diff options
author | cvs2svn <admin@example.com> | 2006-06-27 05:05:41 +0000 |
---|---|---|
committer | cvs2svn <admin@example.com> | 2006-06-27 05:05:41 +0000 |
commit | f99818624a550de2de83858db24e9e9ddb1c552b (patch) | |
tree | 39016da40af35b8885fe81fa5c837078fd5b7935 | |
parent | 4f828b924f54507141fb95ebe49dfcd261945e85 (diff) | |
download | openbsd-f99818624a550de2de83858db24e9e9ddb1c552b.tar.gz openbsd-f99818624a550de2de83858db24e9e9ddb1c552b.tar.bz2 openbsd-f99818624a550de2de83858db24e9e9ddb1c552b.zip |
This commit was manufactured by cvs2git to create tag 'openssl_0_9_7j'.openssl_0_9_7j
36 files changed, 870 insertions, 9240 deletions
diff --git a/src/lib/libssl/src/crypto/bn/bn_x931p.c b/src/lib/libssl/src/crypto/bn/bn_x931p.c new file mode 100644 index 0000000000..c64410dd3a --- /dev/null +++ b/src/lib/libssl/src/crypto/bn/bn_x931p.c | |||
@@ -0,0 +1,282 @@ | |||
1 | /* bn_x931p.c */ | ||
2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | ||
3 | * project 2005. | ||
4 | */ | ||
5 | /* ==================================================================== | ||
6 | * Copyright (c) 2005 The OpenSSL Project. All rights reserved. | ||
7 | * | ||
8 | * Redistribution and use in source and binary forms, with or without | ||
9 | * modification, are permitted provided that the following conditions | ||
10 | * are met: | ||
11 | * | ||
12 | * 1. Redistributions of source code must retain the above copyright | ||
13 | * notice, this list of conditions and the following disclaimer. | ||
14 | * | ||
15 | * 2. Redistributions in binary form must reproduce the above copyright | ||
16 | * notice, this list of conditions and the following disclaimer in | ||
17 | * the documentation and/or other materials provided with the | ||
18 | * distribution. | ||
19 | * | ||
20 | * 3. All advertising materials mentioning features or use of this | ||
21 | * software must display the following acknowledgment: | ||
22 | * "This product includes software developed by the OpenSSL Project | ||
23 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | ||
24 | * | ||
25 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
26 | * endorse or promote products derived from this software without | ||
27 | * prior written permission. For written permission, please contact | ||
28 | * licensing@OpenSSL.org. | ||
29 | * | ||
30 | * 5. Products derived from this software may not be called "OpenSSL" | ||
31 | * nor may "OpenSSL" appear in their names without prior written | ||
32 | * permission of the OpenSSL Project. | ||
33 | * | ||
34 | * 6. Redistributions of any form whatsoever must retain the following | ||
35 | * acknowledgment: | ||
36 | * "This product includes software developed by the OpenSSL Project | ||
37 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | ||
38 | * | ||
39 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
40 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
41 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
42 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
43 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
44 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
45 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
46 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
48 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
49 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
50 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
51 | * ==================================================================== | ||
52 | * | ||
53 | * This product includes cryptographic software written by Eric Young | ||
54 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
55 | * Hudson (tjh@cryptsoft.com). | ||
56 | * | ||
57 | */ | ||
58 | |||
59 | #include <stdio.h> | ||
60 | #include <openssl/bn.h> | ||
61 | |||
62 | #ifdef OPENSSL_FIPS | ||
63 | |||
64 | /* X9.31 routines for prime derivation */ | ||
65 | |||
66 | |||
67 | /* X9.31 prime derivation. This is used to generate the primes pi | ||
68 | * (p1, p2, q1, q2) from a parameter Xpi by checking successive odd | ||
69 | * integers. | ||
70 | */ | ||
71 | |||
72 | static int bn_x931_derive_pi(BIGNUM *pi, const BIGNUM *Xpi, BN_CTX *ctx, | ||
73 | void (*cb)(int, int, void *), void *cb_arg) | ||
74 | { | ||
75 | int i = 0; | ||
76 | if (!BN_copy(pi, Xpi)) | ||
77 | return 0; | ||
78 | if (!BN_is_odd(pi) && !BN_add_word(pi, 1)) | ||
79 | return 0; | ||
80 | for(;;) | ||
81 | { | ||
82 | i++; | ||
83 | if (cb) | ||
84 | cb(0, i, cb_arg); | ||
85 | /* NB 27 MR is specificed in X9.31 */ | ||
86 | if (BN_is_prime_fasttest(pi, 27, cb, ctx, cb_arg, 1)) | ||
87 | break; | ||
88 | if (!BN_add_word(pi, 2)) | ||
89 | return 0; | ||
90 | } | ||
91 | if (cb) | ||
92 | cb(2, i, cb_arg); | ||
93 | return 1; | ||
94 | } | ||
95 | |||
96 | /* This is the main X9.31 prime derivation function. From parameters | ||
97 | * Xp1, Xp2 and Xp derive the prime p. If the parameters p1 or p2 are | ||
98 | * not NULL they will be returned too: this is needed for testing. | ||
99 | */ | ||
100 | |||
101 | int BN_X931_derive_prime(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, | ||
102 | void (*cb)(int, int, void *), void *cb_arg, | ||
103 | const BIGNUM *Xp, const BIGNUM *Xp1, const BIGNUM *Xp2, | ||
104 | const BIGNUM *e, BN_CTX *ctx) | ||
105 | { | ||
106 | int ret = 0; | ||
107 | |||
108 | BIGNUM *t, *p1p2, *pm1; | ||
109 | |||
110 | /* Only even e supported */ | ||
111 | if (!BN_is_odd(e)) | ||
112 | return 0; | ||
113 | |||
114 | BN_CTX_start(ctx); | ||
115 | if (!p1) | ||
116 | p1 = BN_CTX_get(ctx); | ||
117 | |||
118 | if (!p2) | ||
119 | p2 = BN_CTX_get(ctx); | ||
120 | |||
121 | t = BN_CTX_get(ctx); | ||
122 | |||
123 | p1p2 = BN_CTX_get(ctx); | ||
124 | |||
125 | pm1 = BN_CTX_get(ctx); | ||
126 | |||
127 | if (!bn_x931_derive_pi(p1, Xp1, ctx, cb, cb_arg)) | ||
128 | goto err; | ||
129 | |||
130 | if (!bn_x931_derive_pi(p2, Xp2, ctx, cb, cb_arg)) | ||
131 | goto err; | ||
132 | |||
133 | if (!BN_mul(p1p2, p1, p2, ctx)) | ||
134 | goto err; | ||
135 | |||
136 | /* First set p to value of Rp */ | ||
137 | |||
138 | if (!BN_mod_inverse(p, p2, p1, ctx)) | ||
139 | goto err; | ||
140 | |||
141 | if (!BN_mul(p, p, p2, ctx)) | ||
142 | goto err; | ||
143 | |||
144 | if (!BN_mod_inverse(t, p1, p2, ctx)) | ||
145 | goto err; | ||
146 | |||
147 | if (!BN_mul(t, t, p1, ctx)) | ||
148 | goto err; | ||
149 | |||
150 | if (!BN_sub(p, p, t)) | ||
151 | goto err; | ||
152 | |||
153 | if (p->neg && !BN_add(p, p, p1p2)) | ||
154 | goto err; | ||
155 | |||
156 | /* p now equals Rp */ | ||
157 | |||
158 | if (!BN_mod_sub(p, p, Xp, p1p2, ctx)) | ||
159 | goto err; | ||
160 | |||
161 | if (!BN_add(p, p, Xp)) | ||
162 | goto err; | ||
163 | |||
164 | /* p now equals Yp0 */ | ||
165 | |||
166 | for (;;) | ||
167 | { | ||
168 | int i = 1; | ||
169 | if (cb) | ||
170 | cb(0, i++, cb_arg); | ||
171 | if (!BN_copy(pm1, p)) | ||
172 | goto err; | ||
173 | if (!BN_sub_word(pm1, 1)) | ||
174 | goto err; | ||
175 | if (!BN_gcd(t, pm1, e, ctx)) | ||
176 | goto err; | ||
177 | if (BN_is_one(t) | ||
178 | /* X9.31 specifies 8 MR and 1 Lucas test or any prime test | ||
179 | * offering similar or better guarantees 50 MR is considerably | ||
180 | * better. | ||
181 | */ | ||
182 | && BN_is_prime_fasttest(p, 50, cb, ctx, cb_arg, 1)) | ||
183 | break; | ||
184 | if (!BN_add(p, p, p1p2)) | ||
185 | goto err; | ||
186 | } | ||
187 | |||
188 | if (cb) | ||
189 | cb(3, 0, cb_arg); | ||
190 | |||
191 | ret = 1; | ||
192 | |||
193 | err: | ||
194 | |||
195 | BN_CTX_end(ctx); | ||
196 | |||
197 | return ret; | ||
198 | } | ||
199 | |||
200 | /* Generate pair of paramters Xp, Xq for X9.31 prime generation. | ||
201 | * Note: nbits paramter is sum of number of bits in both. | ||
202 | */ | ||
203 | |||
204 | int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx) | ||
205 | { | ||
206 | BIGNUM *t; | ||
207 | int i; | ||
208 | /* Number of bits for each prime is of the form | ||
209 | * 512+128s for s = 0, 1, ... | ||
210 | */ | ||
211 | if ((nbits < 1024) || (nbits & 0xff)) | ||
212 | return 0; | ||
213 | nbits >>= 1; | ||
214 | /* The random value Xp must be between sqrt(2) * 2^(nbits-1) and | ||
215 | * 2^nbits - 1. By setting the top two bits we ensure that the lower | ||
216 | * bound is exceeded. | ||
217 | */ | ||
218 | if (!BN_rand(Xp, nbits, 1, 0)) | ||
219 | return 0; | ||
220 | |||
221 | BN_CTX_start(ctx); | ||
222 | t = BN_CTX_get(ctx); | ||
223 | |||
224 | for (i = 0; i < 1000; i++) | ||
225 | { | ||
226 | if (!BN_rand(Xq, nbits, 1, 0)) | ||
227 | return 0; | ||
228 | /* Check that |Xp - Xq| > 2^(nbits - 100) */ | ||
229 | BN_sub(t, Xp, Xq); | ||
230 | if (BN_num_bits(t) > (nbits - 100)) | ||
231 | break; | ||
232 | } | ||
233 | |||
234 | BN_CTX_end(ctx); | ||
235 | |||
236 | if (i < 1000) | ||
237 | return 1; | ||
238 | |||
239 | return 0; | ||
240 | |||
241 | } | ||
242 | |||
243 | /* Generate primes using X9.31 algorithm. Of the values p, p1, p2, Xp1 | ||
244 | * and Xp2 only 'p' needs to be non-NULL. If any of the others are not NULL | ||
245 | * the relevant parameter will be stored in it. | ||
246 | * | ||
247 | * Due to the fact that |Xp - Xq| > 2^(nbits - 100) must be satisfied Xp and Xq | ||
248 | * are generated using the previous function and supplied as input. | ||
249 | */ | ||
250 | |||
251 | int BN_X931_generate_prime(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, | ||
252 | BIGNUM *Xp1, BIGNUM *Xp2, | ||
253 | const BIGNUM *Xp, | ||
254 | const BIGNUM *e, BN_CTX *ctx, | ||
255 | void (*cb)(int, int, void *), void *cb_arg) | ||
256 | { | ||
257 | int ret = 0; | ||
258 | |||
259 | BN_CTX_start(ctx); | ||
260 | if (!Xp1) | ||
261 | Xp1 = BN_CTX_get(ctx); | ||
262 | if (!Xp2) | ||
263 | Xp2 = BN_CTX_get(ctx); | ||
264 | |||
265 | if (!BN_rand(Xp1, 101, 0, 0)) | ||
266 | goto error; | ||
267 | if (!BN_rand(Xp2, 101, 0, 0)) | ||
268 | goto error; | ||
269 | if (!BN_X931_derive_prime(p, p1, p2, cb, cb_arg, | ||
270 | Xp, Xp1, Xp2, e, ctx)) | ||
271 | goto error; | ||
272 | |||
273 | ret = 1; | ||
274 | |||
275 | error: | ||
276 | BN_CTX_end(ctx); | ||
277 | |||
278 | return ret; | ||
279 | |||
280 | } | ||
281 | |||
282 | #endif | ||
diff --git a/src/lib/libssl/src/crypto/rc4/asm/rc4-x86_64.pl b/src/lib/libssl/src/crypto/rc4/asm/rc4-x86_64.pl new file mode 100755 index 0000000000..b628daca70 --- /dev/null +++ b/src/lib/libssl/src/crypto/rc4/asm/rc4-x86_64.pl | |||
@@ -0,0 +1,150 @@ | |||
1 | #!/usr/bin/env perl | ||
2 | # | ||
3 | # ==================================================================== | ||
4 | # Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL | ||
5 | # project. Rights for redistribution and usage in source and binary | ||
6 | # forms are granted according to the OpenSSL license. | ||
7 | # ==================================================================== | ||
8 | # | ||
9 | # Unlike 0.9.7f this code expects RC4_CHAR back in config line! See | ||
10 | # commentary section in corresponding script in development branch | ||
11 | # for background information about this option carousel. For those | ||
12 | # who don't have energy to figure out these gory details, here is | ||
13 | # basis in form of performance matrix relative to the original | ||
14 | # 0.9.7e C code-base: | ||
15 | # | ||
16 | # 0.9.7e 0.9.7f this | ||
17 | # AMD64 1x 3.3x 2.4x | ||
18 | # EM64T 1x 0.8x 1.5x | ||
19 | # | ||
20 | # In other words idea is to trade -25% AMD64 performance to compensate | ||
21 | # for deterioration and gain +90% on EM64T core. Development branch | ||
22 | # maintains best performance for either target, i.e. 3.3x for AMD64 | ||
23 | # and 1.5x for EM64T. | ||
24 | |||
25 | $output=shift; | ||
26 | |||
27 | open STDOUT,">$output" || die "can't open $output: $!"; | ||
28 | |||
29 | $dat="%rdi"; # arg1 | ||
30 | $len="%rsi"; # arg2 | ||
31 | $inp="%rdx"; # arg3 | ||
32 | $out="%rcx"; # arg4 | ||
33 | |||
34 | @XX=("%r8","%r10"); | ||
35 | @TX=("%r9","%r11"); | ||
36 | $YY="%r12"; | ||
37 | $TY="%r13"; | ||
38 | |||
39 | $code=<<___;; | ||
40 | .text | ||
41 | |||
42 | .globl RC4 | ||
43 | .type RC4,\@function | ||
44 | .align 16 | ||
45 | RC4: or $len,$len | ||
46 | jne .Lentry | ||
47 | repret | ||
48 | .Lentry: | ||
49 | push %r12 | ||
50 | push %r13 | ||
51 | |||
52 | add \$2,$dat | ||
53 | movzb -2($dat),$XX[0]#d | ||
54 | movzb -1($dat),$YY#d | ||
55 | |||
56 | add \$1,$XX[0]#b | ||
57 | movzb ($dat,$XX[0]),$TX[0]#d | ||
58 | test \$-8,$len | ||
59 | jz .Lcloop1 | ||
60 | push %rbx | ||
61 | .align 16 # incidentally aligned already | ||
62 | .Lcloop8: | ||
63 | mov ($inp),%eax | ||
64 | mov 4($inp),%ebx | ||
65 | ___ | ||
66 | # unroll 2x4-wise, because 64-bit rotates kill Intel P4... | ||
67 | for ($i=0;$i<4;$i++) { | ||
68 | $code.=<<___; | ||
69 | add $TX[0]#b,$YY#b | ||
70 | lea 1($XX[0]),$XX[1] | ||
71 | movzb ($dat,$YY),$TY#d | ||
72 | movzb $XX[1]#b,$XX[1]#d | ||
73 | movzb ($dat,$XX[1]),$TX[1]#d | ||
74 | movb $TX[0]#b,($dat,$YY) | ||
75 | cmp $XX[1],$YY | ||
76 | movb $TY#b,($dat,$XX[0]) | ||
77 | jne .Lcmov$i # Intel cmov is sloooow... | ||
78 | mov $TX[0],$TX[1] | ||
79 | .Lcmov$i: | ||
80 | add $TX[0]#b,$TY#b | ||
81 | xor ($dat,$TY),%al | ||
82 | ror \$8,%eax | ||
83 | ___ | ||
84 | push(@TX,shift(@TX)); push(@XX,shift(@XX)); # "rotate" registers | ||
85 | } | ||
86 | for ($i=4;$i<8;$i++) { | ||
87 | $code.=<<___; | ||
88 | add $TX[0]#b,$YY#b | ||
89 | lea 1($XX[0]),$XX[1] | ||
90 | movzb ($dat,$YY),$TY#d | ||
91 | movzb $XX[1]#b,$XX[1]#d | ||
92 | movzb ($dat,$XX[1]),$TX[1]#d | ||
93 | movb $TX[0]#b,($dat,$YY) | ||
94 | cmp $XX[1],$YY | ||
95 | movb $TY#b,($dat,$XX[0]) | ||
96 | jne .Lcmov$i # Intel cmov is sloooow... | ||
97 | mov $TX[0],$TX[1] | ||
98 | .Lcmov$i: | ||
99 | add $TX[0]#b,$TY#b | ||
100 | xor ($dat,$TY),%bl | ||
101 | ror \$8,%ebx | ||
102 | ___ | ||
103 | push(@TX,shift(@TX)); push(@XX,shift(@XX)); # "rotate" registers | ||
104 | } | ||
105 | $code.=<<___; | ||
106 | lea -8($len),$len | ||
107 | mov %eax,($out) | ||
108 | lea 8($inp),$inp | ||
109 | mov %ebx,4($out) | ||
110 | lea 8($out),$out | ||
111 | |||
112 | test \$-8,$len | ||
113 | jnz .Lcloop8 | ||
114 | pop %rbx | ||
115 | cmp \$0,$len | ||
116 | jne .Lcloop1 | ||
117 | .Lexit: | ||
118 | sub \$1,$XX[0]#b | ||
119 | movb $XX[0]#b,-2($dat) | ||
120 | movb $YY#b,-1($dat) | ||
121 | |||
122 | pop %r13 | ||
123 | pop %r12 | ||
124 | repret | ||
125 | |||
126 | .align 16 | ||
127 | .Lcloop1: | ||
128 | add $TX[0]#b,$YY#b | ||
129 | movzb ($dat,$YY),$TY#d | ||
130 | movb $TX[0]#b,($dat,$YY) | ||
131 | movb $TY#b,($dat,$XX[0]) | ||
132 | add $TX[0]#b,$TY#b | ||
133 | add \$1,$XX[0]#b | ||
134 | movzb ($dat,$TY),$TY#d | ||
135 | movzb ($dat,$XX[0]),$TX[0]#d | ||
136 | xorb ($inp),$TY#b | ||
137 | lea 1($inp),$inp | ||
138 | movb $TY#b,($out) | ||
139 | lea 1($out),$out | ||
140 | sub \$1,$len | ||
141 | jnz .Lcloop1 | ||
142 | jmp .Lexit | ||
143 | .size RC4,.-RC4 | ||
144 | ___ | ||
145 | |||
146 | $code =~ s/#([bwd])/$1/gm; | ||
147 | |||
148 | $code =~ s/repret/.byte\t0xF3,0xC3/gm; | ||
149 | |||
150 | print $code; | ||
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_pss.c b/src/lib/libssl/src/crypto/rsa/rsa_pss.c new file mode 100644 index 0000000000..2815628f5f --- /dev/null +++ b/src/lib/libssl/src/crypto/rsa/rsa_pss.c | |||
@@ -0,0 +1,261 @@ | |||
1 | /* rsa_pss.c */ | ||
2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | ||
3 | * project 2005. | ||
4 | */ | ||
5 | /* ==================================================================== | ||
6 | * Copyright (c) 2005 The OpenSSL Project. All rights reserved. | ||
7 | * | ||
8 | * Redistribution and use in source and binary forms, with or without | ||
9 | * modification, are permitted provided that the following conditions | ||
10 | * are met: | ||
11 | * | ||
12 | * 1. Redistributions of source code must retain the above copyright | ||
13 | * notice, this list of conditions and the following disclaimer. | ||
14 | * | ||
15 | * 2. Redistributions in binary form must reproduce the above copyright | ||
16 | * notice, this list of conditions and the following disclaimer in | ||
17 | * the documentation and/or other materials provided with the | ||
18 | * distribution. | ||
19 | * | ||
20 | * 3. All advertising materials mentioning features or use of this | ||
21 | * software must display the following acknowledgment: | ||
22 | * "This product includes software developed by the OpenSSL Project | ||
23 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | ||
24 | * | ||
25 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
26 | * endorse or promote products derived from this software without | ||
27 | * prior written permission. For written permission, please contact | ||
28 | * licensing@OpenSSL.org. | ||
29 | * | ||
30 | * 5. Products derived from this software may not be called "OpenSSL" | ||
31 | * nor may "OpenSSL" appear in their names without prior written | ||
32 | * permission of the OpenSSL Project. | ||
33 | * | ||
34 | * 6. Redistributions of any form whatsoever must retain the following | ||
35 | * acknowledgment: | ||
36 | * "This product includes software developed by the OpenSSL Project | ||
37 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | ||
38 | * | ||
39 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
40 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
41 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
42 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
43 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
44 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
45 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
46 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
48 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
49 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
50 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
51 | * ==================================================================== | ||
52 | * | ||
53 | * This product includes cryptographic software written by Eric Young | ||
54 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
55 | * Hudson (tjh@cryptsoft.com). | ||
56 | * | ||
57 | */ | ||
58 | |||
59 | #include <stdio.h> | ||
60 | #include "cryptlib.h" | ||
61 | #include <openssl/bn.h> | ||
62 | #include <openssl/rsa.h> | ||
63 | #include <openssl/evp.h> | ||
64 | #include <openssl/rand.h> | ||
65 | #include <openssl/sha.h> | ||
66 | |||
67 | const static unsigned char zeroes[] = {0,0,0,0,0,0,0,0}; | ||
68 | |||
69 | int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash, | ||
70 | const EVP_MD *Hash, const unsigned char *EM, int sLen) | ||
71 | { | ||
72 | int i; | ||
73 | int ret = 0; | ||
74 | int hLen, maskedDBLen, MSBits, emLen; | ||
75 | const unsigned char *H; | ||
76 | unsigned char *DB = NULL; | ||
77 | EVP_MD_CTX ctx; | ||
78 | unsigned char H_[EVP_MAX_MD_SIZE]; | ||
79 | |||
80 | hLen = EVP_MD_size(Hash); | ||
81 | /* | ||
82 | * Negative sLen has special meanings: | ||
83 | * -1 sLen == hLen | ||
84 | * -2 salt length is autorecovered from signature | ||
85 | * -N reserved | ||
86 | */ | ||
87 | if (sLen == -1) sLen = hLen; | ||
88 | else if (sLen == -2) sLen = -2; | ||
89 | else if (sLen < -2) | ||
90 | { | ||
91 | RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_SLEN_CHECK_FAILED); | ||
92 | goto err; | ||
93 | } | ||
94 | |||
95 | MSBits = (BN_num_bits(rsa->n) - 1) & 0x7; | ||
96 | emLen = RSA_size(rsa); | ||
97 | if (EM[0] & (0xFF << MSBits)) | ||
98 | { | ||
99 | RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_FIRST_OCTET_INVALID); | ||
100 | goto err; | ||
101 | } | ||
102 | if (MSBits == 0) | ||
103 | { | ||
104 | EM++; | ||
105 | emLen--; | ||
106 | } | ||
107 | if (emLen < (hLen + sLen + 2)) /* sLen can be small negative */ | ||
108 | { | ||
109 | RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_DATA_TOO_LARGE); | ||
110 | goto err; | ||
111 | } | ||
112 | if (EM[emLen - 1] != 0xbc) | ||
113 | { | ||
114 | RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_LAST_OCTET_INVALID); | ||
115 | goto err; | ||
116 | } | ||
117 | maskedDBLen = emLen - hLen - 1; | ||
118 | H = EM + maskedDBLen; | ||
119 | DB = OPENSSL_malloc(maskedDBLen); | ||
120 | if (!DB) | ||
121 | { | ||
122 | RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, ERR_R_MALLOC_FAILURE); | ||
123 | goto err; | ||
124 | } | ||
125 | PKCS1_MGF1(DB, maskedDBLen, H, hLen, Hash); | ||
126 | for (i = 0; i < maskedDBLen; i++) | ||
127 | DB[i] ^= EM[i]; | ||
128 | if (MSBits) | ||
129 | DB[0] &= 0xFF >> (8 - MSBits); | ||
130 | for (i = 0; DB[i] == 0 && i < (maskedDBLen-1); i++) ; | ||
131 | if (DB[i++] != 0x1) | ||
132 | { | ||
133 | RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_SLEN_RECOVERY_FAILED); | ||
134 | goto err; | ||
135 | } | ||
136 | if (sLen >= 0 && (maskedDBLen - i) != sLen) | ||
137 | { | ||
138 | RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_SLEN_CHECK_FAILED); | ||
139 | goto err; | ||
140 | } | ||
141 | EVP_MD_CTX_init(&ctx); | ||
142 | EVP_DigestInit_ex(&ctx, Hash, NULL); | ||
143 | EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes); | ||
144 | EVP_DigestUpdate(&ctx, mHash, hLen); | ||
145 | if (maskedDBLen - i) | ||
146 | EVP_DigestUpdate(&ctx, DB + i, maskedDBLen - i); | ||
147 | EVP_DigestFinal(&ctx, H_, NULL); | ||
148 | EVP_MD_CTX_cleanup(&ctx); | ||
149 | if (memcmp(H_, H, hLen)) | ||
150 | { | ||
151 | RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_BAD_SIGNATURE); | ||
152 | ret = 0; | ||
153 | } | ||
154 | else | ||
155 | ret = 1; | ||
156 | |||
157 | err: | ||
158 | if (DB) | ||
159 | OPENSSL_free(DB); | ||
160 | |||
161 | return ret; | ||
162 | |||
163 | } | ||
164 | |||
165 | int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM, | ||
166 | const unsigned char *mHash, | ||
167 | const EVP_MD *Hash, int sLen) | ||
168 | { | ||
169 | int i; | ||
170 | int ret = 0; | ||
171 | int hLen, maskedDBLen, MSBits, emLen; | ||
172 | unsigned char *H, *salt = NULL, *p; | ||
173 | EVP_MD_CTX ctx; | ||
174 | |||
175 | hLen = EVP_MD_size(Hash); | ||
176 | /* | ||
177 | * Negative sLen has special meanings: | ||
178 | * -1 sLen == hLen | ||
179 | * -2 salt length is maximized | ||
180 | * -N reserved | ||
181 | */ | ||
182 | if (sLen == -1) sLen = hLen; | ||
183 | else if (sLen == -2) sLen = -2; | ||
184 | else if (sLen < -2) | ||
185 | { | ||
186 | RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS, RSA_R_SLEN_CHECK_FAILED); | ||
187 | goto err; | ||
188 | } | ||
189 | |||
190 | MSBits = (BN_num_bits(rsa->n) - 1) & 0x7; | ||
191 | emLen = RSA_size(rsa); | ||
192 | if (MSBits == 0) | ||
193 | { | ||
194 | *EM++ = 0; | ||
195 | emLen--; | ||
196 | } | ||
197 | if (sLen == -2) | ||
198 | { | ||
199 | sLen = emLen - hLen - 2; | ||
200 | } | ||
201 | else if (emLen < (hLen + sLen + 2)) | ||
202 | { | ||
203 | RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS, | ||
204 | RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); | ||
205 | goto err; | ||
206 | } | ||
207 | if (sLen > 0) | ||
208 | { | ||
209 | salt = OPENSSL_malloc(sLen); | ||
210 | if (!salt) | ||
211 | { | ||
212 | RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS, | ||
213 | ERR_R_MALLOC_FAILURE); | ||
214 | goto err; | ||
215 | } | ||
216 | if (!RAND_bytes(salt, sLen)) | ||
217 | goto err; | ||
218 | } | ||
219 | maskedDBLen = emLen - hLen - 1; | ||
220 | H = EM + maskedDBLen; | ||
221 | EVP_MD_CTX_init(&ctx); | ||
222 | EVP_DigestInit_ex(&ctx, Hash, NULL); | ||
223 | EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes); | ||
224 | EVP_DigestUpdate(&ctx, mHash, hLen); | ||
225 | if (sLen) | ||
226 | EVP_DigestUpdate(&ctx, salt, sLen); | ||
227 | EVP_DigestFinal(&ctx, H, NULL); | ||
228 | EVP_MD_CTX_cleanup(&ctx); | ||
229 | |||
230 | /* Generate dbMask in place then perform XOR on it */ | ||
231 | PKCS1_MGF1(EM, maskedDBLen, H, hLen, Hash); | ||
232 | |||
233 | p = EM; | ||
234 | |||
235 | /* Initial PS XORs with all zeroes which is a NOP so just update | ||
236 | * pointer. Note from a test above this value is guaranteed to | ||
237 | * be non-negative. | ||
238 | */ | ||
239 | p += emLen - sLen - hLen - 2; | ||
240 | *p++ ^= 0x1; | ||
241 | if (sLen > 0) | ||
242 | { | ||
243 | for (i = 0; i < sLen; i++) | ||
244 | *p++ ^= salt[i]; | ||
245 | } | ||
246 | if (MSBits) | ||
247 | EM[0] &= 0xFF >> (8 - MSBits); | ||
248 | |||
249 | /* H is already in place so just set final 0xbc */ | ||
250 | |||
251 | EM[emLen - 1] = 0xbc; | ||
252 | |||
253 | ret = 1; | ||
254 | |||
255 | err: | ||
256 | if (salt) | ||
257 | OPENSSL_free(salt); | ||
258 | |||
259 | return ret; | ||
260 | |||
261 | } | ||
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_x931.c b/src/lib/libssl/src/crypto/rsa/rsa_x931.c new file mode 100644 index 0000000000..df3c45f802 --- /dev/null +++ b/src/lib/libssl/src/crypto/rsa/rsa_x931.c | |||
@@ -0,0 +1,177 @@ | |||
1 | /* rsa_x931.c */ | ||
2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | ||
3 | * project 2005. | ||
4 | */ | ||
5 | /* ==================================================================== | ||
6 | * Copyright (c) 2005 The OpenSSL Project. All rights reserved. | ||
7 | * | ||
8 | * Redistribution and use in source and binary forms, with or without | ||
9 | * modification, are permitted provided that the following conditions | ||
10 | * are met: | ||
11 | * | ||
12 | * 1. Redistributions of source code must retain the above copyright | ||
13 | * notice, this list of conditions and the following disclaimer. | ||
14 | * | ||
15 | * 2. Redistributions in binary form must reproduce the above copyright | ||
16 | * notice, this list of conditions and the following disclaimer in | ||
17 | * the documentation and/or other materials provided with the | ||
18 | * distribution. | ||
19 | * | ||
20 | * 3. All advertising materials mentioning features or use of this | ||
21 | * software must display the following acknowledgment: | ||
22 | * "This product includes software developed by the OpenSSL Project | ||
23 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | ||
24 | * | ||
25 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
26 | * endorse or promote products derived from this software without | ||
27 | * prior written permission. For written permission, please contact | ||
28 | * licensing@OpenSSL.org. | ||
29 | * | ||
30 | * 5. Products derived from this software may not be called "OpenSSL" | ||
31 | * nor may "OpenSSL" appear in their names without prior written | ||
32 | * permission of the OpenSSL Project. | ||
33 | * | ||
34 | * 6. Redistributions of any form whatsoever must retain the following | ||
35 | * acknowledgment: | ||
36 | * "This product includes software developed by the OpenSSL Project | ||
37 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | ||
38 | * | ||
39 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
40 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
41 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
42 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
43 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
44 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
45 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
46 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
48 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
49 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
50 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
51 | * ==================================================================== | ||
52 | * | ||
53 | * This product includes cryptographic software written by Eric Young | ||
54 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
55 | * Hudson (tjh@cryptsoft.com). | ||
56 | * | ||
57 | */ | ||
58 | |||
59 | #include <stdio.h> | ||
60 | #include "cryptlib.h" | ||
61 | #include <openssl/bn.h> | ||
62 | #include <openssl/rsa.h> | ||
63 | #include <openssl/rand.h> | ||
64 | #include <openssl/objects.h> | ||
65 | |||
66 | int RSA_padding_add_X931(unsigned char *to, int tlen, | ||
67 | const unsigned char *from, int flen) | ||
68 | { | ||
69 | int j; | ||
70 | unsigned char *p; | ||
71 | |||
72 | /* Absolute minimum amount of padding is 1 header nibble, 1 padding | ||
73 | * nibble and 2 trailer bytes: but 1 hash if is already in 'from'. | ||
74 | */ | ||
75 | |||
76 | j = tlen - flen - 2; | ||
77 | |||
78 | if (j < 0) | ||
79 | { | ||
80 | RSAerr(RSA_F_RSA_PADDING_ADD_X931,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); | ||
81 | return -1; | ||
82 | } | ||
83 | |||
84 | p=(unsigned char *)to; | ||
85 | |||
86 | /* If no padding start and end nibbles are in one byte */ | ||
87 | if (j == 0) | ||
88 | *p++ = 0x6A; | ||
89 | else | ||
90 | { | ||
91 | *p++ = 0x6B; | ||
92 | if (j > 1) | ||
93 | { | ||
94 | memset(p, 0xBB, j - 1); | ||
95 | p += j - 1; | ||
96 | } | ||
97 | *p++ = 0xBA; | ||
98 | } | ||
99 | memcpy(p,from,(unsigned int)flen); | ||
100 | p += flen; | ||
101 | *p = 0xCC; | ||
102 | return(1); | ||
103 | } | ||
104 | |||
105 | int RSA_padding_check_X931(unsigned char *to, int tlen, | ||
106 | const unsigned char *from, int flen, int num) | ||
107 | { | ||
108 | int i,j; | ||
109 | const unsigned char *p; | ||
110 | |||
111 | p=from; | ||
112 | if ((num != flen) || ((*p != 0x6A) && (*p != 0x6B))) | ||
113 | { | ||
114 | RSAerr(RSA_F_RSA_PADDING_CHECK_X931,RSA_R_INVALID_HEADER); | ||
115 | return -1; | ||
116 | } | ||
117 | |||
118 | if (*p++ == 0x6B) | ||
119 | { | ||
120 | j=flen-3; | ||
121 | for (i = 0; i < j; i++) | ||
122 | { | ||
123 | unsigned char c = *p++; | ||
124 | if (c == 0xBA) | ||
125 | break; | ||
126 | if (c != 0xBB) | ||
127 | { | ||
128 | RSAerr(RSA_F_RSA_PADDING_CHECK_X931, | ||
129 | RSA_R_INVALID_PADDING); | ||
130 | return -1; | ||
131 | } | ||
132 | } | ||
133 | |||
134 | j -= i; | ||
135 | |||
136 | if (i == 0) | ||
137 | { | ||
138 | RSAerr(RSA_F_RSA_PADDING_CHECK_X931, RSA_R_INVALID_PADDING); | ||
139 | return -1; | ||
140 | } | ||
141 | |||
142 | } | ||
143 | else j = flen - 2; | ||
144 | |||
145 | if (p[j] != 0xCC) | ||
146 | { | ||
147 | RSAerr(RSA_F_RSA_PADDING_CHECK_X931, RSA_R_INVALID_TRAILER); | ||
148 | return -1; | ||
149 | } | ||
150 | |||
151 | memcpy(to,p,(unsigned int)j); | ||
152 | |||
153 | return(j); | ||
154 | } | ||
155 | |||
156 | /* Translate between X931 hash ids and NIDs */ | ||
157 | |||
158 | int RSA_X931_hash_id(int nid) | ||
159 | { | ||
160 | switch (nid) | ||
161 | { | ||
162 | case NID_sha1: | ||
163 | return 0x33; | ||
164 | |||
165 | case NID_sha256: | ||
166 | return 0x34; | ||
167 | |||
168 | case NID_sha384: | ||
169 | return 0x36; | ||
170 | |||
171 | case NID_sha512: | ||
172 | return 0x35; | ||
173 | |||
174 | } | ||
175 | return -1; | ||
176 | } | ||
177 | |||
diff --git a/src/lib/libssl/src/fips/Makefile b/src/lib/libssl/src/fips/Makefile deleted file mode 100644 index 63e4cf82be..0000000000 --- a/src/lib/libssl/src/fips/Makefile +++ /dev/null | |||
@@ -1,199 +0,0 @@ | |||
1 | # | ||
2 | # SSLeay/fips/Makefile | ||
3 | # | ||
4 | |||
5 | DIR= fips | ||
6 | TOP= .. | ||
7 | CC= cc | ||
8 | INCLUDE= -I. -I$(TOP) -I../include | ||
9 | INCLUDES= -I.. -I../.. -I../../include | ||
10 | CFLAG= -g | ||
11 | INSTALL_PREFIX= | ||
12 | OPENSSLDIR= /usr/local/ssl | ||
13 | INSTALLTOP= /usr/local/ssl | ||
14 | MAKEDEPPROG= makedepend | ||
15 | MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) | ||
16 | MAKEFILE= Makefile | ||
17 | RM= rm -f | ||
18 | AR= ar r | ||
19 | |||
20 | PEX_LIBS= | ||
21 | EX_LIBS= | ||
22 | |||
23 | CFLAGS= $(INCLUDE) $(CFLAG) | ||
24 | |||
25 | |||
26 | LIBS= | ||
27 | |||
28 | FDIRS=sha1 rand des aes dsa rsa dh | ||
29 | |||
30 | GENERAL=Makefile README fips-lib.com install.com | ||
31 | |||
32 | LIB= $(TOP)/libcrypto.a | ||
33 | SHARED_LIB= libcrypto$(SHLIB_EXT) | ||
34 | LIBSRC=fips.c fips_err_wrapper.c | ||
35 | LIBOBJ=fips.o fips_err_wrapper.o | ||
36 | |||
37 | SRC= $(LIBSRC) | ||
38 | |||
39 | EXHEADER=fips.h | ||
40 | HEADER=$(EXHEADER) fips_err.h | ||
41 | EXE=openssl_fips_fingerprint | ||
42 | |||
43 | ALL= $(GENERAL) $(SRC) $(HEADER) | ||
44 | |||
45 | top: | ||
46 | @(cd ..; $(MAKE) DIRS=$(DIR) all) | ||
47 | |||
48 | all: | ||
49 | @if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \ | ||
50 | $(MAKE) -e subdirs check lib shared; \ | ||
51 | fi | ||
52 | |||
53 | check: | ||
54 | TOP=`pwd`/$(TOP) ./fips_check_sha1 fingerprint.sha1 $(SRC) $(HEADER) | ||
55 | |||
56 | subdirs: | ||
57 | @for i in $(FDIRS) ;\ | ||
58 | do \ | ||
59 | (cd $$i && echo "making all in fips/$$i..." && \ | ||
60 | $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' FIPS_DES_ENC='${FIPS_DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' FIPS_SHA1_ASM_OBJ='${FIPS_SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' all ) || exit 1; \ | ||
61 | done; | ||
62 | |||
63 | sub_target: | ||
64 | @for i in $(FDIRS) ;\ | ||
65 | do \ | ||
66 | (cd $$i && echo "making $(TARGET) in fips/$$i..." && \ | ||
67 | $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' FIPS_DES_ENC='${FIPS_DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' FIPS_SHA1_ASM_OBJ='${FIPS_SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' $(TARGET) ) || exit 1; \ | ||
68 | done; | ||
69 | |||
70 | files: | ||
71 | $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO | ||
72 | @for i in $(FDIRS) ;\ | ||
73 | do \ | ||
74 | (cd $$i && echo "making 'files' in fips/$$i..." && \ | ||
75 | $(MAKE) PERL='${PERL}' files ); \ | ||
76 | done; | ||
77 | |||
78 | links: | ||
79 | @$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER) | ||
80 | @for i in $(FDIRS); do \ | ||
81 | (cd $$i && echo "making links in fips/$$i..." && \ | ||
82 | $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' FIPS_DES_ENC='${FIPS_DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' FIPS_SHA1_ASM_OBJ='${FIPS_SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PERL='${PERL}' links ); \ | ||
83 | done; | ||
84 | |||
85 | lib: $(LIBOBJ) | ||
86 | $(AR) $(LIB) $(LIBOBJ) | ||
87 | $(RANLIB) $(LIB) || echo Never mind. | ||
88 | @touch lib | ||
89 | |||
90 | shared: | ||
91 | if [ -n "$(SHARED_LIBS)" ]; then \ | ||
92 | (cd ..; $(MAKE) $(SHARED_LIB)); \ | ||
93 | fi | ||
94 | |||
95 | libs: | ||
96 | @for i in $(FDIRS) ;\ | ||
97 | do \ | ||
98 | (cd $$i && echo "making libs in fips/$$i..." && \ | ||
99 | $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALL_PREFIX='${INSTALL_PREFIX}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' AR='${AR}' lib ); \ | ||
100 | done; | ||
101 | |||
102 | tests: | ||
103 | @for i in $(FDIRS) ;\ | ||
104 | do \ | ||
105 | (cd $$i && echo "making tests in fips/$$i..." && \ | ||
106 | $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' AR='${AR}' tests ); \ | ||
107 | done; | ||
108 | |||
109 | top_fips_test_suite: | ||
110 | (cd $(TOP); $(MAKE) DIRS=fips FDIRS=. TARGET=fips_test_suite sub_target) | ||
111 | |||
112 | fips_test_suite: fips_test_suite.o $(TOP)/libcrypto.a | ||
113 | $(CC) $(CFLAGS) -o fips_test_suite fips_test_suite.o $(PEX_LIBS) $(TOP)/libcrypto.a $(EX_LIBS) | ||
114 | TOP=$(TOP) $(TOP)/fips/openssl_fips_fingerprint $(TOP)/libcrypto.a fips_test_suite || { rm fips_test_suite; false; } | ||
115 | |||
116 | fips_test: top top_fips_test_suite | ||
117 | cd testvectors && perl -p -i -e 's/COUNT=/COUNT = /' des[23]/req/*.req | ||
118 | @for i in dsa sha1 aes des ; \ | ||
119 | do \ | ||
120 | (cd $$i && echo "making fips_test in fips/$$i..." && $(MAKE) fips_test) \ | ||
121 | done; | ||
122 | |||
123 | install: | ||
124 | @headerlist="$(EXHEADER)"; for i in $$headerlist ;\ | ||
125 | do \ | ||
126 | (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ | ||
127 | chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ | ||
128 | done; | ||
129 | @for i in $(FDIRS) ;\ | ||
130 | do \ | ||
131 | (cd $$i && echo "making install in fips/$$i..." && \ | ||
132 | $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALL_PREFIX='${INSTALL_PREFIX}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' install ); \ | ||
133 | done; | ||
134 | @for i in $(EXE) ; \ | ||
135 | do \ | ||
136 | echo "installing $$i"; \ | ||
137 | cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \ | ||
138 | chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \ | ||
139 | mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i; \ | ||
140 | done | ||
141 | |||
142 | lint: | ||
143 | @for i in $(FDIRS) ;\ | ||
144 | do \ | ||
145 | (cd $$i && echo "making lint in fips/$$i..." && \ | ||
146 | $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' lint ); \ | ||
147 | done; | ||
148 | |||
149 | depend: | ||
150 | if [ ! -f buildinf.h ]; then touch buildinf.h; fi # fake buildinf.h if it does not exist | ||
151 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDE) $(DEPFLAG) -- $(SRC) | ||
152 | if [ ! -s buildinf.h ]; then rm buildinf.h; fi | ||
153 | @for i in $(FDIRS) ;\ | ||
154 | do \ | ||
155 | (cd $$i && echo "making depend in fips/$$i..." && \ | ||
156 | $(MAKE) MAKEFILE='${MAKEFILE}' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' DEPFLAG='${DEPFLAG}' MAKEDEPPROG='${MAKEDEPPROG}' KRB5_INCLUDES='${KRB5_INCLUDES}' PERL='${PERL}' depend ); \ | ||
157 | done; | ||
158 | |||
159 | clean: | ||
160 | rm -f buildinf.h *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff | ||
161 | @for i in $(FDIRS) ;\ | ||
162 | do \ | ||
163 | (cd $$i && echo "making clean in fips/$$i..." && \ | ||
164 | $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' clean ); \ | ||
165 | done; | ||
166 | |||
167 | dclean: | ||
168 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | ||
169 | mv -f Makefile.new $(MAKEFILE) | ||
170 | @for i in $(FDIRS) ;\ | ||
171 | do \ | ||
172 | (cd $$i && echo "making dclean in fips/$$i..." && \ | ||
173 | $(MAKE) PERL='${PERL}' CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' dclean ); \ | ||
174 | done; | ||
175 | |||
176 | # DO NOT DELETE THIS LINE -- make depend depends on it. | ||
177 | |||
178 | fips.o: ../include/openssl/aes.h ../include/openssl/asn1.h | ||
179 | fips.o: ../include/openssl/bio.h ../include/openssl/blowfish.h | ||
180 | fips.o: ../include/openssl/bn.h ../include/openssl/cast.h | ||
181 | fips.o: ../include/openssl/crypto.h ../include/openssl/des.h | ||
182 | fips.o: ../include/openssl/des_old.h ../include/openssl/dh.h | ||
183 | fips.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h | ||
184 | fips.o: ../include/openssl/err.h ../include/openssl/evp.h | ||
185 | fips.o: ../include/openssl/fips.h ../include/openssl/fips_rand.h | ||
186 | fips.o: ../include/openssl/hmac.h ../include/openssl/idea.h | ||
187 | fips.o: ../include/openssl/lhash.h ../include/openssl/md2.h | ||
188 | fips.o: ../include/openssl/md4.h ../include/openssl/md5.h | ||
189 | fips.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h | ||
190 | fips.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h | ||
191 | fips.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | ||
192 | fips.o: ../include/openssl/rand.h ../include/openssl/rc2.h | ||
193 | fips.o: ../include/openssl/rc4.h ../include/openssl/rc5.h | ||
194 | fips.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h | ||
195 | fips.o: ../include/openssl/safestack.h ../include/openssl/sha.h | ||
196 | fips.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | ||
197 | fips.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h fips.c | ||
198 | fips.o: fips_locl.h | ||
199 | fips_err_wrapper.o: ../include/openssl/opensslconf.h fips_err_wrapper.c | ||
diff --git a/src/lib/libssl/src/fips/aes/Makefile b/src/lib/libssl/src/fips/aes/Makefile deleted file mode 100644 index fce5eeb5f7..0000000000 --- a/src/lib/libssl/src/fips/aes/Makefile +++ /dev/null | |||
@@ -1,131 +0,0 @@ | |||
1 | # | ||
2 | # SSLeay/fips/aes/Makefile | ||
3 | # | ||
4 | |||
5 | DIR= aes | ||
6 | TOP= ../.. | ||
7 | CC= cc | ||
8 | INCLUDES= | ||
9 | CFLAG=-g | ||
10 | INSTALL_PREFIX= | ||
11 | OPENSSLDIR= /usr/local/ssl | ||
12 | INSTALLTOP=/usr/local/ssl | ||
13 | MAKEDEPPROG= makedepend | ||
14 | MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) | ||
15 | MAKEFILE= Makefile | ||
16 | AR= ar r | ||
17 | |||
18 | CFLAGS= $(INCLUDES) $(CFLAG) | ||
19 | |||
20 | GENERAL=Makefile | ||
21 | TEST=fips_aesavs.c | ||
22 | TESTDATA=fips_aes_data | ||
23 | APPS= | ||
24 | |||
25 | LIB=$(TOP)/libcrypto.a | ||
26 | LIBSRC=fips_aes_core.c fips_aes_selftest.c | ||
27 | LIBOBJ=fips_aes_core.o fips_aes_selftest.o | ||
28 | |||
29 | SRC= $(LIBSRC) | ||
30 | |||
31 | EXHEADER= | ||
32 | HEADER= $(EXHEADER) fips_aes_locl.h | ||
33 | |||
34 | ALL= $(GENERAL) $(SRC) $(HEADER) | ||
35 | |||
36 | top: | ||
37 | (cd $(TOP); $(MAKE) DIRS=fips FDIRS=$(DIR) sub_all) | ||
38 | |||
39 | all: check lib | ||
40 | |||
41 | check: | ||
42 | TOP=`pwd`/$(TOP) ../fips_check_sha1 fingerprint.sha1 $(SRC) $(HEADER) | ||
43 | |||
44 | lib: $(LIBOBJ) | ||
45 | $(AR) $(LIB) $(LIBOBJ) | ||
46 | $(RANLIB) $(LIB) || echo Never mind. | ||
47 | @sleep 2; touch lib | ||
48 | |||
49 | files: | ||
50 | $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO | ||
51 | |||
52 | links: | ||
53 | @$(PERL) $(TOP)/util/mklink.pl $(TOP)/include/openssl $(EXHEADER) | ||
54 | @$(PERL) $(TOP)/util/mklink.pl $(TOP)/test $(TEST) | ||
55 | @$(PERL) $(TOP)/util/mklink.pl $(TOP)/test $(TESTDATA) | ||
56 | @$(PERL) $(TOP)/util/mklink.pl $(TOP)/apps $(APPS) | ||
57 | |||
58 | install: | ||
59 | @headerlist="$(EXHEADER)"; for i in $$headerlist; \ | ||
60 | do \ | ||
61 | (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ | ||
62 | chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ | ||
63 | done | ||
64 | |||
65 | tags: | ||
66 | ctags $(SRC) | ||
67 | |||
68 | tests: | ||
69 | |||
70 | top_fips_aesavs: | ||
71 | (cd $(TOP); $(MAKE) DIRS=fips FDIRS=$(DIR) TARGET=fips_aesavs sub_target) | ||
72 | |||
73 | fips_aesavs: fips_aesavs.o $(TOP)/libcrypto.a | ||
74 | $(CC) $(CFLAGS) -o fips_aesavs fips_aesavs.o $(PEX_LIBS) $(TOP)/libcrypto.a $(EX_LIBS) | ||
75 | TOP=$(TOP) $(TOP)/fips/openssl_fips_fingerprint $(TOP)/libcrypto.a fips_aesavs | ||
76 | |||
77 | fips_test: top top_fips_aesavs | ||
78 | find ../testvectors/aes/req -name '*.req' > testlist | ||
79 | -rm -rf ../testvectors/aes/rsp | ||
80 | mkdir ../testvectors/aes/rsp | ||
81 | ./fips_aesavs -d testlist | ||
82 | |||
83 | lint: | ||
84 | lint -DLINT $(INCLUDES) $(SRC)>fluff | ||
85 | |||
86 | depend: | ||
87 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) \ | ||
88 | $(SRC) $(TEST) | ||
89 | |||
90 | dclean: | ||
91 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | ||
92 | mv -f Makefile.new $(MAKEFILE) | ||
93 | |||
94 | clean: | ||
95 | rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff | ||
96 | # DO NOT DELETE THIS LINE -- make depend depends on it. | ||
97 | |||
98 | fips_aes_core.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h | ||
99 | fips_aes_core.o: ../../include/openssl/fips.h | ||
100 | fips_aes_core.o: ../../include/openssl/opensslconf.h fips_aes_core.c | ||
101 | fips_aes_core.o: fips_aes_locl.h | ||
102 | fips_aes_selftest.o: ../../include/openssl/aes.h ../../include/openssl/bio.h | ||
103 | fips_aes_selftest.o: ../../include/openssl/crypto.h | ||
104 | fips_aes_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | ||
105 | fips_aes_selftest.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h | ||
106 | fips_aes_selftest.o: ../../include/openssl/opensslconf.h | ||
107 | fips_aes_selftest.o: ../../include/openssl/opensslv.h | ||
108 | fips_aes_selftest.o: ../../include/openssl/safestack.h | ||
109 | fips_aes_selftest.o: ../../include/openssl/stack.h | ||
110 | fips_aes_selftest.o: ../../include/openssl/symhacks.h fips_aes_selftest.c | ||
111 | fips_aesavs.o: ../../e_os.h ../../include/openssl/aes.h | ||
112 | fips_aesavs.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | ||
113 | fips_aesavs.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h | ||
114 | fips_aesavs.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h | ||
115 | fips_aesavs.o: ../../include/openssl/des.h ../../include/openssl/des_old.h | ||
116 | fips_aesavs.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h | ||
117 | fips_aesavs.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | ||
118 | fips_aesavs.o: ../../include/openssl/evp.h ../../include/openssl/fips.h | ||
119 | fips_aesavs.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h | ||
120 | fips_aesavs.o: ../../include/openssl/md2.h ../../include/openssl/md4.h | ||
121 | fips_aesavs.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h | ||
122 | fips_aesavs.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | ||
123 | fips_aesavs.o: ../../include/openssl/opensslconf.h | ||
124 | fips_aesavs.o: ../../include/openssl/opensslv.h | ||
125 | fips_aesavs.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h | ||
126 | fips_aesavs.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h | ||
127 | fips_aesavs.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h | ||
128 | fips_aesavs.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | ||
129 | fips_aesavs.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
130 | fips_aesavs.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h | ||
131 | fips_aesavs.o: fips_aesavs.c | ||
