fips_ecdsa_selftest.c

/* fips/ecdsa/fips_ecdsa_selftest.c */

#define OPENSSL_FIPSAPI

#include <string.h>
#include <openssl/crypto.h>
#include <openssl/ec.h>
#include <openssl/ecdsa.h>
#include <openssl/fips.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/bn.h>

#ifdef OPENSSL_FIPS

static const unsigned char str1[]="12345678901234567890";

static int corrupt_ecdsa = 0;

void FIPS_corrupt_ecdsa()
    {
    corrupt_ecdsa = 1;
    }

int FIPS_selftest_ecdsa()
    {
    EC_KEY *ec=NULL;
    int ret = 0;
    EVP_MD_CTX mctx;
    ECDSA_SIG *esig = NULL;

    FIPS_md_ctx_init(&mctx);

    ec = EC_KEY_new_by_curve_name(NID_secp384r1);

    if(ec == NULL)
	goto err;

    EC_KEY_generate_key(ec);

    if (!FIPS_digestinit(&mctx, EVP_sha512()))
	goto err;
    if (!FIPS_digestupdate(&mctx, str1, 20))
	goto err;
    esig = FIPS_ecdsa_sign_ctx(ec, &mctx);
    if (!esig)
	goto err;

    if (corrupt_ecdsa)
	BN_add_word(esig->r, 1);

    if (!FIPS_digestinit(&mctx, EVP_sha512()))
	goto err;
    if (!FIPS_digestupdate(&mctx, str1, 20))
	goto err;
    if (FIPS_ecdsa_verify_ctx(ec, &mctx, esig) != 1)
	goto err;

    ret = 1;

    err:
    FIPS_md_ctx_cleanup(&mctx);
    if (ec)
	EC_KEY_free(ec);
    if (esig)
	FIPS_ecdsa_sig_free(esig);
    if (ret == 0)
	    FIPSerr(FIPS_F_FIPS_SELFTEST_ECDSA,FIPS_R_SELFTEST_FAILED);
    return ret;
    }
#endif