Line | Source | Count |
1 | | - |
2 | | - |
3 | | - |
4 | | - |
5 | | - |
6 | | - |
7 | | - |
8 | | - |
9 | | - |
10 | | - |
11 | | - |
12 | #include "internal/sm2.h" | - |
13 | #include "internal/sm2err.h" | - |
14 | #include "internal/ec_int.h" /* ec_group_do_inverse_ord() */ | - |
15 | #include "internal/numbers.h" | - |
16 | #include <openssl/err.h> | - |
17 | #include <openssl/evp.h> | - |
18 | #include <openssl/err.h> | - |
19 | #include <openssl/bn.h> | - |
20 | #include <string.h> | - |
21 | | - |
22 | int sm2_compute_z_digest(uint8_t *out, | - |
23 | const EVP_MD *digest, | - |
24 | const uint8_t *id, | - |
25 | const size_t id_len, | - |
26 | const EC_KEY *key) | - |
27 | { | - |
28 | int rc = 0; | - |
29 | const EC_GROUP *group = EC_KEY_get0_group(key); | - |
30 | BN_CTX *ctx = NULL; | - |
31 | EVP_MD_CTX *hash = NULL; | - |
32 | BIGNUM *p = NULL; | - |
33 | BIGNUM *a = NULL; | - |
34 | BIGNUM *b = NULL; | - |
35 | BIGNUM *xG = NULL; | - |
36 | BIGNUM *yG = NULL; | - |
37 | BIGNUM *xA = NULL; | - |
38 | BIGNUM *yA = NULL; | - |
39 | int p_bytes = 0; | - |
40 | uint8_t *buf = NULL; | - |
41 | uint16_t entl = 0; | - |
42 | uint8_t e_byte = 0; | - |
43 | | - |
44 | hash = EVP_MD_CTX_new(); | - |
45 | ctx = BN_CTX_new(); | - |
46 | if (hash == NULL || ctx == NULL) {TRUE | never evaluated | FALSE | evaluated 5 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
TRUE | never evaluated | FALSE | evaluated 5 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-5 |
47 | SM2err(SM2_F_SM2_COMPUTE_Z_DIGEST, ERR_R_MALLOC_FAILURE); | - |
48 | goto done; never executed: goto done; | 0 |
49 | } | - |
50 | | - |
51 | p = BN_CTX_get(ctx); | - |
52 | a = BN_CTX_get(ctx); | - |
53 | b = BN_CTX_get(ctx); | - |
54 | xG = BN_CTX_get(ctx); | - |
55 | yG = BN_CTX_get(ctx); | - |
56 | xA = BN_CTX_get(ctx); | - |
57 | yA = BN_CTX_get(ctx); | - |
58 | | - |
59 | if (yA == NULL) {TRUE | never evaluated | FALSE | evaluated 5 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-5 |
60 | SM2err(SM2_F_SM2_COMPUTE_Z_DIGEST, ERR_R_MALLOC_FAILURE); | - |
61 | goto done; never executed: goto done; | 0 |
62 | } | - |
63 | | - |
64 | if (!EVP_DigestInit(hash, digest)) {TRUE | never evaluated | FALSE | evaluated 5 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-5 |
65 | SM2err(SM2_F_SM2_COMPUTE_Z_DIGEST, ERR_R_EVP_LIB); | - |
66 | goto done; never executed: goto done; | 0 |
67 | } | - |
68 | | - |
69 | | - |
70 | | - |
71 | if (id_len >= (UINT16_MAX / 8)) {TRUE | never evaluated | FALSE | evaluated 5 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-5 |
72 | | - |
73 | SM2err(SM2_F_SM2_COMPUTE_Z_DIGEST, SM2_R_ID_TOO_LARGE); | - |
74 | goto done; never executed: goto done; | 0 |
75 | } | - |
76 | | - |
77 | entl = (uint16_t)(8 * id_len); | - |
78 | | - |
79 | e_byte = entl >> 8; | - |
80 | if (!EVP_DigestUpdate(hash, &e_byte, 1)) {TRUE | never evaluated | FALSE | evaluated 5 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-5 |
81 | SM2err(SM2_F_SM2_COMPUTE_Z_DIGEST, ERR_R_EVP_LIB); | - |
82 | goto done; never executed: goto done; | 0 |
83 | } | - |
84 | e_byte = entl & 0xFF; | - |
85 | if (!EVP_DigestUpdate(hash, &e_byte, 1)) {TRUE | never evaluated | FALSE | evaluated 5 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-5 |
86 | SM2err(SM2_F_SM2_COMPUTE_Z_DIGEST, ERR_R_EVP_LIB); | - |
