3 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
6 /* ====================================================================
7 * Copyright (c) 2005 The OpenSSL Project. All rights reserved.
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in
18 * the documentation and/or other materials provided with the
21 * 3. All advertising materials mentioning features or use of this
22 * software must display the following acknowledgment:
23 * "This product includes software developed by the OpenSSL Project
24 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
26 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
27 * endorse or promote products derived from this software without
28 * prior written permission. For written permission, please contact
29 * licensing@OpenSSL.org.
31 * 5. Products derived from this software may not be called "OpenSSL"
32 * nor may "OpenSSL" appear in their names without prior written
33 * permission of the OpenSSL Project.
35 * 6. Redistributions of any form whatsoever must retain the following
37 * "This product includes software developed by the OpenSSL Project
38 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
40 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
41 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
43 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
44 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
45 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
46 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
47 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
49 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
50 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51 * OF THE POSSIBILITY OF SUCH DAMAGE.
52 * ====================================================================
54 * This product includes cryptographic software written by Eric Young
55 * (eay@cryptsoft.com). This product includes software written by Tim
56 * Hudson (tjh@cryptsoft.com).
63 #include <openssl/bio.h>
64 #include <openssl/evp.h>
65 #include <openssl/hmac.h>
66 #include <openssl/err.h>
67 #include <openssl/x509v3.h>
68 #include <openssl/bn.h>
72 int main(int argc, char *argv[])
74 printf("No FIPS RSA support\n");
80 # include <openssl/rsa.h>
82 # include "fips_utl.h"
84 int rsa_test(FILE *out, FILE *in, int saltlen);
85 static int rsa_printver(FILE *out,
88 unsigned char *Msg, long Msglen,
89 unsigned char *S, long Slen, int Saltlen);
91 int main(int argc, char **argv)
93 FILE *in = NULL, *out = NULL;
98 if (!FIPS_mode_set(1)) {
103 if ((argc > 2) && !strcmp("-saltlen", argv[1])) {
104 Saltlen = atoi(argv[2]);
106 fprintf(stderr, "FATAL: Invalid salt length\n");
111 } else if ((argc > 1) && !strcmp("-x931", argv[1])) {
120 in = fopen(argv[1], "r");
125 out = fopen(argv[2], "w");
128 fprintf(stderr, "FATAL input initialization error\n");
133 fprintf(stderr, "FATAL output initialization error\n");
137 if (!rsa_test(out, in, Saltlen)) {
138 fprintf(stderr, "FATAL RSAVTEST file processing error\n");
148 if (in && (in != stdin))
150 if (out && (out != stdout))
157 # define RSA_TEST_MAXLINELEN 10240
159 int rsa_test(FILE *out, FILE *in, int Saltlen)
161 char *linebuf, *olinebuf, *p, *q;
162 char *keyword, *value;
163 const EVP_MD *dgst = NULL;
164 BIGNUM *n = NULL, *e = NULL;
165 unsigned char *Msg = NULL, *S = NULL;
170 olinebuf = OPENSSL_malloc(RSA_TEST_MAXLINELEN);
171 linebuf = OPENSSL_malloc(RSA_TEST_MAXLINELEN);
173 if (!linebuf || !olinebuf)
176 while (fgets(olinebuf, RSA_TEST_MAXLINELEN, in)) {
178 strcpy(linebuf, olinebuf);
180 /* Skip leading space */
181 while (isspace((unsigned char)*keyword))
184 /* Look for = sign */
185 p = strchr(linebuf, '=');
188 * If no = or starts with [ (for [foo = bar] line) just copy
190 if (!p || *keyword == '[') {
191 if (fputs(olinebuf, out) < 0)
198 /* Remove trailing space */
199 while (isspace((unsigned char)*q))
205 /* Remove leading space from value */
206 while (isspace((unsigned char)*value))
209 /* Remove trailing space from value */
210 p = value + strlen(value) - 1;
212 while (*p == '\n' || isspace((unsigned char)*p))
215 if (!strcmp(keyword, "n")) {
216 if (!do_hex2bn(&n, value))
218 } else if (!strcmp(keyword, "e")) {
219 if (!do_hex2bn(&e, value))
221 } else if (!strcmp(keyword, "SHAAlg")) {
222 if (!strcmp(value, "SHA1"))
224 else if (!strcmp(value, "SHA224"))
226 else if (!strcmp(value, "SHA256"))
228 else if (!strcmp(value, "SHA384"))
230 else if (!strcmp(value, "SHA512"))
234 "FATAL: unsupported algorithm \"%s\"\n", value);
237 } else if (!strcmp(keyword, "Msg")) {
240 if (strlen(value) & 1)
242 Msg = hex2bin_m(value, &Msglen);
245 } else if (!strcmp(keyword, "S")) {
248 if (strlen(value) & 1)
250 S = hex2bin_m(value, &Slen);
253 } else if (!strcmp(keyword, "Result"))
258 fputs(olinebuf, out);
260 if (n && e && Msg && S && dgst) {
261 if (!rsa_printver(out, n, e, dgst, Msg, Msglen, S, Slen, Saltlen))
276 OPENSSL_free(olinebuf);
278 OPENSSL_free(linebuf);
288 fprintf(stderr, "FATAL parse error processing line %d\n", lnum);
294 static int rsa_printver(FILE *out,
295 BIGNUM *n, BIGNUM *e,
297 unsigned char *Msg, long Msglen,
298 unsigned char *S, long Slen, int Saltlen)
301 /* Setup RSA and EVP_PKEY structures */
302 RSA *rsa_pubkey = NULL;
305 unsigned char *buf = NULL;
306 rsa_pubkey = FIPS_rsa_new();
309 rsa_pubkey->n = BN_dup(n);
310 rsa_pubkey->e = BN_dup(e);
311 if (!rsa_pubkey->n || !rsa_pubkey->e)
313 pk.type = EVP_PKEY_RSA;
314 pk.pkey.rsa = rsa_pubkey;
316 EVP_MD_CTX_init(&ctx);
319 M_EVP_MD_CTX_set_flags(&ctx,
320 EVP_MD_CTX_FLAG_PAD_PSS | (Saltlen << 16));
321 } else if (Saltlen == -2)
322 M_EVP_MD_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_PAD_X931);
323 if (!EVP_VerifyInit_ex(&ctx, dgst, NULL))
325 if (!EVP_VerifyUpdate(&ctx, Msg, Msglen))
328 r = EVP_VerifyFinal(&ctx, S, Slen, &pk);
330 EVP_MD_CTX_cleanup(&ctx);
337 fputs("Result = F\n", out);
339 fputs("Result = P\n", out);
345 FIPS_rsa_free(rsa_pubkey);