2 * Test GOST 34.10 Sign/Verify operation for every curve parameter
4 * Copyright (C) 2019 vt@altlinux.org. All Rights Reserved.
6 * Contents licensed under the terms of the OpenSSL license
7 * See https://www.openssl.org/source/license.html for details
11 # pragma warning(push, 3)
12 # include <openssl/applink.c>
16 #include <openssl/evp.h>
17 #include <openssl/rand.h>
18 #include <openssl/err.h>
19 #include <openssl/asn1.h>
20 #include <openssl/obj_mac.h>
21 #include <openssl/ec.h>
22 #include <openssl/bn.h>
23 #include <openssl/store.h>
24 #include <openssl/engine.h>
30 ERR_print_errors_fp(stderr); \
31 OpenSSLDie(__FILE__, __LINE__, #e); \
35 ERR_print_errors_fp(stderr); \
36 fprintf(stderr, "Error at %s:%d %s\n", __FILE__, __LINE__, #e); \
40 #define cRED "\033[1;31m"
41 #define cDRED "\033[0;31m"
42 #define cGREEN "\033[1;32m"
43 #define cDGREEN "\033[0;32m"
44 #define cBLUE "\033[1;34m"
45 #define cDBLUE "\033[0;34m"
46 #define cCYAN "\033[1;36m"
47 #define cNORM "\033[m"
48 #define TEST_ASSERT(e) {if ((test = (e))) \
49 printf(cRED " Test FAILED" cNORM "\n"); \
51 printf(cGREEN " Test passed" cNORM "\n");}
60 #define D(x,y,z) { .name = #x, .nid = x, .bits = y, .paramset = z }
61 static struct test_sign test_signs[] = {
62 D(NID_id_GostR3410_2001_CryptoPro_A_ParamSet, 256, "A"),
63 D(NID_id_GostR3410_2001_CryptoPro_B_ParamSet, 256, "B"),
64 D(NID_id_GostR3410_2001_CryptoPro_C_ParamSet, 256, "C"),
65 D(NID_id_tc26_gost_3410_2012_256_paramSetA, 256, "TCA"),
66 D(NID_id_tc26_gost_3410_2012_256_paramSetB, 256, "TCB"),
67 D(NID_id_tc26_gost_3410_2012_256_paramSetC, 256, "TCC"),
68 D(NID_id_tc26_gost_3410_2012_256_paramSetD, 256, "TCD"),
69 D(NID_id_tc26_gost_3410_2012_512_paramSetA, 512, "A"),
70 D(NID_id_tc26_gost_3410_2012_512_paramSetB, 512, "B"),
71 D(NID_id_tc26_gost_3410_2012_512_paramSetC, 512, "C"),
76 static void hexdump(const void *ptr, size_t len)
78 const unsigned char *p = ptr;
81 for (i = 0; i < len; i += j) {
82 for (j = 0; j < 16 && i + j < len; j++)
83 printf("%s %02x", j? "" : "\n", p[i + j]);
88 static void print_test_tf(int err, int val, const char *t, const char *f)
91 printf(cGREEN "%s" cNORM "\n", t);
93 printf(cRED "%s [%d]" cNORM "\n", f, val);
96 static void print_test_result(int err)
99 printf(cGREEN "success" cNORM "\n");
101 printf(cRED "failure" cNORM "\n");
103 ERR_print_errors_fp(stderr);
106 static int test_sign(struct test_sign *t)
109 size_t len = t->bits / 8;
111 printf(cBLUE "Test %s:" cNORM "\n", t->name);
113 /* Signature type from size. */
115 const char *algname = NULL;
118 type = NID_id_GostR3410_2012_256;
119 algname = "gost2012_256";
122 type = NID_id_GostR3410_2012_512;
123 algname = "gost2012_512";
128 T(pkey = EVP_PKEY_new());
129 TE(EVP_PKEY_set_type(pkey, type));
131 T(ctx = EVP_PKEY_CTX_new(pkey, NULL));
132 T(EVP_PKEY_keygen_init(ctx));
133 T(EVP_PKEY_CTX_ctrl(ctx, type, -1, EVP_PKEY_CTRL_GOST_PARAMSET, t->nid, NULL));
134 EVP_PKEY *priv_key = NULL;
135 err = EVP_PKEY_keygen(ctx, &priv_key);
136 printf("\tEVP_PKEY_keygen:\t");
137 print_test_result(err);
138 EVP_PKEY_CTX_free(ctx);
143 /* Convert to PEM and back. */
145 T(bp = BIO_new(BIO_s_secmem()));
146 T(PEM_write_bio_PrivateKey(bp, priv_key, NULL, NULL, 0, NULL, NULL));
148 T(PEM_read_bio_PrivateKey(bp, &pkey, NULL, NULL));
149 printf("\tPEM_read_bio_PrivateKey:");
150 /* Yes, it compares only public part. */
151 err = !EVP_PKEY_cmp(priv_key, pkey);
152 print_test_result(!err);
156 /* Convert to DER and back, using _PrivateKey_bio API. */
158 T(i2d_PrivateKey_bio(bp, priv_key));
159 T(d2i_PrivateKey_bio(bp, &pkey));
160 printf("\td2i_PrivateKey_bio:\t");
161 err = !EVP_PKEY_cmp(priv_key, pkey);
162 print_test_result(!err);
166 #if OPENSSL_VERSION_MAJOR >= 3
167 /* Try d2i_PrivateKey_ex_bio, added in 3.0. */
169 T(i2d_PrivateKey_bio(bp, priv_key));
