kris
/
boringssl
1
0
Forkuj 0
Kod Zgłoszenia 0 Oczekujące zmiany 0 Wydania 0 Wiki Aktywność
Nie możesz wybrać więcej, niż 25 tematów Tematy muszą się zaczynać od litery lub cyfry, mogą zawierać myślniki ('-') i mogą mieć do 35 znaków.
1437 Commity
12 Gałęzie
38 MiB
Drzewo: bd15a8e748
Gałęzie Tagi
${ item.name }
Utwórz gałąź ${ searchTerm }
z 'bd15a8e748'
${ noResults }
boringssl/crypto/ec/ec_test.cc

ec_test.cc 6.7 KiB
Czysty Zwykły widok Historia

Automatically generate a missing EC public key. When d2i_ECPrivateKey reads a private key with a missing (optional) public key, generate one automatically from the group and private key. (Imported from upstream's 2083f7c465d07867dd9867b8742bb71c03d1f203) Change-Id: I9e5090de87cf846ab92e4be5b6bf64e6091d02e4
10 lat temu
Fix ec_test build on Windows. No need to include unistd.h. (Though it probably should include string.h for memcmp and strcmp.) Change-Id: Ib09d2da4f7079c9d87338df75ec3560f4f203764 Reviewed-on: https://boringssl-review.googlesource.com/2260 Reviewed-by: Adam Langley <agl@google.com>
10 lat temu
Automatically generate a missing EC public key. When d2i_ECPrivateKey reads a private key with a missing (optional) public key, generate one automatically from the group and private key. (Imported from upstream's 2083f7c465d07867dd9867b8742bb71c03d1f203) Change-Id: I9e5090de87cf846ab92e4be5b6bf64e6091d02e4
10 lat temu
Convert ec_test to C++ Change-Id: I5e25ddbc87370b58d9b6fc410f51e259947df8dd Reviewed-on: https://boringssl-review.googlesource.com/4468 Reviewed-by: Adam Langley <agl@google.com>
9 lat temu
Automatically generate a missing EC public key. When d2i_ECPrivateKey reads a private key with a missing (optional) public key, generate one automatically from the group and private key. (Imported from upstream's 2083f7c465d07867dd9867b8742bb71c03d1f203) Change-Id: I9e5090de87cf846ab92e4be5b6bf64e6091d02e4
10 lat temu
Eliminate unnecessary includes from low-level crypto modules. Beyond generally eliminating unnecessary includes, eliminate as many includes of headers that declare/define particularly error-prone functionality like strlen, malloc, and free. crypto/err/internal.h was added to remove the dependency on openssl/thread.h from the public openssl/err.h header. The include of <stdlib.h> in openssl/mem.h was retained since it defines OPENSSL_malloc and friends as macros around the stdlib.h functions. The public x509.h, x509v3.h, and ssl.h headers were not changed in order to minimize breakage of source compatibility with external code. Change-Id: I0d264b73ad0a720587774430b2ab8f8275960329 Reviewed-on: https://boringssl-review.googlesource.com/4220 Reviewed-by: Adam Langley <agl@google.com>
9 lat temu
Automatically generate a missing EC public key. When d2i_ECPrivateKey reads a private key with a missing (optional) public key, generate one automatically from the group and private key. (Imported from upstream's 2083f7c465d07867dd9867b8742bb71c03d1f203) Change-Id: I9e5090de87cf846ab92e4be5b6bf64e6091d02e4
10 lat temu
Convert ec_test to C++ Change-Id: I5e25ddbc87370b58d9b6fc410f51e259947df8dd Reviewed-on: https://boringssl-review.googlesource.com/4468 Reviewed-by: Adam Langley <agl@google.com>
9 lat temu
Automatically generate a missing EC public key. When d2i_ECPrivateKey reads a private key with a missing (optional) public key, generate one automatically from the group and private key. (Imported from upstream's 2083f7c465d07867dd9867b8742bb71c03d1f203) Change-Id: I9e5090de87cf846ab92e4be5b6bf64e6091d02e4
10 lat temu
Ensure EC private keys retain leading zeros RFC 5915 requires the use of the I2OSP primitive as defined in RFC 3447 for encoding ECPrivateKey. Fix this and add a test. See also upstream's 30cd4ff294252c4b6a4b69cbef6a5b4117705d22, though it mixes up degree and order. Change-Id: I81ba14da3c8d69e3799422c669fab7f16956f322 Reviewed-on: https://boringssl-review.googlesource.com/4469 Reviewed-by: Adam Langley <agl@google.com>
