Convert dhtest, dsatest, cipherbytes_test (93d02986) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

test/build.info

+5 −5

Original line number	Diff line number	Diff line
		@@ -115,8 +115,8 @@ IF[{- !$disabled{tests} -}]
		INCLUDE[randtest]=../include
		DEPEND[randtest]=../libcrypto

		SOURCE[dhtest]=dhtest.c
		INCLUDE[dhtest]=../include
		SOURCE[dhtest]=dhtest.c testutil.c test_main.c
		INCLUDE[dhtest]=.. ../include
		DEPEND[dhtest]=../libcrypto

		SOURCE[enginetest]=enginetest.c testutil.c test_main.c
		@@ -135,8 +135,8 @@ IF[{- !$disabled{tests} -}]
		INCLUDE[ssltest_old]=.. ../include
		DEPEND[ssltest_old]=../libcrypto ../libssl

		SOURCE[dsatest]=dsatest.c
		INCLUDE[dsatest]=../include
		SOURCE[dsatest]=dsatest.c testutil.c test_main.c
		INCLUDE[dsatest]=.. ../include
		DEPEND[dsatest]=../libcrypto

		SOURCE[exptest]=exptest.c
		@@ -321,7 +321,7 @@ IF[{- !$disabled{tests} -}]
		INCLUDE[uitest]=.. ../include
		DEPEND[uitest]=../libcrypto ../libssl

		SOURCE[cipherbytes_test]=cipherbytes_test.c
		SOURCE[cipherbytes_test]=cipherbytes_test.c testutil.c test_main_custom.c
		INCLUDE[cipherbytes_test]=.. ../include
		DEPEND[cipherbytes_test]=../libcrypto ../libssl

test/cipherbytes_test.c

+85 −62

Original line number	Diff line number	Diff line
		@@ -19,110 +19,133 @@
		#include <openssl/tls1.h>

		#include "e_os.h"
		#include "testutil.h"
		#include "test_main_custom.h"

		static int test_empty(SSL *s)
		static SSL_CTX *ctx;
		static SSL *s;

		static int test_empty(void)
		{
		STACK_OF(SSL_CIPHER) sk = NULL, scsv = NULL;
		const unsigned char bytes[] = {0x00};
		int ret = 0;

		if (!TEST_int_eq(SSL_bytes_to_cipher_list(s, bytes, 0, 0, &sk, &scsv), 0)
		\|\| !TEST_ptr_null(sk)
		\|\| !TEST_ptr_null(scsv))
		goto err;
		ret = 1;

		if (SSL_bytes_to_cipher_list(s, bytes, 0, 0, &sk, &scsv) \|\|
		sk != NULL \|\| scsv != NULL)
		return 0;
		return 1;
		err:
		sk_SSL_CIPHER_free(sk);
		sk_SSL_CIPHER_free(scsv);
		return ret;
		}

		static int test_unsupported(SSL *s)
		static int test_unsupported(void)
		{
		STACK_OF(SSL_CIPHER) sk, scsv;
		/* ECDH-RSA-AES256 (unsupported), ECDHE-ECDSA-AES128, <unassigned> */
		const unsigned char bytes[] = {0xc0, 0x0f, 0x00, 0x2f, 0x01, 0x00};

		if (!SSL_bytes_to_cipher_list(s, bytes, sizeof(bytes), 0, &sk, &scsv) \|\|
		sk == NULL \|\| sk_SSL_CIPHER_num(sk) != 1 \|\| scsv == NULL \|\|
		sk_SSL_CIPHER_num(scsv) != 0)
		return 0;
		if (strcmp(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(sk, 0)),
		"AES128-SHA") != 0)
		return 0;

		int ret = 0;

		if (!TEST_true(SSL_bytes_to_cipher_list(s, bytes, sizeof(bytes),
		0, &sk, &scsv))
		\|\| !TEST_ptr(sk)
		\|\| !TEST_int_eq(sk_SSL_CIPHER_num(sk), 1)
		\|\| !TEST_ptr(scsv)
		\|\| !TEST_int_eq(sk_SSL_CIPHER_num(scsv), 0)
		\|\| !TEST_str_eq(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(sk, 0)),
		"AES128-SHA"))
		goto err;