170 T(d2i_PrivateKey_ex_bio(bp, &pkey, NULL, NULL));
171 printf("\td2i_PrivateKey_ex_bio:\t");
172 err = !EVP_PKEY_cmp(priv_key, pkey);
173 print_test_result(!err);
178 /* Convert to DER and back, using OSSL_STORE API. */
180 T(i2d_PrivateKey_bio(bp, priv_key));
181 printf("\tOSSL_STORE_attach:\t");
185 T(cts = OSSL_STORE_attach(bp, "file", NULL, NULL, NULL, NULL, NULL, NULL, NULL));
187 OSSL_STORE_INFO *info = OSSL_STORE_load(cts);
189 ERR_print_errors_fp(stderr);
190 T(OSSL_STORE_eof(cts));
193 if (OSSL_STORE_INFO_get_type(info) == OSSL_STORE_INFO_PKEY) {
194 T((pkey = OSSL_STORE_INFO_get1_PKEY(info)));
196 OSSL_STORE_INFO_free(info);
198 OSSL_STORE_close(cts);
200 err = !EVP_PKEY_cmp(priv_key, pkey);
201 print_test_result(!err);
205 printf(cCYAN "skipped" cNORM "\n");
208 /* Convert to DER and back, using memory API. */
209 unsigned char *kptr = NULL;
211 T(klen = i2d_PrivateKey(priv_key, &kptr));
212 const unsigned char *tptr = kptr; /* will be moved by d2i_PrivateKey */
214 T(d2i_PrivateKey(type, &pkey, &tptr, klen));
215 printf("\td2i_PrivateKey:\t\t");
216 err = !EVP_PKEY_cmp(priv_key, pkey);
217 print_test_result(!err);
222 /* Create another key using string interface. */
224 T(key1 = EVP_PKEY_new());
225 T(EVP_PKEY_set_type_str(key1, algname, strlen(algname)));
227 T(ctx1 = EVP_PKEY_CTX_new(key1, NULL));
228 T(EVP_PKEY_keygen_init(ctx1));
229 T(EVP_PKEY_CTX_ctrl_str(ctx1, "paramset", t->paramset));
230 EVP_PKEY *key2 = NULL;
231 err = EVP_PKEY_keygen(ctx1, &key2);
232 printf("\tEVP_PKEY_*_str:\t\t");
233 print_test_result(err);
236 /* Check if key type and curve_name match expected values. */
237 int id = EVP_PKEY_id(key2);
239 printf("\tEVP_PKEY_id (%d):\t", type);
240 print_test_tf(err, id, "match", "mismatch");
243 const EC_KEY *ec = EVP_PKEY_get0(key2);
244 const EC_GROUP *group = EC_KEY_get0_group(ec);
245 int curve_name = EC_GROUP_get_curve_name(group);
246 err = curve_name == t->nid;
247 printf("\tcurve_name (%d):\t", t->nid);
248 print_test_tf(err, curve_name, "match", "mismatch");
251 /* Compare both keys.
252 * Parameters should match, public keys should mismatch.
254 err = EVP_PKEY_cmp_parameters(priv_key, key2);
255 printf("\tEVP_PKEY_cmp_parameters:");
256 print_test_tf(err, err, "success", "failure");
259 err = EVP_PKEY_cmp(priv_key, key2);
260 err = (err < 0) ? err : !err;
261 printf("\tEVP_PKEY_cmp:\t\t");
262 print_test_tf(err, err, "differ (good)", "equal (error)");
264 EVP_PKEY_CTX_free(ctx1);
268 * Prepare for sign testing.
270 size_t siglen = EVP_PKEY_size(priv_key);
272 T(sig = OPENSSL_malloc(siglen));
274 T(hash = OPENSSL_zalloc(len));
275 T(ctx = EVP_PKEY_CTX_new(priv_key, NULL));
278 T(EVP_PKEY_sign_init(ctx));
279 err = EVP_PKEY_sign(ctx, sig, &siglen, hash, len);
280 printf("\tEVP_PKEY_sign:\t\t");
281 print_test_result(err);
284 /* Non-determinism test.
285 * Check that different signatures for the same data
288 T(sig2 = OPENSSL_malloc(siglen));
289 TE(EVP_PKEY_sign(ctx, sig2, &siglen, hash, len) == 1);
290 printf("\tNon-determinism:\t");
291 err = !!memcmp(sig, sig2, siglen);
292 print_test_result(err);
297 T(EVP_PKEY_verify_init(ctx));
299 err = EVP_PKEY_verify(ctx, sig, siglen, hash, len);
300 printf("\tEVP_PKEY_verify:\t");
301 print_test_result(err);
304 /* False positive Verify. */
305 T(EVP_PKEY_verify_init(ctx));
307 err = EVP_PKEY_verify(ctx, sig, siglen, hash, len);
308 err = (err < 0) ? err : !err;
309 printf("\tFalse positive test:\t");
310 print_test_result(err);
313 EVP_PKEY_CTX_free(ctx);
316 EVP_PKEY_free(priv_key);
322 int main(int argc, char **argv)
326 OPENSSL_add_all_algorithms_conf();
328 struct test_sign *sp;
329 for (sp = test_signs; sp->name; sp++)
330 ret |= test_sign(sp);
333 printf(cDRED "= Some tests FAILED!" cNORM "\n");
335 printf(cDGREEN "= All tests passed!" cNORM "\n");