/*
 * hal.h
 * ----------
 * Memory map, access functions, and HAL for Cryptech cores.
 *
 * Authors: Joachim Strombergson, Paul Selkirk, Rob Austein
 * Copyright (c) 2015, NORDUnet A/S All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions are
 * met:
 * - Redistributions of source code must retain the above copyright notice,
 *   this list of conditions and the following disclaimer.
 *
 * - Redistributions in binary form must reproduce the above copyright
 *   notice, this list of conditions and the following disclaimer in the
 *   documentation and/or other materials provided with the distribution.
 *
 * - Neither the name of the NORDUnet nor the names of its contributors may
 *   be used to endorse or promote products derived from this software
 *   without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
 * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
 * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */

#ifndef _HAL_H_
#define _HAL_H_

#include <stdint.h>
#include <sys/types.h>
#include <stdlib.h>

/*
 * A handy macro from cryptlib.
 */
#ifndef bitsToBytes
#define bitsToBytes(x)          ((x) / 8)
#endif

/*
 * Current name and version values for crypto cores.
 *
 * Should these even be here?  Dunno.
 * Should the versions be here even if the names should be?
 */

#define NOVENA_BOARD_NAME	"PVT1    "
#define NOVENA_BOARD_VERSION    "0.10"

#define EIM_INTERFACE_NAME      "eim     "
#define EIM_INTERFACE_VERSION   "0.10"

#define I2C_INTERFACE_NAME      "i2c     "
#define I2C_INTERFACE_VERSION   "0.10"

#define TRNG_NAME               "trng    "
#define TRNG_VERSION            "0.51"

#define AVALANCHE_ENTROPY_NAME	"extnoise"
#define AVALANCHE_ENTROPY_VERSION "0.10"

#define ROSC_ENTROPY_NAME       "rosc ent"
#define ROSC_ENTROPY_VERSION    "0.10"

#define CSPRNG_NAME             "csprng  "
#define CSPRNG_VERSION          "0.50"

#define SHA1_NAME               "sha1    "
#define SHA1_VERSION            "0.50"

#define SHA256_NAME             "sha2-256"
#define SHA256_VERSION          "0.81"

#define SHA512_NAME             "sha2-512"
#define SHA512_VERSION          "0.80"

#define AES_CORE_NAME           "aes     "
#define AES_CORE_VERSION        "0.80"

#define CHACHA_NAME             "chacha  "
#define CHACHA_VERSION          "0.80"

#define MODEXPS6_NAME		"modexps6"
#define MODEXPS6_VERSION	"0.10"

/*
 * C API error codes.  Defined in this form so we can keep the tokens
 * and error strings together.  See errorstrings.c.
 */

#define HAL_ERROR_LIST \
  DEFINE_HAL_ERROR(HAL_OK,                              "No error")                                     \
  DEFINE_HAL_ERROR(HAL_ERROR_BAD_ARGUMENTS,             "Bad arguments given")                          \
  DEFINE_HAL_ERROR(HAL_ERROR_UNSUPPORTED_KEY,           "Unsupported key type or key length")           \
  DEFINE_HAL_ERROR(HAL_ERROR_IO_SETUP_FAILED,           "Could not set up I/O with FPGA")               \
  DEFINE_HAL_ERROR(HAL_ERROR_IO_TIMEOUT,                "I/O with FPGA timed out")                      \
  DEFINE_HAL_ERROR(HAL_ERROR_IO_UNEXPECTED,             "Unexpected response from FPGA")                \
  DEFINE_HAL_ERROR(HAL_ERROR_IO_OS_ERROR,               "Operating system error talking to FPGA")       \
  DEFINE_HAL_ERROR(HAL_ERROR_IO_BAD_COUNT,              "Bad byte count")                               \
  DEFINE_HAL_ERROR(HAL_ERROR_CSPRNG_BROKEN,             "CSPRNG is returning nonsense")                 \
  DEFINE_HAL_ERROR(HAL_ERROR_KEYWRAP_BAD_MAGIC,         "Bad magic number while unwrapping key")        \
  DEFINE_HAL_ERROR(HAL_ERROR_KEYWRAP_BAD_LENGTH,        "Length out of range while unwrapping key")     \
  DEFINE_HAL_ERROR(HAL_ERROR_KEYWRAP_BAD_PADDING,       "Non-zero padding detected unwrapping key")     \
  DEFINE_HAL_ERROR(HAL_ERROR_IMPOSSIBLE,                "\"Impossible\" error")                         \
  DEFINE_HAL_ERROR(HAL_ERROR_ALLOCATION_FAILURE,        "Memory allocation failed")                     \
  DEFINE_HAL_ERROR(HAL_ERROR_RESULT_TOO_LONG,           "Result too long for buffer")                   \
  DEFINE_HAL_ERROR(HAL_ERROR_ASN1_PARSE_FAILED,         "ASN.1 parse failed")                           \
  DEFINE_HAL_ERROR(HAL_ERROR_KEY_NOT_ON_CURVE,          "EC key is not on its purported curve")         \
  DEFINE_HAL_ERROR(HAL_ERROR_INVALID_SIGNATURE,         "Invalid signature")                            \
  DEFINE_HAL_ERROR(HAL_ERROR_CORE_NOT_FOUND,            "Requested core not found")                     \
  DEFINE_HAL_ERROR(HAL_ERROR_KEYSTORE_ACCESS,           "Could not access keystore")                    \
  DEFINE_HAL_ERROR(HAL_ERROR_KEY_NOT_FOUND,             "Key not found")                                \
  DEFINE_HAL_ERROR(HAL_ERROR_KEY_NAME_IN_USE,           "Key name in use")                              \
  DEFINE_HAL_ERROR(HAL_ERROR_NO_KEY_SLOTS_AVAILABLE,    "No key slots available")                       \
  DEFINE_HAL_ERROR(HAL_ERROR_PIN_INCORRECT,             "PIN incorrect")                                \
  DEFINE_HAL_ERROR(HAL_ERROR_NO_CLIENT_SLOTS_AVAILABLE, "No client slots available")                    \
  DEFINE_HAL_ERROR(HAL_ERROR_FORBIDDEN,                 "Forbidden")                                    \
  DEFINE_HAL_ERROR(HAL_ERROR_RPC_TRANSPORT,             "RPC transport error")                          \
  END_OF_HAL_ERROR_LIST

/* Marker to forestall silly line continuation errors */
#define END_OF_HAL_ERROR_LIST

/* Define the error code enum here.  See errorstrings.c for the text strings. */
#define DEFINE_HAL_ERROR(_code_,_text_)  _code_,
typedef enum { HAL_ERROR_LIST N_HAL_ERRORS } hal_error_t;
#undef  DEFINE_HAL_ERROR

/*
 * Error translation.
 */

extern const char *hal_error_string(const hal_error_t err);

/*
 * Very low level public API for working directly with crypto cores.
 */

/*
 * Typedef to isolate code from our current choice of representation
 * for a Cryptech bus address.
 */

typedef off_t hal_addr_t;

/*
 * Opaque structure representing a core.
 */

typedef struct hal_core hal_core_t;

/*
 * Public I/O functions.
 */

extern void hal_io_set_debug(int onoff);
extern hal_error_t hal_io_write(const hal_core_t *core, hal_addr_t offset, const uint8_t *buf, size_t len);
extern hal_error_t hal_io_read(const hal_core_t *core, hal_addr_t offset, uint8_t *buf, size_t len);
extern hal_error_t hal_io_init(const hal_core_t *core);
extern hal_error_t hal_io_next(const hal_core_t *core);
extern hal_error_t hal_io_wait(const hal_core_t *core, uint8_t status, int *count);
extern hal_error_t hal_io_wait_ready(const hal_core_t *core);
extern hal_error_t hal_io_wait_valid(const hal_core_t *core);

/*
 * Core management functions.
 *
 * Given our druthers, we'd handle public information about a core
 * using the opaque type and individual access methods, but C's
 * insistence on discarding array bounds information makes
 * non-delimited character arrays problematic unless we wrap them in a
 * structure.
 */

typedef struct {
  char name[8];
  char version[4];
  hal_addr_t base;
} hal_core_info_t;

extern const hal_core_t *hal_core_find(const char *name, const hal_core_t *core);
extern const hal_core_info_t *hal_core_info(const hal_core_t *core);
extern hal_error_t hal_core_check_name(const hal_core_t **core, const char *name);
extern hal_addr_t hal_core_base(const hal_core_t *core);
extern const hal_core_t * hal_core_iterate(const hal_core_t *core);

/*
 * Slightly higher level public API, still working directly with cores.
 */

/*
 * Get random bytes from the CSPRNG.
 */

extern hal_error_t hal_get_random(const hal_core_t *core, void *buffer, const size_t length);

/*
 * Hash and HMAC API.
 */

/*
 * Opaque driver structure for digest algorithms.
 */

typedef struct hal_hash_driver hal_hash_driver_t;

/*
 * Public information about a digest algorithm.
 *
 * The _state_length values in the descriptor and the typed opaque
 * pointers in the API are all intended to hide internal details of
 * the implementation while making memory allocation the caller's
 * problem.
 */

typedef enum {
  hal_digest_algorithm_sha1,
  hal_digest_algorithm_sha256,
  hal_digest_algorithm_sha512_224,
  hal_digest_algorithm_sha512_256,
  hal_digest_algorithm_sha384,
  hal_digest_algorithm_sha512
} hal_digest_algorithm_t;

typedef struct {
  hal_digest_algorithm_t digest_algorithm;
  size_t block_length;
  size_t digest_length;
  size_t hash_state_length;
  size_t hmac_state_length;
  const uint8_t * const digest_algorithm_id;
  size_t digest_algorithm_id_length;
  const hal_hash_driver_t *driver;
  char core_name[8];
  unsigned can_restore_state : 1;
} hal_hash_descriptor_t;

/*
 * Opaque structures for internal state.
 */

typedef struct hal_hash_state hal_hash_state_t;
typedef struct hal_hmac_state hal_hmac_state_t;

/*
 * Supported digest algorithms.  These are one-element arrays so that
 * they can be used as constant pointers.
 */

extern const hal_hash_descriptor_t hal_hash_sha1[1];
extern const hal_hash_descriptor_t hal_hash_sha256[1];
extern const hal_hash_descriptor_t hal_hash_sha512_224[1];
extern const hal_hash_descriptor_t hal_hash_sha512_256[1];
extern const hal_hash_descriptor_t hal_hash_sha384[1];
extern const hal_hash_descriptor_t hal_hash_sha512[1];

/*
 * Hash and HMAC functions.
 */

extern void hal_hash_set_debug(int onoff);

extern hal_error_t hal_hash_initialize(const hal_core_t *core,
                                       const hal_hash_descriptor_t * const descriptor,
                                       hal_hash_state_t **state,
                                       void *state_buffer, const size_t state_length);

extern hal_error_t hal_hash_update(hal_hash_state_t *state,
                                   const uint8_t * data, const size_t length);

extern hal_error_t hal_hash_finalize(hal_hash_state_t *state,
                                     uint8_t *digest, const size_t length);

extern hal_error_t hal_hmac_initialize(const hal_core_t *core,
                                       const hal_hash_descriptor_t * const descriptor,
                                       hal_hmac_state_t **state,
                                       void *state_buffer, const size_t state_length,
                                       const uint8_t * const key, const size_t key_length);

extern hal_error_t hal_hmac_update(hal_hmac_state_t *state,
                                   const uint8_t * data, const size_t length);

extern hal_error_t hal_hmac_finalize(hal_hmac_state_t *state,
                                     uint8_t *hmac, const size_t length);
extern void hal_hash_cleanup(hal_hash_state_t **state);

extern void hal_hmac_cleanup(hal_hmac_state_t **state);

extern const hal_hash_descriptor_t *hal_hash_get_descriptor(const hal_hash_state_t * const state);

extern const hal_hash_descriptor_t *hal_hmac_get_descriptor(const hal_hmac_state_t * const state);

/*
 * AES key wrap functions.
 */

extern hal_error_t hal_aes_keywrap(const hal_core_t *core,
                                   const uint8_t *kek, const size_t kek_length,
                                   const uint8_t *plaintext, const size_t plaintext_length,
                                   uint8_t *cyphertext, size_t *ciphertext_length);

extern hal_error_t hal_aes_keyunwrap(const hal_core_t *core,
                                     const uint8_t *kek, const size_t kek_length,
                                     const uint8_t *ciphertext, const size_t ciphertext_length,
                                     unsigned char *plaintext, size_t *plaintext_length);

extern size_t hal_aes_keywrap_ciphertext_length(const size_t plaintext_length);

/*
 * PBKDF2 function.  Uses HMAC with the specified digest algorithm as
 * the pseudo-random function (PRF).
 */

extern hal_error_t hal_pbkdf2(const hal_core_t *core,
                              const hal_hash_descriptor_t * const descriptor,
			      const uint8_t * const password, const size_t password_length,
			      const uint8_t * const salt,     const size_t salt_length,
			      uint8_t       * derived_key,    const size_t derived_key_length,
			      unsigned iterations_desired);

/*
 * Modular exponentiation.
 */

extern void hal_modexp_set_debug(const int onoff);

extern hal_error_t hal_modexp(const hal_core_t *core,
                              const uint8_t * const msg, const size_t msg_len, /* Message */
                              const uint8_t * const exp, const size_t exp_len, /* Exponent */
                              const uint8_t * const mod, const size_t mod_len, /* Modulus */
                              uint8_t * result, const size_t result_len);


/*
 * Key types and curves, used in various places.
 */

typedef enum {
  HAL_KEY_TYPE_NONE,
  HAL_KEY_TYPE_RSA_PRIVATE,
  HAL_KEY_TYPE_RSA_PUBLIC,
  HAL_KEY_TYPE_EC_PRIVATE,
  HAL_KEY_TYPE_EC_PUBLIC
} hal_key_type_t;

typedef enum {
  HAL_CURVE_NONE,
  HAL_CURVE_P256,
  HAL_CURVE_P384,
  HAL_CURVE_P521
} hal_curve_name_t;