diff --git a/src/lib/libssl/src/fips/aes/fips_aes_selftest.c b/src/lib/libssl/src/fips/aes/fips_aes_selftest.c deleted file mode 100644 index 0e53d21bd0..0000000000 --- a/src/lib/libssl/src/fips/aes/fips_aes_selftest.c +++ /dev/null | |||
@@ -1,112 +0,0 @@ | |||
1 | /* ==================================================================== | ||
2 | * Copyright (c) 2003 The OpenSSL Project. All rights reserved. | ||
3 | * | ||
4 | * Redistribution and use in source and binary forms, with or without | ||
5 | * modification, are permitted provided that the following conditions | ||
6 | * are met: | ||
7 | * | ||
8 | * 1. Redistributions of source code must retain the above copyright | ||
9 | * notice, this list of conditions and the following disclaimer. | ||
10 | * | ||
11 | * 2. Redistributions in binary form must reproduce the above copyright | ||
12 | * notice, this list of conditions and the following disclaimer in | ||
13 | * the documentation and/or other materials provided with the | ||
14 | * distribution. | ||
15 | * | ||
16 | * 3. All advertising materials mentioning features or use of this | ||
17 | * software must display the following acknowledgment: | ||
18 | * "This product includes software developed by the OpenSSL Project | ||
19 | * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" | ||
20 | * | ||
21 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
22 | * endorse or promote products derived from this software without | ||
23 | * prior written permission. For written permission, please contact | ||
24 | * openssl-core@openssl.org. | ||
25 | * | ||
26 | * 5. Products derived from this software may not be called "OpenSSL" | ||
27 | * nor may "OpenSSL" appear in their names without prior written | ||
28 | * permission of the OpenSSL Project. | ||
29 | * | ||
30 | * 6. Redistributions of any form whatsoever must retain the following | ||
31 | * acknowledgment: | ||
32 | * "This product includes software developed by the OpenSSL Project | ||
33 | * for use in the OpenSSL Toolkit (http://www.openssl.org/)" | ||
34 | * | ||
35 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
36 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
37 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
38 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
39 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
40 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
41 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
42 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
43 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
44 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
45 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
46 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
47 | * | ||
48 | */ | ||
49 | |||
50 | #include <string.h> | ||
51 | #include <openssl/err.h> | ||
52 | #include <openssl/fips.h> | ||
53 | #include <openssl/aes.h> | ||
54 | |||
55 | #ifdef OPENSSL_FIPS | ||
56 | static struct | ||
57 | { | ||
58 | unsigned char key[16]; | ||
59 | unsigned char plaintext[16]; | ||
60 | unsigned char ciphertext[16]; | ||
61 | } tests[]= | ||
62 | { | ||
63 | { | ||
64 | { 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07, | ||
65 | 0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F }, | ||
66 | { 0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77, | ||
67 | 0x88,0x99,0xAA,0xBB,0xCC,0xDD,0xEE,0xFF }, | ||
68 | { 0x69,0xC4,0xE0,0xD8,0x6A,0x7B,0x04,0x30, | ||
69 | 0xD8,0xCD,0xB7,0x80,0x70,0xB4,0xC5,0x5A }, | ||
70 | }, | ||
71 | }; | ||
72 | |||
73 | void FIPS_corrupt_aes() | ||
74 | { | ||
75 | tests[0].key[0]++; | ||
76 | } | ||
77 | |||
78 | int FIPS_selftest_aes() | ||
79 | { | ||
80 | int n; | ||
81 | |||
82 | /* Encrypt and check against known ciphertext */ | ||
83 | for(n=0 ; n < 1 ; ++n) | ||
84 | { | ||
85 | AES_KEY key; | ||
86 | unsigned char buf[16]; | ||
87 | |||
88 | AES_set_encrypt_key(tests[n].key,128,&key); | ||
89 | AES_encrypt(tests[n].plaintext,buf,&key); | ||
90 | if(memcmp(buf,tests[n].ciphertext,sizeof buf)) | ||
91 | { | ||
92 | FIPSerr(FIPS_F_FIPS_SELFTEST_AES,FIPS_R_SELFTEST_FAILED); | ||
93 | return 0; | ||
94 | } | ||
95 | } | ||
96 | /* Decrypt and check against known plaintext */ | ||
97 | for(n=0 ; n < 1 ; ++n) | ||
98 | { | ||
99 | AES_KEY key; | ||
100 | unsigned char buf[16]; | ||
101 | |||
102 | AES_set_decrypt_key(tests[n].key,128,&key); | ||
103 | AES_decrypt(tests[n].ciphertext,buf,&key); | ||
104 | if(memcmp(buf,tests[n].plaintext,sizeof buf)) | ||
105 | { | ||
106 | FIPSerr(FIPS_F_FIPS_SELFTEST_AES,FIPS_R_SELFTEST_FAILED); | ||
107 | return 0; | ||
108 | } | ||
109 | } | ||
110 | return 1; | ||
111 | } | ||
112 | #endif | ||
diff --git a/src/lib/libssl/src/fips/aes/fips_aesavs.c b/src/lib/libssl/src/fips/aes/fips_aesavs.c deleted file mode 100644 index 5fc2879067..0000000000 --- a/src/lib/libssl/src/fips/aes/fips_aesavs.c +++ /dev/null | |||
@@ -1,1005 +0,0 @@ | |||
1 | /* ==================================================================== | ||
2 | * Copyright (c) 2004 The OpenSSL Project. All rights reserved. | ||
3 | * | ||
4 | * Redistribution and use in source and binary forms, with or without | ||
5 | * modification, are permitted provided that the following conditions | ||
6 | * are met: | ||
7 | * | ||
8 | * 1. Redistributions of source code must retain the above copyright | ||
9 | * notice, this list of conditions and the following disclaimer. | ||
10 | * | ||
11 | * 2. Redistributions in binary form must reproduce the above copyright | ||
12 | * notice, this list of conditions and the following disclaimer in | ||
13 | * the documentation and/or other materials provided with the | ||
14 | * distribution. | ||
15 | * | ||
16 | * 3. All advertising materials mentioning features or use of this | ||
17 | * software must display the following acknowledgment: | ||
18 | * "This product includes software developed by the OpenSSL Project | ||
19 | * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" | ||
20 | * | ||
21 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
22 | * endorse or promote products derived from this software without | ||
23 | * prior written permission. For written permission, please contact | ||
24 | * openssl-core@openssl.org. | ||
25 | * | ||
26 | * 5. Products derived from this software may not be called "OpenSSL" | ||
27 | * nor may "OpenSSL" appear in their names without prior written | ||
28 | * permission of the OpenSSL Project. | ||
29 | * | ||
30 | * 6. Redistributions of any form whatsoever must retain the following | ||
31 | * acknowledgment: | ||
32 | * "This product includes software developed by the OpenSSL Project | ||
33 | * for use in the OpenSSL Toolkit (http://www.openssl.org/)" | ||
34 | * | ||
35 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
36 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
37 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
38 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
39 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
40 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
41 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
42 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
43 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
44 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
45 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
46 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
47 | * | ||
48 | */ | ||
49 | /*--------------------------------------------- | ||
50 | NIST AES Algorithm Validation Suite | ||
51 | Test Program | ||
52 | |||
53 | Donated to OpenSSL by: | ||
54 | V-ONE Corporation | ||
55 | 20250 Century Blvd, Suite 300 | ||
56 | Germantown, MD 20874 | ||
57 | U.S.A. | ||
58 | ----------------------------------------------*/ | ||
59 | |||
60 | #include <stdio.h> | ||
61 | #include <stdlib.h> | ||
62 | #include <string.h> | ||
63 | #include <errno.h> | ||
64 | #include <assert.h> | ||
65 | |||
66 | #include <openssl/aes.h> | ||
67 | #include <openssl/evp.h> | ||
68 | #include <openssl/fips.h> | ||
69 | #include <openssl/err.h> | ||
70 | #include "e_os.h" | ||
71 | |||
72 | #define AES_BLOCK_SIZE 16 | ||
73 | |||
74 | #define VERBOSE 1 | ||
75 | |||
76 | /*-----------------------------------------------*/ | ||
77 | |||
78 | int AESTest(EVP_CIPHER_CTX *ctx, | ||
79 | char *amode, int akeysz, unsigned char *aKey, | ||
80 | unsigned char *iVec, | ||
81 | int dir, /* 0 = decrypt, 1 = encrypt */ | ||
82 | unsigned char *plaintext, unsigned char *ciphertext, int len) | ||
83 | { | ||
84 | const EVP_CIPHER *cipher = NULL; | ||
85 | int ret = 1; | ||
86 | int kt = 0; | ||
87 | |||
88 | if (ctx) | ||
89 | memset(ctx, 0, sizeof(EVP_CIPHER_CTX)); | ||
90 | |||
91 | if (strcasecmp(amode, "CBC") == 0) | ||
92 | kt = 1000; | ||
93 | else if (strcasecmp(amode, "ECB") == 0) | ||
94 | kt = 2000; | ||
95 | else if (strcasecmp(amode, "CFB128") == 0) | ||
96 | kt = 3000; | ||
97 | else if (strncasecmp(amode, "OFB", 3) == 0) | ||
98 | kt = 4000; | ||
99 | else if(!strcasecmp(amode,"CFB1")) | ||
100 | kt=5000; | ||
101 | else if(!strcasecmp(amode,"CFB8")) | ||
102 | kt=6000; | ||
103 | else | ||
104 | { | ||
105 | printf("Unknown mode: %s\n", amode); | ||
106 | EXIT(1); | ||
107 | } | ||
108 | if (ret) | ||
109 | { | ||
110 | if ((akeysz != 128) && (akeysz != 192) && (akeysz != 256)) | ||
111 | { | ||
112 | printf("Invalid key size: %d\n", akeysz); | ||
113 | ret = 0; | ||
114 | } | ||
115 | else | ||
116 | { | ||
117 | kt += akeysz; | ||
118 | switch (kt) | ||
119 | { | ||
120 | case 1128: /* CBC 128 */ | ||
121 | cipher = EVP_aes_128_cbc(); | ||
122 | break; | ||
123 | case 1192: /* CBC 192 */ | ||
124 | cipher = EVP_aes_192_cbc(); | ||
125 | break; | ||
126 | case 1256: /* CBC 256 */ | ||
127 | cipher = EVP_aes_256_cbc(); | ||
128 | break; | ||
129 | case 2128: /* ECB 128 */ | ||
130 | cipher = EVP_aes_128_ecb(); | ||
131 | break; | ||
132 | case 2192: /* ECB 192 */ | ||
133 | cipher = EVP_aes_192_ecb(); | ||
134 | break; | ||
135 | case 2256: /* ECB 256 */ | ||
136 | cipher = EVP_aes_256_ecb(); | ||
137 | break; | ||
138 | case 3128: /* CFB 128 */ | ||
139 | cipher = EVP_aes_128_cfb(); | ||
140 | break; | ||
141 | case 3192: /* CFB 192 */ | ||
142 | cipher = EVP_aes_192_cfb(); | ||
143 | break; | ||
144 | case 3256: /* CFB 256 */ | ||
145 | cipher = EVP_aes_256_cfb(); | ||
146 | break; | ||
147 | case 4128: /* OFB 128 */ | ||
148 | cipher = EVP_aes_128_ofb(); | ||
149 | break; | ||
150 | case 4192: /* OFB 192 */ | ||
151 | cipher = EVP_aes_192_ofb(); | ||
152 | break; | ||
153 | case 4256: /* OFB 256 */ | ||
154 | cipher = EVP_aes_256_ofb(); | ||
155 | break; | ||
156 | case 5128: | ||
157 | cipher=EVP_aes_128_cfb1(); | ||
158 | break; | ||
159 | case 5192: | ||
160 | cipher=EVP_aes_192_cfb1(); | ||
161 | break; | ||
162 | case 5256: | ||
163 | cipher=EVP_aes_256_cfb1(); | ||
164 | break; | ||
165 | case 6128: | ||
166 | cipher=EVP_aes_128_cfb8(); | ||
167 | break; | ||
168 | case 6192: | ||
169 | cipher=EVP_aes_192_cfb8(); | ||
170 | break; | ||
171 | case 6256: | ||
172 | cipher=EVP_aes_256_cfb8(); | ||
173 | break; | ||
174 | default: | ||
175 | printf("Didn't handle mode %d\n",kt); | ||
176 | EXIT(1); | ||
177 | } | ||
178 | if (dir) | ||
179 | { /* encrypt */ | ||
180 | if(!EVP_CipherInit(ctx, cipher, aKey, iVec, AES_ENCRYPT)) | ||
181 | { | ||
182 | ERR_print_errors_fp(stderr); | ||
183 | EXIT(1); | ||
184 | } | ||
185 | |||
186 | EVP_Cipher(ctx, ciphertext, (unsigned char*)plaintext, len); | ||
187 | } | ||
188 | else | ||
189 | { /* decrypt */ | ||
190 | if(!EVP_CipherInit(ctx, cipher, aKey, iVec, AES_DECRYPT)) | ||
191 | { | ||
192 | ERR_print_errors_fp(stderr); | ||
193 | EXIT(1); | ||
194 | } | ||
195 | EVP_Cipher(ctx, (unsigned char*)plaintext, ciphertext, len); | ||
196 | } | ||
197 | } | ||
198 | } | ||
199 | return ret; | ||
200 | } | ||
201 | |||
202 | /*-----------------------------------------------*/ | ||
203 | |||
204 | int hex2bin(char *in, int len, unsigned char *out) | ||
205 | { | ||
206 | int n1, n2; | ||
207 | unsigned char ch; | ||
208 | |||
209 | for (n1 = 0, n2 = 0; n1 < len; ) | ||
210 | { /* first byte */ | ||
211 | if ((in[n1] >= '0') && (in[n1] <= '9')) | ||
212 | ch = in[n1++] - '0'; | ||
213 | else if ((in[n1] >= 'A') && (in[n1] <= 'F')) | ||
214 | ch = in[n1++] - 'A' + 10; | ||
215 | else if ((in[n1] >= 'a') && (in[n1] <= 'f')) | ||
216 | ch = in[n1++] - 'a' + 10; | ||
217 | else | ||
218 | return -1; | ||
219 | if(len == 1) | ||
220 | { | ||
221 | out[n2++]=ch; | ||
222 | break; | ||
223 | } | ||
224 | out[n2] = ch << 4; | ||
225 | /* second byte */ | ||
226 | if ((in[n1] >= '0') && (in[n1] <= '9')) | ||
227 | ch = in[n1++] - '0'; | ||
228 | else if ((in[n1] >= 'A') && (in[n1] <= 'F')) | ||
229 | ch = in[n1++] - 'A' + 10; | ||
230 | else if ((in[n1] >= 'a') && (in[n1] <= 'f')) | ||
231 | ch = in[n1++] - 'a' + 10; | ||
232 | else | ||
233 | return -1; | ||
234 | out[n2++] |= ch; | ||
235 | } | ||
236 | return n2; | ||
237 | } | ||
238 | |||
239 | /*-----------------------------------------------*/ | ||
240 | |||
241 | int bin2hex(unsigned char *in, int len, char *out) | ||
242 | { | ||
243 | int n1, n2; | ||
244 | unsigned char ch; | ||
245 | |||
246 | for (n1 = 0, n2 = 0; n1 < len; ++n1) | ||
247 | { | ||
248 | /* first nibble */ | ||
249 | ch = in[n1] >> 4; | ||
250 | if (ch <= 0x09) | ||
251 | out[n2++] = ch + '0'; | ||
252 | else | ||
253 | out[n2++] = ch - 10 + 'a'; | ||
254 | /* second nibble */ | ||
255 | ch = in[n1] & 0x0f; | ||
256 | if (ch <= 0x09) | ||
257 | out[n2++] = ch + '0'; | ||
258 | else | ||
259 | out[n2++] = ch - 10 + 'a'; | ||
260 | } | ||
261 | return n2; | ||
262 | } | ||
263 | |||
264 | /* NB: this return the number of _bits_ read */ | ||
265 | int bint2bin(const char *in, int len, unsigned char *out) | ||
266 | { | ||
267 | int n; | ||
268 | |||
269 | memset(out,0,len); | ||
270 | for(n=0 ; n < len ; ++n) | ||
271 | if(in[n] == '1') | ||
272 | out[n/8]|=(0x80 >> (n%8)); | ||
273 | return len; | ||
274 | } | ||
275 | |||
276 | int bin2bint(const unsigned char *in,int len,char *out) | ||
277 | { | ||
278 | int n; | ||
279 | |||
280 | for(n=0 ; n < len ; ++n) | ||
281 | out[n]=(in[n/8]&(0x80 >> (n%8))) ? '1' : '0'; | ||
282 | return n; | ||
283 | } | ||
284 | |||
285 | /*-----------------------------------------------*/ | ||
286 | |||
287 | void PrintValue(char *tag, unsigned char *val, int len) | ||
288 | { | ||
289 | #if VERBOSE | ||
290 | char obuf[2048]; | ||
291 | int olen; | ||
292 | olen = bin2hex(val, len, obuf); | ||
293 | printf("%s = %.*s\n", tag, olen, obuf); | ||
294 | #endif | ||
295 | } | ||
296 | |||
297 | void OutputValue(char *tag, unsigned char *val, int len, FILE *rfp,int bitmode) | ||
298 | { | ||
299 | char obuf[2048]; | ||
300 | int olen; | ||
301 | |||
302 | if(bitmode) | ||
303 | olen=bin2bint(val,len,obuf); | ||
304 | else | ||
305 | olen=bin2hex(val,len,obuf); | ||
306 | |||
307 | fprintf(rfp, "%s = %.*s\n", tag, olen, obuf); | ||
308 | #if VERBOSE | ||
309 | printf("%s = %.*s\n", tag, olen, obuf); | ||
310 | #endif | ||
311 | } | ||
312 | |||
313 | /*-----------------------------------------------*/ | ||
314 | char *t_tag[2] = {"PLAINTEXT", "CIPHERTEXT"}; | ||
315 | char *t_mode[6] = {"CBC","ECB","OFB","CFB1","CFB8","CFB128"}; | ||
316 | enum Mode {CBC, ECB, OFB, CFB1, CFB8, CFB128}; | ||
317 | enum XCrypt {XDECRYPT, XENCRYPT}; | ||
318 | |||
319 | /*=============================*/ | ||
320 | /* Monte Carlo Tests */ | ||
321 | /*-----------------------------*/ | ||
322 | |||
323 | /*#define gb(a,b) (((a)[(b)/8] >> ((b)%8))&1)*/ | ||
324 | /*#define sb(a,b,v) ((a)[(b)/8]=((a)[(b)/8]&~(1 << ((b)%8)))|(!!(v) << ((b)%8)))*/ | ||
325 | |||
326 | #define gb(a,b) (((a)[(b)/8] >> (7-(b)%8))&1) | ||
327 | #define sb(a,b,v) ((a)[(b)/8]=((a)[(b)/8]&~(1 << (7-(b)%8)))|(!!(v) << (7-(b)%8))) | ||
328 | |||
329 | int do_mct(char *amode, | ||
330 | int akeysz, unsigned char *aKey,unsigned char *iVec, | ||
331 | int dir, unsigned char *text, int len, | ||
332 | FILE *rfp) | ||
333 | { | ||
334 | int ret = 0; | ||
335 | unsigned char key[101][32]; | ||
336 | unsigned char iv[101][AES_BLOCK_SIZE]; | ||
337 | unsigned char ptext[1001][32]; | ||
338 | unsigned char ctext[1001][32]; | ||
339 | unsigned char ciphertext[64+4]; | ||
340 | int i, j, n, n1, n2; | ||
341 | int imode = 0, nkeysz = akeysz/8; | ||
342 | EVP_CIPHER_CTX ctx; | ||
343 | |||
344 | if (len > 32) | ||
345 | { | ||
346 | printf("\n>>>> Length exceeds 32 for %s %d <<<<\n\n", | ||
347 | amode, akeysz); | ||
348 | return -1; | ||
349 | } | ||
350 | for (imode = 0; imode < 6; ++imode) | ||
351 | if (strcmp(amode, t_mode[imode]) == 0) | ||
352 | break; | ||
353 | if (imode == 6) | ||
354 | { | ||
355 | printf("Unrecognized mode: %s\n", amode); | ||
356 | return -1; | ||
357 | } | ||
358 | |||
359 | memcpy(key[0], aKey, nkeysz); | ||
360 | if (iVec) | ||
361 | memcpy(iv[0], iVec, AES_BLOCK_SIZE); | ||
362 | if (dir == XENCRYPT) | ||
363 | memcpy(ptext[0], text, len); | ||
364 | else | ||
365 | memcpy(ctext[0], text, len); | ||
366 | for (i = 0; i < 100; ++i) | ||
367 | { | ||
368 | /* printf("Iteration %d\n", i); */ | ||
369 | if (i > 0) | ||
370 | { | ||
371 | fprintf(rfp,"COUNT = %d\n",i); | ||
372 | OutputValue("KEY",key[i],nkeysz,rfp,0); | ||
373 | if (imode != ECB) /* ECB */ | ||
374 | OutputValue("IV",iv[i],AES_BLOCK_SIZE,rfp,0); | ||
375 | /* Output Ciphertext | Plaintext */ | ||
376 | OutputValue(t_tag[dir^1],dir ? ptext[0] : ctext[0],len,rfp, | ||
377 | imode == CFB1); | ||
378 | } | ||
379 | for (j = 0; j < 1000; ++j) | ||
380 | { | ||
381 | switch (imode) | ||
382 | { | ||
383 | case ECB: | ||
384 | if (j == 0) | ||
385 | { /* set up encryption */ | ||
386 | ret = AESTest(&ctx, amode, akeysz, key[i], NULL, | ||
387 | dir, /* 0 = decrypt, 1 = encrypt */ | ||
388 | ptext[j], ctext[j], len); | ||
389 | if (dir == XENCRYPT) | ||
390 | memcpy(ptext[j+1], ctext[j], len); | ||
391 | else | ||
392 | memcpy(ctext[j+1], ptext[j], len); | ||
393 | } | ||
394 | else | ||
395 | { | ||
396 | if (dir == XENCRYPT) | ||
397 | { | ||
398 | EVP_Cipher(&ctx, ctext[j], ptext[j], len); | ||
399 | memcpy(ptext[j+1], ctext[j], len); | ||
400 | } | ||
401 | else | ||
402 | { | ||
403 | EVP_Cipher(&ctx, ptext[j], ctext[j], len); | ||
404 | memcpy(ctext[j+1], ptext[j], len); | ||
405 | } | ||
406 | } | ||
407 | break; | ||
408 | |||
409 | case CBC: | ||
410 | case OFB: | ||
411 | case CFB128: | ||
412 | if (j == 0) | ||
413 | { | ||
414 | ret = AESTest(&ctx, amode, akeysz, key[i], iv[i], | ||
415 | dir, /* 0 = decrypt, 1 = encrypt */ | ||
416 | ptext[j], ctext[j], len); | ||
417 | if (dir == XENCRYPT) | ||
418 | memcpy(ptext[j+1], iv[i], len); | ||
419 | else | ||
420 | memcpy(ctext[j+1], iv[i], len); | ||
421 | } | ||
422 | else | ||
423 | { | ||
424 | if (dir == XENCRYPT) | ||
425 | { | ||
426 | EVP_Cipher(&ctx, ctext[j], ptext[j], len); | ||
427 | memcpy(ptext[j+1], ctext[j-1], len); | ||
428 | } | ||
429 | else | ||
430 | { | ||
431 | EVP_Cipher(&ctx, ptext[j], ctext[j], len); | ||
432 | memcpy(ctext[j+1], ptext[j-1], len); | ||
433 | } | ||
434 | } | ||
435 | break; | ||
436 | |||
437 | case CFB8: | ||
438 | if (j == 0) | ||
439 | { | ||
440 | ret = AESTest(&ctx, amode, akeysz, key[i], iv[i], | ||
441 | dir, /* 0 = decrypt, 1 = encrypt */ | ||
442 | ptext[j], ctext[j], len); | ||
443 | } | ||
444 | else | ||
445 | { | ||
446 | if (dir == XENCRYPT) | ||
447 | EVP_Cipher(&ctx, ctext[j], ptext[j], len); | ||
448 | else | ||
449 | EVP_Cipher(&ctx, ptext[j], ctext[j], len); | ||
450 | } | ||
451 | if (dir == XENCRYPT) | ||
452 | { | ||
453 | if (j < 16) | ||
454 | memcpy(ptext[j+1], &iv[i][j], len); | ||
455 | else | ||
456 | memcpy(ptext[j+1], ctext[j-16], len); | ||
457 | } | ||
458 | else | ||
459 | { | ||
460 | if (j < 16) | ||
461 | memcpy(ctext[j+1], &iv[i][j], len); | ||
462 | else | ||
463 | memcpy(ctext[j+1], ptext[j-16], len); | ||
464 | } | ||
465 | break; | ||
466 | |||
467 | case CFB1: | ||
468 | if(j == 0) | ||
469 | { | ||
470 | /* compensate for wrong endianness of input file */ | ||
471 | if(i == 0) | ||
472 | ptext[0][0]<<=7; | ||
473 | ret=AESTest(&ctx,amode,akeysz,key[i],iv[i],dir, | ||
474 | ptext[j], ctext[j], len); | ||
475 | } | ||
476 | else | ||
477 | { | ||
478 | if (dir == XENCRYPT) | ||
479 | EVP_Cipher(&ctx, ctext[j], ptext[j], len); | ||
480 | else | ||
481 | EVP_Cipher(&ctx, ptext[j], ctext[j], len); | ||
482 | |||
483 | } | ||
484 | if(dir == XENCRYPT) | ||
485 | { | ||
486 | if(j < 128) | ||
487 | sb(ptext[j+1],0,gb(iv[i],j)); | ||
488 | else | ||
489 | sb(ptext[j+1],0,gb(ctext[j-128],0)); | ||
490 | } | ||
491 | else | ||
492 | { | ||
493 | if(j < 128) | ||
494 | sb(ctext[j+1],0,gb(iv[i],j)); | ||
495 | else | ||
496 | sb(ctext[j+1],0,gb(ptext[j-128],0)); | ||
497 | } | ||
498 | break; | ||
499 | } | ||
500 | } | ||
501 | --j; /* reset to last of range */ | ||
502 | /* Output Ciphertext | Plaintext */ | ||
503 | OutputValue(t_tag[dir],dir ? ctext[j] : ptext[j],len,rfp, | ||
504 | imode == CFB1); | ||
505 | fprintf(rfp, "\n"); /* add separator */ | ||
506 | |||
507 | /* Compute next KEY */ | ||
508 | if (dir == XENCRYPT) | ||
509 | { | ||
510 | if (imode == CFB8) | ||
511 | { /* ct = CT[j-15] || CT[j-14] || ... || CT[j] */ | ||
512 | for (n1 = 0, n2 = nkeysz-1; n1 < nkeysz; ++n1, --n2) | ||
513 | ciphertext[n1] = ctext[j-n2][0]; | ||
514 | } | ||
515 | else if(imode == CFB1) | ||
516 | { | ||
517 | for(n1=0,n2=akeysz-1 ; n1 < akeysz ; ++n1,--n2) | ||
518 | sb(ciphertext,n1,gb(ctext[j-n2],0)); | ||
519 | } | ||
520 | else | ||
521 | switch (akeysz) | ||
522 | { | ||
523 | case 128: | ||
524 | memcpy(ciphertext, ctext[j], 16); | ||
525 | break; | ||
526 | case 192: | ||
527 | memcpy(ciphertext, ctext[j-1]+8, 8); | ||
528 | memcpy(ciphertext+8, ctext[j], 16); | ||
529 | break; | ||
530 | case 256: | ||
531 | memcpy(ciphertext, ctext[j-1], 16); | ||
532 | memcpy(ciphertext+16, ctext[j], 16); | ||
533 | break; | ||
534 | } | ||
535 | } | ||
536 | else | ||
537 | { | ||
538 | if (imode == CFB8) | ||
539 | { /* ct = CT[j-15] || CT[j-14] || ... || CT[j] */ | ||
540 | for (n1 = 0, n2 = nkeysz-1; n1 < nkeysz; ++n1, --n2) | ||
541 | ciphertext[n1] = ptext[j-n2][0]; | ||
542 | } | ||
543 | else if(imode == CFB1) | ||
544 | { | ||
545 | for(n1=0,n2=akeysz-1 ; n1 < akeysz ; ++n1,--n2) | ||
546 | sb(ciphertext,n1,gb(ptext[j-n2],0)); | ||
547 | } | ||
548 | else | ||
549 | switch (akeysz) | ||
550 | { | ||
551 | case 128: | ||
552 | memcpy(ciphertext, ptext[j], 16); | ||
553 | break; | ||
554 | case 192: | ||
555 | memcpy(ciphertext, ptext[j-1]+8, 8); | ||
556 | memcpy(ciphertext+8, ptext[j], 16); | ||
557 | break; | ||
558 | case 256: | ||
559 | memcpy(ciphertext, ptext[j-1], 16); | ||
560 | memcpy(ciphertext+16, ptext[j], 16); | ||
561 | break; | ||
562 | } | ||
563 | } | ||
564 | /* Compute next key: Key[i+1] = Key[i] xor ct */ | ||
565 | for (n = 0; n < nkeysz; ++n) | ||
566 | key[i+1][n] = key[i][n] ^ ciphertext[n]; | ||
567 | |||
568 | /* Compute next IV and text */ | ||
569 | if (dir == XENCRYPT) | ||
570 | { | ||
571 | switch (imode) | ||
572 | { | ||
573 | case ECB: | ||
574 | memcpy(ptext[0], ctext[j], AES_BLOCK_SIZE); | ||
575 | break; | ||
576 | case CBC: | ||
577 | case OFB: | ||
578 | case CFB128: | ||
579 | memcpy(iv[i+1], ctext[j], AES_BLOCK_SIZE); | ||
580 | memcpy(ptext[0], ctext[j-1], AES_BLOCK_SIZE); | ||
581 | break; | ||
582 | case CFB8: | ||
583 | /* IV[i+1] = ct */ | ||
584 | for (n1 = 0, n2 = 15; n1 < 16; ++n1, --n2) | ||
585 | iv[i+1][n1] = ctext[j-n2][0]; | ||
586 | ptext[0][0] = ctext[j-16][0]; | ||
587 | break; | ||
588 | case CFB1: | ||
589 | for(n1=0,n2=127 ; n1 < 128 ; ++n1,--n2) | ||
590 | sb(iv[i+1],n1,gb(ctext[j-n2],0)); | ||
591 | ptext[0][0]=ctext[j-128][0]&0x80; | ||
592 | break; | ||
593 | } | ||
594 | } | ||
595 | else | ||
596 | { | ||
597 | switch (imode) | ||
598 | { | ||
599 | case ECB: | ||
600 | memcpy(ctext[0], ptext[j], AES_BLOCK_SIZE); | ||
601 | break; | ||
602 | case CBC: | ||
603 | case OFB: | ||
604 | case CFB128: | ||
605 | memcpy(iv[i+1], ptext[j], AES_BLOCK_SIZE); | ||
606 | memcpy(ctext[0], ptext[j-1], AES_BLOCK_SIZE); | ||
607 | break; | ||
608 | case CFB8: | ||
609 | for (n1 = 0, n2 = 15; n1 < 16; ++n1, --n2) | ||
610 | iv[i+1][n1] = ptext[j-n2][0]; | ||
611 | ctext[0][0] = ptext[j-16][0]; | ||
612 | break; | ||
613 | case CFB1: | ||
614 | for(n1=0,n2=127 ; n1 < 128 ; ++n1,--n2) | ||
615 | sb(iv[i+1],n1,gb(ptext[j-n2],0)); | ||
616 | ctext[0][0]=ptext[j-128][0]&0x80; | ||
617 | break; | ||
618 | } | ||
619 | } | ||
620 | } | ||
621 | |||
622 | return ret; | ||
623 | } | ||
624 | |||
625 | /*================================================*/ | ||
626 | /*---------------------------- | ||
627 | # Config info for v-one | ||
628 | # AESVS MMT test data for ECB | ||
629 | # State : Encrypt and Decrypt | ||
630 | # Key Length : 256 | ||
631 | # Fri Aug 30 04:07:22 PM | ||
632 | ----------------------------*/ | ||
633 | |||
634 | int proc_file(char *rqfile) | ||
635 | { | ||
636 | char afn[256], rfn[256]; | ||
637 | FILE *afp = NULL, *rfp = NULL; | ||
638 | char ibuf[2048]; | ||
639 | int ilen, len, ret = 0; | ||
640 | char algo[8] = ""; | ||
641 | char amode[8] = ""; | ||
642 | char atest[8] = ""; | ||
643 | int akeysz = 0; | ||
644 | unsigned char iVec[20], aKey[40]; | ||
645 | int dir = -1, err = 0, step = 0; | ||
646 | unsigned char plaintext[2048]; | ||
647 | unsigned char ciphertext[2048]; | ||
648 | char *rp; | ||
649 | EVP_CIPHER_CTX ctx; | ||
650 | |||
651 | if (!rqfile || !(*rqfile)) | ||
652 | { | ||
653 | printf("No req file\n"); | ||
654 | return -1; | ||
655 | } | ||
656 | strcpy(afn, rqfile); | ||
657 | |||
658 | if ((afp = fopen(afn, "r")) == NULL) | ||
659 | { | ||
660 | printf("Cannot open file: %s, %s\n", | ||
661 | afn, strerror(errno)); | ||
662 | return -1; | ||
663 | } | ||
664 | strcpy(rfn,afn); | ||
665 | rp=strstr(rfn,"req/"); | ||
666 | assert(rp); | ||
667 | memcpy(rp,"rsp",3); | ||
668 | rp = strstr(rfn, ".req"); | ||
669 | memcpy(rp, ".rsp", 4); | ||
670 | if ((rfp = fopen(rfn, "w")) == NULL) | ||
671 | { | ||
672 | printf("Cannot open file: %s, %s\n", | ||
673 | rfn, strerror(errno)); | ||
674 | fclose(afp); | ||
675 | afp = NULL; | ||
676 | return -1; | ||
677 | } | ||
678 | while (!err && (fgets(ibuf, sizeof(ibuf), afp)) != NULL) | ||
679 | { | ||
680 | ilen = strlen(ibuf); | ||
681 | /* printf("step=%d ibuf=%s",step,ibuf); */ | ||
682 | switch (step) | ||
683 | { | ||
684 | case 0: /* read preamble */ | ||
685 | if (ibuf[0] == '\n') | ||
686 | { /* end of preamble */ | ||
687 | if ((*algo == '\0') || | ||
688 | (*amode == '\0') || | ||
689 | (akeysz == 0)) | ||
690 | { | ||
691 | printf("Missing Algorithm, Mode or KeySize (%s/%s/%d)\n", | ||
692 | algo,amode,akeysz); | ||
693 | err = 1; | ||
694 | } | ||
695 | else | ||
696 | { | ||
697 | fputs(ibuf, rfp); | ||
698 | ++ step; | ||
699 | } | ||
700 | } | ||
701 | else if (ibuf[0] != '#') | ||
702 | { | ||
703 | printf("Invalid preamble item: %s\n", ibuf); | ||
704 | err = 1; | ||
705 | } | ||
706 | else | ||
707 | { /* process preamble */ | ||
708 | char *xp, *pp = ibuf+2; | ||
709 | int n; | ||
710 | if (akeysz) | ||
711 | { /* insert current time & date */ | ||
712 | time_t rtim = time(0); | ||
713 | fprintf(rfp, "# %s", ctime(&rtim)); | ||
714 | } | ||
715 | else | ||
716 | { | ||
717 | fputs(ibuf, rfp); | ||
718 | if (strncmp(pp, "AESVS ", 6) == 0) | ||
719 | { | ||
720 | strcpy(algo, "AES"); | ||
721 | /* get test type */ | ||
722 | pp += 6; | ||
723 | xp = strchr(pp, ' '); | ||
724 | n = xp-pp; | ||
725 | strncpy(atest, pp, n); | ||
726 | atest[n] = '\0'; | ||
727 | /* get mode */ | ||
728 | xp = strrchr(pp, ' '); /* get mode" */ | ||
729 | n = strlen(xp+1)-1; | ||
730 | strncpy(amode, xp+1, n); | ||
731 | amode[n] = '\0'; | ||
732 | /* amode[3] = '\0'; */ | ||
733 | printf("Test = %s, Mode = %s\n", atest, amode); | ||
734 | } | ||
735 | else if (strncasecmp(pp, "Key Length : ", 13) == 0) | ||
736 | { | ||
737 | akeysz = atoi(pp+13); | ||
738 | printf("Key size = %d\n", akeysz); | ||
739 | } | ||
740 | } | ||
741 | } | ||
742 | break; | ||
743 | |||
744 | case 1: /* [ENCRYPT] | [DECRYPT] */ | ||
745 | if (ibuf[0] == '[') | ||
746 | { | ||
747 | fputs(ibuf, rfp); | ||
748 | ++step; | ||
749 | if (strncasecmp(ibuf, "[ENCRYPT]", 9) == 0) | ||
750 | dir = 1; | ||
751 | else if (strncasecmp(ibuf, "[DECRYPT]", 9) == 0) | ||
752 | dir = 0; | ||
753 | else | ||
754 | { | ||
755 | printf("Invalid keyword: %s\n", ibuf); | ||
756 | err = 1; | ||
757 | } | ||
758 | break; | ||
759 | } | ||
760 | else if (dir == -1) | ||
761 | { | ||
762 | err = 1; | ||
763 | printf("Missing ENCRYPT/DECRYPT keyword\n"); | ||
764 | break; | ||
765 | } | ||
766 | else | ||
767 | step = 2; | ||
768 | |||
769 | case 2: /* KEY = xxxx */ | ||
770 | fputs(ibuf, rfp); | ||
771 | if(*ibuf == '\n') | ||
772 | break; | ||
773 | if(!strncasecmp(ibuf,"COUNT = ",8)) | ||
774 | break; | ||
775 | |||
776 | if (strncasecmp(ibuf, "KEY = ", 6) != 0) | ||
777 | { | ||
778 | printf("Missing KEY\n"); | ||
779 | err = 1; | ||
780 | } | ||
781 | else | ||
782 | { | ||
783 | len = hex2bin((char*)ibuf+6, strlen(ibuf+6)-1, aKey); | ||
784 | if (len < 0) | ||
785 | { | ||
786 | printf("Invalid KEY\n"); | ||
787 | err =1; | ||
788 | break; | ||
789 | } | ||
790 | PrintValue("KEY", aKey, len); | ||
791 | if (strcmp(amode, "ECB") == 0) | ||
792 | { | ||
793 | memset(iVec, 0, sizeof(iVec)); | ||
794 | step = (dir)? 4: 5; /* no ivec for ECB */ | ||
795 | } | ||
796 | else | ||
797 | ++step; | ||
798 | } | ||
799 | break; | ||
800 | |||
801 | case 3: /* IV = xxxx */ | ||
802 | fputs(ibuf, rfp); | ||
803 | if (strncasecmp(ibuf, "IV = ", 5) != 0) | ||
804 | { | ||
805 | printf("Missing IV\n"); | ||
806 | err = 1; | ||
807 | } | ||
808 | else | ||
809 | { | ||
810 | len = hex2bin((char*)ibuf+5, strlen(ibuf+5)-1, iVec); | ||
811 | if (len < 0) | ||
812 | { | ||
813 | printf("Invalid IV\n"); | ||
814 | err =1; | ||
815 | break; | ||
816 | } | ||
817 | PrintValue("IV", iVec, len); | ||
818 | step = (dir)? 4: 5; | ||
819 | } | ||
820 | break; | ||
821 | |||
822 | case 4: /* PLAINTEXT = xxxx */ | ||
823 | fputs(ibuf, rfp); | ||
824 | if (strncasecmp(ibuf, "PLAINTEXT = ", 12) != 0) | ||
825 | { | ||
826 | printf("Missing PLAINTEXT\n"); | ||
827 | err = 1; | ||
828 | } | ||
829 | else | ||
830 | { | ||
831 | int nn = strlen(ibuf+12); | ||
832 | if(!strcmp(amode,"CFB1")) | ||
833 | len=bint2bin(ibuf+12,nn-1,plaintext); | ||
834 | else | ||
835 | len=hex2bin(ibuf+12, nn-1,plaintext); | ||
836 | if (len < 0) | ||
837 | { | ||
838 | printf("Invalid PLAINTEXT: %s", ibuf+12); | ||
839 | err =1; | ||
840 | break; | ||
841 | } | ||
842 | if (len >= sizeof(plaintext)) | ||
843 | { | ||
844 | printf("Buffer overflow\n"); | ||
845 | } | ||
846 | PrintValue("PLAINTEXT", (unsigned char*)plaintext, len); | ||
847 | if (strcmp(atest, "MCT") == 0) /* Monte Carlo Test */ | ||
848 | { | ||
849 | if(do_mct(amode, akeysz, aKey, iVec, | ||
850 | dir, (unsigned char*)plaintext, len, | ||
851 | rfp) < 0) | ||
852 | EXIT(1); | ||
853 | } | ||
854 | else | ||
855 | { | ||
856 | ret = AESTest(&ctx, amode, akeysz, aKey, iVec, | ||
857 | dir, /* 0 = decrypt, 1 = encrypt */ | ||
858 | plaintext, ciphertext, len); | ||
859 | OutputValue("CIPHERTEXT",ciphertext,len,rfp, | ||
860 | !strcmp(amode,"CFB1")); | ||
861 | } | ||
862 | step = 6; | ||
863 | } | ||
864 | break; | ||
865 | |||
866 | case 5: /* CIPHERTEXT = xxxx */ | ||
867 | fputs(ibuf, rfp); | ||
868 | if (strncasecmp(ibuf, "CIPHERTEXT = ", 13) != 0) | ||
869 | { | ||
870 | printf("Missing KEY\n"); | ||
871 | err = 1; | ||
872 | } | ||
873 | else | ||
874 | { | ||
875 | if(!strcmp(amode,"CFB1")) | ||
876 | len=bint2bin(ibuf+13,strlen(ibuf+13)-1,ciphertext); | ||
877 | else | ||
878 | len = hex2bin(ibuf+13,strlen(ibuf+13)-1,ciphertext); | ||
879 | if (len < 0) | ||
880 | { | ||
881 | printf("Invalid CIPHERTEXT\n"); | ||
882 | err =1; | ||
883 | break; | ||
884 | } | ||
885 | |||
886 | PrintValue("CIPHERTEXT", ciphertext, len); | ||
887 | if (strcmp(atest, "MCT") == 0) /* Monte Carlo Test */ | ||
888 | { | ||
889 | do_mct(amode, akeysz, aKey, iVec, | ||
890 | dir, ciphertext, len, rfp); | ||
891 | } | ||
892 | else | ||
893 | { | ||
894 | ret = AESTest(&ctx, amode, akeysz, aKey, iVec, | ||
895 | dir, /* 0 = decrypt, 1 = encrypt */ | ||
896 | plaintext, ciphertext, len); | ||
897 | OutputValue("PLAINTEXT",(unsigned char *)plaintext,len,rfp, | ||
898 | !strcmp(amode,"CFB1")); | ||
899 | } | ||
900 | step = 6; | ||
901 | } | ||
902 | break; | ||
903 | |||
904 | case 6: | ||
905 | if (ibuf[0] != '\n') | ||
906 | { | ||
907 | err = 1; | ||
908 | printf("Missing terminator\n"); | ||
909 | } | ||
910 | else if (strcmp(atest, "MCT") != 0) | ||
911 | { /* MCT already added terminating nl */ | ||
912 | fputs(ibuf, rfp); | ||
913 | } | ||
914 | step = 1; | ||
915 | break; | ||
916 | } | ||
917 | } | ||
918 | if (rfp) | ||
919 | fclose(rfp); | ||
920 | if (afp) | ||
921 | fclose(afp); | ||
922 | return err; | ||
923 | } | ||
924 | |||
925 | /*-------------------------------------------------- | ||
926 | Processes either a single file or | ||
927 | a set of files whose names are passed in a file. | ||
928 | A single file is specified as: | ||
929 | aes_test -f xxx.req | ||
930 | A set of files is specified as: | ||
931 | aes_test -d xxxxx.xxx | ||
932 | The default is: -d req.txt | ||
933 | --------------------------------------------------*/ | ||
934 | int main(int argc, char **argv) | ||
935 | { | ||
936 | char *rqlist = "req.txt"; | ||
937 | FILE *fp = NULL; | ||
938 | char fn[250] = "", rfn[256] = ""; | ||
939 | int f_opt = 0, d_opt = 1; | ||
940 | |||
941 | #ifdef OPENSSL_FIPS | ||
942 | if(!FIPS_mode_set(1,argv[0])) | ||
943 | { | ||
944 | ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE)); | ||
945 | EXIT(1); | ||
946 | } | ||
947 | #endif | ||
948 | ERR_load_crypto_strings(); | ||
949 | if (argc > 1) | ||
950 | { | ||
951 | if (strcasecmp(argv[1], "-d") == 0) | ||
952 | { | ||
953 | d_opt = 1; | ||
954 | } | ||
955 | else if (strcasecmp(argv[1], "-f") == 0) | ||
956 | { | ||
957 | f_opt = 1; | ||
958 | d_opt = 0; | ||
959 | } | ||
960 | else | ||
961 | { | ||
962 | printf("Invalid parameter: %s\n", argv[1]); | ||
963 | return 0; | ||
964 | } | ||
965 | if (argc < 3) | ||
966 | { | ||
967 | printf("Missing parameter\n"); | ||
968 | return 0; | ||
969 | } | ||
970 | if (d_opt) | ||
971 | rqlist = argv[2]; | ||
972 | else | ||
973 | strcpy(fn, argv[2]); | ||
974 | } | ||
975 | if (d_opt) | ||
976 | { /* list of files (directory) */ | ||
977 | if (!(fp = fopen(rqlist, "r"))) | ||
978 | { | ||
979 | printf("Cannot open req list file\n"); | ||
980 | return -1; | ||
981 | } | ||
982 | while (fgets(fn, sizeof(fn), fp)) | ||
983 | { | ||
984 | strtok(fn, "\r\n"); | ||
985 | strcpy(rfn, fn); | ||
986 | printf("Processing: %s\n", rfn); | ||
987 | if (proc_file(rfn)) | ||
988 | { | ||
989 | printf(">>> Processing failed for: %s <<<\n", rfn); | ||
990 | EXIT(1); | ||
991 | } | ||
992 | } | ||
993 | fclose(fp); | ||
994 | } | ||
995 | else /* single file */ | ||
996 | { | ||
997 | printf("Processing: %s\n", fn); | ||
998 | if (proc_file(fn)) | ||
999 | { | ||
1000 | printf(">>> Processing failed for: %s <<<\n", fn); | ||
1001 | } | ||
1002 | } | ||
1003 | EXIT(0); | ||
1004 | return 0; | ||
1005 | } | ||
diff --git a/src/lib/libssl/src/fips/des/Makefile b/src/lib/libssl/src/fips/des/Makefile deleted file mode 100644 index 87a5329d53..0000000000 --- a/src/lib/libssl/src/fips/des/Makefile +++ /dev/null | |||
@@ -1,155 +0,0 @@ | |||
1 | # | ||
2 | # SSLeay/fips/des/Makefile | ||
3 | # | ||
4 | |||
5 | DIR= des | ||
6 | TOP= ../.. | ||
7 | CC= cc | ||
8 | INCLUDES= | ||
9 | CFLAG=-g | ||
10 | INSTALL_PREFIX= | ||
11 | OPENSSLDIR= /usr/local/ssl | ||
12 | INSTALLTOP=/usr/local/ssl | ||
13 | MAKEDEPPROG= makedepend | ||
14 | MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) | ||
15 | MAKEFILE= Makefile | ||
16 | AR= ar r | ||
17 | |||
18 | FIPS_DES_ENC=fips_des_enc.o | ||
19 | |||
20 | CFLAGS= $(INCLUDES) $(CFLAG) | ||
21 | |||
22 | GENERAL=Makefile | ||
23 | TEST= fips_desmovs.c | ||
24 | APPS= | ||
25 | |||
26 | LIB=$(TOP)/libcrypto.a | ||
27 | LIBSRC=fips_des_enc.c asm/fips-dx86-elf.s fips_des_selftest.c fips_set_key.c | ||
28 | LIBOBJ=$(FIPS_DES_ENC) fips_des_selftest.o fips_set_key.o | ||
29 | |||
30 | SRC= $(LIBSRC) | ||
31 | |||
32 | EXHEADER= | ||
33 | HEADER= $(EXHEADER) fips_des_locl.h | ||
34 | |||
35 | ALL= $(GENERAL) $(SRC) $(HEADER) | ||
36 | |||
37 | top: | ||
38 | (cd $(TOP); $(MAKE) DIRS=fips FDIRS=$(DIR) sub_all) | ||
39 | |||
40 | all: check lib | ||
41 | |||
42 | check: | ||
43 | TOP=`pwd`/$(TOP) ../fips_check_sha1 fingerprint.sha1 $(SRC) $(HEADER) | ||
44 | |||
45 | lib: $(LIBOBJ) | ||
46 | $(AR) $(LIB) $(LIBOBJ) | ||
47 | $(RANLIB) $(LIB) || echo Never mind. | ||
48 | @sleep 2; touch lib | ||
49 | |||
50 | files: | ||
51 | $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO | ||
52 | |||
53 | links: | ||
54 | @$(PERL) $(TOP)/util/mklink.pl $(TOP)/include/openssl $(EXHEADER) | ||
55 | @$(PERL) $(TOP)/util/mklink.pl $(TOP)/test $(TEST) | ||
56 | @$(PERL) $(TOP)/util/mklink.pl $(TOP)/apps $(APPS) | ||
57 | |||
58 | install: | ||
59 | @headerlist="$(EXHEADER)"; for i in $$headerlist; \ | ||
60 | do \ | ||
61 | (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ | ||
62 | chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ | ||
63 | done | ||
64 | |||
65 | tags: | ||
66 | ctags $(SRC) | ||
67 | |||
68 | tests: | ||
69 | |||
70 | top_fips_desmovs: | ||
71 | (cd $(TOP); $(MAKE) DIRS=fips FDIRS=$(DIR) TARGET=fips_desmovs sub_target) | ||
72 | |||
73 | fips_desmovs: fips_desmovs.o $(TOP)/libcrypto.a | ||
74 | $(CC) $(CFLAGS) -o fips_desmovs fips_desmovs.o $(PEX_LIBS) $(TOP)/libcrypto.a $(EX_LIBS) | ||
75 | TOP=$(TOP) $(TOP)/fips/openssl_fips_fingerprint $(TOP)/libcrypto.a fips_desmovs | ||
76 | |||
77 | fips_test: top_fips_desmovs | ||
78 | find ../testvectors/des/req -name '*.req' > testlist | ||
79 | -rm -rf ../testvectors/des/rsp | ||
80 | mkdir ../testvectors/des/rsp | ||
81 | ./fips_desmovs -d testlist | ||
82 | find ../testvectors/des2/req -name '*.req' > testlist | ||
83 | -rm -rf ../testvectors/des2/rsp | ||
84 | mkdir ../testvectors/des2/rsp | ||
85 | ./fips_desmovs -d testlist | ||
86 | find ../testvectors/des3/req -name '*.req' > testlist | ||
87 | -rm -rf ../testvectors/des3/rsp | ||
88 | mkdir ../testvectors/des3/rsp | ||
89 | ./fips_desmovs -d testlist | ||
90 | |||
91 | lint: | ||
92 | lint -DLINT $(INCLUDES) $(SRC)>fluff | ||
93 | |||
94 | depend: | ||
95 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) \ | ||
96 | $(SRC) $(TEST) | ||
97 | dclean: | ||
98 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | ||
99 | mv -f Makefile.new $(MAKEFILE) | ||
100 | |||
101 | clean: | ||
102 | rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff | ||
103 | # DO NOT DELETE THIS LINE -- make depend depends on it. | ||
104 | |||
105 | fips_des_enc.o: ../../e_os.h ../../include/openssl/crypto.h | ||
106 | fips_des_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h | ||
107 | fips_des_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/fips.h | ||
108 | fips_des_enc.o: ../../include/openssl/opensslconf.h | ||
109 | fips_des_enc.o: ../../include/openssl/opensslv.h | ||
110 | fips_des_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | ||
111 | fips_des_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h | ||
112 | fips_des_enc.o: ../../include/openssl/ui_compat.h fips_des_enc.c | ||
113 | fips_des_enc.o: fips_des_locl.h | ||
114 | fips_des_selftest.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h | ||
115 | fips_des_selftest.o: ../../include/openssl/des.h | ||
116 | fips_des_selftest.o: ../../include/openssl/des_old.h | ||
117 | fips_des_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | ||
118 | fips_des_selftest.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h | ||
119 | fips_des_selftest.o: ../../include/openssl/opensslconf.h | ||
120 | fips_des_selftest.o: ../../include/openssl/opensslv.h | ||
121 | fips_des_selftest.o: ../../include/openssl/safestack.h | ||
122 | fips_des_selftest.o: ../../include/openssl/stack.h | ||
123 | fips_des_selftest.o: ../../include/openssl/symhacks.h | ||
124 | fips_des_selftest.o: ../../include/openssl/ui.h | ||
125 | fips_des_selftest.o: ../../include/openssl/ui_compat.h fips_des_selftest.c | ||
126 | fips_desmovs.o: ../../e_os.h ../../include/openssl/aes.h | ||
127 | fips_desmovs.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | ||
128 | fips_desmovs.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h | ||
129 | fips_desmovs.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h | ||
130 | fips_desmovs.o: ../../include/openssl/des.h ../../include/openssl/des_old.h | ||
131 | fips_desmovs.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h | ||
132 | fips_desmovs.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | ||
133 | fips_desmovs.o: ../../include/openssl/evp.h ../../include/openssl/fips.h | ||
134 | fips_desmovs.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h | ||
135 | fips_desmovs.o: ../../include/openssl/md2.h ../../include/openssl/md4.h | ||
136 | fips_desmovs.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h | ||
137 | fips_desmovs.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | ||
138 | fips_desmovs.o: ../../include/openssl/opensslconf.h | ||
139 | fips_desmovs.o: ../../include/openssl/opensslv.h | ||
140 | fips_desmovs.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h | ||
141 | fips_desmovs.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h | ||
142 | fips_desmovs.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h | ||
143 | fips_desmovs.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | ||
144 | fips_desmovs.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
145 | fips_desmovs.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h | ||
146 | fips_desmovs.o: fips_desmovs.c | ||
147 | fips_set_key.o: ../../e_os.h ../../include/openssl/crypto.h | ||
148 | fips_set_key.o: ../../include/openssl/des.h ../../include/openssl/des_old.h | ||
149 | fips_set_key.o: ../../include/openssl/e_os2.h ../../include/openssl/fips.h | ||
150 | fips_set_key.o: ../../include/openssl/opensslconf.h | ||
151 | fips_set_key.o: ../../include/openssl/opensslv.h | ||
152 | fips_set_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | ||
153 | fips_set_key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h | ||
154 | fips_set_key.o: ../../include/openssl/ui_compat.h fips_des_locl.h | ||
155 | fips_set_key.o: fips_set_key.c | ||
diff --git a/src/lib/libssl/src/fips/des/fips_des_selftest.c b/src/lib/libssl/src/fips/des/fips_des_selftest.c deleted file mode 100644 index 3e0778eb5e..0000000000 --- a/src/lib/libssl/src/fips/des/fips_des_selftest.c +++ /dev/null | |||
@@ -1,200 +0,0 @@ | |||
1 | /* ==================================================================== | ||
2 | * Copyright (c) 2003 The OpenSSL Project. All rights reserved. | ||
3 | * | ||
4 | * Redistribution and use in source and binary forms, with or without | ||
5 | * modification, are permitted provided that the following conditions | ||
6 | * are met: | ||
7 | * | ||
8 | * 1. Redistributions of source code must retain the above copyright | ||
9 | * notice, this list of conditions and the following disclaimer. | ||
10 | * | ||
11 | * 2. Redistributions in binary form must reproduce the above copyright | ||
12 | * notice, this list of conditions and the following disclaimer in | ||
13 | * the documentation and/or other materials provided with the | ||
14 | * distribution. | ||
15 | * | ||
16 | * 3. All advertising materials mentioning features or use of this | ||
17 | * software must display the following acknowledgment: | ||
18 | * "This product includes software developed by the OpenSSL Project | ||
19 | * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" | ||
20 | * | ||
21 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
22 | * endorse or promote products derived from this software without | ||
23 | * prior written permission. For written permission, please contact | ||
24 | * openssl-core@openssl.org. | ||
25 | * | ||
26 | * 5. Products derived from this software may not be called "OpenSSL" | ||
27 | * nor may "OpenSSL" appear in their names without prior written | ||
28 | * permission of the OpenSSL Project. | ||
29 | * | ||
30 | * 6. Redistributions of any form whatsoever must retain the following | ||
31 | * acknowledgment: | ||
32 | * "This product includes software developed by the OpenSSL Project | ||
33 | * for use in the OpenSSL Toolkit (http://www.openssl.org/)" | ||
34 | * | ||
35 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
36 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
37 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
38 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
39 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
40 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
41 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