9 lat temu
Automatically generate a missing EC public key. When d2i_ECPrivateKey reads a private key with a missing (optional) public key, generate one automatically from the group and private key. (Imported from upstream's 2083f7c465d07867dd9867b8742bb71c03d1f203) Change-Id: I9e5090de87cf846ab92e4be5b6bf64e6091d02e4
10 lat temu
Ensure EC private keys retain leading zeros RFC 5915 requires the use of the I2OSP primitive as defined in RFC 3447 for encoding ECPrivateKey. Fix this and add a test. See also upstream's 30cd4ff294252c4b6a4b69cbef6a5b4117705d22, though it mixes up degree and order. Change-Id: I81ba14da3c8d69e3799422c669fab7f16956f322 Reviewed-on: https://boringssl-review.googlesource.com/4469 Reviewed-by: Adam Langley <agl@google.com>
9 lat temu
Automatically generate a missing EC public key. When d2i_ECPrivateKey reads a private key with a missing (optional) public key, generate one automatically from the group and private key. (Imported from upstream's 2083f7c465d07867dd9867b8742bb71c03d1f203) Change-Id: I9e5090de87cf846ab92e4be5b6bf64e6091d02e4
10 lat temu
Ensure EC private keys retain leading zeros RFC 5915 requires the use of the I2OSP primitive as defined in RFC 3447 for encoding ECPrivateKey. Fix this and add a test. See also upstream's 30cd4ff294252c4b6a4b69cbef6a5b4117705d22, though it mixes up degree and order. Change-Id: I81ba14da3c8d69e3799422c669fab7f16956f322 Reviewed-on: https://boringssl-review.googlesource.com/4469 Reviewed-by: Adam Langley <agl@google.com>
9 lat temu
Automatically generate a missing EC public key. When d2i_ECPrivateKey reads a private key with a missing (optional) public key, generate one automatically from the group and private key. (Imported from upstream's 2083f7c465d07867dd9867b8742bb71c03d1f203) Change-Id: I9e5090de87cf846ab92e4be5b6bf64e6091d02e4
10 lat temu
Rename BIO_print_errors_fp back to ERR_print_errors_fp & refactor it. A previous change in BoringSSL renamed ERR_print_errors_fp to BIO_print_errors_fp as part of refactoring the code to improve the layering of modules within BoringSSL. Rename it back for better compatibility with code that was using the function under the original name. Move its definition back to crypto/err using an implementation that avoids depending on crypto/bio. Change-Id: Iee7703bb1eb4a3d640aff6485712bea71d7c1052 Reviewed-on: https://boringssl-review.googlesource.com/4310 Reviewed-by: Adam Langley <agl@google.com>
9 lat temu
Convert ec_test to C++ Change-Id: I5e25ddbc87370b58d9b6fc410f51e259947df8dd Reviewed-on: https://boringssl-review.googlesource.com/4468 Reviewed-by: Adam Langley <agl@google.com>
9 lat temu
Automatically generate a missing EC public key. When d2i_ECPrivateKey reads a private key with a missing (optional) public key, generate one automatically from the group and private key. (Imported from upstream's 2083f7c465d07867dd9867b8742bb71c03d1f203) Change-Id: I9e5090de87cf846ab92e4be5b6bf64e6091d02e4
10 lat temu
Ensure EC private keys retain leading zeros RFC 5915 requires the use of the I2OSP primitive as defined in RFC 3447 for encoding ECPrivateKey. Fix this and add a test. See also upstream's 30cd4ff294252c4b6a4b69cbef6a5b4117705d22, though it mixes up degree and order. Change-Id: I81ba14da3c8d69e3799422c669fab7f16956f322 Reviewed-on: https://boringssl-review.googlesource.com/4469 Reviewed-by: Adam Langley <agl@google.com>
9 lat temu
Automatically generate a missing EC public key. When d2i_ECPrivateKey reads a private key with a missing (optional) public key, generate one automatically from the group and private key. (Imported from upstream's 2083f7c465d07867dd9867b8742bb71c03d1f203) Change-Id: I9e5090de87cf846ab92e4be5b6bf64e6091d02e4
10 lat temu
