From dc9810db1c2a67e261f96fa835d695eae7e2774d Mon Sep 17 00:00:00 2001 From: tb Date: Fri, 18 Oct 2024 10:40:31 +0000 Subject: [PATCH] ec_asn1_test: add secp256k1.m --- regress/lib/libcrypto/ec/ec_asn1_test.c | 91 ++++++++++++++++++++++--- 1 file changed, 81 insertions(+), 10 deletions(-) diff --git a/regress/lib/libcrypto/ec/ec_asn1_test.c b/regress/lib/libcrypto/ec/ec_asn1_test.c index 060d8e581ff..e5e899264dd 100644 --- a/regress/lib/libcrypto/ec/ec_asn1_test.c +++ b/regress/lib/libcrypto/ec/ec_asn1_test.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ec_asn1_test.c,v 1.9 2024/10/18 10:12:25 tb Exp $ */ +/* $OpenBSD: ec_asn1_test.c,v 1.10 2024/10/18 10:40:31 tb Exp $ */ /* * Copyright (c) 2017, 2021 Joel Sing * Copyright (c) 2024 Theo Buehler @@ -24,12 +24,12 @@ #include #include -const uint8_t ec_secp256r1_pkparameters_named_curve[] = { +static const uint8_t ec_secp256r1_pkparameters_named_curve[] = { 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, }; -const uint8_t ec_secp256r1_pkparameters_parameters[] = { +static const uint8_t ec_secp256r1_pkparameters_parameters[] = { 0x30, 0x81, 0xf7, 0x02, 0x01, 0x01, 0x30, 0x2c, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, 0x01, 0x02, 0x21, 0x00, 0xff, 0xff, 0xff, 0xff, @@ -64,7 +64,7 @@ const uint8_t ec_secp256r1_pkparameters_parameters[] = { 0x01, 0x01, }; -const uint8_t ec_secp256k1_pkparameters_parameters[] = { +static const uint8_t ec_secp256k1_pkparameters_parameters[] = { 0x30, 0x81, 0xe0, 0x02, 0x01, 0x01, 0x30, 0x2c, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, 0x01, 0x02, 0x21, 0x00, 0xff, 0xff, 0xff, 0xff, @@ -352,6 +352,7 @@ struct curve { const char *cofactor; const char *x; const char *y; + int known_named_curve; const char *named; size_t named_len; const char *param; @@ -362,11 +363,11 @@ struct curve { * From draft-ietf-lwig-curve-representation-23, Appendix E.3 */ -const uint8_t ec_wei25519_pkparameters_named_curve[] = { +static const uint8_t ec_wei25519_pkparameters_named_curve[] = { 0x06, 0x03, 0x2b, 0x65, 0x6c, }; -const uint8_t ec_wei25519_pkparameters_parameters[] = { +static const uint8_t ec_wei25519_pkparameters_parameters[] = { 0x30, 0x81, 0xde, 0x02, 0x01, 0x01, 0x30, 0x2b, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, 0x01, 0x02, 0x20, 0x7f, 0xff, 0xff, 0xff, 0xff, @@ -425,7 +426,7 @@ static const struct curve wei25519 = { * From draft-ietf-lwig-curve-representation-23, Appendix G.3 */ -const uint8_t ec_wei25519_2_pkparameters_parameters[] = { +static const uint8_t ec_wei25519_2_pkparameters_parameters[] = { 0x30, 0x81, 0xde, 0x02, 0x01, 0x01, 0x30, 0x2b, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, 0x01, 0x02, 0x20, 0x7f, 0xff, 0xff, 0xff, 0xff, @@ -479,7 +480,7 @@ static const struct curve wei25519_2 = { .param_len = sizeof(ec_wei25519_2_pkparameters_parameters), }; -const uint8_t ec_wei25519_3_pkparameters_parameters[] = { +static const uint8_t ec_wei25519_3_pkparameters_parameters[] = { 0x30, 0x81, 0xde, 0x02, 0x01, 0x01, 0x30, 0x2b, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, 0x01, 0x02, 0x20, 0x7f, 0xff, 0xff, 0xff, 0xff, @@ -539,6 +540,69 @@ static const struct curve wei25519_3 = { .param_len = sizeof(ec_wei25519_3_pkparameters_parameters), }; +/* + * From draft-ietf-lwig-curve-representation-23, Appendix L.3 + */ + +static const uint8_t ec_secp256k1_m_pkparameters_named_curve[] = { + 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x0a, +}; + +static