From 584ac22110b2ff367d3632a89cf7b15c015903b8 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Fri, 19 Jul 2013 14:11:43 +0100 Subject: [PATCH] Make ecdsatest work with nonces. Update ecdsatest to use ECDSA_sign_setup and ECDSA_sign_ex, this avoids the nonce generation which would otherwise break the test. Reinstate ecdsatest. --- crypto/ecdsa/ecdsatest.c | 10 +++++++++- test/Makefile | 2 +- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/crypto/ecdsa/ecdsatest.c b/crypto/ecdsa/ecdsatest.c index 22c00a7df4..87c0a65abf 100644 --- a/crypto/ecdsa/ecdsatest.c +++ b/crypto/ecdsa/ecdsatest.c @@ -193,6 +193,7 @@ int x9_62_test_internal(BIO *out, int nid, const char *r_in, const char *s_in) EC_KEY *key = NULL; ECDSA_SIG *signature = NULL; BIGNUM *r = NULL, *s = NULL; + BIGNUM *kinv = NULL, *rp = NULL; EVP_MD_CTX_init(&md_ctx); /* get the message digest */ @@ -212,7 +213,10 @@ int x9_62_test_internal(BIO *out, int nid, const char *r_in, const char *s_in) (void)BIO_flush(out); /* create the signature */ use_fake = 1; - signature = ECDSA_do_sign(digest, 20, key); + /* Use ECDSA_sign_setup to avoid use of ECDSA nonces */ + if (!ECDSA_sign_setup(key, NULL, &kinv, &rp)) + goto x962_int_err; + signature = ECDSA_do_sign_ex(digest, 20, kinv, rp, key); if (signature == NULL) goto x962_int_err; BIO_printf(out, "."); @@ -247,6 +251,10 @@ x962_int_err: if (s) BN_free(s); EVP_MD_CTX_cleanup(&md_ctx); + if (kinv) + BN_clear_free(kinv); + if (rp) + BN_clear_free(rp); return ret; } diff --git a/test/Makefile b/test/Makefile index e3bc468da1..52056e28dc 100644 --- a/test/Makefile +++ b/test/Makefile @@ -293,7 +293,7 @@ test_ec: $(ECTEST) test_ecdsa: $(ECDSATEST) @echo 'test ecdsa' - # ../util/shlib_wrap.sh ./$(ECDSATEST) + ../util/shlib_wrap.sh ./$(ECDSATEST) test_ecdh: $(ECDHTEST) @echo 'test ecdh' -- GitLab