Rename BIO_print_errors_fp back to ERR_print_errors_fp & refactor it. A previous change in BoringSSL renamed ERR_print_errors_fp to BIO_print_errors_fp as part of refactoring the code to improve the layering of modules within BoringSSL. Rename it back for better compatibility with code that was using the function under the original name. Move its definition back to crypto/err using an implementation that avoids depending on crypto/bio. Change-Id: Iee7703bb1eb4a3d640aff6485712bea71d7c1052 Reviewed-on: https://boringssl-review.googlesource.com/4310 Reviewed-by: Adam Langley <agl@google.com>
9 lat temu
Convert ec_test to C++ Change-Id: I5e25ddbc87370b58d9b6fc410f51e259947df8dd Reviewed-on: https://boringssl-review.googlesource.com/4468 Reviewed-by: Adam Langley <agl@google.com>
9 lat temu
Automatically generate a missing EC public key. When d2i_ECPrivateKey reads a private key with a missing (optional) public key, generate one automatically from the group and private key. (Imported from upstream's 2083f7c465d07867dd9867b8742bb71c03d1f203) Change-Id: I9e5090de87cf846ab92e4be5b6bf64e6091d02e4
10 lat temu
Ensure EC private keys retain leading zeros RFC 5915 requires the use of the I2OSP primitive as defined in RFC 3447 for encoding ECPrivateKey. Fix this and add a test. See also upstream's 30cd4ff294252c4b6a4b69cbef6a5b4117705d22, though it mixes up degree and order. Change-Id: I81ba14da3c8d69e3799422c669fab7f16956f322 Reviewed-on: https://boringssl-review.googlesource.com/4469 Reviewed-by: Adam Langley <agl@google.com>
9 lat temu
Automatically generate a missing EC public key. When d2i_ECPrivateKey reads a private key with a missing (optional) public key, generate one automatically from the group and private key. (Imported from upstream's 2083f7c465d07867dd9867b8742bb71c03d1f203) Change-Id: I9e5090de87cf846ab92e4be5b6bf64e6091d02e4
10 lat temu
Convert ec_test to C++ Change-Id: I5e25ddbc87370b58d9b6fc410f51e259947df8dd Reviewed-on: https://boringssl-review.googlesource.com/4468 Reviewed-by: Adam Langley <agl@google.com>
9 lat temu
Automatically generate a missing EC public key. When d2i_ECPrivateKey reads a private key with a missing (optional) public key, generate one automatically from the group and private key. (Imported from upstream's 2083f7c465d07867dd9867b8742bb71c03d1f203) Change-Id: I9e5090de87cf846ab92e4be5b6bf64e6091d02e4
10 lat temu
Convert ec_test to C++ Change-Id: I5e25ddbc87370b58d9b6fc410f51e259947df8dd Reviewed-on: https://boringssl-review.googlesource.com/4468 Reviewed-by: Adam Langley <agl@google.com>
9 lat temu
Automatically generate a missing EC public key. When d2i_ECPrivateKey reads a private key with a missing (optional) public key, generate one automatically from the group and private key. (Imported from upstream's 2083f7c465d07867dd9867b8742bb71c03d1f203) Change-Id: I9e5090de87cf846ab92e4be5b6bf64e6091d02e4
10 lat temu
Convert ec_test to C++ Change-Id: I5e25ddbc87370b58d9b6fc410f51e259947df8dd Reviewed-on: https://boringssl-review.googlesource.com/4468 Reviewed-by: Adam Langley <agl@google.com>
9 lat temu
Automatically generate a missing EC public key. When d2i_ECPrivateKey reads a private key with a missing (optional) public key, generate one automatically from the group and private key. (Imported from upstream's 2083f7c465d07867dd9867b8742bb71c03d1f203) Change-Id: I9e5090de87cf846ab92e4be5b6bf64e6091d02e4
10 lat temu
Convert ec_test to C++ Change-Id: I5e25ddbc87370b58d9b6fc410f51e259947df8dd Reviewed-on: https://boringssl-review.googlesource.com/4468 Reviewed-by: Adam Langley <agl@google.com>
9 lat temu
Automatically generate a missing EC public key. When d2i_ECPrivateKey reads a private key with a missing (optional) public key, generate one automatically from the group and private key. (Imported from upstream's 2083f7c465d07867dd9867b8742bb71c03d1f203) Change-Id: I9e5090de87cf846ab92e4be5b6bf64e6091d02e4
10 lat temu
Convert ec_test to C++ Change-Id: I5e25ddbc87370b58d9b6fc410f51e259947df8dd Reviewed-on: https://boringssl-review.googlesource.com/4468 Reviewed-by: Adam Langley <agl@google.com>
9 lat temu
