From f99818624a550de2de83858db24e9e9ddb1c552b Mon Sep 17 00:00:00 2001 From: cvs2svn Date: Tue, 27 Jun 2006 05:05:41 +0000 Subject: This commit was manufactured by cvs2git to create tag 'openssl_0_9_7j'. --- src/lib/libssl/src/crypto/bn/bn_x931p.c | 282 ++++++ src/lib/libssl/src/crypto/rc4/asm/rc4-x86_64.pl | 150 +++ src/lib/libssl/src/crypto/rsa/rsa_pss.c | 261 +++++ src/lib/libssl/src/crypto/rsa/rsa_x931.c | 177 ++++ src/lib/libssl/src/fips/Makefile | 199 ---- src/lib/libssl/src/fips/aes/Makefile | 131 --- src/lib/libssl/src/fips/aes/fips_aes_selftest.c | 112 -- src/lib/libssl/src/fips/aes/fips_aesavs.c | 1005 ------------------ src/lib/libssl/src/fips/des/Makefile | 155 --- src/lib/libssl/src/fips/des/fips_des_selftest.c | 200 ---- src/lib/libssl/src/fips/des/fips_desmovs.c | 833 --------------- src/lib/libssl/src/fips/dh/Makefile | 109 -- src/lib/libssl/src/fips/dh/fips_dh_check.c | 125 --- src/lib/libssl/src/fips/dh/fips_dh_gen.c | 186 ---- src/lib/libssl/src/fips/dh/fips_dh_key.c | 230 ----- src/lib/libssl/src/fips/dsa/Makefile | 158 --- src/lib/libssl/src/fips/dsa/fips_dsa_gen.c | 374 ------- src/lib/libssl/src/fips/dsa/fips_dsa_ossl.c | 387 ------- src/lib/libssl/src/fips/dsa/fips_dsa_selftest.c | 168 --- src/lib/libssl/src/fips/dsa/fips_dsatest.c | 257 ----- src/lib/libssl/src/fips/dsa/fips_dssvs.c | 306 ------ src/lib/libssl/src/fips/fips-lib.com | 1180 ---------------------- src/lib/libssl/src/fips/fips.c | 260 ----- src/lib/libssl/src/fips/fips.h | 125 --- src/lib/libssl/src/fips/fips_locl.h | 67 -- src/lib/libssl/src/fips/fips_test_suite.c | 341 ------- src/lib/libssl/src/fips/install.com | 55 - src/lib/libssl/src/fips/openssl_fips_fingerprint | 30 - src/lib/libssl/src/fips/rand/Makefile | 104 -- src/lib/libssl/src/fips/rand/fips_rand.c | 355 ------- src/lib/libssl/src/fips/rand/fips_rand.h | 73 -- src/lib/libssl/src/fips/rand/fips_randtest.c | 369 ------- src/lib/libssl/src/fips/rsa/Makefile | 111 -- src/lib/libssl/src/fips/rsa/fips_rsa_eay.c | 735 -------------- src/lib/libssl/src/fips/rsa/fips_rsa_gen.c | 249 ----- src/lib/libssl/src/fips/rsa/fips_rsa_selftest.c | 251 ----- 36 files changed, 870 insertions(+), 9240 deletions(-) create mode 100644 src/lib/libssl/src/crypto/bn/bn_x931p.c create mode 100755 src/lib/libssl/src/crypto/rc4/asm/rc4-x86_64.pl create mode 100644 src/lib/libssl/src/crypto/rsa/rsa_pss.c create mode 100644 src/lib/libssl/src/crypto/rsa/rsa_x931.c delete mode 100644 src/lib/libssl/src/fips/Makefile delete mode 100644 src/lib/libssl/src/fips/aes/Makefile delete mode 100644 src/lib/libssl/src/fips/aes/fips_aes_selftest.c delete mode 100644 src/lib/libssl/src/fips/aes/fips_aesavs.c delete mode 100644 src/lib/libssl/src/fips/des/Makefile delete mode 100644 src/lib/libssl/src/fips/des/fips_des_selftest.c delete mode 100644 src/lib/libssl/src/fips/des/fips_desmovs.c delete mode 100644 src/lib/libssl/src/fips/dh/Makefile delete mode 100644 src/lib/libssl/src/fips/dh/fips_dh_check.c delete mode 100644 src/lib/libssl/src/fips/dh/fips_dh_gen.c delete mode 100644 src/lib/libssl/src/fips/dh/fips_dh_key.c delete mode 100644 src/lib/libssl/src/fips/dsa/Makefile delete mode 100644 src/lib/libssl/src/fips/dsa/fips_dsa_gen.c delete mode 100644 src/lib/libssl/src/fips/dsa/fips_dsa_ossl.c delete mode 100644 src/lib/libssl/src/fips/dsa/fips_dsa_selftest.c delete mode 100644 src/lib/libssl/src/fips/dsa/fips_dsatest.c delete mode 100644 src/lib/libssl/src/fips/dsa/fips_dssvs.c delete mode 100644 src/lib/libssl/src/fips/fips-lib.com delete mode 100644 src/lib/libssl/src/fips/fips.c delete mode 100644 src/lib/libssl/src/fips/fips.h delete mode 100644 src/lib/libssl/src/fips/fips_locl.h delete mode 100644 src/lib/libssl/src/fips/fips_test_suite.c delete mode 100644 src/lib/libssl/src/fips/install.com delete mode 100755 src/lib/libssl/src/fips/openssl_fips_fingerprint delete mode 100644 src/lib/libssl/src/fips/rand/Makefile delete mode 100644 src/lib/libssl/src/fips/rand/fips_rand.c delete mode 100644 src/lib/libssl/src/fips/rand/fips_rand.h delete mode 100644 src/lib/libssl/src/fips/rand/fips_randtest.c delete mode 100644 src/lib/libssl/src/fips/rsa/Makefile delete mode 100644 src/lib/libssl/src/fips/rsa/fips_rsa_eay.c delete mode 100644 src/lib/libssl/src/fips/rsa/fips_rsa_gen.c delete mode 100644 src/lib/libssl/src/fips/rsa/fips_rsa_selftest.c (limited to 'src') diff --git a/src/lib/libssl/src/crypto/bn/bn_x931p.c b/src/lib/libssl/src/crypto/bn/bn_x931p.c new file mode 100644 index 0000000000..c64410dd3a --- /dev/null +++ b/src/lib/libssl/src/crypto/bn/bn_x931p.c @@ -0,0 +1,282 @@ +/* bn_x931p.c */ +/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL + * project 2005. + */ +/* ==================================================================== + * Copyright (c) 2005 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +#include +#include + +#ifdef OPENSSL_FIPS + +/* X9.31 routines for prime derivation */ + + +/* X9.31 prime derivation. This is used to generate the primes pi + * (p1, p2, q1, q2) from a parameter Xpi by checking successive odd + * integers. + */ + +static int bn_x931_derive_pi(BIGNUM *pi, const BIGNUM *Xpi, BN_CTX *ctx, + void (*cb)(int, int, void *), void *cb_arg) + { + int i = 0; + if (!BN_copy(pi, Xpi)) + return 0; + if (!BN_is_odd(pi) && !BN_add_word(pi, 1)) + return 0; + for(;;) + { + i++; + if (cb) + cb(0, i, cb_arg); + /* NB 27 MR is specificed in X9.31 */ + if (BN_is_prime_fasttest(pi, 27, cb, ctx, cb_arg, 1)) + break; + if (!BN_add_word(pi, 2)) + return 0; + } + if (cb) + cb(2, i, cb_arg); + return 1; + } + +/* This is the main X9.31 prime derivation function. From parameters + * Xp1, Xp2 and Xp derive the prime p. If the parameters p1 or p2 are + * not NULL they will be returned too: this is needed for testing. + */ + +int BN_X931_derive_prime(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, + void (*cb)(int, int, void *), void *cb_arg, + const BIGNUM *Xp, const BIGNUM *Xp1, const BIGNUM *Xp2, + const BIGNUM *e, BN_CTX *ctx) + { + int ret = 0; + + BIGNUM *t, *p1p2, *pm1; + + /* Only even e supported */ + if (!BN_is_odd(e)) + return 0; + + BN_CTX_start(ctx); + if (!p1) + p1 = BN_CTX_get(ctx); + + if (!p2) + p2 = BN_CTX_get(ctx); + + t = BN_CTX_get(ctx); + + p1p2 = BN_CTX_get(ctx); + + pm1 = BN_CTX_get(ctx); + + if (!bn_x931_derive_pi(p1, Xp1, ctx, cb, cb_arg)) + goto err; + + if (!bn_x931_derive_pi(p2, Xp2, ctx, cb, cb_arg)) + goto err; + + if (!BN_mul(p1p2, p1, p2, ctx)) + goto err; + + /* First set p to value of Rp */ + + if (!BN_mod_inverse(p, p2, p1, ctx)) + goto err; + + if (!BN_mul(p, p, p2, ctx)) + goto err; + + if (!BN_mod_inverse(t, p1, p2, ctx)) + goto err; + + if (!BN_mul(t, t, p1, ctx)) + goto err; + + if (!BN_sub(p, p, t)) + goto err; + + if (p->neg && !BN_add(p, p, p1p2)) + goto err; + + /* p now equals Rp */ + + if (!BN_mod_sub(p, p, Xp, p1p2, ctx)) + goto err; + + if (!BN_add(p, p, Xp)) + goto err; + + /* p now equals Yp0 */ + + for (;;) + { + int i = 1; + if (cb) + cb(0, i++, cb_arg); + if (!BN_copy(pm1, p)) + goto err; + if (!BN_sub_word(pm1, 1)) + goto err; + if (!BN_gcd(t, pm1, e, ctx)) + goto err; + if (BN_is_one(t) + /* X9.31 specifies 8 MR and 1 Lucas test or any prime test + * offering similar or better guarantees 50 MR is considerably + * better. + */ + && BN_is_prime_fasttest(p, 50, cb, ctx, cb_arg, 1)) + break; + if (!BN_add(p, p, p1p2)) + goto err; + } + + if (cb) + cb(3, 0, cb_arg); + + ret = 1; + + err: + + BN_CTX_end(ctx); + + return ret; + } + +/* Generate pair of paramters Xp, Xq for X9.31 prime generation. + * Note: nbits paramter is sum of number of bits in both. + */ + +int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx) + { + BIGNUM *t; + int i; + /* Number of bits for each prime is of the form + * 512+128s for s = 0, 1, ... + */ + if ((nbits < 1024) || (nbits & 0xff)) + return 0; + nbits >>= 1; + /* The random value Xp must be between sqrt(2) * 2^(nbits-1) and + * 2^nbits - 1. By setting the top two bits we ensure that the lower + * bound is exceeded. + */ + if (!BN_rand(Xp, nbits, 1, 0)) + return 0; + + BN_CTX_start(ctx); + t = BN_CTX_get(ctx); + + for (i = 0; i < 1000; i++) + { + if (!BN_rand(Xq, nbits, 1, 0)) + return 0; + /* Check that |Xp - Xq| > 2^(nbits - 100) */ + BN_sub(t, Xp, Xq); + if (BN_num_bits(t) > (nbits - 100)) + break; + } + + BN_CTX_end(ctx); + + if (i < 1000) + return 1; + + return 0; + + } + +/* Generate primes using X9.31 algorithm. Of the values p, p1, p2, Xp1 + * and Xp2 only 'p' needs to be non-NULL. If any of the others are not NULL + * the relevant parameter will be stored in it. + * + * Due to the fact that |Xp - Xq| > 2^(nbits - 100) must be satisfied Xp and Xq + * are generated using the previous function and supplied as input. + */ + +int BN_X931_generate_prime(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, + BIGNUM *Xp1, BIGNUM *Xp2, + const BIGNUM *Xp, + const BIGNUM *e, BN_CTX *ctx, + void (*cb)(int, int, void *), void *cb_arg) + { + int ret = 0; + + BN_CTX_start(ctx); + if (!Xp1) + Xp1 = BN_CTX_get(ctx); + if (!Xp2) + Xp2 = BN_CTX_get(ctx); + + if (!BN_rand(Xp1, 101, 0, 0)) + goto error; + if (!BN_rand(Xp2, 101, 0, 0)) + goto error; + if (!BN_X931_derive_prime(p, p1, p2, cb, cb_arg, + Xp, Xp1, Xp2, e, ctx)) + goto error; + + ret = 1; + + error: + BN_CTX_end(ctx); + + return ret; + + } + +#endif diff --git a/src/lib/libssl/src/crypto/rc4/asm/rc4-x86_64.pl b/src/lib/libssl/src/crypto/rc4/asm/rc4-x86_64.pl new file mode 100755 index 0000000000..b628daca70 --- /dev/null +++ b/src/lib/libssl/src/crypto/rc4/asm/rc4-x86_64.pl @@ -0,0 +1,150 @@ +#!/usr/bin/env perl +# +# ==================================================================== +# Written by Andy Polyakov for the OpenSSL +# project. Rights for redistribution and usage in source and binary +# forms are granted according to the OpenSSL license. +# ==================================================================== +# +# Unlike 0.9.7f this code expects RC4_CHAR back in config line! See +# commentary section in corresponding script in development branch +# for background information about this option carousel. For those +# who don't have energy to figure out these gory details, here is +# basis in form of performance matrix relative to the original +# 0.9.7e C code-base: +# +# 0.9.7e 0.9.7f this +# AMD64 1x 3.3x 2.4x +# EM64T 1x 0.8x 1.5x +# +# In other words idea is to trade -25% AMD64 performance to compensate +# for deterioration and gain +90% on EM64T core. Development branch +# maintains best performance for either target, i.e. 3.3x for AMD64 +# and 1.5x for EM64T. + +$output=shift; + +open STDOUT,">$output" || die "can't open $output: $!"; + +$dat="%rdi"; # arg1 +$len="%rsi"; # arg2 +$inp="%rdx"; # arg3 +$out="%rcx"; # arg4 + +@XX=("%r8","%r10"); +@TX=("%r9","%r11"); +$YY="%r12"; +$TY="%r13"; + +$code=<<___;; +.text + +.globl RC4 +.type RC4,\@function +.align 16 +RC4: or $len,$len + jne .Lentry + repret +.Lentry: + push %r12 + push %r13 + + add \$2,$dat + movzb -2($dat),$XX[0]#d + movzb -1($dat),$YY#d + + add \$1,$XX[0]#b + movzb ($dat,$XX[0]),$TX[0]#d + test \$-8,$len + jz .Lcloop1 + push %rbx +.align 16 # incidentally aligned already +.Lcloop8: + mov ($inp),%eax + mov 4($inp),%ebx +___ +# unroll 2x4-wise, because 64-bit rotates kill Intel P4... +for ($i=0;$i<4;$i++) { +$code.=<<___; + add $TX[0]#b,$YY#b + lea 1($XX[0]),$XX[1] + movzb ($dat,$YY),$TY#d + movzb $XX[1]#b,$XX[1]#d + movzb ($dat,$XX[1]),$TX[1]#d + movb $TX[0]#b,($dat,$YY) + cmp $XX[1],$YY + movb $TY#b,($dat,$XX[0]) + jne .Lcmov$i # Intel cmov is sloooow... + mov $TX[0],$TX[1] +.Lcmov$i: + add $TX[0]#b,$TY#b + xor ($dat,$TY),%al + ror \$8,%eax +___ +push(@TX,shift(@TX)); push(@XX,shift(@XX)); # "rotate" registers +} +for ($i=4;$i<8;$i++) { +$code.=<<___; + add $TX[0]#b,$YY#b + lea 1($XX[0]),$XX[1] + movzb ($dat,$YY),$TY#d + movzb $XX[1]#b,$XX[1]#d + movzb ($dat,$XX[1]),$TX[1]#d + movb $TX[0]#b,($dat,$YY) + cmp $XX[1],$YY + movb $TY#b,($dat,$XX[0]) + jne .Lcmov$i # Intel cmov is sloooow... + mov $TX[0],$TX[1] +.Lcmov$i: + add $TX[0]#b,$TY#b + xor ($dat,$TY),%bl + ror \$8,%ebx +___ +push(@TX,shift(@TX)); push(@XX,shift(@XX)); # "rotate" registers +} +$code.=<<___; + lea -8($len),$len + mov %eax,($out) + lea 8($inp),$inp + mov %ebx,4($out) + lea 8($out),$out + + test \$-8,$len + jnz .Lcloop8 + pop %rbx + cmp \$0,$len + jne .Lcloop1 +.Lexit: + sub \$1,$XX[0]#b + movb $XX[0]#b,-2($dat) + movb $YY#b,-1($dat) + + pop %r13 + pop %r12 + repret + +.align 16 +.Lcloop1: + add $TX[0]#b,$YY#b + movzb ($dat,$YY),$TY#d + movb $TX[0]#b,($dat,$YY) + movb $TY#b,($dat,$XX[0]) + add $TX[0]#b,$TY#b + add \$1,$XX[0]#b + movzb ($dat,$TY),$TY#d + movzb ($dat,$XX[0]),$TX[0]#d + xorb ($inp),$TY#b + lea 1($inp),$inp + movb $TY#b,($out) + lea 1($out),$out + sub \$1,$len + jnz .Lcloop1 + jmp .Lexit +.size RC4,.-RC4 +___ + +$code =~ s/#([bwd])/$1/gm; + +$code =~ s/repret/.byte\t0xF3,0xC3/gm; + +print $code; diff --git a/src/lib/libssl/src/crypto/rsa/rsa_pss.c b/src/lib/libssl/src/crypto/rsa/rsa_pss.c new file mode 100644 index 0000000000..2815628f5f --- /dev/null +++ b/src/lib/libssl/src/crypto/rsa/rsa_pss.c @@ -0,0 +1,261 @@ +/* rsa_pss.c */ +/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL + * project 2005. + */ +/* ==================================================================== + * Copyright (c) 2005 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +#include +#include "cryptlib.h" +#include +#include +#include +#include +#include + +const static unsigned char zeroes[] = {0,0,0,0,0,0,0,0}; + +int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash, + const EVP_MD *Hash, const unsigned char *EM, int sLen) + { + int i; + int ret = 0; + int hLen, maskedDBLen, MSBits, emLen; + const unsigned char *H; + unsigned char *DB = NULL; + EVP_MD_CTX ctx; + unsigned char H_[EVP_MAX_MD_SIZE]; + + hLen = EVP_MD_size(Hash); + /* + * Negative sLen has special meanings: + * -1 sLen == hLen + * -2 salt length is autorecovered from signature + * -N reserved + */ + if (sLen == -1) sLen = hLen; + else if (sLen == -2) sLen = -2; + else if (sLen < -2) + { + RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_SLEN_CHECK_FAILED); + goto err; + } + + MSBits = (BN_num_bits(rsa->n) - 1) & 0x7; + emLen = RSA_size(rsa); + if (EM[0] & (0xFF << MSBits)) + { + RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_FIRST_OCTET_INVALID); + goto err; + } + if (MSBits == 0) + { + EM++; + emLen--; + } + if (emLen < (hLen + sLen + 2)) /* sLen can be small negative */ + { + RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_DATA_TOO_LARGE); + goto err; + } + if (EM[emLen - 1] != 0xbc) + { + RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_LAST_OCTET_INVALID); + goto err; + } + maskedDBLen = emLen - hLen - 1; + H = EM + maskedDBLen; + DB = OPENSSL_malloc(maskedDBLen); + if (!DB) + { + RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, ERR_R_MALLOC_FAILURE); + goto err; + } + PKCS1_MGF1(DB, maskedDBLen, H, hLen, Hash); + for (i = 0; i < maskedDBLen; i++) + DB[i] ^= EM[i]; + if (MSBits) + DB[0] &= 0xFF >> (8 - MSBits); + for (i = 0; DB[i] == 0 && i < (maskedDBLen-1); i++) ; + if (DB[i++] != 0x1) + { + RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_SLEN_RECOVERY_FAILED); + goto err; + } + if (sLen >= 0 && (maskedDBLen - i) != sLen) + { + RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_SLEN_CHECK_FAILED); + goto err; + } + EVP_MD_CTX_init(&ctx); + EVP_DigestInit_ex(&ctx, Hash, NULL); + EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes); + EVP_DigestUpdate(&ctx, mHash, hLen); + if (maskedDBLen - i) + EVP_DigestUpdate(&ctx, DB + i, maskedDBLen - i); + EVP_DigestFinal(&ctx, H_, NULL); + EVP_MD_CTX_cleanup(&ctx); + if (memcmp(H_, H, hLen)) + { + RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_BAD_SIGNATURE); + ret = 0; + } + else + ret = 1; + + err: + if (DB) + OPENSSL_free(DB); + + return ret; + + } + +int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM, + const unsigned char *mHash, + const EVP_MD *Hash, int sLen) + { + int i; + int ret = 0; + int hLen, maskedDBLen, MSBits, emLen; + unsigned char *H, *salt = NULL, *p; + EVP_MD_CTX ctx; + + hLen = EVP_MD_size(Hash); + /* + * Negative sLen has special meanings: + * -1 sLen == hLen + * -2 salt length is maximized + * -N reserved + */ + if (sLen == -1) sLen = hLen; + else if (sLen == -2) sLen = -2; + else if (sLen < -2) + { + RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS, RSA_R_SLEN_CHECK_FAILED); + goto err; + } + + MSBits = (BN_num_bits(rsa->n) - 1) & 0x7; + emLen = RSA_size(rsa); + if (MSBits == 0) + { + *EM++ = 0; + emLen--; + } + if (sLen == -2) + { + sLen = emLen - hLen - 2; + } + else if (emLen < (hLen + sLen + 2)) + { + RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS, + RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); + goto err; + } + if (sLen > 0) + { + salt = OPENSSL_malloc(sLen); + if (!salt) + { + RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS, + ERR_R_MALLOC_FAILURE); + goto err; + } + if (!RAND_bytes(salt, sLen)) + goto err; + } + maskedDBLen = emLen - hLen - 1; + H = EM + maskedDBLen; + EVP_MD_CTX_init(&ctx); + EVP_DigestInit_ex(&ctx, Hash, NULL); + EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes); + EVP_DigestUpdate(&ctx, mHash, hLen); + if (sLen) + EVP_DigestUpdate(&ctx, salt, sLen); + EVP_DigestFinal(&ctx, H, NULL); + EVP_MD_CTX_cleanup(&ctx); + + /* Generate dbMask in place then perform XOR on it */ + PKCS1_MGF1(EM, maskedDBLen, H, hLen, Hash); + + p = EM; + + /* Initial PS XORs with all zeroes which is a NOP so just update + * pointer. Note from a test above this value is guaranteed to + * be non-negative. + */ + p += emLen - sLen - hLen - 2; + *p++ ^= 0x1; + if (sLen > 0) + { + for (i = 0; i < sLen; i++) + *p++ ^= salt[i]; + } + if (MSBits) + EM[0] &= 0xFF >> (8 - MSBits); + + /* H is already in place so just set final 0xbc */ + + EM[emLen - 1] = 0xbc; + + ret = 1; + + err: + if (salt) + OPENSSL_free(salt); + + return ret; + + } diff --git a/src/lib/libssl/src/crypto/rsa/rsa_x931.c b/src/lib/libssl/src/crypto/rsa/rsa_x931.c new file mode 100644 index 0000000000..df3c45f802 --- /dev/null +++ b/src/lib/libssl/src/crypto/rsa/rsa_x931.c @@ -0,0 +1,177 @@ +/* rsa_x931.c */ +/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL + * project 2005. + */ +/* ==================================================================== + * Copyright (c) 2005 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +#include +#include "cryptlib.h" +#include +#include +#include +#include + +int RSA_padding_add_X931(unsigned char *to, int tlen, + const unsigned char *from, int flen) + { + int j; + unsigned char *p; + + /* Absolute minimum amount of padding is 1 header nibble, 1 padding + * nibble and 2 trailer bytes: but 1 hash if is already in 'from'. + */ + + j = tlen - flen - 2; + + if (j < 0) + { + RSAerr(RSA_F_RSA_PADDING_ADD_X931,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); + return -1; + } + + p=(unsigned char *)to; + + /* If no padding start and end nibbles are in one byte */ + if (j == 0) + *p++ = 0x6A; + else + { + *p++ = 0x6B; + if (j > 1) + { + memset(p, 0xBB, j - 1); + p += j - 1; + } + *p++ = 0xBA; + } + memcpy(p,from,(unsigned int)flen); + p += flen; + *p = 0xCC; + return(1); + } + +int RSA_padding_check_X931(unsigned char *to, int tlen, + const unsigned char *from, int flen, int num) + { + int i,j; + const unsigned char *p; + + p=from; + if ((num != flen) || ((*p != 0x6A) && (*p != 0x6B))) + { + RSAerr(RSA_F_RSA_PADDING_CHECK_X931,RSA_R_INVALID_HEADER); + return -1; + } + + if (*p++ == 0x6B) + { + j=flen-3; + for (i = 0; i < j; i++) + { + unsigned char c = *p++; + if (c == 0xBA) + break; + if (c != 0xBB) + { + RSAerr(RSA_F_RSA_PADDING_CHECK_X931, + RSA_R_INVALID_PADDING); + return -1; + } + } + + j -= i; + + if (i == 0) + { + RSAerr(RSA_F_RSA_PADDING_CHECK_X931, RSA_R_INVALID_PADDING); + return -1; + } + + } + else j = flen - 2; + + if (p[j] != 0xCC) + { + RSAerr(RSA_F_RSA_PADDING_CHECK_X931, RSA_R_INVALID_TRAILER); + return -1; + } + + memcpy(to,p,(unsigned int)j); + + return(j); + } + +/* Translate between X931 hash ids and NIDs */ + +int RSA_X931_hash_id(int nid) + { + switch (nid) + { + case NID_sha1: + return 0x33; + + case NID_sha256: + return 0x34; + + case NID_sha384: + return 0x36; + + case NID_sha512: + return 0x35; + + } + return -1; + } + diff --git a/src/lib/libssl/src/fips/Makefile b/src/lib/libssl/src/fips/Makefile deleted file mode 100644 index 63e4cf82be..0000000000 --- a/src/lib/libssl/src/fips/Makefile +++ /dev/null @@ -1,199 +0,0 @@ -# -# SSLeay/fips/Makefile -# - -DIR= fips -TOP= .. -CC= cc -INCLUDE= -I. -I$(TOP) -I../include -INCLUDES= -I.. -I../.. -I../../include -CFLAG= -g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP= /usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile -RM= rm -f -AR= ar r - -PEX_LIBS= -EX_LIBS= - -CFLAGS= $(INCLUDE) $(CFLAG) - - -LIBS= - -FDIRS=sha1 rand des aes dsa rsa dh - -GENERAL=Makefile README fips-lib.com install.com - -LIB= $(TOP)/libcrypto.a -SHARED_LIB= libcrypto$(SHLIB_EXT) -LIBSRC=fips.c fips_err_wrapper.c -LIBOBJ=fips.o fips_err_wrapper.o - -SRC= $(LIBSRC) - -EXHEADER=fips.h -HEADER=$(EXHEADER) fips_err.h -EXE=openssl_fips_fingerprint - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - @(cd ..; $(MAKE) DIRS=$(DIR) all) - -all: - @if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \ - $(MAKE) -e subdirs check lib shared; \ - fi - -check: - TOP=`pwd`/$(TOP) ./fips_check_sha1 fingerprint.sha1 $(SRC) $(HEADER) - -subdirs: - @for i in $(FDIRS) ;\ - do \ - (cd $$i && echo "making all in fips/$$i..." && \ - $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' FIPS_DES_ENC='${FIPS_DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' FIPS_SHA1_ASM_OBJ='${FIPS_SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' all ) || exit 1; \ - done; - -sub_target: - @for i in $(FDIRS) ;\ - do \ - (cd $$i && echo "making $(TARGET) in fips/$$i..." && \ - $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' FIPS_DES_ENC='${FIPS_DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' FIPS_SHA1_ASM_OBJ='${FIPS_SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' $(TARGET) ) || exit 1; \ - done; - -files: - $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO - @for i in $(FDIRS) ;\ - do \ - (cd $$i && echo "making 'files' in fips/$$i..." && \ - $(MAKE) PERL='${PERL}' files ); \ - done; - -links: - @$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER) - @for i in $(FDIRS); do \ - (cd $$i && echo "making links in fips/$$i..." && \ - $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' FIPS_DES_ENC='${FIPS_DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' FIPS_SHA1_ASM_OBJ='${FIPS_SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PERL='${PERL}' links ); \ - done; - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -shared: - if [ -n "$(SHARED_LIBS)" ]; then \ - (cd ..; $(MAKE) $(SHARED_LIB)); \ - fi - -libs: - @for i in $(FDIRS) ;\ - do \ - (cd $$i && echo "making libs in fips/$$i..." && \ - $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALL_PREFIX='${INSTALL_PREFIX}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' AR='${AR}' lib ); \ - done; - -tests: - @for i in $(FDIRS) ;\ - do \ - (cd $$i && echo "making tests in fips/$$i..." && \ - $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' AR='${AR}' tests ); \ - done; - -top_fips_test_suite: - (cd $(TOP); $(MAKE) DIRS=fips FDIRS=. TARGET=fips_test_suite sub_target) - -fips_test_suite: fips_test_suite.o $(TOP)/libcrypto.a - $(CC) $(CFLAGS) -o fips_test_suite fips_test_suite.o $(PEX_LIBS) $(TOP)/libcrypto.a $(EX_LIBS) - TOP=$(TOP) $(TOP)/fips/openssl_fips_fingerprint $(TOP)/libcrypto.a fips_test_suite || { rm fips_test_suite; false; } - -fips_test: top top_fips_test_suite - cd testvectors && perl -p -i -e 's/COUNT=/COUNT = /' des[23]/req/*.req - @for i in dsa sha1 aes des ; \ - do \ - (cd $$i && echo "making fips_test in fips/$$i..." && $(MAKE) fips_test) \ - done; - -install: - @headerlist="$(EXHEADER)"; for i in $$headerlist ;\ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - @for i in $(FDIRS) ;\ - do \ - (cd $$i && echo "making install in fips/$$i..." && \ - $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALL_PREFIX='${INSTALL_PREFIX}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' install ); \ - done; - @for i in $(EXE) ; \ - do \ - echo "installing $$i"; \ - cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \ - chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \ - mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i; \ - done - -lint: - @for i in $(FDIRS) ;\ - do \ - (cd $$i && echo "making lint in fips/$$i..." && \ - $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' lint ); \ - done; - -depend: - if [ ! -f buildinf.h ]; then touch buildinf.h; fi # fake buildinf.h if it does not exist - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDE) $(DEPFLAG) -- $(SRC) - if [ ! -s buildinf.h ]; then rm buildinf.h; fi - @for i in $(FDIRS) ;\ - do \ - (cd $$i && echo "making depend in fips/$$i..." && \ - $(MAKE) MAKEFILE='${MAKEFILE}' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' DEPFLAG='${DEPFLAG}' MAKEDEPPROG='${MAKEDEPPROG}' KRB5_INCLUDES='${KRB5_INCLUDES}' PERL='${PERL}' depend ); \ - done; - -clean: - rm -f buildinf.h *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - @for i in $(FDIRS) ;\ - do \ - (cd $$i && echo "making clean in fips/$$i..." && \ - $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' clean ); \ - done; - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - @for i in $(FDIRS) ;\ - do \ - (cd $$i && echo "making dclean in fips/$$i..." && \ - $(MAKE) PERL='${PERL}' CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' dclean ); \ - done; - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -fips.o: ../include/openssl/aes.h ../include/openssl/asn1.h -fips.o: ../include/openssl/bio.h ../include/openssl/blowfish.h -fips.o: ../include/openssl/bn.h ../include/openssl/cast.h -fips.o: ../include/openssl/crypto.h ../include/openssl/des.h -fips.o: ../include/openssl/des_old.h ../include/openssl/dh.h -fips.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h -fips.o: ../include/openssl/err.h ../include/openssl/evp.h -fips.o: ../include/openssl/fips.h ../include/openssl/fips_rand.h -fips.o: ../include/openssl/hmac.h ../include/openssl/idea.h -fips.o: ../include/openssl/lhash.h ../include/openssl/md2.h -fips.o: ../include/openssl/md4.h ../include/openssl/md5.h -fips.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h -fips.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h -fips.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h -fips.o: ../include/openssl/rand.h ../include/openssl/rc2.h -fips.o: ../include/openssl/rc4.h ../include/openssl/rc5.h -fips.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h -fips.o: ../include/openssl/safestack.h ../include/openssl/sha.h -fips.o: ../include/openssl/stack.h ../include/openssl/symhacks.h -fips.