		ret = 1;
		err:
		sk_SSL_CIPHER_free(sk);
		sk_SSL_CIPHER_free(scsv);
		return 1;
		return ret;
		}

		static int test_v2(SSL *s)
		static int test_v2(void)
		{
		STACK_OF(SSL_CIPHER) sk, scsv;
		/* ECDHE-ECDSA-AES256GCM, SSL2_RC4_1238_WITH_MD5,
		* ECDHE-ECDSA-CHACHA20-POLY1305 */
		const unsigned char bytes[] = {0x00, 0x00, 0x35, 0x01, 0x00, 0x80,
		0x00, 0x00, 0x33};

		if (!SSL_bytes_to_cipher_list(s, bytes, sizeof(bytes), 1, &sk, &scsv) \|\|
		sk == NULL \|\| sk_SSL_CIPHER_num(sk) != 2 \|\| scsv == NULL \|\|
		sk_SSL_CIPHER_num(scsv) != 0)
		return 0;
		int ret = 0;

		if (!TEST_true(SSL_bytes_to_cipher_list(s, bytes, sizeof(bytes), 1,
		&sk, &scsv))
		\|\| !TEST_ptr(sk)
		\|\| !TEST_int_eq(sk_SSL_CIPHER_num(sk), 2)
		\|\| !TEST_ptr(scsv)
		\|\| !TEST_int_eq(sk_SSL_CIPHER_num(scsv), 0))
		goto err;
		if (strcmp(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(sk, 0)),
		"AES256-SHA") != 0 \|\|
		strcmp(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(sk, 1)),
		"DHE-RSA-AES128-SHA") != 0)
		return 0;
		goto err;

		ret = 1;

		err:
		sk_SSL_CIPHER_free(sk);
		sk_SSL_CIPHER_free(scsv);
		return 1;
		return ret;
		}

		static int test_v3(SSL *s)
		static int test_v3(void)
		{
		STACK_OF(SSL_CIPHER) sk, scsv;
		STACK_OF(SSL_CIPHER) sk = NULL, scsv = NULL;
		/* ECDHE-ECDSA-AES256GCM, ECDHE-ECDSA-CHACHAPOLY, DHE-RSA-AES256GCM,
		* EMPTY-RENEGOTIATION-INFO-SCSV, FALLBACK-SCSV */
		const unsigned char bytes[] = {0x00, 0x2f, 0x00, 0x33, 0x00, 0x9f, 0x00, 0xff,
		0x56, 0x00};

		if (!SSL_bytes_to_cipher_list(s, bytes, sizeof(bytes), 0, &sk, &scsv) \|\|
		sk == NULL \|\| sk_SSL_CIPHER_num(sk) != 3 \|\| scsv == NULL \|\|
		sk_SSL_CIPHER_num(scsv) != 2)
		return 0;
		if (strcmp(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(sk, 0)),
		"AES128-SHA") != 0 \|\|
		strcmp(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(sk, 1)),
		"DHE-RSA-AES128-SHA") != 0 \|\|
		strcmp(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(sk, 2)),
		"DHE-RSA-AES256-GCM-SHA384") != 0 \|\|
		strcmp(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(scsv, 0)),
		"TLS_EMPTY_RENEGOTIATION_INFO_SCSV") != 0 \|\|
		strcmp(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(scsv, 1)),
		"TLS_FALLBACK_SCSV") != 0)
		return 0;
		int ret = 0;

		if (!SSL_bytes_to_cipher_list(s, bytes, sizeof(bytes), 0, &sk, &scsv)
		\|\| !TEST_ptr(sk)
		\|\| !TEST_int_eq(sk_SSL_CIPHER_num(sk), 3)
		\|\| !TEST_ptr(scsv)
		\|\| !TEST_int_eq(sk_SSL_CIPHER_num(scsv), 2)
		\|\| !TEST_str_eq(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(sk, 0)),
		"AES128-SHA")
		\|\| !TEST_str_eq(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(sk, 1)),
		"DHE-RSA-AES128-SHA")
		\|\| !TEST_str_eq(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(sk, 2)),
		"DHE-RSA-AES256-GCM-SHA384")
		\|\| !TEST_str_eq(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(scsv, 0)),
		"TLS_EMPTY_RENEGOTIATION_INFO_SCSV")
		\|\| !TEST_str_eq(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(scsv, 1)),
		"TLS_FALLBACK_SCSV"))
		goto err;

