diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2011-02-15 16:58:28 +0000 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2011-02-15 16:58:28 +0000 |
| commit | 0fbf8f447b6063b2023ddbf8e8caa57a29aa368a (patch) | |
| tree | e216978d82dbcf55b69d64e4dac2b842a2c71b67 /fips | |
| parent | c81f8f59bebf55e6cb269569e8164082aa858eb1 (diff) | |
| download | openssl-0fbf8f447b6063b2023ddbf8e8caa57a29aa368a.zip openssl-0fbf8f447b6063b2023ddbf8e8caa57a29aa368a.tar.gz openssl-0fbf8f447b6063b2023ddbf8e8caa57a29aa368a.tar.bz2 | |
Add pairwise consistency test to EC.
Diffstat (limited to 'fips')
| -rw-r--r-- | fips/fips.c | 14 | ||||
| -rw-r--r-- | fips/fips.h | 2 |
2 files changed, 16 insertions, 0 deletions
diff --git a/fips/fips.c b/fips/fips.c index 6a90328..ac4313f 100644 --- a/fips/fips.c +++ b/fips/fips.c @@ -56,6 +56,7 @@ #include <openssl/hmac.h> #include <openssl/rsa.h> #include <openssl/dsa.h> +#include <openssl/ecdsa.h> #include <string.h> #include <limits.h> #include "fips_locl.h" @@ -437,6 +438,7 @@ int fips_pkey_signature_test(EVP_PKEY *pkey, unsigned char sigtmp[256], *sig = sigtmp; unsigned int siglen; DSA_SIG *dsig = NULL; + ECDSA_SIG *esig = NULL; EVP_MD_CTX mctx; FIPS_md_ctx_init(&mctx); @@ -473,6 +475,12 @@ int fips_pkey_signature_test(EVP_PKEY *pkey, if (!dsig) goto error; } + else if (pkey->type == EVP_PKEY_EC) + { + esig = FIPS_ecdsa_sign_ctx(pkey->pkey.ec, &mctx); + if (!esig) + goto error; + } #if 0 else if (!EVP_SignFinal(&mctx, sig, &siglen, pkey)) goto error; @@ -494,6 +502,10 @@ int fips_pkey_signature_test(EVP_PKEY *pkey, { ret = FIPS_dsa_verify_ctx(pkey->pkey.dsa, &mctx, dsig); } + else if (pkey->type == EVP_PKEY_EC) + { + ret = FIPS_ecdsa_verify_ctx(pkey->pkey.ec, &mctx, esig); + } #if 0 else ret = EVP_VerifyFinal(&mctx, sig, siglen, pkey); @@ -502,6 +514,8 @@ int fips_pkey_signature_test(EVP_PKEY *pkey, error: if (dsig != NULL) FIPS_dsa_sig_free(dsig); + if (esig != NULL) + FIPS_ecdsa_sig_free(esig); if (sig != sigtmp) OPENSSL_free(sig); FIPS_md_ctx_cleanup(&mctx); diff --git a/fips/fips.h b/fips/fips.h index 64115da..8087fa1 100644 --- a/fips/fips.h +++ b/fips/fips.h @@ -84,6 +84,7 @@ int FIPS_selftest_rsa(void); void FIPS_corrupt_dsa(void); void FIPS_corrupt_dsa_keygen(void); int FIPS_selftest_dsa(void); +void FIPS_corrupt_ec_keygen(void); void FIPS_corrupt_rng(void); void FIPS_rng_stick(void); int FIPS_selftest_rng(void); @@ -180,6 +181,7 @@ void ERR_load_FIPS_strings(void); #define FIPS_F_EVP_CIPHERINIT_EX 124 #define FIPS_F_EVP_DIGESTINIT_EX 125 #define FIPS_F_FIPS_CHECK_DSA 104 +#define FIPS_F_FIPS_CHECK_EC 129 #define FIPS_F_FIPS_CHECK_INCORE_FINGERPRINT 105 #define FIPS_F_FIPS_CHECK_RSA 106 #define FIPS_F_FIPS_CIPHERINIT 128 |