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h fips.c -fips.o: fips_locl.h -fips_err_wrapper.o: ../include/openssl/opensslconf.h fips_err_wrapper.c diff --git a/src/lib/libssl/src/fips/aes/Makefile b/src/lib/libssl/src/fips/aes/Makefile deleted file mode 100644 index fce5eeb5f7..0000000000 --- a/src/lib/libssl/src/fips/aes/Makefile +++ /dev/null @@ -1,131 +0,0 @@ -# -# SSLeay/fips/aes/Makefile -# - -DIR= aes -TOP= ../.. -CC= cc -INCLUDES= -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile -AR= ar r - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile -TEST=fips_aesavs.c -TESTDATA=fips_aes_data -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC=fips_aes_core.c fips_aes_selftest.c -LIBOBJ=fips_aes_core.o fips_aes_selftest.o - -SRC= $(LIBSRC) - -EXHEADER= -HEADER= $(EXHEADER) fips_aes_locl.h - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd $(TOP); $(MAKE) DIRS=fips FDIRS=$(DIR) sub_all) - -all: check lib - -check: - TOP=`pwd`/$(TOP) ../fips_check_sha1 fingerprint.sha1 $(SRC) $(HEADER) - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @sleep 2; touch lib - -files: - $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO - -links: - @$(PERL) $(TOP)/util/mklink.pl $(TOP)/include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl $(TOP)/test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl $(TOP)/test $(TESTDATA) - @$(PERL) $(TOP)/util/mklink.pl $(TOP)/apps $(APPS) - -install: - @headerlist="$(EXHEADER)"; for i in $$headerlist; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done - -tags: - ctags $(SRC) - -tests: - -top_fips_aesavs: - (cd $(TOP); $(MAKE) DIRS=fips FDIRS=$(DIR) TARGET=fips_aesavs sub_target) - -fips_aesavs: fips_aesavs.o $(TOP)/libcrypto.a - $(CC) $(CFLAGS) -o fips_aesavs fips_aesavs.o $(PEX_LIBS) $(TOP)/libcrypto.a $(EX_LIBS) - TOP=$(TOP) $(TOP)/fips/openssl_fips_fingerprint $(TOP)/libcrypto.a fips_aesavs - -fips_test: top top_fips_aesavs - find ../testvectors/aes/req -name '*.req' > testlist - -rm -rf ../testvectors/aes/rsp - mkdir ../testvectors/aes/rsp - ./fips_aesavs -d testlist - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) \ - $(SRC) $(TEST) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff -# DO NOT DELETE THIS LINE -- make depend depends on it. - -fips_aes_core.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h -fips_aes_core.o: ../../include/openssl/fips.h -fips_aes_core.o: ../../include/openssl/opensslconf.h fips_aes_core.c -fips_aes_core.o: fips_aes_locl.h -fips_aes_selftest.o: ../../include/openssl/aes.h ../../include/openssl/bio.h -fips_aes_selftest.o: ../../include/openssl/crypto.h -fips_aes_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -fips_aes_selftest.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -fips_aes_selftest.o: ../../include/openssl/opensslconf.h -fips_aes_selftest.o: ../../include/openssl/opensslv.h -fips_aes_selftest.o: ../../include/openssl/safestack.h -fips_aes_selftest.o: ../../include/openssl/stack.h -fips_aes_selftest.o: ../../include/openssl/symhacks.h fips_aes_selftest.c -fips_aesavs.o: ../../e_os.h ../../include/openssl/aes.h -fips_aesavs.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -fips_aesavs.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -fips_aesavs.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -fips_aesavs.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -fips_aesavs.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -fips_aesavs.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -fips_aesavs.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -fips_aesavs.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -fips_aesavs.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -fips_aesavs.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -fips_aesavs.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -fips_aesavs.o: ../../include/openssl/opensslconf.h -fips_aesavs.o: ../../include/openssl/opensslv.h -fips_aesavs.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h -fips_aesavs.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -fips_aesavs.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -fips_aesavs.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -fips_aesavs.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -fips_aesavs.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -fips_aesavs.o: fips_aesavs.c diff --git a/src/lib/libssl/src/fips/aes/fips_aes_selftest.c b/src/lib/libssl/src/fips/aes/fips_aes_selftest.c deleted file mode 100644 index 0e53d21bd0..0000000000 --- a/src/lib/libssl/src/fips/aes/fips_aes_selftest.c +++ /dev/null @@ -1,112 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2003 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - */ - -#include -#include -#include -#include - -#ifdef OPENSSL_FIPS -static struct - { - unsigned char key[16]; - unsigned char plaintext[16]; - unsigned char ciphertext[16]; - } tests[]= - { - { - { 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07, - 0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F }, - { 0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77, - 0x88,0x99,0xAA,0xBB,0xCC,0xDD,0xEE,0xFF }, - { 0x69,0xC4,0xE0,0xD8,0x6A,0x7B,0x04,0x30, - 0xD8,0xCD,0xB7,0x80,0x70,0xB4,0xC5,0x5A }, - }, - }; - -void FIPS_corrupt_aes() - { - tests[0].key[0]++; - } - -int FIPS_selftest_aes() - { - int n; - - /* Encrypt and check against known ciphertext */ - for(n=0 ; n < 1 ; ++n) - { - AES_KEY key; - unsigned char buf[16]; - - AES_set_encrypt_key(tests[n].key,128,&key); - AES_encrypt(tests[n].plaintext,buf,&key); - if(memcmp(buf,tests[n].ciphertext,sizeof buf)) - { - FIPSerr(FIPS_F_FIPS_SELFTEST_AES,FIPS_R_SELFTEST_FAILED); - return 0; - } - } - /* Decrypt and check against known plaintext */ - for(n=0 ; n < 1 ; ++n) - { - AES_KEY key; - unsigned char buf[16]; - - AES_set_decrypt_key(tests[n].key,128,&key); - AES_decrypt(tests[n].ciphertext,buf,&key); - if(memcmp(buf,tests[n].plaintext,sizeof buf)) - { - FIPSerr(FIPS_F_FIPS_SELFTEST_AES,FIPS_R_SELFTEST_FAILED); - return 0; - } - } - return 1; - } -#endif diff --git a/src/lib/libssl/src/fips/aes/fips_aesavs.c b/src/lib/libssl/src/fips/aes/fips_aesavs.c deleted file mode 100644 index 5fc2879067..0000000000 --- a/src/lib/libssl/src/fips/aes/fips_aesavs.c +++ /dev/null @@ -1,1005 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2004 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - */ -/*--------------------------------------------- - NIST AES Algorithm Validation Suite - Test Program - - Donated to OpenSSL by: - V-ONE Corporation - 20250 Century Blvd, Suite 300 - Germantown, MD 20874 - U.S.A. - ----------------------------------------------*/ - -#include -#include -#include -#include -#include - -#include -#include -#include -#include -#include "e_os.h" - -#define AES_BLOCK_SIZE 16 - -#define VERBOSE 1 - -/*-----------------------------------------------*/ - -int AESTest(EVP_CIPHER_CTX *ctx, - char *amode, int akeysz, unsigned char *aKey, - unsigned char *iVec, - int dir, /* 0 = decrypt, 1 = encrypt */ - unsigned char *plaintext, unsigned char *ciphertext, int len) - { - const EVP_CIPHER *cipher = NULL; - int ret = 1; - int kt = 0; - - if (ctx) - memset(ctx, 0, sizeof(EVP_CIPHER_CTX)); - - if (strcasecmp(amode, "CBC") == 0) - kt = 1000; - else if (strcasecmp(amode, "ECB") == 0) - kt = 2000; - else if (strcasecmp(amode, "CFB128") == 0) - kt = 3000; - else if (strncasecmp(amode, "OFB", 3) == 0) - kt = 4000; - else if(!strcasecmp(amode,"CFB1")) - kt=5000; - else if(!strcasecmp(amode,"CFB8")) - kt=6000; - else - { - printf("Unknown mode: %s\n", amode); - EXIT(1); - } - if (ret) - { - if ((akeysz != 128) && (akeysz != 192) && (akeysz != 256)) - { - printf("Invalid key size: %d\n", akeysz); - ret = 0; - } - else - { - kt += akeysz; - switch (kt) - { - case 1128: /* CBC 128 */ - cipher = EVP_aes_128_cbc(); - break; - case 1192: /* CBC 192 */ - cipher = EVP_aes_192_cbc(); - break; - case 1256: /* CBC 256 */ - cipher = EVP_aes_256_cbc(); - break; - case 2128: /* ECB 128 */ - cipher = EVP_aes_128_ecb(); - break; - case 2192: /* ECB 192 */ - cipher = EVP_aes_192_ecb(); - break; - case 2256: /* ECB 256 */ - cipher = EVP_aes_256_ecb(); - break; - case 3128: /* CFB 128 */ - cipher = EVP_aes_128_cfb(); - break; - case 3192: /* CFB 192 */ - cipher = EVP_aes_192_cfb(); - break; - case 3256: /* CFB 256 */ - cipher = EVP_aes_256_cfb(); - break; - case 4128: /* OFB 128 */ - cipher = EVP_aes_128_ofb(); - break; - case 4192: /* OFB 192 */ - cipher = EVP_aes_192_ofb(); - break; - case 4256: /* OFB 256 */ - cipher = EVP_aes_256_ofb(); - break; - case 5128: - cipher=EVP_aes_128_cfb1(); - break; - case 5192: - cipher=EVP_aes_192_cfb1(); - break; - case 5256: - cipher=EVP_aes_256_cfb1(); - break; - case 6128: - cipher=EVP_aes_128_cfb8(); - break; - case 6192: - cipher=EVP_aes_192_cfb8(); - break; - case 6256: - cipher=EVP_aes_256_cfb8(); - break; - default: - printf("Didn't handle mode %d\n",kt); - EXIT(1); - } - if (dir) - { /* encrypt */ - if(!EVP_CipherInit(ctx, cipher, aKey, iVec, AES_ENCRYPT)) - { - ERR_print_errors_fp(stderr); - EXIT(1); - } - - EVP_Cipher(ctx, ciphertext, (unsigned char*)plaintext, len); - } - else - { /* decrypt */ - if(!EVP_CipherInit(ctx, cipher, aKey, iVec, AES_DECRYPT)) - { - ERR_print_errors_fp(stderr); - EXIT(1); - } - EVP_Cipher(ctx, (unsigned char*)plaintext, ciphertext, len); - } - } - } - return ret; - } - -/*-----------------------------------------------*/ - -int hex2bin(char *in, int len, unsigned char *out) -{ - int n1, n2; - unsigned char ch; - - for (n1 = 0, n2 = 0; n1 < len; ) - { /* first byte */ - if ((in[n1] >= '0') && (in[n1] <= '9')) - ch = in[n1++] - '0'; - else if ((in[n1] >= 'A') && (in[n1] <= 'F')) - ch = in[n1++] - 'A' + 10; - else if ((in[n1] >= 'a') && (in[n1] <= 'f')) - ch = in[n1++] - 'a' + 10; - else - return -1; - if(len == 1) - { - out[n2++]=ch; - break; - } - out[n2] = ch << 4; - /* second byte */ - if ((in[n1] >= '0') && (in[n1] <= '9')) - ch = in[n1++] - '0'; - else if ((in[n1] >= 'A') && (in[n1] <= 'F')) - ch = in[n1++] - 'A' + 10; - else if ((in[n1] >= 'a') && (in[n1] <= 'f')) - ch = in[n1++] - 'a' + 10; - else - return -1; - out[n2++] |= ch; - } - return n2; -} - -/*-----------------------------------------------*/ - -int bin2hex(unsigned char *in, int len, char *out) -{ - int n1, n2; - unsigned char ch; - - for (n1 = 0, n2 = 0; n1 < len; ++n1) - { - /* first nibble */ - ch = in[n1] >> 4; - if (ch <= 0x09) - out[n2++] = ch + '0'; - else - out[n2++] = ch - 10 + 'a'; - /* second nibble */ - ch = in[n1] & 0x0f; - if (ch <= 0x09) - out[n2++] = ch + '0'; - else - out[n2++] = ch - 10 + 'a'; - } - return n2; -} - -/* NB: this return the number of _bits_ read */ -int bint2bin(const char *in, int len, unsigned char *out) - { - int n; - - memset(out,0,len); - for(n=0 ; n < len ; ++n) - if(in[n] == '1') - out[n/8]|=(0x80 >> (n%8)); - return len; - } - -int bin2bint(const unsigned char *in,int len,char *out) - { - int n; - - for(n=0 ; n < len ; ++n) - out[n]=(in[n/8]&(0x80 >> (n%8))) ? '1' : '0'; - return n; - } - -/*-----------------------------------------------*/ - -void PrintValue(char *tag, unsigned char *val, int len) -{ -#if VERBOSE - char obuf[2048]; - int olen; - olen = bin2hex(val, len, obuf); - printf("%s = %.*s\n", tag, olen, obuf); -#endif -} - -void OutputValue(char *tag, unsigned char *val, int len, FILE *rfp,int bitmode) - { - char obuf[2048]; - int olen; - - if(bitmode) - olen=bin2bint(val,len,obuf); - else - olen=bin2hex(val,len,obuf); - - fprintf(rfp, "%s = %.*s\n", tag, olen, obuf); -#if VERBOSE - printf("%s = %.*s\n", tag, olen, obuf); -#endif - } - -/*-----------------------------------------------*/ -char *t_tag[2] = {"PLAINTEXT", "CIPHERTEXT"}; -char *t_mode[6] = {"CBC","ECB","OFB","CFB1","CFB8","CFB128"}; -enum Mode {CBC, ECB, OFB, CFB1, CFB8, CFB128}; -enum XCrypt {XDECRYPT, XENCRYPT}; - -/*=============================*/ -/* Monte Carlo Tests */ -/*-----------------------------*/ - -/*#define gb(a,b) (((a)[(b)/8] >> ((b)%8))&1)*/ -/*#define sb(a,b,v) ((a)[(b)/8]=((a)[(b)/8]&~(1 << ((b)%8)))|(!!(v) << ((b)%8)))*/ - -#define gb(a,b) (((a)[(b)/8] >> (7-(b)%8))&1) -#define sb(a,b,v) ((a)[(b)/8]=((a)[(b)/8]&~(1 << (7-(b)%8)))|(!!(v) << (7-(b)%8))) - -int do_mct(char *amode, - int akeysz, unsigned char *aKey,unsigned char *iVec, - int dir, unsigned char *text, int len, - FILE *rfp) - { - int ret = 0; - unsigned char key[101][32]; - unsigned char iv[101][AES_BLOCK_SIZE]; - unsigned char ptext[1001][32]; - unsigned char ctext[1001][32]; - unsigned char ciphertext[64+4]; - int i, j, n, n1, n2; - int imode = 0, nkeysz = akeysz/8; - EVP_CIPHER_CTX ctx; - - if (len > 32) - { - printf("\n>>>> Length exceeds 32 for %s %d <<<<\n\n", - amode, akeysz); - return -1; - } - for (imode = 0; imode < 6; ++imode) - if (strcmp(amode, t_mode[imode]) == 0) - break; - if (imode == 6) - { - printf("Unrecognized mode: %s\n", amode); - return -1; - } - - memcpy(key[0], aKey, nkeysz); - if (iVec) - memcpy(iv[0], iVec, AES_BLOCK_SIZE); - if (dir == XENCRYPT) - memcpy(ptext[0], text, len); - else - memcpy(ctext[0], text, len); - for (i = 0; i < 100; ++i) - { - /* printf("Iteration %d\n", i); */ - if (i > 0) - { - fprintf(rfp,"COUNT = %d\n",i); - OutputValue("KEY",key[i],nkeysz,rfp,0); - if (imode != ECB) /* ECB */ - OutputValue("IV",iv[i],AES_BLOCK_SIZE,rfp,0); - /* Output Ciphertext | Plaintext */ - OutputValue(t_tag[dir^1],dir ? ptext[0] : ctext[0],len,rfp, - imode == CFB1); - } - for (j = 0; j < 1000; ++j) - { - switch (imode) - { - case ECB: - if (j == 0) - { /* set up encryption */ - ret = AESTest(&ctx, amode, akeysz, key[i], NULL, - dir, /* 0 = decrypt, 1 = encrypt */ - ptext[j], ctext[j], len); - if (dir == XENCRYPT) - memcpy(ptext[j+1], ctext[j], len); - else - memcpy(ctext[j+1], ptext[j], len); - } - else - { - if (dir == XENCRYPT) - { - EVP_Cipher(&ctx, ctext[j], ptext[j], len); - memcpy(ptext[j+1], ctext[j], len); - } - else - { - EVP_Cipher(&ctx, ptext[j], ctext[j], len); - memcpy(ctext[j+1], ptext[j], len); - } - } - break; - - case CBC: - case OFB: - case CFB128: - if (j == 0) - { - ret = AESTest(&ctx, amode, akeysz, key[i], iv[i], - dir, /* 0 = decrypt, 1 = encrypt */ - ptext[j], ctext[j], len); - if (dir == XENCRYPT) - memcpy(ptext[j+1], iv[i], len); - else - memcpy(ctext[j+1], iv[i], len); - } - else - { - if (dir == XENCRYPT) - { - EVP_Cipher(&ctx, ctext[j], ptext[j], len); - memcpy(ptext[j+1], ctext[j-1], len); - } - else - { - EVP_Cipher(&ctx, ptext[j], ctext[j], len); - memcpy(ctext[j+1], ptext[j-1], len); - } - } - break; - - case CFB8: - if (j == 0) - { - ret = AESTest(&ctx, amode, akeysz, key[i], iv[i], - dir, /* 0 = decrypt, 1 = encrypt */ - ptext[j], ctext[j], len); - } - else - { - if (dir == XENCRYPT) - EVP_Cipher(&ctx, ctext[j], ptext[j], len); - else - EVP_Cipher(&ctx, ptext[j], ctext[j], len); - } - if (dir == XENCRYPT) - { - if (j < 16) - memcpy(ptext[j+1], &iv[i][j], len); - else - memcpy(ptext[j+1], ctext[j-16], len); - } - else - { - if (j < 16) - memcpy(ctext[j+1], &iv[i][j], len); - else - memcpy(ctext[j+1], ptext[j-16], len); - } - break; - - case CFB1: - if(j == 0) - { - /* compensate for wrong endianness of input file */ - if(i == 0) - ptext[0][0]<<=7; - ret=AESTest(&ctx,amode,akeysz,key[i],iv[i],dir, - ptext[j], ctext[j], len); - } - else - { - if (dir == XENCRYPT) - EVP_Cipher(&ctx, ctext[j], ptext[j], len); - else - EVP_Cipher(&ctx, ptext[j], ctext[j], len); - - } - if(dir == XENCRYPT) - { - if(j < 128) - sb(ptext[j+1],0,gb(iv[i],j)); - else - sb(ptext[j+1],0,gb(ctext[j-128],0)); - } - else - { - if(j < 128) - sb(ctext[j+1],0,gb(iv[i],j)); - else - sb(ctext[j+1],0,gb(ptext[j-128],0)); - } - break; - } - } - --j; /* reset to last of range */ - /* Output Ciphertext | Plaintext */ - OutputValue(t_tag[dir],dir ? ctext[j] : ptext[j],len,rfp, - imode == CFB1); - fprintf(rfp, "\n"); /* add separator */ - - /* Compute next KEY */ - if (dir == XENCRYPT) - { - if (imode == CFB8) - { /* ct = CT[j-15] || CT[j-14] || ... || CT[j] */ - for (n1 = 0, n2 = nkeysz-1; n1 < nkeysz; ++n1, --n2) - ciphertext[n1] = ctext[j-n2][0]; - } - else if(imode == CFB1) - { - for(n1=0,n2=akeysz-1 ; n1 < akeysz ; ++n1,--n2) - sb(ciphertext,n1,gb(ctext[j-n2],0)); - } - else - switch (akeysz) - { - case 128: - memcpy(ciphertext, ctext[j], 16); - break; - case 192: - memcpy(ciphertext, ctext[j-1]+8, 8); - memcpy(ciphertext+8, ctext[j], 16); - break; - case 256: - memcpy(ciphertext, ctext[j-1], 16); - memcpy(ciphertext+16, ctext[j], 16); - break; - } - } - else - { - if (imode == CFB8) - { /* ct = CT[j-15] || CT[j-14] || ... || CT[j] */ - for (n1 = 0, n2 = nkeysz-1; n1 < nkeysz; ++n1, --n2) - ciphertext[n1] = ptext[j-n2][0]; - } - else if(imode == CFB1) - { - for(n1=0,n2=akeysz-1 ; n1 < akeysz ; ++n1,--n2) - sb(ciphertext,n1,gb(ptext[j-n2],0)); - } - else - switch (akeysz) - { - case 128: - memcpy(ciphertext, ptext[j], 16); - break; - case 192: - memcpy(ciphertext, ptext[j-1]+8, 8); - memcpy(ciphertext+8, ptext[j], 16); - break; - case 256: - memcpy(ciphertext, ptext[j-1], 16); - memcpy(ciphertext+16, ptext[j], 16); - break; - } - } - /* Compute next key: Key[i+1] = Key[i] xor ct */ - for (n = 0; n < nkeysz; ++n) - key[i+1][n] = key[i][n] ^ ciphertext[n]; - - /* Compute next IV and text */ - if (dir == XENCRYPT) - { - switch (imode) - { - case ECB: - memcpy(ptext[0], ctext[j], AES_BLOCK_SIZE); - break; - case CBC: - case OFB: - case CFB128: - memcpy(iv[i+1], ctext[j], AES_BLOCK_SIZE); - memcpy(ptext[0], ctext[j-1], AES_BLOCK_SIZE); - break; - case CFB8: - /* IV[i+1] = ct */ - for (n1 = 0, n2 = 15; n1 < 16; ++n1, --n2) - iv[i+1][n1] = ctext[j-n2][0]; - ptext[0][0] = ctext[j-16][0]; - break; - case CFB1: - for(n1=0,n2=127 ; n1 < 128 ; ++n1,--n2) - sb(iv[i+1],n1,gb(ctext[j-n2],0)); - ptext[0][0]=ctext[j-128][0]&0x80; - break; - } - } - else - { - switch (imode) - { - case ECB: - memcpy(ctext[0], ptext[j], AES_BLOCK_SIZE); - break; - case CBC: - case OFB: - case CFB128: - memcpy(iv[i+1], ptext[j], AES_BLOCK_SIZE); - memcpy(ctext[0], ptext[j-1], AES_BLOCK_SIZE); - break; - case CFB8: - for (n1 = 0, n2 = 15; n1 < 16; ++n1, --n2) - iv[i+1][n1] = ptext[j-n2][0]; - ctext[0][0] = ptext[j-16][0]; - break; - case CFB1: - for(n1=0,n2=127 ; n1 < 128 ; ++n1,--n2) - sb(iv[i+1],n1,gb(ptext[j-n2],0)); - ctext[0][0]=ptext[j-128][0]&0x80; - break; - } - } - } - - return ret; - } - -/*================================================*/ -/*---------------------------- - # Config info for v-one - # AESVS MMT test data for ECB - # State : Encrypt and Decrypt - # Key Length : 256 - # Fri Aug 30 04:07:22 PM - ----------------------------*/ - -int proc_file(char *rqfile) - { - char afn[256], rfn[256]; - FILE *afp = NULL, *rfp = NULL; - char ibuf[2048]; - int ilen, len, ret = 0; - char algo[8] = ""; - char amode[8] = ""; - char atest[8] = ""; - int akeysz = 0; - unsigned char iVec[20], aKey[40]; - int dir = -1, err = 0, step = 0; - unsigned char plaintext[2048]; - unsigned char ciphertext[2048]; - char *rp; - EVP_CIPHER_CTX ctx; - - if (!rqfile || !(*rqfile)) - { - printf("No req file\n"); - return -1; - } - strcpy(afn, rqfile); - - if ((afp = fopen(afn, "r")) == NULL) - { - printf("Cannot open file: %s, %s\n", - afn, strerror(errno)); - return -1; - } - strcpy(rfn,afn); - rp=strstr(rfn,"req/"); - assert(rp); - memcpy(rp,"rsp",3); - rp = strstr(rfn, ".req"); - memcpy(rp, ".rsp", 4); - if ((rfp = fopen(rfn, "w")) == NULL) - { - printf("Cannot open file: %s, %s\n", - rfn, strerror(errno)); - fclose(afp); - afp = NULL; - return -1; - } - while (!err && (fgets(ibuf, sizeof(ibuf), afp)) != NULL) - { - ilen = strlen(ibuf); - /* printf("step=%d ibuf=%s",step,ibuf); */ - switch (step) - { - case 0: /* read preamble */ - if (ibuf[0] == '\n') - { /* end of preamble */ - if ((*algo == '\0') || - (*amode == '\0') || - (akeysz == 0)) - { - printf("Missing Algorithm, Mode or KeySize (%s/%s/%d)\n", - algo,amode,akeysz); - err = 1; - } - else - { - fputs(ibuf, rfp); - ++ step; - } - } - else if (ibuf[0] != '#') - { - printf("Invalid preamble item: %s\n", ibuf); - err = 1; - } - else - { /* process preamble */ - char *xp, *pp = ibuf+2; - int n; - if (akeysz) - { /* insert current time & date */ - time_t rtim = time(0); - fprintf(rfp, "# %s", ctime(&rtim)); - } - else - { - fputs(ibuf, rfp); - if (strncmp(pp, "AESVS ", 6) == 0) - { - strcpy(algo, "AES"); - /* get test type */ - pp += 6; - xp = strchr(pp, ' '); - n = xp-pp; - strncpy(atest, pp, n); - atest[n] = '\0'; - /* get mode */ - xp = strrchr(pp, ' '); /* get mode" */ - n = strlen(xp+1)-1; - strncpy(amode, xp+1, n); - amode[n] = '\0'; - /* amode[3] = '\0'; */ - printf("Test = %s, Mode = %s\n", atest, amode); - } - else if (strncasecmp(pp, "Key Length : ", 13) == 0) - { - akeysz = atoi(pp+13); - printf("Key size = %d\n", akeysz); - } - } - } - break; - - case 1: /* [ENCRYPT] | [DECRYPT] */ - if (ibuf[0] == '[') - { - fputs(ibuf, rfp); - ++step; - if (strncasecmp(ibuf, "[ENCRYPT]", 9) == 0) - dir = 1; - else if (strncasecmp(ibuf, "[DECRYPT]", 9) == 0) - dir = 0; - else - { - printf("Invalid keyword: %s\n", ibuf); - err = 1; - } - break; - } - else if (dir == -1) - { - err = 1; - printf("Missing ENCRYPT/DECRYPT keyword\n"); - break; - } - else - step = 2; - - case 2: /* KEY = xxxx */ - fputs(ibuf, rfp); - if(*ibuf == '\n') - break; - if(!strncasecmp(ibuf,"COUNT = ",8)) - break; - - if (strncasecmp(ibuf, "KEY = ", 6) != 0) - { - printf("Missing KEY\n"); - err = 1; - } - else - { - len = hex2bin((char*)ibuf+6, strlen(ibuf+6)-1, aKey); - if (len < 0) - { - printf("Invalid KEY\n"); - err =1; - break; - } - PrintValue("KEY", aKey, len); - if (strcmp(amode, "ECB") == 0) - { - memset(iVec, 0, sizeof(iVec)); - step = (dir)? 4: 5; /* no ivec for ECB */ - } - else - ++step; - } - break; - - case 3: /* IV = xxxx */ - fputs(ibuf, rfp); - if (strncasecmp(ibuf, "IV = ", 5) != 0) - { - printf("Missing IV\n"); - err = 1; - } - else - { - len = hex2bin((char*)ibuf+5, strlen(ibuf+5)-1, iVec); - if (len < 0) - { - printf("Invalid IV\n"); - err =1; - break; - } - PrintValue("IV", iVec, len); - step = (dir)? 4: 5; - } - break; - - case 4: /* PLAINTEXT = xxxx */ - fputs(ibuf, rfp); - if (strncasecmp(ibuf, "PLAINTEXT = ", 12) != 0) - { - printf("Missing PLAINTEXT\n"); - err = 1; - } - else - { - int nn = strlen(ibuf+12); - if(!strcmp(amode,"CFB1")) - len=bint2bin(ibuf+12,nn-1,plaintext); - else - len=hex2bin(ibuf+12, nn-1,plaintext); - if (len < 0) - { - printf("Invalid PLAINTEXT: %s", ibuf+12); - err =1; - break; - } - if (len >= sizeof(plaintext)) - { - printf("Buffer overflow\n"); - } - PrintValue("PLAINTEXT", (unsigned char*)plaintext, len); - if (strcmp(atest, "MCT") == 0) /* Monte Carlo Test */ - { - if(do_mct(amode, akeysz, aKey, iVec, - dir, (unsigned char*)plaintext, len, - rfp) < 0) - EXIT(1); - } - else - { - ret = AESTest(&ctx, amode, akeysz, aKey, iVec, - dir, /* 0 = decrypt, 1 = encrypt */ - plaintext, ciphertext, len); - OutputValue("CIPHERTEXT",ciphertext,len,rfp, - !strcmp(amode,"CFB1")); - } - step = 6; - } - break; - - case 5: /* CIPHERTEXT = xxxx */ - fputs(ibuf, rfp); - if (strncasecmp(ibuf, "CIPHERTEXT = ", 13) != 0) - { - printf("Missing KEY\n"); - err = 1; - } - else - { - if(!strcmp(amode,"CFB1")) - len=bint2bin(ibuf+13,strlen(ibuf+13)-1,ciphertext); - else - len = hex2bin(ibuf+13,strlen(ibuf+13)-1,ciphertext); - if (len < 0) - { - printf("Invalid CIPHERTEXT\n"); - err =1; - break; - } - - PrintValue("CIPHERTEXT", ciphertext, len); - if (strcmp(atest, "MCT") == 0) /* Monte Carlo Test */ - { - do_mct(amode, akeysz, aKey, iVec, - dir, ciphertext, len, rfp); - } - else - { - ret = AESTest(&ctx, amode, akeysz, aKey, iVec, - dir, /* 0 = decrypt, 1 = encrypt */ - plaintext, ciphertext, len); - OutputValue("PLAINTEXT",(unsigned char *)plaintext,len,rfp, - !strcmp(amode,"CFB1")); - } - step = 6; - } - break; - - case 6: - if (ibuf[0] != '\n') - { - err = 1; - printf("Missing terminator\n"); - } - else if (strcmp(atest, "MCT") != 0) - { /* MCT already added terminating nl */ - fputs(ibuf, rfp); - } - step = 1; - break; - } - } - if (rfp) - fclose(rfp); - if (afp) - fclose(afp); - return err; - } - -/*-------------------------------------------------- - Processes either a single file or - a set of files whose names are passed in a file. - A single file is specified as: - aes_test -f xxx.req - A set of files is specified as: - aes_test -d xxxxx.xxx - The default is: -d req.txt ---------------------------------------------------*/ -int main(int argc, char **argv) - { - char *rqlist = "req.txt"; - FILE *fp = NULL; - char fn[250] = "", rfn[256] = ""; - int f_opt = 0, d_opt = 1; - -#ifdef OPENSSL_FIPS - if(!FIPS_mode_set(1,argv[0])) - { - ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE)); - EXIT(1); - } -#endif - ERR_load_crypto_strings(); - if (argc > 1) - { - if (strcasecmp(argv[1], "-d") == 0) - { - d_opt = 1; - } - else if (strcasecmp(argv[1], "-f") == 0) - { - f_opt = 1; - d_opt = 0; - } - else - { - printf("Invalid parameter: %s\n", argv[1]); - return 0; - } - if (argc < 3) - { - printf("Missing parameter\n"); - return 0; - } - if (d_opt) - rqlist = argv[2]; - else - strcpy(fn, argv[2]); - } - if (d_opt) - { /* list of files (directory) */ - if (!(fp = fopen(rqlist, "r"))) - { - printf("Cannot open req list file\n"); - return -1; - } - while (fgets(fn, sizeof(fn), fp)) - { - strtok(fn, "\r\n"); - strcpy(rfn, fn); - printf("Processing: %s\n", rfn); - if (proc_file(rfn)) - { - printf(">>> Processing failed for: %s <<<\n", rfn); - EXIT(1); - } - } - fclose(fp); - } - else /* single file */ - { - printf("Processing: %s\n", fn); - if (proc_file(fn)) - { - printf(">>> Processing failed for: %s <<<\n", fn); - } - } - EXIT(0); - return 0; - } diff --git a/src/lib/libssl/src/fips/des/Makefile b/src/lib/libssl/src/fips/des/Makefile deleted file mode 100644 index 87a5329d53..0000000000 --- a/src/lib/libssl/src/fips/des/Makefile +++ /dev/null @@ -1,155 +0,0 @@ -# -# SSLeay/fips/des/Makefile -# - -DIR= des -TOP= ../.. -CC= cc -INCLUDES= -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile -AR= ar r - -FIPS_DES_ENC=fips_des_enc.o - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile -TEST= fips_desmovs.c -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC=fips_des_enc.c asm/fips-dx86-elf.s fips_des_selftest.c fips_set_key.c -LIBOBJ=$(FIPS_DES_ENC) fips_des_selftest.o fips_set_key.o - -SRC= $(LIBSRC) - -EXHEADER= -HEADER= $(EXHEADER) fips_des_locl.h - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd $(TOP); $(MAKE) DIRS=fips FDIRS=$(DIR) sub_all) - -all: check lib - -check: - TOP=`pwd`/$(TOP) ../fips_check_sha1 fingerprint.sha1 $(SRC) $(HEADER) - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @sleep 2; touch lib - -files: - $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO - -links: - @$(PERL) $(TOP)/util/mklink.pl $(TOP)/include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl $(TOP)/test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl $(TOP)/apps $(APPS) - -install: - @headerlist="$(EXHEADER)"; for i in $$headerlist; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done - -tags: - ctags $(SRC) - -tests: - -top_fips_desmovs: - (cd $(TOP); $(MAKE) DIRS=fips FDIRS=$(DIR) TARGET=fips_desmovs sub_target) - -fips_desmovs: fips_desmovs.o $(TOP)/libcrypto.a - $(CC) $(CFLAGS) -o fips_desmovs fips_desmovs.o $(PEX_LIBS) $(TOP)/libcrypto.a $(EX_LIBS) - TOP=$(TOP) $(TOP)/fips/openssl_fips_fingerprint $(TOP)/libcrypto.a fips_desmovs - -fips_test: top_fips_desmovs - find ../testvectors/des/req -name '*.req' > testlist - -rm -rf ../testvectors/des/rsp - mkdir ../testvectors/des/rsp - ./fips_desmovs -d testlist - find ../testvectors/des2/req -name '*.req' > testlist - -rm -rf ../testvectors/des2/rsp - mkdir ../testvectors/des2/rsp - ./fips_desmovs -d testlist - find ../testvectors/des3/req -name '*.req' > testlist - -rm -rf ../testvectors/des3/rsp - mkdir ../testvectors/des3/rsp - ./fips_desmovs -d testlist - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) \ - $(SRC) $(TEST) -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff -# DO NOT DELETE THIS LINE -- make depend depends on it. - -fips_des_enc.o: ../../e_os.h ../../include/openssl/crypto.h -fips_des_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -fips_des_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/fips.h -fips_des_enc.o: ../../include/openssl/opensslconf.h -fips_des_enc.o: ../../include/openssl/opensslv.h -fips_des_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -fips_des_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -fips_des_enc.o: ../../include/openssl/ui_compat.h fips_des_enc.c -fips_des_enc.o: fips_des_locl.h -fips_des_selftest.