test/dsatest.c

   1 /* crypto/dsa/dsatest.c */
   2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
   3  * All rights reserved.
   4  *
   5  * This package is an SSL implementation written
   6  * by Eric Young (eay@cryptsoft.com).
   7  * The implementation was written so as to conform with Netscapes SSL.
   8  *
   9  * This library is free for commercial and non-commercial use as long as
  10  * the following conditions are aheared to.  The following conditions
  11  * apply to all code found in this distribution, be it the RC4, RSA,
  12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
  13  * included with this distribution is covered by the same copyright terms
  14  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
  15  *
  16  * Copyright remains Eric Young's, and as such any Copyright notices in
  17  * the code are not to be removed.
  18  * If this package is used in a product, Eric Young should be given attribution
  19  * as the author of the parts of the library used.
  20  * This can be in the form of a textual message at program startup or
  21  * in documentation (online or textual) provided with the package.
  22  *
  23  * Redistribution and use in source and binary forms, with or without
  24  * modification, are permitted provided that the following conditions
  25  * are met:
  26  * 1. Redistributions of source code must retain the copyright
  27  *    notice, this list of conditions and the following disclaimer.
  28  * 2. Redistributions in binary form must reproduce the above copyright
  29  *    notice, this list of conditions and the following disclaimer in the
  30  *    documentation and/or other materials provided with the distribution.
  31  * 3. All advertising materials mentioning features or use of this software
  32  *    must display the following acknowledgement:
  33  *    "This product includes cryptographic software written by
  34  *     Eric Young (eay@cryptsoft.com)"
  35  *    The word 'cryptographic' can be left out if the rouines from the library
  36  *    being used are not cryptographic related :-).
  37  * 4. If you include any Windows specific code (or a derivative thereof) from
  38  *    the apps directory (application code) you must include an acknowledgement:
  39  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
  40  *
  41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  51  * SUCH DAMAGE.
  52  *
  53  * The licence and distribution terms for any publically available version or
  54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
  55  * copied and put under another distribution licence
  56  * [including the GNU Public Licence.]
  57  */
  58
  59 #include <stdio.h>
  60 #include <stdlib.h>
  61 #include <string.h>
  62 #include <sys/types.h>
  63 #include <sys/stat.h>
  64
  65 #include "../e_os.h"
  66
  67 #include <openssl/crypto.h>
  68 #include <openssl/rand.h>
  69 #include <openssl/bio.h>
  70 #include <openssl/err.h>
  71 #include <openssl/bn.h>
  72
  73 #ifdef OPENSSL_NO_DSA
  74 int main(int argc, char *argv[])
  75 {
  76     printf("No DSA support\n");
  77     return (0);
  78 }
  79 #else
  80 # include <openssl/dsa.h>
  81
  82 static int dsa_cb(int p, int n, BN_GENCB *arg);
  83
  84 /*
  85  * seed, out_p, out_q, out_g are taken from the updated Appendix 5 to FIPS
  86  * PUB 186 and also appear in Appendix 5 to FIPS PIB 186-1
  87  */
  88 static unsigned char seed[20] = {
  89     0xd5, 0x01, 0x4e, 0x4b, 0x60, 0xef, 0x2b, 0xa8, 0xb6, 0x21, 0x1b, 0x40,
  90     0x62, 0xba, 0x32, 0x24, 0xe0, 0x42, 0x7d, 0xd3,
  91 };
  92
  93 static unsigned char out_p[] = {
  94     0x8d, 0xf2, 0xa4, 0x94, 0x49, 0x22, 0x76, 0xaa,
  95     0x3d, 0x25, 0x75, 0x9b, 0xb0, 0x68, 0x69, 0xcb,
  96     0xea, 0xc0, 0xd8, 0x3a, 0xfb, 0x8d, 0x0c, 0xf7,
  97     0xcb, 0xb8, 0x32, 0x4f, 0x0d, 0x78, 0x82, 0xe5,
  98     0xd0, 0x76, 0x2f, 0xc5, 0xb7, 0x21, 0x0e, 0xaf,
  99     0xc2, 0xe9, 0xad, 0xac, 0x32, 0xab, 0x7a, 0xac,
 100     0x49, 0x69, 0x3d, 0xfb, 0xf8, 0x37, 0x24, 0xc2,
 101     0xec, 0x07, 0x36, 0xee, 0x31, 0xc8, 0x02, 0x91,
 102 };
 103
 104 static unsigned char out_q[] = {
 105     0xc7, 0x73, 0x21, 0x8c, 0x73, 0x7e, 0xc8, 0xee,
 106     0x99, 0x3b, 0x4f, 0x2d, 0xed, 0x30, 0xf4, 0x8e,
 107     0xda, 0xce, 0x91, 0x5f,
 108 };
 109
 110 static unsigned char out_g[] = {
 111     0x62, 0x6d, 0x02, 0x78, 0x39, 0xea, 0x0a, 0x13,
 112     0x41, 0x31, 0x63, 0xa5, 0x5b, 0x4c, 0xb5, 0x00,
 113     0x29, 0x9d, 0x55, 0x22, 0x95, 0x6c, 0xef, 0xcb,