87 | goto done; never executed: goto done; | 0 |
88 | } | - |
89 | | - |
90 | if (id_len > 0 && !EVP_DigestUpdate(hash, id, id_len)) {TRUE | evaluated 5 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
| FALSE | never evaluated |
TRUE | never evaluated | FALSE | evaluated 5 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-5 |
91 | SM2err(SM2_F_SM2_COMPUTE_Z_DIGEST, ERR_R_EVP_LIB); | - |
92 | goto done; never executed: goto done; | 0 |
93 | } | - |
94 | | - |
95 | if (!EC_GROUP_get_curve(group, p, a, b, ctx)) {TRUE | never evaluated | FALSE | evaluated 5 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-5 |
96 | SM2err(SM2_F_SM2_COMPUTE_Z_DIGEST, ERR_R_EC_LIB); | - |
97 | goto done; never executed: goto done; | 0 |
98 | } | - |
99 | | - |
100 | p_bytes = BN_num_bytes(p); | - |
101 | buf = OPENSSL_zalloc(p_bytes); | - |
102 | if (buf == NULL) {TRUE | never evaluated | FALSE | evaluated 5 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-5 |
103 | SM2err(SM2_F_SM2_COMPUTE_Z_DIGEST, ERR_R_MALLOC_FAILURE); | - |
104 | goto done; never executed: goto done; | 0 |
105 | } | - |
106 | | - |
107 | if (BN_bn2binpad(a, buf, p_bytes) < 0TRUE | never evaluated | FALSE | evaluated 5 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-5 |
108 | || !EVP_DigestUpdate(hash, buf, p_bytes)TRUE | never evaluated | FALSE | evaluated 5 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-5 |
109 | || BN_bn2binpad(b, buf, p_bytes) < 0TRUE | never evaluated | FALSE | evaluated 5 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-5 |
110 | || !EVP_DigestUpdate(hash, buf, p_bytes)TRUE | never evaluated | FALSE | evaluated 5 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-5 |
111 | || !EC_POINT_get_affine_coordinates(group,TRUE | never evaluated | FALSE | evaluated 5 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-5 |
112 | EC_GROUP_get0_generator(group),TRUE | never evaluated | FALSE | evaluated 5 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-5 |
113 | xG, yG, ctx)TRUE | never evaluated | FALSE | evaluated 5 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-5 |
114 | || BN_bn2binpad(xG, buf, p_bytes) < 0TRUE | never evaluated | FALSE | evaluated 5 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-5 |
115 | || !EVP_DigestUpdate(hash, buf, p_bytes)TRUE | never evaluated | FALSE | evaluated 5 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-5 |
116 | || BN_bn2binpad(yG, buf, p_bytes) < 0TRUE | never evaluated | FALSE | evaluated 5 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-5 |
117 | || !EVP_DigestUpdate(hash, buf, p_bytes)TRUE | never evaluated | FALSE | evaluated 5 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-5 |
118 | || !EC_POINT_get_affine_coordinates(group,TRUE | never evaluated | FALSE | evaluated 5 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-5 |
119 | EC_KEY_get0_public_key(key),TRUE | never evaluated | FALSE | evaluated 5 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-5 |
120 | xA, yA, ctx)TRUE | never evaluated | FALSE | evaluated 5 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-5 |
121 | || BN_bn2binpad(xA, buf, p_bytes) < 0TRUE | never evaluated | FALSE | evaluated 5 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-5 |