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h -fips_des_selftest.o: ../../include/openssl/des.h -fips_des_selftest.o: ../../include/openssl/des_old.h -fips_des_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -fips_des_selftest.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -fips_des_selftest.o: ../../include/openssl/opensslconf.h -fips_des_selftest.o: ../../include/openssl/opensslv.h -fips_des_selftest.o: ../../include/openssl/safestack.h -fips_des_selftest.o: ../../include/openssl/stack.h -fips_des_selftest.o: ../../include/openssl/symhacks.h -fips_des_selftest.o: ../../include/openssl/ui.h -fips_des_selftest.o: ../../include/openssl/ui_compat.h fips_des_selftest.c -fips_desmovs.o: ../../e_os.h ../../include/openssl/aes.h -fips_desmovs.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -fips_desmovs.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -fips_desmovs.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -fips_desmovs.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -fips_desmovs.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -fips_desmovs.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -fips_desmovs.o: ../../include/openssl/evp.h ../../include/openssl/fips.h -fips_desmovs.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -fips_desmovs.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -fips_desmovs.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -fips_desmovs.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -fips_desmovs.o: ../../include/openssl/opensslconf.h -fips_desmovs.o: ../../include/openssl/opensslv.h -fips_desmovs.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h -fips_desmovs.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -fips_desmovs.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -fips_desmovs.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -fips_desmovs.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -fips_desmovs.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -fips_desmovs.o: fips_desmovs.c -fips_set_key.o: ../../e_os.h ../../include/openssl/crypto.h -fips_set_key.o: ../../include/openssl/des.h ../../include/openssl/des_old.h -fips_set_key.o: ../../include/openssl/e_os2.h ../../include/openssl/fips.h -fips_set_key.o: ../../include/openssl/opensslconf.h -fips_set_key.o: ../../include/openssl/opensslv.h -fips_set_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -fips_set_key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -fips_set_key.o: ../../include/openssl/ui_compat.h fips_des_locl.h -fips_set_key.o: fips_set_key.c diff --git a/src/lib/libssl/src/fips/des/fips_des_selftest.c b/src/lib/libssl/src/fips/des/fips_des_selftest.c deleted file mode 100644 index 3e0778eb5e..0000000000 --- a/src/lib/libssl/src/fips/des/fips_des_selftest.c +++ /dev/null @@ -1,200 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2003 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - */ - -#include -#include -#include -#include -#include - -#ifdef OPENSSL_FIPS -static struct - { - DES_cblock key; - unsigned char plaintext[8]; - unsigned char ciphertext[8]; - } tests[]= - { - { - { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 }, - { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 }, - { 0x8C,0xA6,0x4D,0xE9,0xC1,0xB1,0x23,0xA7 } - }, - { - { 0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10 }, - { 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF }, - { 0xED,0x39,0xD9,0x50,0xFA,0x74,0xBC,0xC4 }, - }, - }; - -static struct - { - DES_cblock key1; - DES_cblock key2; - unsigned char plaintext[8]; - unsigned char ciphertext[8]; - } tests2[]= - { - { - { 0x7c,0x4f,0x6e,0xf7,0xa2,0x04,0x16,0xec }, - { 0x0b,0x6b,0x7c,0x9e,0x5e,0x19,0xa7,0xc4 }, - { 0x06,0xa7,0xd8,0x79,0xaa,0xce,0x69,0xef }, - { 0x4c,0x11,0x17,0x55,0xbf,0xc4,0x4e,0xfd } - }, - { - { 0x5d,0x9e,0x01,0xd3,0x25,0xc7,0x3e,0x34 }, - { 0x01,0x16,0x7c,0x85,0x23,0xdf,0xe0,0x68 }, - { 0x9c,0x50,0x09,0x0f,0x5e,0x7d,0x69,0x7e }, - { 0xd2,0x0b,0x18,0xdf,0xd9,0x0d,0x9e,0xff }, - } - }; - -static struct - { - DES_cblock key1; - DES_cblock key2; - DES_cblock key3; - unsigned char plaintext[8]; - unsigned char ciphertext[8]; - } tests3[]= - { - { - { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 }, - { 0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10 }, - { 0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0 }, - { 0x8f,0x8f,0xbf,0x9b,0x5d,0x48,0xb4,0x1c}, - { 0x59,0x8c,0xe5,0xd3,0x6c,0xa2,0xea,0x1b}, - }, - { - { 0xDC,0xBA,0x98,0x76,0x54,0x32,0x10,0xFE }, - { 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF }, - { 0xED,0x39,0xD9,0x50,0xFA,0x74,0xBC,0xC4 }, - { 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF }, - { 0x11,0x25,0xb0,0x35,0xbe,0xa0,0x82,0x86 }, - }, - }; - -void FIPS_corrupt_des() - { - tests[0].plaintext[0]++; - } - -int FIPS_selftest_des() - { - int n; - - /* Encrypt/decrypt with DES and compare to known answers */ - for(n=0 ; n < 2 ; ++n) - { - DES_key_schedule key; - DES_cblock buf; - - DES_set_key(&tests[n].key,&key); - DES_ecb_encrypt(&tests[n].plaintext,&buf,&key,1); - if(memcmp(buf,tests[n].ciphertext,sizeof buf)) - { - FIPSerr(FIPS_F_FIPS_SELFTEST_DES,FIPS_R_SELFTEST_FAILED); - return 0; - } - DES_ecb_encrypt(&tests[n].ciphertext,&buf,&key,0); - if(memcmp(buf,tests[n].plaintext,sizeof buf)) - { - FIPSerr(FIPS_F_FIPS_SELFTEST_DES,FIPS_R_SELFTEST_FAILED); - return 0; - } - } - - /* Encrypt/decrypt with 2-key 3DES and compare to known answers */ - for(n=0 ; n < 2 ; ++n) - { - DES_key_schedule key1, key2; - unsigned char buf[8]; - - DES_set_key(&tests2[n].key1,&key1); - DES_set_key(&tests2[n].key2,&key2); - DES_ecb2_encrypt(tests2[n].plaintext,buf,&key1,&key2,1); - if(memcmp(buf,tests2[n].ciphertext,sizeof buf)) - { - FIPSerr(FIPS_F_FIPS_SELFTEST_DES,FIPS_R_SELFTEST_FAILED); - return 0; - } - DES_ecb2_encrypt(tests2[n].ciphertext,buf,&key1,&key2,0); - if(memcmp(buf,tests2[n].plaintext,sizeof buf)) - { - FIPSerr(FIPS_F_FIPS_SELFTEST_DES,FIPS_R_SELFTEST_FAILED); - return 0; - } - } - - /* Encrypt/decrypt with 3DES and compare to known answers */ - for(n=0 ; n < 2 ; ++n) - { - DES_key_schedule key1, key2, key3; - unsigned char buf[8]; - - DES_set_key(&tests3[n].key1,&key1); - DES_set_key(&tests3[n].key2,&key2); - DES_set_key(&tests3[n].key3,&key3); - DES_ecb3_encrypt(tests3[n].plaintext,buf,&key1,&key2,&key3,1); - if(memcmp(buf,tests3[n].ciphertext,sizeof buf)) - { - FIPSerr(FIPS_F_FIPS_SELFTEST_DES,FIPS_R_SELFTEST_FAILED); - return 0; - } - DES_ecb3_encrypt(tests3[n].ciphertext,buf,&key1,&key2,&key3,0); - if(memcmp(buf,tests3[n].plaintext,sizeof buf)) - { - FIPSerr(FIPS_F_FIPS_SELFTEST_DES,FIPS_R_SELFTEST_FAILED); - return 0; - } - } - - return 1; - } -#endif diff --git a/src/lib/libssl/src/fips/des/fips_desmovs.c b/src/lib/libssl/src/fips/des/fips_desmovs.c deleted file mode 100644 index d1b60c1a40..0000000000 --- a/src/lib/libssl/src/fips/des/fips_desmovs.c +++ /dev/null @@ -1,833 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2004 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - */ -/*--------------------------------------------- - NIST DES Modes of Operation Validation System - Test Program - - Based on the AES Validation Suite, which was: - Donated to OpenSSL by: - V-ONE Corporation - 20250 Century Blvd, Suite 300 - Germantown, MD 20874 - U.S.A. - ----------------------------------------------*/ - -#include -#include -#include -#include -#include - -#include -#include -#include -#include -#include "e_os.h" - -/*#define AES_BLOCK_SIZE 16*/ - -#define VERBOSE 0 - -/*-----------------------------------------------*/ - -int DESTest(EVP_CIPHER_CTX *ctx, - char *amode, int akeysz, unsigned char *aKey, - unsigned char *iVec, - int dir, /* 0 = decrypt, 1 = encrypt */ - unsigned char *out, unsigned char *in, int len) - { - const EVP_CIPHER *cipher = NULL; - int kt = 0; - - if (ctx) - memset(ctx, 0, sizeof(EVP_CIPHER_CTX)); - - if (strcasecmp(amode, "CBC") == 0) - kt = 1000; - else if (strcasecmp(amode, "ECB") == 0) - kt = 2000; - else if (strcasecmp(amode, "CFB64") == 0) - kt = 3000; - else if (strncasecmp(amode, "OFB", 3) == 0) - kt = 4000; - else if(!strcasecmp(amode,"CFB1")) - kt=5000; - else if(!strcasecmp(amode,"CFB8")) - kt=6000; - else - { - printf("Unknown mode: %s\n", amode); - EXIT(1); - } - if (akeysz != 64 && akeysz != 192) - { - printf("Invalid key size: %d\n", akeysz); - EXIT(1); - } - else - { - kt += akeysz; - switch (kt) - { - case 1064: - cipher=EVP_des_cbc(); - break; - case 1192: - cipher=EVP_des_ede3_cbc(); - break; - case 2064: - cipher=EVP_des_ecb(); - break; - case 2192: - cipher=EVP_des_ede3_ecb(); - break; - case 3064: - cipher=EVP_des_cfb64(); - break; - case 3192: - cipher=EVP_des_ede3_cfb64(); - break; - case 4064: - cipher=EVP_des_ofb(); - break; - case 4192: - cipher=EVP_des_ede3_ofb(); - break; - case 5064: - cipher=EVP_des_cfb1(); - break; - case 5192: - cipher=EVP_des_ede3_cfb1(); - break; - case 6064: - cipher=EVP_des_cfb8(); - break; - case 6192: - cipher=EVP_des_ede3_cfb8(); - break; - default: - printf("Didn't handle mode %d\n",kt); - EXIT(1); - } - if(!EVP_CipherInit(ctx, cipher, aKey, iVec, dir)) - { - ERR_print_errors_fp(stderr); - EXIT(1); - } - EVP_Cipher(ctx, out, in, len); - } - return 1; - } - -/*-----------------------------------------------*/ - -int hex2bin(char *in, int len, unsigned char *out) - { - int n1, n2; - unsigned char ch; - - for (n1 = 0, n2 = 0; n1 < len; ) - { /* first byte */ - if ((in[n1] >= '0') && (in[n1] <= '9')) - ch = in[n1++] - '0'; - else if ((in[n1] >= 'A') && (in[n1] <= 'F')) - ch = in[n1++] - 'A' + 10; - else if ((in[n1] >= 'a') && (in[n1] <= 'f')) - ch = in[n1++] - 'a' + 10; - else - return -1; - if(len == 1) - { - out[n2++]=ch; - break; - } - out[n2] = ch << 4; - /* second byte */ - if ((in[n1] >= '0') && (in[n1] <= '9')) - ch = in[n1++] - '0'; - else if ((in[n1] >= 'A') && (in[n1] <= 'F')) - ch = in[n1++] - 'A' + 10; - else if ((in[n1] >= 'a') && (in[n1] <= 'f')) - ch = in[n1++] - 'a' + 10; - else - return -1; - out[n2++] |= ch; - } - return n2; - } - -/*-----------------------------------------------*/ - -int bin2hex(unsigned char *in, int len, char *out) - { - int n1, n2; - unsigned char ch; - - for (n1 = 0, n2 = 0; n1 < len; ++n1) - { - /* first nibble */ - ch = in[n1] >> 4; - if (ch <= 0x09) - out[n2++] = ch + '0'; - else - out[n2++] = ch - 10 + 'a'; - /* second nibble */ - ch = in[n1] & 0x0f; - if (ch <= 0x09) - out[n2++] = ch + '0'; - else - out[n2++] = ch - 10 + 'a'; - } - return n2; - } - -/* NB: this return the number of _bits_ read */ -int bint2bin(const char *in, int len, unsigned char *out) - { - int n; - - memset(out,0,len); - for(n=0 ; n < len ; ++n) - if(in[n] == '1') - out[n/8]|=(0x80 >> (n%8)); - return len; - } - -int bin2bint(const unsigned char *in,int len,char *out) - { - int n; - - for(n=0 ; n < len ; ++n) - out[n]=(in[n/8]&(0x80 >> (n%8))) ? '1' : '0'; - return n; - } - -/*-----------------------------------------------*/ - -void PrintValue(char *tag, unsigned char *val, int len) - { -#if VERBOSE - char obuf[2048]; - int olen; - olen = bin2hex(val, len, obuf); - printf("%s = %.*s\n", tag, olen, obuf); -#endif - } - -void DebugValue(char *tag, unsigned char *val, int len) - { - char obuf[2048]; - int olen; - olen = bin2hex(val, len, obuf); - printf("%s = %.*s\n", tag, olen, obuf); - } - -void OutputValue(char *tag, unsigned char *val, int len, FILE *rfp,int bitmode) - { - char obuf[2048]; - int olen; - - if(bitmode) - olen=bin2bint(val,len,obuf); - else - olen=bin2hex(val,len,obuf); - - fprintf(rfp, "%s = %.*s\n", tag, olen, obuf); -#if VERBOSE - printf("%s = %.*s\n", tag, olen, obuf); -#endif - } - -void shiftin(unsigned char *dst,unsigned char *src,int nbits) - { - int n; - - /* move the bytes... */ - memmove(dst,dst+nbits/8,3*8-nbits/8); - /* append new data */ - memcpy(dst+3*8-nbits/8,src,(nbits+7)/8); - /* left shift the bits */ - if(nbits%8) - for(n=0 ; n < 3*8 ; ++n) - dst[n]=(dst[n] << (nbits%8))|(dst[n+1] >> (8-nbits%8)); - } - -/*-----------------------------------------------*/ -char *t_tag[2] = {"PLAINTEXT", "CIPHERTEXT"}; -char *t_mode[6] = {"CBC","ECB","OFB","CFB1","CFB8","CFB64"}; -enum Mode {CBC, ECB, OFB, CFB1, CFB8, CFB64}; -int Sizes[6]={64,64,64,1,8,64}; - -void do_mct(char *amode, - int akeysz, int numkeys, unsigned char *akey,unsigned char *ivec, - int dir, unsigned char *text, int len, - FILE *rfp) - { - int i,imode; - unsigned char nk[4*8]; /* longest key+8 */ - unsigned char text0[8]; - - for (imode=0 ; imode < 6 ; ++imode) - if(!strcmp(amode,t_mode[imode])) - break; - if (imode == 6) - { - printf("Unrecognized mode: %s\n", amode); - EXIT(1); - } - - for(i=0 ; i < 400 ; ++i) - { - int j; - int n; - EVP_CIPHER_CTX ctx; - int kp=akeysz/64; - unsigned char old_iv[8]; - - fprintf(rfp,"\nCOUNT = %d\n",i); - if(kp == 1) - OutputValue("KEY",akey,8,rfp,0); - else - for(n=0 ; n < kp ; ++n) - { - fprintf(rfp,"KEY%d",n+1); - OutputValue("",akey+n*8,8,rfp,0); - } - - if(imode != ECB) - OutputValue("IV",ivec,8,rfp,0); - OutputValue(t_tag[dir^1],text,len,rfp,imode == CFB1); - - /* compensate for endianness */ - if(imode == CFB1) - text[0]<<=7; - - memcpy(text0,text,8); - - for(j=0 ; j < 10000 ; ++j) - { - unsigned char old_text[8]; - - memcpy(old_text,text,8); - if(j == 0) - { - memcpy(old_iv,ivec,8); - DESTest(&ctx,amode,akeysz,akey,ivec,dir,text,text,len); - } - else - { - memcpy(old_iv,ctx.iv,8); - EVP_Cipher(&ctx,text,text,len); - } - if(j == 9999) - { - OutputValue(t_tag[dir],text,len,rfp,imode == CFB1); - /* memcpy(ivec,text,8); */ - } - /* DebugValue("iv",ctx.iv,8); */ - /* accumulate material for the next key */ - shiftin(nk,text,Sizes[imode]); - /* DebugValue("nk",nk,24);*/ - if((dir && (imode == CFB1 || imode == CFB8 || imode == CFB64 - || imode == CBC)) || imode == OFB) - memcpy(text,old_iv,8); - - if(!dir && (imode == CFB1 || imode == CFB8 || imode == CFB64)) - { - /* the test specifies using the output of the raw DES operation - which we don't have, so reconstruct it... */ - for(n=0 ; n < 8 ; ++n) - text[n]^=old_text[n]; - } - } - for(n=0 ; n < 8 ; ++n) - akey[n]^=nk[16+n]; - for(n=0 ; n < 8 ; ++n) - akey[8+n]^=nk[8+n]; - for(n=0 ; n < 8 ; ++n) - akey[16+n]^=nk[n]; - if(numkeys < 3) - memcpy(&akey[2*8],akey,8); - if(numkeys < 2) - memcpy(&akey[8],akey,8); - DES_set_odd_parity((DES_cblock *)akey); - DES_set_odd_parity((DES_cblock *)(akey+8)); - DES_set_odd_parity((DES_cblock *)(akey+16)); - memcpy(ivec,ctx.iv,8); - - /* pointless exercise - the final text doesn't depend on the - initial text in OFB mode, so who cares what it is? (Who - designed these tests?) */ - if(imode == OFB) - for(n=0 ; n < 8 ; ++n) - text[n]=text0[n]^old_iv[n]; - } - } - -int proc_file(char *rqfile) - { - char afn[256], rfn[256]; - FILE *afp = NULL, *rfp = NULL; - char ibuf[2048]; - int ilen, len, ret = 0; - char amode[8] = ""; - char atest[100] = ""; - int akeysz=0; - unsigned char iVec[20], aKey[40]; - int dir = -1, err = 0, step = 0; - unsigned char plaintext[2048]; - unsigned char ciphertext[2048]; - char *rp; - EVP_CIPHER_CTX ctx; - int numkeys=1; - - if (!rqfile || !(*rqfile)) - { - printf("No req file\n"); - return -1; - } - strcpy(afn, rqfile); - - if ((afp = fopen(afn, "r")) == NULL) - { - printf("Cannot open file: %s, %s\n", - afn, strerror(errno)); - return -1; - } - strcpy(rfn,afn); - rp=strstr(rfn,"req/"); - assert(rp); - memcpy(rp,"rsp",3); - rp = strstr(rfn, ".req"); - memcpy(rp, ".rsp", 4); - if ((rfp = fopen(rfn, "w")) == NULL) - { - printf("Cannot open file: %s, %s\n", - rfn, strerror(errno)); - fclose(afp); - afp = NULL; - return -1; - } - while (!err && (fgets(ibuf, sizeof(ibuf), afp)) != NULL) - { - ilen = strlen(ibuf); - /* printf("step=%d ibuf=%s",step,ibuf);*/ - if(step == 3 && !strcmp(amode,"ECB")) - { - memset(iVec, 0, sizeof(iVec)); - step = (dir)? 4: 5; /* no ivec for ECB */ - } - switch (step) - { - case 0: /* read preamble */ - if (ibuf[0] == '\n') - { /* end of preamble */ - if (*amode == '\0') - { - printf("Missing Mode\n"); - err = 1; - } - else - { - fputs(ibuf, rfp); - ++ step; - } - } - else if (ibuf[0] != '#') - { - printf("Invalid preamble item: %s\n", ibuf); - err = 1; - } - else - { /* process preamble */ - char *xp, *pp = ibuf+2; - int n; - if(*amode) - { /* insert current time & date */ - time_t rtim = time(0); - fprintf(rfp, "# %s", ctime(&rtim)); - } - else - { - fputs(ibuf, rfp); - if(!strncmp(pp,"INVERSE ",8) || !strncmp(pp,"DES ",4) - || !strncmp(pp,"TDES ",5) - || !strncmp(pp,"PERMUTATION ",12) - || !strncmp(pp,"SUBSTITUTION ",13) - || !strncmp(pp,"VARIABLE ",9)) - { - /* get test type */ - if(!strncmp(pp,"DES ",4)) - pp+=4; - else if(!strncmp(pp,"TDES ",5)) - pp+=5; - xp = strchr(pp, ' '); - n = xp-pp; - strncpy(atest, pp, n); - atest[n] = '\0'; - /* get mode */ - xp = strrchr(pp, ' '); /* get mode" */ - n = strlen(xp+1)-1; - strncpy(amode, xp+1, n); - amode[n] = '\0'; - /* amode[3] = '\0'; */ - printf("Test=%s, Mode=%s\n",atest,amode); - } - } - } - break; - - case 1: /* [ENCRYPT] | [DECRYPT] */ - if(ibuf[0] == '\n') - break; - if (ibuf[0] == '[') - { - fputs(ibuf, rfp); - ++step; - if (strncasecmp(ibuf, "[ENCRYPT]", 9) == 0) - dir = 1; - else if (strncasecmp(ibuf, "[DECRYPT]", 9) == 0) - dir = 0; - else - { - printf("Invalid keyword: %s\n", ibuf); - err = 1; - } - break; - } - else if (dir == -1) - { - err = 1; - printf("Missing ENCRYPT/DECRYPT keyword\n"); - break; - } - else - step = 2; - - case 2: /* KEY = xxxx */ - if(*ibuf == '\n') - { - fputs(ibuf, rfp); - break; - } - if(!strncasecmp(ibuf,"COUNT = ",8)) - { - fputs(ibuf, rfp); - break; - } - if(!strncasecmp(ibuf,"COUNT=",6)) - { - fputs(ibuf, rfp); - break; - } - if(!strncasecmp(ibuf,"NumKeys = ",10)) - { - numkeys=atoi(ibuf+10); - break; - } - - fputs(ibuf, rfp); - if(!strncasecmp(ibuf,"KEY = ",6)) - { - akeysz=64; - len = hex2bin((char*)ibuf+6, strlen(ibuf+6)-1, aKey); - if (len < 0) - { - printf("Invalid KEY\n"); - err=1; - break; - } - PrintValue("KEY", aKey, len); - ++step; - } - else if(!strncasecmp(ibuf,"KEYs = ",7)) - { - akeysz=64*3; - len=hex2bin(ibuf+7,strlen(ibuf+7)-1,aKey); - if(len != 8) - { - printf("Invalid KEY\n"); - err=1; - break; - } - memcpy(aKey+8,aKey,8); - memcpy(aKey+16,aKey,8); - ibuf[4]='\0'; - PrintValue("KEYs",aKey,len); - ++step; - } - else if(!strncasecmp(ibuf,"KEY",3)) - { - int n=ibuf[3]-'1'; - - akeysz=64*3; - len=hex2bin(ibuf+7,strlen(ibuf+7)-1,aKey+n*8); - if(len != 8) - { - printf("Invalid KEY\n"); - err=1; - break; - } - ibuf[4]='\0'; - PrintValue(ibuf,aKey,len); - if(n == 2) - ++step; - } - else - { - printf("Missing KEY\n"); - err = 1; - } - break; - - case 3: /* IV = xxxx */ - fputs(ibuf, rfp); - if (strncasecmp(ibuf, "IV = ", 5) != 0) - { - printf("Missing IV\n"); - err = 1; - } - else - { - len = hex2bin((char*)ibuf+5, strlen(ibuf+5)-1, iVec); - if (len < 0) - { - printf("Invalid IV\n"); - err =1; - break; - } - PrintValue("IV", iVec, len); - step = (dir)? 4: 5; - } - break; - - case 4: /* PLAINTEXT = xxxx */ - fputs(ibuf, rfp); - if (strncasecmp(ibuf, "PLAINTEXT = ", 12) != 0) - { - printf("Missing PLAINTEXT\n"); - err = 1; - } - else - { - int nn = strlen(ibuf+12); - if(!strcmp(amode,"CFB1")) - len=bint2bin(ibuf+12,nn-1,plaintext); - else - len=hex2bin(ibuf+12, nn-1,plaintext); - if (len < 0) - { - printf("Invalid PLAINTEXT: %s", ibuf+12); - err =1; - break; - } - if (len >= sizeof(plaintext)) - { - printf("Buffer overflow\n"); - } - PrintValue("PLAINTEXT", (unsigned char*)plaintext, len); - if (strcmp(atest, "Monte") == 0) /* Monte Carlo Test */ - { - do_mct(amode,akeysz,numkeys,aKey,iVec,dir,plaintext,len,rfp); - } - else - { - assert(dir == 1); - ret = DESTest(&ctx, amode, akeysz, aKey, iVec, - dir, /* 0 = decrypt, 1 = encrypt */ - ciphertext, plaintext, len); - OutputValue("CIPHERTEXT",ciphertext,len,rfp, - !strcmp(amode,"CFB1")); - } - step = 6; - } - break; - - case 5: /* CIPHERTEXT = xxxx */ - fputs(ibuf, rfp); - if (strncasecmp(ibuf, "CIPHERTEXT = ", 13) != 0) - { - printf("Missing KEY\n"); - err = 1; - } - else - { - if(!strcmp(amode,"CFB1")) - len=bint2bin(ibuf+13,strlen(ibuf+13)-1,ciphertext); - else - len = hex2bin(ibuf+13,strlen(ibuf+13)-1,ciphertext); - if (len < 0) - { - printf("Invalid CIPHERTEXT\n"); - err =1; - break; - } - - PrintValue("CIPHERTEXT", ciphertext, len); - if (strcmp(atest, "Monte") == 0) /* Monte Carlo Test */ - { - do_mct(amode, akeysz, numkeys, aKey, iVec, - dir, ciphertext, len, rfp); - } - else - { - assert(dir == 0); - ret = DESTest(&ctx, amode, akeysz, aKey, iVec, - dir, /* 0 = decrypt, 1 = encrypt */ - plaintext, ciphertext, len); - OutputValue("PLAINTEXT",(unsigned char *)plaintext,len,rfp, - !strcmp(amode,"CFB1")); - } - step = 6; - } - break; - - case 6: - if (ibuf[0] != '\n') - { - err = 1; - printf("Missing terminator\n"); - } - else if (strcmp(atest, "MCT") != 0) - { /* MCT already added terminating nl */ - fputs(ibuf, rfp); - } - step = 1; - break; - } - } - if (rfp) - fclose(rfp); - if (afp) - fclose(afp); - return err; - } - -/*-------------------------------------------------- - Processes either a single file or - a set of files whose names are passed in a file. - A single file is specified as: - aes_test -f xxx.req - A set of files is specified as: - aes_test -d xxxxx.xxx - The default is: -d req.txt ---------------------------------------------------*/ -int main(int argc, char **argv) - { - char *rqlist = "req.txt"; - FILE *fp = NULL; - char fn[250] = "", rfn[256] = ""; - int f_opt = 0, d_opt = 1; - -#ifdef OPENSSL_FIPS - if(!FIPS_mode_set(1,argv[0])) - { - ERR_load_crypto_strings(); - ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE)); - EXIT(1); - } -#endif - ERR_load_crypto_strings(); - if (argc > 1) - { - if (strcasecmp(argv[1], "-d") == 0) - { - d_opt = 1; - } - else if (strcasecmp(argv[1], "-f") == 0) - { - f_opt = 1; - d_opt = 0; - } - else - { - printf("Invalid parameter: %s\n", argv[1]); - return 0; - } - if (argc < 3) - { - printf("Missing parameter\n"); - return 0; - } - if (d_opt) - rqlist = argv[2]; - else - strcpy(fn, argv[2]); - } - if (d_opt) - { /* list of files (directory) */ - if (!(fp = fopen(rqlist, "r"))) - { - printf("Cannot open req list file\n"); - return -1; - } - while (fgets(fn, sizeof(fn), fp)) - { - strtok(fn, "\r\n"); - strcpy(rfn, fn); - printf("Processing: %s\n", rfn); - if (proc_file(rfn)) - { - printf(">>> Processing failed for: %s <<<\n", rfn); - EXIT(1); - } - } - fclose(fp); - } - else /* single file */ - { - printf("Processing: %s\n", fn); - if (proc_file(fn)) - { - printf(">>> Processing failed for: %s <<<\n", fn); - } - } - EXIT(0); - return 0; - } diff --git a/src/lib/libssl/src/fips/dh/Makefile b/src/lib/libssl/src/fips/dh/Makefile deleted file mode 100644 index 10b40aa9f6..0000000000 --- a/src/lib/libssl/src/fips/dh/Makefile +++ /dev/null @@ -1,109 +0,0 @@ -# -# SSLeay/fips/dh/Makefile -# - -DIR= dh -TOP= ../.. -CC= cc -INCLUDES= -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile -AR= ar r - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile -TEST= -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC=fips_dh_check.c fips_dh_gen.c fips_dh_key.c -LIBOBJ=fips_dh_check.o fips_dh_gen.o fips_dh_key.o - -SRC= $(LIBSRC) - -EXHEADER= -HEADER= $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd $(TOP); $(MAKE) DIRS=fips FDIRS=$(DIR) sub_all) - -all: check lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @sleep 2; touch lib - -check: - TOP=`pwd`/$(TOP) ../fips_check_sha1 fingerprint.sha1 $(SRC) $(HEADER) - -files: - $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO - -links: - @$(PERL) $(TOP)/util/mklink.pl $(TOP)/include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl $(TOP)/test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl $(TOP)/apps $(APPS) - -install: - @headerlist="$(EXHEADER)"; for i in $$headerlist; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(SRC) $(TEST) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -fips_dh_check.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -fips_dh_check.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h -fips_dh_check.o: ../../include/openssl/e_os2.h -fips_dh_check.o: ../../include/openssl/opensslconf.h -fips_dh_check.o: ../../include/openssl/opensslv.h -fips_dh_check.o: ../../include/openssl/ossl_typ.h -fips_dh_check.o: ../../include/openssl/safestack.h -fips_dh_check.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -fips_dh_check.o: fips_dh_check.c -fips_dh_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -fips_dh_gen.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h -fips_dh_gen.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -fips_dh_gen.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -fips_dh_gen.o: ../../include/openssl/opensslconf.h -fips_dh_gen.o: ../../include/openssl/opensslv.h -fips_dh_gen.o: ../../include/openssl/ossl_typ.h -fips_dh_gen.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -fips_dh_gen.o: ../../include/openssl/symhacks.h fips_dh_gen.c -fips_dh_key.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -fips_dh_key.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h -fips_dh_key.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -fips_dh_key.o: ../../include/openssl/lhash.h -fips_dh_key.o: ../../include/openssl/opensslconf.h -fips_dh_key.o: ../../include/openssl/opensslv.h -fips_dh_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -fips_dh_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -fips_dh_key.o: ../../include/openssl/symhacks.h fips_dh_key.c diff --git a/src/lib/libssl/src/fips/dh/fips_dh_check.c b/src/lib/libssl/src/fips/dh/fips_dh_check.c deleted file mode 100644 index 874920b466..0000000000 --- a/src/lib/libssl/src/fips/dh/fips_dh_check.c +++ /dev/null @@ -1,125 +0,0 @@ -/* crypto/dh/dh_check.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#ifndef OPENSSL_NO_DH -#include - -#ifdef OPENSSL_FIPS - -/* Check that p is a safe prime and - * if g is 2, 3 or 5, check that is is a suitable generator - * where - * for 2, p mod 24 == 11 - * for 3, p mod 12 == 5 - * for 5, p mod 10 == 3 or 7 - * should hold. - */ - -int DH_check(const DH *dh, int *ret) - { - int ok=0; - BN_CTX *ctx=NULL; - BN_ULONG l; - BIGNUM *q=NULL; - - *ret=0; - ctx=BN_CTX_new(); - if (ctx == NULL) goto err; - q=BN_new(); - if (q == NULL) goto err; - - if (BN_is_word(dh->g,DH_GENERATOR_2)) - { - l=BN_mod_word(dh->p,24); - if (l != 11) *ret|=DH_NOT_SUITABLE_GENERATOR; - } -#if 0 - else if (BN_is_word(dh->g,DH_GENERATOR_3)) - { - l=BN_mod_word(dh->p,12); - if (l != 5) *ret|=DH_NOT_SUITABLE_GENERATOR; - } -#endif - else if (BN_is_word(dh->g,DH_GENERATOR_5)) - { - l=BN_mod_word(dh->p,10); - if ((l != 3) && (l != 7)) - *ret|=DH_NOT_SUITABLE_GENERATOR; - } - else - *ret|=DH_UNABLE_TO_CHECK_GENERATOR; - - if (!BN_is_prime(dh->p,BN_prime_checks,NULL,ctx,NULL)) - *ret|=DH_CHECK_P_NOT_PRIME; - else - { - if (!BN_rshift1(q,dh->p)) goto err; - if (!BN_is_prime(q,BN_prime_checks,NULL,ctx,NULL)) - *ret|=DH_CHECK_P_NOT_SAFE_PRIME; - } - ok=1; -err: - if (ctx != NULL) BN_CTX_free(ctx); - if (q != NULL) BN_free(q); - return(ok); - } - -#endif -#endif diff --git a/src/lib/libssl/src/fips/dh/fips_dh_gen.c b/src/lib/libssl/src/fips/dh/fips_dh_gen.c deleted file mode 100644 index b569e3912d..0000000000 --- a/src/lib/libssl/src/fips/dh/fips_dh_gen.c +++ /dev/null @@ -1,186 +0,0 @@ -/* crypto/dh/dh_gen.