		ret = 1;
		err:
		sk_SSL_CIPHER_free(sk);
		sk_SSL_CIPHER_free(scsv);
		return 1;
		return ret;
		}

		int main(int argc, char **argv)
		int test_main(int argc, char **argv)
		{
		SSL_CTX *ctx;
		SSL *s;
		int ret;

		ctx = SSL_CTX_new(TLS_server_method());
		s = SSL_new(ctx);
		OPENSSL_assert(s != NULL);
		if (!TEST_ptr(ctx = SSL_CTX_new(TLS_server_method()))
		\|\| !TEST_ptr(s = SSL_new(ctx)))
		return EXIT_FAILURE;

		if (!test_empty(s))
		return 1;
		ADD_TEST(test_empty);
		ADD_TEST(test_unsupported);
		ADD_TEST(test_v2);
		ADD_TEST(test_v3);
		ret = run_tests(argv[0]);

		if (!test_unsupported(s))
		return 1;

		if (!test_v2(s))
		return 1;

		if (!test_v3(s))
		return 1;

		printf("PASS\n");
		SSL_free(s);
		SSL_CTX_free(ctx);
		return 0;

		return ret;
		}

test/dhtest.c

+65 −150

Original line number	Diff line number	Diff line
		@@ -11,13 +11,14 @@
		#include <stdlib.h>
		#include <string.h>

		#include "../e_os.h"

		#include "e_os.h"
		#include <openssl/crypto.h>
		#include <openssl/bio.h>
		#include <openssl/bn.h>
		#include <openssl/rand.h>
		#include <openssl/err.h>
		#include "test_main.h"
		#include "testutil.h"

		#ifdef OPENSSL_NO_DH
		int main(int argc, char *argv[])
		@@ -33,125 +34,68 @@ static int cb(int p, int n, BN_GENCB *arg);
		static const char rnd_seed[] =
		"string to make the random number generator think it has entropy";

		static int run_rfc5114_tests(void);

		int main(int argc, char *argv[])
		static int dh_test(void)
		{
		BN_GENCB *_cb = NULL;
		DH *a = NULL;
		DH *b = NULL;
		const BIGNUM ap = NULL, ag = NULL, apub_key = NULL, priv_key = NULL;
		const BIGNUM ap = NULL, ag = NULL, *apub_key = NULL;
		const BIGNUM *bpub_key = NULL;
		BIGNUM bp = NULL, bg = NULL;
		char buf[12] = {0};
		unsigned char *abuf = NULL;
		unsigned char *bbuf = NULL;
		int i, alen, blen, aout, bout;
		int ret = 1;
		BIO *out = NULL;

		CRYPTO_set_mem_debug(1);
		CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);

		RAND_seed(rnd_seed, sizeof rnd_seed);

		out = BIO_new(BIO_s_file());
		if (out == NULL)
		EXIT(1);
		BIO_set_fp(out, stdout, BIO_NOCLOSE \| BIO_FP_TEXT);

		_cb = BN_GENCB_new();
		if (_cb == NULL)
		if (!TEST_ptr(_cb = BN_GENCB_new()))
		goto err;
		BN_GENCB_set(_cb, &cb, out);
		if (((a = DH_new()) == NULL)
		\|\| (!DH_generate_parameters_ex(a, 64, DH_GENERATOR_5, _cb)))
		BN_GENCB_set(_cb, &cb, NULL);
		if (!TEST_ptr(a = DH_new())
		\|\| !TEST_true(DH_generate_parameters_ex(a, 64,
		DH_GENERATOR_5, _cb)))
		goto err;

		if (!DH_check(a, &i))
		goto err;
		if (i & DH_CHECK_P_NOT_PRIME)
		BIO_puts(out, "p value is not prime\n");
		if (i & DH_CHECK_P_NOT_SAFE_PRIME)
		BIO_puts(out, "p value is not a safe prime\n");
		if (i & DH_UNABLE_TO_CHECK_GENERATOR)
		BIO_puts(out, "unable to check the generator value\n");
		if (i & DH_NOT_SUITABLE_GENERATOR)
		BIO_puts(out, "the g value is not a generator\n");