42 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
43 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
44 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
45 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
46 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
47 | * | ||
48 | */ | ||
49 | |||
50 | #include <string.h> | ||
51 | #include <openssl/err.h> | ||
52 | #include <openssl/fips.h> | ||
53 | #include <openssl/des.h> | ||
54 | #include <openssl/opensslconf.h> | ||
55 | |||
56 | #ifdef OPENSSL_FIPS | ||
57 | static struct | ||
58 | { | ||
59 | DES_cblock key; | ||
60 | unsigned char plaintext[8]; | ||
61 | unsigned char ciphertext[8]; | ||
62 | } tests[]= | ||
63 | { | ||
64 | { | ||
65 | { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 }, | ||
66 | { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 }, | ||
67 | { 0x8C,0xA6,0x4D,0xE9,0xC1,0xB1,0x23,0xA7 } | ||
68 | }, | ||
69 | { | ||
70 | { 0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10 }, | ||
71 | { 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF }, | ||
72 | { 0xED,0x39,0xD9,0x50,0xFA,0x74,0xBC,0xC4 }, | ||
73 | }, | ||
74 | }; | ||
75 | |||
76 | static struct | ||
77 | { | ||
78 | DES_cblock key1; | ||
79 | DES_cblock key2; | ||
80 | unsigned char plaintext[8]; | ||
81 | unsigned char ciphertext[8]; | ||
82 | } tests2[]= | ||
83 | { | ||
84 | { | ||
85 | { 0x7c,0x4f,0x6e,0xf7,0xa2,0x04,0x16,0xec }, | ||
86 | { 0x0b,0x6b,0x7c,0x9e,0x5e,0x19,0xa7,0xc4 }, | ||
87 | { 0x06,0xa7,0xd8,0x79,0xaa,0xce,0x69,0xef }, | ||
88 | { 0x4c,0x11,0x17,0x55,0xbf,0xc4,0x4e,0xfd } | ||
89 | }, | ||
90 | { | ||
91 | { 0x5d,0x9e,0x01,0xd3,0x25,0xc7,0x3e,0x34 }, | ||
92 | { 0x01,0x16,0x7c,0x85,0x23,0xdf,0xe0,0x68 }, | ||
93 | { 0x9c,0x50,0x09,0x0f,0x5e,0x7d,0x69,0x7e }, | ||
94 | { 0xd2,0x0b,0x18,0xdf,0xd9,0x0d,0x9e,0xff }, | ||
95 | } | ||
96 | }; | ||
97 | |||
98 | static struct | ||
99 | { | ||
100 | DES_cblock key1; | ||
101 | DES_cblock key2; | ||
102 | DES_cblock key3; | ||
103 | unsigned char plaintext[8]; | ||
104 | unsigned char ciphertext[8]; | ||
105 | } tests3[]= | ||
106 | { | ||
107 | { | ||
108 | { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 }, | ||
109 | { 0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10 }, | ||
110 | { 0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0 }, | ||
111 | { 0x8f,0x8f,0xbf,0x9b,0x5d,0x48,0xb4,0x1c}, | ||
112 | { 0x59,0x8c,0xe5,0xd3,0x6c,0xa2,0xea,0x1b}, | ||
113 | }, | ||
114 | { | ||
115 | { 0xDC,0xBA,0x98,0x76,0x54,0x32,0x10,0xFE }, | ||
116 | { 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF }, | ||
117 | { 0xED,0x39,0xD9,0x50,0xFA,0x74,0xBC,0xC4 }, | ||
118 | { 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF }, | ||
119 | { 0x11,0x25,0xb0,0x35,0xbe,0xa0,0x82,0x86 }, | ||
120 | }, | ||
121 | }; | ||
122 | |||
123 | void FIPS_corrupt_des() | ||
124 | { | ||
125 | tests[0].plaintext[0]++; | ||
126 | } | ||
127 | |||
128 | int FIPS_selftest_des() | ||
129 | { | ||
130 | int n; | ||
131 | |||
132 | /* Encrypt/decrypt with DES and compare to known answers */ | ||
133 | for(n=0 ; n < 2 ; ++n) | ||
134 | { | ||
135 | DES_key_schedule key; | ||
136 | DES_cblock buf; | ||
137 | |||
138 | DES_set_key(&tests[n].key,&key); | ||
139 | DES_ecb_encrypt(&tests[n].plaintext,&buf,&key,1); | ||
140 | if(memcmp(buf,tests[n].ciphertext,sizeof buf)) | ||
141 | { | ||
142 | FIPSerr(FIPS_F_FIPS_SELFTEST_DES,FIPS_R_SELFTEST_FAILED); | ||
143 | return 0; | ||
144 | } | ||
145 | DES_ecb_encrypt(&tests[n].ciphertext,&buf,&key,0); | ||
146 | if(memcmp(buf,tests[n].plaintext,sizeof buf)) | ||
147 | { | ||
148 | FIPSerr(FIPS_F_FIPS_SELFTEST_DES,FIPS_R_SELFTEST_FAILED); | ||
149 | return 0; | ||
150 | } | ||
151 | } | ||
152 | |||
153 | /* Encrypt/decrypt with 2-key 3DES and compare to known answers */ | ||
154 | for(n=0 ; n < 2 ; ++n) | ||
155 | { | ||
156 | DES_key_schedule key1, key2; | ||
157 | unsigned char buf[8]; | ||
158 | |||
159 | DES_set_key(&tests2[n].key1,&key1); | ||
160 | DES_set_key(&tests2[n].key2,&key2); | ||
161 | DES_ecb2_encrypt(tests2[n].plaintext,buf,&key1,&key2,1); | ||
162 | if(memcmp(buf,tests2[n].ciphertext,sizeof buf)) | ||
163 | { | ||
164 | FIPSerr(FIPS_F_FIPS_SELFTEST_DES,FIPS_R_SELFTEST_FAILED); | ||
165 | return 0; | ||
166 | } | ||
167 | DES_ecb2_encrypt(tests2[n].ciphertext,buf,&key1,&key2,0); | ||
168 | if(memcmp(buf,tests2[n].plaintext,sizeof buf)) | ||
169 | { | ||
170 | FIPSerr(FIPS_F_FIPS_SELFTEST_DES,FIPS_R_SELFTEST_FAILED); | ||
171 | return 0; | ||
172 | } | ||
173 | } | ||
174 | |||
175 | /* Encrypt/decrypt with 3DES and compare to known answers */ | ||
176 | for(n=0 ; n < 2 ; ++n) | ||
177 | { | ||
178 | DES_key_schedule key1, key2, key3; | ||
179 | unsigned char buf[8]; | ||
180 | |||
181 | DES_set_key(&tests3[n].key1,&key1); | ||
182 | DES_set_key(&tests3[n].key2,&key2); | ||
183 | DES_set_key(&tests3[n].key3,&key3); | ||
184 | DES_ecb3_encrypt(tests3[n].plaintext,buf,&key1,&key2,&key3,1); | ||
185 | if(memcmp(buf,tests3[n].ciphertext,sizeof buf)) | ||
186 | { | ||
187 | FIPSerr(FIPS_F_FIPS_SELFTEST_DES,FIPS_R_SELFTEST_FAILED); | ||
188 | return 0; | ||
189 | } | ||
190 | DES_ecb3_encrypt(tests3[n].ciphertext,buf,&key1,&key2,&key3,0); | ||
191 | if(memcmp(buf,tests3[n].plaintext,sizeof buf)) | ||
192 | { | ||
193 | FIPSerr(FIPS_F_FIPS_SELFTEST_DES,FIPS_R_SELFTEST_FAILED); | ||
194 | return 0; | ||
195 | } | ||
196 | } | ||
197 | |||
198 | return 1; | ||
199 | } | ||
200 | #endif | ||
diff --git a/src/lib/libssl/src/fips/des/fips_desmovs.c b/src/lib/libssl/src/fips/des/fips_desmovs.c deleted file mode 100644 index d1b60c1a40..0000000000 --- a/src/lib/libssl/src/fips/des/fips_desmovs.c +++ /dev/null | |||
@@ -1,833 +0,0 @@ | |||
1 | /* ==================================================================== | ||
2 | * Copyright (c) 2004 The OpenSSL Project. All rights reserved. | ||
3 | * | ||
4 | * Redistribution and use in source and binary forms, with or without | ||
5 | * modification, are permitted provided that the following conditions | ||
6 | * are met: | ||
7 | * | ||
8 | * 1. Redistributions of source code must retain the above copyright | ||
9 | * notice, this list of conditions and the following disclaimer. | ||
10 | * | ||
11 | * 2. Redistributions in binary form must reproduce the above copyright | ||
12 | * notice, this list of conditions and the following disclaimer in | ||
13 | * the documentation and/or other materials provided with the | ||
14 | * distribution. | ||
15 | * | ||
16 | * 3. All advertising materials mentioning features or use of this | ||
17 | * software must display the following acknowledgment: | ||
18 | * "This product includes software developed by the OpenSSL Project | ||
19 | * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" | ||
20 | * | ||
21 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
22 | * endorse or promote products derived from this software without | ||
23 | * prior written permission. For written permission, please contact | ||
24 | * openssl-core@openssl.org. | ||
25 | * | ||
26 | * 5. Products derived from this software may not be called "OpenSSL" | ||
27 | * nor may "OpenSSL" appear in their names without prior written | ||
28 | * permission of the OpenSSL Project. | ||
29 | * | ||
30 | * 6. Redistributions of any form whatsoever must retain the following | ||
31 | * acknowledgment: | ||
32 | * "This product includes software developed by the OpenSSL Project | ||
33 | * for use in the OpenSSL Toolkit (http://www.openssl.org/)" | ||
34 | * | ||
35 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
36 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
37 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
38 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
39 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
40 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
41 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
42 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
43 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
44 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
45 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
46 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
47 | * | ||
48 | */ | ||
49 | /*--------------------------------------------- | ||
50 | NIST DES Modes of Operation Validation System | ||
51 | Test Program | ||
52 | |||
53 | Based on the AES Validation Suite, which was: | ||
54 | Donated to OpenSSL by: | ||
55 | V-ONE Corporation | ||
56 | 20250 Century Blvd, Suite 300 | ||
57 | Germantown, MD 20874 | ||
58 | U.S.A. | ||
59 | ----------------------------------------------*/ | ||
60 | |||
61 | #include <stdio.h> | ||
62 | #include <stdlib.h> | ||
63 | #include <string.h> | ||
64 | #include <errno.h> | ||
65 | #include <assert.h> | ||
66 | |||
67 | #include <openssl/des.h> | ||
68 | #include <openssl/evp.h> | ||
69 | #include <openssl/fips.h> | ||
70 | #include <openssl/err.h> | ||
71 | #include "e_os.h" | ||
72 | |||
73 | /*#define AES_BLOCK_SIZE 16*/ | ||
74 | |||
75 | #define VERBOSE 0 | ||
76 | |||
77 | /*-----------------------------------------------*/ | ||
78 | |||
79 | int DESTest(EVP_CIPHER_CTX *ctx, | ||
80 | char *amode, int akeysz, unsigned char *aKey, | ||
81 | unsigned char *iVec, | ||
82 | int dir, /* 0 = decrypt, 1 = encrypt */ | ||
83 | unsigned char *out, unsigned char *in, int len) | ||
84 | { | ||
85 | const EVP_CIPHER *cipher = NULL; | ||
86 | int kt = 0; | ||
87 | |||
88 | if (ctx) | ||
89 | memset(ctx, 0, sizeof(EVP_CIPHER_CTX)); | ||
90 | |||
91 | if (strcasecmp(amode, "CBC") == 0) | ||
92 | kt = 1000; | ||
93 | else if (strcasecmp(amode, "ECB") == 0) | ||
94 | kt = 2000; | ||
95 | else if (strcasecmp(amode, "CFB64") == 0) | ||
96 | kt = 3000; | ||
97 | else if (strncasecmp(amode, "OFB", 3) == 0) | ||
98 | kt = 4000; | ||
99 | else if(!strcasecmp(amode,"CFB1")) | ||
100 | kt=5000; | ||
101 | else if(!strcasecmp(amode,"CFB8")) | ||
102 | kt=6000; | ||
103 | else | ||
104 | { | ||
105 | printf("Unknown mode: %s\n", amode); | ||
106 | EXIT(1); | ||
107 | } | ||
108 | if (akeysz != 64 && akeysz != 192) | ||
109 | { | ||
110 | printf("Invalid key size: %d\n", akeysz); | ||
111 | EXIT(1); | ||
112 | } | ||
113 | else | ||
114 | { | ||
115 | kt += akeysz; | ||
116 | switch (kt) | ||
117 | { | ||
118 | case 1064: | ||
119 | cipher=EVP_des_cbc(); | ||
120 | break; | ||
121 | case 1192: | ||
122 | cipher=EVP_des_ede3_cbc(); | ||
123 | break; | ||
124 | case 2064: | ||
125 | cipher=EVP_des_ecb(); | ||
126 | break; | ||
127 | case 2192: | ||
128 | cipher=EVP_des_ede3_ecb(); | ||
129 | break; | ||
130 | case 3064: | ||
131 | cipher=EVP_des_cfb64(); | ||
132 | break; | ||
133 | case 3192: | ||
134 | cipher=EVP_des_ede3_cfb64(); | ||
135 | break; | ||
136 | case 4064: | ||
137 | cipher=EVP_des_ofb(); | ||
138 | break; | ||
139 | case 4192: | ||
140 | cipher=EVP_des_ede3_ofb(); | ||
141 | break; | ||
142 | case 5064: | ||
143 | cipher=EVP_des_cfb1(); | ||
144 | break; | ||
145 | case 5192: | ||
146 | cipher=EVP_des_ede3_cfb1(); | ||
147 | break; | ||
148 | case 6064: | ||
149 | cipher=EVP_des_cfb8(); | ||
150 | break; | ||
151 | case 6192: | ||
152 | cipher=EVP_des_ede3_cfb8(); | ||
153 | break; | ||
154 | default: | ||
155 | printf("Didn't handle mode %d\n",kt); | ||
156 | EXIT(1); | ||
157 | } | ||
158 | if(!EVP_CipherInit(ctx, cipher, aKey, iVec, dir)) | ||
159 | { | ||
160 | ERR_print_errors_fp(stderr); | ||
161 | EXIT(1); | ||
162 | } | ||
163 | EVP_Cipher(ctx, out, in, len); | ||
164 | } | ||
165 | return 1; | ||
166 | } | ||
167 | |||
168 | /*-----------------------------------------------*/ | ||
169 | |||
170 | int hex2bin(char *in, int len, unsigned char *out) | ||
171 | { | ||
172 | int n1, n2; | ||
173 | unsigned char ch; | ||
174 | |||
175 | for (n1 = 0, n2 = 0; n1 < len; ) | ||
176 | { /* first byte */ | ||
177 | if ((in[n1] >= '0') && (in[n1] <= '9')) | ||
178 | ch = in[n1++] - '0'; | ||
179 | else if ((in[n1] >= 'A') && (in[n1] <= 'F')) | ||
180 | ch = in[n1++] - 'A' + 10; | ||
181 | else if ((in[n1] >= 'a') && (in[n1] <= 'f')) | ||
182 | ch = in[n1++] - 'a' + 10; | ||
183 | else | ||
184 | return -1; | ||
185 | if(len == 1) | ||
186 | { | ||
187 | out[n2++]=ch; | ||
188 | break; | ||
189 | } | ||
190 | out[n2] = ch << 4; | ||
191 | /* second byte */ | ||
192 | if ((in[n1] >= '0') && (in[n1] <= '9')) | ||
193 | ch = in[n1++] - '0'; | ||
194 | else if ((in[n1] >= 'A') && (in[n1] <= 'F')) | ||
195 | ch = in[n1++] - 'A' + 10; | ||
196 | else if ((in[n1] >= 'a') && (in[n1] <= 'f')) | ||
197 | ch = in[n1++] - 'a' + 10; | ||
198 | else | ||
199 | return -1; | ||
200 | out[n2++] |= ch; | ||
201 | } | ||
202 | return n2; | ||
203 | } | ||
204 | |||
205 | /*-----------------------------------------------*/ | ||
206 | |||
207 | int bin2hex(unsigned char *in, int len, char *out) | ||
208 | { | ||
209 | int n1, n2; | ||
210 | unsigned char ch; | ||
211 | |||
212 | for (n1 = 0, n2 = 0; n1 < len; ++n1) | ||
213 | { | ||
214 | /* first nibble */ | ||
215 | ch = in[n1] >> 4; | ||
216 | if (ch <= 0x09) | ||
217 | out[n2++] = ch + '0'; | ||
218 | else | ||
219 | out[n2++] = ch - 10 + 'a'; | ||
220 | /* second nibble */ | ||
221 | ch = in[n1] & 0x0f; | ||
222 | if (ch <= 0x09) | ||
223 | out[n2++] = ch + '0'; | ||
224 | else | ||
225 | out[n2++] = ch - 10 + 'a'; | ||
226 | } | ||
227 | return n2; | ||
228 | } | ||
229 | |||
230 | /* NB: this return the number of _bits_ read */ | ||
231 | int bint2bin(const char *in, int len, unsigned char *out) | ||
232 | { | ||
233 | int n; | ||
234 | |||
235 | memset(out,0,len); | ||
236 | for(n=0 ; n < len ; ++n) | ||
237 | if(in[n] == '1') | ||
238 | out[n/8]|=(0x80 >> (n%8)); | ||
239 | return len; | ||
240 | } | ||
241 | |||
242 | int bin2bint(const unsigned char *in,int len,char *out) | ||
243 | { | ||
244 | int n; | ||
245 | |||
246 | for(n=0 ; n < len ; ++n) | ||
247 | out[n]=(in[n/8]&(0x80 >> (n%8))) ? '1' : '0'; | ||
248 | return n; | ||
249 | } | ||
250 | |||
251 | /*-----------------------------------------------*/ | ||
252 | |||
253 | void PrintValue(char *tag, unsigned char *val, int len) | ||
254 | { | ||
255 | #if VERBOSE | ||
256 | char obuf[2048]; | ||
257 | int olen; | ||
258 | olen = bin2hex(val, len, obuf); | ||
259 | printf("%s = %.*s\n", tag, olen, obuf); | ||
260 | #endif | ||
261 | } | ||
262 | |||
263 | void DebugValue(char *tag, unsigned char *val, int len) | ||
264 | { | ||
265 | char obuf[2048]; | ||
266 | int olen; | ||
267 | olen = bin2hex(val, len, obuf); | ||
268 | printf("%s = %.*s\n", tag, olen, obuf); | ||
269 | } | ||
270 | |||
271 | void OutputValue(char *tag, unsigned char *val, int len, FILE *rfp,int bitmode) | ||
272 | { | ||
273 | char obuf[2048]; | ||
274 | int olen; | ||
275 | |||
276 | if(bitmode) | ||
277 | olen=bin2bint(val,len,obuf); | ||
278 | else | ||
279 | olen=bin2hex(val,len,obuf); | ||
280 | |||
281 | fprintf(rfp, "%s = %.*s\n", tag, olen, obuf); | ||
282 | #if VERBOSE | ||
283 | printf("%s = %.*s\n", tag, olen, obuf); | ||
284 | #endif | ||
285 | } | ||
286 | |||
287 | void shiftin(unsigned char *dst,unsigned char *src,int nbits) | ||
288 | { | ||
289 | int n; | ||
290 | |||
291 | /* move the bytes... */ | ||
292 | memmove(dst,dst+nbits/8,3*8-nbits/8); | ||
293 | /* append new data */ | ||
294 | memcpy(dst+3*8-nbits/8,src,(nbits+7)/8); | ||
295 | /* left shift the bits */ | ||
296 | if(nbits%8) | ||
297 | for(n=0 ; n < 3*8 ; ++n) | ||
298 | dst[n]=(dst[n] << (nbits%8))|(dst[n+1] >> (8-nbits%8)); | ||
299 | } | ||
300 | |||
301 | /*-----------------------------------------------*/ | ||
302 | char *t_tag[2] = {"PLAINTEXT", "CIPHERTEXT"}; | ||
303 | char *t_mode[6] = {"CBC","ECB","OFB","CFB1","CFB8","CFB64"}; | ||
304 | enum Mode {CBC, ECB, OFB, CFB1, CFB8, CFB64}; | ||
305 | int Sizes[6]={64,64,64,1,8,64}; | ||
306 | |||
307 | void do_mct(char *amode, | ||
308 | int akeysz, int numkeys, unsigned char *akey,unsigned char *ivec, | ||
309 | int dir, unsigned char *text, int len, | ||
310 | FILE *rfp) | ||
311 | { | ||
312 | int i,imode; | ||
313 | unsigned char nk[4*8]; /* longest key+8 */ | ||
314 | unsigned char text0[8]; | ||
315 | |||
316 | for (imode=0 ; imode < 6 ; ++imode) | ||
317 | if(!strcmp(amode,t_mode[imode])) | ||
318 | break; | ||
319 | if (imode == 6) | ||
320 | { | ||
321 | printf("Unrecognized mode: %s\n", amode); | ||
322 | EXIT(1); | ||
323 | } | ||
324 | |||
325 | for(i=0 ; i < 400 ; ++i) | ||
326 | { | ||
327 | int j; | ||
328 | int n; | ||
329 | EVP_CIPHER_CTX ctx; | ||
330 | int kp=akeysz/64; | ||
331 | unsigned char old_iv[8]; | ||
332 | |||
333 | fprintf(rfp,"\nCOUNT = %d\n",i); | ||
334 | if(kp == 1) | ||
335 | OutputValue("KEY",akey,8,rfp,0); | ||
336 | else | ||
337 | for(n=0 ; n < kp ; ++n) | ||
338 | { | ||
339 | fprintf(rfp,"KEY%d",n+1); | ||
340 | OutputValue("",akey+n*8,8,rfp,0); | ||
341 | } | ||
342 | |||
343 | if(imode != ECB) | ||
344 | OutputValue("IV",ivec,8,rfp,0); | ||
345 | OutputValue(t_tag[dir^1],text,len,rfp,imode == CFB1); | ||
346 | |||
347 | /* compensate for endianness */ | ||
348 | if(imode == CFB1) | ||
349 | text[0]<<=7; | ||
350 | |||
351 | memcpy(text0,text,8); | ||
352 | |||
353 | for(j=0 ; j < 10000 ; ++j) | ||
354 | { | ||
355 | unsigned char old_text[8]; | ||
356 | |||
357 | memcpy(old_text,text,8); | ||
358 | if(j == 0) | ||
359 | { | ||
360 | memcpy(old_iv,ivec,8); | ||
361 | DESTest(&ctx,amode,akeysz,akey,ivec,dir,text,text,len); | ||
362 | } | ||
363 | else | ||
364 | { | ||
365 | memcpy(old_iv,ctx.iv,8); | ||
366 | EVP_Cipher(&ctx,text,text,len); | ||
367 | } | ||
368 | if(j == 9999) | ||
369 | { | ||
370 | OutputValue(t_tag[dir],text,len,rfp,imode == CFB1); | ||
371 | /* memcpy(ivec,text,8); */ | ||
372 | } | ||
373 | /* DebugValue("iv",ctx.iv,8); */ | ||
374 | /* accumulate material for the next key */ | ||
375 | shiftin(nk,text,Sizes[imode]); | ||
376 | /* DebugValue("nk",nk,24);*/ | ||
377 | if((dir && (imode == CFB1 || imode == CFB8 || imode == CFB64 | ||
378 | || imode == CBC)) || imode == OFB) | ||
379 | memcpy(text,old_iv,8); | ||
380 | |||
381 | if(!dir && (imode == CFB1 || imode == CFB8 || imode == CFB64)) | ||
382 | { | ||
383 | /* the test specifies using the output of the raw DES operation | ||
384 | which we don't have, so reconstruct it... */ | ||
385 | for(n=0 ; n < 8 ; ++n) | ||
386 | text[n]^=old_text[n]; | ||
387 | } | ||
388 | } | ||
389 | for(n=0 ; n < 8 ; ++n) | ||
390 | akey[n]^=nk[16+n]; | ||
391 | for(n=0 ; n < 8 ; ++n) | ||
392 | akey[8+n]^=nk[8+n]; | ||
393 | for(n=0 ; n < 8 ; ++n) | ||
394 | akey[16+n]^=nk[n]; | ||
395 | if(numkeys < 3) | ||
396 | memcpy(&akey[2*8],akey,8); | ||
397 | if(numkeys < 2) | ||
398 | memcpy(&akey[8],akey,8); | ||
399 | DES_set_odd_parity((DES_cblock *)akey); | ||
400 | DES_set_odd_parity((DES_cblock *)(akey+8)); | ||
401 | DES_set_odd_parity((DES_cblock *)(akey+16)); | ||
402 | memcpy(ivec,ctx.iv,8); | ||
403 | |||
404 | /* pointless exercise - the final text doesn't depend on the | ||
405 | initial text in OFB mode, so who cares what it is? (Who | ||
406 | designed these tests?) */ | ||
407 | if(imode == OFB) | ||
408 | for(n=0 ; n < 8 ; ++n) | ||
409 | text[n]=text0[n]^old_iv[n]; | ||
410 | } | ||
411 | } | ||
412 | |||
413 | int proc_file(char *rqfile) | ||
414 | { | ||
415 | char afn[256], rfn[256]; | ||
416 | FILE *afp = NULL, *rfp = NULL; | ||
417 | char ibuf[2048]; | ||
418 | int ilen, len, ret = 0; | ||
419 | char amode[8] = ""; | ||
420 | char atest[100] = ""; | ||
421 | int akeysz=0; | ||
422 | unsigned char iVec[20], aKey[40]; | ||
423 | int dir = -1, err = 0, step = 0; | ||
424 | unsigned char plaintext[2048]; | ||
425 | unsigned char ciphertext[2048]; | ||
426 | char *rp; | ||
427 | EVP_CIPHER_CTX ctx; | ||
428 | int numkeys=1; | ||
429 | |||
430 | if (!rqfile || !(*rqfile)) | ||
431 | { | ||
432 | printf("No req file\n"); | ||
433 | return -1; | ||
434 | } | ||
435 | strcpy(afn, rqfile); | ||
436 | |||
437 | if ((afp = fopen(afn, "r")) == NULL) | ||
438 | { | ||
439 | printf("Cannot open file: %s, %s\n", | ||
440 | afn, strerror(errno)); | ||
441 | return -1; | ||
442 | } | ||
443 | strcpy(rfn,afn); | ||
444 | rp=strstr(rfn,"req/"); | ||
445 | assert(rp); | ||
446 | memcpy(rp,"rsp",3); | ||
447 | rp = strstr(rfn, ".req"); | ||
448 | memcpy(rp, ".rsp", 4); | ||
449 | if ((rfp = fopen(rfn, "w")) == NULL) | ||
450 | { | ||
451 | printf("Cannot open file: %s, %s\n", | ||
452 | rfn, strerror(errno)); | ||
453 | fclose(afp); | ||
454 | afp = NULL; | ||
455 | return -1; | ||
456 | } | ||
457 | while (!err && (fgets(ibuf, sizeof(ibuf), afp)) != NULL) | ||
458 | { | ||
459 | ilen = strlen(ibuf); | ||
460 | /* printf("step=%d ibuf=%s",step,ibuf);*/ | ||
461 | if(step == 3 && !strcmp(amode,"ECB")) | ||
462 | { | ||
463 | memset(iVec, 0, sizeof(iVec)); | ||
464 | step = (dir)? 4: 5; /* no ivec for ECB */ | ||
465 | } | ||
466 | switch (step) | ||
467 | { | ||
468 | case 0: /* read preamble */ | ||
469 | if (ibuf[0] == '\n') | ||
470 | { /* end of preamble */ | ||
471 | if (*amode == '\0') | ||
472 | { | ||
473 | printf("Missing Mode\n"); | ||
474 | err = 1; | ||
475 | } | ||
476 | else | ||
477 | { | ||
478 | fputs(ibuf, rfp); | ||
479 | ++ step; | ||
480 | } | ||
481 | } | ||
482 | else if (ibuf[0] != '#') | ||
483 | { | ||
484 | printf("Invalid preamble item: %s\n", ibuf); | ||
485 | err = 1; | ||
486 | } | ||
487 | else | ||
488 | { /* process preamble */ | ||
489 | char *xp, *pp = ibuf+2; | ||
490 | int n; | ||
491 | if(*amode) | ||
492 | { /* insert current time & date */ | ||
493 | time_t rtim = time(0); | ||
494 | fprintf(rfp, "# %s", ctime(&rtim)); | ||
495 | } | ||
496 | else | ||
497 | { | ||
498 | fputs(ibuf, rfp); | ||
499 | if(!strncmp(pp,"INVERSE ",8) || !strncmp(pp,"DES ",4) | ||
500 | || !strncmp(pp,"TDES ",5) | ||
501 | || !strncmp(pp,"PERMUTATION ",12) | ||
502 | || !strncmp(pp,"SUBSTITUTION ",13) | ||
503 | || !strncmp(pp,"VARIABLE ",9)) | ||
504 | { | ||
505 | /* get test type */ | ||
506 | if(!strncmp(pp,"DES ",4)) | ||
507 | pp+=4; | ||
508 | else if(!strncmp(pp,"TDES ",5)) | ||
509 | pp+=5; | ||
510 | xp = strchr(pp, ' '); | ||
511 | n = xp-pp; | ||
512 | strncpy(atest, pp, n); | ||
513 | atest[n] = '\0'; | ||
514 | /* get mode */ | ||
515 | xp = strrchr(pp, ' '); /* get mode" */ | ||
516 | n = strlen(xp+1)-1; | ||
517 | strncpy(amode, xp+1, n); | ||
518 | amode[n] = '\0'; | ||
519 | /* amode[3] = '\0'; */ | ||
520 | printf("Test=%s, Mode=%s\n",atest,amode); | ||
521 | } | ||
522 | } | ||
523 | } | ||
524 | break; | ||
525 | |||
526 | case 1: /* [ENCRYPT] | [DECRYPT] */ | ||
527 | if(ibuf[0] == '\n') | ||
528 | break; | ||
529 | if (ibuf[0] == '[') | ||
530 | { | ||
531 | fputs(ibuf, rfp); | ||
532 | ++step; | ||
533 | if (strncasecmp(ibuf, "[ENCRYPT]", 9) == 0) | ||
534 | dir = 1; | ||
535 | else if (strncasecmp(ibuf, "[DECRYPT]", 9) == 0) | ||
536 | dir = 0; | ||
537 | else | ||
538 | { | ||
539 | printf("Invalid keyword: %s\n", ibuf); | ||
540 | err = 1; | ||
541 | } | ||
542 | break; | ||
543 | } | ||
544 | else if (dir == -1) | ||
545 | { | ||
546 | err = 1; | ||
547 | printf("Missing ENCRYPT/DECRYPT keyword\n"); | ||
548 | break; | ||
549 | } | ||
550 | else | ||
551 | step = 2; | ||
552 | |||
553 | case 2: /* KEY = xxxx */ | ||
554 | if(*ibuf == '\n') | ||
555 | { | ||
556 | fputs(ibuf, rfp); | ||
557 | break; | ||
558 | } | ||
559 | if(!strncasecmp(ibuf,"COUNT = ",8)) | ||
560 | { | ||
561 | fputs(ibuf, rfp); | ||
562 | break; | ||
563 | } | ||
564 | if(!strncasecmp(ibuf,"COUNT=",6)) | ||
565 | { | ||
566 | fputs(ibuf, rfp); | ||
567 | break; | ||
568 | } | ||
569 | if(!strncasecmp(ibuf,"NumKeys = ",10)) | ||
570 | { | ||
571 | numkeys=atoi(ibuf+10); | ||
572 | break; | ||
573 | } | ||
574 | |||
575 | fputs(ibuf, rfp); | ||
576 | if(!strncasecmp(ibuf,"KEY = ",6)) | ||
577 | { | ||
578 | akeysz=64; | ||
579 | len = hex2bin((char*)ibuf+6, strlen(ibuf+6)-1, aKey); | ||
580 | if (len < 0) | ||
581 | { | ||
582 | printf("Invalid KEY\n"); | ||
583 | err=1; | ||
584 | break; | ||
585 | } | ||
586 | PrintValue("KEY", aKey, len); | ||
587 | ++step; | ||
588 | } | ||
589 | else if(!strncasecmp(ibuf,"KEYs = ",7)) | ||
590 | { | ||
591 | akeysz=64*3; | ||
592 | len=hex2bin(ibuf+7,strlen(ibuf+7)-1,aKey); | ||
593 | if(len != 8) | ||
594 | { | ||
595 | printf("Invalid KEY\n"); | ||
596 | err=1; | ||
597 | break; | ||
598 | } | ||
599 | memcpy(aKey+8,aKey,8); | ||
600 | memcpy(aKey+16,aKey,8); | ||
601 | ibuf[4]='\0'; | ||
602 | PrintValue("KEYs",aKey,len); | ||
603 | ++step; | ||
604 | } | ||
605 | else if(!strncasecmp(ibuf,"KEY",3)) | ||
606 | { | ||
607 | int n=ibuf[3]-'1'; | ||
608 | |||
609 | akeysz=64*3; | ||
610 | len=hex2bin(ibuf+7,strlen(ibuf+7)-1,aKey+n*8); | ||
611 | if(len != 8) | ||
612 | { | ||
613 | printf("Invalid KEY\n"); | ||
614 | err=1; | ||
615 | break; | ||
616 | } | ||
617 | ibuf[4]='\0'; | ||
618 | PrintValue(ibuf,aKey,len); | ||
619 | if(n == 2) | ||
620 | ++step; | ||
621 | } | ||
622 | else | ||
623 | { | ||
624 | printf("Missing KEY\n"); | ||
625 | err = 1; | ||
626 | } | ||
627 | break; | ||
628 | |||
629 | case 3: /* IV = xxxx */ | ||
630 | fputs(ibuf, rfp); | ||
631 | if (strncasecmp(ibuf, "IV = ", 5) != 0) | ||
632 | { | ||
633 | printf("Missing IV\n"); | ||
634 | err = 1; | ||
635 | } | ||
636 | else | ||
637 | { | ||
638 | len = hex2bin((char*)ibuf+5, strlen(ibuf+5)-1, iVec); | ||
639 | if (len < 0) | ||
640 | { | ||
641 | printf("Invalid IV\n"); | ||
642 | err =1; | ||
643 | break; | ||
644 | } | ||
645 | PrintValue("IV", iVec, len); | ||
646 | step = (dir)? 4: 5; | ||
647 | } | ||
648 | break; | ||
649 | |||
650 | case 4: /* PLAINTEXT = xxxx */ | ||
651 | fputs(ibuf, rfp); | ||
652 | if (strncasecmp(ibuf, "PLAINTEXT = ", 12) != 0) | ||
653 | { | ||
654 | printf("Missing PLAINTEXT\n"); | ||
655 | err = 1; | ||
656 | } | ||
657 | else | ||
658 | { | ||
659 | int nn = strlen(ibuf+12); | ||
660 | if(!strcmp(amode,"CFB1")) | ||
661 | len=bint2bin(ibuf+12,nn-1,plaintext); | ||
662 | else | ||
663 | len=hex2bin(ibuf+12, nn-1,plaintext); | ||
664 | if (len < 0) | ||
665 | { | ||
666 | printf("Invalid PLAINTEXT: %s", ibuf+12); | ||
667 | err =1; | ||
668 | break; | ||
669 | } | ||
670 | if (len >= sizeof(plaintext)) | ||
671 | { | ||
672 | printf("Buffer overflow\n"); | ||
673 | } | ||
674 | PrintValue("PLAINTEXT", (unsigned char*)plaintext, len); | ||
675 | if (strcmp(atest, "Monte") == 0) /* Monte Carlo Test */ | ||
676 | { | ||
677 | do_mct(amode,akeysz,numkeys,aKey,iVec,dir,plaintext,len,rfp); | ||
678 | } | ||
679 | else | ||
680 | { | ||
681 | assert(dir == 1); | ||
682 | ret = DESTest(&ctx, amode, akeysz, aKey, iVec, | ||
683 | dir, /* 0 = decrypt, 1 = encrypt */ | ||
684 | ciphertext, plaintext, len); | ||
685 | OutputValue("CIPHERTEXT",ciphertext,len,rfp, | ||
686 | !strcmp(amode,"CFB1")); | ||
687 | } | ||
688 | step = 6; | ||
689 | } | ||
690 | break; | ||
691 | |||
692 | case 5: /* CIPHERTEXT = xxxx */ | ||
693 | fputs(ibuf, rfp); | ||
694 | if (strncasecmp(ibuf, "CIPHERTEXT = ", 13) != 0) | ||
695 | { | ||
696 | printf("Missing KEY\n"); | ||
697 | err = 1; | ||
698 | } | ||
699 | else | ||
700 | { | ||
701 | if(!strcmp(amode,"CFB1")) | ||
702 | len=bint2bin(ibuf+13,strlen(ibuf+13)-1,ciphertext); | ||
703 | else | ||
704 | len = hex2bin(ibuf+13,strlen(ibuf+13)-1,ciphertext); | ||
705 | if (len < 0) | ||
706 | { | ||
707 | printf("Invalid CIPHERTEXT\n"); | ||
708 | err =1; | ||
709 | break; | ||
710 | } | ||
711 | |||
712 | PrintValue("CIPHERTEXT", ciphertext, len); | ||
713 | if (strcmp(atest, "Monte") == 0) /* Monte Carlo Test */ | ||
714 | { | ||
715 | do_mct(amode, akeysz, numkeys, aKey, iVec, | ||
716 | dir, ciphertext, len, rfp); | ||
717 | } | ||
718 | else | ||
719 | { | ||
720 | assert(dir == 0); | ||
721 | ret = DESTest(&ctx, amode, akeysz, aKey, iVec, | ||
722 | dir, /* 0 = decrypt, 1 = encrypt */ | ||
723 | plaintext, ciphertext, len); | ||
724 | OutputValue("PLAINTEXT",(unsigned char *)plaintext,len,rfp, | ||
725 | !strcmp(amode,"CFB1")); | ||
726 | } | ||
727 | step = 6; | ||
728 | } | ||
729 | break; | ||
730 | |||
731 | case 6: | ||
732 | if (ibuf[0] != '\n') | ||
733 | { | ||
734 | err = 1; | ||
735 | printf("Missing terminator\n"); | ||
736 | } | ||
737 | else if (strcmp(atest, "MCT") != 0) | ||
738 | { /* MCT already added terminating nl */ | ||
739 | fputs(ibuf, rfp); | ||
740 | } | ||
741 | step = 1; | ||
742 | break; | ||
743 | } | ||
744 | } | ||
745 | if (rfp) | ||
746 | fclose(rfp); | ||
747 | if (afp) | ||
748 | fclose(afp); | ||
749 | return err; | ||
750 | } | ||
751 | |||
752 | /*-------------------------------------------------- | ||
753 | Processes either a single file or | ||
754 | a set of files whose names are passed in a file. | ||
755 | A single file is specified as: | ||
756 | aes_test -f xxx.req | ||
757 | A set of files is specified as: | ||
758 | aes_test -d xxxxx.xxx | ||
759 | The default is: -d req.txt | ||
760 | --------------------------------------------------*/ | ||
761 | int main(int argc, char **argv) | ||
762 | { | ||
763 | char *rqlist = "req.txt"; | ||
764 | FILE *fp = NULL; | ||
765 | char fn[250] = "", rfn[256] = ""; | ||
766 | int f_opt = 0, d_opt = 1; | ||
767 | |||
768 | #ifdef OPENSSL_FIPS | ||
769 | if(!FIPS_mode_set(1,argv[0])) | ||
770 | { | ||
771 | ERR_load_crypto_strings(); | ||
772 | ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE)); | ||
773 | EXIT(1); | ||
774 | } | ||
775 | #endif | ||
776 | ERR_load_crypto_strings(); | ||
777 | if (argc > 1) | ||
778 | { | ||
779 | if (strcasecmp(argv[1], "-d") == 0) | ||
780 | { | ||
781 | d_opt = 1; | ||
782 | } | ||
783 | else if (strcasecmp(argv[1], "-f") == 0) | ||
784 | { | ||
785 | f_opt = 1; | ||
786 | d_opt = 0; | ||
787 | } | ||
788 | else | ||
789 | { | ||
790 | printf("Invalid parameter: %s\n", argv[1]); | ||
791 | return 0; | ||
792 | } | ||
793 | if (argc < 3) | ||
794 | { | ||
795 | printf("Missing parameter\n"); | ||
796 | return 0; | ||
797 | } | ||
798 | if (d_opt) | ||
799 | rqlist = argv[2]; | ||
800 | else | ||
801 | strcpy(fn, argv[2]); | ||
802 | } | ||
803 | if (d_opt) | ||
804 | { /* list of files (directory) */ | ||
805 | if (!(fp = fopen(rqlist, "r"))) | ||
806 | { | ||
807 | printf("Cannot open req list file\n"); | ||
808 | return -1; | ||
809 | } | ||
810 | while (fgets(fn, sizeof(fn), fp)) | ||
811 | { | ||
812 | strtok(fn, "\r\n"); | ||
813 | strcpy(rfn, fn); | ||
814 | printf("Processing: %s\n", rfn); | ||
815 | if (proc_file(rfn)) | ||
816 | { | ||
817 | printf(">>> Processing failed for: %s <<<\n", rfn); | ||
818 | EXIT(1); | ||
819 | } | ||
820 | } | ||
821 | fclose(fp); | ||
822 | } | ||
823 | else /* single file */ | ||
824 | { | ||
825 | printf("Processing: %s\n", fn); | ||
826 | if (proc_file(fn)) | ||
827 | { | ||
828 | printf(">>> Processing failed for: %s <<<\n", fn); | ||
829 | } | ||
830 | } | ||
831 | EXIT(0); | ||
832 | return 0; | ||
833 | } | ||
diff --git a/src/lib/libssl/src/fips/dh/Makefile b/src/lib/libssl/src/fips/dh/Makefile deleted file mode 100644 index 10b40aa9f6..0000000000 --- a/src/lib/libssl/src/fips/dh/Makefile +++ /dev/null | |||
@@ -1,109 +0,0 @@ | |||
1 | # | ||
2 | # SSLeay/fips/dh/Makefile | ||
3 | # | ||
4 | |||
5 | DIR= dh | ||
6 | TOP= ../.. | ||
7 | CC= cc | ||
8 | INCLUDES= | ||
9 | CFLAG=-g | ||
10 | INSTALL_PREFIX= | ||
11 | OPENSSLDIR= /usr/local/ssl | ||
12 | INSTALLTOP=/usr/local/ssl | ||
13 | MAKEDEPPROG= makedepend | ||
14 | MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) | ||
15 | MAKEFILE= Makefile | ||
16 | AR= ar r | ||
17 | |||
18 | CFLAGS= $(INCLUDES) $(CFLAG) | ||
19 | |||
20 | GENERAL=Makefile | ||
21 | TEST= | ||
22 | APPS= | ||
23 | |||
24 | LIB=$(TOP)/libcrypto.a | ||
25 | LIBSRC=fips_dh_check.c fips_dh_gen.c fips_dh_key.c | ||
26 | LIBOBJ=fips_dh_check.o fips_dh_gen.o fips_dh_key.o | ||
27 | |||
28 | SRC= $(LIBSRC) | ||
29 | |||
30 | EXHEADER= | ||
31 | HEADER= $(EXHEADER) | ||
32 | |||
33 | ALL= $(GENERAL) $(SRC) $(HEADER) | ||
34 | |||
35 | top: | ||
36 | (cd $(TOP); $(MAKE) DIRS=fips FDIRS=$(DIR) sub_all) | ||
37 | |||
38 | all: check lib | ||
39 | |||
40 | lib: $(LIBOBJ) | ||
41 | $(AR) $(LIB) $(LIBOBJ) | ||
42 | $(RANLIB) $(LIB) || echo Never mind. | ||
43 | @sleep 2; touch lib | ||
44 | |||
45 | check: | ||
46 | TOP=`pwd`/$(TOP) ../fips_check_sha1 fingerprint.sha1 $(SRC) $(HEADER) | ||
47 | |||
48 | files: | ||
49 | $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO | ||
50 | |||
51 | links: | ||
52 | @$(PERL) $(TOP)/util/mklink.pl $(TOP)/include/openssl $(EXHEADER) | ||
53 | @$(PERL) $(TOP)/util/mklink.pl $(TOP)/test $(TEST) | ||
54 | @$(PERL) $(TOP)/util/mklink.pl $(TOP)/apps $(APPS) | ||
55 | |||
56 | install: | ||
57 | @headerlist="$(EXHEADER)"; for i in $$headerlist; \ | ||
58 | do \ | ||
59 | (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ | ||
60 | chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ | ||
61 | done | ||
62 | |||
63 | tags: | ||
64 | ctags $(SRC) | ||
65 | |||
66 | tests: | ||
67 | |||
68 | lint: | ||
69 | lint -DLINT $(INCLUDES) $(SRC)>fluff | ||
70 | |||
71 | depend: | ||
72 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(SRC) $(TEST) | ||
73 | |||
74 | dclean: | ||
75 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | ||
76 | mv -f Makefile.new $(MAKEFILE) | ||
77 | |||
78 | clean: | ||
79 | rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff | ||
80 | |||
81 | # DO NOT DELETE THIS LINE -- make depend depends on it. | ||
82 | |||
83 | fips_dh_check.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | ||
84 | fips_dh_check.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h | ||
85 | fips_dh_check.o: ../../include/openssl/e_os2.h | ||
86 | fips_dh_check.o: ../../include/openssl/opensslconf.h | ||
87 | fips_dh_check.o: ../../include/openssl/opensslv.h | ||
88 | fips_dh_check.o: ../../include/openssl/ossl_typ.h | ||
89 | fips_dh_check.o: ../../include/openssl/safestack.h | ||
90 | fips_dh_check.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
91 | fips_dh_check.o: fips_dh_check.c | ||
92 | fips_dh_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | ||
93 | fips_dh_gen.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h | ||
94 | fips_dh_gen.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | ||
95 | fips_dh_gen.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h | ||
96 | fips_dh_gen.o: ../../include/openssl/opensslconf.h | ||
97 | fips_dh_gen.o: ../../include/openssl/opensslv.h | ||
98 | fips_dh_gen.o: ../../include/openssl/ossl_typ.h | ||
99 | fips_dh_gen.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | ||
100 | fips_dh_gen.o: ../../include/openssl/symhacks.h fips_dh_gen.c | ||
101 | fips_dh_key.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | ||
102 | fips_dh_key.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h | ||
103 | fips_dh_key.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | ||
104 | fips_dh_key.o: ../../include/openssl/lhash.h | ||
105 | fips_dh_key.o: ../../include/openssl/opensslconf.h | ||
106 | fips_dh_key.o: ../../include/openssl/opensslv.h | ||
107 | fips_dh_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h | ||
108 | fips_dh_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | ||
109 | fips_dh_key.o: ../../include/openssl/symhacks.h fips_dh_key.c | ||
diff --git a/src/lib/libssl/src/fips/dh/fips_dh_check.c b/src/lib/libssl/src/fips/dh/fips_dh_check.c deleted file mode 100644 index 874920b466..0000000000 --- a/src/lib/libssl/src/fips/dh/fips_dh_check.c +++ /dev/null | |||
@@ -1,125 +0,0 @@ | |||
1 | /* crypto/dh/dh_check.c */ | ||
2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
3 | * All rights reserved. | ||
4 | * | ||
5 | * This package is an SSL implementation written | ||
6 | * by Eric Young (eay@cryptsoft.com). | ||
7 | * The implementation was written so as to conform with Netscapes SSL. | ||
8 | * | ||
9 | * This library is free for commercial and non-commercial use as long as | ||
10 | * the following conditions are aheared to. The following conditions | ||
11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
13 | * included with this distribution is covered by the same copyright terms | ||
14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
15 | * | ||
16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
17 | * the code are not to be removed. | ||
18 | * If this package is used in a product, Eric Young should be given attribution | ||
19 | * as the author of the parts of the library used. | ||
20 | * This can be in the form of a textual message at program startup or | ||
21 | * in documentation (online or textual) provided with the package. | ||
22 | * | ||
23 | * Redistribution and use in source and binary forms, with or without | ||
24 | * modification, are permitted provided that the following conditions | ||
25 | * are met: | ||
26 | * 1. Redistributions of source code must retain the copyright | ||
27 | * notice, this list of conditions and the following disclaimer. | ||
28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
29 | * notice, this list of conditions and the following disclaimer in the | ||
30 | * documentation and/or other materials provided with the distribution. | ||
31 | * 3. All advertising materials mentioning features or use of this software | ||
32 | * must display the following acknowledgement: | ||
33 | * "This product includes cryptographic software written by | ||
34 | * Eric Young (eay@cryptsoft.com)" | ||
35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
36 | * being used are not cryptographic related :-). | ||
37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
38 | * the apps directory (application code) you must include an acknowledgement: | ||
39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
40 | * | ||
41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
51 | * SUCH DAMAGE. | ||
52 | * | ||
53 | * The licence and distribution terms for any publically available version or | ||
54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
55 | * copied and put under another distribution licence | ||
56 | * [including the GNU Public Licence.] | ||
57 | */ | ||
58 | |||
59 | #include <stdio.h> | ||
60 | #include <openssl/bn.h> | ||
61 | #ifndef OPENSSL_NO_DH | ||
62 | #include <openssl/dh.h> | ||
63 | |||
64 | #ifdef OPENSSL_FIPS | ||
65 | |||
66 | /* Check that p is a safe prime and | ||
67 | * if g is 2, 3 or 5, check that is is a suitable generator | ||
68 | * where | ||
69 | * for 2, p mod 24 == 11 | ||
70 | * for 3, p mod 12 == 5 | ||
71 | * for 5, p mod 10 == 3 or 7 | ||
72 | * should hold. | ||
73 | */ | ||
74 | |||
75 | int DH_check(const DH *dh, int *ret) | ||
76 | { | ||
77 | int ok=0; | ||
78 | BN_CTX *ctx=NULL; | ||
79 | BN_ULONG l; | ||
80 | BIGNUM *q=NULL; | ||
81 | |||
82 | *ret=0; | ||
83 | ctx=BN_CTX_new(); | ||
84 | if (ctx == NULL) goto err; | ||
85 | q=BN_new(); | ||
86 | if (q == NULL) goto err; | ||
87 | |||
88 | if (BN_is_word(dh->g,DH_GENERATOR_2)) | ||
89 | { | ||
90 | l=BN_mod_word(dh->p,24); | ||
91 | if (l != 11) *ret|=DH_NOT_SUITABLE_GENERATOR; | ||
92 | } | ||
93 | #if 0 | ||
94 | else if (BN_is_word(dh->g,DH_GENERATOR_3)) | ||
95 | { | ||
96 | l=BN_mod_word(dh->p,12); | ||
97 | if (l != 5) *ret|=DH_NOT_SUITABLE_GENERATOR; | ||
98 | } | ||
99 | #endif | ||
100 | else if (BN_is_word(dh->g,DH_GENERATOR_5)) | ||
101 | { | ||
102 | l=BN_mod_word(dh->p,10); | ||
103 | if ((l != 3) && (l != 7)) | ||
104 | *ret|=DH_NOT_SUITABLE_GENERATOR; | ||
105 | } | ||
106 | else | ||
107 | *ret|=DH_UNABLE_TO_CHECK_GENERATOR; | ||
108 | |||
109 | if (!BN_is_prime(dh->p,BN_prime_checks,NULL,ctx,NULL)) | ||
110 | *ret|=DH_CHECK_P_NOT_PRIME; | ||
111 | else | ||
112 | { | ||
113 | if (!BN_rshift1(q,dh->p)) goto err; | ||
114 | if (!BN_is_prime(q,BN_prime_checks,NULL,ctx,NULL)) | ||
115 | *ret|=DH_CHECK_P_NOT_SAFE_PRIME; | ||
116 | } | ||
117 | ok=1; | ||
118 | err: | ||
119 | if (ctx != NULL) BN_CTX_free(ctx); | ||
120 | if (q != NULL) BN_free(q); | ||
121 | return(ok); | ||
122 | } | ||
123 | |||
124 | #endif | ||
125 | #endif | ||
diff --git a/src/lib/libssl/src/fips/dh/fips_dh_gen.c b/src/lib/libssl/src/fips/dh/fips_dh_gen.c deleted file mode 100644 index b569e3912d..0000000000 --- a/src/lib/libssl/src/fips/dh/fips_dh_gen.c +++ /dev/null | |||
@@ -1,186 +0,0 @@ | |||
1 | /* crypto/dh/dh_gen.c */ | ||
2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
3 | * All rights reserved. | ||
4 | * | ||
5 | * This package is an SSL implementation written | ||
6 | * by Eric Young (eay@cryptsoft.com). | ||
7 | * The implementation was written so as to conform with Netscapes SSL. | ||
8 | * | ||
9 | * This library is free for commercial and non-commercial use as long as | ||
10 | * the following conditions are aheared to. The following conditions | ||
11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
13 | * included with this distribution is covered by the same copyright terms | ||
14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
15 | * | ||
16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
17 | * the code are not to be removed. | ||
18 | * If this package is used in a product, Eric Young should be given attribution | ||
19 | * as the author of the parts of the library used. | ||
20 | * This can be in the form of a textual message at program startup or | ||
21 | * in documentation (online or textual) provided with the package. | ||
22 | * | ||
23 | * Redistribution and use in source and binary forms, with or without | ||
24 | * modification, are permitted provided that the following conditions | ||
25 | * are met: | ||
26 | * 1. Redistributions of source code must retain the copyright | ||
27 | * notice, this list of conditions and the following disclaimer. | ||
28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
29 | * notice, this list of conditions and the following disclaimer in the | ||
30 | * documentation and/or other materials provided with the distribution. | ||
31 | * 3. All advertising materials mentioning features or use of this software | ||
32 | * must display the following acknowledgement: | ||
33 | * "This product includes cryptographic software written by | ||
34 | * Eric Young (eay@cryptsoft.com)" | ||
35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
36 | * being used are not cryptographic related :-). | ||
37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
38 | * the apps directory (application code) you must include an acknowledgement: | ||
39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
40 | * | ||
41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
51 | * SUCH DAMAGE. | ||
52 | * | ||
53 | * The licence and distribution terms for any publically available version or | ||
54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
55 | * copied and put under another distribution licence | ||
56 | * [including the GNU Public Licence.] | ||
57 | */ | ||
58 | |||
59 | #include <stdio.h> | ||
60 | #include <string.h> | ||
61 | #include <openssl/err.h> | ||
62 | #include <openssl/bn.h> | ||
63 | #ifndef OPENSSL_NO_DH | ||
64 | #include <openssl/dh.h> | ||
65 | #endif | ||
66 | #include <openssl/fips.h> | ||
67 | |||
68 | #ifndef OPENSSL_NO_DH | ||
69 | #ifdef OPENSSL_FIPS | ||
70 | |||
71 | /* We generate DH parameters as follows | ||
72 | * find a prime q which is prime_len/2 bits long. | ||
73 | * p=(2*q)+1 or (p-1)/2 = q | ||
74 | * For this case, g is a generator if | ||
75 | * g^((p-1)/q) mod p != 1 for values of q which are the factors of p-1. | ||
76 | * Since the factors of p-1 are q and 2, we just need to check | ||
77 | * g^2 mod p != 1 and g^q mod p != 1. | ||
78 | * | ||
79 | * Having said all that, | ||
80 | * there is another special case method for the generators 2, 3 and 5. | ||
81 | * for 2, p mod 24 == 11 | ||
82 | * for 3, p mod 12 == 5 <<<<< does not work for safe primes. | ||
83 | * for 5, p mod 10 == 3 or 7 | ||
84 | * | ||
85 | * Thanks to Phil Karn <karn@qualcomm.com> for the pointers about the | ||
86 | * special generators and for answering some of my questions. | ||
87 | * | ||
88 | * I've implemented the second simple method :-). | ||
89 | * Since DH should be using a safe prime (both p and q are prime), | ||
90 | * this generator function can take a very very long time to run. | ||
91 | */ | ||
92 | /* Actually there is no reason to insist that 'generator' be a generator. | ||
93 | * It's just as OK (and in some sense better) to use a generator of the | ||
94 | * order-q subgroup. | ||
95 | */ | ||
96 | |||
97 | DH *DH_generate_parameters(int prime_len, int generator, | ||
98 | void (*callback)(int,int,void *), void *cb_arg) | ||
99 | { | ||
100 | BIGNUM *p=NULL,*t1,*t2; | ||
101 | DH *ret=NULL; | ||
102 | int g,ok= -1; | ||
103 | BN_CTX *ctx=NULL; | ||
104 | |||
105 | if(FIPS_selftest_failed()) | ||
106 | { | ||
107 | FIPSerr(FIPS_F_DH_GENERATE_PARAMETERS,FIPS_R_FIPS_SELFTEST_FAILED); | ||
108 | return NULL; | ||
109 | } | ||
110 | |||
111 | ret=DH_new(); | ||
112 | if (ret == NULL) goto err; | ||
113 | ctx=BN_CTX_new(); | ||
114 | if (ctx == NULL) goto err; | ||
115 | BN_CTX_start(ctx); | ||
116 | t1 = BN_CTX_get(ctx); | ||
117 | t2 = BN_CTX_get(ctx); | ||
118 | if (t1 == NULL || t2 == NULL) goto err; | ||
119 | |||
120 | if (generator <= 1) | ||
121 | { | ||