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include -#ifndef OPENSSL_NO_DH -#include -#endif -#include - -#ifndef OPENSSL_NO_DH -#ifdef OPENSSL_FIPS - -/* We generate DH parameters as follows - * find a prime q which is prime_len/2 bits long. - * p=(2*q)+1 or (p-1)/2 = q - * For this case, g is a generator if - * g^((p-1)/q) mod p != 1 for values of q which are the factors of p-1. - * Since the factors of p-1 are q and 2, we just need to check - * g^2 mod p != 1 and g^q mod p != 1. - * - * Having said all that, - * there is another special case method for the generators 2, 3 and 5. - * for 2, p mod 24 == 11 - * for 3, p mod 12 == 5 <<<<< does not work for safe primes. - * for 5, p mod 10 == 3 or 7 - * - * Thanks to Phil Karn for the pointers about the - * special generators and for answering some of my questions. - * - * I've implemented the second simple method :-). - * Since DH should be using a safe prime (both p and q are prime), - * this generator function can take a very very long time to run. - */ -/* Actually there is no reason to insist that 'generator' be a generator. - * It's just as OK (and in some sense better) to use a generator of the - * order-q subgroup. - */ - -DH *DH_generate_parameters(int prime_len, int generator, - void (*callback)(int,int,void *), void *cb_arg) - { - BIGNUM *p=NULL,*t1,*t2; - DH *ret=NULL; - int g,ok= -1; - BN_CTX *ctx=NULL; - - if(FIPS_selftest_failed()) - { - FIPSerr(FIPS_F_DH_GENERATE_PARAMETERS,FIPS_R_FIPS_SELFTEST_FAILED); - return NULL; - } - - ret=DH_new(); - if (ret == NULL) goto err; - ctx=BN_CTX_new(); - if (ctx == NULL) goto err; - BN_CTX_start(ctx); - t1 = BN_CTX_get(ctx); - t2 = BN_CTX_get(ctx); - if (t1 == NULL || t2 == NULL) goto err; - - if (generator <= 1) - { - DHerr(DH_F_DH_GENERATE_PARAMETERS, DH_R_BAD_GENERATOR); - goto err; - } - if (generator == DH_GENERATOR_2) - { - if (!BN_set_word(t1,24)) goto err; - if (!BN_set_word(t2,11)) goto err; - g=2; - } -#if 0 /* does not work for safe primes */ - else if (generator == DH_GENERATOR_3) - { - if (!BN_set_word(t1,12)) goto err; - if (!BN_set_word(t2,5)) goto err; - g=3; - } -#endif - else if (generator == DH_GENERATOR_5) - { - if (!BN_set_word(t1,10)) goto err; - if (!BN_set_word(t2,3)) goto err; - /* BN_set_word(t3,7); just have to miss - * out on these ones :-( */ - g=5; - } - else - { - /* in the general case, don't worry if 'generator' is a - * generator or not: since we are using safe primes, - * it will generate either an order-q or an order-2q group, - * which both is OK */ - if (!BN_set_word(t1,2)) goto err; - if (!BN_set_word(t2,1)) goto err; - g=generator; - } - - p=BN_generate_prime(NULL,prime_len,1,t1,t2,callback,cb_arg); - if (p == NULL) goto err; - if (callback != NULL) callback(3,0,cb_arg); - ret->p=p; - ret->g=BN_new(); - if (!BN_set_word(ret->g,g)) goto err; - ok=1; -err: - if (ok == -1) - { - DHerr(DH_F_DH_GENERATE_PARAMETERS,ERR_R_BN_LIB); - ok=0; - } - - if (ctx != NULL) - { - BN_CTX_end(ctx); - BN_CTX_free(ctx); - } - if (!ok && (ret != NULL)) - { - DH_free(ret); - ret=NULL; - } - return(ret); - } - -#endif -#endif diff --git a/src/lib/libssl/src/fips/dh/fips_dh_key.c b/src/lib/libssl/src/fips/dh/fips_dh_key.c deleted file mode 100644 index 41e3a661c0..0000000000 --- a/src/lib/libssl/src/fips/dh/fips_dh_key.c +++ /dev/null @@ -1,230 +0,0 @@ -/* crypto/dh/dh_key.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#ifndef OPENSSL_NO_RAND -#include -#endif -#ifndef OPENSSL_NO_DH -#include - -#ifdef OPENSSL_FIPS - -static int generate_key(DH *dh); -static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh); -static int dh_bn_mod_exp(const DH *dh, BIGNUM *r, - const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx); -static int dh_init(DH *dh); -static int dh_finish(DH *dh); - -int DH_generate_key(DH *dh) - { - return dh->meth->generate_key(dh); - } - -int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) - { - return dh->meth->compute_key(key, pub_key, dh); - } - -static DH_METHOD dh_ossl = { -"OpenSSL DH Method", -generate_key, -compute_key, -dh_bn_mod_exp, -dh_init, -dh_finish, -0, -NULL -}; - -const DH_METHOD *DH_OpenSSL(void) -{ - return &dh_ossl; -} - -static int generate_key(DH *dh) - { - int ok=0; - int generate_new_key=0; - unsigned l; - BN_CTX *ctx; - BN_MONT_CTX *mont; - BIGNUM *pub_key=NULL,*priv_key=NULL; - - ctx = BN_CTX_new(); - if (ctx == NULL) goto err; - - if (dh->priv_key == NULL) - { - priv_key=BN_new(); - if (priv_key == NULL) goto err; - generate_new_key=1; - } - else - priv_key=dh->priv_key; - - if (dh->pub_key == NULL) - { - pub_key=BN_new(); - if (pub_key == NULL) goto err; - } - else - pub_key=dh->pub_key; - - if ((dh->method_mont_p == NULL) && (dh->flags & DH_FLAG_CACHE_MONT_P)) - { - if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL) - if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p, - dh->p,ctx)) goto err; - } - mont=(BN_MONT_CTX *)dh->method_mont_p; - - if (generate_new_key) - { - l = dh->length ? dh->length : BN_num_bits(dh->p)-1; /* secret exponent length */ - if (!BN_rand(priv_key, l, 0, 0)) goto err; - } - if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, priv_key,dh->p,ctx,mont)) - goto err; - - dh->pub_key=pub_key; - dh->priv_key=priv_key; - ok=1; -err: - if (ok != 1) - DHerr(DH_F_DH_GENERATE_KEY,ERR_R_BN_LIB); - - if ((pub_key != NULL) && (dh->pub_key == NULL)) BN_free(pub_key); - if ((priv_key != NULL) && (dh->priv_key == NULL)) BN_free(priv_key); - BN_CTX_free(ctx); - return(ok); - } - -static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) - { - BN_CTX *ctx; - BN_MONT_CTX *mont; - BIGNUM *tmp; - int ret= -1; - - ctx = BN_CTX_new(); - if (ctx == NULL) goto err; - BN_CTX_start(ctx); - tmp = BN_CTX_get(ctx); - - if (dh->priv_key == NULL) - { - DHerr(DH_F_DH_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE); - goto err; - } - if ((dh->method_mont_p == NULL) && (dh->flags & DH_FLAG_CACHE_MONT_P)) - { - if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL) - if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p, - dh->p,ctx)) goto err; - } - - mont=(BN_MONT_CTX *)dh->method_mont_p; - if (!dh->meth->bn_mod_exp(dh, tmp, pub_key, dh->priv_key,dh->p,ctx,mont)) - { - DHerr(DH_F_DH_COMPUTE_KEY,ERR_R_BN_LIB); - goto err; - } - - ret=BN_bn2bin(tmp,key); -err: - BN_CTX_end(ctx); - BN_CTX_free(ctx); - return(ret); - } - -static int dh_bn_mod_exp(const DH *dh, BIGNUM *r, - const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx) - { - if (a->top == 1) - { - BN_ULONG A = a->d[0]; - return BN_mod_exp_mont_word(r,A,p,m,ctx,m_ctx); - } - else - return BN_mod_exp_mont(r,a,p,m,ctx,m_ctx); - } - - -static int dh_init(DH *dh) - { - dh->flags |= DH_FLAG_CACHE_MONT_P; - return(1); - } - -static int dh_finish(DH *dh) - { - if(dh->method_mont_p) - BN_MONT_CTX_free((BN_MONT_CTX *)dh->method_mont_p); - return(1); - } - -#endif -#endif diff --git a/src/lib/libssl/src/fips/dsa/Makefile b/src/lib/libssl/src/fips/dsa/Makefile deleted file mode 100644 index 0cc5704ed1..0000000000 --- a/src/lib/libssl/src/fips/dsa/Makefile +++ /dev/null @@ -1,158 +0,0 @@ -# -# SSLeay/fips/dsa/Makefile -# - -DIR= dsa -TOP= ../.. -CC= cc -INCLUDES= -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile -AR= ar r - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile -TEST=fips_dsatest.c -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC=fips_dsa_ossl.c fips_dsa_gen.c fips_dsa_selftest.c -LIBOBJ=fips_dsa_ossl.o fips_dsa_gen.o fips_dsa_selftest.o - -SRC= $(LIBSRC) - -EXHEADER= -HEADER= $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd $(TOP); $(MAKE) DIRS=fips FDIRS=$(DIR) sub_all) - -all: check lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @sleep 2; touch lib - -check: - TOP=`pwd`/$(TOP) ../fips_check_sha1 fingerprint.sha1 $(SRC) $(HEADER) - -files: - $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO - -links: - @$(PERL) $(TOP)/util/mklink.pl $(TOP)/include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl $(TOP)/test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl $(TOP)/apps $(APPS) - -install: - @headerlist="$(EXHEADER)"; for i in $$headerlist; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done - -tags: - ctags $(SRC) - -tests: - -top_fips_dssvs: - (cd $(TOP); $(MAKE) DIRS=fips FDIRS=$(DIR) TARGET=fips_dssvs sub_target) - -fips_dssvs: fips_dssvs.o $(TOP)/libcrypto.a - $(CC) $(CFLAGS) -o fips_dssvs fips_dssvs.o $(PEX_LIBS) $(TOP)/libcrypto.a $(EX_LIBS) - TOP=$(TOP) $(TOP)/fips/openssl_fips_fingerprint $(TOP)/libcrypto.a fips_dssvs - -Q=../testvectors/dsa/req -A=../testvectors/dsa/rsp - -fips_test: top_fips_dssvs - -rm -rf $A - mkdir $A - ./fips_dssvs pqg < $Q/PQGGen.req > $A/PQGGen.rsp - ./fips_dssvs keypair < $Q/KeyPair.req > $A/KeyPair.rsp - ./fips_dssvs siggen < $Q/SigGen.req > $A/SigGen.rsp - ./fips_dssvs sigver < $Q/SigVer.req > $A/SigVer.rsp - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(SRC) $(TEST) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff -# DO NOT DELETE THIS LINE -- make depend depends on it. - -fips_dsa_gen.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h -fips_dsa_gen.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -fips_dsa_gen.o: ../../include/openssl/bn.h ../../include/openssl/cast.h -fips_dsa_gen.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -fips_dsa_gen.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -fips_dsa_gen.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -fips_dsa_gen.o: ../../include/openssl/err.h ../../include/openssl/evp.h -fips_dsa_gen.o: ../../include/openssl/fips.h ../../include/openssl/idea.h -fips_dsa_gen.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -fips_dsa_gen.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -fips_dsa_gen.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -fips_dsa_gen.o: ../../include/openssl/objects.h -fips_dsa_gen.o: ../../include/openssl/opensslconf.h -fips_dsa_gen.o: ../../include/openssl/opensslv.h -fips_dsa_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -fips_dsa_gen.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -fips_dsa_gen.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -fips_dsa_gen.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -fips_dsa_gen.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -fips_dsa_gen.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -fips_dsa_gen.o: ../../include/openssl/ui_compat.h fips_dsa_gen.c -fips_dsa_ossl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -fips_dsa_ossl.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h -fips_dsa_ossl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -fips_dsa_ossl.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h -fips_dsa_ossl.o: ../../include/openssl/err.h ../../include/openssl/fips.h -fips_dsa_ossl.o: ../../include/openssl/lhash.h -fips_dsa_ossl.o: ../../include/openssl/opensslconf.h -fips_dsa_ossl.o: ../../include/openssl/opensslv.h -fips_dsa_ossl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -fips_dsa_ossl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -fips_dsa_ossl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -fips_dsa_ossl.o: ../../include/openssl/ui.h fips_dsa_ossl.c -fips_dsa_selftest.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -fips_dsa_selftest.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h -fips_dsa_selftest.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -fips_dsa_selftest.o: ../../include/openssl/err.h ../../include/openssl/fips.h -fips_dsa_selftest.o: ../../include/openssl/lhash.h -fips_dsa_selftest.o: ../../include/openssl/opensslconf.h -fips_dsa_selftest.o: ../../include/openssl/opensslv.h -fips_dsa_selftest.o: ../../include/openssl/ossl_typ.h -fips_dsa_selftest.o: ../../include/openssl/safestack.h -fips_dsa_selftest.o: ../../include/openssl/stack.h -fips_dsa_selftest.o: ../../include/openssl/symhacks.h fips_dsa_selftest.c -fips_dsatest.o: ../../e_os.h ../../include/openssl/asn1.h -fips_dsatest.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -fips_dsatest.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -fips_dsatest.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h -fips_dsatest.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -fips_dsatest.o: ../../include/openssl/engine.h ../../include/openssl/err.h -fips_dsatest.o: ../../include/openssl/fips.h ../../include/openssl/fips_rand.h -fips_dsatest.o: ../../include/openssl/lhash.h -fips_dsatest.o: ../../include/openssl/opensslconf.h -fips_dsatest.o: ../../include/openssl/opensslv.h -fips_dsatest.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -fips_dsatest.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -fips_dsatest.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -fips_dsatest.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -fips_dsatest.o: fips_dsatest.c diff --git a/src/lib/libssl/src/fips/dsa/fips_dsa_gen.c b/src/lib/libssl/src/fips/dsa/fips_dsa_gen.c deleted file mode 100644 index 21fa3d1783..0000000000 --- a/src/lib/libssl/src/fips/dsa/fips_dsa_gen.c +++ /dev/null @@ -1,374 +0,0 @@ -/* crypto/dsa/dsa_gen.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#undef GENUINE_DSA - -#ifdef GENUINE_DSA -/* Parameter generation follows the original release of FIPS PUB 186, - * Appendix 2.2 (i.e. use SHA as defined in FIPS PUB 180) */ -#define HASH EVP_sha() -#else -/* Parameter generation follows the updated Appendix 2.2 for FIPS PUB 186, - * also Appendix 2.2 of FIPS PUB 186-1 (i.e. use SHA as defined in - * FIPS PUB 180-1) */ -#define HASH EVP_sha1() -#endif - -#include -#include -#include -/*#include "cryptlib.h"*/ -#include -#include -#ifndef OPENSSL_NO_DSA -#include -#endif -#ifndef OPENSSL_NO_RAND -#include -#endif -#ifndef OPENSSL_NO_SHA -#include -#endif -#include -#include - -#ifndef OPENSSL_NO_DSA -#ifdef OPENSSL_FIPS - -static int fips_check_dsa(DSA *dsa) - { - static const unsigned char str1[]="12345678901234567890"; - unsigned char sig[256]; - unsigned int siglen; - - DSA_sign(0, str1, 20, sig, &siglen, dsa); - if(DSA_verify(0, str1, 20, sig, siglen, dsa) != 1) - { - FIPSerr(FIPS_F_FIPS_CHECK_DSA,FIPS_R_PAIRWISE_TEST_FAILED); - return 0; - } - return 1; - } - -DSA *DSA_generate_parameters(FIPS_DSA_SIZE_T bits, - unsigned char *seed_in, FIPS_DSA_SIZE_T seed_len, - int *counter_ret, unsigned long *h_ret, - void (*callback)(int, int, void *), - void *cb_arg) - { - int ok=0; - unsigned char seed[SHA_DIGEST_LENGTH]; - unsigned char md[SHA_DIGEST_LENGTH]; - unsigned char buf[SHA_DIGEST_LENGTH],buf2[SHA_DIGEST_LENGTH]; - BIGNUM *r0,*W,*X,*c,*test; - BIGNUM *g=NULL,*q=NULL,*p=NULL; - BN_MONT_CTX *mont=NULL; - int k,n=0,i,b,m=0; - int counter=0; - int r=0; - BN_CTX *ctx=NULL,*ctx2=NULL,*ctx3=NULL; - unsigned int h=2; - DSA *ret=NULL; - unsigned char *seed_out=seed_in; - - if(FIPS_selftest_failed()) - { - FIPSerr(FIPS_F_DSA_GENERATE_PARAMETERS, - FIPS_R_FIPS_SELFTEST_FAILED); - goto err; - } - - if (bits < 512) bits=512; - bits=(bits+63)/64*64; - - if (seed_len < 20) - seed_in = NULL; /* seed buffer too small -- ignore */ - if (seed_len > 20) - seed_len = 20; /* App. 2.2 of FIPS PUB 186 allows larger SEED, - * but our internal buffers are restricted to 160 bits*/ - if ((seed_in != NULL) && (seed_len == 20)) - memcpy(seed,seed_in,seed_len); - - if ((ctx=BN_CTX_new()) == NULL) goto err; - if ((ctx2=BN_CTX_new()) == NULL) goto err; - if ((ctx3=BN_CTX_new()) == NULL) goto err; - if ((ret=DSA_new()) == NULL) goto err; - - if ((mont=BN_MONT_CTX_new()) == NULL) goto err; - - BN_CTX_start(ctx2); - r0 = BN_CTX_get(ctx2); - g = BN_CTX_get(ctx2); - W = BN_CTX_get(ctx2); - q = BN_CTX_get(ctx2); - X = BN_CTX_get(ctx2); - c = BN_CTX_get(ctx2); - p = BN_CTX_get(ctx2); - test = BN_CTX_get(ctx2); - - BN_lshift(test,BN_value_one(),bits-1); - - for (;;) - { - for (;;) /* find q */ - { - int seed_is_random; - - /* step 1 */ - if (callback != NULL) callback(0,m++,cb_arg); - - if (!seed_len) - { - if(RAND_pseudo_bytes(seed,SHA_DIGEST_LENGTH) < 0) - goto err; - seed_is_random = 1; - } - else - { - seed_is_random = 0; - seed_len=0; /* use random seed if 'seed_in' turns out to be bad*/ - } - memcpy(buf,seed,SHA_DIGEST_LENGTH); - memcpy(buf2,seed,SHA_DIGEST_LENGTH); - /* precompute "SEED + 1" for step 7: */ - for (i=SHA_DIGEST_LENGTH-1; i >= 0; i--) - { - buf[i]++; - if (buf[i] != 0) break; - } - - /* step 2 */ - EVP_Digest(seed,SHA_DIGEST_LENGTH,md,NULL,HASH, NULL); - EVP_Digest(buf,SHA_DIGEST_LENGTH,buf2,NULL,HASH, NULL); - for (i=0; i 0) - break; - if (r != 0) - goto err; - - /* do a callback call */ - /* step 5 */ - } - - if (callback != NULL) callback(2,0,cb_arg); - if (callback != NULL) callback(3,0,cb_arg); - - /* step 6 */ - counter=0; - /* "offset = 2" */ - - n=(bits-1)/160; - b=(bits-1)-n*160; - - for (;;) - { - if (callback != NULL && counter != 0) - callback(0,counter,cb_arg); - - /* step 7 */ - BN_zero(W); - /* now 'buf' contains "SEED + offset - 1" */ - for (k=0; k<=n; k++) - { - /* obtain "SEED + offset + k" by incrementing: */ - for (i=SHA_DIGEST_LENGTH-1; i >= 0; i--) - { - buf[i]++; - if (buf[i] != 0) break; - } - - EVP_Digest(buf,SHA_DIGEST_LENGTH,md,NULL,HASH, NULL); - - /* step 8 */ - if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,r0)) - goto err; - BN_lshift(r0,r0,160*k); - BN_add(W,W,r0); - } - - /* more of step 8 */ - BN_mask_bits(W,bits-1); - BN_copy(X,W); /* this should be ok */ - BN_add(X,X,test); /* this should be ok */ - - /* step 9 */ - BN_lshift1(r0,q); - BN_mod(c,X,r0,ctx); - BN_sub(r0,c,BN_value_one()); - BN_sub(p,X,r0); - - /* step 10 */ - if (BN_cmp(p,test) >= 0) - { - /* step 11 */ - r = BN_is_prime_fasttest(p, DSS_prime_checks, callback, ctx3, cb_arg, 1); - if (r > 0) - goto end; /* found it */ - if (r != 0) - goto err; - } - - /* step 13 */ - counter++; - /* "offset = offset + n + 1" */ - - /* step 14 */ - if (counter >= 4096) break; - } - } -end: - if (callback != NULL) callback(2,1,cb_arg); - - /* We now need to generate g */ - /* Set r0=(p-1)/q */ - BN_sub(test,p,BN_value_one()); - BN_div(r0,NULL,test,q,ctx); - - BN_set_word(test,h); - BN_MONT_CTX_set(mont,p,ctx); - - for (;;) - { - /* g=test^r0%p */ - BN_mod_exp_mont(g,test,r0,p,ctx,mont); - if (!BN_is_one(g)) break; - BN_add(test,test,BN_value_one()); - h++; - } - - if (callback != NULL) callback(3,1,cb_arg); - - ok=1; -err: - if (!ok) - { - if (ret != NULL) DSA_free(ret); - } - else - { - ret->p=BN_dup(p); - ret->q=BN_dup(q); - ret->g=BN_dup(g); - if(seed_out != NULL) memcpy(seed_out,seed,20); - if (counter_ret != NULL) *counter_ret=counter; - if (h_ret != NULL) *h_ret=h; - } - if (ctx != NULL) BN_CTX_free(ctx); - if (ctx2 != NULL) - { - BN_CTX_end(ctx2); - BN_CTX_free(ctx2); - } - if (ctx3 != NULL) BN_CTX_free(ctx3); - if (mont != NULL) BN_MONT_CTX_free(mont); - return(ok?ret:NULL); - } - -int DSA_generate_key(DSA *dsa) - { - int ok=0; - BN_CTX *ctx=NULL; - BIGNUM *pub_key=NULL,*priv_key=NULL; - - if ((ctx=BN_CTX_new()) == NULL) goto err; - - if (dsa->priv_key == NULL) - { - if ((priv_key=BN_new()) == NULL) goto err; - } - else - priv_key=dsa->priv_key; - - do - if (!BN_rand_range(priv_key,dsa->q)) goto err; - while (BN_is_zero(priv_key)); - - if (dsa->pub_key == NULL) - { - if ((pub_key=BN_new()) == NULL) goto err; - } - else - pub_key=dsa->pub_key; - - if (!BN_mod_exp(pub_key,dsa->g,priv_key,dsa->p,ctx)) goto err; - - dsa->priv_key=priv_key; - dsa->pub_key=pub_key; - - if(!fips_check_dsa(dsa)) - goto err; - - ok=1; - -err: - if ((pub_key != NULL) && (dsa->pub_key == NULL)) BN_free(pub_key); - if ((priv_key != NULL) && (dsa->priv_key == NULL)) BN_free(priv_key); - if (ctx != NULL) BN_CTX_free(ctx); - return(ok); - } -#endif -#endif diff --git a/src/lib/libssl/src/fips/dsa/fips_dsa_ossl.c b/src/lib/libssl/src/fips/dsa/fips_dsa_ossl.c deleted file mode 100644 index 0ae5eb4b9e..0000000000 --- a/src/lib/libssl/src/fips/dsa/fips_dsa_ossl.c +++ /dev/null @@ -1,387 +0,0 @@ -/* crypto/dsa/dsa_ossl.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* Original version from Steven Schoch */ - -#include -#include -#include -#include -#include -#ifndef OPENSSL_NO_ENGINE -#include -#endif -#include - -#ifdef OPENSSL_FIPS - -static DSA_SIG *dsa_do_sign(const unsigned char *dgst, FIPS_DSA_SIZE_T dlen, DSA *dsa); -static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp); -static int dsa_do_verify(const unsigned char *dgst, FIPS_DSA_SIZE_T dgst_len, DSA_SIG *sig, - DSA *dsa); -static int dsa_init(DSA *dsa); -static int dsa_finish(DSA *dsa); -static int dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1, - BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *in_mont); -static int dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx); - -static DSA_METHOD openssl_dsa_meth = { -"OpenSSL FIPS DSA method", -dsa_do_sign, -dsa_sign_setup, -dsa_do_verify, -dsa_mod_exp, -dsa_bn_mod_exp, -dsa_init, -dsa_finish, -0, -NULL -}; - -int FIPS_dsa_check(struct dsa_st *dsa) - { - if(dsa->meth != &openssl_dsa_meth || dsa->meth->dsa_do_sign != dsa_do_sign - || dsa->meth->dsa_sign_setup != dsa_sign_setup - || dsa->meth->dsa_mod_exp != dsa_mod_exp - || dsa->meth->bn_mod_exp != dsa_bn_mod_exp - || dsa->meth->init != dsa_init - || dsa->meth->finish != dsa_finish) - { - FIPSerr(FIPS_F_FIPS_DSA_CHECK,FIPS_R_NON_FIPS_METHOD); - return 0; - } - return 1; - } - -const DSA_METHOD *DSA_OpenSSL(void) -{ - return &openssl_dsa_meth; -} - -static DSA_SIG *dsa_do_sign(const unsigned char *dgst, FIPS_DSA_SIZE_T dlen, DSA *dsa) - { - BIGNUM *kinv=NULL,*r=NULL,*s=NULL; - BIGNUM m; - BIGNUM xr; - BN_CTX *ctx=NULL; - int i,reason=ERR_R_BN_LIB; - DSA_SIG *ret=NULL; - - if(FIPS_selftest_failed()) - { - FIPSerr(FIPS_F_DSA_DO_SIGN,FIPS_R_FIPS_SELFTEST_FAILED); - return NULL; - } - - BN_init(&m); - BN_init(&xr); - - if (!dsa->p || !dsa->q || !dsa->g) - { - reason=DSA_R_MISSING_PARAMETERS; - goto err; - } - - s=BN_new(); - if (s == NULL) goto err; - - i=BN_num_bytes(dsa->q); /* should be 20 */ - if ((dlen > i) || (dlen > 50)) - { - reason=DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE; - goto err; - } - - ctx=BN_CTX_new(); - if (ctx == NULL) goto err; - - if ((dsa->kinv == NULL) || (dsa->r == NULL)) - { - if (!DSA_sign_setup(dsa,ctx,&kinv,&r)) goto err; - } - else - { - kinv=dsa->kinv; - dsa->kinv=NULL; - r=dsa->r; - dsa->r=NULL; - } - - if (BN_bin2bn(dgst,dlen,&m) == NULL) goto err; - - /* Compute s = inv(k) (m + xr) mod q */ - if (!BN_mod_mul(&xr,dsa->priv_key,r,dsa->q,ctx)) goto err;/* s = xr */ - if (!BN_add(s, &xr, &m)) goto err; /* s = m + xr */ - if (BN_cmp(s,dsa->q) > 0) - BN_sub(s,s,dsa->q); - if (!BN_mod_mul(s,s,kinv,dsa->q,ctx)) goto err; - - ret=DSA_SIG_new(); - if (ret == NULL) goto err; - ret->r = r; - ret->s = s; - -err: - if (!ret) - { - DSAerr(DSA_F_DSA_DO_SIGN,reason); - BN_free(r); - BN_free(s); - } - if (ctx != NULL) BN_CTX_free(ctx); - BN_clear_free(&m); - BN_clear_free(&xr); - if (kinv != NULL) /* dsa->kinv is NULL now if we used it */ - BN_clear_free(kinv); - return(ret); - } - -static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) - { - BN_CTX *ctx; - BIGNUM k,*kinv=NULL,*r=NULL; - int ret=0; - - if (!dsa->p || !dsa->q || !dsa->g) - { - DSAerr(DSA_F_DSA_SIGN_SETUP,DSA_R_MISSING_PARAMETERS); - return 0; - } - - BN_init(&k); - - if (ctx_in == NULL) - { - if ((ctx=BN_CTX_new()) == NULL) goto err; - } - else - ctx=ctx_in; - - if ((r=BN_new()) == NULL) goto err; - kinv=NULL; - - /* Get random k */ - do - if (!BN_rand_range(&k, dsa->q)) goto err; - while (BN_is_zero(&k)); - - if ((dsa->method_mont_p == NULL) && (dsa->flags & DSA_FLAG_CACHE_MONT_P)) - { - if ((dsa->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL) - if (!BN_MONT_CTX_set((BN_MONT_CTX *)dsa->method_mont_p, - dsa->p,ctx)) goto err; - } - - /* Compute r = (g^k mod p) mod q */ - if (!dsa->meth->bn_mod_exp(dsa, r,dsa->g,&k,dsa->p,ctx, - (BN_MONT_CTX *)dsa->method_mont_p)) goto err; - if (!BN_mod(r,r,dsa->q,ctx)) goto err; - - /* Compute part of 's = inv(k) (m + xr) mod q' */ - if ((kinv=BN_mod_inverse(NULL,&k,dsa->q,ctx)) == NULL) goto err; - - if (*kinvp != NULL) BN_clear_free(*kinvp); - *kinvp=kinv; - kinv=NULL; - if (*rp != NULL) BN_clear_free(*rp); - *rp=r; - ret=1; -err: - if (!ret) - { - DSAerr(DSA_F_DSA_SIGN_SETUP,ERR_R_BN_LIB); - if (kinv != NULL) BN_clear_free(kinv); - if (r != NULL) BN_clear_free(r); - } - if (ctx_in == NULL) BN_CTX_free(ctx); - if (kinv != NULL) BN_clear_free(kinv); - BN_clear_free(&k); - return(ret); - } - -static int dsa_do_verify(const unsigned char *dgst, FIPS_DSA_SIZE_T dgst_len, DSA_SIG *sig, - DSA *dsa) - { - BN_CTX *ctx; - BIGNUM u1,u2,t1; - BN_MONT_CTX *mont=NULL; - int ret = -1; - - if (!dsa->p || !dsa->q || !dsa->g) - { - DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_MISSING_PARAMETERS); - return -1; - } - - if(FIPS_selftest_failed()) - { - FIPSerr(FIPS_F_DSA_DO_VERIFY,FIPS_R_FIPS_SELFTEST_FAILED); - return -1; - } - - BN_init(&u1); - BN_init(&u2); - BN_init(&t1); - - if ((ctx=BN_CTX_new()) == NULL) goto err; - - if (BN_is_zero(sig->r) || sig->r->neg || BN_ucmp(sig->r, dsa->q) >= 0) - { - ret = 0; - goto err; - } - if (BN_is_zero(sig->s) || sig->s->neg || BN_ucmp(sig->s, dsa->q) >= 0) - { - ret = 0; - goto err; - } - - /* Calculate W = inv(S) mod Q - * save W in u2 */ - if ((BN_mod_inverse(&u2,sig->s,dsa->q,ctx)) == NULL) goto err; - - /* save M in u1 */ - if (BN_bin2bn(dgst,dgst_len,&u1) == NULL) goto err; - - /* u1 = M * w mod q */ - if (!BN_mod_mul(&u1,&u1,&u2,dsa->q,ctx)) goto err; - - /* u2 = r * w mod q */ - if (!BN_mod_mul(&u2,sig->r,&u2,dsa->q,ctx)) goto err; - - if ((dsa->method_mont_p == NULL) && (dsa->flags & DSA_FLAG_CACHE_MONT_P)) - { - if ((dsa->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL) - if (!BN_MONT_CTX_set((BN_MONT_CTX *)dsa->method_mont_p, - dsa->p,ctx)) goto err; - } - mont=(BN_MONT_CTX *)dsa->method_mont_p; - -#if 0 - { - BIGNUM t2; - - BN_init(&t2); - /* v = ( g^u1 * y^u2 mod p ) mod q */ - /* let t1 = g ^ u1 mod p */ - if (!BN_mod_exp_mont(&t1,dsa->g,&u1,dsa->p,ctx,mont)) goto err; - /* let t2 = y ^ u2 mod p */ - if (!BN_mod_exp_mont(&t2,dsa->pub_key,&u2,dsa->p,ctx,mont)) goto err; - /* let u1 = t1 * t2 mod p */ - if (!BN_mod_mul(&u1,&t1,&t2,dsa->p,ctx)) goto err_bn; - BN_free(&t2); - } - /* let u1 = u1 mod q */ - if (!BN_mod(&u1,&u1,dsa->q,ctx)) goto err; -#else - { - if (!dsa->meth->dsa_mod_exp(dsa, &t1,dsa->g,&u1,dsa->pub_key,&u2, - dsa->p,ctx,mont)) goto err; - /* BN_copy(&u1,&t1); */ - /* let u1 = u1 mod q */ - if (!BN_mod(&u1,&t1,dsa->q,ctx)) goto err; - } -#endif - /* V is now in u1. If the signature is correct, it will be - * equal to R. */ - ret=(BN_ucmp(&u1, sig->r) == 0); - - err: - if (ret != 1) DSAerr(DSA_F_DSA_DO_VERIFY,ERR_R_BN_LIB); - if (ctx != NULL) BN_CTX_free(ctx); - BN_free(&u1); - BN_free(&u2); - BN_free(&t1); - return(ret); - } - -static int dsa_init(DSA *dsa) -{ - dsa->flags|=DSA_FLAG_CACHE_MONT_P; - return(1); -} - -static int dsa_finish(DSA *dsa) -{ - if(dsa->method_mont_p) - BN_MONT_CTX_free((BN_MONT_CTX *)dsa->method_mont_p); - return(1); -} - -static int dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1, - BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *in_mont) -{ - return BN_mod_exp2_mont(rr, a1, p1, a2, p2, m, ctx, in_mont); -} - -static int dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx) -{ - return BN_mod_exp_mont(r, a, p, m, ctx, m_ctx); -} - -#else /* ndef OPENSSL_FIPS */ - -static void *dummy=&dummy; - -#endif /* ndef OPENSSL_FIPS */ diff --git a/src/lib/libssl/src/fips/dsa/fips_dsa_selftest.c b/src/lib/libssl/src/fips/dsa/fips_dsa_selftest.c deleted file mode 100644 index 2c88f0af44..0000000000 --- a/src/lib/libssl/src/fips/dsa/fips_dsa_selftest.c +++ /dev/null @@ -1,168 +0,0 @@ -/* crypto/dsa/dsatest.