + * disposing of the ECC Code as delivered hereunder (or portions thereof), + * provided that such covenant shall not apply: + * 1) for code that a licensee deletes from the ECC Code; + * 2) separates from the ECC Code; or + * 3) for infringements caused by: + * i) the modification of the ECC Code or + * ii) the combination of the ECC Code with other software or + * devices where such combination causes the infringement. + * + * The ECDH software is originally written by Douglas Stebila of + * Sun Microsystems Laboratories. + * + */ +/* ==================================================================== + * Copyright (c) 2000-2002 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ +#ifndef HEADER_ECDH_H +#define HEADER_ECDH_H + +#ifdef OPENSSL_NO_ECDH +#error ECDH is disabled. +#endif + +#include <openssl/bn.h> +#include <openssl/ec.h> +#include <openssl/ossl_typ.h> + +#ifdef __cplusplus +extern "C" { +#endif + +typedef struct ecdh_method +{ + const char *name; + int (*compute_key)(unsigned char *key,const EC_POINT *pub_key, EC_KEY *ecdh); +#if 0 + int (*init)(EC_KEY *eckey); + int (*finish)(EC_KEY *eckey); +#endif + int flags; + char *app_data; +} ECDH_METHOD; + +typedef struct ecdh_data_st { + /* EC_KEY_METH_DATA part */ + int (*init)(EC_KEY *); + void (*finish)(EC_KEY *); + /* method specific part */ + ENGINE *engine; + int flags; + const ECDH_METHOD *meth; + CRYPTO_EX_DATA ex_data; +} ECDH_DATA; + +/* ECDH_DATA functions */ +ECDH_DATA *ECDH_DATA_new(void); +ECDH_DATA *ECDH_DATA_new_method(ENGINE *); +void ECDH_DATA_free(ECDH_DATA *); + +ECDH_DATA *ecdh_check(EC_KEY *); + + +const ECDH_METHOD *ECDH_OpenSSL(void); + +void ECDH_set_default_method(const ECDH_METHOD *); +const ECDH_METHOD *ECDH_get_default_method(void); +int ECDH_set_method(EC_KEY *, const ECDH_METHOD *); + +int ECDH_size(const EC_KEY *); +int ECDH_compute_key(unsigned char *key,const EC_POINT *pub_key, EC_KEY *ecdh); + + +int ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new + *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); +int ECDH_set_ex_data(EC_KEY *d, int idx, void *arg); +void *ECDH_get_ex_data(EC_KEY *d, int idx); + + +/* BEGIN ERROR CODES */ +/* The following lines are auto generated by the script mkerr.pl. Any changes + * made after this point may be overwritten when the script is next run. + */ +void ERR_load_ECDH_strings(void); + +/* Error codes for the ECDH functions. */ + +/* Function codes. */ +#define ECDH_F_ECDH_COMPUTE_KEY 100 +#define ECDH_F_ECDH_DATA_NEW 101 + +/* Reason codes. */ +#define ECDH_R_NO_PRIVATE_VALUE 100 +#define ECDH_R_POINT_ARITHMETIC_FAILURE 101 +#define ECDH_R_SHA1_DIGEST_FAILED 102 + +#ifdef __cplusplus +} +#endif +#endif diff --git a/crypto/ecdh/ecdhtest.c b/crypto/ecdh/ecdhtest.c new file mode 100644 index 0000000000..65d0d14c35 --- /dev/null +++ b/crypto/ecdh/ecdhtest.c @@ -0,0 +1,288 @@ +/* crypto/ecdh/ecdhtest.c */ +/* ==================================================================== + * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. + * + * The Elliptic Curve Public-Key Crypto Library (ECC Code) included + * herein is developed by SUN MICROSYSTEMS, INC., and is contributed + * to the OpenSSL project. + * + * The ECC Code is licensed pursuant to the OpenSSL open source + * license provided below. + * + * In addition, Sun covenants to all licensees who provide a reciprocal + * covenant with respect to their own patents if any, not