documentation and duplicate goto statements

Reviewed-by: NKurt Roeckx <kurt@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>

test/ecdhtest.c

@@ -463,6 +463,27 @@ static int ecdh_kat(BIO *out, const ecdh_kat_t *kat)
 
 #include "ecdhtest_cavs.h"
 
+/*
+ * NIST SP800-56A co-factor ECDH tests.
+ * KATs taken from NIST documents with parameters:
+ *
+ * - (QCAVSx,QCAVSy) is the public key for CAVS.
+ * - dIUT is the private key for IUT.
+ * - (QIUTx,QIUTy) is the public key for IUT.
+ * - ZIUT is the shared secret KAT.
+ *
+ * CAVS: Cryptographic Algorithm Validation System
+ * IUT: Implementation Under Test
+ *
+ * This function tests two things:
+ *
+ * 1. dIUT * G = (QIUTx,QIUTy)
+ *    i.e. public key for IUT computes correctly.
+ * 2. x-coord of cofactor * dIUT * (QCAVSx,QCAVSy) = ZIUT
+ *    i.e. co-factor ECDH key computes correctly.
+ *
+ * returns zero on failure or unsupported curve. One otherwise.
+ */
 static int ecdh_cavs_kat(BIO *out, const ecdh_cavs_kat_t *kat)
 {
     int rv = 0, is_char_two = 0;
@@ -495,7 +516,9 @@ static int ecdh_cavs_kat(BIO *out, const ecdh_cavs_kat_t *kat)
     if(!BN_hex2bn(&y, kat->QIUTy))
         goto err;
     if (is_char_two) {
-#ifndef OPENSSL_NO_EC2M
+#ifdef OPENSSL_NO_EC2M
+        goto err;
+#else
         if (!EC_POINT_set_affine_coordinates_GF2m(group, pub, x, y, NULL))
             goto err;
 #endif
@@ -514,7 +537,9 @@ static int ecdh_cavs_kat(BIO *out, const ecdh_cavs_kat_t *kat)
     if(!BN_hex2bn(&y, kat->QCAVSy))
         goto err;
     if (is_char_two) {
-#ifndef OPENSSL_NO_EC2M
+#ifdef OPENSSL_NO_EC2M
+        goto err;
+#else
         if (!EC_POINT_set_affine_coordinates_GF2m(group, pub, x, y, NULL))
             goto err;
 #endif
@@ -551,8 +576,9 @@ static int ecdh_cavs_kat(BIO *out, const ecdh_cavs_kat_t *kat)
     BN_free(y);
     OPENSSL_free(Ztmp);
     OPENSSL_free(Z);
-    if (rv)
+    if (rv) {
         BIO_puts(out, " ok\n");
+    }
     else {
         fprintf(stderr, "Error in ECC CDH routines\n");
         ERR_print_errors_fp(stderr);

test/ecdhtest_cavs.h

@@ -3,7 +3,7 @@
 
 /* 
  * co-factor ECDH KATs for NIST SP800-56A
- * http://csrc.nist.gov/groups/STM/cavp/component-testing.html#ecc-cdh
+ * http://csrc.nist.gov/groups/STM/cavp/component-testing.html#ECCCDH
  * $ sha256sum KAS_ECC_CDH_PrimitiveTest.txt 
  * 456068d3f8aad8ac62a03d19ed3173f00ad51f42b51aeab4753c20f30c01cf23  KAS_ECC_CDH_PrimitiveTest.txt
  */
@@ -19,6 +19,7 @@ typedef struct {
 } ecdh_cavs_kat_t;
 
 static const ecdh_cavs_kat_t ecdh_cavs_kats[] = {
+    /* curves over prime fields go here */
     { NID_X9_62_prime192v1,
     "42ea6dd9969dd2a61fea1aac7f8e98edcc896c6e55857cc0",
     "dfbe5d7c61fac88b11811bde328e8a0d12bf01a9d204b523",
@@ -1345,6 +1346,7 @@ static const ecdh_cavs_kat_t ecdh_cavs_kats[] = {
     "b4411cda7a0785b15d149ed301a3697062f42da237aa7f07e0af3fd00eb1800d"
     "9c41" }
 #ifndef OPENSSL_NO_EC2M
+    /* curves over binary fields go here */
     , { NID_sect163k1,
     "0000000574236f1428c432130946783a5b3aabb6c27ea5d6",
     "00000007908c251b8da021cbac281f123f7af4fac5b3dbb8",