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include -#include - -#ifdef OPENSSL_FIPS - -/* seed, out_p, out_q, out_g are taken from the updated Appendix 5 to - * FIPS PUB 186 and also appear in Appendix 5 to FIPS PIB 186-1 */ -static unsigned char seed[20]={ - 0xd5,0x01,0x4e,0x4b,0x60,0xef,0x2b,0xa8,0xb6,0x21,0x1b,0x40, - 0x62,0xba,0x32,0x24,0xe0,0x42,0x7d,0xd3, - }; - -static unsigned char out_p[]={ - 0x8d,0xf2,0xa4,0x94,0x49,0x22,0x76,0xaa, - 0x3d,0x25,0x75,0x9b,0xb0,0x68,0x69,0xcb, - 0xea,0xc0,0xd8,0x3a,0xfb,0x8d,0x0c,0xf7, - 0xcb,0xb8,0x32,0x4f,0x0d,0x78,0x82,0xe5, - 0xd0,0x76,0x2f,0xc5,0xb7,0x21,0x0e,0xaf, - 0xc2,0xe9,0xad,0xac,0x32,0xab,0x7a,0xac, - 0x49,0x69,0x3d,0xfb,0xf8,0x37,0x24,0xc2, - 0xec,0x07,0x36,0xee,0x31,0xc8,0x02,0x91, - }; - -static unsigned char out_q[]={ - 0xc7,0x73,0x21,0x8c,0x73,0x7e,0xc8,0xee, - 0x99,0x3b,0x4f,0x2d,0xed,0x30,0xf4,0x8e, - 0xda,0xce,0x91,0x5f, - }; - -static unsigned char out_g[]={ - 0x62,0x6d,0x02,0x78,0x39,0xea,0x0a,0x13, - 0x41,0x31,0x63,0xa5,0x5b,0x4c,0xb5,0x00, - 0x29,0x9d,0x55,0x22,0x95,0x6c,0xef,0xcb, - 0x3b,0xff,0x10,0xf3,0x99,0xce,0x2c,0x2e, - 0x71,0xcb,0x9d,0xe5,0xfa,0x24,0xba,0xbf, - 0x58,0xe5,0xb7,0x95,0x21,0x92,0x5c,0x9c, - 0xc4,0x2e,0x9f,0x6f,0x46,0x4b,0x08,0x8c, - 0xc5,0x72,0xaf,0x53,0xe6,0xd7,0x88,0x02, - }; - -static const unsigned char str1[]="12345678901234567890"; - -void FIPS_corrupt_dsa() - { - ++seed[0]; - } - -int FIPS_selftest_dsa() - { - DSA *dsa=NULL; - int counter,i,j; - unsigned char buf[256]; - unsigned long h; - unsigned char sig[256]; - unsigned int siglen; - - dsa=DSA_generate_parameters(512,seed,20,&counter,&h,NULL,NULL); - - if(dsa == NULL) - { - FIPSerr(FIPS_F_FIPS_SELFTEST_DSA,FIPS_R_SELFTEST_FAILED); - return 0; - } - if (counter != 105) - { - FIPSerr(FIPS_F_FIPS_SELFTEST_DSA,FIPS_R_SELFTEST_FAILED); - return 0; - } - if (h != 2) - { - FIPSerr(FIPS_F_FIPS_SELFTEST_DSA,FIPS_R_SELFTEST_FAILED); - return 0; - } - i=BN_bn2bin(dsa->q,buf); - j=sizeof(out_q); - if (i != j || memcmp(buf,out_q,i) != 0) - { - FIPSerr(FIPS_F_FIPS_SELFTEST_DSA,FIPS_R_SELFTEST_FAILED); - return 0; - } - - i=BN_bn2bin(dsa->p,buf); - j=sizeof(out_p); - if (i != j || memcmp(buf,out_p,i) != 0) - { - FIPSerr(FIPS_F_FIPS_SELFTEST_DSA,FIPS_R_SELFTEST_FAILED); - return 0; - } - - i=BN_bn2bin(dsa->g,buf); - j=sizeof(out_g); - if (i != j || memcmp(buf,out_g,i) != 0) - { - FIPSerr(FIPS_F_FIPS_SELFTEST_DSA,FIPS_R_SELFTEST_FAILED); - return 0; - } - DSA_generate_key(dsa); - DSA_sign(0, str1, 20, sig, &siglen, dsa); - if(DSA_verify(0, str1, 20, sig, siglen, dsa) != 1) - { - FIPSerr(FIPS_F_FIPS_SELFTEST_DSA,FIPS_R_SELFTEST_FAILED); - return 0; - } - DSA_free(dsa); - return 1; - } -#endif diff --git a/src/lib/libssl/src/fips/dsa/fips_dsatest.c b/src/lib/libssl/src/fips/dsa/fips_dsatest.c deleted file mode 100644 index 7215940ede..0000000000 --- a/src/lib/libssl/src/fips/dsa/fips_dsatest.c +++ /dev/null @@ -1,257 +0,0 @@ -/* crypto/dsa/dsatest.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include -#include - -#include "e_os.h" - -#include -#include -#include -#include -#ifndef OPENSSL_NO_ENGINE -#include -#endif -#include -#include - -#if defined(OPENSSL_NO_DSA) || !defined(OPENSSL_FIPS) -int main(int argc, char *argv[]) -{ - printf("No FIPS DSA support\n"); - return(0); -} -#else -#include - -#ifdef OPENSSL_SYS_WIN16 -#define MS_CALLBACK _far _loadds -#else -#define MS_CALLBACK -#endif - -static void MS_CALLBACK dsa_cb(int p, int n, void *arg); - -/* seed, out_p, out_q, out_g are taken from the updated Appendix 5 to - * FIPS PUB 186 and also appear in Appendix 5 to FIPS PIB 186-1 */ -static unsigned char seed[20]={ - 0xd5,0x01,0x4e,0x4b,0x60,0xef,0x2b,0xa8,0xb6,0x21,0x1b,0x40, - 0x62,0xba,0x32,0x24,0xe0,0x42,0x7d,0xd3, - }; - -static unsigned char out_p[]={ - 0x8d,0xf2,0xa4,0x94,0x49,0x22,0x76,0xaa, - 0x3d,0x25,0x75,0x9b,0xb0,0x68,0x69,0xcb, - 0xea,0xc0,0xd8,0x3a,0xfb,0x8d,0x0c,0xf7, - 0xcb,0xb8,0x32,0x4f,0x0d,0x78,0x82,0xe5, - 0xd0,0x76,0x2f,0xc5,0xb7,0x21,0x0e,0xaf, - 0xc2,0xe9,0xad,0xac,0x32,0xab,0x7a,0xac, - 0x49,0x69,0x3d,0xfb,0xf8,0x37,0x24,0xc2, - 0xec,0x07,0x36,0xee,0x31,0xc8,0x02,0x91, - }; - -static unsigned char out_q[]={ - 0xc7,0x73,0x21,0x8c,0x73,0x7e,0xc8,0xee, - 0x99,0x3b,0x4f,0x2d,0xed,0x30,0xf4,0x8e, - 0xda,0xce,0x91,0x5f, - }; - -static unsigned char out_g[]={ - 0x62,0x6d,0x02,0x78,0x39,0xea,0x0a,0x13, - 0x41,0x31,0x63,0xa5,0x5b,0x4c,0xb5,0x00, - 0x29,0x9d,0x55,0x22,0x95,0x6c,0xef,0xcb, - 0x3b,0xff,0x10,0xf3,0x99,0xce,0x2c,0x2e, - 0x71,0xcb,0x9d,0xe5,0xfa,0x24,0xba,0xbf, - 0x58,0xe5,0xb7,0x95,0x21,0x92,0x5c,0x9c, - 0xc4,0x2e,0x9f,0x6f,0x46,0x4b,0x08,0x8c, - 0xc5,0x72,0xaf,0x53,0xe6,0xd7,0x88,0x02, - }; - -static const unsigned char str1[]="12345678901234567890"; - -static const char rnd_seed[] = "string to make the random number generator think it has entropy"; -static const unsigned char rnd_key1[]="12345678"; -static const unsigned char rnd_key2[]="abcdefgh"; - -static BIO *bio_err=NULL; - -int main(int argc, char **argv) - { - DSA *dsa=NULL; - int counter,ret=0,i,j; - unsigned char buf[256]; - unsigned long h; - unsigned char sig[256]; - unsigned int siglen; - - if (bio_err == NULL) - bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); - -#ifdef OPENSSL_FIPS - if(!FIPS_mode_set(1,argv[0])) - { - ERR_print_errors(bio_err); - EXIT(1); - } -#endif - CRYPTO_malloc_debug_init(); - CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL); - CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); - - ERR_load_crypto_strings(); - FIPS_set_prng_key(rnd_key1,rnd_key2); - RAND_seed(rnd_seed, sizeof rnd_seed); - - BIO_printf(bio_err,"test generation of DSA parameters\n"); - - dsa=DSA_generate_parameters(512,seed,20,&counter,&h,dsa_cb,bio_err); - - BIO_printf(bio_err,"seed\n"); - for (i=0; i<20; i+=4) - { - BIO_printf(bio_err,"%02X%02X%02X%02X ", - seed[i],seed[i+1],seed[i+2],seed[i+3]); - } - BIO_printf(bio_err,"\ncounter=%d h=%d\n",counter,h); - - if (dsa == NULL) goto end; - DSA_print(bio_err,dsa,0); - if (counter != 105) - { - BIO_printf(bio_err,"counter should be 105\n"); - goto end; - } - if (h != 2) - { - BIO_printf(bio_err,"h should be 2\n"); - goto end; - } - - i=BN_bn2bin(dsa->q,buf); - j=sizeof(out_q); - if ((i != j) || (memcmp(buf,out_q,i) != 0)) - { - BIO_printf(bio_err,"q value is wrong\n"); - goto end; - } - - i=BN_bn2bin(dsa->p,buf); - j=sizeof(out_p); - if ((i != j) || (memcmp(buf,out_p,i) != 0)) - { - BIO_printf(bio_err,"p value is wrong\n"); - goto end; - } - - i=BN_bn2bin(dsa->g,buf); - j=sizeof(out_g); - if ((i != j) || (memcmp(buf,out_g,i) != 0)) - { - BIO_printf(bio_err,"g value is wrong\n"); - goto end; - } - DSA_generate_key(dsa); - DSA_sign(0, str1, 20, sig, &siglen, dsa); - if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1) - ret=1; -end: - if (!ret) - ERR_print_errors(bio_err); - if (dsa != NULL) DSA_free(dsa); - CRYPTO_cleanup_all_ex_data(); - ERR_remove_state(0); - ERR_free_strings(); - CRYPTO_mem_leaks(bio_err); - if (bio_err != NULL) - { - BIO_free(bio_err); - bio_err = NULL; - } - EXIT(!ret); - return(!ret); - } - -static int cb_exit(int ec) - { - EXIT(ec); - return(0); /* To keep some compilers quiet */ - } - -static void MS_CALLBACK dsa_cb(int p, int n, void *arg) - { - char c='*'; - static int ok=0,num=0; - - if (p == 0) { c='.'; num++; }; - if (p == 1) c='+'; - if (p == 2) { c='*'; ok++; } - if (p == 3) c='\n'; - BIO_write(arg,&c,1); - (void)BIO_flush(arg); - - if (!ok && (p == 0) && (num > 1)) - { - BIO_printf((BIO *)arg,"error in dsatest\n"); - cb_exit(1); - } - } -#endif diff --git a/src/lib/libssl/src/fips/dsa/fips_dssvs.c b/src/lib/libssl/src/fips/dsa/fips_dssvs.c deleted file mode 100644 index 50a4d96986..0000000000 --- a/src/lib/libssl/src/fips/dsa/fips_dssvs.c +++ /dev/null @@ -1,306 +0,0 @@ -#include -#include -#include -#include -#include -#include - -int hex2bin(const char *in, unsigned char *out) - { - int n1, n2; - unsigned char ch; - - for (n1=0,n2=0 ; in[n1] && in[n1] != '\n' ; ) - { /* first byte */ - if ((in[n1] >= '0') && (in[n1] <= '9')) - ch = in[n1++] - '0'; - else if ((in[n1] >= 'A') && (in[n1] <= 'F')) - ch = in[n1++] - 'A' + 10; - else if ((in[n1] >= 'a') && (in[n1] <= 'f')) - ch = in[n1++] - 'a' + 10; - else - return -1; - if(!in[n1]) - { - out[n2++]=ch; - break; - } - out[n2] = ch << 4; - /* second byte */ - if ((in[n1] >= '0') && (in[n1] <= '9')) - ch = in[n1++] - '0'; - else if ((in[n1] >= 'A') && (in[n1] <= 'F')) - ch = in[n1++] - 'A' + 10; - else if ((in[n1] >= 'a') && (in[n1] <= 'f')) - ch = in[n1++] - 'a' + 10; - else - return -1; - out[n2++] |= ch; - } - return n2; - } - -BIGNUM *hex2bn(const char *in) - { - BIGNUM *p=BN_new(); - - BN_hex2bn(&p,in); - - return p; - } - -int bin2hex(const unsigned char *in,int len,char *out) - { - int n1, n2; - unsigned char ch; - - for (n1=0,n2=0 ; n1 < len ; ++n1) - { - ch=in[n1] >> 4; - if (ch <= 0x09) - out[n2++]=ch+'0'; - else - out[n2++]=ch-10+'a'; - ch=in[n1] & 0x0f; - if(ch <= 0x09) - out[n2++]=ch+'0'; - else - out[n2++]=ch-10+'a'; - } - out[n2]='\0'; - return n2; - } - -void pv(const char *tag,const unsigned char *val,int len) - { - char obuf[2048]; - - bin2hex(val,len,obuf); - printf("%s = %s\n",tag,obuf); - } - -void pbn(const char *tag,const BIGNUM *val) - { - printf("%s = %s\n",tag,BN_bn2hex(val)); - } - -void primes() - { - char buf[10240]; - - while(fgets(buf,sizeof buf,stdin) != NULL) - { - fputs(buf,stdout); - if(!strncmp(buf,"Prime= ",7)) - { - BIGNUM *pp; - - pp=BN_new(); - BN_hex2bn(&pp,buf+7); - printf("result= %c\n", - BN_is_prime(pp,20,NULL,NULL,NULL) ? 'P' : 'F'); - } - } - } - -void pqg() - { - char buf[1024]; - int nmod=0; - - while(fgets(buf,sizeof buf,stdin) != NULL) - { - if(!strncmp(buf,"[mod = ",7)) - nmod=atoi(buf+7); - else if(!strncmp(buf,"N = ",4)) - { - int n=atoi(buf+4); - - printf("[mod = %d]\n\n",nmod); - - while(n--) - { - unsigned char seed[20]; - DSA *dsa; - int counter; - unsigned long h; - - dsa=DSA_generate_parameters(nmod,seed,0,&counter,&h,NULL,NULL); - printf("P = %s\n",BN_bn2hex(dsa->p)); - printf("Q = %s\n",BN_bn2hex(dsa->q)); - printf("G = %s\n",BN_bn2hex(dsa->g)); - pv("Seed",seed,20); - printf("c = %d\n",counter); - printf("H = %lx\n",h); - putc('\n',stdout); - } - } - else - fputs(buf,stdout); - } - } - -void keypair() - { - char buf[1024]; - int nmod=0; - - while(fgets(buf,sizeof buf,stdin) != NULL) - { - if(!strncmp(buf,"[mod = ",7)) - nmod=atoi(buf+7); - else if(!strncmp(buf,"N = ",4)) - { - DSA *dsa; - int n=atoi(buf+4); - - printf("[mod = %d]\n\n",nmod); - - dsa=DSA_generate_parameters(nmod,NULL,0,NULL,NULL,NULL,NULL); - pbn("P",dsa->p); - pbn("Q",dsa->q); - pbn("G",dsa->g); - putc('\n',stdout); - - while(n--) - { - DSA_generate_key(dsa); - - pbn("X",dsa->priv_key); - pbn("Y",dsa->pub_key); - putc('\n',stdout); - } - } - } - } - -void siggen() - { - char buf[1024]; - int nmod=0; - DSA *dsa=NULL; - - while(fgets(buf,sizeof buf,stdin) != NULL) - { - if(!strncmp(buf,"[mod = ",7)) - { - nmod=atoi(buf+7); - printf("[mod = %d]\n\n",nmod); - - dsa=DSA_generate_parameters(nmod,NULL,0,NULL,NULL,NULL,NULL); - pbn("P",dsa->p); - pbn("Q",dsa->q); - pbn("G",dsa->g); - putc('\n',stdout); - } - else if(!strncmp(buf,"Msg = ",6)) - { - unsigned char msg[1024]; - unsigned char hash[20]; - int n; - DSA_SIG *sig; - - n=hex2bin(buf+6,msg); - pv("Msg",msg,n); - - DSA_generate_key(dsa); - pbn("Y",dsa->pub_key); - - SHA1(msg,n,hash); - sig=DSA_do_sign(hash,sizeof hash,dsa); - pbn("R",sig->r); - pbn("S",sig->s); - putc('\n',stdout); - } - } - } - -void sigver() - { - DSA *dsa=NULL; - char buf[1024]; - int nmod=0; - unsigned char hash[20]; - DSA_SIG *sig=DSA_SIG_new(); - - while(fgets(buf,sizeof buf,stdin) != NULL) - { - if(!strncmp(buf,"[mod = ",7)) - { - nmod=atoi(buf+7); - if(dsa) - DSA_free(dsa); - dsa=DSA_new(); - } - else if(!strncmp(buf,"P = ",4)) - dsa->p=hex2bn(buf+4); - else if(!strncmp(buf,"Q = ",4)) - dsa->q=hex2bn(buf+4); - else if(!strncmp(buf,"G = ",4)) - { - dsa->g=hex2bn(buf+4); - - printf("[mod = %d]\n\n",nmod); - pbn("P",dsa->p); - pbn("Q",dsa->q); - pbn("G",dsa->g); - putc('\n',stdout); - } - else if(!strncmp(buf,"Msg = ",6)) - { - unsigned char msg[1024]; - int n; - - n=hex2bin(buf+6,msg); - pv("Msg",msg,n); - SHA1(msg,n,hash); - } - else if(!strncmp(buf,"Y = ",4)) - dsa->pub_key=hex2bn(buf+4); - else if(!strncmp(buf,"R = ",4)) - sig->r=hex2bn(buf+4); - else if(!strncmp(buf,"S = ",4)) - { - sig->s=hex2bn(buf+4); - - pbn("Y",dsa->pub_key); - pbn("R",sig->r); - pbn("S",sig->s); - printf("Result = %c\n",DSA_do_verify(hash,sizeof hash,sig,dsa) - ? 'P' : 'F'); - putc('\n',stdout); - } - } - } - -int main(int argc,char **argv) - { - if(argc != 2) - { - fprintf(stderr,"%s [prime|pqg]\n",argv[0]); - exit(1); - } - if(!FIPS_mode_set(1,argv[0])) - { - ERR_load_crypto_strings(); - ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE)); - exit(1); - } - if(!strcmp(argv[1],"prime")) - primes(); - else if(!strcmp(argv[1],"pqg")) - pqg(); - else if(!strcmp(argv[1],"keypair")) - keypair(); - else if(!strcmp(argv[1],"siggen")) - siggen(); - else if(!strcmp(argv[1],"sigver")) - sigver(); - else - { - fprintf(stderr,"Don't know how to %s.\n",argv[1]); - exit(1); - } - - return 0; - } diff --git a/src/lib/libssl/src/fips/fips-lib.com b/src/lib/libssl/src/fips/fips-lib.com deleted file mode 100644 index f3571bf845..0000000000 --- a/src/lib/libssl/src/fips/fips-lib.com +++ /dev/null @@ -1,1180 +0,0 @@ -$! -$! FIPS-LIB.COM -$! Written By: Robert Byer -$! Vice-President -$! A-Com Computing, Inc. -$! byer@mail.all-net.net -$! -$! Changes by Richard Levitte -$! -$! This command files compiles and creates the FIPS parts of the -$! "[.xxx.EXE.CRYPTO]LIBCRYPTO.OLB" library for OpenSSL. The "xxx" -$! denotes the machine architecture of AXP or VAX. -$! -$! It was re-written so it would try to determine what "C" compiler to use -$! or you can specify which "C" compiler to use. -$! -$! Specify the following as P1 to build just that part or ALL to just -$! build everything. -$! -$! LIBRARY To just compile the [.xxx.EXE.CRYPTO]LIBCRYPTO.OLB Library. -$! APPS To just compile the [.xxx.EXE.CRYPTO]*.EXE -$! ALL To do both LIBRARY and APPS -$! -$! Specify DEBUG or NODEBUG as P2 to compile with or without debugger -$! information. -$! -$! Specify which compiler at P3 to try to compile under. -$! -$! VAXC For VAX C. -$! DECC For DEC C. -$! GNUC For GNU C. -$! -$! If you don't speficy a compiler, it will try to determine which -$! "C" compiler to use. -$! -$! P4, if defined, sets a TCP/IP library to use, through one of the following -$! keywords: -$! -$! UCX for UCX -$! TCPIP for TCPIP (post UCX) -$! SOCKETSHR for SOCKETSHR+NETLIB -$! -$! P5, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up) -$! -$! P6, if defined, sets a choice of crypto methods to compile. -$! WARNING: this should only be done to recompile some part of an already -$! fully compiled library. -$! -$! -$! Define A TCP/IP Library That We Will Need To Link To. -$! (That Is, If We Need To Link To One.) -$! -$ TCPIP_LIB = "" -$! -$! Check Which Architecture We Are Using. -$! -$ IF (F$GETSYI("CPU").GE.128) -$ THEN -$! -$! The Architecture Is AXP -$! -$ ARCH := AXP -$! -$! Else... -$! -$ ELSE -$! -$! The Architecture Is VAX. -$! -$ ARCH := VAX -$! -$! End The Architecture Check. -$! -$ ENDIF -$! -$! Define The Different Encryption Types. -$! -$ ENCRYPT_TYPES = "Basic,SHA1,RAND,DES,AES,DSA,RSA,DH" -$! -$! Check To Make Sure We Have Valid Command Line Parameters. -$! -$ GOSUB CHECK_OPTIONS -$! -$! Initialise logical names and such -$! -$ GOSUB INITIALISE -$! -$! Tell The User What Kind of Machine We Run On. -$! -$ WRITE SYS$OUTPUT "Compiling On A ",ARCH," Machine." -$! -$! Define The OBJ Directory. -$! -$ OBJ_DIR := SYS$DISK:[-.'ARCH'.OBJ.CRYPTO] -$! -$! Check To See If The Architecture Specific OBJ Directory Exists. -$! -$ IF (F$PARSE(OBJ_DIR).EQS."") -$ THEN -$! -$! It Dosen't Exist, So Create It. -$! -$ CREATE/DIR 'OBJ_DIR' -$! -$! End The Architecture Specific OBJ Directory Check. -$! -$ ENDIF -$! -$! Define The EXE Directory. -$! -$ EXE_DIR := SYS$DISK:[-.'ARCH'.EXE.CRYPTO] -$! -$! Check To See If The Architecture Specific Directory Exists. -$! -$ IF (F$PARSE(EXE_DIR).EQS."") -$ THEN -$! -$! It Dosen't Exist, So Create It. -$! -$ CREATE/DIRECTORY 'EXE_DIR' -$! -$! End The Architecture Specific Directory Check. -$! -$ ENDIF -$! -$! Define The Library Name. -$! -$ LIB_NAME := 'EXE_DIR'LIBCRYPTO.OLB -$! -$! Define The CRYPTO-LIB We Are To Use. -$! -$ CRYPTO_LIB := 'EXE_DIR'LIBCRYPTO.OLB -$! -$! Check To See If We Already Have A "[.xxx.EXE.CRYPTO]LIBCRYPTO.OLB" Library... -$! -$ IF (F$SEARCH(LIB_NAME).EQS."") -$ THEN -$! -$! Guess Not, Create The Library. -$! -$ LIBRARY/CREATE/OBJECT 'LIB_NAME' -$! -$! End The Library Check. -$! -$ ENDIF -$! -$! Build our options file for the application -$! -$ GOSUB CHECK_OPT_FILE -$! -$! Define The Different Encryption "library" Strings. -$! -$ LIB_ = "fips,fips_err_wrapper" -$ LIB_SHA1 = "fips_sha1dgst,fips_sha1_selftest" -$ LIB_RAND = "fips_rand" -$ LIB_DES = "fips_des_enc,fips_des_selftest,fips_set_key" -$ LIB_AES = "fips_aes_core,fips_aes_selftest" -$ LIB_DSA = "fips_dsa_ossl,fips_dsa_gen,fips_dsa_selftest" -$ LIB_RSA = "fips_rsa_eay,fips_rsa_gen,fips_rsa_selftest" -$ LIB_DH = "fips_dh_check,fips_dh_gen,fips_dh_key" -$! -$! Setup exceptional compilations -$! -$ COMPILEWITH_CC3 = ",bss_rtcp," -$ COMPILEWITH_CC4 = ",a_utctm,bss_log,o_time," -$ COMPILEWITH_CC5 = ",md2_dgst,md4_dgst,md5_dgst,mdc2dgst," + - - "sha_dgst,sha1dgst,rmd_dgst,bf_enc," -$! -$! Figure Out What Other Modules We Are To Build. -$! -$ BUILD_SET: -$! -$! Define A Module Counter. -$! -$ MODULE_COUNTER = 0 -$! -$! Top Of The Loop. -$! -$ MODULE_NEXT: -$! -$! Extract The Module Name From The Encryption List. -$! -$ MODULE_NAME = F$ELEMENT(MODULE_COUNTER,",",ENCRYPT_TYPES) -$ IF MODULE_NAME.EQS."Basic" THEN MODULE_NAME = "" -$ MODULE_NAME1 = MODULE_NAME -$! -$! Check To See If We Are At The End Of The Module List. -$! -$ IF (MODULE_NAME.EQS.",") -$ THEN -$! -$! We Are At The End Of The Module List, Go To MODULE_DONE. -$! -$ GOTO MODULE_DONE -$! -$! End The Module List Check. -$! -$ ENDIF -$! -$! Increment The Moudle Counter. -$! -$ MODULE_COUNTER = MODULE_COUNTER + 1 -$! -$! Create The Library and Apps Module Names. -$! -$ LIB_MODULE = "LIB_" + MODULE_NAME -$ APPS_MODULE = "APPS_" + MODULE_NAME -$ IF (MODULE_NAME.EQS."ASN1_2") -$ THEN -$ MODULE_NAME = "ASN1" -$ ENDIF -$ IF (MODULE_NAME.EQS."EVP_2") -$ THEN -$ MODULE_NAME = "EVP" -$ ENDIF -$! -$! Set state (can be LIB and APPS) -$! -$ STATE = "LIB" -$ IF BUILDALL .EQS. "APPS" THEN STATE = "APPS" -$! -$! Check if the library module name actually is defined -$! -$ IF F$TYPE('LIB_MODULE') .EQS. "" -$ THEN -$ WRITE SYS$ERROR "" -$ WRITE SYS$ERROR "The module ",MODULE_NAME," does not exist. Continuing..." -$ WRITE SYS$ERROR "" -$ GOTO MODULE_NEXT -$ ENDIF -$! -$! Top Of The Module Loop. -$! -$ MODULE_AGAIN: -$! -$! Tell The User What Module We Are Building. -$! -$ IF (MODULE_NAME1.NES."") -$ THEN -$ IF STATE .EQS. "LIB" -$ THEN -$ WRITE SYS$OUTPUT "Compiling The ",MODULE_NAME1," Library Files. (",BUILDALL,",",STATE,")" -$ ELSE IF F$TYPE('APPS_MODULE') .NES. "" -$ THEN -$ WRITE SYS$OUTPUT "Compiling The ",MODULE_NAME1," Applications. (",BUILDALL,",",STATE,")" -$ ENDIF -$ ENDIF -$ ENDIF -$! -$! Define A File Counter And Set It To "0". -$! -$ FILE_COUNTER = 0 -$ APPLICATION = "" -$ APPLICATION_COUNTER = 0 -$! -$! Top Of The File Loop. -$! -$ NEXT_FILE: -$! -$! Look in the LIB_MODULE is we're in state LIB -$! -$ IF STATE .EQS. "LIB" -$ THEN -$! -$! O.K, Extract The File Name From The File List. -$! -$ FILE_NAME = F$ELEMENT(FILE_COUNTER,",",'LIB_MODULE') -$! -$! else -$! -$ ELSE -$ FILE_NAME = "," -$! -$ IF F$TYPE('APPS_MODULE') .NES. "" -$ THEN -$! -$! Extract The File Name From The File List. -$! This part is a bit more complicated. -$! -$ IF APPLICATION .EQS. "" -$ THEN -$ APPLICATION = F$ELEMENT(APPLICATION_COUNTER,";",'APPS_MODULE') -$ APPLICATION_COUNTER = APPLICATION_COUNTER + 1 -$ APPLICATION_OBJECTS = F$ELEMENT(1,"/",APPLICATION) -$ APPLICATION = F$ELEMENT(0,"/",APPLICATION) -$ FILE_COUNTER = 0 -$ ENDIF -$ -$! WRITE SYS$OUTPUT "DEBUG: SHOW SYMBOL APPLICATION*" -$! SHOW SYMBOL APPLICATION* -$! -$ IF APPLICATION .NES. ";" -$ THEN -$ FILE_NAME = F$ELEMENT(FILE_COUNTER,",",APPLICATION_OBJECTS) -$ IF FILE_NAME .EQS. "," -$ THEN -$ APPLICATION = "" -$ GOTO NEXT_FILE -$ ENDIF -$ ENDIF -$ ENDIF -$ ENDIF -$! -$! Check To See If We Are At The End Of The File List. -$! -$ IF (FILE_NAME.EQS.",") -$ THEN -$! -$! We Are At The End Of The File List, Change State Or Goto FILE_DONE. -$! -$ IF STATE .EQS. "LIB" .AND. BUILDALL .NES. "LIBRARY" -$ THEN -$ STATE = "APPS" -$ GOTO MODULE_AGAIN -$ ELSE -$ GOTO FILE_DONE -$ ENDIF -$! -$! End The File List Check. -$! -$ ENDIF -$! -$! Increment The Counter. -$! -$ FILE_COUNTER = FILE_COUNTER + 1 -$! -$! Create The Source File Name. -$! -$ TMP_FILE_NAME = F$ELEMENT(1,"]",FILE_NAME) -$ IF TMP_FILE_NAME .EQS. "]" THEN TMP_FILE_NAME = FILE_NAME -$ IF F$ELEMENT(0,".",TMP_FILE_NAME) .EQS. TMP_FILE_NAME THEN - - FILE_NAME = FILE_NAME + ".c" -$ IF (MODULE_NAME.NES."") -$ THEN -$ SOURCE_FILE = "SYS$DISK:[." + MODULE_NAME+ "]" + FILE_NAME -$ ELSE -$ SOURCE_FILE = "SYS$DISK:[]" + FILE_NAME -$ ENDIF -$ SOURCE_FILE = SOURCE_FILE - "][" -$! -$! Create The Object File Name. -$! -$ OBJECT_FILE = OBJ_DIR + F$PARSE(FILE_NAME,,,"NAME","SYNTAX_ONLY") + ".OBJ" -$ ON WARNING THEN GOTO NEXT_FILE -$! -$! Check To See If The File We Want To Compile Is Actually There. -$! -$ IF (F$SEARCH(SOURCE_FILE).EQS."") -$ THEN -$! -$! Tell The User That The File Doesn't Exist. -$! -$ WRITE SYS$OUTPUT "" -$ WRITE SYS$OUTPUT "The File ",SOURCE_FILE," Doesn't Exist." -$ WRITE SYS$OUTPUT "" -$! -$! Exit The Build. -$! -$ GOTO EXIT -$! -$! End The File Exist Check. -$! -$ ENDIF -$! -$! Tell The User We Are Compiling The File. -$! -$ IF (MODULE_NAME.EQS."") -$ THEN -$ WRITE SYS$OUTPUT "Compiling The ",FILE_NAME," File. (",BUILDALL,",",STATE,")" -$ ENDIF -$ IF (MODULE_NAME.NES."") -$ THEN -$ WRITE SYS$OUTPUT " ",FILE_NAME,"" -$ ENDIF -$! -$! Compile The File. -$! -$ ON ERROR THEN GOTO NEXT_FILE -$ FILE_NAME0 = F$ELEMENT(0,".",FILE_NAME) -$ IF FILE_NAME - ".mar" .NES. FILE_NAME -$ THEN -$ MACRO/OBJECT='OBJECT_FILE' 'SOURCE_FILE' -$ ELSE -$ IF COMPILEWITH_CC3 - FILE_NAME0 .NES. COMPILEWITH_CC3 -$ THEN -$ CC3/OBJECT='OBJECT_FILE' 'SOURCE_FILE' -$ ELSE -$ IF COMPILEWITH_CC4 - FILE_NAME0 .NES. COMPILEWITH_CC4 -$ THEN -$ CC4/OBJECT='OBJECT_FILE' 'SOURCE_FILE' -$ ELSE -$ IF COMPILEWITH_CC5 - FILE_NAME0 .NES. COMPILEWITH_CC5 -$ THEN -$ CC5/OBJECT='OBJECT_FILE' 'SOURCE_FILE' -$ ELSE -$ CC/OBJECT='OBJECT_FILE' 'SOURCE_FILE' -$ ENDIF -$ ENDIF -$ ENDIF -$ ENDIF -$ IF STATE .EQS. "LIB" -$ THEN -$! -$! Add It To The Library. -$! -$ LIBRARY/REPLACE 'LIB_NAME' 'OBJECT_FILE' -$! -$! Time To Clean Up The Object File. -$! -$ DELETE 'OBJECT_FILE';* -$ ENDIF -$! -$! Go Back And Do It Again. -$! -$ GOTO NEXT_FILE -$! -$! All Done With This Library Part. -$! -$ FILE_DONE: -$! -$! Time To Build Some Applications -$! -$ IF F$TYPE('APPS_MODULE') .NES. "" .AND. BUILDALL .NES. "LIBRARY" -$ THEN -$ APPLICATION_COUNTER = 0 -$ NEXT_APPLICATION: -$ APPLICATION = F$ELEMENT(APPLICATION_COUNTER,";",'APPS_MODULE') -$ IF APPLICATION .EQS. ";" THEN GOTO APPLICATION_DONE -$ -$ APPLICATION_COUNTER = APPLICATION_COUNTER + 1 -$ APPLICATION_OBJECTS = F$ELEMENT(1,"/",APPLICATION) -$ APPLICATION = F$ELEMENT(0,"/",APPLICATION) -$ -$! WRITE SYS$OUTPUT "DEBUG: SHOW SYMBOL APPLICATION*" -$! SHOW SYMBOL APPLICATION* -$! -$! Tell the user what happens -$! -$ WRITE SYS$OUTPUT " ",APPLICATION,".exe" -$! -$! Link The Program. -$! -$ ON ERROR THEN GOTO NEXT_APPLICATION -$! -$! Check To See If We Are To Link With A Specific TCP/IP Library. -$! -$ IF (TCPIP_LIB.NES."") -$ THEN -$! -$! Link With A TCP/IP Library. -$! -$ LINK/'DEBUGGER'/'TRACEBACK'/EXE='EXE_DIR''APPLICATION'.EXE - - 'OBJ_DIR''APPLICATION_OBJECTS', - - 'CRYPTO_LIB'/LIBRARY, - - 'TCPIP_LIB','OPT_FILE'/OPTION -$! -$! Else... -$! -$ ELSE -$! -$! Don't Link With A TCP/IP Library. -$! -$ LINK/'DEBUGGER'/'TRACEBACK'/EXE='EXE_DIR''APPLICATION'.EXE - - 'OBJ_DIR''APPLICATION_OBJECTS',- - 'CRYPTO_LIB'/LIBRARY, - - 'OPT_FILE'/OPTION -$! -$! End The TCP/IP Library Check. -$! -$ ENDIF -$ GOTO NEXT_APPLICATION -$ APPLICATION_DONE: -$ ENDIF -$! -$! Go Back And Get The Next Module. -$! -$ GOTO MODULE_NEXT -$! -$! All Done With This Module. -$! -$ MODULE_DONE: -$! -$! Tell The User That We Are All Done. -$! -$ WRITE SYS$OUTPUT "All Done..." -$ EXIT: -$ GOSUB CLEANUP -$ EXIT -$! -$! Check For The Link Option FIle. -$! -$ CHECK_OPT_FILE: -$! -$! Check To See If We Need To Make A VAX C Option File. -$! -$ IF (COMPILER.EQS."VAXC") -$ THEN -$! -$! Check To See If We Already Have A VAX C Linker Option File. -$! -$ IF (F$SEARCH(OPT_FILE).EQS."") -$ THEN -$! -$! We Need A VAX C Linker Option File. -$! -$ CREATE 'OPT_FILE' -$DECK -! -! Default System Options File To Link Agianst -! The Sharable VAX C Runtime Library. -! -SYS$SHARE:VAXCRTL.EXE/SHARE -$EOD -$! -$! End The Option File Check. -$! -$ ENDIF -$! -$! End The VAXC Check. -$! -$ ENDIF -$! -$! Check To See If We Need A GNU C Option File. -$! -$ IF (COMPILER.EQS."GNUC") -$ THEN -$! -$! Check To See If We Already Have A GNU C Linker Option File. -$! -$ IF (F$SEARCH(OPT_FILE).EQS."") -$ THEN -$! -$! We Need A GNU C Linker Option File. -$! -$ CREATE 'OPT_FILE' -$DECK -! -! Default System Options File To Link Agianst -! The Sharable C Runtime Library. -! -GNU_CC:[000000]GCCLIB/LIBRARY -SYS$SHARE:VAXCRTL/SHARE -$EOD -$! -$! End The Option File Check. -$! -$ ENDIF -$! -$! End The GNU C Check. -$! -$ ENDIF -$! -$! Check To See If We Need A DEC C Option File. -$! -$ IF (COMPILER.EQS."DECC") -$ THEN -$! -$! Check To See If We Already Have A DEC C Linker Option File. -$! -$ IF (F$SEARCH(OPT_FILE).EQS."") -$ THEN -$! -$! Figure Out If We Need An AXP Or A VAX Linker Option File. -$! -$ IF ARCH .EQS. "VAX" -$ THEN -$! -$! We Need A DEC C Linker Option File For VAX. -$! -$ CREATE 'OPT_FILE' -$DECK -! -! Default System Options File To Link Agianst -! The Sharable DEC C Runtime Library. -! -SYS$SHARE:DECC$SHR.EXE/SHARE -$EOD -$! -$! Else... -$! -$ ELSE -$! -$! Create The AXP Linker Option File. -$! -$ CREATE 'OPT_FILE' -$DECK -! -! Default System Options File For AXP To Link Agianst -! The Sharable C Runtime Library. -! -SYS$SHARE:CMA$OPEN_LIB_SHR/SHARE -SYS$SHARE:CMA$OPEN_RTL/SHARE -$EOD -$! -$! End The VAX/AXP DEC C Option File Check. -$! -$ ENDIF -$! -$! End The Option File Search. -$! -$ ENDIF -$! -$! End The DEC C Check. -$! -$ ENDIF -$! -$! Tell The User What Linker Option File We Are Using. -$! -$ WRITE SYS$OUTPUT "Using Linker Option File ",OPT_FILE,"." -$! -$! Time To RETURN. -$! -$ RETURN -$! -$! Check The User's Options. -$! -$ CHECK_OPTIONS: -$! -$! Check To See If P1 Is Blank. -$! -$ IF (P1.EQS."ALL") -$ THEN -$! -$! P1 Is Blank, So Build Everything. -$! -$ BUILDALL = "TRUE" -$! -$! Else... -$! -$ ELSE -$! -$! Else, Check To See If P1 Has A Valid Arguement. -$! -$ IF (P1.EQS."LIBRARY").OR.