Automatically generate a missing EC public key. When d2i_ECPrivateKey reads a private key with a missing (optional) public key, generate one automatically from the group and private key. (Imported from upstream's 2083f7c465d07867dd9867b8742bb71c03d1f203) Change-Id: I9e5090de87cf846ab92e4be5b6bf64e6091d02e4
10 lat temu
Convert ec_test to C++ Change-Id: I5e25ddbc87370b58d9b6fc410f51e259947df8dd Reviewed-on: https://boringssl-review.googlesource.com/4468 Reviewed-by: Adam Langley <agl@google.com>
9 lat temu
Automatically generate a missing EC public key. When d2i_ECPrivateKey reads a private key with a missing (optional) public key, generate one automatically from the group and private key. (Imported from upstream's 2083f7c465d07867dd9867b8742bb71c03d1f203) Change-Id: I9e5090de87cf846ab92e4be5b6bf64e6091d02e4
10 lat temu
Convert ec_test to C++ Change-Id: I5e25ddbc87370b58d9b6fc410f51e259947df8dd Reviewed-on: https://boringssl-review.googlesource.com/4468 Reviewed-by: Adam Langley <agl@google.com>
9 lat temu
Fix some malloc test crashs. This isn't exhaustive. There are still failures in some tests which probably ought to get C++'d first. Change-Id: Iac58df9d98cdfd94603d54374a531b2559df64c3 Reviewed-on: https://boringssl-review.googlesource.com/4795 Reviewed-by: Adam Langley <agl@google.com>
9 lat temu
Convert ec_test to C++ Change-Id: I5e25ddbc87370b58d9b6fc410f51e259947df8dd Reviewed-on: https://boringssl-review.googlesource.com/4468 Reviewed-by: Adam Langley <agl@google.com>
9 lat temu
Automatically generate a missing EC public key. When d2i_ECPrivateKey reads a private key with a missing (optional) public key, generate one automatically from the group and private key. (Imported from upstream's 2083f7c465d07867dd9867b8742bb71c03d1f203) Change-Id: I9e5090de87cf846ab92e4be5b6bf64e6091d02e4
10 lat temu
Convert ec_test to C++ Change-Id: I5e25ddbc87370b58d9b6fc410f51e259947df8dd Reviewed-on: https://boringssl-review.googlesource.com/4468 Reviewed-by: Adam Langley <agl@google.com>
9 lat temu
Automatically generate a missing EC public key. When d2i_ECPrivateKey reads a private key with a missing (optional) public key, generate one automatically from the group and private key. (Imported from upstream's 2083f7c465d07867dd9867b8742bb71c03d1f203) Change-Id: I9e5090de87cf846ab92e4be5b6bf64e6091d02e4
10 lat temu
Ensure EC private keys retain leading zeros RFC 5915 requires the use of the I2OSP primitive as defined in RFC 3447 for encoding ECPrivateKey. Fix this and add a test. See also upstream's 30cd4ff294252c4b6a4b69cbef6a5b4117705d22, though it mixes up degree and order. Change-Id: I81ba14da3c8d69e3799422c669fab7f16956f322 Reviewed-on: https://boringssl-review.googlesource.com/4469 Reviewed-by: Adam Langley <agl@google.com>
9 lat temu
Automatically generate a missing EC public key. When d2i_ECPrivateKey reads a private key with a missing (optional) public key, generate one automatically from the group and private key. (Imported from upstream's 2083f7c465d07867dd9867b8742bb71c03d1f203) Change-Id: I9e5090de87cf846ab92e4be5b6bf64e6091d02e4
10 lat temu
Ensure EC private keys retain leading zeros RFC 5915 requires the use of the I2OSP primitive as defined in RFC 3447 for encoding ECPrivateKey. Fix this and add a test. See also upstream's 30cd4ff294252c4b6a4b69cbef6a5b4117705d22, though it mixes up degree and order. Change-Id: I81ba14da3c8d69e3799422c669fab7f16956f322 Reviewed-on: https://boringssl-review.googlesource.com/4469 Reviewed-by: Adam Langley <agl@google.com>
9 lat temu
Automatically generate a missing EC public key. When d2i_ECPrivateKey reads a private key with a missing (optional) public key, generate one automatically from the group and private key. (Imported from upstream's 2083f7c465d07867dd9867b8742bb71c03d1f203) Change-Id: I9e5090de87cf846ab92e4be5b6bf64e6091d02e4
10 lat temu
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188 
  1. /* Copyright (c) 2014, Google Inc.