122 | || !EVP_DigestUpdate(hash, buf, p_bytes)TRUE | never evaluated | FALSE | evaluated 5 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-5 |
123 | || BN_bn2binpad(yA, buf, p_bytes) < 0TRUE | never evaluated | FALSE | evaluated 5 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-5 |
124 | || !EVP_DigestUpdate(hash, buf, p_bytes)TRUE | never evaluated | FALSE | evaluated 5 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-5 |
125 | || !EVP_DigestFinal(hash, out, NULL)) {TRUE | never evaluated | FALSE | evaluated 5 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-5 |
126 | SM2err(SM2_F_SM2_COMPUTE_Z_DIGEST, ERR_R_INTERNAL_ERROR); | - |
127 | goto done; never executed: goto done; | 0 |
128 | } | - |
129 | | - |
130 | rc = 1; | - |
131 | | - |
132 | done:code before this statement executed 5 times by 2 tests: done: Executed by:- libcrypto.so.1.1
- sm2_internal_test
| 5 |
133 | OPENSSL_free(buf); | - |
134 | BN_CTX_free(ctx); | - |
135 | EVP_MD_CTX_free(hash); | - |
136 | return rc;executed 5 times by 2 tests: return rc; Executed by:- libcrypto.so.1.1
- sm2_internal_test
| 5 |
137 | } | - |
138 | | - |
139 | static BIGNUM *sm2_compute_msg_hash(const EVP_MD *digest, | - |
140 | const EC_KEY *key, | - |
141 | const uint8_t *id, | - |
142 | const size_t id_len, | - |
143 | const uint8_t *msg, size_t msg_len) | - |
144 | { | - |
145 | EVP_MD_CTX *hash = EVP_MD_CTX_new(); | - |
146 | const int md_size = EVP_MD_size(digest); | - |
147 | uint8_t *z = NULL; | - |
148 | BIGNUM *e = NULL; | - |
149 | | - |
150 | if (md_size < 0) {TRUE | never evaluated | FALSE | evaluated 2 times by 1 test |
| 0-2 |
151 | SM2err(SM2_F_SM2_COMPUTE_MSG_HASH, SM2_R_INVALID_DIGEST); | - |
152 | goto done; never executed: goto done; | 0 |
153 | } | - |
154 | | - |
155 | z = OPENSSL_zalloc(md_size); | - |
156 | if (hash == NULL || z == NULL) {TRUE | never evaluated | FALSE | evaluated 2 times by 1 test |
TRUE | never evaluated | FALSE | evaluated 2 times by 1 test |
| 0-2 |
157 | SM2err(SM2_F_SM2_COMPUTE_MSG_HASH, ERR_R_MALLOC_FAILURE); | - |
158 | goto done; never executed: goto done; | 0 |
159 | } | - |
160 | | - |
161 | if (!sm2_compute_z_digest(z, digest, id, id_len, key)) {TRUE | never evaluated | FALSE | evaluated 2 times by 1 test |
| 0-2 |
162 | | - |
163 | goto done; never executed: goto done; | 0 |
164 | } | - |
165 | | - |
166 | if (!EVP_DigestInit(hash, digest)TRUE | never evaluated | FALSE | evaluated 2 times by 1 test |
| 0-2 |
167 | || !EVP_DigestUpdate(hash, z, md_size)TRUE | never evaluated | FALSE | evaluated 2 times by 1 test |
| 0-2 |
168 | || !EVP_DigestUpdate(hash, msg, msg_len)TRUE | never evaluated | FALSE | evaluated 2 times by 1 test |
| 0-2 |
169 | | - |
170 | || !EVP_DigestFinal(hash, z, NULL)) {TRUE | never evaluated | FALSE | evaluated 2 times by 1 test |
| 0-2 |
171 | SM2err(SM2_F_SM2_COMPUTE_MSG_HASH, ERR_R_EVP_LIB); | - |
172 | goto done; never executed: goto done; | 0 |
173 | } | - |
174 | | - |
175 | e = BN_bin2bn(z, md_size, NULL); | - |
176 | if (e == NULL)TRUE | never evaluated | FALSE | evaluated 2 times by 1 test |
| 0-2 |
177 | SM2err(SM2_F_SM2_COMPUTE_MSG_HASH, ERR_R_INTERNAL_ERROR); never executed: ERR_put_error(53,(100),((4|64)),__FILE__,177); | 0 |
178 | | - |
179 | done:code before this statement executed 2 times by 1 test: done: | 2 |
180 | OPENSSL_free(z); | - |