(P1.EQS."APPS") -$ THEN -$! -$! A Valid Arguement. -$! -$ BUILDALL = P1 -$! -$! Else... -$! -$ ELSE -$! -$! Tell The User We Don't Know What They Want. -$! -$ WRITE SYS$OUTPUT "" -$ WRITE SYS$OUTPUT "The Option ",P1," Is Invalid. The Valid Options Are:" -$ WRITE SYS$OUTPUT "" -$ WRITE SYS$OUTPUT " ALL : Just Build Everything." -$ WRITE SYS$OUTPUT " LIBRARY : To Compile Just The [.xxx.EXE.CRYPTO]LIBCRYPTO.OLB Library." -$ WRITE SYS$OUTPUT " APPS : To Compile Just The [.xxx.EXE.CRYPTO]*.EXE Programs." -$ WRITE SYS$OUTPUT "" -$ WRITE SYS$OUTPUT " Where 'xxx' Stands For:" -$ WRITE SYS$OUTPUT "" -$ WRITE SYS$OUTPUT " AXP : Alpha Architecture." -$ WRITE SYS$OUTPUT " VAX : VAX Architecture." -$ WRITE SYS$OUTPUT "" -$! -$! Time To EXIT. -$! -$ EXIT -$! -$! End The Valid Arguement Check. -$! -$ ENDIF -$! -$! End The P1 Check. -$! -$ ENDIF -$! -$! Check To See If P2 Is Blank. -$! -$ IF (P2.EQS."NODEBUG") -$ THEN -$! -$! P2 Is NODEBUG, So Compile Without The Debugger Information. -$! -$ DEBUGGER = "NODEBUG" -$ TRACEBACK = "NOTRACEBACK" -$ GCC_OPTIMIZE = "OPTIMIZE" -$ CC_OPTIMIZE = "OPTIMIZE" -$ MACRO_OPTIMIZE = "OPTIMIZE" -$ WRITE SYS$OUTPUT "No Debugger Information Will Be Produced During Compile." -$ WRITE SYS$OUTPUT "Compiling With Compiler Optimization." -$ ELSE -$! -$! Check To See If We Are To Compile With Debugger Information. -$! -$ IF (P2.EQS."DEBUG") -$ THEN -$! -$! Compile With Debugger Information. -$! -$ DEBUGGER = "DEBUG" -$ TRACEBACK = "TRACEBACK" -$ GCC_OPTIMIZE = "NOOPTIMIZE" -$ CC_OPTIMIZE = "NOOPTIMIZE" -$ MACRO_OPTIMIZE = "NOOPTIMIZE" -$ WRITE SYS$OUTPUT "Debugger Information Will Be Produced During Compile." -$ WRITE SYS$OUTPUT "Compiling Without Compiler Optimization." -$ ELSE -$! -$! They Entered An Invalid Option.. -$! -$ WRITE SYS$OUTPUT "" -$ WRITE SYS$OUTPUT "The Option ",P2," Is Invalid. The Valid Options Are:" -$ WRITE SYS$OUTPUT "" -$ WRITE SYS$OUTPUT " DEBUG : Compile With The Debugger Information." -$ WRITE SYS$OUTPUT " NODEBUG : Compile Without The Debugger Information." -$ WRITE SYS$OUTPUT "" -$! -$! Time To EXIT. -$! -$ EXIT -$! -$! End The Valid Arguement Check. -$! -$ ENDIF -$! -$! End The P2 Check. -$! -$ ENDIF -$! -$! Special Threads For OpenVMS v7.1 Or Later -$! -$! Written By: Richard Levitte -$! richard@levitte.org -$! -$! -$! Check To See If We Have A Option For P5. -$! -$ IF (P5.EQS."") -$ THEN -$! -$! Get The Version Of VMS We Are Using. -$! -$ ISSEVEN := -$ TMP = F$ELEMENT(0,"-",F$EXTRACT(1,4,F$GETSYI("VERSION"))) -$ TMP = F$INTEGER(F$ELEMENT(0,".",TMP)+F$ELEMENT(1,".",TMP)) -$! -$! Check To See If The VMS Version Is v7.1 Or Later. -$! -$ IF (TMP.GE.71) -$ THEN -$! -$! We Have OpenVMS v7.1 Or Later, So Use The Special Threads. -$! -$ ISSEVEN := ,PTHREAD_USE_D4 -$! -$! End The VMS Version Check. -$! -$ ENDIF -$! -$! End The P5 Check. -$! -$ ENDIF -$! -$! Check To See If P3 Is Blank. -$! -$ IF (P3.EQS."") -$ THEN -$! -$! O.K., The User Didn't Specify A Compiler, Let's Try To -$! Find Out Which One To Use. -$! -$! Check To See If We Have GNU C. -$! -$ IF (F$TRNLNM("GNU_CC").NES."") -$ THEN -$! -$! Looks Like GNUC, Set To Use GNUC. -$! -$ P3 = "GNUC" -$! -$! Else... -$! -$ ELSE -$! -$! Check To See If We Have VAXC Or DECC. -$! -$ IF (ARCH.EQS."AXP").OR.(F$TRNLNM("DECC$CC_DEFAULT").NES."") -$ THEN -$! -$! Looks Like DECC, Set To Use DECC. -$! -$ P3 = "DECC" -$! -$! Else... -$! -$ ELSE -$! -$! Looks Like VAXC, Set To Use VAXC. -$! -$ P3 = "VAXC" -$! -$! End The VAXC Compiler Check. -$! -$ ENDIF -$! -$! End The DECC & VAXC Compiler Check. -$! -$ ENDIF -$! -$! End The Compiler Check. -$! -$ ENDIF -$! -$! Check To See If We Have A Option For P4. -$! -$ IF (P4.EQS."") -$ THEN -$! -$! Find out what socket library we have available -$! -$ IF F$PARSE("SOCKETSHR:") .NES. "" -$ THEN -$! -$! We have SOCKETSHR, and it is my opinion that it's the best to use. -$! -$ P4 = "SOCKETSHR" -$! -$! Tell the user -$! -$ WRITE SYS$OUTPUT "Using SOCKETSHR for TCP/IP" -$! -$! Else, let's look for something else -$! -$ ELSE -$! -$! Like UCX (the reason to do this before Multinet is that the UCX -$! emulation is easier to use...) -$! -$ IF F$TRNLNM("UCX$IPC_SHR") .NES. "" - - .OR. F$PARSE("SYS$SHARE:UCX$IPC_SHR.EXE") .NES. "" - - .OR. F$PARSE("SYS$LIBRARY:UCX$IPC.OLB") .NES. "" -$ THEN -$! -$! Last resort: a UCX or UCX-compatible library -$! -$ P4 = "UCX" -$! -$! Tell the user -$! -$ WRITE SYS$OUTPUT "Using UCX or an emulation thereof for TCP/IP" -$! -$! That was all... -$! -$ ENDIF -$ ENDIF -$ ENDIF -$! -$! Set Up Initial CC Definitions, Possibly With User Ones -$! -$ CCDEFS = "TCPIP_TYPE_''P4',DSO_VMS" -$ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS -$ CCEXTRAFLAGS = "" -$ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS -$ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX" -$ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN - - CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS -$! -$! Check To See If The User Entered A Valid Paramter. -$! -$ IF (P3.EQS."VAXC").OR.(P3.EQS."DECC").OR.(P3.EQS."GNUC") -$ THEN -$! -$! Check To See If The User Wanted DECC. -$! -$ IF (P3.EQS."DECC") -$ THEN -$! -$! Looks Like DECC, Set To Use DECC. -$! -$ COMPILER = "DECC" -$! -$! Tell The User We Are Using DECC. -$! -$ WRITE SYS$OUTPUT "Using DECC 'C' Compiler." -$! -$! Use DECC... -$! -$ CC = "CC" -$ IF ARCH.EQS."VAX" .AND. F$TRNLNM("DECC$CC_DEFAULT").NES."/DECC" - - THEN CC = "CC/DECC" -$ CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/STANDARD=ANSI89" + - - "/NOLIST/PREFIX=ALL" + - - "/INCLUDE=(SYS$DISK:[],SYS$DISK:[-],SYS$DISK:[-.CRYPTO])" + - - CCEXTRAFLAGS -$! -$! Define The Linker Options File Name. -$! -$ OPT_FILE = "SYS$DISK:[]VAX_DECC_OPTIONS.OPT" -$! -$! End DECC Check. -$! -$ ENDIF -$! -$! Check To See If We Are To Use VAXC. -$! -$ IF (P3.EQS."VAXC") -$ THEN -$! -$! Looks Like VAXC, Set To Use VAXC. -$! -$ COMPILER = "VAXC" -$! -$! Tell The User We Are Using VAX C. -$! -$ WRITE SYS$OUTPUT "Using VAXC 'C' Compiler." -$! -$! Compile Using VAXC. -$! -$ CC = "CC" -$ IF ARCH.EQS."AXP" -$ THEN -$ WRITE SYS$OUTPUT "There is no VAX C on Alpha!" -$ EXIT -$ ENDIF -$ IF F$TRNLNM("DECC$CC_DEFAULT").EQS."/DECC" THEN CC = "CC/VAXC" -$ CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/NOLIST" + - - "/INCLUDE=(SYS$DISK:[],SYS$DISK:[-],SYS$DISK:[-.CRYPTO])" + - - CCEXTRAFLAGS -$ CCDEFS = """VAXC""," + CCDEFS -$! -$! Define As SYS$COMMON:[SYSLIB] -$! -$ DEFINE/NOLOG SYS SYS$COMMON:[SYSLIB] -$! -$! Define The Linker Options File Name. -$! -$ OPT_FILE = "SYS$DISK:[]VAX_VAXC_OPTIONS.OPT" -$! -$! End VAXC Check -$! -$ ENDIF -$! -$! Check To See If We Are To Use GNU C. -$! -$ IF (P3.EQS."GNUC") -$ THEN -$! -$! Looks Like GNUC, Set To Use GNUC. -$! -$ COMPILER = "GNUC" -$! -$! Tell The User We Are Using GNUC. -$! -$ WRITE SYS$OUTPUT "Using GNU 'C' Compiler." -$! -$! Use GNU C... -$! -$ CC = "GCC/NOCASE_HACK/''GCC_OPTIMIZE'/''DEBUGGER'/NOLIST" + - - "/INCLUDE=(SYS$DISK:[],SYS$DISK:[-],SYS$DISK:[-.CRYPTO])" + - - CCEXTRAFLAGS -$! -$! Define The Linker Options File Name. -$! -$ OPT_FILE = "SYS$DISK:[]VAX_GNUC_OPTIONS.OPT" -$! -$! End The GNU C Check. -$! -$ ENDIF -$! -$! Set up default defines -$! -$ CCDEFS = """FLAT_INC=1""," + CCDEFS -$! -$! Finish up the definition of CC. -$! -$ IF COMPILER .EQS. "DECC" -$ THEN -$ IF CCDISABLEWARNINGS .EQS. "" -$ THEN -$ CC4DISABLEWARNINGS = "DOLLARID" -$ ELSE -$ CC4DISABLEWARNINGS = CCDISABLEWARNINGS + ",DOLLARID" -$ CCDISABLEWARNINGS = "/WARNING=(DISABLE=(" + CCDISABLEWARNINGS + "))" -$ ENDIF -$ CC4DISABLEWARNINGS = "/WARNING=(DISABLE=(" + CC4DISABLEWARNINGS + "))" -$ ELSE -$ CCDISABLEWARNINGS = "" -$ CC4DISABLEWARNINGS = "" -$ ENDIF -$ CC3 = CC + "/DEFINE=(" + CCDEFS + ISSEVEN + ")" + CCDISABLEWARNINGS -$ CC = CC + "/DEFINE=(" + CCDEFS + ")" + CCDISABLEWARNINGS -$ IF ARCH .EQS. "VAX" .AND. COMPILER .EQS. "DECC" .AND. P2 .NES. "DEBUG" -$ THEN -$ CC5 = CC + "/OPTIMIZE=NODISJOINT" -$ ELSE -$ CC5 = CC + "/NOOPTIMIZE" -$ ENDIF -$ CC4 = CC - CCDISABLEWARNINGS + CC4DISABLEWARNINGS -$! -$! Show user the result -$! -$ WRITE/SYMBOL SYS$OUTPUT "Main C Compiling Command: ",CC -$! -$! Else The User Entered An Invalid Arguement. -$! -$ ELSE -$! -$! Tell The User We Don't Know What They Want. -$! -$ WRITE SYS$OUTPUT "" -$ WRITE SYS$OUTPUT "The Option ",P3," Is Invalid. The Valid Options Are:" -$ WRITE SYS$OUTPUT "" -$ WRITE SYS$OUTPUT " VAXC : To Compile With VAX C." -$ WRITE SYS$OUTPUT " DECC : To Compile With DEC C." -$ WRITE SYS$OUTPUT " GNUC : To Compile With GNU C." -$ WRITE SYS$OUTPUT "" -$! -$! Time To EXIT. -$! -$ EXIT -$! -$! End The Valid Arguement Check. -$! -$ ENDIF -$! -$! Build a MACRO command for the architecture at hand -$! -$ IF ARCH .EQS. "VAX" THEN MACRO = "MACRO/''DEBUGGER'" -$ IF ARCH .EQS. "AXP" THEN MACRO = "MACRO/MIGRATION/''DEBUGGER'/''MACRO_OPTIMIZE'" -$! -$! Show user the result -$! -$ WRITE/SYMBOL SYS$OUTPUT "Main MACRO Compiling Command: ",MACRO -$! -$! Time to check the contents, and to make sure we get the correct library. -$! -$ IF P4.EQS."SOCKETSHR" .OR. P4.EQS."MULTINET" .OR. P4.EQS."UCX" - - .OR. P4.EQS."TCPIP" .OR. P4.EQS."NONE" -$ THEN -$! -$! Check to see if SOCKETSHR was chosen -$! -$ IF P4.EQS."SOCKETSHR" -$ THEN -$! -$! Set the library to use SOCKETSHR -$! -$ TCPIP_LIB = "SYS$DISK:[-.VMS]SOCKETSHR_SHR.OPT/OPT" -$! -$! Done with SOCKETSHR -$! -$ ENDIF -$! -$! Check to see if MULTINET was chosen -$! -$ IF P4.EQS."MULTINET" -$ THEN -$! -$! Set the library to use UCX emulation. -$! -$ P4 = "UCX" -$! -$! Done with MULTINET -$! -$ ENDIF -$! -$! Check to see if UCX was chosen -$! -$ IF P4.EQS."UCX" -$ THEN -$! -$! Set the library to use UCX. -$! -$ TCPIP_LIB = "SYS$DISK:[-.VMS]UCX_SHR_DECC.OPT/OPT" -$ IF F$TRNLNM("UCX$IPC_SHR") .NES. "" -$ THEN -$ TCPIP_LIB = "SYS$DISK:[-.VMS]UCX_SHR_DECC_LOG.OPT/OPT" -$ ELSE -$ IF COMPILER .NES. "DECC" .AND. ARCH .EQS. "VAX" THEN - - TCPIP_LIB = "SYS$DISK:[-.VMS]UCX_SHR_VAXC.OPT/OPT" -$ ENDIF -$! -$! Done with UCX -$! -$ ENDIF -$! -$! Check to see if TCPIP was chosen -$! -$ IF P4.EQS."TCPIP" -$ THEN -$! -$! Set the library to use TCPIP (post UCX). -$! -$ TCPIP_LIB = "SYS$DISK:[-.VMS]TCPIP_SHR_DECC.OPT/OPT" -$! -$! Done with TCPIP -$! -$ ENDIF -$! -$! Check to see if NONE was chosen -$! -$ IF P4.EQS."NONE" -$ THEN -$! -$! Do not use a TCPIP library. -$! -$ TCPIP_LIB = "" -$! -$! Done with TCPIP -$! -$ ENDIF -$! -$! Print info -$! -$ WRITE SYS$OUTPUT "TCP/IP library spec: ", TCPIP_LIB -$! -$! Else The User Entered An Invalid Arguement. -$! -$ ELSE -$! -$! Tell The User We Don't Know What They Want. -$! -$ WRITE SYS$OUTPUT "" -$ WRITE SYS$OUTPUT "The Option ",P4," Is Invalid. The Valid Options Are:" -$ WRITE SYS$OUTPUT "" -$ WRITE SYS$OUTPUT " SOCKETSHR : To link with SOCKETSHR TCP/IP library." -$ WRITE SYS$OUTPUT " UCX : To link with UCX TCP/IP library." -$ WRITE SYS$OUTPUT " TCPIP : To link with TCPIP (post UCX) TCP/IP library." -$ WRITE SYS$OUTPUT "" -$! -$! Time To EXIT. -$! -$ EXIT -$! -$! Done with TCP/IP libraries -$! -$ ENDIF -$! -$! Check if the user wanted to compile just a subset of all the encryption -$! methods. -$! -$ IF P6 .NES. "" -$ THEN -$ ENCRYPT_TYPES = P6 -$ ENDIF -$! -$! Time To RETURN... -$! -$ RETURN -$! -$ INITIALISE: -$! -$! Save old value of the logical name OPENSSL -$! -$ __SAVE_OPENSSL = F$TRNLNM("OPENSSL","LNM$PROCESS_TABLE") -$! -$! Save directory information -$! -$ __HERE = F$PARSE(F$PARSE("A.;",F$ENVIRONMENT("PROCEDURE"))-"A.;","[]A.;") - "A.;" -$ __HERE = F$EDIT(__HERE,"UPCASE") -$ __TOP = __HERE - "FIPS]" -$ __INCLUDE = __TOP + "INCLUDE.OPENSSL]" -$! -$! Set up the logical name OPENSSL to point at the include directory -$! -$ DEFINE OPENSSL/NOLOG '__INCLUDE' -$! -$! Done -$! -$ RETURN -$! -$ CLEANUP: -$! -$! Restore the logical name OPENSSL if it had a value -$! -$ IF __SAVE_OPENSSL .EQS. "" -$ THEN -$ DEASSIGN OPENSSL -$ ELSE -$ DEFINE/NOLOG OPENSSL '__SAVE_OPENSSL' -$ ENDIF -$! -$! Done -$! -$ RETURN diff --git a/src/lib/libssl/src/fips/fips.c b/src/lib/libssl/src/fips/fips.c deleted file mode 100644 index 7ecba57f70..0000000000 --- a/src/lib/libssl/src/fips/fips.c +++ /dev/null @@ -1,260 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2003 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include "fips_locl.h" - -#ifdef OPENSSL_FIPS - -#ifndef PATH_MAX -#define PATH_MAX 1024 -#endif - -static int fips_md5_allowed = 0; -static int fips_selftest_fail = 0; - -void FIPS_allow_md5(int onoff) - { - if (fips_is_started()) - { - int owning_thread = fips_is_owning_thread(); - - if (!owning_thread) CRYPTO_w_lock(CRYPTO_LOCK_FIPS); - fips_md5_allowed = onoff; - if (!owning_thread) CRYPTO_w_unlock(CRYPTO_LOCK_FIPS); - } - } - -int FIPS_md5_allowed(void) - { - int ret = 1; - if (fips_is_started()) - { - int owning_thread = fips_is_owning_thread(); - - if (!owning_thread) CRYPTO_r_lock(CRYPTO_LOCK_FIPS); - ret = fips_md5_allowed; - if (!owning_thread) CRYPTO_r_unlock(CRYPTO_LOCK_FIPS); - } - return ret; - } - -int FIPS_selftest_failed(void) - { - int ret = 0; - if (fips_is_started()) - { - int owning_thread = fips_is_owning_thread(); - - if (!owning_thread) CRYPTO_r_lock(CRYPTO_LOCK_FIPS); - ret = fips_selftest_fail; - if (!owning_thread) CRYPTO_r_unlock(CRYPTO_LOCK_FIPS); - } - return ret; - } - -int FIPS_selftest() - { - ERR_load_crypto_strings(); - - return FIPS_selftest_sha1() - && FIPS_selftest_aes() - && FIPS_selftest_des() - && FIPS_selftest_rsa() - && FIPS_selftest_dsa(); - } - -static int FIPS_check_exe(const char *path) - { - unsigned char buf[1024]; - char p2[PATH_MAX]; - unsigned int n; - unsigned char mdbuf[EVP_MAX_MD_SIZE]; - FILE *f; - static char key[]="etaonrishdlcupfm"; - HMAC_CTX hmac; - const char *sha1_fmt="%s.sha1"; - - f=fopen(path,"rb"); -#ifdef __CYGWIN32__ - /* cygwin scrupulously strips .exe extentions:-( as of now it's - actually no point to attempt above fopen, but we keep the call - just in case the behavior changes in the future... */ - if (!f) - { - sha1_fmt="%s.exe.sha1"; - BIO_snprintf(p2,sizeof p2,"%s.exe",path); - f=fopen(p2,"rb"); - } -#endif - if(!f) - { - FIPSerr(FIPS_F_FIPS_CHECK_EXE,FIPS_R_CANNOT_READ_EXE); - return 0; - } - HMAC_Init(&hmac,key,strlen(key),EVP_sha1()); - while(!feof(f)) - { - n=fread(buf,1,sizeof buf,f); - if(ferror(f)) - { - clearerr(f); - fclose(f); - FIPSerr(FIPS_F_FIPS_CHECK_EXE,FIPS_R_CANNOT_READ_EXE); - return 0; - } - if (n) HMAC_Update(&hmac,buf,n); - } - fclose(f); - HMAC_Final(&hmac,mdbuf,&n); - HMAC_CTX_cleanup(&hmac); - BIO_snprintf(p2,sizeof p2,sha1_fmt,path); - f=fopen(p2,"rb"); - if(!f || fread(buf,1,20,f) != 20) - { - if (f) fclose(f); - FIPSerr(FIPS_F_FIPS_CHECK_EXE,FIPS_R_CANNOT_READ_EXE_DIGEST); - return 0; - } - fclose(f); - if(memcmp(buf,mdbuf,20)) - { - FIPSerr(FIPS_F_FIPS_CHECK_EXE,FIPS_R_EXE_DIGEST_DOES_NOT_MATCH); - return 0; - } - return 1; - } - -int FIPS_mode_set(int onoff,const char *path) - { - void fips_set_mode(int _onoff); - int fips_set_owning_thread(); - int fips_clear_owning_thread(); - int ret = 0; - - CRYPTO_w_lock(CRYPTO_LOCK_FIPS); - fips_set_started(); - fips_set_owning_thread(); - - if(onoff) - { - unsigned char buf[24]; - - fips_selftest_fail = 0; - - /* Don't go into FIPS mode twice, just so we can do automagic - seeding */ - if(FIPS_mode()) - { - FIPSerr(FIPS_F_FIPS_MODE_SET,FIPS_R_FIPS_MODE_ALREADY_SET); - fips_selftest_fail = 1; - ret = 0; - goto end; - } - - if(!FIPS_check_exe(path)) - { - fips_selftest_fail = 1; - ret = 0; - goto end; - } - - /* automagically seed PRNG if not already seeded */ - if(!FIPS_rand_seeded()) - { - if(RAND_bytes(buf,sizeof buf) <= 0) - { - fips_selftest_fail = 1; - ret = 0; - goto end; - } - FIPS_set_prng_key(buf,buf+8); - FIPS_rand_seed(buf+16,8); - } - - /* now switch into FIPS mode */ - fips_set_rand_check(FIPS_rand_method()); - RAND_set_rand_method(FIPS_rand_method()); - if(FIPS_selftest()) - fips_set_mode(1); - else - { - fips_selftest_fail = 1; - ret = 0; - goto end; - } - ret = 1; - goto end; - } - fips_set_mode(0); - fips_selftest_fail = 0; - ret = 1; -end: - fips_clear_owning_thread(); - CRYPTO_w_unlock(CRYPTO_LOCK_FIPS); - return ret; - } - -#if 0 -/* here just to cause error codes to exist */ -static void dummy() - { - FIPSerr(FIPS_F_HASH_FINAL,FIPS_F_NON_FIPS_METHOD); - FIPSerr(FIPS_F_HASH_FINAL,FIPS_R_FIPS_SELFTEST_FAILED); - } -#endif - -#endif diff --git a/src/lib/libssl/src/fips/fips.h b/src/lib/libssl/src/fips/fips.h deleted file mode 100644 index a4df06b148..0000000000 --- a/src/lib/libssl/src/fips/fips.h +++ /dev/null @@ -1,125 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2003 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - */ - -#include - -#ifdef OPENSSL_FIPS - -#ifdef __cplusplus -extern "C" { -#endif - -/* Note that these are defined in crypto/cryptlib.c so they're - * available even without -lfips. - */ -struct dsa_st; - -int FIPS_mode_set(int onoff,const char *path); -void FIPS_allow_md5(int onoff); -int FIPS_md5_allowed(void); -int FIPS_selftest_failed(void); -int FIPS_dsa_check(struct dsa_st *dsa); -void FIPS_corrupt_sha1(void); -int FIPS_selftest_sha1(void); -void FIPS_corrupt_aes(void); -int FIPS_selftest_aes(void); -void FIPS_corrupt_des(void); -int FIPS_selftest_des(void); -void FIPS_corrupt_rsa(void); -int FIPS_selftest_rsa(void); -void FIPS_corrupt_dsa(void); -int FIPS_selftest_dsa(void); - -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -void ERR_load_FIPS_strings(void); - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -void ERR_load_FIPS_strings(void); - -/* Error codes for the FIPS functions. */ - -/* Function codes. */ -#define FIPS_F_DSA_DO_SIGN 111 -#define FIPS_F_DSA_DO_VERIFY 112 -#define FIPS_F_DSA_GENERATE_PARAMETERS 110 -#define FIPS_F_FIPS_CHECK_DSA 116 -#define FIPS_F_FIPS_CHECK_EXE 106 -#define FIPS_F_FIPS_CHECK_RSA 115 -#define FIPS_F_FIPS_DSA_CHECK 102 -#define FIPS_F_FIPS_MODE_SET 105 -#define FIPS_F_FIPS_SELFTEST_AES 104 -#define FIPS_F_FIPS_SELFTEST_DES 107 -#define FIPS_F_FIPS_SELFTEST_DSA 109 -#define FIPS_F_FIPS_SELFTEST_RSA 108 -#define FIPS_F_FIPS_SELFTEST_SHA1 103 -#define FIPS_F_HASH_FINAL 100 -#define FIPS_F_DH_GENERATE_PARAMETERS 117 -#define FIPS_F_RSA_EAY_PUBLIC_ENCRYPT 114 -#define FIPS_F_RSA_GENERATE_KEY 113 -#define FIPS_F_SSLEAY_RAND_BYTES 101 - -/* Reason codes. */ -#define FIPS_R_CANNOT_READ_EXE 103 -#define FIPS_R_CANNOT_READ_EXE_DIGEST 104 -#define FIPS_R_EXE_DIGEST_DOES_NOT_MATCH 105 -#define FIPS_R_FIPS_MODE_ALREADY_SET 102 -#define FIPS_R_FIPS_SELFTEST_FAILED 106 -#define FIPS_R_NON_FIPS_METHOD 100 -#define FIPS_R_PAIRWISE_TEST_FAILED 107 -#define FIPS_R_SELFTEST_FAILED 101 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/src/lib/libssl/src/fips/fips_locl.h b/src/lib/libssl/src/fips/fips_locl.h deleted file mode 100644 index 215e382549..0000000000 --- a/src/lib/libssl/src/fips/fips_locl.h +++ /dev/null @@ -1,67 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2003 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - */ - -#ifdef OPENSSL_FIPS - -#ifdef __cplusplus -extern "C" { -#endif - -/* These are really defined in crypto/cryptlib.c */ -void fips_set_started(void); -int fips_is_started(void); -int fips_is_owning_thread(void); -int fips_set_owning_thread(void); -int fips_clear_owning_thread(void); -void fips_set_rand_check(void *rand_check); - -#ifdef __cplusplus -} -#endif -#endif diff --git a/src/lib/libssl/src/fips/fips_test_suite.c b/src/lib/libssl/src/fips/fips_test_suite.c deleted file mode 100644 index 60ee8d856b..0000000000 --- a/src/lib/libssl/src/fips/fips_test_suite.c +++ /dev/null @@ -1,341 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2003 The OpenSSL Project. All rights reserved. - * - * - * This command is intended as a test driver for the FIPS-140 testing - * lab performing FIPS-140 validation. It demonstrates the use of the - * OpenSSL library ito perform a variety of common cryptographic - * functions. A power-up self test is demonstrated by deliberately - * pointing to an invalid executable hash - * - * Contributed by Steve Marquess. - * - */ -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#ifndef OPENSSL_FIPS -int main(int argc, char *argv[]) - { - printf("No FIPS support\n"); - return(0); - } -#else - -/* AES: encrypt and decrypt known plaintext, verify result matches original plaintext -*/ -static int FIPS_aes_test() - { - unsigned char userkey[16] = { 0xde, 0xad, 0xbe, 0xef, 0xfe, 0xed, 0xf0, 0x0d }; - unsigned char plaintext[16] = "etaonrishdlcu"; - unsigned char ciphertext[16]; - unsigned char buf[16]; - AES_KEY key; - AES_KEY dkey; - - ERR_clear_error(); - if (AES_set_encrypt_key( userkey, 128, &key )) - return 0; - AES_encrypt( plaintext, ciphertext, &key); - if (AES_set_decrypt_key( userkey, 128, &dkey )) - return 0; - AES_decrypt( ciphertext, buf, &dkey); - if (memcmp(buf, plaintext, sizeof(buf))) - return 0; - return 1; - } - -/* DES: encrypt and decrypt known plaintext, verify result matches original plaintext -*/ -static int FIPS_des_test() - { - DES_cblock userkey = { 0xde, 0xad, 0xbe, 0xef, 0xfe, 0xed, 0xf0, 0x0d }; - DES_cblock plaintext = { 'e', 't', 'a', 'o', 'n', 'r', 'i', 's' }; - - DES_key_schedule key; - DES_cblock ciphertext; - DES_cblock buf; - - ERR_clear_error(); - if (DES_set_key(&userkey, &key) < 0) - return 0; - DES_ecb_encrypt( &plaintext, &ciphertext, &key, 1); - DES_ecb_encrypt( &ciphertext, &buf, &key, 0); - if (memcmp(buf, plaintext, sizeof(buf))) - return 0; - return 1; - } - -/* DSA: generate key and sign a known digest, then verify the signature - * against the digest -*/ -static int FIPS_dsa_test() - { - DSA *dsa = NULL; - unsigned char dgst[] = "etaonrishdlc"; - unsigned char sig[256]; - unsigned int siglen; - - ERR_clear_error(); - dsa = DSA_generate_parameters(512,NULL,0,NULL,NULL,NULL,NULL); - if (!dsa) - return 0; - if (!DSA_generate_key(dsa)) - return 0; - if ( DSA_sign(0,dgst,sizeof(dgst) - 1,sig,&siglen,dsa) != 1 ) - return 0; - if ( DSA_verify(0,dgst,sizeof(dgst) - 1,sig,siglen,dsa) != 1 ) - return 0; - DSA_free(dsa); - return 1; - } - -/* RSA: generate keys and encrypt and decrypt known plaintext, verify result - * matches the original plaintext -*/ -static int FIPS_rsa_test() - { - RSA *key; - unsigned char input_ptext[] = "etaonrishdlc"; - unsigned char ctext[256]; - unsigned char ptext[256]; - int n; - - ERR_clear_error(); - key = RSA_generate_key(1024,65537,NULL,NULL); - if (!key) - return 0; - n = RSA_size(key); - n = RSA_public_encrypt(sizeof(input_ptext) - 1,input_ptext,ctext,key,RSA_PKCS1_PADDING); - if (n < 0) - return 0; - n = RSA_private_decrypt(n,ctext,ptext,key,RSA_PKCS1_PADDING); - if (n < 0) - return 0; - RSA_free(key); - if (memcmp(input_ptext,ptext,sizeof(input_ptext) - 1)) - return 0; - return 1; - } - -/* SHA1: generate hash of known digest value and compare to known - precomputed correct hash -*/ -static int FIPS_sha1_test() - { - unsigned char digest[SHA_DIGEST_LENGTH] = - { 0x11, 0xf1, 0x9a, 0x3a, 0xec, 0x1a, 0x1e, 0x8e, 0x65, 0xd4, 0x9a, 0x38, 0x0c, 0x8b, 0x1e, 0x2c, 0xe8, 0xb3, 0xc5, 0x18 }; - unsigned char str[] = "etaonrishd"; - - unsigned char md[SHA_DIGEST_LENGTH]; - - ERR_clear_error(); - if (!SHA1(str,sizeof(str) - 1,md)) return 0; - if (memcmp(md,digest,sizeof(md))) - return 0; - return 1; - } - -/* MD5: generate hash of known digest value and compare to known - precomputed correct hash -*/ -static int md5_test() - { - unsigned char digest[MD5_DIGEST_LENGTH] = - { 0x48, 0x50, 0xf0, 0xa3, 0x3a, 0xed, 0xd3, 0xaf, 0x6e, 0x47, 0x7f, 0x83, 0x02, 0xb1, 0x09, 0x68 }; - unsigned char str[] = "etaonrishd"; - - unsigned char md[MD5_DIGEST_LENGTH]; - - ERR_clear_error(); - if (!MD5(str,sizeof(str) - 1,md)) - return 0; - if (memcmp(md,digest,sizeof(md))) - return 0; - return 1; - } - -/* DH: generate shared parameters -*/ -static int dh_test() - { - DH *dh; - - ERR_clear_error(); - dh = DH_generate_parameters(256, 2, NULL, NULL); - if (dh) - return 1; - return 0; - } - -/* Zeroize -*/ -static int Zeroize() - { - RSA *key; - unsigned char userkey[16] = - { 0x48, 0x50, 0xf0, 0xa3, 0x3a, 0xed, 0xd3, 0xaf, 0x6e, 0x47, 0x7f, 0x83, 0x02, 0xb1, 0x09, 0x68 }; - int i, n; - - key = RSA_generate_key(1024,65537,NULL,NULL); - if (!key) - return 0; - n = BN_num_bytes(key->d); - printf(" Generated %d byte RSA private key\n", n); - printf("\tBN key before overwriting:\n%s\n", BN_bn2hex(key->d)); - BN_rand(key->d,n*8,-1,0); - printf("\tBN key after overwriting:\n%s\n", BN_bn2hex(key->d)); - - printf("\tchar buffer key before overwriting: \n\t\t"); - for(i = 0; i < sizeof(userkey); i++) printf("%02x", userkey[i]); - printf("\n"); - RAND_bytes(userkey, sizeof userkey); - printf("\tchar buffer key after overwriting: \n\t\t"); - for(i = 0; i < sizeof(userkey); i++) printf("%02x", userkey[i]); - printf("\n"); - - return 1; - } - -static int Error; -const char * Fail(const char *msg) - { - Error++; - return msg; - } - -int main(int argc,char **argv) - { - - printf("\tFIPS-mode test application\n\n"); - - /* Load entropy from external file, if any */ - RAND_load_file(".rnd", 1024); - - if (argv[1]) { - /* Corrupted KAT tests */ - if (!strcmp(argv[1], "aes")) { - FIPS_corrupt_aes(); - printf("3. AES encryption/decryption with corrupted KAT...\n"); - } else if (!strcmp(argv[1], "des")) { - FIPS_corrupt_des(); - printf("5. DES-ECB encryption/decryption with corrupted KAT...\n"); - } else if (!strcmp(argv[1], "dsa")) { - FIPS_corrupt_dsa(); - printf("6. DSA key generation and signature validation with corrupted KAT...\n"); - } else if (!strcmp(argv[1], "rsa")) { - FIPS_corrupt_rsa(); - printf("4. RSA key generation and encryption/decryption with corrupted KAT...\n"); - } else if (!strcmp(argv[1], "sha1")) { - FIPS_corrupt_sha1(); - printf("7. SHA-1 hash with corrupted KAT...\n"); - } else { - printf("Bad argument \"%s\"\n", argv[1]); - exit(1); - } - if (!FIPS_mode_set(1,argv[0])) - { - ERR_load_crypto_strings(); - ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE)); - printf("Power-up self test failed\n"); - exit(1); - } - printf("Power-up self test successful\n"); - exit(0); - } - - /* Non-Approved cryptographic operation - */ - printf("0. Non-Approved cryptographic operation test...\n"); - printf("\ta. Excluded algorithm (MD5)..."); - printf( md5_test() ? "successful\n" : Fail("FAILED!\n") ); - printf("\tb. Included algorithm (D-H)..."); - printf( dh_test() ? "successful\n" : Fail("FAILED!\n") ); - - /* Power-up self test failure - */ - printf("1. Automatic power-up self test..."); - printf( FIPS_mode_set(1,"/dev/null") ? Fail("passed INCORRECTLY!\n") : "failed as expected\n" ); - - /* Algorithm call when uninitialized failure - */ - printf("\ta. AES API failure on failed power-up self test..."); - printf( FIPS_aes_test() ? Fail("passed INCORRECTLY!\n") :"failed as expected\n" ); - printf("\tb. RSA API failure on failed power-up self test..."); - printf( FIPS_rsa_test() ? Fail("passed INCORRECTLY!\n") : "failed as expected\n" ); - printf("\tc. DES API failure on failed power-up self test..."); - printf( FIPS_des_test() ? Fail("passed INCORRECTLY!