1 files changed, 372 insertions, 136 deletions
diff --git a/src/lib/libssl/src/fips/dsa/fips_dssvs.c b/src/lib/libssl/src/fips/dsa/fips_dssvs.c
index 50a4d96986..aa74e8e636 100644
--- a/src/lib/libssl/src/fips/dsa/fips_dssvs.c
+++ b/src/lib/libssl/src/fips/dsa/fips_dssvs.c
@@ -1,104 +1,64 @@
+#include <openssl/opensslconf.h>
+#ifndef OPENSSL_FIPS
+#include <stdio.h>
+int main(int argc, char **argv)
+{
+    printf("No FIPS DSA support\n");
+    return(0);
+}
+#else
 #include <openssl/bn.h>
 #include <openssl/dsa.h>
 #include <openssl/fips.h>
 #include <openssl/err.h>
-#include <openssl/sha.h>
+#include <openssl/evp.h>
 #include <string.h>
+#include <ctype.h>
-int hex2bin(const char *in, unsigned char *out)
+#include "fips_utl.h"
-    {
-    int n1, n2;
-    unsigned char ch;
-    for (n1=0,n2=0 ; in[n1] && in[n1] != '\n' ; )
-        { /* first byte */
-        if ((in[n1] >= '0') && (in[n1] <= '9'))
-            ch = in[n1++] - '0';
-        else if ((in[n1] >= 'A') && (in[n1] <= 'F'))
-            ch = in[n1++] - 'A' + 10;
-        else if ((in[n1] >= 'a') && (in[n1] <= 'f'))
-            ch = in[n1++] - 'a' + 10;
-        else
-            return -1;
-        if(!in[n1])
-            {
-            out[n2++]=ch;
-            break;
-            }
-        out[n2] = ch << 4;
-        /* second byte */
-        if ((in[n1] >= '0') && (in[n1] <= '9'))
-            ch = in[n1++] - '0';
-        else if ((in[n1] >= 'A') && (in[n1] <= 'F'))
-            ch = in[n1++] - 'A' + 10;
-        else if ((in[n1] >= 'a') && (in[n1] <= 'f'))
-            ch = in[n1++] - 'a' + 10;
-        else
-            return -1;
-        out[n2++] |= ch;
-        }
-    return n2;
-    }
-BIGNUM *hex2bn(const char *in)
-    {
-    BIGNUM *p=BN_new();
-    BN_hex2bn(&p,in);
-    return p;
+static void pbn(const char *name, BIGNUM *bn)
-    }
-int bin2hex(const unsigned char *in,int len,char *out)
-    {
-    int n1, n2;
-    unsigned char ch;
-    for (n1=0,n2=0 ; n1 < len ; ++n1)
        {
-        ch=in[n1] >> 4;
+        int len, i;
-        if (ch <= 0x09)
+        unsigned char *tmp;
-            out[n2++]=ch+'0';
+        len = BN_num_bytes(bn);
-        else
+        tmp = OPENSSL_malloc(len);
-            out[n2++]=ch-10+'a';
+        if (!tmp)
-        ch=in[n1] & 0x0f;
+                {
-        if(ch <= 0x09)
+                fprintf(stderr, "Memory allocation error\n");
-            out[n2++]=ch+'0';
+                return;
-        else
+                }
-            out[n2++]=ch-10+'a';
+        BN_bn2bin(bn, tmp);
+        printf("%s = ", name);
+        for (i = 0; i < len; i++)
+                printf("%02X", tmp[i]);
+        fputs("\n", stdout);
+        OPENSSL_free(tmp);
+        return;
        }
-    out[n2]='\0';
-    return n2;
-    }
-void pv(const char *tag,const unsigned char *val,int len)
-    {
-    char obuf[2048];
-    bin2hex(val,len,obuf);
-    printf("%s = %s\n",tag,obuf);
-    }
-void pbn(const char *tag,const BIGNUM *val)
-    {
-    printf("%s = %s\n",tag,BN_bn2hex(val));
-    }
 void primes()
    {
    char buf[10240];
+    char lbuf[10240];
+    char *keyword, *value;
    while(fgets(buf,sizeof buf,stdin) != NULL)
        {
        fputs(buf,stdout);
-        if(!strncmp(buf,"Prime= ",7))
+        if (!parse_line(&keyword, &value, lbuf, buf))
+                continue;
+        if(!strcmp(keyword,"Prime"))
            {
            BIGNUM *pp;
            pp=BN_new();
-            BN_hex2bn(&pp,buf+7);
+            do_hex2bn(&pp,value);
            printf("result= %c\n",
-                   BN_is_prime(pp,20,NULL,NULL,NULL) ? 'P' : 'F');
+                   BN_is_prime_ex(pp,20,NULL,NULL) ? 'P' : 'F');
            }       
        }
    }
@@ -106,15 +66,22 @@ void primes()
 void pqg()
    {
    char buf[1024];
+    char lbuf[1024];
+    char *keyword, *value;
    int nmod=0;
    while(fgets(buf,sizeof buf,stdin) != NULL)
        {
-        if(!strncmp(buf,"[mod = ",7))
+        if (!parse_line(&keyword, &value, lbuf, buf))
-            nmod=atoi(buf+7);
+                {
-        else if(!strncmp(buf,"N = ",4))
+                fputs(buf,stdout);
+                continue;
+                }
+        if(!strcmp(keyword,"[mod"))
+            nmod=atoi(value);
+        else if(!strcmp(keyword,"N"))
            {
-            int n=atoi(buf+4);
+            int n=atoi(value);
            printf("[mod = %d]\n\n",nmod);
@@ -124,11 +91,16 @@ void pqg()
                DSA *dsa;
                int counter;