122 | DHerr(DH_F_DH_GENERATE_PARAMETERS, DH_R_BAD_GENERATOR); | ||
123 | goto err; | ||
124 | } | ||
125 | if (generator == DH_GENERATOR_2) | ||
126 | { | ||
127 | if (!BN_set_word(t1,24)) goto err; | ||
128 | if (!BN_set_word(t2,11)) goto err; | ||
129 | g=2; | ||
130 | } | ||
131 | #if 0 /* does not work for safe primes */ | ||
132 | else if (generator == DH_GENERATOR_3) | ||
133 | { | ||
134 | if (!BN_set_word(t1,12)) goto err; | ||
135 | if (!BN_set_word(t2,5)) goto err; | ||
136 | g=3; | ||
137 | } | ||
138 | #endif | ||
139 | else if (generator == DH_GENERATOR_5) | ||
140 | { | ||
141 | if (!BN_set_word(t1,10)) goto err; | ||
142 | if (!BN_set_word(t2,3)) goto err; | ||
143 | /* BN_set_word(t3,7); just have to miss | ||
144 | * out on these ones :-( */ | ||
145 | g=5; | ||
146 | } | ||
147 | else | ||
148 | { | ||
149 | /* in the general case, don't worry if 'generator' is a | ||
150 | * generator or not: since we are using safe primes, | ||
151 | * it will generate either an order-q or an order-2q group, | ||
152 | * which both is OK */ | ||
153 | if (!BN_set_word(t1,2)) goto err; | ||
154 | if (!BN_set_word(t2,1)) goto err; | ||
155 | g=generator; | ||
156 | } | ||
157 | |||
158 | p=BN_generate_prime(NULL,prime_len,1,t1,t2,callback,cb_arg); | ||
159 | if (p == NULL) goto err; | ||
160 | if (callback != NULL) callback(3,0,cb_arg); | ||
161 | ret->p=p; | ||
162 | ret->g=BN_new(); | ||
163 | if (!BN_set_word(ret->g,g)) goto err; | ||
164 | ok=1; | ||
165 | err: | ||
166 | if (ok == -1) | ||
167 | { | ||
168 | DHerr(DH_F_DH_GENERATE_PARAMETERS,ERR_R_BN_LIB); | ||
169 | ok=0; | ||
170 | } | ||
171 | |||
172 | if (ctx != NULL) | ||
173 | { | ||
174 | BN_CTX_end(ctx); | ||
175 | BN_CTX_free(ctx); | ||
176 | } | ||
177 | if (!ok && (ret != NULL)) | ||
178 | { | ||
179 | DH_free(ret); | ||
180 | ret=NULL; | ||
181 | } | ||
182 | return(ret); | ||
183 | } | ||
184 | |||
185 | #endif | ||
186 | #endif | ||
diff --git a/src/lib/libssl/src/fips/dh/fips_dh_key.c b/src/lib/libssl/src/fips/dh/fips_dh_key.c deleted file mode 100644 index 41e3a661c0..0000000000 --- a/src/lib/libssl/src/fips/dh/fips_dh_key.c +++ /dev/null | |||
@@ -1,230 +0,0 @@ | |||
1 | /* crypto/dh/dh_key.c */ | ||
2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
3 | * All rights reserved. | ||
4 | * | ||
5 | * This package is an SSL implementation written | ||
6 | * by Eric Young (eay@cryptsoft.com). | ||
7 | * The implementation was written so as to conform with Netscapes SSL. | ||
8 | * | ||
9 | * This library is free for commercial and non-commercial use as long as | ||
10 | * the following conditions are aheared to. The following conditions | ||
11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
13 | * included with this distribution is covered by the same copyright terms | ||
14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
15 | * | ||
16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
17 | * the code are not to be removed. | ||
18 | * If this package is used in a product, Eric Young should be given attribution | ||
19 | * as the author of the parts of the library used. | ||
20 | * This can be in the form of a textual message at program startup or | ||
21 | * in documentation (online or textual) provided with the package. | ||
22 | * | ||
23 | * Redistribution and use in source and binary forms, with or without | ||
24 | * modification, are permitted provided that the following conditions | ||
25 | * are met: | ||
26 | * 1. Redistributions of source code must retain the copyright | ||
27 | * notice, this list of conditions and the following disclaimer. | ||
28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
29 | * notice, this list of conditions and the following disclaimer in the | ||
30 | * documentation and/or other materials provided with the distribution. | ||
31 | * 3. All advertising materials mentioning features or use of this software | ||
32 | * must display the following acknowledgement: | ||
33 | * "This product includes cryptographic software written by | ||
34 | * Eric Young (eay@cryptsoft.com)" | ||
35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
36 | * being used are not cryptographic related :-). | ||
37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
38 | * the apps directory (application code) you must include an acknowledgement: | ||
39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
40 | * | ||
41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
51 | * SUCH DAMAGE. | ||
52 | * | ||
53 | * The licence and distribution terms for any publically available version or | ||
54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
55 | * copied and put under another distribution licence | ||
56 | * [including the GNU Public Licence.] | ||
57 | */ | ||
58 | |||
59 | #include <stdio.h> | ||
60 | #include <openssl/err.h> | ||
61 | #include <openssl/bn.h> | ||
62 | #ifndef OPENSSL_NO_RAND | ||
63 | #include <openssl/rand.h> | ||
64 | #endif | ||
65 | #ifndef OPENSSL_NO_DH | ||
66 | #include <openssl/dh.h> | ||
67 | |||
68 | #ifdef OPENSSL_FIPS | ||
69 | |||
70 | static int generate_key(DH *dh); | ||
71 | static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh); | ||
72 | static int dh_bn_mod_exp(const DH *dh, BIGNUM *r, | ||
73 | const BIGNUM *a, const BIGNUM *p, | ||
74 | const BIGNUM *m, BN_CTX *ctx, | ||
75 | BN_MONT_CTX *m_ctx); | ||
76 | static int dh_init(DH *dh); | ||
77 | static int dh_finish(DH *dh); | ||
78 | |||
79 | int DH_generate_key(DH *dh) | ||
80 | { | ||
81 | return dh->meth->generate_key(dh); | ||
82 | } | ||
83 | |||
84 | int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) | ||
85 | { | ||
86 | return dh->meth->compute_key(key, pub_key, dh); | ||
87 | } | ||
88 | |||
89 | static DH_METHOD dh_ossl = { | ||
90 | "OpenSSL DH Method", | ||
91 | generate_key, | ||
92 | compute_key, | ||
93 | dh_bn_mod_exp, | ||
94 | dh_init, | ||
95 | dh_finish, | ||
96 | 0, | ||
97 | NULL | ||
98 | }; | ||
99 | |||
100 | const DH_METHOD *DH_OpenSSL(void) | ||
101 | { | ||
102 | return &dh_ossl; | ||
103 | } | ||
104 | |||
105 | static int generate_key(DH *dh) | ||
106 | { | ||
107 | int ok=0; | ||
108 | int generate_new_key=0; | ||
109 | unsigned l; | ||
110 | BN_CTX *ctx; | ||
111 | BN_MONT_CTX *mont; | ||
112 | BIGNUM *pub_key=NULL,*priv_key=NULL; | ||
113 | |||
114 | ctx = BN_CTX_new(); | ||
115 | if (ctx == NULL) goto err; | ||
116 | |||
117 | if (dh->priv_key == NULL) | ||
118 | { | ||
119 | priv_key=BN_new(); | ||
120 | if (priv_key == NULL) goto err; | ||
121 | generate_new_key=1; | ||
122 | } | ||
123 | else | ||
124 | priv_key=dh->priv_key; | ||
125 | |||
126 | if (dh->pub_key == NULL) | ||
127 | { | ||
128 | pub_key=BN_new(); | ||
129 | if (pub_key == NULL) goto err; | ||
130 | } | ||
131 | else | ||
132 | pub_key=dh->pub_key; | ||
133 | |||
134 | if ((dh->method_mont_p == NULL) && (dh->flags & DH_FLAG_CACHE_MONT_P)) | ||
135 | { | ||
136 | if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL) | ||
137 | if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p, | ||
138 | dh->p,ctx)) goto err; | ||
139 | } | ||
140 | mont=(BN_MONT_CTX *)dh->method_mont_p; | ||
141 | |||
142 | if (generate_new_key) | ||
143 | { | ||
144 | l = dh->length ? dh->length : BN_num_bits(dh->p)-1; /* secret exponent length */ | ||
145 | if (!BN_rand(priv_key, l, 0, 0)) goto err; | ||
146 | } | ||
147 | if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, priv_key,dh->p,ctx,mont)) | ||
148 | goto err; | ||
149 | |||
150 | dh->pub_key=pub_key; | ||
151 | dh->priv_key=priv_key; | ||
152 | ok=1; | ||
153 | err: | ||
154 | if (ok != 1) | ||
155 | DHerr(DH_F_DH_GENERATE_KEY,ERR_R_BN_LIB); | ||
156 | |||
157 | if ((pub_key != NULL) && (dh->pub_key == NULL)) BN_free(pub_key); | ||
158 | if ((priv_key != NULL) && (dh->priv_key == NULL)) BN_free(priv_key); | ||
159 | BN_CTX_free(ctx); | ||
160 | return(ok); | ||
161 | } | ||
162 | |||
163 | static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) | ||
164 | { | ||
165 | BN_CTX *ctx; | ||
166 | BN_MONT_CTX *mont; | ||
167 | BIGNUM *tmp; | ||
168 | int ret= -1; | ||
169 | |||
170 | ctx = BN_CTX_new(); | ||
171 | if (ctx == NULL) goto err; | ||
172 | BN_CTX_start(ctx); | ||
173 | tmp = BN_CTX_get(ctx); | ||
174 | |||
175 | if (dh->priv_key == NULL) | ||
176 | { | ||
177 | DHerr(DH_F_DH_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE); | ||
178 | goto err; | ||
179 | } | ||
180 | if ((dh->method_mont_p == NULL) && (dh->flags & DH_FLAG_CACHE_MONT_P)) | ||
181 | { | ||
182 | if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL) | ||
183 | if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p, | ||
184 | dh->p,ctx)) goto err; | ||
185 | } | ||
186 | |||
187 | mont=(BN_MONT_CTX *)dh->method_mont_p; | ||
188 | if (!dh->meth->bn_mod_exp(dh, tmp, pub_key, dh->priv_key,dh->p,ctx,mont)) | ||
189 | { | ||
190 | DHerr(DH_F_DH_COMPUTE_KEY,ERR_R_BN_LIB); | ||
191 | goto err; | ||
192 | } | ||
193 | |||
194 | ret=BN_bn2bin(tmp,key); | ||
195 | err: | ||
196 | BN_CTX_end(ctx); | ||
197 | BN_CTX_free(ctx); | ||
198 | return(ret); | ||
199 | } | ||
200 | |||
201 | static int dh_bn_mod_exp(const DH *dh, BIGNUM *r, | ||
202 | const BIGNUM *a, const BIGNUM *p, | ||
203 | const BIGNUM *m, BN_CTX *ctx, | ||
204 | BN_MONT_CTX *m_ctx) | ||
205 | { | ||
206 | if (a->top == 1) | ||
207 | { | ||
208 | BN_ULONG A = a->d[0]; | ||
209 | return BN_mod_exp_mont_word(r,A,p,m,ctx,m_ctx); | ||
210 | } | ||
211 | else | ||
212 | return BN_mod_exp_mont(r,a,p,m,ctx,m_ctx); | ||
213 | } | ||
214 | |||
215 | |||
216 | static int dh_init(DH *dh) | ||
217 | { | ||
218 | dh->flags |= DH_FLAG_CACHE_MONT_P; | ||
219 | return(1); | ||
220 | } | ||
221 | |||
222 | static int dh_finish(DH *dh) | ||
223 | { | ||
224 | if(dh->method_mont_p) | ||
225 | BN_MONT_CTX_free((BN_MONT_CTX *)dh->method_mont_p); | ||
226 | return(1); | ||
227 | } | ||
228 | |||
229 | #endif | ||
230 | #endif | ||
diff --git a/src/lib/libssl/src/fips/dsa/Makefile b/src/lib/libssl/src/fips/dsa/Makefile deleted file mode 100644 index 0cc5704ed1..0000000000 --- a/src/lib/libssl/src/fips/dsa/Makefile +++ /dev/null | |||
@@ -1,158 +0,0 @@ | |||
1 | # | ||
2 | # SSLeay/fips/dsa/Makefile | ||
3 | # | ||
4 | |||
5 | DIR= dsa | ||
6 | TOP= ../.. | ||
7 | CC= cc | ||
8 | INCLUDES= | ||
9 | CFLAG=-g | ||
10 | INSTALL_PREFIX= | ||
11 | OPENSSLDIR= /usr/local/ssl | ||
12 | INSTALLTOP=/usr/local/ssl | ||
13 | MAKEDEPPROG= makedepend | ||
14 | MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) | ||
15 | MAKEFILE= Makefile | ||
16 | AR= ar r | ||
17 | |||
18 | CFLAGS= $(INCLUDES) $(CFLAG) | ||
19 | |||
20 | GENERAL=Makefile | ||
21 | TEST=fips_dsatest.c | ||
22 | APPS= | ||
23 | |||
24 | LIB=$(TOP)/libcrypto.a | ||
25 | LIBSRC=fips_dsa_ossl.c fips_dsa_gen.c fips_dsa_selftest.c | ||
26 | LIBOBJ=fips_dsa_ossl.o fips_dsa_gen.o fips_dsa_selftest.o | ||
27 | |||
28 | SRC= $(LIBSRC) | ||
29 | |||
30 | EXHEADER= | ||
31 | HEADER= $(EXHEADER) | ||
32 | |||
33 | ALL= $(GENERAL) $(SRC) $(HEADER) | ||
34 | |||
35 | top: | ||
36 | (cd $(TOP); $(MAKE) DIRS=fips FDIRS=$(DIR) sub_all) | ||
37 | |||
38 | all: check lib | ||
39 | |||
40 | lib: $(LIBOBJ) | ||
41 | $(AR) $(LIB) $(LIBOBJ) | ||
42 | $(RANLIB) $(LIB) || echo Never mind. | ||
43 | @sleep 2; touch lib | ||
44 | |||
45 | check: | ||
46 | TOP=`pwd`/$(TOP) ../fips_check_sha1 fingerprint.sha1 $(SRC) $(HEADER) | ||
47 | |||
48 | files: | ||
49 | $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO | ||
50 | |||
51 | links: | ||
52 | @$(PERL) $(TOP)/util/mklink.pl $(TOP)/include/openssl $(EXHEADER) | ||
53 | @$(PERL) $(TOP)/util/mklink.pl $(TOP)/test $(TEST) | ||
54 | @$(PERL) $(TOP)/util/mklink.pl $(TOP)/apps $(APPS) | ||
55 | |||
56 | install: | ||
57 | @headerlist="$(EXHEADER)"; for i in $$headerlist; \ | ||
58 | do \ | ||
59 | (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ | ||
60 | chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ | ||
61 | done | ||
62 | |||
63 | tags: | ||
64 | ctags $(SRC) | ||
65 | |||
66 | tests: | ||
67 | |||
68 | top_fips_dssvs: | ||
69 | (cd $(TOP); $(MAKE) DIRS=fips FDIRS=$(DIR) TARGET=fips_dssvs sub_target) | ||
70 | |||
71 | fips_dssvs: fips_dssvs.o $(TOP)/libcrypto.a | ||
72 | $(CC) $(CFLAGS) -o fips_dssvs fips_dssvs.o $(PEX_LIBS) $(TOP)/libcrypto.a $(EX_LIBS) | ||
73 | TOP=$(TOP) $(TOP)/fips/openssl_fips_fingerprint $(TOP)/libcrypto.a fips_dssvs | ||
74 | |||
75 | Q=../testvectors/dsa/req | ||
76 | A=../testvectors/dsa/rsp | ||
77 | |||
78 | fips_test: top_fips_dssvs | ||
79 | -rm -rf $A | ||
80 | mkdir $A | ||
81 | ./fips_dssvs pqg < $Q/PQGGen.req > $A/PQGGen.rsp | ||
82 | ./fips_dssvs keypair < $Q/KeyPair.req > $A/KeyPair.rsp | ||
83 | ./fips_dssvs siggen < $Q/SigGen.req > $A/SigGen.rsp | ||
84 | ./fips_dssvs sigver < $Q/SigVer.req > $A/SigVer.rsp | ||
85 | |||
86 | lint: | ||
87 | lint -DLINT $(INCLUDES) $(SRC)>fluff | ||
88 | |||
89 | depend: | ||
90 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(SRC) $(TEST) | ||
91 | |||
92 | dclean: | ||
93 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | ||
94 | mv -f Makefile.new $(MAKEFILE) | ||
95 | |||
96 | clean: | ||
97 | rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff | ||
98 | # DO NOT DELETE THIS LINE -- make depend depends on it. | ||
99 | |||
100 | fips_dsa_gen.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h | ||
101 | fips_dsa_gen.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h | ||
102 | fips_dsa_gen.o: ../../include/openssl/bn.h ../../include/openssl/cast.h | ||
103 | fips_dsa_gen.o: ../../include/openssl/crypto.h ../../include/openssl/des.h | ||
104 | fips_dsa_gen.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h | ||
105 | fips_dsa_gen.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | ||
106 | fips_dsa_gen.o: ../../include/openssl/err.h ../../include/openssl/evp.h | ||
107 | fips_dsa_gen.o: ../../include/openssl/fips.h ../../include/openssl/idea.h | ||
108 | fips_dsa_gen.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h | ||
109 | fips_dsa_gen.o: ../../include/openssl/md4.h ../../include/openssl/md5.h | ||
110 | fips_dsa_gen.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h | ||
111 | fips_dsa_gen.o: ../../include/openssl/objects.h | ||
112 | fips_dsa_gen.o: ../../include/openssl/opensslconf.h | ||
113 | fips_dsa_gen.o: ../../include/openssl/opensslv.h | ||
114 | fips_dsa_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h | ||
115 | fips_dsa_gen.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h | ||
116 | fips_dsa_gen.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h | ||
117 | fips_dsa_gen.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | ||
118 | fips_dsa_gen.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | ||
119 | fips_dsa_gen.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h | ||
120 | fips_dsa_gen.o: ../../include/openssl/ui_compat.h fips_dsa_gen.c | ||
121 | fips_dsa_ossl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | ||
122 | fips_dsa_ossl.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h | ||
123 | fips_dsa_ossl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h | ||
124 | fips_dsa_ossl.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h | ||
125 | fips_dsa_ossl.o: ../../include/openssl/err.h ../../include/openssl/fips.h | ||
126 | fips_dsa_ossl.o: ../../include/openssl/lhash.h | ||
127 | fips_dsa_ossl.o: ../../include/openssl/opensslconf.h | ||
128 | fips_dsa_ossl.o: ../../include/openssl/opensslv.h | ||
129 | fips_dsa_ossl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h | ||
130 | fips_dsa_ossl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | ||
131 | fips_dsa_ossl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
132 | fips_dsa_ossl.o: ../../include/openssl/ui.h fips_dsa_ossl.c | ||
133 | fips_dsa_selftest.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | ||
134 | fips_dsa_selftest.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h | ||
135 | fips_dsa_selftest.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | ||
136 | fips_dsa_selftest.o: ../../include/openssl/err.h ../../include/openssl/fips.h | ||
137 | fips_dsa_selftest.o: ../../include/openssl/lhash.h | ||
138 | fips_dsa_selftest.o: ../../include/openssl/opensslconf.h | ||
139 | fips_dsa_selftest.o: ../../include/openssl/opensslv.h | ||
140 | fips_dsa_selftest.o: ../../include/openssl/ossl_typ.h | ||
141 | fips_dsa_selftest.o: ../../include/openssl/safestack.h | ||
142 | fips_dsa_selftest.o: ../../include/openssl/stack.h | ||
143 | fips_dsa_selftest.o: ../../include/openssl/symhacks.h fips_dsa_selftest.c | ||
144 | fips_dsatest.o: ../../e_os.h ../../include/openssl/asn1.h | ||
145 | fips_dsatest.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | ||
146 | fips_dsatest.o: ../../include/openssl/crypto.h ../../include/openssl/des.h | ||
147 | fips_dsatest.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h | ||
148 | fips_dsatest.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | ||
149 | fips_dsatest.o: ../../include/openssl/engine.h ../../include/openssl/err.h | ||
150 | fips_dsatest.o: ../../include/openssl/fips.h ../../include/openssl/fips_rand.h | ||
151 | fips_dsatest.o: ../../include/openssl/lhash.h | ||
152 | fips_dsatest.o: ../../include/openssl/opensslconf.h | ||
153 | fips_dsatest.o: ../../include/openssl/opensslv.h | ||
154 | fips_dsatest.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h | ||
155 | fips_dsatest.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | ||
156 | fips_dsatest.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
157 | fips_dsatest.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h | ||
158 | fips_dsatest.o: fips_dsatest.c | ||
diff --git a/src/lib/libssl/src/fips/dsa/fips_dsa_gen.c b/src/lib/libssl/src/fips/dsa/fips_dsa_gen.c deleted file mode 100644 index 21fa3d1783..0000000000 --- a/src/lib/libssl/src/fips/dsa/fips_dsa_gen.c +++ /dev/null | |||
@@ -1,374 +0,0 @@ | |||
1 | /* crypto/dsa/dsa_gen.c */ | ||
2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
3 | * All rights reserved. | ||
4 | * | ||
5 | * This package is an SSL implementation written | ||
6 | * by Eric Young (eay@cryptsoft.com). | ||
7 | * The implementation was written so as to conform with Netscapes SSL. | ||
8 | * | ||
9 | * This library is free for commercial and non-commercial use as long as | ||
10 | * the following conditions are aheared to. The following conditions | ||
11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
13 | * included with this distribution is covered by the same copyright terms | ||
14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
15 | * | ||
16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
17 | * the code are not to be removed. | ||
18 | * If this package is used in a product, Eric Young should be given attribution | ||
19 | * as the author of the parts of the library used. | ||
20 | * This can be in the form of a textual message at program startup or | ||
21 | * in documentation (online or textual) provided with the package. | ||
22 | * | ||
23 | * Redistribution and use in source and binary forms, with or without | ||
24 | * modification, are permitted provided that the following conditions | ||
25 | * are met: | ||
26 | * 1. Redistributions of source code must retain the copyright | ||
27 | * notice, this list of conditions and the following disclaimer. | ||
28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
29 | * notice, this list of conditions and the following disclaimer in the | ||
30 | * documentation and/or other materials provided with the distribution. | ||
31 | * 3. All advertising materials mentioning features or use of this software | ||
32 | * must display the following acknowledgement: | ||
33 | * "This product includes cryptographic software written by | ||
34 | * Eric Young (eay@cryptsoft.com)" | ||
35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
36 | * being used are not cryptographic related :-). | ||
37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
38 | * the apps directory (application code) you must include an acknowledgement: | ||
39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
40 | * | ||
41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
51 | * SUCH DAMAGE. | ||
52 | * | ||
53 | * The licence and distribution terms for any publically available version or | ||
54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
55 | * copied and put under another distribution licence | ||
56 | * [including the GNU Public Licence.] | ||
57 | */ | ||
58 | |||
59 | #undef GENUINE_DSA | ||
60 | |||
61 | #ifdef GENUINE_DSA | ||
62 | /* Parameter generation follows the original release of FIPS PUB 186, | ||
63 | * Appendix 2.2 (i.e. use SHA as defined in FIPS PUB 180) */ | ||
64 | #define HASH EVP_sha() | ||
65 | #else | ||
66 | /* Parameter generation follows the updated Appendix 2.2 for FIPS PUB 186, | ||
67 | * also Appendix 2.2 of FIPS PUB 186-1 (i.e. use SHA as defined in | ||
68 | * FIPS PUB 180-1) */ | ||
69 | #define HASH EVP_sha1() | ||
70 | #endif | ||
71 | |||
72 | #include <stdio.h> | ||
73 | #include <string.h> | ||
74 | #include <time.h> | ||
75 | /*#include "cryptlib.h"*/ | ||
76 | #include <openssl/evp.h> | ||
77 | #include <openssl/bn.h> | ||
78 | #ifndef OPENSSL_NO_DSA | ||
79 | #include <openssl/dsa.h> | ||
80 | #endif | ||
81 | #ifndef OPENSSL_NO_RAND | ||
82 | #include <openssl/rand.h> | ||
83 | #endif | ||
84 | #ifndef OPENSSL_NO_SHA | ||
85 | #include <openssl/sha.h> | ||
86 | #endif | ||
87 | #include <openssl/fips.h> | ||
88 | #include <openssl/err.h> | ||
89 | |||
90 | #ifndef OPENSSL_NO_DSA | ||
91 | #ifdef OPENSSL_FIPS | ||
92 | |||
93 | static int fips_check_dsa(DSA *dsa) | ||
94 | { | ||
95 | static const unsigned char str1[]="12345678901234567890"; | ||
96 | unsigned char sig[256]; | ||
97 | unsigned int siglen; | ||
98 | |||
99 | DSA_sign(0, str1, 20, sig, &siglen, dsa); | ||
100 | if(DSA_verify(0, str1, 20, sig, siglen, dsa) != 1) | ||
101 | { | ||
102 | FIPSerr(FIPS_F_FIPS_CHECK_DSA,FIPS_R_PAIRWISE_TEST_FAILED); | ||
103 | return 0; | ||
104 | } | ||
105 | return 1; | ||
106 | } | ||
107 | |||
108 | DSA *DSA_generate_parameters(FIPS_DSA_SIZE_T bits, | ||
109 | unsigned char *seed_in, FIPS_DSA_SIZE_T seed_len, | ||
110 | int *counter_ret, unsigned long *h_ret, | ||
111 | void (*callback)(int, int, void *), | ||
112 | void *cb_arg) | ||
113 | { | ||
114 | int ok=0; | ||
115 | unsigned char seed[SHA_DIGEST_LENGTH]; | ||
116 | unsigned char md[SHA_DIGEST_LENGTH]; | ||
117 | unsigned char buf[SHA_DIGEST_LENGTH],buf2[SHA_DIGEST_LENGTH]; | ||
118 | BIGNUM *r0,*W,*X,*c,*test; | ||
119 | BIGNUM *g=NULL,*q=NULL,*p=NULL; | ||
120 | BN_MONT_CTX *mont=NULL; | ||
121 | int k,n=0,i,b,m=0; | ||
122 | int counter=0; | ||
123 | int r=0; | ||
124 | BN_CTX *ctx=NULL,*ctx2=NULL,*ctx3=NULL; | ||
125 | unsigned int h=2; | ||
126 | DSA *ret=NULL; | ||
127 | unsigned char *seed_out=seed_in; | ||
128 | |||
129 | if(FIPS_selftest_failed()) | ||
130 | { | ||
131 | FIPSerr(FIPS_F_DSA_GENERATE_PARAMETERS, | ||
132 | FIPS_R_FIPS_SELFTEST_FAILED); | ||
133 | goto err; | ||
134 | } | ||
135 | |||
136 | if (bits < 512) bits=512; | ||
137 | bits=(bits+63)/64*64; | ||
138 | |||
139 | if (seed_len < 20) | ||
140 | seed_in = NULL; /* seed buffer too small -- ignore */ | ||
141 | if (seed_len > 20) | ||
142 | seed_len = 20; /* App. 2.2 of FIPS PUB 186 allows larger SEED, | ||
143 | * but our internal buffers are restricted to 160 bits*/ | ||
144 | if ((seed_in != NULL) && (seed_len == 20)) | ||
145 | memcpy(seed,seed_in,seed_len); | ||
146 | |||
147 | if ((ctx=BN_CTX_new()) == NULL) goto err; | ||
148 | if ((ctx2=BN_CTX_new()) == NULL) goto err; | ||
149 | if ((ctx3=BN_CTX_new()) == NULL) goto err; | ||
150 | if ((ret=DSA_new()) == NULL) goto err; | ||
151 | |||
152 | if ((mont=BN_MONT_CTX_new()) == NULL) goto err; | ||
153 | |||
154 | BN_CTX_start(ctx2); | ||
155 | r0 = BN_CTX_get(ctx2); | ||
156 | g = BN_CTX_get(ctx2); | ||
157 | W = BN_CTX_get(ctx2); | ||
158 | q = BN_CTX_get(ctx2); | ||
159 | X = BN_CTX_get(ctx2); | ||
160 | c = BN_CTX_get(ctx2); | ||
161 | p = BN_CTX_get(ctx2); | ||
162 | test = BN_CTX_get(ctx2); | ||
163 | |||
164 | BN_lshift(test,BN_value_one(),bits-1); | ||
165 | |||
166 | for (;;) | ||
167 | { | ||
168 | for (;;) /* find q */ | ||
169 | { | ||
170 | int seed_is_random; | ||
171 | |||
172 | /* step 1 */ | ||
173 | if (callback != NULL) callback(0,m++,cb_arg); | ||
174 | |||
175 | if (!seed_len) | ||
176 | { | ||
177 | if(RAND_pseudo_bytes(seed,SHA_DIGEST_LENGTH) < 0) | ||
178 | goto err; | ||
179 | seed_is_random = 1; | ||
180 | } | ||
181 | else | ||
182 | { | ||
183 | seed_is_random = 0; | ||
184 | seed_len=0; /* use random seed if 'seed_in' turns out to be bad*/ | ||
185 | } | ||
186 | memcpy(buf,seed,SHA_DIGEST_LENGTH); | ||
187 | memcpy(buf2,seed,SHA_DIGEST_LENGTH); | ||
188 | /* precompute "SEED + 1" for step 7: */ | ||
189 | for (i=SHA_DIGEST_LENGTH-1; i >= 0; i--) | ||
190 | { | ||
191 | buf[i]++; | ||
192 | if (buf[i] != 0) break; | ||
193 | } | ||
194 | |||
195 | /* step 2 */ | ||
196 | EVP_Digest(seed,SHA_DIGEST_LENGTH,md,NULL,HASH, NULL); | ||
197 | EVP_Digest(buf,SHA_DIGEST_LENGTH,buf2,NULL,HASH, NULL); | ||
198 | for (i=0; i<SHA_DIGEST_LENGTH; i++) | ||
199 | md[i]^=buf2[i]; | ||
200 | |||
201 | /* step 3 */ | ||
202 | md[0]|=0x80; | ||
203 | md[SHA_DIGEST_LENGTH-1]|=0x01; | ||
204 | if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,q)) goto err; | ||
205 | |||
206 | /* step 4 */ | ||
207 | r = BN_is_prime_fasttest(q, DSS_prime_checks, callback, ctx3, cb_arg, seed_is_random); | ||
208 | if (r > 0) | ||
209 | break; | ||
210 | if (r != 0) | ||
211 | goto err; | ||
212 | |||
213 | /* do a callback call */ | ||
214 | /* step 5 */ | ||
215 | } | ||
216 | |||
217 | if (callback != NULL) callback(2,0,cb_arg); | ||
218 | if (callback != NULL) callback(3,0,cb_arg); | ||
219 | |||
220 | /* step 6 */ | ||
221 | counter=0; | ||
222 | /* "offset = 2" */ | ||
223 | |||
224 | n=(bits-1)/160; | ||
225 | b=(bits-1)-n*160; | ||
226 | |||
227 | for (;;) | ||
228 | { | ||
229 | if (callback != NULL && counter != 0) | ||
230 | callback(0,counter,cb_arg); | ||
231 | |||
232 | /* step 7 */ | ||
233 | BN_zero(W); | ||
234 | /* now 'buf' contains "SEED + offset - 1" */ | ||
235 | for (k=0; k<=n; k++) | ||
236 | { | ||
237 | /* obtain "SEED + offset + k" by incrementing: */ | ||
238 | for (i=SHA_DIGEST_LENGTH-1; i >= 0; i--) | ||
239 | { | ||
240 | buf[i]++; | ||
241 | if (buf[i] != 0) break; | ||
242 | } | ||
243 | |||
244 | EVP_Digest(buf,SHA_DIGEST_LENGTH,md,NULL,HASH, NULL); | ||
245 | |||
246 | /* step 8 */ | ||
247 | if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,r0)) | ||
248 | goto err; | ||
249 | BN_lshift(r0,r0,160*k); | ||
250 | BN_add(W,W,r0); | ||
251 | } | ||
252 | |||
253 | /* more of step 8 */ | ||
254 | BN_mask_bits(W,bits-1); | ||
255 | BN_copy(X,W); /* this should be ok */ | ||
256 | BN_add(X,X,test); /* this should be ok */ | ||
257 | |||
258 | /* step 9 */ | ||
259 | BN_lshift1(r0,q); | ||
260 | BN_mod(c,X,r0,ctx); | ||
261 | BN_sub(r0,c,BN_value_one()); | ||
262 | BN_sub(p,X,r0); | ||
263 | |||
264 | /* step 10 */ | ||
265 | if (BN_cmp(p,test) >= 0) | ||
266 | { | ||
267 | /* step 11 */ | ||
268 | r = BN_is_prime_fasttest(p, DSS_prime_checks, callback, ctx3, cb_arg, 1); | ||
269 | if (r > 0) | ||
270 | goto end; /* found it */ | ||
271 | if (r != 0) | ||
272 | goto err; | ||
273 | } | ||
274 | |||
275 | /* step 13 */ | ||
276 | counter++; | ||
277 | /* "offset = offset + n + 1" */ | ||
278 | |||
279 | /* step 14 */ | ||
280 | if (counter >= 4096) break; | ||
281 | } | ||
282 | } | ||
283 | end: | ||
284 | if (callback != NULL) callback(2,1,cb_arg); | ||
285 | |||
286 | /* We now need to generate g */ | ||
287 | /* Set r0=(p-1)/q */ | ||
288 | BN_sub(test,p,BN_value_one()); | ||
289 | BN_div(r0,NULL,test,q,ctx); | ||
290 | |||
291 | BN_set_word(test,h); | ||
292 | BN_MONT_CTX_set(mont,p,ctx); | ||
293 | |||
294 | for (;;) | ||
295 | { | ||
296 | /* g=test^r0%p */ | ||
297 | BN_mod_exp_mont(g,test,r0,p,ctx,mont); | ||
298 | if (!BN_is_one(g)) break; | ||
299 | BN_add(test,test,BN_value_one()); | ||
300 | h++; | ||
301 | } | ||
302 | |||
303 | if (callback != NULL) callback(3,1,cb_arg); | ||
304 | |||
305 | ok=1; | ||
306 | err: | ||
307 | if (!ok) | ||
308 | { | ||
309 | if (ret != NULL) DSA_free(ret); | ||
310 | } | ||
311 | else | ||
312 | { | ||
313 | ret->p=BN_dup(p); | ||
314 | ret->q=BN_dup(q); | ||
315 | ret->g=BN_dup(g); | ||
316 | if(seed_out != NULL) memcpy(seed_out,seed,20); | ||
317 | if (counter_ret != NULL) *counter_ret=counter; | ||
318 | if (h_ret != NULL) *h_ret=h; | ||
319 | } | ||
320 | if (ctx != NULL) BN_CTX_free(ctx); | ||
321 | if (ctx2 != NULL) | ||
322 | { | ||
323 | BN_CTX_end(ctx2); | ||
324 | BN_CTX_free(ctx2); | ||
325 | } | ||
326 | if (ctx3 != NULL) BN_CTX_free(ctx3); | ||
327 | if (mont != NULL) BN_MONT_CTX_free(mont); | ||
328 | return(ok?ret:NULL); | ||
329 | } | ||
330 | |||
331 | int DSA_generate_key(DSA *dsa) | ||
332 | { | ||
333 | int ok=0; | ||
334 | BN_CTX *ctx=NULL; | ||
335 | BIGNUM *pub_key=NULL,*priv_key=NULL; | ||
336 | |||
337 | if ((ctx=BN_CTX_new()) == NULL) goto err; | ||
338 | |||
339 | if (dsa->priv_key == NULL) | ||
340 | { | ||
341 | if ((priv_key=BN_new()) == NULL) goto err; | ||
342 | } | ||
343 | else | ||
344 | priv_key=dsa->priv_key; | ||
345 | |||
346 | do | ||
347 | if (!BN_rand_range(priv_key,dsa->q)) goto err; | ||
348 | while (BN_is_zero(priv_key)); | ||
349 | |||
350 | if (dsa->pub_key == NULL) | ||
351 | { | ||
352 | if ((pub_key=BN_new()) == NULL) goto err; | ||
353 | } | ||
354 | else | ||
355 | pub_key=dsa->pub_key; | ||
356 | |||
357 | if (!BN_mod_exp(pub_key,dsa->g,priv_key,dsa->p,ctx)) goto err; | ||
358 | |||
359 | dsa->priv_key=priv_key; | ||
360 | dsa->pub_key=pub_key; | ||
361 | |||
362 | if(!fips_check_dsa(dsa)) | ||
363 | goto err; | ||
364 | |||
365 | ok=1; | ||
366 | |||
367 | err: | ||
368 | if ((pub_key != NULL) && (dsa->pub_key == NULL)) BN_free(pub_key); | ||
369 | if ((priv_key != NULL) && (dsa->priv_key == NULL)) BN_free(priv_key); | ||
370 | if (ctx != NULL) BN_CTX_free(ctx); | ||
371 | return(ok); | ||
372 | } | ||
373 | #endif | ||
374 | #endif | ||
diff --git a/src/lib/libssl/src/fips/dsa/fips_dsa_ossl.c b/src/lib/libssl/src/fips/dsa/fips_dsa_ossl.c deleted file mode 100644 index 0ae5eb4b9e..0000000000 --- a/src/lib/libssl/src/fips/dsa/fips_dsa_ossl.c +++ /dev/null | |||
@@ -1,387 +0,0 @@ | |||
1 | /* crypto/dsa/dsa_ossl.c */ | ||
2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
3 | * All rights reserved. | ||
4 | * | ||
5 | * This package is an SSL implementation written | ||
6 | * by Eric Young (eay@cryptsoft.com). | ||
7 | * The implementation was written so as to conform with Netscapes SSL. | ||
8 | * | ||
9 | * This library is free for commercial and non-commercial use as long as | ||
10 | * the following conditions are aheared to. The following conditions | ||
11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
13 | * included with this distribution is covered by the same copyright terms | ||
14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
15 | * | ||
16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
17 | * the code are not to be removed. | ||
18 | * If this package is used in a product, Eric Young should be given attribution | ||
19 | * as the author of the parts of the library used. | ||
20 | * This can be in the form of a textual message at program startup or | ||
21 | * in documentation (online or textual) provided with the package. | ||
22 | * | ||
23 | * Redistribution and use in source and binary forms, with or without | ||
24 | * modification, are permitted provided that the following conditions | ||
25 | * are met: | ||
26 | * 1. Redistributions of source code must retain the copyright | ||
27 | * notice, this list of conditions and the following disclaimer. | ||
28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
29 | * notice, this list of conditions and the following disclaimer in the | ||
30 | * documentation and/or other materials provided with the distribution. | ||
31 | * 3. All advertising materials mentioning features or use of this software | ||
32 | * must display the following acknowledgement: | ||
33 | * "This product includes cryptographic software written by | ||
34 | * Eric Young (eay@cryptsoft.com)" | ||
35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
36 | * being used are not cryptographic related :-). | ||
37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
38 | * the apps directory (application code) you must include an acknowledgement: | ||
39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
40 | * | ||
41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
51 | * SUCH DAMAGE. | ||
52 | * | ||
53 | * The licence and distribution terms for any publically available version or | ||
54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
55 | * copied and put under another distribution licence | ||
56 | * [including the GNU Public Licence.] | ||
57 | */ | ||
58 | |||
59 | /* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */ | ||
60 | |||
61 | #include <stdio.h> | ||
62 | #include <openssl/bn.h> | ||
63 | #include <openssl/dsa.h> | ||
64 | #include <openssl/rand.h> | ||
65 | #include <openssl/asn1.h> | ||
66 | #ifndef OPENSSL_NO_ENGINE | ||
67 | #include <openssl/engine.h> | ||
68 | #endif | ||
69 | #include <openssl/fips.h> | ||
70 | |||
71 | #ifdef OPENSSL_FIPS | ||
72 | |||
73 | static DSA_SIG *dsa_do_sign(const unsigned char *dgst, FIPS_DSA_SIZE_T dlen, DSA *dsa); | ||
74 | static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp); | ||
75 | static int dsa_do_verify(const unsigned char *dgst, FIPS_DSA_SIZE_T dgst_len, DSA_SIG *sig, | ||
76 | DSA *dsa); | ||
77 | static int dsa_init(DSA *dsa); | ||
78 | static int dsa_finish(DSA *dsa); | ||
79 | static int dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1, | ||
80 | BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx, | ||
81 | BN_MONT_CTX *in_mont); | ||
82 | static int dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p, | ||
83 | const BIGNUM *m, BN_CTX *ctx, | ||
84 | BN_MONT_CTX *m_ctx); | ||
85 | |||
86 | static DSA_METHOD openssl_dsa_meth = { | ||
87 | "OpenSSL FIPS DSA method", | ||
88 | dsa_do_sign, | ||
89 | dsa_sign_setup, | ||
90 | dsa_do_verify, | ||
91 | dsa_mod_exp, | ||
92 | dsa_bn_mod_exp, | ||
93 | dsa_init, | ||
94 | dsa_finish, | ||
95 | 0, | ||
96 | NULL | ||
97 | }; | ||
98 | |||
99 | int FIPS_dsa_check(struct dsa_st *dsa) | ||
100 | { | ||
101 | if(dsa->meth != &openssl_dsa_meth || dsa->meth->dsa_do_sign != dsa_do_sign | ||
102 | || dsa->meth->dsa_sign_setup != dsa_sign_setup | ||
103 | || dsa->meth->dsa_mod_exp != dsa_mod_exp | ||
104 | || dsa->meth->bn_mod_exp != dsa_bn_mod_exp | ||
105 | || dsa->meth->init != dsa_init | ||
106 | || dsa->meth->finish != dsa_finish) | ||
107 | { | ||
108 | FIPSerr(FIPS_F_FIPS_DSA_CHECK,FIPS_R_NON_FIPS_METHOD); | ||
109 | return 0; | ||
110 | } | ||
111 | return 1; | ||
112 | } | ||
113 | |||
114 | const DSA_METHOD *DSA_OpenSSL(void) | ||
115 | { | ||
116 | return &openssl_dsa_meth; | ||
117 | } | ||
118 | |||
119 | static DSA_SIG *dsa_do_sign(const unsigned char *dgst, FIPS_DSA_SIZE_T dlen, DSA *dsa) | ||
120 | { | ||
121 | BIGNUM *kinv=NULL,*r=NULL,*s=NULL; | ||
122 | BIGNUM m; | ||
123 | BIGNUM xr; | ||
124 | BN_CTX *ctx=NULL; | ||
125 | int i,reason=ERR_R_BN_LIB; | ||
126 | DSA_SIG *ret=NULL; | ||
127 | |||
128 | if(FIPS_selftest_failed()) | ||
129 | { | ||
130 | FIPSerr(FIPS_F_DSA_DO_SIGN,FIPS_R_FIPS_SELFTEST_FAILED); | ||
131 | return NULL; | ||
132 | } | ||
133 | |||
134 | BN_init(&m); | ||
135 | BN_init(&xr); | ||
136 | |||
137 | if (!dsa->p || !dsa->q || !dsa->g) | ||
138 | { | ||
139 | reason=DSA_R_MISSING_PARAMETERS; | ||
140 | goto err; | ||
141 | } | ||
142 | |||
143 | s=BN_new(); | ||
144 | if (s == NULL) goto err; | ||
145 | |||
146 | i=BN_num_bytes(dsa->q); /* should be 20 */ | ||
147 | if ((dlen > i) || (dlen > 50)) | ||
148 | { | ||
149 | reason=DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE; | ||
150 | goto err; | ||
151 | } | ||
152 | |||
153 | ctx=BN_CTX_new(); | ||
154 | if (ctx == NULL) goto err; | ||
155 | |||
156 | if ((dsa->kinv == NULL) || (dsa->r == NULL)) | ||
157 | { | ||
158 | if (!DSA_sign_setup(dsa,ctx,&kinv,&r)) goto err; | ||
159 | } | ||
160 | else | ||
161 | { | ||
162 | kinv=dsa->kinv; | ||
163 | dsa->kinv=NULL; | ||
164 | r=dsa->r; | ||
165 | dsa->r=NULL; | ||
166 | } | ||
167 | |||
168 | if (BN_bin2bn(dgst,dlen,&m) == NULL) goto err; | ||
169 | |||
170 | /* Compute s = inv(k) (m + xr) mod q */ | ||
171 | if (!BN_mod_mul(&xr,dsa->priv_key,r,dsa->q,ctx)) goto err;/* s = xr */ | ||
172 | if (!BN_add(s, &xr, &m)) goto err; /* s = m + xr */ | ||
173 | if (BN_cmp(s,dsa->q) > 0) | ||
174 | BN_sub(s,s,dsa->q); | ||
175 | if (!BN_mod_mul(s,s,kinv,dsa->q,ctx)) goto err; | ||
176 | |||
177 | ret=DSA_SIG_new(); | ||
178 | if (ret == NULL) goto err; | ||
179 | ret->r = r; | ||
180 | ret->s = s; | ||
181 | |||
182 | err: | ||
183 | if (!ret) | ||
184 | { | ||
185 | DSAerr(DSA_F_DSA_DO_SIGN,reason); | ||
186 | BN_free(r); | ||
187 | BN_free(s); | ||
188 | } | ||
189 | if (ctx != NULL) BN_CTX_free(ctx); | ||
190 | BN_clear_free(&m); | ||
191 | BN_clear_free(&xr); | ||
192 | if (kinv != NULL) /* dsa->kinv is NULL now if we used it */ | ||
193 | BN_clear_free(kinv); | ||
194 | return(ret); | ||
195 | } | ||
196 | |||
197 | static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) | ||
198 | { | ||
199 | BN_CTX *ctx; | ||
200 | BIGNUM k,*kinv=NULL,*r=NULL; | ||
201 | int ret=0; | ||
202 | |||
203 | if (!dsa->p || !dsa->q || !dsa->g) | ||
204 | { | ||
205 | DSAerr(DSA_F_DSA_SIGN_SETUP,DSA_R_MISSING_PARAMETERS); | ||
206 | return 0; | ||
207 | } | ||
208 | |||
209 | BN_init(&k); | ||
210 | |||
211 | if (ctx_in == NULL) | ||
212 | { | ||
213 | if ((ctx=BN_CTX_new()) == NULL) goto err; | ||
214 | } | ||
215 | else | ||
216 | ctx=ctx_in; | ||
217 | |||
218 | if ((r=BN_new()) == NULL) goto err; | ||
219 | kinv=NULL; | ||
220 | |||
221 | /* Get random k */ | ||
222 | do | ||
223 | if (!BN_rand_range(&k, dsa->q)) goto err; | ||
224 | while (BN_is_zero(&k)); | ||
225 | |||
226 | if ((dsa->method_mont_p == NULL) && (dsa->flags & DSA_FLAG_CACHE_MONT_P)) | ||
227 | { | ||
228 | if ((dsa->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL) | ||
229 | if (!BN_MONT_CTX_set((BN_MONT_CTX *)dsa->method_mont_p, | ||
230 | dsa->p,ctx)) goto err; | ||
231 | } | ||
232 | |||
233 | /* Compute r = (g^k mod p) mod q */ | ||
234 | if (!dsa->meth->bn_mod_exp(dsa, r,dsa->g,&k,dsa->p,ctx, | ||
235 | (BN_MONT_CTX *)dsa->method_mont_p)) goto err; | ||
236 | if (!BN_mod(r,r,dsa->q,ctx)) goto err; | ||
237 | |||
238 | /* Compute part of 's = inv(k) (m + xr) mod q' */ | ||
239 | if ((kinv=BN_mod_inverse(NULL,&k,dsa->q,ctx)) == NULL) goto err; | ||
240 | |||
241 | if (*kinvp != NULL) BN_clear_free(*kinvp); | ||
242 | *kinvp=kinv; | ||
243 | kinv=NULL; | ||
244 | if (*rp != NULL) BN_clear_free(*rp); | ||
245 | *rp=r; | ||
246 | ret=1; | ||
247 | err: | ||
248 | if (!ret) | ||
249 | { | ||
250 | DSAerr(DSA_F_DSA_SIGN_SETUP,ERR_R_BN_LIB); | ||
251 | if (kinv != NULL) BN_clear_free(kinv); | ||
252 | if (r != NULL) BN_clear_free(r); | ||
253 | } | ||
254 | if (ctx_in == NULL) BN_CTX_free(ctx); | ||
255 | if (kinv != NULL) BN_clear_free(kinv); | ||
256 | BN_clear_free(&k); | ||
257 | return(ret); | ||
258 | } | ||
259 | |||
260 | static int dsa_do_verify(const unsigned char *dgst, FIPS_DSA_SIZE_T dgst_len, DSA_SIG *sig, | ||
261 | DSA *dsa) | ||
262 | { | ||
263 | BN_CTX *ctx; | ||
264 | BIGNUM u1,u2,t1; | ||
265 | BN_MONT_CTX *mont=NULL; | ||
266 | int ret = -1; | ||
267 | |||
268 | if (!dsa->p || !dsa->q || !dsa->g) | ||
269 | { | ||
270 | DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_MISSING_PARAMETERS); | ||
271 | return -1; | ||
272 | } | ||
273 | |||
274 | if(FIPS_selftest_failed()) | ||
275 | { | ||
276 | FIPSerr(FIPS_F_DSA_DO_VERIFY,FIPS_R_FIPS_SELFTEST_FAILED); | ||
277 | return -1; | ||
278 | } | ||
279 | |||
280 | BN_init(&u1); | ||
281 | BN_init(&u2); | ||
282 | BN_init(&t1); | ||
283 | |||
284 | if ((ctx=BN_CTX_new()) == NULL) goto err; | ||
285 | |||
286 | if (BN_is_zero(sig->r) || sig->r->neg || BN_ucmp(sig->r, dsa->q) >= 0) | ||
287 | { | ||
288 | ret = 0; | ||
289 | goto err; | ||
290 | } | ||
291 | if (BN_is_zero(sig->s) || sig->s->neg || BN_ucmp(sig->s, dsa->q) >= 0) | ||
292 | { | ||
293 | ret = 0; | ||
294 | goto err; | ||
295 | } | ||
296 | |||
297 | /* Calculate W = inv(S) mod Q | ||
298 | * save W in u2 */ | ||
299 | if ((BN_mod_inverse(&u2,sig->s,dsa->q,ctx)) == NULL) goto err; | ||
300 | |||
301 | /* save M in u1 */ | ||
302 | if (BN_bin2bn(dgst,dgst_len,&u1) == NULL) goto err; | ||
303 | |||
304 | /* u1 = M * w mod q */ | ||
305 | if (!BN_mod_mul(&u1,&u1,&u2,dsa->q,ctx)) goto err; | ||
306 | |||
307 | /* u2 = r * w mod q */ | ||
308 | if (!BN_mod_mul(&u2,sig->r,&u2,dsa->q,ctx)) goto err; | ||
309 | |||
310 | if ((dsa->method_mont_p == NULL) && (dsa->flags & DSA_FLAG_CACHE_MONT_P)) | ||
311 | { | ||
312 | if ((dsa->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL) | ||
313 | if (!BN_MONT_CTX_set((BN_MONT_CTX *)dsa->method_mont_p, | ||
314 | dsa->p,ctx)) goto err; | ||
315 | } | ||
316 | mont=(BN_MONT_CTX *)dsa->method_mont_p; | ||
317 | |||
318 | #if 0 | ||
319 | { | ||
320 | BIGNUM t2; | ||
321 | |||
322 | BN_init(&t2); | ||
323 | /* v = ( g^u1 * y^u2 mod p ) mod q */ | ||
324 | /* let t1 = g ^ u1 mod p */ | ||
325 | if (!BN_mod_exp_mont(&t1,dsa->g,&u1,dsa->p,ctx,mont)) goto err; | ||
326 | /* let t2 = y ^ u2 mod p */ | ||
327 | if (!BN_mod_exp_mont(&t2,dsa->pub_key,&u2,dsa->p,ctx,mont)) goto err; | ||
328 | /* let u1 = t1 * t2 mod p */ | ||
329 | if (!BN_mod_mul(&u1,&t1,&t2,dsa->p,ctx)) goto err_bn; | ||
330 | BN_free(&t2); | ||
331 | } | ||
332 | /* let u1 = u1 mod q */ | ||
333 | if (!BN_mod(&u1,&u1,dsa->q,ctx)) goto err; | ||
334 | #else | ||
335 | { | ||
336 | if (!dsa->meth->dsa_mod_exp(dsa, &t1,dsa->g,&u1,dsa->pub_key,&u2, | ||
337 | dsa->p,ctx,mont)) goto err; | ||
338 | /* BN_copy(&u1,&t1); */ | ||
339 | /* let u1 = u1 mod q */ | ||
340 | if (!BN_mod(&u1,&t1,dsa->q,ctx)) goto err; | ||
341 | } | ||
342 | #endif | ||
343 | /* V is now in u1. If the signature is correct, it will be | ||
344 | * equal to R. */ | ||
345 | ret=(BN_ucmp(&u1, sig->r) == 0); | ||
346 | |||
347 | err: | ||
348 | if (ret != 1) DSAerr(DSA_F_DSA_DO_VERIFY,ERR_R_BN_LIB); | ||
349 | if (ctx != NULL) BN_CTX_free(ctx); | ||
350 | BN_free(&u1); | ||
351 | BN_free(&u2); | ||
352 | BN_free(&t1); | ||
353 | return(ret); | ||
354 | } | ||
355 | |||
356 | static int dsa_init(DSA *dsa) | ||
357 | { | ||
358 | dsa->flags|=DSA_FLAG_CACHE_MONT_P; | ||
359 | return(1); | ||
360 | } | ||
361 | |||
362 | static int dsa_finish(DSA *dsa) | ||
363 | { | ||
364 | if(dsa->method_mont_p) | ||
365 | BN_MONT_CTX_free((BN_MONT_CTX *)dsa->method_mont_p); | ||
366 | return(1); | ||
367 | } | ||
368 | |||
369 | static int dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1, | ||
370 | BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx, | ||
371 | BN_MONT_CTX *in_mont) | ||
372 | { | ||
373 | return BN_mod_exp2_mont(rr, a1, p1, a2, p2, m, ctx, in_mont); | ||
374 | } | ||
375 | |||
376 | static int dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p, | ||
377 | const BIGNUM *m, BN_CTX *ctx, | ||
378 | BN_MONT_CTX *m_ctx) | ||
379 | { | ||
380 | return BN_mod_exp_mont(r, a, p, m, ctx, m_ctx); | ||
381 | } | ||
382 | |||
383 | #else /* ndef OPENSSL_FIPS */ | ||
384 | |||
385 | static void *dummy=&dummy; | ||
386 | |||
387 | #endif /* ndef OPENSSL_FIPS */ | ||
diff --git a/src/lib/libssl/src/fips/dsa/fips_dsa_selftest.c b/src/lib/libssl/src/fips/dsa/fips_dsa_selftest.c deleted file mode 100644 index 2c88f0af44..0000000000 --- a/src/lib/libssl/src/fips/dsa/fips_dsa_selftest.c +++ /dev/null | |||
@@ -1,168 +0,0 @@ | |||
1 | /* crypto/dsa/dsatest.c */ | ||
2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
3 | * All rights reserved. | ||
4 | * | ||
5 | * This package is an SSL implementation written | ||
6 | * by Eric Young (eay@cryptsoft.com). | ||
7 | * The implementation was written so as to conform with Netscapes SSL. | ||
8 | * | ||
9 | * This library is free for commercial and non-commercial use as long as | ||
10 | * the following conditions are aheared to. The following conditions | ||
11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
13 | * included with this distribution is covered by the same copyright terms | ||
14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
15 | * | ||
16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
17 | * the code are not to be removed. | ||
18 | * If this package is used in a product, Eric Young should be given attribution | ||
19 | * as the author of the parts of the library used. | ||
20 | * This can be in the form of a textual message at program startup or | ||
21 | * in documentation (online or textual) provided with the package. | ||
22 | * | ||
23 | * Redistribution and use in source and binary forms, with or without | ||
24 | * modification, are permitted provided that the following conditions | ||