\n") : "failed as expected\n" ); - printf("\td. DSA API failure on failed power-up self test..."); - printf( FIPS_dsa_test() ? Fail("passed INCORRECTLY!\n") : "failed as expected\n" ); - printf("\te. SHA1 API failure on failed power-up self test..."); - printf( FIPS_sha1_test() ? Fail("passed INCORRECTLY!\n") : "failed as expected\n" ); - - /* Power-up self test retry - */ - ERR_clear_error(); - printf("2. Automatic power-up self test retry..."); - if (!FIPS_mode_set(1,argv[0])) - { - ERR_load_crypto_strings(); - ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE)); - printf(Fail("FAILED!\n")); - exit(1); - } - printf("successful\n"); - - /* AES encryption/decryption - */ - printf("3. AES encryption/decryption..."); - printf( FIPS_aes_test() ? "successful\n" : Fail("FAILED!\n") ); - - /* RSA key generation and encryption/decryption - */ - printf("4. RSA key generation and encryption/decryption..."); - printf( FIPS_rsa_test() ? "successful\n" : Fail("FAILED!\n") ); - - /* DES-CBC encryption/decryption - */ - printf("5. DES-ECB encryption/decryption..."); - printf( FIPS_des_test() ? "successful\n" : Fail("FAILED!\n") ); - - /* DSA key generation and signature validation - */ - printf("6. DSA key generation and signature validation..."); - printf( FIPS_dsa_test() ? "successful\n" : Fail("FAILED!\n") ); - - /* SHA-1 hash - */ - printf("7. SHA-1 hash..."); - printf( FIPS_sha1_test() ? "successful\n" : Fail("FAILED!\n") ); - - /* Non-Approved cryptographic operation - */ - printf("8. Non-Approved cryptographic operation test...\n"); - printf("\ta. Excluded algorithm (MD5)..."); - printf( md5_test() ? Fail("passed INCORRECTLY!\n") - : "failed as expected\n" ); - printf("\tb. Included algorithm (D-H)..."); - printf( dh_test() ? "successful as expected\n" - : Fail("failed INCORRECTLY!\n") ); - - /* Zeroization - */ - printf("9. Zero-ization...\n"); - Zeroize(); - - printf("\nAll tests completed with %d errors\n", Error); - return 0; - } -#endif diff --git a/src/lib/libssl/src/fips/install.com b/src/lib/libssl/src/fips/install.com deleted file mode 100644 index aa19f0599d..0000000000 --- a/src/lib/libssl/src/fips/install.com +++ /dev/null @@ -1,55 +0,0 @@ -$! INSTALL.COM -- Installs the files in a given directory tree -$! -$! Author: Richard Levitte -$! Time of creation: 27-MAY-2004 11:47 -$! -$! P1 root of the directory tree -$! -$ IF P1 .EQS. "" -$ THEN -$ WRITE SYS$OUTPUT "First argument missing." -$ WRITE SYS$OUTPUT "Should be the directory where you want things installed." -$ EXIT -$ ENDIF -$ -$ ROOT = F$PARSE(P1,"[]A.;0",,,"SYNTAX_ONLY,NO_CONCEAL") - "A.;0" -$ ROOT_DEV = F$PARSE(ROOT,,,"DEVICE","SYNTAX_ONLY") -$ ROOT_DIR = F$PARSE(ROOT,,,"DIRECTORY","SYNTAX_ONLY") - - - "[000000." - "][" - "[" - "]" -$ ROOT = ROOT_DEV + "[" + ROOT_DIR -$ -$ DEFINE/NOLOG WRK_SSLROOT 'ROOT'.] /TRANS=CONC -$ DEFINE/NOLOG WRK_SSLINCLUDE WRK_SSLROOT:[INCLUDE] -$ -$ IF F$PARSE("WRK_SSLROOT:[000000]") .EQS. "" THEN - - CREATE/DIR/LOG WRK_SSLROOT:[000000] -$ IF F$PARSE("WRK_SSLINCLUDE:") .EQS. "" THEN - - CREATE/DIR/LOG WRK_SSLINCLUDE: -$ -$ FDIRS := ,RAND,SHA1,DES,AES,DSA,RSA -$ EXHEADER_ := fips.h -$ EXHEADER_SHA1 := -$ EXHEADER_RAND := fips_rand.h -$ EXHEADER_DES := -$ EXHEADER_AES := -$ EXHEADER_DSA := -$ EXHEADER_RSA := -$ -$ I = 0 -$ LOOP_FDIRS: -$ D = F$EDIT(F$ELEMENT(I, ",", FDIRS),"TRIM") -$ I = I + 1 -$ IF D .EQS. "," THEN GOTO LOOP_FDIRS_END -$ tmp = EXHEADER_'D' -$ IF tmp .EQS. "" THEN GOTO LOOP_FDIRS -$ IF D .EQS. "" -$ THEN -$ COPY 'tmp' WRK_SSLINCLUDE: /LOG -$ ELSE -$ COPY [.'D']'tmp' WRK_SSLINCLUDE: /LOG -$ ENDIF -$ SET FILE/PROT=WORLD:RE WRK_SSLINCLUDE:'tmp' -$ GOTO LOOP_FDIRS -$ LOOP_FDIRS_END: -$ -$ EXIT diff --git a/src/lib/libssl/src/fips/openssl_fips_fingerprint b/src/lib/libssl/src/fips/openssl_fips_fingerprint deleted file mode 100755 index d3dfb7eb61..0000000000 --- a/src/lib/libssl/src/fips/openssl_fips_fingerprint +++ /dev/null @@ -1,30 +0,0 @@ -#!/bin/sh -# -# Check the library fingerprint and generate an executable fingerprint, or -# return an error - -lib=$1 -exe=$2 - -# deal with the case where we're run from within the build and OpenSSL is -# not yet installed. Also, make sure LD_LIBRARY_PATH is properly set in -# case shared libraries are built. -if [ "X$TOP" != "X" ] -then - if test "$OSTYPE" = msdosdjgpp; then - PATH="$TOP/apps;$TOP;$PATH" - else - PATH="$TOP/apps:$TOP:$PATH" - fi - LD_LIBRARY_PATH=$TOP; export LD_LIBRARY_PATH -else - LD_LIBRARY_PATH=.; export LD_LIBRARY_PATH -fi - -echo "Checking library fingerprint for $lib" -openssl sha1 -hmac etaonrishdlcupfm $lib | sed "s/(.*\//(/" | diff -w $lib.sha1 - || { echo "$libs fingerprint mismatch"; exit 1; } - -[ -x $exe.exe ] && exe=$exe.exe - -echo "Making fingerprint for $exe" -openssl sha1 -hmac etaonrishdlcupfm -binary $exe > $exe.sha1 || rm $exe.sha1 diff --git a/src/lib/libssl/src/fips/rand/Makefile b/src/lib/libssl/src/fips/rand/Makefile deleted file mode 100644 index c8922abc77..0000000000 --- a/src/lib/libssl/src/fips/rand/Makefile +++ /dev/null @@ -1,104 +0,0 @@ -# -# SSLeay/fips/rand/Makefile -# - -DIR= rand -TOP= ../.. -CC= cc -INCLUDES= -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile -AR= ar r - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile -TEST= fips_randtest.c -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC=fips_rand.c -LIBOBJ=fips_rand.o - -SRC= $(LIBSRC) - -EXHEADER= fips_rand.h -HEADER= $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd $(TOP); $(MAKE) DIRS=fips SDIRS=$(DIR) sub_all) - -all: check lib - -check: - TOP=`pwd`/$(TOP) ../fips_check_sha1 fingerprint.sha1 $(SRC) $(HEADER) - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @sleep 2; touch lib - -files: - $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO - -links: - @$(PERL) $(TOP)/util/mklink.pl $(TOP)/include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl $(TOP)/test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl $(TOP)/apps $(APPS) - -install: - @headerlist="$(EXHEADER)"; for i in $$headerlist; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(SRC) $(TEST) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -fips_rand.o: ../../e_os.h ../../include/openssl/bio.h -fips_rand.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -fips_rand.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -fips_rand.o: ../../include/openssl/err.h ../../include/openssl/fips_rand.h -fips_rand.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -fips_rand.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -fips_rand.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h -fips_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -fips_rand.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -fips_rand.o: fips_rand.c -fips_randtest.o: ../../e_os.h ../../include/openssl/bio.h -fips_randtest.o: ../../include/openssl/crypto.h ../../include/openssl/des.h -fips_randtest.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h -fips_randtest.o: ../../include/openssl/err.h ../../include/openssl/fips_rand.h -fips_randtest.o: ../../include/openssl/lhash.h -fips_randtest.o: ../../include/openssl/opensslconf.h -fips_randtest.o: ../../include/openssl/opensslv.h -fips_randtest.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -fips_randtest.o: ../../include/openssl/safestack.h -fips_randtest.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -fips_randtest.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h -fips_randtest.o: fips_randtest.c diff --git a/src/lib/libssl/src/fips/rand/fips_rand.c b/src/lib/libssl/src/fips/rand/fips_rand.c deleted file mode 100644 index cc2f12deb9..0000000000 --- a/src/lib/libssl/src/fips/rand/fips_rand.c +++ /dev/null @@ -1,355 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2003 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - */ - -/* - * This is a FIPS approved PRNG, ANSI X9.31 A.2.4. - */ - -#include "e_os.h" - -/* If we don't define _XOPEN_SOURCE_EXTENDED, struct timeval won't - be defined and gettimeofday() won't be declared with strict compilers - like DEC C in ANSI C mode. */ -#ifndef _XOPEN_SOURCE_EXTENDED -#define _XOPEN_SOURCE_EXTENDED 1 -#endif - -#include -#include -#include -#include -#ifndef OPENSSL_SYS_WIN32 -#include -#endif -#include -#ifndef OPENSSL_SYS_WIN32 -# ifdef OPENSSL_UNISTD -# include OPENSSL_UNISTD -# else -# include -# endif -#endif -#include - -#ifdef OPENSSL_FIPS - -#define SEED_SIZE 8 - -static unsigned char seed[SEED_SIZE]; -static FIPS_RAND_SIZE_T n_seed; -static FIPS_RAND_SIZE_T o_seed; -static DES_cblock key1; -static DES_cblock key2; -static DES_key_schedule ks1,ks2; -static int key_set; -static int test_mode; -static unsigned char test_faketime[8]; - -#ifndef GETPID_IS_MEANINGLESS -static int seed_pid; -static int key_pid; -#endif - -static void fips_rand_cleanup(void); -static void fips_rand_add(const void *buf, FIPS_RAND_SIZE_T num, double add_entropy); -static int fips_rand_bytes(unsigned char *buf, FIPS_RAND_SIZE_T num); -static int fips_rand_status(void); - -static RAND_METHOD rand_fips_meth= - { - FIPS_rand_seed, - fips_rand_bytes, - fips_rand_cleanup, - fips_rand_add, - fips_rand_bytes, - fips_rand_status - }; - -static int second; - -RAND_METHOD *FIPS_rand_method(void) -{ - return &rand_fips_meth; -} - -void FIPS_set_prng_key(const unsigned char k1[8],const unsigned char k2[8]) - { - memcpy(&key1,k1,sizeof key1); - memcpy(&key2,k2,sizeof key2); - key_set=1; -#ifndef GETPID_IS_MEANINGLESS - key_pid=getpid(); -#endif - second=0; - } - -void FIPS_test_mode(int test,const unsigned char faketime[8]) - { - test_mode=test; - if(!test_mode) - return; - memcpy(test_faketime,faketime,sizeof test_faketime); - } - -/* NB: this returns true if _partially_ seeded */ -int FIPS_rand_seeded() - { return key_set || n_seed; } - -static void fips_gettime(unsigned char buf[8]) - { -#ifdef OPENSSL_SYS_WIN32 - FILETIME ft; -#else - struct timeval tv; -#endif - - if(test_mode) - { - fprintf(stderr,"WARNING!!! PRNG IN TEST MODE!!!\n"); - memcpy(buf,test_faketime,sizeof test_faketime); - return; - } -#ifdef OPENSSL_SYS_WIN32 - GetSystemTimeAsFileTime(&ft); - buf[0] = (unsigned char) (ft.dwHighDateTime & 0xff); - buf[1] = (unsigned char) ((ft.dwHighDateTime >> 8) & 0xff); - buf[2] = (unsigned char) ((ft.dwHighDateTime >> 16) & 0xff); - buf[3] = (unsigned char) ((ft.dwHighDateTime >> 24) & 0xff); - buf[4] = (unsigned char) (ft.dwLowDateTime & 0xff); - buf[5] = (unsigned char) ((ft.dwLowDateTime >> 8) & 0xff); - buf[6] = (unsigned char) ((ft.dwLowDateTime >> 16) & 0xff); - buf[7] = (unsigned char) ((ft.dwLowDateTime >> 24) & 0xff); -#else - gettimeofday(&tv,NULL); - buf[0] = (unsigned char) (tv.tv_sec & 0xff); - buf[1] = (unsigned char) ((tv.tv_sec >> 8) & 0xff); - buf[2] = (unsigned char) ((tv.tv_sec >> 16) & 0xff); - buf[3] = (unsigned char) ((tv.tv_sec >> 24) & 0xff); - buf[4] = (unsigned char) (tv.tv_usec & 0xff); - buf[5] = (unsigned char) ((tv.tv_usec >> 8) & 0xff); - buf[6] = (unsigned char) ((tv.tv_usec >> 16) & 0xff); - buf[7] = (unsigned char) ((tv.tv_usec >> 24) & 0xff); -#endif - -#if 0 /* This eminently sensible strategy is not acceptable to NIST. Sigh. */ -#ifndef GETPID_IS_MEANINGLESS - /* we mix in the PID to ensure that after a fork the children don't give - * the same results as each other - */ - pid=getpid(); - /* make sure we shift the pid to the MSB */ - if((pid&0xffff0000) == 0) - pid<<=16; - *(long *)&buf[0]^=pid; -#endif -#endif - } - -static void fips_rand_encrypt(unsigned char *out,const unsigned char *in) - { - DES_ecb2_encrypt(in,out,&ks1,&ks2,1); - } - -static void fips_rand_cleanup(void) - { - OPENSSL_cleanse(seed,sizeof seed); - n_seed=0; - } - -void FIPS_rand_seed(const void *buf_, FIPS_RAND_SIZE_T num) - { - const char *buf=buf_; - FIPS_RAND_SIZE_T n; - static int init; - - /* If the key hasn't been set, we can't seed! */ - if(!key_set) - return; - - CRYPTO_w_lock(CRYPTO_LOCK_RAND); - if(!init) - { - init=1; - DES_set_key(&key1,&ks1); - DES_set_key(&key2,&ks2); - } - - /* - * This algorithm only uses 64 bits of seed, so ensure that we use - * the most recent 64 bits. - */ - for(n=0 ; n < num ; ) - { - FIPS_RAND_SIZE_T t=num-n; - - if(o_seed+t > sizeof seed) - t=sizeof seed-o_seed; - memcpy(seed+o_seed,buf+n,t); - n+=t; - o_seed+=t; - if(o_seed == sizeof seed) - o_seed=0; - if(n_seed < sizeof seed) - n_seed+=t; - } - -#ifndef GETPID_IS_MEANINGLESS - seed_pid=getpid(); -#endif - - CRYPTO_w_unlock(CRYPTO_LOCK_RAND); - } - -static void fips_rand_add(const void *buf, FIPS_RAND_SIZE_T num, double add_entropy) - { - FIPS_rand_seed(buf,num); - } - -static int fips_rand_bytes(unsigned char *buf,FIPS_RAND_SIZE_T num) - { - FIPS_RAND_SIZE_T n; - unsigned char timeseed[8]; - unsigned char intermediate[SEED_SIZE]; - unsigned char output[SEED_SIZE]; - static unsigned char previous[SEED_SIZE]; -#ifndef GETPID_IS_MEANINGLESS - int pid; -#endif - - if(n_seed < sizeof seed) - { - RANDerr(RAND_F_FIPS_RAND_BYTES,RAND_R_PRNG_NOT_SEEDED); - return 0; - } - -#ifdef FIPS_RAND_MAX_SIZE_T - if (num > FIPS_RAND_MAX_SIZE_T) - { -#ifdef RAND_R_PRNG_ASKING_FOR_TOO_MUCH - RANDerr(RAND_F_FIPS_RAND_BYTES,RAND_R_PRNG_ASKING_FOR_TOO_MUCH); - return 0; -#else - return -1; /* signal "not supported" condition */ -#endif - } -#endif - -#ifndef GETPID_IS_MEANINGLESS - pid=getpid(); - if(pid != seed_pid) - { - RANDerr(RAND_F_FIPS_RAND_BYTES,RAND_R_PRNG_NOT_RESEEDED); - return 0; - } - if(pid != key_pid) - { - RANDerr(RAND_F_FIPS_RAND_BYTES,RAND_R_PRNG_NOT_REKEYED); - return 0; - } -#endif - - CRYPTO_w_lock(CRYPTO_LOCK_RAND); - - for(n=0 ; n < num ; ) - { - unsigned char t[SEED_SIZE]; - FIPS_RAND_SIZE_T l; - - /* ANS X9.31 A.2.4: I = ede*K(DT) - timeseed == DT - intermediate == I - */ - fips_gettime(timeseed); - fips_rand_encrypt(intermediate,timeseed); - - /* ANS X9.31 A.2.4: R = ede*K(I^V) - intermediate == I - seed == V - output == R - */ - for(l=0 ; l < sizeof t ; ++l) - t[l]=intermediate[l]^seed[l]; - fips_rand_encrypt(output,t); - - /* ANS X9.31 A.2.4: V = ede*K(R^I) - output == R - intermediate == I - seed == V - */ - for(l=0 ; l < sizeof t ; ++l) - t[l]=output[l]^intermediate[l]; - fips_rand_encrypt(seed,t); - - if(second && !memcmp(output,previous,sizeof previous)) - { - RANDerr(RAND_F_FIPS_RAND_BYTES,RAND_R_PRNG_STUCK); - CRYPTO_w_unlock(CRYPTO_LOCK_RAND); - return 0; - } - memcpy(previous,output,sizeof previous); - second=1; - - /* Successive values of R may be concatenated to produce a - pseudo random number of the desired length */ - l=SEED_SIZE < num-n ? SEED_SIZE : num-n; - memcpy(buf+n,output,l); - n+=l; - } - - CRYPTO_w_unlock(CRYPTO_LOCK_RAND); - - return 1; - } - -static int fips_rand_status(void) - { - return n_seed == sizeof seed; - } - -#endif /* OPENSSL_FIPS */ diff --git a/src/lib/libssl/src/fips/rand/fips_rand.h b/src/lib/libssl/src/fips/rand/fips_rand.h deleted file mode 100644 index 1286b63ab2..0000000000 --- a/src/lib/libssl/src/fips/rand/fips_rand.h +++ /dev/null @@ -1,73 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2003 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - */ - -#ifndef HEADER_FIPS_RAND_H -#define HEADER_FIPS_RAND_H - -#include "des.h" - -#ifdef OPENSSL_FIPS - -#ifdef __cplusplus -extern "C" { -#endif - -void FIPS_set_prng_key(const unsigned char k1[8],const unsigned char k2[8]); -void FIPS_test_mode(int test,const unsigned char faketime[8]); -void FIPS_rand_seed(const void *buf, FIPS_RAND_SIZE_T num); -/* NB: this returns true if _partially_ seeded */ -int FIPS_rand_seeded(void); - -RAND_METHOD *FIPS_rand_method(void); - -#ifdef __cplusplus -} -#endif -#endif -#endif diff --git a/src/lib/libssl/src/fips/rand/fips_randtest.c b/src/lib/libssl/src/fips/rand/fips_randtest.c deleted file mode 100644 index 6165944e56..0000000000 --- a/src/lib/libssl/src/fips/rand/fips_randtest.c +++ /dev/null @@ -1,369 +0,0 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 2003 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - */ - -#include -#include -#include -#include -#include - -#include "e_os.h" - -#ifndef OPENSSL_FIPS -int main(int argc, char *argv[]) -{ - printf("No FIPS RAND support\n"); - return(0); -} - -#else - -/* some FIPS 140-1 random number test */ -/* some simple tests */ - -static DES_cblock prng_key1={0x21,0x58,0x47,0xb7,0xc2,0x97,0x5a,0x8e}; -static DES_cblock prng_key2={0x61,0x23,0x05,0x96,0x18,0x91,0x86,0xac}; -static unsigned char prng_seed[8]={0x6b,0xa3,0x4f,0x07,0xe4,0x2a,0xb0,0xc}; - -typedef struct - { - DES_cblock keys[2]; - const unsigned char time[8]; - const unsigned char seed[8]; - const unsigned char block1[8]; - const unsigned char block100[8]; - } PRNGtest; - -/* FIXME: these test vectors are made up! */ -static PRNGtest t1= - { - { { 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07 }, - { 0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f }, - }, - { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 }, - { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 }, - { 0x33,0xc3,0xdf,0xfe,0x60,0x60,0x49,0x9e }, - { 0xcd,0x2b,0x41,0xaf,0x80,0x51,0x37,0xd8 } - }; -static PRNGtest t2= - { - { { 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff }, - { 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff } }, - { 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff }, - { 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff }, - { 0x65,0xf1,0xa4,0x07,0x42,0x38,0xd5,0x25 }, - { 0xbb,0x75,0x84,0x20,0x7a,0x44,0xf0,0xa0 } - }; - -static void dump(const unsigned char *b,int n) - { - while(n-- > 0) - { - printf(" %02x",*b++); - } - } - -static void compare(const unsigned char *result,const unsigned char *expected, - int n) - { - int i; - - for(i=0 ; i < n ; ++i) - if(result[i] != expected[i]) - { - puts("Random test failed, got:"); - dump(result,8); - puts("\n expected:"); - dump(expected,8); - putchar('\n'); - EXIT(1); - } - } - -static void run_test(const PRNGtest *t) - { - unsigned char buf[8]; - int n; - - FIPS_set_prng_key(t->keys[0],t->keys[1]); - FIPS_test_mode(1,t->time); - RAND_seed(t->seed,sizeof t->seed); - - if(RAND_bytes(buf,8) <= 0) - { - ERR_print_errors_fp(stderr); - EXIT(2); - } - compare(buf,t->block1,8); - for(n=0 ; n < 99 ; ++n) - if(RAND_bytes(buf,8) <= 0) - { - ERR_print_errors_fp(stderr); - EXIT(2); - } - compare(buf,t->block100,8); - FIPS_test_mode(0,NULL); - } - -int main() - { - unsigned char buf[2500]; - int i,j,k,s,sign,nsign,err=0; - unsigned long n1; - unsigned long n2[16]; - unsigned long runs[2][34]; - /*double d; */ - long d; - - ERR_load_crypto_strings(); - RAND_set_rand_method(FIPS_rand_method()); - - run_test(&t1); - run_test(&t2); - - FIPS_set_prng_key(prng_key1,prng_key2); - RAND_seed(prng_seed,sizeof prng_seed); - - i = RAND_pseudo_bytes(buf,2500); - if (i <= 0) - { - printf ("init failed, the rand method is not properly installed\n"); - err++; - goto err; - } - - n1=0; - for (i=0; i<16; i++) n2[i]=0; - for (i=0; i<34; i++) runs[0][i]=runs[1][i]=0; - - /* test 1 and 2 */ - sign=0; - nsign=0; - for (i=0; i<2500; i++) - { - j=buf[i]; - - n2[j&0x0f]++; - n2[(j>>4)&0x0f]++; - - for (k=0; k<8; k++) - { - s=(j&0x01); - if (s == sign) - nsign++; - else - { - if (nsign > 34) nsign=34; - if (nsign != 0) - { - runs[sign][nsign-1]++; - if (nsign > 6) - runs[sign][5]++; - } - sign=s; - nsign=1; - } - - if (s) n1++; - j>>=1; - } - } - if (nsign > 34) nsign=34; - if (nsign != 0) runs[sign][nsign-1]++; - - /* test 1 */ - if (!((9654 < n1) && (n1 < 10346))) - { - printf("test 1 failed, X=%lu\n",n1); - err++; - } - printf("test 1 done\n"); - - /* test 2 */ -#ifdef undef - d=0; - for (i=0; i<16; i++) - d+=n2[i]*n2[i]; - d=d*16.0/5000.0-5000.0; - if (!((1.03 < d) && (d < 57.4))) - { - printf("test 2 failed, X=%.2f\n",d); - err++; - } -#endif - d=0; - for (i=0; i<16; i++) - d+=n2[i]*n2[i]; - d=(d*8)/25-500000; - if (!((103 < d) && (d < 5740))) - { - printf("test 2 failed, X=%ld.%02ld\n",d/100L,d%100L); - err++; - } - printf("test 2 done\n"); - - /* test 3 */ - for (i=0; i<2; i++) - { - if (!((2267 < runs[i][0]) && (runs[i][0] < 2733))) - { - printf("test 3 failed, bit=%d run=%d num=%lu\n", - i,1,runs[i][0]); - err++; - } - if (!((1079 < runs[i][1]) && (runs[i][1] < 1421))) - { - printf("test 3 failed, bit=%d run=%d num=%lu\n", - i,2,runs[i][1]); - err++; - } - if (!(( 502 < runs[i][2]) && (runs[i][2] < 748))) - { - printf("test 3 failed, bit=%d run=%d num=%lu\n", - i,3,runs[i][2]); - err++; - } - if (!(( 223 < runs[i][3]) && (runs[i][3] < 402))) - { - printf("test 3 failed, bit=%d run=%d num=%lu\n", - i,4,runs[i][3]); - err++; - } - if (!(( 90 < runs[i][4]) && (runs[i][4] < 223))) - { - printf("test 3 failed, bit=%d run=%d num=%lu\n", - i,5,runs[i][4]); - err++; - } - if (!(( 90 < runs[i][5]) && (runs[i][5] < 223))) - { - printf("test 3 failed, bit=%d run=%d num=%lu\n", - i,6,runs[i][5]); - err++; - } - } - printf("test 3 done\n"); - - /* test 4 */ - if (runs[0][33] != 0) - { - printf("test 4 failed, bit=%d run=%d num=%lu\n", - 0,34,runs[0][33]); - err++; - } - if (runs[1][33] != 0) - { - printf("test 4 failed, bit=%d run=%d num=%lu\n", - 1,34,runs[1][33]); - err++; - } - printf("test 4 done\n"); - err: - err=((err)?1:0); - EXIT(err); - return(err); - } - -#endif diff --git a/src/lib/libssl/src/fips/rsa/Makefile b/src/lib/libssl/src/fips/rsa/Makefile deleted file mode 100644 index bb20f86442..0000000000 --- a/src/lib/libssl/src/fips/rsa/Makefile +++ /dev/null @@ -1,111 +0,0 @@ -# -# SSLeay/fips/rsa/Makefile -# - -DIR= rsa -TOP= ../.. -CC= cc -INCLUDES= -CFLAG=-g -INSTALL_PREFIX= -OPENSSLDIR= /usr/local/ssl -INSTALLTOP=/usr/local/ssl -MAKEDEPPROG= makedepend -MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) -MAKEFILE= Makefile -AR= ar r - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile -TEST= -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC=fips_rsa_eay.c fips_rsa_gen.c fips_rsa_selftest.c -LIBOBJ=fips_rsa_eay.o fips_rsa_gen.o fips_rsa_selftest.o - -SRC= $(LIBSRC) - -EXHEADER= -HEADER= $(EXHEADER) - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd $(TOP); $(MAKE) DIRS=fips FDIRS=$(DIR) sub_all) - -all: check lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @sleep 2; touch lib - -check: - TOP=`pwd`/$(TOP) ../fips_check_sha1 fingerprint.sha1 $(SRC) $(HEADER) - -files: - $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO - -links: - @$(PERL) $(TOP)/util/mklink.pl $(TOP)/include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl $(TOP)/test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl $(TOP)/apps $(APPS) - -install: - @headerlist="$(EXHEADER)"; for i in $$headerlist; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -depend: - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(SRC) $(TEST) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff -# DO NOT DELETE THIS LINE -- make depend depends on it. - -fips_rsa_eay.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -fips_rsa_eay.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h -fips_rsa_eay.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -fips_rsa_eay.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -fips_rsa_eay.o: ../../include/openssl/opensslconf.h -fips_rsa_eay.o: ../../include/openssl/opensslv.h -fips_rsa_eay.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h -fips_rsa_eay.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -fips_rsa_eay.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -fips_rsa_eay.o: fips_rsa_eay.c -fips_rsa_gen.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -fips_rsa_gen.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h -fips_rsa_gen.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -fips_rsa_gen.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -fips_rsa_gen.o: ../../include/openssl/opensslconf.h -fips_rsa_gen.o: ../../include/openssl/opensslv.h -fips_rsa_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h -fips_rsa_gen.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -fips_rsa_gen.o: ../../include/openssl/symhacks.h fips_rsa_gen.c -fips_rsa_selftest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -fips_rsa_selftest.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h -fips_rsa_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -fips_rsa_selftest.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h -fips_rsa_selftest.o: ../../include/openssl/opensslconf.h -fips_rsa_selftest.o: ../../include/openssl/opensslv.h -fips_rsa_selftest.o: ../../include/openssl/ossl_typ.h -fips_rsa_selftest.o: ../../include/openssl/rsa.h -fips_rsa_selftest.o: ../../include/openssl/safestack.h -fips_rsa_selftest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -fips_rsa_selftest.o: ../../include/openssl/symhacks.h fips_rsa_selftest.c diff --git a/src/lib/libssl/src/fips/rsa/fips_rsa_eay.c b/src/lib/libssl/src/fips/rsa/fips_rsa_eay.c deleted file mode 100644 index c571e2b1bf..0000000000 --- a/src/lib/libssl/src/fips/rsa/fips_rsa_eay.c +++ /dev/null @@ -1,735 +0,0 @@ -/* crypto/rsa/rsa_eay.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include -#include -#include - -#if !defined(RSA_NULL) && defined(OPENSSL_FIPS) - -static int RSA_eay_public_encrypt(FIPS_RSA_SIZE_T flen, const unsigned char *from, - unsigned char *to, RSA *rsa,int padding); -static int RSA_eay_private_encrypt(FIPS_RSA_SIZE_T flen, const unsigned char *from, - unsigned char *to, RSA *rsa,int padding); -static int RSA_eay_public_decrypt(FIPS_RSA_SIZE_T flen, const unsigned char *from, - unsigned char *to, RSA *rsa,int padding); -static int RSA_eay_private_decrypt(FIPS_RSA_SIZE_T flen, const unsigned char *from, - unsigned char *to, RSA *rsa,int padding); -static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *i, RSA *rsa); -static int RSA_eay_init(RSA *rsa); -static int RSA_eay_finish(RSA *rsa); -static RSA_METHOD rsa_pkcs1_eay_meth={ - "Eric Young's PKCS#1 RSA", - RSA_eay_public_encrypt, - RSA_eay_public_decrypt, /* signature verification */ - RSA_eay_private_encrypt, /* signing */ - RSA_eay_private_decrypt, - RSA_eay_mod_exp, - BN_mod_exp_mont, /* XXX probably we should not use Montgomery if e == 3 */ - RSA_eay_init, - RSA_eay_finish, - 0, /* flags */ - NULL, - 0, /* rsa_sign */ - 0 /* rsa_verify */ - }; - -const RSA_METHOD *RSA_PKCS1_SSLeay(void) - { - return(&rsa_pkcs1_eay_meth); - } - -static int RSA_eay_public_encrypt(FIPS_RSA_SIZE_T flen, const unsigned char *from, - unsigned char *to, RSA *rsa, int padding) - { - BIGNUM f,ret; - int i,j,k,num=0,r= -1; - unsigned char *buf=NULL; - BN_CTX *ctx=NULL; - - BN_init(&f); - BN_init(&ret); - - if(FIPS_selftest_failed()) - { - FIPSerr(FIPS_F_RSA_EAY_PUBLIC_ENCRYPT,FIPS_R_FIPS_SELFTEST_FAILED); - goto err; - } - - if ((ctx=BN_CTX_new()) == NULL) goto err; - num=BN_num_bytes(rsa->n); - if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL) - { - RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,ERR_R_MALLOC_FAILURE); - goto err; - } - - switch (padding) - { - case RSA_PKCS1_PADDING: - i=RSA_padding_add_PKCS1_type_2(buf,num,from,flen); - break; -#ifndef OPENSSL_NO_SHA - case RSA_PKCS1_OAEP_PADDING: - i=RSA_padding_add_PKCS1_OAEP(buf,num,from,flen,NULL,0); - break; -#endif - case RSA_SSLV23_PADDING: - i=RSA_padding_add_SSLv23(buf,num,from,flen); - break; - case RSA_NO_PADDING: - i=RSA_padding_add_none(buf,num,from,flen); - break; - default: - RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,RSA_R_UNKNOWN_PADDING_TYPE); - goto err; - } - if (i <= 0) goto err; - - if (BN_bin2bn(buf,num,&f) == NULL) goto err; - - if (BN_ucmp(&f, rsa->n) >= 0) - { - /* usually the padding functions would catch this */ - RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS); - goto err; - } - - if ((rsa->_method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC)) - { - BN_MONT_CTX* bn_mont_ctx; - if ((bn_mont_ctx=BN_MONT_CTX_new()) == NULL) - goto err; - if (!BN_MONT_CTX_set(bn_mont_ctx,rsa->n,ctx)) - { - BN_MONT_CTX_free(bn_mont_ctx); - goto err; - } - if (rsa->_method_mod_n == NULL) /* other thread may have finished first */ - { - CRYPTO_w_lock(CRYPTO_LOCK_RSA); - if (rsa->_method_mod_n == NULL) - { - rsa->_method_mod_n = bn_mont_ctx; - bn_mont_ctx = NULL; - } - CRYPTO_w_unlock(CRYPTO_LOCK_RSA); - } - if (bn_mont_ctx) - BN_MONT_CTX_free(bn_mont_ctx); - } - - if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx, - rsa->_method_mod_n)) goto err; - - /* put in leading 0 bytes if the number is less than the - * length of the modulus */ - j=BN_num_bytes(&ret); - i=BN_bn2bin(&ret,&(to[num-j])); - for (k=0; k<(num-i); k++) - to[k]=0; - - r=num; -err: - if (ctx != NULL) BN_CTX_free(ctx); - BN_clear_free(&f); - BN_clear_free(&ret); - if (buf != NULL) - { - OPENSSL_cleanse(buf,num); - OPENSSL_free(buf); - } - return(r); - } - -static int rsa_eay_blinding(RSA *rsa, BN_CTX *ctx) - { - int ret = 1; - CRYPTO_w_lock(CRYPTO_LOCK_RSA); - /* Check again inside the lock - the macro's check is racey */ - if(rsa->blinding == NULL) - ret = RSA_blinding_on(rsa, ctx); - CRYPTO_w_unlock(CRYPTO_LOCK_RSA); - return ret; - } - -#define BLINDING_HELPER(rsa, ctx, err_instr) \ - do { \ - if((!