		DH_get0_pqg(a, &ap, NULL, &ag);
		BIO_puts(out, "\np =");
		BN_print(out, ap);
		BIO_puts(out, "\ng =");
		BN_print(out, ag);
		BIO_puts(out, "\n");

		b = DH_new();
		if (b == NULL)
		if (TEST_false(i & DH_CHECK_P_NOT_PRIME)
		\|\| TEST_false(i & DH_CHECK_P_NOT_SAFE_PRIME)
		\|\| TEST_false(i & DH_UNABLE_TO_CHECK_GENERATOR)
		\|\| TEST_false(i & DH_NOT_SUITABLE_GENERATOR))
		goto err;

		bp = BN_dup(ap);
		bg = BN_dup(ag);
		if ((bp == NULL) \|\| (bg == NULL) \|\| !DH_set0_pqg(b, bp, NULL, bg))
		if (!TEST_ptr(b = DH_new()))
		goto err;

		if (!TEST_ptr(bp = BN_dup(ap))
		\|\| !TEST_ptr(bg = BN_dup(ag))
		\|\| !TEST_true(DH_set0_pqg(b, bp, NULL, bg)))
		goto err;
		bp = bg = NULL;

		if (!DH_generate_key(a))
		goto err;
		DH_get0_key(a, &apub_key, &priv_key);
		BIO_puts(out, "pri 1=");
		BN_print(out, priv_key);
		BIO_puts(out, "\npub 1=");
		BN_print(out, apub_key);
		BIO_puts(out, "\n");

		if (!DH_generate_key(b))
		goto err;
		DH_get0_key(b, &bpub_key, &priv_key);
		BIO_puts(out, "pri 2=");
		BN_print(out, priv_key);
		BIO_puts(out, "\npub 2=");
		BN_print(out, bpub_key);
		BIO_puts(out, "\n");

		alen = DH_size(a);
		abuf = OPENSSL_malloc(alen);
		if (abuf == NULL)
		if (!TEST_ptr(abuf = OPENSSL_malloc(alen))
		\|\| !TEST_true(aout = DH_compute_key(abuf, bpub_key, a)))
		goto err;

		aout = DH_compute_key(abuf, bpub_key, a);

		BIO_puts(out, "key1 =");
		for (i = 0; i < aout; i++) {
		sprintf(buf, "%02X", abuf[i]);
		BIO_puts(out, buf);
		}
		BIO_puts(out, "\n");

		blen = DH_size(b);
		bbuf = OPENSSL_malloc(blen);
		if (bbuf == NULL)
		if (!TEST_ptr(bbuf = OPENSSL_malloc(blen))
		\|\| !TEST_true(bout = DH_compute_key(bbuf, apub_key, b)))
		goto err;
		if (!TEST_true(aout < 4)
		\|\| !TEST_mem_eq(abuf, aout, bbuf, bout))
		goto err;

		bout = DH_compute_key(bbuf, apub_key, b);

		BIO_puts(out, "key2 =");
		for (i = 0; i < bout; i++) {
		sprintf(buf, "%02X", bbuf[i]);
		BIO_puts(out, buf);
		}
		BIO_puts(out, "\n");
		if ((aout < 4) \|\| (bout != aout) \|\| (memcmp(abuf, bbuf, aout) != 0)) {
		fprintf(stderr, "Error in DH routines\n");
		ret = 1;
		} else
		ret = 0;
		if (!run_rfc5114_tests())
		ret = 1;
		err:
		(void)BIO_flush(out);
		ERR_print_errors_fp(stderr);

		err:
		OPENSSL_free(abuf);
		OPENSSL_free(bbuf);
		DH_free(b);
		@@ -159,30 +103,11 @@ int main(int argc, char *argv[])
		BN_free(bp);
		BN_free(bg);
		BN_GENCB_free(_cb);
		BIO_free(out);

		#ifndef OPENSSL_NO_CRYPTO_MDEBUG
		if (CRYPTO_mem_leaks_fp(stderr) <= 0)
		ret = 1;
		#endif