/*
 * RSA.
 */

typedef struct hal_rsa_key hal_rsa_key_t;

extern const size_t hal_rsa_key_t_size;

extern void hal_rsa_set_debug(const int onoff);

extern void hal_rsa_set_blinding(const int onoff);

extern hal_error_t hal_rsa_key_load_private(hal_rsa_key_t **key,
                                            void *keybuf, const size_t keybuf_len,
                                            const uint8_t * const n,  const size_t n_len,
                                            const uint8_t * const e,  const size_t e_len,
                                            const uint8_t * const d,  const size_t d_len,
                                            const uint8_t * const p,  const size_t p_len,
                                            const uint8_t * const q,  const size_t q_len,
                                            const uint8_t * const u,  const size_t u_len,
                                            const uint8_t * const dP, const size_t dP_len,
                                            const uint8_t * const dQ, const size_t dQ_len);

extern hal_error_t hal_rsa_key_load_public(hal_rsa_key_t **key,
                                           void *keybuf, const size_t keybuf_len,
                                           const uint8_t * const n,  const size_t n_len,
                                           const uint8_t * const e,  const size_t e_len);

extern hal_error_t hal_rsa_key_get_type(const hal_rsa_key_t * const key,
                                        hal_key_type_t *key_type);

extern hal_error_t hal_rsa_key_get_modulus(const hal_rsa_key_t * const key,
                                           uint8_t *modulus,
                                           size_t *modulus_len,
                                           const size_t modulus_max);

extern hal_error_t hal_rsa_key_get_public_exponent(const hal_rsa_key_t * const key,
                                                   uint8_t *public_exponent,
                                                   size_t *public_exponent_len,
                                                   const size_t public_exponent_max);

extern void hal_rsa_key_clear(hal_rsa_key_t *key);

extern hal_error_t hal_rsa_encrypt(const hal_core_t *core,
                                   const hal_rsa_key_t * const key,
                                   const uint8_t * const input,  const size_t input_len,
                                   uint8_t * output, const size_t output_len);

extern hal_error_t hal_rsa_decrypt(const hal_core_t *core,
                                   const hal_rsa_key_t * const key,
                                   const uint8_t * const input,  const size_t input_len,
                                   uint8_t * output, const size_t output_len);

extern hal_error_t hal_rsa_key_gen(const hal_core_t *core,
                                   hal_rsa_key_t **key,
                                   void *keybuf, const size_t keybuf_len,
                                   const unsigned key_length,
                                   const uint8_t * const public_exponent, const size_t public_exponent_len);

extern hal_error_t hal_rsa_private_key_to_der(const hal_rsa_key_t * const key,
                                              uint8_t *der, size_t *der_len, const size_t der_max);

extern size_t hal_rsa_private_key_to_der_len(const hal_rsa_key_t * const key);

extern hal_error_t hal_rsa_private_key_from_der(hal_rsa_key_t **key,
                                                void *keybuf, const size_t keybuf_len,
                                                const uint8_t * const der, const size_t der_len);

extern hal_error_t hal_rsa_public_key_to_der(const hal_rsa_key_t * const key,
                                             uint8_t *der, size_t *der_len, const size_t der_max);

extern size_t hal_rsa_public_key_to_der_len(const hal_rsa_key_t * const key);

extern hal_error_t hal_rsa_public_key_from_der(hal_rsa_key_t **key,
                                               void *keybuf, const size_t keybuf_len,
                                               const uint8_t * const der, const size_t der_len);

/*
 * ECDSA.
 */

typedef struct hal_ecdsa_key hal_ecdsa_key_t;

extern const size_t hal_ecdsa_key_t_size;

extern void hal_ecdsa_set_debug(const int onoff);

extern hal_error_t hal_ecdsa_key_load_private(hal_ecdsa_key_t **key,
                                              void *keybuf, const size_t keybuf_len,
                                              const hal_curve_name_t curve,
                                              const uint8_t * const x, const size_t x_len,
                                              const uint8_t * const y, const size_t y_len,
                                              const uint8_t * const d, const size_t d_len);

extern hal_error_t hal_ecdsa_key_load_public(hal_ecdsa_key_t **key,
                                             void *keybuf, const size_t keybuf_len,
                                             const hal_curve_name_t curve,
                                             const uint8_t * const x, const size_t x_len,
                                             const uint8_t * const y, const size_t y_len);

extern hal_error_t hal_ecdsa_key_get_type(const hal_ecdsa_key_t * const key,
                                          hal_key_type_t *key_type);

extern hal_error_t hal_ecdsa_key_get_curve(const hal_ecdsa_key_t * const key,
                                           hal_curve_name_t *curve);

extern hal_error_t hal_ecdsa_key_get_public(const hal_ecdsa_key_t * const key,
                                            uint8_t *x, size_t *x_len, const size_t x_max,
                                            uint8_t *y, size_t *y_len, const size_t y_max);

extern void hal_ecdsa_key_clear(hal_ecdsa_key_t *key);

extern hal_error_t hal_ecdsa_key_gen(const hal_core_t *core,
                                     hal_ecdsa_key_t **key,
                                     void *keybuf, const size_t keybuf_len,
                                     const hal_curve_name_t curve);

extern hal_error_t hal_ecdsa_private_key_to_der(const hal_ecdsa_key_t * const key,
                                                uint8_t *der, size_t *der_len, const size_t der_max);

extern size_t hal_ecdsa_private_key_to_der_len(const hal_ecdsa_key_t * const key);

extern hal_error_t hal_ecdsa_private_key_from_der(hal_ecdsa_key_t **key,
                                                  void *keybuf, const size_t keybuf_len,
                                                  const uint8_t * const der, const size_t der_len);

extern hal_error_t hal_ecdsa_public_key_to_der(const hal_ecdsa_key_t * const key,
                                               uint8_t *der, size_t *der_len, const size_t der_max);

extern size_t hal_ecdsa_public_key_to_der_len(const hal_ecdsa_key_t * const key);

extern hal_error_t hal_ecdsa_public_key_from_der(hal_ecdsa_key_t **key,
                                                 void *keybuf, const size_t keybuf_len,
                                                 const uint8_t * const der, const size_t der_len);

extern hal_error_t hal_ecdsa_key_to_ecpoint(const hal_ecdsa_key_t * const key,
                                            uint8_t *der, size_t *der_len, const size_t der_max);

extern size_t hal_ecdsa_key_to_ecpoint_len(const hal_ecdsa_key_t * const key);

extern hal_error_t hal_ecdsa_key_from_ecpoint(hal_ecdsa_key_t **key,
                                              void *keybuf, const size_t keybuf_len,
                                              const uint8_t * const der, const size_t der_len,
                                              const hal_curve_name_t curve);

extern hal_error_t hal_ecdsa_sign(const hal_core_t *core,
                                  const hal_ecdsa_key_t * const key,
                                  const uint8_t * const hash, const size_t hash_len,
                                  uint8_t *signature, size_t *signature_len, const size_t signature_max);

extern hal_error_t hal_ecdsa_verify(const hal_core_t *core,
                                    const hal_ecdsa_key_t * const key,
                                    const uint8_t * const hash, const size_t hash_len,
                                    const uint8_t * const signature, const size_t signature_len);

/*
 * Higher level RPC-based mechanism for working with HSM at arm's
 * length, using handles instead of direct access to the cores.
 *
 * Session handles are pretty much as in PKCS #11: from our viewpoint,
 * a session is a lock-step stream of operations, so while operations
 * from different sessions can interleave, operations within a single
 * session cannot.
 *
 * Client handles are a small extension to the PKCS #11 model,
 * intended to support multiple PKCS #11 using applications sharing a
 * single HSM.  Technically, sessions are per-client, but in practice
 * there's no sane reason why we'd use the same session handle
 * concurrently in multiple clients.  Mostly, the client abstraction
 * is to handle login and logout against the HSM's PIN.  Clients add
 * nothing whatsoever to the security model (the HSM has no way of
 * knowing whether the host is lumping multiple applications into a
 * single "client"), the point of the exercise is just to make the
 * C_Login()/C_Logout() semantics work as expected in the presence of
 * multiple applications.
 *
 * NB: Unlike the other handles used in this protocol, session and
 * client handles are created by the client (host) side of the RPC
 * mechanism, not the server (HSM) side.
 */

typedef struct { uint32_t handle; } hal_client_handle_t;
typedef struct { uint32_t handle; } hal_session_handle_t;

typedef enum { HAL_USER_NONE, HAL_USER_NORMAL, HAL_USER_SO, HAL_USER_WHEEL } hal_user_t;

extern hal_error_t hal_rpc_set_pin(const hal_client_handle_t client,
                                   const hal_user_t user,
                                   const char * const newpin, const size_t newpin_len);

extern hal_error_t hal_rpc_login(const hal_client_handle_t client,
                                 const hal_user_t user,
                                 const char * const pin, const size_t pin_len);

extern hal_error_t hal_rpc_logout(const hal_client_handle_t client);

extern hal_error_t hal_rpc_logout_all(void);

extern hal_error_t hal_rpc_is_logged_in(const hal_client_handle_t client,
                                        const hal_user_t user);

/*
 * Get the version number of the remote RPC server.
 */

extern hal_error_t hal_rpc_get_version(uint32_t *version);

/*
 * Get random bytes.
 */

extern hal_error_t hal_rpc_get_random(void *buffer, const size_t length);

/*
 * Combined hash and HMAC functions: pass NULL key for plain hashing.
 */

typedef struct { uint32_t handle; } hal_hash_handle_t;

extern const hal_hash_handle_t hal_hash_handle_none;

extern hal_error_t hal_rpc_hash_get_digest_length(const hal_digest_algorithm_t alg, size_t *length);

extern hal_error_t hal_rpc_hash_get_digest_algorithm_id(const hal_digest_algorithm_t alg,
                                                        uint8_t *id, size_t *len, const size_t len_max);

extern hal_error_t hal_rpc_hash_get_algorithm(const hal_hash_handle_t hash, hal_digest_algorithm_t *alg);

/*
 * Once started, a hash or HMAC operation is bound to a particular
 * session, so we only need the client and session arguments to initialize.
 */

extern hal_error_t hal_rpc_hash_initialize(const hal_client_handle_t client,
                                           const hal_session_handle_t session,
                                           hal_hash_handle_t *hash,
                                           const hal_digest_algorithm_t alg,
                                           const uint8_t * const key, const size_t key_length);

extern hal_error_t hal_rpc_hash_update(const hal_hash_handle_t hash,
                                       const uint8_t * data, const size_t length);

extern hal_error_t hal_rpc_hash_finalize(const hal_hash_handle_t hash,
                                         uint8_t *digest, const size_t length);

extern hal_error_t hal_rpc_client_init(void);
extern hal_error_t hal_rpc_client_close(void);
extern hal_error_t hal_rpc_server_init(void);
extern hal_error_t hal_rpc_server_close(void);
extern void hal_rpc_server_main(void);

/*
 * Public key functions.
 *
 * The _sign() and _verify() methods accept a hash OR an input string;
 * either "hash" should be hal_hash_handle_none or input should be NULL,
 * but not both.
 *
 * Use of client and session handles here needs a bit more thought.
 *
 * Client handles are straightforward: basically, anything that
 * creates a new pkey handle should take a client handle, which should
 * suffice, as object handles never cross clients.
 *
 * Session handles are more interesting, as PKCS #11's versions of
 * session and object handles do in effect allow one session to hand
 * an object handle to another session.  So any action which can do
 * significant work (ie, which is complicated enough that we can't
 * guarantee an immediate response) needs to take a session handle.
 *
 * There will probably be a few cases where a session handle isn't
 * strictly required but we ask for one anyway because the API turns
 * out to be easier to understand that way (eg, we probably want to
 * ask for a session handle anywhere we ask for a client handle,
 * whether we need the session handle or not, so that users of this
 * API don't have to remember which pkey-handle-creating calls require
 * a session handle and which ones don't...).
 */

#define	HAL_RPC_PKEY_NAME_MAX 128

typedef struct { uint32_t handle; } hal_pkey_handle_t;

typedef uint32_t hal_key_flags_t;

#define	HAL_KEY_FLAG_USAGE_DIGITALSIGNATURE	(1 << 0)
#define	HAL_KEY_FLAG_USAGE_KEYENCIPHERMENT      (1 << 1)
#define	HAL_KEY_FLAG_USAGE_DATAENCIPHERMENT	(1 << 2)

extern hal_error_t hal_rpc_pkey_load(const hal_client_handle_t client,
                                     const hal_session_handle_t session,
                                     hal_pkey_handle_t *pkey,
                                     const hal_key_type_t type,
                                     const hal_curve_name_t curve,
                                     const uint8_t * const name, const size_t name_len,
                                     const uint8_t * const der, const size_t der_len,
                                     const hal_key_flags_t flags);

extern hal_error_t hal_rpc_pkey_find(const hal_client_handle_t client,
                                     const hal_session_handle_t session,
                                     hal_pkey_handle_t *pkey,
                                     const hal_key_type_t type,
                                     const uint8_t * const name, const size_t name_len);

extern hal_error_t hal_rpc_pkey_generate_rsa(const hal_client_handle_t client,
                                             const hal_session_handle_t session,
                                             hal_pkey_handle_t *pkey,
                                             const uint8_t * const name, const size_t name_len,
                                             const unsigned key_length,
                                             const uint8_t * const public_exponent, const size_t public_exponent_len,
                                             const hal_key_flags_t flags);

extern hal_error_t hal_rpc_pkey_generate_ec(const hal_client_handle_t client,
                                            const hal_session_handle_t session,
                                            hal_pkey_handle_t *pkey,
                                            const uint8_t * const name, const size_t name_len,
                                            const hal_curve_name_t curve,
                                            const hal_key_flags_t flags);

extern hal_error_t hal_rpc_pkey_close(const hal_pkey_handle_t pkey);

extern hal_error_t hal_rpc_pkey_delete(const hal_pkey_handle_t pkey);

extern hal_error_t hal_rpc_pkey_get_key_type(const hal_pkey_handle_t pkey,
                                             hal_key_type_t *type);

extern hal_error_t hal_rpc_pkey_get_key_flags(const hal_pkey_handle_t pkey,
                                              hal_key_flags_t *flags);

extern size_t hal_rpc_pkey_get_public_key_len(const hal_pkey_handle_t pkey);

extern hal_error_t hal_rpc_pkey_get_public_key(const hal_pkey_handle_t pkey,
                                               uint8_t *der, size_t *der_len, const size_t der_max);

extern hal_error_t hal_rpc_pkey_sign(const hal_session_handle_t session,
                                     const hal_pkey_handle_t pkey,
                                     const hal_hash_handle_t hash,
                                     const uint8_t * const input,  const size_t input_len,
                                     uint8_t * signature, size_t *signature_len, const size_t signature_max);

extern hal_error_t hal_rpc_pkey_verify(const hal_session_handle_t session,
                                       const hal_pkey_handle_t pkey,
                                       const hal_hash_handle_t hash,
                                       const uint8_t * const input, const size_t input_len,
                                       const uint8_t * const signature, const size_t signature_len);

typedef struct {
  hal_key_type_t type;
  hal_curve_name_t curve;
  hal_key_flags_t flags;
  char name[HAL_RPC_PKEY_NAME_MAX];
  size_t name_len;
  /* ... */
} hal_pkey_info_t;

extern hal_error_t hal_rpc_pkey_list(hal_pkey_info_t *result,
                                     unsigned *result_len,
                                     const unsigned result_max);

#endif /* _HAL_H_ */

/*
 * Local variables:
 * indent-tabs-mode: nil
 * End:
 */
98b5d1807542e0'>36cd363</a></span>

</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-09-12 18:47:46 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-09-12 18:47:46 -0400

PKCS #11 testing turned up a problem with P-521, don&#x27;t really' href='/sw/libhal/commit/tests/test-ecdsa.c?h=auto_zeroise&amp;id=c820fa71962f564d8fd97f90e3479ec32737f832'>c820fa7</a></span>

</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-08-25 00:26:24 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-08-25 00:26:24 -0400

Add keygen/sign/verify test with dynamic (not test vector) key.' href='/sw/libhal/commit/tests/test-ecdsa.c?h=auto_zeroise&amp;id=36cd3636538328f381bff9857698b5d1807542e0'>36cd363</a></span>


</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-09-02 18:35:36 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-09-02 18:35:36 -0400

Clean up excessively complicated handling of opaque types in hash and' href='/sw/libhal/commit/tests/test-ecdsa.c?h=auto_zeroise&amp;id=12ed3abeb24bbd5d59b760640a35ead0874fd3fe'>12ed3ab</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-08-25 00:26:24 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-08-25 00:26:24 -0400

Add keygen/sign/verify test with dynamic (not test vector) key.' href='/sw/libhal/commit/tests/test-ecdsa.c?h=auto_zeroise&amp;id=36cd3636538328f381bff9857698b5d1807542e0'>36cd363</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-10-04 22:31:47 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-10-04 22:31:47 -0400