const uint8_t ec_secp256k1_m_pkparameters_parameters[] = { + 0x30, 0x81, 0xe0, 0x02, 0x01, 0x01, 0x30, 0x2c, + 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, + 0x01, 0x02, 0x21, 0x00, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, + 0xff, 0xff, 0xfc, 0x2f, 0x30, 0x44, 0x04, 0x20, + 0xcf, 0xcd, 0x5c, 0x21, 0x75, 0xe2, 0xef, 0x7d, + 0xcc, 0xdc, 0xe7, 0x37, 0x77, 0x0b, 0x73, 0x81, + 0x5a, 0x2f, 0x13, 0xc5, 0x09, 0x03, 0x5c, 0xa2, + 0x54, 0xa1, 0x4a, 0xc9, 0xf0, 0x89, 0x74, 0xaf, + 0x04, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x06, 0xeb, 0x04, 0x41, 0x04, 0x3a, 0xca, 0x53, + 0x00, 0x95, 0x9f, 0xa1, 0xd0, 0xba, 0xf7, 0x8d, + 0xcf, 0xf7, 0x7a, 0x61, 0x6f, 0x39, 0x5e, 0x58, + 0x6d, 0x67, 0xac, 0xed, 0x0a, 0x88, 0x79, 0x81, + 0x29, 0x0c, 0x27, 0x91, 0x45, 0x95, 0x80, 0xfc, + 0xe5, 0x3a, 0x17, 0x0f, 0x4f, 0xb7, 0x44, 0x57, + 0x9f, 0xf3, 0xd6, 0x20, 0x86, 0x12, 0xcd, 0x6a, + 0x23, 0x3e, 0x2d, 0xe2, 0x37, 0xf9, 0x76, 0xc6, + 0xa7, 0x86, 0x11, 0xc8, 0x00, 0x02, 0x21, 0x00, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, + 0xba, 0xae, 0xdc, 0xe6, 0xaf, 0x48, 0xa0, 0x3b, + 0xbf, 0xd2, 0x5e, 0x8c, 0xd0, 0x36, 0x41, 0x41, + 0x02, 0x01, 0x01, +}; + +static const struct curve secp256k1_m = { + .descr = "short Weierstrass secp256k1.m", + .oid = "1.3.132.0.10", + .sn = SN_secp256k1, + .p = "ffffffff" "ffffffff" "ffffffff" "ffffffff" + "ffffffff" "ffffffff" "fffffffe" "fffffc2f", + .a = "cfcd5c21" "75e2ef7d" "ccdce737" "770b7381" + "5a2f13c5" "09035ca2" "54a14ac9" "f08974af", + .b = "06eb", + .x = "3aca5300" "959fa1d0" "baf78dcf" "f77a616f" + "395e586d" "67aced0a" "88798129" "0c279145", + .y = "9580fce5" "3a170f4f" "b744579f" "f3d62086" + "12cd6a23" "3e2de237" "f976c6a7" "8611c800", + .order = "ffffffff" "ffffffff" "ffffffff" "fffffffe" + "baaedce6" "af48a03b" "bfd25e8c" "d0364141", + .cofactor = "1", + .known_named_curve = 1, + .named = ec_secp256k1_m_pkparameters_named_curve, + .named_len = sizeof(ec_secp256k1_m_pkparameters_named_curve), + .param = ec_secp256k1_m_pkparameters_parameters, + .param_len = sizeof(ec_secp256k1_m_pkparameters_parameters), +}; + static EC_GROUP * ec_group_from_curve_method(const struct curve *curve, const EC_METHOD *method, BN_CTX *ctx) @@ -752,14 +816,18 @@ ec_group_non_builtin_curve(const struct curve *curve, const EC_METHOD *method, pder = curve->named; der_len = curve->named_len; - if ((new_group = d2i_ECPKParameters(NULL, &pder, der_len)) != NULL) { + new_group = d2i_ECPKParameters(NULL, &pder, der_len); + if (!curve->known_named_curve && new_group != NULL) { fprintf(stderr, "FAIL: managed to decode unknown named curve %s\n", curve->descr); goto err; } + EC_GROUP_free(new_group); + new_group = NULL; error = ERR_get_error(); - if (ERR_GET_REASON(error) != EC_R_UNKNOWN_GROUP) { + if (!curve->known_named_curve && + ERR_GET_REASON(error) != EC_R_UNKNOWN_GROUP) { fprintf(stderr, "FAIL: %s unexpected error: want %d, got %d\n", curve->descr, EC_R_UNKNOWN_GROUP, ERR_GET_REASON(error)); goto err; @@ -825,6 +893,9 @@ ec_group_non_builtin_curves(void) failed |= ec_group_non_builtin_curve(&wei25519_3, EC_GFp_mont_method(), ctx); failed |= ec_group_non_builtin_curve(&wei25519_3, EC_GFp_simple_method(), ctx); + failed |= ec_group_non_builtin_curve(&secp256k1_m, EC_GFp_mont_method(), ctx); + failed |= ec_group_non_builtin_curve(&secp256k1_m, EC_GFp_simple_method(), ctx); + BN_CTX_free(ctx); return failed; -- 2.20.1