		EXIT(ret);
		return ret;
		}

		static int cb(int p, int n, BN_GENCB *arg)
		{
		char c = '*';

		if (p == 0)
		c = '.';
		if (p == 1)
		c = '+';
		if (p == 2)
		c = '*';
		if (p == 3)
		c = '\n';
		BIO_write(BN_GENCB_get_arg(arg), &c, 1);
		(void)BIO_flush(BN_GENCB_get_arg(arg));
		return 1;
		}

		@@ -468,7 +393,7 @@ static const rfc5114_td rfctd[] = {
		make_rfc5114_td(2048_256)
		};

		static int run_rfc5114_tests(void)
		static int rfc5114_test(void)
		{
		int i;
		DH *dhA = NULL;
		@@ -482,74 +407,63 @@ static int run_rfc5114_tests(void)
		for (i = 0; i < (int)OSSL_NELEM(rfctd); i++) {
		td = rfctd + i;
		/* Set up DH structures setting key components */
		dhA = td->get_param();
		dhB = td->get_param();
		if ((dhA == NULL) \|\| (dhB == NULL))
		if (!TEST_ptr(dhA = td->get_param())
		\|\| !TEST_ptr(dhB = td->get_param()))
		goto bad_err;

		priv_key = BN_bin2bn(td->xA, td->xA_len, NULL);
		pub_key = BN_bin2bn(td->yA, td->yA_len, NULL);
		if (priv_key == NULL \|\| pub_key == NULL
		\|\| !DH_set0_key(dhA, pub_key, priv_key))
		if (!TEST_ptr(priv_key = BN_bin2bn(td->xA, td->xA_len, NULL))
		\|\| !TEST_ptr(pub_key = BN_bin2bn(td->yA, td->yA_len, NULL))
		\|\| !TEST_true(DH_set0_key(dhA, pub_key, priv_key)))
		goto bad_err;

		priv_key = BN_bin2bn(td->xB, td->xB_len, NULL);
		pub_key = BN_bin2bn(td->yB, td->yB_len, NULL);

		if (priv_key == NULL \|\| pub_key == NULL
		\|\| !DH_set0_key(dhB, pub_key, priv_key))
		if (!TEST_ptr(priv_key = BN_bin2bn(td->xB, td->xB_len, NULL))
		\|\| !TEST_ptr(pub_key = BN_bin2bn(td->yB, td->yB_len, NULL))
		\|\| !TEST_true( DH_set0_key(dhB, pub_key, priv_key)))
		goto bad_err;
		priv_key = pub_key = NULL;

		if ((td->Z_len != (size_t)DH_size(dhA))
		\|\| (td->Z_len != (size_t)DH_size(dhB)))
		if (!TEST_uint_eq(td->Z_len, (size_t)DH_size(dhA))
		\|\| !TEST_uint_eq(td->Z_len, (size_t)DH_size(dhB)))
		goto err;

		Z1 = OPENSSL_malloc(DH_size(dhA));
		Z2 = OPENSSL_malloc(DH_size(dhB));
		if ((Z1 == NULL) \|\| (Z2 == NULL))
		if (!TEST_ptr(Z1 = OPENSSL_malloc(DH_size(dhA)))
		\|\| !TEST_ptr(Z2 = OPENSSL_malloc(DH_size(dhB))))
		goto bad_err;
		/*
		* Work out shared secrets using both sides and compare with expected
		* values.
		*/
		DH_get0_key(dhB, &pub_key_tmp, NULL);
		if (DH_compute_key(Z1, pub_key_tmp, dhA) == -1)
		if (!TEST_int_ne(DH_compute_key(Z1, pub_key_tmp, dhA), -1))
		goto bad_err;

		DH_get0_key(dhA, &pub_key_tmp, NULL);
		if (DH_compute_key(Z2, pub_key_tmp, dhB) == -1)
		if (!TEST_int_ne(DH_compute_key(Z2, pub_key_tmp, dhB), -1))
		goto bad_err;

		if (memcmp(Z1, td->Z, td->Z_len))
		goto err;
		if (memcmp(Z2, td->Z, td->Z_len))
		if (!TEST_mem_eq(Z1, td->Z_len, td->Z, td->Z_len)
		\|\| !TEST_mem_eq(Z2, td->Z_len, td->Z, td->Z_len))
		goto err;

		printf("RFC5114 parameter test %d OK\n", i + 1);