((rsa)->flags & RSA_FLAG_NO_BLINDING)) && \ - ((rsa)->blinding == NULL) && \ - !rsa_eay_blinding(rsa, ctx)) \ - err_instr \ - } while(0) - -static BN_BLINDING *setup_blinding(RSA *rsa, BN_CTX *ctx) - { - BIGNUM *A, *Ai; - BN_BLINDING *ret = NULL; - - /* added in OpenSSL 0.9.6j and 0.9.7b */ - - /* NB: similar code appears in RSA_blinding_on (rsa_lib.c); - * this should be placed in a new function of its own, but for reasons - * of binary compatibility can't */ - - BN_CTX_start(ctx); - A = BN_CTX_get(ctx); - if ((RAND_status() == 0) && rsa->d != NULL && rsa->d->d != NULL) - { - /* if PRNG is not properly seeded, resort to secret exponent as unpredictable seed */ - RAND_add(rsa->d->d, rsa->d->dmax * sizeof rsa->d->d[0], 0); - if (!BN_pseudo_rand_range(A,rsa->n)) goto err; - } - else - { - if (!BN_rand_range(A,rsa->n)) goto err; - } - if ((Ai=BN_mod_inverse(NULL,A,rsa->n,ctx)) == NULL) goto err; - - if (!rsa->meth->bn_mod_exp(A,A,rsa->e,rsa->n,ctx,rsa->_method_mod_n)) - goto err; - ret = BN_BLINDING_new(A,Ai,rsa->n); - BN_free(Ai); -err: - BN_CTX_end(ctx); - return ret; - } - -/* signing */ -static int RSA_eay_private_encrypt(FIPS_RSA_SIZE_T flen, const unsigned char *from, - unsigned char *to, RSA *rsa, int padding) - { - BIGNUM f,ret; - int i,j,k,num=0,r= -1; - unsigned char *buf=NULL; - BN_CTX *ctx=NULL; - int local_blinding = 0; - BN_BLINDING *blinding = NULL; - - BN_init(&f); - BN_init(&ret); - - if ((ctx=BN_CTX_new()) == NULL) goto err; - num=BN_num_bytes(rsa->n); - if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL) - { - RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,ERR_R_MALLOC_FAILURE); - goto err; - } - - switch (padding) - { - case RSA_PKCS1_PADDING: - i=RSA_padding_add_PKCS1_type_1(buf,num,from,flen); - break; - case RSA_NO_PADDING: - i=RSA_padding_add_none(buf,num,from,flen); - break; - case RSA_SSLV23_PADDING: - default: - RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,RSA_R_UNKNOWN_PADDING_TYPE); - goto err; - } - if (i <= 0) goto err; - - if (BN_bin2bn(buf,num,&f) == NULL) goto err; - - if (BN_ucmp(&f, rsa->n) >= 0) - { - /* usually the padding functions would catch this */ - RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS); - goto err; - } - - BLINDING_HELPER(rsa, ctx, goto err;); - blinding = rsa->blinding; - - /* Now unless blinding is disabled, 'blinding' is non-NULL. - * But the BN_BLINDING object may be owned by some other thread - * (we don't want to keep it constant and we don't want to use - * lots of locking to avoid race conditions, so only a single - * thread can use it; other threads have to use local blinding - * factors) */ - if (!(rsa->flags & RSA_FLAG_NO_BLINDING)) - { - if (blinding == NULL) - { - RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, ERR_R_INTERNAL_ERROR); - goto err; - } - } - - if (blinding != NULL) - { - if (blinding->thread_id != CRYPTO_thread_id()) - { - /* we need a local one-time blinding factor */ - - blinding = setup_blinding(rsa, ctx); - if (blinding == NULL) - goto err; - local_blinding = 1; - } - } - - if (blinding) - if (!BN_BLINDING_convert(&f, blinding, ctx)) goto err; - - if ( (rsa->flags & RSA_FLAG_EXT_PKEY) || - ((rsa->p != NULL) && - (rsa->q != NULL) && - (rsa->dmp1 != NULL) && - (rsa->dmq1 != NULL) && - (rsa->iqmp != NULL)) ) - { if (!rsa->meth->rsa_mod_exp(&ret,&f,rsa)) goto err; } - else - { - if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx,NULL)) goto err; - } - - if (blinding) - if (!BN_BLINDING_invert(&ret, blinding, ctx)) goto err; - - /* put in leading 0 bytes if the number is less than the - * length of the modulus */ - j=BN_num_bytes(&ret); - i=BN_bn2bin(&ret,&(to[num-j])); - for (k=0; k<(num-i); k++) - to[k]=0; - - r=num; -err: - if (ctx != NULL) BN_CTX_free(ctx); - BN_clear_free(&ret); - BN_clear_free(&f); - if (local_blinding) - BN_BLINDING_free(blinding); - if (buf != NULL) - { - OPENSSL_cleanse(buf,num); - OPENSSL_free(buf); - } - return(r); - } - -static int RSA_eay_private_decrypt(FIPS_RSA_SIZE_T flen, const unsigned char *from, - unsigned char *to, RSA *rsa, int padding) - { - BIGNUM f,ret; - int j,num=0,r= -1; - unsigned char *p; - unsigned char *buf=NULL; - BN_CTX *ctx=NULL; - int local_blinding = 0; - BN_BLINDING *blinding = NULL; - - BN_init(&f); - BN_init(&ret); - ctx=BN_CTX_new(); - if (ctx == NULL) goto err; - - num=BN_num_bytes(rsa->n); - - if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL) - { - RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,ERR_R_MALLOC_FAILURE); - goto err; - } - - /* This check was for equality but PGP does evil things - * and chops off the top '0' bytes */ - if (flen > num) - { - RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_DATA_GREATER_THAN_MOD_LEN); - goto err; - } - - /* make data into a big number */ - if (BN_bin2bn(from,(int)flen,&f) == NULL) goto err; - - if (BN_ucmp(&f, rsa->n) >= 0) - { - RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS); - goto err; - } - - BLINDING_HELPER(rsa, ctx, goto err;); - blinding = rsa->blinding; - - /* Now unless blinding is disabled, 'blinding' is non-NULL. - * But the BN_BLINDING object may be owned by some other thread - * (we don't want to keep it constant and we don't want to use - * lots of locking to avoid race conditions, so only a single - * thread can use it; other threads have to use local blinding - * factors) */ - if (!(rsa->flags & RSA_FLAG_NO_BLINDING)) - { - if (blinding == NULL) - { - RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, ERR_R_INTERNAL_ERROR); - goto err; - } - } - - if (blinding != NULL) - { - if (blinding->thread_id != CRYPTO_thread_id()) - { - /* we need a local one-time blinding factor */ - - blinding = setup_blinding(rsa, ctx); - if (blinding == NULL) - goto err; - local_blinding = 1; - } - } - - if (blinding) - if (!BN_BLINDING_convert(&f, blinding, ctx)) goto err; - - /* do the decrypt */ - if ( (rsa->flags & RSA_FLAG_EXT_PKEY) || - ((rsa->p != NULL) && - (rsa->q != NULL) && - (rsa->dmp1 != NULL) && - (rsa->dmq1 != NULL) && - (rsa->iqmp != NULL)) ) - { if (!rsa->meth->rsa_mod_exp(&ret,&f,rsa)) goto err; } - else - { - if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx,NULL)) - goto err; - } - - if (blinding) - if (!BN_BLINDING_invert(&ret, blinding, ctx)) goto err; - - p=buf; - j=BN_bn2bin(&ret,p); /* j is only used with no-padding mode */ - - switch (padding) - { - case RSA_PKCS1_PADDING: - r=RSA_padding_check_PKCS1_type_2(to,num,buf,j,num); - break; -#ifndef OPENSSL_NO_SHA - case RSA_PKCS1_OAEP_PADDING: - r=RSA_padding_check_PKCS1_OAEP(to,num,buf,j,num,NULL,0); - break; -#endif - case RSA_SSLV23_PADDING: - r=RSA_padding_check_SSLv23(to,num,buf,j,num); - break; - case RSA_NO_PADDING: - r=RSA_padding_check_none(to,num,buf,j,num); - break; - default: - RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_UNKNOWN_PADDING_TYPE); - goto err; - } - if (r < 0) - RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_PADDING_CHECK_FAILED); - -err: - if (ctx != NULL) BN_CTX_free(ctx); - BN_clear_free(&f); - BN_clear_free(&ret); - if (local_blinding) - BN_BLINDING_free(blinding); - if (buf != NULL) - { - OPENSSL_cleanse(buf,num); - OPENSSL_free(buf); - } - return(r); - } - -/* signature verification */ -static int RSA_eay_public_decrypt(FIPS_RSA_SIZE_T flen, const unsigned char *from, - unsigned char *to, RSA *rsa, int padding) - { - BIGNUM f,ret; - int i,num=0,r= -1; - unsigned char *p; - unsigned char *buf=NULL; - BN_CTX *ctx=NULL; - - BN_init(&f); - BN_init(&ret); - ctx=BN_CTX_new(); - if (ctx == NULL) goto err; - - num=BN_num_bytes(rsa->n); - buf=(unsigned char *)OPENSSL_malloc(num); - if (buf == NULL) - { - RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,ERR_R_MALLOC_FAILURE); - goto err; - } - - /* This check was for equality but PGP does evil things - * and chops off the top '0' bytes */ - if (flen > num) - { - RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_DATA_GREATER_THAN_MOD_LEN); - goto err; - } - - if (BN_bin2bn(from,flen,&f) == NULL) goto err; - - if (BN_ucmp(&f, rsa->n) >= 0) - { - RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS); - goto err; - } - - /* do the decrypt */ - if ((rsa->_method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC)) - { - BN_MONT_CTX* bn_mont_ctx; - if ((bn_mont_ctx=BN_MONT_CTX_new()) == NULL) - goto err; - if (!BN_MONT_CTX_set(bn_mont_ctx,rsa->n,ctx)) - { - BN_MONT_CTX_free(bn_mont_ctx); - goto err; - } - if (rsa->_method_mod_n == NULL) /* other thread may have finished first */ - { - CRYPTO_w_lock(CRYPTO_LOCK_RSA); - if (rsa->_method_mod_n == NULL) - { - rsa->_method_mod_n = bn_mont_ctx; - bn_mont_ctx = NULL; - } - CRYPTO_w_unlock(CRYPTO_LOCK_RSA); - } - if (bn_mont_ctx) - BN_MONT_CTX_free(bn_mont_ctx); - } - - if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx, - rsa->_method_mod_n)) goto err; - - p=buf; - i=BN_bn2bin(&ret,p); - - switch (padding) - { - case RSA_PKCS1_PADDING: - r=RSA_padding_check_PKCS1_type_1(to,num,buf,i,num); - break; - case RSA_NO_PADDING: - r=RSA_padding_check_none(to,num,buf,i,num); - break; - default: - RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_UNKNOWN_PADDING_TYPE); - goto err; - } - if (r < 0) - RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_PADDING_CHECK_FAILED); - -err: - if (ctx != NULL) BN_CTX_free(ctx); - BN_clear_free(&f); - BN_clear_free(&ret); - if (buf != NULL) - { - OPENSSL_cleanse(buf,num); - OPENSSL_free(buf); - } - return(r); - } - -static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) - { - BIGNUM r1,m1,vrfy; - int ret=0; - BN_CTX *ctx; - - BN_init(&m1); - BN_init(&r1); - BN_init(&vrfy); - if ((ctx=BN_CTX_new()) == NULL) goto err; - - if (rsa->flags & RSA_FLAG_CACHE_PRIVATE) - { - if (rsa->_method_mod_p == NULL) - { - BN_MONT_CTX* bn_mont_ctx; - if ((bn_mont_ctx=BN_MONT_CTX_new()) == NULL) - goto err; - if (!BN_MONT_CTX_set(bn_mont_ctx,rsa->p,ctx)) - { - BN_MONT_CTX_free(bn_mont_ctx); - goto err; - } - if (rsa->_method_mod_p == NULL) /* other thread may have finished first */ - { - CRYPTO_w_lock(CRYPTO_LOCK_RSA); - if (rsa->_method_mod_p == NULL) - { - rsa->_method_mod_p = bn_mont_ctx; - bn_mont_ctx = NULL; - } - CRYPTO_w_unlock(CRYPTO_LOCK_RSA); - } - if (bn_mont_ctx) - BN_MONT_CTX_free(bn_mont_ctx); - } - - if (rsa->_method_mod_q == NULL) - { - BN_MONT_CTX* bn_mont_ctx; - if ((bn_mont_ctx=BN_MONT_CTX_new()) == NULL) - goto err; - if (!BN_MONT_CTX_set(bn_mont_ctx,rsa->q,ctx)) - { - BN_MONT_CTX_free(bn_mont_ctx); - goto err; - } - if (rsa->_method_mod_q == NULL) /* other thread may have finished first */ - { - CRYPTO_w_lock(CRYPTO_LOCK_RSA); - if (rsa->_method_mod_q == NULL) - { - rsa->_method_mod_q = bn_mont_ctx; - bn_mont_ctx = NULL; - } - CRYPTO_w_unlock(CRYPTO_LOCK_RSA); - } - if (bn_mont_ctx) - BN_MONT_CTX_free(bn_mont_ctx); - } - } - - if (!BN_mod(&r1,I,rsa->q,ctx)) goto err; - if (!rsa->meth->bn_mod_exp(&m1,&r1,rsa->dmq1,rsa->q,ctx, - rsa->_method_mod_q)) goto err; - - if (!BN_mod(&r1,I,rsa->p,ctx)) goto err; - if (!rsa->meth->bn_mod_exp(r0,&r1,rsa->dmp1,rsa->p,ctx, - rsa->_method_mod_p)) goto err; - - if (!BN_sub(r0,r0,&m1)) goto err; - /* This will help stop the size of r0 increasing, which does - * affect the multiply if it optimised for a power of 2 size */ - if (r0->neg) - if (!BN_add(r0,r0,rsa->p)) goto err; - - if (!BN_mul(&r1,r0,rsa->iqmp,ctx)) goto err; - if (!BN_mod(r0,&r1,rsa->p,ctx)) goto err; - /* If p < q it is occasionally possible for the correction of - * adding 'p' if r0 is negative above to leave the result still - * negative. This can break the private key operations: the following - * second correction should *always* correct this rare occurrence. - * This will *never* happen with OpenSSL generated keys because - * they ensure p > q [steve] - */ - if (r0->neg) - if (!BN_add(r0,r0,rsa->p)) goto err; - if (!BN_mul(&r1,r0,rsa->q,ctx)) goto err; - if (!BN_add(r0,&r1,&m1)) goto err; - - if (rsa->e && rsa->n) - { - if (!rsa->meth->bn_mod_exp(&vrfy,r0,rsa->e,rsa->n,ctx,NULL)) goto err; - /* If 'I' was greater than (or equal to) rsa->n, the operation - * will be equivalent to using 'I mod n'. However, the result of - * the verify will *always* be less than 'n' so we don't check - * for absolute equality, just congruency. */ - if (!BN_sub(&vrfy, &vrfy, I)) goto err; - if (!BN_mod(&vrfy, &vrfy, rsa->n, ctx)) goto err; - if (vrfy.neg) - if (!BN_add(&vrfy, &vrfy, rsa->n)) goto err; - if (!BN_is_zero(&vrfy)) - /* 'I' and 'vrfy' aren't congruent mod n. Don't leak - * miscalculated CRT output, just do a raw (slower) - * mod_exp and return that instead. */ - if (!rsa->meth->bn_mod_exp(r0,I,rsa->d,rsa->n,ctx,NULL)) goto err; - } - ret=1; -err: - BN_clear_free(&m1); - BN_clear_free(&r1); - BN_clear_free(&vrfy); - BN_CTX_free(ctx); - return(ret); - } - -static int RSA_eay_init(RSA *rsa) - { - rsa->flags|=RSA_FLAG_CACHE_PUBLIC|RSA_FLAG_CACHE_PRIVATE; - return(1); - } - -static int RSA_eay_finish(RSA *rsa) - { - if (rsa->_method_mod_n != NULL) - BN_MONT_CTX_free(rsa->_method_mod_n); - if (rsa->_method_mod_p != NULL) - BN_MONT_CTX_free(rsa->_method_mod_p); - if (rsa->_method_mod_q != NULL) - BN_MONT_CTX_free(rsa->_method_mod_q); - return(1); - } - -#endif diff --git a/src/lib/libssl/src/fips/rsa/fips_rsa_gen.c b/src/lib/libssl/src/fips/rsa/fips_rsa_gen.c deleted file mode 100644 index 2c92112477..0000000000 --- a/src/lib/libssl/src/fips/rsa/fips_rsa_gen.c +++ /dev/null @@ -1,249 +0,0 @@ -/* crypto/rsa/rsa_gen.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include -#include -#include -#include - -#ifdef OPENSSL_FIPS - -static int fips_check_rsa(RSA *rsa) - { - int n; - unsigned char ctext[256]; - unsigned char ptext[256]; - /* The longest we can have with OAEP padding and a 512 bit key */ - static unsigned char original_ptext[] = - "\x01\x23\x45\x67\x89\xab\xcd\xef\x12\x34\x56\x78\x9a\xbc\xde\xf0" - "\x23\x45\x67\x89\xab\xcd"; - - /* this will fail for keys shorter than 512 bits */ - n=RSA_public_encrypt(sizeof(original_ptext)-1,original_ptext,ctext,rsa, - RSA_PKCS1_OAEP_PADDING); - if(n < 0) - { - ERR_print_errors_fp(stderr); - exit(1); - } - if(!memcmp(ctext,original_ptext,n)) - { - FIPSerr(FIPS_F_FIPS_CHECK_RSA,FIPS_R_PAIRWISE_TEST_FAILED); - return 0; - } - n=RSA_private_decrypt(n,ctext,ptext,rsa,RSA_PKCS1_OAEP_PADDING); - if(n < 0) - { - ERR_print_errors_fp(stderr); - exit(1); - } - if(n != sizeof(original_ptext)-1 || memcmp(ptext,original_ptext,n)) - { - FIPSerr(FIPS_F_FIPS_CHECK_RSA,FIPS_R_PAIRWISE_TEST_FAILED); - return 0; - } - - return 1; - } - -RSA *RSA_generate_key(FIPS_RSA_SIZE_T bits, unsigned long e_value, - void (*callback)(int,int,void *), void *cb_arg) - { - RSA *rsa=NULL; - BIGNUM *r0=NULL,*r1=NULL,*r2=NULL,*r3=NULL,*tmp; - int bitsp,bitsq,ok= -1,n=0,i; - BN_CTX *ctx=NULL,*ctx2=NULL; - - if(FIPS_selftest_failed()) - { - FIPSerr(FIPS_F_RSA_GENERATE_KEY,FIPS_R_FIPS_SELFTEST_FAILED); - return NULL; - } - - ctx=BN_CTX_new(); - if (ctx == NULL) goto err; - ctx2=BN_CTX_new(); - if (ctx2 == NULL) goto err; - BN_CTX_start(ctx); - r0 = BN_CTX_get(ctx); - r1 = BN_CTX_get(ctx); - r2 = BN_CTX_get(ctx); - r3 = BN_CTX_get(ctx); - if (r3 == NULL) goto err; - - bitsp=(bits+1)/2; - bitsq=bits-bitsp; - rsa=RSA_new(); - if (rsa == NULL) goto err; - - /* set e */ - rsa->e=BN_new(); - if (rsa->e == NULL) goto err; - -#if 1 - /* The problem is when building with 8, 16, or 32 BN_ULONG, - * unsigned long can be larger */ - for (i=0; ie,i); - } -#else - if (!BN_set_word(rsa->e,e_value)) goto err; -#endif - - /* generate p and q */ - for (;;) - { - rsa->p=BN_generate_prime(NULL,bitsp,0,NULL,NULL,callback,cb_arg); - if (rsa->p == NULL) goto err; - if (!BN_sub(r2,rsa->p,BN_value_one())) goto err; - if (!BN_gcd(r1,r2,rsa->e,ctx)) goto err; - if (BN_is_one(r1)) break; - if (callback != NULL) callback(2,n++,cb_arg); - BN_free(rsa->p); - } - if (callback != NULL) callback(3,0,cb_arg); - for (;;) - { - rsa->q=BN_generate_prime(NULL,bitsq,0,NULL,NULL,callback,cb_arg); - if (rsa->q == NULL) goto err; - if (!BN_sub(r2,rsa->q,BN_value_one())) goto err; - if (!BN_gcd(r1,r2,rsa->e,ctx)) goto err; - if (BN_is_one(r1) && (BN_cmp(rsa->p,rsa->q) != 0)) - break; - if (callback != NULL) callback(2,n++,cb_arg); - BN_free(rsa->q); - } - if (callback != NULL) callback(3,1,cb_arg); - if (BN_cmp(rsa->p,rsa->q) < 0) - { - tmp=rsa->p; - rsa->p=rsa->q; - rsa->q=tmp; - } - - /* calculate n */ - rsa->n=BN_new(); - if (rsa->n == NULL) goto err; - if (!BN_mul(rsa->n,rsa->p,rsa->q,ctx)) goto err; - - /* calculate d */ - if (!BN_sub(r1,rsa->p,BN_value_one())) goto err; /* p-1 */ - if (!BN_sub(r2,rsa->q,BN_value_one())) goto err; /* q-1 */ - if (!BN_mul(r0,r1,r2,ctx)) goto err; /* (p-1)(q-1) */ - -/* should not be needed, since gcd(p-1,e) == 1 and gcd(q-1,e) == 1 */ -/* for (;;) - { - if (!BN_gcd(r3,r0,rsa->e,ctx)) goto err; - if (BN_is_one(r3)) break; - - if (1) - { - if (!BN_add_word(rsa->e,2L)) goto err; - continue; - } - RSAerr(RSA_F_RSA_GENERATE_KEY,RSA_R_BAD_E_VALUE); - goto err; - } -*/ - rsa->d=BN_mod_inverse(NULL,rsa->e,r0,ctx2); /* d */ - if (rsa->d == NULL) goto err; - - /* calculate d mod (p-1) */ - rsa->dmp1=BN_new(); - if (rsa->dmp1 == NULL) goto err; - if (!BN_mod(rsa->dmp1,rsa->d,r1,ctx)) goto err; - - /* calculate d mod (q-1) */ - rsa->dmq1=BN_new(); - if (rsa->dmq1 == NULL) goto err; - if (!BN_mod(rsa->dmq1,rsa->d,r2,ctx)) goto err; - - /* calculate inverse of q mod p */ - rsa->iqmp=BN_mod_inverse(NULL,rsa->q,rsa->p,ctx2); - if (rsa->iqmp == NULL) goto err; - - if(!fips_check_rsa(rsa)) - goto err; - - ok=1; -err: - if (ok == -1) - { - RSAerr(RSA_F_RSA_GENERATE_KEY,ERR_LIB_BN); - ok=0; - } - BN_CTX_end(ctx); - BN_CTX_free(ctx); - BN_CTX_free(ctx2); - - if (!ok) - { - if (rsa != NULL) RSA_free(rsa); - return(NULL); - } - else - return(rsa); - } - -#endif diff --git a/src/lib/libssl/src/fips/rsa/fips_rsa_selftest.c b/src/lib/libssl/src/fips/rsa/fips_rsa_selftest.c deleted file mode 100644 index 4e3b9445fc..0000000000 --- a/src/lib/libssl/src/fips/rsa/fips_rsa_selftest.c +++ /dev/null @@ -1,251 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2003 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - */ - -#include -#include -#include -#include -#include -#include - -#ifdef OPENSSL_FIPS -#define SetKey \ - key->n = BN_bin2bn(n, sizeof(n)-1, key->n); \ - key->e = BN_bin2bn(e, sizeof(e)-1, key->e); \ - key->d = BN_bin2bn(d, sizeof(d)-1, key->d); \ - key->p = BN_bin2bn(p, sizeof(p)-1, key->p); \ - key->q = BN_bin2bn(q, sizeof(q)-1, key->q); \ - key->dmp1 = BN_bin2bn(dmp1, sizeof(dmp1)-1, key->dmp1); \ - key->dmq1 = BN_bin2bn(dmq1, sizeof(dmq1)-1, key->dmq1); \ - key->iqmp = BN_bin2bn(iqmp, sizeof(iqmp)-1, key->iqmp); \ - memcpy(c, ctext_ex, sizeof(ctext_ex) - 1); \ - return (sizeof(ctext_ex) - 1); - -static unsigned char n[] = -"\x00\xBB\xF8\x2F\x09\x06\x82\xCE\x9C\x23\x38\xAC\x2B\x9D\xA8\x71" -"\xF7\x36\x8D\x07\xEE\xD4\x10\x43\xA4\x40\xD6\xB6\xF0\x74\x54\xF5" -"\x1F\xB8\xDF\xBA\xAF\x03\x5C\x02\xAB\x61\xEA\x48\xCE\xEB\x6F\xCD" -"\x48\x76\xED\x52\x0D\x60\xE1\xEC\x46\x19\x71\x9D\x8A\x5B\x8B\x80" -"\x7F\xAF\xB8\xE0\xA3\xDF\xC7\x37\x72\x3E\xE6\xB4\xB7\xD9\x3A\x25" -"\x84\xEE\x6A\x64\x9D\x06\x09\x53\x74\x88\x34\xB2\x45\x45\x98\x39" -"\x4E\xE0\xAA\xB1\x2D\x7B\x61\xA5\x1F\x52\x7A\x9A\x41\xF6\xC1\x68" -"\x7F\xE2\x53\x72\x98\xCA\x2A\x8F\x59\x46\xF8\xE5\xFD\x09\x1D\xBD" -"\xCB"; - - -static int setrsakey(RSA *key, unsigned char *c) - { - static unsigned char e[] = "\x11"; - - static unsigned char d[] = -"\x00\xA5\xDA\xFC\x53\x41\xFA\xF2\x89\xC4\xB9\x88\xDB\x30\xC1\xCD" -"\xF8\x3F\x31\x25\x1E\x06\x68\xB4\x27\x84\x81\x38\x01\x57\x96\x41" -"\xB2\x94\x10\xB3\xC7\x99\x8D\x6B\xC4\x65\x74\x5E\x5C\x39\x26\x69" -"\xD6\x87\x0D\xA2\xC0\x82\xA9\x39\xE3\x7F\xDC\xB8\x2E\xC9\x3E\xDA" -"\xC9\x7F\xF3\xAD\x59\x50\xAC\xCF\xBC\x11\x1C\x76\xF1\xA9\x52\x94" -"\x44\xE5\x6A\xAF\x68\xC5\x6C\x09\x2C\xD3\x8D\xC3\xBE\xF5\xD2\x0A" -"\x93\x99\x26\xED\x4F\x74\xA1\x3E\xDD\xFB\xE1\xA1\xCE\xCC\x48\x94" -"\xAF\x94\x28\xC2\xB7\xB8\x88\x3F\xE4\x46\x3A\x4B\xC8\x5B\x1C\xB3" -"\xC1"; - - static unsigned char p[] = -"\x00\xEE\xCF\xAE\x81\xB1\xB9\xB3\xC9\x08\x81\x0B\x10\xA1\xB5\x60" -"\x01\x99\xEB\x9F\x44\xAE\xF4\xFD\xA4\x93\xB8\x1A\x9E\x3D\x84\xF6" -"\x32\x12\x4E\xF0\x23\x6E\x5D\x1E\x3B\x7E\x28\xFA\xE7\xAA\x04\x0A" -"\x2D\x5B\x25\x21\x76\x45\x9D\x1F\x39\x75\x41\xBA\x2A\x58\xFB\x65" -"\x99"; - - static unsigned char q[] = -"\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9" -"\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5A\x0F\x20\x35\x02\x8B\x9D" -"\x86\x98\x40\xB4\x16\x66\xB4\x2E\x92\xEA\x0D\xA3\xB4\x32\x04\xB5" -"\xCF\xCE\x33\x52\x52\x4D\x04\x16\xA5\xA4\x41\xE7\x00\xAF\x46\x15" -"\x03"; - - static unsigned char dmp1[] = -"\x54\x49\x4C\xA6\x3E\xBA\x03\x37\xE4\xE2\x40\x23\xFC\xD6\x9A\x5A" -"\xEB\x07\xDD\xDC\x01\x83\xA4\xD0\xAC\x9B\x54\xB0\x51\xF2\xB1\x3E" -"\xD9\x49\x09\x75\xEA\xB7\x74\x14\xFF\x59\xC1\xF7\x69\x2E\x9A\x2E" -"\x20\x2B\x38\xFC\x91\x0A\x47\x41\x74\xAD\xC9\x3C\x1F\x67\xC9\x81"; - - static unsigned char dmq1[] = -"\x47\x1E\x02\x90\xFF\x0A\xF0\x75\x03\x51\xB7\xF8\x78\x86\x4C\xA9" -"\x61\xAD\xBD\x3A\x8A\x7E\x99\x1C\x5C\x05\x56\xA9\x4C\x31\x46\xA7" -"\xF9\x80\x3F\x8F\x6F\x8A\xE3\x42\xE9\x31\xFD\x8A\xE4\x7A\x22\x0D" -"\x1B\x99\xA4\x95\x84\x98\x07\xFE\x39\xF9\x24\x5A\x98\x36\xDA\x3D"; - - static unsigned char iqmp[] = -"\x00\xB0\x6C\x4F\xDA\xBB\x63\x01\x19\x8D\x26\x5B\xDB\xAE\x94\x23" -"\xB3\x80\xF2\x71\xF7\x34\x53\x88\x50\x93\x07\x7F\xCD\x39\xE2\x11" -"\x9F\xC9\x86\x32\x15\x4F\x58\x83\xB1\x67\xA9\x67\xBF\x40\x2B\x4E" -"\x9E\x2E\x0F\x96\x56\xE6\x98\xEA\x36\x66\xED\xFB\x25\x79\x80\x39" -"\xF7"; - - static unsigned char ctext_ex[] = -"\x42\x4b\xc9\x51\x61\xd4\xca\xa0\x18\x6c\x4d\xca\x61\x8f\x2d\x07" -"\x8c\x63\xc5\x6b\xa2\x4c\x32\xb1\xda\xb7\xdd\x32\xb6\x51\x68\xc3" -"\x6e\x98\x46\xd6\xbb\x1a\xd5\x99\x05\x92\x7c\xd7\xbc\x08\x9e\xe4" -"\xc3\x70\x4d\xe6\x99\x7e\x61\x31\x07\x7a\x19\xdb\x3e\x11\xfa\x3d" -"\x7c\x61\xd7\x78\x14\x3f\x05\x16\xa0\xc4\xbf\xcd\xee\xca\x67\x4c" -"\x80\x4e\xca\x43\x2f\x35\x43\x58\xa7\x50\x7e\x3e\x52\x82\xab\xac" -"\xa6\x50\xe8\x39\x9f\xe0\x7f\x58\x1d\x1b\x90\x93\x04\xec\xb3\xf9" -"\x24\xd3\x75\x3e\x39\xd1\x14\xc6\x33\xce\xd6\xee\x20\x47\xec\xe4"; - - SetKey; - } - -void FIPS_corrupt_rsa() - { - n[0]++; - } - -int FIPS_selftest_rsa() - { - int clen; - RSA *key; - unsigned char expected_ctext[256]; - unsigned char ctext[256]; - unsigned char ptext[256]; - static unsigned char original_ptext[] = - "\x01\x23\x45\x67\x89\xab\xcd\xef\x12\x34\x56\x78\x9a\xbc\xde\xf0" - "\x23\x45\x67\x89\xab\xcd\xef\x12\x34\x56\x78\x9a\xbc\xde\xf0\x12" - "\x45\x67\x89\xab\xcd\xef\x12\x34\x56\x78\x9a\xbc\xde\xf0\x12\x34" - "\x67\x89\xab\xcd\xef\x12\x34\x56\x78\x9a\xbc\xde\xf0\x12\x34\x56" - "\x89\xab\xcd\xef\x12\x34\x56\x78\x9a\xbc\xde\xf0\x12\x34\x56\x78" - "\xab\xcd\xef\x12\x34\x56\x78\x9a\xbc\xde\xf0\x12\x34\x56\x78\x9a" - "\xcd\xef\x12\x34\x56\x78\x9a\xbc\xde\xf0\x12\x34\x56\x78\x9a\xbc" - "\xef\x12\x34\x56\x78\x9a\xbc\xde\xf0\x12\x34\x56\x78\x9a\xbc\xde" - "\xf0\x12\x34\x56\x78\x9a\xbc\xde\xf0\x12\x34\x56\x78\x9a\xbc\xde"; - unsigned char md[SHA_DIGEST_LENGTH]; - unsigned char mdkat[SHA_DIGEST_LENGTH] = - "\x2d\x57\x1d\x6f\x5c\x37\xf9\xf0\x3b\xb4\x3c\xe8\x2c\x4c\xb3\x04" - "\x75\xa2\x0e\xfb"; - unsigned char ctextkat[] = - "\x3e\xc5\x0a\xbe\x29\xa2\xca\x9a\x35\x14\x17\x26\xa4\x0f\xa3\x03" - "\x65\xb5\x37\xf5\x6a\xaa\xb\xf\x2c\x0d\x8\xc0\x73\x8\x3c\x88\x85" - "\x36\x68\x16\xfe\x2f\x59\x77\x7e\x2a\x76\x9a\xc7\x27\x19\x9b\x54" - "\x14\x87\xf3\xe0\xce\x1e\x68\x10\x40\x14\xac\xbc\xe6\x6f\x26\x1f" - "\x55\xd1\x15\x81\x48\x10\xf4\x89\xe5\x67\x52\x42\x87\x04\x74\x4e" - "\x96\x14\x7c\x53\xc9\x1e\x84\x11\x7d\x7d\x23\xbd\xff\x6c\xcb\x00" - "\x96\x2e\x7d\xfb\x47\xea\x78\xcd\xd8\x04\x3a\x98\x06\x13\x68\x39" - "\xa1\xe2\xbc\x9f\x64\xc7\x62\xf0\x74\x4d\x42\xe0\x0b\xcf\x24\x48"; - int i; - - /* Perform pairwise consistency test by: ... */ - - key=RSA_new(); - clen=setrsakey(key,expected_ctext); - /* ...1) apply public key to plaintext, resulting ciphertext must be - * different - */ - i=RSA_public_encrypt(128,original_ptext,ctext,key, - RSA_NO_PADDING); - if(i != clen || memcmp(ctext,expected_ctext,i)) - { - FIPSerr(FIPS_F_FIPS_SELFTEST_RSA,FIPS_R_SELFTEST_FAILED); - return 0; - } - if(!memcmp(ctext,original_ptext,i)) - { - FIPSerr(FIPS_F_FIPS_SELFTEST_RSA,FIPS_R_SELFTEST_FAILED); - return 0; - } - /* ...2) apply private key to ciphertext and compare result to - * original plaintext; results must be equal - */ - i=RSA_private_decrypt(i,ctext,ptext,key,RSA_NO_PADDING); - if(i != 128 || memcmp(ptext,original_ptext,i)) - { - FIPSerr(FIPS_F_FIPS_SELFTEST_RSA,FIPS_R_SELFTEST_FAILED); - return 0; - } - - /* Perform sign and verify Known Answer Test by... */ - - /* ...1) using the same RSA key to encrypt the SHA-1 hash of a - * plaintext value larger than the RSA key size - */ - if (RSA_size(key) >= sizeof(original_ptext) - 1) - { - FIPSerr(FIPS_F_FIPS_SELFTEST_RSA,FIPS_R_SELFTEST_FAILED); - return 0; - } - /* ...2) then generate the SHA-1 digest of plaintext, and compare the - * digest to the Known Answer (note here we duplicate the SHA-1 KAT) - */ - SHA1(original_ptext,sizeof(original_ptext) - 1,md); - if(memcmp(md,mdkat,SHA_DIGEST_LENGTH)) - { - FIPSerr(FIPS_F_FIPS_SELFTEST_SHA1,FIPS_R_SELFTEST_FAILED); - return 0; - } - /* ...3) then encrypt the digest, and compare the ciphertext - * to the Known Answer - */ - i=RSA_private_encrypt(sizeof(md),md,ctext,key,RSA_PKCS1_PADDING); - if(i != clen || memcmp(ctextkat,ctext,i)) - { - FIPSerr(FIPS_F_FIPS_SELFTEST_RSA,FIPS_R_SELFTEST_FAILED); - return 0; - } - /* ...4) and finally decrypt the signed digest and compare with - * the original Known Answer - */ - i=RSA_public_decrypt(i,ctext,md,key,RSA_PKCS1_PADDING); - if(i != sizeof(md) || memcmp(mdkat,md,i)) - { - FIPSerr(FIPS_F_FIPS_SELFTEST_RSA,FIPS_R_SELFTEST_FAILED); - return 0; - } - - RSA_free(key); - return 1; - } - -#endif /* def OPENSSL_FIPS */ -- cgit v1.2.3-55-g6feb