Whack libhal API to use current configure_core_selector mechanism.' href='/sw/libhal/commit/tests/test-ecdsa.c?h=auto_zeroise&amp;id=b3bbd3dbccef8c499e980490203cd5085dd13a98'>b3bbd3d</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-08-25 00:26:24 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-08-25 00:26:24 -0400

Add keygen/sign/verify test with dynamic (not test vector) key.' href='/sw/libhal/commit/tests/test-ecdsa.c?h=auto_zeroise&amp;id=36cd3636538328f381bff9857698b5d1807542e0'>36cd363</a></span>


</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-09-12 18:47:46 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-09-12 18:47:46 -0400

PKCS #11 testing turned up a problem with P-521, don&#x27;t really' href='/sw/libhal/commit/tests/test-ecdsa.c?h=auto_zeroise&amp;id=c820fa71962f564d8fd97f90e3479ec32737f832'>c820fa7</a></span>

</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-10-04 22:31:47 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-10-04 22:31:47 -0400

Whack libhal API to use current configure_core_selector mechanism.' href='/sw/libhal/commit/tests/test-ecdsa.c?h=auto_zeroise&amp;id=b3bbd3dbccef8c499e980490203cd5085dd13a98'>b3bbd3d</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-20 19:08:58 -0500
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-20 19:08:58 -0500

Drop support for the ASN.1-based ECDSA signature format in favor of' href='/sw/libhal/commit/tests/test-ecdsa.c?h=auto_zeroise&amp;id=e3f62b04be54fda0fddc7d9ee5e09441d1651c21'>e3f62b0</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-08-25 00:26:24 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-08-25 00:26:24 -0400

Add keygen/sign/verify test with dynamic (not test vector) key.' href='/sw/libhal/commit/tests/test-ecdsa.c?h=auto_zeroise&amp;id=36cd3636538328f381bff9857698b5d1807542e0'>36cd363</a></span>

</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-09-12 18:47:46 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-09-12 18:47:46 -0400

PKCS #11 testing turned up a problem with P-521, don&#x27;t really' href='/sw/libhal/commit/tests/test-ecdsa.c?h=auto_zeroise&amp;id=c820fa71962f564d8fd97f90e3479ec32737f832'>c820fa7</a></span>

</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-20 19:08:58 -0500
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-20 19:08:58 -0500

Drop support for the ASN.1-based ECDSA signature format in favor of' href='/sw/libhal/commit/tests/test-ecdsa.c?h=auto_zeroise&amp;id=e3f62b04be54fda0fddc7d9ee5e09441d1651c21'>e3f62b0</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-08-25 00:26:24 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-08-25 00:26:24 -0400

Add keygen/sign/verify test with dynamic (not test vector) key.' href='/sw/libhal/commit/tests/test-ecdsa.c?h=auto_zeroise&amp;id=36cd3636538328f381bff9857698b5d1807542e0'>36cd363</a></span>


</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-08-24 21:46:49 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-08-24 21:46:49 -0400

First stumblings towards ECDSA test code.' href='/sw/libhal/commit/tests/test-ecdsa.c?h=auto_zeroise&amp;id=2fdf82bbe98632e8f1e6396970bba74625481f0e'>2fdf82b</a></span>


</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Paul Selkirk &lt;paul@psgd.org&gt;  2015-10-31 22:46:17 -0400
committer  Paul Selkirk &lt;paul@psgd.org&gt;  2015-10-31 22:46:17 -0400

fix time calculation in test-ecdsa' href='/sw/libhal/commit/tests/test-ecdsa.c?h=auto_zeroise&amp;id=274f905d985565c68d4133bed39b626b636e2512'>274f905</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-08-24 21:46:49 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-08-24 21:46:49 -0400

First stumblings towards ECDSA test code.' href='/sw/libhal/commit/tests/test-ecdsa.c?h=auto_zeroise&amp;id=2fdf82bbe98632e8f1e6396970bba74625481f0e'>2fdf82b</a></span>


</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-08-24 21:46:49 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-08-24 21:46:49 -0400

First stumblings towards ECDSA test code.' href='/sw/libhal/commit/tests/test-ecdsa.c?h=auto_zeroise&amp;id=2fdf82bbe98632e8f1e6396970bba74625481f0e'>2fdf82b</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-10-04 22:31:47 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-10-04 22:31:47 -0400

Whack libhal API to use current configure_core_selector mechanism.' href='/sw/libhal/commit/tests/test-ecdsa.c?h=auto_zeroise&amp;id=b3bbd3dbccef8c499e980490203cd5085dd13a98'>b3bbd3d</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-08-24 21:46:49 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-08-24 21:46:49 -0400

First stumblings towards ECDSA test code.' href='/sw/libhal/commit/tests/test-ecdsa.c?h=auto_zeroise&amp;id=2fdf82bbe98632e8f1e6396970bba74625481f0e'>2fdf82b</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-10-04 22:31:47 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-10-04 22:31:47 -0400

Whack libhal API to use current configure_core_selector mechanism.' href='/sw/libhal/commit/tests/test-ecdsa.c?h=auto_zeroise&amp;id=b3bbd3dbccef8c499e980490203cd5085dd13a98'>b3bbd3d</a></span>


</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-08-24 21:46:49 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-08-24 21:46:49 -0400

First stumblings towards ECDSA test code.' href='/sw/libhal/commit/tests/test-ecdsa.c?h=auto_zeroise&amp;id=2fdf82bbe98632e8f1e6396970bba74625481f0e'>2fdf82b</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-10-04 22:31:47 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-10-04 22:31:47 -0400

Whack libhal API to use current configure_core_selector mechanism.' href='/sw/libhal/commit/tests/test-ecdsa.c?h=auto_zeroise&amp;id=b3bbd3dbccef8c499e980490203cd5085dd13a98'>b3bbd3d</a></span>


</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-08-24 21:46:49 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-08-24 21:46:49 -0400

First stumblings towards ECDSA test code.' href='/sw/libhal/commit/tests/test-ecdsa.c?h=auto_zeroise&amp;id=2fdf82bbe98632e8f1e6396970bba74625481f0e'>2fdf82b</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-10-04 22:31:47 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-10-04 22:31:47 -0400

Whack libhal API to use current configure_core_selector mechanism.' href='/sw/libhal/commit/tests/test-ecdsa.c?h=auto_zeroise&amp;id=b3bbd3dbccef8c499e980490203cd5085dd13a98'>b3bbd3d</a></span>


</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-08-24 21:46:49 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-08-24 21:46:49 -0400

First stumblings towards ECDSA test code.' href='/sw/libhal/commit/tests/test-ecdsa.c?h=auto_zeroise&amp;id=2fdf82bbe98632e8f1e6396970bba74625481f0e'>2fdf82b</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-09-12 18:47:46 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-09-12 18:47:46 -0400

PKCS #11 testing turned up a problem with P-521, don&#x27;t really' href='/sw/libhal/commit/tests/test-ecdsa.c?h=auto_zeroise&amp;id=c820fa71962f564d8fd97f90e3479ec32737f832'>c820fa7</a></span>

</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Paul Selkirk &lt;paul@psgd.org&gt;  2015-10-31 22:46:17 -0400
committer  Paul Selkirk &lt;paul@psgd.org&gt;  2015-10-31 22:46:17 -0400

fix time calculation in test-ecdsa' href='/sw/libhal/commit/tests/test-ecdsa.c?h=auto_zeroise&amp;id=274f905d985565c68d4133bed39b626b636e2512'>274f905</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-09-12 18:47:46 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-09-12 18:47:46 -0400

PKCS #11 testing turned up a problem with P-521, don&#x27;t really' href='/sw/libhal/commit/tests/test-ecdsa.c?h=auto_zeroise&amp;id=c820fa71962f564d8fd97f90e3479ec32737f832'>c820fa7</a></span>


</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-08-25 19:21:49 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-08-25 19:21:49 -0400

More test code.' href='/sw/libhal/commit/tests/test-ecdsa.c?h=auto_zeroise&amp;id=f1f3a8adffb9ef4597fea9de8479ee9f84f0a795'>f1f3a8a</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-09-12 18:47:46 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-09-12 18:47:46 -0400

PKCS #11 testing turned up a problem with P-521, don&#x27;t really' href='/sw/libhal/commit/tests/test-ecdsa.c?h=auto_zeroise&amp;id=c820fa71962f564d8fd97f90e3479ec32737f832'>c820fa7</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Paul Selkirk &lt;paul@psgd.org&gt;  2015-10-31 22:46:17 -0400
committer  Paul Selkirk &lt;paul@psgd.org&gt;  2015-10-31 22:46:17 -0400

fix time calculation in test-ecdsa' href='/sw/libhal/commit/tests/test-ecdsa.c?h=auto_zeroise&amp;id=274f905d985565c68d4133bed39b626b636e2512'>274f905</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-09-12 18:47:46 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-09-12 18:47:46 -0400

PKCS #11 testing turned up a problem with P-521, don&#x27;t really' href='/sw/libhal/commit/tests/test-ecdsa.c?h=auto_zeroise&amp;id=c820fa71962f564d8fd97f90e3479ec32737f832'>c820fa7</a></span>


</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-10-04 22:31:47 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-10-04 22:31:47 -0400

Whack libhal API to use current configure_core_selector mechanism.' href='/sw/libhal/commit/tests/test-ecdsa.c?h=auto_zeroise&amp;id=b3bbd3dbccef8c499e980490203cd5085dd13a98'>b3bbd3d</a></span>

</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-20 17:59:29 -0500
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-20 17:59:29 -0500

RPC server stuff mostly written.  Compiles, not yet tested.  RPC' href='/sw/libhal/commit/tests/test-ecdsa.c?h=auto_zeroise&amp;id=86b35d757048aaa122237e1cb8fb33de9d53292d'>86b35d7</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-10-04 22:31:47 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-10-04 22:31:47 -0400

Whack libhal API to use current configure_core_selector mechanism.' href='/sw/libhal/commit/tests/test-ecdsa.c?h=auto_zeroise&amp;id=b3bbd3dbccef8c499e980490203cd5085dd13a98'>b3bbd3d</a></span>


</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-20 17:59:29 -0500
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-12-20 17:59:29 -0500

RPC server stuff mostly written.  Compiles, not yet tested.  RPC' href='/sw/libhal/commit/tests/test-ecdsa.c?h=auto_zeroise&amp;id=86b35d757048aaa122237e1cb8fb33de9d53292d'>86b35d7</a></span>

</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-10-04 22:31:47 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-10-04 22:31:47 -0400

Whack libhal API to use current configure_core_selector mechanism.' href='/sw/libhal/commit/tests/test-ecdsa.c?h=auto_zeroise&amp;id=b3bbd3dbccef8c499e980490203cd5085dd13a98'>b3bbd3d</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-08-25 19:21:49 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-08-25 19:21:49 -0400

More test code.' href='/sw/libhal/commit/tests/test-ecdsa.c?h=auto_zeroise&amp;id=f1f3a8adffb9ef4597fea9de8479ee9f84f0a795'>f1f3a8a</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-09-12 18:47:46 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-09-12 18:47:46 -0400

PKCS #11 testing turned up a problem with P-521, don&#x27;t really' href='/sw/libhal/commit/tests/test-ecdsa.c?h=auto_zeroise&amp;id=c820fa71962f564d8fd97f90e3479ec32737f832'>c820fa7</a></span>
</pre></div><div class='alt'><pre><span class='sha1'><a title='author  Rob Austein &lt;sra@hactrn.net&gt;  2015-08-24 21:46:49 -0400
committer  Rob Austein &lt;sra@hactrn.net&gt;  2015-08-24 21:46:49 -0400

First stumblings towards ECDSA test code.' href='/sw/libhal/commit/tests/test-ecdsa.c?h=auto_zeroise&amp;id=2fdf82bbe98632e8f1e6396970bba74625481f0e'>2fdf82b</a></span>