                unsigned long h;
+                dsa = FIPS_dsa_new();
-                dsa=DSA_generate_parameters(nmod,seed,0,&counter,&h,NULL,NULL);
-                printf("P = %s\n",BN_bn2hex(dsa->p));
+                if (!DSA_generate_parameters_ex(dsa, nmod,seed,0,&counter,&h,NULL))
-                printf("Q = %s\n",BN_bn2hex(dsa->q));
+                        {
-                printf("G = %s\n",BN_bn2hex(dsa->g));
+                        do_print_errors();
+                        exit(1);
+                        }
+                pbn("P",dsa->p);
+                pbn("Q",dsa->q);
+                pbn("G",dsa->g);
                pv("Seed",seed,20);
                printf("c = %d\n",counter);
                printf("H = %lx\n",h);
@@ -140,23 +112,226 @@ void pqg()
        }
    }
+void pqgver()
+    {
+    char buf[1024];
+    char lbuf[1024];
+    char *keyword, *value;
+    BIGNUM *p = NULL, *q = NULL, *g = NULL;
+    int counter, counter2;
+    unsigned long h, h2;
+    DSA *dsa=NULL;
+    int nmod=0;
+    unsigned char seed[1024];
+    while(fgets(buf,sizeof buf,stdin) != NULL)
+        {
+        if (!parse_line(&keyword, &value, lbuf, buf))
+                {
+                fputs(buf,stdout);
+                continue;
+                }
+        if(!strcmp(keyword,"[mod"))
+            nmod=atoi(value);
+        else if(!strcmp(keyword,"P"))
+            p=hex2bn(value);
+        else if(!strcmp(keyword,"Q"))
+            q=hex2bn(value);
+        else if(!strcmp(keyword,"G"))
+            g=hex2bn(value);
+        else if(!strcmp(keyword,"Seed"))
+            {
+            int slen = hex2bin(value, seed);
+            if (slen != 20)
+                {
+                fprintf(stderr, "Seed parse length error\n");
+                exit (1);
+                }
+            }
+        else if(!strcmp(keyword,"c"))
+            counter =atoi(buf+4);
+        else if(!strcmp(keyword,"H"))
+            {
+            h = atoi(value);
+            if (!p || !q || !g)
+                {
+                fprintf(stderr, "Parse Error\n");
+                exit (1);
+                }
+            pbn("P",p);
+            pbn("Q",q);
+            pbn("G",g);
+            pv("Seed",seed,20);
+            printf("c = %d\n",counter);
+            printf("H = %lx\n",h);
+            dsa = FIPS_dsa_new();
+            if (!DSA_generate_parameters_ex(dsa, nmod,seed,20 ,&counter2,&h2,NULL))
+                        {
+                        do_print_errors();
+                        exit(1);
+                        }
+            if (BN_cmp(dsa->p, p) || BN_cmp(dsa->q, q) || BN_cmp(dsa->g, g)
+                || (counter != counter2) || (h != h2))
+                printf("Result = F\n");
+            else
+                printf("Result = T\n");
+            BN_free(p);
+            BN_free(q);
+            BN_free(g);
+            p = NULL;
+            q = NULL;
+            g = NULL;
+            FIPS_dsa_free(dsa);
+            dsa = NULL;
+            }
+        }
+    }
+/* Keypair verification routine. NB: this isn't part of the standard FIPS140-2
+ * algorithm tests. It is an additional test to perform sanity checks on the
+ * output of the KeyPair test.
+ */
+static int dss_paramcheck(int nmod, BIGNUM *p, BIGNUM *q, BIGNUM *g,
+                                                        BN_CTX *ctx)
+    {
+    BIGNUM *rem = NULL;
+    if (BN_num_bits(p) != nmod)
+        return 0;
+    if (BN_num_bits(q) != 160)
+        return 0;
+    if (BN_is_prime_ex(p, BN_prime_checks, ctx, NULL) != 1)
+        return 0;
+    if (BN_is_prime_ex(q, BN_prime_checks, ctx, NULL) != 1)
+        return 0;
+    rem = BN_new();
+    if (!BN_mod(rem, p, q, ctx) || !BN_is_one(rem)
+        || (BN_cmp(g, BN_value_one()) <= 0)
+        || !BN_mod_exp(rem, g, q, p, ctx) || !BN_is_one(rem))
+        {
+        BN_free(rem);
+        return 0;
+        }
+    /* Todo: check g */
+    BN_free(rem);
+    return 1;
+    }
+void keyver()
+    {
+    char buf[1024];
+    char lbuf[1024];
+    char *keyword, *value;
+    BIGNUM *p = NULL, *q = NULL, *g = NULL, *X = NULL, *Y = NULL;
+    BIGNUM *Y2;
+    BN_CTX *ctx = NULL;
+    int nmod=0, paramcheck = 0;
+    ctx = BN_CTX_new();
+    Y2 = BN_new();
+    while(fgets(buf,sizeof buf,stdin) != NULL)
+        {
+        if (!parse_line(&keyword, &value, lbuf, buf))
+                {
+                fputs(buf,stdout);
+                continue;
+                }
+        if(!strcmp(keyword,"[mod"))
