Skip to content

Commit

Permalink
Merge bitcoin#494: Support OpenSSL versions >= 1.1 for ENABLE_OPENSSL…
Browse files Browse the repository at this point in the history
…_TESTS

31abd3a Support OpenSSL versions >= 1.1 for ENABLE_OPENSSL_TESTS (Alexander Block)

Pull request description:

  The only reason OpenSSL 1.1 was not supported was the removal of direct
  access to r and s in ECDSA_SIG. This commit adds a simplified version of
  ECDSA_SIG_get0 for < 1.1 that can be used like ECDSA_SIG_get0 in >= 1.1

Tree-SHA512: 7ee49cd8424086bb96968c632b5babce50af98e13c414c4d5028a30fb86896956f829415a92c66387cde57941ab6999b0db823752cb36dd8932d15dd32980763
  • Loading branch information
gmaxwell committed Feb 6, 2018
2 parents 2ef8ea5 + 31abd3a commit d333521
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 4 deletions.
1 change: 0 additions & 1 deletion build-aux/m4/bitcoin_secp.m4
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,6 @@ if test x"$has_libcrypto" = x"yes" && test x"$has_openssl_ec" = x; then
EC_KEY_free(eckey);
ECDSA_SIG *sig_openssl;
sig_openssl = ECDSA_SIG_new();
(void)sig_openssl->r;
ECDSA_SIG_free(sig_openssl);
]])],[has_openssl_ec=yes],[has_openssl_ec=no])
AC_MSG_RESULT([$has_openssl_ec])
Expand Down
11 changes: 8 additions & 3 deletions src/tests.c
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,9 @@
#include "openssl/ec.h"
#include "openssl/ecdsa.h"
#include "openssl/obj_mac.h"
# if OPENSSL_VERSION_NUMBER < 0x10100000L
void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps) {*pr = sig->r; *ps = sig->s;}
# endif
#endif

#include "contrib/lax_der_parsing.c"
Expand Down Expand Up @@ -4150,6 +4153,7 @@ int test_ecdsa_der_parse(const unsigned char *sig, size_t siglen, int certainly_

#ifdef ENABLE_OPENSSL_TESTS
ECDSA_SIG *sig_openssl;
const BIGNUM *r = NULL, *s = NULL;
const unsigned char *sigptr;
unsigned char roundtrip_openssl[2048];
int len_openssl = 2048;
Expand Down Expand Up @@ -4201,15 +4205,16 @@ int test_ecdsa_der_parse(const unsigned char *sig, size_t siglen, int certainly_
sigptr = sig;
parsed_openssl = (d2i_ECDSA_SIG(&sig_openssl, &sigptr, siglen) != NULL);
if (parsed_openssl) {
valid_openssl = !BN_is_negative(sig_openssl->r) && !BN_is_negative(sig_openssl->s) && BN_num_bits(sig_openssl->r) > 0 && BN_num_bits(sig_openssl->r) <= 256 && BN_num_bits(sig_openssl->s) > 0 && BN_num_bits(sig_openssl->s) <= 256;
ECDSA_SIG_get0(sig_openssl, &r, &s);
valid_openssl = !BN_is_negative(r) && !BN_is_negative(s) && BN_num_bits(r) > 0 && BN_num_bits(r) <= 256 && BN_num_bits(s) > 0 && BN_num_bits(s) <= 256;
if (valid_openssl) {
unsigned char tmp[32] = {0};
BN_bn2bin(sig_openssl->r, tmp + 32 - BN_num_bytes(sig_openssl->r));
BN_bn2bin(r, tmp + 32 - BN_num_bytes(r));
valid_openssl = memcmp(tmp, max_scalar, 32) < 0;
}
if (valid_openssl) {
unsigned char tmp[32] = {0};
BN_bn2bin(sig_openssl->s, tmp + 32 - BN_num_bytes(sig_openssl->s));
BN_bn2bin(s, tmp + 32 - BN_num_bytes(s));
valid_openssl = memcmp(tmp, max_scalar, 32) < 0;
}
}
Expand Down

0 comments on commit d333521

Please sign in to comment.