181 | EVP_MD_CTX_free(hash); | - |
182 | return e;executed 2 times by 1 test: return e; | 2 |
183 | } | - |
184 | | - |
185 | static ECDSA_SIG *sm2_sig_gen(const EC_KEY *key, const BIGNUM *e) | - |
186 | { | - |
187 | const BIGNUM *dA = EC_KEY_get0_private_key(key); | - |
188 | const EC_GROUP *group = EC_KEY_get0_group(key); | - |
189 | const BIGNUM *order = EC_GROUP_get0_order(group); | - |
190 | ECDSA_SIG *sig = NULL; | - |
191 | EC_POINT *kG = NULL; | - |
192 | BN_CTX *ctx = NULL; | - |
193 | BIGNUM *k = NULL; | - |
194 | BIGNUM *rk = NULL; | - |
195 | BIGNUM *r = NULL; | - |
196 | BIGNUM *s = NULL; | - |
197 | BIGNUM *x1 = NULL; | - |
198 | BIGNUM *tmp = NULL; | - |
199 | | - |
200 | kG = EC_POINT_new(group); | - |
201 | ctx = BN_CTX_new(); | - |
202 | if (kG == NULL || ctx == NULL) {TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
203 | SM2err(SM2_F_SM2_SIG_GEN, ERR_R_MALLOC_FAILURE); | - |
204 | goto done; never executed: goto done; | 0 |
205 | } | - |
206 | | - |
207 | BN_CTX_start(ctx); | - |
208 | k = BN_CTX_get(ctx); | - |
209 | rk = BN_CTX_get(ctx); | - |
210 | x1 = BN_CTX_get(ctx); | - |
211 | tmp = BN_CTX_get(ctx); | - |
212 | if (tmp == NULL) {TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
213 | SM2err(SM2_F_SM2_SIG_GEN, ERR_R_MALLOC_FAILURE); | - |
214 | goto done; never executed: goto done; | 0 |
215 | } | - |
216 | | - |
217 | | - |
218 | | - |
219 | | - |
220 | | - |
221 | r = BN_new(); | - |
222 | s = BN_new(); | - |
223 | | - |
224 | if (r == NULL || s == NULL) {TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
225 | SM2err(SM2_F_SM2_SIG_GEN, ERR_R_MALLOC_FAILURE); | - |
226 | goto done; never executed: goto done; | 0 |
227 | } | - |
228 | | - |
229 | for (;;) { | - |
230 | if (!BN_priv_rand_range(k, order)) {TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
231 | SM2err(SM2_F_SM2_SIG_GEN, ERR_R_INTERNAL_ERROR); | - |
232 | goto done; never executed: goto done; | 0 |
233 | } | - |
234 | | - |
235 | if (!EC_POINT_mul(group, kG, k, NULL, NULL, ctx)TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
236 | || !EC_POINT_get_affine_coordinates(group, kG, x1, NULL,TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
237 | ctx)TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
238 | || !BN_mod_add(r, e, x1, order, ctx)) {TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
239 | SM2err(SM2_F_SM2_SIG_GEN, ERR_R_INTERNAL_ERROR); | - |
240 | goto done; never executed: goto done; | 0 |
241 | } | - |
242 | | - |
243 | | - |
244 | if (BN_is_zero(r))TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
245 | continue; never executed: continue; | 0 |
246 | | - |
247 | if (!BN_add(rk, r, k)) {TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
248 | SM2err(SM2_F_SM2_SIG_GEN, ERR_R_INTERNAL_ERROR); | - |
249 | goto done; never executed: goto done; | 0 |
250 | } | - |
251 | | - |
252 | if (BN_cmp(rk, order) == 0)TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
253 | continue; never executed: continue; | 0 |
254 | | - |
255 | if (!BN_add(s, dA, BN_value_one())TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
256 | || !ec_group_do_inverse_ord(group, s, s, ctx)TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
257 | || !BN_mod_mul(tmp, dA, r, order, ctx)TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
