From 56491a0530992f2914503301e7bda415ae5479f8 Mon Sep 17 00:00:00 2001 From: Martin Milata Date: Mon, 17 Apr 2023 14:39:16 +0200 Subject: [PATCH] test(crypto): use newer OpenSSL API [no changelog] --- crypto/tests/test_openssl.c | 84 +++++++++++++++++++++++-------------- 1 file changed, 53 insertions(+), 31 deletions(-) diff --git a/crypto/tests/test_openssl.c b/crypto/tests/test_openssl.c index 3095d96d0..a5f1ff001 100644 --- a/crypto/tests/test_openssl.c +++ b/crypto/tests/test_openssl.c @@ -24,11 +24,9 @@ /* OpenSSL's SHA256_CTX/SHA512_CTX conflicts with our own */ #define SHA256_CTX _openssl_SHA256_CTX #define SHA512_CTX _openssl_SHA512_CTX -#include +#include #include -#include -#include -#include +#include #undef SHA256_CTX #undef SHA512_CTX @@ -46,12 +44,7 @@ #include "memzero.h" void openssl_check(unsigned int iterations, int nid, const ecdsa_curve *curve) { - uint8_t sig[64], pub_key33[33], pub_key65[65], priv_key[32], msg[256], - hash[32]; - struct SHA256state_st sha256; - EC_GROUP *ecgroup; - - ecgroup = EC_GROUP_new_by_curve_name(nid); + uint8_t sig[64], pub_key33[33], pub_key65[65], priv_key[32], msg[256]; for (unsigned int iter = 0; iter < iterations; iter++) { // random message len between 1 and 256 @@ -60,16 +53,40 @@ void openssl_check(unsigned int iterations, int nid, const ecdsa_curve *curve) { random_buffer(msg, msg_len); // new ECDSA key - EC_KEY *eckey = EC_KEY_new(); - EC_KEY_set_group(eckey, ecgroup); + EVP_PKEY_CTX *pkey_ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL); + if (!pkey_ctx) { + printf("EVP_PKEY_CTX_new_from_name failed\n"); + return; + } + + if (EVP_PKEY_keygen_init(pkey_ctx) <= 0) { + printf("EVP_PKEY_keygen_init failed\n"); + return; + } + + if (EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pkey_ctx, nid) <= 0) { + printf("EVP_PKEY_CTX_set_ec_paramgen_curve_nid failed\n"); + return; + } // generate the key - EC_KEY_generate_key(eckey); + EVP_PKEY *pkey = NULL; + if (EVP_PKEY_keygen(pkey_ctx, &pkey) <= 0) { + printf("EVP_PKEY_keygen failed\n"); + return; + } + EVP_PKEY_CTX_free(pkey_ctx); + // copy key to buffer - const BIGNUM *K = EC_KEY_get0_private_key(eckey); + BIGNUM *K = NULL; + if (!EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_PRIV_KEY, &K)) { + printf("EVP_PKEY_get_bn_param failed\n"); + return; + } int bn_off = sizeof(priv_key) - BN_num_bytes(K); memzero(priv_key, bn_off); BN_bn2bin(K, priv_key + bn_off); + BN_free(K); // use our ECDSA signer to sign the message with the key if (ecdsa_sign(curve, HASHER_SHA2, priv_key, msg, msg_len, sig, NULL, @@ -99,35 +116,40 @@ void openssl_check(unsigned int iterations, int nid, const ecdsa_curve *curve) { return; } - // copy signature to the OpenSSL struct - ECDSA_SIG *signature = ECDSA_SIG_new(); -#if OPENSSL_VERSION_NUMBER < 0x10100000L - BN_bin2bn(sig, 32, signature->r); - BN_bin2bn(sig + 32, 32, signature->s); -#else - BIGNUM *R = BN_bin2bn(sig, 32, NULL); - BIGNUM *S = BN_bin2bn(sig + 32, 32, NULL); - ECDSA_SIG_set0(signature, R, S); -#endif + // convert signature to DER which OpenSSL understands + uint8_t sig_der[72] = {0}; + int sig_der_len = ecdsa_sig_to_der(sig, sig_der); // compute the digest of the message // note: these are OpenSSL functions, not our own - SHA256_Init(&sha256); - SHA256_Update(&sha256, msg, msg_len); - SHA256_Final(hash, &sha256); + EVP_MD_CTX *md_ctx = EVP_MD_CTX_new(); + if (!md_ctx) { + printf("EVP_MD_CTX_new failed\n"); + return; + } + + if (EVP_DigestVerifyInit(md_ctx, NULL, EVP_sha256(), NULL, pkey) <= 0) { + printf("EVP_DigestVerifyInit failed\n"); + return; + } + + if (EVP_DigestVerifyUpdate(md_ctx, msg, msg_len) <= 0) { + printf("EVP_DigestVerifyUpdate failed\n"); + return; + } // verify all went well, i.e. we can decrypt our signature with OpenSSL - int v = ECDSA_do_verify(hash, 32, signature, eckey); + int v = EVP_DigestVerifyFinal(md_ctx, sig_der, sig_der_len); if (v != 1) { printf("OpenSSL verification failed (%d)\n", v); return; } - ECDSA_SIG_free(signature); - EC_KEY_free(eckey); + EVP_MD_CTX_free(md_ctx); + EVP_PKEY_free(pkey); + if (((iter + 1) % 100) == 0) printf("Passed ... %d\n", iter + 1); } - EC_GROUP_free(ecgroup); printf("All OK\n"); }