  2.  *

  3.  * Permission to use, copy, modify, and/or distribute this software for any

  4.  * purpose with or without fee is hereby granted, provided that the above

  5.  * copyright notice and this permission notice appear in all copies.

  6.  *

  7.  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES

  8.  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF

  9.  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY

  10.  * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES

  11.  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION

  12.  * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN

  13.  * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */

  14. 

  15. #include <stdio.h>

  16. #include <string.h>

  17. 

  18. #include <vector>

  19. 

  20. #include <openssl/crypto.h>

  21. #include <openssl/ec_key.h>

  22. #include <openssl/err.h>

  23. #include <openssl/mem.h>

  24. 

  25. #include "../test/scoped_types.h"

  26. #include "../test/stl_compat.h"

  27. 

  28. 

  29. // kECKeyWithoutPublic is an ECPrivateKey with the optional publicKey field

  30. // omitted.

  31. static const uint8_t kECKeyWithoutPublic[] = {

  32.   0x30, 0x31, 0x02, 0x01, 0x01, 0x04, 0x20, 0xc6, 0xc1, 0xaa, 0xda, 0x15, 0xb0,

  33.   0x76, 0x61, 0xf8, 0x14, 0x2c, 0x6c, 0xaf, 0x0f, 0xdb, 0x24, 0x1a, 0xff, 0x2e,

  34.   0xfe, 0x46, 0xc0, 0x93, 0x8b, 0x74, 0xf2, 0xbc, 0xc5, 0x30, 0x52, 0xb0, 0x77,

  35.   0xa0, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07,

  36. };

  37. 

  38. // kECKeyMissingZeros is an ECPrivateKey containing a degenerate P-256 key where

  39. // the private key is one. The private key is incorrectly encoded without zero

  40. // padding.