</pre></div></td>
<td class='linenumbers'><div class='alt'><pre><a id='n1' href='#n1'>1</a>
<a id='n2' href='#n2'>2</a>
<a id='n3' href='#n3'>3</a>
<a id='n4' href='#n4'>4</a>
<a id='n5' href='#n5'>5</a>
<a id='n6' href='#n6'>6</a>
<a id='n7' href='#n7'>7</a>
<a id='n8' href='#n8'>8</a>
<a id='n9' href='#n9'>9</a>
<a id='n10' href='#n10'>10</a>
<a id='n11' href='#n11'>11</a>
<a id='n12' href='#n12'>12</a>
<a id='n13' href='#n13'>13</a>
<a id='n14' href='#n14'>14</a>
<a id='n15' href='#n15'>15</a>
<a id='n16' href='#n16'>16</a>
<a id='n17' href='#n17'>17</a>
<a id='n18' href='#n18'>18</a>
</pre></div><div class='alt'><pre><a id='n19' href='#n19'>19</a>
<a id='n20' href='#n20'>20</a>
</pre></div><div class='alt'><pre><a id='n21' href='#n21'>21</a>
</pre></div><div class='alt'><pre><a id='n22' href='#n22'>22</a>
<a id='n23' href='#n23'>23</a>
<a id='n24' href='#n24'>24</a>
<a id='n25' href='#n25'>25</a>
<a id='n26' href='#n26'>26</a>
</pre></div><div class='alt'><pre><a id='n27' href='#n27'>27</a>
</pre></div><div class='alt'><pre><a id='n28' href='#n28'>28</a>
<a id='n29' href='#n29'>29</a>
<a id='n30' href='#n30'>30</a>
</pre></div><div class='alt'><pre><a id='n31' href='#n31'>31</a>
</pre></div><div class='alt'><pre><a id='n32' href='#n32'>32</a>
<a id='n33' href='#n33'>33</a>
<a id='n34' href='#n34'>34</a>
</pre></div><div class='alt'><pre><a id='n35' href='#n35'>35</a>
</pre></div><div class='alt'><pre><a id='n36' href='#n36'>36</a>
<a id='n37' href='#n37'>37</a>
<a id='n38' href='#n38'>38</a>
<a id='n39' href='#n39'>39</a>
<a id='n40' href='#n40'>40</a>
<a id='n41' href='#n41'>41</a>
<a id='n42' href='#n42'>42</a>
<a id='n43' href='#n43'>43</a>
<a id='n44' href='#n44'>44</a>
<a id='n45' href='#n45'>45</a>
<a id='n46' href='#n46'>46</a>
</pre></div><div class='alt'><pre><a id='n47' href='#n47'>47</a>
<a id='n48' href='#n48'>48</a>
<a id='n49' href='#n49'>49</a>
<a id='n50' href='#n50'>50</a>
</pre></div><div class='alt'><pre><a id='n51' href='#n51'>51</a>
</pre></div><div class='alt'><pre><a id='n52' href='#n52'>52</a>
</pre></div><div class='alt'><pre><a id='n53' href='#n53'>53</a>
<a id='n54' href='#n54'>54</a>
<a id='n55' href='#n55'>55</a>
<a id='n56' href='#n56'>56</a>
<a id='n57' href='#n57'>57</a>
<a id='n58' href='#n58'>58</a>
<a id='n59' href='#n59'>59</a>
</pre></div><div class='alt'><pre><a id='n60' href='#n60'>60</a>
<a id='n61' href='#n61'>61</a>
<a id='n62' href='#n62'>62</a>
<a id='n63' href='#n63'>63</a>
<a id='n64' href='#n64'>64</a>
<a id='n65' href='#n65'>65</a>
<a id='n66' href='#n66'>66</a>
<a id='n67' href='#n67'>67</a>
<a id='n68' href='#n68'>68</a>
<a id='n69' href='#n69'>69</a>
<a id='n70' href='#n70'>70</a>
<a id='n71' href='#n71'>71</a>
<a id='n72' href='#n72'>72</a>
<a id='n73' href='#n73'>73</a>
<a id='n74' href='#n74'>74</a>
<a id='n75' href='#n75'>75</a>
<a id='n76' href='#n76'>76</a>
<a id='n77' href='#n77'>77</a>
<a id='n78' href='#n78'>78</a>
<a id='n79' href='#n79'>79</a>
<a id='n80' href='#n80'>80</a>
<a id='n81' href='#n81'>81</a>
<a id='n82' href='#n82'>82</a>
<a id='n83' href='#n83'>83</a>
<a id='n84' href='#n84'>84</a>
<a id='n85' href='#n85'>85</a>
<a id='n86' href='#n86'>86</a>
<a id='n87' href='#n87'>87</a>
<a id='n88' href='#n88'>88</a>
<a id='n89' href='#n89'>89</a>
<a id='n90' href='#n90'>90</a>
<a id='n91' href='#n91'>91</a>
<a id='n92' href='#n92'>92</a>
<a id='n93' href='#n93'>93</a>
<a id='n94' href='#n94'>94</a>
<a id='n95' href='#n95'>95</a>
<a id='n96' href='#n96'>96</a>
<a id='n97' href='#n97'>97</a>
<a id='n98' href='#n98'>98</a>
<a id='n99' href='#n99'>99</a>
<a id='n100' href='#n100'>100</a>
<a id='n101' href='#n101'>101</a>
<a id='n102' href='#n102'>102</a>
<a id='n103' href='#n103'>103</a>
</pre></div><div class='alt'><pre><a id='n104' href='#n104'>104</a>
</pre></div><div class='alt'><pre><a id='n105' href='#n105'>105</a>
<a id='n106' href='#n106'>106</a>
</pre></div><div class='alt'><pre><a id='n107' href='#n107'>107</a>
</pre></div><div class='alt'><pre><a id='n108' href='#n108'>108</a>
</pre></div><div class='alt'><pre><a id='n109' href='#n109'>109</a>
</pre></div><div class='alt'><pre><a id='n110' href='#n110'>110</a>
</pre></div><div class='alt'><pre><a id='n111' href='#n111'>111</a>
</pre></div><div class='alt'><pre><a id='n112' href='#n112'>112</a>
</pre></div><div class='alt'><pre><a id='n113' href='#n113'>113</a>
</pre></div><div class='alt'><pre><a id='n114' href='#n114'>114</a>
</pre></div><div class='alt'><pre><a id='n115' href='#n115'>115</a>
<a id='n116' href='#n116'>116</a>
</pre></div><div class='alt'><pre><a id='n117' href='#n117'>117</a>
</pre></div><div class='alt'><pre><a id='n118' href='#n118'>118</a>
</pre></div><div class='alt'><pre><a id='n119' href='#n119'>119</a>
<a id='n120' href='#n120'>120</a>
</pre></div><div class='alt'><pre><a id='n121' href='#n121'>121</a>
<a id='n122' href='#n122'>122</a>
</pre></div><div class='alt'><pre><a id='n123' href='#n123'>123</a>
</pre></div><div class='alt'><pre><a id='n124' href='#n124'>124</a>
</pre></div><div class='alt'><pre><a id='n125' href='#n125'>125</a>
<a id='n126' href='#n126'>126</a>
</pre></div><div class='alt'><pre><a id='n127' href='#n127'>127</a>
</pre></div><div class='alt'><pre><a id='n128' href='#n128'>128</a>
<a id='n129' href='#n129'>129</a>
</pre></div><div class='alt'><pre><a id='n130' href='#n130'>130</a>
</pre></div><div class='alt'><pre><a id='n131' href='#n131'>131</a>
<a id='n132' href='#n132'>132</a>
</pre></div><div class='alt'><pre><a id='n133' href='#n133'>133</a>
</pre></div><div class='alt'><pre><a id='n134' href='#n134'>134</a>
<a id='n135' href='#n135'>135</a>
</pre></div><div class='alt'><pre><a id='n136' href='#n136'>136</a>
<a id='n137' href='#n137'>137</a>
</pre></div><div class='alt'><pre><a id='n138' href='#n138'>138</a>
</pre></div><div class='alt'><pre><a id='n139' href='#n139'>139</a>
<a id='n140' href='#n140'>140</a>
<a id='n141' href='#n141'>141</a>
<a id='n142' href='#n142'>142</a>
<a id='n143' href='#n143'>143</a>
<a id='n144' href='#n144'>144</a>
<a id='n145' href='#n145'>145</a>
<a id='n146' href='#n146'>146</a>
<a id='n147' href='#n147'>147</a>
<a id='n148' href='#n148'>148</a>
<a id='n149' href='#n149'>149</a>
<a id='n150' href='#n150'>150</a>
<a id='n151' href='#n151'>151</a>
<a id='n152' href='#n152'>152</a>
<a id='n153' href='#n153'>153</a>
</pre></div><div class='alt'><pre><a id='n154' href='#n154'>154</a>
</pre></div><div class='alt'><pre><a id='n155' href='#n155'>155</a>
<a id='n156' href='#n156'>156</a>
<a id='n157' href='#n157'>157</a>
<a id='n158' href='#n158'>158</a>
</pre></div><div class='alt'><pre><a id='n159' href='#n159'>159</a>
</pre></div><div class='alt'><pre><a id='n160' href='#n160'>160</a>
</pre></div><div class='alt'><pre><a id='n161' href='#n161'>161</a>
<a id='n162' href='#n162'>162</a>
</pre></div><div class='alt'><pre><a id='n163' href='#n163'>163</a>
</pre></div><div class='alt'><pre><a id='n164' href='#n164'>164</a>
<a id='n165' href='#n165'>165</a>
<a id='n166' href='#n166'>166</a>
</pre></div><div class='alt'><pre><a id='n167' href='#n167'>167</a>
</pre></div><div class='alt'><pre><a id='n168' href='#n168'>168</a>
<a id='n169' href='#n169'>169</a>
</pre></div><div class='alt'><pre><a id='n170' href='#n170'>170</a>
</pre></div><div class='alt'><pre><a id='n171' href='#n171'>171</a>
<a id='n172' href='#n172'>172</a>
<a id='n173' href='#n173'>173</a>
<a id='n174' href='#n174'>174</a>
<a id='n175' href='#n175'>175</a>
</pre></div><div class='alt'><pre><a id='n176' href='#n176'>176</a>
</pre></div><div class='alt'><pre><a id='n177' href='#n177'>177</a>
<a id='n178' href='#n178'>178</a>
<a id='n179' href='#n179'>179</a>
<a id='n180' href='#n180'>180</a>
<a id='n181' href='#n181'>181</a>
<a id='n182' href='#n182'>182</a>
<a id='n183' href='#n183'>183</a>
<a id='n184' href='#n184'>184</a>
<a id='n185' href='#n185'>185</a>
<a id='n186' href='#n186'>186</a>
<a id='n187' href='#n187'>187</a>
<a id='n188' href='#n188'>188</a>
<a id='n189' href='#n189'>189</a>
<a id='n190' href='#n190'>190</a>
<a id='n191' href='#n191'>191</a>
<a id='n192' href='#n192'>192</a>
<a id='n193' href='#n193'>193</a>
<a id='n194' href='#n194'>194</a>
<a id='n195' href='#n195'>195</a>
</pre></div><div class='alt'><pre><a id='n196' href='#n196'>196</a>
</pre></div><div class='alt'><pre><a id='n197' href='#n197'>197</a>
<a id='n198' href='#n198'>198</a>
</pre></div><div class='alt'><pre><a id='n199' href='#n199'>199</a>
<a id='n200' href='#n200'>200</a>
<a id='n201' href='#n201'>201</a>
<a id='n202' href='#n202'>202</a>
<a id='n203' href='#n203'>203</a>
<a id='n204' href='#n204'>204</a>
<a id='n205' href='#n205'>205</a>
<a id='n206' href='#n206'>206</a>
<a id='n207' href='#n207'>207</a>
<a id='n208' href='#n208'>208</a>
<a id='n209' href='#n209'>209</a>
<a id='n210' href='#n210'>210</a>
<a id='n211' href='#n211'>211</a>
</pre></div><div class='alt'><pre><a id='n212' href='#n212'>212</a>
<a id='n213' href='#n213'>213</a>
<a id='n214' href='#n214'>214</a>
<a id='n215' href='#n215'>215</a>
<a id='n216' href='#n216'>216</a>
<a id='n217' href='#n217'>217</a>
<a id='n218' href='#n218'>218</a>
<a id='n219' href='#n219'>219</a>
<a id='n220' href='#n220'>220</a>
<a id='n221' href='#n221'>221</a>
<a id='n222' href='#n222'>222</a>
<a id='n223' href='#n223'>223</a>
<a id='n224' href='#n224'>224</a>
<a id='n225' href='#n225'>225</a>
<a id='n226' href='#n226'>226</a>
<a id='n227' href='#n227'>227</a>
<a id='n228' href='#n228'>228</a>
<a id='n229' href='#n229'>229</a>
<a id='n230' href='#n230'>230</a>
<a id='n231' href='#n231'>231</a>
<a id='n232' href='#n232'>232</a>
<a id='n233' href='#n233'>233</a>
</pre></div><div class='alt'><pre><a id='n234' href='#n234'>234</a>
<a id='n235' href='#n235'>235</a>
<a id='n236' href='#n236'>236</a>
</pre></div><div class='alt'><pre><a id='n237' href='#n237'>237</a>
<a id='n238' href='#n238'>238</a>
<a id='n239' href='#n239'>239</a>
<a id='n240' href='#n240'>240</a>
<a id='n241' href='#n241'>241</a>
</pre></div><div class='alt'><pre><a id='n242' href='#n242'>242</a>
</pre></div><div class='alt'><pre><a id='n243' href='#n243'>243</a>
<a id='n244' href='#n244'>244</a>
<a id='n245' href='#n245'>245</a>
<a id='n246' href='#n246'>246</a>
<a id='n247' href='#n247'>247</a>
<a id='n248' href='#n248'>248</a>
</pre></div><div class='alt'><pre><a id='n249' href='#n249'>249</a>
<a id='n250' href='#n250'>250</a>
<a id='n251' href='#n251'>251</a>
</pre></div><div class='alt'><pre><a id='n252' href='#n252'>252</a>
</pre></div><div class='alt'><pre><a id='n253' href='#n253'>253</a>
<a id='n254' href='#n254'>254</a>
<a id='n255' href='#n255'>255</a>
<a id='n256' href='#n256'>256</a>
<a id='n257' href='#n257'>257</a>
<a id='n258' href='#n258'>258</a>
<a id='n259' href='#n259'>259</a>
<a id='n260' href='#n260'>260</a>
<a id='n261' href='#n261'>261</a>
</pre></div><div class='alt'><pre><a id='n262' href='#n262'>262</a>
</pre></div><div class='alt'><pre><a id='n263' href='#n263'>263</a>
<a id='n264' href='#n264'>264</a>
<a id='n265' href='#n265'>265</a>
<a id='n266' href='#n266'>266</a>
</pre></div><div class='alt'><pre><a id='n267' href='#n267'>267</a>
</pre></div><div class='alt'><pre><a id='n268' href='#n268'>268</a>
<a id='n269' href='#n269'>269</a>
<a id='n270' href='#n270'>270</a>
<a id='n271' href='#n271'>271</a>
</pre></div><div class='alt'><pre><a id='n272' href='#n272'>272</a>
</pre></div><div class='alt'><pre><a id='n273' href='#n273'>273</a>
<a id='n274' href='#n274'>274</a>
<a id='n275' href='#n275'>275</a>
<a id='n276' href='#n276'>276</a>
<a id='n277' href='#n277'>277</a>
<a id='n278' href='#n278'>278</a>
<a id='n279' href='#n279'>279</a>
<a id='n280' href='#n280'>280</a>
<a id='n281' href='#n281'>281</a>
</pre></div><div class='alt'><pre><a id='n282' href='#n282'>282</a>
<a id='n283' href='#n283'>283</a>
</pre></div><div class='alt'><pre><a id='n284' href='#n284'>284</a>
</pre></div><div class='alt'><pre><a id='n285' href='#n285'>285</a>
<a id='n286' href='#n286'>286</a>
</pre></div><div class='alt'><pre><a id='n287' href='#n287'>287</a>
<a id='n288' href='#n288'>288</a>
</pre></div><div class='alt'><pre><a id='n289' href='#n289'>289</a>
<a id='n290' href='#n290'>290</a>
<a id='n291' href='#n291'>291</a>
<a id='n292' href='#n292'>292</a>
<a id='n293' href='#n293'>293</a>
</pre></div><div class='alt'><pre><a id='n294' href='#n294'>294</a>
</pre></div><div class='alt'><pre><a id='n295' href='#n295'>295</a>
</pre></div><div class='alt'><pre><a id='n296' href='#n296'>296</a>
</pre></div><div class='alt'><pre><a id='n297' href='#n297'>297</a>
<a id='n298' href='#n298'>298</a>
<a id='n299' href='#n299'>299</a>
<a id='n300' href='#n300'>300</a>
<a id='n301' href='#n301'>301</a>
<a id='n302' href='#n302'>302</a>
<a id='n303' href='#n303'>303</a>
<a id='n304' href='#n304'>304</a>
<a id='n305' href='#n305'>305</a>
<a id='n306' href='#n306'>306</a>
<a id='n307' href='#n307'>307</a>
<a id='n308' href='#n308'>308</a>
</pre></div><div class='alt'><pre><a id='n309' href='#n309'>309</a>
<a id='n310' href='#n310'>310</a>
</pre></div><div class='alt'><pre><a id='n311' href='#n311'>311</a>
</pre></div><div class='alt'><pre><a id='n312' href='#n312'>312</a>
</pre></div><div class='alt'><pre><a id='n313' href='#n313'>313</a>
<a id='n314' href='#n314'>314</a>
</pre></div><div class='alt'><pre><a id='n315' href='#n315'>315</a>
<a id='n316' href='#n316'>316</a>
</pre></div><div class='alt'><pre><a id='n317' href='#n317'>317</a>
</pre></div><div class='alt'><pre><a id='n318' href='#n318'>318</a>
<a id='n319' href='#n319'>319</a>
<a id='n320' href='#n320'>320</a>
<a id='n321' href='#n321'>321</a>
<a id='n322' href='#n322'>322</a>
<a id='n323' href='#n323'>323</a>
</pre></div><div class='alt'><pre><a id='n324' href='#n324'>324</a>
<a id='n325' href='#n325'>325</a>
<a id='n326' href='#n326'>326</a>
<a id='n327' href='#n327'>327</a>
<a id='n328' href='#n328'>328</a>
<a id='n329' href='#n329'>329</a>
<a id='n330' href='#n330'>330</a>
<a id='n331' href='#n331'>331</a>
</pre></div><div class='alt'><pre><a id='n332' href='#n332'>332</a>
</pre></div><div class='alt'><pre><a id='n333' href='#n333'>333</a>
<a id='n334' href='#n334'>334</a>
<a id='n335' href='#n335'>335</a>
<a id='n336' href='#n336'>336</a>
<a id='n337' href='#n337'>337</a>
<a id='n338' href='#n338'>338</a>
<a id='n339' href='#n339'>339</a>
<a id='n340' href='#n340'>340</a>
<a id='n341' href='#n341'>341</a>
<a id='n342' href='#n342'>342</a>
<a id='n343' href='#n343'>343</a>
<a id='n344' href='#n344'>344</a>
<a id='n345' href='#n345'>345</a>
<a id='n346' href='#n346'>346</a>
<a id='n347' href='#n347'>347</a>
<a id='n348' href='#n348'>348</a>
<a id='n349' href='#n349'>349</a>
<a id='n350' href='#n350'>350</a>
<a id='n351' href='#n351'>351</a>
</pre></div><div class='alt'><pre><a id='n352' href='#n352'>352</a>
</pre></div><div class='alt'><pre><a id='n353' href='#n353'>353</a>
</pre></div><div class='alt'><pre><a id='n354' href='#n354'>354</a>
</pre></div><div class='alt'><pre><a id='n355' href='#n355'>355</a>
<a id='n356' href='#n356'>356</a>
<a id='n357' href='#n357'>357</a>
<a id='n358' href='#n358'>358</a>
<a id='n359' href='#n359'>359</a>
<a id='n360' href='#n360'>360</a>
</pre></div><div class='alt'><pre><a id='n361' href='#n361'>361</a>
</pre></div><div class='alt'><pre><a id='n362' href='#n362'>362</a>
<a id='n363' href='#n363'>363</a>
<a id='n364' href='#n364'>364</a>
<a id='n365' href='#n365'>365</a>
<a id='n366' href='#n366'>366</a>
</pre></div><div class='alt'><pre><a id='n367' href='#n367'>367</a>
</pre></div><div class='alt'><pre><a id='n368' href='#n368'>368</a>
<a id='n369' href='#n369'>369</a>
<a id='n370' href='#n370'>370</a>
</pre></div><div class='alt'><pre><a id='n371' href='#n371'>371</a>
</pre></div><div class='alt'><pre><a id='n372' href='#n372'>372</a>
<a id='n373' href='#n373'>373</a>
</pre></div><div class='alt'><pre><a id='n374' href='#n374'>374</a>
</pre></div><div class='alt'><pre><a id='n375' href='#n375'>375</a>
<a id='n376' href='#n376'>376</a>
<a id='n377' href='#n377'>377</a>
</pre></div><div class='alt'><pre><a id='n378' href='#n378'>378</a>
</pre></div><div class='alt'><pre><a id='n379' href='#n379'>379</a>
</pre></div><div class='alt'><pre><a id='n380' href='#n380'>380</a>
</pre></div><div class='alt'><pre><a id='n381' href='#n381'>381</a>
<a id='n382' href='#n382'>382</a>
<a id='n383' href='#n383'>383</a>
<a id='n384' href='#n384'>384</a>
</pre></div><div class='alt'><pre><a id='n385' href='#n385'>385</a>
<a id='n386' href='#n386'>386</a>
</pre></div><div class='alt'><pre><a id='n387' href='#n387'>387</a>
</pre></div><div class='alt'><pre><a id='n388' href='#n388'>388</a>
<a id='n389' href='#n389'>389</a>
<a id='n390' href='#n390'>390</a>
</pre></div><div class='alt'><pre><a id='n391' href='#n391'>391</a>
<a id='n392' href='#n392'>392</a>
</pre></div><div class='alt'><pre><a id='n393' href='#n393'>393</a>
</pre></div><div class='alt'><pre><a id='n394' href='#n394'>394</a>
</pre></div><div class='alt'><pre><a id='n395' href='#n395'>395</a>
</pre></div><div class='alt'><pre><a id='n396' href='#n396'>396</a>
<a id='n397' href='#n397'>397</a>
<a id='n398' href='#n398'>398</a>
<a id='n399' href='#n399'>399</a>
<a id='n400' href='#n400'>400</a>
<a id='n401' href='#n401'>401</a>
<a id='n402' href='#n402'>402</a>
</pre></div></td>
<td class='lines'><div><div><div class='alt'><pre>