+            {
+            if (p)
+                BN_free(p);
+            p = NULL;
+            if (q)
+                BN_free(q);
+            q = NULL;
+            if (g)
+                BN_free(g);
+            g = NULL;
+            paramcheck = 0;
+            nmod=atoi(value);
+            }
+        else if(!strcmp(keyword,"P"))
+            p=hex2bn(value);
+        else if(!strcmp(keyword,"Q"))
+            q=hex2bn(value);
+        else if(!strcmp(keyword,"G"))
+            g=hex2bn(value);
+        else if(!strcmp(keyword,"X"))
+            X=hex2bn(value);
+        else if(!strcmp(keyword,"Y"))
+            {
+            Y=hex2bn(value);
+            if (!p || !q || !g || !X || !Y)
+                {
+                fprintf(stderr, "Parse Error\n");
+                exit (1);
+                }
+            pbn("P",p);
+            pbn("Q",q);
+            pbn("G",g);
+            pbn("X",X);
+            pbn("Y",Y);
+            if (!paramcheck)
+                {
+                if (dss_paramcheck(nmod, p, q, g, ctx))
+                        paramcheck = 1;
+                else
+                        paramcheck = -1;
+                }
+            if (paramcheck != 1)
+                printf("Result = F\n");
+            else
+                {
+                if (!BN_mod_exp(Y2, g, X, p, ctx) || BN_cmp(Y2, Y))
+                        printf("Result = F\n");
+                else
+                        printf("Result = T\n");
+                }
+            BN_free(X);
+            BN_free(Y);
+            X = NULL;
+            Y = NULL;
+            }
+        }
+        if (p)
+            BN_free(p);
+        if (q)
+            BN_free(q);
+        if (g)
+            BN_free(g);
+        if (Y2)
+            BN_free(Y2);
+    }
 void keypair()
    {
    char buf[1024];
+    char lbuf[1024];
+    char *keyword, *value;
    int nmod=0;
    while(fgets(buf,sizeof buf,stdin) != NULL)
        {
-        if(!strncmp(buf,"[mod = ",7))
+        if (!parse_line(&keyword, &value, lbuf, buf))
-            nmod=atoi(buf+7);
+                {
-        else if(!strncmp(buf,"N = ",4))
+                fputs(buf,stdout);
+                continue;
+                }
+        if(!strcmp(keyword,"[mod"))
+            nmod=atoi(value);
+        else if(!strcmp(keyword,"N"))
            {
            DSA *dsa;
-            int n=atoi(buf+4);
+            int n=atoi(value);
            printf("[mod = %d]\n\n",nmod);
+            dsa = FIPS_dsa_new();
-            dsa=DSA_generate_parameters(nmod,NULL,0,NULL,NULL,NULL,NULL);
+            if (!DSA_generate_parameters_ex(dsa, nmod,NULL,0,NULL,NULL,NULL))
+                {
+                do_print_errors();
+                exit(1);
+                }
            pbn("P",dsa->p);
            pbn("Q",dsa->q);
            pbn("G",dsa->g);
@@ -164,7 +339,11 @@ void keypair()
            while(n--)
                {
-                DSA_generate_key(dsa);
+                if (!DSA_generate_key(dsa))
+                        {
+                        do_print_errors();
+                        exit(1);
+                        }
                pbn("X",dsa->priv_key);
                pbn("Y",dsa->pub_key);
@@ -177,68 +356,110 @@ void keypair()
 void siggen()
    {
    char buf[1024];
+    char lbuf[1024];
+    char *keyword, *value;
    int nmod=0;
    DSA *dsa=NULL;
    while(fgets(buf,sizeof buf,stdin) != NULL)
        {
-        if(!strncmp(buf,"[mod = ",7))
+        if (!parse_line(&keyword, &value, lbuf, buf))
+                {
+                fputs(buf,stdout);
+                continue;
+                }
+        if(!strcmp(keyword,"[mod"))
            {
-            nmod=atoi(buf+7);
+            nmod=atoi(value);
            printf("[mod = %d]\n\n",nmod);
+            if (dsa)
-            dsa=DSA_generate_parameters(nmod,NULL,0,NULL,NULL,NULL,NULL);
+                FIPS_dsa_free(dsa);
+            dsa = FIPS_dsa_new();
+            if (!DSA_generate_parameters_ex(dsa, nmod,NULL,0,NULL,NULL,NULL))
+                {
+                do_print_errors();
+                exit(1);
+                }
            pbn("P",dsa->p);
            pbn("Q",dsa->q);
            pbn("G",dsa->g);
            putc('\n',stdout);
            }
-        else if(!strncmp(buf,"Msg = ",6))
+        else if(!strcmp(keyword,"Msg"))
            {
            unsigned char msg[1024];
-            unsigned char hash[20];
+            unsigned char sbuf[60];
+            unsigned int slen;