25 | * are met: | ||
26 | * 1. Redistributions of source code must retain the copyright | ||
27 | * notice, this list of conditions and the following disclaimer. | ||
28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
29 | * notice, this list of conditions and the following disclaimer in the | ||
30 | * documentation and/or other materials provided with the distribution. | ||
31 | * 3. All advertising materials mentioning features or use of this software | ||
32 | * must display the following acknowledgement: | ||
33 | * "This product includes cryptographic software written by | ||
34 | * Eric Young (eay@cryptsoft.com)" | ||
35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
36 | * being used are not cryptographic related :-). | ||
37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
38 | * the apps directory (application code) you must include an acknowledgement: | ||
39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
40 | * | ||
41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
51 | * SUCH DAMAGE. | ||
52 | * | ||
53 | * The licence and distribution terms for any publically available version or | ||
54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
55 | * copied and put under another distribution licence | ||
56 | * [including the GNU Public Licence.] | ||
57 | */ | ||
58 | |||
59 | #include <string.h> | ||
60 | #include <openssl/crypto.h> | ||
61 | #include <openssl/dsa.h> | ||
62 | #include <openssl/fips.h> | ||
63 | #include <openssl/err.h> | ||
64 | |||
65 | #ifdef OPENSSL_FIPS | ||
66 | |||
67 | /* seed, out_p, out_q, out_g are taken from the updated Appendix 5 to | ||
68 | * FIPS PUB 186 and also appear in Appendix 5 to FIPS PIB 186-1 */ | ||
69 | static unsigned char seed[20]={ | ||
70 | 0xd5,0x01,0x4e,0x4b,0x60,0xef,0x2b,0xa8,0xb6,0x21,0x1b,0x40, | ||
71 | 0x62,0xba,0x32,0x24,0xe0,0x42,0x7d,0xd3, | ||
72 | }; | ||
73 | |||
74 | static unsigned char out_p[]={ | ||
75 | 0x8d,0xf2,0xa4,0x94,0x49,0x22,0x76,0xaa, | ||
76 | 0x3d,0x25,0x75,0x9b,0xb0,0x68,0x69,0xcb, | ||
77 | 0xea,0xc0,0xd8,0x3a,0xfb,0x8d,0x0c,0xf7, | ||
78 | 0xcb,0xb8,0x32,0x4f,0x0d,0x78,0x82,0xe5, | ||
79 | 0xd0,0x76,0x2f,0xc5,0xb7,0x21,0x0e,0xaf, | ||
80 | 0xc2,0xe9,0xad,0xac,0x32,0xab,0x7a,0xac, | ||
81 | 0x49,0x69,0x3d,0xfb,0xf8,0x37,0x24,0xc2, | ||
82 | 0xec,0x07,0x36,0xee,0x31,0xc8,0x02,0x91, | ||
83 | }; | ||
84 | |||
85 | static unsigned char out_q[]={ | ||
86 | 0xc7,0x73,0x21,0x8c,0x73,0x7e,0xc8,0xee, | ||
87 | 0x99,0x3b,0x4f,0x2d,0xed,0x30,0xf4,0x8e, | ||
88 | 0xda,0xce,0x91,0x5f, | ||
89 | }; | ||
90 | |||
91 | static unsigned char out_g[]={ | ||
92 | 0x62,0x6d,0x02,0x78,0x39,0xea,0x0a,0x13, | ||
93 | 0x41,0x31,0x63,0xa5,0x5b,0x4c,0xb5,0x00, | ||
94 | 0x29,0x9d,0x55,0x22,0x95,0x6c,0xef,0xcb, | ||
95 | 0x3b,0xff,0x10,0xf3,0x99,0xce,0x2c,0x2e, | ||
96 | 0x71,0xcb,0x9d,0xe5,0xfa,0x24,0xba,0xbf, | ||
97 | 0x58,0xe5,0xb7,0x95,0x21,0x92,0x5c,0x9c, | ||
98 | 0xc4,0x2e,0x9f,0x6f,0x46,0x4b,0x08,0x8c, | ||
99 | 0xc5,0x72,0xaf,0x53,0xe6,0xd7,0x88,0x02, | ||
100 | }; | ||
101 | |||
102 | static const unsigned char str1[]="12345678901234567890"; | ||
103 | |||
104 | void FIPS_corrupt_dsa() | ||
105 | { | ||
106 | ++seed[0]; | ||
107 | } | ||
108 | |||
109 | int FIPS_selftest_dsa() | ||
110 | { | ||
111 | DSA *dsa=NULL; | ||
112 | int counter,i,j; | ||
113 | unsigned char buf[256]; | ||
114 | unsigned long h; | ||
115 | unsigned char sig[256]; | ||
116 | unsigned int siglen; | ||
117 | |||
118 | dsa=DSA_generate_parameters(512,seed,20,&counter,&h,NULL,NULL); | ||
119 | |||
120 | if(dsa == NULL) | ||
121 | { | ||
122 | FIPSerr(FIPS_F_FIPS_SELFTEST_DSA,FIPS_R_SELFTEST_FAILED); | ||
123 | return 0; | ||
124 | } | ||
125 | if (counter != 105) | ||
126 | { | ||
127 | FIPSerr(FIPS_F_FIPS_SELFTEST_DSA,FIPS_R_SELFTEST_FAILED); | ||
128 | return 0; | ||
129 | } | ||
130 | if (h != 2) | ||
131 | { | ||
132 | FIPSerr(FIPS_F_FIPS_SELFTEST_DSA,FIPS_R_SELFTEST_FAILED); | ||
133 | return 0; | ||
134 | } | ||
135 | i=BN_bn2bin(dsa->q,buf); | ||
136 | j=sizeof(out_q); | ||
137 | if (i != j || memcmp(buf,out_q,i) != 0) | ||
138 | { | ||
139 | FIPSerr(FIPS_F_FIPS_SELFTEST_DSA,FIPS_R_SELFTEST_FAILED); | ||
140 | return 0; | ||
141 | } | ||
142 | |||
143 | i=BN_bn2bin(dsa->p,buf); | ||
144 | j=sizeof(out_p); | ||
145 | if (i != j || memcmp(buf,out_p,i) != 0) | ||
146 | { | ||
147 | FIPSerr(FIPS_F_FIPS_SELFTEST_DSA,FIPS_R_SELFTEST_FAILED); | ||
148 | return 0; | ||
149 | } | ||
150 | |||
151 | i=BN_bn2bin(dsa->g,buf); | ||
152 | j=sizeof(out_g); | ||
153 | if (i != j || memcmp(buf,out_g,i) != 0) | ||
154 | { | ||
155 | FIPSerr(FIPS_F_FIPS_SELFTEST_DSA,FIPS_R_SELFTEST_FAILED); | ||
156 | return 0; | ||
157 | } | ||
158 | DSA_generate_key(dsa); | ||
159 | DSA_sign(0, str1, 20, sig, &siglen, dsa); | ||
160 | if(DSA_verify(0, str1, 20, sig, siglen, dsa) != 1) | ||
161 | { | ||
162 | FIPSerr(FIPS_F_FIPS_SELFTEST_DSA,FIPS_R_SELFTEST_FAILED); | ||
163 | return 0; | ||
164 | } | ||
165 | DSA_free(dsa); | ||
166 | return 1; | ||
167 | } | ||
168 | #endif | ||
diff --git a/src/lib/libssl/src/fips/dsa/fips_dsatest.c b/src/lib/libssl/src/fips/dsa/fips_dsatest.c deleted file mode 100644 index 7215940ede..0000000000 --- a/src/lib/libssl/src/fips/dsa/fips_dsatest.c +++ /dev/null | |||
@@ -1,257 +0,0 @@ | |||
1 | /* crypto/dsa/dsatest.c */ | ||
2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
3 | * All rights reserved. | ||
4 | * | ||
5 | * This package is an SSL implementation written | ||
6 | * by Eric Young (eay@cryptsoft.com). | ||
7 | * The implementation was written so as to conform with Netscapes SSL. | ||
8 | * | ||
9 | * This library is free for commercial and non-commercial use as long as | ||
10 | * the following conditions are aheared to. The following conditions | ||
11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
13 | * included with this distribution is covered by the same copyright terms | ||
14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
15 | * | ||
16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
17 | * the code are not to be removed. | ||
18 | * If this package is used in a product, Eric Young should be given attribution | ||
19 | * as the author of the parts of the library used. | ||
20 | * This can be in the form of a textual message at program startup or | ||
21 | * in documentation (online or textual) provided with the package. | ||
22 | * | ||
23 | * Redistribution and use in source and binary forms, with or without | ||
24 | * modification, are permitted provided that the following conditions | ||
25 | * are met: | ||
26 | * 1. Redistributions of source code must retain the copyright | ||
27 | * notice, this list of conditions and the following disclaimer. | ||
28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
29 | * notice, this list of conditions and the following disclaimer in the | ||
30 | * documentation and/or other materials provided with the distribution. | ||
31 | * 3. All advertising materials mentioning features or use of this software | ||
32 | * must display the following acknowledgement: | ||
33 | * "This product includes cryptographic software written by | ||
34 | * Eric Young (eay@cryptsoft.com)" | ||
35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
36 | * being used are not cryptographic related :-). | ||
37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
38 | * the apps directory (application code) you must include an acknowledgement: | ||
39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
40 | * | ||
41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
51 | * SUCH DAMAGE. | ||
52 | * | ||
53 | * The licence and distribution terms for any publically available version or | ||
54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
55 | * copied and put under another distribution licence | ||
56 | * [including the GNU Public Licence.] | ||
57 | */ | ||
58 | |||
59 | #include <stdio.h> | ||
60 | #include <stdlib.h> | ||
61 | #include <string.h> | ||
62 | #include <sys/types.h> | ||
63 | #include <sys/stat.h> | ||
64 | |||
65 | #include "e_os.h" | ||
66 | |||
67 | #include <openssl/crypto.h> | ||
68 | #include <openssl/rand.h> | ||
69 | #include <openssl/bio.h> | ||
70 | #include <openssl/err.h> | ||
71 | #ifndef OPENSSL_NO_ENGINE | ||
72 | #include <openssl/engine.h> | ||
73 | #endif | ||
74 | #include <openssl/fips.h> | ||
75 | #include <openssl/fips_rand.h> | ||
76 | |||
77 | #if defined(OPENSSL_NO_DSA) || !defined(OPENSSL_FIPS) | ||
78 | int main(int argc, char *argv[]) | ||
79 | { | ||
80 | printf("No FIPS DSA support\n"); | ||
81 | return(0); | ||
82 | } | ||
83 | #else | ||
84 | #include <openssl/dsa.h> | ||
85 | |||
86 | #ifdef OPENSSL_SYS_WIN16 | ||
87 | #define MS_CALLBACK _far _loadds | ||
88 | #else | ||
89 | #define MS_CALLBACK | ||
90 | #endif | ||
91 | |||
92 | static void MS_CALLBACK dsa_cb(int p, int n, void *arg); | ||
93 | |||
94 | /* seed, out_p, out_q, out_g are taken from the updated Appendix 5 to | ||
95 | * FIPS PUB 186 and also appear in Appendix 5 to FIPS PIB 186-1 */ | ||
96 | static unsigned char seed[20]={ | ||
97 | 0xd5,0x01,0x4e,0x4b,0x60,0xef,0x2b,0xa8,0xb6,0x21,0x1b,0x40, | ||
98 | 0x62,0xba,0x32,0x24,0xe0,0x42,0x7d,0xd3, | ||
99 | }; | ||
100 | |||
101 | static unsigned char out_p[]={ | ||
102 | 0x8d,0xf2,0xa4,0x94,0x49,0x22,0x76,0xaa, | ||
103 | 0x3d,0x25,0x75,0x9b,0xb0,0x68,0x69,0xcb, | ||
104 | 0xea,0xc0,0xd8,0x3a,0xfb,0x8d,0x0c,0xf7, | ||
105 | 0xcb,0xb8,0x32,0x4f,0x0d,0x78,0x82,0xe5, | ||
106 | 0xd0,0x76,0x2f,0xc5,0xb7,0x21,0x0e,0xaf, | ||
107 | 0xc2,0xe9,0xad,0xac,0x32,0xab,0x7a,0xac, | ||
108 | 0x49,0x69,0x3d,0xfb,0xf8,0x37,0x24,0xc2, | ||
109 | 0xec,0x07,0x36,0xee,0x31,0xc8,0x02,0x91, | ||
110 | }; | ||
111 | |||
112 | static unsigned char out_q[]={ | ||
113 | 0xc7,0x73,0x21,0x8c,0x73,0x7e,0xc8,0xee, | ||
114 | 0x99,0x3b,0x4f,0x2d,0xed,0x30,0xf4,0x8e, | ||
115 | 0xda,0xce,0x91,0x5f, | ||
116 | }; | ||
117 | |||
118 | static unsigned char out_g[]={ | ||
119 | 0x62,0x6d,0x02,0x78,0x39,0xea,0x0a,0x13, | ||
120 | 0x41,0x31,0x63,0xa5,0x5b,0x4c,0xb5,0x00, | ||
121 | 0x29,0x9d,0x55,0x22,0x95,0x6c,0xef,0xcb, | ||
122 | 0x3b,0xff,0x10,0xf3,0x99,0xce,0x2c,0x2e, | ||
123 | 0x71,0xcb,0x9d,0xe5,0xfa,0x24,0xba,0xbf, | ||
124 | 0x58,0xe5,0xb7,0x95,0x21,0x92,0x5c,0x9c, | ||
125 | 0xc4,0x2e,0x9f,0x6f,0x46,0x4b,0x08,0x8c, | ||
126 | 0xc5,0x72,0xaf,0x53,0xe6,0xd7,0x88,0x02, | ||
127 | }; | ||
128 | |||
129 | static const unsigned char str1[]="12345678901234567890"; | ||
130 | |||
131 | static const char rnd_seed[] = "string to make the random number generator think it has entropy"; | ||
132 | static const unsigned char rnd_key1[]="12345678"; | ||
133 | static const unsigned char rnd_key2[]="abcdefgh"; | ||
134 | |||
135 | static BIO *bio_err=NULL; | ||
136 | |||
137 | int main(int argc, char **argv) | ||
138 | { | ||
139 | DSA *dsa=NULL; | ||
140 | int counter,ret=0,i,j; | ||
141 | unsigned char buf[256]; | ||
142 | unsigned long h; | ||
143 | unsigned char sig[256]; | ||
144 | unsigned int siglen; | ||
145 | |||
146 | if (bio_err == NULL) | ||
147 | bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); | ||
148 | |||
149 | #ifdef OPENSSL_FIPS | ||
150 | if(!FIPS_mode_set(1,argv[0])) | ||
151 | { | ||
152 | ERR_print_errors(bio_err); | ||
153 | EXIT(1); | ||
154 | } | ||
155 | #endif | ||
156 | CRYPTO_malloc_debug_init(); | ||
157 | CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL); | ||
158 | CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); | ||
159 | |||
160 | ERR_load_crypto_strings(); | ||
161 | FIPS_set_prng_key(rnd_key1,rnd_key2); | ||
162 | RAND_seed(rnd_seed, sizeof rnd_seed); | ||
163 | |||
164 | BIO_printf(bio_err,"test generation of DSA parameters\n"); | ||
165 | |||
166 | dsa=DSA_generate_parameters(512,seed,20,&counter,&h,dsa_cb,bio_err); | ||
167 | |||
168 | BIO_printf(bio_err,"seed\n"); | ||
169 | for (i=0; i<20; i+=4) | ||
170 | { | ||
171 | BIO_printf(bio_err,"%02X%02X%02X%02X ", | ||
172 | seed[i],seed[i+1],seed[i+2],seed[i+3]); | ||
173 | } | ||
174 | BIO_printf(bio_err,"\ncounter=%d h=%d\n",counter,h); | ||
175 | |||
176 | if (dsa == NULL) goto end; | ||
177 | DSA_print(bio_err,dsa,0); | ||
178 | if (counter != 105) | ||
179 | { | ||
180 | BIO_printf(bio_err,"counter should be 105\n"); | ||
181 | goto end; | ||
182 | } | ||
183 | if (h != 2) | ||
184 | { | ||
185 | BIO_printf(bio_err,"h should be 2\n"); | ||
186 | goto end; | ||
187 | } | ||
188 | |||
189 | i=BN_bn2bin(dsa->q,buf); | ||
190 | j=sizeof(out_q); | ||
191 | if ((i != j) || (memcmp(buf,out_q,i) != 0)) | ||
192 | { | ||
193 | BIO_printf(bio_err,"q value is wrong\n"); | ||
194 | goto end; | ||
195 | } | ||
196 | |||
197 | i=BN_bn2bin(dsa->p,buf); | ||
198 | j=sizeof(out_p); | ||
199 | if ((i != j) || (memcmp(buf,out_p,i) != 0)) | ||
200 | { | ||
201 | BIO_printf(bio_err,"p value is wrong\n"); | ||
202 | goto end; | ||
203 | } | ||
204 | |||
205 | i=BN_bn2bin(dsa->g,buf); | ||
206 | j=sizeof(out_g); | ||
207 | if ((i != j) || (memcmp(buf,out_g,i) != 0)) | ||
208 | { | ||
209 | BIO_printf(bio_err,"g value is wrong\n"); | ||
210 | goto end; | ||
211 | } | ||
212 | DSA_generate_key(dsa); | ||
213 | DSA_sign(0, str1, 20, sig, &siglen, dsa); | ||
214 | if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1) | ||
215 | ret=1; | ||
216 | end: | ||
217 | if (!ret) | ||
218 | ERR_print_errors(bio_err); | ||
219 | if (dsa != NULL) DSA_free(dsa); | ||
220 | CRYPTO_cleanup_all_ex_data(); | ||
221 | ERR_remove_state(0); | ||
222 | ERR_free_strings(); | ||
223 | CRYPTO_mem_leaks(bio_err); | ||
224 | if (bio_err != NULL) | ||
225 | { | ||
226 | BIO_free(bio_err); | ||
227 | bio_err = NULL; | ||
228 | } | ||
229 | EXIT(!ret); | ||
230 | return(!ret); | ||
231 | } | ||
232 | |||
233 | static int cb_exit(int ec) | ||
234 | { | ||
235 | EXIT(ec); | ||
236 | return(0); /* To keep some compilers quiet */ | ||
237 | } | ||
238 | |||
239 | static void MS_CALLBACK dsa_cb(int p, int n, void *arg) | ||
240 | { | ||
241 | char c='*'; | ||
242 | static int ok=0,num=0; | ||
243 | |||
244 | if (p == 0) { c='.'; num++; }; | ||
245 | if (p == 1) c='+'; | ||
246 | if (p == 2) { c='*'; ok++; } | ||
247 | if (p == 3) c='\n'; | ||
248 | BIO_write(arg,&c,1); | ||
249 | (void)BIO_flush(arg); | ||
250 | |||
251 | if (!ok && (p == 0) && (num > 1)) | ||
252 | { | ||
253 | BIO_printf((BIO *)arg,"error in dsatest\n"); | ||
254 | cb_exit(1); | ||
255 | } | ||
256 | } | ||
257 | #endif | ||
diff --git a/src/lib/libssl/src/fips/dsa/fips_dssvs.c b/src/lib/libssl/src/fips/dsa/fips_dssvs.c deleted file mode 100644 index 50a4d96986..0000000000 --- a/src/lib/libssl/src/fips/dsa/fips_dssvs.c +++ /dev/null | |||
@@ -1,306 +0,0 @@ | |||
1 | #include <openssl/bn.h> | ||
2 | #include <openssl/dsa.h> | ||
3 | #include <openssl/fips.h> | ||
4 | #include <openssl/err.h> | ||
5 | #include <openssl/sha.h> | ||
6 | #include <string.h> | ||
7 | |||
8 | int hex2bin(const char *in, unsigned char *out) | ||
9 | { | ||
10 | int n1, n2; | ||
11 | unsigned char ch; | ||
12 | |||
13 | for (n1=0,n2=0 ; in[n1] && in[n1] != '\n' ; ) | ||
14 | { /* first byte */ | ||
15 | if ((in[n1] >= '0') && (in[n1] <= '9')) | ||
16 | ch = in[n1++] - '0'; | ||
17 | else if ((in[n1] >= 'A') && (in[n1] <= 'F')) | ||
18 | ch = in[n1++] - 'A' + 10; | ||
19 | else if ((in[n1] >= 'a') && (in[n1] <= 'f')) | ||
20 | ch = in[n1++] - 'a' + 10; | ||
21 | else | ||
22 | return -1; | ||
23 | if(!in[n1]) | ||
24 | { | ||
25 | out[n2++]=ch; | ||
26 | break; | ||
27 | } | ||
28 | out[n2] = ch << 4; | ||
29 | /* second byte */ | ||
30 | if ((in[n1] >= '0') && (in[n1] <= '9')) | ||
31 | ch = in[n1++] - '0'; | ||
32 | else if ((in[n1] >= 'A') && (in[n1] <= 'F')) | ||
33 | ch = in[n1++] - 'A' + 10; | ||
34 | else if ((in[n1] >= 'a') && (in[n1] <= 'f')) | ||
35 | ch = in[n1++] - 'a' + 10; | ||
36 | else | ||
37 | return -1; | ||
38 | out[n2++] |= ch; | ||
39 | } | ||
40 | return n2; | ||
41 | } | ||
42 | |||
43 | BIGNUM *hex2bn(const char *in) | ||
44 | { | ||
45 | BIGNUM *p=BN_new(); | ||
46 | |||
47 | BN_hex2bn(&p,in); | ||
48 | |||
49 | return p; | ||
50 | } | ||
51 | |||
52 | int bin2hex(const unsigned char *in,int len,char *out) | ||
53 | { | ||
54 | int n1, n2; | ||
55 | unsigned char ch; | ||
56 | |||
57 | for (n1=0,n2=0 ; n1 < len ; ++n1) | ||
58 | { | ||
59 | ch=in[n1] >> 4; | ||
60 | if (ch <= 0x09) | ||
61 | out[n2++]=ch+'0'; | ||
62 | else | ||
63 | out[n2++]=ch-10+'a'; | ||
64 | ch=in[n1] & 0x0f; | ||
65 | if(ch <= 0x09) | ||
66 | out[n2++]=ch+'0'; | ||
67 | else | ||
68 | out[n2++]=ch-10+'a'; | ||
69 | } | ||
70 | out[n2]='\0'; | ||
71 | return n2; | ||
72 | } | ||
73 | |||
74 | void pv(const char *tag,const unsigned char *val,int len) | ||
75 | { | ||
76 | char obuf[2048]; | ||
77 | |||
78 | bin2hex(val,len,obuf); | ||
79 | printf("%s = %s\n",tag,obuf); | ||
80 | } | ||
81 | |||
82 | void pbn(const char *tag,const BIGNUM *val) | ||
83 | { | ||
84 | printf("%s = %s\n",tag,BN_bn2hex(val)); | ||
85 | } | ||
86 | |||
87 | void primes() | ||
88 | { | ||
89 | char buf[10240]; | ||
90 | |||
91 | while(fgets(buf,sizeof buf,stdin) != NULL) | ||
92 | { | ||
93 | fputs(buf,stdout); | ||
94 | if(!strncmp(buf,"Prime= ",7)) | ||
95 | { | ||
96 | BIGNUM *pp; | ||
97 | |||
98 | pp=BN_new(); | ||
99 | BN_hex2bn(&pp,buf+7); | ||
100 | printf("result= %c\n", | ||
101 | BN_is_prime(pp,20,NULL,NULL,NULL) ? 'P' : 'F'); | ||
102 | } | ||
103 | } | ||
104 | } | ||
105 | |||
106 | void pqg() | ||
107 | { | ||
108 | char buf[1024]; | ||
109 | int nmod=0; | ||
110 | |||
111 | while(fgets(buf,sizeof buf,stdin) != NULL) | ||
112 | { | ||
113 | if(!strncmp(buf,"[mod = ",7)) | ||
114 | nmod=atoi(buf+7); | ||
115 | else if(!strncmp(buf,"N = ",4)) | ||
116 | { | ||
117 | int n=atoi(buf+4); | ||
118 | |||
119 | printf("[mod = %d]\n\n",nmod); | ||
120 | |||
121 | while(n--) | ||
122 | { | ||
123 | unsigned char seed[20]; | ||
124 | DSA *dsa; | ||
125 | int counter; | ||
126 | unsigned long h; | ||
127 | |||
128 | dsa=DSA_generate_parameters(nmod,seed,0,&counter,&h,NULL,NULL); | ||
129 | printf("P = %s\n",BN_bn2hex(dsa->p)); | ||
130 | printf("Q = %s\n",BN_bn2hex(dsa->q)); | ||
131 | printf("G = %s\n",BN_bn2hex(dsa->g)); | ||
132 | pv("Seed",seed,20); | ||
133 | printf("c = %d\n",counter); | ||
134 | printf("H = %lx\n",h); | ||
135 | putc('\n',stdout); | ||
136 | } | ||
137 | } | ||
138 | else | ||
139 | fputs(buf,stdout); | ||
140 | } | ||
141 | } | ||
142 | |||
143 | void keypair() | ||
144 | { | ||
145 | char buf[1024]; | ||
146 | int nmod=0; | ||
147 | |||
148 | while(fgets(buf,sizeof buf,stdin) != NULL) | ||
149 | { | ||
150 | if(!strncmp(buf,"[mod = ",7)) | ||
151 | nmod=atoi(buf+7); | ||
152 | else if(!strncmp(buf,"N = ",4)) | ||
153 | { | ||
154 | DSA *dsa; | ||
155 | int n=atoi(buf+4); | ||
156 | |||
157 | printf("[mod = %d]\n\n",nmod); | ||
158 | |||
159 | dsa=DSA_generate_parameters(nmod,NULL,0,NULL,NULL,NULL,NULL); | ||
160 | pbn("P",dsa->p); | ||
161 | pbn("Q",dsa->q); | ||
162 | pbn("G",dsa->g); | ||
163 | putc('\n',stdout); | ||
164 | |||
165 | while(n--) | ||
166 | { | ||
167 | DSA_generate_key(dsa); | ||
168 | |||
169 | pbn("X",dsa->priv_key); | ||
170 | pbn("Y",dsa->pub_key); | ||
171 | putc('\n',stdout); | ||
172 | } | ||
173 | } | ||
174 | } | ||
175 | } | ||
176 | |||
177 | void siggen() | ||
178 | { | ||
179 | char buf[1024]; | ||
180 | int nmod=0; | ||
181 | DSA *dsa=NULL; | ||
182 | |||
183 | while(fgets(buf,sizeof buf,stdin) != NULL) | ||
184 | { | ||
185 | if(!strncmp(buf,"[mod = ",7)) | ||
186 | { | ||
187 | nmod=atoi(buf+7); | ||
188 | printf("[mod = %d]\n\n",nmod); | ||
189 | |||
190 | dsa=DSA_generate_parameters(nmod,NULL,0,NULL,NULL,NULL,NULL); | ||
191 | pbn("P",dsa->p); | ||
192 | pbn("Q",dsa->q); | ||
193 | pbn("G",dsa->g); | ||
194 | putc('\n',stdout); | ||
195 | } | ||
196 | else if(!strncmp(buf,"Msg = ",6)) | ||
197 | { | ||
198 | unsigned char msg[1024]; | ||
199 | unsigned char hash[20]; | ||
200 | int n; | ||
201 | DSA_SIG *sig; | ||
202 | |||
203 | n=hex2bin(buf+6,msg); | ||
204 | pv("Msg",msg,n); | ||
205 | |||
206 | DSA_generate_key(dsa); | ||
207 | pbn("Y",dsa->pub_key); | ||
208 | |||
209 | SHA1(msg,n,hash); | ||
210 | sig=DSA_do_sign(hash,sizeof hash,dsa); | ||
211 | pbn("R",sig->r); | ||
212 | pbn("S",sig->s); | ||
213 | putc('\n',stdout); | ||
214 | } | ||
215 | } | ||
216 | } | ||
217 | |||
218 | void sigver() | ||
219 | { | ||
220 | DSA *dsa=NULL; | ||
221 | char buf[1024]; | ||
222 | int nmod=0; | ||
223 | unsigned char hash[20]; | ||
224 | DSA_SIG *sig=DSA_SIG_new(); | ||
225 | |||
226 | while(fgets(buf,sizeof buf,stdin) != NULL) | ||
227 | { | ||
228 | if(!strncmp(buf,"[mod = ",7)) | ||
229 | { | ||
230 | nmod=atoi(buf+7); | ||
231 | if(dsa) | ||
232 | DSA_free(dsa); | ||
233 | dsa=DSA_new(); | ||
234 | } | ||
235 | else if(!strncmp(buf,"P = ",4)) | ||
236 | dsa->p=hex2bn(buf+4); | ||
237 | else if(!strncmp(buf,"Q = ",4)) | ||
238 | dsa->q=hex2bn(buf+4); | ||
239 | else if(!strncmp(buf,"G = ",4)) | ||
240 | { | ||
241 | dsa->g=hex2bn(buf+4); | ||
242 | |||
243 | printf("[mod = %d]\n\n",nmod); | ||
244 | pbn("P",dsa->p); | ||
245 | pbn("Q",dsa->q); | ||
246 | pbn("G",dsa->g); | ||
247 | putc('\n',stdout); | ||
248 | } | ||
249 | else if(!strncmp(buf,"Msg = ",6)) | ||
250 | { | ||
251 | unsigned char msg[1024]; | ||
252 | int n; | ||
253 | |||
254 | n=hex2bin(buf+6,msg); | ||
255 | pv("Msg",msg,n); | ||
256 | SHA1(msg,n,hash); | ||
257 | } | ||
258 | else if(!strncmp(buf,"Y = ",4)) | ||
259 | dsa->pub_key=hex2bn(buf+4); | ||
260 | else if(!strncmp(buf,"R = ",4)) | ||
261 | sig->r=hex2bn(buf+4); | ||
262 | else if(!strncmp(buf,"S = ",4)) | ||
263 | { | ||
264 | sig->s=hex2bn(buf+4); | ||
265 | |||
266 | pbn("Y",dsa->pub_key); | ||
267 | pbn("R",sig->r); | ||
268 | pbn("S",sig->s); | ||
269 | printf("Result = %c\n",DSA_do_verify(hash,sizeof hash,sig,dsa) | ||
270 | ? 'P' : 'F'); | ||
271 | putc('\n',stdout); | ||
272 | } | ||
273 | } | ||
274 | } | ||
275 | |||
276 | int main(int argc,char **argv) | ||
277 | { | ||
278 | if(argc != 2) | ||
279 | { | ||
280 | fprintf(stderr,"%s [prime|pqg]\n",argv[0]); | ||
281 | exit(1); | ||
282 | } | ||
283 | if(!FIPS_mode_set(1,argv[0])) | ||
284 | { | ||
285 | ERR_load_crypto_strings(); | ||
286 | ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE)); | ||
287 | exit(1); | ||
288 | } | ||
289 | if(!strcmp(argv[1],"prime")) | ||
290 | primes(); | ||
291 | else if(!strcmp(argv[1],"pqg")) | ||
292 | pqg(); | ||
293 | else if(!strcmp(argv[1],"keypair")) | ||
294 | keypair(); | ||
295 | else if(!strcmp(argv[1],"siggen")) | ||
296 | siggen(); | ||
297 | else if(!strcmp(argv[1],"sigver")) | ||
298 | sigver(); | ||
299 | else | ||
300 | { | ||
301 | fprintf(stderr,"Don't know how to %s.\n",argv[1]); | ||
302 | exit(1); | ||
303 | } | ||
304 | |||
305 | return 0; | ||
306 | } | ||
diff --git a/src/lib/libssl/src/fips/fips-lib.com b/src/lib/libssl/src/fips/fips-lib.com deleted file mode 100644 index f3571bf845..0000000000 --- a/src/lib/libssl/src/fips/fips-lib.com +++ /dev/null | |||
@@ -1,1180 +0,0 @@ | |||
1 | $! | ||
2 | $! FIPS-LIB.COM | ||
3 | $! Written By: Robert Byer | ||
4 | $! Vice-President | ||
5 | $! A-Com Computing, Inc. | ||
6 | $! byer@mail.all-net.net | ||
7 | $! | ||
8 | $! Changes by Richard Levitte <richard@levitte.org> | ||
9 | $! | ||
10 | $! This command files compiles and creates the FIPS parts of the | ||
11 | $! "[.xxx.EXE.CRYPTO]LIBCRYPTO.OLB" library for OpenSSL. The "xxx" | ||
12 | $! denotes the machine architecture of AXP or VAX. | ||
13 | $! | ||
14 | $! It was re-written so it would try to determine what "C" compiler to use | ||
15 | $! or you can specify which "C" compiler to use. | ||
16 | $! | ||
17 | $! Specify the following as P1 to build just that part or ALL to just | ||
18 | $! build everything. | ||
19 | $! | ||
20 | $! LIBRARY To just compile the [.xxx.EXE.CRYPTO]LIBCRYPTO.OLB Library. | ||
21 | $! APPS To just compile the [.xxx.EXE.CRYPTO]*.EXE | ||
22 | $! ALL To do both LIBRARY and APPS | ||
23 | $! | ||
24 | $! Specify DEBUG or NODEBUG as P2 to compile with or without debugger | ||
25 | $! information. | ||
26 | $! | ||
27 | $! Specify which compiler at P3 to try to compile under. | ||
28 | $! | ||
29 | $! VAXC For VAX C. | ||
30 | $! DECC For DEC C. | ||
31 | $! GNUC For GNU C. | ||
32 | $! | ||
33 | $! If you don't speficy a compiler, it will try to determine which | ||
34 | $! "C" compiler to use. | ||
35 | $! | ||
36 | $! P4, if defined, sets a TCP/IP library to use, through one of the following | ||
37 | $! keywords: | ||
38 | $! | ||
39 | $! UCX for UCX | ||
40 | $! TCPIP for TCPIP (post UCX) | ||
41 | $! SOCKETSHR for SOCKETSHR+NETLIB | ||
42 | $! | ||
43 | $! P5, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up) | ||
44 | $! | ||
45 | $! P6, if defined, sets a choice of crypto methods to compile. | ||
46 | $! WARNING: this should only be done to recompile some part of an already | ||
47 | $! fully compiled library. | ||
48 | $! | ||
49 | $! | ||
50 | $! Define A TCP/IP Library That We Will Need To Link To. | ||
51 | $! (That Is, If We Need To Link To One.) | ||
52 | $! | ||
53 | $ TCPIP_LIB = "" | ||
54 | $! | ||
55 | $! Check Which Architecture We Are Using. | ||
56 | $! | ||
57 | $ IF (F$GETSYI("CPU").GE.128) | ||
58 | $ THEN | ||
59 | $! | ||
60 | $! The Architecture Is AXP | ||
61 | $! | ||
62 | $ ARCH := AXP | ||
63 | $! | ||
64 | $! Else... | ||
65 | $! | ||
66 | $ ELSE | ||
67 | $! | ||
68 | $! The Architecture Is VAX. | ||
69 | $! | ||
70 | $ ARCH := VAX | ||
71 | $! | ||
72 | $! End The Architecture Check. | ||
73 | $! | ||
74 | $ ENDIF | ||
75 | $! | ||
76 | $! Define The Different Encryption Types. | ||
77 | $! | ||
78 | $ ENCRYPT_TYPES = "Basic,SHA1,RAND,DES,AES,DSA,RSA,DH" | ||
79 | $! | ||
80 | $! Check To Make Sure We Have Valid Command Line Parameters. | ||
81 | $! | ||
82 | $ GOSUB CHECK_OPTIONS | ||
83 | $! | ||
84 | $! Initialise logical names and such | ||
85 | $! | ||
86 | $ GOSUB INITIALISE | ||
87 | $! | ||
88 | $! Tell The User What Kind of Machine We Run On. | ||
89 | $! | ||
90 | $ WRITE SYS$OUTPUT "Compiling On A ",ARCH," Machine." | ||
91 | $! | ||
92 | $! Define The OBJ Directory. | ||
93 | $! | ||
94 | $ OBJ_DIR := SYS$DISK:[-.'ARCH'.OBJ.CRYPTO] | ||
95 | $! | ||
96 | $! Check To See If The Architecture Specific OBJ Directory Exists. | ||
97 | $! | ||
98 | $ IF (F$PARSE(OBJ_DIR).EQS."") | ||
99 | $ THEN | ||
100 | $! | ||
101 | $! It Dosen't Exist, So Create It. | ||
102 | $! | ||
103 | $ CREATE/DIR 'OBJ_DIR' | ||
104 | $! | ||
105 | $! End The Architecture Specific OBJ Directory Check. | ||
106 | $! | ||
107 | $ ENDIF | ||
108 | $! | ||
109 | $! Define The EXE Directory. | ||
110 | $! | ||
111 | $ EXE_DIR := SYS$DISK:[-.'ARCH'.EXE.CRYPTO] | ||
112 | $! | ||
113 | $! Check To See If The Architecture Specific Directory Exists. | ||
114 | $! | ||
115 | $ IF (F$PARSE(EXE_DIR).EQS."") | ||
116 | $ THEN | ||
117 | $! | ||
118 | $! It Dosen't Exist, So Create It. | ||
119 | $! | ||
120 | $ CREATE/DIRECTORY 'EXE_DIR' | ||
121 | $! | ||
122 | $! End The Architecture Specific Directory Check. | ||
123 | $! | ||
124 | $ ENDIF | ||
125 | $! | ||
126 | $! Define The Library Name. | ||
127 | $! | ||
128 | $ LIB_NAME := 'EXE_DIR'LIBCRYPTO.OLB | ||
129 | $! | ||
130 | $! Define The CRYPTO-LIB We Are To Use. | ||
131 | $! | ||
132 | $ CRYPTO_LIB := 'EXE_DIR'LIBCRYPTO.OLB | ||
133 | $! | ||
134 | $! Check To See If We Already Have A "[.xxx.EXE.CRYPTO]LIBCRYPTO.OLB" Library... | ||
135 | $! | ||
136 | $ IF (F$SEARCH(LIB_NAME).EQS."") | ||
137 | $ THEN | ||
138 | $! | ||
139 | $! Guess Not, Create The Library. | ||
140 | $! | ||
141 | $ LIBRARY/CREATE/OBJECT 'LIB_NAME' | ||
142 | $! | ||
143 | $! End The Library Check. | ||
144 | $! | ||
145 | $ ENDIF | ||
146 | $! | ||
147 | $! Build our options file for the application | ||
148 | $! | ||
149 | $ GOSUB CHECK_OPT_FILE | ||
150 | $! | ||
151 | $! Define The Different Encryption "library" Strings. | ||
152 | $! | ||
153 | $ LIB_ = "fips,fips_err_wrapper" | ||
154 | $ LIB_SHA1 = "fips_sha1dgst,fips_sha1_selftest" | ||
155 | $ LIB_RAND = "fips_rand" | ||
156 | $ LIB_DES = "fips_des_enc,fips_des_selftest,fips_set_key" | ||
157 | $ LIB_AES = "fips_aes_core,fips_aes_selftest" | ||
158 | $ LIB_DSA = "fips_dsa_ossl,fips_dsa_gen,fips_dsa_selftest" | ||
159 | $ LIB_RSA = "fips_rsa_eay,fips_rsa_gen,fips_rsa_selftest" | ||
160 | $ LIB_DH = "fips_dh_check,fips_dh_gen,fips_dh_key" | ||
161 | $! | ||
162 | $! Setup exceptional compilations | ||
163 | $! | ||
164 | $ COMPILEWITH_CC3 = ",bss_rtcp," | ||
165 | $ COMPILEWITH_CC4 = ",a_utctm,bss_log,o_time," | ||
166 | $ COMPILEWITH_CC5 = ",md2_dgst,md4_dgst,md5_dgst,mdc2dgst," + - | ||
167 | "sha_dgst,sha1dgst,rmd_dgst,bf_enc," | ||
168 | $! | ||
169 | $! Figure Out What Other Modules We Are To Build. | ||
170 | $! | ||
171 | $ BUILD_SET: | ||
172 | $! | ||
173 | $! Define A Module Counter. | ||
174 | $! | ||
175 | $ MODULE_COUNTER = 0 | ||
176 | $! | ||
177 | $! Top Of The Loop. | ||
178 | $! | ||
179 | $ MODULE_NEXT: | ||
180 | $! | ||
181 | $! Extract The Module Name From The Encryption List. | ||
182 | $! | ||
183 | $ MODULE_NAME = F$ELEMENT(MODULE_COUNTER,",",ENCRYPT_TYPES) | ||
184 | $ IF MODULE_NAME.EQS."Basic" THEN MODULE_NAME = "" | ||
185 | $ MODULE_NAME1 = MODULE_NAME | ||
186 | $! | ||
187 | $! Check To See If We Are At The End Of The Module List. | ||
188 | $! | ||
189 | $ IF (MODULE_NAME.EQS.",") | ||
190 | $ THEN | ||
191 | $! | ||
192 | $! We Are At The End Of The Module List, Go To MODULE_DONE. | ||
193 | $! | ||
194 | $ GOTO MODULE_DONE | ||
195 | $! | ||
196 | $! End The Module List Check. | ||
197 | $! | ||
198 | $ ENDIF | ||
199 | $! | ||
200 | $! Increment The Moudle Counter. | ||
201 | $! | ||
202 | $ MODULE_COUNTER = MODULE_COUNTER + 1 | ||
203 | $! | ||
204 | $! Create The Library and Apps Module Names. | ||
205 | $! | ||
206 | $ LIB_MODULE = "LIB_" + MODULE_NAME | ||
207 | $ APPS_MODULE = "APPS_" + MODULE_NAME | ||
208 | $ IF (MODULE_NAME.EQS."ASN1_2") | ||
209 | $ THEN | ||
210 | $ MODULE_NAME = "ASN1" | ||
211 | $ ENDIF | ||
212 | $ IF (MODULE_NAME.EQS."EVP_2") | ||
213 | $ THEN | ||
214 | $ MODULE_NAME = "EVP" | ||
215 | $ ENDIF | ||
216 | $! | ||
217 | $! Set state (can be LIB and APPS) | ||
218 | $! | ||
219 | $ STATE = "LIB" | ||
220 | $ IF BUILDALL .EQS. "APPS" THEN STATE = "APPS" | ||
221 | $! | ||
222 | $! Check if the library module name actually is defined | ||
223 | $! | ||
224 | $ IF F$TYPE('LIB_MODULE') .EQS. "" | ||
225 | $ THEN | ||
226 | $ WRITE SYS$ERROR "" | ||
227 | $ WRITE SYS$ERROR "The module ",MODULE_NAME," does not exist. Continuing..." | ||
228 | $ WRITE SYS$ERROR "" | ||
229 | $ GOTO MODULE_NEXT | ||
230 | $ ENDIF | ||
231 | $! | ||
232 | $! Top Of The Module Loop. | ||
233 | $! | ||
234 | $ MODULE_AGAIN: | ||
235 | $! | ||
236 | $! Tell The User What Module We Are Building. | ||
237 | $! | ||
238 | $ IF (MODULE_NAME1.NES."") | ||
239 | $ THEN | ||
240 | $ IF STATE .EQS. "LIB" | ||
241 | $ THEN | ||
242 | $ WRITE SYS$OUTPUT "Compiling The ",MODULE_NAME1," Library Files. (",BUILDALL,",",STATE,")" | ||
243 | $ ELSE IF F$TYPE('APPS_MODULE') .NES. "" | ||
244 | $ THEN | ||
245 | $ WRITE SYS$OUTPUT "Compiling The ",MODULE_NAME1," Applications. (",BUILDALL,",",STATE,")" | ||
246 | $ ENDIF | ||
247 | $ ENDIF | ||
248 | $ ENDIF | ||
249 | $! | ||
250 | $! Define A File Counter And Set It To "0". | ||
251 | $! | ||
252 | $ FILE_COUNTER = 0 | ||
253 | $ APPLICATION = "" | ||
254 | $ APPLICATION_COUNTER = 0 | ||
255 | $! | ||
256 | $! Top Of The File Loop. | ||
257 | $! | ||
258 | $ NEXT_FILE: | ||
259 | $! | ||
260 | $! Look in the LIB_MODULE is we're in state LIB | ||
261 | $! | ||
262 | $ IF STATE .EQS. "LIB" | ||
263 | $ THEN | ||
264 | $! | ||
265 | $! O.K, Extract The File Name From The File List. | ||
266 | $! | ||
267 | $ FILE_NAME = F$ELEMENT(FILE_COUNTER,",",'LIB_MODULE') | ||
268 | $! | ||
269 | $! else | ||
270 | $! | ||
271 | $ ELSE | ||
272 | $ FILE_NAME = "," | ||
273 | $! | ||
274 | $ IF F$TYPE('APPS_MODULE') .NES. "" | ||
275 | $ THEN | ||
276 | $! | ||
277 | $! Extract The File Name From The File List. | ||
278 | $! This part is a bit more complicated. | ||
279 | $! | ||
280 | $ IF APPLICATION .EQS. "" | ||
281 | $ THEN | ||
282 | $ APPLICATION = F$ELEMENT(APPLICATION_COUNTER,";",'APPS_MODULE') | ||
283 | $ APPLICATION_COUNTER = APPLICATION_COUNTER + 1 | ||
284 | $ APPLICATION_OBJECTS = F$ELEMENT(1,"/",APPLICATION) | ||
285 | $ APPLICATION = F$ELEMENT(0,"/",APPLICATION) | ||
286 | $ FILE_COUNTER = 0 | ||
287 | $ ENDIF | ||
288 | $ | ||
289 | $! WRITE SYS$OUTPUT "DEBUG: SHOW SYMBOL APPLICATION*" | ||
290 | $! SHOW SYMBOL APPLICATION* | ||
291 | $! | ||
292 | $ IF APPLICATION .NES. ";" | ||
293 | $ THEN | ||
294 | $ FILE_NAME = F$ELEMENT(FILE_COUNTER,",",APPLICATION_OBJECTS) | ||
295 | $ IF FILE_NAME .EQS. "," | ||
296 | $ THEN | ||
297 | $ APPLICATION = "" | ||
298 | $ GOTO NEXT_FILE | ||
299 | $ ENDIF | ||
300 | $ ENDIF | ||
301 | $ ENDIF | ||
302 | $ ENDIF | ||
303 | $! | ||
304 | $! Check To See If We Are At The End Of The File List. | ||
305 | $! | ||
306 | $ IF (FILE_NAME.EQS.",") | ||
307 | $ THEN | ||
308 | $! | ||
309 | $! We Are At The End Of The File List, Change State Or Goto FILE_DONE. | ||
310 | $! | ||
311 | $ IF STATE .EQS. "LIB" .AND. BUILDALL .NES. "LIBRARY" | ||
312 | $ THEN | ||
313 | $ STATE = "APPS" | ||
314 | $ GOTO MODULE_AGAIN | ||
315 | $ ELSE | ||
316 | $ GOTO FILE_DONE | ||
317 | $ ENDIF | ||
318 | $! | ||
319 | $! End The File List Check. | ||
320 | $! | ||
321 | $ ENDIF | ||
322 | $! | ||
323 | $! Increment The Counter. | ||
324 | $! | ||
325 | $ FILE_COUNTER = FILE_COUNTER + 1 | ||
326 | $! | ||
327 | $! Create The Source File Name. | ||
328 | $! | ||
329 | $ TMP_FILE_NAME = F$ELEMENT(1,"]",FILE_NAME) | ||
330 | $ IF TMP_FILE_NAME .EQS. "]" THEN TMP_FILE_NAME = FILE_NAME | ||
331 | $ IF F$ELEMENT(0,".",TMP_FILE_NAME) .EQS. TMP_FILE_NAME THEN - | ||
332 | FILE_NAME = FILE_NAME + ".c" | ||
333 | $ IF (MODULE_NAME.NES."") | ||
334 | $ THEN | ||
335 | $ SOURCE_FILE = "SYS$DISK:[." + MODULE_NAME+ "]" + FILE_NAME | ||
336 | $ ELSE | ||
337 | $ SOURCE_FILE = "SYS$DISK:[]" + FILE_NAME | ||
338 | $ ENDIF | ||
339 | $ SOURCE_FILE = SOURCE_FILE - "][" | ||
340 | $! | ||
341 | $! Create The Object File Name. | ||
342 | $! | ||
343 | $ OBJECT_FILE = OBJ_DIR + F$PARSE(FILE_NAME,,,"NAME","SYNTAX_ONLY") + ".OBJ" | ||
344 | $ ON WARNING THEN GOTO NEXT_FILE | ||
345 | $! | ||
346 | $! Check To See If The File We Want To Compile Is Actually There. | ||
347 | $! | ||
348 | $ IF (F$SEARCH(SOURCE_FILE).EQS."") | ||
349 | $ THEN | ||
350 | $! | ||
351 | $! Tell The User That The File Doesn't Exist. | ||
352 | $! | ||
353 | $ WRITE SYS$OUTPUT "" | ||
354 | $ WRITE SYS$OUTPUT "The File ",SOURCE_FILE," Doesn't Exist." | ||
355 | $ WRITE SYS$OUTPUT "" | ||
356 | $! | ||
357 | $! Exit The Build. | ||
358 | $! | ||
359 | $ GOTO EXIT | ||
360 | $! | ||
361 | $! End The File Exist Check. | ||
362 | $! | ||
363 | $ ENDIF | ||
364 | $! | ||
365 | $! Tell The User We Are Compiling The File. | ||
366 | $! | ||
367 | $ IF (MODULE_NAME.EQS."") | ||
368 | $ THEN | ||
369 | $ WRITE SYS$OUTPUT "Compiling The ",FILE_NAME," File. (",BUILDALL,",",STATE,")" | ||
370 | $ ENDIF | ||
371 | $ IF (MODULE_NAME.NES."") | ||
372 | $ THEN | ||
373 | $ WRITE SYS$OUTPUT " ",FILE_NAME,"" | ||
374 | $ ENDIF | ||
375 | $! | ||
376 | $! Compile The File. | ||
377 | $! | ||
378 | $ ON ERROR THEN GOTO NEXT_FILE | ||
379 | $ FILE_NAME0 = F$ELEMENT(0,".",FILE_NAME) | ||
380 | $ IF FILE_NAME - ".mar" .NES. FILE_NAME | ||
381 | $ THEN | ||
382 | $ MACRO/OBJECT='OBJECT_FILE' 'SOURCE_FILE' | ||
383 | $ ELSE | ||
384 | $ IF COMPILEWITH_CC3 - FILE_NAME0 .NES. COMPILEWITH_CC3 | ||
385 | $ THEN | ||
386 | $ CC3/OBJECT='OBJECT_FILE' 'SOURCE_FILE' | ||
387 | $ ELSE | ||
388 | $ IF COMPILEWITH_CC4 - FILE_NAME0 .NES. COMPILEWITH_CC4 | ||
389 | $ THEN | ||
390 | $ CC4/OBJECT='OBJECT_FILE' 'SOURCE_FILE' | ||
391 | $ ELSE | ||
392 | $ IF COMPILEWITH_CC5 - FILE_NAME0 .NES. COMPILEWITH_CC5 | ||
393 | $ THEN | ||
394 | $ CC5/OBJECT='OBJECT_FILE' 'SOURCE_FILE' | ||
395 | $ ELSE | ||
396 | $ CC/OBJECT='OBJECT_FILE' 'SOURCE_FILE' | ||
397 | $ ENDIF | ||
398 | $ ENDIF | ||
399 | $ ENDIF | ||
400 | $ ENDIF | ||
401 | $ IF STATE .EQS. "LIB" | ||
402 | $ THEN | ||
403 | $! | ||
404 | $! Add It To The Library. | ||
405 | $! | ||
406 | $ LIBRARY/REPLACE 'LIB_NAME' 'OBJECT_FILE' | ||
407 | $! | ||
408 | $! Time To Clean Up The Object File. | ||
409 | $! | ||
410 | $ DELETE 'OBJECT_FILE';* | ||
411 | $ ENDIF | ||
412 | $! | ||
413 | $! Go Back And Do It Again. | ||
414 | $! | ||
415 | $ GOTO NEXT_FILE | ||
416 | $! | ||
417 | $! All Done With This Library Part. | ||
418 | $! | ||
419 | $ FILE_DONE: | ||
420 | $! | ||
421 | $! Time To Build Some Applications | ||
422 | $! | ||
423 | $ IF F$TYPE('APPS_MODULE') .NES. "" .AND. BUILDALL .NES. "LIBRARY" | ||
424 | $ THEN | ||
425 | $ APPLICATION_COUNTER = 0 | ||
426 | $ NEXT_APPLICATION: | ||
427 | $ APPLICATION = F$ELEMENT(APPLICATION_COUNTER,";",'APPS_MODULE') | ||
428 | $ IF APPLICATION .EQS. ";" THEN GOTO APPLICATION_DONE | ||
429 | $ | ||
430 | $ APPLICATION_COUNTER = APPLICATION_COUNTER + 1 | ||
431 | $ APPLICATION_OBJECTS = F$ELEMENT(1,"/",APPLICATION) | ||
432 | $ APPLICATION = F$ELEMENT(0,"/",APPLICATION) | ||
433 | $ | ||
434 | $! WRITE SYS$OUTPUT "DEBUG: SHOW SYMBOL APPLICATION*" | ||
435 | $! SHOW SYMBOL APPLICATION* | ||
436 | $! | ||
437 | $! Tell the user what happens | ||
438 | $! | ||
439 | $ WRITE SYS$OUTPUT " ",APPLICATION,".exe" | ||
440 | $! | ||
441 | $! Link The Program. | ||
442 | $! | ||
443 | $ ON ERROR THEN GOTO NEXT_APPLICATION | ||
444 | $! | ||
445 | $! Check To See If We Are To Link With A Specific TCP/IP Library. | ||
446 | $! | ||
447 | $ IF (TCPIP_LIB.NES."") | ||
448 | $ THEN | ||
449 | $! | ||
450 | $! Link With A TCP/IP Library. | ||
451 | $! | ||
452 | $ LINK/'DEBUGGER'/'TRACEBACK'/EXE='EXE_DIR''APPLICATION'.EXE - | ||
453 | 'OBJ_DIR''APPLICATION_OBJECTS', - | ||
454 | 'CRYPTO_LIB'/LIBRARY, - | ||
455 | 'TCPIP_LIB','OPT_FILE'/OPTION | ||
456 | $! | ||
457 | $! Else... | ||
458 | $! | ||
459 | $ ELSE | ||
460 | $! | ||
461 | $! Don't Link With A TCP/IP Library. | ||
462 | $! | ||
463 | $ LINK/'DEBUGGER'/'TRACEBACK'/EXE='EXE_DIR''APPLICATION'.EXE - | ||
464 | 'OBJ_DIR''APPLICATION_OBJECTS',- | ||
465 | 'CRYPTO_LIB'/LIBRARY, - | ||
466 | 'OPT_FILE'/OPTION | ||
467 | $! | ||
468 | $! End The TCP/IP Library Check. | ||
469 | $! | ||
470 | $ ENDIF | ||
471 | $ GOTO NEXT_APPLICATION | ||
472 | $ APPLICATION_DONE: | ||
473 | $ ENDIF | ||
474 | $! | ||
475 | $! Go Back And Get The Next Module. | ||
476 | $! | ||
477 | $ GOTO MODULE_NEXT | ||
478 | $! | ||
479 | $! All Done With This Module. | ||
480 | $! | ||
481 | $ MODULE_DONE: | ||
482 | $! | ||
483 | $! Tell The User That We Are All Done. | ||
484 | $! | ||
485 | $ WRITE SYS$OUTPUT "All Done..." | ||
486 | $ EXIT: | ||
487 | $ GOSUB CLEANUP | ||
488 | $ EXIT | ||
489 | $! | ||
490 | $! Check For The Link Option FIle. | ||
491 | $! | ||
492 | $ CHECK_OPT_FILE: | ||
493 | $! | ||
494 | $! Check To See If We Need To Make A VAX C Option File. | ||
495 | $! | ||
496 | $ IF (COMPILER.EQS."VAXC") | ||
497 | $ THEN | ||
498 | $! | ||
499 | $! Check To See If We Already Have A VAX C Linker Option File. | ||
500 | $! | ||
501 | $ IF (F$SEARCH(OPT_FILE).EQS."") | ||
502 | $ THEN | ||
503 | $! | ||
504 | $! We Need A VAX C Linker Option File. | ||
505 | $! | ||
506 | $ CREATE 'OPT_FILE' | ||
507 | $DECK | ||
508 | ! | ||
509 | ! Default System Options File To Link Agianst | ||
510 | ! The Sharable VAX C Runtime Library. | ||
511 | ! | ||
512 | SYS$SHARE:VAXCRTL.EXE/SHARE | ||
513 | $EOD | ||
514 | $! | ||
515 | $! End The Option File Check. | ||
516 | $! | ||
517 | $ ENDIF | ||
518 | $! | ||
519 | $! End The VAXC Check. | ||
520 | $! | ||
521 | $ ENDIF | ||
522 | $! | ||
523 | $! Check To See If We Need A GNU C Option File. | ||
524 | $! | ||
525 | $ IF (COMPILER.EQS."GNUC") | ||
526 | $ THEN | ||
527 | $! | ||
528 | $! Check To See If We Already Have A GNU C Linker Option File. | ||
529 | $! | ||
530 | $ IF (F$SEARCH(OPT_FILE).EQS."") | ||
531 | $ THEN | ||
532 | $! | ||
533 | $! We Need A GNU C Linker Option File. | ||
534 | $! | ||
535 | $ CREATE 'OPT_FILE' | ||
536 | $DECK | ||
537 | ! | ||
538 | ! Default System Options File To Link Agianst | ||
539 | ! The Sharable C Runtime Library. | ||
540 | ! | ||
541 | GNU_CC:[000000]GCCLIB/LIBRARY | ||
542 | SYS$SHARE:VAXCRTL/SHARE | ||
543 | $EOD | ||
544 | $! | ||
545 | $! End The Option File Check. | ||
546 | $! | ||
547 | $ ENDIF | ||
548 | $! | ||
549 | $! End The GNU C Check. | ||
550 | $! | ||
551 | $ ENDIF | ||
552 | $! | ||
553 | $! Check To See If We Need A DEC C Option File. | ||
554 | $! | ||
555 | $ IF (COMPILER.EQS."DECC") | ||
556 | $ THEN | ||
557 | $! | ||
558 | $! Check To See If We Already Have A DEC C Linker Option File. | ||
559 | $! | ||
560 | $ IF (F$SEARCH(OPT_FILE).EQS."") | ||
561 | $ THEN | ||
562 | $! | ||
563 | $! Figure Out If We Need An AXP Or A VAX Linker Option File. | ||
564 | $! | ||
565 | $ IF ARCH .EQS. "VAX" | ||
566 | $ THEN | ||
567 | $! | ||
568 | $! We Need A DEC C Linker Option File For VAX. | ||
569 | $! | ||
570 | $ CREATE 'OPT_FILE' | ||
571 | $DECK | ||
572 | ! | ||
573 | ! Default System Options File To Link Agianst | ||
574 | ! The Sharable DEC C Runtime Library. | ||
575 | ! | ||
576 | SYS$SHARE:DECC$SHR.EXE/SHARE | ||
577 | $EOD | ||
578 | $! | ||
579 | $! Else... | ||
580 | $! | ||
581 | $ ELSE | ||
582 | $! | ||
583 | $! Create The AXP Linker Option File. | ||
584 | $! | ||
585 | $ CREATE 'OPT_FILE' | ||
586 | $DECK | ||
587 | ! | ||
588 | ! Default System Options File For AXP To Link Agianst | ||
589 | ! The Sharable C Runtime Library. | ||
590 | ! | ||
591 | SYS$SHARE:CMA$OPEN_LIB_SHR/SHARE | ||
592 | SYS$SHARE:CMA$OPEN_RTL/SHARE | ||
593 | $EOD | ||
594 | $! | ||
595 | $! End The VAX/AXP DEC C Option File Check. | ||
596 | $! | ||
597 | $ ENDIF | ||
598 | $! | ||
599 | $! End The Option File Search. | ||
600 | $! | ||
601 | $ ENDIF | ||
602 | $! | ||
603 | $! End The DEC C Check. | ||
604 | $! | ||
605 | $ ENDIF | ||
606 | $! | ||
607 | $! Tell The User What Linker Option File We Are Using. | ||
608 | $! | ||
609 | $ WRITE SYS$OUTPUT "Using Linker Option File ",OPT_FILE,"." | ||
610 | $! | ||
611 | $! Time To RETURN. | ||
612 | $! | ||
613 | $ RETURN | ||
614 | $! | ||
615 | $! Check The User's Options. | ||
616 | $! | ||
617 | $ CHECK_OPTIONS: | ||
618 | $! | ||
619 | $! Check To See If P1 Is Blank. | ||
620 | $! | ||
621 | $ IF (P1.EQS."ALL") | ||
622 | $ THEN | ||
623 | $! | ||
624 | $! P1 Is Blank, So Build Everything. | ||
625 | $! | ||
626 | $ BUILDALL = "TRUE" | ||
627 | $! | ||
628 | $! Else... | ||
629 | $! | ||
630 | $ ELSE | ||
631 | $! | ||
632 | $! Else, Check To See If P1 Has A Valid Arguement. | ||
633 | $! | ||
634 | $ IF (P1.EQS."LIBRARY").OR.(P1.EQS."APPS") | ||
635 | $ THEN | ||
636 | $! | ||
637 | $! A Valid Arguement. | ||
638 | $! | ||
639 | $ BUILDALL = P1 | ||
640 | $! | ||
641 | $! Else... | ||
642 | $! | ||
643 | $ ELSE | ||
644 | $! | ||
645 | $! Tell The User We Don't Know What They Want. | ||
646 | $! | ||
647 | $ WRITE SYS$OUTPUT "" | ||
648 | $ WRITE SYS$OUTPUT "The Option ",P1," Is Invalid. The Valid Options Are:" | ||
649 | $ WRITE SYS$OUTPUT "" | ||
650 | $ WRITE SYS$OUTPUT " ALL : Just Build Everything." | ||
651 | $ WRITE SYS$OUTPUT " LIBRARY : To Compile Just The [.xxx.EXE.CRYPTO]LIBCRYPTO.OLB Library." | ||
652 | $ WRITE SYS$OUTPUT " APPS : To Compile Just The [.xxx.EXE.CRYPTO]*.EXE Programs." | ||
653 | $ WRITE SYS$OUTPUT "" | ||
654 | $ WRITE SYS$OUTPUT " Where 'xxx' Stands For:" | ||
655 | $ WRITE SYS$OUTPUT "" | ||
656 | $ WRITE SYS$OUTPUT " AXP : Alpha Architecture." | ||
657 | $ WRITE SYS$OUTPUT " VAX : VAX Architecture." | ||
658 | $ WRITE SYS$OUTPUT "" | ||
659 | $! | ||
660 | $! Time To EXIT. | ||
661 | $! | ||
662 | $ EXIT | ||
663 | $! | ||
664 | $! End The Valid Arguement Check. | ||
665 | $! | ||
666 | $ ENDIF | ||
667 | $! | ||
668 | $! End The P1 Check. | ||
669 | $! | ||
670 | $ ENDIF | ||
671 | $! | ||
672 | $! Check To See If P2 Is Blank. | ||
673 | $! | ||
674 | $ IF (P2.EQS."NODEBUG") | ||
675 | $ THEN | ||
676 | $! | ||
677 | $! P2 Is NODEBUG, So Compile Without The Debugger Information. | ||
678 | $! | ||
679 | $ DEBUGGER = "NODEBUG" | ||
680 | $ TRACEBACK = "NOTRACEBACK" | ||
681 | $ GCC_OPTIMIZE = "OPTIMIZE" | ||
682 | $ CC_OPTIMIZE = "OPTIMIZE" | ||
683 | $ MACRO_OPTIMIZE = "OPTIMIZE" | ||
684 | $ WRITE SYS$OUTPUT "No Debugger Information Will Be Produced During Compile." | ||
685 | $ WRITE SYS$OUTPUT "Compiling With Compiler Optimization." | ||
686 | $ ELSE | ||
687 | $! | ||
688 | $! Check To See If We Are To Compile With Debugger Information. | ||
689 | $! | ||
690 | $ IF (P2.EQS."DEBUG") | ||
691 | $ THEN | ||
692 | $! | ||
693 | $! Compile With Debugger Information. | ||
694 | $! | ||
695 | $ DEBUGGER = "DEBUG" | ||
696 | $ TRACEBACK = "TRACEBACK" | ||
697 | $ GCC_OPTIMIZE = "NOOPTIMIZE" | ||
698 | $ CC_OPTIMIZE = "NOOPTIMIZE" | ||
699 | $ MACRO_OPTIMIZE = "NOOPTIMIZE" | ||
700 | $ WRITE SYS$OUTPUT "Debugger Information Will Be Produced During Compile." | ||
