forked from trezor/trezor-crypto
-
Notifications
You must be signed in to change notification settings - Fork 0
/
test-openssl.c
119 lines (106 loc) · 3.54 KB
/
test-openssl.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
/**
* Copyright (c) 2013 Tomas Dzetkulic
* Copyright (c) 2013 Pavol Rusnak
*
* Permission is hereby granted, free of charge, to any person obtaining
* a copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included
* in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
* THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES
* OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
* ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
* OTHER DEALINGS IN THE SOFTWARE.
*/
#include <openssl/ecdsa.h>
#include <openssl/obj_mac.h>
#include <openssl/sha.h>
#include <stdio.h>
#include <stdint.h>
#include "ecdsa.h"
#include "rand.h"
int main()
{
uint8_t sig[64], pub_key33[33], pub_key65[65], priv_key[32], msg[256], buffer[1000], hash[32], *p;
uint32_t i, j, msg_len;
SHA256_CTX sha256;
EC_GROUP *ecgroup;
int cnt = 0;
init_rand();
ecgroup = EC_GROUP_new_by_curve_name(NID_secp256k1);
for (;;) {
// random message len between 1 and 256
msg_len = (random32() & 0xFF) + 1;
// create random message
for (i = 0; i < msg_len; i++) {
msg[i] = random32() & 0xFF;
}
// new ECDSA key
EC_KEY *eckey = EC_KEY_new();
EC_KEY_set_group(eckey, ecgroup);
// generate the key
EC_KEY_generate_key(eckey);
// copy key to buffer
p = buffer;
i2d_ECPrivateKey(eckey, &p);
// size of the key is in buffer[8] and the key begins right after that
i = buffer[8];
// extract key data
if (i > 32) {
for (j = 0; j < 32; j++) {
priv_key[j] = buffer[j + i - 23];
}
} else {
for (j = 0; j < 32 - i; j++) {
priv_key[j] = 0;
}
for (j = 0; j < i; j++) {
priv_key[j + 32 - i] = buffer[j + 9];
}
}
// use our ECDSA signer to sign the message with the key
if (ecdsa_sign(priv_key, msg, msg_len, sig) != 0) {
printf("trezor-crypto signing failed\n");
break;
}
// generate public key from private key
ecdsa_get_public_key33(priv_key, pub_key33);
ecdsa_get_public_key65(priv_key, pub_key65);
// use our ECDSA verifier to verify the message signature
if (ecdsa_verify(pub_key65, sig, msg, msg_len) != 0) {
printf("trezor-crypto verification failed (pub_key_len = 65)\n");
break;
}
if (ecdsa_verify(pub_key33, sig, msg, msg_len) != 0) {
printf("trezor-crypto verification failed (pub_key_len = 33)\n");
break;
}
// copy signature to the OpenSSL struct
ECDSA_SIG *signature = ECDSA_SIG_new();
BN_bin2bn(sig, 32, signature->r);
BN_bin2bn(sig + 32, 32, signature->s);
// compute the digest of the message
SHA256_Init(&sha256);
SHA256_Update(&sha256, msg, msg_len);
SHA256_Final(hash, &sha256);
// verify all went well, i.e. we can decrypt our signature with OpenSSL
if (ECDSA_do_verify(hash, 32, signature, eckey) != 1) {
printf("OpenSSL verification failed\n");
break;
}
ECDSA_SIG_free(signature);
EC_KEY_free(eckey);
cnt++;
if ((cnt % 100) == 0) printf("Passed ... %d\n", cnt);
}
EC_GROUP_free(ecgroup);
return 0;
}