 114     0x3b, 0xff, 0x10, 0xf3, 0x99, 0xce, 0x2c, 0x2e,
 115     0x71, 0xcb, 0x9d, 0xe5, 0xfa, 0x24, 0xba, 0xbf,
 116     0x58, 0xe5, 0xb7, 0x95, 0x21, 0x92, 0x5c, 0x9c,
 117     0xc4, 0x2e, 0x9f, 0x6f, 0x46, 0x4b, 0x08, 0x8c,
 118     0xc5, 0x72, 0xaf, 0x53, 0xe6, 0xd7, 0x88, 0x02,
 119 };
 120
 121 static const unsigned char str1[] = "12345678901234567890";
 122
 123 static const char rnd_seed[] =
 124     "string to make the random number generator think it has entropy";
 125
 126 static BIO *bio_err = NULL;
 127
 128 int main(int argc, char **argv)
 129 {
 130     BN_GENCB *cb;
 131     DSA *dsa = NULL;
 132     int counter, ret = 0, i, j;
 133     unsigned char buf[256];
 134     unsigned long h;
 135     unsigned char sig[256];
 136     unsigned int siglen;
 137
 138     if (bio_err == NULL)
 139         bio_err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT);
 140
 141     CRYPTO_malloc_debug_init();
 142     CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
 143     CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
 144
 145     ERR_load_crypto_strings();
 146     RAND_seed(rnd_seed, sizeof rnd_seed);
 147
 148     BIO_printf(bio_err, "test generation of DSA parameters\n");
 149
 150     cb = BN_GENCB_new();
 151     if (!cb)
 152         goto end;
 153
 154     BN_GENCB_set(cb, dsa_cb, bio_err);
 155     if (((dsa = DSA_new()) == NULL) || !DSA_generate_parameters_ex(dsa, 512,
 156                                                                    seed, 20,
 157                                                                    &counter,
 158                                                                    &h, cb))
 159         goto end;
 160
 161     BIO_printf(bio_err, "seed\n");
 162     for (i = 0; i < 20; i += 4) {
 163         BIO_printf(bio_err, "%02X%02X%02X%02X ",
 164                    seed[i], seed[i + 1], seed[i + 2], seed[i + 3]);
 165     }
 166     BIO_printf(bio_err, "\ncounter=%d h=%ld\n", counter, h);
 167
 168     DSA_print(bio_err, dsa, 0);
 169     if (counter != 105) {
 170         BIO_printf(bio_err, "counter should be 105\n");
 171         goto end;
 172     }
 173     if (h != 2) {
 174         BIO_printf(bio_err, "h should be 2\n");
 175         goto end;
 176     }
 177
 178     i = BN_bn2bin(dsa->q, buf);
 179     j = sizeof(out_q);
 180     if ((i != j) || (memcmp(buf, out_q, i) != 0)) {
 181         BIO_printf(bio_err, "q value is wrong\n");
 182         goto end;
 183     }
 184
 185     i = BN_bn2bin(dsa->p, buf);
 186     j = sizeof(out_p);
 187     if ((i != j) || (memcmp(buf, out_p, i) != 0)) {
 188         BIO_printf(bio_err, "p value is wrong\n");
 189         goto end;
 190     }
 191
 192     i = BN_bn2bin(dsa->g, buf);
 193     j = sizeof(out_g);
 194     if ((i != j) || (memcmp(buf, out_g, i) != 0)) {
 195         BIO_printf(bio_err, "g value is wrong\n");
 196         goto end;
 197     }
 198
 199     dsa->flags |= DSA_FLAG_NO_EXP_CONSTTIME;
 200     DSA_generate_key(dsa);
 201     DSA_sign(0, str1, 20, sig, &siglen, dsa);
 202     if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)
 203         ret = 1;
 204
 205     dsa->flags &= ~DSA_FLAG_NO_EXP_CONSTTIME;
 206     DSA_generate_key(dsa);
 207     DSA_sign(0, str1, 20, sig, &siglen, dsa);
 208     if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)
 209         ret = 1;
 210
 211  end:
 212     if (!ret)
 213         ERR_print_errors(bio_err);
 214     DSA_free(dsa);
 215     BN_GENCB_free(cb);
 216     CRYPTO_cleanup_all_ex_data();
 217     ERR_remove_thread_state(NULL);
 218     ERR_free_strings();
 219     CRYPTO_mem_leaks(bio_err);
 220     BIO_free(bio_err);
 221     bio_err = NULL;
 222 # ifdef OPENSSL_SYS_NETWARE
 223     if (!ret)
 224         printf("ERROR\n");
 225 # endif
 226     EXIT(!ret);
 227 }
 228
 229 static int dsa_cb(int p, int n, BN_GENCB *arg)
 230 {
 231     char c = '*';
 232     static int ok = 0, num = 0;
 233
 234     if (p == 0) {
 235         c = '.';
 236         num++;
 237     };
 238     if (p == 1)
 239         c = '+';
 240     if (p == 2) {
 241         c = '*';
 242         ok++;
 243     }
 244     if (p == 3)
 245         c = '\n';
 246     BIO_write(BN_GENCB_get_arg(arg), &c, 1);
 247     (void)BIO_flush(BN_GENCB_get_arg(arg));
 248
 249     if (!ok && (p == 0) && (num > 1)) {
 250         BIO_printf((BIO *)arg, "error in dsatest\n");
 251         return 0;
 252     }
 253     return 1;
 254 }
 255 #endif