to sue under + * current and future patent claims necessarily infringed by the making, + * using, practicing, selling, offering for sale and/or otherwise + * disposing of the ECC Code as delivered hereunder (or portions thereof), + * provided that such covenant shall not apply: + * 1) for code that a licensee deletes from the ECC Code; + * 2) separates from the ECC Code; or + * 3) for infringements caused by: + * i) the modification of the ECC Code or + * ii) the combination of the ECC Code with other software or + * devices where such combination causes the infringement. + * + * The ECDH software is originally written by Douglas Stebila of + * Sun Microsystems Laboratories. + * + */ +/* ==================================================================== + * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#ifdef OPENSSL_SYS_WINDOWS +#include "../bio/bss_file.c" +#endif +#include <openssl/crypto.h> +#include <openssl/bio.h> +#include <openssl/bn.h> +#include <openssl/ec.h> +#include <openssl/objects.h> +#include <openssl/rand.h> +#include <openssl/err.h> + +#ifdef OPENSSL_NO_ECDH +int main(int argc, char *argv[]) +{ + printf("No ECDH support\n"); + return(0); +} +#else +#include <openssl/ecdh.h> + +#ifdef OPENSSL_SYS_WIN16 +#define MS_CALLBACK _far _loadds +#else +#define MS_CALLBACK +#endif + +static void MS_CALLBACK cb(int p, int n, void *arg); +#ifdef OPENSSL_NO_STDIO +#define APPS_WIN16 +#include "bss_file.c" +#endif + +static const char rnd_seed[] = "string to make the random number generator think it has entropy"; + + +int test_ecdh_curve(int nid, char *text, BN_CTX *ctx, BIO *out) + { + EC_KEY *a=NULL; + EC_KEY *b=NULL; + BIGNUM *x=NULL, *y=NULL; + char buf[12]; + unsigned char *abuf=NULL,*bbuf=NULL; + int i,alen,blen,aout,bout,ret=0; + + if ((a=EC_KEY_new()) == NULL) goto err; + if ((a->group=EC_GROUP_new_by_name(nid)) == NULL) goto err; + + if ((b=EC_KEY_new()) == NULL) goto err; + b->group = a->group; + + if ((x=BN_new()) == NULL) goto err; + if ((y=BN_new()) == NULL) goto err; + + BIO_puts(out,"Testing key generation with "); + BIO_puts(out,text); + BIO_puts(out,"\n"); + + if (!EC_KEY_generate_key(a)) goto err; + BIO_puts(out," pri 1="); + BN_print(out,a->priv_key); + BIO_puts(out,"\n pub 1="); + if (EC_METHOD_get_field_type(EC_GROUP_method_of(a->group)) == NID_X9_62_prime_field) + { + if (!EC_POINT_get_affine_coordinates_GFp(a->group, a->pub_key, x, y, ctx)) goto err; + } + else + { + if (!EC_POINT_get_affine_coordinates_GF2m(a->group, a->pub_key, x, y, ctx)) goto err; + } + BN_print(out,x); + BIO_puts(out,","); + BN_print(out,y); + BIO_puts(out,"\n"); + + if (!EC_KEY_generate_key(b)) goto err; + BIO_puts(out," pri 2="); + BN_print(out,b->priv_key); + BIO_puts(out,"\n pub 2="); + if (EC_METHOD_get_field_type(EC_GROUP_method_of(b->group)) == NID_X9_62_prime_field) + { + if (!EC_POINT_get_affine_coordinates_GFp(b->group, b->pub_key, x, y, ctx)) goto err; + } + else + { + if (!EC_POINT_get_affine_coordinates_GF2m(a->group, b->pub_key, x, y, ctx)) goto err; + } + BN_print(out,x); + BIO_puts(out,","); + BN_print(out,y); + BIO_puts(out,"\n"); + + alen=ECDH_size(a); + abuf=(unsigned char *)OPENSSL_malloc(alen); + aout=ECDH_compute_key(abuf,b->pub_key,a); + + BIO_puts(out," key1 ="); + for (i=0; i<aout; i++) + { + sprintf(buf,"%02X",abuf[i]); + BIO_puts(out,buf); + } + BIO_puts(out,"\n"); + + blen=ECDH_size(b); + bbuf=(unsigned char *)OPENSSL_malloc(blen); + bout=ECDH_compute_key(bbuf,a->pub_key,b); + + BIO_puts(out," key2 ="); + for (i=0; i<bout; i++) + { + sprintf(buf,"%02X",bbuf[i]); + BIO_puts(out,buf); + } + BIO_puts(out,"\n"); + if ((aout < 4) || (bout != aout) || (memcmp(abuf,bbuf,aout) != 0)) + { + fprintf(stderr,"Error in ECDH routines\n"); + ret=0; + } + else + ret=1; +err: + ERR_print_errors_fp(stderr); + + if (abuf != NULL) OPENSSL_free(abuf); + if (bbuf != NULL) OPENSSL_free(bbuf); + if (x) BN_free(x); + if (y) BN_free(y); + if (a->group) EC_GROUP_free(a->group); + a->group = b->group = NULL; + if (b) EC_KEY_free(b); + if (a) EC_KEY_free(a); + return(ret); + } + +int main(int argc, char *argv[]) + { + BN_CTX *ctx=NULL; + int ret=1; + BIO *out; + + CRYPTO_malloc_debug_init(); + CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL); + CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); + +#ifdef OPENSSL_SYS_WIN32 + CRYPTO_malloc_init(); +#endif + + RAND_seed(rnd_seed, sizeof rnd_seed); + + out=BIO_new(BIO_s_file()); + if (out == NULL) exit(1); + BIO_set_fp(out,stdout,BIO_NOCLOSE); + + if ((ctx=BN_CTX_new()) == NULL) goto err; + + /* NIST PRIME CURVES TESTS */ + if (!test_ecdh_curve(EC_GROUP_NIST_PRIME_192, "NIST Prime-Curve P-192", ctx, out)) goto err; + if (!test_ecdh_curve(EC_GROUP_NIST_PRIME_224, "NIST Prime-Curve P-224", ctx, out)) goto err; + if (!test_ecdh_curve(EC_GROUP_NIST_PRIME_256, "NIST Prime-Curve P-256", ctx, out)) goto err; + if (!test_ecdh_curve(EC_GROUP_NIST_PRIME_384, "NIST Prime-Curve P-384", ctx, out)) goto err; + if (!test_ecdh_curve(EC_GROUP_NIST_PRIME_521, "NIST Prime-Curve P-521", ctx, out)) goto err; + /* NIST BINARY CURVES TESTS */ + if (!test_ecdh_curve(EC_GROUP_NIST_CHAR2_K163, "NIST Binary-Curve K-163", ctx, out)) goto err; + if (!test_ecdh_curve(EC_GROUP_NIST_CHAR2_B163, "NIST Binary-Curve B-163", ctx, out)) goto err; + if (!test_ecdh_curve(EC_GROUP_NIST_CHAR2_K233, "NIST Binary-Curve K-233", ctx, out)) goto err; + if (!test_ecdh_curve(EC_GROUP_NIST_CHAR2_B233, "NIST Binary-Curve B-233", ctx, out)) goto err; + if (!test_ecdh_curve(EC_GROUP_NIST_CHAR2_K283, "NIST Binary-Curve K-283", ctx, out)) goto err; + if (!test_ecdh_curve(EC_GROUP_NIST_CHAR2_B283, "NIST Binary-Curve B-283", ctx, out)) goto err; + if (!test_ecdh_curve(EC_GROUP_NIST_CHAR2_K409, "NIST Binary-Curve K-409", ctx, out)) goto err; + if (!test_ecdh_curve(EC_GROUP_NIST_CHAR2_B409, "NIST Binary-Curve B-409", ctx, out)) goto err; + if (!test_ecdh_curve(EC_GROUP_NIST_CHAR2_K571, "NIST Binary-Curve K-571", ctx, out)) goto err; + if (!test_ecdh_curve(EC_GROUP_NIST_CHAR2_B571, "NIST Binary-Curve B-571", ctx, out)) goto err; + + ret = 0; + +err: + ERR_print_errors_fp(stderr); + if (ctx) BN_CTX_free(ctx); + BIO_free(out); + CRYPTO_cleanup_all_ex_data(); + ERR_remove_state(0); + CRYPTO_mem_leaks_fp(stderr); + exit(ret); + return(ret); + } + +static void MS_CALLBACK cb(int p, int n, void *arg) + { + char c='*'; + + if (p == 0) c='.'; + if (p == 1) c='+'; + if (p == 2) c='*'; + if (p == 3) c='\n'; + BIO_write((BIO *)arg,&c,1); + (void)BIO_flush((BIO *)arg); +#ifdef LINT + p=n; +#endif + } +#endif diff --git a/crypto/ecdh/ech_err.c b/crypto/ecdh/ech_err.c new file mode 100644 index 0000000000..819b8abf4d --- /dev/null +++ b/crypto/ecdh/ech_err.c @@ -0,0 +1,97 @@ +/* crypto/ecdh/ech_err.c */ +/* ==================================================================== + * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== |