701 | $ WRITE SYS$OUTPUT "Compiling Without Compiler Optimization." | ||
702 | $ ELSE | ||
703 | $! | ||
704 | $! They Entered An Invalid Option.. | ||
705 | $! | ||
706 | $ WRITE SYS$OUTPUT "" | ||
707 | $ WRITE SYS$OUTPUT "The Option ",P2," Is Invalid. The Valid Options Are:" | ||
708 | $ WRITE SYS$OUTPUT "" | ||
709 | $ WRITE SYS$OUTPUT " DEBUG : Compile With The Debugger Information." | ||
710 | $ WRITE SYS$OUTPUT " NODEBUG : Compile Without The Debugger Information." | ||
711 | $ WRITE SYS$OUTPUT "" | ||
712 | $! | ||
713 | $! Time To EXIT. | ||
714 | $! | ||
715 | $ EXIT | ||
716 | $! | ||
717 | $! End The Valid Arguement Check. | ||
718 | $! | ||
719 | $ ENDIF | ||
720 | $! | ||
721 | $! End The P2 Check. | ||
722 | $! | ||
723 | $ ENDIF | ||
724 | $! | ||
725 | $! Special Threads For OpenVMS v7.1 Or Later | ||
726 | $! | ||
727 | $! Written By: Richard Levitte | ||
728 | $! richard@levitte.org | ||
729 | $! | ||
730 | $! | ||
731 | $! Check To See If We Have A Option For P5. | ||
732 | $! | ||
733 | $ IF (P5.EQS."") | ||
734 | $ THEN | ||
735 | $! | ||
736 | $! Get The Version Of VMS We Are Using. | ||
737 | $! | ||
738 | $ ISSEVEN := | ||
739 | $ TMP = F$ELEMENT(0,"-",F$EXTRACT(1,4,F$GETSYI("VERSION"))) | ||
740 | $ TMP = F$INTEGER(F$ELEMENT(0,".",TMP)+F$ELEMENT(1,".",TMP)) | ||
741 | $! | ||
742 | $! Check To See If The VMS Version Is v7.1 Or Later. | ||
743 | $! | ||
744 | $ IF (TMP.GE.71) | ||
745 | $ THEN | ||
746 | $! | ||
747 | $! We Have OpenVMS v7.1 Or Later, So Use The Special Threads. | ||
748 | $! | ||
749 | $ ISSEVEN := ,PTHREAD_USE_D4 | ||
750 | $! | ||
751 | $! End The VMS Version Check. | ||
752 | $! | ||
753 | $ ENDIF | ||
754 | $! | ||
755 | $! End The P5 Check. | ||
756 | $! | ||
757 | $ ENDIF | ||
758 | $! | ||
759 | $! Check To See If P3 Is Blank. | ||
760 | $! | ||
761 | $ IF (P3.EQS."") | ||
762 | $ THEN | ||
763 | $! | ||
764 | $! O.K., The User Didn't Specify A Compiler, Let's Try To | ||
765 | $! Find Out Which One To Use. | ||
766 | $! | ||
767 | $! Check To See If We Have GNU C. | ||
768 | $! | ||
769 | $ IF (F$TRNLNM("GNU_CC").NES."") | ||
770 | $ THEN | ||
771 | $! | ||
772 | $! Looks Like GNUC, Set To Use GNUC. | ||
773 | $! | ||
774 | $ P3 = "GNUC" | ||
775 | $! | ||
776 | $! Else... | ||
777 | $! | ||
778 | $ ELSE | ||
779 | $! | ||
780 | $! Check To See If We Have VAXC Or DECC. | ||
781 | $! | ||
782 | $ IF (ARCH.EQS."AXP").OR.(F$TRNLNM("DECC$CC_DEFAULT").NES."") | ||
783 | $ THEN | ||
784 | $! | ||
785 | $! Looks Like DECC, Set To Use DECC. | ||
786 | $! | ||
787 | $ P3 = "DECC" | ||
788 | $! | ||
789 | $! Else... | ||
790 | $! | ||
791 | $ ELSE | ||
792 | $! | ||
793 | $! Looks Like VAXC, Set To Use VAXC. | ||
794 | $! | ||
795 | $ P3 = "VAXC" | ||
796 | $! | ||
797 | $! End The VAXC Compiler Check. | ||
798 | $! | ||
799 | $ ENDIF | ||
800 | $! | ||
801 | $! End The DECC & VAXC Compiler Check. | ||
802 | $! | ||
803 | $ ENDIF | ||
804 | $! | ||
805 | $! End The Compiler Check. | ||
806 | $! | ||
807 | $ ENDIF | ||
808 | $! | ||
809 | $! Check To See If We Have A Option For P4. | ||
810 | $! | ||
811 | $ IF (P4.EQS."") | ||
812 | $ THEN | ||
813 | $! | ||
814 | $! Find out what socket library we have available | ||
815 | $! | ||
816 | $ IF F$PARSE("SOCKETSHR:") .NES. "" | ||
817 | $ THEN | ||
818 | $! | ||
819 | $! We have SOCKETSHR, and it is my opinion that it's the best to use. | ||
820 | $! | ||
821 | $ P4 = "SOCKETSHR" | ||
822 | $! | ||
823 | $! Tell the user | ||
824 | $! | ||
825 | $ WRITE SYS$OUTPUT "Using SOCKETSHR for TCP/IP" | ||
826 | $! | ||
827 | $! Else, let's look for something else | ||
828 | $! | ||
829 | $ ELSE | ||
830 | $! | ||
831 | $! Like UCX (the reason to do this before Multinet is that the UCX | ||
832 | $! emulation is easier to use...) | ||
833 | $! | ||
834 | $ IF F$TRNLNM("UCX$IPC_SHR") .NES. "" - | ||
835 | .OR. F$PARSE("SYS$SHARE:UCX$IPC_SHR.EXE") .NES. "" - | ||
836 | .OR. F$PARSE("SYS$LIBRARY:UCX$IPC.OLB") .NES. "" | ||
837 | $ THEN | ||
838 | $! | ||
839 | $! Last resort: a UCX or UCX-compatible library | ||
840 | $! | ||
841 | $ P4 = "UCX" | ||
842 | $! | ||
843 | $! Tell the user | ||
844 | $! | ||
845 | $ WRITE SYS$OUTPUT "Using UCX or an emulation thereof for TCP/IP" | ||
846 | $! | ||
847 | $! That was all... | ||
848 | $! | ||
849 | $ ENDIF | ||
850 | $ ENDIF | ||
851 | $ ENDIF | ||
852 | $! | ||
853 | $! Set Up Initial CC Definitions, Possibly With User Ones | ||
854 | $! | ||
855 | $ CCDEFS = "TCPIP_TYPE_''P4',DSO_VMS" | ||
856 | $ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS | ||
857 | $ CCEXTRAFLAGS = "" | ||
858 | $ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS | ||
859 | $ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX" | ||
860 | $ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN - | ||
861 | CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS | ||
862 | $! | ||
863 | $! Check To See If The User Entered A Valid Paramter. | ||
864 | $! | ||
865 | $ IF (P3.EQS."VAXC").OR.(P3.EQS."DECC").OR.(P3.EQS."GNUC") | ||
866 | $ THEN | ||
867 | $! | ||
868 | $! Check To See If The User Wanted DECC. | ||
869 | $! | ||
870 | $ IF (P3.EQS."DECC") | ||
871 | $ THEN | ||
872 | $! | ||
873 | $! Looks Like DECC, Set To Use DECC. | ||
874 | $! | ||
875 | $ COMPILER = "DECC" | ||
876 | $! | ||
877 | $! Tell The User We Are Using DECC. | ||
878 | $! | ||
879 | $ WRITE SYS$OUTPUT "Using DECC 'C' Compiler." | ||
880 | $! | ||
881 | $! Use DECC... | ||
882 | $! | ||
883 | $ CC = "CC" | ||
884 | $ IF ARCH.EQS."VAX" .AND. F$TRNLNM("DECC$CC_DEFAULT").NES."/DECC" - | ||
885 | THEN CC = "CC/DECC" | ||
886 | $ CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/STANDARD=ANSI89" + - | ||
887 | "/NOLIST/PREFIX=ALL" + - | ||
888 | "/INCLUDE=(SYS$DISK:[],SYS$DISK:[-],SYS$DISK:[-.CRYPTO])" + - | ||
889 | CCEXTRAFLAGS | ||
890 | $! | ||
891 | $! Define The Linker Options File Name. | ||
892 | $! | ||
893 | $ OPT_FILE = "SYS$DISK:[]VAX_DECC_OPTIONS.OPT" | ||
894 | $! | ||
895 | $! End DECC Check. | ||
896 | $! | ||
897 | $ ENDIF | ||
898 | $! | ||
899 | $! Check To See If We Are To Use VAXC. | ||
900 | $! | ||
901 | $ IF (P3.EQS."VAXC") | ||
902 | $ THEN | ||
903 | $! | ||
904 | $! Looks Like VAXC, Set To Use VAXC. | ||
905 | $! | ||
906 | $ COMPILER = "VAXC" | ||
907 | $! | ||
908 | $! Tell The User We Are Using VAX C. | ||
909 | $! | ||
910 | $ WRITE SYS$OUTPUT "Using VAXC 'C' Compiler." | ||
911 | $! | ||
912 | $! Compile Using VAXC. | ||
913 | $! | ||
914 | $ CC = "CC" | ||
915 | $ IF ARCH.EQS."AXP" | ||
916 | $ THEN | ||
917 | $ WRITE SYS$OUTPUT "There is no VAX C on Alpha!" | ||
918 | $ EXIT | ||
919 | $ ENDIF | ||
920 | $ IF F$TRNLNM("DECC$CC_DEFAULT").EQS."/DECC" THEN CC = "CC/VAXC" | ||
921 | $ CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/NOLIST" + - | ||
922 | "/INCLUDE=(SYS$DISK:[],SYS$DISK:[-],SYS$DISK:[-.CRYPTO])" + - | ||
923 | CCEXTRAFLAGS | ||
924 | $ CCDEFS = """VAXC""," + CCDEFS | ||
925 | $! | ||
926 | $! Define <sys> As SYS$COMMON:[SYSLIB] | ||
927 | $! | ||
928 | $ DEFINE/NOLOG SYS SYS$COMMON:[SYSLIB] | ||
929 | $! | ||
930 | $! Define The Linker Options File Name. | ||
931 | $! | ||
932 | $ OPT_FILE = "SYS$DISK:[]VAX_VAXC_OPTIONS.OPT" | ||
933 | $! | ||
934 | $! End VAXC Check | ||
935 | $! | ||
936 | $ ENDIF | ||
937 | $! | ||
938 | $! Check To See If We Are To Use GNU C. | ||
939 | $! | ||
940 | $ IF (P3.EQS."GNUC") | ||
941 | $ THEN | ||
942 | $! | ||
943 | $! Looks Like GNUC, Set To Use GNUC. | ||
944 | $! | ||
945 | $ COMPILER = "GNUC" | ||
946 | $! | ||
947 | $! Tell The User We Are Using GNUC. | ||
948 | $! | ||
949 | $ WRITE SYS$OUTPUT "Using GNU 'C' Compiler." | ||
950 | $! | ||
951 | $! Use GNU C... | ||
952 | $! | ||
953 | $ CC = "GCC/NOCASE_HACK/''GCC_OPTIMIZE'/''DEBUGGER'/NOLIST" + - | ||
954 | "/INCLUDE=(SYS$DISK:[],SYS$DISK:[-],SYS$DISK:[-.CRYPTO])" + - | ||
955 | CCEXTRAFLAGS | ||
956 | $! | ||
957 | $! Define The Linker Options File Name. | ||
958 | $! | ||
959 | $ OPT_FILE = "SYS$DISK:[]VAX_GNUC_OPTIONS.OPT" | ||
960 | $! | ||
961 | $! End The GNU C Check. | ||
962 | $! | ||
963 | $ ENDIF | ||
964 | $! | ||
965 | $! Set up default defines | ||
966 | $! | ||
967 | $ CCDEFS = """FLAT_INC=1""," + CCDEFS | ||
968 | $! | ||
969 | $! Finish up the definition of CC. | ||
970 | $! | ||
971 | $ IF COMPILER .EQS. "DECC" | ||
972 | $ THEN | ||
973 | $ IF CCDISABLEWARNINGS .EQS. "" | ||
974 | $ THEN | ||
975 | $ CC4DISABLEWARNINGS = "DOLLARID" | ||
976 | $ ELSE | ||
977 | $ CC4DISABLEWARNINGS = CCDISABLEWARNINGS + ",DOLLARID" | ||
978 | $ CCDISABLEWARNINGS = "/WARNING=(DISABLE=(" + CCDISABLEWARNINGS + "))" | ||
979 | $ ENDIF | ||
980 | $ CC4DISABLEWARNINGS = "/WARNING=(DISABLE=(" + CC4DISABLEWARNINGS + "))" | ||
981 | $ ELSE | ||
982 | $ CCDISABLEWARNINGS = "" | ||
983 | $ CC4DISABLEWARNINGS = "" | ||
984 | $ ENDIF | ||
985 | $ CC3 = CC + "/DEFINE=(" + CCDEFS + ISSEVEN + ")" + CCDISABLEWARNINGS | ||
986 | $ CC = CC + "/DEFINE=(" + CCDEFS + ")" + CCDISABLEWARNINGS | ||
987 | $ IF ARCH .EQS. "VAX" .AND. COMPILER .EQS. "DECC" .AND. P2 .NES. "DEBUG" | ||
988 | $ THEN | ||
989 | $ CC5 = CC + "/OPTIMIZE=NODISJOINT" | ||
990 | $ ELSE | ||
991 | $ CC5 = CC + "/NOOPTIMIZE" | ||
992 | $ ENDIF | ||
993 | $ CC4 = CC - CCDISABLEWARNINGS + CC4DISABLEWARNINGS | ||
994 | $! | ||
995 | $! Show user the result | ||
996 | $! | ||
997 | $ WRITE/SYMBOL SYS$OUTPUT "Main C Compiling Command: ",CC | ||
998 | $! | ||
999 | $! Else The User Entered An Invalid Arguement. | ||
1000 | $! | ||
1001 | $ ELSE | ||
1002 | $! | ||
1003 | $! Tell The User We Don't Know What They Want. | ||
1004 | $! | ||
1005 | $ WRITE SYS$OUTPUT "" | ||
1006 | $ WRITE SYS$OUTPUT "The Option ",P3," Is Invalid. The Valid Options Are:" | ||
1007 | $ WRITE SYS$OUTPUT "" | ||
1008 | $ WRITE SYS$OUTPUT " VAXC : To Compile With VAX C." | ||
1009 | $ WRITE SYS$OUTPUT " DECC : To Compile With DEC C." | ||
1010 | $ WRITE SYS$OUTPUT " GNUC : To Compile With GNU C." | ||
1011 | $ WRITE SYS$OUTPUT "" | ||
1012 | $! | ||
1013 | $! Time To EXIT. | ||
1014 | $! | ||
1015 | $ EXIT | ||
1016 | $! | ||
1017 | $! End The Valid Arguement Check. | ||
1018 | $! | ||
1019 | $ ENDIF | ||
1020 | $! | ||
1021 | $! Build a MACRO command for the architecture at hand | ||
1022 | $! | ||
1023 | $ IF ARCH .EQS. "VAX" THEN MACRO = "MACRO/''DEBUGGER'" | ||
1024 | $ IF ARCH .EQS. "AXP" THEN MACRO = "MACRO/MIGRATION/''DEBUGGER'/''MACRO_OPTIMIZE'" | ||
1025 | $! | ||
1026 | $! Show user the result | ||
1027 | $! | ||
1028 | $ WRITE/SYMBOL SYS$OUTPUT "Main MACRO Compiling Command: ",MACRO | ||
1029 | $! | ||
1030 | $! Time to check the contents, and to make sure we get the correct library. | ||
1031 | $! | ||
1032 | $ IF P4.EQS."SOCKETSHR" .OR. P4.EQS."MULTINET" .OR. P4.EQS."UCX" - | ||
1033 | .OR. P4.EQS."TCPIP" .OR. P4.EQS."NONE" | ||
1034 | $ THEN | ||
1035 | $! | ||
1036 | $! Check to see if SOCKETSHR was chosen | ||
1037 | $! | ||
1038 | $ IF P4.EQS."SOCKETSHR" | ||
1039 | $ THEN | ||
1040 | $! | ||
1041 | $! Set the library to use SOCKETSHR | ||
1042 | $! | ||
1043 | $ TCPIP_LIB = "SYS$DISK:[-.VMS]SOCKETSHR_SHR.OPT/OPT" | ||
1044 | $! | ||
1045 | $! Done with SOCKETSHR | ||
1046 | $! | ||
1047 | $ ENDIF | ||
1048 | $! | ||
1049 | $! Check to see if MULTINET was chosen | ||
1050 | $! | ||
1051 | $ IF P4.EQS."MULTINET" | ||
1052 | $ THEN | ||
1053 | $! | ||
1054 | $! Set the library to use UCX emulation. | ||
1055 | $! | ||
1056 | $ P4 = "UCX" | ||
1057 | $! | ||
1058 | $! Done with MULTINET | ||
1059 | $! | ||
1060 | $ ENDIF | ||
1061 | $! | ||
1062 | $! Check to see if UCX was chosen | ||
1063 | $! | ||
1064 | $ IF P4.EQS."UCX" | ||
1065 | $ THEN | ||
1066 | $! | ||
1067 | $! Set the library to use UCX. | ||
1068 | $! | ||
1069 | $ TCPIP_LIB = "SYS$DISK:[-.VMS]UCX_SHR_DECC.OPT/OPT" | ||
1070 | $ IF F$TRNLNM("UCX$IPC_SHR") .NES. "" | ||
1071 | $ THEN | ||
1072 | $ TCPIP_LIB = "SYS$DISK:[-.VMS]UCX_SHR_DECC_LOG.OPT/OPT" | ||
1073 | $ ELSE | ||
1074 | $ IF COMPILER .NES. "DECC" .AND. ARCH .EQS. "VAX" THEN - | ||
1075 | TCPIP_LIB = "SYS$DISK:[-.VMS]UCX_SHR_VAXC.OPT/OPT" | ||
1076 | $ ENDIF | ||
1077 | $! | ||
1078 | $! Done with UCX | ||
1079 | $! | ||
1080 | $ ENDIF | ||
1081 | $! | ||
1082 | $! Check to see if TCPIP was chosen | ||
1083 | $! | ||
1084 | $ IF P4.EQS."TCPIP" | ||
1085 | $ THEN | ||
1086 | $! | ||
1087 | $! Set the library to use TCPIP (post UCX). | ||
1088 | $! | ||
1089 | $ TCPIP_LIB = "SYS$DISK:[-.VMS]TCPIP_SHR_DECC.OPT/OPT" | ||
1090 | $! | ||
1091 | $! Done with TCPIP | ||
1092 | $! | ||
1093 | $ ENDIF | ||
1094 | $! | ||
1095 | $! Check to see if NONE was chosen | ||
1096 | $! | ||
1097 | $ IF P4.EQS."NONE" | ||
1098 | $ THEN | ||
1099 | $! | ||
1100 | $! Do not use a TCPIP library. | ||
1101 | $! | ||
1102 | $ TCPIP_LIB = "" | ||
1103 | $! | ||
1104 | $! Done with TCPIP | ||
1105 | $! | ||
1106 | $ ENDIF | ||
1107 | $! | ||
1108 | $! Print info | ||
1109 | $! | ||
1110 | $ WRITE SYS$OUTPUT "TCP/IP library spec: ", TCPIP_LIB | ||
1111 | $! | ||
1112 | $! Else The User Entered An Invalid Arguement. | ||
1113 | $! | ||
1114 | $ ELSE | ||
1115 | $! | ||
1116 | $! Tell The User We Don't Know What They Want. | ||
1117 | $! | ||
1118 | $ WRITE SYS$OUTPUT "" | ||
1119 | $ WRITE SYS$OUTPUT "The Option ",P4," Is Invalid. The Valid Options Are:" | ||
1120 | $ WRITE SYS$OUTPUT "" | ||
1121 | $ WRITE SYS$OUTPUT " SOCKETSHR : To link with SOCKETSHR TCP/IP library." | ||
1122 | $ WRITE SYS$OUTPUT " UCX : To link with UCX TCP/IP library." | ||
1123 | $ WRITE SYS$OUTPUT " TCPIP : To link with TCPIP (post UCX) TCP/IP library." | ||
1124 | $ WRITE SYS$OUTPUT "" | ||
1125 | $! | ||
1126 | $! Time To EXIT. | ||
1127 | $! | ||
1128 | $ EXIT | ||
1129 | $! | ||
1130 | $! Done with TCP/IP libraries | ||
1131 | $! | ||
1132 | $ ENDIF | ||
1133 | $! | ||
1134 | $! Check if the user wanted to compile just a subset of all the encryption | ||
1135 | $! methods. | ||
1136 | $! | ||
1137 | $ IF P6 .NES. "" | ||
1138 | $ THEN | ||
1139 | $ ENCRYPT_TYPES = P6 | ||
1140 | $ ENDIF | ||
1141 | $! | ||
1142 | $! Time To RETURN... | ||
1143 | $! | ||
1144 | $ RETURN | ||
1145 | $! | ||
1146 | $ INITIALISE: | ||
1147 | $! | ||
1148 | $! Save old value of the logical name OPENSSL | ||
1149 | $! | ||
1150 | $ __SAVE_OPENSSL = F$TRNLNM("OPENSSL","LNM$PROCESS_TABLE") | ||
1151 | $! | ||
1152 | $! Save directory information | ||
1153 | $! | ||
1154 | $ __HERE = F$PARSE(F$PARSE("A.;",F$ENVIRONMENT("PROCEDURE"))-"A.;","[]A.;") - "A.;" | ||
1155 | $ __HERE = F$EDIT(__HERE,"UPCASE") | ||
1156 | $ __TOP = __HERE - "FIPS]" | ||
1157 | $ __INCLUDE = __TOP + "INCLUDE.OPENSSL]" | ||
1158 | $! | ||
1159 | $! Set up the logical name OPENSSL to point at the include directory | ||
1160 | $! | ||
1161 | $ DEFINE OPENSSL/NOLOG '__INCLUDE' | ||
1162 | $! | ||
1163 | $! Done | ||
1164 | $! | ||
1165 | $ RETURN | ||
1166 | $! | ||
1167 | $ CLEANUP: | ||
1168 | $! | ||
1169 | $! Restore the logical name OPENSSL if it had a value | ||
1170 | $! | ||
1171 | $ IF __SAVE_OPENSSL .EQS. "" | ||
1172 | $ THEN | ||
1173 | $ DEASSIGN OPENSSL | ||
1174 | $ ELSE | ||
1175 | $ DEFINE/NOLOG OPENSSL '__SAVE_OPENSSL' | ||
1176 | $ ENDIF | ||
1177 | $! | ||
1178 | $! Done | ||
1179 | $! | ||
1180 | $ RETURN | ||
diff --git a/src/lib/libssl/src/fips/fips.c b/src/lib/libssl/src/fips/fips.c deleted file mode 100644 index 7ecba57f70..0000000000 --- a/src/lib/libssl/src/fips/fips.c +++ /dev/null | |||
@@ -1,260 +0,0 @@ | |||
1 | /* ==================================================================== | ||
2 | * Copyright (c) 2003 The OpenSSL Project. All rights reserved. | ||
3 | * | ||
4 | * Redistribution and use in source and binary forms, with or without | ||
5 | * modification, are permitted provided that the following conditions | ||
6 | * are met: | ||
7 | * | ||
8 | * 1. Redistributions of source code must retain the above copyright | ||
9 | * notice, this list of conditions and the following disclaimer. | ||
10 | * | ||
11 | * 2. Redistributions in binary form must reproduce the above copyright | ||
12 | * notice, this list of conditions and the following disclaimer in | ||
13 | * the documentation and/or other materials provided with the | ||
14 | * distribution. | ||
15 | * | ||
16 | * 3. All advertising materials mentioning features or use of this | ||
17 | * software must display the following acknowledgment: | ||
18 | * "This product includes software developed by the OpenSSL Project | ||
19 | * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" | ||
20 | * | ||
21 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
22 | * endorse or promote products derived from this software without | ||
23 | * prior written permission. For written permission, please contact | ||
24 | * openssl-core@openssl.org. | ||
25 | * | ||
26 | * 5. Products derived from this software may not be called "OpenSSL" | ||
27 | * nor may "OpenSSL" appear in their names without prior written | ||
28 | * permission of the OpenSSL Project. | ||
29 | * | ||
30 | * 6. Redistributions of any form whatsoever must retain the following | ||
31 | * acknowledgment: | ||
32 | * "This product includes software developed by the OpenSSL Project | ||
33 | * for use in the OpenSSL Toolkit (http://www.openssl.org/)" | ||
34 | * | ||
35 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
36 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
37 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
38 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
39 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
40 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
41 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
42 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
43 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
44 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
45 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
46 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
47 | * | ||
48 | */ | ||
49 | |||
50 | #include <openssl/fips.h> | ||
51 | #include <openssl/rand.h> | ||
52 | #include <openssl/fips_rand.h> | ||
53 | #include <openssl/err.h> | ||
54 | #include <openssl/bio.h> | ||
55 | #include <openssl/hmac.h> | ||
56 | #include <string.h> | ||
57 | #include <limits.h> | ||
58 | #include "fips_locl.h" | ||
59 | |||
60 | #ifdef OPENSSL_FIPS | ||
61 | |||
62 | #ifndef PATH_MAX | ||
63 | #define PATH_MAX 1024 | ||
64 | #endif | ||
65 | |||
66 | static int fips_md5_allowed = 0; | ||
67 | static int fips_selftest_fail = 0; | ||
68 | |||
69 | void FIPS_allow_md5(int onoff) | ||
70 | { | ||
71 | if (fips_is_started()) | ||
72 | { | ||
73 | int owning_thread = fips_is_owning_thread(); | ||
74 | |||
75 | if (!owning_thread) CRYPTO_w_lock(CRYPTO_LOCK_FIPS); | ||
76 | fips_md5_allowed = onoff; | ||
77 | if (!owning_thread) CRYPTO_w_unlock(CRYPTO_LOCK_FIPS); | ||
78 | } | ||
79 | } | ||
80 | |||
81 | int FIPS_md5_allowed(void) | ||
82 | { | ||
83 | int ret = 1; | ||
84 | if (fips_is_started()) | ||
85 | { | ||
86 | int owning_thread = fips_is_owning_thread(); | ||
87 | |||
88 | if (!owning_thread) CRYPTO_r_lock(CRYPTO_LOCK_FIPS); | ||
89 | ret = fips_md5_allowed; | ||
90 | if (!owning_thread) CRYPTO_r_unlock(CRYPTO_LOCK_FIPS); | ||
91 | } | ||
92 | return ret; | ||
93 | } | ||
94 | |||
95 | int FIPS_selftest_failed(void) | ||
96 | { | ||
97 | int ret = 0; | ||
98 | if (fips_is_started()) | ||
99 | { | ||
100 | int owning_thread = fips_is_owning_thread(); | ||
101 | |||
102 | if (!owning_thread) CRYPTO_r_lock(CRYPTO_LOCK_FIPS); | ||
103 | ret = fips_selftest_fail; | ||
104 | if (!owning_thread) CRYPTO_r_unlock(CRYPTO_LOCK_FIPS); | ||
105 | } | ||
106 | return ret; | ||
107 | } | ||
108 | |||
109 | int FIPS_selftest() | ||
110 | { | ||
111 | ERR_load_crypto_strings(); | ||
112 | |||
113 | return FIPS_selftest_sha1() | ||
114 | && FIPS_selftest_aes() | ||
115 | && FIPS_selftest_des() | ||
116 | && FIPS_selftest_rsa() | ||
117 | && FIPS_selftest_dsa(); | ||
118 | } | ||
119 | |||
120 | static int FIPS_check_exe(const char *path) | ||
121 | { | ||
122 | unsigned char buf[1024]; | ||
123 | char p2[PATH_MAX]; | ||
124 | unsigned int n; | ||
125 | unsigned char mdbuf[EVP_MAX_MD_SIZE]; | ||
126 | FILE *f; | ||
127 | static char key[]="etaonrishdlcupfm"; | ||
128 | HMAC_CTX hmac; | ||
129 | const char *sha1_fmt="%s.sha1"; | ||
130 | |||
131 | f=fopen(path,"rb"); | ||
132 | #ifdef __CYGWIN32__ | ||
133 | /* cygwin scrupulously strips .exe extentions:-( as of now it's | ||
134 | actually no point to attempt above fopen, but we keep the call | ||
135 | just in case the behavior changes in the future... */ | ||
136 | if (!f) | ||
137 | { | ||
138 | sha1_fmt="%s.exe.sha1"; | ||
139 | BIO_snprintf(p2,sizeof p2,"%s.exe",path); | ||
140 | f=fopen(p2,"rb"); | ||
141 | } | ||
142 | #endif | ||
143 | if(!f) | ||
144 | { | ||
145 | FIPSerr(FIPS_F_FIPS_CHECK_EXE,FIPS_R_CANNOT_READ_EXE); | ||
146 | return 0; | ||
147 | } | ||
148 | HMAC_Init(&hmac,key,strlen(key),EVP_sha1()); | ||
149 | while(!feof(f)) | ||
150 | { | ||
151 | n=fread(buf,1,sizeof buf,f); | ||
152 | if(ferror(f)) | ||
153 | { | ||
154 | clearerr(f); | ||
155 | fclose(f); | ||
156 | FIPSerr(FIPS_F_FIPS_CHECK_EXE,FIPS_R_CANNOT_READ_EXE); | ||
157 | return 0; | ||
158 | } | ||
159 | if (n) HMAC_Update(&hmac,buf,n); | ||
160 | } | ||
161 | fclose(f); | ||
162 | HMAC_Final(&hmac,mdbuf,&n); | ||
163 | HMAC_CTX_cleanup(&hmac); | ||
164 | BIO_snprintf(p2,sizeof p2,sha1_fmt,path); | ||
165 | f=fopen(p2,"rb"); | ||
166 | if(!f || fread(buf,1,20,f) != 20) | ||
167 | { | ||
168 | if (f) fclose(f); | ||
169 | FIPSerr(FIPS_F_FIPS_CHECK_EXE,FIPS_R_CANNOT_READ_EXE_DIGEST); | ||
170 | return 0; | ||
171 | } | ||
172 | fclose(f); | ||
173 | if(memcmp(buf,mdbuf,20)) | ||
174 | { | ||
175 | FIPSerr(FIPS_F_FIPS_CHECK_EXE,FIPS_R_EXE_DIGEST_DOES_NOT_MATCH); | ||
176 | return 0; | ||
177 | } | ||
178 | return 1; | ||
179 | } | ||
180 | |||
181 | int FIPS_mode_set(int onoff,const char *path) | ||
182 | { | ||
183 | void fips_set_mode(int _onoff); | ||
184 | int fips_set_owning_thread(); | ||
185 | int fips_clear_owning_thread(); | ||
186 | int ret = 0; | ||
187 | |||
188 | CRYPTO_w_lock(CRYPTO_LOCK_FIPS); | ||
189 | fips_set_started(); | ||
190 | fips_set_owning_thread(); | ||
191 | |||
192 | if(onoff) | ||
193 | { | ||
194 | unsigned char buf[24]; | ||
195 | |||
196 | fips_selftest_fail = 0; | ||
197 | |||
198 | /* Don't go into FIPS mode twice, just so we can do automagic | ||
199 | seeding */ | ||
200 | if(FIPS_mode()) | ||
201 | { | ||
202 | FIPSerr(FIPS_F_FIPS_MODE_SET,FIPS_R_FIPS_MODE_ALREADY_SET); | ||
203 | fips_selftest_fail = 1; | ||
204 | ret = 0; | ||
205 | goto end; | ||
206 | } | ||
207 | |||
208 | if(!FIPS_check_exe(path)) | ||
209 | { | ||
210 | fips_selftest_fail = 1; | ||
211 | ret = 0; | ||
212 | goto end; | ||
213 | } | ||
214 | |||
215 | /* automagically seed PRNG if not already seeded */ | ||
216 | if(!FIPS_rand_seeded()) | ||
217 | { | ||
218 | if(RAND_bytes(buf,sizeof buf) <= 0) | ||
219 | { | ||
220 | fips_selftest_fail = 1; | ||
221 | ret = 0; | ||
222 | goto end; | ||
223 | } | ||
224 | FIPS_set_prng_key(buf,buf+8); | ||
225 | FIPS_rand_seed(buf+16,8); | ||
226 | } | ||
227 | |||
228 | /* now switch into FIPS mode */ | ||
229 | fips_set_rand_check(FIPS_rand_method()); | ||
230 | RAND_set_rand_method(FIPS_rand_method()); | ||
231 | if(FIPS_selftest()) | ||
232 | fips_set_mode(1); | ||
233 | else | ||
234 | { | ||
235 | fips_selftest_fail = 1; | ||
236 | ret = 0; | ||
237 | goto end; | ||
238 | } | ||
239 | ret = 1; | ||
240 | goto end; | ||
241 | } | ||
242 | fips_set_mode(0); | ||
243 | fips_selftest_fail = 0; | ||
244 | ret = 1; | ||
245 | end: | ||
246 | fips_clear_owning_thread(); | ||
247 | CRYPTO_w_unlock(CRYPTO_LOCK_FIPS); | ||
248 | return ret; | ||
249 | } | ||
250 | |||
251 | #if 0 | ||
252 | /* here just to cause error codes to exist */ | ||
253 | static void dummy() | ||
254 | { | ||
255 | FIPSerr(FIPS_F_HASH_FINAL,FIPS_F_NON_FIPS_METHOD); | ||
256 | FIPSerr(FIPS_F_HASH_FINAL,FIPS_R_FIPS_SELFTEST_FAILED); | ||
257 | } | ||
258 | #endif | ||
259 | |||
260 | #endif | ||
diff --git a/src/lib/libssl/src/fips/fips.h b/src/lib/libssl/src/fips/fips.h deleted file mode 100644 index a4df06b148..0000000000 --- a/src/lib/libssl/src/fips/fips.h +++ /dev/null | |||
@@ -1,125 +0,0 @@ | |||
1 | /* ==================================================================== | ||
2 | * Copyright (c) 2003 The OpenSSL Project. All rights reserved. | ||
3 | * | ||
4 | * Redistribution and use in source and binary forms, with or without | ||
5 | * modification, are permitted provided that the following conditions | ||
6 | * are met: | ||
7 | * | ||
8 | * 1. Redistributions of source code must retain the above copyright | ||
9 | * notice, this list of conditions and the following disclaimer. | ||
10 | * | ||
11 | * 2. Redistributions in binary form must reproduce the above copyright | ||
12 | * notice, this list of conditions and the following disclaimer in | ||
13 | * the documentation and/or other materials provided with the | ||
14 | * distribution. | ||
15 | * | ||
16 | * 3. All advertising materials mentioning features or use of this | ||
17 | * software must display the following acknowledgment: | ||
18 | * "This product includes software developed by the OpenSSL Project | ||
19 | * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" | ||
20 | * | ||
21 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
22 | * endorse or promote products derived from this software without | ||
23 | * prior written permission. For written permission, please contact | ||
24 | * openssl-core@openssl.org. | ||
25 | * | ||
26 | * 5. Products derived from this software may not be called "OpenSSL" | ||
27 | * nor may "OpenSSL" appear in their names without prior written | ||
28 | * permission of the OpenSSL Project. | ||
29 | * | ||
30 | * 6. Redistributions of any form whatsoever must retain the following | ||
31 | * acknowledgment: | ||
32 | * "This product includes software developed by the OpenSSL Project | ||
33 | * for use in the OpenSSL Toolkit (http://www.openssl.org/)" | ||
34 | * | ||
35 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
36 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
37 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
38 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
39 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
40 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
41 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
42 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
43 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
44 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
45 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
46 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
47 | * | ||
48 | */ | ||
49 | |||
50 | #include <openssl/opensslconf.h> | ||
51 | |||
52 | #ifdef OPENSSL_FIPS | ||
53 | |||
54 | #ifdef __cplusplus | ||
55 | extern "C" { | ||
56 | #endif | ||
57 | |||
58 | /* Note that these are defined in crypto/cryptlib.c so they're | ||
59 | * available even without -lfips. | ||
60 | */ | ||
61 | struct dsa_st; | ||
62 | |||
63 | int FIPS_mode_set(int onoff,const char *path); | ||
64 | void FIPS_allow_md5(int onoff); | ||
65 | int FIPS_md5_allowed(void); | ||
66 | int FIPS_selftest_failed(void); | ||
67 | int FIPS_dsa_check(struct dsa_st *dsa); | ||
68 | void FIPS_corrupt_sha1(void); | ||
69 | int FIPS_selftest_sha1(void); | ||
70 | void FIPS_corrupt_aes(void); | ||
71 | int FIPS_selftest_aes(void); | ||
72 | void FIPS_corrupt_des(void); | ||
73 | int FIPS_selftest_des(void); | ||
74 | void FIPS_corrupt_rsa(void); | ||
75 | int FIPS_selftest_rsa(void); | ||
76 | void FIPS_corrupt_dsa(void); | ||
77 | int FIPS_selftest_dsa(void); | ||
78 | |||
79 | /* The following lines are auto generated by the script mkerr.pl. Any changes | ||
80 | * made after this point may be overwritten when the script is next run. | ||
81 | */ | ||
82 | void ERR_load_FIPS_strings(void); | ||
83 | |||
84 | /* BEGIN ERROR CODES */ | ||
85 | /* The following lines are auto generated by the script mkerr.pl. Any changes | ||
86 | * made after this point may be overwritten when the script is next run. | ||
87 | */ | ||
88 | void ERR_load_FIPS_strings(void); | ||
89 | |||
90 | /* Error codes for the FIPS functions. */ | ||
91 | |||
92 | /* Function codes. */ | ||
93 | #define FIPS_F_DSA_DO_SIGN 111 | ||
94 | #define FIPS_F_DSA_DO_VERIFY 112 | ||
95 | #define FIPS_F_DSA_GENERATE_PARAMETERS 110 | ||
96 | #define FIPS_F_FIPS_CHECK_DSA 116 | ||
97 | #define FIPS_F_FIPS_CHECK_EXE 106 | ||
98 | #define FIPS_F_FIPS_CHECK_RSA 115 | ||
99 | #define FIPS_F_FIPS_DSA_CHECK 102 | ||
100 | #define FIPS_F_FIPS_MODE_SET 105 | ||
101 | #define FIPS_F_FIPS_SELFTEST_AES 104 | ||
102 | #define FIPS_F_FIPS_SELFTEST_DES 107 | ||
103 | #define FIPS_F_FIPS_SELFTEST_DSA 109 | ||
104 | #define FIPS_F_FIPS_SELFTEST_RSA 108 | ||
105 | #define FIPS_F_FIPS_SELFTEST_SHA1 103 | ||
106 | #define FIPS_F_HASH_FINAL 100 | ||
107 | #define FIPS_F_DH_GENERATE_PARAMETERS 117 | ||
108 | #define FIPS_F_RSA_EAY_PUBLIC_ENCRYPT 114 | ||
109 | #define FIPS_F_RSA_GENERATE_KEY 113 | ||
110 | #define FIPS_F_SSLEAY_RAND_BYTES 101 | ||
111 | |||
112 | /* Reason codes. */ | ||
113 | #define FIPS_R_CANNOT_READ_EXE 103 | ||
114 | #define FIPS_R_CANNOT_READ_EXE_DIGEST 104 | ||
115 | #define FIPS_R_EXE_DIGEST_DOES_NOT_MATCH 105 | ||
116 | #define FIPS_R_FIPS_MODE_ALREADY_SET 102 | ||
117 | #define FIPS_R_FIPS_SELFTEST_FAILED 106 | ||
118 | #define FIPS_R_NON_FIPS_METHOD 100 | ||
119 | #define FIPS_R_PAIRWISE_TEST_FAILED 107 | ||
120 | #define FIPS_R_SELFTEST_FAILED 101 | ||
121 | |||
122 | #ifdef __cplusplus | ||
123 | } | ||
124 | #endif | ||
125 | #endif | ||
diff --git a/src/lib/libssl/src/fips/fips_locl.h b/src/lib/libssl/src/fips/fips_locl.h deleted file mode 100644 index 215e382549..0000000000 --- a/src/lib/libssl/src/fips/fips_locl.h +++ /dev/null | |||
@@ -1,67 +0,0 @@ | |||
1 | /* ==================================================================== | ||
2 | * Copyright (c) 2003 The OpenSSL Project. All rights reserved. | ||
3 | * | ||
4 | * Redistribution and use in source and binary forms, with or without | ||
5 | * modification, are permitted provided that the following conditions | ||
6 | * are met: | ||
7 | * | ||
8 | * 1. Redistributions of source code must retain the above copyright | ||
9 | * notice, this list of conditions and the following disclaimer. | ||
10 | * | ||
11 | * 2. Redistributions in binary form must reproduce the above copyright | ||
12 | * notice, this list of conditions and the following disclaimer in | ||
13 | * the documentation and/or other materials provided with the | ||
14 | * distribution. | ||
15 | * | ||
16 | * 3. All advertising materials mentioning features or use of this | ||
17 | * software must display the following acknowledgment: | ||
18 | * "This product includes software developed by the OpenSSL Project | ||
19 | * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" | ||
20 | * | ||
21 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
22 | * endorse or promote products derived from this software without | ||
23 | * prior written permission. For written permission, please contact | ||
24 | * openssl-core@openssl.org. | ||
25 | * | ||
26 | * 5. Products derived from this software may not be called "OpenSSL" | ||
27 | * nor may "OpenSSL" appear in their names without prior written | ||
28 | * permission of the OpenSSL Project. | ||
29 | * | ||
30 | * 6. Redistributions of any form whatsoever must retain the following | ||
31 | * acknowledgment: | ||
32 | * "This product includes software developed by the OpenSSL Project | ||
33 | * for use in the OpenSSL Toolkit (http://www.openssl.org/)" | ||
34 | * | ||
35 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
36 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
37 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
38 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
39 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
40 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
41 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
42 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
43 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
44 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
45 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
46 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
47 | * | ||
48 | */ | ||
49 | |||
50 | #ifdef OPENSSL_FIPS | ||
51 | |||
52 | #ifdef __cplusplus | ||
53 | extern "C" { | ||
54 | #endif | ||
55 | |||
56 | /* These are really defined in crypto/cryptlib.c */ | ||
57 | void fips_set_started(void); | ||
58 | int fips_is_started(void); | ||
59 | int fips_is_owning_thread(void); | ||
60 | int fips_set_owning_thread(void); | ||
61 | int fips_clear_owning_thread(void); | ||
62 | void fips_set_rand_check(void *rand_check); | ||
63 | |||
64 | #ifdef __cplusplus | ||
65 | } | ||
66 | #endif | ||
67 | #endif | ||
diff --git a/src/lib/libssl/src/fips/fips_test_suite.c b/src/lib/libssl/src/fips/fips_test_suite.c deleted file mode 100644 index 60ee8d856b..0000000000 --- a/src/lib/libssl/src/fips/fips_test_suite.c +++ /dev/null | |||
@@ -1,341 +0,0 @@ | |||
1 | /* ==================================================================== | ||
2 | * Copyright (c) 2003 The OpenSSL Project. All rights reserved. | ||
3 | * | ||
4 | * | ||
5 | * This command is intended as a test driver for the FIPS-140 testing | ||
6 | * lab performing FIPS-140 validation. It demonstrates the use of the | ||
7 | * OpenSSL library ito perform a variety of common cryptographic | ||
8 | * functions. A power-up self test is demonstrated by deliberately | ||
9 | * pointing to an invalid executable hash | ||
10 | * | ||
11 | * Contributed by Steve Marquess. | ||
12 | * | ||
13 | */ | ||
14 | #include <stdio.h> | ||
15 | #include <assert.h> | ||
16 | #include <ctype.h> | ||
17 | #include <string.h> | ||
18 | #include <stdlib.h> | ||
19 | #include <openssl/aes.h> | ||
20 | #include <openssl/des.h> | ||
21 | #include <openssl/rsa.h> | ||
22 | #include <openssl/dsa.h> | ||
23 | #include <openssl/sha.h> | ||
24 | #include <openssl/md5.h> | ||
25 | #include <openssl/err.h> | ||
26 | #include <openssl/fips.h> | ||
27 | #include <openssl/bn.h> | ||
28 | #include <openssl/rand.h> | ||
29 | #ifndef OPENSSL_FIPS | ||
30 | int main(int argc, char *argv[]) | ||
31 | { | ||
32 | printf("No FIPS support\n"); | ||
33 | return(0); | ||
34 | } | ||
35 | #else | ||
36 | |||
37 | /* AES: encrypt and decrypt known plaintext, verify result matches original plaintext | ||
38 | */ | ||
39 | static int FIPS_aes_test() | ||
40 | { | ||
41 | unsigned char userkey[16] = { 0xde, 0xad, 0xbe, 0xef, 0xfe, 0xed, 0xf0, 0x0d }; | ||
42 | unsigned char plaintext[16] = "etaonrishdlcu"; | ||
43 | unsigned char ciphertext[16]; | ||
44 | unsigned char buf[16]; | ||
45 | AES_KEY key; | ||
46 | AES_KEY dkey; | ||
47 | |||
48 | ERR_clear_error(); | ||
49 | if (AES_set_encrypt_key( userkey, 128, &key )) | ||
50 | return 0; | ||
51 | AES_encrypt( plaintext, ciphertext, &key); | ||
52 | if (AES_set_decrypt_key( userkey, 128, &dkey )) | ||
53 | return 0; | ||
54 | AES_decrypt( ciphertext, buf, &dkey); | ||
55 | if (memcmp(buf, plaintext, sizeof(buf))) | ||
56 | return 0; | ||
57 | return 1; | ||
58 | } | ||
59 | |||
60 | /* DES: encrypt and decrypt known plaintext, verify result matches original plaintext | ||
61 | */ | ||
62 | static int FIPS_des_test() | ||
63 | { | ||
64 | DES_cblock userkey = { 0xde, 0xad, 0xbe, 0xef, 0xfe, 0xed, 0xf0, 0x0d }; | ||
65 | DES_cblock plaintext = { 'e', 't', 'a', 'o', 'n', 'r', 'i', 's' }; | ||
66 | |||
67 | DES_key_schedule key; | ||
68 | DES_cblock ciphertext; | ||
69 | DES_cblock buf; | ||
70 | |||
71 | ERR_clear_error(); | ||
72 | if (DES_set_key(&userkey, &key) < 0) | ||
73 | return 0; | ||
74 | DES_ecb_encrypt( &plaintext, &ciphertext, &key, 1); | ||
75 | DES_ecb_encrypt( &ciphertext, &buf, &key, 0); | ||
76 | if (memcmp(buf, plaintext, sizeof(buf))) | ||
77 | return 0; | ||
78 | return 1; | ||
79 | } | ||
80 | |||
81 | /* DSA: generate key and sign a known digest, then verify the signature | ||
82 | * against the digest | ||
83 | */ | ||
84 | static int FIPS_dsa_test() | ||
85 | { | ||
86 | DSA *dsa = NULL; | ||
87 | unsigned char dgst[] = "etaonrishdlc"; | ||
88 | unsigned char sig[256]; | ||
89 | unsigned int siglen; | ||
90 | |||
91 | ERR_clear_error(); | ||
92 | dsa = DSA_generate_parameters(512,NULL,0,NULL,NULL,NULL,NULL); | ||
93 | if (!dsa) | ||
94 | return 0; | ||
95 | if (!DSA_generate_key(dsa)) | ||
96 | return 0; | ||
97 | if ( DSA_sign(0,dgst,sizeof(dgst) - 1,sig,&siglen,dsa) != 1 ) | ||
98 | return 0; | ||
99 | if ( DSA_verify(0,dgst,sizeof(dgst) - 1,sig,siglen,dsa) != 1 ) | ||
100 | return 0; | ||
101 | DSA_free(dsa); | ||
102 | return 1; | ||
103 | } | ||
104 | |||
105 | /* RSA: generate keys and encrypt and decrypt known plaintext, verify result | ||
106 | * matches the original plaintext | ||
107 | */ | ||
108 | static int FIPS_rsa_test() | ||
109 | { | ||
110 | RSA *key; | ||
111 | unsigned char input_ptext[] = "etaonrishdlc"; | ||
112 | unsigned char ctext[256]; | ||
113 | unsigned char ptext[256]; | ||
114 | int n; | ||
115 | |||
116 | ERR_clear_error(); | ||
117 | key = RSA_generate_key(1024,65537,NULL,NULL); | ||
118 | if (!key) | ||
119 | return 0; | ||
120 | n = RSA_size(key); | ||
121 | n = RSA_public_encrypt(sizeof(input_ptext) - 1,input_ptext,ctext,key,RSA_PKCS1_PADDING); | ||
122 | if (n < 0) | ||
123 | return 0; | ||
124 | n = RSA_private_decrypt(n,ctext,ptext,key,RSA_PKCS1_PADDING); | ||
125 | if (n < 0) | ||
126 | return 0; | ||
127 | RSA_free(key); | ||
128 | if (memcmp(input_ptext,ptext,sizeof(input_ptext) - 1)) | ||
129 | return 0; | ||
130 | return 1; | ||
131 | } | ||
132 | |||
133 | /* SHA1: generate hash of known digest value and compare to known | ||
134 | precomputed correct hash | ||
135 | */ | ||
136 | static int FIPS_sha1_test() | ||
137 | { | ||
138 | unsigned char digest[SHA_DIGEST_LENGTH] = | ||
139 | { 0x11, 0xf1, 0x9a, 0x3a, 0xec, 0x1a, 0x1e, 0x8e, 0x65, 0xd4, 0x9a, 0x38, 0x0c, 0x8b, 0x1e, 0x2c, 0xe8, 0xb3, 0xc5, 0x18 }; | ||
140 | unsigned char str[] = "etaonrishd"; | ||
141 | |||
142 | unsigned char md[SHA_DIGEST_LENGTH]; | ||
143 | |||
144 | ERR_clear_error(); | ||
145 | if (!SHA1(str,sizeof(str) - 1,md)) return 0; | ||
146 | if (memcmp(md,digest,sizeof(md))) | ||
147 | return 0; | ||
148 | return 1; | ||
149 | } | ||
150 | |||
151 | /* MD5: generate hash of known digest value and compare to known | ||
152 | precomputed correct hash | ||
153 | */ | ||
154 | static int md5_test() | ||
155 | { | ||
156 | unsigned char digest[MD5_DIGEST_LENGTH] = | ||
157 | { 0x48, 0x50, 0xf0, 0xa3, 0x3a, 0xed, 0xd3, 0xaf, 0x6e, 0x47, 0x7f, 0x83, 0x02, 0xb1, 0x09, 0x68 }; | ||
158 | unsigned char str[] = "etaonrishd"; | ||
159 | |||
160 | unsigned char md[MD5_DIGEST_LENGTH]; | ||
161 | |||
162 | ERR_clear_error(); | ||
163 | if (!MD5(str,sizeof(str) - 1,md)) | ||
164 | return 0; | ||
165 | if (memcmp(md,digest,sizeof(md))) | ||
166 | return 0; | ||
167 | return 1; | ||
168 | } | ||
169 | |||
170 | /* DH: generate shared parameters | ||
171 | */ | ||
172 | static int dh_test() | ||
173 | { | ||
174 | DH *dh; | ||
175 | |||
176 | ERR_clear_error(); | ||
177 | dh = DH_generate_parameters(256, 2, NULL, NULL); | ||
178 | if (dh) | ||
179 | return 1; | ||
180 | return 0; | ||
181 | } | ||
182 | |||
183 | /* Zeroize | ||
184 | */ | ||
185 | static int Zeroize() | ||
186 | { | ||
187 | RSA *key; | ||
188 | unsigned char userkey[16] = | ||
189 | { 0x48, 0x50, 0xf0, 0xa3, 0x3a, 0xed, 0xd3, 0xaf, 0x6e, 0x47, 0x7f, 0x83, 0x02, 0xb1, 0x09, 0x68 }; | ||
190 | int i, n; | ||
191 | |||
192 | key = RSA_generate_key(1024,65537,NULL,NULL); | ||
193 | if (!key) | ||
194 | return 0; | ||
195 | n = BN_num_bytes(key->d); | ||
196 | printf(" Generated %d byte RSA private key\n", n); | ||
197 | printf("\tBN key before overwriting:\n%s\n", BN_bn2hex(key->d)); | ||
198 | BN_rand(key->d,n*8,-1,0); | ||
199 | printf("\tBN key after overwriting:\n%s\n", BN_bn2hex(key->d)); | ||
200 | |||
201 | printf("\tchar buffer key before overwriting: \n\t\t"); | ||
202 | for(i = 0; i < sizeof(userkey); i++) printf("%02x", userkey[i]); | ||
203 | printf("\n"); | ||
204 | RAND_bytes(userkey, sizeof userkey); | ||
205 | printf("\tchar buffer key after overwriting: \n\t\t"); | ||
206 | for(i = 0; i < sizeof(userkey); i++) printf("%02x", userkey[i]); | ||
207 | printf("\n"); | ||
208 | |||
209 | return 1; | ||
210 | } | ||
211 | |||
212 | static int Error; | ||
213 | const char * Fail(const char *msg) | ||
214 | { | ||
215 | Error++; | ||
216 | return msg; | ||
217 | } | ||
218 | |||
219 | int main(int argc,char **argv) | ||
220 | { | ||
221 | |||
222 | printf("\tFIPS-mode test application\n\n"); | ||
223 | |||
224 | /* Load entropy from external file, if any */ | ||
225 | RAND_load_file(".rnd", 1024); | ||
226 | |||
227 | if (argv[1]) { | ||
228 | /* Corrupted KAT tests */ | ||
229 | if (!strcmp(argv[1], "aes")) { | ||
230 | FIPS_corrupt_aes(); | ||
231 | printf("3. AES encryption/decryption with corrupted KAT...\n"); | ||
232 | } else if (!strcmp(argv[1], "des")) { | ||
233 | FIPS_corrupt_des(); | ||
234 | printf("5. DES-ECB encryption/decryption with corrupted KAT...\n"); | ||
235 | } else if (!strcmp(argv[1], "dsa")) { | ||
236 | FIPS_corrupt_dsa(); | ||
237 | printf("6. DSA key generation and signature validation with corrupted KAT...\n"); | ||
238 | } else if (!strcmp(argv[1], "rsa")) { | ||
239 | FIPS_corrupt_rsa(); | ||
240 | printf("4. RSA key generation and encryption/decryption with corrupted KAT...\n"); | ||
241 | } else if (!strcmp(argv[1], "sha1")) { | ||
242 | FIPS_corrupt_sha1(); | ||
243 | printf("7. SHA-1 hash with corrupted KAT...\n"); | ||
244 | } else { | ||
245 | printf("Bad argument \"%s\"\n", argv[1]); | ||
246 | exit(1); | ||
247 | } | ||
248 | if (!FIPS_mode_set(1,argv[0])) | ||
249 | { | ||
250 | ERR_load_crypto_strings(); | ||
251 | ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE)); | ||
252 | printf("Power-up self test failed\n"); | ||
253 | exit(1); | ||
254 | } | ||
255 | printf("Power-up self test successful\n"); | ||
256 | exit(0); | ||
257 | } | ||
258 | |||
259 | /* Non-Approved cryptographic operation | ||
260 | */ | ||
261 | printf("0. Non-Approved cryptographic operation test...\n"); | ||
262 | printf("\ta. Excluded algorithm (MD5)..."); | ||
263 | printf( md5_test() ? "successful\n" : Fail("FAILED!\n") ); | ||
264 | printf("\tb. Included algorithm (D-H)..."); | ||
265 | printf( dh_test() ? "successful\n" : Fail("FAILED!\n") ); | ||
266 | |||
267 | /* Power-up self test failure | ||
268 | */ | ||
269 | printf("1. Automatic power-up self test..."); | ||
270 | printf( FIPS_mode_set(1,"/dev/null") ? Fail("passed INCORRECTLY!\n") : "failed as expected\n" ); | ||
271 | |||
272 | /* Algorithm call when uninitialized failure | ||
273 | */ | ||
274 | printf("\ta. AES API failure on failed power-up self test..."); | ||
275 | printf( FIPS_aes_test() ? Fail("passed INCORRECTLY!\n") :"failed as expected\n" ); | ||
276 | printf("\tb. RSA API failure on failed power-up self test..."); | ||
277 | printf( FIPS_rsa_test() ? Fail("passed INCORRECTLY!\n") : "failed as expected\n" ); | ||
278 | printf("\tc. DES API failure on failed power-up self test..."); | ||
279 | printf( FIPS_des_test() ? Fail("passed INCORRECTLY!\n") : "failed as expected\n" ); | ||
280 | printf("\td. DSA API failure on failed power-up self test..."); | ||
281 | printf( FIPS_dsa_test() ? Fail("passed INCORRECTLY!\n") : "failed as expected\n" ); | ||
282 | printf("\te. SHA1 API failure on failed power-up self test..."); | ||
283 | printf( FIPS_sha1_test() ? Fail("passed INCORRECTLY!\n") : "failed as expected\n" ); | ||
284 | |||
285 | /* Power-up self test retry | ||
286 | */ | ||
287 | ERR_clear_error(); | ||
288 | printf("2. Automatic power-up self test retry..."); | ||
289 | if (!FIPS_mode_set(1,argv[0])) | ||
290 | { | ||
291 | ERR_load_crypto_strings(); | ||
292 | ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE)); | ||
293 | printf(Fail("FAILED!\n")); | ||
294 | exit(1); | ||
295 | } | ||
296 | printf("successful\n"); | ||
297 | |||
298 | /* AES encryption/decryption | ||
299 | */ | ||
300 | printf("3. AES encryption/decryption..."); | ||
301 | printf( FIPS_aes_test() ? "successful\n" : Fail("FAILED!\n") ); | ||
302 | |||
303 | /* RSA key generation and encryption/decryption | ||
304 | */ | ||
305 | printf("4. RSA key generation and encryption/decryption..."); | ||
306 | printf( FIPS_rsa_test() ? "successful\n" : Fail("FAILED!\n") ); | ||
307 | |||
308 | /* DES-CBC encryption/decryption | ||
309 | */ | ||
310 | printf("5. DES-ECB encryption/decryption..."); | ||
311 | printf( FIPS_des_test() ? "successful\n" : Fail("FAILED!\n") ); | ||
312 | |||
313 | /* DSA key generation and signature validation | ||
314 | */ | ||
315 | printf("6. DSA key generation and signature validation..."); | ||
316 | printf( FIPS_dsa_test() ? "successful\n" : Fail("FAILED!\n") ); | ||
317 | |||