		DH_free(dhA);
		DH_free(dhB);
		OPENSSL_free(Z1);
		OPENSSL_free(Z2);
		dhA = NULL;
		DH_free(dhB);
		dhB = NULL;
		OPENSSL_free(Z1);
		Z1 = NULL;
		OPENSSL_free(Z2);
		Z2 = NULL;
		}

		/* Now i == OSSL_NELEM(rfctd) */
		/* RFC5114 uses unsafe primes, so now test an invalid y value */
		dhA = DH_get_2048_224();
		if (dhA == NULL)
		goto bad_err;
		Z1 = OPENSSL_malloc(DH_size(dhA));
		if (Z1 == NULL)
		if (!TEST_ptr(dhA = DH_get_2048_224())
		\|\| !TEST_ptr(Z1 = OPENSSL_malloc(DH_size(dhA))))
		goto bad_err;

		bady = BN_bin2bn(dhtest_rfc5114_2048_224_bad_y,
		sizeof(dhtest_rfc5114_2048_224_bad_y), NULL);
		if (bady == NULL)
		if (!TEST_ptr(bady = BN_bin2bn(dhtest_rfc5114_2048_224_bad_y,
		sizeof(dhtest_rfc5114_2048_224_bad_y),
		NULL)))
		goto bad_err;

		if (!DH_generate_key(dhA))
		@@ -564,14 +478,11 @@ static int run_rfc5114_tests(void)
		}
		/* We'll have a stale error on the queue from the above test so clear it */
		ERR_clear_error();

		printf("RFC5114 parameter test %d OK\n", i + 1);

		BN_free(bady);
		DH_free(dhA);
		OPENSSL_free(Z1);

		return 1;

		bad_err:
		BN_free(bady);
		DH_free(dhA);
		@@ -580,19 +491,23 @@ static int run_rfc5114_tests(void)
		BN_free(priv_key);
		OPENSSL_free(Z1);
		OPENSSL_free(Z2);

		fprintf(stderr, "Initialisation error RFC5114 set %d\n", i + 1);
		ERR_print_errors_fp(stderr);
		TEST_error("Initialisation error RFC5114 set %d\n", i + 1);
		return 0;

		err:
		BN_free(bady);
		DH_free(dhA);
		DH_free(dhB);
		OPENSSL_free(Z1);
		OPENSSL_free(Z2);

		fprintf(stderr, "Test failed RFC5114 set %d\n", i + 1);
		TEST_error("Test failed RFC5114 set %d\n", i + 1);
		return 0;
		}


		void register_tests(void)
		{
		ADD_TEST(dh_test);
		ADD_TEST(rfc5114_test);
		}
		#endif

test/dsatest.c

+26 −78

Original line number	Diff line number	Diff line
		@@ -13,23 +13,15 @@
		#include <sys/types.h>
		#include <sys/stat.h>

		#include "../e_os.h"

		#include <openssl/crypto.h>
		#include <openssl/rand.h>
		#include <openssl/bio.h>
		#include <openssl/err.h>
		#include <openssl/bn.h>

		#ifdef OPENSSL_NO_DSA
		int main(int argc, char *argv[])
		{
		printf("No DSA support\n");
		return (0);
		}
		#else
		#include <openssl/dsa.h>

		#include "test_main.h"
		#include "testutil.h"
		#include "e_os.h"

		static int dsa_cb(int p, int n, BN_GENCB *arg);

		/*
		@@ -74,9 +66,7 @@ static const unsigned char str1[] = "12345678901234567890";
		static const char rnd_seed[] =
		"string to make the random number generator think it has entropy";

		static BIO *bio_err = NULL;

		int main(int argc, char **argv)
		static int dsa_test(void)
		{
		BN_GENCB *cb;
		DSA *dsa = NULL;
		@@ -87,110 +77,68 @@ int main(int argc, char **argv)
		unsigned int siglen;
		const BIGNUM p = NULL, q = NULL, *g = NULL;

		if (bio_err == NULL)
		bio_err = BIO_new_fp(stderr, BIO_NOCLOSE \| BIO_FP_TEXT);

		CRYPTO_set_mem_debug(1);
		CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);