258 | || !BN_sub(tmp, k, tmp)TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
259 | || !BN_mod_mul(s, s, tmp, order, ctx)) {TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
260 | SM2err(SM2_F_SM2_SIG_GEN, ERR_R_BN_LIB); | - |
261 | goto done; never executed: goto done; | 0 |
262 | } | - |
263 | | - |
264 | sig = ECDSA_SIG_new(); | - |
265 | if (sig == NULL) {TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
266 | SM2err(SM2_F_SM2_SIG_GEN, ERR_R_MALLOC_FAILURE); | - |
267 | goto done; never executed: goto done; | 0 |
268 | } | - |
269 | | - |
270 | | - |
271 | ECDSA_SIG_set0(sig, r, s); | - |
272 | break;executed 3 times by 2 tests: break; Executed by:- libcrypto.so.1.1
- sm2_internal_test
| 3 |
273 | } | - |
274 | | - |
275 | done:code before this statement executed 3 times by 2 tests: done: Executed by:- libcrypto.so.1.1
- sm2_internal_test
| 3 |
276 | if (sig == NULL) {TRUE | never evaluated | FALSE | evaluated 3 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-3 |
277 | BN_free(r); | - |
278 | BN_free(s); | - |
279 | } never executed: end of block | 0 |
280 | | - |
281 | BN_CTX_free(ctx); | - |
282 | EC_POINT_free(kG); | - |
283 | return sig;executed 3 times by 2 tests: return sig; Executed by:- libcrypto.so.1.1
- sm2_internal_test
| 3 |
284 | } | - |
285 | | - |
286 | static int sm2_sig_verify(const EC_KEY *key, const ECDSA_SIG *sig, | - |
287 | const BIGNUM *e) | - |
288 | { | - |
289 | int ret = 0; | - |
290 | const EC_GROUP *group = EC_KEY_get0_group(key); | - |
291 | const BIGNUM *order = EC_GROUP_get0_order(group); | - |
292 | BN_CTX *ctx = NULL; | - |
293 | EC_POINT *pt = NULL; | - |
294 | BIGNUM *t = NULL; | - |
295 | BIGNUM *x1 = NULL; | - |
296 | const BIGNUM *r = NULL; | - |
297 | const BIGNUM *s = NULL; | - |
298 | | - |
299 | ctx = BN_CTX_new(); | - |
300 | pt = EC_POINT_new(group); | - |
301 | if (ctx == NULL || pt == NULL) {TRUE | never evaluated | FALSE | evaluated 6 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
TRUE | never evaluated | FALSE | evaluated 6 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-6 |
302 | SM2err(SM2_F_SM2_SIG_VERIFY, ERR_R_MALLOC_FAILURE); | - |
303 | goto done; never executed: goto done; | 0 |
304 | } | - |
305 | | - |
306 | BN_CTX_start(ctx); | - |
307 | t = BN_CTX_get(ctx); | - |
308 | x1 = BN_CTX_get(ctx); | - |
309 | if (x1 == NULL) {TRUE | never evaluated | FALSE | evaluated 6 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-6 |
310 | SM2err(SM2_F_SM2_SIG_VERIFY, ERR_R_MALLOC_FAILURE); | - |
311 | goto done; never executed: goto done; | 0 |
312 | } | - |
313 | | - |
314 | | - |
315 | | - |
316 | | - |
317 | | - |
318 | | - |
319 | | - |
320 | | - |
321 | | - |
322 | | - |
323 | | - |
324 | ECDSA_SIG_get0(sig, &r, &s); | - |
325 | | - |
326 | if (BN_cmp(r, BN_value_one()) < 0TRUE | never evaluated | FALSE | evaluated 6 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-6 |
327 | || BN_cmp(s, BN_value_one()) < 0TRUE | never evaluated | FALSE | evaluated 6 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-6 |
328 | || BN_cmp(order, r) <= 0TRUE | never evaluated | FALSE | evaluated 6 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-6 |
329 | || BN_cmp(order, s) <= 0) {TRUE | never evaluated | FALSE | evaluated 6 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-6 |