318 | /* SHA-1 hash | ||
319 | */ | ||
320 | printf("7. SHA-1 hash..."); | ||
321 | printf( FIPS_sha1_test() ? "successful\n" : Fail("FAILED!\n") ); | ||
322 | |||
323 | /* Non-Approved cryptographic operation | ||
324 | */ | ||
325 | printf("8. Non-Approved cryptographic operation test...\n"); | ||
326 | printf("\ta. Excluded algorithm (MD5)..."); | ||
327 | printf( md5_test() ? Fail("passed INCORRECTLY!\n") | ||
328 | : "failed as expected\n" ); | ||
329 | printf("\tb. Included algorithm (D-H)..."); | ||
330 | printf( dh_test() ? "successful as expected\n" | ||
331 | : Fail("failed INCORRECTLY!\n") ); | ||
332 | |||
333 | /* Zeroization | ||
334 | */ | ||
335 | printf("9. Zero-ization...\n"); | ||
336 | Zeroize(); | ||
337 | |||
338 | printf("\nAll tests completed with %d errors\n", Error); | ||
339 | return 0; | ||
340 | } | ||
341 | #endif | ||
diff --git a/src/lib/libssl/src/fips/install.com b/src/lib/libssl/src/fips/install.com deleted file mode 100644 index aa19f0599d..0000000000 --- a/src/lib/libssl/src/fips/install.com +++ /dev/null | |||
@@ -1,55 +0,0 @@ | |||
1 | $! INSTALL.COM -- Installs the files in a given directory tree | ||
2 | $! | ||
3 | $! Author: Richard Levitte <richard@levitte.org> | ||
4 | $! Time of creation: 27-MAY-2004 11:47 | ||
5 | $! | ||
6 | $! P1 root of the directory tree | ||
7 | $! | ||
8 | $ IF P1 .EQS. "" | ||
9 | $ THEN | ||
10 | $ WRITE SYS$OUTPUT "First argument missing." | ||
11 | $ WRITE SYS$OUTPUT "Should be the directory where you want things installed." | ||
12 | $ EXIT | ||
13 | $ ENDIF | ||
14 | $ | ||
15 | $ ROOT = F$PARSE(P1,"[]A.;0",,,"SYNTAX_ONLY,NO_CONCEAL") - "A.;0" | ||
16 | $ ROOT_DEV = F$PARSE(ROOT,,,"DEVICE","SYNTAX_ONLY") | ||
17 | $ ROOT_DIR = F$PARSE(ROOT,,,"DIRECTORY","SYNTAX_ONLY") - | ||
18 | - "[000000." - "][" - "[" - "]" | ||
19 | $ ROOT = ROOT_DEV + "[" + ROOT_DIR | ||
20 | $ | ||
21 | $ DEFINE/NOLOG WRK_SSLROOT 'ROOT'.] /TRANS=CONC | ||
22 | $ DEFINE/NOLOG WRK_SSLINCLUDE WRK_SSLROOT:[INCLUDE] | ||
23 | $ | ||
24 | $ IF F$PARSE("WRK_SSLROOT:[000000]") .EQS. "" THEN - | ||
25 | CREATE/DIR/LOG WRK_SSLROOT:[000000] | ||
26 | $ IF F$PARSE("WRK_SSLINCLUDE:") .EQS. "" THEN - | ||
27 | CREATE/DIR/LOG WRK_SSLINCLUDE: | ||
28 | $ | ||
29 | $ FDIRS := ,RAND,SHA1,DES,AES,DSA,RSA | ||
30 | $ EXHEADER_ := fips.h | ||
31 | $ EXHEADER_SHA1 := | ||
32 | $ EXHEADER_RAND := fips_rand.h | ||
33 | $ EXHEADER_DES := | ||
34 | $ EXHEADER_AES := | ||
35 | $ EXHEADER_DSA := | ||
36 | $ EXHEADER_RSA := | ||
37 | $ | ||
38 | $ I = 0 | ||
39 | $ LOOP_FDIRS: | ||
40 | $ D = F$EDIT(F$ELEMENT(I, ",", FDIRS),"TRIM") | ||
41 | $ I = I + 1 | ||
42 | $ IF D .EQS. "," THEN GOTO LOOP_FDIRS_END | ||
43 | $ tmp = EXHEADER_'D' | ||
44 | $ IF tmp .EQS. "" THEN GOTO LOOP_FDIRS | ||
45 | $ IF D .EQS. "" | ||
46 | $ THEN | ||
47 | $ COPY 'tmp' WRK_SSLINCLUDE: /LOG | ||
48 | $ ELSE | ||
49 | $ COPY [.'D']'tmp' WRK_SSLINCLUDE: /LOG | ||
50 | $ ENDIF | ||
51 | $ SET FILE/PROT=WORLD:RE WRK_SSLINCLUDE:'tmp' | ||
52 | $ GOTO LOOP_FDIRS | ||
53 | $ LOOP_FDIRS_END: | ||
54 | $ | ||
55 | $ EXIT | ||
diff --git a/src/lib/libssl/src/fips/openssl_fips_fingerprint b/src/lib/libssl/src/fips/openssl_fips_fingerprint deleted file mode 100755 index d3dfb7eb61..0000000000 --- a/src/lib/libssl/src/fips/openssl_fips_fingerprint +++ /dev/null | |||
@@ -1,30 +0,0 @@ | |||
1 | #!/bin/sh | ||
2 | # | ||
3 | # Check the library fingerprint and generate an executable fingerprint, or | ||
4 | # return an error | ||
5 | |||
6 | lib=$1 | ||
7 | exe=$2 | ||
8 | |||
9 | # deal with the case where we're run from within the build and OpenSSL is | ||
10 | # not yet installed. Also, make sure LD_LIBRARY_PATH is properly set in | ||
11 | # case shared libraries are built. | ||
12 | if [ "X$TOP" != "X" ] | ||
13 | then | ||
14 | if test "$OSTYPE" = msdosdjgpp; then | ||
15 | PATH="$TOP/apps;$TOP;$PATH" | ||
16 | else | ||
17 | PATH="$TOP/apps:$TOP:$PATH" | ||
18 | fi | ||
19 | LD_LIBRARY_PATH=$TOP; export LD_LIBRARY_PATH | ||
20 | else | ||
21 | LD_LIBRARY_PATH=.; export LD_LIBRARY_PATH | ||
22 | fi | ||
23 | |||
24 | echo "Checking library fingerprint for $lib" | ||
25 | openssl sha1 -hmac etaonrishdlcupfm $lib | sed "s/(.*\//(/" | diff -w $lib.sha1 - || { echo "$libs fingerprint mismatch"; exit 1; } | ||
26 | |||
27 | [ -x $exe.exe ] && exe=$exe.exe | ||
28 | |||
29 | echo "Making fingerprint for $exe" | ||
30 | openssl sha1 -hmac etaonrishdlcupfm -binary $exe > $exe.sha1 || rm $exe.sha1 | ||
diff --git a/src/lib/libssl/src/fips/rand/Makefile b/src/lib/libssl/src/fips/rand/Makefile deleted file mode 100644 index c8922abc77..0000000000 --- a/src/lib/libssl/src/fips/rand/Makefile +++ /dev/null | |||
@@ -1,104 +0,0 @@ | |||
1 | # | ||
2 | # SSLeay/fips/rand/Makefile | ||
3 | # | ||
4 | |||
5 | DIR= rand | ||
6 | TOP= ../.. | ||
7 | CC= cc | ||
8 | INCLUDES= | ||
9 | CFLAG=-g | ||
10 | INSTALL_PREFIX= | ||
11 | OPENSSLDIR= /usr/local/ssl | ||
12 | INSTALLTOP=/usr/local/ssl | ||
13 | MAKEDEPPROG= makedepend | ||
14 | MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) | ||
15 | MAKEFILE= Makefile | ||
16 | AR= ar r | ||
17 | |||
18 | CFLAGS= $(INCLUDES) $(CFLAG) | ||
19 | |||
20 | GENERAL=Makefile | ||
21 | TEST= fips_randtest.c | ||
22 | APPS= | ||
23 | |||
24 | LIB=$(TOP)/libcrypto.a | ||
25 | LIBSRC=fips_rand.c | ||
26 | LIBOBJ=fips_rand.o | ||
27 | |||
28 | SRC= $(LIBSRC) | ||
29 | |||
30 | EXHEADER= fips_rand.h | ||
31 | HEADER= $(EXHEADER) | ||
32 | |||
33 | ALL= $(GENERAL) $(SRC) $(HEADER) | ||
34 | |||
35 | top: | ||
36 | (cd $(TOP); $(MAKE) DIRS=fips SDIRS=$(DIR) sub_all) | ||
37 | |||
38 | all: check lib | ||
39 | |||
40 | check: | ||
41 | TOP=`pwd`/$(TOP) ../fips_check_sha1 fingerprint.sha1 $(SRC) $(HEADER) | ||
42 | |||
43 | lib: $(LIBOBJ) | ||
44 | $(AR) $(LIB) $(LIBOBJ) | ||
45 | $(RANLIB) $(LIB) || echo Never mind. | ||
46 | @sleep 2; touch lib | ||
47 | |||
48 | files: | ||
49 | $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO | ||
50 | |||
51 | links: | ||
52 | @$(PERL) $(TOP)/util/mklink.pl $(TOP)/include/openssl $(EXHEADER) | ||
53 | @$(PERL) $(TOP)/util/mklink.pl $(TOP)/test $(TEST) | ||
54 | @$(PERL) $(TOP)/util/mklink.pl $(TOP)/apps $(APPS) | ||
55 | |||
56 | install: | ||
57 | @headerlist="$(EXHEADER)"; for i in $$headerlist; \ | ||
58 | do \ | ||
59 | (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ | ||
60 | chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ | ||
61 | done | ||
62 | |||
63 | tags: | ||
64 | ctags $(SRC) | ||
65 | |||
66 | tests: | ||
67 | |||
68 | lint: | ||
69 | lint -DLINT $(INCLUDES) $(SRC)>fluff | ||
70 | |||
71 | depend: | ||
72 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(SRC) $(TEST) | ||
73 | |||
74 | dclean: | ||
75 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | ||
76 | mv -f Makefile.new $(MAKEFILE) | ||
77 | |||
78 | clean: | ||
79 | rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff | ||
80 | |||
81 | # DO NOT DELETE THIS LINE -- make depend depends on it. | ||
82 | |||
83 | fips_rand.o: ../../e_os.h ../../include/openssl/bio.h | ||
84 | fips_rand.o: ../../include/openssl/crypto.h ../../include/openssl/des.h | ||
85 | fips_rand.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h | ||
86 | fips_rand.o: ../../include/openssl/err.h ../../include/openssl/fips_rand.h | ||
87 | fips_rand.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h | ||
88 | fips_rand.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | ||
89 | fips_rand.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h | ||
90 | fips_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
91 | fips_rand.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h | ||
92 | fips_rand.o: fips_rand.c | ||
93 | fips_randtest.o: ../../e_os.h ../../include/openssl/bio.h | ||
94 | fips_randtest.o: ../../include/openssl/crypto.h ../../include/openssl/des.h | ||
95 | fips_randtest.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h | ||
96 | fips_randtest.o: ../../include/openssl/err.h ../../include/openssl/fips_rand.h | ||
97 | fips_randtest.o: ../../include/openssl/lhash.h | ||
98 | fips_randtest.o: ../../include/openssl/opensslconf.h | ||
99 | fips_randtest.o: ../../include/openssl/opensslv.h | ||
100 | fips_randtest.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h | ||
101 | fips_randtest.o: ../../include/openssl/safestack.h | ||
102 | fips_randtest.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
103 | fips_randtest.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h | ||
104 | fips_randtest.o: fips_randtest.c | ||
diff --git a/src/lib/libssl/src/fips/rand/fips_rand.c b/src/lib/libssl/src/fips/rand/fips_rand.c deleted file mode 100644 index cc2f12deb9..0000000000 --- a/src/lib/libssl/src/fips/rand/fips_rand.c +++ /dev/null | |||
@@ -1,355 +0,0 @@ | |||
1 | /* ==================================================================== | ||
2 | * Copyright (c) 2003 The OpenSSL Project. All rights reserved. | ||
3 | * | ||
4 | * Redistribution and use in source and binary forms, with or without | ||
5 | * modification, are permitted provided that the following conditions | ||
6 | * are met: | ||
7 | * | ||
8 | * 1. Redistributions of source code must retain the above copyright | ||
9 | * notice, this list of conditions and the following disclaimer. | ||
10 | * | ||
11 | * 2. Redistributions in binary form must reproduce the above copyright | ||
12 | * notice, this list of conditions and the following disclaimer in | ||
13 | * the documentation and/or other materials provided with the | ||
14 | * distribution. | ||
15 | * | ||
16 | * 3. All advertising materials mentioning features or use of this | ||
17 | * software must display the following acknowledgment: | ||
18 | * "This product includes software developed by the OpenSSL Project | ||
19 | * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" | ||
20 | * | ||
21 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
22 | * endorse or promote products derived from this software without | ||
23 | * prior written permission. For written permission, please contact | ||
24 | * openssl-core@openssl.org. | ||
25 | * | ||
26 | * 5. Products derived from this software may not be called "OpenSSL" | ||
27 | * nor may "OpenSSL" appear in their names without prior written | ||
28 | * permission of the OpenSSL Project. | ||
29 | * | ||
30 | * 6. Redistributions of any form whatsoever must retain the following | ||
31 | * acknowledgment: | ||
32 | * "This product includes software developed by the OpenSSL Project | ||
33 | * for use in the OpenSSL Toolkit (http://www.openssl.org/)" | ||
34 | * | ||
35 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
36 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
37 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
38 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
39 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
40 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
41 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
42 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
43 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
44 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
45 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
46 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
47 | * | ||
48 | */ | ||
49 | |||
50 | /* | ||
51 | * This is a FIPS approved PRNG, ANSI X9.31 A.2.4. | ||
52 | */ | ||
53 | |||
54 | #include "e_os.h" | ||
55 | |||
56 | /* If we don't define _XOPEN_SOURCE_EXTENDED, struct timeval won't | ||
57 | be defined and gettimeofday() won't be declared with strict compilers | ||
58 | like DEC C in ANSI C mode. */ | ||
59 | #ifndef _XOPEN_SOURCE_EXTENDED | ||
60 | #define _XOPEN_SOURCE_EXTENDED 1 | ||
61 | #endif | ||
62 | |||
63 | #include <openssl/des.h> | ||
64 | #include <openssl/rand.h> | ||
65 | #include <openssl/err.h> | ||
66 | #include <openssl/fips_rand.h> | ||
67 | #ifndef OPENSSL_SYS_WIN32 | ||
68 | #include <sys/time.h> | ||
69 | #endif | ||
70 | #include <assert.h> | ||
71 | #ifndef OPENSSL_SYS_WIN32 | ||
72 | # ifdef OPENSSL_UNISTD | ||
73 | # include OPENSSL_UNISTD | ||
74 | # else | ||
75 | # include <unistd.h> | ||
76 | # endif | ||
77 | #endif | ||
78 | #include <string.h> | ||
79 | |||
80 | #ifdef OPENSSL_FIPS | ||
81 | |||
82 | #define SEED_SIZE 8 | ||
83 | |||
84 | static unsigned char seed[SEED_SIZE]; | ||
85 | static FIPS_RAND_SIZE_T n_seed; | ||
86 | static FIPS_RAND_SIZE_T o_seed; | ||
87 | static DES_cblock key1; | ||
88 | static DES_cblock key2; | ||
89 | static DES_key_schedule ks1,ks2; | ||
90 | static int key_set; | ||
91 | static int test_mode; | ||
92 | static unsigned char test_faketime[8]; | ||
93 | |||
94 | #ifndef GETPID_IS_MEANINGLESS | ||
95 | static int seed_pid; | ||
96 | static int key_pid; | ||
97 | #endif | ||
98 | |||
99 | static void fips_rand_cleanup(void); | ||
100 | static void fips_rand_add(const void *buf, FIPS_RAND_SIZE_T num, double add_entropy); | ||
101 | static int fips_rand_bytes(unsigned char *buf, FIPS_RAND_SIZE_T num); | ||
102 | static int fips_rand_status(void); | ||
103 | |||
104 | static RAND_METHOD rand_fips_meth= | ||
105 | { | ||
106 | FIPS_rand_seed, | ||
107 | fips_rand_bytes, | ||
108 | fips_rand_cleanup, | ||
109 | fips_rand_add, | ||
110 | fips_rand_bytes, | ||
111 | fips_rand_status | ||
112 | }; | ||
113 | |||
114 | static int second; | ||
115 | |||
116 | RAND_METHOD *FIPS_rand_method(void) | ||
117 | { | ||
118 | return &rand_fips_meth; | ||
119 | } | ||
120 | |||
121 | void FIPS_set_prng_key(const unsigned char k1[8],const unsigned char k2[8]) | ||
122 | { | ||
123 | memcpy(&key1,k1,sizeof key1); | ||
124 | memcpy(&key2,k2,sizeof key2); | ||
125 | key_set=1; | ||
126 | #ifndef GETPID_IS_MEANINGLESS | ||
127 | key_pid=getpid(); | ||
128 | #endif | ||
129 | second=0; | ||
130 | } | ||
131 | |||
132 | void FIPS_test_mode(int test,const unsigned char faketime[8]) | ||
133 | { | ||
134 | test_mode=test; | ||
135 | if(!test_mode) | ||
136 | return; | ||
137 | memcpy(test_faketime,faketime,sizeof test_faketime); | ||
138 | } | ||
139 | |||
140 | /* NB: this returns true if _partially_ seeded */ | ||
141 | int FIPS_rand_seeded() | ||
142 | { return key_set || n_seed; } | ||
143 | |||
144 | static void fips_gettime(unsigned char buf[8]) | ||
145 | { | ||
146 | #ifdef OPENSSL_SYS_WIN32 | ||
147 | FILETIME ft; | ||
148 | #else | ||
149 | struct timeval tv; | ||
150 | #endif | ||
151 | |||
152 | if(test_mode) | ||
153 | { | ||
154 | fprintf(stderr,"WARNING!!! PRNG IN TEST MODE!!!\n"); | ||
155 | memcpy(buf,test_faketime,sizeof test_faketime); | ||
156 | return; | ||
157 | } | ||
158 | #ifdef OPENSSL_SYS_WIN32 | ||
159 | GetSystemTimeAsFileTime(&ft); | ||
160 | buf[0] = (unsigned char) (ft.dwHighDateTime & 0xff); | ||
161 | buf[1] = (unsigned char) ((ft.dwHighDateTime >> 8) & 0xff); | ||
162 | buf[2] = (unsigned char) ((ft.dwHighDateTime >> 16) & 0xff); | ||
163 | buf[3] = (unsigned char) ((ft.dwHighDateTime >> 24) & 0xff); | ||
164 | buf[4] = (unsigned char) (ft.dwLowDateTime & 0xff); | ||
165 | buf[5] = (unsigned char) ((ft.dwLowDateTime >> 8) & 0xff); | ||
166 | buf[6] = (unsigned char) ((ft.dwLowDateTime >> 16) & 0xff); | ||
167 | buf[7] = (unsigned char) ((ft.dwLowDateTime >> 24) & 0xff); | ||
168 | #else | ||
169 | gettimeofday(&tv,NULL); | ||
170 | buf[0] = (unsigned char) (tv.tv_sec & 0xff); | ||
171 | buf[1] = (unsigned char) ((tv.tv_sec >> 8) & 0xff); | ||
172 | buf[2] = (unsigned char) ((tv.tv_sec >> 16) & 0xff); | ||
173 | buf[3] = (unsigned char) ((tv.tv_sec >> 24) & 0xff); | ||
174 | buf[4] = (unsigned char) (tv.tv_usec & 0xff); | ||
175 | buf[5] = (unsigned char) ((tv.tv_usec >> 8) & 0xff); | ||
176 | buf[6] = (unsigned char) ((tv.tv_usec >> 16) & 0xff); | ||
177 | buf[7] = (unsigned char) ((tv.tv_usec >> 24) & 0xff); | ||
178 | #endif | ||
179 | |||
180 | #if 0 /* This eminently sensible strategy is not acceptable to NIST. Sigh. */ | ||
181 | #ifndef GETPID_IS_MEANINGLESS | ||
182 | /* we mix in the PID to ensure that after a fork the children don't give | ||
183 | * the same results as each other | ||
184 | */ | ||
185 | pid=getpid(); | ||
186 | /* make sure we shift the pid to the MSB */ | ||
187 | if((pid&0xffff0000) == 0) | ||
188 | pid<<=16; | ||
189 | *(long *)&buf[0]^=pid; | ||
190 | #endif | ||
191 | #endif | ||
192 | } | ||
193 | |||
194 | static void fips_rand_encrypt(unsigned char *out,const unsigned char *in) | ||
195 | { | ||
196 | DES_ecb2_encrypt(in,out,&ks1,&ks2,1); | ||
197 | } | ||
198 | |||
199 | static void fips_rand_cleanup(void) | ||
200 | { | ||
201 | OPENSSL_cleanse(seed,sizeof seed); | ||
202 | n_seed=0; | ||
203 | } | ||
204 | |||
205 | void FIPS_rand_seed(const void *buf_, FIPS_RAND_SIZE_T num) | ||
206 | { | ||
207 | const char *buf=buf_; | ||
208 | FIPS_RAND_SIZE_T n; | ||
209 | static int init; | ||
210 | |||
211 | /* If the key hasn't been set, we can't seed! */ | ||
212 | if(!key_set) | ||
213 | return; | ||
214 | |||
215 | CRYPTO_w_lock(CRYPTO_LOCK_RAND); | ||
216 | if(!init) | ||
217 | { | ||
218 | init=1; | ||
219 | DES_set_key(&key1,&ks1); | ||
220 | DES_set_key(&key2,&ks2); | ||
221 | } | ||
222 | |||
223 | /* | ||
224 | * This algorithm only uses 64 bits of seed, so ensure that we use | ||
225 | * the most recent 64 bits. | ||
226 | */ | ||
227 | for(n=0 ; n < num ; ) | ||
228 | { | ||
229 | FIPS_RAND_SIZE_T t=num-n; | ||
230 | |||
231 | if(o_seed+t > sizeof seed) | ||
232 | t=sizeof seed-o_seed; | ||
233 | memcpy(seed+o_seed,buf+n,t); | ||
234 | n+=t; | ||
235 | o_seed+=t; | ||
236 | if(o_seed == sizeof seed) | ||
237 | o_seed=0; | ||
238 | if(n_seed < sizeof seed) | ||
239 | n_seed+=t; | ||
240 | } | ||
241 | |||
242 | #ifndef GETPID_IS_MEANINGLESS | ||
243 | seed_pid=getpid(); | ||
244 | #endif | ||
245 | |||
246 | CRYPTO_w_unlock(CRYPTO_LOCK_RAND); | ||
247 | } | ||
248 | |||
249 | static void fips_rand_add(const void *buf, FIPS_RAND_SIZE_T num, double add_entropy) | ||
250 | { | ||
251 | FIPS_rand_seed(buf,num); | ||
252 | } | ||
253 | |||
254 | static int fips_rand_bytes(unsigned char *buf,FIPS_RAND_SIZE_T num) | ||
255 | { | ||
256 | FIPS_RAND_SIZE_T n; | ||
257 | unsigned char timeseed[8]; | ||
258 | unsigned char intermediate[SEED_SIZE]; | ||
259 | unsigned char output[SEED_SIZE]; | ||
260 | static unsigned char previous[SEED_SIZE]; | ||
261 | #ifndef GETPID_IS_MEANINGLESS | ||
262 | int pid; | ||
263 | #endif | ||
264 | |||
265 | if(n_seed < sizeof seed) | ||
266 | { | ||
267 | RANDerr(RAND_F_FIPS_RAND_BYTES,RAND_R_PRNG_NOT_SEEDED); | ||
268 | return 0; | ||
269 | } | ||
270 | |||
271 | #ifdef FIPS_RAND_MAX_SIZE_T | ||
272 | if (num > FIPS_RAND_MAX_SIZE_T) | ||
273 | { | ||
274 | #ifdef RAND_R_PRNG_ASKING_FOR_TOO_MUCH | ||
275 | RANDerr(RAND_F_FIPS_RAND_BYTES,RAND_R_PRNG_ASKING_FOR_TOO_MUCH); | ||
276 | return 0; | ||
277 | #else | ||
278 | return -1; /* signal "not supported" condition */ | ||
279 | #endif | ||
280 | } | ||
281 | #endif | ||
282 | |||
283 | #ifndef GETPID_IS_MEANINGLESS | ||
284 | pid=getpid(); | ||
285 | if(pid != seed_pid) | ||
286 | { | ||
287 | RANDerr(RAND_F_FIPS_RAND_BYTES,RAND_R_PRNG_NOT_RESEEDED); | ||
288 | return 0; | ||
289 | } | ||
290 | if(pid != key_pid) | ||
291 | { | ||
292 | RANDerr(RAND_F_FIPS_RAND_BYTES,RAND_R_PRNG_NOT_REKEYED); | ||
293 | return 0; | ||
294 | } | ||
295 | #endif | ||
296 | |||
297 | CRYPTO_w_lock(CRYPTO_LOCK_RAND); | ||
298 | |||
299 | for(n=0 ; n < num ; ) | ||
300 | { | ||
301 | unsigned char t[SEED_SIZE]; | ||
302 | FIPS_RAND_SIZE_T l; | ||
303 | |||
304 | /* ANS X9.31 A.2.4: I = ede*K(DT) | ||
305 | timeseed == DT | ||
306 | intermediate == I | ||
307 | */ | ||
308 | fips_gettime(timeseed); | ||
309 | fips_rand_encrypt(intermediate,timeseed); | ||
310 | |||
311 | /* ANS X9.31 A.2.4: R = ede*K(I^V) | ||
312 | intermediate == I | ||
313 | seed == V | ||
314 | output == R | ||
315 | */ | ||
316 | for(l=0 ; l < sizeof t ; ++l) | ||
317 | t[l]=intermediate[l]^seed[l]; | ||
318 | fips_rand_encrypt(output,t); | ||
319 | |||
320 | /* ANS X9.31 A.2.4: V = ede*K(R^I) | ||
321 | output == R | ||
322 | intermediate == I | ||
323 | seed == V | ||
324 | */ | ||
325 | for(l=0 ; l < sizeof t ; ++l) | ||
326 | t[l]=output[l]^intermediate[l]; | ||
327 | fips_rand_encrypt(seed,t); | ||
328 | |||
329 | if(second && !memcmp(output,previous,sizeof previous)) | ||
330 | { | ||
331 | RANDerr(RAND_F_FIPS_RAND_BYTES,RAND_R_PRNG_STUCK); | ||
332 | CRYPTO_w_unlock(CRYPTO_LOCK_RAND); | ||
333 | return 0; | ||
334 | } | ||
335 | memcpy(previous,output,sizeof previous); | ||
336 | second=1; | ||
337 | |||
338 | /* Successive values of R may be concatenated to produce a | ||
339 | pseudo random number of the desired length */ | ||
340 | l=SEED_SIZE < num-n ? SEED_SIZE : num-n; | ||
341 | memcpy(buf+n,output,l); | ||
342 | n+=l; | ||
343 | } | ||
344 | |||
345 | CRYPTO_w_unlock(CRYPTO_LOCK_RAND); | ||
346 | |||
347 | return 1; | ||
348 | } | ||
349 | |||
350 | static int fips_rand_status(void) | ||
351 | { | ||
352 | return n_seed == sizeof seed; | ||
353 | } | ||
354 | |||
355 | #endif /* OPENSSL_FIPS */ | ||
diff --git a/src/lib/libssl/src/fips/rand/fips_rand.h b/src/lib/libssl/src/fips/rand/fips_rand.h deleted file mode 100644 index 1286b63ab2..0000000000 --- a/src/lib/libssl/src/fips/rand/fips_rand.h +++ /dev/null | |||
@@ -1,73 +0,0 @@ | |||
1 | /* ==================================================================== | ||
2 | * Copyright (c) 2003 The OpenSSL Project. All rights reserved. | ||
3 | * | ||
4 | * Redistribution and use in source and binary forms, with or without | ||
5 | * modification, are permitted provided that the following conditions | ||
6 | * are met: | ||
7 | * | ||
8 | * 1. Redistributions of source code must retain the above copyright | ||
9 | * notice, this list of conditions and the following disclaimer. | ||
10 | * | ||
11 | * 2. Redistributions in binary form must reproduce the above copyright | ||
12 | * notice, this list of conditions and the following disclaimer in | ||
13 | * the documentation and/or other materials provided with the | ||
14 | * distribution. | ||
15 | * | ||
16 | * 3. All advertising materials mentioning features or use of this | ||
17 | * software must display the following acknowledgment: | ||
18 | * "This product includes software developed by the OpenSSL Project | ||
19 | * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" | ||
20 | * | ||
21 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
22 | * endorse or promote products derived from this software without | ||
23 | * prior written permission. For written permission, please contact | ||
24 | * openssl-core@openssl.org. | ||
25 | * | ||
26 | * 5. Products derived from this software may not be called "OpenSSL" | ||
27 | * nor may "OpenSSL" appear in their names without prior written | ||
28 | * permission of the OpenSSL Project. | ||
29 | * | ||
30 | * 6. Redistributions of any form whatsoever must retain the following | ||
31 | * acknowledgment: | ||
32 | * "This product includes software developed by the OpenSSL Project | ||
33 | * for use in the OpenSSL Toolkit (http://www.openssl.org/)" | ||
34 | * | ||
35 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
36 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
37 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
38 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
39 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
40 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
41 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
42 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
43 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
44 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
45 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
46 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
47 | * | ||
48 | */ | ||
49 | |||
50 | #ifndef HEADER_FIPS_RAND_H | ||
51 | #define HEADER_FIPS_RAND_H | ||
52 | |||
53 | #include "des.h" | ||
54 | |||
55 | #ifdef OPENSSL_FIPS | ||
56 | |||
57 | #ifdef __cplusplus | ||
58 | extern "C" { | ||
59 | #endif | ||
60 | |||
61 | void FIPS_set_prng_key(const unsigned char k1[8],const unsigned char k2[8]); | ||
62 | void FIPS_test_mode(int test,const unsigned char faketime[8]); | ||
63 | void FIPS_rand_seed(const void *buf, FIPS_RAND_SIZE_T num); | ||
64 | /* NB: this returns true if _partially_ seeded */ | ||
65 | int FIPS_rand_seeded(void); | ||
66 | |||
67 | RAND_METHOD *FIPS_rand_method(void); | ||
68 | |||
69 | #ifdef __cplusplus | ||
70 | } | ||
71 | #endif | ||
72 | #endif | ||
73 | #endif | ||
diff --git a/src/lib/libssl/src/fips/rand/fips_randtest.c b/src/lib/libssl/src/fips/rand/fips_randtest.c deleted file mode 100644 index 6165944e56..0000000000 --- a/src/lib/libssl/src/fips/rand/fips_randtest.c +++ /dev/null | |||
@@ -1,369 +0,0 @@ | |||
1 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
2 | * All rights reserved. | ||
3 | * | ||
4 | * This package is an SSL implementation written | ||
5 | * by Eric Young (eay@cryptsoft.com). | ||
6 | * The implementation was written so as to conform with Netscapes SSL. | ||
7 | * | ||
8 | * This library is free for commercial and non-commercial use as long as | ||
9 | * the following conditions are aheared to. The following conditions | ||
10 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
11 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
12 | * included with this distribution is covered by the same copyright terms | ||
13 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
14 | * | ||
15 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
16 | * the code are not to be removed. | ||
17 | * If this package is used in a product, Eric Young should be given attribution | ||
18 | * as the author of the parts of the library used. | ||
19 | * This can be in the form of a textual message at program startup or | ||
20 | * in documentation (online or textual) provided with the package. | ||
21 | * | ||
22 | * Redistribution and use in source and binary forms, with or without | ||
23 | * modification, are permitted provided that the following conditions | ||
24 | * are met: | ||
25 | * 1. Redistributions of source code must retain the copyright | ||
26 | * notice, this list of conditions and the following disclaimer. | ||
27 | * 2. Redistributions in binary form must reproduce the above copyright | ||
28 | * notice, this list of conditions and the following disclaimer in the | ||
29 | * documentation and/or other materials provided with the distribution. | ||
30 | * 3. All advertising materials mentioning features or use of this software | ||
31 | * must display the following acknowledgement: | ||
32 | * "This product includes cryptographic software written by | ||
33 | * Eric Young (eay@cryptsoft.com)" | ||
34 | * The word 'cryptographic' can be left out if the rouines from the library | ||
35 | * being used are not cryptographic related :-). | ||
36 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
37 | * the apps directory (application code) you must include an acknowledgement: | ||
38 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
39 | * | ||
40 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
41 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
42 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
43 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
44 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
45 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
46 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
48 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
49 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
50 | * SUCH DAMAGE. | ||
51 | * | ||
52 | * The licence and distribution terms for any publically available version or | ||
53 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
54 | * copied and put under another distribution licence | ||
55 | * [including the GNU Public Licence.] | ||
56 | */ | ||
57 | /* ==================================================================== | ||
58 | * Copyright (c) 2003 The OpenSSL Project. All rights reserved. | ||
59 | * | ||
60 | * Redistribution and use in source and binary forms, with or without | ||
61 | * modification, are permitted provided that the following conditions | ||
62 | * are met: | ||
63 | * | ||
64 | * 1. Redistributions of source code must retain the above copyright | ||
65 | * notice, this list of conditions and the following disclaimer. | ||
66 | * | ||
67 | * 2. Redistributions in binary form must reproduce the above copyright | ||
68 | * notice, this list of conditions and the following disclaimer in | ||
69 | * the documentation and/or other materials provided with the | ||
70 | * distribution. | ||
71 | * | ||
72 | * 3. All advertising materials mentioning features or use of this | ||
73 | * software must display the following acknowledgment: | ||
74 | * "This product includes software developed by the OpenSSL Project | ||
75 | * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" | ||
76 | * | ||
77 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
78 | * endorse or promote products derived from this software without | ||
79 | * prior written permission. For written permission, please contact | ||
80 | * openssl-core@openssl.org. | ||
81 | * | ||
82 | * 5. Products derived from this software may not be called "OpenSSL" | ||
83 | * nor may "OpenSSL" appear in their names without prior written | ||
84 | * permission of the OpenSSL Project. | ||
85 | * | ||
86 | * 6. Redistributions of any form whatsoever must retain the following | ||
87 | * acknowledgment: | ||
88 | * "This product includes software developed by the OpenSSL Project | ||
89 | * for use in the OpenSSL Toolkit (http://www.openssl.org/)" | ||
90 | * | ||
91 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
92 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
93 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
94 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
95 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
96 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
97 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
98 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
99 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
100 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
101 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
102 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
103 | * | ||
104 | */ | ||
105 | |||
106 | #include <stdio.h> | ||
107 | #include <stdlib.h> | ||
108 | #include <openssl/rand.h> | ||
109 | #include <openssl/fips_rand.h> | ||
110 | #include <openssl/err.h> | ||
111 | |||
112 | #include "e_os.h" | ||
113 | |||
114 | #ifndef OPENSSL_FIPS | ||
115 | int main(int argc, char *argv[]) | ||
116 | { | ||
117 | printf("No FIPS RAND support\n"); | ||
118 | return(0); | ||
119 | } | ||
120 | |||
121 | #else | ||
122 | |||
123 | /* some FIPS 140-1 random number test */ | ||
124 | /* some simple tests */ | ||
125 | |||
126 | static DES_cblock prng_key1={0x21,0x58,0x47,0xb7,0xc2,0x97,0x5a,0x8e}; | ||
127 | static DES_cblock prng_key2={0x61,0x23,0x05,0x96,0x18,0x91,0x86,0xac}; | ||
128 | static unsigned char prng_seed[8]={0x6b,0xa3,0x4f,0x07,0xe4,0x2a,0xb0,0xc}; | ||
129 | |||
130 | typedef struct | ||
131 | { | ||
132 | DES_cblock keys[2]; | ||
133 | const unsigned char time[8]; | ||
134 | const unsigned char seed[8]; | ||
135 | const unsigned char block1[8]; | ||
136 | const unsigned char block100[8]; | ||
137 | } PRNGtest; | ||
138 | |||
139 | /* FIXME: these test vectors are made up! */ | ||
140 | static PRNGtest t1= | ||
141 | { | ||
142 | { { 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07 }, | ||
143 | { 0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f }, | ||
144 | }, | ||
145 | { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 }, | ||
146 | { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 }, | ||
147 | { 0x33,0xc3,0xdf,0xfe,0x60,0x60,0x49,0x9e }, | ||
148 | { 0xcd,0x2b,0x41,0xaf,0x80,0x51,0x37,0xd8 } | ||
149 | }; | ||
150 | static PRNGtest t2= | ||
151 | { | ||
152 | { { 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff }, | ||
153 | { 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff } }, | ||
154 | { 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff }, | ||
155 | { 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff }, | ||
156 | { 0x65,0xf1,0xa4,0x07,0x42,0x38,0xd5,0x25 }, | ||
157 | { 0xbb,0x75,0x84,0x20,0x7a,0x44,0xf0,0xa0 } | ||
158 | }; | ||
159 | |||
160 | static void dump(const unsigned char *b,int n) | ||
161 | { | ||
162 | while(n-- > 0) | ||
163 | { | ||
164 | printf(" %02x",*b++); | ||
165 | } | ||
166 | } | ||
167 | |||
168 | static void compare(const unsigned char *result,const unsigned char *expected, | ||
169 | int n) | ||
170 | { | ||
171 | int i; | ||
172 | |||
173 | for(i=0 ; i < n ; ++i) | ||
174 | if(result[i] != expected[i]) | ||
175 | { | ||
176 | puts("Random test failed, got:"); | ||
177 | dump(result,8); | ||
178 | puts("\n expected:"); | ||
179 | dump(expected,8); | ||
180 | putchar('\n'); | ||
181 | EXIT(1); | ||
182 | } | ||
183 | } | ||
184 | |||
185 | static void run_test(const PRNGtest *t) | ||
186 | { | ||
187 | unsigned char buf[8]; | ||
188 | int n; | ||
189 | |||
190 | FIPS_set_prng_key(t->keys[0],t->keys[1]); | ||
191 | FIPS_test_mode(1,t->time); | ||
192 | RAND_seed(t->seed,sizeof t->seed); | ||
193 | |||
194 | if(RAND_bytes(buf,8) <= 0) | ||
195 | { | ||
196 | ERR_print_errors_fp(stderr); | ||
197 | EXIT(2); | ||
198 | } | ||
199 | compare(buf,t->block1,8); | ||
200 | for(n=0 ; n < 99 ; ++n) | ||
201 | if(RAND_bytes(buf,8) <= 0) | ||
202 | { | ||
203 | ERR_print_errors_fp(stderr); | ||
204 | EXIT(2); | ||
205 | } | ||
206 | compare(buf,t->block100,8); | ||
207 | FIPS_test_mode(0,NULL); | ||
208 | } | ||
209 | |||
210 | int main() | ||
211 | { | ||
212 | unsigned char buf[2500]; | ||
213 | int i,j,k,s,sign,nsign,err=0; | ||
214 | unsigned long n1; | ||
215 | unsigned long n2[16]; | ||
216 | unsigned long runs[2][34]; | ||
217 | /*double d; */ | ||
218 | long d; | ||
219 | |||
220 | ERR_load_crypto_strings(); | ||
221 | RAND_set_rand_method(FIPS_rand_method()); | ||
222 | |||
223 | run_test(&t1); | ||
224 | run_test(&t2); | ||
225 | |||
226 | FIPS_set_prng_key(prng_key1,prng_key2); | ||
227 | RAND_seed(prng_seed,sizeof prng_seed); | ||
228 | |||
229 | i = RAND_pseudo_bytes(buf,2500); | ||
230 | if (i <= 0) | ||
231 | { | ||
232 | printf ("init failed, the rand method is not properly installed\n"); | ||
233 | err++; | ||
234 | goto err; | ||
235 | } | ||
236 | |||
237 | n1=0; | ||
238 | for (i=0; i<16; i++) n2[i]=0; | ||
239 | for (i=0; i<34; i++) runs[0][i]=runs[1][i]=0; | ||
240 | |||
241 | /* test 1 and 2 */ | ||
242 | sign=0; | ||
243 | nsign=0; | ||
244 | for (i=0; i<2500; i++) | ||
245 | { | ||
246 | j=buf[i]; | ||
247 | |||
248 | n2[j&0x0f]++; | ||
249 | n2[(j>>4)&0x0f]++; | ||
250 | |||
251 | for (k=0; k<8; k++) | ||
252 | { | ||
253 | s=(j&0x01); | ||
254 | if (s == sign) | ||
255 | nsign++; | ||
256 | else | ||
257 | { | ||
258 | if (nsign > 34) nsign=34; | ||
259 | if (nsign != 0) | ||
260 | { | ||
261 | runs[sign][nsign-1]++; | ||
262 | if (nsign > 6) | ||
263 | runs[sign][5]++; | ||
264 | } | ||
265 | sign=s; | ||
266 | nsign=1; | ||
267 | } | ||
268 | |||
269 | if (s) n1++; | ||
270 | j>>=1; | ||
271 | } | ||
272 | } | ||
273 | if (nsign > 34) nsign=34; | ||
274 | if (nsign != 0) runs[sign][nsign-1]++; | ||
275 | |||
276 | /* test 1 */ | ||
277 | if (!((9654 < n1) && (n1 < 10346))) | ||
278 | { | ||
279 | printf("test 1 failed, X=%lu\n",n1); | ||
280 | err++; | ||
281 | } | ||
282 | printf("test 1 done\n"); | ||
283 | |||
284 | /* test 2 */ | ||
285 | #ifdef undef | ||
286 | d=0; | ||
287 | for (i=0; i<16; i++) | ||
288 | d+=n2[i]*n2[i]; | ||
289 | d=d*16.0/5000.0-5000.0; | ||
290 | if (!((1.03 < d) && (d < 57.4))) | ||
291 | { | ||
292 | printf("test 2 failed, X=%.2f\n",d); | ||
293 | err++; | ||
294 | } | ||
295 | #endif | ||
296 | d=0; | ||
297 | for (i=0; i<16; i++) | ||
298 | d+=n2[i]*n2[i]; | ||
299 | d=(d*8)/25-500000; | ||
300 | if (!((103 < d) && (d < 5740))) | ||
301 | { | ||
302 | printf("test 2 failed, X=%ld.%02ld\n",d/100L,d%100L); | ||
303 | err++; | ||
304 | } | ||
305 | printf("test 2 done\n"); | ||
306 | |||
307 | /* test 3 */ | ||
308 | for (i=0; i<2; i++) | ||
309 | { | ||
310 | if (!((2267 < runs[i][0]) && (runs[i][0] < 2733))) | ||
311 | { | ||
312 | printf("test 3 failed, bit=%d run=%d num=%lu\n", | ||
313 | i,1,runs[i][0]); | ||
314 | err++; | ||
315 | } | ||
316 | if (!((1079 < runs[i][1]) && (runs[i][1] < 1421))) | ||
317 | { | ||
318 | printf("test 3 failed, bit=%d run=%d num=%lu\n", | ||
319 | i,2,runs[i][1]); | ||
320 | err++; | ||
321 | } | ||
322 | if (!(( 502 < runs[i][2]) && (runs[i][2] < 748))) | ||
323 | { | ||
324 | printf("test 3 failed, bit=%d run=%d num=%lu\n", | ||
325 | i,3,runs[i][2]); | ||
326 | err++; | ||
327 | } | ||
328 | if (!(( 223 < runs[i][3]) && (runs[i][3] < 402))) | ||
329 | { | ||
330 | printf("test 3 failed, bit=%d run=%d num=%lu\n", | ||
331 | i,4,runs[i][3]); | ||
332 | err++; | ||
333 | } | ||
334 | if (!(( 90 < runs[i][4]) && (runs[i][4] < 223))) | ||
335 | { | ||
336 | printf("test 3 failed, bit=%d run=%d num=%lu\n", | ||
337 | i,5,runs[i][4]); | ||
338 | err++; | ||
339 | } | ||
340 | if (!(( 90 < runs[i][5]) && (runs[i][5] < 223))) | ||
341 | { | ||
342 | printf("test 3 failed, bit=%d run=%d num=%lu\n", | ||
343 | i,6,runs[i][5]); | ||
344 | err++; | ||
345 | } | ||
346 | } | ||
347 | printf("test 3 done\n"); | ||
348 | |||
349 | /* test 4 */ | ||
350 | if (runs[0][33] != 0) | ||
351 | { | ||
352 | printf("test 4 failed, bit=%d run=%d num=%lu\n", | ||
353 | 0,34,runs[0][33]); | ||
354 | err++; | ||
355 | } | ||
356 | if (runs[1][33] != 0) | ||
357 | { | ||
358 | printf("test 4 failed, bit=%d run=%d num=%lu\n", | ||
359 | 1,34,runs[1][33]); | ||
360 | err++; | ||
361 | } | ||
362 | printf("test 4 done\n"); | ||
363 | err: | ||
364 | err=((err)?1:0); | ||
365 | EXIT(err); | ||
366 | return(err); | ||
367 | } | ||
368 | |||
369 | #endif | ||
diff --git a/src/lib/libssl/src/fips/rsa/Makefile b/src/lib/libssl/src/fips/rsa/Makefile deleted file mode 100644 index bb20f86442..0000000000 --- a/src/lib/libssl/src/fips/rsa/Makefile +++ /dev/null | |||
@@ -1,111 +0,0 @@ | |||
1 | # | ||
2 | # SSLeay/fips/rsa/Makefile | ||
3 | # | ||
4 | |||
5 | DIR= rsa | ||
6 | TOP= ../.. | ||
7 | CC= cc | ||
8 | INCLUDES= | ||
9 | CFLAG=-g | ||
10 | INSTALL_PREFIX= | ||
11 | OPENSSLDIR= /usr/local/ssl | ||
12 | INSTALLTOP=/usr/local/ssl | ||
13 | MAKEDEPPROG= makedepend | ||
14 | MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) | ||
15 | MAKEFILE= Makefile | ||
16 | AR= ar r | ||
17 | |||
18 | CFLAGS= $(INCLUDES) $(CFLAG) | ||
19 | |||
20 | GENERAL=Makefile | ||
21 | TEST= | ||
22 | APPS= | ||
23 | |||
24 | LIB=$(TOP)/libcrypto.a | ||
25 | LIBSRC=fips_rsa_eay.c fips_rsa_gen.c fips_rsa_selftest.c | ||
26 | LIBOBJ=fips_rsa_eay.o fips_rsa_gen.o fips_rsa_selftest.o | ||
27 | |||
28 | SRC= $(LIBSRC) | ||
29 | |||
30 | EXHEADER= | ||
31 | HEADER= $(EXHEADER) | ||
32 | |||
33 | ALL= $(GENERAL) $(SRC) $(HEADER) | ||
34 | |||
35 | top: | ||
36 | (cd $(TOP); $(MAKE) DIRS=fips FDIRS=$(DIR) sub_all) | ||
37 | |||
38 | all: check lib | ||
39 | |||
40 | lib: $(LIBOBJ) | ||
41 | $(AR) $(LIB) $(LIBOBJ) | ||
42 | $(RANLIB) $(LIB) || echo Never mind. | ||
43 | @sleep 2; touch lib | ||
44 | |||
45 | check: | ||
46 | TOP=`pwd`/$(TOP) ../fips_check_sha1 fingerprint.sha1 $(SRC) $(HEADER) | ||
47 | |||
48 | files: | ||
49 | $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO | ||
50 | |||
51 | links: | ||
52 | @$(PERL) $(TOP)/util/mklink.pl $(TOP)/include/openssl $(EXHEADER) | ||
53 | @$(PERL) $(TOP)/util/mklink.pl $(TOP)/test $(TEST) | ||
54 | @$(PERL) $(TOP)/util/mklink.pl $(TOP)/apps $(APPS) | ||
55 | |||
56 | install: | ||
57 | @headerlist="$(EXHEADER)"; for i in $$headerlist; \ | ||
58 | do \ | ||
59 | (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ | ||
60 | chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ | ||
61 | done | ||
62 | |||
63 | tags: | ||
64 | ctags $(SRC) | ||
65 | |||
66 | tests: | ||
67 | |||
68 | lint: | ||
69 | lint -DLINT $(INCLUDES) $(SRC)>fluff | ||
70 | |||
71 | depend: | ||
72 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(SRC) $(TEST) | ||
73 | |||
74 | dclean: | ||
75 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | ||
76 | mv -f Makefile.new $(MAKEFILE) | ||
77 | |||
78 | clean: | ||
79 | rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff | ||
80 | # DO NOT DELETE THIS LINE -- make depend depends on it. | ||
81 | |||
82 | fips_rsa_eay.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | ||
83 | fips_rsa_eay.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h | ||
84 | fips_rsa_eay.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | ||
85 | fips_rsa_eay.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h | ||
86 | fips_rsa_eay.o: ../../include/openssl/opensslconf.h | ||
87 | fips_rsa_eay.o: ../../include/openssl/opensslv.h | ||
88 | fips_rsa_eay.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h | ||
89 | fips_rsa_eay.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | ||
90 | fips_rsa_eay.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
91 | fips_rsa_eay.o: fips_rsa_eay.c | ||
92 | fips_rsa_gen.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | ||
93 | fips_rsa_gen.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h | ||
94 | fips_rsa_gen.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | ||
95 | fips_rsa_gen.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h | ||
96 | fips_rsa_gen.o: ../../include/openssl/opensslconf.h | ||
97 | fips_rsa_gen.o: ../../include/openssl/opensslv.h | ||
98 | fips_rsa_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h | ||
99 | fips_rsa_gen.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | ||
100 | fips_rsa_gen.o: ../../include/openssl/symhacks.h fips_rsa_gen.c | ||
101 | fips_rsa_selftest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | ||
102 | fips_rsa_selftest.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h | ||
103 | fips_rsa_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | ||
104 | fips_rsa_selftest.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h | ||
105 | fips_rsa_selftest.o: ../../include/openssl/opensslconf.h | ||
106 | fips_rsa_selftest.o: ../../include/openssl/opensslv.h | ||
107 | fips_rsa_selftest.o: ../../include/openssl/ossl_typ.h | ||
108 | fips_rsa_selftest.o: ../../include/openssl/rsa.h | ||
109 | fips_rsa_selftest.o: ../../include/openssl/safestack.h | ||
110 | fips_rsa_selftest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | ||
111 | fips_rsa_selftest.o: ../../include/openssl/symhacks.h fips_rsa_selftest.c | ||
diff --git a/src/lib/libssl/src/fips/rsa/fips_rsa_eay.c b/src/lib/libssl/src/fips/rsa/fips_rsa_eay.c deleted file mode 100644 index c571e2b1bf..0000000000 --- a/src/lib/libssl/src/fips/rsa/fips_rsa_eay.c +++ /dev/null | |||
@@ -1,735 +0,0 @@ | |||
1 | /* crypto/rsa/rsa_eay.c */ | ||
2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
3 | * All rights reserved. | ||
4 | * | ||
5 | * This package is an SSL implementation written | ||
6 | * by Eric Young (eay@cryptsoft.com). | ||
7 | * The implementation was written so as to conform with Netscapes SSL. | ||
8 | * | ||
9 | * This library is free for commercial and non-commercial use as long as | ||
10 | * the following conditions are aheared to. The following conditions | ||
11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
13 | * included with this distribution is covered by the same copyright terms | ||
14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
15 | * | ||
16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
17 | * the code are not to be removed. | ||
18 | * If this package is used in a product, Eric Young should be given attribution | ||
19 | * as the author of the parts of the library used. | ||
20 | * This can be in the form of a textual message at program startup or | ||
21 | * in documentation (online or textual) provided with the package. | ||
22 | * | ||
23 | * Redistribution and use in source and binary forms, with or without | ||
24 | * modification, are permitted provided that the following conditions | ||
25 | * are met: | ||
26 | * 1. Redistributions of source code must retain the copyright | ||
27 | * notice, this list of conditions and the following disclaimer. | ||
28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
29 | * notice, this list of conditions and the following disclaimer in the | ||
30 | * documentation and/or other materials provided with the distribution. | ||
31 | * 3. All advertising materials mentioning features or use of this software | ||
32 | * must display the following acknowledgement: | ||
33 | * "This product includes cryptographic software written by | ||
34 | * Eric Young (eay@cryptsoft.com)" | ||
35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
36 | * being used are not cryptographic related :-). | ||
37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
