../crypto/aes/aes_cfb.o \
../crypto/aes/aes_ecb.o \
../crypto/aes/aes_ofb.o \
- ../crypto/asn1/a_bitstr.o \
- ../crypto/asn1/a_bytes.o \
- ../crypto/asn1/a_dup.o \
- ../crypto/asn1/a_int.o \
- ../crypto/asn1/a_object.o \
- ../crypto/asn1/asn1_err.o \
- ../crypto/asn1/asn1_lib.o \
- ../crypto/asn1/a_type.o \
- ../crypto/asn1/evp_asn1.o \
- ../crypto/asn1/tasn_dec.o \
- ../crypto/asn1/tasn_enc.o \
- ../crypto/asn1/tasn_fre.o \
- ../crypto/asn1/tasn_new.o \
- ../crypto/asn1/tasn_typ.o \
- ../crypto/asn1/tasn_utl.o \
- ../crypto/asn1/t_pkey.o \
- ../crypto/asn1/x_algor.o \
- ../crypto/asn1/x_bignum.o \
- ../crypto/asn1/x_long.o \
- ../crypto/asn1/x_sig.o \
- ../crypto/bio/bio_err.o \
../crypto/bio/bio_lib.o \
../crypto/bio/b_print.o \
../crypto/bio/bss_file.o \
../crypto/bn/bn_blind.o \
../crypto/bn/bn_ctx.o \
../crypto/bn/bn_div.o \
- ../crypto/bn/bn_err.o \
../crypto/bn/bn_exp2.o \
../crypto/bn/bn_exp.o \
../crypto/bn/bn_gcd.o \
../crypto/bn/bn_sqr.o \
../crypto/bn/bn_word.o \
../crypto/bn/bn_x931p.o \
- ../crypto/buffer/buf_err.o \
../crypto/buffer/buffer.o \
- ../crypto/conf/conf_err.o \
- ../crypto/cpt_err.o \
../crypto/cryptlib.o \
../crypto/des/cfb64ede.o \
../crypto/des/cfb64enc.o \
../crypto/des/ecb_enc.o \
../crypto/des/ofb64ede.o \
../crypto/des/ofb64enc.o \
- ../crypto/dh/dh_err.o \
../crypto/dh/dh_lib.o \
- ../crypto/dsa/dsa_asn1.o \
- ../crypto/dsa/dsa_err.o \
../crypto/dsa/dsa_lib.o \
../crypto/dsa/dsa_sign.o \
../crypto/dsa/dsa_vrf.o \
- ../crypto/dso/dso_err.o \
- ../crypto/ec/ec_err.o \
- ../crypto/engine/eng_err.o \
../crypto/engine/eng_init.o \
../crypto/engine/eng_lib.o \
../crypto/engine/eng_list.o \
../crypto/engine/eng_table.o \
- ../crypto/engine/tb_cipher.o \
../crypto/engine/tb_dh.o \
../crypto/engine/tb_digest.o \
../crypto/engine/tb_dsa.o \
../crypto/engine/tb_rand.o \
../crypto/engine/tb_rsa.o \
- ../crypto/err/err_all.o \
../crypto/err/err.o \
../crypto/err/err_prn.o \
../crypto/evp/digest.o \
- ../crypto/evp/e_aes.o \
- ../crypto/evp/e_des3.o \
- ../crypto/evp/e_des.o \
- ../crypto/evp/evp_enc.o \
- ../crypto/evp/evp_err.o \
- ../crypto/evp/evp_lib.o \
../crypto/evp/m_sha1.o \
- ../crypto/evp/p_lib.o \
../crypto/evp/p_sign.o \
../crypto/evp/p_verify.o \
../crypto/ex_data.o \
../crypto/mem_clr.o \
../crypto/mem_dbg.o \
../crypto/mem.o \
- ../crypto/objects/obj_dat.o \
- ../crypto/objects/obj_err.o \
- ../crypto/objects/obj_lib.o \
- ../crypto/ocsp/ocsp_err.o \
- ../crypto/pem/pem_err.o \
- ../crypto/pkcs12/pk12err.o \
- ../crypto/pkcs7/pkcs7err.o \
../crypto/rand/md_rand.o \
../crypto/rand/rand_egd.o \
- ../crypto/rand/rand_err.o \
../crypto/rand/randfile.o \
../crypto/rand/rand_lib.o \
../crypto/rand/rand_os2.o \
../crypto/rand/rand_unix.o \
../crypto/rand/rand_win.o \
- ../crypto/rsa/rsa_err.o \
../crypto/rsa/rsa_lib.o \
../crypto/rsa/rsa_none.o \
../crypto/rsa/rsa_oaep.o \
../crypto/rsa/rsa_pk1.o \
../crypto/rsa/rsa_pss.o \
- ../crypto/rsa/rsa_sign.o \
../crypto/rsa/rsa_ssl.o \
../crypto/rsa/rsa_x931.o \
../crypto/stack/stack.o \
../crypto/uid.o \
- ../crypto/ui/ui_err.o \
- ../crypto/x509v3/v3err.o \
- ../crypto/x509v3/v3_hex.o \
- ../crypto/x509/x509_err.o
+ ../crypto/x509v3/v3_hex.o
# DO NOT DELETE THIS LINE -- make depend depends on it.
--- /dev/null
+/* fips_rsa_sign.c */
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 2007.