330 | SM2err(SM2_F_SM2_SIG_VERIFY, SM2_R_BAD_SIGNATURE); | - |
331 | goto done; never executed: goto done; | 0 |
332 | } | - |
333 | | - |
334 | if (!BN_mod_add(t, r, s, order, ctx)) {TRUE | never evaluated | FALSE | evaluated 6 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-6 |
335 | SM2err(SM2_F_SM2_SIG_VERIFY, ERR_R_BN_LIB); | - |
336 | goto done; never executed: goto done; | 0 |
337 | } | - |
338 | | - |
339 | if (BN_is_zero(t)) {TRUE | never evaluated | FALSE | evaluated 6 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-6 |
340 | SM2err(SM2_F_SM2_SIG_VERIFY, SM2_R_BAD_SIGNATURE); | - |
341 | goto done; never executed: goto done; | 0 |
342 | } | - |
343 | | - |
344 | if (!EC_POINT_mul(group, pt, s, EC_KEY_get0_public_key(key), t, ctx)TRUE | never evaluated | FALSE | evaluated 6 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-6 |
345 | || !EC_POINT_get_affine_coordinates(group, pt, x1, NULL, ctx)) {TRUE | never evaluated | FALSE | evaluated 6 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-6 |
346 | SM2err(SM2_F_SM2_SIG_VERIFY, ERR_R_EC_LIB); | - |
347 | goto done; never executed: goto done; | 0 |
348 | } | - |
349 | | - |
350 | if (!BN_mod_add(t, e, x1, order, ctx)) {TRUE | never evaluated | FALSE | evaluated 6 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
|
| 0-6 |
351 | SM2err(SM2_F_SM2_SIG_VERIFY, ERR_R_BN_LIB); | - |
352 | goto done; never executed: goto done; | 0 |
353 | } | - |
354 | | - |
355 | if (BN_cmp(r, t) == 0)TRUE | evaluated 6 times by 2 testsEvaluated by:- libcrypto.so.1.1
- sm2_internal_test
| FALSE | never evaluated |
| 0-6 |
356 | ret = 1;executed 6 times by 2 tests: ret = 1; Executed by:- libcrypto.so.1.1
- sm2_internal_test
| 6 |
357 | | - |
358 | done:code before this statement executed 6 times by 2 tests: done: Executed by:- libcrypto.so.1.1
- sm2_internal_test
| 6 |
359 | EC_POINT_free(pt); | - |
360 | BN_CTX_free(ctx); | - |
361 | return ret;executed 6 times by 2 tests: return ret; Executed by:- libcrypto.so.1.1
- sm2_internal_test
| 6 |
362 | } | - |
363 | | - |
364 | ECDSA_SIG *sm2_do_sign(const EC_KEY *key, | - |
365 | const EVP_MD *digest, | - |
366 | const uint8_t *id, | - |
367 | const size_t id_len, | - |
368 | const uint8_t *msg, size_t msg_len) | - |
369 | { | - |
370 | BIGNUM *e = NULL; | - |
371 | ECDSA_SIG *sig = NULL; | - |
372 | | - |
373 | e = sm2_compute_msg_hash(digest, key, id, id_len, msg, msg_len); | - |
374 | if (e == NULL) {TRUE | never evaluated | FALSE | evaluated 1 time by 1 test |
| 0-1 |
375 | | - |
376 | goto done; never executed: goto done; | 0 |
377 | } | - |
378 | | - |
379 | sig = sm2_sig_gen(key, e); | - |
380 | | - |
381 | done:code before this statement executed 1 time by 1 test: done: | 1 |
382 | BN_free(e); | - |
383 | return sig;executed 1 time by 1 test: return sig; | 1 |
384 | } | - |
385 | | - |
386 | int sm2_do_verify(const EC_KEY *key, | - |
387 | const EVP_MD *digest, | - |
388 | const ECDSA_SIG *sig, | - |
389 | const uint8_t *id, | - |
390 | const size_t id_len, | - |
391 | const uint8_t *msg, size_t msg_len) | - |
392 | { | - |
393 | BIGNUM *e = NULL; | - |
394 | int ret = 0; | - |
395 | | - |
396 | e = sm2_compute_msg_hash(digest, key, id, id_len, msg, msg_len); | - |
397 | if (e == NULL) {TRUE | never evaluated | FALSE | evaluated 1 time by 1 test |
| 0-1 |