                                                                      </pre></div><div class='alt'><pre>

                                   </pre></div><div class='alt'><pre>
  </pre></div><div class='alt'><pre>


                                                                           </pre></div><div class='alt'><pre>
  </pre></div><div class='alt'><pre>


                                                                         </pre></div><div class='alt'><pre>
  </pre></div><div class='alt'><pre>


                                                                           </pre></div><div class='alt'><pre>
  </pre></div><div class='alt'><pre>


                                                                           </pre></div><div class='alt'><pre>


                   </pre></div><div class='alt'><pre>
                   </pre></div><div class='alt'><pre>
                  </pre></div><div class='alt'><pre>


                       </pre></div><div class='alt'><pre>


                                                                                                                    </pre></div><div class='alt'><pre>
                                                                   </pre></div><div class='alt'><pre>

 </pre></div><div class='alt'><pre>
                                                       </pre></div><div class='alt'><pre>
                  </pre></div><div class='alt'><pre>
          </pre></div><div class='alt'><pre>
 </pre></div><div class='alt'><pre>
                                                                                           </pre></div><div class='alt'><pre>
 </pre></div><div class='alt'><pre>
                                    </pre></div><div class='alt'><pre>
 </pre></div><div class='alt'><pre>

                                        </pre></div><div class='alt'><pre>
 </pre></div><div class='alt'><pre>
                                                                                            </pre></div><div class='alt'><pre>

                                                                                </pre></div><div class='alt'><pre>

                                         </pre></div><div class='alt'><pre>
 </pre></div><div class='alt'><pre>
                                                                                                         </pre></div><div class='alt'><pre>

                                                                                       </pre></div><div class='alt'><pre>
                                                              </pre></div><div class='alt'><pre>

                                      </pre></div><div class='alt'><pre>
                                                              </pre></div><div class='alt'><pre>

                                      </pre></div><div class='alt'><pre>
                                                            </pre></div><div class='alt'><pre>

                                                  </pre></div><div class='alt'><pre>

                           </pre></div><div class='alt'><pre>
 </pre></div><div class='alt'><pre>


                                                                                       </pre></div><div class='alt'><pre>
                                                                                           </pre></div><div class='alt'><pre>


                                        </pre></div><div class='alt'><pre>
                                                                                                      </pre></div><div class='alt'><pre>
                                                                                             </pre></div><div class='alt'><pre>

                                                    </pre></div><div class='alt'><pre>
                                                                      </pre></div><div class='alt'><pre>


                                    </pre></div><div class='alt'><pre>
                               </pre></div><div class='alt'><pre>

                  </pre></div><div class='alt'><pre>
                                                                                                 </pre></div><div class='alt'><pre>


                                                                             </pre></div><div class='alt'><pre>
                                                                                     </pre></div><div class='alt'><pre>


                                                                                                             </pre></div><div class='alt'><pre>
                                                                                     </pre></div><div class='alt'><pre>

                                                                                     </pre></div><div class='alt'><pre>


                                                                                                                 </pre></div><div class='alt'><pre>


                                                                                          </pre></div><div class='alt'><pre>


                                                                                                     </pre></div><div class='alt'><pre>


                                                                            </pre></div><div class='alt'><pre>
 </pre></div><div class='alt'><pre>


                                                           </pre></div><div class='alt'><pre>


                                                              </pre></div><div class='alt'><pre>
                                                                </pre></div><div class='alt'><pre>


                                                      </pre></div><div class='alt'><pre>
                      </pre></div><div class='alt'><pre>


                                                                           </pre></div><div class='alt'><pre>
                      </pre></div><div class='alt'><pre>


                                                                           </pre></div><div class='alt'><pre>
                      </pre></div><div class='alt'><pre>


                                                                           </pre></div><div class='alt'><pre>

                             </pre></div><div class='alt'><pre>
                                                                                      </pre></div><div class='alt'><pre>

                                                                                </pre></div><div class='alt'><pre>

                                </pre></div><div class='alt'><pre>


                                                         </pre></div><div class='alt'><pre>
                                   </pre></div><div class='alt'><pre>
 </pre></div><div class='alt'><pre>
                                                                                                           </pre></div><div class='alt'><pre>


                                                                                                </pre></div><div class='alt'><pre>

                      </pre></div><div class='alt'><pre>
                                                                </pre></div><div class='alt'><pre>
                                                                        </pre></div><div class='alt'><pre>

                                                                             </pre></div><div class='alt'><pre>

                        </pre></div><div class='alt'><pre>
                                                                                              </pre></div><div class='alt'><pre>


                                                                               </pre></div><div class='alt'><pre>


                                                              </pre></div><div class='alt'><pre>
                          </pre></div><div class='alt'><pre>


                                                 </pre></div><div class='alt'><pre>
 </pre></div><div class='alt'><pre>
                                                                 </pre></div><div class='alt'><pre>
 </pre></div><div class='alt'><pre>


                                                                          </pre></div><div class='alt'><pre>
 </pre></div><div class='alt'><pre>


                                                                   </pre></div><div class='alt'><pre>
 </pre></div><div class='alt'><pre>


                                    </pre></div><div class='alt'><pre>
 </pre></div><div class='alt'><pre>

             </pre></div><div class='alt'><pre>
                                                  </pre></div><div class='alt'><pre>


                                       </pre></div><div class='alt'><pre>
                                                              </pre></div><div class='alt'><pre>
                                                          </pre></div><div class='alt'><pre>
      </pre></div><div class='alt'><pre>


                                              </pre></div><div class='alt'><pre>

                                                   </pre></div><div class='alt'><pre>
                                                        </pre></div><div class='alt'><pre>


                                                   </pre></div><div class='alt'><pre>

                                                        </pre></div><div class='alt'><pre>
   </pre></div><div class='alt'><pre>
 </pre></div><div class='alt'><pre>
             </pre></div><div class='alt'><pre>


                        </pre></div></div><pre><code><style>pre { line-height: 125%; }
td.linenos .normal { color: inherit; background-color: transparent; padding-left: 5px; padding-right: 5px; }
span.linenos { color: inherit; background-color: transparent; padding-left: 5px; padding-right: 5px; }
td.linenos .special { color: #000000; background-color: #ffffc0; padding-left: 5px; padding-right: 5px; }
span.linenos.special { color: #000000; background-color: #ffffc0; padding-left: 5px; padding-right: 5px; }
.highlight .hll { background-color: #ffffcc }
.highlight .c { color: #888888 } /* Comment */
.highlight .err { color: #a61717; background-color: #e3d2d2 } /* Error */
.highlight .k { color: #008800; font-weight: bold } /* Keyword */
.highlight .ch { color: #888888 } /* Comment.Hashbang */
.highlight .cm { color: #888888 } /* Comment.Multiline */
.highlight .cp { color: #cc0000; font-weight: bold } /* Comment.Preproc */
.highlight .cpf { color: #888888 } /* Comment.PreprocFile */
.highlight .c1 { color: #888888 } /* Comment.Single */
.highlight .cs { color: #cc0000; font-weight: bold; background-color: #fff0f0 } /* Comment.Special */
.highlight .gd { color: #000000; background-color: #ffdddd } /* Generic.Deleted */
.highlight .ge { font-style: italic } /* Generic.Emph */
.highlight .ges { font-weight: bold; font-style: italic } /* Generic.EmphStrong */
.highlight .gr { color: #aa0000 } /* Generic.Error */
.highlight .gh { color: #333333 } /* Generic.Heading */
.highlight .gi { color: #000000; background-color: #ddffdd } /* Generic.Inserted */
.highlight .go { color: #888888 } /* Generic.Output */
.highlight .gp { color: #555555 } /* Generic.Prompt */
.highlight .gs { font-weight: bold } /* Generic.Strong */
.highlight .gu { color: #666666 } /* Generic.Subheading */
.highlight .gt { color: #aa0000 } /* Generic.Traceback */
.highlight .kc { color: #008800; font-weight: bold } /* Keyword.Constant */
.highlight .kd { color: #008800; font-weight: bold } /* Keyword.Declaration */
.highlight .kn { color: #008800; font-weight: bold } /* Keyword.Namespace */
.highlight .kp { color: #008800 } /* Keyword.Pseudo */
.highlight .kr { color: #008800; font-weight: bold } /* Keyword.Reserved */
.highlight .kt { color: #888888; font-weight: bold } /* Keyword.Type */
.highlight .m { color: #0000DD; font-weight: bold } /* Literal.Number */
.highlight .s { color: #dd2200; background-color: #fff0f0 } /* Literal.String */
.highlight .na { color: #336699 } /* Name.Attribute */
.highlight .nb { color: #003388 } /* Name.Builtin */
.highlight .nc { color: #bb0066; font-weight: bold } /* Name.Class */
.highlight .no { color: #003366; font-weight: bold } /* Name.Constant */
.highlight .nd { color: #555555 } /* Name.Decorator */
.highlight .ne { color: #bb0066; font-weight: bold } /* Name.Exception */
.highlight .nf { color: #0066bb; font-weight: bold } /* Name.Function */
.highlight .nl { color: #336699; font-style: italic } /* Name.Label */
.highlight .nn { color: #bb0066; font-weight: bold } /* Name.Namespace */
.highlight .py { color: #336699; font-weight: bold } /* Name.Property */
.highlight .nt { color: #bb0066; font-weight: bold } /* Name.Tag */
.highlight .nv { color: #336699 } /* Name.Variable */
.highlight .ow { color: #008800 } /* Operator.Word */
.highlight .w { color: #bbbbbb } /* Text.Whitespace */
.highlight .mb { color: #0000DD; font-weight: bold } /* Literal.Number.Bin */
.highlight .mf { color: #0000DD; font-weight: bold } /* Literal.Number.Float */
.highlight .mh { color: #0000DD; font-weight: bold } /* Literal.Number.Hex */
.highlight .mi { color: #0000DD; font-weight: bold } /* Literal.Number.Integer */
.highlight .mo { color: #0000DD; font-weight: bold } /* Literal.Number.Oct */
.highlight .sa { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Affix */
.highlight .sb { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Backtick */
.highlight .sc { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Char */
.highlight .dl { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Delimiter */
.highlight .sd { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Doc */
.highlight .s2 { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Double */
.highlight .se { color: #0044dd; background-color: #fff0f0 } /* Literal.String.Escape */
.highlight .sh { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Heredoc */
.highlight .si { color: #3333bb; background-color: #fff0f0 } /* Literal.String.Interpol */
.highlight .sx { color: #22bb22; background-color: #f0fff0 } /* Literal.String.Other */
.highlight .sr { color: #008800; background-color: #fff0ff } /* Literal.String.Regex */
.highlight .s1 { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Single */
.highlight .ss { color: #aa6600; background-color: #fff0f0 } /* Literal.String.Symbol */
.highlight .bp { color: #003388 } /* Name.Builtin.Pseudo */
.highlight .fm { color: #0066bb; font-weight: bold } /* Name.Function.Magic */
.highlight .vc { color: #336699 } /* Name.Variable.Class */
.highlight .vg { color: #dd7700 } /* Name.Variable.Global */
.highlight .vi { color: #3333bb } /* Name.Variable.Instance */
.highlight .vm { color: #336699 } /* Name.Variable.Magic */
.highlight .il { color: #0000DD; font-weight: bold } /* Literal.Number.Integer.Long */</style><div class="highlight"><pre><span></span><span class="cm">/*</span>
<span class="cm"> * test-ecdsa.c</span>
<span class="cm"> * ------------</span>
<span class="cm"> * Test harness for Cryptech ECDSA code.</span>
<span class="cm"> *</span>
<span class="cm"> * At the moment, the ECDSA code is a pure software implementation,</span>
<span class="cm"> * Verilog will be along eventually.</span>
<span class="cm"> *</span>
<span class="cm"> * Testing ECDSA is a bit tricky because ECDSA depends heavily on</span>
<span class="cm"> * using a new random secret for each signature.  So we can test some</span>
<span class="cm"> * things against the normal ECDSA implemenation, but some tests</span>
<span class="cm"> * require a side door replacement of the random number generator so</span>
<span class="cm"> * that we can use a known values from our test vector in place of the</span>
<span class="cm"> * random secret that would be used in real operation.  Test code for</span>
<span class="cm"> * the latter mode depends on the library having been compiled with</span>
<span class="cm"> * the testing hook enable, which it should not be for production use.</span>
<span class="cm"> *</span>
<span class="cm"> * Authors: Rob Austein</span>
<span class="cm"> * Copyright (c) 2015, NORDUnet A/S</span>
<span class="cm"> * All rights reserved.</span>
<span class="cm"> *</span>
<span class="cm"> * Redistribution and use in source and binary forms, with or without</span>
<span class="cm"> * modification, are permitted provided that the following conditions are</span>
<span class="cm"> * met:</span>
<span class="cm"> * - Redistributions of source code must retain the above copyright notice,</span>
<span class="cm"> *   this list of conditions and the following disclaimer.</span>
<span class="cm"> *</span>
<span class="cm"> * - Redistributions in binary form must reproduce the above copyright</span>
<span class="cm"> *   notice, this list of conditions and the following disclaimer in the</span>
<span class="cm"> *   documentation and/or other materials provided with the distribution.</span>
<span class="cm"> *</span>
<span class="cm"> * - Neither the name of the NORDUnet nor the names of its contributors may</span>
<span class="cm"> *   be used to endorse or promote products derived from this software</span>
<span class="cm"> *   without specific prior written permission.</span>
<span class="cm"> *</span>
<span class="cm"> * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS &quot;AS</span>
<span class="cm"> * IS&quot; AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED</span>
<span class="cm"> * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A</span>
<span class="cm"> * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT</span>
<span class="cm"> * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,</span>
<span class="cm"> * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED</span>
<span class="cm"> * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR</span>
<span class="cm"> * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF</span>
<span class="cm"> * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING</span>
<span class="cm"> * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS</span>
<span class="cm"> * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.</span>
<span class="cm"> */</span>