            int n;
+            EVP_PKEY pk;
+            EVP_MD_CTX mctx;
            DSA_SIG *sig;
+            EVP_MD_CTX_init(&mctx);
-            n=hex2bin(buf+6,msg);
+            n=hex2bin(value,msg);
            pv("Msg",msg,n);
-            DSA_generate_key(dsa);
+            if (!DSA_generate_key(dsa))
+                {
+                do_print_errors();
+                exit(1);
+                }
+            pk.type = EVP_PKEY_DSA;
+            pk.pkey.dsa = dsa;
            pbn("Y",dsa->pub_key);
-            SHA1(msg,n,hash);
+            EVP_SignInit_ex(&mctx, EVP_dss1(), NULL);
-            sig=DSA_do_sign(hash,sizeof hash,dsa);
+            EVP_SignUpdate(&mctx, msg, n);
+            EVP_SignFinal(&mctx, sbuf, &slen, &pk);
+            sig = DSA_SIG_new();
+            FIPS_dsa_sig_decode(sig, sbuf, slen);
            pbn("R",sig->r);
            pbn("S",sig->s);
            putc('\n',stdout);
+            DSA_SIG_free(sig);
+            EVP_MD_CTX_cleanup(&mctx);
            }
        }
+        if (dsa)
+                FIPS_dsa_free(dsa);
    }
 void sigver()
    {
    DSA *dsa=NULL;
    char buf[1024];
-    int nmod=0;
+    char lbuf[1024];
-    unsigned char hash[20];
+    unsigned char msg[1024];
-    DSA_SIG *sig=DSA_SIG_new();
+    char *keyword, *value;
+    int nmod=0, n=0;
+    DSA_SIG sg, *sig = &sg;
+    sig->r = NULL;
+    sig->s = NULL;
    while(fgets(buf,sizeof buf,stdin) != NULL)
        {
-        if(!strncmp(buf,"[mod = ",7))
+        if (!parse_line(&keyword, &value, lbuf, buf))
+                {
+                fputs(buf,stdout);
+                continue;
+                }
+        if(!strcmp(keyword,"[mod"))
            {
-            nmod=atoi(buf+7);
+            nmod=atoi(value);
            if(dsa)
-                DSA_free(dsa);
+                FIPS_dsa_free(dsa);
-            dsa=DSA_new();
+            dsa=FIPS_dsa_new();
            }
-        else if(!strncmp(buf,"P = ",4))
+        else if(!strcmp(keyword,"P"))
-            dsa->p=hex2bn(buf+4);
+            dsa->p=hex2bn(value);
-        else if(!strncmp(buf,"Q = ",4))
+        else if(!strcmp(keyword,"Q"))
-            dsa->q=hex2bn(buf+4);
+            dsa->q=hex2bn(value);
-        else if(!strncmp(buf,"G = ",4))
+        else if(!strcmp(keyword,"G"))
            {
-            dsa->g=hex2bn(buf+4);
+            dsa->g=hex2bn(value);
            printf("[mod = %d]\n\n",nmod);
            pbn("P",dsa->p);
@@ -246,28 +467,38 @@ void sigver()
            pbn("G",dsa->g);
            putc('\n',stdout);
            }
-        else if(!strncmp(buf,"Msg = ",6))
+        else if(!strcmp(keyword,"Msg"))
            {
-            unsigned char msg[1024];
+            n=hex2bin(value,msg);
-            int n;
-            n=hex2bin(buf+6,msg);
            pv("Msg",msg,n);
-            SHA1(msg,n,hash);
            }
-        else if(!strncmp(buf,"Y = ",4))
+        else if(!strcmp(keyword,"Y"))
-            dsa->pub_key=hex2bn(buf+4);
+            dsa->pub_key=hex2bn(value);
-        else if(!strncmp(buf,"R = ",4))
+        else if(!strcmp(keyword,"R"))
-            sig->r=hex2bn(buf+4);
+            sig->r=hex2bn(value);
-        else if(!strncmp(buf,"S = ",4))
+        else if(!strcmp(keyword,"S"))
            {
-            sig->s=hex2bn(buf+4);
+            EVP_MD_CTX mctx;
+            EVP_PKEY pk;
+            unsigned char sigbuf[60];
+            unsigned int slen;
+            int r;
+            EVP_MD_CTX_init(&mctx);
+            pk.type = EVP_PKEY_DSA;
+            pk.pkey.dsa = dsa;
+            sig->s=hex2bn(value);
        
            pbn("Y",dsa->pub_key);
            pbn("R",sig->r);
            pbn("S",sig->s);
-            printf("Result = %c\n",DSA_do_verify(hash,sizeof hash,sig,dsa)
-                   ? 'P' : 'F');
+            slen = FIPS_dsa_sig_encode(sigbuf, sig);
+            EVP_VerifyInit_ex(&mctx, EVP_dss1(), NULL);
+            EVP_VerifyUpdate(&mctx, msg, n);
+            r = EVP_VerifyFinal(&mctx, sigbuf, slen, &pk);
+            EVP_MD_CTX_cleanup(&mctx);
+        
+            printf("Result = %c\n", r == 1 ? 'P' : 'F');
            putc('\n',stdout);
            }
        }
@@ -277,21 +508,24 @@ int main(int argc,char **argv)
    {
    if(argc != 2)
        {
-        fprintf(stderr,"%s [prime|pqg]\n",argv[0]);
+        fprintf(stderr,"%s [prime|pqg|pqgver|keypair|siggen|sigver]\n",argv[0]);
        exit(1);
        }
-    if(!FIPS_mode_set(1,argv[0]))
+    if(!FIPS_mode_set(1))