398 | | - |
399 | goto done; never executed: goto done; | 0 |
400 | } | - |
401 | | - |
402 | ret = sm2_sig_verify(key, sig, e); | - |
403 | | - |
404 | done:code before this statement executed 1 time by 1 test: done: | 1 |
405 | BN_free(e); | - |
406 | return ret;executed 1 time by 1 test: return ret; | 1 |
407 | } | - |
408 | | - |
409 | int sm2_sign(const unsigned char *dgst, int dgstlen, | - |
410 | unsigned char *sig, unsigned int *siglen, EC_KEY *eckey) | - |
411 | { | - |
412 | BIGNUM *e = NULL; | - |
413 | ECDSA_SIG *s = NULL; | - |
414 | int sigleni; | - |
415 | int ret = -1; | - |
416 | | - |
417 | e = BN_bin2bn(dgst, dgstlen, NULL); | - |
418 | if (e == NULL) {TRUE | never evaluated | FALSE | evaluated 2 times by 1 test |
| 0-2 |
419 | SM2err(SM2_F_SM2_SIGN, ERR_R_BN_LIB); | - |
420 | goto done; never executed: goto done; | 0 |
421 | } | - |
422 | | - |
423 | s = sm2_sig_gen(eckey, e); | - |
424 | | - |
425 | sigleni = i2d_ECDSA_SIG(s, &sig); | - |
426 | if (sigleni < 0) {TRUE | never evaluated | FALSE | evaluated 2 times by 1 test |
| 0-2 |
427 | SM2err(SM2_F_SM2_SIGN, ERR_R_INTERNAL_ERROR); | - |
428 | goto done; never executed: goto done; | 0 |
429 | } | - |
430 | *siglen = (unsigned int)sigleni; | - |
431 | | - |
432 | ret = 1; | - |
433 | | - |
434 | done:code before this statement executed 2 times by 1 test: done: | 2 |
435 | ECDSA_SIG_free(s); | - |
436 | BN_free(e); | - |
437 | return ret;executed 2 times by 1 test: return ret; | 2 |
438 | } | - |
439 | | - |
440 | int sm2_verify(const unsigned char *dgst, int dgstlen, | - |
441 | const unsigned char *sig, int sig_len, EC_KEY *eckey) | - |
442 | { | - |
443 | ECDSA_SIG *s = NULL; | - |
444 | BIGNUM *e = NULL; | - |
445 | const unsigned char *p = sig; | - |
446 | unsigned char *der = NULL; | - |
447 | int derlen = -1; | - |
448 | int ret = -1; | - |
449 | | - |
450 | s = ECDSA_SIG_new(); | - |
451 | if (s == NULL) {TRUE | never evaluated | FALSE | evaluated 5 times by 1 test |
| 0-5 |
452 | SM2err(SM2_F_SM2_VERIFY, ERR_R_MALLOC_FAILURE); | - |
453 | goto done; never executed: goto done; | 0 |
454 | } | - |
455 | if (d2i_ECDSA_SIG(&s, &p, sig_len) == NULL) {TRUE | never evaluated | FALSE | evaluated 5 times by 1 test |
| 0-5 |
456 | SM2err(SM2_F_SM2_VERIFY, SM2_R_INVALID_ENCODING); | - |
457 | goto done; never executed: goto done; | 0 |
458 | } | - |
459 | | - |
460 | derlen = i2d_ECDSA_SIG(s, &der); | - |
461 | if (derlen != sig_len || memcmp(sig, der, derlen) != 0) {TRUE | never evaluated | FALSE | evaluated 5 times by 1 test |
TRUE | never evaluated | FALSE | evaluated 5 times by 1 test |
| 0-5 |
462 | SM2err(SM2_F_SM2_VERIFY, SM2_R_INVALID_ENCODING); | - |
463 | goto done; never executed: goto done; | 0 |
464 | } | - |
465 | | - |
466 | e = BN_bin2bn(dgst, dgstlen, NULL); | - |
467 | if (e == NULL) {TRUE | never evaluated | FALSE | evaluated 5 times by 1 test |
| 0-5 |
468 | SM2err(SM2_F_SM2_VERIFY, ERR_R_BN_LIB); | - |
469 | goto done; never executed: goto done; | 0 |
470 | } | - |
471 | | - |
472 | ret = sm2_sig_verify(eckey, s, e); | - |
473 | | - |
474 | done:code before this statement executed 5 times by 1 test: done: | 5 |
475 | OPENSSL_free(der); | - |
476 | BN_free(e); | - |
477 | ECDSA_SIG_free(s); | - |
478 | return ret;executed 5 times by 1 test: return ret; | 5 |
479 | } | - |
| | |