<span class="cp">#include</span><span class="w"> </span><span class="cpf">&lt;stdio.h&gt;</span>
<span class="cp">#include</span><span class="w"> </span><span class="cpf">&lt;stdint.h&gt;</span>
<span class="cp">#include</span><span class="w"> </span><span class="cpf">&lt;string.h&gt;</span>
<span class="cp">#include</span><span class="w"> </span><span class="cpf">&lt;errno.h&gt;</span>

<span class="cp">#include</span><span class="w"> </span><span class="cpf">&lt;sys/time.h&gt;</span>

<span class="cp">#include</span><span class="w"> </span><span class="cpf">&lt;hal.h&gt;</span>

<span class="cp">#include</span><span class="w"> </span><span class="cpf">&quot;test-ecdsa.h&quot;</span>

<span class="cp">#if HAL_ECDSA_DEBUG_ONLY_STATIC_TEST_VECTOR_RANDOM</span>

<span class="cm">/*</span>
<span class="cm"> * Code to let us replace ECDSA&#39;s random numbers with test data, if</span>
<span class="cm"> * the ECDSA library code has been compiled with support for this.</span>
<span class="cm"> */</span>

<span class="k">typedef</span><span class="w"> </span><span class="n">hal_error_t</span><span class="w"> </span><span class="p">(</span><span class="o">*</span><span class="n">rng_override_test_function_t</span><span class="p">)(</span><span class="kt">void</span><span class="w"> </span><span class="o">*</span><span class="p">,</span><span class="w"> </span><span class="k">const</span><span class="w"> </span><span class="kt">size_t</span><span class="p">);</span>

<span class="k">extern</span><span class="w"> </span><span class="n">rng_override_test_function_t</span><span class="w"> </span><span class="nf">hal_ecdsa_set_rng_override_test_function</span><span class="p">(</span><span class="n">rng_override_test_function_t</span><span class="w"> </span><span class="n">new_func</span><span class="p">);</span>

<span class="k">static</span><span class="w"> </span><span class="k">const</span><span class="w"> </span><span class="kt">uint8_t</span><span class="w">               </span><span class="o">*</span><span class="n">next_random_value</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="nb">NULL</span><span class="p">;</span>
<span class="k">static</span><span class="w"> </span><span class="kt">size_t</span><span class="w">                       </span><span class="n">next_random_length</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="k">static</span><span class="w"> </span><span class="n">hal_error_t</span><span class="w"> </span><span class="nf">next_random_handler</span><span class="p">(</span><span class="kt">void</span><span class="w"> </span><span class="o">*</span><span class="n">data</span><span class="p">,</span><span class="w"> </span><span class="k">const</span><span class="w"> </span><span class="kt">size_t</span><span class="w"> </span><span class="n">length</span><span class="p">)</span>
<span class="p">{</span>
<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">data</span><span class="w"> </span><span class="o">==</span><span class="w"> </span><span class="nb">NULL</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">HAL_ERROR_BAD_ARGUMENTS</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">next_random_value</span><span class="w"> </span><span class="o">==</span><span class="w"> </span><span class="nb">NULL</span><span class="w"> </span><span class="o">||</span><span class="w"> </span><span class="n">length</span><span class="w"> </span><span class="o">&lt;</span><span class="w"> </span><span class="n">next_random_length</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">HAL_ERROR_IMPOSSIBLE</span><span class="p">;</span>

<span class="w">  </span><span class="n">memset</span><span class="p">(</span><span class="n">data</span><span class="p">,</span><span class="w"> </span><span class="mi">0</span><span class="p">,</span><span class="w"> </span><span class="n">length</span><span class="p">);</span>
<span class="w">  </span><span class="n">memcpy</span><span class="p">(</span><span class="n">data</span><span class="w"> </span><span class="o">+</span><span class="w"> </span><span class="n">length</span><span class="w"> </span><span class="o">-</span><span class="w"> </span><span class="n">next_random_length</span><span class="p">,</span><span class="w"> </span><span class="n">next_random_value</span><span class="p">,</span><span class="w"> </span><span class="n">next_random_length</span><span class="p">);</span>

<span class="w">  </span><span class="n">next_random_value</span><span class="w">  </span><span class="o">=</span><span class="w"> </span><span class="nb">NULL</span><span class="p">;</span>
<span class="w">  </span><span class="n">next_random_length</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="p">(</span><span class="kt">void</span><span class="p">)</span><span class="w"> </span><span class="n">hal_ecdsa_set_rng_override_test_function</span><span class="p">(</span><span class="mi">0</span><span class="p">);</span>

<span class="w">  </span><span class="k">return</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">;</span>
<span class="p">}</span>

<span class="k">static</span><span class="w"> </span><span class="kt">void</span><span class="w"> </span><span class="nf">set_next_random</span><span class="p">(</span><span class="k">const</span><span class="w"> </span><span class="kt">uint8_t</span><span class="w"> </span><span class="o">*</span><span class="w"> </span><span class="k">const</span><span class="w"> </span><span class="n">data</span><span class="p">,</span><span class="w"> </span><span class="k">const</span><span class="w"> </span><span class="kt">size_t</span><span class="w"> </span><span class="n">length</span><span class="p">)</span>
<span class="p">{</span>
<span class="w">  </span><span class="p">(</span><span class="kt">void</span><span class="p">)</span><span class="w"> </span><span class="n">hal_ecdsa_set_rng_override_test_function</span><span class="p">(</span><span class="n">next_random_handler</span><span class="p">);</span>
<span class="w">  </span><span class="n">next_random_value</span><span class="w">  </span><span class="o">=</span><span class="w"> </span><span class="n">data</span><span class="p">;</span>
<span class="w">  </span><span class="n">next_random_length</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">length</span><span class="p">;</span>
<span class="p">}</span>

<span class="cm">/*</span>
<span class="cm"> * Run one keygen test from test vectors.</span>
<span class="cm"> */</span>

<span class="k">static</span><span class="w"> </span><span class="kt">int</span><span class="w"> </span><span class="nf">test_against_static_vectors</span><span class="p">(</span><span class="k">const</span><span class="w"> </span><span class="n">ecdsa_tc_t</span><span class="w"> </span><span class="o">*</span><span class="w"> </span><span class="k">const</span><span class="w"> </span><span class="n">tc</span><span class="p">)</span>

<span class="p">{</span>
<span class="w">  </span><span class="kt">char</span><span class="w"> </span><span class="n">fn</span><span class="p">[</span><span class="k">sizeof</span><span class="p">(</span><span class="s">&quot;test-ecdsa-private-key-xxxxxx.der&quot;</span><span class="p">)];</span>
<span class="w">  </span><span class="n">hal_error_t</span><span class="w"> </span><span class="n">err</span><span class="p">;</span>
<span class="w">  </span><span class="kt">FILE</span><span class="w"> </span><span class="o">*</span><span class="n">f</span><span class="p">;</span>

<span class="w">  </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;Starting static test vector tests for P-%lu</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="p">(</span><span class="kt">unsigned</span><span class="w"> </span><span class="kt">long</span><span class="p">)</span><span class="w"> </span><span class="p">(</span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">d_len</span><span class="w"> </span><span class="o">*</span><span class="w"> </span><span class="mi">8</span><span class="p">));</span>

<span class="w">  </span><span class="n">set_next_random</span><span class="p">(</span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">d</span><span class="p">,</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">d_len</span><span class="p">);</span>

<span class="w">  </span><span class="kt">uint8_t</span><span class="w"> </span><span class="n">keybuf1</span><span class="p">[</span><span class="n">hal_ecdsa_key_t_size</span><span class="p">];</span>
<span class="w">  </span><span class="n">hal_ecdsa_key_t</span><span class="w"> </span><span class="o">*</span><span class="n">key1</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="nb">NULL</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">((</span><span class="n">err</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_ecdsa_key_gen</span><span class="p">(</span><span class="nb">NULL</span><span class="p">,</span><span class="w"> </span><span class="o">&amp;</span><span class="n">key1</span><span class="p">,</span><span class="w"> </span><span class="n">keybuf1</span><span class="p">,</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">keybuf1</span><span class="p">),</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">curve</span><span class="p">))</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;hal_ecdsa_key_gen() failed: %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">hal_error_string</span><span class="p">(</span><span class="n">err</span><span class="p">)),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="kt">uint8_t</span><span class="w"> </span><span class="n">Qx</span><span class="p">[</span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">Qx_len</span><span class="p">],</span><span class="w"> </span><span class="n">Qy</span><span class="p">[</span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">Qy_len</span><span class="p">];</span>
<span class="w">  </span><span class="kt">size_t</span><span class="w"> </span><span class="n">Qx_len</span><span class="p">,</span><span class="w"> </span><span class="n">Qy_len</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">((</span><span class="n">err</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_ecdsa_key_get_public</span><span class="p">(</span><span class="n">key1</span><span class="p">,</span><span class="w"> </span><span class="n">Qx</span><span class="p">,</span><span class="w"> </span><span class="o">&amp;</span><span class="n">Qx_len</span><span class="p">,</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">Qx</span><span class="p">),</span><span class="w"> </span><span class="n">Qy</span><span class="p">,</span><span class="w"> </span><span class="o">&amp;</span><span class="n">Qy_len</span><span class="p">,</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">Qy</span><span class="p">)))</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;hal_ecdsa_key_get_public() failed: %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">hal_error_string</span><span class="p">(</span><span class="n">err</span><span class="p">)),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">Qx_len</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="n">Qx_len</span><span class="w"> </span><span class="o">||</span><span class="w"> </span><span class="n">memcmp</span><span class="p">(</span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">Qx</span><span class="p">,</span><span class="w"> </span><span class="n">Qx</span><span class="p">,</span><span class="w"> </span><span class="n">Qx_len</span><span class="p">)</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="mi">0</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;Qx mismatch</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">Qy_len</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="n">Qy_len</span><span class="w"> </span><span class="o">||</span><span class="w"> </span><span class="n">memcmp</span><span class="p">(</span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">Qy</span><span class="p">,</span><span class="w"> </span><span class="n">Qy</span><span class="p">,</span><span class="w"> </span><span class="n">Qy_len</span><span class="p">)</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="mi">0</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;Qy mismatch</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">hal_ecdsa_private_key_to_der_len</span><span class="p">(</span><span class="n">key1</span><span class="p">)</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">key_len</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;DER Key length mismatch</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="kt">uint8_t</span><span class="w"> </span><span class="n">der</span><span class="p">[</span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">key_len</span><span class="p">];</span>
<span class="w">  </span><span class="kt">size_t</span><span class="w"> </span><span class="n">der_len</span><span class="p">;</span>

<span class="w">  </span><span class="n">err</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_ecdsa_private_key_to_der</span><span class="p">(</span><span class="n">key1</span><span class="p">,</span><span class="w"> </span><span class="n">der</span><span class="p">,</span><span class="w"> </span><span class="o">&amp;</span><span class="n">der_len</span><span class="p">,</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">der</span><span class="p">));</span>

<span class="w">  </span><span class="n">snprintf</span><span class="p">(</span><span class="n">fn</span><span class="p">,</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">fn</span><span class="p">),</span><span class="w"> </span><span class="s">&quot;test-ecdsa-private-key-p%u.der&quot;</span><span class="p">,</span><span class="w"> </span><span class="p">(</span><span class="kt">unsigned</span><span class="p">)</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">d_len</span><span class="w"> </span><span class="o">*</span><span class="w"> </span><span class="mi">8</span><span class="p">);</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">((</span><span class="n">f</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">fopen</span><span class="p">(</span><span class="n">fn</span><span class="p">,</span><span class="w"> </span><span class="s">&quot;wb&quot;</span><span class="p">))</span><span class="w"> </span><span class="o">==</span><span class="w"> </span><span class="nb">NULL</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;Couldn&#39;t open %s: %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">fn</span><span class="p">,</span><span class="w"> </span><span class="n">strerror</span><span class="p">(</span><span class="n">errno</span><span class="p">)),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">fwrite</span><span class="p">(</span><span class="n">der</span><span class="p">,</span><span class="w"> </span><span class="n">der_len</span><span class="p">,</span><span class="w"> </span><span class="mi">1</span><span class="p">,</span><span class="w"> </span><span class="n">f</span><span class="p">)</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="mi">1</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;Length mismatch writing %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">fn</span><span class="p">),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">fclose</span><span class="p">(</span><span class="n">f</span><span class="p">)</span><span class="w"> </span><span class="o">==</span><span class="w"> </span><span class="n">EOF</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;Couldn&#39;t close %s: %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">fn</span><span class="p">,</span><span class="w"> </span><span class="n">strerror</span><span class="p">(</span><span class="n">errno</span><span class="p">)),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="cm">/* Deferred error from hal_ecdsa_private_key_to_der() */</span>
<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">err</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;hal_ecdsa_private_key_to_der() failed: %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">hal_error_string</span><span class="p">(</span><span class="n">err</span><span class="p">)),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="kt">uint8_t</span><span class="w"> </span><span class="n">keybuf2</span><span class="p">[</span><span class="n">hal_ecdsa_key_t_size</span><span class="p">];</span>
<span class="w">  </span><span class="n">hal_ecdsa_key_t</span><span class="w"> </span><span class="o">*</span><span class="n">key2</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="nb">NULL</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">((</span><span class="n">err</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_ecdsa_private_key_from_der</span><span class="p">(</span><span class="o">&amp;</span><span class="n">key2</span><span class="p">,</span><span class="w"> </span><span class="n">keybuf2</span><span class="p">,</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">keybuf2</span><span class="p">),</span><span class="w"> </span><span class="n">der</span><span class="p">,</span><span class="w"> </span><span class="n">der_len</span><span class="p">))</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;hal_ecdsa_private_key_from_der() failed: %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">hal_error_string</span><span class="p">(</span><span class="n">err</span><span class="p">)),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">memcmp</span><span class="p">(</span><span class="n">key1</span><span class="p">,</span><span class="w"> </span><span class="n">key2</span><span class="p">,</span><span class="w"> </span><span class="n">hal_ecdsa_key_t_size</span><span class="p">)</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="mi">0</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;Private key mismatch after read/write cycle</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="n">set_next_random</span><span class="p">(</span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">k</span><span class="p">,</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">k_len</span><span class="p">);</span>