        {
-        ERR_load_crypto_strings();
+        do_print_errors();
-        ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE));
        exit(1);
        }
    if(!strcmp(argv[1],"prime"))
        primes();
    else if(!strcmp(argv[1],"pqg"))
        pqg();
+    else if(!strcmp(argv[1],"pqgver"))
+        pqgver();
    else if(!strcmp(argv[1],"keypair"))
        keypair();
+    else if(!strcmp(argv[1],"keyver"))
+        keyver();
    else if(!strcmp(argv[1],"siggen"))
        siggen();
    else if(!strcmp(argv[1],"sigver"))
@@ -304,3 +538,5 @@ int main(int argc,char **argv)
    return 0;
    }
+#endif

diff --git a/src/lib/libssl/src/fips/dsa/fips_dssvs.c b/src/lib/libssl/src/fips/dsa/fips_dssvs.c index 50a4d96986..aa74e8e636 100644 --- a/src/lib/libssl/src/fips/dsa/fips_dssvs.c +++ b/src/lib/libssl/src/fips/dsa/fips_dssvs.c
@@ -1,104 +1,64 @@
		1	#include <openssl/opensslconf.h>
		2
		3	#ifndef OPENSSL_FIPS
		4	#include <stdio.h>
		5
		6	int main(int argc, char **argv)
		7	{
		8	printf("No FIPS DSA support\n");
		9	return(0);
		10	}
		11	#else
		12
1	#include <openssl/bn.h>	13	#include <openssl/bn.h>
2	#include <openssl/dsa.h>	14	#include <openssl/dsa.h>
3	#include <openssl/fips.h>	15	#include <openssl/fips.h>
4	#include <openssl/err.h>	16	#include <openssl/err.h>
5	#include <openssl/sha.h>	17	#include <openssl/evp.h>
6	#include <string.h>	18	#include <string.h>
		19	#include <ctype.h>
7		20
8	int hex2bin(const char in, unsigned char out)	21	#include "fips_utl.h"
9	{
10	int n1, n2;
11	unsigned char ch;
12
13	for (n1=0,n2=0 ; in[n1] && in[n1] != '\n' ; )
14	{ /* first byte */
15	if ((in[n1] >= '0') && (in[n1] <= '9'))
16	ch = in[n1++] - '0';
17	else if ((in[n1] >= 'A') && (in[n1] <= 'F'))
18	ch = in[n1++] - 'A' + 10;
19	else if ((in[n1] >= 'a') && (in[n1] <= 'f'))
20	ch = in[n1++] - 'a' + 10;
21	else
22	return -1;
23	if(!in[n1])
24	{
25	out[n2++]=ch;
26	break;
27	}
28	out[n2] = ch << 4;
29	/* second byte */
30	if ((in[n1] >= '0') && (in[n1] <= '9'))
31	ch = in[n1++] - '0';
32	else if ((in[n1] >= 'A') && (in[n1] <= 'F'))
33	ch = in[n1++] - 'A' + 10;
34	else if ((in[n1] >= 'a') && (in[n1] <= 'f'))
35	ch = in[n1++] - 'a' + 10;
36	else
37	return -1;
38	out[n2++] \|= ch;
39	}
40	return n2;
41	}
42
43	BIGNUM hex2bn(const char in)
44	{
45	BIGNUM *p=BN_new();
46
47	BN_hex2bn(&p,in);
48		22
49	return p;	23	static void pbn(const char name, BIGNUM bn)
50	}
51
52	int bin2hex(const unsigned char in,int len,char out)
53	{
54	int n1, n2;
55	unsigned char ch;
56
57	for (n1=0,n2=0 ; n1 < len ; ++n1)
58	{	24	{
59	ch=in[n1] >> 4;	25	int len, i;
60	if (ch <= 0x09)	26	unsigned char *tmp;
61	out[n2++]=ch+'0';	27	len = BN_num_bytes(bn);
62	else	28	tmp = OPENSSL_malloc(len);
63	out[n2++]=ch-10+'a';	29	if (!tmp)
64	ch=in[n1] & 0x0f;	30	{
65	if(ch <= 0x09)	31	fprintf(stderr, "Memory allocation error\n");
66	out[n2++]=ch+'0';	32	return;
67	else	33	}
68	out[n2++]=ch-10+'a';	34	BN_bn2bin(bn, tmp);
		35	printf("%s = ", name);
		36	for (i = 0; i < len; i++)
		37	printf("%02X", tmp[i]);
		38	fputs("\n", stdout);
		39	OPENSSL_free(tmp);
		40	return;
69	}	41	}
70	out[n2]='\0';
71	return n2;
72	}
73
74	void pv(const char tag,const unsigned char val,int len)
75	{
76	char obuf[2048];
77
78	bin2hex(val,len,obuf);
79	printf("%s = %s\n",tag,obuf);
80	}
81
82	void pbn(const char tag,const BIGNUM val)
83	{
84	printf("%s = %s\n",tag,BN_bn2hex(val));
85	}
86		42
87	void primes()	43	void primes()
88	{	44	{
89	char buf[10240];	45	char buf[10240];
		46	char lbuf[10240];
		47	char keyword, value;
90		48
91	while(fgets(buf,sizeof buf,stdin) != NULL)	49	while(fgets(buf,sizeof buf,stdin) != NULL)
92	{	50	{
93	fputs(buf,stdout);	51	fputs(buf,stdout);
94	if(!strncmp(buf,"Prime= ",7))	52	if (!parse_line(&keyword, &value, lbuf, buf))
		53	continue;
		54	if(!strcmp(keyword,"Prime"))
95	{	55	{
96	BIGNUM *pp;	56	BIGNUM *pp;
97		57
98	pp=BN_new();	58	pp=BN_new();
99	BN_hex2bn(&pp,buf+7);	59	do_hex2bn(&pp,value);
100	printf("result= %c\n",	60	printf("result= %c\n",
101	BN_is_prime(pp,20,NULL,NULL,NULL) ? 'P' : 'F');	61	BN_is_prime_ex(pp,20,NULL,NULL) ? 'P' : 'F');
102	}	62	}
103	}	63	}
104	}	64	}
@@ -106,15 +66,22 @@ void primes()
106	void pqg()	66	void pqg()
107	{	67	{
108	char buf[1024];	68	char buf[1024];
		69	char lbuf[1024];
		70	char keyword, value;
109	int nmod=0;	71	int nmod=0;
110		72
111	while(fgets(buf,sizeof buf,stdin) != NULL)	73	while(fgets(buf,sizeof buf,stdin) != NULL)
112	{	74	{
113	if(!strncmp(buf,"[mod = ",7))	75	if (!parse_line(&keyword, &value, lbuf, buf))