+ */
+/* ====================================================================
+ * Copyright (c) 2007 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <string.h>
+#include <openssl/evp.h>
+#include <openssl/rsa.h>
+#include <openssl/err.h>
+
+/* FIPS versions of RSA_sign() and RSA_verify().
+ * These will only have to deal with SHA* signatures and by including
+ * pregenerated encodings all ASN1 dependencies can be avoided
+ */
+
+static const unsigned char sha1_bin[] = {
+ 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05,
+ 0x00, 0x04, 0x14
+};
+
+static const unsigned char sha224_bin[] = {
+ 0x30, 0x2d, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
+ 0x04, 0x02, 0x04, 0x05, 0x00, 0x04, 0x1c
+};
+
+static const unsigned char sha256_bin[] = {
+ 0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
+ 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20
+};
+
+static const unsigned char sha384_bin[] = {
+ 0x30, 0x41, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
+ 0x04, 0x02, 0x02, 0x05, 0x00, 0x04, 0x30
+};
+
+static const unsigned char sha512_bin[] = {
+ 0x30, 0x51, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
+ 0x04, 0x02, 0x03, 0x05, 0x00, 0x04, 0x40
+};
+
+
+static const unsigned char *fips_digestinfo_encoding(int nid, unsigned int *len)
+ {
+ switch (nid)
+ {
+
+ case NID_sha1:
+ *len = sizeof(sha1_bin);
+ return sha1_bin;
+
+ case NID_sha224:
+ *len = sizeof(sha224_bin);
+ return sha224_bin;
+
+ case NID_sha256:
+ *len = sizeof(sha256_bin);
+ return sha256_bin;
+
+ case NID_sha384:
+ *len = sizeof(sha384_bin);
+ return sha384_bin;
+
+ case NID_sha512:
+ *len = sizeof(sha512_bin);
+ return sha512_bin;
+
+ default:
+ return NULL;
+
+ }
+ }
+
+int FIPS_rsa_sign(int type, const unsigned char *m, unsigned int m_len,
+ unsigned char *sigret, unsigned int *siglen, RSA *rsa)
+ {
+ int i,j,ret=1;
+ unsigned int dlen;
+ const unsigned char *der;
+ /* Largest DigestInfo: 19 (max encoding) + max MD */
+ unsigned char tmpdinfo[19 + EVP_MAX_MD_SIZE];
+ if((rsa->flags & RSA_FLAG_SIGN_VER) && rsa->meth->rsa_sign)
+ {
+ return rsa->meth->rsa_sign(type, m, m_len,
+ sigret, siglen, rsa);
+ }
+
+ if(m_len > EVP_MAX_MD_SIZE)
+ {
+ RSAerr(RSA_F_RSA_SIGN,RSA_R_INVALID_MESSAGE_LENGTH);
+ return 0;
+ }
+
+ der = fips_digestinfo_encoding(type, &dlen);
+
+ if (!der)
+ {
+ RSAerr(RSA_F_RSA_SIGN,RSA_R_UNKNOWN_ALGORITHM_TYPE);
+ return(0);
+ }
+ memcpy(tmpdinfo, der, dlen);
+ memcpy(tmpdinfo + dlen, m, m_len);
+
+ i = dlen + m_len;
+
+ j=RSA_size(rsa);
+ if (i > (j-RSA_PKCS1_PADDING_SIZE))
+ {
+ RSAerr(RSA_F_RSA_SIGN,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY);
+ return(0);
+ }
+ j=RSA_private_encrypt(i,tmpdinfo,sigret,rsa,RSA_PKCS1_PADDING);
+ if (j <= 0)
+ ret=0;
+ else
+ *siglen=j;
+
+ OPENSSL_cleanse(tmpdinfo,i);
+ return(ret);
+ }
+
+int FIPS_rsa_verify(int dtype, const unsigned char *m, unsigned int m_len,
+ unsigned char *sigbuf, unsigned int siglen, RSA *rsa)
+ {
+ int i,ret=0;
+ unsigned int dlen;
+ unsigned char *s;
+ const unsigned char *der;
+
+ if (siglen != (unsigned int)RSA_size(rsa))
+ {
+ RSAerr(RSA_F_RSA_VERIFY,RSA_R_WRONG_SIGNATURE_LENGTH);
+ return(0);
+ }
+
+ if((rsa->flags & RSA_FLAG_SIGN_VER) && rsa->meth->rsa_verify)
+ {
+ return rsa->meth->rsa_verify(dtype, m, m_len,
+ sigbuf, siglen, rsa);
+ }
+
+ s= OPENSSL_malloc((unsigned int)siglen);
+ if (s == NULL)
+ {
+ RSAerr(RSA_F_RSA_VERIFY,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING);
+
+ if (i <= 0) goto err;
+
+ der = fips_digestinfo_encoding(dtype, &dlen);
+
+ if (!der)
+ {
+ RSAerr(RSA_F_RSA_SIGN,RSA_R_UNKNOWN_ALGORITHM_TYPE);
+ return(0);
+ }
+
+ /* Compare, DigestInfo length, DigestInfo header and finally
+ * digest value itself
+ */
+ if ((i != (dlen + m_len)) || memcmp(der, s, dlen)
+ || memcmp(s + dlen, m, m_len))
+ {
+ RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
+ goto err;
+ }
+ else
+ ret = 1;
+err:
+ if (s != NULL)
+ {
+ OPENSSL_cleanse(s, siglen);
+ OPENSSL_free(s);
+ }
+ return(ret);
+ }
projects / oweals / openssl.git / commitdiff