38 | * the apps directory (application code) you must include an acknowledgement: | ||
39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
40 | * | ||
41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
51 | * SUCH DAMAGE. | ||
52 | * | ||
53 | * The licence and distribution terms for any publically available version or | ||
54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
55 | * copied and put under another distribution licence | ||
56 | * [including the GNU Public Licence.] | ||
57 | */ | ||
58 | |||
59 | #include <stdio.h> | ||
60 | #include <openssl/err.h> | ||
61 | #include <openssl/bn.h> | ||
62 | #include <openssl/rsa.h> | ||
63 | #include <openssl/rand.h> | ||
64 | #include <openssl/fips.h> | ||
65 | |||
66 | #if !defined(RSA_NULL) && defined(OPENSSL_FIPS) | ||
67 | |||
68 | static int RSA_eay_public_encrypt(FIPS_RSA_SIZE_T flen, const unsigned char *from, | ||
69 | unsigned char *to, RSA *rsa,int padding); | ||
70 | static int RSA_eay_private_encrypt(FIPS_RSA_SIZE_T flen, const unsigned char *from, | ||
71 | unsigned char *to, RSA *rsa,int padding); | ||
72 | static int RSA_eay_public_decrypt(FIPS_RSA_SIZE_T flen, const unsigned char *from, | ||
73 | unsigned char *to, RSA *rsa,int padding); | ||
74 | static int RSA_eay_private_decrypt(FIPS_RSA_SIZE_T flen, const unsigned char *from, | ||
75 | unsigned char *to, RSA *rsa,int padding); | ||
76 | static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *i, RSA *rsa); | ||
77 | static int RSA_eay_init(RSA *rsa); | ||
78 | static int RSA_eay_finish(RSA *rsa); | ||
79 | static RSA_METHOD rsa_pkcs1_eay_meth={ | ||
80 | "Eric Young's PKCS#1 RSA", | ||
81 | RSA_eay_public_encrypt, | ||
82 | RSA_eay_public_decrypt, /* signature verification */ | ||
83 | RSA_eay_private_encrypt, /* signing */ | ||
84 | RSA_eay_private_decrypt, | ||
85 | RSA_eay_mod_exp, | ||
86 | BN_mod_exp_mont, /* XXX probably we should not use Montgomery if e == 3 */ | ||
87 | RSA_eay_init, | ||
88 | RSA_eay_finish, | ||
89 | 0, /* flags */ | ||
90 | NULL, | ||
91 | 0, /* rsa_sign */ | ||
92 | 0 /* rsa_verify */ | ||
93 | }; | ||
94 | |||
95 | const RSA_METHOD *RSA_PKCS1_SSLeay(void) | ||
96 | { | ||
97 | return(&rsa_pkcs1_eay_meth); | ||
98 | } | ||
99 | |||
100 | static int RSA_eay_public_encrypt(FIPS_RSA_SIZE_T flen, const unsigned char *from, | ||
101 | unsigned char *to, RSA *rsa, int padding) | ||
102 | { | ||
103 | BIGNUM f,ret; | ||
104 | int i,j,k,num=0,r= -1; | ||
105 | unsigned char *buf=NULL; | ||
106 | BN_CTX *ctx=NULL; | ||
107 | |||
108 | BN_init(&f); | ||
109 | BN_init(&ret); | ||
110 | |||
111 | if(FIPS_selftest_failed()) | ||
112 | { | ||
113 | FIPSerr(FIPS_F_RSA_EAY_PUBLIC_ENCRYPT,FIPS_R_FIPS_SELFTEST_FAILED); | ||
114 | goto err; | ||
115 | } | ||
116 | |||
117 | if ((ctx=BN_CTX_new()) == NULL) goto err; | ||
118 | num=BN_num_bytes(rsa->n); | ||
119 | if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL) | ||
120 | { | ||
121 | RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,ERR_R_MALLOC_FAILURE); | ||
122 | goto err; | ||
123 | } | ||
124 | |||
125 | switch (padding) | ||
126 | { | ||
127 | case RSA_PKCS1_PADDING: | ||
128 | i=RSA_padding_add_PKCS1_type_2(buf,num,from,flen); | ||
129 | break; | ||
130 | #ifndef OPENSSL_NO_SHA | ||
131 | case RSA_PKCS1_OAEP_PADDING: | ||
132 | i=RSA_padding_add_PKCS1_OAEP(buf,num,from,flen,NULL,0); | ||
133 | break; | ||
134 | #endif | ||
135 | case RSA_SSLV23_PADDING: | ||
136 | i=RSA_padding_add_SSLv23(buf,num,from,flen); | ||
137 | break; | ||
138 | case RSA_NO_PADDING: | ||
139 | i=RSA_padding_add_none(buf,num,from,flen); | ||
140 | break; | ||
141 | default: | ||
142 | RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,RSA_R_UNKNOWN_PADDING_TYPE); | ||
143 | goto err; | ||
144 | } | ||
145 | if (i <= 0) goto err; | ||
146 | |||
147 | if (BN_bin2bn(buf,num,&f) == NULL) goto err; | ||
148 | |||
149 | if (BN_ucmp(&f, rsa->n) >= 0) | ||
150 | { | ||
151 | /* usually the padding functions would catch this */ | ||
152 | RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS); | ||
153 | goto err; | ||
154 | } | ||
155 | |||
156 | if ((rsa->_method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC)) | ||
157 | { | ||
158 | BN_MONT_CTX* bn_mont_ctx; | ||
159 | if ((bn_mont_ctx=BN_MONT_CTX_new()) == NULL) | ||
160 | goto err; | ||
161 | if (!BN_MONT_CTX_set(bn_mont_ctx,rsa->n,ctx)) | ||
162 | { | ||
163 | BN_MONT_CTX_free(bn_mont_ctx); | ||
164 | goto err; | ||
165 | } | ||
166 | if (rsa->_method_mod_n == NULL) /* other thread may have finished first */ | ||
167 | { | ||
168 | CRYPTO_w_lock(CRYPTO_LOCK_RSA); | ||
169 | if (rsa->_method_mod_n == NULL) | ||
170 | { | ||
171 | rsa->_method_mod_n = bn_mont_ctx; | ||
172 | bn_mont_ctx = NULL; | ||
173 | } | ||
174 | CRYPTO_w_unlock(CRYPTO_LOCK_RSA); | ||
175 | } | ||
176 | if (bn_mont_ctx) | ||
177 | BN_MONT_CTX_free(bn_mont_ctx); | ||
178 | } | ||
179 | |||
180 | if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx, | ||
181 | rsa->_method_mod_n)) goto err; | ||
182 | |||
183 | /* put in leading 0 bytes if the number is less than the | ||
184 | * length of the modulus */ | ||
185 | j=BN_num_bytes(&ret); | ||
186 | i=BN_bn2bin(&ret,&(to[num-j])); | ||
187 | for (k=0; k<(num-i); k++) | ||
188 | to[k]=0; | ||
189 | |||
190 | r=num; | ||
191 | err: | ||
192 | if (ctx != NULL) BN_CTX_free(ctx); | ||
193 | BN_clear_free(&f); | ||
194 | BN_clear_free(&ret); | ||
195 | if (buf != NULL) | ||
196 | { | ||
197 | OPENSSL_cleanse(buf,num); | ||
198 | OPENSSL_free(buf); | ||
199 | } | ||
200 | return(r); | ||
201 | } | ||
202 | |||
203 | static int rsa_eay_blinding(RSA *rsa, BN_CTX *ctx) | ||
204 | { | ||
205 | int ret = 1; | ||
206 | CRYPTO_w_lock(CRYPTO_LOCK_RSA); | ||
207 | /* Check again inside the lock - the macro's check is racey */ | ||
208 | if(rsa->blinding == NULL) | ||
209 | ret = RSA_blinding_on(rsa, ctx); | ||
210 | CRYPTO_w_unlock(CRYPTO_LOCK_RSA); | ||
211 | return ret; | ||
212 | } | ||
213 | |||
214 | #define BLINDING_HELPER(rsa, ctx, err_instr) \ | ||
215 | do { \ | ||
216 | if((!((rsa)->flags & RSA_FLAG_NO_BLINDING)) && \ | ||
217 | ((rsa)->blinding == NULL) && \ | ||
218 | !rsa_eay_blinding(rsa, ctx)) \ | ||
219 | err_instr \ | ||
220 | } while(0) | ||
221 | |||
222 | static BN_BLINDING *setup_blinding(RSA *rsa, BN_CTX *ctx) | ||
223 | { | ||
224 | BIGNUM *A, *Ai; | ||
225 | BN_BLINDING *ret = NULL; | ||
226 | |||
227 | /* added in OpenSSL 0.9.6j and 0.9.7b */ | ||
228 | |||
229 | /* NB: similar code appears in RSA_blinding_on (rsa_lib.c); | ||
230 | * this should be placed in a new function of its own, but for reasons | ||
231 | * of binary compatibility can't */ | ||
232 | |||
233 | BN_CTX_start(ctx); | ||
234 | A = BN_CTX_get(ctx); | ||
235 | if ((RAND_status() == 0) && rsa->d != NULL && rsa->d->d != NULL) | ||
236 | { | ||
237 | /* if PRNG is not properly seeded, resort to secret exponent as unpredictable seed */ | ||
238 | RAND_add(rsa->d->d, rsa->d->dmax * sizeof rsa->d->d[0], 0); | ||
239 | if (!BN_pseudo_rand_range(A,rsa->n)) goto err; | ||
240 | } | ||
241 | else | ||
242 | { | ||
243 | if (!BN_rand_range(A,rsa->n)) goto err; | ||
244 | } | ||
245 | if ((Ai=BN_mod_inverse(NULL,A,rsa->n,ctx)) == NULL) goto err; | ||
246 | |||
247 | if (!rsa->meth->bn_mod_exp(A,A,rsa->e,rsa->n,ctx,rsa->_method_mod_n)) | ||
248 | goto err; | ||
249 | ret = BN_BLINDING_new(A,Ai,rsa->n); | ||
250 | BN_free(Ai); | ||
251 | err: | ||
252 | BN_CTX_end(ctx); | ||
253 | return ret; | ||
254 | } | ||
255 | |||
256 | /* signing */ | ||
257 | static int RSA_eay_private_encrypt(FIPS_RSA_SIZE_T flen, const unsigned char *from, | ||
258 | unsigned char *to, RSA *rsa, int padding) | ||
259 | { | ||
260 | BIGNUM f,ret; | ||
261 | int i,j,k,num=0,r= -1; | ||
262 | unsigned char *buf=NULL; | ||
263 | BN_CTX *ctx=NULL; | ||
264 | int local_blinding = 0; | ||
265 | BN_BLINDING *blinding = NULL; | ||
266 | |||
267 | BN_init(&f); | ||
268 | BN_init(&ret); | ||
269 | |||
270 | if ((ctx=BN_CTX_new()) == NULL) goto err; | ||
271 | num=BN_num_bytes(rsa->n); | ||
272 | if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL) | ||
273 | { | ||
274 | RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,ERR_R_MALLOC_FAILURE); | ||
275 | goto err; | ||
276 | } | ||
277 | |||
278 | switch (padding) | ||
279 | { | ||
280 | case RSA_PKCS1_PADDING: | ||
281 | i=RSA_padding_add_PKCS1_type_1(buf,num,from,flen); | ||
282 | break; | ||
283 | case RSA_NO_PADDING: | ||
284 | i=RSA_padding_add_none(buf,num,from,flen); | ||
285 | break; | ||
286 | case RSA_SSLV23_PADDING: | ||
287 | default: | ||
288 | RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,RSA_R_UNKNOWN_PADDING_TYPE); | ||
289 | goto err; | ||
290 | } | ||
291 | if (i <= 0) goto err; | ||
292 | |||
293 | if (BN_bin2bn(buf,num,&f) == NULL) goto err; | ||
294 | |||
295 | if (BN_ucmp(&f, rsa->n) >= 0) | ||
296 | { | ||
297 | /* usually the padding functions would catch this */ | ||
298 | RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS); | ||
299 | goto err; | ||
300 | } | ||
301 | |||
302 | BLINDING_HELPER(rsa, ctx, goto err;); | ||
303 | blinding = rsa->blinding; | ||
304 | |||
305 | /* Now unless blinding is disabled, 'blinding' is non-NULL. | ||
306 | * But the BN_BLINDING object may be owned by some other thread | ||
307 | * (we don't want to keep it constant and we don't want to use | ||
308 | * lots of locking to avoid race conditions, so only a single | ||
309 | * thread can use it; other threads have to use local blinding | ||
310 | * factors) */ | ||
311 | if (!(rsa->flags & RSA_FLAG_NO_BLINDING)) | ||
312 | { | ||
313 | if (blinding == NULL) | ||
314 | { | ||
315 | RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, ERR_R_INTERNAL_ERROR); | ||
316 | goto err; | ||
317 | } | ||
318 | } | ||
319 | |||
320 | if (blinding != NULL) | ||
321 | { | ||
322 | if (blinding->thread_id != CRYPTO_thread_id()) | ||
323 | { | ||
324 | /* we need a local one-time blinding factor */ | ||
325 | |||
326 | blinding = setup_blinding(rsa, ctx); | ||
327 | if (blinding == NULL) | ||
328 | goto err; | ||
329 | local_blinding = 1; | ||
330 | } | ||
331 | } | ||
332 | |||
333 | if (blinding) | ||
334 | if (!BN_BLINDING_convert(&f, blinding, ctx)) goto err; | ||
335 | |||
336 | if ( (rsa->flags & RSA_FLAG_EXT_PKEY) || | ||
337 | ((rsa->p != NULL) && | ||
338 | (rsa->q != NULL) && | ||
339 | (rsa->dmp1 != NULL) && | ||
340 | (rsa->dmq1 != NULL) && | ||
341 | (rsa->iqmp != NULL)) ) | ||
342 | { if (!rsa->meth->rsa_mod_exp(&ret,&f,rsa)) goto err; } | ||
343 | else | ||
344 | { | ||
345 | if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx,NULL)) goto err; | ||
346 | } | ||
347 | |||
348 | if (blinding) | ||
349 | if (!BN_BLINDING_invert(&ret, blinding, ctx)) goto err; | ||
350 | |||
351 | /* put in leading 0 bytes if the number is less than the | ||
352 | * length of the modulus */ | ||
353 | j=BN_num_bytes(&ret); | ||
354 | i=BN_bn2bin(&ret,&(to[num-j])); | ||
355 | for (k=0; k<(num-i); k++) | ||
356 | to[k]=0; | ||
357 | |||
358 | r=num; | ||
359 | err: | ||
360 | if (ctx != NULL) BN_CTX_free(ctx); | ||
361 | BN_clear_free(&ret); | ||
362 | BN_clear_free(&f); | ||
363 | if (local_blinding) | ||
364 | BN_BLINDING_free(blinding); | ||
365 | if (buf != NULL) | ||
366 | { | ||
367 | OPENSSL_cleanse(buf,num); | ||
368 | OPENSSL_free(buf); | ||
369 | } | ||
370 | return(r); | ||
371 | } | ||
372 | |||
373 | static int RSA_eay_private_decrypt(FIPS_RSA_SIZE_T flen, const unsigned char *from, | ||
374 | unsigned char *to, RSA *rsa, int padding) | ||
375 | { | ||
376 | BIGNUM f,ret; | ||
377 | int j,num=0,r= -1; | ||
378 | unsigned char *p; | ||
379 | unsigned char *buf=NULL; | ||
380 | BN_CTX *ctx=NULL; | ||
381 | int local_blinding = 0; | ||
382 | BN_BLINDING *blinding = NULL; | ||
383 | |||
384 | BN_init(&f); | ||
385 | BN_init(&ret); | ||
386 | ctx=BN_CTX_new(); | ||
387 | if (ctx == NULL) goto err; | ||
388 | |||
389 | num=BN_num_bytes(rsa->n); | ||
390 | |||
391 | if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL) | ||
392 | { | ||
393 | RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,ERR_R_MALLOC_FAILURE); | ||
394 | goto err; | ||
395 | } | ||
396 | |||
397 | /* This check was for equality but PGP does evil things | ||
398 | * and chops off the top '0' bytes */ | ||
399 | if (flen > num) | ||
400 | { | ||
401 | RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_DATA_GREATER_THAN_MOD_LEN); | ||
402 | goto err; | ||
403 | } | ||
404 | |||
405 | /* make data into a big number */ | ||
406 | if (BN_bin2bn(from,(int)flen,&f) == NULL) goto err; | ||
407 | |||
408 | if (BN_ucmp(&f, rsa->n) >= 0) | ||
409 | { | ||
410 | RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS); | ||
411 | goto err; | ||
412 | } | ||
413 | |||
414 | BLINDING_HELPER(rsa, ctx, goto err;); | ||
415 | blinding = rsa->blinding; | ||
416 | |||
417 | /* Now unless blinding is disabled, 'blinding' is non-NULL. | ||
418 | * But the BN_BLINDING object may be owned by some other thread | ||
419 | * (we don't want to keep it constant and we don't want to use | ||
420 | * lots of locking to avoid race conditions, so only a single | ||
421 | * thread can use it; other threads have to use local blinding | ||
422 | * factors) */ | ||
423 | if (!(rsa->flags & RSA_FLAG_NO_BLINDING)) | ||
424 | { | ||
425 | if (blinding == NULL) | ||
426 | { | ||
427 | RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, ERR_R_INTERNAL_ERROR); | ||
428 | goto err; | ||
429 | } | ||
430 | } | ||
431 | |||
432 | if (blinding != NULL) | ||
433 | { | ||
434 | if (blinding->thread_id != CRYPTO_thread_id()) | ||
435 | { | ||
436 | /* we need a local one-time blinding factor */ | ||
437 | |||
438 | blinding = setup_blinding(rsa, ctx); | ||
439 | if (blinding == NULL) | ||
440 | goto err; | ||
441 | local_blinding = 1; | ||
442 | } | ||
443 | } | ||
444 | |||
445 | if (blinding) | ||
446 | if (!BN_BLINDING_convert(&f, blinding, ctx)) goto err; | ||
447 | |||
448 | /* do the decrypt */ | ||
449 | if ( (rsa->flags & RSA_FLAG_EXT_PKEY) || | ||
450 | ((rsa->p != NULL) && | ||
451 | (rsa->q != NULL) && | ||
452 | (rsa->dmp1 != NULL) && | ||
453 | (rsa->dmq1 != NULL) && | ||
454 | (rsa->iqmp != NULL)) ) | ||
455 | { if (!rsa->meth->rsa_mod_exp(&ret,&f,rsa)) goto err; } | ||
456 | else | ||
457 | { | ||
458 | if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx,NULL)) | ||
459 | goto err; | ||
460 | } | ||
461 | |||
462 | if (blinding) | ||
463 | if (!BN_BLINDING_invert(&ret, blinding, ctx)) goto err; | ||
464 | |||
465 | p=buf; | ||
466 | j=BN_bn2bin(&ret,p); /* j is only used with no-padding mode */ | ||
467 | |||
468 | switch (padding) | ||
469 | { | ||
470 | case RSA_PKCS1_PADDING: | ||
471 | r=RSA_padding_check_PKCS1_type_2(to,num,buf,j,num); | ||
472 | break; | ||
473 | #ifndef OPENSSL_NO_SHA | ||
474 | case RSA_PKCS1_OAEP_PADDING: | ||
475 | r=RSA_padding_check_PKCS1_OAEP(to,num,buf,j,num,NULL,0); | ||
476 | break; | ||
477 | #endif | ||
478 | case RSA_SSLV23_PADDING: | ||
479 | r=RSA_padding_check_SSLv23(to,num,buf,j,num); | ||
480 | break; | ||
481 | case RSA_NO_PADDING: | ||
482 | r=RSA_padding_check_none(to,num,buf,j,num); | ||
483 | break; | ||
484 | default: | ||
485 | RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_UNKNOWN_PADDING_TYPE); | ||
486 | goto err; | ||
487 | } | ||
488 | if (r < 0) | ||
489 | RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_PADDING_CHECK_FAILED); | ||
490 | |||
491 | err: | ||
492 | if (ctx != NULL) BN_CTX_free(ctx); | ||
493 | BN_clear_free(&f); | ||
494 | BN_clear_free(&ret); | ||
495 | if (local_blinding) | ||
496 | BN_BLINDING_free(blinding); | ||
497 | if (buf != NULL) | ||
498 | { | ||
499 | OPENSSL_cleanse(buf,num); | ||
500 | OPENSSL_free(buf); | ||
501 | } | ||
502 | return(r); | ||
503 | } | ||
504 | |||
505 | /* signature verification */ | ||
506 | static int RSA_eay_public_decrypt(FIPS_RSA_SIZE_T flen, const unsigned char *from, | ||
507 | unsigned char *to, RSA *rsa, int padding) | ||
508 | { | ||
509 | BIGNUM f,ret; | ||
510 | int i,num=0,r= -1; | ||
511 | unsigned char *p; | ||
512 | unsigned char *buf=NULL; | ||
513 | BN_CTX *ctx=NULL; | ||
514 | |||
515 | BN_init(&f); | ||
516 | BN_init(&ret); | ||
517 | ctx=BN_CTX_new(); | ||
518 | if (ctx == NULL) goto err; | ||
519 | |||
520 | num=BN_num_bytes(rsa->n); | ||
521 | buf=(unsigned char *)OPENSSL_malloc(num); | ||
522 | if (buf == NULL) | ||
523 | { | ||
524 | RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,ERR_R_MALLOC_FAILURE); | ||
525 | goto err; | ||
526 | } | ||
527 | |||
528 | /* This check was for equality but PGP does evil things | ||
529 | * and chops off the top '0' bytes */ | ||
530 | if (flen > num) | ||
531 | { | ||
532 | RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_DATA_GREATER_THAN_MOD_LEN); | ||
533 | goto err; | ||
534 | } | ||
535 | |||
536 | if (BN_bin2bn(from,flen,&f) == NULL) goto err; | ||
537 | |||
538 | if (BN_ucmp(&f, rsa->n) >= 0) | ||
539 | { | ||
540 | RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS); | ||
541 | goto err; | ||
542 | } | ||
543 | |||
544 | /* do the decrypt */ | ||
545 | if ((rsa->_method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC)) | ||
546 | { | ||
547 | BN_MONT_CTX* bn_mont_ctx; | ||
548 | if ((bn_mont_ctx=BN_MONT_CTX_new()) == NULL) | ||
549 | goto err; | ||
550 | if (!BN_MONT_CTX_set(bn_mont_ctx,rsa->n,ctx)) | ||
551 | { | ||
552 | BN_MONT_CTX_free(bn_mont_ctx); | ||
553 | goto err; | ||
554 | } | ||
555 | if (rsa->_method_mod_n == NULL) /* other thread may have finished first */ | ||
556 | { | ||
557 | CRYPTO_w_lock(CRYPTO_LOCK_RSA); | ||
558 | if (rsa->_method_mod_n == NULL) | ||
559 | { | ||
560 | rsa->_method_mod_n = bn_mont_ctx; | ||
561 | bn_mont_ctx = NULL; | ||
562 | } | ||
563 | CRYPTO_w_unlock(CRYPTO_LOCK_RSA); | ||
564 | } | ||
565 | if (bn_mont_ctx) | ||
566 | BN_MONT_CTX_free(bn_mont_ctx); | ||
567 | } | ||
568 | |||
569 | if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx, | ||
570 | rsa->_method_mod_n)) goto err; | ||
571 | |||
572 | p=buf; | ||
573 | i=BN_bn2bin(&ret,p); | ||
574 | |||
575 | switch (padding) | ||
576 | { | ||
577 | case RSA_PKCS1_PADDING: | ||
578 | r=RSA_padding_check_PKCS1_type_1(to,num,buf,i,num); | ||
579 | break; | ||
580 | case RSA_NO_PADDING: | ||
581 | r=RSA_padding_check_none(to,num,buf,i,num); | ||
582 | break; | ||
583 | default: | ||
584 | RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_UNKNOWN_PADDING_TYPE); | ||
585 | goto err; | ||
586 | } | ||
587 | if (r < 0) | ||
588 | RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_PADDING_CHECK_FAILED); | ||
589 | |||
590 | err: | ||
591 | if (ctx != NULL) BN_CTX_free(ctx); | ||
592 | BN_clear_free(&f); | ||
593 | BN_clear_free(&ret); | ||
594 | if (buf != NULL) | ||
595 | { | ||
596 | OPENSSL_cleanse(buf,num); | ||
597 | OPENSSL_free(buf); | ||
598 | } | ||
599 | return(r); | ||
600 | } | ||
601 | |||
602 | static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) | ||
603 | { | ||
604 | BIGNUM r1,m1,vrfy; | ||
605 | int ret=0; | ||
606 | BN_CTX *ctx; | ||
607 | |||
608 | BN_init(&m1); | ||
609 | BN_init(&r1); | ||
610 | BN_init(&vrfy); | ||
611 | if ((ctx=BN_CTX_new()) == NULL) goto err; | ||
612 | |||
613 | if (rsa->flags & RSA_FLAG_CACHE_PRIVATE) | ||
614 | { | ||
615 | if (rsa->_method_mod_p == NULL) | ||
616 | { | ||
617 | BN_MONT_CTX* bn_mont_ctx; | ||
618 | if ((bn_mont_ctx=BN_MONT_CTX_new()) == NULL) | ||
619 | goto err; | ||
620 | if (!BN_MONT_CTX_set(bn_mont_ctx,rsa->p,ctx)) | ||
621 | { | ||
622 | BN_MONT_CTX_free(bn_mont_ctx); | ||
623 | goto err; | ||
624 | } | ||
625 | if (rsa->_method_mod_p == NULL) /* other thread may have finished first */ | ||
626 | { | ||
627 | CRYPTO_w_lock(CRYPTO_LOCK_RSA); | ||
628 | if (rsa->_method_mod_p == NULL) | ||
629 | { | ||
630 | rsa->_method_mod_p = bn_mont_ctx; | ||
631 | bn_mont_ctx = NULL; | ||
632 | } | ||
633 | CRYPTO_w_unlock(CRYPTO_LOCK_RSA); | ||
634 | } | ||
635 | if (bn_mont_ctx) | ||
636 | BN_MONT_CTX_free(bn_mont_ctx); | ||
637 | } | ||
638 | |||
639 | if (rsa->_method_mod_q == NULL) | ||
640 | { | ||
641 | BN_MONT_CTX* bn_mont_ctx; | ||
642 | if ((bn_mont_ctx=BN_MONT_CTX_new()) == NULL) | ||
643 | goto err; | ||
644 | if (!BN_MONT_CTX_set(bn_mont_ctx,rsa->q,ctx)) | ||
645 | { | ||
646 | BN_MONT_CTX_free(bn_mont_ctx); | ||
647 | goto err; | ||
648 | } | ||
649 | if (rsa->_method_mod_q == NULL) /* other thread may have finished first */ | ||
650 | { | ||
651 | CRYPTO_w_lock(CRYPTO_LOCK_RSA); | ||
652 | if (rsa->_method_mod_q == NULL) | ||
653 | { | ||
654 | rsa->_method_mod_q = bn_mont_ctx; | ||
655 | bn_mont_ctx = NULL; | ||
656 | } | ||
657 | CRYPTO_w_unlock(CRYPTO_LOCK_RSA); | ||
658 | } | ||
659 | if (bn_mont_ctx) | ||
660 | BN_MONT_CTX_free(bn_mont_ctx); | ||
661 | } | ||
662 | } | ||
663 | |||
664 | if (!BN_mod(&r1,I,rsa->q,ctx)) goto err; | ||
665 | if (!rsa->meth->bn_mod_exp(&m1,&r1,rsa->dmq1,rsa->q,ctx, | ||
666 | rsa->_method_mod_q)) goto err; | ||
667 | |||
668 | if (!BN_mod(&r1,I,rsa->p,ctx)) goto err; | ||
669 | if (!rsa->meth->bn_mod_exp(r0,&r1,rsa->dmp1,rsa->p,ctx, | ||
670 | rsa->_method_mod_p)) goto err; | ||
671 | |||
672 | if (!BN_sub(r0,r0,&m1)) goto err; | ||
673 | /* This will help stop the size of r0 increasing, which does | ||
674 | * affect the multiply if it optimised for a power of 2 size */ | ||
675 | if (r0->neg) | ||
676 | if (!BN_add(r0,r0,rsa->p)) goto err; | ||
677 | |||
678 | if (!BN_mul(&r1,r0,rsa->iqmp,ctx)) goto err; | ||
679 | if (!BN_mod(r0,&r1,rsa->p,ctx)) goto err; | ||
680 | /* If p < q it is occasionally possible for the correction of | ||
681 | * adding 'p' if r0 is negative above to leave the result still | ||
682 | * negative. This can break the private key operations: the following | ||
683 | * second correction should *always* correct this rare occurrence. | ||
684 | * This will *never* happen with OpenSSL generated keys because | ||
685 | * they ensure p > q [steve] | ||
686 | */ | ||
687 | if (r0->neg) | ||
688 | if (!BN_add(r0,r0,rsa->p)) goto err; | ||
689 | if (!BN_mul(&r1,r0,rsa->q,ctx)) goto err; | ||
690 | if (!BN_add(r0,&r1,&m1)) goto err; | ||
691 | |||
692 | if (rsa->e && rsa->n) | ||
693 | { | ||
694 | if (!rsa->meth->bn_mod_exp(&vrfy,r0,rsa->e,rsa->n,ctx,NULL)) goto err; | ||
695 | /* If 'I' was greater than (or equal to) rsa->n, the operation | ||
696 | * will be equivalent to using 'I mod n'. However, the result of | ||
697 | * the verify will *always* be less than 'n' so we don't check | ||
698 | * for absolute equality, just congruency. */ | ||
699 | if (!BN_sub(&vrfy, &vrfy, I)) goto err; | ||
700 | if (!BN_mod(&vrfy, &vrfy, rsa->n, ctx)) goto err; | ||
701 | if (vrfy.neg) | ||
702 | if (!BN_add(&vrfy, &vrfy, rsa->n)) goto err; | ||
703 | if (!BN_is_zero(&vrfy)) | ||
704 | /* 'I' and 'vrfy' aren't congruent mod n. Don't leak | ||
705 | * miscalculated CRT output, just do a raw (slower) | ||
706 | * mod_exp and return that instead. */ | ||
707 | if (!rsa->meth->bn_mod_exp(r0,I,rsa->d,rsa->n,ctx,NULL)) goto err; | ||
708 | } | ||
709 | ret=1; | ||
710 | err: | ||
711 | BN_clear_free(&m1); | ||
712 | BN_clear_free(&r1); | ||
713 | BN_clear_free(&vrfy); | ||
714 | BN_CTX_free(ctx); | ||
715 | return(ret); | ||
716 | } | ||
717 | |||
718 | static int RSA_eay_init(RSA *rsa) | ||
719 | { | ||
720 | rsa->flags|=RSA_FLAG_CACHE_PUBLIC|RSA_FLAG_CACHE_PRIVATE; | ||
721 | return(1); | ||
722 | } | ||
723 | |||
724 | static int RSA_eay_finish(RSA *rsa) | ||
725 | { | ||
726 | if (rsa->_method_mod_n != NULL) | ||
727 | BN_MONT_CTX_free(rsa->_method_mod_n); | ||
728 | if (rsa->_method_mod_p != NULL) | ||
729 | BN_MONT_CTX_free(rsa->_method_mod_p); | ||
730 | if (rsa->_method_mod_q != NULL) | ||
731 | BN_MONT_CTX_free(rsa->_method_mod_q); | ||
732 | return(1); | ||
733 | } | ||
734 | |||
735 | #endif | ||
diff --git a/src/lib/libssl/src/fips/rsa/fips_rsa_gen.c b/src/lib/libssl/src/fips/rsa/fips_rsa_gen.c deleted file mode 100644 index 2c92112477..0000000000 --- a/src/lib/libssl/src/fips/rsa/fips_rsa_gen.c +++ /dev/null | |||
@@ -1,249 +0,0 @@ | |||
1 | /* crypto/rsa/rsa_gen.c */ | ||
2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
3 | * All rights reserved. | ||
4 | * | ||
5 | * This package is an SSL implementation written | ||
6 | * by Eric Young (eay@cryptsoft.com). | ||
7 | * The implementation was written so as to conform with Netscapes SSL. | ||
8 | * | ||
9 | * This library is free for commercial and non-commercial use as long as | ||
10 | * the following conditions are aheared to. The following conditions | ||
11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
13 | * included with this distribution is covered by the same copyright terms | ||
14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
15 | * | ||
16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
17 | * the code are not to be removed. | ||
18 | * If this package is used in a product, Eric Young should be given attribution | ||
19 | * as the author of the parts of the library used. | ||
20 | * This can be in the form of a textual message at program startup or | ||
21 | * in documentation (online or textual) provided with the package. | ||
22 | * | ||
23 | * Redistribution and use in source and binary forms, with or without | ||
24 | * modification, are permitted provided that the following conditions | ||
25 | * are met: | ||
26 | * 1. Redistributions of source code must retain the copyright | ||
27 | * notice, this list of conditions and the following disclaimer. | ||
28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
29 | * notice, this list of conditions and the following disclaimer in the | ||
30 | * documentation and/or other materials provided with the distribution. | ||
31 | * 3. All advertising materials mentioning features or use of this software | ||
32 | * must display the following acknowledgement: | ||
33 | * "This product includes cryptographic software written by | ||
34 | * Eric Young (eay@cryptsoft.com)" | ||
35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
36 | * being used are not cryptographic related :-). | ||
37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
38 | * the apps directory (application code) you must include an acknowledgement: | ||
39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
40 | * | ||
41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
51 | * SUCH DAMAGE. | ||
52 | * | ||
53 | * The licence and distribution terms for any publically available version or | ||
54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
55 | * copied and put under another distribution licence | ||
56 | * [including the GNU Public Licence.] | ||
57 | */ | ||
58 | |||
59 | #include <stdio.h> | ||
60 | #include <string.h> | ||
61 | #include <time.h> | ||
62 | #include <openssl/err.h> | ||
63 | #include <openssl/bn.h> | ||
64 | #include <openssl/rsa.h> | ||
65 | #include <openssl/fips.h> | ||
66 | |||
67 | #ifdef OPENSSL_FIPS | ||
68 | |||
69 | static int fips_check_rsa(RSA *rsa) | ||
70 | { | ||
71 | int n; | ||
72 | unsigned char ctext[256]; | ||
73 | unsigned char ptext[256]; | ||
74 | /* The longest we can have with OAEP padding and a 512 bit key */ | ||
75 | static unsigned char original_ptext[] = | ||
76 | "\x01\x23\x45\x67\x89\xab\xcd\xef\x12\x34\x56\x78\x9a\xbc\xde\xf0" | ||
77 | "\x23\x45\x67\x89\xab\xcd"; | ||
78 | |||
79 | /* this will fail for keys shorter than 512 bits */ | ||
80 | n=RSA_public_encrypt(sizeof(original_ptext)-1,original_ptext,ctext,rsa, | ||
81 | RSA_PKCS1_OAEP_PADDING); | ||
82 | if(n < 0) | ||
83 | { | ||
84 | ERR_print_errors_fp(stderr); | ||
85 | exit(1); | ||
86 | } | ||
87 | if(!memcmp(ctext,original_ptext,n)) | ||
88 | { | ||
89 | FIPSerr(FIPS_F_FIPS_CHECK_RSA,FIPS_R_PAIRWISE_TEST_FAILED); | ||
90 | return 0; | ||
91 | } | ||
92 | n=RSA_private_decrypt(n,ctext,ptext,rsa,RSA_PKCS1_OAEP_PADDING); | ||
93 | if(n < 0) | ||
94 | { | ||
95 | ERR_print_errors_fp(stderr); | ||
96 | exit(1); | ||
97 | } | ||
98 | if(n != sizeof(original_ptext)-1 || memcmp(ptext,original_ptext,n)) | ||
99 | { | ||
100 | FIPSerr(FIPS_F_FIPS_CHECK_RSA,FIPS_R_PAIRWISE_TEST_FAILED); | ||
101 | return 0; | ||
102 | } | ||
103 | |||
104 | return 1; | ||
105 | } | ||
106 | |||
107 | RSA *RSA_generate_key(FIPS_RSA_SIZE_T bits, unsigned long e_value, | ||
108 | void (*callback)(int,int,void *), void *cb_arg) | ||
109 | { | ||
110 | RSA *rsa=NULL; | ||
111 | BIGNUM *r0=NULL,*r1=NULL,*r2=NULL,*r3=NULL,*tmp; | ||
112 | int bitsp,bitsq,ok= -1,n=0,i; | ||
113 | BN_CTX *ctx=NULL,*ctx2=NULL; | ||
114 | |||
115 | if(FIPS_selftest_failed()) | ||
116 | { | ||
117 | FIPSerr(FIPS_F_RSA_GENERATE_KEY,FIPS_R_FIPS_SELFTEST_FAILED); | ||
118 | return NULL; | ||
119 | } | ||
120 | |||
121 | ctx=BN_CTX_new(); | ||
122 | if (ctx == NULL) goto err; | ||
123 | ctx2=BN_CTX_new(); | ||
124 | if (ctx2 == NULL) goto err; | ||
125 | BN_CTX_start(ctx); | ||
126 | r0 = BN_CTX_get(ctx); | ||
127 | r1 = BN_CTX_get(ctx); | ||
128 | r2 = BN_CTX_get(ctx); | ||
129 | r3 = BN_CTX_get(ctx); | ||
130 | if (r3 == NULL) goto err; | ||
131 | |||
132 | bitsp=(bits+1)/2; | ||
133 | bitsq=bits-bitsp; | ||
134 | rsa=RSA_new(); | ||
135 | if (rsa == NULL) goto err; | ||
136 | |||
137 | /* set e */ | ||
138 | rsa->e=BN_new(); | ||
139 | if (rsa->e == NULL) goto err; | ||
140 | |||
141 | #if 1 | ||
142 | /* The problem is when building with 8, 16, or 32 BN_ULONG, | ||
143 | * unsigned long can be larger */ | ||
144 | for (i=0; i<sizeof(unsigned long)*8; i++) | ||
145 | { | ||
146 | if (e_value & (1UL<<i)) | ||
147 | BN_set_bit(rsa->e,i); | ||
148 | } | ||
149 | #else | ||
150 | if (!BN_set_word(rsa->e,e_value)) goto err; | ||
151 | #endif | ||
152 | |||
153 | /* generate p and q */ | ||
154 | for (;;) | ||
155 | { | ||
156 | rsa->p=BN_generate_prime(NULL,bitsp,0,NULL,NULL,callback,cb_arg); | ||
157 | if (rsa->p == NULL) goto err; | ||
158 | if (!BN_sub(r2,rsa->p,BN_value_one())) goto err; | ||
159 | if (!BN_gcd(r1,r2,rsa->e,ctx)) goto err; | ||
160 | if (BN_is_one(r1)) break; | ||
161 | if (callback != NULL) callback(2,n++,cb_arg); | ||
162 | BN_free(rsa->p); | ||
163 | } | ||
164 | if (callback != NULL) callback(3,0,cb_arg); | ||
165 | for (;;) | ||
166 | { | ||
167 | rsa->q=BN_generate_prime(NULL,bitsq,0,NULL,NULL,callback,cb_arg); | ||
168 | if (rsa->q == NULL) goto err; | ||
169 | if (!BN_sub(r2,rsa->q,BN_value_one())) goto err; | ||
170 | if (!BN_gcd(r1,r2,rsa->e,ctx)) goto err; | ||
171 | if (BN_is_one(r1) && (BN_cmp(rsa->p,rsa->q) != 0)) | ||
172 | break; | ||
173 | if (callback != NULL) callback(2,n++,cb_arg); | ||
174 | BN_free(rsa->q); | ||
175 | } | ||
176 | if (callback != NULL) callback(3,1,cb_arg); | ||
177 | if (BN_cmp(rsa->p,rsa->q) < 0) | ||
178 | { | ||
179 | tmp=rsa->p; | ||
180 | rsa->p=rsa->q; | ||
181 | rsa->q=tmp; | ||
182 | } | ||
183 | |||
184 | /* calculate n */ | ||
185 | rsa->n=BN_new(); | ||
186 | if (rsa->n == NULL) goto err; | ||
187 | if (!BN_mul(rsa->n,rsa->p,rsa->q,ctx)) goto err; | ||
188 | |||
189 | /* calculate d */ | ||
190 | if (!BN_sub(r1,rsa->p,BN_value_one())) goto err; /* p-1 */ | ||
191 | if (!BN_sub(r2,rsa->q,BN_value_one())) goto err; /* q-1 */ | ||
192 | if (!BN_mul(r0,r1,r2,ctx)) goto err; /* (p-1)(q-1) */ | ||
193 | |||
194 | /* should not be needed, since gcd(p-1,e) == 1 and gcd(q-1,e) == 1 */ | ||
195 | /* for (;;) | ||
196 | { | ||
197 | if (!BN_gcd(r3,r0,rsa->e,ctx)) goto err; | ||
198 | if (BN_is_one(r3)) break; | ||
199 | |||
200 | if (1) | ||
201 | { | ||
202 | if (!BN_add_word(rsa->e,2L)) goto err; | ||
203 | continue; | ||
204 | } | ||
205 | RSAerr(RSA_F_RSA_GENERATE_KEY,RSA_R_BAD_E_VALUE); | ||
206 | goto err; | ||
207 | } | ||
208 | */ | ||
209 | rsa->d=BN_mod_inverse(NULL,rsa->e,r0,ctx2); /* d */ | ||
210 | if (rsa->d == NULL) goto err; | ||
211 | |||
212 | /* calculate d mod (p-1) */ | ||
213 | rsa->dmp1=BN_new(); | ||
214 | if (rsa->dmp1 == NULL) goto err; | ||
215 | if (!BN_mod(rsa->dmp1,rsa->d,r1,ctx)) goto err; | ||
216 | |||
217 | /* calculate d mod (q-1) */ | ||
218 | rsa->dmq1=BN_new(); | ||
219 | if (rsa->dmq1 == NULL) goto err; | ||
220 | if (!BN_mod(rsa->dmq1,rsa->d,r2,ctx)) goto err; | ||
221 | |||
222 | /* calculate inverse of q mod p */ | ||
223 | rsa->iqmp=BN_mod_inverse(NULL,rsa->q,rsa->p,ctx2); | ||
224 | if (rsa->iqmp == NULL) goto err; | ||
225 | |||
226 | if(!fips_check_rsa(rsa)) | ||
227 | goto err; | ||
228 | |||
229 | ok=1; | ||
230 | err: | ||
231 | if (ok == -1) | ||
232 | { | ||
233 | RSAerr(RSA_F_RSA_GENERATE_KEY,ERR_LIB_BN); | ||
234 | ok=0; | ||
235 | } | ||
236 | BN_CTX_end(ctx); | ||
237 | BN_CTX_free(ctx); | ||
238 | BN_CTX_free(ctx2); | ||
239 | |||
240 | if (!ok) | ||
241 | { | ||
242 | if (rsa != NULL) RSA_free(rsa); | ||
243 | return(NULL); | ||
244 | } | ||
245 | else | ||
246 | return(rsa); | ||
247 | } | ||
248 | |||
249 | #endif | ||
diff --git a/src/lib/libssl/src/fips/rsa/fips_rsa_selftest.c b/src/lib/libssl/src/fips/rsa/fips_rsa_selftest.c deleted file mode 100644 index 4e3b9445fc..0000000000 --- a/src/lib/libssl/src/fips/rsa/fips_rsa_selftest.c +++ /dev/null | |||
@@ -1,251 +0,0 @@ | |||
1 | /* ==================================================================== | ||
2 | * Copyright (c) 2003 The OpenSSL Project. All rights reserved. | ||
3 | * | ||
4 | * Redistribution and use in source and binary forms, with or without | ||
5 | * modification, are permitted provided that the following conditions | ||
6 | * are met: | ||
7 | * | ||
8 | * 1. Redistributions of source code must retain the above copyright | ||
9 | * notice, this list of conditions and the following disclaimer. | ||
10 | * | ||
11 | * 2. Redistributions in binary form must reproduce the above copyright | ||
12 | * notice, this list of conditions and the following disclaimer in | ||
13 | * the documentation and/or other materials provided with the | ||
14 | * distribution. | ||
15 | * | ||
16 | * 3. All advertising materials mentioning features or use of this | ||
17 | * software must display the following acknowledgment: | ||
18 | * "This product includes software developed by the OpenSSL Project | ||
19 | * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" | ||
20 | * | ||
21 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
22 | * endorse or promote products derived from this software without | ||
23 | * prior written permission. For written permission, please contact | ||
24 | * openssl-core@openssl.org. | ||
25 | * | ||
26 | * 5. Products derived from this software may not be called "OpenSSL" | ||
27 | * nor may "OpenSSL" appear in their names without prior written | ||
28 | * permission of the OpenSSL Project. | ||
29 | * | ||
30 | * 6. Redistributions of any form whatsoever must retain the following | ||
31 | * acknowledgment: | ||
32 | * "This product includes software developed by the OpenSSL Project | ||
33 | * for use in the OpenSSL Toolkit (http://www.openssl.org/)" | ||
34 | * | ||
35 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
36 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
37 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
38 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
39 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
40 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
41 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
42 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
43 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
44 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
45 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
46 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
47 | * | ||
48 | */ | ||
49 | |||
50 | #include <string.h> | ||
51 | #include <openssl/err.h> | ||
52 | #include <openssl/fips.h> | ||
53 | #include <openssl/rsa.h> | ||
54 | #include <openssl/sha.h> | ||
55 | #include <openssl/opensslconf.h> | ||
56 | |||
57 | #ifdef OPENSSL_FIPS | ||
58 | #define SetKey \ | ||
59 | key->n = BN_bin2bn(n, sizeof(n)-1, key->n); \ | ||
60 | key->e = BN_bin2bn(e, sizeof(e)-1, key->e); \ | ||
61 | key->d = BN_bin2bn(d, sizeof(d)-1, key->d); \ | ||
62 | key->p = BN_bin2bn(p, sizeof(p)-1, key->p); \ | ||
63 | key->q = BN_bin2bn(q, sizeof(q)-1, key->q); \ | ||
64 | key->dmp1 = BN_bin2bn(dmp1, sizeof(dmp1)-1, key->dmp1); \ | ||
65 | key->dmq1 = BN_bin2bn(dmq1, sizeof(dmq1)-1, key->dmq1); \ | ||
66 | key->iqmp = BN_bin2bn(iqmp, sizeof(iqmp)-1, key->iqmp); \ | ||
67 | memcpy(c, ctext_ex, sizeof(ctext_ex) - 1); \ | ||
68 | return (sizeof(ctext_ex) - 1); | ||
69 | |||
70 | static unsigned char n[] = | ||
71 | "\x00\xBB\xF8\x2F\x09\x06\x82\xCE\x9C\x23\x38\xAC\x2B\x9D\xA8\x71" | ||
72 | "\xF7\x36\x8D\x07\xEE\xD4\x10\x43\xA4\x40\xD6\xB6\xF0\x74\x54\xF5" | ||
73 | "\x1F\xB8\xDF\xBA\xAF\x03\x5C\x02\xAB\x61\xEA\x48\xCE\xEB\x6F\xCD" | ||
74 | "\x48\x76\xED\x52\x0D\x60\xE1\xEC\x46\x19\x71\x9D\x8A\x5B\x8B\x80" | ||
75 | "\x7F\xAF\xB8\xE0\xA3\xDF\xC7\x37\x72\x3E\xE6\xB4\xB7\xD9\x3A\x25" | ||
76 | "\x84\xEE\x6A\x64\x9D\x06\x09\x53\x74\x88\x34\xB2\x45\x45\x98\x39" | ||
77 | "\x4E\xE0\xAA\xB1\x2D\x7B\x61\xA5\x1F\x52\x7A\x9A\x41\xF6\xC1\x68" | ||
78 | "\x7F\xE2\x53\x72\x98\xCA\x2A\x8F\x59\x46\xF8\xE5\xFD\x09\x1D\xBD" | ||
79 | "\xCB"; | ||
80 | |||
81 | |||
82 | static int setrsakey(RSA *key, unsigned char *c) | ||
83 | { | ||
84 | static unsigned char e[] = "\x11"; | ||
85 | |||
86 | static unsigned char d[] = | ||
87 | "\x00\xA5\xDA\xFC\x53\x41\xFA\xF2\x89\xC4\xB9\x88\xDB\x30\xC1\xCD" | ||
88 | "\xF8\x3F\x31\x25\x1E\x06\x68\xB4\x27\x84\x81\x38\x01\x57\x96\x41" | ||
89 | "\xB2\x94\x10\xB3\xC7\x99\x8D\x6B\xC4\x65\x74\x5E\x5C\x39\x26\x69" | ||
90 | "\xD6\x87\x0D\xA2\xC0\x82\xA9\x39\xE3\x7F\xDC\xB8\x2E\xC9\x3E\xDA" | ||
91 | "\xC9\x7F\xF3\xAD\x59\x50\xAC\xCF\xBC\x11\x1C\x76\xF1\xA9\x52\x94" | ||
92 | "\x44\xE5\x6A\xAF\x68\xC5\x6C\x09\x2C\xD3\x8D\xC3\xBE\xF5\xD2\x0A" | ||
93 | "\x93\x99\x26\xED\x4F\x74\xA1\x3E\xDD\xFB\xE1\xA1\xCE\xCC\x48\x94" | ||
94 | "\xAF\x94\x28\xC2\xB7\xB8\x88\x3F\xE4\x46\x3A\x4B\xC8\x5B\x1C\xB3" | ||
95 | "\xC1"; | ||
96 | |||
97 | static unsigned char p[] = | ||
98 | "\x00\xEE\xCF\xAE\x81\xB1\xB9\xB3\xC9\x08\x81\x0B\x10\xA1\xB5\x60" | ||
99 | "\x01\x99\xEB\x9F\x44\xAE\xF4\xFD\xA4\x93\xB8\x1A\x9E\x3D\x84\xF6" | ||
100 | "\x32\x12\x4E\xF0\x23\x6E\x5D\x1E\x3B\x7E\x28\xFA\xE7\xAA\x04\x0A" | ||
101 | "\x2D\x5B\x25\x21\x76\x45\x9D\x1F\x39\x75\x41\xBA\x2A\x58\xFB\x65" | ||
102 | "\x99"; | ||
103 | |||
104 | static unsigned char q[] = | ||
105 | "\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9" | ||
106 | "\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5A\x0F\x20\x35\x02\x8B\x9D" | ||
107 | "\x86\x98\x40\xB4\x16\x66\xB4\x2E\x92\xEA\x0D\xA3\xB4\x32\x04\xB5" | ||
108 | "\xCF\xCE\x33\x52\x52\x4D\x04\x16\xA5\xA4\x41\xE7\x00\xAF\x46\x15" | ||
109 | "\x03"; | ||
110 | |||
111 | static unsigned char dmp1[] = | ||
112 | "\x54\x49\x4C\xA6\x3E\xBA\x03\x37\xE4\xE2\x40\x23\xFC\xD6\x9A\x5A" | ||
113 | "\xEB\x07\xDD\xDC\x01\x83\xA4\xD0\xAC\x9B\x54\xB0\x51\xF2\xB1\x3E" | ||
114 | "\xD9\x49\x09\x75\xEA\xB7\x74\x14\xFF\x59\xC1\xF7\x69\x2E\x9A\x2E" | ||
115 | "\x20\x2B\x38\xFC\x91\x0A\x47\x41\x74\xAD\xC9\x3C\x1F\x67\xC9\x81"; | ||
116 | |||
117 | static unsigned char dmq1[] = | ||
118 | "\x47\x1E\x02\x90\xFF\x0A\xF0\x75\x03\x51\xB7\xF8\x78\x86\x4C\xA9" | ||
119 | "\x61\xAD\xBD\x3A\x8A\x7E\x99\x1C\x5C\x05\x56\xA9\x4C\x31\x46\xA7" | ||
120 | "\xF9\x80\x3F\x8F\x6F\x8A\xE3\x42\xE9\x31\xFD\x8A\xE4\x7A\x22\x0D" | ||
121 | "\x1B\x99\xA4\x95\x84\x98\x07\xFE\x39\xF9\x24\x5A\x98\x36\xDA\x3D"; | ||
122 | |||
123 | static unsigned char iqmp[] = | ||
124 | "\x00\xB0\x6C\x4F\xDA\xBB\x63\x01\x19\x8D\x26\x5B\xDB\xAE\x94\x23" | ||
125 | "\xB3\x80\xF2\x71\xF7\x34\x53\x88\x50\x93\x07\x7F\xCD\x39\xE2\x11" | ||
126 | "\x9F\xC9\x86\x32\x15\x4F\x58\x83\xB1\x67\xA9\x67\xBF\x40\x2B\x4E" | ||
127 | "\x9E\x2E\x0F\x96\x56\xE6\x98\xEA\x36\x66\xED\xFB\x25\x79\x80\x39" | ||
128 | "\xF7"; | ||
129 | |||
130 | static unsigned char ctext_ex[] = | ||
131 | "\x42\x4b\xc9\x51\x61\xd4\xca\xa0\x18\x6c\x4d\xca\x61\x8f\x2d\x07" | ||
132 | "\x8c\x63\xc5\x6b\xa2\x4c\x32\xb1\xda\xb7\xdd\x32\xb6\x51\x68\xc3" | ||
133 | "\x6e\x98\x46\xd6\xbb\x1a\xd5\x99\x05\x92\x7c\xd7\xbc\x08\x9e\xe4" | ||
134 | "\xc3\x70\x4d\xe6\x99\x7e\x61\x31\x07\x7a\x19\xdb\x3e\x11\xfa\x3d" | ||
135 | "\x7c\x61\xd7\x78\x14\x3f\x05\x16\xa0\xc4\xbf\xcd\xee\xca\x67\x4c" | ||
136 | "\x80\x4e\xca\x43\x2f\x35\x43\x58\xa7\x50\x7e\x3e\x52\x82\xab\xac" | ||
137 | "\xa6\x50\xe8\x39\x9f\xe0\x7f\x58\x1d\x1b\x90\x93\x04\xec\xb3\xf9" | ||
138 | "\x24\xd3\x75\x3e\x39\xd1\x14\xc6\x33\xce\xd6\xee\x20\x47\xec\xe4"; | ||
139 | |||
140 | SetKey; | ||
141 | } | ||
142 | |||
143 | void FIPS_corrupt_rsa() | ||
144 | { | ||
145 | n[0]++; | ||
146 | } | ||
147 | |||
148 | int FIPS_selftest_rsa() | ||
149 | { | ||
150 | int clen; | ||
151 | RSA *key; | ||
152 | unsigned char expected_ctext[256]; | ||
153 | unsigned char ctext[256]; | ||
154 | unsigned char ptext[256]; | ||
155 | static unsigned char original_ptext[] = | ||
156 | "\x01\x23\x45\x67\x89\xab\xcd\xef\x12\x34\x56\x78\x9a\xbc\xde\xf0" | ||
157 | "\x23\x45\x67\x89\xab\xcd\xef\x12\x34\x56\x78\x9a\xbc\xde\xf0\x12" | ||
158 | "\x45\x67\x89\xab\xcd\xef\x12\x34\x56\x78\x9a\xbc\xde\xf0\x12\x34" | ||
159 | "\x67\x89\xab\xcd\xef\x12\x34\x56\x78\x9a\xbc\xde\xf0\x12\x34\x56" | ||
160 | "\x89\xab\xcd\xef\x12\x34\x56\x78\x9a\xbc\xde\xf0\x12\x34\x56\x78" | ||
161 | "\xab\xcd\xef\x12\x34\x56\x78\x9a\xbc\xde\xf0\x12\x34\x56\x78\x9a" | ||
162 | "\xcd\xef\x12\x34\x56\x78\x9a\xbc\xde\xf0\x12\x34\x56\x78\x9a\xbc" | ||
163 | "\xef\x12\x34\x56\x78\x9a\xbc\xde\xf0\x12\x34\x56\x78\x9a\xbc\xde" | ||
164 | "\xf0\x12\x34\x56\x78\x9a\xbc\xde\xf0\x12\x34\x56\x78\x9a\xbc\xde"; | ||
165 | unsigned char md[SHA_DIGEST_LENGTH]; | ||
166 | unsigned char mdkat[SHA_DIGEST_LENGTH] = | ||
167 | "\x2d\x57\x1d\x6f\x5c\x37\xf9\xf0\x3b\xb4\x3c\xe8\x2c\x4c\xb3\x04" | ||
168 | "\x75\xa2\x0e\xfb"; | ||
169 | unsigned char ctextkat[] = | ||
170 | "\x3e\xc5\x0a\xbe\x29\xa2\xca\x9a\x35\x14\x17\x26\xa4\x0f\xa3\x03" | ||
171 | "\x65\xb5\x37\xf5\x6a\xaa\xb\xf\x2c\x0d\x8\xc0\x73\x8\x3c\x88\x85" | ||
172 | "\x36\x68\x16\xfe\x2f\x59\x77\x7e\x2a\x76\x9a\xc7\x27\x19\x9b\x54" | ||
173 | "\x14\x87\xf3\xe0\xce\x1e\x68\x10\x40\x14\xac\xbc\xe6\x6f\x26\x1f" | ||
174 | "\x55\xd1\x15\x81\x48\x10\xf4\x89\xe5\x67\x52\x42\x87\x04\x74\x4e" | ||
175 | "\x96\x14\x7c\x53\xc9\x1e\x84\x11\x7d\x7d\x23\xbd\xff\x6c\xcb\x00" | ||
176 | "\x96\x2e\x7d\xfb\x47\xea\x78\xcd\xd8\x04\x3a\x98\x06\x13\x68\x39" | ||
177 | "\xa1\xe2\xbc\x9f\x64\xc7\x62\xf0\x74\x4d\x42\xe0\x0b\xcf\x24\x48"; | ||
178 | int i; | ||
179 | |||
180 | /* Perform pairwise consistency test by: ... */ | ||
181 | |||
182 | key=RSA_new(); | ||
183 | clen=setrsakey(key,expected_ctext); | ||
184 | /* ...1) apply public key to plaintext, resulting ciphertext must be | ||
185 | * different | ||
186 | */ | ||
187 | i=RSA_public_encrypt(128,original_ptext,ctext,key, | ||
188 | RSA_NO_PADDING); | ||
189 | if(i != clen || memcmp(ctext,expected_ctext,i)) | ||
190 | { | ||
191 | FIPSerr(FIPS_F_FIPS_SELFTEST_RSA,FIPS_R_SELFTEST_FAILED); | ||
192 | return 0; | ||
193 | } | ||
194 | if(!memcmp(ctext,original_ptext,i)) | ||
195 | { | ||
196 | FIPSerr(FIPS_F_FIPS_SELFTEST_RSA,FIPS_R_SELFTEST_FAILED); | ||
197 | return 0; | ||
198 | } | ||
199 | /* ...2) apply private key to ciphertext and compare result to | ||
200 | * original plaintext; results must be equal | ||
201 | */ | ||
202 | i=RSA_private_decrypt(i,ctext,ptext,key,RSA_NO_PADDING); | ||
203 | if(i != 128 || memcmp(ptext,original_ptext,i)) | ||
204 | { | ||
205 | FIPSerr(FIPS_F_FIPS_SELFTEST_RSA,FIPS_R_SELFTEST_FAILED); | ||
206 | return 0; | ||
207 | } | ||
208 | |||
209 | /* Perform sign and verify Known Answer Test by... */ | ||
210 | |||
211 | /* ...1) using the same RSA key to encrypt the SHA-1 hash of a | ||
212 | * plaintext value larger than the RSA key size | ||
213 | */ | ||
214 | if (RSA_size(key) >= sizeof(original_ptext) - 1) | ||
215 | { | ||
216 | FIPSerr(FIPS_F_FIPS_SELFTEST_RSA,FIPS_R_SELFTEST_FAILED); | ||
217 | return 0; | ||
218 | } | ||
219 | /* ...2) then generate the SHA-1 digest of plaintext, and compare the | ||
220 | * digest to the Known Answer (note here we duplicate the SHA-1 KAT) | ||
221 | */ | ||
222 | SHA1(original_ptext,sizeof(original_ptext) - 1,md); | ||
223 | if(memcmp(md,mdkat,SHA_DIGEST_LENGTH)) | ||
224 | { | ||
225 | FIPSerr(FIPS_F_FIPS_SELFTEST_SHA1,FIPS_R_SELFTEST_FAILED); | ||
226 | return 0; | ||
227 | } | ||
228 | /* ...3) then encrypt the digest, and compare the ciphertext | ||
229 | * to the Known Answer | ||
230 | */ | ||
231 | i=RSA_private_encrypt(sizeof(md),md,ctext,key,RSA_PKCS1_PADDING); | ||
232 | if(i != clen || memcmp(ctextkat,ctext,i)) | ||
233 | { | ||
234 | FIPSerr(FIPS_F_FIPS_SELFTEST_RSA,FIPS_R_SELFTEST_FAILED); | ||
235 | return 0; | ||
236 | } | ||
237 | /* ...4) and finally decrypt the signed digest and compare with | ||
238 | * the original Known Answer | ||
239 | */ | ||
240 | i=RSA_public_decrypt(i,ctext,md,key,RSA_PKCS1_PADDING); | ||
241 | if(i != sizeof(md) || memcmp(mdkat,md,i)) | ||
242 | { | ||
243 | FIPSerr(FIPS_F_FIPS_SELFTEST_RSA,FIPS_R_SELFTEST_FAILED); | ||
244 | return 0; | ||
245 | } | ||
246 | |||
247 | RSA_free(key); | ||
248 | return 1; | ||
249 | } | ||
250 | |||
251 | #endif /* def OPENSSL_FIPS */ | ||