114	nmod=atoi(buf+7);	76	{
115	else if(!strncmp(buf,"N = ",4))	77	fputs(buf,stdout);
		78	continue;
		79	}
		80	if(!strcmp(keyword,"[mod"))
		81	nmod=atoi(value);
		82	else if(!strcmp(keyword,"N"))
116	{	83	{
117	int n=atoi(buf+4);	84	int n=atoi(value);
118		85
119	printf("[mod = %d]\n\n",nmod);	86	printf("[mod = %d]\n\n",nmod);
120		87
@@ -124,11 +91,16 @@ void pqg()
124	DSA *dsa;	91	DSA *dsa;
125	int counter;	92	int counter;
126	unsigned long h;	93	unsigned long h;
127		94	dsa = FIPS_dsa_new();
128	dsa=DSA_generate_parameters(nmod,seed,0,&counter,&h,NULL,NULL);	95
129	printf("P = %s\n",BN_bn2hex(dsa->p));	96	if (!DSA_generate_parameters_ex(dsa, nmod,seed,0,&counter,&h,NULL))
130	printf("Q = %s\n",BN_bn2hex(dsa->q));	97	{
131	printf("G = %s\n",BN_bn2hex(dsa->g));	98	do_print_errors();
		99	exit(1);
		100	}
		101	pbn("P",dsa->p);
		102	pbn("Q",dsa->q);
		103	pbn("G",dsa->g);
132	pv("Seed",seed,20);	104	pv("Seed",seed,20);
133	printf("c = %d\n",counter);	105	printf("c = %d\n",counter);
134	printf("H = %lx\n",h);	106	printf("H = %lx\n",h);
@@ -140,23 +112,226 @@ void pqg()
140	}	112	}
141	}	113	}
142		114
		115	void pqgver()
		116	{
		117	char buf[1024];
		118	char lbuf[1024];
		119	char keyword, value;
		120	BIGNUM p = NULL, q = NULL, *g = NULL;
		121	int counter, counter2;
		122	unsigned long h, h2;
		123	DSA *dsa=NULL;
		124	int nmod=0;
		125	unsigned char seed[1024];
		126
		127	while(fgets(buf,sizeof buf,stdin) != NULL)
		128	{
		129	if (!parse_line(&keyword, &value, lbuf, buf))
		130	{
		131	fputs(buf,stdout);
		132	continue;
		133	}
		134	if(!strcmp(keyword,"[mod"))
		135	nmod=atoi(value);
		136	else if(!strcmp(keyword,"P"))
		137	p=hex2bn(value);
		138	else if(!strcmp(keyword,"Q"))
		139	q=hex2bn(value);
		140	else if(!strcmp(keyword,"G"))
		141	g=hex2bn(value);
		142	else if(!strcmp(keyword,"Seed"))
		143	{
		144	int slen = hex2bin(value, seed);
		145	if (slen != 20)
		146	{
		147	fprintf(stderr, "Seed parse length error\n");
		148	exit (1);
		149	}
		150	}
		151	else if(!strcmp(keyword,"c"))
		152	counter =atoi(buf+4);
		153	else if(!strcmp(keyword,"H"))
		154	{
		155	h = atoi(value);
		156	if (!p \|\| !q \|\| !g)
		157	{
		158	fprintf(stderr, "Parse Error\n");
		159	exit (1);
		160	}
		161	pbn("P",p);
		162	pbn("Q",q);
		163	pbn("G",g);
		164	pv("Seed",seed,20);
		165	printf("c = %d\n",counter);
		166	printf("H = %lx\n",h);
		167	dsa = FIPS_dsa_new();
		168	if (!DSA_generate_parameters_ex(dsa, nmod,seed,20 ,&counter2,&h2,NULL))
		169	{
		170	do_print_errors();
		171	exit(1);
		172	}
		173	if (BN_cmp(dsa->p, p) \|\| BN_cmp(dsa->q, q) \|\| BN_cmp(dsa->g, g)
		174	\|\| (counter != counter2) \|\| (h != h2))
		175	printf("Result = F\n");
		176	else
		177	printf("Result = T\n");
		178	BN_free(p);
		179	BN_free(q);
		180	BN_free(g);
		181	p = NULL;
		182	q = NULL;
		183	g = NULL;
		184	FIPS_dsa_free(dsa);
		185	dsa = NULL;
		186	}
		187	}
		188	}
		189
		190	/* Keypair verification routine. NB: this isn't part of the standard FIPS140-2
		191	* algorithm tests. It is an additional test to perform sanity checks on the
		192	* output of the KeyPair test.
		193	*/
		194
		195	static int dss_paramcheck(int nmod, BIGNUM p, BIGNUM q, BIGNUM *g,
		196	BN_CTX *ctx)
		197	{
		198	BIGNUM *rem = NULL;
		199	if (BN_num_bits(p) != nmod)
		200	return 0;
		201	if (BN_num_bits(q) != 160)
		202	return 0;
		203	if (BN_is_prime_ex(p, BN_prime_checks, ctx, NULL) != 1)
		204	return 0;
		205	if (BN_is_prime_ex(q, BN_prime_checks, ctx, NULL) != 1)
		206	return 0;
		207	rem = BN_new();
		208	if (!BN_mod(rem, p, q, ctx) \|\| !BN_is_one(rem)
		209	\|\| (BN_cmp(g, BN_value_one()) <= 0)
		210	\|\| !BN_mod_exp(rem, g, q, p, ctx) \|\| !BN_is_one(rem))
		211	{
		212	BN_free(rem);
		213	return 0;
		214	}
		215	/* Todo: check g */
		216	BN_free(rem);
		217	return 1;
		218	}
		219
		220	void keyver()
		221	{
		222	char buf[1024];
		223	char lbuf[1024];
		224	char keyword, value;
		225	BIGNUM p = NULL, q = NULL, g = NULL, X = NULL, *Y = NULL;
		226	BIGNUM *Y2;
		227	BN_CTX *ctx = NULL;
		228	int nmod=0, paramcheck = 0;
		229
		230	ctx = BN_CTX_new();
		231	Y2 = BN_new();
		232
		233	while(fgets(buf,sizeof buf,stdin) != NULL)
		234	{
		235	if (!parse_line(&keyword, &value, lbuf, buf))
		236	{
		237	fputs(buf,stdout);
		238	continue;
		239	}
		240	if(!strcmp(keyword,"[mod"))
		241	{
		242	if (p)
		243	BN_free(p);
		244	p = NULL;
		245	if (q)
		246	BN_free(q);
		247	q = NULL;
		248	if (g)
		249	BN_free(g);
		250	g = NULL;
		251	paramcheck = 0;