<span class="w">  </span><span class="kt">uint8_t</span><span class="w"> </span><span class="n">sig</span><span class="p">[</span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">sig_len</span><span class="w"> </span><span class="o">+</span><span class="w"> </span><span class="mi">4</span><span class="p">];</span>
<span class="w">  </span><span class="kt">size_t</span><span class="w">  </span><span class="n">sig_len</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">((</span><span class="n">err</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_ecdsa_sign</span><span class="p">(</span><span class="nb">NULL</span><span class="p">,</span><span class="w"> </span><span class="n">key1</span><span class="p">,</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">H</span><span class="p">,</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">H_len</span><span class="p">,</span><span class="w"> </span><span class="n">sig</span><span class="p">,</span><span class="w"> </span><span class="o">&amp;</span><span class="n">sig_len</span><span class="p">,</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">sig</span><span class="p">)))</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;hal_ecdsa_sign() failed: %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">hal_error_string</span><span class="p">(</span><span class="n">err</span><span class="p">)),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">sig_len</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">sig_len</span><span class="w"> </span><span class="o">||</span><span class="w"> </span><span class="n">memcmp</span><span class="p">(</span><span class="n">sig</span><span class="p">,</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">sig</span><span class="p">,</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">sig_len</span><span class="p">)</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="mi">0</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;Signature mismatch</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">((</span><span class="n">err</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_ecdsa_verify</span><span class="p">(</span><span class="nb">NULL</span><span class="p">,</span><span class="w"> </span><span class="n">key2</span><span class="p">,</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">H</span><span class="p">,</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">H_len</span><span class="p">,</span><span class="w"> </span><span class="n">sig</span><span class="p">,</span><span class="w"> </span><span class="n">sig_len</span><span class="p">))</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;hal_ecdsa_verify(private) failed: %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">hal_error_string</span><span class="p">(</span><span class="n">err</span><span class="p">)),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="n">hal_ecdsa_key_clear</span><span class="p">(</span><span class="n">key2</span><span class="p">);</span>
<span class="w">  </span><span class="n">key2</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="nb">NULL</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">((</span><span class="n">err</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_ecdsa_key_load_private</span><span class="p">(</span><span class="o">&amp;</span><span class="n">key2</span><span class="p">,</span><span class="w"> </span><span class="n">keybuf2</span><span class="p">,</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">keybuf2</span><span class="p">),</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">curve</span><span class="p">,</span>
<span class="w">                                        </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">Qx</span><span class="p">,</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">Qx_len</span><span class="p">,</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">Qy</span><span class="p">,</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">Qy_len</span><span class="p">,</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">d</span><span class="p">,</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">d_len</span><span class="p">))</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;hal_ecdsa_load_private() failed: %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">hal_error_string</span><span class="p">(</span><span class="n">err</span><span class="p">)),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">memcmp</span><span class="p">(</span><span class="n">key1</span><span class="p">,</span><span class="w"> </span><span class="n">key2</span><span class="p">,</span><span class="w"> </span><span class="n">hal_ecdsa_key_t_size</span><span class="p">)</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="mi">0</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;Key mismatch after hal_ecdsa_load_private_key()</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="n">hal_ecdsa_key_clear</span><span class="p">(</span><span class="n">key2</span><span class="p">);</span>
<span class="w">  </span><span class="n">key2</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="nb">NULL</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">((</span><span class="n">err</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_ecdsa_key_load_public</span><span class="p">(</span><span class="o">&amp;</span><span class="n">key2</span><span class="p">,</span><span class="w"> </span><span class="n">keybuf2</span><span class="p">,</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">keybuf2</span><span class="p">),</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">curve</span><span class="p">,</span>
<span class="w">                                       </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">Qx</span><span class="p">,</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">Qx_len</span><span class="p">,</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">Qy</span><span class="p">,</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">Qy_len</span><span class="p">))</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;hal_ecdsa_load_public() failed: %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">hal_error_string</span><span class="p">(</span><span class="n">err</span><span class="p">)),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">((</span><span class="n">err</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_ecdsa_verify</span><span class="p">(</span><span class="nb">NULL</span><span class="p">,</span><span class="w"> </span><span class="n">key2</span><span class="p">,</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">H</span><span class="p">,</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">H_len</span><span class="p">,</span><span class="w"> </span><span class="n">sig</span><span class="p">,</span><span class="w"> </span><span class="n">sig_len</span><span class="p">))</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;hal_ecdsa_verify(public) failed: %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">hal_error_string</span><span class="p">(</span><span class="n">err</span><span class="p">)),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="kt">uint8_t</span><span class="w"> </span><span class="n">point</span><span class="p">[</span><span class="n">hal_ecdsa_key_to_ecpoint_len</span><span class="p">(</span><span class="n">key1</span><span class="p">)];</span>
<span class="w">  </span><span class="kt">size_t</span><span class="w">  </span><span class="n">point_len</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">((</span><span class="n">err</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_ecdsa_key_to_ecpoint</span><span class="p">(</span><span class="n">key1</span><span class="p">,</span><span class="w"> </span><span class="n">point</span><span class="p">,</span><span class="w"> </span><span class="o">&amp;</span><span class="n">point_len</span><span class="p">,</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">point</span><span class="p">)))</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;hal_ecdsa_key_to_point() failed: %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">hal_error_string</span><span class="p">(</span><span class="n">err</span><span class="p">)),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="n">hal_ecdsa_key_clear</span><span class="p">(</span><span class="n">key1</span><span class="p">);</span>
<span class="w">  </span><span class="n">key1</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="nb">NULL</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">((</span><span class="n">err</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_ecdsa_key_from_ecpoint</span><span class="p">(</span><span class="o">&amp;</span><span class="n">key1</span><span class="p">,</span><span class="w"> </span><span class="n">keybuf1</span><span class="p">,</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">keybuf1</span><span class="p">),</span><span class="w"> </span><span class="n">point</span><span class="p">,</span><span class="w"> </span><span class="n">point_len</span><span class="p">,</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">curve</span><span class="p">))</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;hal_ecdsa_key_from_point() failed: %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">hal_error_string</span><span class="p">(</span><span class="n">err</span><span class="p">)),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">memcmp</span><span class="p">(</span><span class="n">key1</span><span class="p">,</span><span class="w"> </span><span class="n">key2</span><span class="p">,</span><span class="w"> </span><span class="n">hal_ecdsa_key_t_size</span><span class="p">)</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="mi">0</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;Public key mismatch after first read/write cycle</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="n">hal_ecdsa_key_clear</span><span class="p">(</span><span class="n">key2</span><span class="p">);</span>
<span class="w">  </span><span class="n">key2</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="nb">NULL</span><span class="p">;</span>

<span class="w">  </span><span class="n">err</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_ecdsa_public_key_to_der</span><span class="p">(</span><span class="n">key1</span><span class="p">,</span><span class="w"> </span><span class="n">der</span><span class="p">,</span><span class="w"> </span><span class="o">&amp;</span><span class="n">der_len</span><span class="p">,</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">der</span><span class="p">));</span>

<span class="w">  </span><span class="n">snprintf</span><span class="p">(</span><span class="n">fn</span><span class="p">,</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">fn</span><span class="p">),</span><span class="w"> </span><span class="s">&quot;test-ecdsa-public-key-p%u.der&quot;</span><span class="p">,</span><span class="w"> </span><span class="p">(</span><span class="kt">unsigned</span><span class="p">)</span><span class="w"> </span><span class="n">tc</span><span class="o">-&gt;</span><span class="n">d_len</span><span class="w"> </span><span class="o">*</span><span class="w"> </span><span class="mi">8</span><span class="p">);</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">((</span><span class="n">f</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">fopen</span><span class="p">(</span><span class="n">fn</span><span class="p">,</span><span class="w"> </span><span class="s">&quot;wb&quot;</span><span class="p">))</span><span class="w"> </span><span class="o">==</span><span class="w"> </span><span class="nb">NULL</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;Couldn&#39;t open %s: %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">fn</span><span class="p">,</span><span class="w"> </span><span class="n">strerror</span><span class="p">(</span><span class="n">errno</span><span class="p">)),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">fwrite</span><span class="p">(</span><span class="n">der</span><span class="p">,</span><span class="w"> </span><span class="n">der_len</span><span class="p">,</span><span class="w"> </span><span class="mi">1</span><span class="p">,</span><span class="w"> </span><span class="n">f</span><span class="p">)</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="mi">1</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;Length mismatch writing %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">fn</span><span class="p">),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">fclose</span><span class="p">(</span><span class="n">f</span><span class="p">)</span><span class="w"> </span><span class="o">==</span><span class="w"> </span><span class="n">EOF</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;Couldn&#39;t close %s: %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">fn</span><span class="p">,</span><span class="w"> </span><span class="n">strerror</span><span class="p">(</span><span class="n">errno</span><span class="p">)),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="cm">/* Deferred error from hal_ecdsa_public_key_to_der() */</span>
<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">err</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;hal_ecdsa_public_key_to_der() failed: %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">hal_error_string</span><span class="p">(</span><span class="n">err</span><span class="p">)),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">((</span><span class="n">err</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_ecdsa_public_key_from_der</span><span class="p">(</span><span class="o">&amp;</span><span class="n">key2</span><span class="p">,</span><span class="w"> </span><span class="n">keybuf2</span><span class="p">,</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">keybuf2</span><span class="p">),</span><span class="w"> </span><span class="n">der</span><span class="p">,</span><span class="w"> </span><span class="n">der_len</span><span class="p">))</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;hal_ecdsa_public_key_from_der() failed: %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">hal_error_string</span><span class="p">(</span><span class="n">err</span><span class="p">)),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">memcmp</span><span class="p">(</span><span class="n">key1</span><span class="p">,</span><span class="w"> </span><span class="n">key2</span><span class="p">,</span><span class="w"> </span><span class="n">hal_ecdsa_key_t_size</span><span class="p">)</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="mi">0</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;Public key mismatch after second read/write cycle</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="n">hal_ecdsa_key_clear</span><span class="p">(</span><span class="n">key1</span><span class="p">);</span>
<span class="w">  </span><span class="n">hal_ecdsa_key_clear</span><span class="p">(</span><span class="n">key2</span><span class="p">);</span>

<span class="w">  </span><span class="k">return</span><span class="w"> </span><span class="mi">1</span><span class="p">;</span>
<span class="p">}</span>

<span class="cp">#endif </span><span class="cm">/* HAL_ECDSA_DEBUG_ONLY_STATIC_TEST_VECTOR_RANDOM */</span>

<span class="cm">/*</span>
<span class="cm"> * Run one keygen/sign/verify test with a newly generated key.</span>
<span class="cm"> */</span>

<span class="k">static</span><span class="w"> </span><span class="kt">int</span><span class="w"> </span><span class="nf">test_keygen_sign_verify</span><span class="p">(</span><span class="k">const</span><span class="w"> </span><span class="n">hal_curve_name_t</span><span class="w"> </span><span class="n">curve</span><span class="p">)</span>

<span class="p">{</span>
<span class="w">  </span><span class="k">const</span><span class="w"> </span><span class="n">hal_hash_descriptor_t</span><span class="w"> </span><span class="o">*</span><span class="n">hash_descriptor</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="nb">NULL</span><span class="p">;</span>
<span class="w">  </span><span class="kt">uint8_t</span><span class="w"> </span><span class="n">keybuf</span><span class="p">[</span><span class="n">hal_ecdsa_key_t_size</span><span class="p">];</span>
<span class="w">  </span><span class="n">hal_ecdsa_key_t</span><span class="w"> </span><span class="o">*</span><span class="n">key</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="nb">NULL</span><span class="p">;</span>
<span class="w">  </span><span class="n">hal_error_t</span><span class="w"> </span><span class="n">err</span><span class="p">;</span>

<span class="w">  </span><span class="k">switch</span><span class="w"> </span><span class="p">(</span><span class="n">curve</span><span class="p">)</span><span class="w"> </span><span class="p">{</span>

<span class="w">  </span><span class="k">case</span><span class="w"> </span><span class="no">HAL_CURVE_P256</span><span class="p">:</span>
<span class="w">    </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;ECDSA P-256 key generation / signature / verification test</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">);</span>
<span class="w">    </span><span class="n">hash_descriptor</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_hash_sha256</span><span class="p">;</span>
<span class="w">    </span><span class="k">break</span><span class="p">;</span>

<span class="w">  </span><span class="k">case</span><span class="w"> </span><span class="no">HAL_CURVE_P384</span><span class="p">:</span>
<span class="w">    </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;ECDSA P-384 key generation / signature / verification test</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">);</span>
<span class="w">    </span><span class="n">hash_descriptor</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_hash_sha384</span><span class="p">;</span>
<span class="w">    </span><span class="k">break</span><span class="p">;</span>

<span class="w">  </span><span class="k">case</span><span class="w"> </span><span class="no">HAL_CURVE_P521</span><span class="p">:</span>
<span class="w">    </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;ECDSA P-521 key generation / signature / verification test</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">);</span>
<span class="w">    </span><span class="n">hash_descriptor</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_hash_sha512</span><span class="p">;</span>
<span class="w">    </span><span class="k">break</span><span class="p">;</span>

<span class="w">  </span><span class="k">default</span><span class="o">:</span>
<span class="w">    </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;Unsupported ECDSA curve type</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">);</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>
<span class="w">  </span><span class="p">}</span>

<span class="w">  </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;Generating key</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">);</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">((</span><span class="n">err</span><span class="w"> </span><span class="o">=</span><span class="w">  </span><span class="n">hal_ecdsa_key_gen</span><span class="p">(</span><span class="nb">NULL</span><span class="p">,</span><span class="w"> </span><span class="o">&amp;</span><span class="n">key</span><span class="p">,</span><span class="w"> </span><span class="n">keybuf</span><span class="p">,</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">keybuf</span><span class="p">),</span><span class="w"> </span><span class="n">curve</span><span class="p">))</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;hal_ecdsa_key_gen() failed: %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">hal_error_string</span><span class="p">(</span><span class="n">err</span><span class="p">)),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;Generating digest</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">);</span>

<span class="w">  </span><span class="kt">uint8_t</span><span class="w"> </span><span class="n">hashbuf</span><span class="p">[</span><span class="n">hash_descriptor</span><span class="o">-&gt;</span><span class="n">digest_length</span><span class="p">];</span>

<span class="w">  </span><span class="p">{</span>
<span class="w">    </span><span class="k">const</span><span class="w"> </span><span class="kt">uint8_t</span><span class="w"> </span><span class="n">plaintext</span><span class="p">[]</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s">&quot;So long, and thanks...&quot;</span><span class="p">;</span>
<span class="w">    </span><span class="kt">uint8_t</span><span class="w"> </span><span class="n">statebuf</span><span class="p">[</span><span class="n">hash_descriptor</span><span class="o">-&gt;</span><span class="n">hash_state_length</span><span class="p">];</span>
<span class="w">    </span><span class="n">hal_hash_state_t</span><span class="w"> </span><span class="o">*</span><span class="n">state</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="nb">NULL</span><span class="p">;</span>