  41. static const uint8_t kECKeyMissingZeros[] = {

  42.   0x30, 0x58, 0x02, 0x01, 0x01, 0x04, 0x01, 0x01, 0xa0, 0x0a, 0x06, 0x08, 0x2a,

  43.   0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04,

  44.   0x6b, 0x17, 0xd1, 0xf2, 0xe1, 0x2c, 0x42, 0x47, 0xf8, 0xbc, 0xe6, 0xe5, 0x63,

  45.   0xa4, 0x40, 0xf2, 0x77, 0x03, 0x7d, 0x81, 0x2d, 0xeb, 0x33, 0xa0, 0xf4, 0xa1,

  46.   0x39, 0x45, 0xd8, 0x98, 0xc2, 0x96, 0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f,

  47.   0x9b, 0x8e, 0xe7, 0xeb, 0x4a, 0x7c, 0x0f, 0x9e, 0x16, 0x2b, 0xce, 0x33, 0x57,

  48.   0x6b, 0x31, 0x5e, 0xce, 0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5,

  49. };

  50. 

  51. // kECKeyMissingZeros is an ECPrivateKey containing a degenerate P-256 key where

  52. // the private key is one. The private key is encoded with the required zero

  53. // padding.

  54. static const uint8_t kECKeyWithZeros[] = {

  55.   0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,

  56.   0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,

  57.   0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,

  58.   0xa0, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0xa1,

  59.   0x44, 0x03, 0x42, 0x00, 0x04, 0x6b, 0x17, 0xd1, 0xf2, 0xe1, 0x2c, 0x42, 0x47,

  60.   0xf8, 0xbc, 0xe6, 0xe5, 0x63, 0xa4, 0x40, 0xf2, 0x77, 0x03, 0x7d, 0x81, 0x2d,

  61.   0xeb, 0x33, 0xa0, 0xf4, 0xa1, 0x39, 0x45, 0xd8, 0x98, 0xc2, 0x96, 0x4f, 0xe3,

  62.   0x42, 0xe2, 0xfe, 0x1a, 0x7f, 0x9b, 0x8e, 0xe7, 0xeb, 0x4a, 0x7c, 0x0f, 0x9e,

  63.   0x16, 0x2b, 0xce, 0x33, 0x57, 0x6b, 0x31, 0x5e, 0xce, 0xcb, 0xb6, 0x40, 0x68,

  64.   0x37, 0xbf, 0x51, 0xf5,

  65. };

  66. 

  67. // DecodeECPrivateKey decodes |in| as an ECPrivateKey structure and returns the

  68. // result or nullptr on error.

  69. static ScopedEC_KEY DecodeECPrivateKey(const uint8_t *in, size_t in_len) {

  70.   const uint8_t *inp = in;

  71.   ScopedEC_KEY ret(d2i_ECPrivateKey(NULL, &inp, in_len));

  72.   if (!ret || inp != in + in_len) {

  73.     return nullptr;

  74.   }

  75.   return ret;

  76. }

  77. 

  78. // EncodeECPrivateKey encodes |key| as an ECPrivateKey structure into |*out|. It

  79. // returns true on success or false on error.

  80. static bool EncodeECPrivateKey(std::vector<uint8_t> *out, EC_KEY *key) {

  81.   int len = i2d_ECPrivateKey(key, NULL);

  82.   out->resize(len);

  83.   uint8_t *outp = bssl::vector_data(out);

  84.   return i2d_ECPrivateKey(key, &outp) == len;

  85. }

  86. 

  87. bool Testd2i_ECPrivateKey() {

  88.   ScopedEC_KEY key = DecodeECPrivateKey(kECKeyWithoutPublic,

  89.                                         sizeof(kECKeyWithoutPublic));

  90.   if (!key) {

  91.     fprintf(stderr, "Failed to parse private key.\n");

  92.     ERR_print_errors_fp(stderr);

  93.     return false;

  94.   }

  95. 