		252	nmod=atoi(value);
		253	}
		254	else if(!strcmp(keyword,"P"))
		255	p=hex2bn(value);
		256	else if(!strcmp(keyword,"Q"))
		257	q=hex2bn(value);
		258	else if(!strcmp(keyword,"G"))
		259	g=hex2bn(value);
		260	else if(!strcmp(keyword,"X"))
		261	X=hex2bn(value);
		262	else if(!strcmp(keyword,"Y"))
		263	{
		264	Y=hex2bn(value);
		265	if (!p \|\| !q \|\| !g \|\| !X \|\| !Y)
		266	{
		267	fprintf(stderr, "Parse Error\n");
		268	exit (1);
		269	}
		270	pbn("P",p);
		271	pbn("Q",q);
		272	pbn("G",g);
		273	pbn("X",X);
		274	pbn("Y",Y);
		275	if (!paramcheck)
		276	{
		277	if (dss_paramcheck(nmod, p, q, g, ctx))
		278	paramcheck = 1;
		279	else
		280	paramcheck = -1;
		281	}
		282	if (paramcheck != 1)
		283	printf("Result = F\n");
		284	else
		285	{
		286	if (!BN_mod_exp(Y2, g, X, p, ctx) \|\| BN_cmp(Y2, Y))
		287	printf("Result = F\n");
		288	else
		289	printf("Result = T\n");
		290	}
		291	BN_free(X);
		292	BN_free(Y);
		293	X = NULL;
		294	Y = NULL;
		295	}
		296	}
		297	if (p)
		298	BN_free(p);
		299	if (q)
		300	BN_free(q);
		301	if (g)
		302	BN_free(g);
		303	if (Y2)
		304	BN_free(Y2);
		305	}
		306
143	void keypair()	307	void keypair()
144	{	308	{
145	char buf[1024];	309	char buf[1024];
		310	char lbuf[1024];
		311	char keyword, value;
146	int nmod=0;	312	int nmod=0;
147		313
148	while(fgets(buf,sizeof buf,stdin) != NULL)	314	while(fgets(buf,sizeof buf,stdin) != NULL)
149	{	315	{
150	if(!strncmp(buf,"[mod = ",7))	316	if (!parse_line(&keyword, &value, lbuf, buf))
151	nmod=atoi(buf+7);	317	{
152	else if(!strncmp(buf,"N = ",4))	318	fputs(buf,stdout);
		319	continue;
		320	}
		321	if(!strcmp(keyword,"[mod"))
		322	nmod=atoi(value);
		323	else if(!strcmp(keyword,"N"))
153	{	324	{
154	DSA *dsa;	325	DSA *dsa;
155	int n=atoi(buf+4);	326	int n=atoi(value);
156		327
157	printf("[mod = %d]\n\n",nmod);	328	printf("[mod = %d]\n\n",nmod);
158		329	dsa = FIPS_dsa_new();
159	dsa=DSA_generate_parameters(nmod,NULL,0,NULL,NULL,NULL,NULL);	330	if (!DSA_generate_parameters_ex(dsa, nmod,NULL,0,NULL,NULL,NULL))
		331	{
		332	do_print_errors();
		333	exit(1);
		334	}
160	pbn("P",dsa->p);	335	pbn("P",dsa->p);
161	pbn("Q",dsa->q);	336	pbn("Q",dsa->q);
162	pbn("G",dsa->g);	337	pbn("G",dsa->g);
@@ -164,7 +339,11 @@ void keypair()
164		339
165	while(n--)	340	while(n--)
166	{	341	{
167	DSA_generate_key(dsa);	342	if (!DSA_generate_key(dsa))
		343	{
		344	do_print_errors();
		345	exit(1);
		346	}
168		347
169	pbn("X",dsa->priv_key);	348	pbn("X",dsa->priv_key);
170	pbn("Y",dsa->pub_key);	349	pbn("Y",dsa->pub_key);
@@ -177,68 +356,110 @@ void keypair()
177	void siggen()	356	void siggen()
178	{	357	{
179	char buf[1024];	358	char buf[1024];
		359	char lbuf[1024];
		360	char keyword, value;
180	int nmod=0;	361	int nmod=0;
181	DSA *dsa=NULL;	362	DSA *dsa=NULL;
182		363
183	while(fgets(buf,sizeof buf,stdin) != NULL)	364	while(fgets(buf,sizeof buf,stdin) != NULL)
184	{	365	{
185	if(!strncmp(buf,"[mod = ",7))	366	if (!parse_line(&keyword, &value, lbuf, buf))
		367	{
		368	fputs(buf,stdout);
		369	continue;
		370	}
		371	if(!strcmp(keyword,"[mod"))
186	{	372	{
187	nmod=atoi(buf+7);	373	nmod=atoi(value);
188	printf("[mod = %d]\n\n",nmod);	374	printf("[mod = %d]\n\n",nmod);
189		375	if (dsa)
190	dsa=DSA_generate_parameters(nmod,NULL,0,NULL,NULL,NULL,NULL);	376	FIPS_dsa_free(dsa);
		377	dsa = FIPS_dsa_new();
		378	if (!DSA_generate_parameters_ex(dsa, nmod,NULL,0,NULL,NULL,NULL))
		379	{
		380	do_print_errors();
		381	exit(1);
		382	}
191	pbn("P",dsa->p);	383	pbn("P",dsa->p);
192	pbn("Q",dsa->q);	384	pbn("Q",dsa->q);
193	pbn("G",dsa->g);	385	pbn("G",dsa->g);
194	putc('\n',stdout);	386	putc('\n',stdout);
195	}	387	}
196	else if(!strncmp(buf,"Msg = ",6))	388	else if(!strcmp(keyword,"Msg"))
197	{	389	{
198	unsigned char msg[1024];	390	unsigned char msg[1024];
199	unsigned char hash[20];	391	unsigned char sbuf[60];
		392	unsigned int slen;
200	int n;	393	int n;
		394	EVP_PKEY pk;
		395	EVP_MD_CTX mctx;
201	DSA_SIG *sig;	396	DSA_SIG *sig;
		397	EVP_MD_CTX_init(&mctx);
202		398
203	n=hex2bin(buf+6,msg);	399	n=hex2bin(value,msg);
204	pv("Msg",msg,n);	400	pv("Msg",msg,n);
205		401
206	DSA_generate_key(dsa);	402	if (!DSA_generate_key(dsa))
		403	{
		404	do_print_errors();
		405	exit(1);
		406	}
		407	pk.type = EVP_PKEY_DSA;
		408	pk.pkey.dsa = dsa;
207	pbn("Y",dsa->pub_key);	409	pbn("Y",dsa->pub_key);
208		410
209	SHA1(msg,n,hash);	411	EVP_SignInit_ex(&mctx, EVP_dss1(), NULL);
210	sig=DSA_do_sign(hash,sizeof hash,dsa);	412	EVP_SignUpdate(&mctx, msg, n);
		413	EVP_SignFinal(&mctx, sbuf, &slen, &pk);