		RAND_seed(rnd_seed, sizeof rnd_seed);

		BIO_printf(bio_err, "test generation of DSA parameters\n");

		cb = BN_GENCB_new();
		if (!cb)
		if (!TEST_ptr(cb = BN_GENCB_new()))
		goto end;

		BN_GENCB_set(cb, dsa_cb, bio_err);
		if (((dsa = DSA_new()) == NULL) \|\| !DSA_generate_parameters_ex(dsa, 512,
		seed, 20,
		&counter,
		&h, cb))
		BN_GENCB_set(cb, dsa_cb, NULL);
		if (!TEST_ptr(dsa = DSA_new())
		\|\| !TEST_true(DSA_generate_parameters_ex(dsa, 512, seed, 20,
		&counter, &h, cb)))
		goto end;

		BIO_printf(bio_err, "seed\n");
		for (i = 0; i < 20; i += 4) {
		BIO_printf(bio_err, "%02X%02X%02X%02X ",
		seed[i], seed[i + 1], seed[i + 2], seed[i + 3]);
		}
		BIO_printf(bio_err, "\ncounter=%d h=%ld\n", counter, h);

		DSA_print(bio_err, dsa, 0);
		if (counter != 105) {
		BIO_printf(bio_err, "counter should be 105\n");
		if (!TEST_int_eq(counter, 105))
		goto end;
		}
		if (h != 2) {
		BIO_printf(bio_err, "h should be 2\n");
		if (!TEST_int_eq(h, 2))
		goto end;
		}

		DSA_get0_pqg(dsa, &p, &q, &g);
		i = BN_bn2bin(q, buf);
		j = sizeof(out_q);
		if ((i != j) \|\| (memcmp(buf, out_q, i) != 0)) {
		BIO_printf(bio_err, "q value is wrong\n");
		if (!TEST_int_eq(i, j) \|\| !TEST_mem_eq(buf, i, out_q, i))
		goto end;
		}

		i = BN_bn2bin(p, buf);
		j = sizeof(out_p);
		if ((i != j) \|\| (memcmp(buf, out_p, i) != 0)) {
		BIO_printf(bio_err, "p value is wrong\n");
		if (!TEST_int_eq(i, j) \|\| !TEST_mem_eq(buf, i, out_p, i))
		goto end;
		}

		i = BN_bn2bin(g, buf);
		j = sizeof(out_g);
		if ((i != j) \|\| (memcmp(buf, out_g, i) != 0)) {
		BIO_printf(bio_err, "g value is wrong\n");
		if (!TEST_int_eq(i, j) \|\| !TEST_mem_eq(buf, i, out_g, i))
		goto end;
		}

		DSA_generate_key(dsa);
		DSA_sign(0, str1, 20, sig, &siglen, dsa);
		if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)
		if (TEST_true(DSA_verify(0, str1, 20, sig, siglen, dsa)))
		ret = 1;

		end:
		if (!ret)
		ERR_print_errors(bio_err);
		DSA_free(dsa);
		BN_GENCB_free(cb);

		#ifndef OPENSSL_NO_CRYPTO_MDEBUG
		if (CRYPTO_mem_leaks(bio_err) <= 0)
		ret = 0;
		#endif
		BIO_free(bio_err);
		bio_err = NULL;
		EXIT(!ret);
		return ret;
		}

		static int dsa_cb(int p, int n, BN_GENCB *arg)
		{
		char c = '*';
		static int ok = 0, num = 0;

		if (p == 0) {
		c = '.';
		if (p == 0)
		num++;
		};
		if (p == 1)
		c = '+';
		if (p == 2) {
		c = '*';
		if (p == 2)
		ok++;
		}
		if (p == 3)
		c = '\n';
		BIO_write(BN_GENCB_get_arg(arg), &c, 1);
		(void)BIO_flush(BN_GENCB_get_arg(arg));

		if (!ok && (p == 0) && (num > 1)) {
		BIO_printf(BN_GENCB_get_arg(arg), "error in dsatest\n");
		TEST_error("dsa_cb error");
		return 0;
		}
		return 1;
		}

		void register_tests(void)
		{
		#ifndef OPENSSL_NO_DSA
		ADD_TEST(dsa_test);
		#endif
		}