  96.   std::vector<uint8_t> out;

  97.   if (!EncodeECPrivateKey(&out, key.get())) {

  98.     fprintf(stderr, "Failed to serialize private key.\n");

  99.     ERR_print_errors_fp(stderr);

  100.     return false;

  101.   }

  102. 

  103.   if (std::vector<uint8_t>(kECKeyWithoutPublic,

  104.                            kECKeyWithoutPublic + sizeof(kECKeyWithoutPublic)) !=

  105.       out) {

  106.     fprintf(stderr, "Serialisation of key doesn't match original.\n");

  107.     return false;

  108.   }

  109. 

  110.   const EC_POINT *pub_key = EC_KEY_get0_public_key(key.get());

  111.   if (pub_key == NULL) {

  112.     fprintf(stderr, "Public key missing.\n");

  113.     return false;

  114.   }

  115. 

  116.   ScopedBIGNUM x(BN_new());

  117.   ScopedBIGNUM y(BN_new());

  118.   if (!x || !y) {

  119.     return false;

  120.   }

  121.   if (!EC_POINT_get_affine_coordinates_GFp(EC_KEY_get0_group(key.get()),

  122.                                            pub_key, x.get(), y.get(), NULL)) {

  123.     fprintf(stderr, "Failed to get public key in affine coordinates.\n");

  124.     return false;

  125.   }

  126.   ScopedOpenSSLString x_hex(BN_bn2hex(x.get()));

  127.   ScopedOpenSSLString y_hex(BN_bn2hex(y.get()));

  128.   if (!x_hex || !y_hex) {

  129.     return false;

  130.   }

  131.   if (0 != strcmp(

  132.           x_hex.get(),

  133.           "c81561ecf2e54edefe6617db1c7a34a70744ddb261f269b83dacfcd2ade5a681") ||

  134.       0 != strcmp(

  135.           y_hex.get(),

  136.           "e0e2afa3f9b6abe4c698ef6495f1be49a3196c5056acb3763fe4507eec596e88")) {

  137.     fprintf(stderr, "Incorrect public key: %s %s\n", x_hex.get(), y_hex.get());

  138.     return false;

  139.   }

  140. 

  141.   return true;

  142. }

  143. 

  144. static bool TestZeroPadding() {

  145.   // Check that the correct encoding round-trips.

  146.   ScopedEC_KEY key = DecodeECPrivateKey(kECKeyWithZeros,

  147.                                         sizeof(kECKeyWithZeros));

  148.   std::vector<uint8_t> out;

  149.   if (!key || !EncodeECPrivateKey(&out, key.get())) {

  150.     ERR_print_errors_fp(stderr);

  151.     return false;

  152.   }

  153. 

  154.   if (std::vector<uint8_t>(kECKeyWithZeros,

  155.                            kECKeyWithZeros + sizeof(kECKeyWithZeros)) != out) {

  156.     fprintf(stderr, "Serialisation of key was incorrect.\n");

  157.     return false;

  158.   }

  159. 

  160.   // Keys without leading zeros also parse, but they encode correctly.

  161.   key = DecodeECPrivateKey(kECKeyMissingZeros, sizeof(kECKeyMissingZeros));

  162.   if (!key || !EncodeECPrivateKey(&out, key.get())) {

  163.     ERR_print_errors_fp(stderr);

  164.     return false;

  165.   }

  166. 

  167.   if (std::vector<uint8_t>(kECKeyWithZeros,

  168.                            kECKeyWithZeros + sizeof(kECKeyWithZeros)) != out) {

  169.     fprintf(stderr, "Serialisation of key was incorrect.\n");

  170.     return false;

  171.   }

  172. 

  173.   return true;

  174. }

  175. 

  176. int main(void) {

  177.   CRYPTO_library_init();

  178.   ERR_load_crypto_strings();

  179. 

  180.   if (!Testd2i_ECPrivateKey() ||

  181.       !TestZeroPadding()) {

  182.     fprintf(stderr, "failed\n");

  183.     return 1;

  184.   }

  185. 

  186.   printf("PASS\n");

  187.   return 0;

  188. }