<span class="w">    </span><span class="k">if</span><span class="w"> </span><span class="p">((</span><span class="n">err</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_hash_initialize</span><span class="p">(</span><span class="nb">NULL</span><span class="p">,</span><span class="w"> </span><span class="n">hash_descriptor</span><span class="p">,</span><span class="w"> </span><span class="o">&amp;</span><span class="n">state</span><span class="p">,</span><span class="w"> </span><span class="n">statebuf</span><span class="p">,</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">statebuf</span><span class="p">)))</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="n">HAL_OK</span><span class="w"> </span><span class="o">||</span>
<span class="w">        </span><span class="p">(</span><span class="n">err</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_hash_update</span><span class="p">(</span><span class="n">state</span><span class="p">,</span><span class="w"> </span><span class="n">plaintext</span><span class="p">,</span><span class="w"> </span><span class="n">strlen</span><span class="p">((</span><span class="k">const</span><span class="w"> </span><span class="kt">char</span><span class="w"> </span><span class="o">*</span><span class="p">)</span><span class="w"> </span><span class="n">plaintext</span><span class="p">)))</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="n">HAL_OK</span><span class="w"> </span><span class="o">||</span>
<span class="w">        </span><span class="p">(</span><span class="n">err</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_hash_finalize</span><span class="p">(</span><span class="n">state</span><span class="p">,</span><span class="w"> </span><span class="n">hashbuf</span><span class="p">,</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">hashbuf</span><span class="p">)))</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">)</span>
<span class="w">      </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;Couldn&#39;t hash plaintext: %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">hal_error_string</span><span class="p">(</span><span class="n">err</span><span class="p">)),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>
<span class="w">  </span><span class="p">}</span>

<span class="w">  </span><span class="cm">/*</span>
<span class="cm">   * Lazy but probably-good-enough guess on signature size -- want</span>
<span class="cm">   * explicit number in ecdsa_curve_t?</span>
<span class="cm">   */</span>
<span class="w">  </span><span class="kt">uint8_t</span><span class="w"> </span><span class="n">sigbuf</span><span class="p">[</span><span class="n">hash_descriptor</span><span class="o">-&gt;</span><span class="n">digest_length</span><span class="w"> </span><span class="o">*</span><span class="w"> </span><span class="mi">3</span><span class="p">];</span>
<span class="w">  </span><span class="kt">size_t</span><span class="w">  </span><span class="n">siglen</span><span class="p">;</span>

<span class="w">  </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;Signing</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">);</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">((</span><span class="n">err</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_ecdsa_sign</span><span class="p">(</span><span class="nb">NULL</span><span class="p">,</span><span class="w"> </span><span class="n">key</span><span class="p">,</span><span class="w"> </span><span class="n">hashbuf</span><span class="p">,</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">hashbuf</span><span class="p">),</span>
<span class="w">                            </span><span class="n">sigbuf</span><span class="p">,</span><span class="w"> </span><span class="o">&amp;</span><span class="n">siglen</span><span class="p">,</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">sigbuf</span><span class="p">)))</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;hal_ecdsa_sign() failed: %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">hal_error_string</span><span class="p">(</span><span class="n">err</span><span class="p">)),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;Verifying</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">);</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">((</span><span class="n">err</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_ecdsa_verify</span><span class="p">(</span><span class="nb">NULL</span><span class="p">,</span><span class="w"> </span><span class="n">key</span><span class="p">,</span><span class="w"> </span><span class="n">hashbuf</span><span class="p">,</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">hashbuf</span><span class="p">),</span><span class="w"> </span><span class="n">sigbuf</span><span class="p">,</span><span class="w"> </span><span class="n">siglen</span><span class="p">))</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="n">HAL_OK</span><span class="p">)</span>
<span class="w">    </span><span class="k">return</span><span class="w"> </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;hal_ecdsa_verify() failed: %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">hal_error_string</span><span class="p">(</span><span class="n">err</span><span class="p">)),</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span>

<span class="w">  </span><span class="k">return</span><span class="w"> </span><span class="mi">1</span><span class="p">;</span>
<span class="p">}</span>

<span class="cm">/*</span>
<span class="cm"> * Time a test.</span>
<span class="cm"> */</span>

<span class="k">static</span><span class="w"> </span><span class="kt">void</span><span class="w"> </span><span class="nf">_time_check</span><span class="p">(</span><span class="k">const</span><span class="w"> </span><span class="k">struct</span><span class="w"> </span><span class="nc">timeval</span><span class="w"> </span><span class="n">t0</span><span class="p">,</span><span class="w"> </span><span class="k">const</span><span class="w"> </span><span class="kt">int</span><span class="w"> </span><span class="n">ok</span><span class="p">)</span>
<span class="p">{</span>
<span class="w">  </span><span class="k">struct</span><span class="w"> </span><span class="nc">timeval</span><span class="w"> </span><span class="n">t</span><span class="p">;</span>
<span class="w">  </span><span class="n">gettimeofday</span><span class="p">(</span><span class="o">&amp;</span><span class="n">t</span><span class="p">,</span><span class="w"> </span><span class="nb">NULL</span><span class="p">);</span>
<span class="w">  </span><span class="n">t</span><span class="p">.</span><span class="n">tv_sec</span><span class="w"> </span><span class="o">-=</span><span class="w"> </span><span class="n">t0</span><span class="p">.</span><span class="n">tv_sec</span><span class="p">;</span>
<span class="w">  </span><span class="n">t</span><span class="p">.</span><span class="n">tv_usec</span><span class="w"> </span><span class="o">-=</span><span class="w"> </span><span class="n">t0</span><span class="p">.</span><span class="n">tv_usec</span><span class="p">;</span>
<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">t</span><span class="p">.</span><span class="n">tv_usec</span><span class="w"> </span><span class="o">&lt;</span><span class="w"> </span><span class="mi">0</span><span class="p">)</span><span class="w"> </span><span class="p">{</span>
<span class="w">    </span><span class="n">t</span><span class="p">.</span><span class="n">tv_usec</span><span class="w"> </span><span class="o">+=</span><span class="w"> </span><span class="mi">1000000</span><span class="p">;</span>
<span class="w">    </span><span class="n">t</span><span class="p">.</span><span class="n">tv_sec</span><span class="w">  </span><span class="o">-=</span><span class="w"> </span><span class="mi">1</span><span class="p">;</span>
<span class="w">  </span><span class="p">}</span>
<span class="w">  </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;Elapsed time %lu.%06lu seconds, %s</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span>
<span class="w">         </span><span class="p">(</span><span class="kt">unsigned</span><span class="w"> </span><span class="kt">long</span><span class="p">)</span><span class="w"> </span><span class="n">t</span><span class="p">.</span><span class="n">tv_sec</span><span class="p">,</span>
<span class="w">         </span><span class="p">(</span><span class="kt">unsigned</span><span class="w"> </span><span class="kt">long</span><span class="p">)</span><span class="w"> </span><span class="n">t</span><span class="p">.</span><span class="n">tv_usec</span><span class="p">,</span>
<span class="w">         </span><span class="n">ok</span><span class="w"> </span><span class="o">?</span><span class="w"> </span><span class="s">&quot;OK&quot;</span><span class="w"> </span><span class="o">:</span><span class="w"> </span><span class="s">&quot;FAILED&quot;</span><span class="p">);</span>
<span class="p">}</span>

<span class="cp">#define time_check(_expr_)                      \</span>
<span class="cp">  do {                                          \</span>
<span class="cp">    struct timeval _t;                          \</span>
<span class="cp">    gettimeofday(&amp;_t, NULL);                    \</span>
<span class="cp">    int _ok = (_expr_);                         \</span>
<span class="cp">    _time_check(_t, _ok);                       \</span>
<span class="cp">    ok &amp;= _ok;                                  \</span>
<span class="cp">  } while (0)</span>


<span class="k">static</span><span class="w"> </span><span class="kt">void</span><span class="w"> </span><span class="nf">show_core</span><span class="p">(</span><span class="k">const</span><span class="w"> </span><span class="n">hal_core_t</span><span class="w"> </span><span class="o">*</span><span class="n">core</span><span class="p">,</span><span class="w"> </span><span class="k">const</span><span class="w"> </span><span class="kt">char</span><span class="w"> </span><span class="o">*</span><span class="n">whinge</span><span class="p">)</span>
<span class="p">{</span>
<span class="w">  </span><span class="k">const</span><span class="w"> </span><span class="n">hal_core_info_t</span><span class="w"> </span><span class="o">*</span><span class="n">core_info</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_core_info</span><span class="p">(</span><span class="n">core</span><span class="p">);</span>
<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">core_info</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="nb">NULL</span><span class="p">)</span>
<span class="w">    </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;</span><span class="se">\&quot;</span><span class="s">%8.8s</span><span class="se">\&quot;</span><span class="s">  </span><span class="se">\&quot;</span><span class="s">%4.4s</span><span class="se">\&quot;\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">core_info</span><span class="o">-&gt;</span><span class="n">name</span><span class="p">,</span><span class="w"> </span><span class="n">core_info</span><span class="o">-&gt;</span><span class="n">version</span><span class="p">);</span>
<span class="w">  </span><span class="k">else</span><span class="w"> </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">whinge</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="nb">NULL</span><span class="p">)</span>
<span class="w">    </span><span class="n">printf</span><span class="p">(</span><span class="s">&quot;%s core not present</span><span class="se">\n</span><span class="s">&quot;</span><span class="p">,</span><span class="w"> </span><span class="n">whinge</span><span class="p">);</span>
<span class="p">}</span>

<span class="kt">int</span><span class="w"> </span><span class="nf">main</span><span class="p">(</span><span class="kt">int</span><span class="w"> </span><span class="n">argc</span><span class="p">,</span><span class="w"> </span><span class="kt">char</span><span class="w"> </span><span class="o">*</span><span class="n">argv</span><span class="p">[])</span>
<span class="p">{</span>
<span class="w">  </span><span class="k">const</span><span class="w"> </span><span class="n">hal_core_t</span><span class="w"> </span><span class="o">*</span><span class="n">sha256_core</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_core_find</span><span class="p">(</span><span class="n">SHA256_NAME</span><span class="p">,</span><span class="w"> </span><span class="nb">NULL</span><span class="p">);</span>
<span class="w">  </span><span class="k">const</span><span class="w"> </span><span class="n">hal_core_t</span><span class="w"> </span><span class="o">*</span><span class="n">sha512_core</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_core_find</span><span class="p">(</span><span class="n">SHA512_NAME</span><span class="p">,</span><span class="w"> </span><span class="nb">NULL</span><span class="p">);</span>
<span class="w">  </span><span class="k">const</span><span class="w"> </span><span class="n">hal_core_t</span><span class="w"> </span><span class="o">*</span><span class="n">csprng_core</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">hal_core_find</span><span class="p">(</span><span class="n">CSPRNG_NAME</span><span class="p">,</span><span class="w"> </span><span class="nb">NULL</span><span class="p">);</span>

<span class="w">  </span><span class="n">show_core</span><span class="p">(</span><span class="n">sha256_core</span><span class="p">,</span><span class="w"> </span><span class="s">&quot;sha-256&quot;</span><span class="p">);</span>
<span class="w">  </span><span class="n">show_core</span><span class="p">(</span><span class="n">sha512_core</span><span class="p">,</span><span class="w"> </span><span class="s">&quot;sha-512&quot;</span><span class="p">);</span>
<span class="w">  </span><span class="n">show_core</span><span class="p">(</span><span class="n">csprng_core</span><span class="p">,</span><span class="w"> </span><span class="s">&quot;csprng&quot;</span><span class="p">);</span>

<span class="w">  </span><span class="kt">int</span><span class="w"> </span><span class="n">ok</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="mi">1</span><span class="p">;</span>

<span class="cp">#if HAL_ECDSA_DEBUG_ONLY_STATIC_TEST_VECTOR_RANDOM</span>
<span class="w">  </span><span class="cm">/*</span>
<span class="cm">   * Test vectors (where we have them).</span>
<span class="cm">   */</span>
<span class="w">  </span><span class="k">for</span><span class="w"> </span><span class="p">(</span><span class="kt">int</span><span class="w"> </span><span class="n">i</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="mi">0</span><span class="p">;</span><span class="w"> </span><span class="n">i</span><span class="w"> </span><span class="o">&lt;</span><span class="w"> </span><span class="k">sizeof</span><span class="p">(</span><span class="n">ecdsa_tc</span><span class="p">)</span><span class="o">/</span><span class="k">sizeof</span><span class="p">(</span><span class="o">*</span><span class="n">ecdsa_tc</span><span class="p">);</span><span class="w"> </span><span class="n">i</span><span class="o">++</span><span class="p">)</span>
<span class="w">    </span><span class="n">time_check</span><span class="p">(</span><span class="n">test_against_static_vectors</span><span class="p">(</span><span class="o">&amp;</span><span class="n">ecdsa_tc</span><span class="p">[</span><span class="n">i</span><span class="p">]));</span>
<span class="cp">#endif</span>

<span class="w">  </span><span class="cm">/*</span>
<span class="cm">   * Generate/sign/verify test for each curve.</span>
<span class="cm">   */</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">csprng_core</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="nb">NULL</span><span class="w"> </span><span class="o">&amp;&amp;</span><span class="w"> </span><span class="n">sha256_core</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="nb">NULL</span><span class="p">)</span><span class="w"> </span><span class="p">{</span>
<span class="w">    </span><span class="n">time_check</span><span class="p">(</span><span class="n">test_keygen_sign_verify</span><span class="p">(</span><span class="n">HAL_CURVE_P256</span><span class="p">));</span>
<span class="w">  </span><span class="p">}</span>

<span class="w">  </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">csprng_core</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="nb">NULL</span><span class="w"> </span><span class="o">&amp;&amp;</span><span class="w"> </span><span class="n">sha512_core</span><span class="w"> </span><span class="o">!=</span><span class="w"> </span><span class="nb">NULL</span><span class="p">)</span><span class="w"> </span><span class="p">{</span>
<span class="w">    </span><span class="n">time_check</span><span class="p">(</span><span class="n">test_keygen_sign_verify</span><span class="p">(</span><span class="n">HAL_CURVE_P384</span><span class="p">));</span>
<span class="w">    </span><span class="n">time_check</span><span class="p">(</span><span class="n">test_keygen_sign_verify</span><span class="p">(</span><span class="n">HAL_CURVE_P521</span><span class="p">));</span>
<span class="w">  </span><span class="p">}</span>

<span class="w">  </span><span class="k">return</span><span class="w"> </span><span class="o">!</span><span class="n">ok</span><span class="p">;</span>
<span class="p">}</span>

<span class="cm">/*</span>
<span class="cm"> * Local variables:</span>
<span class="cm"> * indent-tabs-mode: nil</span>
<span class="cm"> * End:</span>
<span class="cm"> */</span>
</pre></div>
</code></pre></div></td>
</tr>
</table>
</div> <!-- class=content -->
<div class='footer'>generated by <a href='https://git.zx2c4.com/cgit/about/'>cgit v1.2.3</a> (<a href='https://git-scm.com/'>git 2.25.1</a>) at 2024-11-14 16:45:22 +0000</div>
</div> <!-- id=cgit -->
</body>
</html>