		414
		415	sig = DSA_SIG_new();
		416	FIPS_dsa_sig_decode(sig, sbuf, slen);
		417
211	pbn("R",sig->r);	418	pbn("R",sig->r);
212	pbn("S",sig->s);	419	pbn("S",sig->s);
213	putc('\n',stdout);	420	putc('\n',stdout);
		421	DSA_SIG_free(sig);
		422	EVP_MD_CTX_cleanup(&mctx);
214	}	423	}
215	}	424	}
		425	if (dsa)
		426	FIPS_dsa_free(dsa);
216	}	427	}
217		428
218	void sigver()	429	void sigver()
219	{	430	{
220	DSA *dsa=NULL;	431	DSA *dsa=NULL;
221	char buf[1024];	432	char buf[1024];
222	int nmod=0;	433	char lbuf[1024];
223	unsigned char hash[20];	434	unsigned char msg[1024];
224	DSA_SIG *sig=DSA_SIG_new();	435	char keyword, value;
		436	int nmod=0, n=0;
		437	DSA_SIG sg, *sig = &sg;
		438
		439	sig->r = NULL;
		440	sig->s = NULL;
225		441
226	while(fgets(buf,sizeof buf,stdin) != NULL)	442	while(fgets(buf,sizeof buf,stdin) != NULL)
227	{	443	{
228	if(!strncmp(buf,"[mod = ",7))	444	if (!parse_line(&keyword, &value, lbuf, buf))
		445	{
		446	fputs(buf,stdout);
		447	continue;
		448	}
		449	if(!strcmp(keyword,"[mod"))
229	{	450	{
230	nmod=atoi(buf+7);	451	nmod=atoi(value);
231	if(dsa)	452	if(dsa)
232	DSA_free(dsa);	453	FIPS_dsa_free(dsa);
233	dsa=DSA_new();	454	dsa=FIPS_dsa_new();
234	}	455	}
235	else if(!strncmp(buf,"P = ",4))	456	else if(!strcmp(keyword,"P"))
236	dsa->p=hex2bn(buf+4);	457	dsa->p=hex2bn(value);
237	else if(!strncmp(buf,"Q = ",4))	458	else if(!strcmp(keyword,"Q"))
238	dsa->q=hex2bn(buf+4);	459	dsa->q=hex2bn(value);
239	else if(!strncmp(buf,"G = ",4))	460	else if(!strcmp(keyword,"G"))
240	{	461	{
241	dsa->g=hex2bn(buf+4);	462	dsa->g=hex2bn(value);
242		463
243	printf("[mod = %d]\n\n",nmod);	464	printf("[mod = %d]\n\n",nmod);
244	pbn("P",dsa->p);	465	pbn("P",dsa->p);
@@ -246,28 +467,38 @@ void sigver()
246	pbn("G",dsa->g);	467	pbn("G",dsa->g);
247	putc('\n',stdout);	468	putc('\n',stdout);
248	}	469	}
249	else if(!strncmp(buf,"Msg = ",6))	470	else if(!strcmp(keyword,"Msg"))
250	{	471	{
251	unsigned char msg[1024];	472	n=hex2bin(value,msg);
252	int n;
253
254	n=hex2bin(buf+6,msg);
255	pv("Msg",msg,n);	473	pv("Msg",msg,n);
256	SHA1(msg,n,hash);
257	}	474	}
258	else if(!strncmp(buf,"Y = ",4))	475	else if(!strcmp(keyword,"Y"))
259	dsa->pub_key=hex2bn(buf+4);	476	dsa->pub_key=hex2bn(value);
260	else if(!strncmp(buf,"R = ",4))	477	else if(!strcmp(keyword,"R"))
261	sig->r=hex2bn(buf+4);	478	sig->r=hex2bn(value);
262	else if(!strncmp(buf,"S = ",4))	479	else if(!strcmp(keyword,"S"))
263	{	480	{
264	sig->s=hex2bn(buf+4);	481	EVP_MD_CTX mctx;
		482	EVP_PKEY pk;
		483	unsigned char sigbuf[60];
		484	unsigned int slen;
		485	int r;
		486	EVP_MD_CTX_init(&mctx);
		487	pk.type = EVP_PKEY_DSA;
		488	pk.pkey.dsa = dsa;
		489	sig->s=hex2bn(value);
265		490
266	pbn("Y",dsa->pub_key);	491	pbn("Y",dsa->pub_key);
267	pbn("R",sig->r);	492	pbn("R",sig->r);
268	pbn("S",sig->s);	493	pbn("S",sig->s);
269	printf("Result = %c\n",DSA_do_verify(hash,sizeof hash,sig,dsa)	494
270	? 'P' : 'F');	495	slen = FIPS_dsa_sig_encode(sigbuf, sig);
		496	EVP_VerifyInit_ex(&mctx, EVP_dss1(), NULL);
		497	EVP_VerifyUpdate(&mctx, msg, n);
		498	r = EVP_VerifyFinal(&mctx, sigbuf, slen, &pk);
		499	EVP_MD_CTX_cleanup(&mctx);
		500
		501	printf("Result = %c\n", r == 1 ? 'P' : 'F');
271	putc('\n',stdout);	502	putc('\n',stdout);
272	}	503	}
273	}	504	}
@@ -277,21 +508,24 @@ int main(int argc,char **argv)
277	{	508	{
278	if(argc != 2)	509	if(argc != 2)
279	{	510	{
280	fprintf(stderr,"%s [prime\|pqg]\n",argv[0]);	511	fprintf(stderr,"%s [prime\|pqg\|pqgver\|keypair\|siggen\|sigver]\n",argv[0]);
281	exit(1);	512	exit(1);
282	}	513	}
283	if(!FIPS_mode_set(1,argv[0]))	514	if(!FIPS_mode_set(1))
284	{	515	{
285	ERR_load_crypto_strings();	516	do_print_errors();
286	ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE));
287	exit(1);	517	exit(1);
288	}	518	}
289	if(!strcmp(argv[1],"prime"))	519	if(!strcmp(argv[1],"prime"))
290	primes();	520	primes();
291	else if(!strcmp(argv[1],"pqg"))	521	else if(!strcmp(argv[1],"pqg"))
292	pqg();	522	pqg();
		523	else if(!strcmp(argv[1],"pqgver"))
		524	pqgver();
293	else if(!strcmp(argv[1],"keypair"))	525	else if(!strcmp(argv[1],"keypair"))
294	keypair();	526	keypair();
		527	else if(!strcmp(argv[1],"keyver"))
		528	keyver();
295	else if(!strcmp(argv[1],"siggen"))	529	else if(!strcmp(argv[1],"siggen"))
296	siggen();	530	siggen();
297	else if(!strcmp(argv[1],"sigver"))	531	else if(!strcmp(argv[1],"sigver"))
@@ -304,3 +538,5 @@ int main(int argc,char **argv)
304		538
305	return 0;	539	return 0;
306	}	540	}
		541
		542	#endif